From 2560ad38cb4e54ce901145ad449b740f02a07dae Mon Sep 17 00:00:00 2001 From: RISCi_ATOM Date: Wed, 28 Mar 2018 22:43:21 -0400 Subject: [PATCH] Fresh pull from upstream (stable) package feed --- admin/monit/Makefile | 10 +- .../patches/001-fix-default-piddir.patch | 2 +- admin/zabbix/Makefile | 4 +- admin/zabbix/files/mac80211 | 20 +- devel/automake/Makefile | 65 + devel/lpc21isp/Makefile | 42 - lang/lua-mosquitto/Makefile | 42 + lang/luajit/Makefile | 91 + lang/luajit/patches/010-lua-path.patch | 13 + lang/python/Makefile | 10 +- lang/python/files/python-version.mk | 2 +- lang/python/patches/001-enable-zlib.patch | 7 +- ...dd-include-dirs-when-cross-compiling.patch | 4 +- .../003-do-not-compile-tests-at-build.patch | 6 +- .../004-do-not-write-bytes-codes.patch | 6 +- .../patches/005-fix-bluetooth-support.patch | 61 + .../006-remove-debian-multiarch-support.patch | 14 - ...06-remove-multi-arch-and-local-paths.patch | 16 + .../008-distutils-use-python-sysroot.patch | 8 +- ...t-use-dblib_dir-when-cross-compiling.patch | 8 +- ...add-rt-lib-dirs-when-cross-compiling.patch | 4 +- .../011-remove-setupterm-definition.patch | 2 - lang/ruby/Makefile | 6 +- libs/alsa-lib/Makefile | 4 +- .../patches/006-properly-define-S_IRUSR.patch | 32 + libs/gnutls/Makefile | 6 +- libs/icu/Makefile | 2 +- libs/icu/patches/CVE-2017-14952.patch | 10 + libs/icu/patches/CVE-2017-15422.patch | 106 + libs/libevhtp/Makefile | 51 + .../patches/010-strcmp-endianness-fix.patch | 49 + libs/libmraa/Makefile | 51 + libs/libmraa/patches/0001-base.patch | 118 + .../patches/0002-add-mips-support.patch | 483 ++ libs/libmraa/patches/0003-uart.patch | 26 + libs/libmraa/patches/0004-fixes.patch | 666 +++ libs/libradcli/Config.in | 10 - libs/libradcli/Makefile | 75 - libs/libssh2/Makefile | 11 +- libs/libtasn1/Makefile | 4 +- libs/libtins/Makefile | 53 + libs/libwebsockets/Makefile | 112 + libs/libxslt/Makefile | 5 +- ...places-where-f-printf-parameters-wer.patch | 48 + ...o-random-number-generator-with-curre.patch | 56 + ...function-str-replace-is-broken-as-is.patch | 38 + ...xlocale-test-program-in-configure.in.patch | 43 + ...onfusion-in-preprocessing-attributes.patch | 29 + ...-initialize-EXSLT-month-and-day-to-1.patch | 62 + ...ee-in-xsltDocumentFunctionLoadDocume.patch | 105 + ...Fix-xsltNumberFormatGetMultipleLevel.patch | 171 + ...xsl-number-values-to-nearest-integer.patch | 26 + ...14-Handle-negative-xsl-number-values.patch | 51 + .../0015-Lower-bound-for-format-token-a.patch | 75 + ...r-and-upper-bound-for-format-token-i.patch | 64 + ...uble-free-in-libexslt-hash-functions.patch | 62 + ...x-buffer-overflow-in-exsltDateFormat.patch | 33 + ...read-in-xsltExtModuleRegisterDynamic.patch | 36 + ...erread-in-xsltFormatNumberConversion.patch | 31 + ...nteger-overflow-in-xsltAddTextString.patch | 74 + libs/loudmouth/Makefile | 73 + libs/openldap/Makefile | 4 +- libs/p11-kit/Makefile | 5 +- libs/pcre/Makefile | 5 +- libs/pcre/patches/001-CVE-2017-7186 | 53 - libs/postgresql/Makefile | 4 +- libs/sqlite3/Makefile | 11 +- libs/tiff/Makefile | 109 - libs/tiff/patches/001-autoconf-compat.patch | 33 - .../002-CVE-2015-8665_and_CVE-2015-8683.patch | 136 - ...-of-bound_writes_in_decode_functions.patch | 193 - ...ial_out-of-bound_write_in_NeXTDecode.patch | 72 - libs/tiff/patches/005-fix-ftell-macro.patch | 11 - mail/nail/Makefile | 59 + ...0-handle-openssl-without-sslv2-sslv3.patch | 22 + multimedia/ffmpeg/Config.in | 473 -- multimedia/ffmpeg/Makefile | 645 --- multimedia/gst1-plugins-bad/Makefile | 277 -- .../patches/001-no-translations.patch | 26 - .../patches/002-no-tests.patch | 57 - multimedia/gst1-plugins-good/Makefile | 237 + .../patches/001-no-translations.patch | 20 + .../patches/002-no-tests.patch | 34 + .../patches/003-no-docs.patch | 22 + multimedia/gst1-plugins-ugly/Makefile | 177 - .../patches/001-no-translations.patch | 23 - .../patches/002-no-tests.patch | 23 - .../patches/003-no-docs.patch | 23 - multimedia/minidlna/Makefile | 85 - multimedia/minidlna/files/minidlna.config | 17 - multimedia/minidlna/files/minidlna.init | 97 - .../minidlna/patches/010-libav-fix.patch | 19 - net/acme/Makefile | 9 +- net/acme/files/run.sh | 4 + net/adblock/Makefile | 10 +- net/adblock/files/README.md | 248 +- net/adblock/files/adblock.conf | 143 +- net/adblock/files/adblock.init | 56 +- net/adblock/files/adblock.notify | 56 + net/adblock/files/adblock.sh | 953 ++-- net/cjdns/Makefile | 148 - net/cjdns/files/cjdns.defaults | 127 - net/cjdns/files/cjdns.init | 32 - net/cjdns/files/cjdrouteconf | 30 - net/cjdns/lua/cjdns/admin.lua | 105 - net/cjdns/lua/cjdns/common.lua | 7 - net/cjdns/lua/cjdns/init.lua | 12 - net/cjdns/lua/cjdns/uci.lua | 289 -- net/cjdns/lua/cjdns/udp.lua | 102 - net/freeradius2/Config.in | 14 + net/freeradius2/Makefile | 636 +++ net/freeradius2/files/radiusd.init | 29 + .../patches/001-fix-makefile.patch | 12 + net/freeradius2/patches/002-config.patch | 613 +++ .../patches/004-ldap_configure.patch | 4257 +++++++++++++++++ .../patches/008-honor_ccpflags.patch | 17 + .../patches/010-disbale-openssl-check.patch | 40 + net/git/Makefile | 4 +- net/haproxy/Makefile | 6 +- ...peer-synchronization-issue-with-seve.patch | 299 ++ ...-error-case-the-safe-mode-is-not-rem.patch | 36 + ...ecutes-the-function-destroying-the-L.patch | 59 + ...cket-resources-not-detroyed-when-the.patch | 97 + ...005-BUG-MEDIUM-lua-bad-memory-access.patch | 46 + ...IBUTING-regarding-optional-parts-and.patch | 64 + ...ist-of-OpenSSL-versions-in-the-READM.patch | 36 + ...ls-add-a-portable-timegm-alternative.patch | 129 + ...e-timegm-with-my_timegm-to-fix-build.patch | 38 + ...grees-git-URL-to-point-to-a-stable-v.patch | 32 + ...et-the-response-error-state-in-http_.patch | 33 + ...er-rewrite-checks-in-http_resync_sta.patch | 100 + ...h-requests-responses-in-TUNNEL-mode-.patch | 153 + ...Switch-HTTP-responses-in-TUNNEL-mode.patch | 118 + ...ix-possible-infinity-loop-in-http_sy.patch | 43 + ...-lua-Fix-Server.get_addr-port-values.patch | 45 + ...rrectly-use-INET6_ADDRSTRLEN-in-Serv.patch | 34 + ...ways-detach-the-tcp-http-tasks-befor.patch | 45 + net/horst/Makefile | 51 + net/https-dns-proxy/Makefile | 9 +- net/jool/Makefile | 4 +- net/luci-app-cjdns/Makefile | 54 - .../luasrc/controller/cjdns.lua | 105 - .../luasrc/model/cbi/cjdns/cjdrouteconf.lua | 32 - .../luasrc/model/cbi/cjdns/iptunnel.lua | 46 - .../luasrc/model/cbi/cjdns/overview.lua | 10 - .../luasrc/model/cbi/cjdns/peering.lua | 73 - .../luasrc/model/cbi/cjdns/settings.lua | 67 - .../luasrc/view/admin_status/index/cjdns.htm | 1 - .../luasrc/view/cjdns/status.htm | 116 - .../luasrc/view/cjdns/value.htm | 35 - net/miniupnpd/Makefile | 81 - net/miniupnpd/files/firewall.include | 57 - net/miniupnpd/files/miniupnpd.defaults | 13 - net/miniupnpd/files/miniupnpd.hotplug | 39 - net/miniupnpd/files/miniupnpd.init | 212 - net/miniupnpd/files/upnpd.config | 27 - net/miniupnpd/patches/101-no-ssl-uuid.patch | 23 - net/miniupnpd/patches/102-ipv6-ext-port.patch | 10 - .../patches/103-no-ipv6-autodetection.patch | 27 - .../patches/104-always-libuuid.patch | 20 - net/mwan3-luci/Makefile | 2 +- .../usr/lib/lua/luci/controller/mwan3.lua | 3 +- net/mwan3/Makefile | 6 +- net/mwan3/files/etc/hotplug.d/iface/15-mwan3 | 44 +- .../files/etc/hotplug.d/iface/16-mwan3-user | 13 - net/mwan3/files/etc/mwan3.user | 12 - net/mwan3/files/lib/mwan3/mwan3.sh | 147 +- net/mwan3/files/usr/libexec/rpcd/mwan3 | 122 - net/mwan3/files/usr/sbin/mwan3 | 15 +- net/mwan3/files/usr/sbin/mwan3track | 169 +- net/nlbwmon/Makefile | 42 + net/nlbwmon/files/nlbwmon.config | 51 + net/nlbwmon/files/nlbwmon.init | 89 + net/seafile-ccnet/Makefile | 75 - net/seafile-ccnet/patches/010-Makefile.patch | 31 - net/seafile-seahub/Makefile | 60 - .../patches/010-default-config.patch | 30 - .../patches/020-Makefile-fixes.patch | 28 - net/sqm-scripts/Makefile | 4 +- net/strongswan/Makefile | 7 +- net/strongswan/patches/101-musl-fixes.patch | 4 +- net/strongswan/patches/203-uci.patch | 6 +- net/strongswan/patches/210-sleep.patch | 2 +- .../patches/305-minimal_dh_plugin.patch | 28 +- net/subversion/Makefile | 6 +- net/tinc/Makefile | 4 +- net/tor/Makefile | 5 +- net/travelmate/Makefile | 15 +- net/travelmate/files/README.md | 105 +- net/travelmate/files/travelmate.conf | 8 +- net/travelmate/files/travelmate.init | 66 +- net/travelmate/files/travelmate.sh | 297 +- net/ulogd/Makefile | 2 +- ...-ulogd-use-strncpy-instead-of-memcpy.patch | 31 + net/unbound/Makefile | 7 +- net/unbound/patches/001-conf.patch | 10 +- net/vallumd/Makefile | 49 + net/vallumd/files/vallumd.conf | 6 + net/vallumd/files/vallumd.init | 34 + net/vpnc/Makefile | 2 +- net/vpnc/files/vpnc.sh | 2 +- net/wget/Makefile | 9 +- net/wireguard/Makefile | 110 - net/wireguard/files/wireguard.sh | 183 - utils/attendedsysupgrade-common/Makefile | 56 + .../files/attendedsysupgrade.defaults | 17 + utils/bluez/Makefile | 159 - utils/bluez/files/bluetooth.config | 15 - utils/bluez/files/bluetooth.dbus | 37 - utils/bluez/files/bluetoothd.init | 13 - utils/bluez/files/givepin | 14 - ...01-bcm43xx-Add-bcm43xx-3wire-variant.patch | 21 - ...-speed-must-be-reset-after-the-firmw.patch | 33 - ...ncrease-firmware-load-timeout-to-30s.patch | 20 - ...-the-43xx-firmware-into-lib-firmware.patch | 20 - utils/bluez/patches/200-uart-speed.patch | 40 - utils/bluez/patches/201-readline.patch | 48 - utils/canutils/Makefile | 79 +- utils/collectd/Makefile | 2 +- .../patches/500-fix-uptime-reading.patch | 173 + utils/coreutils/Makefile | 8 +- utils/tree/Makefile | 33 + utils/ttyd/Makefile | 47 + 223 files changed, 12872 insertions(+), 6748 deletions(-) create mode 100644 devel/automake/Makefile delete mode 100644 devel/lpc21isp/Makefile create mode 100644 lang/lua-mosquitto/Makefile create mode 100644 lang/luajit/Makefile create mode 100644 lang/luajit/patches/010-lua-path.patch create mode 100644 lang/python/patches/005-fix-bluetooth-support.patch delete mode 100644 lang/python/patches/006-remove-debian-multiarch-support.patch create mode 100644 lang/python/patches/006-remove-multi-arch-and-local-paths.patch create mode 100644 libs/alsa-lib/patches/006-properly-define-S_IRUSR.patch create mode 100644 libs/icu/patches/CVE-2017-14952.patch create mode 100644 libs/icu/patches/CVE-2017-15422.patch create mode 100644 libs/libevhtp/Makefile create mode 100644 libs/libevhtp/patches/010-strcmp-endianness-fix.patch create mode 100644 libs/libmraa/Makefile create mode 100644 libs/libmraa/patches/0001-base.patch create mode 100644 libs/libmraa/patches/0002-add-mips-support.patch create mode 100644 libs/libmraa/patches/0003-uart.patch create mode 100644 libs/libmraa/patches/0004-fixes.patch delete mode 100644 libs/libradcli/Config.in delete mode 100644 libs/libradcli/Makefile create mode 100644 libs/libtins/Makefile create mode 100644 libs/libwebsockets/Makefile create mode 100644 libs/libxslt/patches/0005-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch create mode 100644 libs/libxslt/patches/0006-Initialize-pseudo-random-number-generator-with-curre.patch create mode 100644 libs/libxslt/patches/0007-EXSLT-function-str-replace-is-broken-as-is.patch create mode 100644 libs/libxslt/patches/0008-Fix-quoting-of-xlocale-test-program-in-configure.in.patch create mode 100644 libs/libxslt/patches/0009-Fix-for-type-confusion-in-preprocessing-attributes.patch create mode 100644 libs/libxslt/patches/0010-Always-initialize-EXSLT-month-and-day-to-1.patch create mode 100644 libs/libxslt/patches/0011-Fix-use-after-free-in-xsltDocumentFunctionLoadDocume.patch create mode 100644 libs/libxslt/patches/0012-Fix-xsltNumberFormatGetMultipleLevel.patch create mode 100644 libs/libxslt/patches/0013-Round-xsl-number-values-to-nearest-integer.patch create mode 100644 libs/libxslt/patches/0014-Handle-negative-xsl-number-values.patch create mode 100644 libs/libxslt/patches/0015-Lower-bound-for-format-token-a.patch create mode 100644 libs/libxslt/patches/0016-Lower-and-upper-bound-for-format-token-i.patch create mode 100644 libs/libxslt/patches/0017-Fix-double-free-in-libexslt-hash-functions.patch create mode 100644 libs/libxslt/patches/0018-Fix-buffer-overflow-in-exsltDateFormat.patch create mode 100644 libs/libxslt/patches/0019-Fix-OOB-heap-read-in-xsltExtModuleRegisterDynamic.patch create mode 100644 libs/libxslt/patches/0020-Fix-heap-overread-in-xsltFormatNumberConversion.patch create mode 100644 libs/libxslt/patches/0021-Check-for-integer-overflow-in-xsltAddTextString.patch create mode 100644 libs/loudmouth/Makefile delete mode 100644 libs/pcre/patches/001-CVE-2017-7186 delete mode 100644 libs/tiff/Makefile delete mode 100644 libs/tiff/patches/001-autoconf-compat.patch delete mode 100644 libs/tiff/patches/002-CVE-2015-8665_and_CVE-2015-8683.patch delete mode 100644 libs/tiff/patches/003-fix_potential_out-of-bound_writes_in_decode_functions.patch delete mode 100644 libs/tiff/patches/004-fix_potential_out-of-bound_write_in_NeXTDecode.patch delete mode 100644 libs/tiff/patches/005-fix-ftell-macro.patch create mode 100644 mail/nail/Makefile create mode 100644 mail/nail/patches/100-handle-openssl-without-sslv2-sslv3.patch delete mode 100644 multimedia/ffmpeg/Config.in delete mode 100644 multimedia/ffmpeg/Makefile delete mode 100644 multimedia/gst1-plugins-bad/Makefile delete mode 100644 multimedia/gst1-plugins-bad/patches/001-no-translations.patch delete mode 100644 multimedia/gst1-plugins-bad/patches/002-no-tests.patch create mode 100644 multimedia/gst1-plugins-good/Makefile create mode 100644 multimedia/gst1-plugins-good/patches/001-no-translations.patch create mode 100644 multimedia/gst1-plugins-good/patches/002-no-tests.patch create mode 100644 multimedia/gst1-plugins-good/patches/003-no-docs.patch delete mode 100644 multimedia/gst1-plugins-ugly/Makefile delete mode 100644 multimedia/gst1-plugins-ugly/patches/001-no-translations.patch delete mode 100644 multimedia/gst1-plugins-ugly/patches/002-no-tests.patch delete mode 100644 multimedia/gst1-plugins-ugly/patches/003-no-docs.patch delete mode 100644 multimedia/minidlna/Makefile delete mode 100644 multimedia/minidlna/files/minidlna.config delete mode 100644 multimedia/minidlna/files/minidlna.init delete mode 100644 multimedia/minidlna/patches/010-libav-fix.patch create mode 100644 net/adblock/files/adblock.notify delete mode 100644 net/cjdns/Makefile delete mode 100644 net/cjdns/files/cjdns.defaults delete mode 100755 net/cjdns/files/cjdns.init delete mode 100755 net/cjdns/files/cjdrouteconf delete mode 100644 net/cjdns/lua/cjdns/admin.lua delete mode 100644 net/cjdns/lua/cjdns/common.lua delete mode 100644 net/cjdns/lua/cjdns/init.lua delete mode 100644 net/cjdns/lua/cjdns/uci.lua delete mode 100644 net/cjdns/lua/cjdns/udp.lua create mode 100644 net/freeradius2/Config.in create mode 100644 net/freeradius2/Makefile create mode 100644 net/freeradius2/files/radiusd.init create mode 100644 net/freeradius2/patches/001-fix-makefile.patch create mode 100644 net/freeradius2/patches/002-config.patch create mode 100644 net/freeradius2/patches/004-ldap_configure.patch create mode 100644 net/freeradius2/patches/008-honor_ccpflags.patch create mode 100644 net/freeradius2/patches/010-disbale-openssl-check.patch create mode 100644 net/haproxy/patches/0001-BUG-MINOR-peers-peer-synchronization-issue-with-seve.patch create mode 100644 net/haproxy/patches/0002-BUG-MINOR-lua-In-error-case-the-safe-mode-is-not-rem.patch create mode 100644 net/haproxy/patches/0003-BUG-MINOR-lua-executes-the-function-destroying-the-L.patch create mode 100644 net/haproxy/patches/0004-BUG-MAJOR-lua-socket-resources-not-detroyed-when-the.patch create mode 100644 net/haproxy/patches/0005-BUG-MEDIUM-lua-bad-memory-access.patch create mode 100644 net/haproxy/patches/0006-DOC-update-CONTRIBUTING-regarding-optional-parts-and.patch create mode 100644 net/haproxy/patches/0007-DOC-update-the-list-of-OpenSSL-versions-in-the-READM.patch create mode 100644 net/haproxy/patches/0008-MINOR-tools-add-a-portable-timegm-alternative.patch create mode 100644 net/haproxy/patches/0009-BUILD-lua-replace-timegm-with-my_timegm-to-fix-build.patch create mode 100644 net/haproxy/patches/0010-DOC-Updated-51Degrees-git-URL-to-point-to-a-stable-v.patch create mode 100644 net/haproxy/patches/0011-BUG-MINOR-http-Set-the-response-error-state-in-http_.patch create mode 100644 net/haproxy/patches/0012-MINOR-http-Reorder-rewrite-checks-in-http_resync_sta.patch create mode 100644 net/haproxy/patches/0013-MINOR-http-Switch-requests-responses-in-TUNNEL-mode-.patch create mode 100644 net/haproxy/patches/0014-BUG-MEDIUM-http-Switch-HTTP-responses-in-TUNNEL-mode.patch create mode 100644 net/haproxy/patches/0015-BUG-MAJOR-http-Fix-possible-infinity-loop-in-http_sy.patch create mode 100644 net/haproxy/patches/0016-BUG-MINOR-lua-Fix-Server.get_addr-port-values.patch create mode 100644 net/haproxy/patches/0017-BUG-MINOR-lua-Correctly-use-INET6_ADDRSTRLEN-in-Serv.patch create mode 100644 net/haproxy/patches/0018-BUG-MINOR-lua-always-detach-the-tcp-http-tasks-befor.patch create mode 100644 net/horst/Makefile delete mode 100644 net/luci-app-cjdns/Makefile delete mode 100644 net/luci-app-cjdns/luasrc/controller/cjdns.lua delete mode 100644 net/luci-app-cjdns/luasrc/model/cbi/cjdns/cjdrouteconf.lua delete mode 100644 net/luci-app-cjdns/luasrc/model/cbi/cjdns/iptunnel.lua delete mode 100644 net/luci-app-cjdns/luasrc/model/cbi/cjdns/overview.lua delete mode 100644 net/luci-app-cjdns/luasrc/model/cbi/cjdns/peering.lua delete mode 100644 net/luci-app-cjdns/luasrc/model/cbi/cjdns/settings.lua delete mode 100644 net/luci-app-cjdns/luasrc/view/admin_status/index/cjdns.htm delete mode 100644 net/luci-app-cjdns/luasrc/view/cjdns/status.htm delete mode 100644 net/luci-app-cjdns/luasrc/view/cjdns/value.htm delete mode 100644 net/miniupnpd/Makefile delete mode 100644 net/miniupnpd/files/firewall.include delete mode 100644 net/miniupnpd/files/miniupnpd.defaults delete mode 100644 net/miniupnpd/files/miniupnpd.hotplug delete mode 100644 net/miniupnpd/files/miniupnpd.init delete mode 100644 net/miniupnpd/files/upnpd.config delete mode 100644 net/miniupnpd/patches/101-no-ssl-uuid.patch delete mode 100644 net/miniupnpd/patches/102-ipv6-ext-port.patch delete mode 100644 net/miniupnpd/patches/103-no-ipv6-autodetection.patch delete mode 100644 net/miniupnpd/patches/104-always-libuuid.patch delete mode 100644 net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user delete mode 100644 net/mwan3/files/etc/mwan3.user delete mode 100755 net/mwan3/files/usr/libexec/rpcd/mwan3 create mode 100644 net/nlbwmon/Makefile create mode 100644 net/nlbwmon/files/nlbwmon.config create mode 100755 net/nlbwmon/files/nlbwmon.init delete mode 100644 net/seafile-ccnet/Makefile delete mode 100644 net/seafile-ccnet/patches/010-Makefile.patch delete mode 100644 net/seafile-seahub/Makefile delete mode 100644 net/seafile-seahub/patches/010-default-config.patch delete mode 100644 net/seafile-seahub/patches/020-Makefile-fixes.patch create mode 100644 net/ulogd/patches/101-ulogd-use-strncpy-instead-of-memcpy.patch create mode 100644 net/vallumd/Makefile create mode 100644 net/vallumd/files/vallumd.conf create mode 100644 net/vallumd/files/vallumd.init delete mode 100644 net/wireguard/Makefile delete mode 100644 net/wireguard/files/wireguard.sh create mode 100644 utils/attendedsysupgrade-common/Makefile create mode 100644 utils/attendedsysupgrade-common/files/attendedsysupgrade.defaults delete mode 100644 utils/bluez/Makefile delete mode 100644 utils/bluez/files/bluetooth.config delete mode 100644 utils/bluez/files/bluetooth.dbus delete mode 100644 utils/bluez/files/bluetoothd.init delete mode 100644 utils/bluez/files/givepin delete mode 100644 utils/bluez/patches/001-bcm43xx-Add-bcm43xx-3wire-variant.patch delete mode 100644 utils/bluez/patches/002-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch delete mode 100644 utils/bluez/patches/003-Increase-firmware-load-timeout-to-30s.patch delete mode 100644 utils/bluez/patches/004-Move-the-43xx-firmware-into-lib-firmware.patch delete mode 100644 utils/bluez/patches/200-uart-speed.patch delete mode 100644 utils/bluez/patches/201-readline.patch create mode 100644 utils/collectd/patches/500-fix-uptime-reading.patch create mode 100644 utils/tree/Makefile create mode 100644 utils/ttyd/Makefile diff --git a/admin/monit/Makefile b/admin/monit/Makefile index 4f8c14a..3c6bf63 100644 --- a/admin/monit/Makefile +++ b/admin/monit/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=monit -PKG_VERSION:=5.18 +PKG_VERSION:=5.24.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=http://mmonit.com/monit/dist -PKG_MD5SUM:=a1bfac0fbb83439435f8616200d2364d +PKG_HASH:=754d1f0e165e5a26d4639a6a83f44ccf839e381f2622e0946d5302fa1f2d2414 +PKG_SOURCE_URL:=https://mmonit.com/monit/dist PKG_LICENSE:=AGPL-3.0 PKG_LICENSE_FILES:=COPYING @@ -26,9 +26,9 @@ include $(INCLUDE_DIR)/package.mk define Package/monit/Default SECTION:=admin CATEGORY:=Administration - DEPENDS:= +libpthread + DEPENDS:= +libpthread +zlib TITLE:=System services monitoring utility - URL:=http://mmonit.com/monit/ + URL:=https://mmonit.com/monit/ MAINTAINER:=Etienne CHAMPETIER endef diff --git a/admin/monit/patches/001-fix-default-piddir.patch b/admin/monit/patches/001-fix-default-piddir.patch index 7af871f..6382f6f 100644 --- a/admin/monit/patches/001-fix-default-piddir.patch +++ b/admin/monit/patches/001-fix-default-piddir.patch @@ -1,6 +1,6 @@ --- a/configure +++ b/configure -@@ -13849,14 +13849,7 @@ fi +@@ -13852,14 +13852,7 @@ fi # Find the right directory to put the root-mode PID file in { $as_echo "$as_me:${as_lineno-$LINENO}: checking pid file location" >&5 $as_echo_n "checking pid file location... " >&6; } diff --git a/admin/zabbix/Makefile b/admin/zabbix/Makefile index f66c237..c681984 100644 --- a/admin/zabbix/Makefile +++ b/admin/zabbix/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=zabbix -PKG_VERSION:=3.0.3 +PKG_VERSION:=3.2.6 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_HASH:=98f025b39515b196552b8a23e2fe20a8180b5e99e613ce7378725a46ed8b62d6 PKG_SOURCE_URL:=@SF/zabbix -PKG_MD5SUM:=7c45d37000e67d75042695344c9937e0 PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=COPYING diff --git a/admin/zabbix/files/mac80211 b/admin/zabbix/files/mac80211 index afa50ae..a567f85 100644 --- a/admin/zabbix/files/mac80211 +++ b/admin/zabbix/files/mac80211 @@ -15,13 +15,15 @@ UserParameter=mac80211.ACKFailureCount[*],zabbix_helper_mac80211 $1 dot11ACKFail UserParameter=mac80211.FCSErrorCount[*],zabbix_helper_mac80211 $1 dot11FCSErrorCount UserParameter=mac80211.RTSFailureCount[*],zabbix_helper_mac80211 $1 dot11RTSFailureCount UserParameter=mac80211.RTSSuccessCount[*],zabbix_helper_mac80211 $1 dot11RTSSuccessCount -UserParameter=mac80211.FailedCount[*],zabbix_helper_mac80211 $1 failed_count -UserParameter=mac80211.FrameDuplicateCount[*],zabbix_helper_mac80211 $1 frame_duplicate_count -UserParameter=mac80211.MulticastReceivedFrameCount[*],zabbix_helper_mac80211 $1 multicast_received_frame_count -UserParameter=mac80211.MulticastTransmittedFrameCount[*],zabbix_helper_mac80211 $1 multicast_transmitted_frame_count -UserParameter=mac80211.MultipleRetryCount[*],zabbix_helper_mac80211 $1 multiple_retry_count -UserParameter=mac80211.ReceivedFragmentCount[*],zabbix_helper_mac80211 $1 received_fragment_count -UserParameter=mac80211.RetryCount[*],zabbix_helper_mac80211 $1 retry_count -UserParameter=mac80211.TransmittedFragmentCount[*],zabbix_helper_mac80211 $1 transmitted_fragment_count -UserParameter=mac80211.TransmittedFrameCount[*],zabbix_helper_mac80211 $1 transmitted_frame_count + +# hidden behind MAC80211_DEBUG_COUNTERS +UserParameter=mac80211.FailedCount[*],zabbix_helper_mac80211 $1 dot11FailedCount +UserParameter=mac80211.FrameDuplicateCount[*],zabbix_helper_mac80211 $1 dot11FrameDuplicateCount +UserParameter=mac80211.MulticastReceivedFrameCount[*],zabbix_helper_mac80211 $1 dot11MulticastReceivedFrameCount +UserParameter=mac80211.MulticastTransmittedFrameCount[*],zabbix_helper_mac80211 $1 dot11MulticastTransmittedFrameCount +UserParameter=mac80211.MultipleRetryCount[*],zabbix_helper_mac80211 $1 dot11MultipleRetryCount +UserParameter=mac80211.ReceivedFragmentCount[*],zabbix_helper_mac80211 $1 dot11ReceivedFragmentCount +UserParameter=mac80211.RetryCount[*],zabbix_helper_mac80211 $1 dot11RetryCount +UserParameter=mac80211.TransmittedFragmentCount[*],zabbix_helper_mac80211 $1 dot11TransmittedFragmentCount +UserParameter=mac80211.TransmittedFrameCount[*],zabbix_helper_mac80211 $1 dot11TransmittedFrameCount diff --git a/devel/automake/Makefile b/devel/automake/Makefile new file mode 100644 index 0000000..8357011 --- /dev/null +++ b/devel/automake/Makefile @@ -0,0 +1,65 @@ +# +# Copyright (C) 2015-2016 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=automake +PKG_VERSION:=1.15 +PKG_RELEASE:=4 + +PKG_SOURCE_URL:=@GNU/automake +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_MD5SUM:=9a1ddb0e053474d9d1105cfe39b0c48d +PKG_MAINTAINER:=Heinrich Schuchardt +PKG_LICENSE:=GPL-3.0+ + +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/automake + SECTION:=devel + CATEGORY:=Development + TITLE:=automake + URL:=https://www.gnu.org/software/automake/ + DEPENDS:=+autoconf +perlbase-thread +perlbase-attributes +endef + +define Package/automake/description + Automake is a tool for automatically generating Makefile.in files compliant + with the GNU Coding Standards. +endef + +FIX_PATHS = $(SED) '1c \#!/usr/bin/perl' -e 's| /[^ ]*/bin/perl| /usr/bin/perl|g' + +define Package/automake/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/automake-$(PKG_VERSION) \ + $(1)/usr/bin/automake-$(PKG_VERSION) + $(LN) automake-$(PKG_VERSION) $(1)/usr/bin/automake + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/aclocal-$(PKG_VERSION) \ + $(1)/usr/bin/aclocal-$(PKG_VERSION) + $(LN) aclocal-$(PKG_VERSION) $(1)/usr/bin/aclocal + $(FIX_PATHS) $(1)/usr/bin/automake-$(PKG_VERSION) + $(FIX_PATHS) $(1)/usr/bin/aclocal-$(PKG_VERSION) + $(INSTALL_DIR) $(1)/usr/share/automake-$(PKG_VERSION) + + for dir in \ + automake-$(PKG_VERSION) automake-$(PKG_VERSION)/Automake \ + automake-$(PKG_VERSION)/am aclocal \ + aclocal-$(PKG_VERSION) aclocal-$(PKG_VERSION)/internal \ + ; do \ + $(INSTALL_DIR) $(1)/usr/share/$$$$dir; \ + for file in $$$$(cd $(PKG_INSTALL_DIR) && \ + find usr/share/$$$$dir -maxdepth 1 -type f); do \ + $(INSTALL_DATA) $$(PKG_INSTALL_DIR)/$$$$file \ + $(1)/$$$$file; \ + done; \ + done +endef + +$(eval $(call BuildPackage,automake)) diff --git a/devel/lpc21isp/Makefile b/devel/lpc21isp/Makefile deleted file mode 100644 index 292b7a4..0000000 --- a/devel/lpc21isp/Makefile +++ /dev/null @@ -1,42 +0,0 @@ -# -# Copyright (C) 2016 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=lpc21isp -PKG_VERSION:=197 -PKG_RELEASE:=1 -PKG_LICENSE:=LGPL-3.0+ -PKG_LICENSE_FILES:=README gpl.txt lgpl-3.0.txt - -PKG_BUILD_DIR:=$(BUILD_DIR)/lpc21isp_$(PKG_VERSION) -PKG_SOURCE:=lpc21isp_$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=@SF/lpc21isp -PKG_MD5SUM:=0b286859a05a725647ecb1b3fe9ba606 -PKG_CAT:=zcat - -include $(INCLUDE_DIR)/package.mk - -define Package/lpc21isp - SECTION:=base - CATEGORY:=Development - TITLE:=Command line ISP for NXP LPC family and ADUC70xx - URL:=http://lpc21isp.sourceforge.net/ - MAINTAINER:=Emil 'Skeen' Madsen -endef - -define Package/lpc21isp/description - Portable command line ISP (In-circuit Programmer) for NXP LPC family - and Analog Devices ADUC70xx. -endef - -define Package/lpc21isp/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/lpc21isp $(1)/usr/sbin/ -endef - -$(eval $(call BuildPackage,lpc21isp)) diff --git a/lang/lua-mosquitto/Makefile b/lang/lua-mosquitto/Makefile new file mode 100644 index 0000000..2220b2e --- /dev/null +++ b/lang/lua-mosquitto/Makefile @@ -0,0 +1,42 @@ +# +# Copyright (C) 2013-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=lua-mosquitto +PKG_VERSION:=0.2 +PKG_RELEASE:=1 +PKG_LICENSE:=MIT +PKG_LICENSE_FILES:=LICENSE + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_PROTO:=git +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_SOURCE_URL:=https://github.com/flukso/lua-mosquitto.git +PKG_SOURCE_VERSION:=v$(PKG_VERSION) + +include $(INCLUDE_DIR)/package.mk + +define Package/$(PKG_NAME) + SUBMENU:=Lua + SECTION:=lang + CATEGORY:=Languages + TITLE:=Lua-mosquitto + DEPENDS:=+libmosquitto +lua + MAINTAINER:=Karl Palsson +endef + +define Package/$(PKG_NAME)/description + Lua bindings to libmosquitto +endef + +define Package/$(PKG_NAME)/install + $(INSTALL_DIR) $(1)/usr/lib/lua + $(INSTALL_BIN) $(PKG_BUILD_DIR)/mosquitto.so $(1)/usr/lib/lua +endef + +$(eval $(call BuildPackage,$(PKG_NAME))) diff --git a/lang/luajit/Makefile b/lang/luajit/Makefile new file mode 100644 index 0000000..3606d24 --- /dev/null +++ b/lang/luajit/Makefile @@ -0,0 +1,91 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=luajit +PKG_VERSION:=2016-06-05-8e5d7be +PKG_RELEASE:=1 +PKG_MAINTAINER:=Morteza Milani +PKG_LICENSE:=MIT +PKG_LICENSE_FILES:=COPYRIGHT + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/LuaJIT/LuaJIT.git +PKG_SOURCE_VERSION:=8e5d7bec0d110aa4ccd7e8492f697ff2a88a55ed +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_BUILD_DIR=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) + +PKG_USE_MIPS16:=0 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/host-build.mk + +define Package/luajit + SUBMENU:=Lua + SECTION:=lang + CATEGORY:=Languages + TITLE:=LuaJIT + URL:=http://www.luajit.org + DEPENDS:=@(i386||x86_64||arm||armeb||powerpc||mips||mipsel) +endef + +define Package/luajit/description + LuaJIT is a Just-In-Time (JIT) compiler for the Lua programming language. +endef + +TARGET_CFLAGS += $(FPIC) -std=gnu99 +HOST_CFLAGS += $(FPIC) -std=gnu99 + +ifeq ($(HOST_ARCH),x86_64) + ifeq ($(CONFIG_x86_64),) + HOST_BITS := -m32 + endif +endif + +define Build/Compile + $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ + HOST_CC="$(HOSTCC) $(HOST_CFLAGS) $(HOST_BITS)" \ + CROSS="$(TARGET_CROSS)" \ + DPREFIX=$(PKG_INSTALL_DIR)/usr \ + PREFIX=/usr \ + TARGET_CFLAGS="$(TARGET_CFLAGS)" + rm -rf $(PKG_INSTALL_DIR) + mkdir -p $(PKG_INSTALL_DIR) + $(MAKE) -C $(PKG_BUILD_DIR) \ + DPREFIX=$(PKG_INSTALL_DIR)/usr \ + PREFIX=/usr \ + install +endef + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include/luajit-2.1 + $(CP) $(PKG_INSTALL_DIR)/usr/include/luajit-2.1/*.h $(1)/usr/include/luajit-2.1 + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.{a,so*} $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/luajit.pc $(1)/usr/lib/pkgconfig/ + $(CP) $(PKG_INSTALL_DIR)/usr/bin/luajit-2.1.0-beta2 $(PKG_INSTALL_DIR)/usr/bin/$(PKG_NAME) +endef + +define Package/luajit/install + $(INSTALL_DIR) $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/bin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/luajit-2.1.0-beta2 $(1)/usr/bin/$(PKG_NAME) +endef + +define Host/Compile + $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR) \ + DPREFIX=$(STAGING_DIR_HOSTPKG) \ + TARGET_CFLAGS="$(HOST_CFLAGS)" \ + TARGET_LDFLAGS="$(HOST_LDFLAGS)" +endef + +define Host/Install + $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR) \ + DPREFIX=$(STAGING_DIR_HOSTPKG) \ + install + $(CP) $(STAGING_DIR_HOSTPKG)/bin/luajit-2.1.0-beta2 $(STAGING_DIR_HOSTPKG)/bin/$(PKG_NAME) +endef + +$(eval $(call HostBuild,luajit)) +$(eval $(call BuildPackage,luajit)) diff --git a/lang/luajit/patches/010-lua-path.patch b/lang/luajit/patches/010-lua-path.patch new file mode 100644 index 0000000..63df9a1 --- /dev/null +++ b/lang/luajit/patches/010-lua-path.patch @@ -0,0 +1,13 @@ +--- a/src/luaconf.h ++++ b/src/luaconf.h +@@ -35,8 +35,8 @@ + #ifndef LUA_LMULTILIB + #define LUA_LMULTILIB "lib" + #endif +-#define LUA_LROOT "/usr/local" +-#define LUA_LUADIR "/lua/5.1/" ++#define LUA_LROOT "/usr" ++#define LUA_LUADIR "/lua/" + #define LUA_LJDIR "/luajit-2.1.0-beta2/" + + #ifdef LUA_ROOT diff --git a/lang/python/Makefile b/lang/python/Makefile index d17b6e1..0b15a00 100644 --- a/lang/python/Makefile +++ b/lang/python/Makefile @@ -12,12 +12,12 @@ include ./files/python-version.mk PKG_NAME:=python PKG_VERSION:=$(PYTHON_VERSION).$(PYTHON_VERSION_MICRO) -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_SOURCE:=Python-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://www.python.org/ftp/python/$(PKG_VERSION) -PKG_MD5SUM:=53b43534153bb2a0363f08bae8b9d990 -PKG_HASH:=35d543986882f78261f97787fd3e06274bfa6df29fac9b4a94f73930ff98f731 +PKG_MD5SUM:=1f6db41ad91d9eb0a6f0c769b8613c5b +PKG_HASH:=71ffb26e09e78650e424929b2b457b9c912ac216576e6bd9e7d204ed03296a66 PKG_LICENSE:=PSF PKG_LICENSE_FILES:=LICENSE Modules/_ctypes/libffi_msvc/LICENSE Modules/_ctypes/darwin/LICENSE Modules/_ctypes/libffi/LICENSE Modules/_ctypes/libffi_osx/LICENSE Tools/pybench/LICENSE @@ -242,6 +242,10 @@ HOST_CONFIGURE_ARGS+= \ --with-system-ffi=no \ CONFIG_SITE= +define Host/Compile + $(call Host/Compile/Default,python Parser/pgen sharedmods) +endef + define Host/Install $(MAKE) -C $(HOST_BUILD_DIR) install $(INSTALL_DIR) $(HOST_PYTHON_DIR)/bin/ diff --git a/lang/python/files/python-version.mk b/lang/python/files/python-version.mk index 847eaf5..3e04727 100644 --- a/lang/python/files/python-version.mk +++ b/lang/python/files/python-version.mk @@ -6,5 +6,5 @@ # PYTHON_VERSION:=2.7 -PYTHON_VERSION_MICRO:=13 +PYTHON_VERSION_MICRO:=14 diff --git a/lang/python/patches/001-enable-zlib.patch b/lang/python/patches/001-enable-zlib.patch index 780831e..e85b53c 100644 --- a/lang/python/patches/001-enable-zlib.patch +++ b/lang/python/patches/001-enable-zlib.patch @@ -7,11 +7,9 @@ Subject: [PATCH] enable zlib Modules/Setup.dist | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -diff --git a/Modules/Setup.dist b/Modules/Setup.dist -index 01fb85f..01ac492 100644 --- a/Modules/Setup.dist +++ b/Modules/Setup.dist -@@ -358,7 +358,7 @@ _symtable symtablemodule.c +@@ -464,7 +464,7 @@ GLHACK=-Dclear=__GLclear # Andrew Kuchling's zlib module. # This require zlib 1.1.3 (or later). # See http://www.gzip.org/zlib/ @@ -20,6 +18,3 @@ index 01fb85f..01ac492 100644 # Interface to the Expat XML parser # --- -1.8.4.5 - diff --git a/lang/python/patches/002-do-not-add-include-dirs-when-cross-compiling.patch b/lang/python/patches/002-do-not-add-include-dirs-when-cross-compiling.patch index fb2fe8a..0099abf 100644 --- a/lang/python/patches/002-do-not-add-include-dirs-when-cross-compiling.patch +++ b/lang/python/patches/002-do-not-add-include-dirs-when-cross-compiling.patch @@ -1,8 +1,6 @@ -diff --git a/setup.py b/setup.py -index cbdeaf3..5154412 100644 --- a/setup.py +++ b/setup.py -@@ -480,7 +480,8 @@ class PyBuildExt(build_ext): +@@ -497,7 +497,8 @@ class PyBuildExt(build_ext): add_dir_to_list(dir_list, directory) if os.path.normpath(sys.prefix) != '/usr' \ diff --git a/lang/python/patches/003-do-not-compile-tests-at-build.patch b/lang/python/patches/003-do-not-compile-tests-at-build.patch index a6774e1..5bd07b1 100644 --- a/lang/python/patches/003-do-not-compile-tests-at-build.patch +++ b/lang/python/patches/003-do-not-compile-tests-at-build.patch @@ -1,8 +1,6 @@ -diff --git a/Makefile.pre.in b/Makefile.pre.in -index 7f4ec2f..e270bf2 100644 --- a/Makefile.pre.in +++ b/Makefile.pre.in -@@ -1038,6 +1038,7 @@ libinstall: build_all $(srcdir)/Lib/$(PLATDIR) $(srcdir)/Modules/xxmodule.c +@@ -1110,6 +1110,7 @@ libinstall: build_all $(srcdir)/Lib/$(PL done; \ done $(INSTALL_DATA) $(srcdir)/LICENSE $(DESTDIR)$(LIBDEST)/LICENSE.txt @@ -10,7 +8,7 @@ index 7f4ec2f..e270bf2 100644 if test -d $(DESTDIR)$(LIBDEST)/distutils/tests; then \ $(INSTALL_DATA) $(srcdir)/Modules/xxmodule.c \ $(DESTDIR)$(LIBDEST)/distutils/tests ; \ -@@ -1064,6 +1065,7 @@ libinstall: build_all $(srcdir)/Lib/$(PLATDIR) $(srcdir)/Modules/xxmodule.c +@@ -1136,6 +1137,7 @@ libinstall: build_all $(srcdir)/Lib/$(PL $(PYTHON_FOR_BUILD) -m lib2to3.pgen2.driver $(DESTDIR)$(LIBDEST)/lib2to3/Grammar.txt -PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \ $(PYTHON_FOR_BUILD) -m lib2to3.pgen2.driver $(DESTDIR)$(LIBDEST)/lib2to3/PatternGrammar.txt diff --git a/lang/python/patches/004-do-not-write-bytes-codes.patch b/lang/python/patches/004-do-not-write-bytes-codes.patch index f67e7dc..66c0077 100644 --- a/lang/python/patches/004-do-not-write-bytes-codes.patch +++ b/lang/python/patches/004-do-not-write-bytes-codes.patch @@ -1,8 +1,6 @@ -diff --git a/Python/pythonrun.c b/Python/pythonrun.c -index 748a63b..cb6e291 100644 --- a/Python/pythonrun.c +++ b/Python/pythonrun.c -@@ -79,7 +79,7 @@ int Py_InteractiveFlag; /* Needed by Py_FdIsInteractive() below */ +@@ -79,7 +79,7 @@ int Py_InteractiveFlag; /* Needed by Py_ int Py_InspectFlag; /* Needed to determine whether to exit at SystemExit */ int Py_NoSiteFlag; /* Suppress 'import site' */ int Py_BytesWarningFlag; /* Warn on str(bytes) and str(buffer) */ @@ -11,7 +9,7 @@ index 748a63b..cb6e291 100644 int Py_UseClassExceptionsFlag = 1; /* Needed by bltinmodule.c: deprecated */ int Py_FrozenFlag; /* Needed by getpath.c */ int Py_UnicodeFlag = 0; /* Needed by compile.c */ -@@ -174,7 +174,7 @@ Py_InitializeEx(int install_sigs) +@@ -185,7 +185,7 @@ Py_InitializeEx(int install_sigs) if ((p = Py_GETENV("PYTHONOPTIMIZE")) && *p != '\0') Py_OptimizeFlag = add_flag(Py_OptimizeFlag, p); if ((p = Py_GETENV("PYTHONDONTWRITEBYTECODE")) && *p != '\0') diff --git a/lang/python/patches/005-fix-bluetooth-support.patch b/lang/python/patches/005-fix-bluetooth-support.patch new file mode 100644 index 0000000..ccc2936 --- /dev/null +++ b/lang/python/patches/005-fix-bluetooth-support.patch @@ -0,0 +1,61 @@ +diff --git a/configure b/configure +index 4c0435e..0068a9d 100755 +--- a/configure ++++ b/configure +@@ -7045,7 +7045,7 @@ sys/param.h sys/poll.h sys/random.h sys/select.h sys/socket.h sys/statvfs.h sys/ + sys/termio.h sys/time.h \ + sys/times.h sys/types.h sys/un.h sys/utsname.h sys/wait.h pty.h libutil.h \ + sys/resource.h netpacket/packet.h sysexits.h bluetooth.h \ +-bluetooth/bluetooth.h linux/tipc.h spawn.h util.h alloca.h ++linux/tipc.h spawn.h util.h alloca.h + do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` + ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +@@ -7267,6 +7267,24 @@ fi + fi + + ++# bluetooth/bluetooth.h has been known to not compile with -std=c99. ++# http://permalink.gmane.org/gmane.linux.bluez.kernel/22294 ++SAVE_CFLAGS=$CFLAGS ++CFLAGS="-std=c99 $CFLAGS" ++for ac_header in bluetooth/bluetooth.h ++do : ++ ac_fn_c_check_header_mongrel "$LINENO" "bluetooth/bluetooth.h" "ac_cv_header_bluetooth_bluetooth_h" "$ac_includes_default" ++if test "x$ac_cv_header_bluetooth_bluetooth_h" = xyes; then : ++ cat >>confdefs.h <<_ACEOF ++#define HAVE_BLUETOOTH_BLUETOOTH_H 1 ++_ACEOF ++ ++fi ++ ++done ++ ++CFLAGS=$SAVE_CFLAGS ++ + # On Linux, netlink.h requires asm/types.h + for ac_header in linux/netlink.h + do : +diff --git a/configure.ac b/configure.ac +index 780f275..dceca1c 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1702,10 +1702,17 @@ sys/param.h sys/poll.h sys/random.h sys/select.h sys/socket.h sys/statvfs.h sys/ + sys/termio.h sys/time.h \ + sys/times.h sys/types.h sys/un.h sys/utsname.h sys/wait.h pty.h libutil.h \ + sys/resource.h netpacket/packet.h sysexits.h bluetooth.h \ +-bluetooth/bluetooth.h linux/tipc.h spawn.h util.h alloca.h) ++linux/tipc.h spawn.h util.h alloca.h) + AC_HEADER_DIRENT + AC_HEADER_MAJOR + ++# bluetooth/bluetooth.h has been known to not compile with -std=c99. ++# http://permalink.gmane.org/gmane.linux.bluez.kernel/22294 ++SAVE_CFLAGS=$CFLAGS ++CFLAGS="-std=c99 $CFLAGS" ++AC_CHECK_HEADERS(bluetooth/bluetooth.h) ++CFLAGS=$SAVE_CFLAGS ++ + # On Linux, netlink.h requires asm/types.h + AC_CHECK_HEADERS(linux/netlink.h,,,[ + #ifdef HAVE_ASM_TYPES_H diff --git a/lang/python/patches/006-remove-debian-multiarch-support.patch b/lang/python/patches/006-remove-debian-multiarch-support.patch deleted file mode 100644 index 01aa924..0000000 --- a/lang/python/patches/006-remove-debian-multiarch-support.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/setup.py b/setup.py -index 1d1ae72..511aed5 100644 ---- a/setup.py -+++ b/setup.py -@@ -444,7 +444,8 @@ class PyBuildExt(build_ext): - add_dir_to_list(self.compiler.include_dirs, '/usr/local/include') - if cross_compiling: - self.add_gcc_paths() -- self.add_multiarch_paths() -+ else: -+ self.add_multiarch_paths() - - # Add paths specified in the environment variables LDFLAGS and - # CPPFLAGS for header and library files. diff --git a/lang/python/patches/006-remove-multi-arch-and-local-paths.patch b/lang/python/patches/006-remove-multi-arch-and-local-paths.patch new file mode 100644 index 0000000..5d886df --- /dev/null +++ b/lang/python/patches/006-remove-multi-arch-and-local-paths.patch @@ -0,0 +1,16 @@ +--- a/setup.py ++++ b/setup.py +@@ -454,13 +454,8 @@ class PyBuildExt(build_ext): + os.unlink(tmpfile) + + def detect_modules(self): +- # Ensure that /usr/local is always used +- if not cross_compiling: +- add_dir_to_list(self.compiler.library_dirs, '/usr/local/lib') +- add_dir_to_list(self.compiler.include_dirs, '/usr/local/include') + if cross_compiling: + self.add_gcc_paths() +- self.add_multiarch_paths() + + # Add paths specified in the environment variables LDFLAGS and + # CPPFLAGS for header and library files. diff --git a/lang/python/patches/008-distutils-use-python-sysroot.patch b/lang/python/patches/008-distutils-use-python-sysroot.patch index 7cd7487..4aeb7ff 100644 --- a/lang/python/patches/008-distutils-use-python-sysroot.patch +++ b/lang/python/patches/008-distutils-use-python-sysroot.patch @@ -16,11 +16,9 @@ taken from the sysconfigdata module. Signed-off-by: Thomas Petazzoni -Index: b/Lib/distutils/sysconfig.py -=================================================================== --- a/Lib/distutils/sysconfig.py +++ b/Lib/distutils/sysconfig.py -@@ -19,8 +19,13 @@ +@@ -19,8 +19,13 @@ import sys from distutils.errors import DistutilsPlatformError # These are needed in a couple of spots, so just compute them once. @@ -36,11 +34,9 @@ Index: b/Lib/distutils/sysconfig.py # Path to the base directory of the project. On Windows the binary may # live in project/PCBuild9. If we're dealing with an x64 Windows build, -Index: b/Lib/distutils/command/build_ext.py -=================================================================== --- a/Lib/distutils/command/build_ext.py +++ b/Lib/distutils/command/build_ext.py -@@ -237,7 +237,10 @@ +@@ -240,7 +240,10 @@ class build_ext (Command): if (sysconfig.get_config_var('Py_ENABLE_SHARED')): if not sysconfig.python_build: # building third party extensions diff --git a/lang/python/patches/009-do-not-use-dblib_dir-when-cross-compiling.patch b/lang/python/patches/009-do-not-use-dblib_dir-when-cross-compiling.patch index b598097..ffc80a4 100644 --- a/lang/python/patches/009-do-not-use-dblib_dir-when-cross-compiling.patch +++ b/lang/python/patches/009-do-not-use-dblib_dir-when-cross-compiling.patch @@ -1,8 +1,6 @@ -diff --git a/setup.py b/setup.py -index 7868b7b..10ec68f 100644 --- a/setup.py +++ b/setup.py -@@ -1067,6 +1067,7 @@ class PyBuildExt(build_ext): +@@ -1083,6 +1083,7 @@ class PyBuildExt(build_ext): if db_setup_debug: print "db lib: ", dblib, "not found" except db_found: @@ -10,7 +8,7 @@ index 7868b7b..10ec68f 100644 if db_setup_debug: print "bsddb using BerkeleyDB lib:", db_ver, dblib print "bsddb lib dir:", dblib_dir, " inc dir:", db_incdir -@@ -1081,7 +1082,7 @@ class PyBuildExt(build_ext): +@@ -1097,7 +1098,7 @@ class PyBuildExt(build_ext): exts.append(Extension('_bsddb', ['_bsddb.c'], depends = ['bsddb.h'], library_dirs=dblib_dir, @@ -19,7 +17,7 @@ index 7868b7b..10ec68f 100644 include_dirs=db_incs, libraries=dblibs)) else: -@@ -1292,10 +1293,11 @@ class PyBuildExt(build_ext): +@@ -1308,10 +1309,11 @@ class PyBuildExt(build_ext): break elif cand == "bdb": if db_incs is not None: diff --git a/lang/python/patches/010-do-not-add-rt-lib-dirs-when-cross-compiling.patch b/lang/python/patches/010-do-not-add-rt-lib-dirs-when-cross-compiling.patch index 5a106d4..c319fd5 100644 --- a/lang/python/patches/010-do-not-add-rt-lib-dirs-when-cross-compiling.patch +++ b/lang/python/patches/010-do-not-add-rt-lib-dirs-when-cross-compiling.patch @@ -1,8 +1,6 @@ -diff --git a/setup.py b/setup.py -index 7868b7b..544fa7e 100644 --- a/setup.py +++ b/setup.py -@@ -452,8 +452,9 @@ class PyBuildExt(build_ext): +@@ -463,8 +463,9 @@ class PyBuildExt(build_ext): # directly since an inconsistently reproducible issue comes up where # the environment variable is not set even though the value were passed # into configure and stored in the Makefile (issue found on OS X 10.3). diff --git a/lang/python/patches/011-remove-setupterm-definition.patch b/lang/python/patches/011-remove-setupterm-definition.patch index e55d708..6cad204 100644 --- a/lang/python/patches/011-remove-setupterm-definition.patch +++ b/lang/python/patches/011-remove-setupterm-definition.patch @@ -1,5 +1,3 @@ -diff --git a/Modules/_cursesmodule.c b/Modules/_cursesmodule.c -index e478a57..eb297b4 100644 --- a/Modules/_cursesmodule.c +++ b/Modules/_cursesmodule.c @@ -117,7 +117,6 @@ char *PyCursesVersion = "2.2"; diff --git a/lang/ruby/Makefile b/lang/ruby/Makefile index adca82f..6b53d42 100644 --- a/lang/ruby/Makefile +++ b/lang/ruby/Makefile @@ -11,15 +11,15 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ruby -PKG_VERSION:=2.4.1 +PKG_VERSION:=2.4.3 PKG_RELEASE:=1 # First two numbes PKG_ABI_VERSION:=$(subst $(space),.,$(wordlist 1, 2, $(subst .,$(space),$(PKG_VERSION)))) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=http://cache.ruby-lang.org/pub/ruby/$(PKG_ABI_VERSION)/ -PKG_HASH:=4fc8a9992de3e90191de369270ea4b6c1b171b7941743614cc50822ddc1fe654 +PKG_SOURCE_URL:=https://cache.ruby-lang.org/pub/ruby/$(PKG_ABI_VERSION)/ +PKG_HASH:=23677d40bf3b7621ba64593c978df40b1e026d8653c74a0599f0ead78ed92b51 PKG_MAINTAINER:=Luiz Angelo Daros de Luca PKG_LICENSE:=BSD-2-Clause PKG_LICENSE_FILES:=COPYING diff --git a/libs/alsa-lib/Makefile b/libs/alsa-lib/Makefile index a97caf0..72619d8 100644 --- a/libs/alsa-lib/Makefile +++ b/libs/alsa-lib/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2006-2016 OpenWrt.org +# Copyright (C) 2006-2018 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=alsa-lib PKG_VERSION:=1.1.0 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=ftp://ftp.alsa-project.org/pub/lib/ \ diff --git a/libs/alsa-lib/patches/006-properly-define-S_IRUSR.patch b/libs/alsa-lib/patches/006-properly-define-S_IRUSR.patch new file mode 100644 index 0000000..d24e358 --- /dev/null +++ b/libs/alsa-lib/patches/006-properly-define-S_IRUSR.patch @@ -0,0 +1,32 @@ +From 3f1dba9a821b53b42001605f9a126a958804884f Mon Sep 17 00:00:00 2001 +From: Takashi Iwai +Date: Mon, 9 Nov 2015 13:37:26 +0100 +Subject: [PATCH] topology: Add missing include sys/stat.h + +Necessary for proper definitions of S_IRUSR & co. Otherwise it +results in compile errors with old glibc: + parser.c: In function 'snd_tplg_build_file': + parser.c:262: error: 'S_IRUSR' undeclared (first use in this function) + parser.c:262: error: (Each undeclared identifier is reported only once + parser.c:262: error: for each function it appears in.) + +Signed-off-by: Takashi Iwai +--- + src/topology/parser.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/topology/parser.c b/src/topology/parser.c +index 80a0ae0..18bb9c7 100644 +--- a/src/topology/parser.c ++++ b/src/topology/parser.c +@@ -16,6 +16,7 @@ + Liam Girdwood + */ + ++#include + #include "list.h" + #include "tplg_local.h" + +-- +1.7.11.7 + diff --git a/libs/gnutls/Makefile b/libs/gnutls/Makefile index aba3255..b5bbd15 100644 --- a/libs/gnutls/Makefile +++ b/libs/gnutls/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=gnutls -PKG_VERSION:=3.5.11 +PKG_VERSION:=3.5.16 PKG_RELEASE:=1 PKG_USE_MIPS16:=0 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5 -PKG_HASH:=51765cc5579e250da77fbd7871507c517d01b15353cc40af7b67e9ec7b6fe28f +PKG_SOURCE_URL:=https://www.gnupg.org/ftp/gcrypt/gnutls/v3.5 +PKG_HASH:=0924dec90c37c05f49fec966eba3672dab4d336d879e5c06e06e13325cbfec25 #PKG_FIXUP:=autoreconf gettext-version PKG_MAINTAINER:=Nikos Mavrogiannopoulos PKG_LICENSE:=LGPLv2.1+ diff --git a/libs/icu/Makefile b/libs/icu/Makefile index ecf261e..2fb0a85 100644 --- a/libs/icu/Makefile +++ b/libs/icu/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=icu4c PKG_VERSION:=58.2 -PKG_RELEASE:=2 +PKG_RELEASE:=4 PKG_SOURCE:=$(PKG_NAME)-58_2-src.tgz PKG_SOURCE_URL:=http://download.icu-project.org/files/$(PKG_NAME)/$(PKG_VERSION) diff --git a/libs/icu/patches/CVE-2017-14952.patch b/libs/icu/patches/CVE-2017-14952.patch new file mode 100644 index 0000000..b1fc144 --- /dev/null +++ b/libs/icu/patches/CVE-2017-14952.patch @@ -0,0 +1,10 @@ +Index: source/i18n/zonemeta.cpp +=================================================================== +--- source/i18n/zonemeta.cpp (revision 40283) ++++ source/i18n/zonemeta.cpp (revision 40324) +@@ -684,5 +684,4 @@ + if (U_FAILURE(status)) { + delete mzMappings; +- deleteOlsonToMetaMappingEntry(entry); + uprv_free(entry); + break; diff --git a/libs/icu/patches/CVE-2017-15422.patch b/libs/icu/patches/CVE-2017-15422.patch new file mode 100644 index 0000000..50e6f25 --- /dev/null +++ b/libs/icu/patches/CVE-2017-15422.patch @@ -0,0 +1,106 @@ +Index: source/i18n/gregoimp.cpp +=================================================================== +--- source/i18n/gregoimp.cpp (revision 40653) ++++ source/i18n/gregoimp.cpp (revision 40654) +@@ -24,4 +24,9 @@ + + int32_t ClockMath::floorDivide(int32_t numerator, int32_t denominator) { ++ return (numerator >= 0) ? ++ numerator / denominator : ((numerator + 1) / denominator) - 1; ++} ++ ++int64_t ClockMath::floorDivide(int64_t numerator, int64_t denominator) { + return (numerator >= 0) ? + numerator / denominator : ((numerator + 1) / denominator) - 1; +Index: source/i18n/gregoimp.h +=================================================================== +--- source/i18n/gregoimp.h (revision 40653) ++++ source/i18n/gregoimp.h (revision 40654) +@@ -40,4 +40,15 @@ + */ + static int32_t floorDivide(int32_t numerator, int32_t denominator); ++ ++ /** ++ * Divide two integers, returning the floor of the quotient. ++ * Unlike the built-in division, this is mathematically ++ * well-behaved. E.g., -1/4 => 0 but ++ * floorDivide(-1,4) => -1. ++ * @param numerator the numerator ++ * @param denominator a divisor which must be != 0 ++ * @return the floor of the quotient ++ */ ++ static int64_t floorDivide(int64_t numerator, int64_t denominator); + + /** +Index: source/i18n/persncal.cpp +=================================================================== +--- source/i18n/persncal.cpp (revision 40653) ++++ source/i18n/persncal.cpp (revision 40654) +@@ -214,5 +214,5 @@ + + int32_t daysSinceEpoch = julianDay - PERSIAN_EPOCH; +- year = 1 + ClockMath::floorDivide(33 * daysSinceEpoch + 3, 12053); ++ year = 1 + (int32_t)ClockMath::floorDivide(33 * (int64_t)daysSinceEpoch + 3, (int64_t)12053); + + int32_t farvardin1 = 365 * (year - 1) + ClockMath::floorDivide(8 * year + 21, 33); +Index: source/test/intltest/calregts.cpp +=================================================================== +--- source/test/intltest/calregts.cpp (revision 40653) ++++ source/test/intltest/calregts.cpp (revision 40654) +@@ -13,4 +13,5 @@ + #include "calregts.h" + ++#include "unicode/calendar.h" + #include "unicode/gregocal.h" + #include "unicode/simpletz.h" +@@ -91,4 +92,5 @@ + CASE(49,Test9019); + CASE(50,TestT9452); ++ CASE(51,TestPersianCalOverflow); + default: name = ""; break; + } +@@ -2946,4 +2948,34 @@ + } + } ++ ++/** ++ * @bug ticket 13454 ++ */ ++void CalendarRegressionTest::TestPersianCalOverflow(void) { ++ const char* localeID = "bs_Cyrl@calendar=persian"; ++ UErrorCode status = U_ZERO_ERROR; ++ Calendar* cal = Calendar::createInstance(Locale(localeID), status); ++ if(U_FAILURE(status)) { ++ dataerrln("FAIL: Calendar::createInstance for localeID %s: %s", localeID, u_errorName(status)); ++ } else { ++ int32_t maxMonth = cal->getMaximum(UCAL_MONTH); ++ int32_t maxDayOfMonth = cal->getMaximum(UCAL_DATE); ++ int32_t jd, month, dayOfMonth; ++ for (jd = 67023580; jd <= 67023584; jd++) { // year 178171, int32_t overflow if jd >= 67023582 ++ status = U_ZERO_ERROR; ++ cal->clear(); ++ cal->set(UCAL_JULIAN_DAY, jd); ++ month = cal->get(UCAL_MONTH, status); ++ dayOfMonth = cal->get(UCAL_DATE, status); ++ if ( U_FAILURE(status) ) { ++ errln("FAIL: Calendar->get MONTH/DATE for localeID %s, julianDay %d, status %s\n", localeID, jd, u_errorName(status)); ++ } else if (month > maxMonth || dayOfMonth > maxDayOfMonth) { ++ errln("FAIL: localeID %s, julianDay %d; maxMonth %d, got month %d; maxDayOfMonth %d, got dayOfMonth %d\n", ++ localeID, jd, maxMonth, month, maxDayOfMonth, dayOfMonth); ++ } ++ } ++ delete cal; ++ } ++} + + #endif /* #if !UCONFIG_NO_FORMATTING */ +Index: source/test/intltest/calregts.h +=================================================================== +--- source/test/intltest/calregts.h (revision 40653) ++++ source/test/intltest/calregts.h (revision 40654) +@@ -78,4 +78,5 @@ + void Test9019(void); + void TestT9452(void); ++ void TestPersianCalOverflow(void); + + void printdate(GregorianCalendar *cal, const char *string); diff --git a/libs/libevhtp/Makefile b/libs/libevhtp/Makefile new file mode 100644 index 0000000..a81e7ab --- /dev/null +++ b/libs/libevhtp/Makefile @@ -0,0 +1,51 @@ +# +# Copyright (C) 2007-2016 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +# NOTE: please DO NOT update this package without the maintainer's consent. +# See https://github.com/haiwen/seafile/issues/1119 + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libevhtp +PKG_VERSION:=1.1.6 +PKG_RELEASE:=1 +PKG_LICENSE:=BSD-3-Clause + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/ellzey/libevhtp.git +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_SOURCE_VERSION:=91071e2f20749cd469b87ac2ef1c158dc2a6806f +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz + +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/libevhtp + SECTION:=libs + CATEGORY:=Libraries + TITLE:=A more flexible replacement for libevent's httpd API + MAINTAINER:=Gergely Kiss + URL:=https://github.com/ellzey/libevhtp + DEPENDS:=+libevent2 +libevent2-openssl +libevent2-pthreads +libopenssl +libpthread +endef + +define Package/libevhtp/description + Libevhtp was created as a replacement API for Libevent's current HTTP API. + The reality of libevent's http interface is that it was created as a JIT server, + meaning the developer never thought of it being used for creating a full-fledged HTTP service. +endef + +include $(INCLUDE_DIR)/cmake.mk + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/{include,lib} + $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,libevhtp)) diff --git a/libs/libevhtp/patches/010-strcmp-endianness-fix.patch b/libs/libevhtp/patches/010-strcmp-endianness-fix.patch new file mode 100644 index 0000000..072b76b --- /dev/null +++ b/libs/libevhtp/patches/010-strcmp-endianness-fix.patch @@ -0,0 +1,49 @@ +diff -rupN libevhtp-1.2.9.orig/htparse/htparse.c libevhtp-1.2.9/htparse/htparse.c +--- libevhtp-1.2.9.orig/htparse/htparse.c 2014-03-23 12:50:50.000000000 +0100 ++++ libevhtp-1.2.9/htparse/htparse.c 2014-12-09 01:12:22.242001241 +0100 +@@ -197,6 +197,7 @@ static const char * method_strmap[] = { + + #define _MIN_READ(a, b) ((a) < (b) ? (a) : (b)) + ++#if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ + #define _str3_cmp(m, c0, c1, c2, c3) \ + *(uint32_t *)m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0) + +@@ -226,6 +227,37 @@ static const char * method_strmap[] = { + *(uint32_t *)m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0) \ + && ((uint32_t *)m)[1] == ((c7 << 24) | (c6 << 16) | (c5 << 8) | c4) \ + && m[8] == c8 ++#elif __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ ++#define _str3_cmp(m, c0, c1, c2, c3) \ ++ *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) ++ ++#define _str3Ocmp(m, c0, c1, c2, c3) \ ++ *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) ++ ++#define _str4cmp(m, c0, c1, c2, c3) \ ++ *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) ++ ++#define _str5cmp(m, c0, c1, c2, c3, c4) \ ++ *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \ ++ && m[4] == c4 ++ ++#define _str6cmp(m, c0, c1, c2, c3, c4, c5) \ ++ *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \ ++ && (((uint32_t *)m)[1] & 0xffff0000) == ((c4 << 24) | c5 << 16) ++ ++#define _str7_cmp(m, c0, c1, c2, c3, c4, c5, c6, c7) \ ++ *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \ ++ && ((uint32_t *)m)[1] == ((c4 << 24) | (c5 << 16) | (c6 << 8) | c7) ++ ++#define _str8cmp(m, c0, c1, c2, c3, c4, c5, c6, c7) \ ++ *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \ ++ && ((uint32_t *)m)[1] == ((c4 << 24) | (c5 << 16) | (c6 << 8) | c7) ++ ++#define _str9cmp(m, c0, c1, c2, c3, c4, c5, c6, c7, c8) \ ++ *(uint32_t *)m == ((c0 << 24) | (c1 << 16) | (c2 << 8) | c3) \ ++ && ((uint32_t *)m)[1] == ((c4 << 24) | (c5 << 16) | (c6 << 8) | c7) \ ++ && m[8] == c8 ++#endif + + #define __HTPARSE_GENHOOK(__n) \ + static inline int hook_ ## __n ## _run(htparser * p, htparse_hooks * hooks) { \ diff --git a/libs/libmraa/Makefile b/libs/libmraa/Makefile new file mode 100644 index 0000000..6908569 --- /dev/null +++ b/libs/libmraa/Makefile @@ -0,0 +1,51 @@ +# +# Copyright (C) 2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libmraa +PKG_VERSION:=0.8.0 + +PKG_RELEASE=$(PKG_SOURCE_VERSION) + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/intel-iot-devkit/mraa.git +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_SOURCE_VERSION:=70600dece4138b0c0dbaff42f57828f1559cd840 +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz +PKG_BUILD_DEPENDS:=node python/host swig/host node/host +CMAKE_INSTALL:=1 + +PKG_MAINTAINER:=John Crispin +PKG_LICENSE:=LGPL-2.1 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/cmake.mk + +CMAKE_OPTIONS=-DBUILDARCH=$(CONFIG_ARCH) \ + -DENABLEEXAMPLES=0 \ + -DNODE_EXECUTABLE=$(STAGING_DIR_HOSTPKG)/bin/node \ + -DSWIG_DIR=$(STAGING_DIR_HOSTPKG)/bin + +TARGET_CFLAGS+=-I$(STAGING_DIR)/usr/include/node + +define Package/libmraa + SECTION:=libs + CATEGORY:=Libraries + DEPENDS:=+python +libstdcpp + TITLE:=Intel IoT lowlevel IO library +endef + +define Package/libmraa/install + $(INSTALL_DIR) $(1)/usr/lib/{node/mraa,python2.7/site-packages} $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/libmraa.so* $(1)/usr/lib/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/node_modules/mraa/* $(1)/usr/lib/node/mraa/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/python2.7/site-packages/* $(1)/usr/lib/python2.7/site-packages/ +# $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/mraa/examples/python/blink-io8.py $(1)/usr/bin/ +endef + +$(eval $(call BuildPackage,libmraa)) diff --git a/libs/libmraa/patches/0001-base.patch b/libs/libmraa/patches/0001-base.patch new file mode 100644 index 0000000..5094389 --- /dev/null +++ b/libs/libmraa/patches/0001-base.patch @@ -0,0 +1,118 @@ +From 6fecad819376442d057bdd35a0909cfac9df02f5 Mon Sep 17 00:00:00 2001 +From: John Crispin +Date: Thu, 23 Jul 2015 12:18:39 +0200 +Subject: [PATCH 1/4] base + +--- + CMakeLists.txt | 10 ++++------ + api/mraa/types.h | 1 + + include/mraa_internal.h | 7 +++++++ + src/CMakeLists.txt | 5 +++++ + src/i2c/i2c.c | 2 +- + src/mraa.c | 3 +++ + src/uart/uart.c | 1 + + 7 files changed, 22 insertions(+), 7 deletions(-) + +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -14,12 +14,7 @@ + set (CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules ${CMAKE_MODULE_PATH}) + + # Make a version file containing the current version from git. +-include (GetGitRevisionDescription) +-git_describe (VERSION "--tags") +-if ("x_${VERSION}" STREQUAL "x_GIT-NOTFOUND" OR "x_${VERSION}" STREQUAL "x_HEAD-HASH-NOTFOUND") +- message (WARNING " - Install git to compile a production libmraa!") +- set (VERSION "v0.8.0-dirty") +-endif () ++set (VERSION "v0.8.0") + + message (INFO " - libmraa Version ${VERSION}") + +@@ -84,8 +79,10 @@ + set (X86PLAT ON) + elseif (DETECTED_ARCH MATCHES "arm.*") + set (ARMPLAT ON) ++elseif (DETECTED_ARCH MATCHES "mips") ++ set (MIPSPLAT ON) + else () +- message(FATAL_ERROR "Only x86 and arm platforms currently supported") ++ message(FATAL_ERROR "Only x86, arm and mips platforms currently supported") + endif() + + if (BUILDSWIGPYTHON) +--- a/api/mraa/types.h ++++ b/api/mraa/types.h +@@ -46,6 +46,7 @@ + MRAA_BEAGLEBONE = 6, /**< The different BeagleBone Black Modes B/C */ + MRAA_BANANA = 7, /**< Allwinner A20 based Banana Pi and Banana Pro */ + MRAA_INTEL_NUC5 = 8, /**< The Intel 5th generations Broadwell NUCs */ ++ MRAA_MTK_LINKIT = 9, /**< Mediatek MT7688 based Linkit (Air) */ + + // USB platform extenders start at 256 + MRAA_FTDI_FT4222 = 256, /**< FTDI FT4222 USB to i2c bridge */ +--- a/include/mraa_internal.h ++++ b/include/mraa_internal.h +@@ -66,6 +66,13 @@ + mraa_platform_t mraa_usb_platform_extender(mraa_board_t* board); + + /** ++ * runtime detect running arm platforms ++ * ++ * @return mraa_platform_t of the init'ed platform ++ */ ++mraa_platform_t mraa_mips_platform(); ++ ++/** + * helper function to check if file exists + * + * @param filename to check +--- a/src/CMakeLists.txt ++++ b/src/CMakeLists.txt +@@ -71,6 +71,11 @@ + add_subdirectory(usb) + endif () + ++if (MIPSPLAT) ++ add_subdirectory(mips) ++ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DMIPSPLAT=1") ++endif() ++ + set (mraa_LIB_SRCS + ${mraa_LIB_PLAT_SRCS_NOAUTO} + # autogenerated version file +--- a/src/i2c/i2c.c ++++ b/src/i2c/i2c.c +@@ -31,9 +31,9 @@ + #include + #include + #include ++#include + #include + #include +-#include + #include + #include "linux/i2c-dev.h" + +--- a/src/mraa.c ++++ b/src/mraa.c +@@ -111,6 +111,9 @@ + #elif defined(ARMPLAT) + // Use runtime ARM platform detection + platform_type = mraa_arm_platform(); ++#elif MIPSPLAT ++ // Use runtime ARM platform detection ++ platform_type = mraa_mips_platform(); + #else + #error mraa_ARCH NOTHING + #endif +--- a/src/uart/uart.c ++++ b/src/uart/uart.c +@@ -26,6 +26,7 @@ + + #include + #include ++#include + #include + #include + #include diff --git a/libs/libmraa/patches/0002-add-mips-support.patch b/libs/libmraa/patches/0002-add-mips-support.patch new file mode 100644 index 0000000..1936624 --- /dev/null +++ b/libs/libmraa/patches/0002-add-mips-support.patch @@ -0,0 +1,483 @@ +From 2c67c6f51ce5bab18c79f4304ccf42716f59f13c Mon Sep 17 00:00:00 2001 +From: John Crispin +Date: Thu, 23 Jul 2015 13:21:25 +0200 +Subject: [PATCH 2/4] add mips support + +Signed-off-by: John Crispin +--- + include/mips/mediatek.h | 39 ++++++ + src/mips/CMakeLists.txt | 6 + + src/mips/mediatek.c | 349 +++++++++++++++++++++++++++++++++++++++++++++++ + src/mips/mips.c | 60 ++++++++ + 4 files changed, 454 insertions(+) + create mode 100644 include/mips/mediatek.h + create mode 100644 src/mips/CMakeLists.txt + create mode 100644 src/mips/mediatek.c + create mode 100644 src/mips/mips.c + +--- /dev/null ++++ b/include/mips/mediatek.h +@@ -0,0 +1,39 @@ ++/* ++ * Author: Thomas Ingleby ++ * Author: Michael Ring ++ * Copyright (c) 2014 Intel Corporation. ++ * ++ * Permission is hereby granted, free of charge, to any person obtaining ++ * a copy of this software and associated documentation files (the ++ * "Software"), to deal in the Software without restriction, including ++ * without limitation the rights to use, copy, modify, merge, publish, ++ * distribute, sublicense, and/or sell copies of the Software, and to ++ * permit persons to whom the Software is furnished to do so, subject to ++ * the following conditions: ++ * ++ * The above copyright notice and this permission notice shall be ++ * included in all copies or substantial portions of the Software. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE ++ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION ++ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION ++ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ++ */ ++ ++#pragma once ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++#include "mraa_internal.h" ++ ++mraa_board_t * ++ mraa_mtk_linkit(); ++ ++#ifdef __cplusplus ++} ++#endif +--- /dev/null ++++ b/src/mips/CMakeLists.txt +@@ -0,0 +1,6 @@ ++message (INFO " - Adding MIPS platforms") ++set (mraa_LIB_PLAT_SRCS_NOAUTO ${mraa_LIB_SRCS_NOAUTO} ++ ${PROJECT_SOURCE_DIR}/src/mips/mips.c ++ ${PROJECT_SOURCE_DIR}/src/mips/mediatek.c ++ PARENT_SCOPE ++) +--- /dev/null ++++ b/src/mips/mediatek.c +@@ -0,0 +1,349 @@ ++/* ++ * Author: Thomas Ingleby ++ * Author: Michael Ring ++ * Copyright (c) 2014 Intel Corporation. ++ * ++ * Permission is hereby granted, free of charge, to any person obtaining ++ * a copy of this software and associated documentation files (the ++ * "Software"), to deal in the Software without restriction, including ++ * without limitation the rights to use, copy, modify, merge, publish, ++ * distribute, sublicense, and/or sell copies of the Software, and to ++ * permit persons to whom the Software is furnished to do so, subject to ++ * the following conditions: ++ * ++ * The above copyright notice and this permission notice shall be ++ * included in all copies or substantial portions of the Software. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE ++ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION ++ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION ++ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include "mraa_internal.h" ++ ++#include "common.h" ++ ++#define PLATFORM_MEDIATEK_LINKIT 1 ++#define PLATFORM_MEDIATEK_LINKIT_AIR 2 ++#define MMAP_PATH "/dev/mem" ++#define MT7628_GPIO_BASE 0x100 ++#define MT7628_BLOCK_SIZE (4 * 1024) ++#define MT7628_GPIO_CTRL 0x00 ++#define MT7628_GPIO_DATA 0x20 ++#define MT7628_GPIO_SET 0x30 ++#define MT7628_GPIO_CLEAR 0x40 ++ ++#define MAX_SIZE 64 ++ ++// MMAP ++static uint8_t* mmap_reg = NULL; ++static int mmap_fd = 0; ++static int mmap_size; ++static unsigned int mmap_count = 0; ++static int platform_detected = 0; ++ ++mraa_result_t ++mraa_mtk_linkit_mmap_write(mraa_gpio_context dev, int value) ++{ ++ volatile uint32_t* addr; ++ if (value) { ++ *(volatile uint32_t*) (mmap_reg + MT7628_GPIO_SET + (dev->pin / 32) * 4) = ++ (uint32_t)(1 << (dev->pin % 32)); ++ } else { ++ *(volatile uint32_t*) (mmap_reg + MT7628_GPIO_CLEAR + (dev->pin / 32) * 4) = ++ (uint32_t)(1 << (dev->pin % 32)); ++ } ++ return MRAA_SUCCESS; ++} ++ ++static mraa_result_t ++mraa_mtk_linkit_mmap_unsetup() ++{ ++ if (mmap_reg == NULL) { ++ syslog(LOG_ERR, "linkit mmap: null register can't unsetup"); ++ return MRAA_ERROR_INVALID_RESOURCE; ++ } ++ munmap(mmap_reg, mmap_size); ++ mmap_reg = NULL; ++ if (close(mmap_fd) != 0) { ++ return MRAA_ERROR_INVALID_RESOURCE; ++ } ++ return MRAA_SUCCESS; ++} ++ ++int ++mraa_mtk_linkit_mmap_read(mraa_gpio_context dev) ++{ ++ uint32_t value = *(volatile uint32_t*) (mmap_reg + MT7628_GPIO_DATA + (dev->pin / 32) * 4); ++ if (value & (uint32_t)(1 << (dev->pin % 32))) { ++ return 1; ++ } ++ return 0; ++} ++ ++mraa_result_t ++mraa_mtk_linkit_mmap_setup(mraa_gpio_context dev, mraa_boolean_t en) ++{ ++ if (dev == NULL) { ++ syslog(LOG_ERR, "linkit mmap: context not valid"); ++ return MRAA_ERROR_INVALID_HANDLE; ++ } ++ ++ if (en == 0) { ++ if (dev->mmap_write == NULL && dev->mmap_read == NULL) { ++ syslog(LOG_ERR, "linkit mmap: can't disable disabled mmap gpio"); ++ return MRAA_ERROR_INVALID_PARAMETER; ++ } ++ dev->mmap_write = NULL; ++ dev->mmap_read = NULL; ++ mmap_count--; ++ if (mmap_count == 0) { ++ return mraa_mtk_linkit_mmap_unsetup(); ++ } ++ return MRAA_SUCCESS; ++ } ++ ++ if (dev->mmap_write != NULL && dev->mmap_read != NULL) { ++ syslog(LOG_ERR, "linkit mmap: can't enable enabled mmap gpio"); ++ return MRAA_ERROR_INVALID_PARAMETER; ++ } ++ ++ // Might need to make some elements of this thread safe. ++ // For example only allow one thread to enter the following block ++ // to prevent mmap'ing twice. ++ if (mmap_reg == NULL) { ++ if ((mmap_fd = open(MMAP_PATH, O_RDWR)) < 0) { ++ syslog(LOG_ERR, "linkit map: unable to open resource0 file"); ++ return MRAA_ERROR_INVALID_HANDLE; ++ } ++ ++ mmap_reg = (uint8_t*) mmap(NULL, MT7628_BLOCK_SIZE, PROT_READ | PROT_WRITE, ++ MAP_FILE | MAP_SHARED, mmap_fd, MT7628_GPIO_BASE); ++ if (mmap_reg == MAP_FAILED) { ++ syslog(LOG_ERR, "linkit mmap: failed to mmap"); ++ mmap_reg = NULL; ++ close(mmap_fd); ++ return MRAA_ERROR_NO_RESOURCES; ++ } ++ } ++ dev->mmap_write = &mraa_mtk_linkit_mmap_write; ++ dev->mmap_read = &mraa_mtk_linkit_mmap_read; ++ mmap_count++; ++ ++ return MRAA_SUCCESS; ++} ++ ++mraa_board_t* ++mraa_mtk_linkit() ++{ ++ mraa_board_t* b = (mraa_board_t*) malloc(sizeof(mraa_board_t)); ++ if (b == NULL) { ++ return NULL; ++ } ++ ++ b->platform_name = "LINKIT"; ++ platform_detected = PLATFORM_MEDIATEK_LINKIT; ++ b->phy_pin_count = 31; ++ ++ b->aio_count = 0; ++ b->adc_raw = 0; ++ b->adc_supported = 0; ++ b->pwm_default_period = 500; ++ b->pwm_max_period = 2147483; ++ b->pwm_min_period = 1; ++ ++ b->pins = (mraa_pininfo_t*) malloc(sizeof(mraa_pininfo_t) * b->phy_pin_count); ++ ++ advance_func->gpio_mmap_setup = &mraa_mtk_linkit_mmap_setup; ++ ++ strncpy(b->pins[0].name, "P0", MRAA_PIN_NAME_SIZE); ++ b->pins[0].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; ++ ++ strncpy(b->pins[1].name, "P1", MRAA_PIN_NAME_SIZE); ++ b->pins[1].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; ++ ++ strncpy(b->pins[2].name, "P2", MRAA_PIN_NAME_SIZE); ++ b->pins[2].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; ++ ++ strncpy(b->pins[3].name, "P3", MRAA_PIN_NAME_SIZE); ++ b->pins[3].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; ++ ++ strncpy(b->pins[4].name, "P4", MRAA_PIN_NAME_SIZE); ++ b->pins[4].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; ++ ++ strncpy(b->pins[5].name, "P5", MRAA_PIN_NAME_SIZE); ++ b->pins[5].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; ++ ++ strncpy(b->pins[6].name, "P6", MRAA_PIN_NAME_SIZE); ++ b->pins[6].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; ++ ++ strncpy(b->pins[7].name, "P7", MRAA_PIN_NAME_SIZE); ++ b->pins[7].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; ++ ++ strncpy(b->pins[8].name, "P8", MRAA_PIN_NAME_SIZE); ++ b->pins[8].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; ++ b->pins[8].gpio.pinmap = 21; ++ b->pins[8].uart.parent_id = 2; ++ b->pins[8].uart.mux_total = 0; ++ ++ strncpy(b->pins[9].name, "P9", MRAA_PIN_NAME_SIZE); ++ b->pins[9].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; ++ b->pins[9].gpio.pinmap = 20; ++ b->pins[9].uart.parent_id = 2; ++ b->pins[9].uart.mux_total = 0; ++ ++ strncpy(b->pins[10].name, "P10", MRAA_PIN_NAME_SIZE); ++ b->pins[10].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[10].gpio.pinmap = 2; ++ ++ strncpy(b->pins[11].name, "P11", MRAA_PIN_NAME_SIZE); ++ b->pins[11].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[11].gpio.pinmap = 3; ++ ++ strncpy(b->pins[12].name, "P12", MRAA_PIN_NAME_SIZE); ++ b->pins[12].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[12].gpio.pinmap = 0; ++ ++ strncpy(b->pins[13].name, "P13", MRAA_PIN_NAME_SIZE); ++ b->pins[13].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[13].gpio.pinmap = 1; ++ ++ strncpy(b->pins[14].name, "P14", MRAA_PIN_NAME_SIZE); ++ b->pins[14].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; ++ ++ strncpy(b->pins[15].name, "P15", MRAA_PIN_NAME_SIZE); ++ b->pins[15].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[15].gpio.pinmap = 44; ++ ++ strncpy(b->pins[16].name, "P16", MRAA_PIN_NAME_SIZE); ++ b->pins[16].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; ++ b->pins[16].gpio.pinmap = 46; ++ b->pins[16].uart.parent_id = 1; ++ b->pins[16].uart.mux_total = 0; ++ ++ strncpy(b->pins[17].name, "P17", MRAA_PIN_NAME_SIZE); ++ b->pins[17].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; ++ b->pins[17].gpio.pinmap = 45; ++ b->pins[17].uart.parent_id = 1; ++ b->pins[17].uart.mux_total = 0; ++ ++ strncpy(b->pins[18].name, "P18", MRAA_PIN_NAME_SIZE); ++ b->pins[18].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; ++ b->pins[18].gpio.pinmap = 13; ++ b->pins[18].uart.parent_id = 1; ++ b->pins[18].uart.mux_total = 0; ++ ++ strncpy(b->pins[19].name, "P19", MRAA_PIN_NAME_SIZE); ++ b->pins[19].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; ++ b->pins[19].gpio.pinmap = 12; ++ b->pins[19].uart.parent_id = 0; ++ b->pins[19].uart.mux_total = 0; ++ ++ strncpy(b->pins[20].name, "P20", MRAA_PIN_NAME_SIZE); ++ b->pins[20].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 1, 0, 0 }; ++ b->pins[20].gpio.pinmap = 5; ++ b->pins[20].i2c.pinmap = 0; ++ b->pins[20].i2c.mux_total = 0; ++ ++ strncpy(b->pins[21].name, "P21", MRAA_PIN_NAME_SIZE); ++ b->pins[21].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 1, 0, 0 }; ++ b->pins[21].gpio.pinmap = 4; ++ b->pins[21].i2c.pinmap = 0; ++ b->pins[21].i2c.mux_total = 0; ++ ++ strncpy(b->pins[22].name, "P22", MRAA_PIN_NAME_SIZE); ++ b->pins[22].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 }; ++ b->pins[22].gpio.pinmap = 8; ++ b->pins[22].spi.pinmap = 0; ++ b->pins[22].spi.mux_total = 0; ++ ++ strncpy(b->pins[23].name, "P23", MRAA_PIN_NAME_SIZE); ++ b->pins[23].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 }; ++ b->pins[23].gpio.pinmap = 9; ++ b->pins[23].spi.pinmap = 0; ++ b->pins[23].spi.mux_total = 0; ++ ++ strncpy(b->pins[24].name, "P24", MRAA_PIN_NAME_SIZE); ++ b->pins[24].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 }; ++ b->pins[24].gpio.pinmap = 7; ++ b->pins[24].spi.pinmap = 0; ++ b->pins[24].spi.mux_total = 0; ++ ++ strncpy(b->pins[25].name, "P25", MRAA_PIN_NAME_SIZE); ++ b->pins[25].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 }; ++ b->pins[25].gpio.pinmap = 6; ++ b->pins[25].spi.pinmap = 0; ++ b->pins[25].spi.mux_total = 0; ++ ++ strncpy(b->pins[26].name, "P26", MRAA_PIN_NAME_SIZE); ++ b->pins[26].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 0 }; ++ b->pins[26].gpio.pinmap = 18; ++ ++ strncpy(b->pins[27].name, "P27", MRAA_PIN_NAME_SIZE); ++ b->pins[27].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 0 }; ++ b->pins[27].gpio.pinmap = 19; ++ ++ strncpy(b->pins[28].name, "P28", MRAA_PIN_NAME_SIZE); ++ b->pins[28].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[28].gpio.pinmap = 16; ++ ++ strncpy(b->pins[29].name, "P29", MRAA_PIN_NAME_SIZE); ++ b->pins[29].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[29].gpio.pinmap = 17; ++ ++ strncpy(b->pins[30].name, "P30", MRAA_PIN_NAME_SIZE); ++ b->pins[30].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[30].gpio.pinmap = 14; ++ ++ strncpy(b->pins[31].name, "P31", MRAA_PIN_NAME_SIZE); ++ b->pins[31].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[31].gpio.pinmap = 15; ++ ++ // BUS DEFINITIONS ++ b->i2c_bus_count = 1; ++ b->def_i2c_bus = 0; ++ b->i2c_bus[0].bus_id = 0; ++ b->i2c_bus[0].sda = 20; ++ b->i2c_bus[0].scl = 21; ++ ++ b->spi_bus_count = 1; ++ b->def_spi_bus = 0; ++ b->spi_bus[0].bus_id = 0; ++ b->spi_bus[0].slave_s = 0; ++ b->spi_bus[0].cs = 25; ++ b->spi_bus[0].mosi = 22; ++ b->spi_bus[0].miso = 23; ++ b->spi_bus[0].sclk = 21; ++ ++ b->uart_dev_count = 3; ++ b->def_uart_dev = 0; ++ b->uart_dev[0].rx = 18; ++ b->uart_dev[0].tx = 19; ++ ++ b->uart_dev[1].rx = 16; ++ b->uart_dev[1].tx = 17; ++ ++ b->uart_dev[2].rx = 9; ++ b->uart_dev[2].tx = 8; ++ ++ b->gpio_count = 0; ++ int i; ++ for (i = 0; i < b->phy_pin_count; i++) { ++ if (b->pins[i].capabilites.gpio) { ++ b->gpio_count++; ++ } ++ } ++ ++ return b; ++} +--- /dev/null ++++ b/src/mips/mips.c +@@ -0,0 +1,60 @@ ++/* ++ * Author: Thomas Ingleby ++ * Author: Michael Ring ++ * Copyright (c) 2014 Intel Corporation. ++ * ++ * Permission is hereby granted, free of charge, to any person obtaining ++ * a copy of this software and associated documentation files (the ++ * "Software"), to deal in the Software without restriction, including ++ * without limitation the rights to use, copy, modify, merge, publish, ++ * distribute, sublicense, and/or sell copies of the Software, and to ++ * permit persons to whom the Software is furnished to do so, subject to ++ * the following conditions: ++ * ++ * The above copyright notice and this permission notice shall be ++ * included in all copies or substantial portions of the Software. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE ++ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION ++ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION ++ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ++ */ ++ ++#include ++#include ++ ++#include "mraa_internal.h" ++#include "mips/mediatek.h" ++ ++mraa_platform_t ++mraa_mips_platform() ++{ ++ mraa_platform_t platform_type = MRAA_UNKNOWN_PLATFORM; ++ size_t len = 100; ++ char* line = malloc(len); ++ FILE* fh = fopen("/proc/cpuinfo", "r"); ++ if (fh != NULL) { ++ while (getline(&line, &len, fh) != -1) { ++ if (strncmp(line, "machine", 7) == 0) { ++ if (strstr(line, "MediaTek LinkIt Smart 7688")) { ++ platform_type = MRAA_MTK_LINKIT; ++ } ++ } ++ } ++ fclose(fh); ++ } ++ free(line); ++ ++ switch (platform_type) { ++ case MRAA_MTK_LINKIT: ++ plat = mraa_mtk_linkit(); ++ break; ++ default: ++ plat = NULL; ++ syslog(LOG_ERR, "Unknown Platform, currently not supported by MRAA"); ++ } ++ return platform_type; ++} diff --git a/libs/libmraa/patches/0003-uart.patch b/libs/libmraa/patches/0003-uart.patch new file mode 100644 index 0000000..647abc5 --- /dev/null +++ b/libs/libmraa/patches/0003-uart.patch @@ -0,0 +1,26 @@ +From 9540f9b93704e8e80ab2048954ca88d8e6eddf86 Mon Sep 17 00:00:00 2001 +From: John Crispin +Date: Thu, 23 Jul 2015 16:43:42 +0200 +Subject: [PATCH 3/4] uart + +--- + src/uart/uart.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/uart/uart.c b/src/uart/uart.c +index 3ef55a4..5102f81 100644 +--- a/src/uart/uart.c ++++ b/src/uart/uart.c +@@ -34,6 +34,9 @@ + #include "uart.h" + #include "mraa_internal.h" + ++#ifndef CMSPAR ++#define CMSPAR 010000000000 ++#endif + // This function takes an unsigned int and converts it to a B* speed_t + // that can be used with linux/posix termios + static speed_t +-- +1.7.10.4 + diff --git a/libs/libmraa/patches/0004-fixes.patch b/libs/libmraa/patches/0004-fixes.patch new file mode 100644 index 0000000..40e5930 --- /dev/null +++ b/libs/libmraa/patches/0004-fixes.patch @@ -0,0 +1,666 @@ +From 3c34e5f87a741ec2fc7809fc8c169a832275d32c Mon Sep 17 00:00:00 2001 +From: John Crispin +Date: Thu, 23 Jul 2015 18:19:32 +0200 +Subject: [PATCH 4/4] fixes + +--- + src/mips/mediatek.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +--- a/src/mips/mediatek.c ++++ b/src/mips/mediatek.c +@@ -37,12 +37,12 @@ + #define PLATFORM_MEDIATEK_LINKIT 1 + #define PLATFORM_MEDIATEK_LINKIT_AIR 2 + #define MMAP_PATH "/dev/mem" +-#define MT7628_GPIO_BASE 0x100 +-#define MT7628_BLOCK_SIZE (4 * 1024) +-#define MT7628_GPIO_CTRL 0x00 +-#define MT7628_GPIO_DATA 0x20 +-#define MT7628_GPIO_SET 0x30 +-#define MT7628_GPIO_CLEAR 0x40 ++#define MT7628_GPIOMODE_BASE 0x10000000 ++#define MT7628_BLOCK_SIZE 0x1000 ++#define MT7628_GPIO_CTRL 0x600 ++#define MT7628_GPIO_DATA 0x620 ++#define MT7628_GPIO_SET 0x630 ++#define MT7628_GPIO_CLEAR 0x640 + + #define MAX_SIZE 64 + +@@ -50,6 +50,9 @@ + static uint8_t* mmap_reg = NULL; + static int mmap_fd = 0; + static int mmap_size; ++static uint8_t* gpio_mmap_reg = NULL; ++static int gpio_mmap_fd = 0; ++static int gpio_mmap_size; + static unsigned int mmap_count = 0; + static int platform_detected = 0; + +@@ -129,9 +132,10 @@ + } + + mmap_reg = (uint8_t*) mmap(NULL, MT7628_BLOCK_SIZE, PROT_READ | PROT_WRITE, +- MAP_FILE | MAP_SHARED, mmap_fd, MT7628_GPIO_BASE); ++ MAP_FILE | MAP_SHARED, mmap_fd, 0x10000000); + if (mmap_reg == MAP_FAILED) { +- syslog(LOG_ERR, "linkit mmap: failed to mmap"); ++ perror("foo"); ++ syslog(LOG_ERR, "linkit mmap: failed to mmap"); + mmap_reg = NULL; + close(mmap_fd); + return MRAA_ERROR_NO_RESOURCES; +@@ -144,201 +148,442 @@ + return MRAA_SUCCESS; + } + ++static int mmap_gpiomode(void) ++{ ++ if ((gpio_mmap_fd = open(MMAP_PATH, O_RDWR)) < 0) { ++ syslog(LOG_ERR, "linkit map: unable to open resource0 file"); ++ return MRAA_ERROR_INVALID_HANDLE; ++ } ++ ++ gpio_mmap_reg = (uint8_t*) mmap(NULL, MT7628_BLOCK_SIZE, PROT_READ | PROT_WRITE, ++ MAP_FILE | MAP_SHARED, gpio_mmap_fd, MT7628_GPIOMODE_BASE); ++ if (gpio_mmap_reg == MAP_FAILED) { ++ syslog(LOG_ERR, "linkit gpio_mmap: failed to mmap"); ++ gpio_mmap_reg = NULL; ++ close(gpio_mmap_fd); ++ return MRAA_ERROR_NO_RESOURCES; ++ } ++ return 0; ++} ++ ++static void set_gpiomode(unsigned int mask, unsigned int shift, unsigned int val) ++{ ++ unsigned int reg; ++ unsigned int offset = 0x60; ++ ++ if (shift >= 32) { ++ shift -= 32; ++ offset += 4; ++ } ++ ++ reg = *(volatile uint32_t*) (gpio_mmap_reg + offset); ++ ++ reg &= ~(mask << shift); ++ reg |= (val << shift); ++ *(volatile uint32_t*) (gpio_mmap_reg + offset) = reg; ++} ++ ++enum { ++ MUX_GPIO = 0, ++ MUX_SPI_S, ++ MUX_SPI_CS1, ++ MUX_I2S, ++ MUX_UART0, ++ MUX_I2C, ++ MUX_UART1, ++ MUX_UART2, ++ MUX_PWM0, ++ MUX_PWM1, ++ MUX_EPHY, ++ MUX_WLED, ++ __MUX_MAX, ++}; ++ ++static unsigned char gpio_mux_groups[64]; ++static struct pinmux { ++ char *name; ++ char *func[4]; ++ unsigned int shift; ++ unsigned int mask; ++} mt7688_mux[] = { ++ { ++ .name = "refclk", ++ .func = { "refclk", "gpio", NULL, NULL }, ++ .shift = 18, ++ .mask = 0x1, ++ }, { ++ .name = "spi_s", ++ .func = { "spi_s", "gpio", "utif", "pwm" }, ++ .shift = 2, ++ .mask = 0x3, ++ }, { ++ .name = "spi_cs1", ++ .func = { "spi_cs1", "gpio", NULL, "refclk" }, ++ .shift = 4, ++ .mask = 0x3, ++ }, { ++ .name = "i2s", ++ .func = { "i2s", "gpio", "pcm", NULL }, ++ .shift = 6, ++ .mask = 0x3, ++ }, { ++ .name = "uart0", ++ .func = { "uart", "gpio", NULL, NULL }, ++ .shift = 8, ++ .mask = 0x3, ++ }, { ++ .name = "i2c", ++ .func = { "i2c", "gpio", NULL, NULL }, ++ .shift = 20, ++ .mask = 0x3, ++ }, { ++ .name = "uart1", ++ .func = { "uart", "gpio", NULL, NULL }, ++ .shift = 24, ++ .mask = 0x3, ++ }, { ++ .name = "uart2", ++ .func = { "uart", "gpio", "pwm", NULL }, ++ .shift = 26, ++ .mask = 0x3, ++ }, { ++ .name = "pwm0", ++ .func = { "pwm", "gpio", NULL, NULL }, ++ .shift = 28, ++ .mask = 0x3, ++ }, { ++ .name = "pwm1", ++ .func = { "pwm", "gpio", NULL, NULL }, ++ .shift = 30, ++ .mask = 0x3, ++ }, { ++ .name = "ephy", ++ .func = { "ephy", "gpio", NULL, NULL }, ++ .shift = 34, ++ .mask = 0x3, ++ }, { ++ .name = "wled", ++ .func = { "wled", "gpio", NULL, NULL }, ++ .shift = 32, ++ .mask = 0x3, ++ }, ++}; ++ ++mraa_result_t gpio_init_pre(int pin) ++{ ++ struct pinmux *m = &mt7688_mux[gpio_mux_groups[pin]]; ++ ++ set_gpiomode(m->mask, m->shift, 1); ++ ++ return 0; ++} ++ ++static void gpiomode_set(unsigned int id, char *name) ++{ ++ int i; ++ ++ if (id >= __MUX_MAX) ++ return; ++ ++ for (i = 0; i < 4; i++) { ++ if (!mt7688_mux[id].func[i] || strcmp(mt7688_mux[id].func[i], name)) ++ continue; ++ set_gpiomode(mt7688_mux[id].mask, mt7688_mux[id].shift, i); ++ syslog(0, "mraa: set pinmux %s -> %s\n", mt7688_mux[id].name, name); ++ return; ++ } ++} ++ ++mraa_result_t i2c_init_pre(unsigned int bus) ++{ ++ gpiomode_set(MUX_I2C, "i2c"); ++ return 0; ++} ++ ++mraa_result_t ++pwm_init_post(mraa_pwm_context pwm) ++{ ++ switch(pwm->pin) { ++ case 0: ++ gpiomode_set(MUX_PWM0, "pwm"); ++ break; ++ case 1: ++ gpiomode_set(MUX_PWM1, "pwm"); ++ break; ++ case 2: ++ case 3: ++ gpiomode_set(MUX_UART2, "pwm"); ++ break; ++ } ++ return 0; ++} ++ ++mraa_result_t spi_init_pre(int bus) ++{ ++ gpiomode_set(MUX_SPI_CS1, "spi_cs1"); ++ return 0; ++} ++ ++mraa_result_t uart_init_pre(int index) ++{ ++ switch(index) { ++ case 0: ++ gpiomode_set(MUX_UART0, "uart"); ++ break; ++ case 1: ++ gpiomode_set(MUX_UART1, "uart"); ++ break; ++ case 2: ++ gpiomode_set(MUX_UART2, "uart"); ++ break; ++ } ++ return 0; ++} ++ ++mraa_result_t ++i2c_freq(mraa_i2c_context dev, mraa_i2c_mode_t mode) ++{ ++ switch (mode) { ++ case MRAA_I2C_STD: ++ break; ++ default: ++ syslog(LOG_ERR, "Invalid i2c frequency"); ++ break; ++ } ++ return MRAA_SUCCESS; ++} ++ ++ + mraa_board_t* + mraa_mtk_linkit() + { ++ int i; ++ ++ if (mmap_gpiomode()) ++ return NULL; ++ + mraa_board_t* b = (mraa_board_t*) malloc(sizeof(mraa_board_t)); + if (b == NULL) { + return NULL; + } + +- b->platform_name = "LINKIT"; ++ memset(b, 0, sizeof(mraa_board_t)); ++ ++ b->platform_name = "LinkIt Smart 7688"; + platform_detected = PLATFORM_MEDIATEK_LINKIT; +- b->phy_pin_count = 31; ++ b->phy_pin_count = 64; + + b->aio_count = 0; + b->adc_raw = 0; + b->adc_supported = 0; + b->pwm_default_period = 500; +- b->pwm_max_period = 2147483; ++ b->pwm_max_period = 1000000; + b->pwm_min_period = 1; + +- b->pins = (mraa_pininfo_t*) malloc(sizeof(mraa_pininfo_t) * b->phy_pin_count); +- +- advance_func->gpio_mmap_setup = &mraa_mtk_linkit_mmap_setup; +- +- strncpy(b->pins[0].name, "P0", MRAA_PIN_NAME_SIZE); +- b->pins[0].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; +- +- strncpy(b->pins[1].name, "P1", MRAA_PIN_NAME_SIZE); +- b->pins[1].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; +- +- strncpy(b->pins[2].name, "P2", MRAA_PIN_NAME_SIZE); +- b->pins[2].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; +- +- strncpy(b->pins[3].name, "P3", MRAA_PIN_NAME_SIZE); +- b->pins[3].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; +- +- strncpy(b->pins[4].name, "P4", MRAA_PIN_NAME_SIZE); +- b->pins[4].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; +- +- strncpy(b->pins[5].name, "P5", MRAA_PIN_NAME_SIZE); +- b->pins[5].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; +- +- strncpy(b->pins[6].name, "P6", MRAA_PIN_NAME_SIZE); +- b->pins[6].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; +- +- strncpy(b->pins[7].name, "P7", MRAA_PIN_NAME_SIZE); +- b->pins[7].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; +- +- strncpy(b->pins[8].name, "P8", MRAA_PIN_NAME_SIZE); +- b->pins[8].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; +- b->pins[8].gpio.pinmap = 21; +- b->pins[8].uart.parent_id = 2; +- b->pins[8].uart.mux_total = 0; ++ b->adv_func = (mraa_adv_func_t*) calloc(1, sizeof(mraa_adv_func_t)); ++ if (b->adv_func == NULL) { ++ return NULL; ++ } + +- strncpy(b->pins[9].name, "P9", MRAA_PIN_NAME_SIZE); +- b->pins[9].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; +- b->pins[9].gpio.pinmap = 20; +- b->pins[9].uart.parent_id = 2; +- b->pins[9].uart.mux_total = 0; ++ b->adv_func->i2c_init_pre = i2c_init_pre; ++ b->adv_func->pwm_init_post = pwm_init_post; ++ b->adv_func->spi_init_pre = spi_init_pre; ++ b->adv_func->uart_init_pre = uart_init_pre; ++ b->adv_func->gpio_init_pre = gpio_init_pre; ++ b->adv_func->i2c_set_frequency_replace = &i2c_freq; + +- strncpy(b->pins[10].name, "P10", MRAA_PIN_NAME_SIZE); +- b->pins[10].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; +- b->pins[10].gpio.pinmap = 2; ++ b->pins = (mraa_pininfo_t*) malloc(sizeof(mraa_pininfo_t) * b->phy_pin_count); + +- strncpy(b->pins[11].name, "P11", MRAA_PIN_NAME_SIZE); +- b->pins[11].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; +- b->pins[11].gpio.pinmap = 3; ++ memset(b->pins, 0, sizeof(mraa_pininfo_t) * b->phy_pin_count); ++ memset(gpio_mux_groups, -1, sizeof(gpio_mux_groups)); + +- strncpy(b->pins[12].name, "P12", MRAA_PIN_NAME_SIZE); +- b->pins[12].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; +- b->pins[12].gpio.pinmap = 0; ++ b->adv_func->gpio_mmap_setup = &mraa_mtk_linkit_mmap_setup; + +- strncpy(b->pins[13].name, "P13", MRAA_PIN_NAME_SIZE); +- b->pins[13].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; +- b->pins[13].gpio.pinmap = 1; ++ for (i = 0; i < b->phy_pin_count; i++) { ++ snprintf(b->pins[i].name, MRAA_PIN_NAME_SIZE, "GPIO%d", i); ++ b->pins[i].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; ++ } + +- strncpy(b->pins[14].name, "P14", MRAA_PIN_NAME_SIZE); +- b->pins[14].capabilites = (mraa_pincapabilities_t){ 0, 0, 0, 0, 0, 0, 0, 0 }; ++ strncpy(b->pins[43].name, "GPIO43", MRAA_PIN_NAME_SIZE); ++ b->pins[43].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[43].gpio.pinmap = 43; ++ gpio_mux_groups[43] = MUX_EPHY; ++ ++ strncpy(b->pins[20].name, "GPIO20", MRAA_PIN_NAME_SIZE); ++ b->pins[20].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 1 }; ++ b->pins[20].gpio.pinmap = 20; ++ b->pins[20].uart.parent_id = 2; ++ b->pins[20].uart.mux_total = 0; ++ b->pins[20].pwm.parent_id = 0; ++ b->pins[20].pwm.pinmap = 2; ++ gpio_mux_groups[20] = MUX_UART2; ++ ++ strncpy(b->pins[21].name, "GPIO21", MRAA_PIN_NAME_SIZE); ++ b->pins[21].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 1 }; ++ b->pins[21].gpio.pinmap = 21; ++ b->pins[21].uart.parent_id = 2; ++ b->pins[21].uart.mux_total = 0; ++ b->pins[21].pwm.parent_id = 0; ++ b->pins[21].pwm.pinmap = 3; ++ gpio_mux_groups[21] = MUX_UART2; ++ ++ strncpy(b->pins[2].name, "GPIO2", MRAA_PIN_NAME_SIZE); ++ b->pins[2].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[2].gpio.pinmap = 2; ++ gpio_mux_groups[2] = MUX_I2S; ++ ++ strncpy(b->pins[3].name, "GPIO3", MRAA_PIN_NAME_SIZE); ++ b->pins[3].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[3].gpio.pinmap = 3; ++ gpio_mux_groups[3] = MUX_I2S; ++ ++ strncpy(b->pins[0].name, "GPIO0", MRAA_PIN_NAME_SIZE); ++ b->pins[0].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[0].gpio.pinmap = 0; ++ gpio_mux_groups[0] = MUX_I2S; ++ ++ strncpy(b->pins[1].name, "GPIO1", MRAA_PIN_NAME_SIZE); ++ b->pins[1].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[1].gpio.pinmap = 1; ++ gpio_mux_groups[1] = MUX_I2S; ++ ++ strncpy(b->pins[37].name, "GPIO37", MRAA_PIN_NAME_SIZE); ++ b->pins[37].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[37].gpio.pinmap = 37; ++ gpio_mux_groups[37] = MUX_GPIO; ++ ++ strncpy(b->pins[44].name, "GPIO44", MRAA_PIN_NAME_SIZE); ++ b->pins[44].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[44].gpio.pinmap = 44; ++ gpio_mux_groups[44] = MUX_WLED; ++ ++ strncpy(b->pins[46].name, "GPIO46", MRAA_PIN_NAME_SIZE); ++ b->pins[46].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; ++ b->pins[46].gpio.pinmap = 46; ++ b->pins[46].uart.parent_id = 1; ++ b->pins[46].uart.mux_total = 0; ++ gpio_mux_groups[46] = MUX_UART1; ++ ++ strncpy(b->pins[45].name, "GPIO45", MRAA_PIN_NAME_SIZE); ++ b->pins[45].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; ++ b->pins[45].gpio.pinmap = 45; ++ b->pins[45].uart.parent_id = 1; ++ b->pins[45].uart.mux_total = 0; ++ gpio_mux_groups[45] = MUX_UART1; ++ ++ strncpy(b->pins[13].name, "GPIO13", MRAA_PIN_NAME_SIZE); ++ b->pins[13].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; ++ b->pins[13].gpio.pinmap = 13; ++ b->pins[13].uart.parent_id = 1; ++ b->pins[13].uart.mux_total = 0; ++ gpio_mux_groups[13] = MUX_UART0; ++ ++ strncpy(b->pins[12].name, "GPIO12", MRAA_PIN_NAME_SIZE); ++ b->pins[12].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; ++ b->pins[12].gpio.pinmap = 12; ++ b->pins[12].uart.parent_id = 0; ++ b->pins[12].uart.mux_total = 0; ++ gpio_mux_groups[12] = MUX_UART0; ++ ++ strncpy(b->pins[5].name, "GPIO5", MRAA_PIN_NAME_SIZE); ++ b->pins[5].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 1, 0, 0 }; ++ b->pins[5].gpio.pinmap = 5; ++ b->pins[5].i2c.pinmap = 0; ++ b->pins[5].i2c.mux_total = 0; ++ gpio_mux_groups[5] = MUX_I2C; ++ ++ strncpy(b->pins[4].name, "GPIO4", MRAA_PIN_NAME_SIZE); ++ b->pins[4].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 1, 0, 0 }; ++ b->pins[4].gpio.pinmap = 4; ++ b->pins[4].i2c.pinmap = 0; ++ b->pins[4].i2c.mux_total = 0; ++ gpio_mux_groups[4] = MUX_I2C; ++ ++ strncpy(b->pins[6].name, "GPIO6", MRAA_PIN_NAME_SIZE); ++ b->pins[6].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 }; ++ b->pins[6].gpio.pinmap = 6; ++ b->pins[6].spi.pinmap = 0; ++ b->pins[6].spi.mux_total = 0; ++ gpio_mux_groups[6] = MUX_SPI_CS1; ++ ++ strncpy(b->pins[7].name, "GPIO7", MRAA_PIN_NAME_SIZE); ++ b->pins[7].capabilites = (mraa_pincapabilities_t){ 1, 0, 0, 0, 1, 0, 0, 0 }; ++ b->pins[7].spi.pinmap = 0; ++ b->pins[7].spi.mux_total = 0; ++ ++ strncpy(b->pins[8].name, "GPIO8", MRAA_PIN_NAME_SIZE); ++ b->pins[8].capabilites = (mraa_pincapabilities_t){ 1, 0, 0, 0, 1, 0, 0, 0 }; ++ b->pins[8].spi.pinmap = 0; ++ b->pins[8].spi.mux_total = 0; ++ ++ strncpy(b->pins[9].name, "GPIO9", MRAA_PIN_NAME_SIZE); ++ b->pins[9].capabilites = (mraa_pincapabilities_t){ 1, 0, 0, 0, 1, 0, 0, 0 }; ++ b->pins[9].spi.pinmap = 0; ++ b->pins[9].spi.mux_total = 0; ++ ++ strncpy(b->pins[18].name, "GPIO18", MRAA_PIN_NAME_SIZE); ++ b->pins[18].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 0 }; ++ b->pins[18].gpio.pinmap = 18; ++ b->pins[18].pwm.parent_id = 0; ++ b->pins[18].pwm.pinmap = 0; ++ gpio_mux_groups[18] = MUX_PWM0; ++ ++ strncpy(b->pins[19].name, "GPIO19", MRAA_PIN_NAME_SIZE); ++ b->pins[19].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 0 }; ++ b->pins[19].gpio.pinmap = 19; ++ b->pins[19].pwm.parent_id = 0; ++ b->pins[19].pwm.pinmap = 1; ++ gpio_mux_groups[19] = MUX_PWM1; ++ ++ strncpy(b->pins[16].name, "GPIO16", MRAA_PIN_NAME_SIZE); ++ b->pins[16].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[16].gpio.pinmap = 16; ++ gpio_mux_groups[16] = MUX_SPI_S; ++ ++ strncpy(b->pins[17].name, "GPIO17", MRAA_PIN_NAME_SIZE); ++ b->pins[17].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[17].gpio.pinmap = 17; ++ gpio_mux_groups[17] = MUX_SPI_S; ++ ++ strncpy(b->pins[14].name, "GPIO14", MRAA_PIN_NAME_SIZE); ++ b->pins[14].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; ++ b->pins[14].gpio.pinmap = 14; ++ gpio_mux_groups[14] = MUX_SPI_S; + +- strncpy(b->pins[15].name, "P15", MRAA_PIN_NAME_SIZE); ++ strncpy(b->pins[15].name, "GPIO15", MRAA_PIN_NAME_SIZE); + b->pins[15].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; +- b->pins[15].gpio.pinmap = 44; +- +- strncpy(b->pins[16].name, "P16", MRAA_PIN_NAME_SIZE); +- b->pins[16].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; +- b->pins[16].gpio.pinmap = 46; +- b->pins[16].uart.parent_id = 1; +- b->pins[16].uart.mux_total = 0; +- +- strncpy(b->pins[17].name, "P17", MRAA_PIN_NAME_SIZE); +- b->pins[17].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; +- b->pins[17].gpio.pinmap = 45; +- b->pins[17].uart.parent_id = 1; +- b->pins[17].uart.mux_total = 0; +- +- strncpy(b->pins[18].name, "P18", MRAA_PIN_NAME_SIZE); +- b->pins[18].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; +- b->pins[18].gpio.pinmap = 13; +- b->pins[18].uart.parent_id = 1; +- b->pins[18].uart.mux_total = 0; +- +- strncpy(b->pins[19].name, "P19", MRAA_PIN_NAME_SIZE); +- b->pins[19].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 1 }; +- b->pins[19].gpio.pinmap = 12; +- b->pins[19].uart.parent_id = 0; +- b->pins[19].uart.mux_total = 0; +- +- strncpy(b->pins[20].name, "P20", MRAA_PIN_NAME_SIZE); +- b->pins[20].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 1, 0, 0 }; +- b->pins[20].gpio.pinmap = 5; +- b->pins[20].i2c.pinmap = 0; +- b->pins[20].i2c.mux_total = 0; +- +- strncpy(b->pins[21].name, "P21", MRAA_PIN_NAME_SIZE); +- b->pins[21].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 1, 0, 0 }; +- b->pins[21].gpio.pinmap = 4; +- b->pins[21].i2c.pinmap = 0; +- b->pins[21].i2c.mux_total = 0; +- +- strncpy(b->pins[22].name, "P22", MRAA_PIN_NAME_SIZE); +- b->pins[22].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 }; +- b->pins[22].gpio.pinmap = 8; +- b->pins[22].spi.pinmap = 0; +- b->pins[22].spi.mux_total = 0; +- +- strncpy(b->pins[23].name, "P23", MRAA_PIN_NAME_SIZE); +- b->pins[23].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 }; +- b->pins[23].gpio.pinmap = 9; +- b->pins[23].spi.pinmap = 0; +- b->pins[23].spi.mux_total = 0; +- +- strncpy(b->pins[24].name, "P24", MRAA_PIN_NAME_SIZE); +- b->pins[24].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 }; +- b->pins[24].gpio.pinmap = 7; +- b->pins[24].spi.pinmap = 0; +- b->pins[24].spi.mux_total = 0; +- +- strncpy(b->pins[25].name, "P25", MRAA_PIN_NAME_SIZE); +- b->pins[25].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 1, 0, 0, 0 }; +- b->pins[25].gpio.pinmap = 6; +- b->pins[25].spi.pinmap = 0; +- b->pins[25].spi.mux_total = 0; +- +- strncpy(b->pins[26].name, "P26", MRAA_PIN_NAME_SIZE); +- b->pins[26].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 0 }; +- b->pins[26].gpio.pinmap = 18; +- +- strncpy(b->pins[27].name, "P27", MRAA_PIN_NAME_SIZE); +- b->pins[27].capabilites = (mraa_pincapabilities_t){ 1, 1, 1, 0, 0, 0, 0, 0 }; +- b->pins[27].gpio.pinmap = 19; +- +- strncpy(b->pins[28].name, "P28", MRAA_PIN_NAME_SIZE); +- b->pins[28].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; +- b->pins[28].gpio.pinmap = 16; +- +- strncpy(b->pins[29].name, "P29", MRAA_PIN_NAME_SIZE); +- b->pins[29].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; +- b->pins[29].gpio.pinmap = 17; +- +- strncpy(b->pins[30].name, "P30", MRAA_PIN_NAME_SIZE); +- b->pins[30].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; +- b->pins[30].gpio.pinmap = 14; +- +- strncpy(b->pins[31].name, "P31", MRAA_PIN_NAME_SIZE); +- b->pins[31].capabilites = (mraa_pincapabilities_t){ 1, 1, 0, 0, 0, 0, 0, 0 }; +- b->pins[31].gpio.pinmap = 15; ++ b->pins[15].gpio.pinmap = 15; ++ gpio_mux_groups[15] = MUX_SPI_S; + + // BUS DEFINITIONS + b->i2c_bus_count = 1; + b->def_i2c_bus = 0; +- b->i2c_bus[0].bus_id = 0; +- b->i2c_bus[0].sda = 20; +- b->i2c_bus[0].scl = 21; ++ b->i2c_bus[0].bus_id = 0; ++ b->i2c_bus[0].sda = 5; ++ b->i2c_bus[0].scl = 4; + + b->spi_bus_count = 1; + b->def_spi_bus = 0; +- b->spi_bus[0].bus_id = 0; +- b->spi_bus[0].slave_s = 0; +- b->spi_bus[0].cs = 25; +- b->spi_bus[0].mosi = 22; +- b->spi_bus[0].miso = 23; +- b->spi_bus[0].sclk = 21; ++ b->spi_bus[0].bus_id = 32766; ++ b->spi_bus[0].slave_s = 1; ++ b->spi_bus[0].cs = 6; ++ b->spi_bus[0].mosi = 8; ++ b->spi_bus[0].miso = 9; ++ b->spi_bus[0].sclk = 7; + + b->uart_dev_count = 3; + b->def_uart_dev = 0; +- b->uart_dev[0].rx = 18; +- b->uart_dev[0].tx = 19; +- +- b->uart_dev[1].rx = 16; +- b->uart_dev[1].tx = 17; +- +- b->uart_dev[2].rx = 9; +- b->uart_dev[2].tx = 8; ++ b->uart_dev[0].rx = 13; ++ b->uart_dev[0].tx = 12; ++ b->uart_dev[0].device_path = "/dev/ttyS0"; ++ b->uart_dev[1].rx = 46; ++ b->uart_dev[1].tx = 45; ++ b->uart_dev[1].device_path = "/dev/ttyS1"; ++ b->uart_dev[2].rx = 21; ++ b->uart_dev[2].tx = 20; ++ b->uart_dev[2].device_path = "/dev/ttyS2"; + + b->gpio_count = 0; +- int i; + for (i = 0; i < b->phy_pin_count; i++) { + if (b->pins[i].capabilites.gpio) { + b->gpio_count++; +--- a/src/gpio/gpio.c ++++ b/src/gpio/gpio.c +@@ -113,6 +113,8 @@ + close(export); + } + ++ mraa_gpio_use_mmaped(dev, 1); ++ + init_internal_cleanup: + if (status != MRAA_SUCCESS) { + if (dev != NULL) diff --git a/libs/libradcli/Config.in b/libs/libradcli/Config.in deleted file mode 100644 index 35c3a22..0000000 --- a/libs/libradcli/Config.in +++ /dev/null @@ -1,10 +0,0 @@ -# radcli avanced configuration - -menu "Configuration" - depends on PACKAGE_libradcli - -config RADCLI_TLS - bool "enable TLS support" - default y - -endmenu diff --git a/libs/libradcli/Makefile b/libs/libradcli/Makefile deleted file mode 100644 index e420a8e..0000000 --- a/libs/libradcli/Makefile +++ /dev/null @@ -1,75 +0,0 @@ -# -# Copyright (C) 2015 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=libradcli -PKG_VERSION:=1.2.5 -PKG_RELEASE:=1 - -PKG_SOURCE:=radcli-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://github.com/radcli/radcli/releases/download/$(PKG_VERSION)/ -PKG_MD5SUM:=b94e46e37668cc562ea5420d095a836b -PKG_BUILD_DIR:=$(BUILD_DIR)/radcli-$(PKG_VERSION) - -PKG_INSTALL:=1 - -include $(INCLUDE_DIR)/package.mk - -define Package/libradcli - SECTION:=libs - CATEGORY:=Libraries - TITLE:=A library for radius clients - URL:=http://radcli.github.io/radcli/ - MAINTAINER:=Nikos Mavrogiannopoulos - DEPENDS:= +RADCLI_TLS:libgnutls +libnettle -endef - -define Package/libradcli/decription - The radcli library is a library for writing RADIUS Clients. The library's - approach is to allow writing RADIUS-aware application in less than 50 lines - of C code. It was based originally on freeradius-client and is source - compatible with it. -endef - -CONFIGURE_ARGS+= \ - --enable-legacy-compat - -ifneq ($(CONFIG_RADCLI_TLS),y) -CONFIGURE_ARGS += --without-tls -endif - -define Build/InstallDev - $(INSTALL_DIR) $(1)/usr/include/radcli - $(CP) \ - $(PKG_INSTALL_DIR)/usr/include/radcli/radcli.h \ - $(PKG_INSTALL_DIR)/usr/include/radcli/version.h \ - $(1)/usr/include/radcli - $(CP) \ - $(PKG_INSTALL_DIR)/usr/include/freeradius-client.h \ - $(1)/usr/include/ - $(INSTALL_DIR) $(1)/usr/lib - $(CP) \ - $(PKG_INSTALL_DIR)/usr/lib/libradcli.so* \ - $(PKG_INSTALL_DIR)/usr/lib/libfreeradius-client.so \ - $(1)/usr/lib/ -endef - -define Package/libradcli/conffiles -/etc/radcli/radiusclient.conf -endef - -define Package/libradcli/install - $(INSTALL_DIR) $(1)/etc/radcli - $(INSTALL_CONF) $(PKG_BUILD_DIR)/etc/radiusclient.conf $(1)/etc/radcli/ - $(INSTALL_DIR) $(1)/usr/lib - $(CP) \ - $(PKG_INSTALL_DIR)/usr/lib/libradcli.so.* \ - $(1)/usr/lib/ -endef - -$(eval $(call BuildPackage,libradcli)) diff --git a/libs/libssh2/Makefile b/libs/libssh2/Makefile index 911d34e..f591953 100644 --- a/libs/libssh2/Makefile +++ b/libs/libssh2/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2015-2016 OpenWrt.org +# Copyright (C) 2015-2018 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,10 +9,10 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libssh2 PKG_VERSION:=1.7.0 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=http://www.libssh2.org/download +PKG_SOURCE_URL:=https://www.libssh2.org/download PKG_MD5SUM:=b01662a210e94cccf2f76094db7dac5c PKG_INSTALL:=1 @@ -26,7 +26,7 @@ define Package/libssh2 SECTION:=libs CATEGORY:=Libraries TITLE:=SSH2 library - URL:=http://www.libssh2.org/ + URL:=https://www.libssh2.org/ DEPENDS:=+libopenssl +zlib MAINTAINER:=Jiri Slachta endef @@ -39,7 +39,8 @@ TARGET_CFLAGS += $(FPIC) CONFIGURE_ARGS += \ --disable-examples-build \ - --with-libssl-prefix=$(STAGING_DIR)/usr + --with-libssl-prefix=$(STAGING_DIR)/usr \ + --with-libz-prefix=$(STAGING_DIR)/usr define Build/InstallDev $(INSTALL_DIR) $(1)/usr/include diff --git a/libs/libtasn1/Makefile b/libs/libtasn1/Makefile index 466547d..b6cf945 100644 --- a/libs/libtasn1/Makefile +++ b/libs/libtasn1/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libtasn1 -PKG_VERSION:=4.9 +PKG_VERSION:=4.12 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=@GNU/$(PKG_NAME) -PKG_MD5SUM:=4f6f7a8fd691ac2b8307c8ca365bad711db607d4ad5966f6938a9d2ecd65c920 +PKG_HASH:=6753da2e621257f33f5b051cc114d417e5206a0818fe0b1ecfd6153f70934753 PKG_LICENSE:=LGPLv2.1+ PKG_LICENSE_FILES:=COPYING.LIB diff --git a/libs/libtins/Makefile b/libs/libtins/Makefile new file mode 100644 index 0000000..05d0aac --- /dev/null +++ b/libs/libtins/Makefile @@ -0,0 +1,53 @@ +# +# Copyright (C) 2017 Steven Hessing +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libtins +PKG_RELEASE:=1 + +PKG_MAINTAINER:= Steven Hessing + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/mfontanini/libtins.git +PKG_SOURCE_VERSION:=v3.5 +PKG_SOURCE_SUBDIR:=$(PKG_NAME) +PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.xz +PKG_HASH:=47cd7d659ffa75dcfc2172ef54151fd36dc87de9e0f04bb066f6b076a7df7b57 +PKG_MIRROR_HASH:=47cd7d659ffa75dcfc2172ef54151fd36dc87de9e0f04bb066f6b076a7df7b57 + +PKG_LICENSE:=BSD-2-Clause +PKG_LICENSE_FILES:=LICENSE + +PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) +PKG_BUILD_PARALLEL:=1 + +CMAKE_INSTALL:=1 +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/cmake.mk +CMAKE_OPTIONS += -D_RUN_RESULT_VAR=FORCE +CMAKE_OPTIONS += -DLIBTINS_ENABLE_WPA2=0 +CMAKE_OPTIONS += -DLIBTINS_ENABLE_CXX11=1 + +define Package/libtins + SECTION:=net + CATEGORY:=Libraries + TITLE:=libtins + URL:=http://libtins.github.io/ + DEPENDS:=+libstdcpp +libpcap +endef + +define Package/libtins/description +libtins is a high-level, multiplatform C++ network packet sniffing and crafting library. +endef + +define Package/libtins/install + $(INSTALL_DIR) $(1)/usr/lib + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libtins.so.3.5 $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,libtins)) diff --git a/libs/libwebsockets/Makefile b/libs/libwebsockets/Makefile new file mode 100644 index 0000000..df36301 --- /dev/null +++ b/libs/libwebsockets/Makefile @@ -0,0 +1,112 @@ +# +# Copyright (C) 2014-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libwebsockets +PKG_VERSION:=2.0.3 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_SOURCE_URL:=https://codeload.github.com/warmcat/libwebsockets/tar.gz/v$(PKG_VERSION)? +PKG_MD5SUM:=a025156d606d90579e65d53ccd062a94 + + +PKG_SOURCE_VERSION:=v$(PKG_VERSION) + +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_SOURCE_SUBDIR) + +PKG_LICENSE:=LGPL-2.1+exception +PKG_LICENSE_FILES:=LICENSE + +CMAKE_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/cmake.mk + +CMAKE_OPTIONS += -DLWS_IPV6=$(if $(CONFIG_IPV6),ON,OFF) +CMAKE_OPTIONS += -DLWS_WITHOUT_TESTAPPS=ON + +# other options worth noting +# CMAKE_OPTIONS += -DLWS_WITHOUT_EXTENSIONS=ON +# CMAKE_OPTIONS += -DLWS_WITHOUT_DAEMONIZE=ON +# CMAKE_OPTIONS += -DLWS_WITHOUT_SERVER=ON +# CMAKE_OPTIONS += -DLWS_WITHOUT_DEBUG=ON + + +define Package/$(PKG_NAME)/Default + SECTION:=libs + CATEGORY:=Libraries + TITLE:=libwebsockets + PROVIDES:=libwebsockets + DEPENDS:=+zlib + URL:=https://libwebsockets.org + MAINTAINER:=Karl Palsson +endef + +define Package/libwebsockets-openssl + $(call Package/$(PKG_NAME)/Default) + TITLE += (OpenSSL) + DEPENDS += +libopenssl + VARIANT:=openssl +endef + +define Package/libwebsockets-cyassl + $(call Package/$(PKG_NAME)/Default) + TITLE += (CyaSSL) + DEPENDS += +libcyassl + VARIANT:=cyassl +endef + +define Package/libwebsockets-full + $(call Package/$(PKG_NAME)/Default) + TITLE += (Full - OpenSSL, libuv, plugins, CGI) + DEPENDS += +libopenssl +libuv + VARIANT:=full +endef + +ifeq ($(BUILD_VARIANT),openssl) + CMAKE_OPTIONS += -DLWS_OPENSSL_CLIENT_CERTS=/etc/ssl/certs + CMAKE_OPTIONS += -DLWS_OPENSSL_SUPPORT=ON + CMAKE_OPTIONS += -DLWS_WITH_SSL=ON +endif + +ifeq ($(BUILD_VARIANT),cyassl) + CMAKE_OPTIONS += -DLWS_OPENSSL_CLIENT_CERTS=/etc/ssl/certs + CMAKE_OPTIONS += -DLWS_OPENSSL_SUPPORT=ON + CMAKE_OPTIONS += -DLWS_WITH_SSL=ON +# for cyassl, edit package/libs/cyassl/Makefile to include --enable-opensslextra +# NOTE: it will compile without it, untested whether it it's needed?! + CMAKE_OPTIONS += -DLWS_USE_CYASSL=ON + CMAKE_OPTIONS += -DLWS_CYASSL_LIBRARIES=$(STAGING_DIR)/usr/lib/libcyassl.so + CMAKE_OPTIONS += -DLWS_CYASSL_INCLUDE_DIRS=$(STAGING_DIR)/usr/include +endif + +ifeq ($(BUILD_VARIANT),full) + CMAKE_OPTIONS += -DLWS_OPENSSL_CLIENT_CERTS=/etc/ssl/certs + CMAKE_OPTIONS += -DLWS_OPENSSL_SUPPORT=ON + CMAKE_OPTIONS += -DLWS_WITH_SSL=ON + CMAKE_OPTIONS += -DLWS_WITH_LIBUV=ON + CMAKE_OPTIONS += -DLWS_WITH_PLUGINS=ON + CMAKE_OPTIONS += -DLWS_WITH_SERVER_STATUS=ON + CMAKE_OPTIONS += -DLWS_WITH_ACCESS_LOG=ON + CMAKE_OPTIONS += -DLWS_WITH_CGI=ON +endif + +define Package/libwebsockets/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libwebsockets.so* $(1)/usr/lib/ +endef + +Package/$(PKG_NAME)-cyassl/install = $(Package/$(PKG_NAME)/install) +Package/$(PKG_NAME)-openssl/install = $(Package/$(PKG_NAME)/install) +Package/$(PKG_NAME)-full/install = $(Package/$(PKG_NAME)/install) + +$(eval $(call BuildPackage,libwebsockets-openssl)) +$(eval $(call BuildPackage,libwebsockets-cyassl)) +$(eval $(call BuildPackage,libwebsockets-full)) diff --git a/libs/libxslt/Makefile b/libs/libxslt/Makefile index 955073a..2d867c1 100644 --- a/libs/libxslt/Makefile +++ b/libs/libxslt/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2014 OpenWrt.org +# Copyright (C) 2014 - 2018 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libxslt PKG_VERSION:=1.1.28 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:= \ @@ -64,6 +64,7 @@ define Package/xsltproc/description endef CONFIGURE_ARGS+= \ + --disable-silent-rules \ --enable-shared \ --enable-static \ --without-python \ diff --git a/libs/libxslt/patches/0005-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch b/libs/libxslt/patches/0005-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch new file mode 100644 index 0000000..2313388 --- /dev/null +++ b/libs/libxslt/patches/0005-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch @@ -0,0 +1,48 @@ +From: Daniel Veillard +Date: Wed, 30 Jan 2013 16:31:37 +0000 +Subject: Fix a couple of places where (f)printf parameters were broken + +As reported by Thomas Jarosch +--- + python/libxslt.c | 10 +++++----- + xsltproc/xsltproc.c | 2 +- + 2 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/python/libxslt.c b/python/libxslt.c +index 6a4f1c3..8dd6c78 100644 +--- a/python/libxslt.c ++++ b/python/libxslt.c +@@ -356,15 +356,15 @@ libxslt_xsltRegisterExtModuleElement(PyObject *self ATTRIBUTE_UNUSED, + PyObject *pyobj_element_f; + PyObject *pyobj_precomp_f; + +-#ifdef DEBUG_EXTENSIONS +- printf("libxslt_xsltRegisterExtModuleElement called\n", +- name, ns_uri); +-#endif +- + if (!PyArg_ParseTuple(args, (char *)"szOO:registerExtModuleElement", + &name, &ns_uri, &pyobj_precomp_f, &pyobj_element_f)) + return(NULL); + ++#ifdef DEBUG_EXTENSIONS ++ printf("libxslt_xsltRegisterExtModuleElement called: %s %s\n", ++ name, ns_uri); ++#endif ++ + if ((name == NULL) || (pyobj_element_f == NULL) || (pyobj_precomp_f == NULL)) { + py_retval = libxml_intWrap(-1); + return(py_retval); +diff --git a/xsltproc/xsltproc.c b/xsltproc/xsltproc.c +index 9ec4b76..33beddf 100644 +--- a/xsltproc/xsltproc.c ++++ b/xsltproc/xsltproc.c +@@ -319,7 +319,7 @@ static void endTimer(char *format, ...) + va_start(ap, format); + vfprintf(stderr,format,ap); + va_end(ap); +- fprintf(stderr, " was not timed\n", msec); ++ fprintf(stderr, " was not timed\n"); + #else + /* We don't have gettimeofday, time or stdarg.h, what crazy world is + * this ?! diff --git a/libs/libxslt/patches/0006-Initialize-pseudo-random-number-generator-with-curre.patch b/libs/libxslt/patches/0006-Initialize-pseudo-random-number-generator-with-curre.patch new file mode 100644 index 0000000..2d38ba2 --- /dev/null +++ b/libs/libxslt/patches/0006-Initialize-pseudo-random-number-generator-with-curre.patch @@ -0,0 +1,56 @@ +From: Nils Werner +Date: Thu, 24 Jan 2013 18:44:03 +0000 +Subject: Initialize pseudo random number generator with current time or + optional command line parameter + +--- + xsltproc/xsltproc.c | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/xsltproc/xsltproc.c b/xsltproc/xsltproc.c +index 33beddf..7d1fe61 100644 +--- a/xsltproc/xsltproc.c ++++ b/xsltproc/xsltproc.c +@@ -514,6 +514,7 @@ static void usage(const char *name) { + printf("\t--maxdepth val : increase the maximum depth (default %d)\n", xsltMaxDepth); + printf("\t--maxvars val : increase the maximum variables (default %d)\n", xsltMaxVars); + printf("\t--maxparserdepth val : increase the maximum parser depth\n"); ++ printf("\t--seed-rand val : initialize pseudo random number generator with specific seed\n"); + #ifdef LIBXML_HTML_ENABLED + printf("\t--html: the input document is(are) an HTML file(s)\n"); + #endif +@@ -556,6 +557,7 @@ main(int argc, char **argv) + return (1); + } + ++ srand(time(NULL)); + xmlInitMemory(); + + LIBXML_TEST_VERSION +@@ -750,6 +752,15 @@ main(int argc, char **argv) + if (value > 0) + xmlParserMaxDepth = value; + } ++ } else if ((!strcmp(argv[i], "-seed-rand")) || ++ (!strcmp(argv[i], "--seed-rand"))) { ++ int value; ++ ++ i++; ++ if (sscanf(argv[i], "%d", &value) == 1) { ++ if (value > 0) ++ srand(value); ++ } + } else if ((!strcmp(argv[i],"-dumpextensions"))|| + (!strcmp(argv[i],"--dumpextensions"))) { + dumpextensions++; +@@ -786,6 +797,10 @@ main(int argc, char **argv) + (!strcmp(argv[i], "--maxparserdepth"))) { + i++; + continue; ++ } else if ((!strcmp(argv[i], "-seed-rand")) || ++ (!strcmp(argv[i], "--seed-rand"))) { ++ i++; ++ continue; + } else if ((!strcmp(argv[i], "-o")) || + (!strcmp(argv[i], "-output")) || + (!strcmp(argv[i], "--output"))) { diff --git a/libs/libxslt/patches/0007-EXSLT-function-str-replace-is-broken-as-is.patch b/libs/libxslt/patches/0007-EXSLT-function-str-replace-is-broken-as-is.patch new file mode 100644 index 0000000..6bb238d --- /dev/null +++ b/libs/libxslt/patches/0007-EXSLT-function-str-replace-is-broken-as-is.patch @@ -0,0 +1,38 @@ +From: Nick Wellnhofer +Date: Mon, 1 Jul 2013 13:10:10 +0000 +Subject: EXSLT function str:replace() is broken as-is + +the str:replace() function is no longer usable without a transform +context. I take it from the bug report that it is not supposed to be used +from plain XPath but only from XSLT according to the EXSLT specification. + +However, the previous implementation used to work in XPath and is still +registered on an xmlXPathContext by the exsltStrXpathCtxtRegister() +function. When called from plain XPath, it results in a memory error in +line 526 (exsltStrReturnString()) of strings.c because xsltCreateRVT() +returns NULL as an error indicator due to a NULL transform context being +passed in, which was the return value from xsltXPathGetTransformContext() a +bit further up (and the code doesn't validate that). + +Since fixing the function looks impossible, best is to remove it. +--- + libexslt/strings.c | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/libexslt/strings.c b/libexslt/strings.c +index 045cc14..c0c7a18 100644 +--- a/libexslt/strings.c ++++ b/libexslt/strings.c +@@ -838,11 +838,7 @@ exsltStrXpathCtxtRegister (xmlXPathContextPtr ctxt, const xmlChar *prefix) + && !xmlXPathRegisterFuncNS(ctxt, + (const xmlChar *) "concat", + (const xmlChar *) EXSLT_STRINGS_NAMESPACE, +- exsltStrConcatFunction) +- && !xmlXPathRegisterFuncNS(ctxt, +- (const xmlChar *) "replace", +- (const xmlChar *) EXSLT_STRINGS_NAMESPACE, +- exsltStrReplaceFunction)) { ++ exsltStrConcatFunction)) { + return 0; + } + return -1; diff --git a/libs/libxslt/patches/0008-Fix-quoting-of-xlocale-test-program-in-configure.in.patch b/libs/libxslt/patches/0008-Fix-quoting-of-xlocale-test-program-in-configure.in.patch new file mode 100644 index 0000000..f6ba74c --- /dev/null +++ b/libs/libxslt/patches/0008-Fix-quoting-of-xlocale-test-program-in-configure.in.patch @@ -0,0 +1,43 @@ +From: Nick Wellnhofer +Date: Tue, 30 Jul 2013 11:57:28 +0000 +Subject: Fix quoting of xlocale test program in configure.in + +Double square brackets aren't needed anymore, probably due to the +changes in commit a2cd8a03. +--- + configure.in | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +diff --git a/configure.in b/configure.in +index 767e980..ac004fe 100644 +--- a/configure.in ++++ b/configure.in +@@ -196,21 +196,21 @@ typedef locale_t xsltLocale; + #endif + ]],[[ + xsltLocale locale; +- const char *src[[2]] = { "\xc3\x84rger", "Zeppelin" }; +- char *dst[[2]]; ++ const char *src[2] = { "\xc3\x84rger", "Zeppelin" }; ++ char *dst[2]; + size_t len, r; + int i; + + locale = newlocale(LC_COLLATE_MASK, "en_US.utf8", NULL); + if (locale == NULL) exit(1); + for (i=0; i<2; ++i) { +- len = strxfrm_l(NULL, src[[i]], 0, locale) + 1; +- dst[[i]] = malloc(len); +- if(dst[[i]] == NULL) exit(1); +- r = strxfrm_l(dst[[i]], src[[i]], len, locale); ++ len = strxfrm_l(NULL, src[i], 0, locale) + 1; ++ dst[i] = malloc(len); ++ if(dst[i] == NULL) exit(1); ++ r = strxfrm_l(dst[i], src[i], len, locale); + if(r >= len) exit(1); + } +- if (strcmp(dst[[0]], dst[[1]]) >= 0) exit(1); ++ if (strcmp(dst[0], dst[1]) >= 0) exit(1); + + exit(0); + return(0); diff --git a/libs/libxslt/patches/0009-Fix-for-type-confusion-in-preprocessing-attributes.patch b/libs/libxslt/patches/0009-Fix-for-type-confusion-in-preprocessing-attributes.patch new file mode 100644 index 0000000..9f2d7ac --- /dev/null +++ b/libs/libxslt/patches/0009-Fix-for-type-confusion-in-preprocessing-attributes.patch @@ -0,0 +1,29 @@ +From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001 +From: Daniel Veillard +Date: Thu, 29 Oct 2015 19:33:23 +0800 +Subject: [PATCH] Fix for type confusion in preprocessing attributes + +CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10 +We need to check that the parent node is an element before dereferencing +its namespace +--- + libxslt/preproc.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/libxslt/preproc.c b/libxslt/preproc.c +index 0eb80a0..7f69325 100644 +--- a/libxslt/preproc.c ++++ b/libxslt/preproc.c +@@ -2249,7 +2249,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr inst) { + } else if (IS_XSLT_NAME(inst, "attribute")) { + xmlNodePtr parent = inst->parent; + +- if ((parent == NULL) || (parent->ns == NULL) || ++ if ((parent == NULL) || ++ (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) || + ((parent->ns != inst->ns) && + (!xmlStrEqual(parent->ns->href, inst->ns->href))) || + (!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) { +-- +2.8.1 + diff --git a/libs/libxslt/patches/0010-Always-initialize-EXSLT-month-and-day-to-1.patch b/libs/libxslt/patches/0010-Always-initialize-EXSLT-month-and-day-to-1.patch new file mode 100644 index 0000000..183cabb --- /dev/null +++ b/libs/libxslt/patches/0010-Always-initialize-EXSLT-month-and-day-to-1.patch @@ -0,0 +1,62 @@ +From 3309feb654036280d2355f8025150a69bfded6e2 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Sun, 3 Jan 2016 16:45:24 +0100 +Subject: [PATCH] Always initialize EXSLT month and day to 1 + +Fixes bug #757970 +https://bugzilla.gnome.org/show_bug.cgi?id=757970 +--- + libexslt/date.c | 17 +++++++---------- + 1 file changed, 7 insertions(+), 10 deletions(-) + +diff --git a/libexslt/date.c b/libexslt/date.c +index 9ca993c..272c61b 100644 +--- a/libexslt/date.c ++++ b/libexslt/date.c +@@ -667,6 +667,11 @@ exsltDateCreateDate (exsltDateType type) + } + memset (ret, 0, sizeof(exsltDateVal)); + ++ if (type != XS_DURATION) { ++ ret->value.date.mon = 1; ++ ret->value.date.day = 1; ++ } ++ + if (type != EXSLT_UNKNOWN) + ret->type = type; + +@@ -1395,10 +1400,10 @@ _exsltDateTruncateDate (exsltDateValPtr dt, exsltDateType type) + } + + if ((type & XS_GDAY) != XS_GDAY) +- dt->value.date.day = 0; ++ dt->value.date.day = 1; + + if ((type & XS_GMONTH) != XS_GMONTH) +- dt->value.date.mon = 0; ++ dt->value.date.mon = 1; + + if ((type & XS_GYEAR) != XS_GYEAR) + dt->value.date.year = 0; +@@ -1473,18 +1478,10 @@ _exsltDateAdd (exsltDateValPtr dt, exsltDateValPtr dur) + d = &(dt->value.date); + u = &(dur->value.dur); + +- /* normalization */ +- if (d->mon == 0) +- d->mon = 1; +- + /* normalize for time zone offset */ + u->sec -= (d->tzo * 60); /* changed from + to - (bug 153000) */ + d->tzo = 0; + +- /* normalization */ +- if (d->day == 0) +- d->day = 1; +- + /* month */ + carry = d->mon + u->mon; + r->mon = (unsigned int)MODULO_RANGE(carry, 1, 13); +-- +2.8.1 + diff --git a/libs/libxslt/patches/0011-Fix-use-after-free-in-xsltDocumentFunctionLoadDocume.patch b/libs/libxslt/patches/0011-Fix-use-after-free-in-xsltDocumentFunctionLoadDocume.patch new file mode 100644 index 0000000..aec622f --- /dev/null +++ b/libs/libxslt/patches/0011-Fix-use-after-free-in-xsltDocumentFunctionLoadDocume.patch @@ -0,0 +1,105 @@ +From fc1ff481fd01e9a65a921c542fed68d8c965e8a3 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Thu, 25 Feb 2016 17:16:06 +0100 +Subject: [PATCH] Fix use-after-free in xsltDocumentFunctionLoadDocument + +Also fixes a memory leak in an unlikely error case. + +Fixes bug #758291 +https://bugzilla.gnome.org/show_bug.cgi?id=758291 +--- + libxslt/functions.c | 3 ++- + tests/docs/bug-185-data.xml | 5 +++++ + tests/docs/bug-185.xml | 2 ++ + tests/general/bug-185.err | 3 +++ + tests/general/bug-185.out | 0 + tests/general/bug-185.xsl | 14 ++++++++++++++ + 6 files changed, 26 insertions(+), 1 deletion(-) + create mode 100644 tests/docs/bug-185-data.xml + create mode 100644 tests/docs/bug-185.xml + create mode 100644 tests/general/bug-185.err + create mode 100644 tests/general/bug-185.out + create mode 100644 tests/general/bug-185.xsl + +diff --git a/libxslt/functions.c b/libxslt/functions.c +index 549649c..a5e7021 100644 +--- a/libxslt/functions.c ++++ b/libxslt/functions.c +@@ -180,7 +180,6 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI) + resObj = xmlXPtrEval(fragment, xptrctxt); + xmlXPathFreeContext(xptrctxt); + #endif +- xmlFree(fragment); + + if (resObj == NULL) + goto out_fragment; +@@ -204,6 +203,7 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI) + } + + valuePush(ctxt, resObj); ++ xmlFree(fragment); + return; + + out_object: +@@ -211,6 +211,7 @@ out_object: + + out_fragment: + valuePush(ctxt, xmlXPathNewNodeSet(NULL)); ++ xmlFree(fragment); + } + + /** +diff --git a/tests/docs/bug-185-data.xml b/tests/docs/bug-185-data.xml +new file mode 100644 +index 0000000..166ef17 +--- /dev/null ++++ b/tests/docs/bug-185-data.xml +@@ -0,0 +1,5 @@ ++ ] > ++ ++ ++ ++ +diff --git a/tests/docs/bug-185.xml b/tests/docs/bug-185.xml +new file mode 100644 +index 0000000..72bfdc4 +--- /dev/null ++++ b/tests/docs/bug-185.xml +@@ -0,0 +1,2 @@ ++ ++bug-185-data.xml#xpointer(id('X')/range-to(id('Y'))) +diff --git a/tests/general/bug-185.err b/tests/general/bug-185.err +new file mode 100644 +index 0000000..d7bbe92 +--- /dev/null ++++ b/tests/general/bug-185.err +@@ -0,0 +1,3 @@ ++runtime error: file ./bug-185.xsl line 7 element copy-of ++document() : XPointer does not select a node set: #xpointer(id('X')/range-to(id('Y'))) ++no result for ./../docs/bug-185.xml +diff --git a/tests/general/bug-185.out b/tests/general/bug-185.out +new file mode 100644 +index 0000000..e69de29 +diff --git a/tests/general/bug-185.xsl b/tests/general/bug-185.xsl +new file mode 100644 +index 0000000..1c5c7d1 +--- /dev/null ++++ b/tests/general/bug-185.xsl +@@ -0,0 +1,14 @@ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ +-- +2.8.1 + diff --git a/libs/libxslt/patches/0012-Fix-xsltNumberFormatGetMultipleLevel.patch b/libs/libxslt/patches/0012-Fix-xsltNumberFormatGetMultipleLevel.patch new file mode 100644 index 0000000..871fcfb --- /dev/null +++ b/libs/libxslt/patches/0012-Fix-xsltNumberFormatGetMultipleLevel.patch @@ -0,0 +1,171 @@ +From d182d8f6ba3071503d96ce17395c9d55871f0242 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Tue, 22 Mar 2016 18:20:01 +0100 +Subject: [PATCH] Fix xsltNumberFormatGetMultipleLevel + +Namespace nodes are actually an xmlNs, not an xmlNode. They must be +special-cased in xsltNumberFormatGetMultipleLevel to avoid an +out-of-bounds heap access. + +Move the test whether a node matches the "count" pattern to a separate +function to make the code more readable. As a side effect, we also +compare expanded names when walking up the ancestor axis, fixing an +insignificant bug. +--- + libxslt/numbers.c | 82 +++++++++++++++++++++++++++-------------------- + tests/docs/bug-186.xml | 4 +++ + tests/general/bug-186.out | 5 +++ + tests/general/bug-186.xsl | 7 ++++ + 4 files changed, 63 insertions(+), 35 deletions(-) + create mode 100644 tests/docs/bug-186.xml + create mode 100644 tests/general/bug-186.out + create mode 100644 tests/general/bug-186.xsl + +diff --git a/libxslt/numbers.c b/libxslt/numbers.c +index e3209e0..184ee6f 100644 +--- a/libxslt/numbers.c ++++ b/libxslt/numbers.c +@@ -532,6 +532,43 @@ xsltNumberFormatInsertNumbers(xsltNumberDataPtr data, + } + + static int ++xsltTestCompMatchCount(xsltTransformContextPtr context, ++ xmlNodePtr node, ++ xsltCompMatchPtr countPat, ++ xmlNodePtr cur) ++{ ++ if (countPat != NULL) { ++ return xsltTestCompMatchList(context, node, countPat); ++ } ++ else { ++ /* ++ * 7.7 Numbering ++ * ++ * If count attribute is not specified, then it defaults to the ++ * pattern that matches any node with the same node type as the ++ * current node and, if the current node has an expanded-name, with ++ * the same expanded-name as the current node. ++ */ ++ if (node->type != cur->type) ++ return 0; ++ if (node->type == XML_NAMESPACE_DECL) ++ /* ++ * Namespace nodes have no preceding siblings and no parents ++ * that are namespace nodes. This means that node == cur. ++ */ ++ return 1; ++ /* TODO: Skip node types without expanded names like text nodes. */ ++ if (!xmlStrEqual(node->name, cur->name)) ++ return 0; ++ if (node->ns == cur->ns) ++ return 1; ++ if ((node->ns == NULL) || (cur->ns == NULL)) ++ return 0; ++ return (xmlStrEqual(node->ns->href, cur->ns->href)); ++ } ++} ++ ++static int + xsltNumberFormatGetAnyLevel(xsltTransformContextPtr context, + xmlNodePtr node, + xsltCompMatchPtr countPat, +@@ -562,21 +599,8 @@ xsltNumberFormatGetAnyLevel(xsltTransformContextPtr context, + + while (cur != NULL) { + /* process current node */ +- if (countPat == NULL) { +- if ((node->type == cur->type) && +- /* FIXME: must use expanded-name instead of local name */ +- xmlStrEqual(node->name, cur->name)) { +- if ((node->ns == cur->ns) || +- ((node->ns != NULL) && +- (cur->ns != NULL) && +- (xmlStrEqual(node->ns->href, +- cur->ns->href) ))) +- cnt++; +- } +- } else { +- if (xsltTestCompMatchList(context, cur, countPat)) +- cnt++; +- } ++ if (xsltTestCompMatchCount(context, cur, countPat, node)) ++ cnt++; + if ((fromPat != NULL) && + xsltTestCompMatchList(context, cur, fromPat)) { + break; /* while */ +@@ -633,30 +657,18 @@ xsltNumberFormatGetMultipleLevel(xsltTransformContextPtr context, + xsltTestCompMatchList(context, ancestor, fromPat)) + break; /* for */ + +- if ((countPat == NULL && node->type == ancestor->type && +- xmlStrEqual(node->name, ancestor->name)) || +- xsltTestCompMatchList(context, ancestor, countPat)) { ++ if (xsltTestCompMatchCount(context, ancestor, countPat, node)) { + /* count(preceding-sibling::*) */ +- cnt = 0; +- for (preceding = ancestor; ++ cnt = 1; ++ for (preceding = ++ xmlXPathNextPrecedingSibling(parser, ancestor); + preceding != NULL; + preceding = + xmlXPathNextPrecedingSibling(parser, preceding)) { +- if (countPat == NULL) { +- if ((preceding->type == ancestor->type) && +- xmlStrEqual(preceding->name, ancestor->name)){ +- if ((preceding->ns == ancestor->ns) || +- ((preceding->ns != NULL) && +- (ancestor->ns != NULL) && +- (xmlStrEqual(preceding->ns->href, +- ancestor->ns->href) ))) +- cnt++; +- } +- } else { +- if (xsltTestCompMatchList(context, preceding, +- countPat)) +- cnt++; +- } ++ ++ if (xsltTestCompMatchCount(context, preceding, countPat, ++ node)) ++ cnt++; + } + array[amount++] = (double)cnt; + if (amount >= max) +diff --git a/tests/docs/bug-186.xml b/tests/docs/bug-186.xml +new file mode 100644 +index 0000000..424db6b +--- /dev/null ++++ b/tests/docs/bug-186.xml +@@ -0,0 +1,4 @@ ++ ++ ++ ++ +diff --git a/tests/general/bug-186.out b/tests/general/bug-186.out +new file mode 100644 +index 0000000..01a59f8 +--- /dev/null ++++ b/tests/general/bug-186.out +@@ -0,0 +1,5 @@ ++ ++ ++1111 ++1111 ++ +diff --git a/tests/general/bug-186.xsl b/tests/general/bug-186.xsl +new file mode 100644 +index 0000000..9c491dd +--- /dev/null ++++ b/tests/general/bug-186.xsl +@@ -0,0 +1,7 @@ ++ ++ ++ ++ ++ ++ ++ +-- +2.8.1 + diff --git a/libs/libxslt/patches/0013-Round-xsl-number-values-to-nearest-integer.patch b/libs/libxslt/patches/0013-Round-xsl-number-values-to-nearest-integer.patch new file mode 100644 index 0000000..bed1b04 --- /dev/null +++ b/libs/libxslt/patches/0013-Round-xsl-number-values-to-nearest-integer.patch @@ -0,0 +1,26 @@ +From 345e0bfb1c1131155a32dfbdfc8f78d1c602dc40 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Sun, 10 Apr 2016 12:50:02 +0200 +Subject: [PATCH] Round xsl:number values to nearest integer + +This matches XSLT 2.0 behavior. +--- + libxslt/numbers.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libxslt/numbers.c b/libxslt/numbers.c +index 184ee6f..eb087bc 100644 +--- a/libxslt/numbers.c ++++ b/libxslt/numbers.c +@@ -440,6 +440,8 @@ xsltNumberFormatInsertNumbers(xsltNumberDataPtr data, + for (i = 0; i < numbers_max; i++) { + /* Insert number */ + number = numbers[(numbers_max - 1) - i]; ++ /* Round to nearest like XSLT 2.0 */ ++ number = floor(number + 0.5); + if (i < tokens->nTokens) { + /* + * The "n"th format token will be used to format the "n"th +-- +2.8.1 + diff --git a/libs/libxslt/patches/0014-Handle-negative-xsl-number-values.patch b/libs/libxslt/patches/0014-Handle-negative-xsl-number-values.patch new file mode 100644 index 0000000..d5b54f4 --- /dev/null +++ b/libs/libxslt/patches/0014-Handle-negative-xsl-number-values.patch @@ -0,0 +1,51 @@ +From 69ec3da1b653024aca6515ddd4adc91919dd188e Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Sun, 10 Apr 2016 12:51:57 +0200 +Subject: [PATCH] Handle negative xsl:number values + +According to XSLT 2.0, negative values are a non-recoverable dynamic error. +Print an error message and treat negative values as zero. + +Fixes an OOB array access in xsltNumberFormatAlpha. +--- + libxslt/numbers.c | 17 ++++++++++++++++- + 1 file changed, 16 insertions(+), 1 deletion(-) + +diff --git a/libxslt/numbers.c b/libxslt/numbers.c +index eb087bc..a3cabcf 100644 +--- a/libxslt/numbers.c ++++ b/libxslt/numbers.c +@@ -246,7 +246,7 @@ xsltNumberFormatAlpha(xmlBufferPtr buffer, + number--; + *(--pointer) = alpha_list[((int)fmod(number, alpha_size))]; + number /= alpha_size; +- if (fabs(number) < 1.0) ++ if (number < 1.0) + break; /* for */ + } + xmlBufferCCat(buffer, pointer); +@@ -442,6 +442,21 @@ xsltNumberFormatInsertNumbers(xsltNumberDataPtr data, + number = numbers[(numbers_max - 1) - i]; + /* Round to nearest like XSLT 2.0 */ + number = floor(number + 0.5); ++ /* ++ * XSLT 1.0 isn't clear on how to handle negative numbers, but XSLT ++ * 2.0 says: ++ * ++ * It is a non-recoverable dynamic error if any undiscarded item ++ * in the atomized sequence supplied as the value of the value ++ * attribute of xsl:number cannot be converted to an integer, or ++ * if the resulting integer is less than 0 (zero). ++ */ ++ if (number < 0.0) { ++ xsltTransformError(NULL, NULL, NULL, ++ "xsl-number : negative value\n"); ++ /* Recover by treating negative values as zero. */ ++ number = 0.0; ++ } + if (i < tokens->nTokens) { + /* + * The "n"th format token will be used to format the "n"th +-- +2.8.1 + diff --git a/libs/libxslt/patches/0015-Lower-bound-for-format-token-a.patch b/libs/libxslt/patches/0015-Lower-bound-for-format-token-a.patch new file mode 100644 index 0000000..e5149a9 --- /dev/null +++ b/libs/libxslt/patches/0015-Lower-bound-for-format-token-a.patch @@ -0,0 +1,75 @@ +From 405034286fbdd6166229335b7203a41bf53b40fc Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Sun, 10 Apr 2016 13:11:31 +0200 +Subject: [PATCH] Lower bound for format token "a" + +Handle xsl:number with format "a" and value 0 according to XSLT 2.0. + +Fixes an OOB array access in xsltNumberFormatAlpha. +--- + libxslt/numbers.c | 33 ++++++++++++++++++++++++--------- + 1 file changed, 24 insertions(+), 9 deletions(-) + +diff --git a/libxslt/numbers.c b/libxslt/numbers.c +index a3cabcf..af52883 100644 +--- a/libxslt/numbers.c ++++ b/libxslt/numbers.c +@@ -227,7 +227,8 @@ xsltNumberFormatDecimal(xmlBufferPtr buffer, + } + + static void +-xsltNumberFormatAlpha(xmlBufferPtr buffer, ++xsltNumberFormatAlpha(xsltNumberDataPtr data, ++ xmlBufferPtr buffer, + double number, + int is_upper) + { +@@ -237,6 +238,26 @@ xsltNumberFormatAlpha(xmlBufferPtr buffer, + char *alpha_list; + double alpha_size = (double)(sizeof(alpha_upper_list) - 1); + ++ /* ++ * XSLT 1.0 isn't clear on how to handle zero, but XSLT 2.0 says: ++ * ++ * For all format tokens other than the first kind above (one that ++ * consists of decimal digits), there may be implementation-defined ++ * lower and upper bounds on the range of numbers that can be ++ * formatted using this format token; indeed, for some numbering ++ * sequences there may be intrinsic limits. [...] Numbers that fall ++ * outside this range must be formatted using the format token 1. ++ * ++ * The "a" token has an intrinsic lower limit of 1. ++ */ ++ if (number < 1.0) { ++ xsltNumberFormatDecimal(buffer, number, '0', 1, ++ data->digitsPerGroup, ++ data->groupingCharacter, ++ data->groupingCharacterLen); ++ return; ++ } ++ + /* Build buffer from back */ + pointer = &temp_string[sizeof(temp_string)]; + *(--pointer) = 0; +@@ -500,16 +521,10 @@ xsltNumberFormatInsertNumbers(xsltNumberDataPtr data, + + switch (token->token) { + case 'A': +- xsltNumberFormatAlpha(buffer, +- number, +- TRUE); +- ++ xsltNumberFormatAlpha(data, buffer, number, TRUE); + break; + case 'a': +- xsltNumberFormatAlpha(buffer, +- number, +- FALSE); +- ++ xsltNumberFormatAlpha(data, buffer, number, FALSE); + break; + case 'I': + xsltNumberFormatRoman(buffer, +-- +2.8.1 + diff --git a/libs/libxslt/patches/0016-Lower-and-upper-bound-for-format-token-i.patch b/libs/libxslt/patches/0016-Lower-and-upper-bound-for-format-token-i.patch new file mode 100644 index 0000000..d000c45 --- /dev/null +++ b/libs/libxslt/patches/0016-Lower-and-upper-bound-for-format-token-i.patch @@ -0,0 +1,64 @@ +From 91d0540ac9beaa86719a05b749219a69baa0dd8d Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Sun, 10 Apr 2016 13:12:28 +0200 +Subject: [PATCH] Lower and upper bound for format token "i" + +Handle xsl:number with format "i" and value 0 according to XSLT 2.0. + +Also introduce an upper bound to fix a denial of service. +--- + libxslt/numbers.c | 25 ++++++++++++++++--------- + 1 file changed, 16 insertions(+), 9 deletions(-) + +diff --git a/libxslt/numbers.c b/libxslt/numbers.c +index af52883..e769c42 100644 +--- a/libxslt/numbers.c ++++ b/libxslt/numbers.c +@@ -274,11 +274,24 @@ xsltNumberFormatAlpha(xsltNumberDataPtr data, + } + + static void +-xsltNumberFormatRoman(xmlBufferPtr buffer, ++xsltNumberFormatRoman(xsltNumberDataPtr data, ++ xmlBufferPtr buffer, + double number, + int is_upper) + { + /* ++ * See discussion in xsltNumberFormatAlpha. Also use a reasonable upper ++ * bound to avoid denial of service. ++ */ ++ if (number < 1.0 || number > 5000.0) { ++ xsltNumberFormatDecimal(buffer, number, '0', 1, ++ data->digitsPerGroup, ++ data->groupingCharacter, ++ data->groupingCharacterLen); ++ return; ++ } ++ ++ /* + * Based on an example by Jim Walsh + */ + while (number >= 1000.0) { +@@ -527,16 +540,10 @@ xsltNumberFormatInsertNumbers(xsltNumberDataPtr data, + xsltNumberFormatAlpha(data, buffer, number, FALSE); + break; + case 'I': +- xsltNumberFormatRoman(buffer, +- number, +- TRUE); +- ++ xsltNumberFormatRoman(data, buffer, number, TRUE); + break; + case 'i': +- xsltNumberFormatRoman(buffer, +- number, +- FALSE); +- ++ xsltNumberFormatRoman(data, buffer, number, FALSE); + break; + default: + if (IS_DIGIT_ZERO(token->token)) { +-- +2.8.1 + diff --git a/libs/libxslt/patches/0017-Fix-double-free-in-libexslt-hash-functions.patch b/libs/libxslt/patches/0017-Fix-double-free-in-libexslt-hash-functions.patch new file mode 100644 index 0000000..eafdee1 --- /dev/null +++ b/libs/libxslt/patches/0017-Fix-double-free-in-libexslt-hash-functions.patch @@ -0,0 +1,62 @@ +From d8862309f08054218b28e2c8f5fb3cb2f650cac7 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Wed, 20 Apr 2016 14:35:43 +0200 +Subject: [PATCH] Fix double free in libexslt hash functions + +Thanks to Nicolas Gregoire for the report. + +Fixes bug #765271: + +https://bugzilla.gnome.org/show_bug.cgi?id=765271 +--- + libexslt/crypto.c | 15 +++------------ + tests/exslt/crypto/hash.1.out | 2 ++ + tests/exslt/crypto/hash.1.xml | 5 +++++ + 3 files changed, 10 insertions(+), 12 deletions(-) + +diff --git a/libexslt/crypto.c b/libexslt/crypto.c +index 6aa9dd2..e13db8b 100644 +--- a/libexslt/crypto.c ++++ b/libexslt/crypto.c +@@ -499,11 +499,8 @@ exsltCryptoMd4Function (xmlXPathParserContextPtr ctxt, int nargs) { + unsigned char hex[MD5_DIGEST_LENGTH * 2 + 1]; + + str_len = exsltCryptoPopString (ctxt, nargs, &str); +- if (str_len == 0) { +- xmlXPathReturnEmptyString (ctxt); +- xmlFree (str); ++ if (str_len == 0) + return; +- } + + PLATFORM_HASH (ctxt, PLATFORM_MD4, (const char *) str, str_len, + (char *) hash); +@@ -532,11 +529,8 @@ exsltCryptoMd5Function (xmlXPathParserContextPtr ctxt, int nargs) { + unsigned char hex[MD5_DIGEST_LENGTH * 2 + 1]; + + str_len = exsltCryptoPopString (ctxt, nargs, &str); +- if (str_len == 0) { +- xmlXPathReturnEmptyString (ctxt); +- xmlFree (str); ++ if (str_len == 0) + return; +- } + + PLATFORM_HASH (ctxt, PLATFORM_MD5, (const char *) str, str_len, + (char *) hash); +@@ -565,11 +559,8 @@ exsltCryptoSha1Function (xmlXPathParserContextPtr ctxt, int nargs) { + unsigned char hex[SHA1_DIGEST_LENGTH * 2 + 1]; + + str_len = exsltCryptoPopString (ctxt, nargs, &str); +- if (str_len == 0) { +- xmlXPathReturnEmptyString (ctxt); +- xmlFree (str); ++ if (str_len == 0) + return; +- } + + PLATFORM_HASH (ctxt, PLATFORM_SHA1, (const char *) str, str_len, + (char *) hash); +-- +2.8.1 + diff --git a/libs/libxslt/patches/0018-Fix-buffer-overflow-in-exsltDateFormat.patch b/libs/libxslt/patches/0018-Fix-buffer-overflow-in-exsltDateFormat.patch new file mode 100644 index 0000000..3125c33 --- /dev/null +++ b/libs/libxslt/patches/0018-Fix-buffer-overflow-in-exsltDateFormat.patch @@ -0,0 +1,33 @@ +From 5d0c6565bab5b9b7efceb33b626916d22b4101a7 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Thu, 28 Apr 2016 17:34:27 +0200 +Subject: [PATCH] Fix buffer overflow in exsltDateFormat + +Long years can overflow a stack-based buffer on 64-bit platforms by +up to four bytes. + +Thanks to Nicolas Gregoire for the report. + +Fixes bug #765380: + +https://bugzilla.gnome.org/show_bug.cgi?id=765380 +--- + libexslt/date.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libexslt/date.c b/libexslt/date.c +index 272c61b..12c9919 100644 +--- a/libexslt/date.c ++++ b/libexslt/date.c +@@ -1283,7 +1283,7 @@ exsltDateFormat (const exsltDateValPtr dt) + } + + if (dt->type & XS_GYEAR) { +- xmlChar buf[20], *cur = buf; ++ xmlChar buf[100], *cur = buf; + + FORMAT_GYEAR(dt->value.date.year, cur); + if (dt->type == XS_GYEARMONTH) { +-- +2.8.1 + diff --git a/libs/libxslt/patches/0019-Fix-OOB-heap-read-in-xsltExtModuleRegisterDynamic.patch b/libs/libxslt/patches/0019-Fix-OOB-heap-read-in-xsltExtModuleRegisterDynamic.patch new file mode 100644 index 0000000..cddc2a6 --- /dev/null +++ b/libs/libxslt/patches/0019-Fix-OOB-heap-read-in-xsltExtModuleRegisterDynamic.patch @@ -0,0 +1,36 @@ +From 87c3d9ea214fc0503fd8130b6dd97431d69cc066 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Thu, 5 May 2016 15:12:48 +0200 +Subject: [PATCH] Fix OOB heap read in xsltExtModuleRegisterDynamic + +xsltExtModuleRegisterDynamic would read a byte before the start of a +string under certain circumstances. I looks like this piece code was +supposed to strip characters from the end of the extension name, but +it didn't have any effect. Don't read beyond the beginning of the +string and actually strip unwanted characters. + +Found with afl-fuzz and ASan. +--- + libxslt/extensions.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/libxslt/extensions.c b/libxslt/extensions.c +index 5ad73cb..ae6eef0 100644 +--- a/libxslt/extensions.c ++++ b/libxslt/extensions.c +@@ -367,8 +367,11 @@ xsltExtModuleRegisterDynamic(const xmlChar * URI) + i++; + } + +- if (*(i - 1) == '_') ++ /* Strip underscores from end of string. */ ++ while (i > ext_name && *(i - 1) == '_') { ++ i--; + *i = '\0'; ++ } + + /* determine module directory */ + ext_directory = (xmlChar *) getenv("LIBXSLT_PLUGINS_PATH"); +-- +2.8.1 + diff --git a/libs/libxslt/patches/0020-Fix-heap-overread-in-xsltFormatNumberConversion.patch b/libs/libxslt/patches/0020-Fix-heap-overread-in-xsltFormatNumberConversion.patch new file mode 100644 index 0000000..60ead15 --- /dev/null +++ b/libs/libxslt/patches/0020-Fix-heap-overread-in-xsltFormatNumberConversion.patch @@ -0,0 +1,31 @@ +From eb1030de31165b68487f288308f9d1810fed6880 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Fri, 10 Jun 2016 14:23:58 +0200 +Subject: [PATCH] Fix heap overread in xsltFormatNumberConversion + +An empty decimal-separator could cause a heap overread. This can be +exploited to leak a couple of bytes after the buffer that holds the +pattern string. + +Found with afl-fuzz and ASan. +--- + libxslt/numbers.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/libxslt/numbers.c b/libxslt/numbers.c +index d1549b4..e78c46b 100644 +--- a/libxslt/numbers.c ++++ b/libxslt/numbers.c +@@ -1090,7 +1090,8 @@ xsltFormatNumberConversion(xsltDecimalFormatPtr self, + } + + /* We have finished the integer part, now work on fraction */ +- if (xsltUTF8Charcmp(the_format, self->decimalPoint) == 0) { ++ if ( (*the_format != 0) && ++ (xsltUTF8Charcmp(the_format, self->decimalPoint) == 0) ) { + format_info.add_decimal = TRUE; + the_format += xsltUTF8Size(the_format); /* Skip over the decimal */ + } +-- +2.10.2 + diff --git a/libs/libxslt/patches/0021-Check-for-integer-overflow-in-xsltAddTextString.patch b/libs/libxslt/patches/0021-Check-for-integer-overflow-in-xsltAddTextString.patch new file mode 100644 index 0000000..ea941db --- /dev/null +++ b/libs/libxslt/patches/0021-Check-for-integer-overflow-in-xsltAddTextString.patch @@ -0,0 +1,74 @@ +From 08ab2774b870de1c7b5a48693df75e8154addae5 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Thu, 12 Jan 2017 15:39:52 +0100 +Subject: [PATCH] Check for integer overflow in xsltAddTextString + +Limit buffer size in xsltAddTextString to INT_MAX. The issue can be +exploited to trigger an out of bounds write on 64-bit systems. + +Originally reported to Chromium: + +https://crbug.com/676623 +--- + libxslt/transform.c | 25 ++++++++++++++++++++++--- + libxslt/xsltInternals.h | 4 ++-- + 2 files changed, 24 insertions(+), 5 deletions(-) + +diff --git a/libxslt/transform.c b/libxslt/transform.c +index 519133fc..02bff34a 100644 +--- a/libxslt/transform.c ++++ b/libxslt/transform.c +@@ -813,13 +813,32 @@ xsltAddTextString(xsltTransformContextPtr ctxt, xmlNodePtr target, + return(target); + + if (ctxt->lasttext == target->content) { ++ int minSize; + +- if (ctxt->lasttuse + len >= ctxt->lasttsize) { ++ /* Check for integer overflow accounting for NUL terminator. */ ++ if (len >= INT_MAX - ctxt->lasttuse) { ++ xsltTransformError(ctxt, NULL, target, ++ "xsltCopyText: text allocation failed\n"); ++ return(NULL); ++ } ++ minSize = ctxt->lasttuse + len + 1; ++ ++ if (ctxt->lasttsize < minSize) { + xmlChar *newbuf; + int size; ++ int extra; ++ ++ /* Double buffer size but increase by at least 100 bytes. */ ++ extra = minSize < 100 ? 100 : minSize; ++ ++ /* Check for integer overflow. */ ++ if (extra > INT_MAX - ctxt->lasttsize) { ++ size = INT_MAX; ++ } ++ else { ++ size = ctxt->lasttsize + extra; ++ } + +- size = ctxt->lasttsize + len + 100; +- size *= 2; + newbuf = (xmlChar *) xmlRealloc(target->content,size); + if (newbuf == NULL) { + xsltTransformError(ctxt, NULL, target, +diff --git a/libxslt/xsltInternals.h b/libxslt/xsltInternals.h +index 060b1783..5ad17719 100644 +--- a/libxslt/xsltInternals.h ++++ b/libxslt/xsltInternals.h +@@ -1754,8 +1754,8 @@ struct _xsltTransformContext { + * Speed optimization when coalescing text nodes + */ + const xmlChar *lasttext; /* last text node content */ +- unsigned int lasttsize; /* last text node size */ +- unsigned int lasttuse; /* last text node use */ ++ int lasttsize; /* last text node size */ ++ int lasttuse; /* last text node use */ + /* + * Per Context Debugging + */ +-- +2.11.0 + diff --git a/libs/loudmouth/Makefile b/libs/loudmouth/Makefile new file mode 100644 index 0000000..1f06209 --- /dev/null +++ b/libs/loudmouth/Makefile @@ -0,0 +1,73 @@ +# +# Copyright (C) 2007-2016 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=loudmouth +PKG_VERSION:=1.5.3 +PKG_RELEASE:=1 + +PKG_MAINTAINER:=W. Michael Petullo + +PKG_LICENSE:=LGPLv2.1 +PKG_LICENSE_FILES:=COPYING + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_PROTO:=git +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_SOURCE_URL:=https://github.com/mcabber/loudmouth.git +PKG_SOURCE_VERSION:=$(PKG_VERSION) +PKG_MD5SUM:=7616cf124a8d72d007e7475b5aeb20ad + +PKG_FIXUP:=autoreconf +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/loudmouth + SECTION:=libs + CATEGORY:=Libraries + DEPENDS:=+glib2 +libopenssl + TITLE:=loudmouth + URL:=https://github.com/mcabber/loudmouth +endef + +define Package/loudmouth/description + Lightweight and easy-to-use C library for programming with the Jabber protocol +endef + +CONFIGURE_ARGS += \ + --with-ssl=openssl + +define Build/Configure + ( cd $(PKG_BUILD_DIR); ./autogen.sh ) + $(call Build/Configure/Default) +endef + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include/ + $(CP) \ + $(PKG_INSTALL_DIR)/usr/include/loudmouth-1.0/ \ + $(1)/usr/include/ + $(INSTALL_DIR) $(1)/usr/lib/ + $(CP) \ + $(PKG_INSTALL_DIR)/usr/lib/*.so* \ + $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig/ + $(INSTALL_DATA) \ + $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc \ + $(1)/usr/lib/pkgconfig/ +endef + +define Package/loudmouth/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) \ + $(PKG_INSTALL_DIR)/usr/lib/*.so* \ + $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,loudmouth)) diff --git a/libs/openldap/Makefile b/libs/openldap/Makefile index a1e4062..d9e1e92 100644 --- a/libs/openldap/Makefile +++ b/libs/openldap/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openldap -PKG_VERSION:=2.4.44 +PKG_VERSION:=2.4.45 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz @@ -16,7 +16,7 @@ PKG_SOURCE_URL:=ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/ \ ftp://sunsite.cnlab-switch.ch/mirror/OpenLDAP/openldap-release/ \ ftp://ftp.nl.uu.net/pub/unix/db/openldap/openldap-release/ \ ftp://ftp.plig.org/pub/OpenLDAP/openldap-release/ -PKG_MD5SUM:=693ac26de86231f8dcae2b4e9d768e51 +PKG_MD5SUM:=00ff8301277cdfd0af728a6927042a13 PKG_FIXUP:=autoreconf diff --git a/libs/p11-kit/Makefile b/libs/p11-kit/Makefile index a9facc1..4642ff8 100644 --- a/libs/p11-kit/Makefile +++ b/libs/p11-kit/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=p11-kit PKG_VERSION:=0.23.1 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_MAINTAINER:=Nikos Mavrogiannopoulos PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz @@ -35,7 +35,8 @@ define Package/p11-kit/description endef CONFIGURE_ARGS+= \ - --without-libffi + --without-libffi \ + --disable-trust-module define Build/InstallDev $(INSTALL_DIR) $(1)/usr/include/p11-kit-1/p11-kit/ diff --git a/libs/pcre/Makefile b/libs/pcre/Makefile index 861b561..3171d2f 100644 --- a/libs/pcre/Makefile +++ b/libs/pcre/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=pcre -PKG_VERSION:=8.40 +PKG_VERSION:=8.41 PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/ -PKG_MD5SUM:=41a842bf7dcecd6634219336e2167d1d +PKG_MD5SUM:=c160d22723b1670447341b08c58981c1 PKG_MAINTAINER:=Thomas Heil PKG_LICENSE:=BSD-3-Clause @@ -53,6 +53,7 @@ CONFIGURE_ARGS += \ --enable-utf8 \ --enable-unicode-properties \ --enable-pcre16 \ + --with-match-limit-recursion=16000 \ ifneq ($(CONFIG_PACKAGE_libpcrecpp),) CONFIGURE_ARGS+= --enable-cpp diff --git a/libs/pcre/patches/001-CVE-2017-7186 b/libs/pcre/patches/001-CVE-2017-7186 deleted file mode 100644 index 984cf81..0000000 --- a/libs/pcre/patches/001-CVE-2017-7186 +++ /dev/null @@ -1,53 +0,0 @@ -#CVE-2017-7186 patch ---- trunk/pcre_internal.h 2016/05/21 13:34:44 1649 -+++ trunk/pcre_internal.h 2017/02/24 17:30:30 1688 -@@ -2772,6 +2772,9 @@ - extern const pcre_uint16 PRIV(ucd_stage2)[]; - extern const pcre_uint32 PRIV(ucp_gentype)[]; - extern const pcre_uint32 PRIV(ucp_gbtable)[]; -+#ifdef COMPILE_PCRE32 -+extern const ucd_record PRIV(dummy_ucd_record)[]; -+#endif - #ifdef SUPPORT_JIT - extern const int PRIV(ucp_typerange)[]; - #endif -@@ -2780,9 +2783,15 @@ - /* UCD access macros */ - - #define UCD_BLOCK_SIZE 128 --#define GET_UCD(ch) (PRIV(ucd_records) + \ -+#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \ - PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \ - UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE]) -+ -+#ifdef COMPILE_PCRE32 -+#define GET_UCD(ch) ((ch > 0x10ffff)? PRIV(dummy_ucd_record) : REAL_GET_UCD(ch)) -+#else -+#define GET_UCD(ch) REAL_GET_UCD(ch) -+#endif - - #define UCD_CHARTYPE(ch) GET_UCD(ch)->chartype - #define UCD_SCRIPT(ch) GET_UCD(ch)->script ---- trunk/pcre_ucd.c 2014/06/19 07:51:39 1490 -+++ trunk/pcre_ucd.c 2017/02/24 17:30:30 1688 -@@ -38,6 +38,20 @@ - const pcre_uint32 PRIV(ucd_caseless_sets)[] = {0}; - #else - -+/* If the 32-bit library is run in non-32-bit mode, character values -+greater than 0x10ffff may be encountered. For these we set up a -+special record. */ -+ -+#ifdef COMPILE_PCRE32 -+const ucd_record PRIV(dummy_ucd_record)[] = {{ -+ ucp_Common, /* script */ -+ ucp_Cn, /* type unassigned */ -+ ucp_gbOther, /* grapheme break property */ -+ 0, /* case set */ -+ 0, /* other case */ -+ }}; -+#endif -+ - /* When recompiling tables with a new Unicode version, please check the - types in this structure definition from pcre_internal.h (the actual - field names will be different): diff --git a/libs/postgresql/Makefile b/libs/postgresql/Makefile index 0507146..9660f8e 100644 --- a/libs/postgresql/Makefile +++ b/libs/postgresql/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=postgresql -PKG_VERSION:=9.5.4 +PKG_VERSION:=9.5.10 PKG_RELEASE:=4 PKG_MAINTAINER:=Daniel Golle PKG_LICENSE:=PostgreSQL @@ -18,7 +18,7 @@ PKG_SOURCE_URL:=\ https://ftp.postgresql.org/pub/source/v$(PKG_VERSION) \ http://ftp.postgresql.org/pub/source/v$(PKG_VERSION) \ ftp://ftp.postgresql.org/pub/source/v$(PKG_VERSION) -PKG_MD5SUM:=cf5e571164ad66028ecd7dd8819e3765470d45bcd440d258b686be7e69c76ed0 +PKG_MD5SUM:=945d7ade094dded6b95495d8f1561a12ac9608276858ed30adf3c3658275f281 PKG_BUILD_PARALLEL:=1 PKG_USE_MIPS16:=0 PKG_FIXUP:=autoreconf diff --git a/libs/sqlite3/Makefile b/libs/sqlite3/Makefile index 7f9b1b3..5cdd1e5 100644 --- a/libs/sqlite3/Makefile +++ b/libs/sqlite3/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2006-2014 OpenWrt.org +# Copyright (C) 2006-2018 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=sqlite -PKG_VERSION:=3160000 -PKG_RELEASE:=1 +PKG_VERSION:=3190300 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-autoconf-$(PKG_VERSION).tar.gz +PKG_HASH:=06129c03dced9f87733a8cba408871bd60673b8f93b920ba8d815efab0a06301 PKG_SOURCE_URL:=http://www.sqlite.org/2017/ -PKG_MD5SUM:=5102404047054b2cec2f43463293f94dea39425d42bf386d24596ab4fac7c7ff PKG_LICENSE:=PUBLICDOMAIN PKG_LICENSE_FILES:= @@ -68,6 +68,9 @@ $(call Package/sqlite3/Default/description) formats. endef +# On uClibc libm needs to be linked in for ISNAN() +TARGET_LDFLAGS += $(if $(CONFIG_USE_UCLIBC),-lm) + TARGET_CFLAGS += $(FPIC) \ -DSQLITE_ENABLE_UNLOCK_NOTIFY=1 \ -DHAVE_ISNAN=1 \ diff --git a/libs/tiff/Makefile b/libs/tiff/Makefile deleted file mode 100644 index 7c8d18e..0000000 --- a/libs/tiff/Makefile +++ /dev/null @@ -1,109 +0,0 @@ -# -# Copyright (C) 2006-2016 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=tiff -PKG_VERSION:=4.0.6 -PKG_RELEASE:=2 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=http://download.osgeo.org/libtiff -PKG_MD5SUM:=d1d2e940dea0b5ad435f21f03d96dd72 - -PKG_FIXUP:=autoreconf -PKG_REMOVE_FILES:=autogen.sh aclocal.m4 - -PKG_LICENSE:=BSD -PKG_LICENSE_FILES:=COPYRIGHT - -PKG_INSTALL:=1 - -PKG_CONFIG_DEPENDS:=CONFIG_PACKAGE_libtiffxx - -include $(INCLUDE_DIR)/uclibc++.mk -include $(INCLUDE_DIR)/package.mk - -define Package/tiff/Default - TITLE:=TIFF - URL:=http://www.remotesensing.org/libtiff/ - MAINTAINER:=Jiri Slachta -endef - -define Package/libtiff -$(call Package/tiff/Default) - SECTION:=libs - CATEGORY:=Libraries - TITLE+= library - DEPENDS:=+zlib +libjpeg -endef - -define Package/libtiffxx -$(call Package/tiff/Default) - SECTION:=libs - CATEGORY:=Libraries - TITLE+= library(c++ bindings) - DEPENDS:=+libtiff $(CXX_DEPENDS) -endef - -define Package/tiff-utils -$(call Package/tiff/Default) - SECTION:=utils - CATEGORY:=Utilities - SUBMENU:=Image Manipulation - TITLE+= utilities - DEPENDS:=+libtiff -endef - -TARGET_CFLAGS += $(FPIC) - -define Build/Configure - $(call Build/Configure/Default, \ - $(if $(CONFIG_PACKAGE_libtiffxx), \ - --enable-cxx, \ - --disable-cxx \ - ) \ - --disable-lzma \ - --enable-ccitt \ - --enable-packbits \ - --enable-lzw \ - --enable-thunder \ - --enable-next \ - --enable-logluv \ - --enable-mdi \ - --enable-zlib \ - --enable-jpeg \ - --disable-old-jpeg \ - --disable-jbig \ - --without-x \ - ) -endef - -define Build/InstallDev - $(INSTALL_DIR) $(1)/usr/{lib,include} - $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib* $(1)/usr/lib/ - $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ -endef - -define Package/libtiff/install - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libtiff.so.* $(1)/usr/lib/ -endef - -define Package/libtiffxx/install - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libtiffxx.so.* $(1)/usr/lib/ -endef - -define Package/tiff-utils/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/ -endef - -$(eval $(call BuildPackage,libtiff)) -$(eval $(call BuildPackage,libtiffxx)) -$(eval $(call BuildPackage,tiff-utils)) diff --git a/libs/tiff/patches/001-autoconf-compat.patch b/libs/tiff/patches/001-autoconf-compat.patch deleted file mode 100644 index 16a88e3..0000000 --- a/libs/tiff/patches/001-autoconf-compat.patch +++ /dev/null @@ -1,33 +0,0 @@ -diff -rupN tiff-4.0.6/Makefile.am tiff-new/Makefile.am ---- tiff-4.0.6/Makefile.am 2015-09-06 21:30:46.179705536 +0200 -+++ tiff-new/Makefile.am 2016-04-05 14:26:09.539194844 +0200 -@@ -25,7 +25,7 @@ - - docdir = $(LIBTIFF_DOCDIR) - --AUTOMAKE_OPTIONS = 1.12 dist-zip foreign -+AUTOMAKE_OPTIONS = dist-zip foreign - ACLOCAL_AMFLAGS = -I m4 - - docfiles = \ -@@ -61,7 +61,7 @@ distcheck-hook: - rm -rf $(distdir)/_build/cmake - rm -rf $(distdir)/_inst/cmake - --SUBDIRS = port libtiff tools build contrib test man html -+SUBDIRS = port libtiff tools build contrib - - release: - (rm -f $(top_srcdir)/RELEASE-DATE && echo $(LIBTIFF_RELEASE_DATE) > $(top_srcdir)/RELEASE-DATE) -diff -rupN tiff-4.0.6/test/Makefile.am tiff-new/test/Makefile.am ---- tiff-4.0.6/test/Makefile.am 2015-09-01 04:41:07.598381354 +0200 -+++ tiff-new/test/Makefile.am 2016-04-05 14:26:39.763453075 +0200 -@@ -23,7 +23,7 @@ - - # Process this file with automake to produce Makefile.in. - --AUTOMAKE_OPTIONS = 1.12 color-tests parallel-tests foreign -+AUTOMAKE_OPTIONS = color-tests parallel-tests foreign - - LIBTIFF = $(top_builddir)/libtiff/libtiff.la - diff --git a/libs/tiff/patches/002-CVE-2015-8665_and_CVE-2015-8683.patch b/libs/tiff/patches/002-CVE-2015-8665_and_CVE-2015-8683.patch deleted file mode 100644 index 15807e1..0000000 --- a/libs/tiff/patches/002-CVE-2015-8665_and_CVE-2015-8683.patch +++ /dev/null @@ -1,136 +0,0 @@ -From f3f0cad770593eaef0766e5be896a6a034fc6313 Mon Sep 17 00:00:00 2001 -From: erouault -Date: Sat, 26 Dec 2015 17:32:03 +0000 -Subject: [PATCH] * libtiff/tif_getimage.c: fix out-of-bound reads in - TIFFRGBAImage interface in case of unsupported values of - SamplesPerPixel/ExtraSamples for LogLUV / CIELab. Add explicit call to - TIFFRGBAImageOK() in TIFFRGBAImageBegin(). Fix CVE-2015-8665 reported by - limingxing and CVE-2015-8683 reported by zzf of Alibaba. - ---- - ChangeLog | 8 ++++++++ - libtiff/tif_getimage.c | 37 +++++++++++++++++++++++-------------- - 2 files changed, 31 insertions(+), 14 deletions(-) - -diff --git a/ChangeLog b/ChangeLog -index a7d283a..4beb30b 100644 ---- a/ChangeLog -+++ b/ChangeLog -@@ -1,3 +1,11 @@ -+2015-12-26 Even Rouault -+ -+ * libtiff/tif_getimage.c: fix out-of-bound reads in TIFFRGBAImage -+ interface in case of unsupported values of SamplesPerPixel/ExtraSamples -+ for LogLUV / CIELab. Add explicit call to TIFFRGBAImageOK() in -+ TIFFRGBAImageBegin(). Fix CVE-2015-8665 reported by limingxing and -+ CVE-2015-8683 reported by zzf of Alibaba. -+ - 2015-09-12 Bob Friesenhahn - - * libtiff 4.0.6 released. -diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c -index fd0a4f9..fae1e31 100644 ---- a/libtiff/tif_getimage.c -+++ b/libtiff/tif_getimage.c -@@ -1,4 +1,4 @@ --/* $Id: tif_getimage.c,v 1.90 2015-06-17 01:34:08 bfriesen Exp $ */ -+/* $Id: tif_getimage.c,v 1.94 2015-12-26 17:32:03 erouault Exp $ */ - - /* - * Copyright (c) 1991-1997 Sam Leffler -@@ -182,20 +182,22 @@ TIFFRGBAImageOK(TIFF* tif, char emsg[1024]) - "Planarconfiguration", td->td_planarconfig); - return (0); - } -- if( td->td_samplesperpixel != 3 ) -+ if( td->td_samplesperpixel != 3 || colorchannels != 3 ) - { - sprintf(emsg, -- "Sorry, can not handle image with %s=%d", -- "Samples/pixel", td->td_samplesperpixel); -+ "Sorry, can not handle image with %s=%d, %s=%d", -+ "Samples/pixel", td->td_samplesperpixel, -+ "colorchannels", colorchannels); - return 0; - } - break; - case PHOTOMETRIC_CIELAB: -- if( td->td_samplesperpixel != 3 || td->td_bitspersample != 8 ) -+ if( td->td_samplesperpixel != 3 || colorchannels != 3 || td->td_bitspersample != 8 ) - { - sprintf(emsg, -- "Sorry, can not handle image with %s=%d and %s=%d", -+ "Sorry, can not handle image with %s=%d, %s=%d and %s=%d", - "Samples/pixel", td->td_samplesperpixel, -+ "colorchannels", colorchannels, - "Bits/sample", td->td_bitspersample); - return 0; - } -@@ -255,6 +257,9 @@ TIFFRGBAImageBegin(TIFFRGBAImage* img, TIFF* tif, int stop, char emsg[1024]) - int colorchannels; - uint16 *red_orig, *green_orig, *blue_orig; - int n_color; -+ -+ if( !TIFFRGBAImageOK(tif, emsg) ) -+ return 0; - - /* Initialize to normal values */ - img->row_offset = 0; -@@ -2508,29 +2513,33 @@ PickContigCase(TIFFRGBAImage* img) - case PHOTOMETRIC_RGB: - switch (img->bitspersample) { - case 8: -- if (img->alpha == EXTRASAMPLE_ASSOCALPHA) -+ if (img->alpha == EXTRASAMPLE_ASSOCALPHA && -+ img->samplesperpixel >= 4) - img->put.contig = putRGBAAcontig8bittile; -- else if (img->alpha == EXTRASAMPLE_UNASSALPHA) -+ else if (img->alpha == EXTRASAMPLE_UNASSALPHA && -+ img->samplesperpixel >= 4) - { - if (BuildMapUaToAa(img)) - img->put.contig = putRGBUAcontig8bittile; - } -- else -+ else if( img->samplesperpixel >= 3 ) - img->put.contig = putRGBcontig8bittile; - break; - case 16: -- if (img->alpha == EXTRASAMPLE_ASSOCALPHA) -+ if (img->alpha == EXTRASAMPLE_ASSOCALPHA && -+ img->samplesperpixel >=4 ) - { - if (BuildMapBitdepth16To8(img)) - img->put.contig = putRGBAAcontig16bittile; - } -- else if (img->alpha == EXTRASAMPLE_UNASSALPHA) -+ else if (img->alpha == EXTRASAMPLE_UNASSALPHA && -+ img->samplesperpixel >=4 ) - { - if (BuildMapBitdepth16To8(img) && - BuildMapUaToAa(img)) - img->put.contig = putRGBUAcontig16bittile; - } -- else -+ else if( img->samplesperpixel >=3 ) - { - if (BuildMapBitdepth16To8(img)) - img->put.contig = putRGBcontig16bittile; -@@ -2539,7 +2548,7 @@ PickContigCase(TIFFRGBAImage* img) - } - break; - case PHOTOMETRIC_SEPARATED: -- if (buildMap(img)) { -+ if (img->samplesperpixel >=4 && buildMap(img)) { - if (img->bitspersample == 8) { - if (!img->Map) - img->put.contig = putRGBcontig8bitCMYKtile; -@@ -2635,7 +2644,7 @@ PickContigCase(TIFFRGBAImage* img) - } - break; - case PHOTOMETRIC_CIELAB: -- if (buildMap(img)) { -+ if (img->samplesperpixel == 3 && buildMap(img)) { - if (img->bitspersample == 8) - img->put.contig = initCIELabConversion(img); - break; diff --git a/libs/tiff/patches/003-fix_potential_out-of-bound_writes_in_decode_functions.patch b/libs/tiff/patches/003-fix_potential_out-of-bound_writes_in_decode_functions.patch deleted file mode 100644 index 716ddfd..0000000 --- a/libs/tiff/patches/003-fix_potential_out-of-bound_writes_in_decode_functions.patch +++ /dev/null @@ -1,193 +0,0 @@ -From 3899f0ab62dd307f63f87ec99aaf289e104f4070 Mon Sep 17 00:00:00 2001 -From: erouault -Date: Sun, 27 Dec 2015 16:25:11 +0000 -Subject: [PATCH] * libtiff/tif_luv.c: fix potential out-of-bound writes in - decode functions in non debug builds by replacing assert()s by regular if - checks (bugzilla #2522). Fix potential out-of-bound reads in case of short - input data. - ---- - ChangeLog | 7 +++++++ - libtiff/tif_luv.c | 57 +++++++++++++++++++++++++++++++++++++++++++------------ - 2 files changed, 52 insertions(+), 12 deletions(-) - -diff --git a/ChangeLog b/ChangeLog -index 4beb30b..b8aa23c 100644 ---- a/ChangeLog -+++ b/ChangeLog -@@ -1,3 +1,10 @@ -+2015-12-27 Even Rouault -+ -+ * libtiff/tif_luv.c: fix potential out-of-bound writes in decode -+ functions in non debug builds by replacing assert()s by regular if -+ checks (bugzilla #2522). -+ Fix potential out-of-bound reads in case of short input data. -+ - 2015-12-26 Even Rouault - - * libtiff/tif_getimage.c: fix out-of-bound reads in TIFFRGBAImage -diff --git a/libtiff/tif_luv.c b/libtiff/tif_luv.c -index 4e328ba..60a174d 100644 ---- a/libtiff/tif_luv.c -+++ b/libtiff/tif_luv.c -@@ -1,4 +1,4 @@ --/* $Id: tif_luv.c,v 1.40 2015-06-21 01:09:09 bfriesen Exp $ */ -+/* $Id: tif_luv.c,v 1.41 2015-12-27 16:25:11 erouault Exp $ */ - - /* - * Copyright (c) 1997 Greg Ward Larson -@@ -202,7 +202,11 @@ LogL16Decode(TIFF* tif, uint8* op, tmsize_t occ, uint16 s) - if (sp->user_datafmt == SGILOGDATAFMT_16BIT) - tp = (int16*) op; - else { -- assert(sp->tbuflen >= npixels); -+ if(sp->tbuflen < npixels) { -+ TIFFErrorExt(tif->tif_clientdata, module, -+ "Translation buffer too short"); -+ return (0); -+ } - tp = (int16*) sp->tbuf; - } - _TIFFmemset((void*) tp, 0, npixels*sizeof (tp[0])); -@@ -211,9 +215,11 @@ LogL16Decode(TIFF* tif, uint8* op, tmsize_t occ, uint16 s) - cc = tif->tif_rawcc; - /* get each byte string */ - for (shft = 2*8; (shft -= 8) >= 0; ) { -- for (i = 0; i < npixels && cc > 0; ) -+ for (i = 0; i < npixels && cc > 0; ) { - if (*bp >= 128) { /* run */ -- rc = *bp++ + (2-128); /* TODO: potential input buffer overrun when decoding corrupt or truncated data */ -+ if( cc < 2 ) -+ break; -+ rc = *bp++ + (2-128); - b = (int16)(*bp++ << shft); - cc -= 2; - while (rc-- && i < npixels) -@@ -223,6 +229,7 @@ LogL16Decode(TIFF* tif, uint8* op, tmsize_t occ, uint16 s) - while (--cc && rc-- && i < npixels) - tp[i++] |= (int16)*bp++ << shft; - } -+ } - if (i != npixels) { - #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) - TIFFErrorExt(tif->tif_clientdata, module, -@@ -268,13 +275,17 @@ LogLuvDecode24(TIFF* tif, uint8* op, tmsize_t occ, uint16 s) - if (sp->user_datafmt == SGILOGDATAFMT_RAW) - tp = (uint32 *)op; - else { -- assert(sp->tbuflen >= npixels); -+ if(sp->tbuflen < npixels) { -+ TIFFErrorExt(tif->tif_clientdata, module, -+ "Translation buffer too short"); -+ return (0); -+ } - tp = (uint32 *) sp->tbuf; - } - /* copy to array of uint32 */ - bp = (unsigned char*) tif->tif_rawcp; - cc = tif->tif_rawcc; -- for (i = 0; i < npixels && cc > 0; i++) { -+ for (i = 0; i < npixels && cc >= 3; i++) { - tp[i] = bp[0] << 16 | bp[1] << 8 | bp[2]; - bp += 3; - cc -= 3; -@@ -325,7 +336,11 @@ LogLuvDecode32(TIFF* tif, uint8* op, tmsize_t occ, uint16 s) - if (sp->user_datafmt == SGILOGDATAFMT_RAW) - tp = (uint32*) op; - else { -- assert(sp->tbuflen >= npixels); -+ if(sp->tbuflen < npixels) { -+ TIFFErrorExt(tif->tif_clientdata, module, -+ "Translation buffer too short"); -+ return (0); -+ } - tp = (uint32*) sp->tbuf; - } - _TIFFmemset((void*) tp, 0, npixels*sizeof (tp[0])); -@@ -334,11 +349,13 @@ LogLuvDecode32(TIFF* tif, uint8* op, tmsize_t occ, uint16 s) - cc = tif->tif_rawcc; - /* get each byte string */ - for (shft = 4*8; (shft -= 8) >= 0; ) { -- for (i = 0; i < npixels && cc > 0; ) -+ for (i = 0; i < npixels && cc > 0; ) { - if (*bp >= 128) { /* run */ -+ if( cc < 2 ) -+ break; - rc = *bp++ + (2-128); - b = (uint32)*bp++ << shft; -- cc -= 2; /* TODO: potential input buffer overrun when decoding corrupt or truncated data */ -+ cc -= 2; - while (rc-- && i < npixels) - tp[i++] |= b; - } else { /* non-run */ -@@ -346,6 +363,7 @@ LogLuvDecode32(TIFF* tif, uint8* op, tmsize_t occ, uint16 s) - while (--cc && rc-- && i < npixels) - tp[i++] |= (uint32)*bp++ << shft; - } -+ } - if (i != npixels) { - #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) - TIFFErrorExt(tif->tif_clientdata, module, -@@ -413,6 +431,7 @@ LogLuvDecodeTile(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) - static int - LogL16Encode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) - { -+ static const char module[] = "LogL16Encode"; - LogLuvState* sp = EncoderState(tif); - int shft; - tmsize_t i; -@@ -433,7 +452,11 @@ LogL16Encode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) - tp = (int16*) bp; - else { - tp = (int16*) sp->tbuf; -- assert(sp->tbuflen >= npixels); -+ if(sp->tbuflen < npixels) { -+ TIFFErrorExt(tif->tif_clientdata, module, -+ "Translation buffer too short"); -+ return (0); -+ } - (*sp->tfunc)(sp, bp, npixels); - } - /* compress each byte string */ -@@ -506,6 +529,7 @@ LogL16Encode(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) - static int - LogLuvEncode24(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) - { -+ static const char module[] = "LogLuvEncode24"; - LogLuvState* sp = EncoderState(tif); - tmsize_t i; - tmsize_t npixels; -@@ -521,7 +545,11 @@ LogLuvEncode24(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) - tp = (uint32*) bp; - else { - tp = (uint32*) sp->tbuf; -- assert(sp->tbuflen >= npixels); -+ if(sp->tbuflen < npixels) { -+ TIFFErrorExt(tif->tif_clientdata, module, -+ "Translation buffer too short"); -+ return (0); -+ } - (*sp->tfunc)(sp, bp, npixels); - } - /* write out encoded pixels */ -@@ -553,6 +581,7 @@ LogLuvEncode24(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) - static int - LogLuvEncode32(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) - { -+ static const char module[] = "LogLuvEncode32"; - LogLuvState* sp = EncoderState(tif); - int shft; - tmsize_t i; -@@ -574,7 +603,11 @@ LogLuvEncode32(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s) - tp = (uint32*) bp; - else { - tp = (uint32*) sp->tbuf; -- assert(sp->tbuflen >= npixels); -+ if(sp->tbuflen < npixels) { -+ TIFFErrorExt(tif->tif_clientdata, module, -+ "Translation buffer too short"); -+ return (0); -+ } - (*sp->tfunc)(sp, bp, npixels); - } - /* compress each byte string */ diff --git a/libs/tiff/patches/004-fix_potential_out-of-bound_write_in_NeXTDecode.patch b/libs/tiff/patches/004-fix_potential_out-of-bound_write_in_NeXTDecode.patch deleted file mode 100644 index f2b6b31..0000000 --- a/libs/tiff/patches/004-fix_potential_out-of-bound_write_in_NeXTDecode.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 237c9c18b0b3479950e54a755ae428bf0f55f754 Mon Sep 17 00:00:00 2001 -From: erouault -Date: Sun, 27 Dec 2015 16:55:20 +0000 -Subject: [PATCH] * libtiff/tif_next.c: fix potential out-of-bound write in - NeXTDecode() triggered by http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif - (bugzilla #2508) - ---- - ChangeLog | 6 ++++++ - libtiff/tif_next.c | 12 +++++++++--- - 2 files changed, 15 insertions(+), 3 deletions(-) - -diff --git a/ChangeLog b/ChangeLog -index b8aa23c..04926a3 100644 ---- a/ChangeLog -+++ b/ChangeLog -@@ -1,5 +1,11 @@ - 2015-12-27 Even Rouault - -+ * libtiff/tif_next.c: fix potential out-of-bound write in NeXTDecode() -+ triggered by http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif -+ (bugzilla #2508) -+ -+2015-12-27 Even Rouault -+ - * libtiff/tif_luv.c: fix potential out-of-bound writes in decode - functions in non debug builds by replacing assert()s by regular if - checks (bugzilla #2522). -diff --git a/libtiff/tif_next.c b/libtiff/tif_next.c -index 17e0311..1248caa 100644 ---- a/libtiff/tif_next.c -+++ b/libtiff/tif_next.c -@@ -1,4 +1,4 @@ --/* $Id: tif_next.c,v 1.16 2014-12-29 12:09:11 erouault Exp $ */ -+/* $Id: tif_next.c,v 1.17 2015-12-27 16:55:20 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -37,7 +37,7 @@ - case 0: op[0] = (unsigned char) ((v) << 6); break; \ - case 1: op[0] |= (v) << 4; break; \ - case 2: op[0] |= (v) << 2; break; \ -- case 3: *op++ |= (v); break; \ -+ case 3: *op++ |= (v); op_offset++; break; \ - } \ - } - -@@ -106,6 +106,7 @@ NeXTDecode(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s) - uint32 imagewidth = tif->tif_dir.td_imagewidth; - if( isTiled(tif) ) - imagewidth = tif->tif_dir.td_tilewidth; -+ tmsize_t op_offset = 0; - - /* - * The scanline is composed of a sequence of constant -@@ -122,10 +123,15 @@ NeXTDecode(TIFF* tif, uint8* buf, tmsize_t occ, uint16 s) - * bounds, potentially resulting in a security - * issue. - */ -- while (n-- > 0 && npixels < imagewidth) -+ while (n-- > 0 && npixels < imagewidth && op_offset < scanline) - SETPIXEL(op, grey); - if (npixels >= imagewidth) - break; -+ if (op_offset >= scanline ) { -+ TIFFErrorExt(tif->tif_clientdata, module, "Invalid data for scanline %ld", -+ (long) tif->tif_row); -+ return (0); -+ } - if (cc == 0) - goto bad; - n = *bp++, cc--; diff --git a/libs/tiff/patches/005-fix-ftell-macro.patch b/libs/tiff/patches/005-fix-ftell-macro.patch deleted file mode 100644 index 6ab0932..0000000 --- a/libs/tiff/patches/005-fix-ftell-macro.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/libtiff/tiffiop.h -+++ b/libtiff/tiffiop.h -@@ -284,7 +284,7 @@ struct tiff { - */ - #if defined(HAVE_FSEEKO) - # define fseek(stream,offset,whence) fseeko(stream,offset,whence) --# define ftell(stream,offset,whence) ftello(stream,offset,whence) -+# define ftell(stream) ftello(stream) - #endif - #endif - #if defined(__WIN32__) && \ diff --git a/mail/nail/Makefile b/mail/nail/Makefile new file mode 100644 index 0000000..addc0f4 --- /dev/null +++ b/mail/nail/Makefile @@ -0,0 +1,59 @@ +# +# Copyright (C) 2007-2014 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=nail +PKG_VERSION:=12.5 +PKG_RELEASE:=2 +PKG_LICENSE:=BSD-2-Clause + +PKG_SOURCE:=heirloom-mailx_$(PKG_VERSION).orig.tar.gz +PKG_SOURCE_URL:=http://ftp.de.debian.org/debian/pool/main/h/heirloom-mailx/ +PKG_MD5SUM:=29a6033ef1412824d02eb9d9213cb1f2 +PKG_BUILD_DIR:=$(BUILD_DIR)/heirloom-mailx-$(PKG_VERSION) + +PKG_INSTALL:=0 + +include $(INCLUDE_DIR)/package.mk + +define Package/nail + SECTION:=mail + CATEGORY:=Mail + TITLE:=Heirloom mailx (nail) + URL:=http://heirloom.sourceforge.net/mailx.html + MAINTAINER:=Dmitry V. Zimin + DEPENDS:=+libopenssl +endef + +define Package/nail/description + Heirloom mailx (formerly known as "nail") is intended provide + the functionality of the POSIX mailx command with additional + support for MIME messages, IMAP (including caching), POP3, + SMTP, S/MIME, message threading/sorting, scoring, and filtering +endef + +define Package/nail/conffiles +/etc/nail.rc +endef + +define Build/Install + $(INSTALL_DIR) $(PKG_INSTALL_DIR)/usr/bin + $(CP) $(PKG_BUILD_DIR)/mailx $(PKG_INSTALL_DIR)/usr/bin/ + $(INSTALL_DIR) $(PKG_INSTALL_DIR)/etc + $(CP) $(PKG_BUILD_DIR)/nail.rc $(PKG_INSTALL_DIR)/etc/ +endef + +define Package/nail/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/ + $(INSTALL_DIR) $(1)/etc + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/etc/* $(1)/etc/ +endef + +$(eval $(call BuildPackage,nail)) + diff --git a/mail/nail/patches/100-handle-openssl-without-sslv2-sslv3.patch b/mail/nail/patches/100-handle-openssl-without-sslv2-sslv3.patch new file mode 100644 index 0000000..793bc3d --- /dev/null +++ b/mail/nail/patches/100-handle-openssl-without-sslv2-sslv3.patch @@ -0,0 +1,22 @@ +--- a/openssl.c ++++ b/openssl.c +@@ -216,11 +216,17 @@ ssl_select_method(const char *uhp) + + cp = ssl_method_string(uhp); + if (cp != NULL) { ++#ifndef OPENSSL_NO_SSL2 + if (equal(cp, "ssl2")) + method = SSLv2_client_method(); +- else if (equal(cp, "ssl3")) ++ else ++#endif ++#ifndef OPENSSL_NO_SSL3 ++ if (equal(cp, "ssl3")) + method = SSLv3_client_method(); +- else if (equal(cp, "tls1")) ++ else ++#endif ++ if (equal(cp, "tls1")) + method = TLSv1_client_method(); + else { + fprintf(stderr, catgets(catd, CATSET, 244, diff --git a/multimedia/ffmpeg/Config.in b/multimedia/ffmpeg/Config.in deleted file mode 100644 index d2ab7d1..0000000 --- a/multimedia/ffmpeg/Config.in +++ /dev/null @@ -1,473 +0,0 @@ -if PACKAGE_libffmpeg-custom - -config FFMPEG_CUSTOM_PATENTED - bool "Include patented codecs and technologies" - default BUILD_PATENTED - -comment "Profiles" - -config FFMPEG_CUSTOM_FFSERVER_SUPPORT - bool "Include support for ffserver (FFmpeg streaming server)" - select FFMPEG_CUSTOM_MUXER_ffm - select FFMPEG_CUSTOM_DEMUXER_ffm - select FFMPEG_CUSTOM_DEMUXER_rtsp - select FFMPEG_CUSTOM_PROTOCOL_rtp - -config FFMPEG_CUSTOM_MINIDLNA_SUPPORT - bool "Include support for minidlna" - depends on FFMPEG_CUSTOM_PATENTED - select FFMPEG_CUSTOM_DECODER_aac - select FFMPEG_CUSTOM_DECODER_ac3 - select FFMPEG_CUSTOM_DECODER_flac - select FFMPEG_CUSTOM_DECODER_h264 - select FFMPEG_CUSTOM_DECODER_hevc - select FFMPEG_CUSTOM_DECODER_jpegls - select FFMPEG_CUSTOM_DECODER_mp3 - select FFMPEG_CUSTOM_DECODER_mpeg1video - select FFMPEG_CUSTOM_DECODER_mpeg2video - select FFMPEG_CUSTOM_DECODER_mpeg4 - select FFMPEG_CUSTOM_DECODER_mpegvideo - select FFMPEG_CUSTOM_DECODER_png - select FFMPEG_CUSTOM_DECODER_opus - select FFMPEG_CUSTOM_DECODER_vc1 - select FFMPEG_CUSTOM_DECODER_vorbis - select FFMPEG_CUSTOM_DECODER_wmav1 - select FFMPEG_CUSTOM_DECODER_wmav2 - select FFMPEG_CUSTOM_DEMUXER_avi - select FFMPEG_CUSTOM_DEMUXER_flac - select FFMPEG_CUSTOM_DEMUXER_matroska - select FFMPEG_CUSTOM_DEMUXER_mov - select FFMPEG_CUSTOM_DEMUXER_mp3 - select FFMPEG_CUSTOM_DEMUXER_mpegts - select FFMPEG_CUSTOM_DEMUXER_mpegvideo - select FFMPEG_CUSTOM_DEMUXER_ogg - select FFMPEG_CUSTOM_PROTOCOL_file - -config FFMPEG_CUSTOM_AUDIO_DEC_SUPPORT - bool "Include support for most audio decoding requirements" - depends on FFMPEG_CUSTOM_PATENTED - select FFMPEG_CUSTOM_DECODER_aac - select FFMPEG_CUSTOM_DECODER_aac_latm - select FFMPEG_CUSTOM_DECODER_ac3 - select FFMPEG_CUSTOM_SELECT_adpcm - select FFMPEG_CUSTOM_DECODER_alac - select FFMPEG_CUSTOM_DECODER_amrnb - select FFMPEG_CUSTOM_DECODER_amrwb - select FFMPEG_CUSTOM_DECODER_ape - select FFMPEG_CUSTOM_DECODER_atrac3 - select FFMPEG_CUSTOM_DECODER_flac - select FFMPEG_CUSTOM_DECODER_mp2 - select FFMPEG_CUSTOM_DECODER_mp3 - select FFMPEG_CUSTOM_DECODER_mpc7 - select FFMPEG_CUSTOM_DECODER_mpc8 - select FFMPEG_CUSTOM_DECODER_opus - select FFMPEG_CUSTOM_DECODER_pcm_s16be - select FFMPEG_CUSTOM_DECODER_pcm_s16le - select FFMPEG_CUSTOM_DECODER_vorbis - select FFMPEG_CUSTOM_DECODER_wavpack - select FFMPEG_CUSTOM_DECODER_wmav1 - select FFMPEG_CUSTOM_DECODER_wmav2 - select FFMPEG_CUSTOM_DECODER_wmalossless - select FFMPEG_CUSTOM_DECODER_wmapro - select FFMPEG_CUSTOM_DECODER_zlib - select FFMPEG_CUSTOM_DEMUXER_aac - select FFMPEG_CUSTOM_DEMUXER_ac3 - select FFMPEG_CUSTOM_DEMUXER_aiff - select FFMPEG_CUSTOM_DEMUXER_amr - select FFMPEG_CUSTOM_DEMUXER_ape - select FFMPEG_CUSTOM_DEMUXER_avi - select FFMPEG_CUSTOM_DEMUXER_flac - select FFMPEG_CUSTOM_DEMUXER_ffm - select FFMPEG_CUSTOM_DEMUXER_matroska - select FFMPEG_CUSTOM_DEMUXER_mp3 - select FFMPEG_CUSTOM_DEMUXER_mov - select FFMPEG_CUSTOM_DEMUXER_mpc - select FFMPEG_CUSTOM_DEMUXER_mpc8 - select FFMPEG_CUSTOM_DEMUXER_mpegts - select FFMPEG_CUSTOM_DEMUXER_ogg - select FFMPEG_CUSTOM_DEMUXER_rm - select FFMPEG_CUSTOM_DEMUXER_rtsp - select FFMPEG_CUSTOM_DEMUXER_rtp - select FFMPEG_CUSTOM_DEMUXER_sdp - select FFMPEG_CUSTOM_DEMUXER_wav - select FFMPEG_CUSTOM_DEMUXER_wv - select FFMPEG_CUSTOM_PARSER_aac - select FFMPEG_CUSTOM_PARSER_aac_latm - select FFMPEG_CUSTOM_PARSER_ac3 - select FFMPEG_CUSTOM_PARSER_flac - select FFMPEG_CUSTOM_PARSER_mpegaudio - select FFMPEG_CUSTOM_PARSER_opus - select FFMPEG_CUSTOM_PROTOCOL_file - select FFMPEG_CUSTOM_PROTOCOL_http - select FFMPEG_CUSTOM_PROTOCOL_rtp - select FFMPEG_CUSTOM_PROTOCOL_tcp - select FFMPEG_CUSTOM_PROTOCOL_udp - -comment "External Libraries" - -config FFMPEG_CUSTOM_SELECT_mp3lame - bool "MP3 LAME" - depends on FFMPEG_CUSTOM_PATENTED - depends on PACKAGE_lame-lib - select FFMPEG_CUSTOM_DECODER_mp3 - select FFMPEG_CUSTOM_MUXER_mp3 - select FFMPEG_CUSTOM_DEMUXER_mp3 - -config FFMPEG_CUSTOM_SELECT_libopus - bool "Opus" - -config FFMPEG_CUSTOM_SELECT_x264 - bool "x264" - depends on FFMPEG_CUSTOM_PATENTED - depends on PACKAGE_libx264 - select FFMPEG_CUSTOM_DECODER_h264 - select FFMPEG_CUSTOM_MUXER_h264 - select FFMPEG_CUSTOM_DEMUXER_h264 - select FFMPEG_CUSTOM_PARSER_h264 - -comment "Encoders" - -config FFMPEG_CUSTOM_ENCODER_ac3 - bool "AC3" - depends on FFMPEG_CUSTOM_PATENTED - select FFMPEG_CUSTOM_PARSER_ac3 - -config FFMPEG_CUSTOM_ENCODER_jpegls - bool "JPEG-LS" - -config FFMPEG_CUSTOM_ENCODER_mpeg1video - bool "MPEG-1 Video" - -config FFMPEG_CUSTOM_ENCODER_mpeg2video - bool "MPEG-2 Video" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_ENCODER_mpeg4 - bool "MPEG-4" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_ENCODER_pcm_s16be - bool "PCM signed 16-bit big-endian" - -config FFMPEG_CUSTOM_ENCODER_pcm_s16le - bool "PCM signed 16-bit little-endian" - -config FFMPEG_CUSTOM_ENCODER_png - bool "PNG" - select FFMPEG_CUSTOM_ENCODER_zlib - -config FFMPEG_CUSTOM_ENCODER_vorbis - bool "Vorbis" - -config FFMPEG_CUSTOM_ENCODER_zlib - bool "Zlib" - -comment "Decoders" - -config FFMPEG_CUSTOM_DECODER_aac - bool "AAC (Advanced Audio Coding)" - depends on FFMPEG_CUSTOM_PATENTED - select FFMPEG_CUSTOM_PARSER_aac - -config FFMPEG_CUSTOM_SELECT_adpcm - bool "ADPCM (multiple types)" - -config FFMPEG_CUSTOM_DECODER_ac3 - bool "AC3" - depends on FFMPEG_CUSTOM_PATENTED - select FFMPEG_CUSTOM_PARSER_ac3 - -config FFMPEG_CUSTOM_DECODER_alac - bool "ALAC" - -config FFMPEG_CUSTOM_DECODER_amrnb - bool "AMR-NB" - select FFMPEG_CUSTOM_DEMUXER_amr - -config FFMPEG_CUSTOM_DECODER_amrwb - bool "AMR-WB" - select FFMPEG_CUSTOM_DEMUXER_amr - -config FFMPEG_CUSTOM_DECODER_ape - bool "APE" - -config FFMPEG_CUSTOM_DECODER_atrac3 - bool "ATRAC3" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DECODER_flac - bool "FLAC" - select FFMPEG_CUSTOM_PARSER_flac - -config FFMPEG_CUSTOM_DECODER_gif - bool "GIF" - -config FFMPEG_CUSTOM_DECODER_h264 - bool "H.264" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DECODER_hevc - bool "HEVC / H.265 Video" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DECODER_jpegls - bool "JPEG-LS" - -config FFMPEG_CUSTOM_DECODER_mp2 - bool "MP2 (MPEG Audio Layer 2)" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DECODER_mp3 - bool "MP3 (MPEG Audio Layer 2)" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DECODER_mpegvideo - bool "MPEG Video" - -config FFMPEG_CUSTOM_DECODER_mpeg1video - bool "MPEG-1 Video" - -config FFMPEG_CUSTOM_DECODER_mpeg2video - bool "MPEG-2 Video" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DECODER_mpeg4 - bool "MPEG-4" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DECODER_mpc7 - bool "Musepack 7" - select FFMPEG_CUSTOM_DEMUXER_mpc - -config FFMPEG_CUSTOM_DECODER_mpc8 - bool "Musepack 8" - select FFMPEG_CUSTOM_DEMUXER_mpc8 - -config FFMPEG_CUSTOM_DECODER_opus - bool "Opus" - -config FFMPEG_CUSTOM_DECODER_pcm_s16be - bool "PCM signed 16-bit big-endian" - -config FFMPEG_CUSTOM_DECODER_pcm_s16le - bool "PCM signed 16-bit little-endian" - -config FFMPEG_CUSTOM_DECODER_png - bool "PNG" - select FFMPEG_CUSTOM_DECODER_zlib - -config FFMPEG_CUSTOM_DECODER_vc1 - bool "VC-1 / WMV9" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DECODER_vorbis - bool "Vorbis" - select FFMPEG_CUSTOM_DEMUXER_ogg - -config FFMPEG_CUSTOM_DECODER_wavpack - bool "Wavpack" - -config FFMPEG_CUSTOM_DECODER_wmav1 - bool "WMAv1" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DECODER_wmav2 - bool "WMAv2" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DECODER_zlib - bool "Zlib" - -comment "Muxers" - -config FFMPEG_CUSTOM_MUXER_ac3 - bool "AC3" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_MUXER_ffm - bool "FFM (ffserver live feed)" - -config FFMPEG_CUSTOM_MUXER_h264 - bool "H.264 Raw Video" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_MUXER_hevc - bool "HEVC / H265 Raw Video" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_MUXER_mp3 - bool "MP3 (MPEG Audio Layer 3)" - -config FFMPEG_CUSTOM_MUXER_mp4 - bool "MP4" - -config FFMPEG_CUSTOM_MUXER_mpeg1video - bool "MPEG-1 Video" - -config FFMPEG_CUSTOM_MUXER_mpeg2video - bool "MPEG-2 Video" - -config FFMPEG_CUSTOM_MUXER_mpegts - bool "MPEG-2 (TS)" - -config FFMPEG_CUSTOM_MUXER_ogg - bool "Ogg" - -config FFMPEG_CUSTOM_MUXER_rtp - bool "RTP" - -comment "Demuxers" - -config FFMPEG_CUSTOM_DEMUXER_aac - bool "AAC" - -config FFMPEG_CUSTOM_DEMUXER_avi - bool "AVI (Audio Video Interleave)" - -config FFMPEG_CUSTOM_DEMUXER_ac3 - bool "AC3" - -config FFMPEG_CUSTOM_DEMUXER_amr - bool "AMR" - -config FFMPEG_CUSTOM_DEMUXER_ape - bool "APE" - -config FFMPEG_CUSTOM_DEMUXER_flac - bool "FLAC" - -config FFMPEG_CUSTOM_DEMUXER_ffm - bool "FFM (ffserver live feed)" - -config FFMPEG_CUSTOM_DEMUXER_h264 - bool "H.264 Raw Video" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DEMUXER_hevc - bool "HEVC / H265 Raw Video" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DEMUXER_matroska - bool "Matroska (MKA,MKV)" - select FFMPEG_CUSTOM_DECODER_zlib - -config FFMPEG_CUSTOM_DEMUXER_mov - bool "MOV/MP4/M4A/3GP/3G2/MJ2" - select FFMPEG_CUSTOM_DECODER_zlib - -config FFMPEG_CUSTOM_DEMUXER_mp3 - bool "MP3 (MPEG Audio Layer 3)" - select FFMPEG_CUSTOM_PARSER_mpegaudio - -config FFMPEG_CUSTOM_DEMUXER_mpegvideo - bool "MPEG Video" - -config FFMPEG_CUSTOM_DEMUXER_mpegps - bool "MPEG-2 (PS)" - -config FFMPEG_CUSTOM_DEMUXER_mpegts - bool "MPEG-2 (TS)" - -config FFMPEG_CUSTOM_DEMUXER_mpc - bool "Musepack" - -config FFMPEG_CUSTOM_DEMUXER_mpc8 - bool "Musepack 8" - -config FFMPEG_CUSTOM_DEMUXER_ogg - bool "Ogg" - -config FFMPEG_CUSTOM_DEMUXER_rm - bool "RM" - help - RealMedia format demuxer - -config FFMPEG_CUSTOM_DEMUXER_rtsp - bool "RTSP" - select FFMPEG_CUSTOM_DEMUXER_rm - select FFMPEG_CUSTOM_DEMUXER_sdp - select FFMPEG_CUSTOM_DEMUXER_rtp - -config FFMPEG_CUSTOM_DEMUXER_sdp - bool "SDP" - select FFMPEG_CUSTOM_DEMUXER_mpegts - -config FFMPEG_CUSTOM_DEMUXER_rtp - bool "RTP" - -config FFMPEG_CUSTOM_DEMUXER_vc1 - bool "VC-1 / WMV9 Raw Video" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_DEMUXER_wav - bool "WAV" - -config FFMPEG_CUSTOM_DEMUXER_wv - bool "WV" - -comment "Parsers" - -config FFMPEG_CUSTOM_PARSER_aac - bool "AAC (Advanced Audio Coding)" - depends on FFMPEG_CUSTOM_PATENTED - -config FFMPEG_CUSTOM_PARSER_ac3 - bool "AC3" - -config FFMPEG_CUSTOM_PARSER_flac - bool "FLAC" - -config FFMPEG_CUSTOM_PARSER_h264 - bool "H.264" - depends on FFMPEG_CUSTOM_PATENTED - select FFMPEG_CUSTOM_DECODER_h264 - -config FFMPEG_CUSTOM_PARSER_hevc - bool "HEVC / H265" - depends on FFMPEG_CUSTOM_PATENTED - select FFMPEG_CUSTOM_DECODER_hevc - -config FFMPEG_CUSTOM_PARSER_mpegaudio - bool "MPEG Audio" - -config FFMPEG_CUSTOM_PARSER_mpegvideo - bool "MPEG Video" - -config FFMPEG_CUSTOM_PARSER_mpeg4video - bool "MPEG-4 Video" - -config FFMPEG_CUSTOM_PARSER_opus - bool "Opus" - -config FFMPEG_CUSTOM_PARSER_vc1 - bool "VC-1 / WMV9" - depends on FFMPEG_CUSTOM_PATENTED - select FFMPEG_CUSTOM_DECODER_vc1 - -comment "Protocols" - -config FFMPEG_CUSTOM_PROTOCOL_file - bool "file:" - -config FFMPEG_CUSTOM_PROTOCOL_http - bool "http:" - -config FFMPEG_CUSTOM_PROTOCOL_icecast - bool "icecast:" - select FFMPEG_CUSTOM_PROTOCOL_http - -config FFMPEG_CUSTOM_PROTOCOL_pipe - bool "pipe:" - -config FFMPEG_CUSTOM_PROTOCOL_rtp - bool "rtp:" - select FFMPEG_CUSTOM_PROTOCOL_udp - -config FFMPEG_CUSTOM_PROTOCOL_tcp - bool "tcp:" - -config FFMPEG_CUSTOM_PROTOCOL_udp - bool "udp:" - - -endif diff --git a/multimedia/ffmpeg/Makefile b/multimedia/ffmpeg/Makefile deleted file mode 100644 index f874014..0000000 --- a/multimedia/ffmpeg/Makefile +++ /dev/null @@ -1,645 +0,0 @@ -# -# Copyright (C) 2006-2017 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=ffmpeg -PKG_VERSION:=3.2.2 -PKG_RELEASE:=1 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=https://ffmpeg.org/releases/ -PKG_MD5SUM:=e34d1b92c5d844f2a3611c741a6dba18 -PKG_HASH:=3f01bd1fe1a17a277f8c84869e5d9192b4b978cb660872aa2b54c3cc8a2fedfc -PKG_MAINTAINER:=Ted Hess - -PKG_LICENSE:=LGPL-2.1+ GPL-2+ LGPL-3 -PKG_LICENSE_FILES:=COPYING.GPLv2 COPYING.GPLv3 COPYING.LGPLv2.1 COPYING.LGPLv3 - -FFMPEG_CUSTOM_ENCODERS:= \ - ac3 \ - jpegls \ - mpeg1video \ - mpeg2video \ - mpeg4 \ - pcm_s16be \ - pcm_s16le \ - png \ - vorbis \ - zlib \ - -FFMPEG_CUSTOM_DECODERS:= \ - aac \ - ac3 \ - alac \ - amrnb \ - amrwb \ - ape \ - atrac3 \ - flac \ - gif \ - h264 \ - hevc \ - jpegls \ - mp2 \ - mp3 \ - mpeg1video \ - mpeg2video \ - mpeg4 \ - mpegvideo \ - mpc7 \ - mpc8 \ - pcm_s16be \ - pcm_s16le \ - png \ - vc1 \ - vorbis \ - wavpack \ - wmav1 \ - wmav2 \ - zlib \ - -FFMPEG_CUSTOM_MUXERS:= \ - ac3 \ - ffm \ - h264 \ - hevc \ - mp3 \ - mp4 \ - mpeg1video \ - mpeg2video \ - mpegts \ - ogg \ - rtp \ - -FFMPEG_CUSTOM_DEMUXERS:= \ - aac \ - ac3 \ - amr \ - ape \ - avi \ - flac \ - ffm \ - h264 \ - hevc \ - matroska \ - mov \ - mp3 \ - mpegps \ - mpegts \ - mpegvideo \ - mpc \ - mpc8 \ - ogg \ - rm \ - rtsp \ - rtp \ - sdp \ - v4l2 \ - vc1 \ - wav \ - wv \ - -FFMPEG_CUSTOM_PARSERS:= \ - aac \ - flac \ - ac3 \ - h264 \ - hevc \ - mpegaudio \ - mpeg4video \ - mpegvideo \ - vc1 \ - -FFMPEG_CUSTOM_PROTOCOLS:= \ - file http icecast pipe rtp tcp udp - -FFMPEG_MINI_DECODERS:= \ - aac \ - ac3 \ - flac \ - h264 \ - hevc \ - jpegls \ - mp3 \ - mpeg1video \ - mpeg2video \ - mpeg4 \ - mpegvideo \ - opus \ - png \ - vc1 \ - vorbis \ - wmav1 \ - wmav2 \ - -FFMPEG_MINI_DEMUXERS:= \ - avi \ - flac \ - matroska \ - mov \ - mp3 \ - mpegts \ - mpegvideo \ - ogg \ - -FFMPEG_MINI_PROTOCOLS:= \ - file \ - -FFMPEG_AUDIO_DECODERS:= \ - aac \ - aac_latm \ - ac3 \ - adpcm_* \ - alac \ - amrnb \ - amrwb \ - ape \ - atrac3 \ - flac \ - mp2 \ - mp3* \ - mpc7 \ - mpc8 \ - opus \ - pcm_* \ - vorbis \ - wavpack \ - wmav1 \ - wmav2 \ - wmalossless \ - wmapro \ - zlib \ - -FFMPEG_AUDIO_DEMUXERS:= \ - aac \ - ac3 \ - aiff \ - amr \ - ape \ - avi \ - flac \ - ffm \ - matroska \ - mp3 \ - mov \ - mpc \ - mpc8 \ - mpegts \ - ogg \ - rm \ - rtsp \ - rtp \ - sdp \ - wav \ - wv \ - -FFMPEG_AUDIO_PARSERS:= \ - aac \ - aac_latm \ - ac3 \ - flac \ - mpegaudio \ - opus \ - -FFMPEG_AUDIO_PROTOCOLS:= \ - file http icecast rtp tcp udp - - -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) - -PKG_CONFIG_DEPENDS:= \ - $(patsubst %,CONFIG_FFMPEG_CUSTOM_ENCODER_%,$(FFMPEG_CUSTOM_ENCODERS)) \ - $(patsubst %,CONFIG_FFMPEG_CUSTOM_DECODER_%,$(FFMPEG_CUSTOM_DECODERS)) \ - $(patsubst %,CONFIG_FFMPEG_CUSTOM_MUXER_%,$(FFMPEG_CUSTOM_DEMUXERS)) \ - $(patsubst %,CONFIG_FFMPEG_CUSTOM_DEMUXER_%,$(FFMPEG_CUSTOM_DEMUXERS)) \ - $(patsubst %,CONFIG_FFMPEG_CUSTOM_PARSER_%,$(FFMPEG_CUSTOM_PARSERS)) \ - $(patsubst %,CONFIG_FFMPEG_CUSTOM_PROTOCOL_%,$(FFMPEG_CUSTOM_PROTOCOLS)) - -include $(INCLUDE_DIR)/package.mk - -define Package/ffmpeg/Default - TITLE:=FFmpeg - URL:=http://ffmpeg.mplayerhq.hu/ -endef - -define Package/ffmpeg/Default/description - FFmpeg is a a software package that can record, convert and stream digital - audio and video in numerous formats. -endef - - -define Package/ffmpeg -$(call Package/ffmpeg/Default) - SECTION:=multimedia - CATEGORY:=Multimedia - TITLE+= program - DEPENDS+= +libpthread +libffmpeg-full - VARIANT:=full -endef - -define Package/ffmpeg/description -$(call Package/ffmpeg/Default/description) - . - This package contains the FFmpeg command line tool. -endef - - -define Package/ffprobe -$(call Package/ffmpeg/Default) - SECTION:=multimedia - CATEGORY:=Multimedia - TITLE+= CLI media identifier - DEPENDS+= +libffmpeg-full - VARIANT:=full -endef - -define Package/ffprobe/description -$(call Package/ffmpeg/Default/description) - . - This package contains the FFprobe command line tool. -endef - - -define Package/ffserver -$(call Package/ffserver/Default) - SECTION:=multimedia - CATEGORY:=Multimedia - TITLE+= streaming server - DEPENDS+= +libpthread +libffmpeg-full - VARIANT:=full -endef - -define Package/ffserver/description -$(call Package/ffmpeg/Default/description) - . - This package contains the FFmpeg streaming server. -endef - -define Package/libffmpeg/Default -$(call Package/ffmpeg/Default) - SECTION:=libs - CATEGORY:=Libraries - TITLE+= libraries - DEPENDS+= @BUILD_PATENTED +libpthread +zlib +libbz2 - PROVIDES:= libffmpeg -endef - - -define Package/libffmpeg-custom -$(call Package/libffmpeg/Default) - TITLE+= (custom) - DEPENDS+= +FFMPEG_CUSTOM_SELECT_libopus:libopus \ - +PACKAGE_libx264:libx264 +PACKAGE_lame-lib:lame-lib - - VARIANT:=custom - MENU:=1 -endef - -define Package/libffmpeg-custom/config -source "$(SOURCE)/Config.in" -endef - -define Package/libffmpeg-custom/description -$(call Package/ffmpeg/Default/description) - . - This package contains customized FFmpeg shared libraries. -endef - - -define Package/libffmpeg-audio-dec -$(call Package/libffmpeg/Default) - TITLE+= (audio) - VARIANT:=audio-dec -endef - -define Package/libffmpeg-audio-dec/description -$(call Package/ffmpeg/Default/description) - . - This package contains FFmpeg shared libraries for audio decoding -endef - - -define Package/libffmpeg-full -$(call Package/libffmpeg/Default) - TITLE+= (full) - DEPENDS+= +alsa-lib +PACKAGE_libx264:libx264 +PACKAGE_lame-lib:lame-lib +libopus - VARIANT:=full -endef - -define Package/libffmpeg-full/description -$(call Package/ffmpeg/Default/description) - . - This package contains full-featured FFmpeg shared libraries. -endef - - -define Package/libffmpeg-mini -$(call Package/libffmpeg/Default) - TITLE+= (mini) - VARIANT:=mini -endef - -define Package/libffmpeg-mini/description -$(call Package/ffmpeg/Default/description) - . - This package contains minimal-featured FFmpeg shared libraries. -endef - - -FFMPEG_CONFIGURE:= \ - CFLAGS="$(TARGET_CFLAGS) $(TARGET_CPPFLAGS) $(FPIC)" \ - LDFLAGS="$(TARGET_LDFLAGS)" \ - ./configure \ - --enable-cross-compile \ - --cross-prefix="$(TARGET_CROSS)" \ - --arch="$(ARCH)" \ - --target-os=linux \ - --prefix="/usr" \ - --pkg-config="pkg-config" \ - --enable-shared \ - --enable-static \ - --enable-small \ - --enable-pthreads \ - --enable-zlib \ - --disable-doc \ - --disable-debug \ - \ - --enable-gpl \ - --enable-version3 \ - \ - --disable-dxva2 \ - --disable-lzma \ - --disable-vaapi \ - --disable-vda \ - --disable-vdpau \ - --disable-outdevs - -ifeq ($(CONFIG_SOFT_FLOAT),y) -FFMPEG_CONFIGURE += \ - --disable-altivec \ - --disable-vsx \ - --disable-power8 \ - --disable-amd3dnow \ - --disable-amd3dnowext \ - --disable-mmx \ - --disable-mmxext \ - --disable-sse \ - --disable-sse2 \ - --disable-sse3 \ - --disable-ssse3 \ - --disable-sse4 \ - --disable-sse42 \ - --disable-avx \ - --disable-xop \ - --disable-fma3 \ - --disable-fma4 \ - --disable-avx2 \ - --disable-aesni \ - --disable-armv5te \ - --disable-armv6 \ - --disable-armv6t2 \ - --disable-inline-asm \ - --disable-mipsdsp \ - --disable-mipsdspr2 \ - --disable-mipsfpu \ - --disable-msa \ - --disable-mmi \ - --disable-fast-unaligned \ - --disable-runtime-cpudetect - -else ifneq ($(findstring arm,$(CONFIG_ARCH)),) -FFMPEG_CONFIGURE += \ - --disable-runtime-cpudetect -else ifneq ($(findstring powerpc,$(CONFIG_ARCH)),) -FFMPEG_CONFIGURE += \ - --disable-altivec -endif - -ifneq ($(CONFIG_YASM),y) -FFMPEG_CONFIGURE += \ - --disable-yasm - -endif - -#selectibly disable optimizations according to arch/cpu type -ifneq ($(findstring arm,$(CONFIG_ARCH)),) - ifeq (,$(findstring vfp,$(CONFIG_TARGET_OPTIMIZATION))) - FFMPEG_CONFIGURE+= \ - --disable-vfp - endif - ifeq (,$(findstring neon,$(CONFIG_TARGET_OPTIMIZATION))) - FFMPEG_CONFIGURE+= \ - --disable-neon - endif - -endif - -ifeq ($(BUILD_VARIANT),full) - FFMPEG_CONFIGURE+= \ - --enable-libopus --enable-decoder=libopus \ - $(if $(CONFIG_PACKAGE_libx264),--enable-libx264) \ - $(if $(CONFIG_PACKAGE_lame-lib),--enable-libmp3lame) -endif - -ifeq ($(BUILD_VARIANT),custom) - - FFMPEG_ENABLE= \ - $(foreach c, $(2), \ - $(if $($(3)_$(c)),--enable-$(1)="$(c)") \ - ) - - FFMPEG_CONFIGURE+= \ - --disable-programs \ - --disable-avfilter \ - --disable-postproc \ - --disable-swresample \ - --disable-swscale \ - --disable-everything \ - $(call FFMPEG_ENABLE,encoder,$(FFMPEG_CUSTOM_ENCODERS),CONFIG_FFMPEG_CUSTOM_ENCODER) \ - $(call FFMPEG_ENABLE,decoder,$(FFMPEG_CUSTOM_DECODERS),CONFIG_FFMPEG_CUSTOM_DECODER) \ - $(call FFMPEG_ENABLE,muxer,$(FFMPEG_CUSTOM_MUXERS),CONFIG_FFMPEG_CUSTOM_MUXER) \ - $(call FFMPEG_ENABLE,demuxer,$(FFMPEG_CUSTOM_DEMUXERS),CONFIG_FFMPEG_CUSTOM_DEMUXER) \ - $(call FFMPEG_ENABLE,parser,$(FFMPEG_CUSTOM_PARSERS),CONFIG_FFMPEG_CUSTOM_PARSER) \ - $(call FFMPEG_ENABLE,protocol,$(FFMPEG_CUSTOM_PROTOCOLS),CONFIG_FFMPEG_CUSTOM_PROTOCOL) \ - -ifeq ($(CONFIG_FFMPEG_CUSTOM_SELECT_adpcm),y) - FFMPEG_CONFIGURE+= \ - --enable-decoder=adpcm_ima_wav \ - --enable-decoder=adpcm_ima_qt \ - --enable-decoder=adpcm_ms \ - -endif - -ifeq ($(CONFIG_FFMPEG_CUSTOM_SELECT_libopus),y) - FFMPEG_CONFIGURE+= \ - --enable-libopus --enable-decoder=libopus -endif - -ifeq ($(CONFIG_FFMPEG_CUSTOM_SELECT_x264),y) - FFMPEG_CONFIGURE+= \ - --enable-libx264 -endif - -ifeq ($(CONFIG_FFMPEG_CUSTOM_SELECT_mp3lame),y) - FFMPEG_CONFIGURE+= \ - --enable-libmp3lame -endif - -endif - -ifeq ($(BUILD_VARIANT),audio-dec) - - FFMPEG_ENABLE= \ - $(foreach c, $(2), \ - --enable-$(1)="$(c)" \ - ) - - FFMPEG_CONFIGURE+= \ - --disable-programs \ - --disable-avfilter \ - --disable-postproc \ - --disable-swresample \ - --disable-swscale \ - --disable-everything \ - $(call FFMPEG_ENABLE,decoder,$(FFMPEG_AUDIO_DECODERS)) \ - $(call FFMPEG_ENABLE,demuxer,$(FFMPEG_AUDIO_DEMUXERS)) \ - $(call FFMPEG_ENABLE,parser,$(FFMPEG_AUDIO_PARSERS)) \ - $(call FFMPEG_ENABLE,protocol,$(FFMPEG_AUDIO_PROTOCOLS)) \ - --disable-decoder=pcm_bluray,pcm_dvd \ - -endif - -ifeq ($(BUILD_VARIANT),mini) - - FFMPEG_ENABLE= \ - $(foreach c, $(2), \ - --enable-$(1)="$(c)" \ - ) - - FFMPEG_CONFIGURE+= \ - --disable-programs \ - --disable-avdevice \ - --disable-avfilter \ - --disable-postproc \ - --disable-swresample \ - --disable-swscale \ - --disable-everything \ - $(call FFMPEG_ENABLE,decoder,$(FFMPEG_MINI_DECODERS)) \ - $(call FFMPEG_ENABLE,demuxer,$(FFMPEG_MINI_DEMUXERS)) \ - $(call FFMPEG_ENABLE,protocol,$(FFMPEG_MINI_PROTOCOLS)) \ - -endif - -ifneq ($(CONFIG_TARGET_x86),) - TARGET_CFLAGS += -fomit-frame-pointer -endif - -define Build/Configure - ( cd $(PKG_BUILD_DIR); $(FFMPEG_CONFIGURE) ) -endef - -define Build/Compile - $(MAKE) -C $(PKG_BUILD_DIR) \ - DESTDIR="$(PKG_INSTALL_DIR)" \ - all install -endef - -define Build/InstallDev/custom - $(INSTALL_DIR) $(1)/usr/include - $(CP) $(PKG_INSTALL_DIR)/usr/include/lib{avcodec,avdevice,avformat,avutil} $(1)/usr/include/ - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avdevice,avformat,avutil}.{a,so*} $(1)/usr/lib/ - $(INSTALL_DIR) $(1)/usr/lib/pkgconfig - $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/lib{avcodec,avdevice,avformat,avutil}.pc $(1)/usr/lib/pkgconfig/ -endef - -define Build/InstallDev/full - $(INSTALL_DIR) $(1)/usr/include - $(CP) $(PKG_INSTALL_DIR)/usr/include/lib{avcodec,avdevice,avfilter,avformat,avutil,postproc,swresample,swscale} $(1)/usr/include/ - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avdevice,avfilter,avformat,avutil,postproc,swresample,swscale}.{a,so*} $(1)/usr/lib/ - $(INSTALL_DIR) $(1)/usr/lib/pkgconfig - $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/lib{avcodec,avdevice,avfilter,avformat,avutil,postproc,swresample,swscale}.pc $(1)/usr/lib/pkgconfig/ -endef - -define Build/InstallDev/mini - $(INSTALL_DIR) $(1)/usr/include - $(CP) $(PKG_INSTALL_DIR)/usr/include/lib{avcodec,avformat,avutil} $(1)/usr/include/ - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avformat,avutil}.{a,so*} $(1)/usr/lib/ - $(INSTALL_DIR) $(1)/usr/lib/pkgconfig - $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/lib{avcodec,avformat,avutil}.pc $(1)/usr/lib/pkgconfig/ -endef - -Build/InstallDev/audio-dec = $(Build/InstallDev/custom) - -# XXX: attempt at installing "best" dev files available -ifeq ($(BUILD_VARIANT),custom) - # XXX: only install "custom" dev files if -full & -mini are not selected - ifeq ($(CONFIG_PACKAGE_libffmpeg-full)$(CONFIG_PACKAGE_libffmpeg-mini),) - Build/InstallDev = $(Build/InstallDev/custom) - endif -endif -ifeq ($(BUILD_VARIANT),audio-dec) - # XXX: only install "audio-dec" dev files if -full & -mini are not selected - ifeq ($(CONFIG_PACKAGE_libffmpeg-full)$(CONFIG_PACKAGE_libffmpeg-mini),) - Build/InstallDev = $(Build/InstallDev/audio-dec) - endif -endif -ifeq ($(BUILD_VARIANT),full) - # XXX: always install "full" dev files if -full is selected - Build/InstallDev = $(Build/InstallDev/full) -endif -ifeq ($(BUILD_VARIANT),mini) - # XXX: only install "mini" dev files if -full is not selected - ifeq ($(CONFIG_PACKAGE_libffmpeg-full),) - Build/InstallDev = $(Build/InstallDev/mini) - endif -endif - -define Package/ffmpeg/install - $(INSTALL_DIR) $(1)/usr/bin - $(CP) $(PKG_INSTALL_DIR)/usr/bin/ffmpeg $(1)/usr/bin/ -endef - -define Package/ffprobe/install - $(INSTALL_DIR) $(1)/usr/bin - $(CP) $(PKG_INSTALL_DIR)/usr/bin/ffprobe $(1)/usr/bin/ -endef - -define Package/ffserver/install - $(INSTALL_DIR) $(1)/usr/bin - $(CP) $(PKG_INSTALL_DIR)/usr/bin/ffserver $(1)/usr/bin/ -endef - -define Package/libffmpeg-custom/install - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avdevice,avformat,avutil}.so.* $(1)/usr/lib/ -endef - -define Package/libffmpeg-full/install - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avdevice,avfilter,avformat,avutil,postproc,swresample,swscale}.so.* $(1)/usr/lib/ -endef - -define Package/libffmpeg-mini/install - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{avcodec,avformat,avutil}.so.* $(1)/usr/lib/ -endef - -Package/libffmpeg-audio-dec/install = $(Package/libffmpeg-custom/install) - -$(eval $(call BuildPackage,ffmpeg)) -$(eval $(call BuildPackage,ffprobe)) -$(eval $(call BuildPackage,ffserver)) -$(eval $(call BuildPackage,libffmpeg-audio-dec)) -$(eval $(call BuildPackage,libffmpeg-full)) -$(eval $(call BuildPackage,libffmpeg-mini)) -ifneq ($(CONFIG_ALL),y) - $(eval $(call BuildPackage,libffmpeg-custom)) -endif diff --git a/multimedia/gst1-plugins-bad/Makefile b/multimedia/gst1-plugins-bad/Makefile deleted file mode 100644 index a284145..0000000 --- a/multimedia/gst1-plugins-bad/Makefile +++ /dev/null @@ -1,277 +0,0 @@ -# -# Copyright (C) 2011-2016 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=gst1-plugins-bad -PKG_VERSION:=1.8.2 -PKG_RELEASE:=1 - -PKG_MAINTAINER:=W. Michael Petullo \ - Ted Hess - -PKG_LICENSE:=LGPLv2 GPLv2 -PKG_LICENSE_FILES:=COPYING.LIB COPYING - -PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-bad-$(PKG_VERSION) -PKG_SOURCE:=gst-plugins-bad-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gst-plugins-bad/ -PKG_MD5SUM:=d7995317530c8773ec088f94d9320909d41da61996b801ebacce9a56af493f97 - -PKG_BUILD_DEPENDS:= libgstreamer1 gstreamer1-plugins-base - -PKG_FIXUP:=autoreconf -PKG_INSTALL:=1 - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/nls.mk - -GST_BAD_LIBS:= -GST_BAD_MODULES:= - -define Package/gstreamer1-bad/Default - CATEGORY:=Multimedia - SECTION:=multimedia - TITLE:=GStreamer - URL:=http://gstreamer.freedesktop.org/ - DEPENDS:= +libgstreamer1 $(ICONV_DEPENDS) -endef - -define Package/gstreamer1-bad/description/Default - GStreamer open source multimedia framework -endef - - -define Package/gst1-plugins-bad -$(call Package/gstreamer1-bad/Default) - TITLE+= plugins collection (bad) - DEPENDS+= $(GST_DEPENDS) - HIDDEN:=1 -endef - -define Package/gts1-plugins-bad/description -$(call Package/gstreamer1-bad/description/Default) - . - This meta package contains only dependencies to the other plugins from - the bad plugins collection. -endef - -define Package/gstreamer1-plugins-bad - $(call Package/gstreamer1-bad/Default) - TITLE+= plugins collection (bad) - DEPENDS:=+ALL:gst1-plugins-bad +gstreamer1-plugins-base -endef - -define Package/gstreamer1-plugins-bad/config - menu "Select GStreamer bad modules and libraries" - depends on PACKAGE_gstreamer1-plugins-bad - - - config gst1-plugins-bad-all - bool "Include all GStreamer bad plugins" - select PACKAGE_gst1-plugins-bad - - comment "Modules" - - $(foreach mod,$(GST_BAD_MODULES), \ - config PACKAGE_gst1-mod-$(mod) - prompt "GStreamer $(mod) module" - - ) - - comment "Libraries" - - $(foreach lib,$(GST_BAD_LIBS), \ - config PACKAGE_libgst1$(lib) - prompt "GStreamer $(lib) library" - - ) - - endmenu - -endef - -GST_VERSION:=1.0 - -CONFIGURE_ARGS += \ - --disable-debug \ - --disable-examples \ - --disable-nls \ - \ - --disable-directsound \ - --disable-directdraw \ - --disable-osx_video \ - --disable-quicktime \ - --disable-vcd \ - --disable-assrender \ - --disable-apexsink \ - --disable-bz2 \ - --disable-dc1394 \ - --disable-directfb \ - --disable-dts \ - --disable-resindvd \ - --disable-faac \ - --disable-faad \ - --disable-flite \ - --disable-gsm \ - --disable-kate \ - --disable-ladspa \ - --disable-lv2 \ - --disable-modplug \ - --disable-mimic \ - --disable-libmms \ - --disable-mpeg2enc \ - --disable-mplex \ - --disable-musepack \ - --disable-mythtv \ - --disable-nas \ - --disable-neon \ - --disable-ofa \ - --disable-rsvg \ - --disable-timidity \ - --disable-wildmidi \ - --disable-sdl \ - --disable-sdltest \ - --disable-sndfile \ - --disable-soundtouch \ - --disable-spc \ - --disable-gme \ - --disable-xvid \ - --disable-dvb \ - --disable-wininet \ - --disable-acm \ - --disable-vdpau \ - --disable-schro \ - --disable-zbar \ - --disable-srtp \ - \ - --without-libiconv-prefix \ - --without-libintl-prefix \ - --with-libgcrypt-prefix="$(STAGING_DIR)/usr" \ - --without-x \ - -TARGET_CFLAGS+= -std=gnu99 - -EXTRA_LDFLAGS+= \ - -Wl,-rpath-link=$(STAGING_DIR)/usr/lib \ - $(if $(ICONV_FULL),-liconv) \ - - -define Package/gst1-plugins-bad/install - /bin/true -endef - -# 1: short name -# 2: description -# 3: dependencies on other gstreamer libraries (short name) -# 4: dependencies on other packages -define GstBuildLibrary - - GST_DEPENDS += +libgst1$(1) - - GST_BAD_LIBS+= $(1) - define Package/libgst1$(1) - $(call Package/gstreamer1-bad/Default) - TITLE+= $(2) library (base) - DEPENDS+= $$(foreach p,$(3),+libgst1$$(p)) $(4) - HIDDEN:=1 - endef - - define Package/libgst1$(1)/description - $(call Package/gstreamer1-bad/description/Default) - . - This package contains the GStreamer $(2) library. - endef - - define Package/libgst1$(1)/install - $(INSTALL_DIR) $$(1)/usr/lib - ( cd $(PKG_INSTALL_DIR); $(CP) \ - ./usr/lib/libgst$(1)-$(GST_VERSION).so.* \ - $$(1)/usr/lib/ \ - ) - endef - - $$(eval $$(call BuildPackage,libgst1$(1))) -endef - -$(eval $(call GstBuildLibrary,adaptivedemux,adaptivedemux,app uridownloader,)) -$(eval $(call GstBuildLibrary,photography,photography,,)) -$(eval $(call GstBuildLibrary,basecamerabinsrc,basecamerabinsrc,app,)) -$(eval $(call GstBuildLibrary,uridownloader,uridownloader,,)) -$(eval $(call GstBuildLibrary,badbase,badbase,,)) - -# 1: short name -# 2: description -# 3: dependencies on other gstreamer libraries (short name) -# 4: dependencies on other gstreamer plugins (short name) -# 5: dependencies on other packages -define GstBuildPlugin - - GST_DEPENDS += +gst1-mod-$(1) - - GST_BAD_MODULES+= $(1) - - define Package/gst1-mod-$(1) - $(call Package/gstreamer1-bad/Default) - TITLE+= $(2) plugin (bad) - DEPENDS+= $$(foreach p,$(3),+libgst1$$(p)) $$(foreach p,$(4),+gst1-mod-$$(p)) $(5) - HIDDEN:=1 - endef - - define Package/gst1-mod-$(1)/description - $(call Package/gstreamer1-bad/description/Default) - . - This package contains the GStreamer $(2) plugin. - endef - - define Package/gst1-mod-$(1)/install - $(INSTALL_DIR) $$(1)/usr/lib/gstreamer-$(GST_VERSION) - ( cd $(PKG_INSTALL_DIR); $(CP) \ - ./usr/lib/gstreamer-$(GST_VERSION)/libgst$(1).so* \ - $$(1)/usr/lib/gstreamer-$(GST_VERSION)/ \ - ) - endef - - $$(eval $$(call BuildPackage,gst1-mod-$(1))) -endef - -$(eval $(call GstBuildPlugin,adpcmdec,adpcm decoding support,audio,,)) -$(eval $(call GstBuildPlugin,adpcmenc,adpcm encoding support,audio,,)) -$(eval $(call GstBuildPlugin,aiff,aiff support,audio tag,,)) -$(eval $(call GstBuildPlugin,asfmux,asf muxing support,rtp,,)) -$(eval $(call GstBuildPlugin,autoconvert,autoconvert support,,,)) -$(eval $(call GstBuildPlugin,bayer,bayer support,video,,)) -$(eval $(call GstBuildPlugin,camerabin2,camerabin support,basecamerabinsrc photography pbutils app,,)) -$(eval $(call GstBuildPlugin,dataurisrc,dataurisrc support,,,)) -$(eval $(call GstBuildPlugin,debugutilsbad,debugutils support,video,,)) -$(eval $(call GstBuildPlugin,dvdspu,dvdspu support,video,,)) -$(eval $(call GstBuildPlugin,fbdevsink,fbdev support,video,,)) -$(eval $(call GstBuildPlugin,festival,festival support,audio,,)) -$(eval $(call GstBuildPlugin,hls,HLS support,pbutils adaptivedemux,multifile,+libnettle)) -$(eval $(call GstBuildPlugin,frei0r,frei0r support,controller video,,)) -$(eval $(call GstBuildPlugin,id3tag,id3tag support,tag,,)) -$(eval $(call GstBuildPlugin,jpegformat,jpegformat support,tag,,)) -$(eval $(call GstBuildPlugin,mpegpsdemux,mpegpsdemux support,pbutils,,)) -$(eval $(call GstBuildPlugin,mpegpsmux,mpegpsmux support,,,)) -#$(eval $(call GstBuildPlugin,mpegtsdemux,mpegtsdemux support,mpegts pbutils,,)) -#$(eval $(call GstBuildPlugin,mpegtsmux,mpegtsmux support,video,,)) -$(eval $(call GstBuildPlugin,mxf,mxf support,badbase audio video,,)) -$(eval $(call GstBuildPlugin,opusparse,OPUS streams library,pbutils,,+libopus)) -$(eval $(call GstBuildPlugin,pcapparse,pcapparse support,,,)) -$(eval $(call GstBuildPlugin,pnm,pnm support,video,,)) -$(eval $(call GstBuildPlugin,rawparse,rawparse support,audio video,,)) -$(eval $(call GstBuildPlugin,rfbsrc,librfb support,video,,)) -$(eval $(call GstBuildPlugin,sdpelem,sdp support,rtp sdp,,)) -$(eval $(call GstBuildPlugin,segmentclip,segmentclip support,audio,,)) -$(eval $(call GstBuildPlugin,shm,POSIX shared memory source and sink,,,+librt)) -$(eval $(call GstBuildPlugin,siren,siren support,audio rtp,,)) -$(eval $(call GstBuildPlugin,speed,speed support,audio,,)) -$(eval $(call GstBuildPlugin,subenc,subenc support,controller,,)) -#$(eval $(call GstBuildPlugin,srtp,srtp support,rtp,,+libsrtp)) - -$(eval $(call BuildPackage,gstreamer1-plugins-bad)) -$(eval $(call BuildPackage,gst1-plugins-bad)) diff --git a/multimedia/gst1-plugins-bad/patches/001-no-translations.patch b/multimedia/gst1-plugins-bad/patches/001-no-translations.patch deleted file mode 100644 index ee5d05b..0000000 --- a/multimedia/gst1-plugins-bad/patches/001-no-translations.patch +++ /dev/null @@ -1,26 +0,0 @@ ---- a/configure.ac -+++ b/configure.ac -@@ -3717,7 +3717,6 @@ ext/x265/Makefile - ext/xvid/Makefile - ext/zbar/Makefile - ext/dtls/Makefile --po/Makefile.in - docs/Makefile - docs/plugins/Makefile - docs/libs/Makefile ---- a/Makefile.am -+++ b/Makefile.am -@@ -2,11 +2,11 @@ DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-d - - SUBDIRS = \ - gst-libs gst sys ext pkgconfig \ -- m4 common docs tests po tools -+ m4 common docs tests tools - - DIST_SUBDIRS = \ - gst gst-libs sys ext pkgconfig \ -- m4 common docs tests po tools -+ m4 common docs tests tools - - # include before EXTRA_DIST for win32 assignment - include $(top_srcdir)/common/win32.mak diff --git a/multimedia/gst1-plugins-bad/patches/002-no-tests.patch b/multimedia/gst1-plugins-bad/patches/002-no-tests.patch deleted file mode 100644 index 3bef421..0000000 --- a/multimedia/gst1-plugins-bad/patches/002-no-tests.patch +++ /dev/null @@ -1,57 +0,0 @@ ---- a/configure.ac -+++ b/configure.ac -@@ -3617,38 +3617,6 @@ sys/wasapi/Makefile - sys/wininet/Makefile - sys/winks/Makefile - sys/winscreencap/Makefile --tests/Makefile --tests/check/Makefile --tests/files/Makefile --tests/examples/Makefile --tests/examples/avsamplesink/Makefile --tests/examples/camerabin2/Makefile --tests/examples/codecparsers/Makefile --tests/examples/directfb/Makefile --tests/examples/gl/Makefile --tests/examples/gl/cocoa/Makefile --tests/examples/gl/clutter/Makefile --tests/examples/gl/generic/Makefile --tests/examples/gl/generic/cube/Makefile --tests/examples/gl/generic/cubeyuv/Makefile --tests/examples/gl/generic/doublecube/Makefile --tests/examples/gl/generic/recordgraphic/Makefile --tests/examples/gl/gtk/Makefile --tests/examples/gl/gtk/gtkvideooverlay/Makefile --tests/examples/gl/gtk/3dvideo/Makefile --tests/examples/gl/gtk/filternovideooverlay/Makefile --tests/examples/gl/gtk/filtervideooverlay/Makefile --tests/examples/gl/gtk/fxtest/Makefile --tests/examples/gl/gtk/switchvideooverlay/Makefile --tests/examples/gl/qt/Makefile --tests/examples/gl/sdl/Makefile --tests/examples/gtk/Makefile --tests/examples/mpegts/Makefile --tests/examples/mxf/Makefile --tests/examples/opencv/Makefile --tests/examples/uvch264/Makefile --tests/examples/waylandsink/Makefile --tests/icles/Makefile - ext/voamrwbenc/Makefile - ext/voaacenc/Makefile - ext/assrender/Makefile ---- a/Makefile.am -+++ b/Makefile.am -@@ -2,11 +2,11 @@ DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-d - - SUBDIRS = \ - gst-libs gst sys ext pkgconfig \ -- m4 common docs tests tools -+ m4 common docs tools - - DIST_SUBDIRS = \ - gst gst-libs sys ext pkgconfig \ -- m4 common docs tests tools -+ m4 common docs tools - - # include before EXTRA_DIST for win32 assignment - include $(top_srcdir)/common/win32.mak diff --git a/multimedia/gst1-plugins-good/Makefile b/multimedia/gst1-plugins-good/Makefile new file mode 100644 index 0000000..27b4e69 --- /dev/null +++ b/multimedia/gst1-plugins-good/Makefile @@ -0,0 +1,237 @@ +# +# Copyright (C) 2009-2016 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=gst1-plugins-good +PKG_VERSION:=1.8.2 +PKG_RELEASE:=1 + +PKG_MAINTAINER:=W. Michael Petullo \ + Ted Hess + +PKG_LICENSE:=LGPLv2 +PKG_LICENSE_FILES:=COPYING + +PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-good-$(PKG_VERSION) +PKG_SOURCE:=gst-plugins-good-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gst-plugins-good/ +PKG_MD5SUM:=8d7549118a3b7a009ece6bb38a05b66709c551d32d2adfd89eded4d1d7a23944 + +PKG_BUILD_DEPENDS:= libgstreamer1 gstreamer1-plugins-base + +PKG_FIXUP:=autoreconf +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/nls.mk + +GST_GOOD_MODULES:= + +define Package/gstreamer1-good/Default + CATEGORY:=Multimedia + SECTION:=multimedia + TITLE:=GStreamer + URL:=http://gstreamer.freedesktop.org/ + DEPENDS:= +libgstreamer1 $(ICONV_DEPENDS) +endef + +define Package/gstreamer1-good/description/Default + GStreamer open source multimedia framework +endef + + +define Package/gst1-plugins-good +$(call Package/gstreamer1-good/Default) + TITLE+= plugins collection (good) + DEPENDS+= $(GST_DEPENDS) + HIDDEN:=1 +endef + +define Package/gst1-plugins-good/description +$(call Package/gstreamer1-good/description/Default) + . + This meta package contains only dependencies to the other plugins from + the good plugins collection. +endef + + +define Package/gstreamer1-plugins-good + $(call Package/gstreamer1-good/Default) + TITLE+= plugins collection (good) + DEPENDS:=+ALL:gst1-plugins-good +gstreamer1-plugins-base +endef + +define Package/gstreamer1-plugins-good/config + menu "Select GStreamer good modules" + depends on PACKAGE_gstreamer1-plugins-good + + + config gst1-plugins-good-all + bool "Include all GStreamer good plugins" + select PACKAGE_gst1-plugins-good + + comment "Modules" + + $(foreach mod,$(GST_GOOD_MODULES), \ + config PACKAGE_gst1-mod-$(mod) + prompt "GStreamer $(mod) module" + + ) + + endmenu + +endef + +GST_VERSION:=1.0 + +CONFIGURE_ARGS += \ + --disable-debug \ + --disable-examples \ + \ + --disable-aalib \ + --disable-annodex \ + --disable-bz2 \ + --disable-cairo \ + --disable-directsound \ + --disable-dv1394 \ + --disable-esd \ + --disable-gconf \ + --disable-gconftool \ + --disable-gdk_pixbuf \ + --disable-hal \ + --disable-libcaca \ + --disable-libdv \ + --disable-osx_audio \ + --disable-osx_video \ + --disable-pulse \ + --disable-qtdemux \ + --disable-rtspmanager \ + --disable-shout2 \ + --disable-sunaudio \ + --disable-wavpack \ + --disable-x \ + --disable-xshm \ + --disable-xvideo \ + --disable-y4m \ + --disable-zlib \ + \ + --without-libiconv-prefix \ + --without-libintl-prefix \ + --without-x \ + +EXTRA_LDFLAGS+= \ + -Wl,-rpath-link=$(STAGING_DIR)/usr/lib \ + $(if $(ICONV_FULL),-liconv) \ + + +define Package/gst1-plugins-good/install + /bin/true +endef + + +# 1: short name +# 2: description +# 3: dependencies on other gstreamer libraries (short name) +# 4: dependencies on other gstreamer plugins (short name) +# 5: dependencies on other packages +define GstBuildPlugin + + GST_DEPENDS += +gst1-mod-$(1) + + GST_GOOD_MODULES+= $(1) + + define Package/gst1-mod-$(1) + $(call Package/gstreamer1-good/Default) + TITLE+= $(2) plugin (good) + DEPENDS+= $$(foreach p,$(3),+libgst1$$(p)) $$(foreach p,$(4),+gst1-mod-$$(p)) $(5) + HIDDEN:=1 + endef + + define Package/gst1-mod-$(1)/description + $(call Package/gstreamer1-good/description/Default) + . + This package contains the GStreamer $(2) plugin. + endef + + define Package/gst1-mod-$(1)/install + $(INSTALL_DIR) $$(1)/usr/lib/gstreamer-$(GST_VERSION) + ( cd $(PKG_INSTALL_DIR); $(CP) \ + ./usr/lib/gstreamer-$(GST_VERSION)/libgst$(1).so* \ + $$(1)/usr/lib/gstreamer-$(GST_VERSION)/ \ + ) + endef + + $$(eval $$(call BuildPackage,gst1-mod-$(1))) +endef + +#$(eval $(call GstBuildPlugin,1394,IEEE 1394 support,,,)) +$(eval $(call GstBuildPlugin,alaw,alaw codec,audio,,)) +$(eval $(call GstBuildPlugin,alpha,alpha support,video,,)) +$(eval $(call GstBuildPlugin,alphacolor,alphacolor support,video,,)) +$(eval $(call GstBuildPlugin,apetag,apetag support,audio pbutils tag video,,)) +$(eval $(call GstBuildPlugin,audiofx,audio effects,audio fft controller,,)) +$(eval $(call GstBuildPlugin,audioparsers,audioparsers,audio tag pbutils,,)) +$(eval $(call GstBuildPlugin,auparse,auparse,audio tag pbutils,,)) +$(eval $(call GstBuildPlugin,autodetect,format auto-detection,,,)) +$(eval $(call GstBuildPlugin,avi,avi support,audio riff tag video,,)) +$(eval $(call GstBuildPlugin,cutter,audio cutter,audio,,)) +$(eval $(call GstBuildPlugin,debug,debugging,,,)) +$(eval $(call GstBuildPlugin,deinterlace,deinterlace support,video,,)) +$(eval $(call GstBuildPlugin,dtmf,dtmf support,rtp,,)) +#$(eval $(call GstBuildPlugin,dv,dv support,audio tag video,,)) +$(eval $(call GstBuildPlugin,effectv,effectvsupport,video,,)) +$(eval $(call GstBuildPlugin,equalizer,audio equalizer,audio controller,,)) +$(eval $(call GstBuildPlugin,flac,FLAC codec,audio pbutils tag,,+libflac)) +$(eval $(call GstBuildPlugin,flv,flv codec,audio pbutils tag video,,)) +$(eval $(call GstBuildPlugin,flxdec,flx codec,,,)) +#$(eval $(call GstBuildPlugin,gdkpixbuf,gdkpixbuf support,video,,)) +$(eval $(call GstBuildPlugin,goom2k1,goom support,audio video pbutils,,)) +$(eval $(call GstBuildPlugin,goom,goom support,audio video pbutils,,)) +$(eval $(call GstBuildPlugin,icydemux,icy demuxer,audio tag,,)) +$(eval $(call GstBuildPlugin,id3demux,ID3v1/v2 demuxer,pbutils tag,,)) +$(eval $(call GstBuildPlugin,imagefreeze,imagefreeze support,,,)) +$(eval $(call GstBuildPlugin,interleave,audio interleave,audio,,)) +$(eval $(call GstBuildPlugin,isomp4,isomp4 support,audio pbutils riff rtp tag video,,)) +#$(eval $(call GstBuildPlugin,jack,jack support,audio,,)) +$(eval $(call GstBuildPlugin,jpeg,jpeg support,video,,+libjpeg)) +$(eval $(call GstBuildPlugin,level,audio level,audio,,)) +$(eval $(call GstBuildPlugin,matroska,matroska support,audio pbutils riff tag video,,)) +$(eval $(call GstBuildPlugin,mulaw,mulaw support,audio,,)) +$(eval $(call GstBuildPlugin,multifile,multiple files access,video,,)) +$(eval $(call GstBuildPlugin,multipart,multipart stream handling,,,)) +$(eval $(call GstBuildPlugin,navigationtest,navigationtest support,video,,)) +$(eval $(call GstBuildPlugin,oss4audio,OSS 4 audio support,audio tag,,)) +$(eval $(call GstBuildPlugin,ossaudio,OSS audio support,audio,,)) +$(eval $(call GstBuildPlugin,png,png support,video,,+libpng)) +#$(eval $(call GstBuildPlugin,pulse,pulse support,audio pbutils tag video,,)) +$(eval $(call GstBuildPlugin,replaygain,volume normalization,pbutils,,)) +$(eval $(call GstBuildPlugin,rtpmanager,RTP manager,audio net rtp tag pbutils video,,)) +$(eval $(call GstBuildPlugin,rtp,RTP,audio rtp tag pbutils video,,)) +$(eval $(call GstBuildPlugin,rtsp,RTSP,net rtp rtsp sdp,,)) +$(eval $(call GstBuildPlugin,shapewipe,shapewipe support,video,,)) +#$(eval $(call GstBuildPlugin,shout2,shout2 support,,,)) +$(eval $(call GstBuildPlugin,smpte,smpte support,video,,)) +$(eval $(call GstBuildPlugin,souphttpsrc,soup input,audio tag,,+libsoup)) +$(eval $(call GstBuildPlugin,spectrum,spectrum data output,audio fft,,)) +#$(eval $(call GstBuildPlugin,speex,speex support,audio tag,,)) +#$(eval $(call GstBuildPlugin,sty4menc,sty4menc support,video,,)) +#$(eval $(call GstBuildPlugin,taglib,taglib support,tag,,)) +$(eval $(call GstBuildPlugin,udp,UDP,net,,)) +$(eval $(call GstBuildPlugin,video4linux2,video4linux2 support,video allocators,,+libv4l)) +$(eval $(call GstBuildPlugin,videobox,videobox support,video,,)) +$(eval $(call GstBuildPlugin,videocrop,videocrop support,video,,)) +$(eval $(call GstBuildPlugin,videofilter,videofilter support,video,,)) +$(eval $(call GstBuildPlugin,videomixer,videomixer support,video,,)) +$(eval $(call GstBuildPlugin,vpx,vpx support,tag video,,+libvpx)) +$(eval $(call GstBuildPlugin,wavenc,Wav encoder,riff,,)) +#$(eval $(call GstBuildPlugin,wavpack,Wav packer,audio riff tag,,)) +$(eval $(call GstBuildPlugin,wavparse,Wav parser,audio riff tag,,)) +#$(eval $(call GstBuildPlugin,ximagesrc,ximagesrc support,video,,)) + +$(eval $(call BuildPackage,gstreamer1-plugins-good)) +$(eval $(call BuildPackage,gst1-plugins-good)) diff --git a/multimedia/gst1-plugins-good/patches/001-no-translations.patch b/multimedia/gst1-plugins-good/patches/001-no-translations.patch new file mode 100644 index 0000000..1411875 --- /dev/null +++ b/multimedia/gst1-plugins-good/patches/001-no-translations.patch @@ -0,0 +1,20 @@ +--- a/configure.ac ++++ b/configure.ac +@@ -1049,7 +1049,6 @@ sys/sunaudio/Makefile + sys/v4l2/Makefile + sys/waveform/Makefile + sys/ximage/Makefile +-po/Makefile.in + tests/Makefile + tests/check/Makefile + tests/examples/Makefile +--- a/Makefile.am ++++ b/Makefile.am +@@ -4,7 +4,6 @@ ALWAYS_SUBDIRS = \ + gst sys ext \ + tests \ + docs \ +- po \ + common \ + m4 \ + pkgconfig diff --git a/multimedia/gst1-plugins-good/patches/002-no-tests.patch b/multimedia/gst1-plugins-good/patches/002-no-tests.patch new file mode 100644 index 0000000..b7a7dc7 --- /dev/null +++ b/multimedia/gst1-plugins-good/patches/002-no-tests.patch @@ -0,0 +1,34 @@ +--- a/configure.ac ++++ b/configure.ac +@@ -1049,21 +1049,6 @@ sys/sunaudio/Makefile + sys/v4l2/Makefile + sys/waveform/Makefile + sys/ximage/Makefile +-tests/Makefile +-tests/check/Makefile +-tests/examples/Makefile +-tests/examples/audiofx/Makefile +-tests/examples/cairo/Makefile +-tests/examples/equalizer/Makefile +-tests/examples/jack/Makefile +-tests/examples/level/Makefile +-tests/examples/pulse/Makefile +-tests/examples/rtp/Makefile +-tests/examples/shapewipe/Makefile +-tests/examples/spectrum/Makefile +-tests/examples/v4l2/Makefile +-tests/files/Makefile +-tests/icles/Makefile + common/Makefile + common/m4/Makefile + m4/Makefile +--- a/Makefile.am ++++ b/Makefile.am +@@ -2,7 +2,6 @@ DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-d + + ALWAYS_SUBDIRS = \ + gst sys ext \ +- tests \ + docs \ + common \ + m4 \ diff --git a/multimedia/gst1-plugins-good/patches/003-no-docs.patch b/multimedia/gst1-plugins-good/patches/003-no-docs.patch new file mode 100644 index 0000000..38a876f --- /dev/null +++ b/multimedia/gst1-plugins-good/patches/003-no-docs.patch @@ -0,0 +1,22 @@ +--- a/configure.ac ++++ b/configure.ac +@@ -1052,9 +1052,6 @@ sys/ximage/Makefile + common/Makefile + common/m4/Makefile + m4/Makefile +-docs/Makefile +-docs/plugins/Makefile +-docs/version.entities + pkgconfig/Makefile + pkgconfig/gstreamer-plugins-good-uninstalled.pc + gst-plugins-good.spec +--- a/Makefile.am ++++ b/Makefile.am +@@ -2,7 +2,6 @@ DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-d + + ALWAYS_SUBDIRS = \ + gst sys ext \ +- docs \ + common \ + m4 \ + pkgconfig diff --git a/multimedia/gst1-plugins-ugly/Makefile b/multimedia/gst1-plugins-ugly/Makefile deleted file mode 100644 index 2f6c334..0000000 --- a/multimedia/gst1-plugins-ugly/Makefile +++ /dev/null @@ -1,177 +0,0 @@ -# -# Copyright (C) 2009-2016 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=gst1-plugins-ugly -PKG_VERSION:=1.8.2 -PKG_RELEASE:=1 - -PKG_MAINTAINER:=W. Michael Petullo \ - Ted Hess - -PKG_LICENSE:=LGPLv2 -PKG_LICENSE_FILES:=COPYING - -PKG_BUILD_DIR:=$(BUILD_DIR)/gst-plugins-ugly-$(PKG_VERSION) -PKG_SOURCE:=gst-plugins-ugly-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=http://gstreamer.freedesktop.org/src/gst-plugins-ugly/ -PKG_MD5SUM:=9c5b33a2a98fc1d6d6c99a1b536b1fb2de45f53cc8bf8ab85a8b8141fed1a8ac - -PKG_BUILD_DEPENDS:= libgstreamer1 gstreamer1-plugins-base -PKG_CONFIG_DEPENDS:= \ - CONFIG_PACKAGE_gst1-mod-asf \ - CONFIG_PACKAGE_gst1-mod-lame \ - CONFIG_PACKAGE_gst1-mod-mad \ - CONFIG_PACKAGE_gst1-mod-mpeg2dec \ - -PKG_FIXUP:=autoreconf -PKG_INSTALL:=1 - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/nls.mk - -GST_UGLY_MODULES:= - -define Package/gstreamer1-ugly/Default - CATEGORY:=Multimedia - SECTION:=multimedia - TITLE:=GStreamer - URL:=http://gstreamer.freedesktop.org/ - DEPENDS:= +libgstreamer1 $(ICONV_DEPENDS) -endef - -define Package/gstreamer1-ugly/description/Default - GStreamer open source multimedia framework -endef - - -define Package/gst1-plugins-ugly -$(call Package/gstreamer1-ugly/Default) - TITLE+= plugins collection (ugly) - DEPENDS+= $(GST_DEPENDS) - HIDDEN:=1 -endef - -define Package/gts-plugins-ugly/description -$(call Package/gstreamer1-ugly/description/Default) - . - This meta package contains only dependencies to the other plugins from - the ugly plugins collection. -endef - - -define Package/gstreamer1-plugins-ugly - $(call Package/gstreamer1-ugly/Default) - TITLE+= plugins collection (ugly) - DEPENDS:=+ALL:gst1-plugins-ugly +gstreamer1-plugins-base -endef - -define Package/gstreamer1-plugins-ugly/config - menu "Select GStreamer ugly modules" - depends on PACKAGE_gstreamer1-plugins-ugly - - - config gst1-plugins-ugly-all - bool "Include all GStreamer ugly plugins" - select PACKAGE_gst1-plugins-ugly - - comment "Modules" - - $(foreach mod,$(GST_UGLY_MODULES), \ - config PACKAGE_gst1-mod-$(mod) - prompt "GStreamer $(mod) module" - - ) - - endmenu - -endef - -GST_COND_SELECT = $(patsubst %,$(if $(CONFIG_PACKAGE_gst1-mod-$(1)),--enable,--disable)-%,$(1)) - -GST_VERSION:=1.0 - -CONFIGURE_ARGS += \ - --disable-debug \ - --disable-examples \ - \ - --disable-a52dec \ - --disable-amrnb \ - --disable-amrwb \ - $(call GST_COND_SELECT,asf) \ - --disable-cdio \ - --disable-dvdlpcmdec \ - --disable-dvdread \ - --disable-dvdsub \ - --disable-iec958 \ - $(call GST_COND_SELECT,lame) \ - $(call GST_COND_SELECT,mad) \ - $(call GST_COND_SELECT,mpeg2dec) \ - --disable-mpegaudioparse \ - --disable-mpegstream \ - --disable-realmedia \ - --disable-sidplay \ - --disable-synaesthesia \ - --disable-twolame \ - --disable-x264 \ - \ - --without-libiconv-prefix \ - --without-libintl-prefix \ - -EXTRA_LDFLAGS+= \ - -Wl,-rpath-link=$(STAGING_DIR)/usr/lib \ - $(if $(ICONV_FULL),-liconv) \ - - -define Package/gst1-plugins-ugly/install - /bin/true -endef - - -# 1: short name -# 2: description -# 3: dependencies on other gstreamer libraries (short name) -# 4: dependencies on other gstreamer plugins (short name) -# 5: dependencies on other packages -define GstBuildPlugin - - GST_DEPENDS += +gst1-mod-$(1) - - GST_UGLY_MODULES+= $(1) - - define Package/gst1-mod-$(1) - $(call Package/gstreamer1-ugly/Default) - TITLE+= $(2) plugin (ugly) - DEPENDS+= +libgstreamer1 $$(foreach p,$(3),+libgst1$$(p)) $$(foreach p,$(4),+gst1-mod-$$(p)) $(5) - HIDDEN:=1 - endef - - define Package/gst1-mod-$(1)/description - $(call Package/gstreamer1-ugly/description/Default) - . - This package contains the GStreamer $(2) plugin. - endef - - define Package/gst1-mod-$(1)/install - $(INSTALL_DIR) $$(1)/usr/lib/gstreamer-$(GST_VERSION) - ( cd $(PKG_INSTALL_DIR); $(CP) \ - ./usr/lib/gstreamer-$(GST_VERSION)/libgst$(1).so* \ - $$(1)/usr/lib/gstreamer-$(GST_VERSION)/ \ - ) - endef - - $$(eval $$(call BuildPackage,gst1-mod-$(1))) -endef - -$(eval $(call GstBuildPlugin,asf,ASF demuxer,audio video riff rtp rtsp sdp tag,,)) -$(eval $(call GstBuildPlugin,lame,MP3 encoder (using LAME),audio,,+lame-lib)) -$(eval $(call GstBuildPlugin,mad,MP3 decoder (using MAD),audio tag,,+libid3tag +libmad)) -$(eval $(call GstBuildPlugin,mpeg2dec,MPEG decoder,video,,+libmpeg2)) - -$(eval $(call BuildPackage,gstreamer1-plugins-ugly)) -$(eval $(call BuildPackage,gst1-plugins-ugly)) diff --git a/multimedia/gst1-plugins-ugly/patches/001-no-translations.patch b/multimedia/gst1-plugins-ugly/patches/001-no-translations.patch deleted file mode 100644 index ea02ec8..0000000 --- a/multimedia/gst1-plugins-ugly/patches/001-no-translations.patch +++ /dev/null @@ -1,23 +0,0 @@ -diff -u --recursive gst-plugins-ugly-1.6.2-vanilla/configure.ac gst-plugins-ugly-1.6.2/configure.ac ---- gst-plugins-ugly-1.6.2-vanilla/configure.ac 2016-01-01 10:47:06.333623730 -0500 -+++ gst-plugins-ugly-1.6.2/configure.ac 2016-01-01 10:47:20.211613708 -0500 -@@ -470,7 +470,6 @@ - tests/Makefile - tests/check/Makefile - m4/Makefile --po/Makefile.in - pkgconfig/Makefile - pkgconfig/gstreamer-plugins-ugly-uninstalled.pc - gst-plugins-ugly.spec -diff -u --recursive gst-plugins-ugly-1.6.2-vanilla/Makefile.am gst-plugins-ugly-1.6.2/Makefile.am ---- gst-plugins-ugly-1.6.2-vanilla/Makefile.am 2016-01-01 10:47:06.333623730 -0500 -+++ gst-plugins-ugly-1.6.2/Makefile.am 2016-01-01 10:47:14.523210855 -0500 -@@ -1,7 +1,7 @@ - DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-doc - - SUBDIRS = \ -- gst-libs gst ext docs m4 tests common pkgconfig po -+ gst-libs gst ext docs m4 tests common pkgconfig - - # include before EXTRA_DIST for win32 assignment - include $(top_srcdir)/common/win32.mak diff --git a/multimedia/gst1-plugins-ugly/patches/002-no-tests.patch b/multimedia/gst1-plugins-ugly/patches/002-no-tests.patch deleted file mode 100644 index 26cd48a..0000000 --- a/multimedia/gst1-plugins-ugly/patches/002-no-tests.patch +++ /dev/null @@ -1,23 +0,0 @@ ---- a/configure.ac -+++ b/configure.ac -@@ -478,9 +478,6 @@ ext/x264/Makefile - docs/Makefile - docs/plugins/Makefile - docs/version.entities --tests/Makefile --tests/check/Makefile --tests/files/Makefile - m4/Makefile - pkgconfig/Makefile - pkgconfig/gstreamer-plugins-ugly-uninstalled.pc ---- a/Makefile.am -+++ b/Makefile.am -@@ -1,7 +1,7 @@ - DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-doc - - SUBDIRS = \ -- gst-libs gst ext docs m4 tests common pkgconfig -+ gst-libs gst ext docs m4 common pkgconfig - - # include before EXTRA_DIST for win32 assignment - include $(top_srcdir)/common/win32.mak diff --git a/multimedia/gst1-plugins-ugly/patches/003-no-docs.patch b/multimedia/gst1-plugins-ugly/patches/003-no-docs.patch deleted file mode 100644 index 3ef1255..0000000 --- a/multimedia/gst1-plugins-ugly/patches/003-no-docs.patch +++ /dev/null @@ -1,23 +0,0 @@ ---- a/configure.ac -+++ b/configure.ac -@@ -475,9 +475,6 @@ ext/mpg123/Makefile - ext/sidplay/Makefile - ext/twolame/Makefile - ext/x264/Makefile --docs/Makefile --docs/plugins/Makefile --docs/version.entities - m4/Makefile - pkgconfig/Makefile - pkgconfig/gstreamer-plugins-ugly-uninstalled.pc ---- a/Makefile.am -+++ b/Makefile.am -@@ -1,7 +1,7 @@ - DISTCHECK_CONFIGURE_FLAGS=--enable-gtk-doc - - SUBDIRS = \ -- gst-libs gst ext docs m4 common pkgconfig -+ gst-libs gst ext m4 common pkgconfig - - # include before EXTRA_DIST for win32 assignment - include $(top_srcdir)/common/win32.mak diff --git a/multimedia/minidlna/Makefile b/multimedia/minidlna/Makefile deleted file mode 100644 index 144da20..0000000 --- a/multimedia/minidlna/Makefile +++ /dev/null @@ -1,85 +0,0 @@ -# -# Copyright (C) 2010-2014 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=minidlna -PKG_VERSION:=1.1.5 -PKG_RELEASE:=1 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=@SF/minidlna -PKG_MD5SUM:=1970e553a1eb8a3e7e302e2ce292cbc4 -PKG_LICENSE:=GPL-2.0 BSD-3-Clause -PKG_LICENSE_FILES:=COPYING LICENCE.miniupnpd - -PKG_MAINTAINER:=Knyazkov Dmitry - -PKG_BUILD_PARALLEL:=0 -PKG_BUILD_DEPENDS:=util-linux - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/nls.mk - -define Package/minidlna - SECTION:=multimedia - CATEGORY:=Multimedia - TITLE:=UPnP A/V & DLNA Media Server - URL:=http://minidlna.sourceforge.net/ - DEPENDS:= +libpthread +libexif +libjpeg +libsqlite3 +libffmpeg \ - +libid3tag +libflac +libvorbis +libuuid \ - $(ICONV_DEPENDS) $(INTL_DEPENDS) -endef - -define Package/minidlna/description - MiniDLNA (aka ReadyDLNA) is server software with the aim of - being fully compliant with DLNA/UPnP-AV clients. -endef - -define Package/minidlna/conffiles -/etc/config/minidlna -endef - -TARGET_CPPFLAGS += \ - -I$(STAGING_DIR)/usr/include \ - -I$(STAGING_DIR)/usr/include/FLAC \ - -I$(STAGING_DIR)/usr/include/libexif \ - -I$(STAGING_DIR)/usr/include/uuid \ - -I$(STAGING_DIR)/usr/include/vorbis \ - -I$(ICONV_PREFIX)/include \ - -I$(INTL_PREFIX)/include \ - -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 \ - -TARGET_LDFLAGS += \ - -L$(ICONV_PREFIX)/lib \ - -L$(INTL_PREFIX)/lib \ - -Wl,-rpath-link=$(STAGING_DIR)/usr/lib \ - -MAKE_FLAGS +=\ - CFLAGS="$(TARGET_CFLAGS) $(TARGET_CPPFLAGS)" \ - LDFLAGS="$(TARGET_LDFLAGS)" \ - ICONV_LIBS="-liconv $(if $(INTL_FULL),-lintl)" \ - -CONFIGURE_ARGS +=\ - --with-libiconv-prefix="$(ICONV_PREFIX)" \ - --with-libintl-prefix="$(INTL_PREFIX)" \ - --with-os-name="OpenWrt Linux" \ - --with-os-version="$(LINUX_VERSION)" \ - --with-os-url="http://openwrt.org/" \ - --with-db-path="/var/run/minidlna" \ - --with-log-path="/var/log" \ - -define Package/minidlna/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/minidlnad $(1)/usr/bin/minidlna - $(INSTALL_DIR) $(1)/etc/init.d - $(INSTALL_BIN) ./files/minidlna.init $(1)/etc/init.d/minidlna - $(INSTALL_DIR) $(1)/etc/config - $(INSTALL_CONF) ./files/minidlna.config $(1)/etc/config/minidlna -endef - -$(eval $(call BuildPackage,minidlna)) diff --git a/multimedia/minidlna/files/minidlna.config b/multimedia/minidlna/files/minidlna.config deleted file mode 100644 index 91a5cc3..0000000 --- a/multimedia/minidlna/files/minidlna.config +++ /dev/null @@ -1,17 +0,0 @@ -config minidlna config - option 'enabled' '1' - option port '8200' - option interface 'br-lan' - option friendly_name 'OpenWrt DLNA Server' - option db_dir '/var/run/minidlna' - option log_dir '/var/log' - option inotify '1' - option enable_tivo '0' - option strict_dlna '0' - option presentation_url '' - option notify_interval '900' - option serial '12345678' - option model_number '1' - option root_container '.' - list media_dir '/mnt' - option album_art_names 'Cover.jpg/cover.jpg/AlbumArtSmall.jpg/albumartsmall.jpg/AlbumArt.jpg/albumart.jpg/Album.jpg/album.jpg/Folder.jpg/folder.jpg/Thumb.jpg/thumb.jpg' diff --git a/multimedia/minidlna/files/minidlna.init b/multimedia/minidlna/files/minidlna.init deleted file mode 100644 index a92a064..0000000 --- a/multimedia/minidlna/files/minidlna.init +++ /dev/null @@ -1,97 +0,0 @@ -#!/bin/sh /etc/rc.common -# Copyright (C) 2010 OpenWrt.org - -START=50 - -SERVICE_USE_PID=1 -SERVICE_PID_FILE=/var/run/minidlna/minidlna.pid - -MINIDLNA_CONFIG_FILE="/tmp/minidlna.conf" - -minidlna_cfg_append() { - echo "$1" >> "$MINIDLNA_CONFIG_FILE" -} - -minidlna_cfg_addbool() { - local cfg="$1" - local key="$2" - local def="$3" - local val - - config_get_bool val "$cfg" "$key" "$def" - [ "$val" -gt 0 ] && val="yes" || val="no" - minidlna_cfg_append "$key=$val" -} - -minidlna_cfg_addstr() { - local cfg="$1" - local key="$2" - local def="$3" - local val - - config_get val "$cfg" "$key" "$def" - [ -n "$val" ] && minidlna_cfg_append "$key=$val" -} - -minidlna_cfg_add_media_dir() { - local val=$1 - - minidlna_cfg_append "media_dir=$val" -} - -minidlna_create_config() { - local cfg=$1 - local port - local interface - - config_get port $cfg port - config_get interface $cfg interface - - [ -z "$interface" -o -t "$port" ] && return 1 - - echo "# this file is generated automatically, don't edit" > "$MINIDLNA_CONFIG_FILE" - - minidlna_cfg_append "port=$port" - minidlna_cfg_append "network_interface=$interface" - - minidlna_cfg_addstr $cfg friendly_name - minidlna_cfg_addstr $cfg db_dir - minidlna_cfg_addstr $cfg log_dir - minidlna_cfg_addbool $cfg inotify '1' - minidlna_cfg_addbool $cfg enable_tivo '0' - minidlna_cfg_addbool $cfg strict_dlna '0' - minidlna_cfg_addstr $cfg album_art_names - minidlna_cfg_addstr $cfg presentation_url - minidlna_cfg_addstr $cfg notify_interval '900' - minidlna_cfg_addstr $cfg serial '12345678' - minidlna_cfg_addstr $cfg model_number '1' - minidlna_cfg_addstr $cfg minissdpsocket - minidlna_cfg_addstr $cfg root_container '.' - config_list_foreach "$cfg" "media_dir" minidlna_cfg_add_media_dir - - return 0 -} - -start() { - local enabled - local db_dir - local log_dir - - config_load 'minidlna' - config_get_bool enabled config 'enabled' '0' - - [ "$enabled" -gt 0 ] || return 1 - - minidlna_create_config config || return 1 - - config_get db_dir config 'db_dir' '/var/run/minidlna' - config_get log_dir config 'log_dir' '/var/log' - - mkdir -m 0755 -p $db_dir - mkdir -m 0755 -p $log_dir - service_start /usr/bin/minidlna -f "$MINIDLNA_CONFIG_FILE" -} - -stop() { - service_stop /usr/bin/minidlna -} diff --git a/multimedia/minidlna/patches/010-libav-fix.patch b/multimedia/minidlna/patches/010-libav-fix.patch deleted file mode 100644 index 5924599..0000000 --- a/multimedia/minidlna/patches/010-libav-fix.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- a/libav.h -+++ b/libav.h -@@ -167,7 +167,7 @@ - static inline int - lav_is_thumbnail_stream(AVStream *s, uint8_t **data, int *size) - { --#if LIBAVFORMAT_VERSION_INT >= ((54<<16)+(6<<8)) -+/*if LIBAVFORMAT_VERSION_INT >= ((54<<16)+(6<<8)) - if (s->disposition & AV_DISPOSITION_ATTACHED_PIC && - s->codec->codec_id == AV_CODEC_ID_MJPEG) - { -@@ -177,6 +177,6 @@ - *size = s->attached_pic.size; - return 1; - } --#endif -+endif*/ - return 0; - } diff --git a/net/acme/Makefile b/net/acme/Makefile index 9d35f80..64796cc 100644 --- a/net/acme/Makefile +++ b/net/acme/Makefile @@ -8,9 +8,9 @@ include $(TOPDIR)/rules.mk PKG_NAME:=acme -PKG_SOURCE_VERSION:=6d84da588b98733dd9c4f5b88440281ab1eb4989 -PKG_VERSION:=1.4 -PKG_RELEASE:=1 +PKG_SOURCE_VERSION:=7b40cbe8c1a52041351524bcde4b37665a7cdf79 +PKG_VERSION:=1.5 +PKG_RELEASE:=2 PKG_LICENSE:=GPLv3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE).tar.xz @@ -25,7 +25,7 @@ include $(INCLUDE_DIR)/package.mk define Package/acme SECTION:=net CATEGORY:=Network - DEPENDS:=+curl +ca-certificates +openssl-util +netcat + DEPENDS:=+curl +ca-bundle +openssl-util +netcat TITLE:=ACME (Letsencrypt) client PKGARCH:=all MAINTAINER:=Toke Høiland-Jørgensen @@ -90,6 +90,7 @@ uci -q get ucitrack.@acme[0] > /dev/null && { uci delete ucitrack.@acme[0] uci commit } +exit 0 endef diff --git a/net/acme/files/run.sh b/net/acme/files/run.sh index 94fd624..d395b5b 100644 --- a/net/acme/files/run.sh +++ b/net/acme/files/run.sh @@ -10,7 +10,11 @@ CHECK_CRON=$1 ACME=/usr/lib/acme/acme.sh +# We export both ca variables in an attempts to keep backwards +# compatibility with older versions of curl that was linked against +# openssl export SSL_CERT_DIR=/etc/ssl/certs +export CURL_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt export NO_TIMESTAMP=1 UHTTPD_LISTEN_HTTP= diff --git a/net/adblock/Makefile b/net/adblock/Makefile index 1511790..e40e18c 100644 --- a/net/adblock/Makefile +++ b/net/adblock/Makefile @@ -1,12 +1,12 @@ # -# Copyright (c) 2015-2017 Dirk Brenken (dev@brenken.org) +# Copyright (c) 2015-2018 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # include $(TOPDIR)/rules.mk PKG_NAME:=adblock -PKG_VERSION:=2.6.2 +PKG_VERSION:=3.4.3 PKG_RELEASE:=1 PKG_LICENSE:=GPL-3.0+ PKG_MAINTAINER:=Dirk Brenken @@ -16,12 +16,13 @@ include $(INCLUDE_DIR)/package.mk define Package/adblock SECTION:=net CATEGORY:=Network - TITLE:=Powerful adblock script to block ad/abuse domains + TITLE:=Powerful adblock script to block ad/abuse domains by using DNS + DEPENDS:=+jshn +jsonfilter PKGARCH:=all endef define Package/adblock/description -Powerful adblock script to block ad/abuse domains via dnsmasq or unbound dns backend. +Powerful adblock script to block ad/abuse domains via dnsmasq, unbound, named, kresd or dnscrypt-proxy. The script supports many domain blacklist sites plus manual black- and whitelist overrides. Please see https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md for further information. @@ -53,6 +54,7 @@ define Package/adblock/install $(INSTALL_CONF) ./files/adblock.conf $(1)/etc/config/adblock $(INSTALL_DIR) $(1)/etc/adblock + $(INSTALL_CONF) ./files/adblock.notify $(1)/etc/adblock/ $(INSTALL_CONF) ./files/adblock.blacklist $(1)/etc/adblock/ $(INSTALL_CONF) ./files/adblock.whitelist $(1)/etc/adblock/ endef diff --git a/net/adblock/files/README.md b/net/adblock/files/README.md index 6950ec7..71d67ef 100644 --- a/net/adblock/files/README.md +++ b/net/adblock/files/README.md @@ -4,11 +4,13 @@ A lot of people already use adblocker plugins within their desktop browsers, but what if you are using your (smart) phone, tablet, watch or any other wlan gadget...getting rid of annoying ads, trackers and other abuse sites (like facebook ;-) is simple: block them with your router. When the dns server on your router receives dns requests, you will sort out queries that ask for the resource records of ad servers and return a simple 'NXDOMAIN'. This is nothing but **N**on-e**X**istent Internet or Intranet domain name, if domain name is unable to resolved using the dns server, a condition called the 'NXDOMAIN' occurred. ## Main Features -* support of the following domain block list sources (free for private usage, for commercial use please check their individual licenses): +* support of the following domain blocklist sources (free for private usage, for commercial use please check their individual licenses): * [adaway](https://adaway.org) * => infrequent updates, approx. 400 entries (enabled by default) * [adguard](https://adguard.com) * => numerous updates on the same day, approx. 12.000 entries + * [bitcoin](https://github.com/hoshsadiq/adblock-nocoin-list) + * => infrequent updates, approx. 15 entries * [blacklist]() * => static local blacklist, located by default in '/etc/adblock/adblock.blacklist' * [disconnect](https://disconnect.me) @@ -25,20 +27,22 @@ A lot of people already use adblocker plugins within their desktop browsers, but * => daily updates, approx. 1.500 entries * [openphish](https://openphish.com) * => numerous updates on the same day, approx. 1.800 entries - * [palevo tracker](https://palevotracker.abuse.ch) - * => daily updates, approx. 15 entries * [ransomware tracker](https://ransomwaretracker.abuse.ch) * => daily updates, approx. 150 entries * [reg_cn](https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt) * => regional blocklist for China, daily updates, approx. 1.600 entries + * [reg_de](https://easylist-downloads.adblockplus.org/easylistgermany+easylist.txt) + * => regional blocklist for Germany, daily updates, approx. 9.200 entries + * [reg_id](https://easylist-downloads.adblockplus.org/abpindo+easylist.txt) + * => regional blocklist for Indonesia, daily updates, approx. 800 entries + * [reg_nl](https://easylist-downloads.adblockplus.org/easylistdutch+easylist.txt) + * => regional blocklist for the Netherlands, weekly updates, approx. 1300 entries * [reg_pl](http://adblocklist.org) * => regional blocklist for Poland, daily updates, approx. 50 entries * [reg_ro](https://easylist-downloads.adblockplus.org/rolist+easylist.txt) * => regional blocklist for Romania, weekly updates, approx. 600 entries * [reg_ru](https://code.google.com/p/ruadlist) * => regional blocklist for Russia, weekly updates, approx. 2.000 entries - * [securemecca](http://www.securemecca.com) - * => infrequent updates, approx. 25.000 entries * [shallalist](http://www.shallalist.de) (categories "adv" "costtraps" "spyware" "tracker" "warez" enabled by default) * => daily updates, approx. 32.000 entries (a short description of all shallalist categories can be found [online](http://www.shallalist.de/categories.html)) * [spam404](http://www.spam404.com) @@ -57,26 +61,31 @@ A lot of people already use adblocker plugins within their desktop browsers, but * => daily updates, approx. 440 entries * zero-conf like automatic installation & setup, usually no manual changes needed * simple but yet powerful adblock engine: adblock does not use error prone external iptables rulesets, http pixel server instances and things like that -* automatically selects dnsmasq or unbound as dns backend -* automatically selects uclient-fetch or wget as download utility (other tools like curl or aria2c are supported as well) -* support http only mode (without installed ssl library) for all non-SSL blocklist sources -* automatically supports a wide range of router modes, even AP modes are supported +* supports five different dns backends / blocklist formats: dnsmasq, unbound, named (bind), kresd and dnscrypt-proxy +* supports six different download utilities: uclient-fetch, wget, curl, aria2c, wget-nossl, busybox-wget +* provides 'http only' mode without installed ssl library for all non-SSL blocklist sources +* supports a wide range of router modes, even AP modes are supported * full IPv4 and IPv6 support -* supports tld compression (top level domain compression), this feature removes thousands of needless host entries from the block lists and lowers the memory footprint for the dns backends -* each block list source will be updated and processed separately -* block list source parsing by fast & flexible regex rulesets -* overall duplicate removal in separate block lists +* provides top level domain compression ('tld compression'), this feature removes thousands of needless host entries from the blocklist and lowers the memory footprint for the dns backends +* blocklist source parsing by fast & flexible regex rulesets +* overall duplicate removal in central blocklist 'adb_list.overall' * additional whitelist for manual overrides, located by default in /etc/adblock/adblock.whitelist -* quality checks during block list update to ensure a reliable dns backend service +* quality checks during blocklist update to ensure a reliable dns backend service * minimal status & error logging to syslog, enable debug logging to receive more output * procd based init system support (start/stop/restart/reload/suspend/resume/query/status) -* procd based hotplug support, the adblock start will be solely triggered by network interface triggers -* suspend & resume adblock actions temporarily without block list reloading -* runtime information available via LuCI & via 'status' init command +* procd network interface trigger support or classic time based startup +* keep the dns cache intact after adblock processing (currently supported by unbound and named) +* conditional dns backend restarts by old/new blocklist comparison with sha256sum (default) or md5sum +* suspend & resume adblock actions temporarily without blocklist reloading +* output comprehensive runtime information via LuCI or via 'status' init command * query function to quickly identify blocked (sub-)domains, e.g. for whitelisting +* strong LuCI support * optional: force dns requests to local resolver * optional: force overall sort / duplicate removal for low memory devices (handle with care!) -* optional: automatic block list backup & restore, backups will be (de-)compressed and restored on the fly in case of any runtime error +* optional: automatic blocklist backup & restore, they will be used in case of download errors or during startup in backup mode +* optional: 'backup mode' to re-use blocklist backups during startup, get fresh lists only via reload or restart action +* optional: 'whitelist mode' to block access to all domains except those explicitly listed in the whitelist file +* optional: send notification emails in case of a processing error or if the overall domain count is ≤ 0 * optional: add new adblock sources on your own via uci config ## Prerequisites @@ -84,91 +93,136 @@ A lot of people already use adblocker plugins within their desktop browsers, but * a usual setup with an enabled dns backend at minimum - dump AP modes without a working dns backend are _not_ supported * a download utility: * to support all blocklist sources a full version (with ssl support) of 'wget', 'uclient-fetch' with one of the 'libustream-*' ssl libraries, 'aria2c' or 'curl' is required - * for limited devices with real memory constraints, adblock provides also a plain http option and supports wget-nossl and uclient-fetch (without libustream-ssl), too + * for limited devices with real memory constraints, adblock provides also a 'http only' option and supports wget-nossl and uclient-fetch (without libustream-ssl) as well * for more configuration options see examples below -## LEDE trunk Installation & Usage -* install 'adblock' (_opkg install adblock_) and that's it - the adblock start will be automatically triggered by procd interface trigger +## Installation & Usage +* install 'adblock' (_opkg install adblock_) +* at minimum configure the appropriate dns backend ('dnsmasq' by default) and enable the adblock service in _/etc/config/adblock_ * control the adblock service manually with _/etc/init.d/adblock_ start/stop/restart/reload/suspend/resume/status or use the LuCI frontend -* enable/disable your favored block list sources in _/etc/config/adblock_ - 'adaway', 'disconnect' and 'yoyo' are enabled by default ## LuCI adblock companion package -* for easy management of the various block list sources and all other adblock options you can also use a nice & efficient LuCI frontend +* for easy management of the various blocklist sources and all other adblock options you should use the provided LuCI frontend * install 'luci-app-adblock' (_opkg install luci-app-adblock_) * the application is located in LuCI under 'Services' menu ## Tweaks * **runtime information:** the adblock status is available via _/etc/init.d/adblock status_ (see example below) * **debug logging:** for script debugging please set the config option 'adb\_debug' to '1' and check the runtime output with _logread -e "adblock"_ -* **storage expansion:** to process and store all block list sources at once it might helpful to enlarge your temp directory with a swap partition => see [openwrt wiki](https://wiki.openwrt.org/doc/uci/fstab) for further details +* **storage expansion:** to process and store all blocklist sources at once it might helpful to enlarge your temp directory with a swap partition => see [openwrt wiki](https://wiki.openwrt.org/doc/uci/fstab) for further details * **add white- / blacklist entries:** add domain white- or blacklist entries to always-allow or -deny certain (sub) domains, by default both lists are empty and located in _/etc/adblock_. Please add one domain per line - ip addresses, wildcards & regex are _not_ allowed (see example below) -* **backup & restore block lists:** enable this feature, to restore automatically the latest compressed backup of your block lists in case of any processing error (e.g. a single block list source is not available during update). Please use an (external) solid partition and _not_ your volatile router temp directory for this +* **backup & restore blocklists:** enable this feature, to restore automatically the latest compressed backup of your blocklists in case of any processing error (e.g. a single blocklist source is not available during update). Please use an (external) solid partition and _not_ your volatile router temp directory for this * **scheduled list updates:** for a scheduled call of the adblock service add an appropriate crontab entry (see example below) -* **restrict procd interface trigger:** restrict the procd interface trigger to a (list of) certain interface(s) (default: wan). To disable it at all, remove all entries +* **change startup behaviour:** by default the startup will be triggered by the 'wan' procd interface trigger. Choose 'none' to disable automatic startups, 'timed' to use a classic timeout (default 30 sec.) or select another trigger interface. * **suspend & resume adblocking:** to quickly switch the adblock service 'on' or 'off', simply use _/etc/init.d/adblock [suspend|resume]_ -* **domain query:** to query the active block lists for a specific domain, please run _/etc/init.d/adblock query ``_ (see example below) -* **add new list sources:** you could add new block list sources on your own via uci config, all you need is a source url and an awk one-liner (see example below) +* **domain query:** to query the active blocklist for a specific domain, please run _/etc/init.d/adblock query ``_ (see example below) +* **add new list sources:** you could add new blocklist sources on your own via uci config, all you need is a source url and an awk one-liner (see example below) * **disable active dns probing in windows 10:** to prevent a yellow exclamation mark on your internet connection icon (which wrongly means connected, but no internet), please change the following registry key/value from "1" to "0" _HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet\EnableActiveProbing_ ## Further adblock config options -* usually the pre-configured adblock setup works quite well and no manual config overrides are needed, all listed options apply to the 'global' config section: - * adb\_enabled => main switch to enable/disable adblock service (default: '1', enabled) +* usually the pre-configured adblock setup works quite well and no manual overrides are needed +* the following options apply to the 'global' config section: + * adb\_enabled => main switch to enable/disable adblock service (default: '0', disabled) * adb\_debug => enable/disable adblock debug output (default: '0', disabled) - * adb\_iface => set the procd interface trigger to a (list of) lan / wan interface(s) (default: 'wan') - * adb\_fetch => full path to a different download utility, see example below (default: not set, use wget) - * adb\_fetchparm => options for the download utility, see example below (default: not set, use wget options) - * adb\_triggerdelay => additional trigger delay in seconds before adblock processing starts (default: '2') + * adb\_fetchutil => name of the used download utility: 'uclient-fetch', 'wget', 'curl', 'aria2c', 'wget-nossl'. 'busybox' (default: 'uclient-fetch') + * adb\_fetchparm => special config options for the download utility (default: not set) + * adb\_dns => select the dns backend for your environment: 'dnsmasq', 'unbound', 'named', 'kresd' or 'dnscrypt-proxy' (default: 'dnsmasq') + * adb\_dnsdir => target directory for the generated blocklist 'adb_list.overall' (default: not set, use dns backend default) + * adb\_trigger => set the startup trigger to a certain interface, to 'timed' or to 'none' (default: 'wan') + +* the following options apply to the 'extra' config section: + * adb\_triggerdelay => additional trigger delay in seconds before adblock processing begins (default: '1') * adb\_forcedns => force dns requests to local resolver (default: '0', disabled) * adb\_forcesrt => force overall sort on low memory devices with less than 64 MB RAM (default: '0', disabled) + * adb\_backup_mode => do not automatically update blocklists during startup, use backups instead (default: '0', disabled) + * adb\_whitelist_mode => block access to all domains except those explicitly listed in the whitelist file (default: '0', disabled) + * adb\_dnsflush => flush DNS cache after adblock processing, i.e. enable the old restart behavior (default: '0', disabled) + * adb\_notify => send notification emails in case of a processing error or if the overall domain count is ≤ 0 (default: '0', disabled) + * adb\_notifycnt => Raise minimum domain count email notification trigger (default: '0') ## Examples **change default dns backend to 'unbound':** + +Adblock deposits the final blocklist 'adb_list.overall' in '/var/lib/unbound' where unbound can find them in its jail. +To preserve the DNS cache after adblock processing you need to install 'unbound-control'. + +**change default dns backend to 'named' (bind):** + +Adblock deposits the final blocklist 'adb_list.overall' in '/var/lib/bind'. +To preserve the DNS cache after adblock processing you need to install & configure 'bind-rdnc'. +To use the blocklist please modify '/etc/bind/named.conf': 

-Adblock detects the presence of an active unbound dns backend and the block lists will be automatically pulled in by unbound.
-The adblock script deposits the sorted and filtered block lists in '/var/lib/unbound' where unbound can find them in its jail.
-If you use manual configuration for unbound, then just include the following line in your 'server:' clause:
+in the 'options' namespace add:
+  response-policy { zone "rpz"; };
 
-  include: "/var/lib/unbound/adb_list.*"
+and at the end of the file add:
+  zone "rpz" {
+    type master;
+    file "/var/lib/bind/adb_list.overall";
+    allow-query { none; };
+    allow-transfer { none; };
+  };
-**configuration for different download utilities:** -

-wget (default):
-  option adb_fetch="/usr/bin/wget"
-  option adb_fetchparm="--no-config --quiet --no-cache --no-cookies --max-redirect=0 --timeout=10 --no-check-certificate -O"
+**change default dns backend to 'kresd':**
 
-aria2c:
-  option adb_fetch '/usr/bin/aria2c'
-  option adb_fetchparm '-q --timeout=10 --allow-overwrite=true --auto-file-renaming=false --check-certificate=false -o'
+The knot-resolver (kresd) is only available on Turris Omnia devices.  
+Adblock deposits the final blocklist 'adb_list.overall' in '/etc/kresd', no further configuration needed.
+  
+**change default dns backend to 'dnscrypt-proxy':**
 
-uclient-fetch:
-  option adb_fetch '/bin/uclient-fetch'
-  option adb_fetchparm '-q --timeout=10 --no-check-certificate -O'
+The required 'blacklist' option of dnscrypt-proxy is not enabled by default, because the package will be compiled without plugins support.  
+Take a custom LEDE build with plugins support to use this feature. Adblock deposits the final blocklist 'adb_list.overall' in '/tmp'.  
+To use the blocklist please modify '/etc/config/dnscrypt-proxy' per instance:
+

+  list blacklist 'domains:/tmp/adb_list.overall'
+

+  
+**enable email notification via msmtp:**
 
-curl:
-  option adb_fetch '/usr/bin/curl'
-  option adb_fetchparm '-s --connect-timeout 10 --insecure -o'
+To use the email notification you have to install & configure the package 'msmtp'.  
+Modify the file '/etc/msmtprc':
+

+[...]
+defaults
+auth            on
+tls             on
+tls_certcheck   off
+timeout         5
+syslog          LOG_MAIL
+[...]
+account         adb_notify
+host            smtp.gmail.com
+port            587
+from            dev.adblock@gmail.com
+user            dev.adblock
+password        xxx
 

+Edit the file '/etc/adblock/adblock.notify' and change at least the 'mail_receiver'.  
+Finally make this file executable via 'chmod' and test it directly. If no more errors come up you can comment 'mail_debug', too.
   
 **receive adblock runtime information:**
+
 

-root@blackhole:~# /etc/init.d/adblock status
+/etc/init.d/adblock status
 ::: adblock runtime information
- status          : active
- adblock_version : 2.6.0
- blocked_domains : 113711
- fetch_info      : wget (built-in)
- dns_backend     : dnsmasq
- last_rundate    : 12.04.2017 13:08:26
- system          : LEDE Reboot SNAPSHOT r3900-399d5cf532
+  + adblock_status  : enabled
+  + adblock_version : 3.4.0
+  + overall_domains : 5167 (normal/backup mode)
+  + fetch_utility   : wget (built-in)
+  + dns_backend     : kresd (/etc/kresd)
+  + last_rundate    : 27.12.2017 20:52:35
+  + system_release  : Turris Omnia, OpenWrt omnia 15.05/3.9.1
 

   
 **cronjob for a regular block list update (/etc/crontabs/root):**
+
 

-0 06 * * *    /etc/init.d/adblock start
+0 06 * * *    /etc/init.d/adblock reload
 

   
 **blacklist entry (/etc/adblock/adblock.blacklist):**
+
 

 ads.example.com
 
@@ -183,10 +237,11 @@ This entry does not block:
 

   
 **whitelist entry (/etc/adblock/adblock.whitelist):**
+
 

 here.com
 
-This entry removes the following (sub)domains from the block lists:
+This entry removes the following (sub)domains from the blocklist:
   maps.here.com
   here.com
 
@@ -195,53 +250,42 @@ This entry does not remove:
   www.adwhere.com
 

   
-**query active block lists for a certain (sub-)domain, e.g. for whitelisting:**
+**query the active blocklist for a certain (sub-)domain, e.g. for whitelisting:**
+
+The query function checks against the submitted (sub-)domain and recurses automatically to the upper top level domain. For every (sub-)domain it returns the first ten relevant results.
 

-/etc/init.d/adblock query example.www.doubleclick.net
-::: distinct results for domain 'example.www.doubleclick.net'
- no match
-::: distinct results for domain 'www.doubleclick.net'
- adb_list.sysctl      : www.doubleclick.net
-::: distinct results for domain 'doubleclick.net'
- adb_list.adaway      : ad-g.doubleclick.net
- adb_list.securemecca : 1168945.fls.doubleclick.net
- adb_list.sysctl      : 1435575.fls.doubleclick.net
- adb_list.whocares    : 3ad.doubleclick.net
-
-The query function checks against the submitted (sub-)domain and recurses automatically to the upper top level domain(s).
-For every domain it returns the overall count plus a distinct list of active block lists with the first relevant result.
-In the example above whitelist "www.doubleclick.net" to free the submitted domain.
+/etc/init.d/adblock query www.example.google.com
+::: max. ten results for domain 'www.example.google.com'
+  - no match
+::: max. ten results for domain 'example.google.com'
+  - no match
+::: max. ten results for domain 'google.com'
+  + analytics.google.com
+  + googleadapis.l.google.com
+  + pagead.l.google.com
+  + partnerad.l.google.com
+  + ssl-google-analytics.l.google.com
+  + video-stats.video.google.com
+  + www-google-analytics.l.google.com
 

   
-**add a new block list source:**
-

-1. the easy way ...
-example: https://easylist-downloads.adblockplus.org/rolist+easylist.txt
-adblock already supports an easylist source, called 'ruadlist'. To add the additional local easylist
-as a new source, copy the existing config source 'ruadlist' section and change only
-the source name, the url and the description - that's all!
+**add a new blocklist source:**
 
-config source 'rolist'
+1. the easy way ...  
+example: https://easylist-downloads.adblockplus.org/rolist+easylist.txt  
+Adblock already supports an easylist source, called 'reg_ru'. To add the additional local easylist as a new source, copy the existing config source section and change only
+the source name, the url and the description - that's all!
+

+config source 'reg_ro'
   option enabled '0'
   option adb_src 'https://easylist-downloads.adblockplus.org/rolist+easylist.txt'
-  option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
-  option adb_src_desc 'focus on romanian ad related domains plus generic easylist additions, weekly updates, approx. 600 entries'
-
-2. a bit harder ...
-to add a really new source with different domain/host format you have to write a suitable
-awk one-liner on your own, so basic awk skills are needed. As a starting point check the already
-existing awk strings (adb_src_rset) in adblock config, maybe you need only small changes for your individual list.
-Download the desired list and test your new awk string locally with:
-  cat new.list | awk 'fs__individual search__search core__result'
-  'fs' => field separator (optional)
-  'individual search' => individual search part to filter out needless list information
-  'search core' => always '([A-Za-z0-9_-]+\.){1,}[A-Za-z]+', this is part of all list sources and should be unchanged
-  'result' => always '{print tolower(\$n)}', only the output column 'n' may vary
-the output result should be a sequential list with one domain/host per line - nothing more.
-
-If your awk one-liner works quite well, add a new source section in adblock config and test your new source
+  option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+  option adb_src_desc 'focus on romanian ads plus generic easylist additions, weekly updates, approx. 9.400 entries'
 

-  
+
+2. a bit harder ...  
+To add a really new source with different domain/host format you have to write a suitable awk one-liner on your own, so basic awk skills are needed. As a starting point check the already existing awk rulesets 'adb_src_rset' in the config file, probably you need only small changes for your individual list. Download the desired list and test your new awk string locally. The output result should be a sequential list with one domain/host per line - nothing more. If your awk one-liner works quite well, add a new source section to the adblock config file and test the new source.  
+
 ## Support
 Please join the adblock discussion in this [forum thread](https://forum.lede-project.org/t/adblock-2-x-support-thread/507) or contact me by mail   
 
diff --git a/net/adblock/files/adblock.conf b/net/adblock/files/adblock.conf
index 0e4fd02..16a3436 100644
--- a/net/adblock/files/adblock.conf
+++ b/net/adblock/files/adblock.conf
@@ -2,125 +2,136 @@
 # see 'https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md'
 
 config adblock 'global'
-	option adb_enabled '1'
+	option adb_enabled '0'
+	option adb_dns 'dnsmasq'
+	option adb_fetchutil 'uclient-fetch'
+	option adb_trigger 'wan'
+
+config adblock 'extra'
 	option adb_debug '0'
 	option adb_forcesrt '0'
 	option adb_forcedns '0'
-	option adb_iface 'wan'
-	option adb_triggerdelay '2'
-	option adb_whitelist '/etc/adblock/adblock.whitelist'
-	option adb_whitelist_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\"^\"\$1\"\\\|[.]\"\$1)}'
 	option adb_backup '0'
-	option adb_backupdir '/mnt'
-	option adb_rtfile '/tmp/adb_runtime.json'
 
 config source 'adaway'
 	option enabled '1'
 	option adb_src 'https://adaway.org/hosts.txt'
-	option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
+	option adb_src_rset '\$0~/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
 	option adb_src_desc 'focus on mobile ads, infrequent updates, approx. 400 entries'
 
 config source 'adguard'
 	option enabled '0'
-	option adb_src 'https://raw.githubusercontent.com/AdguardTeam/AdguardDNS/master/Filters/filter.txt'
-	option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
-	option adb_src_desc 'combined adguard dns filter list, approx. 12.000 entries'
+	option adb_src 'https://filters.adtidy.org/windows/filters/15.txt'
+	option adb_src_rset 'BEGIN{FS=\"[/|^|\r]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+([\/\^\r]|$)/{print tolower(\$3)}'
+	option adb_src_desc 'combined adguard dns filter list, frequent updates, approx. 15.700 entries'
 
-config source 'blacklist'
+config source 'bitcoin'
 	option enabled '0'
+	option adb_src 'https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt'
+	option adb_src_rset '\$0~/^0\.0\.0\.0[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+	option adb_src_desc 'focus on malicious bitcoin mining sites, infrequent updates, approx. 20 entries'
+
+config source 'blacklist'
+	option enabled '1'
 	option adb_src '/etc/adblock/adblock.blacklist'
-	option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-	option adb_src_desc 'static local domain blacklist (always deny these domains)'
+	option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+	option adb_src_desc 'static local domain blacklist, always deny these domains'
 
 config source 'disconnect'
 	option enabled '1'
 	option adb_src 'https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt'
-	option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-	option adb_src_desc 'mozilla driven blocklist, numerous updates on the same day, approx. 6.500 entries'
+	option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+	option adb_src_desc 'mozilla driven blocklist, numerous updates on the same day, approx. 4.600 entries'
 
 config source 'dshield'
 	option enabled '0'
 	option adb_src 'https://www.dshield.org/feeds/suspiciousdomains_Low.txt'
-	option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-	option adb_src_desc 'generic blocklist, daily updates, approx. 4.500 entries'
+	option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+	option adb_src_desc 'generic blocklist, daily updates, approx. 3.500 entries'
 
 config source 'feodo'
 	option enabled '0'
 	option adb_src 'https://feodotracker.abuse.ch/blocklist/?download=domainblocklist'
-	option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
+	option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
 	option adb_src_desc 'focus on feodo botnet, daily updates, approx. 0-10 entries'
 
 config source 'hphosts'
 	option enabled '0'
 	option adb_src 'https://hosts-file.net/ad_servers.txt'
-	option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-	option adb_src_desc 'broad blocklist, monthly updates, approx. 50.000 entries'
+	option adb_src_rset '\$0~/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+	option adb_src_desc 'broad blocklist, monthly updates, approx. 19.200 entries'
 
 config source 'malware'
 	option enabled '0'
-	option adb_src 'https://mirror.cedia.org.ec/malwaredomains/justdomains'
-	option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-	option adb_src_desc 'broad blocklist, daily updates, approx. 16.000 entries'
+	option adb_src 'https://mirror.espoch.edu.ec/malwaredomains/justdomains'
+	option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+	option adb_src_desc 'broad blocklist, daily updates, approx. 18.300 entries'
 
 config source 'malwarelist'
 	option enabled '0'
 	option adb_src 'http://www.malwaredomainlist.com/hostslist/hosts.txt'
-	option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-	option adb_src_desc 'focus on malware, daily updates, approx. 1.500 entries'
+	option adb_src_rset '\$0~/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+	option adb_src_desc 'focus on malware, daily updates, approx. 1.200 entries'
 
 config source 'openphish'
 	option enabled '0'
 	option adb_src 'https://openphish.com/feed.txt'
-	option adb_src_rset '{FS=\"/\"} \$3 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$3)}'
-	option adb_src_desc 'focus on phishing, numerous updates on the same day, approx. 1.800 entries'
-
-config source 'palevo'
-	option enabled '0'
-	option adb_src 'https://palevotracker.abuse.ch/blocklists.php?download=domainblocklist'
-	option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-	option adb_src_desc 'focus on palevo worm, daily updates, approx. 15 entries'
+	option adb_src_rset 'BEGIN{FS=\"/\"}\$0~/^http[s]?:\/\/([[:alnum:]_-]+\.){1,}[[:alpha:]]+(\/|$)/{print tolower(\$3)}'
+	option adb_src_desc 'focus on phishing, numerous updates on the same day, approx. 2.400 entries'
 
 config source 'ransomware'
 	option enabled '0'
 	option adb_src 'https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt'
-	option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-	option adb_src_desc 'focus on ransomware, numerous updates on the same day, approx. 130 entries'
+	option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|\r|$)/{print tolower(\$1)}'
+	option adb_src_desc 'focus on ransomware, numerous updates on the same day, approx. 1900 entries'
 
 config source 'reg_cn'
 	option enabled '0'
 	option adb_src 'https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt'
-	option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
-	option adb_src_desc 'focus on chinese ads, daily updates, approx. 1.600 entries'
+	option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+	option adb_src_desc 'focus on chinese ads plus generic easylist additions, daily updates, approx. 11.700 entries'
+
+config source 'reg_de'
+	option enabled '0'
+	option adb_src 'https://easylist-downloads.adblockplus.org/easylistgermany+easylist.txt'
+	option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+	option adb_src_desc 'focus on german ads plus generic easylist additions, daily updates, approx. 9.200 entries'
+
+config source 'reg_id'
+	option enabled '0'
+	option adb_src 'https://easylist-downloads.adblockplus.org/abpindo+easylist.txt'
+	option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+	option adb_src_desc 'focus on indonesian ads plus generic easylist additions, weekly updates, approx. 9.600 entries'
+
+config source 'reg_nl'
+	option enabled '0'
+	option adb_src 'https://easylist-downloads.adblockplus.org/easylistdutch+easylist.txt'
+	option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+	option adb_src_desc 'focus on dutch ads plus generic easylist additions, weekly updates, approx. 9.400 entries'
 
 config source 'reg_pl'
 	option enabled '0'
 	option adb_src 'http://adblocklist.org/adblock-pxf-polish.txt'
-	option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
-	option adb_src_desc 'focus on polish ads, daily updates, approx. 50 entries'
+	option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+	option adb_src_desc 'focus on polish ads, daily updates, approx. 90 entries'
 
 config source 'reg_ro'
 	option enabled '0'
 	option adb_src 'https://easylist-downloads.adblockplus.org/rolist+easylist.txt'
-	option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
-	option adb_src_desc 'focus on romanian ads plus generic easylist additions, weekly updates, approx. 600 entries'
+	option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+	option adb_src_desc 'focus on romanian ads plus generic easylist additions, weekly updates, approx. 9.400 entries'
 
 config source 'reg_ru'
 	option enabled '0'
 	option adb_src 'https://easylist-downloads.adblockplus.org/ruadlist+easylist.txt'
-	option adb_src_rset '{FS=\"[|^]\"} \$0 ~/^\|\|([A-Za-z0-9_-]+\.){1,}[A-Za-z]+\^$/{print tolower(\$3)}'
-	option adb_src_desc 'focus on russian ads plus generic easylist additions, weekly updates, approx. 2.000 entries'
-
-config source 'securemecca'
-	option enabled '0'
-	option adb_src 'http://securemecca.com/Downloads/hosts.txt'
-	option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-	option adb_src_desc 'broad blocklist, infrequent updates, approx. 25.000 entries'
+	option adb_src_rset 'BEGIN{FS=\"[|^]\"}\$0~/^\|\|([[:alnum:]_-]+\.){1,}[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
+	option adb_src_desc 'focus on russian ads plus generic easylist additions, weekly updates, approx. 14.500 entries'
 
 config source 'shalla'
 	option enabled '0'
 	option adb_src 'http://www.shallalist.de/Downloads/shallalist.tar.gz'
-	option adb_src_rset '{FS=\"/\"} \$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-	option adb_src_desc 'broad blocklist subdivided in different categories, daily updates, approx. 32.000 entries'
+	option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+	option adb_src_desc 'broad blocklist subdivided in different categories, daily updates, approx. 31.700 entries'
 	list adb_src_cat 'adv'
 	list adb_src_cat 'costtraps'
 	list adb_src_cat 'spyware'
@@ -130,41 +141,41 @@ config source 'shalla'
 config source 'spam404'
 	option enabled '0'
 	option adb_src 'https://raw.githubusercontent.com/Dawsey21/Lists/master/main-blacklist.txt'
-	option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-	option adb_src_desc 'generic blocklist, infrequent updates, approx. 5.000 entries'
+	option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+	option adb_src_desc 'generic blocklist, infrequent updates, approx. 6.000 entries'
 
 config source 'sysctl' 
 	option enabled '0'
 	option adb_src 'http://sysctl.org/cameleon/hosts'
-	option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-	option adb_src_desc 'broad blocklist, weekly updates, approx. 21.000 entries'
+	option adb_src_rset '\$0~/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+	option adb_src_desc 'broad blocklist, weekly updates, approx. 16.500 entries'
 
 config source 'whocares'
 	option enabled '0'
 	option adb_src 'http://someonewhocares.org/hosts/hosts'
-	option adb_src_rset '\$0 ~/^127\.0\.0\.1[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-	option adb_src_desc 'broad blocklist, weekly updates, approx. 12.000 entries'
+	option adb_src_rset '\$0~/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+	option adb_src_desc 'broad blocklist, weekly updates, approx. 10.000 entries'
 
 config source 'winspy'
 	option enabled '0'
 	option adb_src 'https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt'
-	option adb_src_rset '\$0 ~/^0\.0\.0\.0[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-	option adb_src_desc 'focus on windows spy & telemetry, infrequent updates, approx. 140 entries'
+	option adb_src_rset '\$0~/^0\.0\.0\.0[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+	option adb_src_desc 'focus on windows spy & telemetry domains, infrequent updates, approx. 300 entries'
 
 config source 'winhelp'
 	option enabled '0'
 	option adb_src 'http://winhelp2002.mvps.org/hosts.txt'
-	option adb_src_rset '\$0 ~/^0\.0\.0\.0[ \t]+([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$2)}'
-	option adb_src_desc 'broad blocklist, infrequent updates, approx. 15.000 entries'
+	option adb_src_rset '\$0~/^0\.0\.0\.0[[:space:]]+([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
+	option adb_src_desc 'broad blocklist, infrequent updates, approx. 13.000 entries'
 
 config source 'yoyo'
 	option enabled '1'
 	option adb_src 'https://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=0&mimetype=plaintext'
-	option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-	option adb_src_desc 'focus on ad related domains, weekly updates, approx. 2.500 entries'
+	option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+	option adb_src_desc 'focus on ad related domains, weekly updates, approx. 2.400 entries'
 
 config source 'zeus'
 	option enabled '0'
 	option adb_src 'https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist'
-	option adb_src_rset '\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\$1)}'
-	option adb_src_desc 'focus on zeus botnet, daily updates, approx. 440 entries'
+	option adb_src_rset '\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
+	option adb_src_desc 'focus on zeus botnet, daily updates, approx. 400 entries'
diff --git a/net/adblock/files/adblock.init b/net/adblock/files/adblock.init
index ee94aa8..5ca4d11 100755
--- a/net/adblock/files/adblock.init
+++ b/net/adblock/files/adblock.init
@@ -1,7 +1,7 @@
 #!/bin/sh /etc/rc.common
 #
 
-START=50
+START=30
 USE_PROCD=1
 
 EXTRA_COMMANDS="suspend resume query status"
@@ -12,30 +12,40 @@ EXTRA_HELP="	suspend	Suspend adblock processing
 
 adb_init="/etc/init.d/adblock"
 adb_script="/usr/bin/adblock.sh"
+adb_pidfile="/var/run/adblock.pid"
 
 boot()
 {
     adb_boot=1
-    ubus -t 30 wait_for network.interface 2>/dev/null
     rc_procd start_service
 }
 
 start_service()
 {
-    if [ $("${adb_init}" enabled; printf ${?}) -eq 0 ]
+    if [ $("${adb_init}" enabled; printf "%u" ${?}) -eq 0 ]
     then
         if [ -n "${adb_boot}" ]
         then
-            return 0
+            local trigger="$(uci_get adblock.global.adb_trigger)"
+            if [ "${trigger}" != "timed" ]
+            then
+                return 0
+            fi
         fi
         procd_open_instance "adblock"
         procd_set_param command "${adb_script}" "${@}"
+        procd_set_param pidfile "${adb_pidfile}"
         procd_set_param stdout 1
         procd_set_param stderr 1
         procd_close_instance
     fi
 }
 
+reload_service()
+{
+    rc_procd start_service reload
+}
+
 stop_service()
 {
     rc_procd "${adb_script}" stop
@@ -49,34 +59,52 @@ restart()
 
 suspend()
 {
+    [ -s "${adb_pidfile}" ] && return 1
     rc_procd "${adb_script}" suspend
 }
 
 resume()
 {
+    [ -s "${adb_pidfile}" ] && return 1
     rc_procd "${adb_script}" resume
 }
 
 query()
 {
+    [ -s "${adb_pidfile}" ] && return 1
     rc_procd "${adb_script}" query "${1}"
 }
 
 status()
 {
-    rc_procd "${adb_script}" status
+    local key keylist value rtfile="$(uci_get adblock.extra.adb_rtfile)"
+
+    rtfile="${rtfile:-"/tmp/adb_runtime.json"}"
+    if [ -s "${rtfile}" ]
+    then
+        printf "%s\n" "::: adblock runtime information"
+        json_load "$(cat "${rtfile}" 2>/dev/null)"
+        json_select data
+        json_get_keys keylist
+        for key in ${keylist}
+        do
+            json_get_var value "${key}"
+            printf "  + %-15s : %s\n" "${key}" "${value}"
+        done
+    else
+        printf "%s\n" "::: no adblock runtime information available"
+    fi
 }
 
 service_triggers()
 {
-    local iface="$(uci -q get adblock.global.adb_iface)"
-    local delay="$(uci -q get adblock.global.adb_triggerdelay)"
+    local trigger="$(uci_get adblock.global.adb_trigger)"
+    local delay="$(uci_get adblock.extra.adb_triggerdelay)"
 
-    PROCD_RELOAD_DELAY=$((${delay:=2} * 1000))
-    for name in ${iface}
-    do
-        procd_add_interface_trigger "interface.*.up" "${name}" "${adb_init}" start
-    done
-    PROCD_RELOAD_DELAY=1000
-    procd_add_config_trigger "config.change" "adblock" "${adb_init}" start
+    if [ "${trigger}" != "none" ] && [ "${trigger}" != "timed" ]
+    then
+        PROCD_RELOAD_DELAY=$((${delay:-2} * 1000))
+        procd_add_interface_trigger "interface.*.up" "${trigger}" "${adb_init}" start
+    fi
+    procd_add_reload_trigger "adblock"
 }
diff --git a/net/adblock/files/adblock.notify b/net/adblock/files/adblock.notify
new file mode 100644
index 0000000..dc5acf5
--- /dev/null
+++ b/net/adblock/files/adblock.notify
@@ -0,0 +1,56 @@
+#!/bin/sh
+#
+# adblock send mail script for mstmp
+# written by Dirk Brenken (dev@brenken.org)
+# Please note: you have to install and configure the package 'mstmp' before using this script.
+
+# This is free software, licensed under the GNU General Public License v3.
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+
+LC_ALL=C
+PATH="/usr/sbin:/usr/bin:/sbin:/bin"
+mail_ver="1.0.1"
+mail_daemon="$(command -v msmtp)"
+mail_profile="adb_notify"
+mail_debug="--debug"
+mail_rc=1
+
+if [ ! -x "${mail_daemon}" ]
+then
+    mail_daemon="$(command -v sendmail)"
+fi
+
+if [ -f "/var/log/messages" ]
+then
+    logfile="$(cat /var/log/messages | grep "adblock-")"
+else
+    logfile="$(logread -e "adblock-")"
+fi
+
+# mail header
+#
+mail_sender="no-reply@adblock"
+mail_receiver="!!!ChangeMe!!!"
+mail_topic="adblock notification"
+mail_head="From: ${mail_sender}\nTo: ${mail_receiver}\nSubject: ${mail_topic}\nReply-to: ${mail_sender}\n\n"
+
+# mail body
+#
+mail_text="adblock status, generated at $(date 2>&1)!"
+mail_text="${mail_text}\n++\n++ System Information ++\n++\n$(cat /etc/banner 2>&1)"
+mail_text="${mail_text}\n\n++\n++ Adblock Information ++\n++\n$(/etc/init.d/adblock status 2>&1)"
+mail_text="${mail_text}\n\n++\n++ Logfile Information ++\n++\n${logfile}\n++\n++\n"
+
+# send mail
+#
+if [ -x "${mail_daemon}" ]
+then
+    printf "%b" "${mail_head}${mail_text}" 2>/dev/null | "${mail_daemon}" ${mail_debug} -a "${mail_profile}" "${mail_receiver}" >/dev/null 2>&1
+    mail_rc=${?}
+    logger -p "info" -t "adblock-notify-[${mail_ver}]" "mail sent to '${mail_receiver}' with rc '${mail_rc}'"
+else
+    logger -p "err" -t "adblock-notify-[${mail_ver}]" "msmtp mail daemon not found"
+fi
+
+exit ${mail_rc}
diff --git a/net/adblock/files/adblock.sh b/net/adblock/files/adblock.sh
index 03f86b0..465da07 100755
--- a/net/adblock/files/adblock.sh
+++ b/net/adblock/files/adblock.sh
@@ -10,74 +10,73 @@
 #
 LC_ALL=C
 PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-adb_ver="2.6.2"
-adb_sysver="$(ubus -S call system board | jsonfilter -e '@.release.description')"
-adb_enabled=1
+adb_ver="3.4.3"
+adb_sysver="unknown"
+adb_enabled=0
 adb_debug=0
+adb_backup_mode=0
+adb_whitelist_mode=0
 adb_forcesrt=0
 adb_forcedns=0
+adb_notify=0
+adb_notifycnt=0
+adb_triggerdelay=0
 adb_backup=0
 adb_backupdir="/mnt"
-adb_whitelist="/etc/adblock/adblock.whitelist"
-adb_whitelist_rset="\$1 ~/^([A-Za-z0-9_-]+\.){1,}[A-Za-z]+/{print tolower(\"^\"\$1\"\\\|[.]\"\$1)}"
-adb_fetch="/usr/bin/wget"
-adb_fetchparm="--no-config --quiet --no-cache --no-cookies --max-redirect=0 --timeout=10 --no-check-certificate -O"
-adb_dnslist="dnsmasq unbound"
+adb_fetchutil="uclient-fetch"
+adb_dns="dnsmasq"
 adb_dnsprefix="adb_list"
+adb_dnsfile="${adb_dnsprefix}.overall"
+adb_dnsflush=0
+adb_whitelist="/etc/adblock/adblock.whitelist"
 adb_rtfile="/tmp/adb_runtime.json"
-
-# f_envload: load adblock environment
+adb_hashutil="$(command -v sha256sum)"
+adb_hashold=""
+adb_hashnew=""
+adb_cnt=0
+adb_rc=0
+adb_action="${1:-"start"}"
+adb_pidfile="/var/run/adblock.pid"
+
+# load adblock environment
 #
 f_envload()
 {
-    local dns_up cnt=0
+    local dns_up sys_call sys_desc sys_model sys_ver cnt=0
 
-    # source in system library
+    # get system information
     #
-    if [ -r "/lib/functions.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ]
+    sys_call="$(ubus -S call system board 2>/dev/null)"
+    if [ -n "${sys_call}" ]
     then
-        . "/lib/functions.sh"
-        . "/usr/share/libubox/jshn.sh"
-    else
-        f_log "error" "system libraries not found"
+        sys_desc="$(printf '%s' "${sys_call}" | jsonfilter -e '@.release.description')"
+        sys_model="$(printf '%s' "${sys_call}" | jsonfilter -e '@.model')"
+        sys_ver="$(cat /etc/turris-version 2>/dev/null)"
+        if [ -n "${sys_ver}" ]
+        then
+            sys_desc="${sys_desc}/${sys_ver}"
+        fi
+        adb_sysver="${sys_model}, ${sys_desc}"
     fi
 
-    # set dns backend environment
+    # check hash utility
     #
-    while [ ${cnt} -le 20 ]
-    do
-        for dns in ${adb_dnslist}
-        do
-            dns_up="$(ubus -S call service list "{\"name\":\"${dns}\"}" | jsonfilter -l1 -e "@.${dns}.instances.*.running")"
-            if [ "${dns_up}" = "true" ]
-            then
-                case "${dns}" in
-                    dnsmasq)
-                        adb_dns="dnsmasq"
-                        adb_dnsdir="/tmp/dnsmasq.d"
-                        adb_dnshidedir="${adb_dnsdir}/.adb_hidden"
-                        adb_dnsformat="awk '{print \"local=/\"\$0\"/\"}'"
-                        break 2
-                        ;;
-                    unbound)
-                        adb_dns="unbound"
-                        adb_dnsdir="/var/lib/unbound"
-                        adb_dnshidedir="${adb_dnsdir}/.adb_hidden"
-                        adb_dnsformat="awk '{print \"local-zone: \042\"\$0\"\042 static\"}'"
-                        break 2
-                        ;;
-                esac
-            fi
-        done
-        sleep 1
-        cnt=$((cnt+1))
-    done
-    if [ -z "${adb_dns}" ]
+    if [ ! -x "${adb_hashutil}" ]
+    then
+        adb_hashutil="$(command -v md5sum)"
+    fi
+
+    # source in system libraries
+    #
+    if [ -r "/lib/functions.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ]
     then
-        f_log "error" "no active/supported DNS backend found"
+        . "/lib/functions.sh"
+        . "/usr/share/libubox/jshn.sh"
+    else
+        f_log "err" "system libraries not found"
     fi
 
-    # parse global section by callback
+    # parse 'global' and 'extra' section by callback
     #
     config_cb()
     {
@@ -95,7 +94,7 @@ f_envload()
         fi
     }
 
-    # parse 'source' section
+    # parse 'source' typed sections
     #
     parse_config()
     {
@@ -116,280 +115,613 @@ f_envload()
     config_load adblock
     config_foreach parse_config source
 
-    # force dns to local resolver
+    # check dns backend
+    #
+    case "${adb_dns}" in
+        dnsmasq)
+            adb_dnsinstance="${adb_dnsinstance:-"0"}"
+            adb_dnsuser="${adb_dnsuser:-"dnsmasq"}"
+            adb_dnsdir="${adb_dnsdir:-"/tmp"}"
+            adb_dnsheader=""
+            adb_dnsformat="awk '{print \"server=/\"\$0\"/\"}'"
+            if [ ${adb_whitelist_mode} -eq 1 ]
+            then
+                adb_dnsformat="awk '{print \"server=/\"\$0\"/#\"}'"
+                adb_dnsblock="server=/#/"
+            fi
+        ;;
+        unbound)
+            adb_dnsinstance="${adb_dnsinstance:-"0"}"
+            adb_dnsuser="${adb_dnsuser:-"unbound"}"
+            adb_dnsdir="${adb_dnsdir:-"/var/lib/unbound"}"
+            adb_dnsheader=""
+            adb_dnsformat="awk '{print \"local-zone: \042\"\$0\"\042 static\"}'"
+            if [ ${adb_whitelist_mode} -eq 1 ]
+            then
+                adb_dnsformat="awk '{print \"local-zone: \042\"\$0\"\042 transparent\"}'"
+                adb_dnsblock="local-zone: \".\" static"
+            fi
+        ;;
+        named)
+            adb_dnsinstance="${adb_dnsinstance:-"0"}"
+            adb_dnsuser="${adb_dnsuser:-"bind"}"
+            adb_dnsdir="${adb_dnsdir:-"/var/lib/bind"}"
+            adb_dnsheader="\$TTL 2h"$'\n'"@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)"$'\n'"  IN NS localhost."
+            adb_dnsformat="awk '{print \"\"\$0\" CNAME .\n*.\"\$0\" CNAME .\"}'"
+            if [ ${adb_whitelist_mode} -eq 1 ]
+            then
+                adb_dnsformat="awk '{print \"\"\$0\" CNAME rpz-passthru.\n*.\"\$0\" CNAME rpz-passthru.\"}'"
+                adb_dnsblock="* CNAME ."
+            fi
+        ;;
+        kresd)
+            adb_dnsinstance="${adb_dnsinstance:-"0"}"
+            adb_dnsuser="${adb_dnsuser:-"root"}"
+            adb_dnsdir="${adb_dnsdir:-"/etc/kresd"}"
+            adb_dnsheader="\$TTL 2h"$'\n'"@ IN SOA localhost. root.localhost. (1 6h 1h 1w 2h)"$'\n'"  IN NS  localhost."
+            adb_dnsformat="awk '{print \"\"\$0\" CNAME .\n*.\"\$0\" CNAME .\"}'"
+            if [ ${adb_whitelist_mode} -eq 1 ]
+            then
+                adb_dnsformat="awk '{print \"\"\$0\" CNAME rpz-passthru.\n*.\"\$0\" CNAME rpz-passthru.\"}'"
+                adb_dnsblock="* CNAME ."
+            fi
+        ;;
+        dnscrypt-proxy)
+            adb_dnsinstance="${adb_dnsinstance:-"0"}"
+            adb_dnsuser="${adb_dnsuser:-"nobody"}"
+            adb_dnsdir="${adb_dnsdir:-"/tmp"}"
+            adb_dnsheader=""
+            adb_dnsformat="awk '{print \$0}'"
+        ;;
+    esac
+
+    # check adblock status
     #
-    if [ ${adb_forcedns} -eq 1 ] && [ -z "$(uci -q get firewall.adblock_dns)" ]
+    if [ ${adb_enabled} -eq 0 ]
     then
-        uci -q set firewall.adblock_dns="redirect"
-        uci -q set firewall.adblock_dns.name="Adblock DNS"
-        uci -q set firewall.adblock_dns.src="lan"
-        uci -q set firewall.adblock_dns.proto="tcp udp"
-        uci -q set firewall.adblock_dns.src_dport="53"
-        uci -q set firewall.adblock_dns.dest_port="53"
-        uci -q set firewall.adblock_dns.target="DNAT"
-    elif [ ${adb_forcedns} -eq 0 ] && [ -n "$(uci -q get firewall.adblock_dns)" ]
+        f_extconf
+        f_temp
+        f_rmdns
+        f_jsnup
+        f_log "info" "adblock is currently disabled, please set adb_enabled to '1' to use this service"
+        exit 0
+    fi
+
+    if [ "${adb_dns}" = "dnsmasq" ] && [ ${adb_dnsinstance} -ne 0 ]
     then
-        uci -q delete firewall.adblock_dns
+        adb_dnsfile="${adb_dnsprefix}.overall.${adb_dnsinstance}"
+    fi
+
+    if [ -d "${adb_dnsdir}" ] && [ ! -f "${adb_dnsdir}/${adb_dnsfile}" ]
+    then
+        printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
     fi
-    if [ -n "$(uci -q changes firewall)" ]
+
+    if [ "${adb_action}" = "start" ] && [ "${adb_trigger}" = "timed" ]
     then
-        uci -q commit firewall
-        if [ $(/etc/init.d/firewall enabled; printf ${?}) -eq 0 ]
+        sleep ${adb_triggerdelay}
+    fi
+
+    while [ ${cnt} -le 30 ]
+    do
+        dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" 2>/dev/null | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running" 2>/dev/null)"
+        if [ "${dns_up}" = "true" ]
         then
-            /etc/init.d/firewall reload >/dev/null 2>&1
+            break
         fi
+        sleep 1
+        cnt=$((cnt+1))
+    done
+
+    if [ -z "${adb_dns}" ] || [ -z "${adb_dnsformat}" ] || [ ! -x "$(command -v ${adb_dns})" ] || [ ! -d "${adb_dnsdir}" ]
+    then
+        f_log "err" "'${adb_dns}' not running, DNS backend not found"
     fi
 }
 
-# f_envcheck: check/set environment prerequisites
+# check environment
 #
 f_envcheck()
 {
     local ssl_lib
 
-    # check 'enabled' option
+    # check external uci config files
     #
-    if [ ${adb_enabled} -ne 1 ]
-    then
-        if [ -n "$(ls -dA "${adb_dnsdir}/${adb_dnsprefix}"* 2>/dev/null)" ]
-        then
-            f_rmdns
-            f_dnsrestart
-        fi
-        f_log "info " "adblock is currently disabled, please set adb_enabled to '1' to use this service"
-        exit 0
-    fi
+    f_extconf
 
     # check fetch utility
     #
-    ssl_lib="-"
-    if [ -x "${adb_fetch}" ]
-    then
-        if [ "$(readlink -fn "${adb_fetch}")" = "/usr/bin/wget-nossl" ]
-        then
-            adb_fetchparm="--no-config --quiet --no-cache --no-cookies --max-redirect=0 --timeout=10 -O"
-        elif [ "$(readlink -fn "/bin/wget")" = "/bin/busybox" ] || [ "$(readlink -fn "${adb_fetch}")" = "/bin/busybox" ]
-        then
-            adb_fetch="/bin/busybox"
-            adb_fetchparm="-q -O"
-        else
+    case "${adb_fetchutil}" in
+        uclient-fetch)
+            if [ -f "/lib/libustream-ssl.so" ]
+            then
+                adb_fetchparm="${adb_fetchparm:-"--timeout=10 --no-check-certificate -O"}"
+                ssl_lib="libustream-ssl"
+            else
+                adb_fetchparm="${adb_fetchparm:-"--timeout=10 -O"}"
+            fi
+        ;;
+        wget)
+            adb_fetchparm="${adb_fetchparm:-"--no-cache --no-cookies --max-redirect=0 --timeout=10 --no-check-certificate -O"}"
             ssl_lib="built-in"
-        fi
-    fi
-    if [ ! -x "${adb_fetch}" ] && [ "$(readlink -fn "/bin/wget")" = "/bin/uclient-fetch" ]
-    then
-        adb_fetch="/bin/uclient-fetch"
-        if [ -f "/lib/libustream-ssl.so" ]
-        then
-            adb_fetchparm="-q --timeout=10 --no-check-certificate -O"
-            ssl_lib="libustream-ssl"
-        else
-            adb_fetchparm="-q --timeout=10 -O"
-        fi
-    fi
-    if [ ! -x "${adb_fetch}" ] || [ -z "${adb_fetch}" ] || [ -z "${adb_fetchparm}" ]
-    then
-        f_log "error" "no download utility found, please install 'uclient-fetch' with 'libustream-mbedtls' or the full 'wget' package"
-    fi
-    adb_fetchinfo="${adb_fetch##*/} (${ssl_lib})"
+        ;;
+        wget-nossl)
+            adb_fetchparm="${adb_fetchparm:-"--no-cache --no-cookies --max-redirect=0 --timeout=10 -O"}"
+        ;;
+        busybox)
+            adb_fetchparm="${adb_fetchparm:-"-O"}"
+        ;;
+        curl)
+            adb_fetchparm="${adb_fetchparm:-"--connect-timeout 10 --insecure -o"}"
+            ssl_lib="built-in"
+        ;;
+        aria2c)
+            adb_fetchparm="${adb_fetchparm:-"--timeout=10 --allow-overwrite=true --auto-file-renaming=false --check-certificate=false -o"}"
+            ssl_lib="built-in"
+        ;;
+    esac
+    adb_fetchutil="$(command -v "${adb_fetchutil}")"
 
-    # create dns hideout directory
-    #
-    if [ ! -d "${adb_dnshidedir}" ]
+    if [ ! -x "${adb_fetchutil}" ] || [ -z "${adb_fetchutil}" ] || [ -z "${adb_fetchparm}" ]
     then
-        mkdir -p -m 660 "${adb_dnshidedir}"
-        chown -R "${adb_dns}":"${adb_dns}" "${adb_dnshidedir}" 2>/dev/null
-    else
-        rm -f "${adb_dnshidedir}/${adb_dnsprefix}"*
+        f_log "err" "download utility not found, please install 'uclient-fetch' with 'libustream-mbedtls' or the full 'wget' package"
     fi
+    adb_fetchinfo="${adb_fetchutil} (${ssl_lib:-"-"})"
 
-    # create adblock temp file/directory
-    #
-    adb_tmpload="$(mktemp -tu)"
-    adb_tmpfile="$(mktemp -tu)"
-    adb_tmpdir="$(mktemp -p /tmp -d)"
+    f_temp
+    f_jsnup "running"
+    f_log "info" "start adblock processing (${adb_action})"
+}
 
-    # prepare whitelist entries
-    #
-    if [ -s "${adb_whitelist}" ]
+# create temporay files and directories
+#
+f_temp()
+{
+    if [ -z "${adb_tmpdir}" ]
     then
-        awk "${adb_whitelist_rset}" "${adb_whitelist}" > "${adb_tmpdir}/tmp.whitelist"
+        adb_tmpdir="$(mktemp -p /tmp -d)"
+        adb_tmpload="$(mktemp -tu)"
+        adb_tmpfile="$(mktemp -tu)"
+    fi
+    if [ ! -s "${adb_pidfile}" ]
+    then
+        printf '%s' "${$}" > "${adb_pidfile}"
     fi
 }
 
-# f_rmtemp: remove temporary files & directories
+# remove temporay files and directories
 #
 f_rmtemp()
 {
     if [ -d "${adb_tmpdir}" ]
     then
+        rm -rf "${adb_tmpdir}"
         rm -f "${adb_tmpload}"
         rm -f "${adb_tmpfile}"
-        rm -rf "${adb_tmpdir}"
     fi
+    > "${adb_pidfile}"
 }
 
-# f_rmdns: remove dns related files & directories
+# remove dns related files and directories
 #
 f_rmdns()
 {
     if [ -n "${adb_dns}" ]
     then
-        rm -f "${adb_dnsdir}/${adb_dnsprefix}"*
-        rm -f "${adb_backupdir}/${adb_dnsprefix}"*.gz
-        rm -rf "${adb_dnshidedir}"
+        f_hash
+        printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
+        > "${adb_dnsdir}/.${adb_dnsfile}"
         > "${adb_rtfile}"
+        rm -f "${adb_backupdir}/${adb_dnsprefix}"*.gz
+        f_hash
+        if [ ${?} -eq 1 ]
+        then
+            f_dnsup
+        fi
+        f_rmtemp
+    fi
+    f_log "debug" "f_rmdns::: dns: ${adb_dns}, dns_dir: ${adb_dnsdir}, dns_prefix: ${adb_dnsprefix}, dns_file: ${adb_dnsfile}, rt_file: ${adb_rtfile}, backup_dir: ${adb_backupdir}"
+}
+
+# commit uci changes
+#
+f_uci()
+{
+    local change config="${1}"
+
+    if [ -n "${config}" ]
+    then
+        change="$(uci -q changes "${config}" | awk '{ORS=" "; print $0}')"
+        if [ -n "${change}" ]
+        then
+            uci -q commit "${config}"
+            case "${config}" in
+                firewall)
+                    /etc/init.d/firewall reload >/dev/null 2>&1
+                ;;
+                *)
+                    /etc/init.d/"${adb_dns}" reload >/dev/null 2>&1
+                ;;
+            esac
+        fi
+    fi
+    f_log "debug" "f_uci  ::: config: ${config}, change: ${change}"
+}
+
+# list/overall count
+#
+f_count()
+{
+    local mode="${1}"
+
+    adb_cnt=0
+    if [ -s "${adb_dnsdir}/${adb_dnsfile}" ] && ([ -z "${mode}" ] || [ "${mode}" = "final" ])
+    then
+        if [ "${adb_dns}" = "named" ] || [ "${adb_dns}" = "kresd" ]
+        then
+            adb_cnt="$(( ($(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}") - $(printf "%s" "${adb_dnsheader}" | grep -c "^")) / 2 ))"
+        else
+            adb_cnt="$(wc -l 2>/dev/null < "${adb_dnsdir}/${adb_dnsfile}")"
+        fi
+    elif [ -s "${adb_tmpfile}" ]
+    then
+        adb_cnt="$(wc -l 2>/dev/null < "${adb_tmpfile}")"
     fi
 }
 
-# f_dnsrestart: restart the dns backend
+# set external config options
 #
-f_dnsrestart()
+f_extconf()
 {
-    local cnt=0
+    local uci_config
+
+    case "${adb_dns}" in
+        dnsmasq)
+            uci_config="dhcp"
+            if [ ${adb_enabled} -eq 1 ] && [ -z "$(uci -q get dhcp.@dnsmasq[${adb_dnsinstance}].serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+            then
+                uci -q set dhcp.@dnsmasq[${adb_dnsinstance}].serversfile="${adb_dnsdir}/${adb_dnsfile}"
+            elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci -q get dhcp.@dnsmasq[${adb_dnsinstance}].serversfile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+            then
+                uci -q delete dhcp.@dnsmasq[${adb_dnsinstance}].serversfile
+            fi
+        ;;
+        kresd)
+            uci_config="resolver"
+            if [ ${adb_enabled} -eq 1 ] && [ -z "$(uci -q get resolver.kresd.rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+            then
+                uci -q add_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
+            elif [ ${adb_enabled} -eq 0 ] && [ -n "$(uci -q get resolver.kresd.rpz_file | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
+            then
+                uci -q del_list resolver.kresd.rpz_file="${adb_dnsdir}/${adb_dnsfile}"
+            fi
+            if [ ${adb_enabled} -eq 1 ] && [ ${adb_dnsflush} -eq 0 ] && [ "$(uci -q get resolver.kresd.keep_cache)" != "1" ]
+            then
+                uci -q set resolver.kresd.keep_cache="1"
+            elif [ ${adb_enabled} -eq 0 ] || ([ ${adb_dnsflush} -eq 1 ] && [ "$(uci -q get resolver.kresd.keep_cache)" = "1" ])
+            then
+                uci -q delete resolver.kresd.keep_cache
+            fi
+        ;;
+    esac
+    f_uci "${uci_config}"
 
-    "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+    uci_config="firewall"
+    if [ ${adb_enabled} -eq 1 ] && [ ${adb_forcedns} -eq 1 ] && \
+       [ -z "$(uci -q get firewall.adblock_dns)" ] && [ $(/etc/init.d/firewall enabled; printf "%u" ${?}) -eq 0 ]
+    then
+        uci -q set firewall.adblock_dns="redirect"
+        uci -q set firewall.adblock_dns.name="Adblock DNS"
+        uci -q set firewall.adblock_dns.src="lan"
+        uci -q set firewall.adblock_dns.proto="tcp udp"
+        uci -q set firewall.adblock_dns.src_dport="53"
+        uci -q set firewall.adblock_dns.dest_port="53"
+        uci -q set firewall.adblock_dns.target="DNAT"
+    elif [ -n "$(uci -q get firewall.adblock_dns)" ] && ([ ${adb_enabled} -eq 0 ] || [ ${adb_forcedns} -eq 0 ])
+    then
+        uci -q delete firewall.adblock_dns
+    fi
+    f_uci "${uci_config}"
+}
+
+# restart of the dns backend
+#
+f_dnsup()
+{
+    local dns_up cache_util cache_rc cnt=0
+
+    if [ ${adb_dnsflush} -eq 0 ] && [ ${adb_enabled} -eq 1 ] && [ "${adb_rc}" -eq 0 ]
+    then
+        case "${adb_dns}" in
+            dnsmasq)
+                killall -q -HUP "${adb_dns}"
+                cache_rc=${?}
+            ;;
+            unbound)
+                cache_util="$(command -v unbound-control)"
+                if [ -x "${cache_util}" ] && [ -d "${adb_tmpdir}" ] && [ -f "${adb_dnsdir}"/unbound.conf ]
+                then
+                    "${cache_util}" -c "${adb_dnsdir}"/unbound.conf dump_cache > "${adb_tmpdir}"/adb_cache.dump 2>/dev/null
+                fi
+                "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+            ;;
+            kresd)
+                cache_util="keep_cache"
+                "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+                cache_rc=${?}
+            ;;
+            named)
+                cache_util="$(command -v rndc)"
+                if [ -x "${cache_util}" ] && [ -f /etc/bind/rndc.conf ]
+                then
+                    "${cache_util}" -c /etc/bind/rndc.conf reload >/dev/null 2>&1
+                    cache_rc=${?}
+                else
+                    "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+                fi
+            ;;
+            *)
+                "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+            ;;
+        esac
+    else
+        "/etc/init.d/${adb_dns}" restart >/dev/null 2>&1
+    fi
+
+    adb_rc=1
     while [ ${cnt} -le 10 ]
     do
-        adb_dnsup="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" | jsonfilter -l1 -e "@.${adb_dns}.instances.*.running")"
-        if [ "${adb_dnsup}" = "true" ]
+        dns_up="$(ubus -S call service list "{\"name\":\"${adb_dns}\"}" | jsonfilter -l1 -e "@[\"${adb_dns}\"].instances.*.running")"
+        if [ "${dns_up}" = "true" ]
         then
+            case "${adb_dns}" in
+                unbound)
+                    cache_util="$(command -v unbound-control)"
+                    if [ -x "${cache_util}" ] && [ -d "${adb_tmpdir}" ] && [ -s "${adb_tmpdir}"/adb_cache.dump ]
+                    then
+                        while [ ${cnt} -le 10 ]
+                        do
+                            "${cache_util}" -c "${adb_dnsdir}"/unbound.conf load_cache < "${adb_tmpdir}"/adb_cache.dump >/dev/null 2>&1
+                            cache_rc=${?}
+                            if [ ${cache_rc} -eq 0 ]
+                            then
+                                break
+                            fi
+                            cnt=$((cnt+1))
+                            sleep 1
+                        done
+                    fi
+                ;;
+            esac
+            adb_rc=0
             break
         fi
         cnt=$((cnt+1))
         sleep 1
     done
+    f_log "debug" "f_dnsup::: cache_util: ${cache_util:-"-"}, cache_rc: ${cache_rc:-"-"}, cache_flush: ${adb_dnsflush}, cache_cnt: ${cnt}, out_rc: ${adb_rc}"
 }
 
-# f_list: backup/restore/remove block lists
+# backup/restore/remove blocklists
 #
 f_list()
 {
-    local mode="${1}" in_rc="${adb_rc}" cnt=0
+    local mode="${1}" in_rc="${adb_rc}"
 
     case "${mode}" in
         backup)
-            cnt="$(wc -l < "${adb_tmpfile}")"
-            if [ ${adb_backup} -eq 1 ] && [ -d "${adb_backupdir}" ]
+            if [ -d "${adb_backupdir}" ]
             then
-                gzip -cf "${adb_tmpfile}" > "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz"
+                gzip -cf "${adb_tmpfile}" > "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" 2>/dev/null
                 adb_rc=${?}
             fi
-            ;;
+        ;;
         restore)
-            if [ ${adb_backup} -eq 1 ] && [ -d "${adb_backupdir}" ]
+            if [ -d "${adb_backupdir}" ] && [ -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" ]
             then
-                rm -f "${adb_dnsdir}/${adb_dnsprefix}.${src_name}"
-                if [ -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" ]
-                then
-                    gunzip -cf "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" > "${adb_tmpfile}"
-                    adb_rc=${?}
-                fi
+                gunzip -cf "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz" > "${adb_tmpfile}" 2>/dev/null
+                adb_rc=${?}
             fi
-            ;;
+        ;;
         remove)
-            rm -f "${adb_dnsdir}/${adb_dnsprefix}.${src_name}"
             if [ -d "${adb_backupdir}" ]
             then
                 rm -f "${adb_backupdir}/${adb_dnsprefix}.${src_name}.gz"
             fi
             adb_rc=${?}
-            ;;
+        ;;
+        merge)
+            if [ -s "${adb_tmpfile}" ]
+            then
+                cat "${adb_tmpfile}" >> "${adb_tmpdir}/${adb_dnsfile}"
+                adb_rc=${?}
+            fi
+        ;;
+        final)
+            if [ -s "${adb_tmpdir}/tmp.whitelist" ]
+            then
+                grep -vf "${adb_tmpdir}/tmp.whitelist" "${adb_tmpdir}/${adb_dnsfile}" | eval "${adb_dnsformat}" > "${adb_dnsdir}/${adb_dnsfile}"
+            else
+                eval "${adb_dnsformat}" "${adb_tmpdir}/${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
+            fi
+            if [ ${?} -eq 0 ] && [ -n "${adb_dnsheader}" ]
+            then
+                printf '%s\n' "${adb_dnsheader}" | cat - "${adb_dnsdir}/${adb_dnsfile}" > "${adb_tmpdir}/${adb_dnsfile}"
+                cat "${adb_tmpdir}/${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
+            fi
+            adb_rc=${?}
+        ;;
     esac
-    f_log "debug" "name: ${src_name}, mode: ${mode}, count: ${cnt}, in_rc: ${in_rc}, out_rc: ${adb_rc}"
+    f_count "${mode}"
+    f_log "debug" "f_list ::: mode: ${mode}, cnt: ${adb_cnt}, in_rc: ${in_rc}, out_rc: ${adb_rc}"
 }
 
-# f_switch: suspend/resume adblock processing
+# top level domain compression
 #
-f_switch()
+f_tld()
 {
-    if [ -d "${adb_dnshidedir}" ]
-    then
-        local source target status mode="${1}"
-        local dns_active="$(find "${adb_dnsdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}*" -print)"
-        local dns_passive="$(find "${adb_dnshidedir}" -maxdepth 1 -type f -name "${adb_dnsprefix}*" -print)"
+    local cnt cnt_srt cnt_tld source="${1}" temp="${adb_tmpload}"
+
+    cnt="$(wc -l 2>/dev/null < "${source}")"
+    awk -F "." '{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' "${source}" 2>/dev/null | sort -u > "${temp}"
+    cnt_srt="$(wc -l 2>/dev/null < "${temp}")"
+    awk '{if(NR==1){tld=$NF};while(getline){if($NF!~tld"\\."){print tld;tld=$NF}}print tld}' "${temp}" 2>/dev/null |\
+    awk -F "." '{for(f=NF;f>1;f--)printf "%s.",$f;print $1}' 2>/dev/null | sort > "${source}"
+    cnt_tld="$(wc -l 2>/dev/null < "${source}")"
+    f_log "debug" "f_tld  ::: source: ${source}, cnt: ${cnt}, cnt_srt: ${cnt_srt}, cnt_tld: ${cnt_tld}"
+}
+
+# blocklist hash compare
+#
+f_hash()
+{
+    local hash hash_rc=1
 
-        if [ -n "${dns_active}" ] && [ "${mode}" = "suspend" ]
+    if [ -x "${adb_hashutil}" ] && [ -f "${adb_dnsdir}/${adb_dnsfile}" ]
+    then
+        hash="$(${adb_hashutil} "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null | awk '{print $1}')"
+        if [ -z "${adb_hashold}" ] && [ -n "${hash}" ]
         then
-            source="${adb_dnsdir}/${adb_dnsprefix}"
-            target="${adb_dnshidedir}"
-            status="suspended"
-        elif [ -n "${dns_passive}" ] && [ "${mode}" = "resume" ]
+            adb_hashold="${hash}"
+        elif [ -z "${adb_hashnew}" ] && [ -n "${hash}" ]
         then
-            source="${adb_dnshidedir}/${adb_dnsprefix}"
-            target="${adb_dnsdir}"
-            status="resumed"
+            adb_hashnew="${hash}"
         fi
-        if [ -n "${status}" ]
+        if [ -n "${adb_hashold}" ] && [ -n "${adb_hashnew}" ]
         then
-            mv -f "${source}"* "${target}"
-            f_dnsrestart
-            f_log "info " "adblock processing ${status}"
+            if [ "${adb_hashold}" = "${adb_hashnew}" ]
+            then
+                hash_rc=0
+            fi
+            adb_hashold=""
+            adb_hashnew=""
         fi
     fi
+    f_log "debug" "f_hash ::: hash_util: ${adb_hashutil}, hash: ${hash}, out_rc: ${hash_rc}"
+    return ${hash_rc}
+}
+
+# suspend/resume adblock processing
+#
+f_switch()
+{
+    local mode="${1}"
+
+    if [ ! -s "${adb_dnsdir}/.${adb_dnsfile}" ] && [ "${mode}" = "suspend" ]
+    then
+        f_hash
+        cat "${adb_dnsdir}/${adb_dnsfile}" > "${adb_dnsdir}/.${adb_dnsfile}"
+        printf '%s\n' "${adb_dnsheader}" > "${adb_dnsdir}/${adb_dnsfile}"
+        f_hash
+    elif [ -s "${adb_dnsdir}/.${adb_dnsfile}" ] && [ "${mode}" = "resume" ]
+    then
+        f_hash
+        cat "${adb_dnsdir}/.${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
+        > "${adb_dnsdir}/.${adb_dnsfile}"
+        f_hash
+    fi
+    if [ ${?} -eq 1 ]
+    then
+        f_temp
+        f_dnsup
+        f_jsnup
+        f_log "info" "${mode} adblock processing"
+        f_rmtemp
+        exit 0
+    fi
 }
 
-# f_query: query block lists for certain (sub-)domains
+# query blocklist for certain (sub-)domains
 #
 f_query()
 {
     local search result cnt
     local domain="${1}"
     local tld="${domain#*.}"
-    local dns_active="$(find "${adb_dnsdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}*" -print)"
 
-    if [ -z "${dns_active}" ]
-    then
-         printf "%s\n" "::: no active block lists found, please start / resume adblock first"
-    elif [ -z "${domain}" ] || [ "${domain}" = "${tld}" ]
+    if [ -z "${domain}" ] || [ "${domain}" = "${tld}" ]
     then
-        printf "%s\n" "::: invalid domain input, please submit a specific (sub-)domain, e.g. 'www.abc.xyz'"
+        printf "%s\n" "::: invalid domain input, please submit a single domain, e.g. 'doubleclick.net'"
     else
         cd "${adb_dnsdir}"
         while [ "${domain}" != "${tld}" ]
         do
             search="${domain//./\.}"
-            result="$(grep -Hm1 "[/\"\.]${search}[/\"]" "${adb_dnsprefix}"* | awk -F ':|=|/|\"' '{printf(" %-20s : %s\n",$1,$4)}')"
-            printf "%s\n" "::: distinct results for domain '${domain}'"
-            printf "%s\n" "${result:=" no match"}"
+            if [ "${adb_dns}" = "dnsmasq" ] || [ "${adb_dns}" = "unbound" ]
+            then
+                result="$(awk -F '/|\"' "/[\/\"\.]${search}/{i++;{printf(\"  + %s\n\",\$2)};if(i>9){exit}}" "${adb_dnsfile}")"
+            else
+                result="$(awk "/(^[^\*][[:alpha:]]*[\.]+${search}|^${search})/{i++;{printf(\"  + %s\n\",\$1)};if(i>9){exit}}" "${adb_dnsfile}")"
+            fi
+            printf "%s\n" "::: results for domain '${domain}' (max. 10)"
+            printf "%s\n" "${result:-"  - no match"}"
             domain="${tld}"
             tld="${domain#*.}"
         done
     fi
 }
 
-# f_status: output runtime information
+# update runtime information
 #
-f_status()
+f_jsnup()
 {
-    local key keylist value
+    local bg_pid rundate status="${1}" mode="normal mode"
 
-    if [ -s "${adb_rtfile}" ]
+    if [ -z "${status}" ]
     then
-        local dns_active="$(find "${adb_dnsdir}" -maxdepth 1 -type f -name "${adb_dnsprefix}*" -print)"
-        local dns_passive="$(find "${adb_dnshidedir}" -maxdepth 1 -type f -name "${adb_dnsprefix}*" -print)"
-
-        if [ -n "${dns_active}" ]
+        rundate="$(/bin/date "+%d.%m.%Y %H:%M:%S")"
+        if [ ${adb_rc} -gt 0 ]
+        then
+            status="error"
+        elif [ ${adb_enabled} -eq 0 ]
         then
-            value="active"
-        elif [ -n "${dns_passive}" ] || [ -z "${dns_active}" ]
+            status="disabled"
+        elif [ -s "${adb_dnsdir}/.${adb_dnsfile}" ]
         then
-            value="no domains blocked"
+            status="paused"
+        else
+            status="enabled"
+            f_count
         fi
-        printf "%s\n" "::: adblock runtime information"
-        printf " %-15s : %s\n" "status" "${value}"
+    fi
+
+    if [ ${adb_backup_mode} -eq 1 ]
+    then
+        mode="normal/backup mode"
+    elif [ ${adb_whitelist_mode} -eq 1 ]
+    then
+        mode="whitelist mode"
+    fi
+
+    if [ -z "${adb_fetchinfo}" ] && [ -s "${adb_rtfile}" ]
+    then
         json_load "$(cat "${adb_rtfile}" 2>/dev/null)"
         json_select data
-        json_get_keys keylist
-        for key in ${keylist}
-        do
-            json_get_var value ${key}
-            printf " %-15s : %s\n" "${key}" "${value}"
-        done
+        json_get_var adb_fetchinfo "fetch_utility"
+    fi
+
+    json_init
+    json_add_object "data"
+    json_add_string "adblock_status" "${status}"
+    json_add_string "adblock_version" "${adb_ver}"
+    json_add_string "overall_domains" "${adb_cnt} (${mode})"
+    json_add_string "fetch_utility" "${adb_fetchinfo:-"-"}"
+    json_add_string "dns_backend" "${adb_dns} (${adb_dnsdir})"
+    json_add_string "last_rundate" "${rundate:-"-"}"
+    json_add_string "system_release" "${adb_sysver}"
+    json_close_object
+    json_dump > "${adb_rtfile}"
+
+    if [ ${adb_notify} -eq 1 ] && [ -x /etc/adblock/adblock.notify ] && ([ "${status}" = "error" ] ||\
+        ([ "${status}" = "enabled" ] && [ ${adb_whitelist_mode} -eq 0 ] && [ ${adb_cnt} -le ${adb_notifycnt} ]))
+    then
+        (/etc/adblock/adblock.notify >/dev/null 2>&1) &
+        bg_pid=${!}
     fi
+    f_log "debug" "f_jsnup::: status: ${status}, mode: ${mode}, cnt: ${adb_cnt}, notify: ${adb_notify}, notify_cnt: ${adb_notifycnt}, notify_pid: ${bg_pid:-"-"}"
 }
 
-# f_log: write to syslog, exit on error
+# write to syslog
 #
 f_log()
 {
@@ -397,66 +729,119 @@ f_log()
 
     if [ -n "${log_msg}" ] && ([ "${class}" != "debug" ] || [ ${adb_debug} -eq 1 ])
     then
-        logger -t "adblock-[${adb_ver}] ${class}" "${log_msg}"
-        if [ "${class}" = "error" ]
+        logger -p "${class}" -t "adblock-[${adb_ver}]" "${log_msg}"
+        if [ "${class}" = "err" ]
         then
-            logger -t "adblock-[${adb_ver}] ${class}" "Please check 'https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md' (${adb_sysver})"
-            f_rmtemp
-            if [ -n "$(ls -dA "${adb_dnsdir}/${adb_dnsprefix}"* 2>/dev/null)" ]
-            then
-                f_rmdns
-                f_dnsrestart
-            fi
-            exit 255
+            f_rmdns
+            f_jsnup
+            logger -p "${class}" -t "adblock-[${adb_ver}]" "Please also check 'https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md' (${adb_sysver})"
+            exit 1
         fi
     fi
 }
 
-# main function for block list processing
+# main function for blocklist processing
 #
 f_main()
 {
-    local enabled url cnt sum_cnt=0 mem_total=0
-    local src_name src_rset shalla_archive
-    mem_total="$(awk '$1 ~ /^MemTotal/ {printf $2}' "/proc/meminfo" 2>/dev/null)"
+    local src_name src_rset src_log src_arc enabled url mem_total="$(awk '/^MemTotal/ {print int($2/1000)}' "/proc/meminfo")"
+
+    f_log "debug" "f_main ::: dns: ${adb_dns}, fetch_util: ${adb_fetchinfo}, backup: ${adb_backup}, backup_mode: ${adb_backup_mode}, whitelist_mode: ${adb_whitelist_mode}, force_srt: ${adb_forcesrt}, force_dns: ${adb_forcedns}, mem_total: ${mem_total}"
+    > "${adb_dnsdir}/.${adb_dnsfile}"
+    > "${adb_tmpdir}/tmp.whitelist"
+
+    # prepare whitelist entries
+    #
+    if [ -s "${adb_whitelist}" ]
+    then
+        if [ ${adb_whitelist_mode} -eq 1 ] && [ "${adb_dns}" != "dnscrypt-proxy" ]
+        then
+            adb_whitelist_rset="\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}"
+        else
+            adb_whitelist_rset="\$0~/^([[:alnum:]_-]+\.){1,}[[:alpha:]]+([[:space:]]|$)/{gsub(\"\\\.\",\"\\\.\",\$1);print tolower(\"^\"\$1\"\\\|\\\.\"\$1)}"
+        fi
+        awk "${adb_whitelist_rset}" "${adb_whitelist}" > "${adb_tmpdir}/tmp.whitelist"
+    fi
+
+    # whitelist mode processing
+    #
+    if [ ${adb_whitelist_mode} -eq 1 ] && [ "${adb_dns}" != "dnscrypt-proxy" ]
+    then
+        f_hash
+        f_tld "${adb_tmpdir}/tmp.whitelist"
+        eval "${adb_dnsformat}" "${adb_tmpdir}/tmp.whitelist" > "${adb_dnsdir}/${adb_dnsfile}"
+        printf '%s\n' "${adb_dnsblock}" >> "${adb_dnsdir}/${adb_dnsfile}"
+        if [ -n "${adb_dnsheader}" ]
+        then
+            printf '%s\n' "${adb_dnsheader}" | cat - "${adb_dnsdir}/${adb_dnsfile}" > "${adb_tmpdir}/${adb_dnsfile}"
+            cat "${adb_tmpdir}/${adb_dnsfile}" > "${adb_dnsdir}/${adb_dnsfile}"
+        fi
+        f_hash
+        if [ ${?} -eq 1 ]
+        then
+            f_dnsup
+        fi
+        f_jsnup
+        if [ ${adb_rc} -eq 0 ]
+        then
+            f_log "info" "whitelist with overall ${adb_cnt} domains loaded successfully (${adb_sysver})"
+            return 0
+        else
+            f_log "err" "dns backend restart with active whitelist failed"
+        fi
+    fi
 
-    f_log "info " "start adblock processing ..."
-    > "${adb_rtfile}"
+    # normal & backup mode processing
+    #
     for src_name in ${adb_sources}
     do
         eval "enabled=\"\${enabled_${src_name}}\""
         eval "url=\"\${adb_src_${src_name}}\""
         eval "src_rset=\"\${adb_src_rset_${src_name}}\""
-        adb_dnsfile="${adb_tmpdir}/${adb_dnsprefix}.${src_name}"
         > "${adb_tmpload}"
         > "${adb_tmpfile}"
-        adb_rc=0
+        adb_rc=1
 
         # basic pre-checks
         #
+        f_log "debug" "f_main ::: name: ${src_name}, enabled: ${enabled}"
         if [ "${enabled}" != "1" ] || [ -z "${url}" ] || [ -z "${src_rset}" ]
         then
             f_list remove
             continue
         fi
 
-        # download block list
+        # backup mode
+        #
+        if [ ${adb_backup_mode} -eq 1 ] && [ "${adb_action}" = "start" ] && [ "${src_name}" != "blacklist" ]
+        then
+            f_list restore
+            if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
+            then
+                f_list merge
+                continue
+            fi
+        fi
+
+        # download blocklist
         #
-        f_log "debug" "name: ${src_name}, enabled: ${enabled}, backup: ${adb_backup}, dns: ${adb_dns}, fetch: ${adb_fetchinfo}, memory: ${mem_total}, force srt/dns: ${adb_forcesrt}/${adb_forcedns}"
         if [ "${src_name}" = "blacklist" ]
         then
-            cat "${url}" 2>/dev/null > "${adb_tmpload}"
-            adb_rc=${?}
+            if [ -s "${url}" ]
+            then
+                cat "${url}" > "${adb_tmpload}"
+                adb_rc=${?}
+            fi
         elif [ "${src_name}" = "shalla" ]
         then
-            shalla_archive="${adb_tmpdir}/shallalist.tar.gz"
-            "${adb_fetch}" ${adb_fetchparm} "${shalla_archive}" "${url}" 2>/dev/null
+            src_arc="${adb_tmpdir}/shallalist.tar.gz"
+            src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${src_arc}" "${url}" 2>&1)"
             adb_rc=${?}
             if [ ${adb_rc} -eq 0 ]
             then
                 for category in ${adb_src_cat_shalla}
                 do
-                    tar -xOzf "${shalla_archive}" BL/${category}/domains >> "${adb_tmpload}"
+                    tar -xOzf "${src_arc}" "BL/${category}/domains" >> "${adb_tmpload}"
                     adb_rc=${?}
                     if [ ${adb_rc} -ne 0 ]
                     then
@@ -464,43 +849,46 @@ f_main()
                     fi
                 done
             fi
-            rm -f "${shalla_archive}"
+            rm -f "${src_arc}"
             rm -rf "${adb_tmpdir}/BL"
         else
-            "${adb_fetch}" ${adb_fetchparm} "${adb_tmpload}" "${url}" 2>/dev/null
+            src_log="$("${adb_fetchutil}" ${adb_fetchparm} "${adb_tmpload}" "${url}" 2>&1)"
             adb_rc=${?}
         fi
+        if [ ${adb_rc} -ne 0 ] && [ "${src_name}" != "blacklist" ]
+        then
+            f_log "debug" "f_main ::: url: ${url}, rc: ${adb_rc}, src_log: ${src_log:-"-"}"
+        fi
 
-        # check download result and prepare domain output (incl. tld compression, list backup & restore)
+        # check download result and prepare list output
         #
         if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpload}" ]
         then
             awk "${src_rset}" "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
             if [ -s "${adb_tmpfile}" ]
             then
-                awk -F "." '{for(f=NF;f > 1;f--) printf "%s.", $f;print $1}' "${adb_tmpfile}" 2>/dev/null | sort -u > "${adb_tmpload}"
-                awk '{if(NR==1){tld=$NF};while(getline){if($NF !~ tld"\\."){print tld;tld=$NF}}print tld}' "${adb_tmpload}" 2>/dev/null > "${adb_tmpfile}"
-                awk -F "." '{for(f=NF;f > 1;f--) printf "%s.", $f;print $1}' "${adb_tmpfile}" 2>/dev/null > "${adb_tmpload}"
-                mv -f "${adb_tmpload}" "${adb_tmpfile}"
-                f_list backup
-            else
+                if [ ${mem_total} -lt 64 ] && [ ${adb_forcesrt} -eq 0 ]
+                then
+                    f_tld "${adb_tmpfile}"
+                fi
+                if [ ${adb_backup} -eq 1 ] && [ "${src_name}" != "blacklist" ]
+                then
+                    f_list backup
+                fi
+            elif [ ${adb_backup} -eq 1 ]
+            then
                 f_list restore
             fi
-        else
+        elif [ ${adb_backup} -eq 1 ] && [ "${src_name}" != "blacklist" ]
+        then
             f_list restore
         fi
 
-        # remove whitelist domains, final list preparation
+        # list merge
         #
         if [ ${adb_rc} -eq 0 ] && [ -s "${adb_tmpfile}" ]
         then
-            if [ -s "${adb_tmpdir}/tmp.whitelist" ]
-            then
-                grep -vf "${adb_tmpdir}/tmp.whitelist" "${adb_tmpfile}" 2>/dev/null | eval "${adb_dnsformat}" > "${adb_dnsfile}"
-            else
-                cat "${adb_tmpfile}" 2>/dev/null | eval "${adb_dnsformat}" > "${adb_dnsfile}"
-            fi
-            adb_rc=${?}
+            f_list merge
             if [ ${adb_rc} -ne 0 ]
             then
                 f_list remove
@@ -510,77 +898,60 @@ f_main()
         fi
     done
 
-    # overall sort
+    # overall sort and conditional dns restart
     #
-    for src_name in $(ls -dASr "${adb_tmpdir}/${adb_dnsprefix}"* 2>/dev/null)
-    do
-        if [ ${mem_total} -ge 64000 ] || [ ${adb_forcesrt} -eq 1 ]
+    f_hash
+    if [ -s "${adb_tmpdir}/${adb_dnsfile}" ]
+    then
+        if [ ${mem_total} -ge 64 ] || [ ${adb_forcesrt} -eq 1 ]
         then
-            if [ -s "${adb_tmpdir}/blocklist.overall" ]
-            then
-                sort "${adb_tmpdir}/blocklist.overall" "${adb_tmpdir}/blocklist.overall" "${src_name}" | uniq -u > "${adb_tmpdir}/tmp.blocklist"
-                mv -f "${adb_tmpdir}/tmp.blocklist" "${src_name}"
-            fi
-            cat "${src_name}" >> "${adb_tmpdir}/blocklist.overall"
+            f_tld "${adb_tmpdir}/${adb_dnsfile}"
         fi
-        cnt="$(wc -l < "${src_name}")"
-        sum_cnt=$((sum_cnt + cnt))
-    done
+        f_list final
+    else
+        > "${adb_dnsdir}/${adb_dnsfile}"
+    fi
+    chown "${adb_dnsuser}" "${adb_dnsdir}/${adb_dnsfile}" 2>/dev/null
 
-    # restart the dns backend and export runtime information
-    #
-    mv -f "${adb_tmpdir}/${adb_dnsprefix}"* "${adb_dnsdir}" 2>/dev/null
-    chown "${adb_dns}":"${adb_dns}" "${adb_dnsdir}/${adb_dnsprefix}"* 2>/dev/null
-    f_rmtemp
-    f_dnsrestart
-    if [ "${adb_dnsup}" = "true" ]
-    then
-        json_init
-        json_add_object "data"
-        json_add_string "adblock_version" "${adb_ver}"
-        json_add_string "blocked_domains" "${sum_cnt}"
-        json_add_string "fetch_info" "${adb_fetchinfo}"
-        json_add_string "dns_backend" "${adb_dns}"
-        json_add_string "last_rundate" "$(/bin/date "+%d.%m.%Y %H:%M:%S")"
-        json_add_string "system" "${adb_sysver}"
-        json_close_object
-        json_dump > "${adb_rtfile}"
-        f_log "info " "block lists with overall ${sum_cnt} domains loaded successfully (${adb_sysver})"
+    f_hash
+    if [ ${?} -eq 1 ]
+    then
+        f_dnsup
+    fi
+    f_jsnup
+    if [ ${adb_rc} -eq 0 ]
+    then
+        f_log "info" "blocklist with overall ${adb_cnt} domains loaded successfully (${adb_sysver})"
     else
-        f_log "error" "dns backend restart with active block lists failed"
+        f_log "err" "dns backend restart with active blocklist failed"
     fi
+    f_rmtemp
+    exit ${adb_rc}
 }
 
 # handle different adblock actions
 #
 f_envload
-case "${1}" in
+case "${adb_action}" in
     stop)
-        f_rmtemp
         f_rmdns
-        f_dnsrestart
-        ;;
+    ;;
     restart)
-        f_rmtemp
         f_rmdns
         f_envcheck
         f_main
-        ;;
+    ;;
     suspend)
         f_switch suspend
-        ;;
+    ;;
     resume)
         f_switch resume
-        ;;
+    ;;
     query)
         f_query "${2}"
-        ;;
-    status)
-        f_status
-        ;;
-    *)
+    ;;
+    start|reload)
         f_envcheck
         f_main
-        ;;
+    ;;
 esac
-exit 0
diff --git a/net/cjdns/Makefile b/net/cjdns/Makefile
deleted file mode 100644
index 8efd282..0000000
--- a/net/cjdns/Makefile
+++ /dev/null
@@ -1,148 +0,0 @@
-#
-# Copyright (C) 2014,2015 Hyperboria.net
-#
-# You may redistribute this program and/or modify it under the terms of
-# the GNU General Public License as published by the Free Software Foundation,
-# either version 3 of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see .
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=cjdns
-PKG_VERSION:=0.17
-PKG_RELEASE:=3
-
-PKG_SOURCE_URL:=https://github.com/hyperboria/cjdns.git
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=40e87d9419c19063e772e39c7c59a8a8771c5ee8
-PKG_LICENSE:=GPL-3.0
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.bz2
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_SOURCE_VERSION)
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION)
-
-include $(INCLUDE_DIR)/package.mk
-
-
-define Package/cjdns
-	SECTION:=net
-	CATEGORY:=Network
-	SUBMENU:=Routing and Redirection
-	TITLE:=Encrypted near-zero-conf mesh routing protocol
-	URL:=https://github.com/hyperboria/cjdns
-	MAINTAINER:=Lars Gierth 
-	DEPENDS:=@IPV6 +kmod-tun +libnl-tiny +libpthread +librt \
-		+libuci-lua +lua-bencode +dkjson +luasocket +lua-sha2
-endef
-
-define Package/cjdns/description
-	Cjdns implements an encrypted IPv6 network using public-key cryptography \
-	for address allocation and a distributed hash table for routing. \
-	This provides near-zero-configuration networking, and prevents many \
-	of the security and scalability issues that plague existing networks.
-endef
-
-define Package/cjdns-tests
-	SECTION:=net
-	CATEGORY:=Network
-	SUBMENU:=Routing and Redirection
-	TITLE:=cjdns test cases
-	URL:=https://github.com/hyperboria/cjdns
-	MAINTAINER:=Lars Gierth 
-	DEPENDS:=+libpthread +librt
-endef
-
-define Package/cjdns-test/description
-	cjdns test cases
-endef
-
-define Build/Configure
-endef
-
-PKG_DO_VARS:=CJDNS_RELEASE_VERSION=$(PKG_SOURCE_VERSION)
-
-ifneq ($(CONFIG_KERNEL_SECCOMP_FILTER),y)
-PKG_DO_VARS+= Seccomp_NO=1
-endif
-
-ifneq ($(CONFIG_USE_UCLIBC),)
-PKG_DO_VARS+= UCLIBC=1
-endif
-
-define Build/Compile
-	$(INSTALL_DIR) $(PKG_BUILD_DIR)/tmp
-	CROSS="true" \
-	CC="$(TARGET_CC)" \
-	AR="$(TARGET_AR)" \
-	RANLIB="$(TARGET_RANLIB)" \
-	CFLAGS="$(TARGET_CFLAGS)" \
-	LDFLAGS="$(TARGET_LDFLAGS)" \
-	SYSTEM="linux" \
-	TARGET_ARCH="$(CONFIG_ARCH)" \
-	SSP_SUPPORT="$(CONFIG_SSP_SUPPORT)" \
-	GYP_ADDITIONAL_ARGS="-f make-linux" \
-	CJDNS_BUILD_TMPDIR="$(PKG_BUILD_DIR)/tmp" \
-	$(PKG_DO_VARS) \
-	$(PKG_BUILD_DIR)/do
-endef
-
-define Package/cjdns/install
-	$(INSTALL_DIR) \
-		$(1)/usr/sbin \
-		$(1)/usr/bin \
-		$(1)/etc/config \
-		$(1)/etc/init.d \
-		$(1)/etc/uci-defaults \
-		$(1)/usr/lib/lua/cjdns
-
-	$(INSTALL_BIN) \
-		./files/cjdrouteconf \
-		$(1)/usr/bin
-
-	$(INSTALL_BIN) \
-		$(PKG_BUILD_DIR)/cjdroute \
-		$(1)/usr/sbin
-
-	$(INSTALL_BIN) \
-		$(PKG_BUILD_DIR)/publictoip6 \
-		$(1)/usr/bin
-
-	$(INSTALL_BIN) \
-		./files/cjdns.init \
-		$(1)/etc/init.d/cjdns
-
-	$(INSTALL_BIN) \
-		./files/cjdns.defaults \
-		$(1)/etc/uci-defaults/cjdns
-
-	$(CP) \
-		./lua/cjdns/* \
-		$(1)/usr/lib/lua/cjdns
-endef
-
-define Package/cjdns/postinst
-#!/bin/sh
-if [ -z $${IPKG_INSTROOT} ] ; then
-	( . /etc/uci-defaults/cjdns ) && rm -f /etc/uci-defaults/cjdns
-	# TODO: we should have an 'Enable' button instead
-	/etc/init.d/cjdns enabled || /etc/init.d/cjdns enable
-	exit 0
-fi
-endef
-
-define Package/cjdns-tests/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) \
-		$(PKG_BUILD_DIR)/build_linux/test_testcjdroute_c \
-		$(1)/usr/bin
-endef
-
-$(eval $(call BuildPackage,cjdns))
-$(eval $(call BuildPackage,cjdns-tests))
diff --git a/net/cjdns/files/cjdns.defaults b/net/cjdns/files/cjdns.defaults
deleted file mode 100644
index f2baf6d..0000000
--- a/net/cjdns/files/cjdns.defaults
+++ /dev/null
@@ -1,127 +0,0 @@
-#!/bin/sh
-
-# if there is an existing config, our work is already done
-uci get cjdns.cjdns.ipv6 >/dev/null 2>&1
-if [ $? -ne 0 ]; then
-
-  # register commit handler
-  uci -q batch <<-EOF >/dev/null
-    delete ucitrack.@cjdns[-1]
-    add ucitrack cjdns
-    set ucitrack.@cjdns[-1].init=cjdns
-    commit ucitrack
-EOF
-
-  # generate configuration
-  touch /etc/config/cjdns
-  cjdroute --genconf | cjdroute --cleanconf | cjdrouteconf set
-
-  # make sure config is present (might fail for any reason)
-  uci get cjdns.cjdns.ipv6 >/dev/null 2>&1
-  if [ $? -ne 0 ]; then
-    exit 1
-  fi
-
-  # enable auto-peering on ethernet interface lan, if existing
-  uci get network.lan | grep interface >/dev/null 2>&1
-  if [ $? -eq 0 ]; then
-    uci get network.lan.type | grep bridge >/dev/null 2>&1
-    if [ $? -eq 0 ]; then
-      # most routers will set up an ethernet bridge for the lan
-      ifname="br-lan"
-    else
-      # docker containers don't have permission to create bridges by default,
-      # so we bind to the underlying interface instead (likely eth0)
-      ifname=`uci get network.lan.ifname`
-    fi
-    uci -q batch <<-EOF >/dev/null
-      add cjdns eth_interface
-      set cjdns.@eth_interface[-1].beacon=2
-      set cjdns.@eth_interface[-1].bind=$ifname
-EOF
-  fi
-  # set the tun interface name
-  uci set cjdns.cjdns.tun_device=tuncjdns
-
-  # create the network interface
-  uci -q batch <<-EOF >/dev/null
-    set network.cjdns=interface
-    set network.cjdns.ifname=tuncjdns
-    set network.cjdns.proto=none
-EOF
-
-  # firewall rules by @dangowrt -- thanks <3
-
-  # create the firewall zone
-  uci -q batch <<-EOF >/dev/null
-    add firewall zone
-    set firewall.@zone[-1].name=cjdns
-    add_list firewall.@zone[-1].network=cjdns
-    set firewall.@zone[-1].input=REJECT
-    set firewall.@zone[-1].output=ACCEPT
-    set firewall.@zone[-1].forward=REJECT
-    set firewall.@zone[-1].conntrack=1
-    set firewall.@zone[-1].family=ipv6
-EOF
-
-  # allow ICMP from cjdns zone, e.g. ping6
-  uci -q batch <<-EOF >/dev/null
-    add firewall rule
-    set firewall.@rule[-1].name='Allow-ICMPv6-cjdns'
-    set firewall.@rule[-1].src=cjdns
-    set firewall.@rule[-1].proto=icmp
-    add_list firewall.@rule[-1].icmp_type=echo-request
-    add_list firewall.@rule[-1].icmp_type=echo-reply
-    add_list firewall.@rule[-1].icmp_type=destination-unreachable
-    add_list firewall.@rule[-1].icmp_type=packet-too-big
-    add_list firewall.@rule[-1].icmp_type=time-exceeded
-    add_list firewall.@rule[-1].icmp_type=bad-header
-    add_list firewall.@rule[-1].icmp_type=unknown-header-type
-    set firewall.@rule[-1].limit='1000/sec'
-    set firewall.@rule[-1].family=ipv6
-    set firewall.@rule[-1].target=ACCEPT
-EOF
-
-  # allow SSH from cjdns zone, needs to be explicitly enabled
-  uci -q batch <<-EOF >/dev/null
-    add firewall rule
-    set firewall.@rule[-1].enabled=0
-    set firewall.@rule[-1].name='Allow-SSH-cjdns'
-    set firewall.@rule[-1].src=cjdns
-    set firewall.@rule[-1].proto=tcp
-    set firewall.@rule[-1].dest_port=22
-    set firewall.@rule[-1].target=ACCEPT
-EOF
-
-  # allow LuCI access from cjdns zone, needs to be explicitly enabled
-  uci -q batch <<-EOF >/dev/null
-    add firewall rule
-    set firewall.@rule[-1].enabled=0
-    set firewall.@rule[-1].name='Allow-HTTP-cjdns'
-    set firewall.@rule[-1].src=cjdns
-    set firewall.@rule[-1].proto=tcp
-    set firewall.@rule[-1].dest_port=80
-    set firewall.@rule[-1].target=ACCEPT
-EOF
-
-  # allow UDP peering from wan zone, if it exists
-  uci show network.wan >/dev/null 2>&1
-  if [ $? -eq 0 ]; then
-    peeringPort=`uci get cjdns.@udp_interface[0].port`
-    uci -q batch <<-EOF >/dev/null
-      add firewall rule
-      set firewall.@rule[-1].name='Allow-cjdns-wan'
-      set firewall.@rule[-1].src=wan
-      set firewall.@rule[-1].proto=udp
-      set firewall.@rule[-1].dest_port=$peeringPort
-      set firewall.@rule[-1].target=ACCEPT
-EOF
-  fi
-
-  uci commit cjdns
-  uci commit firewall
-  uci commit network
-
-fi
-
-exit 0
diff --git a/net/cjdns/files/cjdns.init b/net/cjdns/files/cjdns.init
deleted file mode 100755
index b6371d7..0000000
--- a/net/cjdns/files/cjdns.init
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=90
-STOP=85
-
-USE_PROCD=1
-
-start_service()
-{
-	[ -f /etc/uci-defaults/cjdns ] && ( . /etc/uci-defaults/cjdns )
-
-	procd_open_instance
-	procd_set_param respawn
-	procd_set_param command /bin/ash -c "cjdrouteconf get | tee /tmp/etc/cjdroute.conf | cjdroute --nobg | logger -t cjdns"
-	procd_close_instance
-}
-
-stop_service()
-{
-	killall cjdroute
-}
-
-reload_service()
-{
-	# cat /tmp/etc/cjdroute.conf | cjdrouteconf reload
-	restart
-}
-
-service_triggers()
-{
-	procd_add_reload_trigger cjdns
-}
diff --git a/net/cjdns/files/cjdrouteconf b/net/cjdns/files/cjdrouteconf
deleted file mode 100755
index fa5e073..0000000
--- a/net/cjdns/files/cjdrouteconf
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/usr/bin/env lua
-
-dkjson = require("dkjson")
-cjdns = require("cjdns")
-require("cjdns/uci")
-
-function help()
-  print("JSON interface to /etc/config/cjdns\n\nExamples: \
-    cjdrouteconf get > /tmp/etc/cjdroute.conf \
-    cat /tmp/etc/cjdroute.conf | cjdrouteconf set \
-    uci changes \
-    cjdrouteconf get | cjdroute")
-end
-
-if arg[1] == "get" then
-  local json = dkjson.encode(cjdns.uci.get(), { indent = true })
-  print(json)
-elseif arg[1] == "set" then
-  local json = io.stdin:read("*a")
-  local obj, pos, err = dkjson.decode(json, 1, nil)
-
-  if obj then
-    cjdns.uci.set(obj)
-  else
-    print("dkjson: " .. err .. " (try cjdroute --cleanconf)")
-    os.exit(1)
-  end
-else
-  help()
-end
diff --git a/net/cjdns/lua/cjdns/admin.lua b/net/cjdns/lua/cjdns/admin.lua
deleted file mode 100644
index 2bb58d2..0000000
--- a/net/cjdns/lua/cjdns/admin.lua
+++ /dev/null
@@ -1,105 +0,0 @@
--- Cjdns admin module for Lua
--- Written by Philip Horger
-
-common = require 'cjdns/common'
-
-AdminInterface = {}
-AdminInterface.__index = AdminInterface
-common.AdminInterface = AdminInterface
-
-function AdminInterface.new(properties)
-    properties = properties or {}
-
-    properties.host     = properties.host or "127.0.0.1"
-    properties.port     = properties.port or 11234
-    properties.password = properties.password or nil
-    properties.config   = properties.config   or common.ConfigFile.new("/etc/cjdroute.conf", false)
-    properties.timeout  = properties.timeout  or 2
-
-    properties.udp      = common.UDPInterface.new(properties)
-
-    return setmetatable(properties, AdminInterface)
-end
-
-function AdminInterface:send(object)
-    local bencoded, err = bencode.encode(object)
-    if err then
-        return nil, err
-    end
-
-    local sock_obj = assert(socket.udp())
-    sock_obj:settimeout(self.timeout)
-
-    local _, err = sock_obj:sendto(bencoded, self.host, self.port)
-    if err then
-        return nil, err
-    end
-
-    return sock_obj
-end
-
-function AdminInterface:recv(sock_obj)
-    local retrieved, err = sock_obj:receive()
-    if not retrieved then
-        return nil, "ai:recv > " .. err
-    end
-    local bencoded, err = bencode.decode(retrieved)
-    if bencoded then
-        return bencoded
-    else
-        return nil, "ai:recv > " .. err
-    end
-end
-
-function AdminInterface:call(request)
-    local sock_obj, err = self:send(request)
-    if err then
-        return nil, "ai:call > " .. err
-    end
-
-    return self:recv(sock_obj)
-end
-
-function AdminInterface:getCookie()
-    local cookie_response, err = self:call({ q = "cookie" })
-    if not cookie_response then
-        return nil, "ai:getCookie > " .. err
-    end
-    return cookie_response.cookie
-end
-
-function AdminInterface:auth(request)
-    local funcname = request.q
-    local args = {}
-    for k, v in pairs(request) do
-        args[k] = v
-    end
-
-    -- Step 1: Get cookie
-    local cookie, err = self:getCookie()
-    if err then
-        return nil, err
-    end
-
-    -- Step 2: Calculate hash1 (password + cookie)
-    local plaintext1 = self.password .. cookie
-    local hash1 = sha2.sha256hex(plaintext1)
-
-    -- Step 3: Calculate hash2 (intermediate stage request)
-    local request = {
-        q      = "auth",
-        aq     = funcname,
-        args   = args,
-        hash   = hash1,
-        cookie = cookie
-    }
-    local plaintext2, err = bencode.encode(request)
-    if err then
-        return nil, err
-    end
-    local hash2 = sha2.sha256hex(plaintext2)
-
-    -- Step 4: Update hash in request, then ship it out
-    request.hash = hash2
-    return self:call(request)
-end
diff --git a/net/cjdns/lua/cjdns/common.lua b/net/cjdns/lua/cjdns/common.lua
deleted file mode 100644
index 45f7dad..0000000
--- a/net/cjdns/lua/cjdns/common.lua
+++ /dev/null
@@ -1,7 +0,0 @@
--- Cjdns admin module for Lua
--- Written by Philip Horger
-
--- This table is preserved over multiple imports, and collects
--- submodules import-by-import via init.lua.
-
-return {}
diff --git a/net/cjdns/lua/cjdns/init.lua b/net/cjdns/lua/cjdns/init.lua
deleted file mode 100644
index 32abbfc..0000000
--- a/net/cjdns/lua/cjdns/init.lua
+++ /dev/null
@@ -1,12 +0,0 @@
--- Cjdns admin module for Lua
--- Written by Philip Horger
-
-bencode = require "bencode" -- https://bitbucket.org/wilhelmy/lua-bencode/
-dkjson  = require "dkjson"  -- http://dkolf.de/src/dkjson-lua.fsl/home
-socket  = require "socket"  -- http://w3.impa.br/~diego/software/luasocket/
-sha2    = require "sha2"    -- https://code.google.com/p/sha2/
-
-require "cjdns/admin"
-require "cjdns/udp"
-
-return require "cjdns/common"
diff --git a/net/cjdns/lua/cjdns/uci.lua b/net/cjdns/lua/cjdns/uci.lua
deleted file mode 100644
index 0127f44..0000000
--- a/net/cjdns/lua/cjdns/uci.lua
+++ /dev/null
@@ -1,289 +0,0 @@
-common = require("cjdns/common")
-uci    = require("uci")
-
-UCI = {}
-common.uci = UCI
-
---- Return the configuration defaults as a table suitable for JSON output
---
--- Mostly taken from cjdroute --genconf
--- @return table with configuration defaults
-function UCI.defaults()
-  return {
-    security = {
-      { setuser = "nobody", keepNetAdmin = 1 },
-      { chroot = "/var/run/" },
-      { nofiles = 0 },
-      { noforks = 1 },
-      { seccomp = 0 },
-      { setupComplete = 1 }
-    },
-    router = {
-        ipTunnel = { outgoingConnections = {}, allowedConnections = {} },
-        interface = { type = "TUNInterface" }
-    },
-    interfaces = { UDPInterface = {}, ETHInterface = {} },
-    authorizedPasswords = {},
-    logging = { logTo = "stdout" }
-  }
-end
-
---- Return the cjdns configuration as a table suitable for JSON output
---
--- Iterates over cjdns, eth_interface, udp_interface, eth_peer, udp_peer,
--- and password sections. Doesn't include IPTunnel related options yet.
--- @return table with cjdns configuration
-function UCI.get()
-  local obj = UCI.defaults()
-
-  local cursor = uci.cursor()
-
-  local config = cursor:get_all("cjdns", "cjdns")
-  if not config then return obj end
-
-  obj.ipv6 = config.ipv6
-  obj.publicKey = config.public_key
-  obj.privateKey = config.private_key
-  obj.admin = {
-    bind = config.admin_address .. ":" .. config.admin_port,
-    password = config.admin_password }
-
-  if config.tun_device and string.len(config.tun_device) > 0 then
-    obj.router.interface.tunDevice = config.tun_device
-  end
-
-  for i,section in pairs(obj.security) do
-    if type(section.seccomp) == "number" then
-      obj.security[i].seccomp = tonumber(config.seccomp)
-    end
-  end
-
-  cursor:foreach("cjdns", "iptunnel_outgoing", function(outgoing)
-    table.insert(obj.router.ipTunnel.outgoingConnections, outgoing.public_key)
-  end)
-
-  cursor:foreach("cjdns", "iptunnel_allowed", function(allowed)
-    entry = { publicKey = allowed.public_key }
-    if allowed.ipv4 then
-      entry["ip4Address"] = allowed.ipv4
-    end
-    if allowed.ipv6 then
-      entry["ip6Address"] = allowed.ipv6
-    end
-    table.insert(obj.router.ipTunnel.allowedConnections, entry)
-  end)
-
-  cursor:foreach("cjdns", "eth_interface", function(eth_interface)
-    table.insert(obj.interfaces.ETHInterface, {
-      bind = eth_interface.bind,
-      beacon = tonumber(eth_interface.beacon),
-      connectTo = {}
-    })
-  end)
-
-  cursor:foreach("cjdns", "udp_interface", function(udp_interface)
-    table.insert(obj.interfaces.UDPInterface, {
-      bind = udp_interface.address .. ":" .. udp_interface.port,
-      connectTo = {}
-    })
-  end)
-
-  cursor:foreach("cjdns", "eth_peer", function(eth_peer)
-    if not eth_peer.address == "" then
-      local i = tonumber(eth_peer.interface)
-      obj.interfaces.ETHInterface[i].connectTo[eth_peer.address] = {
-        publicKey = eth_peer.public_key,
-        password = eth_peer.password
-      }
-    end
-  end)
-
-  cursor:foreach("cjdns", "udp_peer", function(udp_peer)
-    local bind = udp_peer.address .. ":" .. udp_peer.port
-    local i = tonumber(udp_peer.interface)
-    obj.interfaces.UDPInterface[i].connectTo[bind] = {
-      user = udp_peer.user,
-      publicKey = udp_peer.public_key,
-      password = udp_peer.password
-    }
-  end)
-
-  cursor:foreach("cjdns", "password", function(password)
-    table.insert(obj.authorizedPasswords, {
-      password = password.password,
-      user = password.user,
-      contact = password.contact
-    })
-  end)
-
-  return obj
-end
-
---- Parse and save updated configuration from JSON input
---
--- Transforms general settings, ETHInterface, UDPInterface, connectTo, and
--- authorizedPasswords fields into UCI sections, and replaces the UCI config's
--- contents with them.
--- @param table JSON input
--- @return Boolean whether saving succeeded
-function UCI.set(obj)
-  local cursor = uci.cursor()
-
-  for i, section in pairs(cursor:get_all("cjdns")) do
-    cursor:delete("cjdns", section[".name"])
-  end
-
-  local admin_address, admin_port = string.match(obj.admin.bind, "^(.*):(.*)$")
-  UCI.cursor_section(cursor, "cjdns", "cjdns", "cjdns", {
-    ipv6 = obj.ipv6,
-    public_key = obj.publicKey,
-    private_key = obj.privateKey,
-    admin_password = obj.admin.password,
-    admin_address = admin_address,
-    admin_port = admin_port
-  })
-
-  if obj.router.interface.tunDevice then
-    UCI.cursor_section(cursor, "cjdns", "cjdns", "cjdns", {
-      tun_device = tostring(obj.router.interface.tunDevice)
-    })
-  end
-
-  if obj.security then
-    for i,section in pairs(obj.security) do
-      for key,value in pairs(section) do
-        if key == "seccomp" then
-          UCI.cursor_section(cursor, "cjdns", "cjdns", "cjdns", {
-            seccomp = tonumber(value)
-          })
-        end
-      end
-    end
-  end
-
-  if obj.router.ipTunnel.outgoingConnections then
-    for i,public_key in pairs(obj.router.ipTunnel.outgoingConnections) do
-      UCI.cursor_section(cursor, "cjdns", "iptunnel_outgoing", nil, {
-        public_key = public_key
-      })
-    end
-  end
-
-  if obj.router.ipTunnel.allowedConnections then
-    for i,allowed in pairs(obj.router.ipTunnel.allowedConnections) do
-      entry = { public_key = allowed.publicKey }
-      if allowed.ip4Address then
-        entry["ipv4"] = allowed.ip4Address
-      end
-      if allowed.ip6Address then
-        entry["ipv6"] = allowed.ip6Address
-      end
-
-      UCI.cursor_section(cursor, "cjdns", "iptunnel_allowed", nil, entry)
-    end
-  end
-
-  if obj.interfaces.ETHInterface then
-    for i,interface in pairs(obj.interfaces.ETHInterface) do
-      UCI.cursor_section(cursor, "cjdns", "eth_interface", nil, {
-        bind = interface.bind,
-        beacon = tostring(interface.beacon)
-      })
-
-      if interface.connectTo then
-        for peer_address,peer in pairs(interface.connectTo) do
-          UCI.cursor_section(cursor, "cjdns", "eth_peer", nil, {
-            interface = i,
-            address = peer_address,
-            public_key = peer.publicKey,
-            password = peer.password
-          })
-        end
-      end
-    end
-  end
-
-  if obj.interfaces.UDPInterface then
-    for i,interface in pairs(obj.interfaces.UDPInterface) do
-      local address, port = string.match(interface.bind, "^(.*):(.*)$")
-      UCI.cursor_section(cursor, "cjdns", "udp_interface", nil, {
-        address = address,
-        port = port
-      })
-
-      if interface.connectTo then
-        for peer_bind,peer in pairs(interface.connectTo) do
-          local peer_address, peer_port = string.match(peer_bind, "^(.*):(.*)$")
-          UCI.cursor_section(cursor, "cjdns", "udp_peer", nil, {
-            interface = i,
-            address = peer_address,
-            port = peer_port,
-            user = peer.user,
-            public_key = peer.publicKey,
-            password = peer.password
-          })
-        end
-      end
-    end
-  end
-
-  if obj.authorizedPasswords then
-    for i,password in pairs(obj.authorizedPasswords) do
-      local user = password.user
-      if not user or string.len(user) == 0 then
-        user = "user-" .. UCI.random_string(6)
-      end
-
-      UCI.cursor_section(cursor, "cjdns", "password", nil, {
-        password = password.password,
-        user = user,
-        contact = password.contact
-      })
-    end
-  end
-
-  return cursor:save("cjdns")
-end
-
---- Simple backport of Cursor:section from luci.model.uci
---
--- Backport reason: we don't wanna depend on LuCI.
--- @param Cursor the UCI cursor to operate on
--- @param string name of the config
--- @param string type of the section
--- @param string name of the section (optional)
--- @param table config values
-function UCI.cursor_section(cursor, config, type, section, values)
-  if section then
-    cursor:set(config, section, type)
-  else
-    section = cursor:add("cjdns", type)
-  end
-
-  for k,v in pairs(values) do
-    cursor:set(config, section, k, v)
-  end
-end
-
-function UCI.makeInterface()
-  local cursor = uci.cursor()
-
-  local config = cursor:get_all("cjdns", "cjdns")
-  if not config then return nil end
-
-  return common.AdminInterface.new({
-    host = config.admin_address,
-    port = config.admin_port,
-    password = config.admin_password,
-    config = UCI.get(),
-    timeout = 2
-  })
-end
-
-function UCI.random_string(length)
-  -- tr -cd 'A-Za-z0-9' < /dev/urandom
-  local urandom = io.popen("tr -cd 'A-Za-z0-9' 2> /dev/null < /dev/urandom", "r")
-  local string = urandom:read(length)
-  urandom:close()
-  return string
-end
diff --git a/net/cjdns/lua/cjdns/udp.lua b/net/cjdns/lua/cjdns/udp.lua
deleted file mode 100644
index 9dd5901..0000000
--- a/net/cjdns/lua/cjdns/udp.lua
+++ /dev/null
@@ -1,102 +0,0 @@
--- Cjdns admin module for Lua
--- Written by Philip Horger
-
-common = require 'cjdns/common'
-
-UDPInterface = {}
-UDPInterface.__index = UDPInterface
-common.UDPInterface = UDPInterface
-
-function UDPInterface.new(ai, config, ptype)
-    properties = {
-        ai     = ai,
-        config = config or ai.config,
-        ptype  = ptype or "ai"
-    }
-
-    return setmetatable(properties, UDPInterface)
-end
-
-function UDPInterface:call(name, args)
-    local func = self[name .. "_" .. self.ptype]
-    return func(self, unpack(args))
-end
-
-function UDPInterface:newBind(...)
-    return self:call("newBind", arg)
-end
-
-function UDPInterface:beginConnection(...)
-    return self:call("beginConnection", arg)
-end
-
-function UDPInterface:newBind_ai(address)
-    local response, err = self.ai:auth({
-        q = "UDPInterface_new",
-        bindAddress = address
-    })
-    if not response then
-        return nil, err
-    elseif response.error ~= "none" then
-        return nil, response.error
-    elseif response.interfaceNumber then
-        return response.interfaceNumber
-    else
-        return nil, "bad response format"
-    end
-end
-
-function UDPInterface:newBind_config(address)
-    local udpif       = self.config.contents.interfaces.UDPInterface
-    local new_interface = {
-        bind = address,
-        connectTo = {}
-    }
-    table.insert(udpif, new_interface)
-    return (#udpif - 1), new_interface
-end
-
-function UDPInterface:newBind_perm(...)
-    return
-        self:newBind_config(unpack(arg)),
-        self:newBind_ai(unpack(arg))
-end
-
-function UDPInterface:beginConnection_ai(pubkey, addr, password, interface)
-    local request = {
-        q = "UDPInterface_beginConnection",
-        publicKey = pubkey,
-        address   = addr,
-        password  = password
-    }
-    if interface then
-        request.interfaceNumber = interface
-    end
-
-    local response, err = self.ai:auth(request)
-    if not response then
-        return nil, err
-    elseif response.error == "none" then
-        -- Unfortunately, no real success indicator either.
-        return "No error"
-    else
-        return nil, response.error
-    end
-end
-
-function UDPInterface:beginConnection_config(pubkey, addr, password, interface)
-    local udpif       = self.config.contents.interfaces.UDPInterface
-    local connections = udpif[(interface or 0) + 1].connectTo
-    local this_conn   = {
-        password  = password,
-        publicKey = pubkey
-    }
-    connections[addr] = this_conn
-    return this_conn -- allows adding metadata fields afterwards
-end
-
-function UDPInterface:beginConnection_perm(...)
-    return
-        self:beginConnection_config(unpack(arg)),
-        self:beginConnection_ai(unpack(arg))
-end
diff --git a/net/freeradius2/Config.in b/net/freeradius2/Config.in
new file mode 100644
index 0000000..cd0141e
--- /dev/null
+++ b/net/freeradius2/Config.in
@@ -0,0 +1,14 @@
+# FreeRADIUS avanced configuration
+
+choice
+	prompt "SSL library"
+	default FREERADIUS_OPENSSL
+	depends on PACKAGE_freeradius2-common
+
+config FREERADIUS_NOSSL
+	bool "No SSL support"
+
+config FREERADIUS_OPENSSL
+	bool "OpenSSL"
+
+endchoice
diff --git a/net/freeradius2/Makefile b/net/freeradius2/Makefile
new file mode 100644
index 0000000..b55b9bf
--- /dev/null
+++ b/net/freeradius2/Makefile
@@ -0,0 +1,636 @@
+#
+# Copyright (C) 2008-2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=freeradius2
+PKG_VERSION:=2.2.9
+PKG_RELEASE:=1
+
+PKG_SOURCE:=freeradius-server-$(PKG_VERSION).tar.bz2
+PKG_SOURCE_URL:=\
+	ftp://ftp.freeradius.org/pub/freeradius/ \
+	ftp://ftp.freeradius.org/pub/freeradius/old/
+PKG_MD5SUM:=d1398327ba4e23c75da06d8a0e01096b
+PKG_MAINTAINER:=Daniel Golle 
+PKG_LICENSE:=GPL-2.0
+PKG_LICENSE_FILES:=COPYRIGHT LICENSE
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/freeradius-server-$(PKG_VERSION)
+PKG_FIXUP:=autoreconf
+PKG_CHECK_FORMAT_SECURITY:=0
+
+PKG_CONFIG_DEPENDS := \
+  FREERADIUS_OPENSSL \
+  FREERADIUS_NOSSL
+
+PKG_CHECK_FORMAT_SECURITY:=0
+include $(INCLUDE_DIR)/package.mk
+
+define Package/freeradius2/config
+  source "$(SOURCE)/Config.in"
+endef
+
+define Package/freeradius2/Default
+  SECTION:=net
+  CATEGORY:=Network
+  URL:=http://freeradius.org/
+  SUBMENU:=FreeRADIUS (version 2)
+endef
+
+define Package/freeradius2
+  $(call Package/freeradius2/Default)
+  DEPENDS:=+libltdl +libreadline +freeradius2-common
+  TITLE:=A flexible RADIUS server (version 2)
+endef
+
+define Package/freeradius2/conffiles
+/etc/freeradius2/clients.conf
+/etc/freeradius2/radiusd.conf
+/etc/freeradius2/sites/default
+endef
+
+define Package/freeradius2-democerts
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Demo certificates to test the server
+endef
+
+define Package/freeradius2-common
+  $(call Package/freeradius2/Default)
+  TITLE:=common files
+  DEPENDS:=+libpthread +FREERADIUS_OPENSSL:libopenssl +zlib
+endef
+
+define Package/freeradius2-mod-chap
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=CHAP module
+endef
+
+define Package/freeradius2-mod-chap/conffiles
+/etc/freeradius2/modules/chap
+endef
+
+define Package/freeradius2-mod-detail
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Detailed accounting module
+endef
+
+define Package/freeradius2-mod-detail/conffiles
+/etc/freeradius2/modules/detail
+endef
+
+define Package/freeradius2-mod-eap
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Base EAP module
+endef
+
+define Package/freeradius2-mod-eap/conffiles
+/etc/freeradius2/eap.conf
+endef
+
+define Package/freeradius2-mod-eap-gtc
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-eap
+  TITLE:=EAP/GTC module
+endef
+
+define Package/freeradius2-mod-eap-md5
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-eap
+  TITLE:=EAP/MD5 module
+endef
+
+define Package/freeradius2-mod-eap-mschapv2
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-eap +freeradius2-mod-mschap
+  TITLE:=EAP/MS-CHAPv2 module
+endef
+
+define Package/freeradius2-mod-eap-peap
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-eap @FREERADIUS_OPENSSL
+  TITLE:=EAP/PEAP module
+endef
+
+define Package/freeradius2-mod-eap-tls
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-eap @FREERADIUS_OPENSSL
+  TITLE:=EAP/TLS module
+endef
+
+define Package/freeradius2-mod-eap-ttls
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-eap-tls
+  TITLE:=EAP/TTLS module
+endef
+
+define Package/freeradius2-mod-exec
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=EXEC module
+endef
+
+define Package/freeradius2-mod-exec/conffiles
+/etc/freeradius2/modules/exec
+endef
+
+define Package/freeradius2-mod-expiration
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Expiration module
+endef
+
+define Package/freeradius2-mod-expiration/conffiles
+/etc/freeradius2/modules/expiration
+endef
+
+define Package/freeradius2-mod-always
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Always module
+endef
+
+define Package/freeradius2-mod-always/conffiles
+/etc/freeradius2/modules/always
+endef
+
+define Package/freeradius2-mod-expr
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=EXPR module
+endef
+
+define Package/freeradius2-mod-expr/conffiles
+/etc/freeradius2/modules/expr
+endef
+
+define Package/freeradius2-mod-attr-filter
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=ATTR filter module
+endef
+
+define Package/freeradius2-mod-attr-filter/conffiles
+/etc/freeradius2/modules/attr_filter
+/etc/freeradius2/attrs
+/etc/freeradius2/attrs.access_reject
+/etc/freeradius2/attrs.accounting_response
+/etc/freeradius2/attrs.pre-proxy
+endef
+
+define Package/freeradius2-mod-attr-rewrite
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=ATTR rewrite module
+endef
+
+define Package/freeradius2-mod-attr-rewrite/conffiles
+/etc/freeradius2/modules/attr_rewrite
+endef
+
+define Package/freeradius2-mod-files
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Module using local files for authorization
+endef
+
+define Package/freeradius2-mod-files/conffiles
+/etc/freeradius2/acct_users
+/etc/freeradius2/preproxy_users
+/etc/freeradius2/users
+/etc/freeradius2/modules/files
+endef
+
+define Package/freeradius2-mod-passwd
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Rlm passwd module
+endef
+
+define Package/freeradius2-mod-passwd/conffiles
+/etc/freeradius2/modules/passwd
+endef
+
+define Package/freeradius2-mod-ldap
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2 +libopenldap
+  TITLE:=LDAP module
+endef
+
+define Package/freeradius2-mod-ldap/conffiles
+/etc/freeradius2/ldap.attrmap
+/etc/freeradius2/modules/ldap
+endef
+
+define Package/freeradius2-mod-logintime
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Logintime module
+endef
+
+define Package/freeradius2-mod-logintime/conffiles
+/etc/freeradius2/modules/logintime
+endef
+
+define Package/freeradius2-mod-mschap
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=MS-CHAP and MS-CHAPv2 module
+endef
+
+define Package/freeradius2-mod-mschap/conffiles
+/etc/freeradius2/modules/mschap
+endef
+
+define Package/freeradius2-mod-pap
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=PAP module
+endef
+
+define Package/freeradius2-mod-pap/conffiles
+/etc/freeradius2/modules/pap
+endef
+
+define Package/freeradius2-mod-preprocess
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Request pre-processing module
+endef
+
+define Package/freeradius2-mod-preprocess/conffiles
+/etc/freeradius2/hints
+/etc/freeradius2/huntgroups
+/etc/freeradius2/modules/preprocess
+endef
+
+define Package/freeradius2-mod-realm
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Realms handling module
+endef
+
+define Package/freeradius2-mod-realm/conffiles
+/etc/freeradius2/proxy.conf
+/etc/freeradius2/modules/realm
+endef
+
+define Package/freeradius2-mod-sql
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Base SQL module
+endef
+
+define Package/freeradius2-mod-sql/conffiles
+/etc/freeradius2/sql.conf
+endef
+
+define Package/freeradius2-mod-sql-mysql
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-sql +libmysqlclient-r
+  TITLE:=MySQL module
+endef
+
+define Package/freeradius2-mod-sql-pgsql
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-sql +libpq
+  TITLE:=PostgreSQL module
+endef
+
+define Package/freeradius2-mod-sql-sqlite
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-sql +libsqlite3
+  TITLE:=SQLite module
+endef
+
+define Package/freeradius2-mod-sqlcounter
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2-mod-sql
+  TITLE:=Generic SQL Counter module
+endef
+
+define Package/freeradius2-mod-radutmp
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=Radius UTMP module
+endef
+
+define Package/freeradius2-mod-radutmp/conffiles
+/etc/freeradius2/modules/radutmp
+/etc/freeradius2/modules/sradutmp
+endef
+
+define Package/freeradius2-utils
+  $(call Package/freeradius2/Default)
+  DEPENDS:=+freeradius2-common
+  TITLE:=Misc. client utilities
+endef
+
+define Package/freeradius2-mod-sqllog
+  $(call Package/freeradius2/Default)
+  DEPENDS:=freeradius2
+  TITLE:=SQL Logging module
+endef
+
+CONFIGURE_ARGS+= \
+	--libdir=/usr/lib/freeradius2 \
+	--libexecdir=/usr/lib/freeradius2 \
+	--enable-shared \
+	--disable-static \
+	--disable-developer \
+	--with-threads \
+	$(if $(CONFIG_FREERADIUS_OPENSSL),--with,--without)-openssl \
+	$(if $(CONFIG_FREERADIUS_OPENSSL),--with-openssl-includes="$(STAGING_DIR)/usr/include",) \
+	$(if $(CONFIG_FREERADIUS_OPENSSL),--with-openssl-libraries="$(STAGING_DIR)/usr/lib",) \
+	$(if $(CONFIG_FREERADIUS_OPENSSL),--disable-openssl-version-check,) \
+	--with-system-libtool \
+	--with-system-libltdl \
+	--enable-strict-dependencies \
+	--with-raddbdir=/etc/freeradius2 \
+	--with-radacctdir=/var/db/radacct \
+	--with-logdir=/var/log \
+	--without-edir \
+	--without-snmp \
+	--without-rlm_checkval \
+	--without-rlm_dbm \
+	--without-rlm_counter \
+	--with-rlm_expr \
+	--with-rlm_eap \
+	--without-rlm_eap_sim \
+	--without-rlm_example \
+	--without-rlm_ippool \
+	--without-rlm_krb5 \
+	--without-rlm_otp \
+	--without-rlm_smsotp \
+	--without-rlm_pam \
+	--without-rlm_perl \
+	--without-rlm_python \
+	--without-rlm_smb \
+	--with-rlm_sql \
+	--with-rlm_sqlcounter \
+	--without-rlm_sqlhpwippool \
+	--without-rlm_sqlippool \
+	--without-rlm_sql_db2 \
+	--without-rlm_sql_firebird \
+	--without-rlm_sql_freetds \
+	--without-rlm_sql_iodbc \
+	--without-rlm_sql_oracle \
+	--without-rlm_sql_sybase \
+	--without-rlm_sql_unixodbc \
+	--without-rlm_sql_log \
+	--without-rlm_unix \
+	--without-rlm_eap_tnc \
+	--without-rlm_eap_ikev2 \
+	--without-rlm_opendirectory \
+	--without-rlm_wimax \
+	--without-rlm_ruby \
+	--without-rlm_caching \
+	--without-rlm_redis \
+	--without-rlm_rediswho \
+	--without-rlm_soh \
+	--without-rlm_sim \
+	--without-rlm_replicate \
+	--without-rlm_protocol_filter \
+	--without-rlm_policy \
+	--without-rlm_linelog \
+	--without-rlm_jradius \
+	--without-rlm_fastusers \
+	--without-rlm_eap_leap \
+	--without-rlm_dynamic_clients \
+	--without-rlm_digest \
+	--without-rlm_cram \
+	--without-rlm_copy_packet \
+	--without-rlm_acct_unique \
+	--without-rlm_acctlog
+	
+
+PKG_DICTIONARIES:= \
+	freeradius freeradius.internal \
+	rfc2865 rfc2866 rfc2867 rfc2868 rfc2869 rfc3162 rfc3576 rfc3580 \
+	rfc4372 rfc4675 rfc4679 \
+	microsoft \
+	wispr \
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-ldap),)
+  CONFIGURE_ARGS+= \
+		--with-rlm_ldap-include-dir="$(STAGING_DIR)/usr/include" \
+		--with-rlm_ldap-lib-dir="$(STAGING_DIR)/usr/lib"
+  CONFIGURE_LIBS+= -lcrypto -lssl
+else
+  CONFIGURE_ARGS+= --without-rlm_ldap
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-sql-mysql),)
+  CONFIGURE_ARGS+= \
+		--with-mysql-include-dir="$(STAGING_DIR)/usr/include" \
+		--with-mysql-lib-dir="$(STAGING_DIR)/usr/lib/mysql"
+  CONFIGURE_LIBS+= -lz
+  CONFIGURE_VARS+= ac_cv_lib_mysqlclient_r_mysql_init=yes
+else
+  CONFIGURE_ARGS+= --without-rlm_sql_mysql
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-sql-pgsql),)
+  CONFIGURE_ARGS+= \
+		--with-rlm_sql_postgresql-include-dir="$(STAGING_DIR)/usr/include" \
+		--with-rlm_sql_postgresql-lib-dir="$(STAGING_DIR)/usr/lib"
+else
+  CONFIGURE_ARGS+= --without-rlm_sql_postgresql
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-sqllog),)
+  CONFIGURE_ARGS+= \
+        --with-rlm_sql_log \
+        --with-experimental-modules \
+else
+  CONFIGURE_ARGS+= --without-rlm_sql_log
+endif
+
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-sql-sqlite),)
+  CONFIGURE_ARGS+= \
+	--with-rlm_sql_sqlite \
+	--with-experimental-modules \
+	--with-sqlite-include-dir="$(STAGING_DIR)/usr/include" \
+	--with-sqlite-lib-dir="$(STAGING_DIR)/usr/lib"
+else
+  CONFIGURE_ARGS+= --without-rlm_sql_sqlite
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-eap-peap),)
+  CONFIGURE_ARGS+= \
+  		--with-rlm_eap_peap \
+		--with-rlm_eap_peap-include-dir="$(STAGING_DIR)/usr/include" \
+		--with-rlm_eap_peap-lib-dir="$(STAGING_DIR)/usr/lib"
+  CONFIGURE_LIBS+= -lcrypto -lssl
+else
+  CONFIGURE_ARGS+= --without-rlm_eap_peap
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-eap-tls),)
+  CONFIGURE_ARGS+= \
+  		--with-rlm_eap_tls \
+		--with-rlm_eap_tls-include-dir="$(STAGING_DIR)/usr/include" \
+		--with-rlm_eap_tls-lib-dir="$(STAGING_DIR)/usr/lib"
+  CONFIGURE_LIBS+= -lcrypto -lssl
+else
+  CONFIGURE_ARGS+= --without-rlm_eap_tls
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-eap-ttls),)
+  CONFIGURE_ARGS+= \
+  		--with-rlm_eap_ttls \
+		--with-rlm_eap_ttls-include-dir="$(STAGING_DIR)/usr/include" \
+		--with-rlm_eap_ttls-lib-dir="$(STAGING_DIR)/usr/lib"
+  CONFIGURE_LIBS+= -lcrypto -lssl
+else
+  CONFIGURE_ARGS+= --without-rlm_eap_ttls
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-attr-rewrite),)
+  CONFIGURE_ARGS+= --with-rlm_attr-rewrite
+else
+  CONFIGURE_ARGS+= --without-rlm_attr-rewrite
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-radutmp),)
+  CONFIGURE_ARGS+= --with-rlm_radutmp
+else
+  CONFIGURE_ARGS+= --without-rlm_radutmp
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-logintime),)
+  CONFIGURE_ARGS+= --with-rlm_logintime
+else
+  CONFIGURE_ARGS+= --without-rlm_logintime
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-expiration),)
+  CONFIGURE_ARGS+= --with-rlm_expiration
+else
+  CONFIGURE_ARGS+= --without-rlm_expiration
+endif
+
+ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-always),)
+  CONFIGURE_ARGS+= --with-rlm_always
+else
+  CONFIGURE_ARGS+= --without-rlm_always
+endif
+
+CONFIGURE_VARS+= \
+	LDFLAGS="$$$$LDFLAGS" \
+	LIBS="$(CONFIGURE_LIBS)" \
+	MYSQL_CONFIG="no" \
+	ac_cv_lib_readline=no \
+
+define Build/Compile
+	$(MAKE) -C $(PKG_BUILD_DIR) \
+		R="$(PKG_INSTALL_DIR)" \
+		INSTALLSTRIP="" \
+		all certs install
+endef
+
+define Package/freeradius2-common/install
+	$(INSTALL_DIR) $(1)/etc/freeradius2
+	chmod 771 $(1)/etc/freeradius2
+	$(CP) $(PKG_INSTALL_DIR)/etc/freeradius2/dictionary $(1)/etc/freeradius2/ ; \
+	$(INSTALL_DIR) $(1)/usr/lib/freeradius2
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/freeradius2/libfreeradius-radius{,-*}.so $(1)/usr/lib/freeradius2
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/freeradius2/libfreeradius-eap{,-*}.so $(1)/usr/lib/freeradius2
+	$(INSTALL_DIR) $(1)/usr/share/freeradius2
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/freeradius/dictionary $(1)/usr/share/freeradius2/
+	$(SED) "s,^\(\$$$$INCLUDE\),#\1,g" $(1)/usr/share/freeradius2/dictionary
+	for f in $(PKG_DICTIONARIES); do \
+		$(CP) $(PKG_INSTALL_DIR)/usr/share/freeradius/dictionary.$$$${f} $(1)/usr/share/freeradius2/ ; \
+		$(SED) "s,^#\(\$$$$INCLUDE dictionary\.$$$${f}\),\1,g" $(1)/usr/share/freeradius2/dictionary ; \
+	done
+endef
+
+define Package/freeradius2/install
+	$(INSTALL_DIR) $(1)/etc/freeradius2/modules
+	$(INSTALL_DIR) $(1)/etc/freeradius2/sites
+	for f in clients.conf radiusd.conf policy.conf; do \
+		$(CP) $(PKG_INSTALL_DIR)/etc/freeradius2/$$$${f} $(1)/etc/freeradius2/ ; \
+	done
+	$(CP) $(PKG_INSTALL_DIR)/etc/freeradius2/sites-available/default $(1)/etc/freeradius2/sites/default
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/radiusd $(1)/usr/sbin/
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/radiusd.init $(1)/etc/init.d/radiusd
+endef
+
+define Package/freeradius2-democerts/install
+	$(INSTALL_DIR) $(1)/etc/freeradius2/certs
+	$(CP) \
+		$(PKG_BUILD_DIR)/raddb/certs/ca.pem \
+		$(PKG_BUILD_DIR)/raddb/certs/dh \
+		$(PKG_BUILD_DIR)/raddb/certs/random \
+		$(PKG_BUILD_DIR)/raddb/certs/server.pem \
+		$(1)/etc/freeradius2/certs/
+endef
+
+define Package/freeradius2-utils/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	for f in radclient radeapclient radwho; do \
+		$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/$$$${f} $(1)/usr/bin/ ; \
+	done
+endef
+
+define BuildPlugin
+  define Package/$(1)/install
+	[ -z "$(2)" ] || $(INSTALL_DIR) $$(1)/usr/lib/freeradius2
+	for m in $(2); do \
+		$(CP) $(PKG_INSTALL_DIR)/usr/lib/freeradius2/$$$$$$$${m}{,-*}.so $$(1)/usr/lib/freeradius2 ; \
+	done
+	[ -z "$(3)" ] || $(INSTALL_DIR) $$(1)/etc/freeradius2
+	[ -z "$(4)" ] || $(INSTALL_DIR) $$(1)/etc/freeradius2/$(4)
+	for f in $(3); do \
+		$(CP) $(PKG_INSTALL_DIR)/etc/freeradius2/$$$$$$$${f} $$(1)/etc/freeradius2/$$$$$$$${f} ; \
+	done
+  endef
+
+  $$(eval $$(call BuildPackage,$(1)))
+endef
+
+$(eval $(call BuildPackage,freeradius2))
+$(eval $(call BuildPackage,freeradius2-common))
+$(eval $(call BuildPackage,freeradius2-democerts))
+$(eval $(call BuildPlugin,freeradius2-mod-chap,rlm_chap,modules/chap,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-detail,rlm_detail,modules/detail,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-eap,rlm_eap,eap.conf))
+$(eval $(call BuildPlugin,freeradius2-mod-eap-gtc,rlm_eap_gtc,))
+$(eval $(call BuildPlugin,freeradius2-mod-eap-md5,rlm_eap_md5,))
+$(eval $(call BuildPlugin,freeradius2-mod-eap-mschapv2,rlm_eap_mschapv2,))
+$(eval $(call BuildPlugin,freeradius2-mod-eap-peap,rlm_eap_peap,))
+$(eval $(call BuildPlugin,freeradius2-mod-eap-tls,rlm_eap_tls,))
+$(eval $(call BuildPlugin,freeradius2-mod-eap-ttls,rlm_eap_ttls,))
+$(eval $(call BuildPlugin,freeradius2-mod-exec,rlm_exec,modules/exec modules/echo ,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-attr-rewrite,rlm_attr_rewrite,modules/attr_rewrite,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-files,rlm_files,acct_users preproxy_users users modules/files,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-passwd,rlm_passwd,modules/passwd,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-ldap,rlm_ldap,ldap.attrmap modules/ldap,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-mschap,rlm_mschap,modules/mschap,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-pap,rlm_pap,modules/pap,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-preprocess,rlm_preprocess,hints huntgroups modules/preprocess,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-realm,rlm_realm,proxy.conf modules/realm modules/inner-eap,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-sql,rlm_sql,sql.conf,))
+$(eval $(call BuildPlugin,freeradius2-mod-sql-mysql,rlm_sql_mysql,))
+$(eval $(call BuildPlugin,freeradius2-mod-sql-pgsql,rlm_sql_postgresql,))
+$(eval $(call BuildPlugin,freeradius2-mod-sql-sqlite,rlm_sql_sqlite,))
+$(eval $(call BuildPlugin,freeradius2-mod-sqlcounter,rlm_sqlcounter,))
+$(eval $(call BuildPlugin,freeradius2-mod-sqllog,rlm_sql_log,))
+$(eval $(call BuildPlugin,freeradius2-mod-radutmp,rlm_radutmp,modules/radutmp modules/sradutmp,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-logintime,rlm_logintime,modules/logintime,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-expr,rlm_expr,modules/expr,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-attr-filter,rlm_attr_filter,modules/attr_filter attrs attrs.access_reject attrs.accounting_response attrs.pre-proxy,modules,,))
+$(eval $(call BuildPlugin,freeradius2-mod-expiration,rlm_expiration,modules/expiration,modules,))
+$(eval $(call BuildPlugin,freeradius2-mod-always,rlm_always,modules/always,modules,))
+$(eval $(call BuildPackage,freeradius2-utils))
diff --git a/net/freeradius2/files/radiusd.init b/net/freeradius2/files/radiusd.init
new file mode 100644
index 0000000..2127e98
--- /dev/null
+++ b/net/freeradius2/files/radiusd.init
@@ -0,0 +1,29 @@
+#!/bin/sh /etc/rc.common
+#
+# Copyright (C) 2006-2015 OpenWrt.org
+#
+
+USE_PROCD=1
+
+START=50
+
+NAME=radiusd
+PROG=/usr/sbin/radiusd
+DEFAULT=/etc/default/radiusd
+
+start_service()
+{
+	[ -f $DEFAULT ] && . $DEFAULT
+	mkdir -p /var/log
+	mkdir -p /var/run
+	mkdir -p /var/db/radacct
+	mkdir -p /tmp/radiusd
+
+	procd_open_instance
+	procd_set_param command $PROG -f
+	procd_set_param env LD_LIBRARY_PATH=/usr/lib/freeradius2
+	[ -n "$IPADDR" ] && procd_append_param command -i $IPADDR
+	[ -n "$OPTIONS" ] && procd_append_param command $OPTIONS
+	procd_set_param respawn
+	procd_close_instance
+}
diff --git a/net/freeradius2/patches/001-fix-makefile.patch b/net/freeradius2/patches/001-fix-makefile.patch
new file mode 100644
index 0000000..676f99c
--- /dev/null
+++ b/net/freeradius2/patches/001-fix-makefile.patch
@@ -0,0 +1,12 @@
+Index: freeradius-server-2.2.7/Make.inc.in
+===================================================================
+--- freeradius-server-2.2.7.orig/Make.inc.in
++++ freeradius-server-2.2.7/Make.inc.in
+@@ -5,6 +5,7 @@
+ #
+ 
+ # Location of files.
++SHELL		= @SHELL@
+ prefix		= @prefix@
+ exec_prefix	= @exec_prefix@
+ sysconfdir	= @sysconfdir@
diff --git a/net/freeradius2/patches/002-config.patch b/net/freeradius2/patches/002-config.patch
new file mode 100644
index 0000000..c486389
--- /dev/null
+++ b/net/freeradius2/patches/002-config.patch
@@ -0,0 +1,613 @@
+Index: freeradius-server-2.2.7/raddb/dictionary.in
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/dictionary.in
++++ freeradius-server-2.2.7/raddb/dictionary.in
+@@ -11,7 +11,7 @@
+ #
+ #	The filename given here should be an absolute path. 
+ #
+-$INCLUDE	@prefix@/share/freeradius/dictionary
++$INCLUDE	@prefix@/share/freeradius2/dictionary
+ 
+ #
+ #	Place additional attributes or $INCLUDEs here.  They will
+Index: freeradius-server-2.2.7/raddb/eap.conf
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/eap.conf
++++ freeradius-server-2.2.7/raddb/eap.conf
+@@ -27,7 +27,7 @@
+ 		#  then that EAP type takes precedence over the
+ 		#  default type configured here.
+ 		#
+-		default_eap_type = md5
++		default_eap_type = peap
+ 
+ 		#  A list is maintained to correlate EAP-Response
+ 		#  packets with EAP-Request packets.  After a
+@@ -72,8 +72,8 @@
+ 		#  for wireless connections.  It is insecure, and does
+ 		#  not provide for dynamic WEP keys.
+ 		#
+-		md5 {
+-		}
++#		md5 {
++#		}
+ 
+ 		# Cisco LEAP
+ 		#
+@@ -87,8 +87,8 @@
+ 		#  User-Password, or the NT-Password attributes.
+ 		#  'System' authentication is impossible with LEAP.
+ 		#
+-		leap {
+-		}
++#		leap {
++#		}
+ 
+ 		#  Generic Token Card.
+ 		#
+@@ -101,7 +101,7 @@
+ 		#  the users password will go over the wire in plain-text,
+ 		#  for anyone to see.
+ 		#
+-		gtc {
++#		gtc {
+ 			#  The default challenge, which many clients
+ 			#  ignore..
+ 			#challenge = "Password: "
+@@ -118,8 +118,8 @@
+ 			#  configured for the request, and do the
+ 			#  authentication itself.
+ 			#
+-			auth_type = PAP
+-		}
++#			auth_type = PAP
++#		}
+ 
+ 		## EAP-TLS
+ 		#
+@@ -215,7 +215,7 @@
+ 			#  In these cases, fragment size should be
+ 			#  1024 or less.
+ 			#
+-		#	fragment_size = 1024
++			fragment_size = 1024
+ 
+ 			#  include_length is a flag which is
+ 			#  by default set to yes If set to
+@@ -225,7 +225,7 @@
+ 			#  message is included ONLY in the
+ 			#  First packet of a fragment series.
+ 			#
+-		#	include_length = yes
++			include_length = yes
+ 
+ 			#  Check the Certificate Revocation List
+ 			#
+@@ -297,7 +297,7 @@
+ 			# for the server to print out an error message,
+ 			# and refuse to start.
+ 			#
+-			make_cert_command = "${certdir}/bootstrap"
++		#	make_cert_command = "${certdir}/bootstrap"
+ 
+ 			#
+ 			#  Elliptical cryptography configuration
+@@ -332,7 +332,7 @@
+ 			#  You probably also want "use_tunneled_reply = yes"
+ 			#  when using fast session resumption.
+ 			#
+-			cache {
++		#	cache {
+ 			      #
+ 			      #  Enable it.  The default is "no".
+ 			      #  Deleting the entire "cache" subsection
+@@ -348,14 +348,14 @@
+ 			      #  enable resumption for just one user
+ 			      #  by setting the above attribute to "yes".
+ 			      #
+-			      enable = no
++		#	      enable = no
+ 
+ 			      #
+ 			      #  Lifetime of the cached entries, in hours.
+ 			      #  The sessions will be deleted after this
+ 			      #  time.
+ 			      #
+-			      lifetime = 24 # hours
++		#	      lifetime = 24 # hours
+ 
+ 			      #
+ 			      #  The maximum number of entries in the
+@@ -364,8 +364,8 @@
+ 			      #  This could be set to the number of users
+ 			      #  who are logged in... which can be a LOT.
+ 			      #
+-			      max_entries = 255
+-			}
++		#	      max_entries = 255
++		#	}
+ 
+ 			#
+ 			#  As of version 2.1.10, client certificates can be
+@@ -503,7 +503,7 @@
+ 		#
+ 		#  in the control items for a request.
+ 		#
+-		ttls {
++#		ttls {
+ 			#  The tunneled EAP session needs a default
+ 			#  EAP type which is separate from the one for
+ 			#  the non-tunneled EAP module.  Inside of the
+@@ -511,7 +511,7 @@
+ 			#  If the request does not contain an EAP
+ 			#  conversation, then this configuration entry
+ 			#  is ignored.
+-			default_eap_type = md5
++#			default_eap_type = mschapv2
+ 
+ 			#  The tunneled authentication request does
+ 			#  not usually contain useful attributes
+@@ -527,7 +527,7 @@
+ 			#  is copied to the tunneled request.
+ 			#
+ 			# allowed values: {no, yes}
+-			copy_request_to_tunnel = no
++#			copy_request_to_tunnel = yes
+ 
+ 			#  The reply attributes sent to the NAS are
+ 			#  usually based on the name of the user
+@@ -540,7 +540,7 @@
+ 			#  the tunneled request.
+ 			#
+ 			# allowed values: {no, yes}
+-			use_tunneled_reply = no
++#			use_tunneled_reply = no
+ 
+ 			#
+ 			#  The inner tunneled request can be sent
+@@ -552,13 +552,13 @@
+ 			#  the virtual server that processed the
+ 			#  outer requests.
+ 			#
+-			virtual_server = "inner-tunnel"
++#			virtual_server = "inner-tunnel"
+ 
+ 			#  This has the same meaning as the
+ 			#  same field in the "tls" module, above.
+ 			#  The default value here is "yes".
+ 		#	include_length = yes
+-		}
++#		}
+ 
+ 		##################################################
+ 		#
+@@ -627,14 +627,14 @@
+ 
+ 			#  the PEAP module also has these configuration
+ 			#  items, which are the same as for TTLS.
+-			copy_request_to_tunnel = no
+-			use_tunneled_reply = no
++			copy_request_to_tunnel = yes
++			use_tunneled_reply = yes
+ 
+ 			#  When the tunneled session is proxied, the
+ 			#  home server may not understand EAP-MSCHAP-V2.
+ 			#  Set this entry to "no" to proxy the tunneled
+ 			#  EAP-MSCHAP-V2 as normal MSCHAPv2.
+-		#	proxy_tunneled_request_as_eap = yes
++			proxy_tunneled_request_as_eap = no
+ 
+ 			#
+ 			#  The inner tunneled request can be sent
+@@ -646,7 +646,8 @@
+ 			#  the virtual server that processed the
+ 			#  outer requests.
+ 			#
+-			virtual_server = "inner-tunnel"
++		#	virtual_server = "inner-tunnel"
++			EAP-TLS-Require-Client-Cert = no
+ 
+ 			# This option enables support for MS-SoH
+ 			# see doc/SoH.txt for more info.
+Index: freeradius-server-2.2.7/raddb/modules/counter
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/modules/counter
++++ freeradius-server-2.2.7/raddb/modules/counter
+@@ -69,7 +69,7 @@
+ #  'check-name' attribute.
+ #
+ counter daily {
+-	filename = ${db_dir}/db.daily
++	filename = ${radacctdir}/db.daily
+ 	key = User-Name
+ 	count-attribute = Acct-Session-Time
+ 	reset = daily
+Index: freeradius-server-2.2.7/raddb/modules/pap
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/modules/pap
++++ freeradius-server-2.2.7/raddb/modules/pap
+@@ -18,5 +18,5 @@
+ #
+ #  http://www.openldap.org/faq/data/cache/347.html
+ pap {
+-	auto_header = no
++	auto_header = yes
+ }
+Index: freeradius-server-2.2.7/raddb/modules/radutmp
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/modules/radutmp
++++ freeradius-server-2.2.7/raddb/modules/radutmp
+@@ -12,7 +12,7 @@ radutmp {
+ 	#  Where the file is stored.  It's not a log file,
+ 	#  so it doesn't need rotating.
+ 	#
+-	filename = ${logdir}/radutmp
++	filename = ${radacctdir}/radutmp
+ 
+ 	#  The field in the packet to key on for the
+ 	#  'user' name,  If you have other fields which you want
+Index: freeradius-server-2.2.7/raddb/modules/sradutmp
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/modules/sradutmp
++++ freeradius-server-2.2.7/raddb/modules/sradutmp
+@@ -10,7 +10,7 @@
+ # then name "sradutmp" to identify it later in the "accounting"
+ # section.
+ radutmp sradutmp {
+-	filename = ${logdir}/sradutmp
++	filename = ${radacctdir}/sradutmp
+ 	perm = 0644
+ 	callerid = "no"
+ }
+Index: freeradius-server-2.2.7/raddb/radiusd.conf.in
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/radiusd.conf.in
++++ freeradius-server-2.2.7/raddb/radiusd.conf.in
+@@ -66,7 +66,7 @@ name = radiusd
+ 
+ #  Location of config and logfiles.
+ confdir = ${raddbdir}
+-run_dir = ${localstatedir}/run/${name}
++run_dir = ${localstatedir}/run
+ 
+ # Should likely be ${localstatedir}/lib/radiusd
+ db_dir = ${raddbdir}
+@@ -323,7 +323,7 @@ listen {
+ 	#  If your system does not support this feature, you will
+ 	#  get an error if you try to use it.
+ 	#
+-#	interface = eth0
++	interface = br-lan
+ 
+ 	#  Per-socket lists of clients.  This is a very useful feature.
+ 	#
+@@ -350,7 +350,7 @@ listen {
+ #	ipv6addr = ::
+ 	port = 0
+ 	type = acct
+-#	interface = eth0
++	interface = br-lan
+ #	clients = per_socket_clients
+ }
+ 
+@@ -576,8 +576,8 @@ security {
+ #
+ #  allowed values: {no, yes}
+ #
+-proxy_requests  = yes
+-$INCLUDE proxy.conf
++proxy_requests  = no
++#$INCLUDE proxy.conf
+ 
+ 
+ # CLIENTS CONFIGURATION
+@@ -774,7 +774,7 @@ instantiate {
+ 	#  The entire command line (and output) must fit into 253 bytes.
+ 	#
+ 	#  e.g. Framed-Pool = `%{exec:/bin/echo foo}`
+-	exec
++#	exec
+ 
+ 	#
+ 	#  The expression module doesn't do authorization,
+@@ -791,15 +791,15 @@ instantiate {
+ 	#  other xlat functions such as md5, sha1 and lc.
+ 	#
+ 	#  We do not recommend removing it's listing here.
+-	expr
++#	expr
+ 
+ 	#
+ 	# We add the counter module here so that it registers
+ 	# the check-name attribute before any module which sets
+ 	# it
+ #	daily
+-	expiration
+-	logintime
++#	expiration
++#	logintime
+ 
+ 	# subsections here can be thought of as "virtual" modules.
+ 	#
+@@ -823,7 +823,7 @@ instantiate {
+ #	to multiple times.
+ #
+ ######################################################################
+-$INCLUDE policy.conf
++#$INCLUDE policy.conf
+ 
+ ######################################################################
+ #
+@@ -833,9 +833,9 @@ $INCLUDE policy.conf
+ #	match the regular expression: /[a-zA-Z0-9_.]+/
+ #
+ #	It allows you to define new virtual servers simply by placing
+-#	a file into the raddb/sites-enabled/ directory.
++#	a file into the /etc/freeradius2/sites/ directory.
+ #
+-$INCLUDE sites-enabled/
++$INCLUDE sites/
+ 
+ ######################################################################
+ #
+@@ -843,7 +843,7 @@ $INCLUDE sites-enabled/
+ #	"authenticate {}", "accounting {}", have been moved to the
+ #	the file:
+ #
+-#		raddb/sites-available/default
++#		/etc/freeradius2/sites/default
+ #
+ #	This is the "default" virtual server that has the same
+ #	configuration as in version 1.0.x and 1.1.x.  The default
+Index: freeradius-server-2.2.7/raddb/sites-available/default
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/sites-available/default
++++ freeradius-server-2.2.7/raddb/sites-available/default
+@@ -85,7 +85,7 @@ authorize {
+ 	#
+ 	#  It takes care of processing the 'raddb/hints' and the
+ 	#  'raddb/huntgroups' files.
+-	preprocess
++#	preprocess
+ 
+ 	#
+ 	#  If you want to have a log of authentication requests,
+@@ -96,7 +96,7 @@ authorize {
+ 	#
+ 	#  The chap module will set 'Auth-Type := CHAP' if we are
+ 	#  handling a CHAP request and Auth-Type has not already been set
+-	chap
++#	chap
+ 
+ 	#
+ 	#  If the users are logging in with an MS-CHAP-Challenge
+@@ -104,13 +104,13 @@ authorize {
+ 	#  the MS-CHAP-Challenge attribute, and add 'Auth-Type := MS-CHAP'
+ 	#  to the request, which will cause the server to then use
+ 	#  the mschap module for authentication.
+-	mschap
++#	mschap
+ 
+ 	#
+ 	#  If you have a Cisco SIP server authenticating against
+ 	#  FreeRADIUS, uncomment the following line, and the 'digest'
+ 	#  line in the 'authenticate' section.
+-	digest
++#	digest
+ 
+ 	#
+ 	#  The WiMAX specification says that the Calling-Station-Id
+@@ -133,7 +133,7 @@ authorize {
+ 	#  Otherwise, when the first style of realm doesn't match,
+ 	#  the other styles won't be checked.
+ 	#
+-	suffix
++#	suffix
+ #	ntdomain
+ 
+ 	#
+@@ -197,8 +197,8 @@ authorize {
+ 	# Use the checkval module
+ #	checkval
+ 
+-	expiration
+-	logintime
++#	expiration
++#	logintime
+ 
+ 	#
+ 	#  If no other module has claimed responsibility for
+@@ -279,7 +279,7 @@ authenticate {
+ 	#  If you have a Cisco SIP server authenticating against
+ 	#  FreeRADIUS, uncomment the following line, and the 'digest'
+ 	#  line in the 'authorize' section.
+-	digest
++#	digest
+ 
+ 	#
+ 	#  Pluggable Authentication Modules.
+@@ -296,7 +296,7 @@ authenticate {
+ 	#  be used for authentication ONLY for compatibility with legacy
+ 	#  FreeRADIUS configurations.
+ 	#
+-	unix
++#	unix
+ 
+ 	# Uncomment it if you want to use ldap for authentication
+ 	#
+@@ -332,8 +332,8 @@ authenticate {
+ #
+ #  Pre-accounting.  Decide which accounting type to use.
+ #
+-preacct {
+-	preprocess
++#preacct {
++#	preprocess
+ 
+ 	#
+ 	#  Session start times are *implied* in RADIUS.
+@@ -356,7 +356,7 @@ preacct {
+ 	#
+ 	#  Ensure that we have a semi-unique identifier for every
+ 	#  request, and many NAS boxes are broken.
+-	acct_unique
++#	acct_unique
+ 
+ 	#
+ 	#  Look for IPASS-style 'realm/', and if not found, look for
+@@ -366,13 +366,13 @@ preacct {
+ 	#  Accounting requests are generally proxied to the same
+ 	#  home server as authentication requests.
+ #	IPASS
+-	suffix
++#	suffix
+ #	ntdomain
+ 
+ 	#
+ 	#  Read the 'acct_users' file
+-	files
+-}
++#	files
++#}
+ 
+ #
+ #  Accounting.  Log the accounting data.
+@@ -382,7 +382,7 @@ accounting {
+ 	#  Create a 'detail'ed log of the packets.
+ 	#  Note that accounting requests which are proxied
+ 	#  are also logged in the detail file.
+-	detail
++#	detail
+ #	daily
+ 
+ 	#  Update the wtmp file
+@@ -434,7 +434,7 @@ accounting {
+ 	exec
+ 
+ 	#  Filter attributes from the accounting response.
+-	attr_filter.accounting_response
++	#attr_filter.accounting_response
+ 
+ 	#
+ 	#  See "Autz-Type Status-Server" for how this works.
+@@ -460,7 +460,7 @@ session {
+ #  Post-Authentication
+ #  Once we KNOW that the user has been authenticated, there are
+ #  additional steps we can take.
+-post-auth {
++#post-auth {
+ 	#  Get an address from the IP Pool.
+ #	main_pool
+ 
+@@ -490,7 +490,7 @@ post-auth {
+ #	ldap
+ 
+ 	# For Exec-Program and Exec-Program-Wait
+-	exec
++#	exec
+ 
+ 	#
+ 	#  Calculate the various WiMAX keys.  In order for this to work,
+@@ -574,18 +574,18 @@ post-auth {
+ 	#  Add the ldap module name (or instance) if you have set 
+ 	#  'edir_account_policy_check = yes' in the ldap module configuration
+ 	#
+-	Post-Auth-Type REJECT {
+-		# log failed authentications in SQL, too.
++#	Post-Auth-Type REJECT {
++#		# log failed authentications in SQL, too.
+ #		sql
+ 
+ 		# Insert EAP-Failure message if the request was
+ 		# rejected by policy instead of because of an
+ 		# authentication failure
+-		eap
++#		eap
+ 
+-		attr_filter.access_reject
+-	}
+-}
++#		attr_filter.access_reject
++#	}
++#}
+ 
+ #
+ #  When the server decides to proxy a request to a home server,
+@@ -595,7 +595,7 @@ post-auth {
+ #
+ #  Only a few modules currently have this method.
+ #
+-pre-proxy {
++#pre-proxy {
+ #	attr_rewrite
+ 
+ 	#  Uncomment the following line if you want to change attributes
+@@ -611,14 +611,14 @@ pre-proxy {
+ 	#  server, un-comment the following line, and the
+ 	#  'detail pre_proxy_log' section, above.
+ #	pre_proxy_log
+-}
++#}
+ 
+ #
+ #  When the server receives a reply to a request it proxied
+ #  to a home server, the request may be massaged here, in the
+ #  post-proxy stage.
+ #
+-post-proxy {
++#post-proxy {
+ 
+ 	#  If you want to have a log of replies from a home server,
+ 	#  un-comment the following line, and the 'detail post_proxy_log'
+@@ -642,7 +642,7 @@ post-proxy {
+ 	#  hidden inside of the EAP packet, and the end server will
+ 	#  reject the EAP request.
+ 	#
+-	eap
++#	eap
+ 
+ 	#
+ 	#  If the server tries to proxy a request and fails, then the
+@@ -664,5 +664,5 @@ post-proxy {
+ #	Post-Proxy-Type Fail {
+ #			detail
+ #	}
+-}
++#}
+ 
+Index: freeradius-server-2.2.7/raddb/users
+===================================================================
+--- freeradius-server-2.2.7.orig/raddb/users
++++ freeradius-server-2.2.7/raddb/users
+@@ -169,22 +169,22 @@
+ #	by the terminal server in which case there may not be a "P" suffix.
+ #	The terminal server sends "Framed-Protocol = PPP" for auto PPP.
+ #
+-DEFAULT	Framed-Protocol == PPP
+-	Framed-Protocol = PPP,
+-	Framed-Compression = Van-Jacobson-TCP-IP
++#DEFAULT	Framed-Protocol == PPP
++#	Framed-Protocol = PPP,
++#	Framed-Compression = Van-Jacobson-TCP-IP
+ 
+ #
+ # Default for CSLIP: dynamic IP address, SLIP mode, VJ-compression.
+ #
+-DEFAULT	Hint == "CSLIP"
+-	Framed-Protocol = SLIP,
+-	Framed-Compression = Van-Jacobson-TCP-IP
++#DEFAULT	Hint == "CSLIP"
++#	Framed-Protocol = SLIP,
++#	Framed-Compression = Van-Jacobson-TCP-IP
+ 
+ #
+ # Default for SLIP: dynamic IP address, SLIP mode.
+ #
+-DEFAULT	Hint == "SLIP"
+-	Framed-Protocol = SLIP
++#DEFAULT	Hint == "SLIP"
++#	Framed-Protocol = SLIP
+ 
+ #
+ # Last default: rlogin to our main server.
diff --git a/net/freeradius2/patches/004-ldap_configure.patch b/net/freeradius2/patches/004-ldap_configure.patch
new file mode 100644
index 0000000..05b6789
--- /dev/null
+++ b/net/freeradius2/patches/004-ldap_configure.patch
@@ -0,0 +1,4257 @@
+Index: freeradius-server-2.2.7/src/modules/rlm_ldap/configure
+===================================================================
+--- freeradius-server-2.2.7.orig/src/modules/rlm_ldap/configure
++++ freeradius-server-2.2.7/src/modules/rlm_ldap/configure
+@@ -1,10 +1,10 @@
+ #! /bin/sh
+ # From configure.in Revision.
+ # Guess values for system-dependent variables and create Makefiles.
+-# Generated by GNU Autoconf 2.61.
++# Generated by GNU Autoconf 2.63.
+ #
+ # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
+-# 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
++# 2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+ # This configure script is free software; the Free Software Foundation
+ # gives unlimited permission to copy, distribute and modify it.
+ ## --------------------- ##
+@@ -16,7 +16,7 @@ DUALCASE=1; export DUALCASE # for MKS sh
+ if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+   emulate sh
+   NULLCMD=:
+-  # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
++  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+   # is contrary to our usage.  Disable this feature.
+   alias -g '${1+"$@"}'='"$@"'
+   setopt NO_GLOB_SUBST
+@@ -38,17 +38,45 @@ as_cr_Letters=$as_cr_letters$as_cr_LETTE
+ as_cr_digits='0123456789'
+ as_cr_alnum=$as_cr_Letters$as_cr_digits
+ 
+-# The user is always right.
+-if test "${PATH_SEPARATOR+set}" != set; then
+-  echo "#! /bin/sh" >conf$$.sh
+-  echo  "exit 0"   >>conf$$.sh
+-  chmod +x conf$$.sh
+-  if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+-    PATH_SEPARATOR=';'
++as_nl='
++'
++export as_nl
++# Printing a long string crashes Solaris 7 /usr/bin/printf.
++as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
++as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
++as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
++if (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
++  as_echo='printf %s\n'
++  as_echo_n='printf %s'
++else
++  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
++    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
++    as_echo_n='/usr/ucb/echo -n'
+   else
+-    PATH_SEPARATOR=:
++    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
++    as_echo_n_body='eval
++      arg=$1;
++      case $arg in
++      *"$as_nl"*)
++	expr "X$arg" : "X\\(.*\\)$as_nl";
++	arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
++      esac;
++      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
++    '
++    export as_echo_n_body
++    as_echo_n='sh -c $as_echo_n_body as_echo'
+   fi
+-  rm -f conf$$.sh
++  export as_echo_body
++  as_echo='sh -c $as_echo_body as_echo'
++fi
++
++# The user is always right.
++if test "${PATH_SEPARATOR+set}" != set; then
++  PATH_SEPARATOR=:
++  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
++    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
++      PATH_SEPARATOR=';'
++  }
+ fi
+ 
+ # Support unset when possible.
+@@ -64,8 +92,6 @@ fi
+ # there to prevent editors from complaining about space-tab.
+ # (If _AS_PATH_WALK were called with IFS unset, it would disable word
+ # splitting by setting IFS to empty value.)
+-as_nl='
+-'
+ IFS=" ""	$as_nl"
+ 
+ # Find who we are.  Look in the path if we contain no directory separator.
+@@ -88,7 +114,7 @@ if test "x$as_myself" = x; then
+   as_myself=$0
+ fi
+ if test ! -f "$as_myself"; then
+-  echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
++  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+   { (exit 1); exit 1; }
+ fi
+ 
+@@ -101,17 +127,10 @@ PS2='> '
+ PS4='+ '
+ 
+ # NLS nuisances.
+-for as_var in \
+-  LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \
+-  LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \
+-  LC_TELEPHONE LC_TIME
+-do
+-  if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then
+-    eval $as_var=C; export $as_var
+-  else
+-    ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
+-  fi
+-done
++LC_ALL=C
++export LC_ALL
++LANGUAGE=C
++export LANGUAGE
+ 
+ # Required to use basename.
+ if expr a : '\(a\)' >/dev/null 2>&1 &&
+@@ -133,7 +152,7 @@ as_me=`$as_basename -- "$0" ||
+ $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+ 	 X"$0" : 'X\(//\)$' \| \
+ 	 X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+-echo X/"$0" |
++$as_echo X/"$0" |
+     sed '/^.*\/\([^/][^/]*\)\/*$/{
+ 	    s//\1/
+ 	    q
+@@ -159,7 +178,7 @@ else
+   as_have_required=no
+ fi
+ 
+-  if test $as_have_required = yes && 	 (eval ":
++  if test $as_have_required = yes &&	 (eval ":
+ (as_func_return () {
+   (exit \$1)
+ }
+@@ -241,7 +260,7 @@ IFS=$as_save_IFS
+ if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+   emulate sh
+   NULLCMD=:
+-  # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
++  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+   # is contrary to our usage.  Disable this feature.
+   alias -g '${1+"$@"}'='"$@"'
+   setopt NO_GLOB_SUBST
+@@ -262,7 +281,7 @@ _ASEOF
+ if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+   emulate sh
+   NULLCMD=:
+-  # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
++  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+   # is contrary to our usage.  Disable this feature.
+   alias -g '${1+"$@"}'='"$@"'
+   setopt NO_GLOB_SUBST
+@@ -342,10 +361,10 @@ fi
+ 
+       if test "x$CONFIG_SHELL" != x; then
+   for as_var in BASH_ENV ENV
+-        do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
+-        done
+-        export CONFIG_SHELL
+-        exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"}
++	do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
++	done
++	export CONFIG_SHELL
++	exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"}
+ fi
+ 
+ 
+@@ -414,9 +433,10 @@ fi
+ 
+ test \$exitcode = 0") || {
+   echo No shell found that supports shell functions.
+-  echo Please tell autoconf@gnu.org about your system,
+-  echo including any error possibly output before this
+-  echo message
++  echo Please tell bug-autoconf@gnu.org about your system,
++  echo including any error possibly output before this message.
++  echo This can help us improve future autoconf versions.
++  echo Configuration will now proceed without shell functions.
+ }
+ 
+ 
+@@ -452,7 +472,7 @@ test \$exitcode = 0") || {
+       s/-\n.*//
+     ' >$as_me.lineno &&
+   chmod +x "$as_me.lineno" ||
+-    { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2
++    { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2
+    { (exit 1); exit 1; }; }
+ 
+   # Don't try to exec as it changes $[0], causing all sort of problems
+@@ -480,7 +500,6 @@ case `echo -n x` in
+ *)
+   ECHO_N='-n';;
+ esac
+-
+ if expr a : '\(a\)' >/dev/null 2>&1 &&
+    test "X`expr 00001 : '.*\(...\)'`" = X001; then
+   as_expr=expr
+@@ -493,19 +512,22 @@ if test -d conf$$.dir; then
+   rm -f conf$$.dir/conf$$.file
+ else
+   rm -f conf$$.dir
+-  mkdir conf$$.dir
++  mkdir conf$$.dir 2>/dev/null
+ fi
+-echo >conf$$.file
+-if ln -s conf$$.file conf$$ 2>/dev/null; then
+-  as_ln_s='ln -s'
+-  # ... but there are two gotchas:
+-  # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+-  # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+-  # In both cases, we have to default to `cp -p'.
+-  ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
++if (echo >conf$$.file) 2>/dev/null; then
++  if ln -s conf$$.file conf$$ 2>/dev/null; then
++    as_ln_s='ln -s'
++    # ... but there are two gotchas:
++    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
++    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
++    # In both cases, we have to default to `cp -p'.
++    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
++      as_ln_s='cp -p'
++  elif ln conf$$.file conf$$ 2>/dev/null; then
++    as_ln_s=ln
++  else
+     as_ln_s='cp -p'
+-elif ln conf$$.file conf$$ 2>/dev/null; then
+-  as_ln_s=ln
++  fi
+ else
+   as_ln_s='cp -p'
+ fi
+@@ -530,10 +552,10 @@ else
+   as_test_x='
+     eval sh -c '\''
+       if test -d "$1"; then
+-        test -d "$1/.";
++	test -d "$1/.";
+       else
+ 	case $1 in
+-        -*)set "./$1";;
++	-*)set "./$1";;
+ 	esac;
+ 	case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in
+ 	???[sx]*):;;*)false;;esac;fi
+@@ -578,57 +600,65 @@ PACKAGE_STRING=
+ PACKAGE_BUGREPORT=
+ 
+ ac_unique_file="rlm_ldap.c"
+-ac_subst_vars='SHELL
+-PATH_SEPARATOR
+-PACKAGE_NAME
+-PACKAGE_TARNAME
+-PACKAGE_VERSION
+-PACKAGE_STRING
+-PACKAGE_BUGREPORT
+-exec_prefix
+-prefix
+-program_transform_name
+-bindir
+-sbindir
+-libexecdir
+-datarootdir
+-datadir
+-sysconfdir
+-sharedstatedir
+-localstatedir
+-includedir
+-oldincludedir
+-docdir
+-infodir
+-htmldir
+-dvidir
+-pdfdir
+-psdir
+-libdir
+-localedir
+-mandir
+-DEFS
+-ECHO_C
+-ECHO_N
+-ECHO_T
+-LIBS
+-build_alias
+-host_alias
+-target_alias
+-CC
+-CFLAGS
+-LDFLAGS
+-CPPFLAGS
+-ac_ct_CC
+-EXEEXT
+-OBJEXT
+-edir
+-ldap_ldflags
+-ldap_cflags
+-targetname
++ac_subst_vars='LTLIBOBJS
+ LIBOBJS
+-LTLIBOBJS'
++targetname
++ldap_cflags
++ldap_ldflags
++edir
++OBJEXT
++EXEEXT
++ac_ct_CC
++CPPFLAGS
++LDFLAGS
++CFLAGS
++CC
++target_alias
++host_alias
++build_alias
++LIBS
++ECHO_T
++ECHO_N
++ECHO_C
++DEFS
++mandir
++localedir
++libdir
++psdir
++pdfdir
++dvidir
++htmldir
++infodir
++docdir
++oldincludedir
++includedir
++localstatedir
++sharedstatedir
++sysconfdir
++datadir
++datarootdir
++libexecdir
++sbindir
++bindir
++program_transform_name
++prefix
++exec_prefix
++PACKAGE_BUGREPORT
++PACKAGE_STRING
++PACKAGE_VERSION
++PACKAGE_TARNAME
++PACKAGE_NAME
++PATH_SEPARATOR
++SHELL'
+ ac_subst_files=''
++ac_user_opts='
++enable_option_checking
++with_rlm_ldap_lib_dir
++with_rlm_ldap_include_dir
++enable_shared
++with_threads
++with_edir
++'
+       ac_precious_vars='build_alias
+ host_alias
+ target_alias
+@@ -642,6 +672,8 @@ CPPFLAGS'
+ # Initialize some variables set by options.
+ ac_init_help=
+ ac_init_version=false
++ac_unrecognized_opts=
++ac_unrecognized_sep=
+ # The variables have the same names as the options, with
+ # dashes changed to underlines.
+ cache_file=/dev/null
+@@ -740,13 +772,21 @@ do
+     datarootdir=$ac_optarg ;;
+ 
+   -disable-* | --disable-*)
+-    ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
++    ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
+     # Reject names that are not valid shell variable names.
+-    expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+-      { echo "$as_me: error: invalid feature name: $ac_feature" >&2
++    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
++      { $as_echo "$as_me: error: invalid feature name: $ac_useropt" >&2
+    { (exit 1); exit 1; }; }
+-    ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'`
+-    eval enable_$ac_feature=no ;;
++    ac_useropt_orig=$ac_useropt
++    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
++    case $ac_user_opts in
++      *"
++"enable_$ac_useropt"
++"*) ;;
++      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig"
++	 ac_unrecognized_sep=', ';;
++    esac
++    eval enable_$ac_useropt=no ;;
+ 
+   -docdir | --docdir | --docdi | --doc | --do)
+     ac_prev=docdir ;;
+@@ -759,13 +799,21 @@ do
+     dvidir=$ac_optarg ;;
+ 
+   -enable-* | --enable-*)
+-    ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
++    ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
+     # Reject names that are not valid shell variable names.
+-    expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+-      { echo "$as_me: error: invalid feature name: $ac_feature" >&2
++    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
++      { $as_echo "$as_me: error: invalid feature name: $ac_useropt" >&2
+    { (exit 1); exit 1; }; }
+-    ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'`
+-    eval enable_$ac_feature=\$ac_optarg ;;
++    ac_useropt_orig=$ac_useropt
++    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
++    case $ac_user_opts in
++      *"
++"enable_$ac_useropt"
++"*) ;;
++      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig"
++	 ac_unrecognized_sep=', ';;
++    esac
++    eval enable_$ac_useropt=\$ac_optarg ;;
+ 
+   -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
+   | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
+@@ -956,22 +1004,38 @@ do
+     ac_init_version=: ;;
+ 
+   -with-* | --with-*)
+-    ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
++    ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
+     # Reject names that are not valid shell variable names.
+-    expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+-      { echo "$as_me: error: invalid package name: $ac_package" >&2
++    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
++      { $as_echo "$as_me: error: invalid package name: $ac_useropt" >&2
+    { (exit 1); exit 1; }; }
+-    ac_package=`echo $ac_package | sed 's/[-.]/_/g'`
+-    eval with_$ac_package=\$ac_optarg ;;
++    ac_useropt_orig=$ac_useropt
++    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
++    case $ac_user_opts in
++      *"
++"with_$ac_useropt"
++"*) ;;
++      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig"
++	 ac_unrecognized_sep=', ';;
++    esac
++    eval with_$ac_useropt=\$ac_optarg ;;
+ 
+   -without-* | --without-*)
+-    ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'`
++    ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'`
+     # Reject names that are not valid shell variable names.
+-    expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+-      { echo "$as_me: error: invalid package name: $ac_package" >&2
++    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
++      { $as_echo "$as_me: error: invalid package name: $ac_useropt" >&2
+    { (exit 1); exit 1; }; }
+-    ac_package=`echo $ac_package | sed 's/[-.]/_/g'`
+-    eval with_$ac_package=no ;;
++    ac_useropt_orig=$ac_useropt
++    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
++    case $ac_user_opts in
++      *"
++"with_$ac_useropt"
++"*) ;;
++      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig"
++	 ac_unrecognized_sep=', ';;
++    esac
++    eval with_$ac_useropt=no ;;
+ 
+   --x)
+     # Obsolete; use --with-x.
+@@ -991,7 +1055,7 @@ do
+   | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
+     x_libraries=$ac_optarg ;;
+ 
+-  -*) { echo "$as_me: error: unrecognized option: $ac_option
++  -*) { $as_echo "$as_me: error: unrecognized option: $ac_option
+ Try \`$0 --help' for more information." >&2
+    { (exit 1); exit 1; }; }
+     ;;
+@@ -1000,16 +1064,16 @@ Try \`$0 --help' for more information."
+     ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='`
+     # Reject names that are not valid shell variable names.
+     expr "x$ac_envvar" : ".*[^_$as_cr_alnum]" >/dev/null &&
+-      { echo "$as_me: error: invalid variable name: $ac_envvar" >&2
++      { $as_echo "$as_me: error: invalid variable name: $ac_envvar" >&2
+    { (exit 1); exit 1; }; }
+     eval $ac_envvar=\$ac_optarg
+     export $ac_envvar ;;
+ 
+   *)
+     # FIXME: should be removed in autoconf 3.0.
+-    echo "$as_me: WARNING: you should use --build, --host, --target" >&2
++    $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2
+     expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+-      echo "$as_me: WARNING: invalid host type: $ac_option" >&2
++      $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2
+     : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}
+     ;;
+ 
+@@ -1018,22 +1082,38 @@ done
+ 
+ if test -n "$ac_prev"; then
+   ac_option=--`echo $ac_prev | sed 's/_/-/g'`
+-  { echo "$as_me: error: missing argument to $ac_option" >&2
++  { $as_echo "$as_me: error: missing argument to $ac_option" >&2
+    { (exit 1); exit 1; }; }
+ fi
+ 
+-# Be sure to have absolute directory names.
++if test -n "$ac_unrecognized_opts"; then
++  case $enable_option_checking in
++    no) ;;
++    fatal) { $as_echo "$as_me: error: unrecognized options: $ac_unrecognized_opts" >&2
++   { (exit 1); exit 1; }; } ;;
++    *)     $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;;
++  esac
++fi
++
++# Check all directory arguments for consistency.
+ for ac_var in	exec_prefix prefix bindir sbindir libexecdir datarootdir \
+ 		datadir sysconfdir sharedstatedir localstatedir includedir \
+ 		oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
+ 		libdir localedir mandir
+ do
+   eval ac_val=\$$ac_var
++  # Remove trailing slashes.
++  case $ac_val in
++    */ )
++      ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'`
++      eval $ac_var=\$ac_val;;
++  esac
++  # Be sure to have absolute directory names.
+   case $ac_val in
+     [\\/$]* | ?:[\\/]* )  continue;;
+     NONE | '' ) case $ac_var in *prefix ) continue;; esac;;
+   esac
+-  { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2
++  { $as_echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2
+    { (exit 1); exit 1; }; }
+ done
+ 
+@@ -1048,7 +1128,7 @@ target=$target_alias
+ if test "x$host_alias" != x; then
+   if test "x$build_alias" = x; then
+     cross_compiling=maybe
+-    echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host.
++    $as_echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host.
+     If a cross compiler is detected then cross compile mode will be used." >&2
+   elif test "x$build_alias" != "x$host_alias"; then
+     cross_compiling=yes
+@@ -1064,10 +1144,10 @@ test "$silent" = yes && exec 6>/dev/null
+ ac_pwd=`pwd` && test -n "$ac_pwd" &&
+ ac_ls_di=`ls -di .` &&
+ ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` ||
+-  { echo "$as_me: error: Working directory cannot be determined" >&2
++  { $as_echo "$as_me: error: working directory cannot be determined" >&2
+    { (exit 1); exit 1; }; }
+ test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
+-  { echo "$as_me: error: pwd does not report name of working directory" >&2
++  { $as_echo "$as_me: error: pwd does not report name of working directory" >&2
+    { (exit 1); exit 1; }; }
+ 
+ 
+@@ -1075,12 +1155,12 @@ test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
+ if test -z "$srcdir"; then
+   ac_srcdir_defaulted=yes
+   # Try the directory containing this script, then the parent directory.
+-  ac_confdir=`$as_dirname -- "$0" ||
+-$as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+-	 X"$0" : 'X\(//\)[^/]' \| \
+-	 X"$0" : 'X\(//\)$' \| \
+-	 X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+-echo X"$0" |
++  ac_confdir=`$as_dirname -- "$as_myself" ||
++$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
++	 X"$as_myself" : 'X\(//\)[^/]' \| \
++	 X"$as_myself" : 'X\(//\)$' \| \
++	 X"$as_myself" : 'X\(/\)' \| . 2>/dev/null ||
++$as_echo X"$as_myself" |
+     sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ 	    s//\1/
+ 	    q
+@@ -1107,12 +1187,12 @@ else
+ fi
+ if test ! -r "$srcdir/$ac_unique_file"; then
+   test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .."
+-  { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2
++  { $as_echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2
+    { (exit 1); exit 1; }; }
+ fi
+ ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work"
+ ac_abs_confdir=`(
+-	cd "$srcdir" && test -r "./$ac_unique_file" || { echo "$as_me: error: $ac_msg" >&2
++	cd "$srcdir" && test -r "./$ac_unique_file" || { $as_echo "$as_me: error: $ac_msg" >&2
+    { (exit 1); exit 1; }; }
+ 	pwd)`
+ # When building in place, set srcdir=.
+@@ -1161,9 +1241,9 @@ Configuration:
+ 
+ Installation directories:
+   --prefix=PREFIX         install architecture-independent files in PREFIX
+-			  [$ac_default_prefix]
++                          [$ac_default_prefix]
+   --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
+-			  [PREFIX]
++                          [PREFIX]
+ 
+ By default, \`make install' will install all the files in
+ \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc.  You can specify
+@@ -1173,25 +1253,25 @@ for instance \`--prefix=\$HOME'.
+ For better control, use the options below.
+ 
+ Fine tuning of the installation directories:
+-  --bindir=DIR           user executables [EPREFIX/bin]
+-  --sbindir=DIR          system admin executables [EPREFIX/sbin]
+-  --libexecdir=DIR       program executables [EPREFIX/libexec]
+-  --sysconfdir=DIR       read-only single-machine data [PREFIX/etc]
+-  --sharedstatedir=DIR   modifiable architecture-independent data [PREFIX/com]
+-  --localstatedir=DIR    modifiable single-machine data [PREFIX/var]
+-  --libdir=DIR           object code libraries [EPREFIX/lib]
+-  --includedir=DIR       C header files [PREFIX/include]
+-  --oldincludedir=DIR    C header files for non-gcc [/usr/include]
+-  --datarootdir=DIR      read-only arch.-independent data root [PREFIX/share]
+-  --datadir=DIR          read-only architecture-independent data [DATAROOTDIR]
+-  --infodir=DIR          info documentation [DATAROOTDIR/info]
+-  --localedir=DIR        locale-dependent data [DATAROOTDIR/locale]
+-  --mandir=DIR           man documentation [DATAROOTDIR/man]
+-  --docdir=DIR           documentation root [DATAROOTDIR/doc/PACKAGE]
+-  --htmldir=DIR          html documentation [DOCDIR]
+-  --dvidir=DIR           dvi documentation [DOCDIR]
+-  --pdfdir=DIR           pdf documentation [DOCDIR]
+-  --psdir=DIR            ps documentation [DOCDIR]
++  --bindir=DIR            user executables [EPREFIX/bin]
++  --sbindir=DIR           system admin executables [EPREFIX/sbin]
++  --libexecdir=DIR        program executables [EPREFIX/libexec]
++  --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]
++  --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
++  --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
++  --libdir=DIR            object code libraries [EPREFIX/lib]
++  --includedir=DIR        C header files [PREFIX/include]
++  --oldincludedir=DIR     C header files for non-gcc [/usr/include]
++  --datarootdir=DIR       read-only arch.-independent data root [PREFIX/share]
++  --datadir=DIR           read-only architecture-independent data [DATAROOTDIR]
++  --infodir=DIR           info documentation [DATAROOTDIR/info]
++  --localedir=DIR         locale-dependent data [DATAROOTDIR/locale]
++  --mandir=DIR            man documentation [DATAROOTDIR/man]
++  --docdir=DIR            documentation root [DATAROOTDIR/doc/PACKAGE]
++  --htmldir=DIR           html documentation [DOCDIR]
++  --dvidir=DIR            dvi documentation [DOCDIR]
++  --pdfdir=DIR            pdf documentation [DOCDIR]
++  --psdir=DIR             ps documentation [DOCDIR]
+ _ACEOF
+ 
+   cat <<\_ACEOF
+@@ -1203,6 +1283,7 @@ if test -n "$ac_init_help"; then
+   cat <<\_ACEOF
+ 
+ Optional Features:
++  --disable-option-checking  ignore unrecognized --enable/--with options
+   --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
+   --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
+   --enable-shared[=PKGS]  build shared libraries [default=yes]
+@@ -1234,15 +1315,17 @@ fi
+ if test "$ac_init_help" = "recursive"; then
+   # If there are subdirs, report their specific --help.
+   for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
+-    test -d "$ac_dir" || continue
++    test -d "$ac_dir" ||
++      { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } ||
++      continue
+     ac_builddir=.
+ 
+ case "$ac_dir" in
+ .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+ *)
+-  ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
++  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+   # A ".." for each directory in $ac_dir_suffix.
+-  ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'`
++  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+   case $ac_top_builddir_sub in
+   "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+   *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+@@ -1278,7 +1361,7 @@ ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_
+       echo &&
+       $SHELL "$ac_srcdir/configure" --help=recursive
+     else
+-      echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
++      $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
+     fi || ac_status=$?
+     cd "$ac_pwd" || { ac_status=$?; break; }
+   done
+@@ -1288,10 +1371,10 @@ test -n "$ac_init_help" && exit $ac_stat
+ if $ac_init_version; then
+   cat <<\_ACEOF
+ configure
+-generated by GNU Autoconf 2.61
++generated by GNU Autoconf 2.63
+ 
+ Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
+-2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
++2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+ This configure script is free software; the Free Software Foundation
+ gives unlimited permission to copy, distribute and modify it.
+ _ACEOF
+@@ -1302,7 +1385,7 @@ This file contains any messages produced
+ running configure, to aid debugging if configure makes a mistake.
+ 
+ It was created by $as_me, which was
+-generated by GNU Autoconf 2.61.  Invocation command line was
++generated by GNU Autoconf 2.63.  Invocation command line was
+ 
+   $ $0 $@
+ 
+@@ -1338,7 +1421,7 @@ for as_dir in $PATH
+ do
+   IFS=$as_save_IFS
+   test -z "$as_dir" && as_dir=.
+-  echo "PATH: $as_dir"
++  $as_echo "PATH: $as_dir"
+ done
+ IFS=$as_save_IFS
+ 
+@@ -1373,7 +1456,7 @@ do
+     | -silent | --silent | --silen | --sile | --sil)
+       continue ;;
+     *\'*)
+-      ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
++      ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
+     esac
+     case $ac_pass in
+     1) ac_configure_args0="$ac_configure_args0 '$ac_arg'" ;;
+@@ -1425,11 +1508,12 @@ _ASBOX
+     case $ac_val in #(
+     *${as_nl}*)
+       case $ac_var in #(
+-      *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5
+-echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;;
++      *_cv_*) { $as_echo "$as_me:$LINENO: WARNING: cache variable $ac_var contains a newline" >&5
++$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+       esac
+       case $ac_var in #(
+       _ | IFS | as_nl) ;; #(
++      BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+       *) $as_unset $ac_var ;;
+       esac ;;
+     esac
+@@ -1459,9 +1543,9 @@ _ASBOX
+     do
+       eval ac_val=\$$ac_var
+       case $ac_val in
+-      *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
++      *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+       esac
+-      echo "$ac_var='\''$ac_val'\''"
++      $as_echo "$ac_var='\''$ac_val'\''"
+     done | sort
+     echo
+ 
+@@ -1476,9 +1560,9 @@ _ASBOX
+       do
+ 	eval ac_val=\$$ac_var
+ 	case $ac_val in
+-	*\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
++	*\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+ 	esac
+-	echo "$ac_var='\''$ac_val'\''"
++	$as_echo "$ac_var='\''$ac_val'\''"
+       done | sort
+       echo
+     fi
+@@ -1494,8 +1578,8 @@ _ASBOX
+       echo
+     fi
+     test "$ac_signal" != 0 &&
+-      echo "$as_me: caught signal $ac_signal"
+-    echo "$as_me: exit $exit_status"
++      $as_echo "$as_me: caught signal $ac_signal"
++    $as_echo "$as_me: exit $exit_status"
+   } >&5
+   rm -f core *.core core.conftest.* &&
+     rm -f -r conftest* confdefs* conf$$* $ac_clean_files &&
+@@ -1537,21 +1621,24 @@ _ACEOF
+ 
+ 
+ # Let the site file select an alternate cache file if it wants to.
+-# Prefer explicitly selected file to automatically selected ones.
++# Prefer an explicitly selected file to automatically selected ones.
++ac_site_file1=NONE
++ac_site_file2=NONE
+ if test -n "$CONFIG_SITE"; then
+-  set x "$CONFIG_SITE"
++  ac_site_file1=$CONFIG_SITE
+ elif test "x$prefix" != xNONE; then
+-  set x "$prefix/share/config.site" "$prefix/etc/config.site"
++  ac_site_file1=$prefix/share/config.site
++  ac_site_file2=$prefix/etc/config.site
+ else
+-  set x "$ac_default_prefix/share/config.site" \
+-	"$ac_default_prefix/etc/config.site"
++  ac_site_file1=$ac_default_prefix/share/config.site
++  ac_site_file2=$ac_default_prefix/etc/config.site
+ fi
+-shift
+-for ac_site_file
++for ac_site_file in "$ac_site_file1" "$ac_site_file2"
+ do
++  test "x$ac_site_file" = xNONE && continue
+   if test -r "$ac_site_file"; then
+-    { echo "$as_me:$LINENO: loading site script $ac_site_file" >&5
+-echo "$as_me: loading site script $ac_site_file" >&6;}
++    { $as_echo "$as_me:$LINENO: loading site script $ac_site_file" >&5
++$as_echo "$as_me: loading site script $ac_site_file" >&6;}
+     sed 's/^/| /' "$ac_site_file" >&5
+     . "$ac_site_file"
+   fi
+@@ -1561,16 +1648,16 @@ if test -r "$cache_file"; then
+   # Some versions of bash will fail to source /dev/null (special
+   # files actually), so we avoid doing that.
+   if test -f "$cache_file"; then
+-    { echo "$as_me:$LINENO: loading cache $cache_file" >&5
+-echo "$as_me: loading cache $cache_file" >&6;}
++    { $as_echo "$as_me:$LINENO: loading cache $cache_file" >&5
++$as_echo "$as_me: loading cache $cache_file" >&6;}
+     case $cache_file in
+       [\\/]* | ?:[\\/]* ) . "$cache_file";;
+       *)                      . "./$cache_file";;
+     esac
+   fi
+ else
+-  { echo "$as_me:$LINENO: creating cache $cache_file" >&5
+-echo "$as_me: creating cache $cache_file" >&6;}
++  { $as_echo "$as_me:$LINENO: creating cache $cache_file" >&5
++$as_echo "$as_me: creating cache $cache_file" >&6;}
+   >$cache_file
+ fi
+ 
+@@ -1584,29 +1671,38 @@ for ac_var in $ac_precious_vars; do
+   eval ac_new_val=\$ac_env_${ac_var}_value
+   case $ac_old_set,$ac_new_set in
+     set,)
+-      { echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
+-echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
++      { $as_echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
++$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
+       ac_cache_corrupted=: ;;
+     ,set)
+-      { echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5
+-echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
++      { $as_echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5
++$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
+       ac_cache_corrupted=: ;;
+     ,);;
+     *)
+       if test "x$ac_old_val" != "x$ac_new_val"; then
+-	{ echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5
+-echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
+-	{ echo "$as_me:$LINENO:   former value:  $ac_old_val" >&5
+-echo "$as_me:   former value:  $ac_old_val" >&2;}
+-	{ echo "$as_me:$LINENO:   current value: $ac_new_val" >&5
+-echo "$as_me:   current value: $ac_new_val" >&2;}
+-	ac_cache_corrupted=:
++	# differences in whitespace do not lead to failure.
++	ac_old_val_w=`echo x $ac_old_val`
++	ac_new_val_w=`echo x $ac_new_val`
++	if test "$ac_old_val_w" != "$ac_new_val_w"; then
++	  { $as_echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5
++$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
++	  ac_cache_corrupted=:
++	else
++	  { $as_echo "$as_me:$LINENO: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5
++$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;}
++	  eval $ac_var=\$ac_old_val
++	fi
++	{ $as_echo "$as_me:$LINENO:   former value:  \`$ac_old_val'" >&5
++$as_echo "$as_me:   former value:  \`$ac_old_val'" >&2;}
++	{ $as_echo "$as_me:$LINENO:   current value: \`$ac_new_val'" >&5
++$as_echo "$as_me:   current value: \`$ac_new_val'" >&2;}
+       fi;;
+   esac
+   # Pass precious variables to config.status.
+   if test "$ac_new_set" = set; then
+     case $ac_new_val in
+-    *\'*) ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
++    *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
+     *) ac_arg=$ac_var=$ac_new_val ;;
+     esac
+     case " $ac_configure_args " in
+@@ -1616,10 +1712,12 @@ echo "$as_me:   current value: $ac_new_v
+   fi
+ done
+ if $ac_cache_corrupted; then
+-  { echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5
+-echo "$as_me: error: changes in the environment can compromise the build" >&2;}
+-  { { echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5
+-echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;}
++  { $as_echo "$as_me:$LINENO: error: in \`$ac_pwd':" >&5
++$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
++  { $as_echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5
++$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;}
++  { { $as_echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5
++$as_echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;}
+    { (exit 1); exit 1; }; }
+ fi
+ 
+@@ -1662,10 +1760,10 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
+ if test -n "$ac_tool_prefix"; then
+   # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
+ set dummy ${ac_tool_prefix}gcc; ac_word=$2
+-{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
++$as_echo_n "checking for $ac_word... " >&6; }
+ if test "${ac_cv_prog_CC+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   if test -n "$CC"; then
+   ac_cv_prog_CC="$CC" # Let the user override the test.
+@@ -1678,7 +1776,7 @@ do
+   for ac_exec_ext in '' $ac_executable_extensions; do
+   if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+     ac_cv_prog_CC="${ac_tool_prefix}gcc"
+-    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
++    $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+     break 2
+   fi
+ done
+@@ -1689,11 +1787,11 @@ fi
+ fi
+ CC=$ac_cv_prog_CC
+ if test -n "$CC"; then
+-  { echo "$as_me:$LINENO: result: $CC" >&5
+-echo "${ECHO_T}$CC" >&6; }
++  { $as_echo "$as_me:$LINENO: result: $CC" >&5
++$as_echo "$CC" >&6; }
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+ 
+ 
+@@ -1702,10 +1800,10 @@ if test -z "$ac_cv_prog_CC"; then
+   ac_ct_CC=$CC
+   # Extract the first word of "gcc", so it can be a program name with args.
+ set dummy gcc; ac_word=$2
+-{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
++$as_echo_n "checking for $ac_word... " >&6; }
+ if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   if test -n "$ac_ct_CC"; then
+   ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+@@ -1718,7 +1816,7 @@ do
+   for ac_exec_ext in '' $ac_executable_extensions; do
+   if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+     ac_cv_prog_ac_ct_CC="gcc"
+-    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
++    $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+     break 2
+   fi
+ done
+@@ -1729,11 +1827,11 @@ fi
+ fi
+ ac_ct_CC=$ac_cv_prog_ac_ct_CC
+ if test -n "$ac_ct_CC"; then
+-  { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
+-echo "${ECHO_T}$ac_ct_CC" >&6; }
++  { $as_echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
++$as_echo "$ac_ct_CC" >&6; }
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+ 
+   if test "x$ac_ct_CC" = x; then
+@@ -1741,12 +1839,8 @@ fi
+   else
+     case $cross_compiling:$ac_tool_warned in
+ yes:)
+-{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
+-whose name does not start with the host triplet.  If you think this
+-configuration is useful to you, please write to autoconf@gnu.org." >&5
+-echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
+-whose name does not start with the host triplet.  If you think this
+-configuration is useful to you, please write to autoconf@gnu.org." >&2;}
++{ $as_echo "$as_me:$LINENO: WARNING: using cross tools not prefixed with host triplet" >&5
++$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ ac_tool_warned=yes ;;
+ esac
+     CC=$ac_ct_CC
+@@ -1759,10 +1853,10 @@ if test -z "$CC"; then
+           if test -n "$ac_tool_prefix"; then
+     # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
+ set dummy ${ac_tool_prefix}cc; ac_word=$2
+-{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
++$as_echo_n "checking for $ac_word... " >&6; }
+ if test "${ac_cv_prog_CC+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   if test -n "$CC"; then
+   ac_cv_prog_CC="$CC" # Let the user override the test.
+@@ -1775,7 +1869,7 @@ do
+   for ac_exec_ext in '' $ac_executable_extensions; do
+   if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+     ac_cv_prog_CC="${ac_tool_prefix}cc"
+-    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
++    $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+     break 2
+   fi
+ done
+@@ -1786,11 +1880,11 @@ fi
+ fi
+ CC=$ac_cv_prog_CC
+ if test -n "$CC"; then
+-  { echo "$as_me:$LINENO: result: $CC" >&5
+-echo "${ECHO_T}$CC" >&6; }
++  { $as_echo "$as_me:$LINENO: result: $CC" >&5
++$as_echo "$CC" >&6; }
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+ 
+ 
+@@ -1799,10 +1893,10 @@ fi
+ if test -z "$CC"; then
+   # Extract the first word of "cc", so it can be a program name with args.
+ set dummy cc; ac_word=$2
+-{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
++$as_echo_n "checking for $ac_word... " >&6; }
+ if test "${ac_cv_prog_CC+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   if test -n "$CC"; then
+   ac_cv_prog_CC="$CC" # Let the user override the test.
+@@ -1820,7 +1914,7 @@ do
+        continue
+      fi
+     ac_cv_prog_CC="cc"
+-    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
++    $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+     break 2
+   fi
+ done
+@@ -1843,11 +1937,11 @@ fi
+ fi
+ CC=$ac_cv_prog_CC
+ if test -n "$CC"; then
+-  { echo "$as_me:$LINENO: result: $CC" >&5
+-echo "${ECHO_T}$CC" >&6; }
++  { $as_echo "$as_me:$LINENO: result: $CC" >&5
++$as_echo "$CC" >&6; }
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+ 
+ 
+@@ -1858,10 +1952,10 @@ if test -z "$CC"; then
+   do
+     # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+ set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+-{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
++$as_echo_n "checking for $ac_word... " >&6; }
+ if test "${ac_cv_prog_CC+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   if test -n "$CC"; then
+   ac_cv_prog_CC="$CC" # Let the user override the test.
+@@ -1874,7 +1968,7 @@ do
+   for ac_exec_ext in '' $ac_executable_extensions; do
+   if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+     ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
+-    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
++    $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+     break 2
+   fi
+ done
+@@ -1885,11 +1979,11 @@ fi
+ fi
+ CC=$ac_cv_prog_CC
+ if test -n "$CC"; then
+-  { echo "$as_me:$LINENO: result: $CC" >&5
+-echo "${ECHO_T}$CC" >&6; }
++  { $as_echo "$as_me:$LINENO: result: $CC" >&5
++$as_echo "$CC" >&6; }
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+ 
+ 
+@@ -1902,10 +1996,10 @@ if test -z "$CC"; then
+ do
+   # Extract the first word of "$ac_prog", so it can be a program name with args.
+ set dummy $ac_prog; ac_word=$2
+-{ echo "$as_me:$LINENO: checking for $ac_word" >&5
+-echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
++$as_echo_n "checking for $ac_word... " >&6; }
+ if test "${ac_cv_prog_ac_ct_CC+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   if test -n "$ac_ct_CC"; then
+   ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+@@ -1918,7 +2012,7 @@ do
+   for ac_exec_ext in '' $ac_executable_extensions; do
+   if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+     ac_cv_prog_ac_ct_CC="$ac_prog"
+-    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
++    $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+     break 2
+   fi
+ done
+@@ -1929,11 +2023,11 @@ fi
+ fi
+ ac_ct_CC=$ac_cv_prog_ac_ct_CC
+ if test -n "$ac_ct_CC"; then
+-  { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
+-echo "${ECHO_T}$ac_ct_CC" >&6; }
++  { $as_echo "$as_me:$LINENO: result: $ac_ct_CC" >&5
++$as_echo "$ac_ct_CC" >&6; }
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+ 
+ 
+@@ -1945,12 +2039,8 @@ done
+   else
+     case $cross_compiling:$ac_tool_warned in
+ yes:)
+-{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
+-whose name does not start with the host triplet.  If you think this
+-configuration is useful to you, please write to autoconf@gnu.org." >&5
+-echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
+-whose name does not start with the host triplet.  If you think this
+-configuration is useful to you, please write to autoconf@gnu.org." >&2;}
++{ $as_echo "$as_me:$LINENO: WARNING: using cross tools not prefixed with host triplet" >&5
++$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ ac_tool_warned=yes ;;
+ esac
+     CC=$ac_ct_CC
+@@ -1960,44 +2050,50 @@ fi
+ fi
+ 
+ 
+-test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH
++test -z "$CC" && { { $as_echo "$as_me:$LINENO: error: in \`$ac_pwd':" >&5
++$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
++{ { $as_echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH
+ See \`config.log' for more details." >&5
+-echo "$as_me: error: no acceptable C compiler found in \$PATH
++$as_echo "$as_me: error: no acceptable C compiler found in \$PATH
+ See \`config.log' for more details." >&2;}
+-   { (exit 1); exit 1; }; }
++   { (exit 1); exit 1; }; }; }
+ 
+ # Provide some information about the compiler.
+-echo "$as_me:$LINENO: checking for C compiler version" >&5
+-ac_compiler=`set X $ac_compile; echo $2`
++$as_echo "$as_me:$LINENO: checking for C compiler version" >&5
++set X $ac_compile
++ac_compiler=$2
+ { (ac_try="$ac_compiler --version >&5"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compiler --version >&5") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }
+ { (ac_try="$ac_compiler -v >&5"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compiler -v >&5") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }
+ { (ac_try="$ac_compiler -V >&5"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compiler -V >&5") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }
+ 
+ cat >conftest.$ac_ext <<_ACEOF
+@@ -2016,27 +2112,22 @@ main ()
+ }
+ _ACEOF
+ ac_clean_files_save=$ac_clean_files
+-ac_clean_files="$ac_clean_files a.out a.exe b.out"
++ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out"
+ # Try to create an executable without -o first, disregard a.out.
+ # It will help us diagnose broken compilers, and finding out an intuition
+ # of exeext.
+-{ echo "$as_me:$LINENO: checking for C compiler default output file name" >&5
+-echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6; }
+-ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
+-#
+-# List of possible output files, starting from the most likely.
+-# The algorithm is not robust to junk in `.', hence go to wildcards (a.*)
+-# only as a last resort.  b.out is created by i960 compilers.
+-ac_files='a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out'
+-#
+-# The IRIX 6 linker writes into existing files which may not be
+-# executable, retaining their permissions.  Remove them first so a
+-# subsequent execution test works.
++{ $as_echo "$as_me:$LINENO: checking for C compiler default output file name" >&5
++$as_echo_n "checking for C compiler default output file name... " >&6; }
++ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
++
++# The possible output files:
++ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*"
++
+ ac_rmfiles=
+ for ac_file in $ac_files
+ do
+   case $ac_file in
+-    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;;
++    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+     * ) ac_rmfiles="$ac_rmfiles $ac_file";;
+   esac
+ done
+@@ -2047,10 +2138,11 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link_default") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }; then
+   # Autoconf-2.13 could set the ac_cv_exeext variable to `no'.
+ # So ignore a value of `no', otherwise this would lead to `EXEEXT = no'
+@@ -2061,7 +2153,7 @@ for ac_file in $ac_files ''
+ do
+   test -f "$ac_file" || continue
+   case $ac_file in
+-    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj )
++    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj )
+ 	;;
+     [ab].out )
+ 	# We found the default executable, but exeext='' is most
+@@ -2088,25 +2180,27 @@ else
+   ac_file=''
+ fi
+ 
+-{ echo "$as_me:$LINENO: result: $ac_file" >&5
+-echo "${ECHO_T}$ac_file" >&6; }
++{ $as_echo "$as_me:$LINENO: result: $ac_file" >&5
++$as_echo "$ac_file" >&6; }
+ if test -z "$ac_file"; then
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+-{ { echo "$as_me:$LINENO: error: C compiler cannot create executables
++{ { $as_echo "$as_me:$LINENO: error: in \`$ac_pwd':" >&5
++$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
++{ { $as_echo "$as_me:$LINENO: error: C compiler cannot create executables
+ See \`config.log' for more details." >&5
+-echo "$as_me: error: C compiler cannot create executables
++$as_echo "$as_me: error: C compiler cannot create executables
+ See \`config.log' for more details." >&2;}
+-   { (exit 77); exit 77; }; }
++   { (exit 77); exit 77; }; }; }
+ fi
+ 
+ ac_exeext=$ac_cv_exeext
+ 
+ # Check that the compiler produces executables we can run.  If not, either
+ # the compiler is broken, or we cross compile.
+-{ echo "$as_me:$LINENO: checking whether the C compiler works" >&5
+-echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking whether the C compiler works" >&5
++$as_echo_n "checking whether the C compiler works... " >&6; }
+ # FIXME: These cross compiler hacks should be removed for Autoconf 3.0
+ # If not cross compiling, check that we can run a simple program.
+ if test "$cross_compiling" != yes; then
+@@ -2115,49 +2209,53 @@ if test "$cross_compiling" != yes; then
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_try") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }; }; then
+     cross_compiling=no
+   else
+     if test "$cross_compiling" = maybe; then
+ 	cross_compiling=yes
+     else
+-	{ { echo "$as_me:$LINENO: error: cannot run C compiled programs.
++	{ { $as_echo "$as_me:$LINENO: error: in \`$ac_pwd':" >&5
++$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
++{ { $as_echo "$as_me:$LINENO: error: cannot run C compiled programs.
+ If you meant to cross compile, use \`--host'.
+ See \`config.log' for more details." >&5
+-echo "$as_me: error: cannot run C compiled programs.
++$as_echo "$as_me: error: cannot run C compiled programs.
+ If you meant to cross compile, use \`--host'.
+ See \`config.log' for more details." >&2;}
+-   { (exit 1); exit 1; }; }
++   { (exit 1); exit 1; }; }; }
+     fi
+   fi
+ fi
+-{ echo "$as_me:$LINENO: result: yes" >&5
+-echo "${ECHO_T}yes" >&6; }
++{ $as_echo "$as_me:$LINENO: result: yes" >&5
++$as_echo "yes" >&6; }
+ 
+-rm -f a.out a.exe conftest$ac_cv_exeext b.out
++rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out
+ ac_clean_files=$ac_clean_files_save
+ # Check that the compiler produces executables we can run.  If not, either
+ # the compiler is broken, or we cross compile.
+-{ echo "$as_me:$LINENO: checking whether we are cross compiling" >&5
+-echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6; }
+-{ echo "$as_me:$LINENO: result: $cross_compiling" >&5
+-echo "${ECHO_T}$cross_compiling" >&6; }
++{ $as_echo "$as_me:$LINENO: checking whether we are cross compiling" >&5
++$as_echo_n "checking whether we are cross compiling... " >&6; }
++{ $as_echo "$as_me:$LINENO: result: $cross_compiling" >&5
++$as_echo "$cross_compiling" >&6; }
+ 
+-{ echo "$as_me:$LINENO: checking for suffix of executables" >&5
+-echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for suffix of executables" >&5
++$as_echo_n "checking for suffix of executables... " >&6; }
+ if { (ac_try="$ac_link"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }; then
+   # If both `conftest.exe' and `conftest' are `present' (well, observable)
+ # catch `conftest.exe'.  For instance with Cygwin, `ls conftest' will
+@@ -2166,31 +2264,33 @@ eval "echo \"\$as_me:$LINENO: $ac_try_ec
+ for ac_file in conftest.exe conftest conftest.*; do
+   test -f "$ac_file" || continue
+   case $ac_file in
+-    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;;
++    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+     *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+ 	  break;;
+     * ) break;;
+   esac
+ done
+ else
+-  { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link
++  { { $as_echo "$as_me:$LINENO: error: in \`$ac_pwd':" >&5
++$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
++{ { $as_echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link
+ See \`config.log' for more details." >&5
+-echo "$as_me: error: cannot compute suffix of executables: cannot compile and link
++$as_echo "$as_me: error: cannot compute suffix of executables: cannot compile and link
+ See \`config.log' for more details." >&2;}
+-   { (exit 1); exit 1; }; }
++   { (exit 1); exit 1; }; }; }
+ fi
+ 
+ rm -f conftest$ac_cv_exeext
+-{ echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5
+-echo "${ECHO_T}$ac_cv_exeext" >&6; }
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5
++$as_echo "$ac_cv_exeext" >&6; }
+ 
+ rm -f conftest.$ac_ext
+ EXEEXT=$ac_cv_exeext
+ ac_exeext=$EXEEXT
+-{ echo "$as_me:$LINENO: checking for suffix of object files" >&5
+-echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for suffix of object files" >&5
++$as_echo_n "checking for suffix of object files... " >&6; }
+ if test "${ac_cv_objext+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+@@ -2213,40 +2313,43 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>&5
+   ac_status=$?
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }; then
+   for ac_file in conftest.o conftest.obj conftest.*; do
+   test -f "$ac_file" || continue;
+   case $ac_file in
+-    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf ) ;;
++    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;;
+     *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
+        break;;
+   esac
+ done
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+-{ { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile
++{ { $as_echo "$as_me:$LINENO: error: in \`$ac_pwd':" >&5
++$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
++{ { $as_echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile
+ See \`config.log' for more details." >&5
+-echo "$as_me: error: cannot compute suffix of object files: cannot compile
++$as_echo "$as_me: error: cannot compute suffix of object files: cannot compile
+ See \`config.log' for more details." >&2;}
+-   { (exit 1); exit 1; }; }
++   { (exit 1); exit 1; }; }; }
+ fi
+ 
+ rm -f conftest.$ac_cv_objext conftest.$ac_ext
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_objext" >&5
+-echo "${ECHO_T}$ac_cv_objext" >&6; }
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_objext" >&5
++$as_echo "$ac_cv_objext" >&6; }
+ OBJEXT=$ac_cv_objext
+ ac_objext=$OBJEXT
+-{ echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5
+-echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5
++$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
+ if test "${ac_cv_c_compiler_gnu+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+@@ -2272,20 +2375,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   ac_compiler_gnu=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 	ac_compiler_gnu=no
+@@ -2295,15 +2399,19 @@ rm -f core conftest.err conftest.$ac_obj
+ ac_cv_c_compiler_gnu=$ac_compiler_gnu
+ 
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5
+-echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6; }
+-GCC=`test $ac_compiler_gnu = yes && echo yes`
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5
++$as_echo "$ac_cv_c_compiler_gnu" >&6; }
++if test $ac_compiler_gnu = yes; then
++  GCC=yes
++else
++  GCC=
++fi
+ ac_test_CFLAGS=${CFLAGS+set}
+ ac_save_CFLAGS=$CFLAGS
+-{ echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5
+-echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5
++$as_echo_n "checking whether $CC accepts -g... " >&6; }
+ if test "${ac_cv_prog_cc_g+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   ac_save_c_werror_flag=$ac_c_werror_flag
+    ac_c_werror_flag=yes
+@@ -2330,20 +2438,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   ac_cv_prog_cc_g=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 	CFLAGS=""
+@@ -2368,20 +2477,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   :
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 	ac_c_werror_flag=$ac_save_c_werror_flag
+@@ -2407,20 +2517,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   ac_cv_prog_cc_g=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 
+@@ -2435,8 +2546,8 @@ fi
+ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+    ac_c_werror_flag=$ac_save_c_werror_flag
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5
+-echo "${ECHO_T}$ac_cv_prog_cc_g" >&6; }
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5
++$as_echo "$ac_cv_prog_cc_g" >&6; }
+ if test "$ac_test_CFLAGS" = set; then
+   CFLAGS=$ac_save_CFLAGS
+ elif test $ac_cv_prog_cc_g = yes; then
+@@ -2452,10 +2563,10 @@ else
+     CFLAGS=
+   fi
+ fi
+-{ echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5
+-echo $ECHO_N "checking for $CC option to accept ISO C89... $ECHO_C" >&6; }
++{ $as_echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5
++$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
+ if test "${ac_cv_prog_cc_c89+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   ac_cv_prog_cc_c89=no
+ ac_save_CC=$CC
+@@ -2526,20 +2637,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   ac_cv_prog_cc_c89=$ac_arg
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 
+@@ -2555,15 +2667,15 @@ fi
+ # AC_CACHE_VAL
+ case "x$ac_cv_prog_cc_c89" in
+   x)
+-    { echo "$as_me:$LINENO: result: none needed" >&5
+-echo "${ECHO_T}none needed" >&6; } ;;
++    { $as_echo "$as_me:$LINENO: result: none needed" >&5
++$as_echo "none needed" >&6; } ;;
+   xno)
+-    { echo "$as_me:$LINENO: result: unsupported" >&5
+-echo "${ECHO_T}unsupported" >&6; } ;;
++    { $as_echo "$as_me:$LINENO: result: unsupported" >&5
++$as_echo "unsupported" >&6; } ;;
+   *)
+     CC="$CC $ac_cv_prog_cc_c89"
+-    { echo "$as_me:$LINENO: result: $ac_cv_prog_cc_c89" >&5
+-echo "${ECHO_T}$ac_cv_prog_cc_c89" >&6; } ;;
++    { $as_echo "$as_me:$LINENO: result: $ac_cv_prog_cc_c89" >&5
++$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
+ esac
+ 
+ 
+@@ -2581,8 +2693,8 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
+ if test "${with_rlm_ldap_lib_dir+set}" = set; then
+   withval=$with_rlm_ldap_lib_dir;  case "$withval" in
+ 	    no)
+-		{ { echo "$as_me:$LINENO: error: Need rlm-ldap-lib-dir" >&5
+-echo "$as_me: error: Need rlm-ldap-lib-dir" >&2;}
++		{ { $as_echo "$as_me:$LINENO: error: Need rlm-ldap-lib-dir" >&5
++$as_echo "$as_me: error: Need rlm-ldap-lib-dir" >&2;}
+    { (exit 1); exit 1; }; }
+ 		;;
+ 	    yes)
+@@ -2601,8 +2713,8 @@ fi
+ if test "${with_rlm_ldap_include_dir+set}" = set; then
+   withval=$with_rlm_ldap_include_dir;  case "$withval" in
+ 	    no)
+-		{ { echo "$as_me:$LINENO: error: Need rlm-ldap-include-dir" >&5
+-echo "$as_me: error: Need rlm-ldap-include-dir" >&2;}
++		{ { $as_echo "$as_me:$LINENO: error: Need rlm-ldap-include-dir" >&5
++$as_echo "$as_me: error: Need rlm-ldap-include-dir" >&2;}
+    { (exit 1); exit 1; }; }
+ 		;;
+ 	    yes)
+@@ -2641,8 +2753,8 @@ fi
+ 
+ 
+ 				if test "x$enable_shared" = "xno"; then
+-		{ echo "$as_me:$LINENO: WARNING: Static linking with libldap will probably result in unresolved symbols." >&5
+-echo "$as_me: WARNING: Static linking with libldap will probably result in unresolved symbols." >&2;}
++		{ $as_echo "$as_me:$LINENO: WARNING: Static linking with libldap will probably result in unresolved symbols." >&5
++$as_echo "$as_me: WARNING: Static linking with libldap will probably result in unresolved symbols." >&2;}
+ 	fi
+ 
+ 		rlm_ldap_with_threads=yes
+@@ -2661,10 +2773,10 @@ fi
+ 
+ 
+ 			if test "x$rlm_ldap_with_threads" = "xyes"; then
+-	    { echo "$as_me:$LINENO: checking for pthread_create in -lpthread" >&5
+-echo $ECHO_N "checking for pthread_create in -lpthread... $ECHO_C" >&6; }
++	    { $as_echo "$as_me:$LINENO: checking for pthread_create in -lpthread" >&5
++$as_echo_n "checking for pthread_create in -lpthread... " >&6; }
+ if test "${ac_cv_lib_pthread_pthread_create+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   ac_check_lib_save_LIBS=$LIBS
+ LIBS="-lpthread  $LIBS"
+@@ -2696,39 +2808,43 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
+   ac_cv_lib_pthread_pthread_create=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 	ac_cv_lib_pthread_pthread_create=no
+ fi
+ 
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ LIBS=$ac_check_lib_save_LIBS
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_lib_pthread_pthread_create" >&5
+-echo "${ECHO_T}$ac_cv_lib_pthread_pthread_create" >&6; }
+-if test $ac_cv_lib_pthread_pthread_create = yes; then
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_lib_pthread_pthread_create" >&5
++$as_echo "$ac_cv_lib_pthread_pthread_create" >&6; }
++if test "x$ac_cv_lib_pthread_pthread_create" = x""yes; then
+    LIBS="-lpthread $LIBS"
+ else
+-  { echo "$as_me:$LINENO: checking for pthread_create in -lc_r" >&5
+-echo $ECHO_N "checking for pthread_create in -lc_r... $ECHO_C" >&6; }
++  { $as_echo "$as_me:$LINENO: checking for pthread_create in -lc_r" >&5
++$as_echo_n "checking for pthread_create in -lc_r... " >&6; }
+ if test "${ac_cv_lib_c_r_pthread_create+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   ac_check_lib_save_LIBS=$LIBS
+ LIBS="-lc_r  $LIBS"
+@@ -2761,33 +2877,37 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
+   ac_cv_lib_c_r_pthread_create=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 	ac_cv_lib_c_r_pthread_create=no
+ fi
+ 
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ LIBS=$ac_check_lib_save_LIBS
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_lib_c_r_pthread_create" >&5
+-echo "${ECHO_T}$ac_cv_lib_c_r_pthread_create" >&6; }
+-if test $ac_cv_lib_c_r_pthread_create = yes; then
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_lib_c_r_pthread_create" >&5
++$as_echo "$ac_cv_lib_c_r_pthread_create" >&6; }
++if test "x$ac_cv_lib_c_r_pthread_create" = x""yes; then
+    LIBS="-lc_r $LIBS"
+ else
+    rlm_ldap_with_threads="no"
+@@ -2799,14 +2919,12 @@ fi
+ 
+ 	fi
+ 
+-				smart_try_dir=$rlm_ldap_lib_dir
+-	if test "x$rlm_ldap_with_threads" = "xyes"; then
+ 
+ 
+-sm_lib_safe=`echo "ldap_r" | sed 'y%./+-%__p_%'`
+-sm_func_safe=`echo "ldap_init" | sed 'y%./+-%__p_%'`
+-{ echo "$as_me:$LINENO: checking for ldap_init in -lldap_r" >&5
+-echo $ECHO_N "checking for ldap_init in -lldap_r... $ECHO_C" >&6; }
++sm_lib_safe=`echo "sasl" | sed 'y%./+-%__p_%'`
++sm_func_safe=`echo "sasl_encode" | sed 'y%./+-%__p_%'`
++{ $as_echo "$as_me:$LINENO: checking for sasl_encode in -lsasl" >&5
++$as_echo_n "checking for sasl_encode in -lsasl... " >&6; }
+ 
+ old_LIBS="$LIBS"
+ smart_lib=
+@@ -2814,18 +2932,18 @@ smart_lib_dir=
+ 
+ if test "x$smart_try_dir" != "x"; then
+   for try in $smart_try_dir; do
+-    LIBS="-L$try -lldap_r $old_LIBS"
++    LIBS="-L$try -lsasl $old_LIBS"
+     cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-extern char ldap_init();
++extern char sasl_encode();
+ int
+ main ()
+ {
+- ldap_init()
++ sasl_encode()
+   ;
+   return 0;
+ }
+@@ -2836,26 +2954,30 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
+-  smart_lib="-L$try -lldap_r"
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -lsasl"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 
+ fi
+ 
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+     if test "x$smart_lib" != "x"; then
+@@ -2866,18 +2988,18 @@ rm -f core conftest.err conftest.$ac_obj
+ fi
+ 
+ if test "x$smart_lib" = "x"; then
+-  LIBS="-lldap_r $old_LIBS"
++  LIBS="-lsasl $old_LIBS"
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-extern char ldap_init();
++extern char sasl_encode();
+ int
+ main ()
+ {
+- ldap_init()
++ sasl_encode()
+   ;
+   return 0;
+ }
+@@ -2888,26 +3010,30 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
+-  smart_lib="-lldap_r"
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-lsasl"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 
+ fi
+ 
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+   LIBS="$old_LIBS"
+@@ -2918,7 +3044,7 @@ if test "x$smart_lib" = "x"; then
+ 
+ if test "x$LOCATE" != "x"; then
+         DIRS=
+-  file=libldap_r${libltdl_cv_shlibext}
++  file=libsasl${libltdl_cv_shlibext}
+ 
+   for x in `${LOCATE} $file 2>/dev/null`; do
+                                         base=`echo $x | sed "s%/${file}%%"`
+@@ -2945,7 +3071,7 @@ eval "smart_lib_dir=\"\$smart_lib_dir $D
+ 
+ if test "x$LOCATE" != "x"; then
+         DIRS=
+-  file=libldap_r.a
++  file=libsasl.a
+ 
+   for x in `${LOCATE} $file 2>/dev/null`; do
+                                         base=`echo $x | sed "s%/${file}%%"`
+@@ -2970,18 +3096,18 @@ eval "smart_lib_dir=\"\$smart_lib_dir $D
+ 
+ 
+   for try in $smart_lib_dir /usr/local/lib /opt/lib; do
+-    LIBS="-L$try -lldap_r $old_LIBS"
++    LIBS="-L$try -lsasl $old_LIBS"
+     cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-extern char ldap_init();
++extern char sasl_encode();
+ int
+ main ()
+ {
+- ldap_init()
++ sasl_encode()
+   ;
+   return 0;
+ }
+@@ -2992,26 +3118,30 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
+-  smart_lib="-L$try -lldap_r"
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -lsasl"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 
+ fi
+ 
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+     if test "x$smart_lib" != "x"; then
+@@ -3022,26 +3152,22 @@ rm -f core conftest.err conftest.$ac_obj
+ fi
+ 
+ if test "x$smart_lib" != "x"; then
+-  { echo "$as_me:$LINENO: result: yes" >&5
+-echo "${ECHO_T}yes" >&6; }
++  { $as_echo "$as_me:$LINENO: result: yes" >&5
++$as_echo "yes" >&6; }
+   eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
+   LIBS="$smart_lib $old_LIBS"
+   SMART_LIBS="$smart_lib $SMART_LIBS"
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+ 
+-	    if test "x$ac_cv_lib_ldap_r_ldap_init" != "xyes"; then
+-		fail="$fail libldap_r"
+-	    fi
+-	else
+ 
+ 
+-sm_lib_safe=`echo "ldap" | sed 'y%./+-%__p_%'`
+-sm_func_safe=`echo "ldap_init" | sed 'y%./+-%__p_%'`
+-{ echo "$as_me:$LINENO: checking for ldap_init in -lldap" >&5
+-echo $ECHO_N "checking for ldap_init in -lldap... $ECHO_C" >&6; }
++sm_lib_safe=`echo "lber" | sed 'y%./+-%__p_%'`
++sm_func_safe=`echo "ber_init" | sed 'y%./+-%__p_%'`
++{ $as_echo "$as_me:$LINENO: checking for ber_init in -llber" >&5
++$as_echo_n "checking for ber_init in -llber... " >&6; }
+ 
+ old_LIBS="$LIBS"
+ smart_lib=
+@@ -3049,18 +3175,18 @@ smart_lib_dir=
+ 
+ if test "x$smart_try_dir" != "x"; then
+   for try in $smart_try_dir; do
+-    LIBS="-L$try -lldap $old_LIBS"
++    LIBS="-L$try -llber $old_LIBS"
+     cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-extern char ldap_init();
++extern char ber_init();
+ int
+ main ()
+ {
+- ldap_init()
++ ber_init()
+   ;
+   return 0;
+ }
+@@ -3071,26 +3197,30 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
+-  smart_lib="-L$try -lldap"
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -llber"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 
+ fi
+ 
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+     if test "x$smart_lib" != "x"; then
+@@ -3101,18 +3231,18 @@ rm -f core conftest.err conftest.$ac_obj
+ fi
+ 
+ if test "x$smart_lib" = "x"; then
+-  LIBS="-lldap $old_LIBS"
++  LIBS="-llber $old_LIBS"
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-extern char ldap_init();
++extern char ber_init();
+ int
+ main ()
+ {
+- ldap_init()
++ ber_init()
+   ;
+   return 0;
+ }
+@@ -3123,26 +3253,30 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
+-  smart_lib="-lldap"
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-llber"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 
+ fi
+ 
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+   LIBS="$old_LIBS"
+@@ -3153,7 +3287,7 @@ if test "x$smart_lib" = "x"; then
+ 
+ if test "x$LOCATE" != "x"; then
+         DIRS=
+-  file=libldap${libltdl_cv_shlibext}
++  file=liblber${libltdl_cv_shlibext}
+ 
+   for x in `${LOCATE} $file 2>/dev/null`; do
+                                         base=`echo $x | sed "s%/${file}%%"`
+@@ -3180,7 +3314,7 @@ eval "smart_lib_dir=\"\$smart_lib_dir $D
+ 
+ if test "x$LOCATE" != "x"; then
+         DIRS=
+-  file=libldap.a
++  file=liblber.a
+ 
+   for x in `${LOCATE} $file 2>/dev/null`; do
+                                         base=`echo $x | sed "s%/${file}%%"`
+@@ -3205,18 +3339,18 @@ eval "smart_lib_dir=\"\$smart_lib_dir $D
+ 
+ 
+   for try in $smart_lib_dir /usr/local/lib /opt/lib; do
+-    LIBS="-L$try -lldap $old_LIBS"
++    LIBS="-L$try -llber $old_LIBS"
+     cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-extern char ldap_init();
++extern char ber_init();
+ int
+ main ()
+ {
+- ldap_init()
++ ber_init()
+   ;
+   return 0;
+ }
+@@ -3227,26 +3361,30 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
+-  smart_lib="-L$try -lldap"
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -llber"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 
+ fi
+ 
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+     if test "x$smart_lib" != "x"; then
+@@ -3257,136 +3395,145 @@ rm -f core conftest.err conftest.$ac_obj
+ fi
+ 
+ if test "x$smart_lib" != "x"; then
+-  { echo "$as_me:$LINENO: result: yes" >&5
+-echo "${ECHO_T}yes" >&6; }
++  { $as_echo "$as_me:$LINENO: result: yes" >&5
++$as_echo "yes" >&6; }
+   eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
+   LIBS="$smart_lib $old_LIBS"
+   SMART_LIBS="$smart_lib $SMART_LIBS"
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+ 
+-	    if test "x$ac_cv_lib_ldap_ldap_init" != "xyes"; then
+-		fail="$fail libldap"
+-	    fi
+-	fi
+-
+ 
+-	smart_try_dir=$rlm_ldap_include_dir
++				smart_try_dir=$rlm_ldap_lib_dir
++	if test "x$rlm_ldap_with_threads" = "xyes"; then
+ 
+ 
+-ac_safe=`echo "ldap.h" | sed 'y%./+-%__pm%'`
+-{ echo "$as_me:$LINENO: checking for ldap.h" >&5
+-echo $ECHO_N "checking for ldap.h... $ECHO_C" >&6; }
++sm_lib_safe=`echo "ldap_r" | sed 'y%./+-%__p_%'`
++sm_func_safe=`echo "ldap_init" | sed 'y%./+-%__p_%'`
++{ $as_echo "$as_me:$LINENO: checking for ldap_init in -lldap_r" >&5
++$as_echo_n "checking for ldap_init in -lldap_r... " >&6; }
+ 
+-old_CFLAGS="$CFLAGS"
+-smart_include=
+-smart_include_dir=
++old_LIBS="$LIBS"
++smart_lib=
++smart_lib_dir=
+ 
+ if test "x$smart_try_dir" != "x"; then
+   for try in $smart_try_dir; do
+-    CFLAGS="$old_CFLAGS -I$try"
++    LIBS="-L$try -lldap_r $old_LIBS"
+     cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-
+-		    #include 
++extern char ldap_init();
+ int
+ main ()
+ {
+- int a = 1;
++ ldap_init()
+   ;
+   return 0;
+ }
+ _ACEOF
+-rm -f conftest.$ac_objext
+-if { (ac_try="$ac_compile"
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+-  (eval "$ac_compile") 2>conftest.er1
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest.$ac_objext; then
+-  smart_include="-I$try"
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -lldap_r"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+-	smart_include=
++
+ fi
+ 
+-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+-    if test "x$smart_include" != "x"; then
++rm -rf conftest.dSYM
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++    if test "x$smart_lib" != "x"; then
+       break;
+     fi
+   done
+-  CFLAGS="$old_CFLAGS"
++  LIBS="$old_LIBS"
+ fi
+ 
+-if test "x$smart_include" = "x"; then
++if test "x$smart_lib" = "x"; then
++  LIBS="-lldap_r $old_LIBS"
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+-
+-		  #include 
++extern char ldap_init();
+ int
+ main ()
+ {
+- int a = 1;
++ ldap_init()
+   ;
+   return 0;
+ }
+ _ACEOF
+-rm -f conftest.$ac_objext
+-if { (ac_try="$ac_compile"
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+-  (eval "$ac_compile") 2>conftest.er1
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest.$ac_objext; then
+-  smart_include=" "
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-lldap_r"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+-	smart_include=
++
+ fi
+ 
+-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++rm -rf conftest.dSYM
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++  LIBS="$old_LIBS"
+ fi
+ 
+-if test "x$smart_include" = "x"; then
++if test "x$smart_lib" = "x"; then
+ 
+ 
+ if test "x$LOCATE" != "x"; then
+         DIRS=
+-  file=ldap.h
++  file=libldap_r${libltdl_cv_shlibext}
+ 
+   for x in `${LOCATE} $file 2>/dev/null`; do
+                                         base=`echo $x | sed "s%/${file}%%"`
+@@ -3400,19 +3547,505 @@ if test "x$LOCATE" != "x"; then
+       continue
+     fi
+ 
+-                    already=`echo \$smart_include_dir ${DIRS} | ${GREP} ${dir}`
++                    already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}`
+     if test "x$already" = "x"; then
+       DIRS="$DIRS $dir"
+     fi
+   done
+ fi
+ 
+-eval "smart_include_dir=\"\$smart_include_dir $DIRS\""
++eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\""
+ 
+ 
+-  for try in $smart_include_dir /usr/local/include /opt/include; do
+-    CFLAGS="$old_CFLAGS -I$try"
+-    cat >conftest.$ac_ext <<_ACEOF
++
++if test "x$LOCATE" != "x"; then
++        DIRS=
++  file=libldap_r.a
++
++  for x in `${LOCATE} $file 2>/dev/null`; do
++                                        base=`echo $x | sed "s%/${file}%%"`
++    if test "x$x" = "x$base"; then
++      continue;
++    fi
++
++    dir=`${DIRNAME} $x 2>/dev/null`
++                exclude=`echo ${dir} | ${GREP} /home`
++    if test "x$exclude" != "x"; then
++      continue
++    fi
++
++                    already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}`
++    if test "x$already" = "x"; then
++      DIRS="$DIRS $dir"
++    fi
++  done
++fi
++
++eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\""
++
++
++  for try in $smart_lib_dir /usr/local/lib /opt/lib; do
++    LIBS="-L$try -lldap_r $old_LIBS"
++    cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++extern char ldap_init();
++int
++main ()
++{
++ ldap_init()
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_link") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++	 test -z "$ac_c_werror_flag" ||
++	 test ! -s conftest.err
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -lldap_r"
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++
++fi
++
++rm -rf conftest.dSYM
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++    if test "x$smart_lib" != "x"; then
++      break;
++    fi
++  done
++  LIBS="$old_LIBS"
++fi
++
++if test "x$smart_lib" != "x"; then
++  { $as_echo "$as_me:$LINENO: result: yes" >&5
++$as_echo "yes" >&6; }
++  eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
++  LIBS="$smart_lib $old_LIBS"
++  SMART_LIBS="$smart_lib $SMART_LIBS"
++else
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
++fi
++
++	    if test "x$ac_cv_lib_ldap_r_ldap_init" != "xyes"; then
++		fail="$fail libldap_r"
++	    fi
++	else
++
++
++sm_lib_safe=`echo "ldap" | sed 'y%./+-%__p_%'`
++sm_func_safe=`echo "ldap_init" | sed 'y%./+-%__p_%'`
++{ $as_echo "$as_me:$LINENO: checking for ldap_init in -lldap" >&5
++$as_echo_n "checking for ldap_init in -lldap... " >&6; }
++
++old_LIBS="$LIBS"
++smart_lib=
++smart_lib_dir=
++
++if test "x$smart_try_dir" != "x"; then
++  for try in $smart_try_dir; do
++    LIBS="-L$try -lldap $old_LIBS"
++    cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++extern char ldap_init();
++int
++main ()
++{
++ ldap_init()
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_link") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++	 test -z "$ac_c_werror_flag" ||
++	 test ! -s conftest.err
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -lldap"
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++
++fi
++
++rm -rf conftest.dSYM
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++    if test "x$smart_lib" != "x"; then
++      break;
++    fi
++  done
++  LIBS="$old_LIBS"
++fi
++
++if test "x$smart_lib" = "x"; then
++  LIBS="-lldap $old_LIBS"
++  cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++extern char ldap_init();
++int
++main ()
++{
++ ldap_init()
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_link") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++	 test -z "$ac_c_werror_flag" ||
++	 test ! -s conftest.err
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-lldap"
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++
++fi
++
++rm -rf conftest.dSYM
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++  LIBS="$old_LIBS"
++fi
++
++if test "x$smart_lib" = "x"; then
++
++
++if test "x$LOCATE" != "x"; then
++        DIRS=
++  file=libldap${libltdl_cv_shlibext}
++
++  for x in `${LOCATE} $file 2>/dev/null`; do
++                                        base=`echo $x | sed "s%/${file}%%"`
++    if test "x$x" = "x$base"; then
++      continue;
++    fi
++
++    dir=`${DIRNAME} $x 2>/dev/null`
++                exclude=`echo ${dir} | ${GREP} /home`
++    if test "x$exclude" != "x"; then
++      continue
++    fi
++
++                    already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}`
++    if test "x$already" = "x"; then
++      DIRS="$DIRS $dir"
++    fi
++  done
++fi
++
++eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\""
++
++
++
++if test "x$LOCATE" != "x"; then
++        DIRS=
++  file=libldap.a
++
++  for x in `${LOCATE} $file 2>/dev/null`; do
++                                        base=`echo $x | sed "s%/${file}%%"`
++    if test "x$x" = "x$base"; then
++      continue;
++    fi
++
++    dir=`${DIRNAME} $x 2>/dev/null`
++                exclude=`echo ${dir} | ${GREP} /home`
++    if test "x$exclude" != "x"; then
++      continue
++    fi
++
++                    already=`echo \$smart_lib_dir ${DIRS} | ${GREP} ${dir}`
++    if test "x$already" = "x"; then
++      DIRS="$DIRS $dir"
++    fi
++  done
++fi
++
++eval "smart_lib_dir=\"\$smart_lib_dir $DIRS\""
++
++
++  for try in $smart_lib_dir /usr/local/lib /opt/lib; do
++    LIBS="-L$try -lldap $old_LIBS"
++    cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++extern char ldap_init();
++int
++main ()
++{
++ ldap_init()
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext conftest$ac_exeext
++if { (ac_try="$ac_link"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_link") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++	 test -z "$ac_c_werror_flag" ||
++	 test ! -s conftest.err
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
++  smart_lib="-L$try -lldap"
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++
++fi
++
++rm -rf conftest.dSYM
++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
++      conftest$ac_exeext conftest.$ac_ext
++    if test "x$smart_lib" != "x"; then
++      break;
++    fi
++  done
++  LIBS="$old_LIBS"
++fi
++
++if test "x$smart_lib" != "x"; then
++  { $as_echo "$as_me:$LINENO: result: yes" >&5
++$as_echo "yes" >&6; }
++  eval "ac_cv_lib_${sm_lib_safe}_${sm_func_safe}=yes"
++  LIBS="$smart_lib $old_LIBS"
++  SMART_LIBS="$smart_lib $SMART_LIBS"
++else
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
++fi
++
++	    if test "x$ac_cv_lib_ldap_ldap_init" != "xyes"; then
++		fail="$fail libldap"
++	    fi
++	fi
++
++
++	smart_try_dir=$rlm_ldap_include_dir
++
++
++ac_safe=`echo "ldap.h" | sed 'y%./+-%__pm%'`
++{ $as_echo "$as_me:$LINENO: checking for ldap.h" >&5
++$as_echo_n "checking for ldap.h... " >&6; }
++
++old_CFLAGS="$CFLAGS"
++smart_include=
++smart_include_dir=
++
++if test "x$smart_try_dir" != "x"; then
++  for try in $smart_try_dir; do
++    CFLAGS="$old_CFLAGS -I$try"
++    cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++
++		    #include 
++int
++main ()
++{
++ int a = 1;
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext
++if { (ac_try="$ac_compile"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_compile") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++	 test -z "$ac_c_werror_flag" ||
++	 test ! -s conftest.err
++       } && test -s conftest.$ac_objext; then
++  smart_include="-I$try"
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++	smart_include=
++fi
++
++rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++    if test "x$smart_include" != "x"; then
++      break;
++    fi
++  done
++  CFLAGS="$old_CFLAGS"
++fi
++
++if test "x$smart_include" = "x"; then
++  cat >conftest.$ac_ext <<_ACEOF
++/* confdefs.h.  */
++_ACEOF
++cat confdefs.h >>conftest.$ac_ext
++cat >>conftest.$ac_ext <<_ACEOF
++/* end confdefs.h.  */
++
++		  #include 
++int
++main ()
++{
++ int a = 1;
++  ;
++  return 0;
++}
++_ACEOF
++rm -f conftest.$ac_objext
++if { (ac_try="$ac_compile"
++case "(($ac_try" in
++  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
++  *) ac_try_echo=$ac_try;;
++esac
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
++  (eval "$ac_compile") 2>conftest.er1
++  ac_status=$?
++  grep -v '^ *+' conftest.er1 >conftest.err
++  rm -f conftest.er1
++  cat conftest.err >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  (exit $ac_status); } && {
++	 test -z "$ac_c_werror_flag" ||
++	 test ! -s conftest.err
++       } && test -s conftest.$ac_objext; then
++  smart_include=" "
++else
++  $as_echo "$as_me: failed program was:" >&5
++sed 's/^/| /' conftest.$ac_ext >&5
++
++	smart_include=
++fi
++
++rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++fi
++
++if test "x$smart_include" = "x"; then
++
++
++if test "x$LOCATE" != "x"; then
++        DIRS=
++  file=ldap.h
++
++  for x in `${LOCATE} $file 2>/dev/null`; do
++                                        base=`echo $x | sed "s%/${file}%%"`
++    if test "x$x" = "x$base"; then
++      continue;
++    fi
++
++    dir=`${DIRNAME} $x 2>/dev/null`
++                exclude=`echo ${dir} | ${GREP} /home`
++    if test "x$exclude" != "x"; then
++      continue
++    fi
++
++                    already=`echo \$smart_include_dir ${DIRS} | ${GREP} ${dir}`
++    if test "x$already" = "x"; then
++      DIRS="$DIRS $dir"
++    fi
++  done
++fi
++
++eval "smart_include_dir=\"\$smart_include_dir $DIRS\""
++
++
++  for try in $smart_include_dir /usr/local/include /opt/include; do
++    CFLAGS="$old_CFLAGS -I$try"
++    cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+@@ -3434,20 +4067,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   smart_include="-I$try"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 	smart_include=
+@@ -3462,14 +4096,14 @@ rm -f core conftest.err conftest.$ac_obj
+ fi
+ 
+ if test "x$smart_include" != "x"; then
+-  { echo "$as_me:$LINENO: result: yes" >&5
+-echo "${ECHO_T}yes" >&6; }
++  { $as_echo "$as_me:$LINENO: result: yes" >&5
++$as_echo "yes" >&6; }
+   eval "ac_cv_header_$ac_safe=yes"
+   CFLAGS="$old_CFLAGS $smart_include"
+   SMART_CFLAGS="$SMART_CFLAGS $smart_include"
+ else
+-  { echo "$as_me:$LINENO: result: no" >&5
+-echo "${ECHO_T}no" >&6; }
++  { $as_echo "$as_me:$LINENO: result: no" >&5
++$as_echo "no" >&6; }
+ fi
+ 
+ 	if test "$ac_cv_header_ldap_h" != "yes"; then
+@@ -3478,10 +4112,10 @@ fi
+ 
+ 
+ 	if test "x$fail" = "x"; then
+-	    { echo "$as_me:$LINENO: checking for ldap_start_tls_s" >&5
+-echo $ECHO_N "checking for ldap_start_tls_s... $ECHO_C" >&6; }
++	    { $as_echo "$as_me:$LINENO: checking for ldap_start_tls_s" >&5
++$as_echo_n "checking for ldap_start_tls_s... " >&6; }
+ if test "${ac_cv_func_ldap_start_tls_s+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+@@ -3534,39 +4168,43 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
+   ac_cv_func_ldap_start_tls_s=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 	ac_cv_func_ldap_start_tls_s=no
+ fi
+ 
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_func_ldap_start_tls_s" >&5
+-echo "${ECHO_T}$ac_cv_func_ldap_start_tls_s" >&6; }
+-if test $ac_cv_func_ldap_start_tls_s = yes; then
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_func_ldap_start_tls_s" >&5
++$as_echo "$ac_cv_func_ldap_start_tls_s" >&6; }
++if test "x$ac_cv_func_ldap_start_tls_s" = x""yes; then
+    SMART_CFLAGS="$SMART_CFLAGS -DHAVE_LDAP_START_TLS"
+ fi
+ 
+-	    { echo "$as_me:$LINENO: checking for ldap_initialize" >&5
+-echo $ECHO_N "checking for ldap_initialize... $ECHO_C" >&6; }
++	    { $as_echo "$as_me:$LINENO: checking for ldap_initialize" >&5
++$as_echo_n "checking for ldap_initialize... " >&6; }
+ if test "${ac_cv_func_ldap_initialize+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+@@ -3619,39 +4257,43 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
+   ac_cv_func_ldap_initialize=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 	ac_cv_func_ldap_initialize=no
+ fi
+ 
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_func_ldap_initialize" >&5
+-echo "${ECHO_T}$ac_cv_func_ldap_initialize" >&6; }
+-if test $ac_cv_func_ldap_initialize = yes; then
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_func_ldap_initialize" >&5
++$as_echo "$ac_cv_func_ldap_initialize" >&6; }
++if test "x$ac_cv_func_ldap_initialize" = x""yes; then
+    SMART_CFLAGS="$SMART_CFLAGS -DHAVE_LDAP_INITIALIZE"
+ fi
+ 
+-	    { echo "$as_me:$LINENO: checking for ldap_int_tls_config" >&5
+-echo $ECHO_N "checking for ldap_int_tls_config... $ECHO_C" >&6; }
++	    { $as_echo "$as_me:$LINENO: checking for ldap_int_tls_config" >&5
++$as_echo_n "checking for ldap_int_tls_config... " >&6; }
+ if test "${ac_cv_func_ldap_int_tls_config+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+@@ -3704,32 +4346,36 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
+   ac_cv_func_ldap_int_tls_config=yes
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 	ac_cv_func_ldap_int_tls_config=no
+ fi
+ 
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_func_ldap_int_tls_config" >&5
+-echo "${ECHO_T}$ac_cv_func_ldap_int_tls_config" >&6; }
+-if test $ac_cv_func_ldap_int_tls_config = yes; then
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_func_ldap_int_tls_config" >&5
++$as_echo "$ac_cv_func_ldap_int_tls_config" >&6; }
++if test "x$ac_cv_func_ldap_int_tls_config" = x""yes; then
+    SMART_CFLAGS="$SMART_CFLAGS -DHAVE_LDAP_INT_TLS_CONFIG"
+ fi
+ 
+@@ -3738,11 +4384,11 @@ fi
+ 
+ for ac_func in ldap_set_rebind_proc
+ do
+-as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+-{ echo "$as_me:$LINENO: checking for $ac_func" >&5
+-echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
++as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
++{ $as_echo "$as_me:$LINENO: checking for $ac_func" >&5
++$as_echo_n "checking for $ac_func... " >&6; }
+ if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+   cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+@@ -3795,44 +4441,51 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+-       } && test -s conftest$ac_exeext &&
+-       $as_test_x conftest$ac_exeext; then
++       } && test -s conftest$ac_exeext && {
++	 test "$cross_compiling" = yes ||
++	 $as_test_x conftest$ac_exeext
++       }; then
+   eval "$as_ac_var=yes"
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 	eval "$as_ac_var=no"
+ fi
+ 
++rm -rf conftest.dSYM
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ fi
+-ac_res=`eval echo '${'$as_ac_var'}'`
+-	       { echo "$as_me:$LINENO: result: $ac_res" >&5
+-echo "${ECHO_T}$ac_res" >&6; }
+-if test `eval echo '${'$as_ac_var'}'` = yes; then
++ac_res=`eval 'as_val=${'$as_ac_var'}
++		 $as_echo "$as_val"'`
++	       { $as_echo "$as_me:$LINENO: result: $ac_res" >&5
++$as_echo "$ac_res" >&6; }
++as_val=`eval 'as_val=${'$as_ac_var'}
++		 $as_echo "$as_val"'`
++   if test "x$as_val" = x""yes; then
+   cat >>confdefs.h <<_ACEOF
+-#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
++#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+ _ACEOF
+ 
+ fi
+ done
+ 
+-        { echo "$as_me:$LINENO: checking whether ldap_set_rebind_proc takes 3 arguments" >&5
+-echo $ECHO_N "checking whether ldap_set_rebind_proc takes 3 arguments... $ECHO_C" >&6; }
++        { $as_echo "$as_me:$LINENO: checking whether ldap_set_rebind_proc takes 3 arguments" >&5
++$as_echo_n "checking whether ldap_set_rebind_proc takes 3 arguments... " >&6; }
+ if test "${ac_cv_ldap_set_rebind_proc+set}" = set; then
+-  echo $ECHO_N "(cached) $ECHO_C" >&6
++  $as_echo_n "(cached) " >&6
+ else
+ 
+         cat >conftest.$ac_ext <<_ACEOF
+@@ -3858,20 +4511,21 @@ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
++eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
++$as_echo "$ac_try_echo") >&5
+   (eval "$ac_compile") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
++  $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+        } && test -s conftest.$ac_objext; then
+   ac_cv_ldap_set_rebind_proc=3
+ else
+-  echo "$as_me: failed program was:" >&5
++  $as_echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 	ac_cv_ldap_set_rebind_proc=2
+@@ -3879,8 +4533,8 @@ fi
+ 
+ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ fi
+-{ echo "$as_me:$LINENO: result: $ac_cv_ldap_set_rebind_proc" >&5
+-echo "${ECHO_T}$ac_cv_ldap_set_rebind_proc" >&6; }
++{ $as_echo "$as_me:$LINENO: result: $ac_cv_ldap_set_rebind_proc" >&5
++$as_echo "$ac_cv_ldap_set_rebind_proc" >&6; }
+ 	fi
+ 
+ 	targetname=rlm_ldap
+@@ -3891,21 +4545,21 @@ fi
+ 
+ if test x"$fail" != x""; then
+ 	if test x"${enable_strict_dependencies}" = x"yes"; then
+-		{ { echo "$as_me:$LINENO: error: set --without-rlm_ldap to disable it explicitly." >&5
+-echo "$as_me: error: set --without-rlm_ldap to disable it explicitly." >&2;}
++		{ { $as_echo "$as_me:$LINENO: error: set --without-rlm_ldap to disable it explicitly." >&5
++$as_echo "$as_me: error: set --without-rlm_ldap to disable it explicitly." >&2;}
+    { (exit 1); exit 1; }; }
+ 	else
+-		{ echo "$as_me:$LINENO: WARNING: silently not building rlm_ldap." >&5
+-echo "$as_me: WARNING: silently not building rlm_ldap." >&2;}
+-		{ echo "$as_me:$LINENO: WARNING: FAILURE: rlm_ldap requires: $fail." >&5
+-echo "$as_me: WARNING: FAILURE: rlm_ldap requires: $fail." >&2;}
++		{ $as_echo "$as_me:$LINENO: WARNING: silently not building rlm_ldap." >&5
++$as_echo "$as_me: WARNING: silently not building rlm_ldap." >&2;}
++		{ $as_echo "$as_me:$LINENO: WARNING: FAILURE: rlm_ldap requires: $fail." >&5
++$as_echo "$as_me: WARNING: FAILURE: rlm_ldap requires: $fail." >&2;}
+ 		if test x"$headersuggestion" != x; then
+-			{ echo "$as_me:$LINENO: WARNING: $headersuggestion" >&5
+-echo "$as_me: WARNING: $headersuggestion" >&2;}
++			{ $as_echo "$as_me:$LINENO: WARNING: $headersuggestion" >&5
++$as_echo "$as_me: WARNING: $headersuggestion" >&2;}
+ 		fi
+ 		if test x"$libsuggestion" != x; then
+-			{ echo "$as_me:$LINENO: WARNING: $libsuggestion" >&5
+-echo "$as_me: WARNING: $libsuggestion" >&2;}
++			{ $as_echo "$as_me:$LINENO: WARNING: $libsuggestion" >&5
++$as_echo "$as_me: WARNING: $libsuggestion" >&2;}
+ 		fi
+ 		targetname=""
+ 	fi
+@@ -3966,11 +4620,12 @@ _ACEOF
+     case $ac_val in #(
+     *${as_nl}*)
+       case $ac_var in #(
+-      *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5
+-echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;;
++      *_cv_*) { $as_echo "$as_me:$LINENO: WARNING: cache variable $ac_var contains a newline" >&5
++$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+       esac
+       case $ac_var in #(
+       _ | IFS | as_nl) ;; #(
++      BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+       *) $as_unset $ac_var ;;
+       esac ;;
+     esac
+@@ -4003,12 +4658,12 @@ echo "$as_me: WARNING: Cache variable $a
+ if diff "$cache_file" confcache >/dev/null 2>&1; then :; else
+   if test -w "$cache_file"; then
+     test "x$cache_file" != "x/dev/null" &&
+-      { echo "$as_me:$LINENO: updating cache $cache_file" >&5
+-echo "$as_me: updating cache $cache_file" >&6;}
++      { $as_echo "$as_me:$LINENO: updating cache $cache_file" >&5
++$as_echo "$as_me: updating cache $cache_file" >&6;}
+     cat confcache >$cache_file
+   else
+-    { echo "$as_me:$LINENO: not updating unwritable cache $cache_file" >&5
+-echo "$as_me: not updating unwritable cache $cache_file" >&6;}
++    { $as_echo "$as_me:$LINENO: not updating unwritable cache $cache_file" >&5
++$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;}
+   fi
+ fi
+ rm -f confcache
+@@ -4025,6 +4680,12 @@ test "x$exec_prefix" = xNONE && exec_pre
+ # take arguments), then branch to the quote section.  Otherwise,
+ # look for a macro that doesn't take arguments.
+ ac_script='
++:mline
++/\\$/{
++ N
++ s,\\\n,,
++ b mline
++}
+ t clear
+ :clear
+ s/^[	 ]*#[	 ]*define[	 ][	 ]*\([^	 (][^	 (]*([^)]*)\)[	 ]*\(.*\)/-D\1=\2/g
+@@ -4054,7 +4715,7 @@ ac_ltlibobjs=
+ for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
+   # 1. Remove the extension, and $U if already installed.
+   ac_script='s/\$U\././;s/\.o$//;s/\.obj$//'
+-  ac_i=`echo "$ac_i" | sed "$ac_script"`
++  ac_i=`$as_echo "$ac_i" | sed "$ac_script"`
+   # 2. Prepend LIBOBJDIR.  When used with automake>=1.10 LIBOBJDIR
+   #    will be set to the directory where LIBOBJS objects are built.
+   ac_libobjs="$ac_libobjs \${LIBOBJDIR}$ac_i\$U.$ac_objext"
+@@ -4067,11 +4728,12 @@ LTLIBOBJS=$ac_ltlibobjs
+ 
+ 
+ : ${CONFIG_STATUS=./config.status}
++ac_write_fail=0
+ ac_clean_files_save=$ac_clean_files
+ ac_clean_files="$ac_clean_files $CONFIG_STATUS"
+-{ echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5
+-echo "$as_me: creating $CONFIG_STATUS" >&6;}
+-cat >$CONFIG_STATUS <<_ACEOF
++{ $as_echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5
++$as_echo "$as_me: creating $CONFIG_STATUS" >&6;}
++cat >$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ #! $SHELL
+ # Generated by $as_me.
+ # Run this file to recreate the current configuration.
+@@ -4084,7 +4746,7 @@ ac_cs_silent=false
+ SHELL=\${CONFIG_SHELL-$SHELL}
+ _ACEOF
+ 
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ ## --------------------- ##
+ ## M4sh Initialization.  ##
+ ## --------------------- ##
+@@ -4094,7 +4756,7 @@ DUALCASE=1; export DUALCASE # for MKS sh
+ if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+   emulate sh
+   NULLCMD=:
+-  # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
++  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+   # is contrary to our usage.  Disable this feature.
+   alias -g '${1+"$@"}'='"$@"'
+   setopt NO_GLOB_SUBST
+@@ -4116,17 +4778,45 @@ as_cr_Letters=$as_cr_letters$as_cr_LETTE
+ as_cr_digits='0123456789'
+ as_cr_alnum=$as_cr_Letters$as_cr_digits
+ 
+-# The user is always right.
+-if test "${PATH_SEPARATOR+set}" != set; then
+-  echo "#! /bin/sh" >conf$$.sh
+-  echo  "exit 0"   >>conf$$.sh
+-  chmod +x conf$$.sh
+-  if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then
+-    PATH_SEPARATOR=';'
++as_nl='
++'
++export as_nl
++# Printing a long string crashes Solaris 7 /usr/bin/printf.
++as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
++as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
++as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
++if (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
++  as_echo='printf %s\n'
++  as_echo_n='printf %s'
++else
++  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
++    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
++    as_echo_n='/usr/ucb/echo -n'
+   else
+-    PATH_SEPARATOR=:
++    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
++    as_echo_n_body='eval
++      arg=$1;
++      case $arg in
++      *"$as_nl"*)
++	expr "X$arg" : "X\\(.*\\)$as_nl";
++	arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
++      esac;
++      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
++    '
++    export as_echo_n_body
++    as_echo_n='sh -c $as_echo_n_body as_echo'
+   fi
+-  rm -f conf$$.sh
++  export as_echo_body
++  as_echo='sh -c $as_echo_body as_echo'
++fi
++
++# The user is always right.
++if test "${PATH_SEPARATOR+set}" != set; then
++  PATH_SEPARATOR=:
++  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
++    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
++      PATH_SEPARATOR=';'
++  }
+ fi
+ 
+ # Support unset when possible.
+@@ -4142,8 +4832,6 @@ fi
+ # there to prevent editors from complaining about space-tab.
+ # (If _AS_PATH_WALK were called with IFS unset, it would disable word
+ # splitting by setting IFS to empty value.)
+-as_nl='
+-'
+ IFS=" ""	$as_nl"
+ 
+ # Find who we are.  Look in the path if we contain no directory separator.
+@@ -4166,7 +4854,7 @@ if test "x$as_myself" = x; then
+   as_myself=$0
+ fi
+ if test ! -f "$as_myself"; then
+-  echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
++  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+   { (exit 1); exit 1; }
+ fi
+ 
+@@ -4179,17 +4867,10 @@ PS2='> '
+ PS4='+ '
+ 
+ # NLS nuisances.
+-for as_var in \
+-  LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \
+-  LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \
+-  LC_TELEPHONE LC_TIME
+-do
+-  if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then
+-    eval $as_var=C; export $as_var
+-  else
+-    ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var
+-  fi
+-done
++LC_ALL=C
++export LC_ALL
++LANGUAGE=C
++export LANGUAGE
+ 
+ # Required to use basename.
+ if expr a : '\(a\)' >/dev/null 2>&1 &&
+@@ -4211,7 +4892,7 @@ as_me=`$as_basename -- "$0" ||
+ $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+ 	 X"$0" : 'X\(//\)$' \| \
+ 	 X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+-echo X/"$0" |
++$as_echo X/"$0" |
+     sed '/^.*\/\([^/][^/]*\)\/*$/{
+ 	    s//\1/
+ 	    q
+@@ -4262,7 +4943,7 @@ $as_unset CDPATH
+       s/-\n.*//
+     ' >$as_me.lineno &&
+   chmod +x "$as_me.lineno" ||
+-    { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2
++    { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2
+    { (exit 1); exit 1; }; }
+ 
+   # Don't try to exec as it changes $[0], causing all sort of problems
+@@ -4290,7 +4971,6 @@ case `echo -n x` in
+ *)
+   ECHO_N='-n';;
+ esac
+-
+ if expr a : '\(a\)' >/dev/null 2>&1 &&
+    test "X`expr 00001 : '.*\(...\)'`" = X001; then
+   as_expr=expr
+@@ -4303,19 +4983,22 @@ if test -d conf$$.dir; then
+   rm -f conf$$.dir/conf$$.file
+ else
+   rm -f conf$$.dir
+-  mkdir conf$$.dir
++  mkdir conf$$.dir 2>/dev/null
+ fi
+-echo >conf$$.file
+-if ln -s conf$$.file conf$$ 2>/dev/null; then
+-  as_ln_s='ln -s'
+-  # ... but there are two gotchas:
+-  # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+-  # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+-  # In both cases, we have to default to `cp -p'.
+-  ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
++if (echo >conf$$.file) 2>/dev/null; then
++  if ln -s conf$$.file conf$$ 2>/dev/null; then
++    as_ln_s='ln -s'
++    # ... but there are two gotchas:
++    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
++    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
++    # In both cases, we have to default to `cp -p'.
++    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
++      as_ln_s='cp -p'
++  elif ln conf$$.file conf$$ 2>/dev/null; then
++    as_ln_s=ln
++  else
+     as_ln_s='cp -p'
+-elif ln conf$$.file conf$$ 2>/dev/null; then
+-  as_ln_s=ln
++  fi
+ else
+   as_ln_s='cp -p'
+ fi
+@@ -4340,10 +5023,10 @@ else
+   as_test_x='
+     eval sh -c '\''
+       if test -d "$1"; then
+-        test -d "$1/.";
++	test -d "$1/.";
+       else
+ 	case $1 in
+-        -*)set "./$1";;
++	-*)set "./$1";;
+ 	esac;
+ 	case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in
+ 	???[sx]*):;;*)false;;esac;fi
+@@ -4366,7 +5049,7 @@ exec 6>&1
+ # values after options handling.
+ ac_log="
+ This file was extended by $as_me, which was
+-generated by GNU Autoconf 2.61.  Invocation command line was
++generated by GNU Autoconf 2.63.  Invocation command line was
+ 
+   CONFIG_FILES    = $CONFIG_FILES
+   CONFIG_HEADERS  = $CONFIG_HEADERS
+@@ -4379,26 +5062,33 @@ on `(hostname || uname -n) 2>/dev/null |
+ 
+ _ACEOF
+ 
+-cat >>$CONFIG_STATUS <<_ACEOF
++case $ac_config_files in *"
++"*) set x $ac_config_files; shift; ac_config_files=$*;;
++esac
++
++
++
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ # Files that config.status was made for.
+ config_files="$ac_config_files"
+ 
+ _ACEOF
+ 
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ ac_cs_usage="\
+ \`$as_me' instantiates files from templates according to the
+ current configuration.
+ 
+-Usage: $0 [OPTIONS] [FILE]...
++Usage: $0 [OPTION]... [FILE]...
+ 
+   -h, --help       print this help, then exit
+   -V, --version    print version number and configuration settings, then exit
+-  -q, --quiet      do not print progress messages
++  -q, --quiet, --silent
++                   do not print progress messages
+   -d, --debug      don't remove temporary files
+       --recheck    update $as_me by reconfiguring in the same conditions
+-  --file=FILE[:TEMPLATE]
+-		   instantiate the configuration file FILE
++      --file=FILE[:TEMPLATE]
++                   instantiate the configuration file FILE
+ 
+ Configuration files:
+ $config_files
+@@ -4406,23 +5096,23 @@ $config_files
+ Report bugs to ."
+ 
+ _ACEOF
+-cat >>$CONFIG_STATUS <<_ACEOF
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ ac_cs_version="\\
+ config.status
+-configured by $0, generated by GNU Autoconf 2.61,
+-  with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
++configured by $0, generated by GNU Autoconf 2.63,
++  with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
+ 
+-Copyright (C) 2006 Free Software Foundation, Inc.
++Copyright (C) 2008 Free Software Foundation, Inc.
+ This config.status script is free software; the Free Software Foundation
+ gives unlimited permission to copy, distribute and modify it."
+ 
+ ac_pwd='$ac_pwd'
+ srcdir='$srcdir'
++test -n "\$AWK" || AWK=awk
+ _ACEOF
+ 
+-cat >>$CONFIG_STATUS <<\_ACEOF
+-# If no file are specified by the user, then we need to provide default
+-# value.  By we need to know if files were specified by the user.
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
++# The default lists apply if the user does not specify any file.
+ ac_need_defaults=:
+ while test $# != 0
+ do
+@@ -4444,21 +5134,24 @@ do
+   -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
+     ac_cs_recheck=: ;;
+   --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
+-    echo "$ac_cs_version"; exit ;;
++    $as_echo "$ac_cs_version"; exit ;;
+   --debug | --debu | --deb | --de | --d | -d )
+     debug=: ;;
+   --file | --fil | --fi | --f )
+     $ac_shift
+-    CONFIG_FILES="$CONFIG_FILES $ac_optarg"
++    case $ac_optarg in
++    *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
++    esac
++    CONFIG_FILES="$CONFIG_FILES '$ac_optarg'"
+     ac_need_defaults=false;;
+   --he | --h |  --help | --hel | -h )
+-    echo "$ac_cs_usage"; exit ;;
++    $as_echo "$ac_cs_usage"; exit ;;
+   -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+   | -silent | --silent | --silen | --sile | --sil | --si | --s)
+     ac_cs_silent=: ;;
+ 
+   # This is an error.
+-  -*) { echo "$as_me: error: unrecognized option: $1
++  -*) { $as_echo "$as_me: error: unrecognized option: $1
+ Try \`$0 --help' for more information." >&2
+    { (exit 1); exit 1; }; } ;;
+ 
+@@ -4477,30 +5170,32 @@ if $ac_cs_silent; then
+ fi
+ 
+ _ACEOF
+-cat >>$CONFIG_STATUS <<_ACEOF
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ if \$ac_cs_recheck; then
+-  echo "running CONFIG_SHELL=$SHELL $SHELL $0 "$ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6
+-  CONFIG_SHELL=$SHELL
++  set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
++  shift
++  \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6
++  CONFIG_SHELL='$SHELL'
+   export CONFIG_SHELL
+-  exec $SHELL "$0"$ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
++  exec "\$@"
+ fi
+ 
+ _ACEOF
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ exec 5>>config.log
+ {
+   echo
+   sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
+ ## Running $as_me. ##
+ _ASBOX
+-  echo "$ac_log"
++  $as_echo "$ac_log"
+ } >&5
+ 
+ _ACEOF
+-cat >>$CONFIG_STATUS <<_ACEOF
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ _ACEOF
+ 
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ 
+ # Handling of arguments.
+ for ac_config_target in $ac_config_targets
+@@ -4508,8 +5203,8 @@ do
+   case $ac_config_target in
+     "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
+ 
+-  *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5
+-echo "$as_me: error: invalid argument: $ac_config_target" >&2;}
++  *) { { $as_echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5
++$as_echo "$as_me: error: invalid argument: $ac_config_target" >&2;}
+    { (exit 1); exit 1; }; };;
+   esac
+ done
+@@ -4548,114 +5243,143 @@ $debug ||
+   (umask 077 && mkdir "$tmp")
+ } ||
+ {
+-   echo "$me: cannot create a temporary directory in ." >&2
++   $as_echo "$as_me: cannot create a temporary directory in ." >&2
+    { (exit 1); exit 1; }
+ }
+ 
+-#
+-# Set up the sed scripts for CONFIG_FILES section.
+-#
+-
+-# No need to generate the scripts if there are no CONFIG_FILES.
+-# This happens for instance when ./config.status config.h
++# Set up the scripts for CONFIG_FILES section.
++# No need to generate them if there are no CONFIG_FILES.
++# This happens for instance with `./config.status config.h'.
+ if test -n "$CONFIG_FILES"; then
+ 
+-_ACEOF
+ 
++ac_cr='
'
++ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null`
++if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then
++  ac_cs_awk_cr='\\r'
++else
++  ac_cs_awk_cr=$ac_cr
++fi
++
++echo 'BEGIN {' >"$tmp/subs1.awk" &&
++_ACEOF
+ 
+ 
++{
++  echo "cat >conf$$subs.awk <<_ACEOF" &&
++  echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' &&
++  echo "_ACEOF"
++} >conf$$subs.sh ||
++  { { $as_echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
++$as_echo "$as_me: error: could not make $CONFIG_STATUS" >&2;}
++   { (exit 1); exit 1; }; }
++ac_delim_num=`echo "$ac_subst_vars" | grep -c '$'`
+ ac_delim='%!_!# '
+ for ac_last_try in false false false false false :; do
+-  cat >conf$$subs.sed <<_ACEOF
+-SHELL!$SHELL$ac_delim
+-PATH_SEPARATOR!$PATH_SEPARATOR$ac_delim
+-PACKAGE_NAME!$PACKAGE_NAME$ac_delim
+-PACKAGE_TARNAME!$PACKAGE_TARNAME$ac_delim
+-PACKAGE_VERSION!$PACKAGE_VERSION$ac_delim
+-PACKAGE_STRING!$PACKAGE_STRING$ac_delim
+-PACKAGE_BUGREPORT!$PACKAGE_BUGREPORT$ac_delim
+-exec_prefix!$exec_prefix$ac_delim
+-prefix!$prefix$ac_delim
+-program_transform_name!$program_transform_name$ac_delim
+-bindir!$bindir$ac_delim
+-sbindir!$sbindir$ac_delim
+-libexecdir!$libexecdir$ac_delim
+-datarootdir!$datarootdir$ac_delim
+-datadir!$datadir$ac_delim
+-sysconfdir!$sysconfdir$ac_delim
+-sharedstatedir!$sharedstatedir$ac_delim
+-localstatedir!$localstatedir$ac_delim
+-includedir!$includedir$ac_delim
+-oldincludedir!$oldincludedir$ac_delim
+-docdir!$docdir$ac_delim
+-infodir!$infodir$ac_delim
+-htmldir!$htmldir$ac_delim
+-dvidir!$dvidir$ac_delim
+-pdfdir!$pdfdir$ac_delim
+-psdir!$psdir$ac_delim
+-libdir!$libdir$ac_delim
+-localedir!$localedir$ac_delim
+-mandir!$mandir$ac_delim
+-DEFS!$DEFS$ac_delim
+-ECHO_C!$ECHO_C$ac_delim
+-ECHO_N!$ECHO_N$ac_delim
+-ECHO_T!$ECHO_T$ac_delim
+-LIBS!$LIBS$ac_delim
+-build_alias!$build_alias$ac_delim
+-host_alias!$host_alias$ac_delim
+-target_alias!$target_alias$ac_delim
+-CC!$CC$ac_delim
+-CFLAGS!$CFLAGS$ac_delim
+-LDFLAGS!$LDFLAGS$ac_delim
+-CPPFLAGS!$CPPFLAGS$ac_delim
+-ac_ct_CC!$ac_ct_CC$ac_delim
+-EXEEXT!$EXEEXT$ac_delim
+-OBJEXT!$OBJEXT$ac_delim
+-edir!$edir$ac_delim
+-ldap_ldflags!$ldap_ldflags$ac_delim
+-ldap_cflags!$ldap_cflags$ac_delim
+-targetname!$targetname$ac_delim
+-LIBOBJS!$LIBOBJS$ac_delim
+-LTLIBOBJS!$LTLIBOBJS$ac_delim
+-_ACEOF
++  . ./conf$$subs.sh ||
++    { { $as_echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
++$as_echo "$as_me: error: could not make $CONFIG_STATUS" >&2;}
++   { (exit 1); exit 1; }; }
+ 
+-  if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 50; then
++  ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X`
++  if test $ac_delim_n = $ac_delim_num; then
+     break
+   elif $ac_last_try; then
+-    { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
+-echo "$as_me: error: could not make $CONFIG_STATUS" >&2;}
++    { { $as_echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
++$as_echo "$as_me: error: could not make $CONFIG_STATUS" >&2;}
+    { (exit 1); exit 1; }; }
+   else
+     ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+   fi
+ done
++rm -f conf$$subs.sh
+ 
+-ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed`
+-if test -n "$ac_eof"; then
+-  ac_eof=`echo "$ac_eof" | sort -nru | sed 1q`
+-  ac_eof=`expr $ac_eof + 1`
+-fi
+-
+-cat >>$CONFIG_STATUS <<_ACEOF
+-cat >"\$tmp/subs-1.sed" <<\CEOF$ac_eof
+-/@[a-zA-Z_][a-zA-Z_0-9]*@/!b end
+-_ACEOF
+-sed '
+-s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g
+-s/^/s,@/; s/!/@,|#_!!_#|/
+-:n
+-t n
+-s/'"$ac_delim"'$/,g/; t
+-s/$/\\/; p
+-N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n
+-' >>$CONFIG_STATUS >$CONFIG_STATUS <<_ACEOF
+-:end
+-s/|#_!!_#|//g
+-CEOF$ac_eof
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
++cat >>"\$tmp/subs1.awk" <<\\_ACAWK &&
+ _ACEOF
++sed -n '
++h
++s/^/S["/; s/!.*/"]=/
++p
++g
++s/^[^!]*!//
++:repl
++t repl
++s/'"$ac_delim"'$//
++t delim
++:nl
++h
++s/\(.\{148\}\).*/\1/
++t more1
++s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/
++p
++n
++b repl
++:more1
++s/["\\]/\\&/g; s/^/"/; s/$/"\\/
++p
++g
++s/.\{148\}//
++t nl
++:delim
++h
++s/\(.\{148\}\).*/\1/
++t more2
++s/["\\]/\\&/g; s/^/"/; s/$/"/
++p
++b
++:more2
++s/["\\]/\\&/g; s/^/"/; s/$/"\\/
++p
++g
++s/.\{148\}//
++t delim
++' >$CONFIG_STATUS || ac_write_fail=1
++rm -f conf$$subs.awk
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
++_ACAWK
++cat >>"\$tmp/subs1.awk" <<_ACAWK &&
++  for (key in S) S_is_set[key] = 1
++  FS = ""
+ 
++}
++{
++  line = $ 0
++  nfields = split(line, field, "@")
++  substed = 0
++  len = length(field[1])
++  for (i = 2; i < nfields; i++) {
++    key = field[i]
++    keylen = length(key)
++    if (S_is_set[key]) {
++      value = S[key]
++      line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3)
++      len += length(value) + length(field[++i])
++      substed = 1
++    } else
++      len += 1 + keylen
++  }
++
++  print line
++}
++
++_ACAWK
++_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
++if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then
++  sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g"
++else
++  cat
++fi < "$tmp/subs1.awk" > "$tmp/subs.awk" \
++  || { { $as_echo "$as_me:$LINENO: error: could not setup config files machinery" >&5
++$as_echo "$as_me: error: could not setup config files machinery" >&2;}
++   { (exit 1); exit 1; }; }
++_ACEOF
+ 
+ # VPATH may cause trouble with some makes, so we remove $(srcdir),
+ # ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and
+@@ -4672,19 +5396,21 @@ s/^[^=]*=[	 ]*$//
+ }'
+ fi
+ 
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ fi # test -n "$CONFIG_FILES"
+ 
+ 
+-for ac_tag in  :F $CONFIG_FILES
++eval set X "  :F $CONFIG_FILES      "
++shift
++for ac_tag
+ do
+   case $ac_tag in
+   :[FHLC]) ac_mode=$ac_tag; continue;;
+   esac
+   case $ac_mode$ac_tag in
+   :[FHL]*:*);;
+-  :L* | :C*:*) { { echo "$as_me:$LINENO: error: Invalid tag $ac_tag." >&5
+-echo "$as_me: error: Invalid tag $ac_tag." >&2;}
++  :L* | :C*:*) { { $as_echo "$as_me:$LINENO: error: invalid tag $ac_tag" >&5
++$as_echo "$as_me: error: invalid tag $ac_tag" >&2;}
+    { (exit 1); exit 1; }; };;
+   :[FH]-) ac_tag=-:-;;
+   :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
+@@ -4713,26 +5439,38 @@ echo "$as_me: error: Invalid tag $ac_tag
+ 	   [\\/$]*) false;;
+ 	   *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
+ 	   esac ||
+-	   { { echo "$as_me:$LINENO: error: cannot find input file: $ac_f" >&5
+-echo "$as_me: error: cannot find input file: $ac_f" >&2;}
++	   { { $as_echo "$as_me:$LINENO: error: cannot find input file: $ac_f" >&5
++$as_echo "$as_me: error: cannot find input file: $ac_f" >&2;}
+    { (exit 1); exit 1; }; };;
+       esac
+-      ac_file_inputs="$ac_file_inputs $ac_f"
++      case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac
++      ac_file_inputs="$ac_file_inputs '$ac_f'"
+     done
+ 
+     # Let's still pretend it is `configure' which instantiates (i.e., don't
+     # use $as_me), people would be surprised to read:
+     #    /* config.h.  Generated by config.status.  */
+-    configure_input="Generated from "`IFS=:
+-	  echo $* | sed 's|^[^:]*/||;s|:[^:]*/|, |g'`" by configure."
++    configure_input='Generated from '`
++	  $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g'
++	`' by configure.'
+     if test x"$ac_file" != x-; then
+       configure_input="$ac_file.  $configure_input"
+-      { echo "$as_me:$LINENO: creating $ac_file" >&5
+-echo "$as_me: creating $ac_file" >&6;}
++      { $as_echo "$as_me:$LINENO: creating $ac_file" >&5
++$as_echo "$as_me: creating $ac_file" >&6;}
+     fi
++    # Neutralize special characters interpreted by sed in replacement strings.
++    case $configure_input in #(
++    *\&* | *\|* | *\\* )
++       ac_sed_conf_input=`$as_echo "$configure_input" |
++       sed 's/[\\\\&|]/\\\\&/g'`;; #(
++    *) ac_sed_conf_input=$configure_input;;
++    esac
+ 
+     case $ac_tag in
+-    *:-:* | *:-) cat >"$tmp/stdin";;
++    *:-:* | *:-) cat >"$tmp/stdin" \
++      || { { $as_echo "$as_me:$LINENO: error: could not create $ac_file" >&5
++$as_echo "$as_me: error: could not create $ac_file" >&2;}
++   { (exit 1); exit 1; }; } ;;
+     esac
+     ;;
+   esac
+@@ -4742,7 +5480,7 @@ $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^
+ 	 X"$ac_file" : 'X\(//\)[^/]' \| \
+ 	 X"$ac_file" : 'X\(//\)$' \| \
+ 	 X"$ac_file" : 'X\(/\)' \| . 2>/dev/null ||
+-echo X"$ac_file" |
++$as_echo X"$ac_file" |
+     sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ 	    s//\1/
+ 	    q
+@@ -4768,7 +5506,7 @@ echo X"$ac_file" |
+     as_dirs=
+     while :; do
+       case $as_dir in #(
+-      *\'*) as_qdir=`echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #(
++      *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+       *) as_qdir=$as_dir;;
+       esac
+       as_dirs="'$as_qdir' $as_dirs"
+@@ -4777,7 +5515,7 @@ $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/
+ 	 X"$as_dir" : 'X\(//\)[^/]' \| \
+ 	 X"$as_dir" : 'X\(//\)$' \| \
+ 	 X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+-echo X"$as_dir" |
++$as_echo X"$as_dir" |
+     sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+ 	    s//\1/
+ 	    q
+@@ -4798,17 +5536,17 @@ echo X"$as_dir" |
+       test -d "$as_dir" && break
+     done
+     test -z "$as_dirs" || eval "mkdir $as_dirs"
+-  } || test -d "$as_dir" || { { echo "$as_me:$LINENO: error: cannot create directory $as_dir" >&5
+-echo "$as_me: error: cannot create directory $as_dir" >&2;}
++  } || test -d "$as_dir" || { { $as_echo "$as_me:$LINENO: error: cannot create directory $as_dir" >&5
++$as_echo "$as_me: error: cannot create directory $as_dir" >&2;}
+    { (exit 1); exit 1; }; }; }
+   ac_builddir=.
+ 
+ case "$ac_dir" in
+ .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+ *)
+-  ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
++  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+   # A ".." for each directory in $ac_dir_suffix.
+-  ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'`
++  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+   case $ac_top_builddir_sub in
+   "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+   *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+@@ -4844,12 +5582,13 @@ ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_
+ 
+ _ACEOF
+ 
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ # If the template does not know about datarootdir, expand it.
+ # FIXME: This hack should be removed a few years after 2.60.
+ ac_datarootdir_hack=; ac_datarootdir_seen=
+ 
+-case `sed -n '/datarootdir/ {
++ac_sed_dataroot='
++/datarootdir/ {
+   p
+   q
+ }
+@@ -4858,13 +5597,14 @@ case `sed -n '/datarootdir/ {
+ /@infodir@/p
+ /@localedir@/p
+ /@mandir@/p
+-' $ac_file_inputs` in
++'
++case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in
+ *datarootdir*) ac_datarootdir_seen=yes;;
+ *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*)
+-  { echo "$as_me:$LINENO: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
+-echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
++  { $as_echo "$as_me:$LINENO: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
++$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
+ _ACEOF
+-cat >>$CONFIG_STATUS <<_ACEOF
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+   ac_datarootdir_hack='
+   s&@datadir@&$datadir&g
+   s&@docdir@&$docdir&g
+@@ -4878,15 +5618,16 @@ _ACEOF
+ # Neutralize VPATH when `$srcdir' = `.'.
+ # Shell code in configure.ac might set extrasub.
+ # FIXME: do we really want to maintain this feature?
+-cat >>$CONFIG_STATUS <<_ACEOF
+-  sed "$ac_vpsub
++cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
++ac_sed_extra="$ac_vpsub
+ $extrasub
+ _ACEOF
+-cat >>$CONFIG_STATUS <<\_ACEOF
++cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ :t
+ /@[a-zA-Z_][a-zA-Z_0-9]*@/!b
+-s&@configure_input@&$configure_input&;t t
++s|@configure_input@|$ac_sed_conf_input|;t t
+ s&@top_builddir@&$ac_top_builddir_sub&;t t
++s&@top_build_prefix@&$ac_top_build_prefix&;t t
+ s&@srcdir@&$ac_srcdir&;t t
+ s&@abs_srcdir@&$ac_abs_srcdir&;t t
+ s&@top_srcdir@&$ac_top_srcdir&;t t
+@@ -4895,21 +5636,28 @@ s&@builddir@&$ac_builddir&;t t
+ s&@abs_builddir@&$ac_abs_builddir&;t t
+ s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
+ $ac_datarootdir_hack
+-" $ac_file_inputs | sed -f "$tmp/subs-1.sed" >$tmp/out
++"
++eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$tmp/subs.awk" >$tmp/out \
++  || { { $as_echo "$as_me:$LINENO: error: could not create $ac_file" >&5
++$as_echo "$as_me: error: could not create $ac_file" >&2;}
++   { (exit 1); exit 1; }; }
+ 
+ test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
+   { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } &&
+   { ac_out=`sed -n '/^[	 ]*datarootdir[	 ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } &&
+-  { echo "$as_me:$LINENO: WARNING: $ac_file contains a reference to the variable \`datarootdir'
++  { $as_echo "$as_me:$LINENO: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+ which seems to be undefined.  Please make sure it is defined." >&5
+-echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
++$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+ which seems to be undefined.  Please make sure it is defined." >&2;}
+ 
+   rm -f "$tmp/stdin"
+   case $ac_file in
+-  -) cat "$tmp/out"; rm -f "$tmp/out";;
+-  *) rm -f "$ac_file"; mv "$tmp/out" $ac_file;;
+-  esac
++  -) cat "$tmp/out" && rm -f "$tmp/out";;
++  *) rm -f "$ac_file" && mv "$tmp/out" "$ac_file";;
++  esac \
++  || { { $as_echo "$as_me:$LINENO: error: could not create $ac_file" >&5
++$as_echo "$as_me: error: could not create $ac_file" >&2;}
++   { (exit 1); exit 1; }; }
+  ;;
+ 
+ 
+@@ -4924,6 +5672,11 @@ _ACEOF
+ chmod +x $CONFIG_STATUS
+ ac_clean_files=$ac_clean_files_save
+ 
++test $ac_write_fail = 0 ||
++  { { $as_echo "$as_me:$LINENO: error: write failure creating $CONFIG_STATUS" >&5
++$as_echo "$as_me: error: write failure creating $CONFIG_STATUS" >&2;}
++   { (exit 1); exit 1; }; }
++
+ 
+ # configure is writing to config.log, and then calls config.status.
+ # config.status does its own redirection, appending to config.log.
+@@ -4945,5 +5698,9 @@ if test "$no_create" != yes; then
+   # would make configure fail if this is the last instruction.
+   $ac_cs_success || { (exit 1); exit 1; }
+ fi
++if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then
++  { $as_echo "$as_me:$LINENO: WARNING: unrecognized options: $ac_unrecognized_opts" >&5
++$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;}
++fi
+ 
+ 
+Index: freeradius-server-2.2.7/src/modules/rlm_ldap/configure.in
+===================================================================
+--- freeradius-server-2.2.7.orig/src/modules/rlm_ldap/configure.in
++++ freeradius-server-2.2.7/src/modules/rlm_ldap/configure.in
+@@ -87,6 +87,9 @@ if test x$with_[]modname != xno; then
+ 			 )
+ 	fi
+ 
++	FR_SMART_CHECK_LIB(sasl, sasl_encode)
++	FR_SMART_CHECK_LIB(lber, ber_init)
++
+ 	dnl Try only "-lldap_r" or "-lldap"
+ 	dnl Static linking will probably not work, but nobody ever
+ 	dnl complained about it.
diff --git a/net/freeradius2/patches/008-honor_ccpflags.patch b/net/freeradius2/patches/008-honor_ccpflags.patch
new file mode 100644
index 0000000..7e6d81e
--- /dev/null
+++ b/net/freeradius2/patches/008-honor_ccpflags.patch
@@ -0,0 +1,17 @@
+Index: freeradius-server-2.2.7/src/modules/rules.mak
+===================================================================
+--- freeradius-server-2.2.7.orig/src/modules/rules.mak
++++ freeradius-server-2.2.7/src/modules/rules.mak
+@@ -63,10 +63,10 @@ $(LT_OBJS): $(SERVER_HEADERS)
+ #
+ #######################################################################
+ %.lo: %.c
+-	$(LIBTOOL) --mode=compile --tag=CC $(CC) $(CFLAGS) $(RLM_CFLAGS) -c $<
++	$(LIBTOOL) --mode=compile --tag=CC $(CC) $(CFLAGS) $(CPPFLAGS) $(RLM_CFLAGS) -c $<
+ 
+ %.lo: %.cpp
+-	$(LIBTOOL) --mode=compile --tag=CXX $(CXX) $(CFLAGS) $(RLM_CFLAGS) -c $<
++	$(LIBTOOL) --mode=compile --tag=CXX $(CXX) $(CFLAGS) $(CPPFLAGS) $(RLM_CFLAGS) -c $<
+ 
+ ifneq ($(TARGET),)
+ #######################################################################
diff --git a/net/freeradius2/patches/010-disbale-openssl-check.patch b/net/freeradius2/patches/010-disbale-openssl-check.patch
new file mode 100644
index 0000000..483221d
--- /dev/null
+++ b/net/freeradius2/patches/010-disbale-openssl-check.patch
@@ -0,0 +1,40 @@
+Index: freeradius-server-2.2.7/configure.in
+===================================================================
+--- freeradius-server-2.2.7.orig/configure.in
++++ freeradius-server-2.2.7/configure.in
+@@ -820,35 +820,6 @@ if test "x$WITH_OPENSSL" = xyes; then
+     OPENSSL_INCLUDE="-DOPENSSL_NO_KRB5"
+   fi
+ 
+-  dnl #
+-  dnl #  Now check that the header versions match the library
+-  dnl #
+-  AC_MSG_CHECKING([OpenSSL library and header version consistency])
+-  AC_RUN_IFELSE(
+-    [AC_LANG_PROGRAM(
+-      [[
+-        #include 
+-        #include 
+-        #include 
+-      ]],
+-      [[
+-        if (SSLeay() == OPENSSL_VERSION_NUMBER) {
+-          return 0;
+-        } else {
+-          printf("library: %lx header: %lx... ", (unsigned long) SSLeay(), (unsigned long) OPENSSL_VERSION_NUMBER);
+-          return 1;
+-        }
+-      ]]
+-    )],
+-    [
+-      AC_MSG_RESULT(yes)
+-    ],
+-    [
+-      AC_MSG_RESULT(no)
+-      AC_MSG_FAILURE([OpenSSL library version does not match header version])
+-    ]
+-  )
+-
+   if test "x$OPENSSL_LIBS" = x; then
+     LIBS=$old_LIBS
+     LDFLAGS="$old_LDFLAGS"
diff --git a/net/git/Makefile b/net/git/Makefile
index 8598d8d..3877012 100644
--- a/net/git/Makefile
+++ b/net/git/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=git
-PKG_VERSION:=2.11.3
+PKG_VERSION:=2.11.0
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=@KERNEL/software/scm/git/
-PKG_HASH:=7343bbd489f59531d66bc086393f0d5f530b5175927c29fb97b07f9d2cbc31ac
+PKG_MD5SUM:=dd4e3360e28aec5bb902fb34dd7fce3b
 
 PKG_INSTALL:=1
 PKG_BUILD_PARALLEL:=1
diff --git a/net/haproxy/Makefile b/net/haproxy/Makefile
index 830633f..e4eb34a 100644
--- a/net/haproxy/Makefile
+++ b/net/haproxy/Makefile
@@ -9,12 +9,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=haproxy
-PKG_VERSION:=1.7.5
-PKG_RELEASE:=01
+PKG_VERSION:=1.7.8
+PKG_RELEASE:=18
 
 PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.haproxy.org/download/1.7/src/
-PKG_MD5SUM:=ed84c80cb97852d2aa3161ed16c48a1c
+PKG_MD5SUM:=7e94653cc5a1dba006bbe43736f53595
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_LICENSE:=GPL-2.0
diff --git a/net/haproxy/patches/0001-BUG-MINOR-peers-peer-synchronization-issue-with-seve.patch b/net/haproxy/patches/0001-BUG-MINOR-peers-peer-synchronization-issue-with-seve.patch
new file mode 100644
index 0000000..a24c967
--- /dev/null
+++ b/net/haproxy/patches/0001-BUG-MINOR-peers-peer-synchronization-issue-with-seve.patch
@@ -0,0 +1,299 @@
+From fa73e6b0d5f64eb8a6fd8a1706d7ec03293a943e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20L=C3=A9caille?= 
+Date: Thu, 13 Jul 2017 09:07:09 +0200
+Subject: [PATCH 01/18] BUG/MINOR: peers: peer synchronization issue (with
+ several peers sections).
+
+When several stick-tables were configured with several peers sections,
+only a part of them could be synchronized: the ones attached to the last
+parsed 'peers' section. This was due to the fact that, at least, the peer I/O handler
+refered to the wrong peer section list, in fact always the same: the last one parsed.
+
+The fact that the global peer section list was named "struct peers *peers"
+lead to this issue. This variable name is dangerous ;).
+
+So this patch renames global 'peers' variable to 'cfg_peers' to ensure that
+no such wrong references are still in use, then all the functions wich used
+old 'peers' variable have been modified to refer to the correct peer list.
+
+Must be backported to 1.6 and 1.7.
+(cherry picked from commit ed2b4a6b793d062000518e51ed71e014c649c313)
+
+Signed-off-by: Willy Tarreau 
+---
+ include/types/peers.h |  2 +-
+ src/cfgparse.c        | 18 +++++++++---------
+ src/haproxy.c         | 10 +++++-----
+ src/peers.c           | 40 ++++++++++++++++++++--------------------
+ src/proxy.c           |  6 +++---
+ 5 files changed, 38 insertions(+), 38 deletions(-)
+
+diff --git a/include/types/peers.h b/include/types/peers.h
+index 105dffb0..a77a0942 100644
+--- a/include/types/peers.h
++++ b/include/types/peers.h
+@@ -91,7 +91,7 @@ struct peers {
+ };
+ 
+ 
+-extern struct peers *peers;
++extern struct peers *cfg_peers;
+ 
+ #endif /* _TYPES_PEERS_H */
+ 
+diff --git a/src/cfgparse.c b/src/cfgparse.c
+index 8c0906bf..1b53006b 100644
+--- a/src/cfgparse.c
++++ b/src/cfgparse.c
+@@ -2124,7 +2124,7 @@ int cfg_parse_peers(const char *file, int linenum, char **args, int kwm)
+ 			goto out;
+ 		}
+ 
+-		for (curpeers = peers; curpeers != NULL; curpeers = curpeers->next) {
++		for (curpeers = cfg_peers; curpeers != NULL; curpeers = curpeers->next) {
+ 			/*
+ 			 * If there are two proxies with the same name only following
+ 			 * combinations are allowed:
+@@ -2142,8 +2142,8 @@ int cfg_parse_peers(const char *file, int linenum, char **args, int kwm)
+ 			goto out;
+ 		}
+ 
+-		curpeers->next = peers;
+-		peers = curpeers;
++		curpeers->next = cfg_peers;
++		cfg_peers = curpeers;
+ 		curpeers->conf.file = strdup(file);
+ 		curpeers->conf.line = linenum;
+ 		curpeers->last_change = now.tv_sec;
+@@ -2223,7 +2223,7 @@ int cfg_parse_peers(const char *file, int linenum, char **args, int kwm)
+ 		if (strcmp(newpeer->id, localpeer) == 0) {
+ 			/* Current is local peer, it define a frontend */
+ 			newpeer->local = 1;
+-			peers->local = newpeer;
++			cfg_peers->local = newpeer;
+ 
+ 			if (!curpeers->peers_fe) {
+ 				if ((curpeers->peers_fe  = calloc(1, sizeof(struct proxy))) == NULL) {
+@@ -8189,9 +8189,9 @@ int check_config_validity()
+ 		}
+ 
+ 		if (curproxy->table.peers.name) {
+-			struct peers *curpeers = peers;
++			struct peers *curpeers;
+ 
+-			for (curpeers = peers; curpeers; curpeers = curpeers->next) {
++			for (curpeers = cfg_peers; curpeers; curpeers = curpeers->next) {
+ 				if (strcmp(curpeers->id, curproxy->table.peers.name) == 0) {
+ 					free((void *)curproxy->table.peers.name);
+ 					curproxy->table.peers.p = curpeers;
+@@ -9279,15 +9279,15 @@ out_uri_auth_compat:
+ 		if (curproxy->table.peers.p)
+ 			curproxy->table.peers.p->peers_fe->bind_proc |= curproxy->bind_proc;
+ 
+-	if (peers) {
+-		struct peers *curpeers = peers, **last;
++	if (cfg_peers) {
++		struct peers *curpeers = cfg_peers, **last;
+ 		struct peer *p, *pb;
+ 
+ 		/* Remove all peers sections which don't have a valid listener,
+ 		 * which are not used by any table, or which are bound to more
+ 		 * than one process.
+ 		 */
+-		last = &peers;
++		last = &cfg_peers;
+ 		while (*last) {
+ 			curpeers = *last;
+ 
+diff --git a/src/haproxy.c b/src/haproxy.c
+index 6d09aed4..25cea0cd 100644
+--- a/src/haproxy.c
++++ b/src/haproxy.c
+@@ -988,7 +988,7 @@ void init(int argc, char **argv)
+ 		struct peers *pr;
+ 		struct proxy *px;
+ 
+-		for (pr = peers; pr; pr = pr->next)
++		for (pr = cfg_peers; pr; pr = pr->next)
+ 			if (pr->peers_fe)
+ 				break;
+ 
+@@ -1217,11 +1217,11 @@ void init(int argc, char **argv)
+ 	if (global.stats_fe)
+ 		global.maxsock += global.stats_fe->maxconn;
+ 
+-	if (peers) {
++	if (cfg_peers) {
+ 		/* peers also need to bypass global maxconn */
+-		struct peers *p = peers;
++		struct peers *p = cfg_peers;
+ 
+-		for (p = peers; p; p = p->next)
++		for (p = cfg_peers; p; p = p->next)
+ 			if (p->peers_fe)
+ 				global.maxsock += p->peers_fe->maxconn;
+ 	}
+@@ -2067,7 +2067,7 @@ int main(int argc, char **argv)
+ 		}
+ 
+ 		/* we might have to unbind some peers sections from some processes */
+-		for (curpeers = peers; curpeers; curpeers = curpeers->next) {
++		for (curpeers = cfg_peers; curpeers; curpeers = curpeers->next) {
+ 			if (!curpeers->peers_fe)
+ 				continue;
+ 
+diff --git a/src/peers.c b/src/peers.c
+index 543c84c1..5b8a287a 100644
+--- a/src/peers.c
++++ b/src/peers.c
+@@ -171,7 +171,7 @@ enum {
+ #define PEER_MINOR_VER        1
+ #define PEER_DWNGRD_MINOR_VER 0
+ 
+-struct peers *peers = NULL;
++struct peers *cfg_peers = NULL;
+ static void peer_session_forceshutdown(struct appctx *appctx);
+ 
+ /* This function encode an uint64 to 'dynamic' length format.
+@@ -727,19 +727,19 @@ switchstate:
+ 				/* if current peer is local */
+                                 if (curpeer->local) {
+                                         /* if current host need resyncfrom local and no process assined  */
+-                                        if ((peers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FROMLOCAL &&
+-                                            !(peers->flags & PEERS_F_RESYNC_ASSIGN)) {
++                                        if ((curpeers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FROMLOCAL &&
++                                            !(curpeers->flags & PEERS_F_RESYNC_ASSIGN)) {
+                                                 /* assign local peer for a lesson, consider lesson already requested */
+                                                 curpeer->flags |= PEER_F_LEARN_ASSIGN;
+-                                                peers->flags |= (PEERS_F_RESYNC_ASSIGN|PEERS_F_RESYNC_PROCESS);
++                                                curpeers->flags |= (PEERS_F_RESYNC_ASSIGN|PEERS_F_RESYNC_PROCESS);
+                                         }
+ 
+                                 }
+-                                else if ((peers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FROMREMOTE &&
+-                                         !(peers->flags & PEERS_F_RESYNC_ASSIGN)) {
++                                else if ((curpeers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FROMREMOTE &&
++                                         !(curpeers->flags & PEERS_F_RESYNC_ASSIGN)) {
+                                         /* assign peer for a lesson  */
+                                         curpeer->flags |= PEER_F_LEARN_ASSIGN;
+-                                        peers->flags |= PEERS_F_RESYNC_ASSIGN;
++                                        curpeers->flags |= PEERS_F_RESYNC_ASSIGN;
+                                 }
+ 
+ 
+@@ -807,7 +807,7 @@ switchstate:
+ 				curpeer->statuscode = atoi(trash.str);
+ 
+ 				/* Awake main task */
+-				task_wakeup(peers->sync_task, TASK_WOKEN_MSG);
++				task_wakeup(curpeers->sync_task, TASK_WOKEN_MSG);
+ 
+ 				/* If status code is success */
+ 				if (curpeer->statuscode == PEER_SESS_SC_SUCCESSCODE) {
+@@ -830,14 +830,14 @@ switchstate:
+                                                 curpeer->flags |= PEER_F_TEACH_PROCESS;
+ 
+                                         }
+-                                        else if ((peers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FROMREMOTE &&
+-                                                    !(peers->flags & PEERS_F_RESYNC_ASSIGN)) {
++                                        else if ((curpeers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FROMREMOTE &&
++                                                    !(curpeers->flags & PEERS_F_RESYNC_ASSIGN)) {
+                                                 /* If peer is remote and resync from remote is needed,
+                                                    and no peer currently assigned */
+ 
+                                                 /* assign peer for a lesson */
+                                                 curpeer->flags |= PEER_F_LEARN_ASSIGN;
+-						peers->flags |= PEERS_F_RESYNC_ASSIGN;
++						curpeers->flags |= PEERS_F_RESYNC_ASSIGN;
+ 					}
+ 
+ 				}
+@@ -950,8 +950,8 @@ switchstate:
+ 
+ 						if (curpeer->flags & PEER_F_LEARN_ASSIGN) {
+ 							curpeer->flags &= ~PEER_F_LEARN_ASSIGN;
+-							peers->flags &= ~(PEERS_F_RESYNC_ASSIGN|PEERS_F_RESYNC_PROCESS);
+-							peers->flags |= (PEERS_F_RESYNC_LOCAL|PEERS_F_RESYNC_REMOTE);
++							curpeers->flags &= ~(PEERS_F_RESYNC_ASSIGN|PEERS_F_RESYNC_PROCESS);
++							curpeers->flags |= (PEERS_F_RESYNC_LOCAL|PEERS_F_RESYNC_REMOTE);
+ 						}
+ 						curpeer->confirm++;
+ 					}
+@@ -959,11 +959,11 @@ switchstate:
+ 
+ 						if (curpeer->flags & PEER_F_LEARN_ASSIGN) {
+ 							curpeer->flags &= ~PEER_F_LEARN_ASSIGN;
+-							peers->flags &= ~(PEERS_F_RESYNC_ASSIGN|PEERS_F_RESYNC_PROCESS);
++							curpeers->flags &= ~(PEERS_F_RESYNC_ASSIGN|PEERS_F_RESYNC_PROCESS);
+ 
+ 							curpeer->flags |= PEER_F_LEARN_NOTUP2DATE;
+-							peers->resync_timeout = tick_add(now_ms, MS_TO_TICKS(5000));
+-							task_wakeup(peers->sync_task, TASK_WOKEN_MSG);
++							curpeers->resync_timeout = tick_add(now_ms, MS_TO_TICKS(5000));
++							task_wakeup(curpeers->sync_task, TASK_WOKEN_MSG);
+ 						}
+ 						curpeer->confirm++;
+ 					}
+@@ -1334,8 +1334,8 @@ incomplete:
+ 
+ 				/* Need to request a resync */
+                                 if ((curpeer->flags & PEER_F_LEARN_ASSIGN) &&
+-                                        (peers->flags & PEERS_F_RESYNC_ASSIGN) &&
+-                                        !(peers->flags & PEERS_F_RESYNC_PROCESS)) {
++                                        (curpeers->flags & PEERS_F_RESYNC_ASSIGN) &&
++                                        !(curpeers->flags & PEERS_F_RESYNC_PROCESS)) {
+ 					unsigned char msg[2];
+ 
+                                         /* Current peer was elected to request a resync */
+@@ -1351,7 +1351,7 @@ incomplete:
+                                                 appctx->st0 = PEER_SESS_ST_END;
+                                                 goto switchstate;
+                                         }
+-                                        peers->flags |= PEERS_F_RESYNC_PROCESS;
++                                        curpeers->flags |= PEERS_F_RESYNC_PROCESS;
+                                 }
+ 
+ 				/* Nothing to read, now we start to write */
+@@ -1624,7 +1624,7 @@ incomplete:
+ 
+                                         /* Current peer was elected to request a resync */
+ 					msg[0] = PEER_MSG_CLASS_CONTROL;
+-					msg[1] = ((peers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FINISHED) ? PEER_MSG_CTRL_RESYNCFINISHED : PEER_MSG_CTRL_RESYNCPARTIAL;
++					msg[1] = ((curpeers->flags & PEERS_RESYNC_STATEMASK) == PEERS_RESYNC_FINISHED) ? PEER_MSG_CTRL_RESYNCFINISHED : PEER_MSG_CTRL_RESYNCPARTIAL;
+ 					/* process final lesson message */
+ 					repl = bi_putblk(si_ic(si), (char *)msg, sizeof(msg));
+ 					if (repl <= 0) {
+diff --git a/src/proxy.c b/src/proxy.c
+index 78120d9b..bedc7ae0 100644
+--- a/src/proxy.c
++++ b/src/proxy.c
+@@ -1007,7 +1007,7 @@ void soft_stop(void)
+ 		p = p->next;
+ 	}
+ 
+-	prs = peers;
++	prs = cfg_peers;
+ 	while (prs) {
+ 		if (prs->peers_fe)
+ 			stop_proxy(prs->peers_fe);
+@@ -1142,7 +1142,7 @@ void pause_proxies(void)
+ 		p = p->next;
+ 	}
+ 
+-	prs = peers;
++	prs = cfg_peers;
+ 	while (prs) {
+ 		if (prs->peers_fe)
+ 			err |= !pause_proxy(prs->peers_fe);
+@@ -1176,7 +1176,7 @@ void resume_proxies(void)
+ 		p = p->next;
+ 	}
+ 
+-	prs = peers;
++	prs = cfg_peers;
+ 	while (prs) {
+ 		if (prs->peers_fe)
+ 			err |= !resume_proxy(prs->peers_fe);
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0002-BUG-MINOR-lua-In-error-case-the-safe-mode-is-not-rem.patch b/net/haproxy/patches/0002-BUG-MINOR-lua-In-error-case-the-safe-mode-is-not-rem.patch
new file mode 100644
index 0000000..ea4651d
--- /dev/null
+++ b/net/haproxy/patches/0002-BUG-MINOR-lua-In-error-case-the-safe-mode-is-not-rem.patch
@@ -0,0 +1,36 @@
+From bcc483a9edfeb8ab69d1af83886d9e1323cffd06 Mon Sep 17 00:00:00 2001
+From: Thierry FOURNIER 
+Date: Wed, 12 Jul 2017 11:18:00 +0200
+Subject: [PATCH 02/18] BUG/MINOR: lua: In error case, the safe mode is not
+ removed
+
+Just forgot of reset the safe mode. This have not consequences
+the safe mode just set a pointer on fucntion which is called only
+and initialises a longjmp.
+
+Out of lua execution, this longjmp is never executed and the
+function is never called.
+
+This patch should be backported in 1.6 and 1.7
+(cherry picked from commit 0a97620c080232a21ad7fce2c859a2edc9d7147e)
+
+Signed-off-by: Willy Tarreau 
+---
+ src/hlua.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/hlua.c b/src/hlua.c
+index c862102d..4c1c2d21 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -854,6 +854,7 @@ int hlua_ctx_init(struct hlua *lua, struct task *task)
+ 	lua->T = lua_newthread(gL.T);
+ 	if (!lua->T) {
+ 		lua->Tref = LUA_REFNIL;
++		RESET_SAFE_LJMP(gL.T);
+ 		return 0;
+ 	}
+ 	hlua_sethlua(lua);
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0003-BUG-MINOR-lua-executes-the-function-destroying-the-L.patch b/net/haproxy/patches/0003-BUG-MINOR-lua-executes-the-function-destroying-the-L.patch
new file mode 100644
index 0000000..2b200ee
--- /dev/null
+++ b/net/haproxy/patches/0003-BUG-MINOR-lua-executes-the-function-destroying-the-L.patch
@@ -0,0 +1,59 @@
+From 49d319a677432b69c6a69ef5331ae2ed592075c9 Mon Sep 17 00:00:00 2001
+From: Thierry FOURNIER 
+Date: Wed, 12 Jul 2017 13:41:33 +0200
+Subject: [PATCH 03/18] BUG/MINOR: lua: executes the function destroying the
+ Lua session in safe mode
+
+When we destroy the Lua session, we manipulates Lua stack,
+so errors can raises. It will be better to catch these errors.
+
+This patch should be backported in 1.6 and 1.7
+(cherry picked from commit 75d0208009c3189b5d10793e08f27dd62a76c3ae)
+
+Signed-off-by: Willy Tarreau 
+---
+ src/hlua.c | 17 +++++++++++++++--
+ 1 file changed, 15 insertions(+), 2 deletions(-)
+
+diff --git a/src/hlua.c b/src/hlua.c
+index 4c1c2d21..2d312804 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -876,9 +876,15 @@ void hlua_ctx_destroy(struct hlua *lua)
+ 	/* Purge all the pending signals. */
+ 	hlua_com_purge(lua);
+ 
++	if (!SET_SAFE_LJMP(lua->T))
++		return;
+ 	luaL_unref(lua->T, LUA_REGISTRYINDEX, lua->Mref);
+-	luaL_unref(gL.T, LUA_REGISTRYINDEX, lua->Tref);
++	RESET_SAFE_LJMP(lua->T);
+ 
++	if (!SET_SAFE_LJMP(gL.T))
++		return;
++	luaL_unref(gL.T, LUA_REGISTRYINDEX, lua->Tref);
++	RESET_SAFE_LJMP(gL.T);
+ 	/* Forces a garbage collecting process. If the Lua program is finished
+ 	 * without error, we run the GC on the thread pointer. Its freed all
+ 	 * the unused memory.
+@@ -889,9 +895,16 @@ void hlua_ctx_destroy(struct hlua *lua)
+ 	 * the garbage collection.
+ 	 */
+ 	if (lua->flags & HLUA_MUST_GC) {
++		if (!SET_SAFE_LJMP(lua->T))
++			return;
+ 		lua_gc(lua->T, LUA_GCCOLLECT, 0);
+-		if (lua_status(lua->T) != LUA_OK)
++		RESET_SAFE_LJMP(lua->T);
++		if (lua_status(lua->T) != LUA_OK) {
++			if (!SET_SAFE_LJMP(gL.T))
++				return;
+ 			lua_gc(gL.T, LUA_GCCOLLECT, 0);
++			RESET_SAFE_LJMP(gL.T);
++		}
+ 	}
+ 
+ 	lua->T = NULL;
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0004-BUG-MAJOR-lua-socket-resources-not-detroyed-when-the.patch b/net/haproxy/patches/0004-BUG-MAJOR-lua-socket-resources-not-detroyed-when-the.patch
new file mode 100644
index 0000000..ced02f5
--- /dev/null
+++ b/net/haproxy/patches/0004-BUG-MAJOR-lua-socket-resources-not-detroyed-when-the.patch
@@ -0,0 +1,97 @@
+From 2823f54f706f56304970313cb14a98a4ce20d5ab Mon Sep 17 00:00:00 2001
+From: Thierry FOURNIER 
+Date: Sun, 16 Jul 2017 20:48:54 +0200
+Subject: [PATCH 04/18] BUG/MAJOR: lua/socket: resources not detroyed when the
+ socket is aborted
+
+In some cases, the socket is misused. The user can open socket and never
+close it, or open the socket and close it without sending data. This
+causes resources leak on all resources associated to the stream (buffer,
+spoe, ...)
+
+This is caused by the stream_shutdown function which is called outside
+of the stream execution process. Sometimes, the shtudown is required
+while the stream is not started, so the cleanup is ignored.
+
+This patch change the shutdown mode of the session. Now if the session is
+no longer used and the Lua want to destroy it, it just set a destroy flag
+and the session kill itself.
+
+This patch should be backported in 1.6 and 1.7
+
+(cherry picked from cmomit b13b20a19aacb039a33f886e38a181b00c9a6d41)
+
+Signed-off-by: Willy Tarreau 
+---
+ include/types/applet.h |  1 +
+ src/hlua.c             | 16 ++++++++++++++--
+ 2 files changed, 15 insertions(+), 2 deletions(-)
+
+diff --git a/include/types/applet.h b/include/types/applet.h
+index 46b2bc10..aee9167e 100644
+--- a/include/types/applet.h
++++ b/include/types/applet.h
+@@ -122,6 +122,7 @@ struct appctx {
+ 			struct hlua_socket *socket;
+ 			struct list wake_on_read;
+ 			struct list wake_on_write;
++			int die;
+ 		} hlua;
+ 		struct {
+ 			struct hlua hlua;
+diff --git a/src/hlua.c b/src/hlua.c
+index 2d312804..eb003558 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -1544,6 +1544,15 @@ static void hlua_socket_handler(struct appctx *appctx)
+ 	struct stream_interface *si = appctx->owner;
+ 	struct connection *c = objt_conn(si_opposite(si)->end);
+ 
++	if (appctx->ctx.hlua.die) {
++		si_shutw(si);
++		si_shutr(si);
++		si_ic(si)->flags |= CF_READ_NULL;
++		hlua_com_wake(&appctx->ctx.hlua.wake_on_read);
++		hlua_com_wake(&appctx->ctx.hlua.wake_on_write);
++		stream_shutdown(si_strm(si), SF_ERR_KILLED);
++	}
++
+ 	/* If the connection object is not avalaible, close all the
+ 	 * streams and wakeup everithing waiting for.
+ 	 */
+@@ -1619,9 +1628,10 @@ __LJMP static int hlua_socket_gc(lua_State *L)
+ 
+ 	/* Remove all reference between the Lua stack and the coroutine stream. */
+ 	appctx = objt_appctx(socket->s->si[0].end);
+-	stream_shutdown(socket->s, SF_ERR_KILLED);
+ 	socket->s = NULL;
+ 	appctx->ctx.hlua.socket = NULL;
++	appctx->ctx.hlua.die = 1;
++	appctx_wakeup(appctx);
+ 
+ 	return 0;
+ }
+@@ -1641,10 +1651,11 @@ __LJMP static int hlua_socket_close(lua_State *L)
+ 		return 0;
+ 
+ 	/* Close the stream and remove the associated stop task. */
+-	stream_shutdown(socket->s, SF_ERR_KILLED);
+ 	appctx = objt_appctx(socket->s->si[0].end);
+ 	appctx->ctx.hlua.socket = NULL;
+ 	socket->s = NULL;
++	appctx->ctx.hlua.die = 1;
++	appctx_wakeup(appctx);
+ 
+ 	return 0;
+ }
+@@ -2316,6 +2327,7 @@ __LJMP static int hlua_socket_new(lua_State *L)
+ 
+ 	appctx->ctx.hlua.socket = socket;
+ 	appctx->ctx.hlua.connected = 0;
++	appctx->ctx.hlua.die = 0;
+ 	LIST_INIT(&appctx->ctx.hlua.wake_on_write);
+ 	LIST_INIT(&appctx->ctx.hlua.wake_on_read);
+ 
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0005-BUG-MEDIUM-lua-bad-memory-access.patch b/net/haproxy/patches/0005-BUG-MEDIUM-lua-bad-memory-access.patch
new file mode 100644
index 0000000..97e4d9e
--- /dev/null
+++ b/net/haproxy/patches/0005-BUG-MEDIUM-lua-bad-memory-access.patch
@@ -0,0 +1,46 @@
+From ea3b479be6cacb399a6541a00b1bdce17b0179d0 Mon Sep 17 00:00:00 2001
+From: Thierry FOURNIER 
+Date: Mon, 17 Jul 2017 00:44:40 +0200
+Subject: [PATCH 05/18] BUG/MEDIUM: lua: bad memory access
+
+We cannot perform garbage collection on unreferenced thread.
+This memory is now free and another Lua process can use it for
+other things.
+
+HAProxy is monothread, so this bug doesn't cause crash.
+
+This patch must be backported in 1.6 and 1.7
+(cherry picked from commit 7bd10d58d3aecf7cf1e5ee7df01193e07128a52d)
+
+Signed-off-by: Willy Tarreau 
+---
+ src/hlua.c | 12 +++---------
+ 1 file changed, 3 insertions(+), 9 deletions(-)
+
+diff --git a/src/hlua.c b/src/hlua.c
+index eb003558..a998860e 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -895,16 +895,10 @@ void hlua_ctx_destroy(struct hlua *lua)
+ 	 * the garbage collection.
+ 	 */
+ 	if (lua->flags & HLUA_MUST_GC) {
+-		if (!SET_SAFE_LJMP(lua->T))
++		if (!SET_SAFE_LJMP(gL.T))
+ 			return;
+-		lua_gc(lua->T, LUA_GCCOLLECT, 0);
+-		RESET_SAFE_LJMP(lua->T);
+-		if (lua_status(lua->T) != LUA_OK) {
+-			if (!SET_SAFE_LJMP(gL.T))
+-				return;
+-			lua_gc(gL.T, LUA_GCCOLLECT, 0);
+-			RESET_SAFE_LJMP(gL.T);
+-		}
++		lua_gc(gL.T, LUA_GCCOLLECT, 0);
++		RESET_SAFE_LJMP(gL.T);
+ 	}
+ 
+ 	lua->T = NULL;
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0006-DOC-update-CONTRIBUTING-regarding-optional-parts-and.patch b/net/haproxy/patches/0006-DOC-update-CONTRIBUTING-regarding-optional-parts-and.patch
new file mode 100644
index 0000000..7fb83b1
--- /dev/null
+++ b/net/haproxy/patches/0006-DOC-update-CONTRIBUTING-regarding-optional-parts-and.patch
@@ -0,0 +1,64 @@
+From 20850d19250eb530cab889bb9059a630b3f805a3 Mon Sep 17 00:00:00 2001
+From: Willy Tarreau 
+Date: Tue, 18 Jul 2017 06:56:40 +0200
+Subject: [PATCH 06/18] DOC: update CONTRIBUTING regarding optional parts and
+ message format
+
+Make it clear that optional components must not break when disabled,
+that openssl is the only officially supported library and its support
+must not be broken, and that bug fixes must always be detailed.
+(cherry picked from commit 9d84cd602f4adb3954209eb14c94eea9254d1b5b)
+
+Signed-off-by: Willy Tarreau 
+---
+ CONTRIBUTING | 21 ++++++++++++++++++++-
+ 1 file changed, 20 insertions(+), 1 deletion(-)
+
+diff --git a/CONTRIBUTING b/CONTRIBUTING
+index 74a099bc..b2c2b493 100644
+--- a/CONTRIBUTING
++++ b/CONTRIBUTING
+@@ -69,6 +69,16 @@ code :
+ Since most of these restrictions are just a matter of coding style, it is
+ normally not a problem to comply.
+ 
++When modifying some optional subsystem (SSL, Lua, compression, device detection
++engines), please make sure the code continues to build (and to work) when these
++features are disabled. Similarly, when modifying the SSL stack, please always
++ensure that supported OpenSSL versions continue to build and to work, especially
++if you modify support for alternate libraries. Clean support for the legacy
++OpenSSL libraries is mandatory, support for its derivatives is a bonus and may
++occasionally break eventhough a great care is taken. In other words, if you
++provide a patch for OpenSSL you don't need to test its derivatives, but if you
++provide a patch for a derivative you also need to test with OpenSSL.
++
+ If your work is very confidential and you can't publicly discuss it, you can
+ also mail willy@haproxy.org directly about it, but your mail may be waiting
+ several days in the queue before you get a response, if you get a response at
+@@ -441,13 +451,22 @@ do not think about them anymore after a few patches.
+    way the subject is built. Please see the section below for more information
+    regarding this formatting.
+ 
+-   As a rule of thumb, your patch must never be made only of a subject line,
++   As a rule of thumb, your patch MUST NEVER be made only of a subject line,
+    it *must* contain a description. Even one or two lines, or indicating
+    whether a backport is desired or not. It turns out that single-line commits
+    are so rare in the Git world that they require special manual (hence
+    painful) handling when they are backported, and at least for this reason
+    it's important to keep this in mind.
+ 
++   Each patch fixing a bug MUST be tagged with "BUG", a severity level, an
++   indication of the affected subsystem and a brief description of the nature
++   of the issue in the subject line, and a detailed analysis in the message
++   body. The explanation of the user-visible impact and the need for
++   backporting to stable branches or not are MANDATORY. Bug fixes with no
++   indication will simply be rejected as they are very likely to cause more
++   harm when nobody is able to tell whether or not the patch needs to be
++   backported or can be reverted in case of regression.
++
+ 12) Discuss on the mailing list
+ 
+    When submitting changes, please always CC the mailing list address so that
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0007-DOC-update-the-list-of-OpenSSL-versions-in-the-READM.patch b/net/haproxy/patches/0007-DOC-update-the-list-of-OpenSSL-versions-in-the-READM.patch
new file mode 100644
index 0000000..7be8bc0
--- /dev/null
+++ b/net/haproxy/patches/0007-DOC-update-the-list-of-OpenSSL-versions-in-the-READM.patch
@@ -0,0 +1,36 @@
+From 8d99949c4c51d95c14fb2b09d18e1cff058f0c17 Mon Sep 17 00:00:00 2001
+From: Willy Tarreau 
+Date: Tue, 18 Jul 2017 06:58:16 +0200
+Subject: [PATCH 07/18] DOC: update the list of OpenSSL versions in the README
+
+1.1.0 is also supported nowadays. Also mention the best effort support
+for derivatives.
+(cherry picked from commit 7ab16868bc6e9d5ef879e1046effa035789835cc)
+
+Signed-off-by: Willy Tarreau 
+---
+ README | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/README b/README
+index 839d06ec..8ad70e66 100644
+--- a/README
++++ b/README
+@@ -113,8 +113,12 @@ build fails due to missing symbols such as deflateInit(), then try again with
+ Your are strongly encouraged to always use an up-to-date version of OpenSSL, as
+ found on https://www.openssl.org/ as vulnerabilities are occasionally found and
+ you don't want them on your systems. HAProxy is known to build correctly on all
+-currently supported branches (0.9.8, 1.0.0, 1.0.1 and 1.0.2 at the time of
+-writing). Branch 1.0.2 is recommended for the richest features.
++currently supported branches (0.9.8, 1.0.0, 1.0.1, 1.0.2 and 1.1.0 at the time
++of writing). Branch 1.0.2 is currently recommended for the best combination of
++features and stability. Asynchronous engines require OpenSSL 1.1.0 though. It's
++worth mentionning that some OpenSSL derivatives are also reported to work but
++may occasionally break. Patches to fix them are welcome but please read the
++CONTRIBUTING file first.
+ 
+ To link OpenSSL statically against haproxy, build OpenSSL with the no-shared
+ keyword and install it to a local directory, so your system is not affected :
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0008-MINOR-tools-add-a-portable-timegm-alternative.patch b/net/haproxy/patches/0008-MINOR-tools-add-a-portable-timegm-alternative.patch
new file mode 100644
index 0000000..4546258
--- /dev/null
+++ b/net/haproxy/patches/0008-MINOR-tools-add-a-portable-timegm-alternative.patch
@@ -0,0 +1,129 @@
+From 3e21b8d25ad148ef4e6544f28a8b2305f9484a7b Mon Sep 17 00:00:00 2001
+From: Willy Tarreau 
+Date: Wed, 19 Jul 2017 19:05:29 +0200
+Subject: [PATCH 08/18] MINOR: tools: add a portable timegm() alternative
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+timegm() is not provided everywhere and the documentation on how to
+replace it is bogus as it proposes an inefficient and non-thread safe
+alternative.
+
+Here we reimplement everything needed to compute the number of seconds
+since Epoch based on the broken down fields in struct tm. It is only
+guaranteed to return correct values for correct inputs. It was successfully
+tested with all possible 32-bit values of time_t converted to struct tm
+using gmtime() and back to time_t using the legacy timegm() and this
+function, and both functions always produced the same result.
+
+Thanks to Benoît Garnier for an instructive discussion and detailed
+explanations of the various time functions, leading to this solution.
+(cherry picked from commit cb1949b8b30b8db7e05546da2939eff2b5973321)
+
+Signed-off-by: Willy Tarreau 
+---
+ include/common/standard.h | 21 ++++++++++++++++++
+ src/standard.c            | 54 +++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 75 insertions(+)
+
+diff --git a/include/common/standard.h b/include/common/standard.h
+index 87f90a65..c19c368b 100644
+--- a/include/common/standard.h
++++ b/include/common/standard.h
+@@ -624,6 +624,27 @@ static inline void get_gmtime(const time_t now, struct tm *tm)
+ 	gmtime_r(&now, tm);
+ }
+ 
++/* Counts a number of elapsed days since 01/01/0000 based solely on elapsed
++ * years and assuming the regular rule for leap years applies. It's fake but
++ * serves as a temporary origin. It's worth remembering that it's the first
++ * year of each period that is leap and not the last one, so for instance year
++ * 1 sees 366 days since year 0 was leap. For this reason we have to apply
++ * modular arithmetics which is why we offset the year by 399 before
++ * subtracting the excess at the end. No overflow here before ~11.7 million
++ * years.
++ */
++static inline unsigned int days_since_zero(unsigned int y)
++{
++	return y * 365 + (y + 399) / 4 - (y + 399) / 100 + (y + 399) / 400
++	       - 399 / 4 + 399 / 100;
++}
++
++/* Returns the number of seconds since 01/01/1970 0:0:0 GMT for GMT date .
++ * It is meant as a portable replacement for timegm() for use with valid inputs.
++ * Returns undefined results for invalid dates (eg: months out of range 0..11).
++ */
++extern time_t my_timegm(const struct tm *tm);
++
+ /* This function parses a time value optionally followed by a unit suffix among
+  * "d", "h", "m", "s", "ms" or "us". It converts the value into the unit
+  * expected by the caller. The computation does its best to avoid overflows.
+diff --git a/src/standard.c b/src/standard.c
+index 8df1da6c..e1d414f3 100644
+--- a/src/standard.c
++++ b/src/standard.c
+@@ -2841,6 +2841,60 @@ char *localdate2str_log(char *dst, time_t t, struct tm *tm, size_t size)
+ 	return dst;
+ }
+ 
++/* Returns the number of seconds since 01/01/1970 0:0:0 GMT for GMT date .
++ * It is meant as a portable replacement for timegm() for use with valid inputs.
++ * Returns undefined results for invalid dates (eg: months out of range 0..11).
++ */
++time_t my_timegm(const struct tm *tm)
++{
++	/* Each month has 28, 29, 30 or 31 days, or 28+N. The date in the year
++	 * is thus (current month - 1)*28 + cumulated_N[month] to count the
++	 * sum of the extra N days for elapsed months. The sum of all these N
++	 * days doesn't exceed 30 for a complete year (366-12*28) so it fits
++	 * in a 5-bit word. This means that with 60 bits we can represent a
++	 * matrix of all these values at once, which is fast and efficient to
++	 * access. The extra February day for leap years is not counted here.
++	 *
++	 * Jan : none      =  0 (0)
++	 * Feb : Jan       =  3 (3)
++	 * Mar : Jan..Feb  =  3 (3 + 0)
++	 * Apr : Jan..Mar  =  6 (3 + 0 + 3)
++	 * May : Jan..Apr  =  8 (3 + 0 + 3 + 2)
++	 * Jun : Jan..May  = 11 (3 + 0 + 3 + 2 + 3)
++	 * Jul : Jan..Jun  = 13 (3 + 0 + 3 + 2 + 3 + 2)
++	 * Aug : Jan..Jul  = 16 (3 + 0 + 3 + 2 + 3 + 2 + 3)
++	 * Sep : Jan..Aug  = 19 (3 + 0 + 3 + 2 + 3 + 2 + 3 + 3)
++	 * Oct : Jan..Sep  = 21 (3 + 0 + 3 + 2 + 3 + 2 + 3 + 3 + 2)
++	 * Nov : Jan..Oct  = 24 (3 + 0 + 3 + 2 + 3 + 2 + 3 + 3 + 2 + 3)
++	 * Dec : Jan..Nov  = 26 (3 + 0 + 3 + 2 + 3 + 2 + 3 + 3 + 2 + 3 + 2)
++	 */
++	uint64_t extra =
++		( 0ULL <<  0*5) + ( 3ULL <<  1*5) + ( 3ULL <<  2*5) + /* Jan, Feb, Mar, */
++		( 6ULL <<  3*5) + ( 8ULL <<  4*5) + (11ULL <<  5*5) + /* Apr, May, Jun, */
++		(13ULL <<  6*5) + (16ULL <<  7*5) + (19ULL <<  8*5) + /* Jul, Aug, Sep, */
++		(21ULL <<  9*5) + (24ULL << 10*5) + (26ULL << 11*5);  /* Oct, Nov, Dec, */
++
++	unsigned int y = tm->tm_year + 1900;
++	unsigned int m = tm->tm_mon;
++	unsigned long days = 0;
++
++	/* days since 1/1/1970 for full years */
++	days += days_since_zero(y) - days_since_zero(1970);
++
++	/* days for full months in the current year */
++	days += 28 * m + ((extra >> (m * 5)) & 0x1f);
++
++	/* count + 1 after March for leap years. A leap year is a year multiple
++	 * of 4, unless it's multiple of 100 without being multiple of 400. 2000
++	 * is leap, 1900 isn't, 1904 is.
++	 */
++	if ((m > 1) && !(y & 3) && ((y % 100) || !(y % 400)))
++		days++;
++
++	days += tm->tm_mday - 1;
++	return days * 86400ULL + tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec;
++}
++
+ /* This function check a char. It returns true and updates
+  *  and  pointer to the new position if the
+  * character is found.
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0009-BUILD-lua-replace-timegm-with-my_timegm-to-fix-build.patch b/net/haproxy/patches/0009-BUILD-lua-replace-timegm-with-my_timegm-to-fix-build.patch
new file mode 100644
index 0000000..623ce95
--- /dev/null
+++ b/net/haproxy/patches/0009-BUILD-lua-replace-timegm-with-my_timegm-to-fix-build.patch
@@ -0,0 +1,38 @@
+From df1655a6c0e4431317cc66c67693281092a952b0 Mon Sep 17 00:00:00 2001
+From: Willy Tarreau 
+Date: Wed, 19 Jul 2017 19:08:48 +0200
+Subject: [PATCH 09/18] BUILD: lua: replace timegm() with my_timegm() to fix
+ build on Solaris 10
+
+Akhnin Nikita reported that Lua doesn't build on Solaris 10 because
+the code uses timegm() to parse a date, which is not provided there.
+The recommended way to implement timegm() is broken in the man page,
+as it is based on a change of the TZ environment variable at run time
+before calling the function (which is obviously not thread safe, and
+terribly inefficient).
+
+Here instead we rely on the new my_timegm() function, it should be
+sufficient for all known use cases.
+(cherry picked from commit abd9bb20b76818c9f461a82b72b10818736ff8b3)
+
+Signed-off-by: Willy Tarreau 
+---
+ src/hlua_fcn.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/hlua_fcn.c b/src/hlua_fcn.c
+index 58905d7d..fe899a4a 100644
+--- a/src/hlua_fcn.c
++++ b/src/hlua_fcn.c
+@@ -287,7 +287,7 @@ static int hlua_parse_date(lua_State *L, int (*fcn)(const char *, int, struct tm
+ 	 * the timezone from the broken-down time, it must be fixed
+ 	 * after the conversion.
+ 	 */
+-	time = timegm(&tm);
++	time = my_timegm(&tm);
+ 	if (time == -1) {
+ 		lua_pushnil(L);
+ 		return 1;
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0010-DOC-Updated-51Degrees-git-URL-to-point-to-a-stable-v.patch b/net/haproxy/patches/0010-DOC-Updated-51Degrees-git-URL-to-point-to-a-stable-v.patch
new file mode 100644
index 0000000..2deb9a3
--- /dev/null
+++ b/net/haproxy/patches/0010-DOC-Updated-51Degrees-git-URL-to-point-to-a-stable-v.patch
@@ -0,0 +1,32 @@
+From e14ec1d816de60b648dd7cb6c55b665f5163156b Mon Sep 17 00:00:00 2001
+From: ben51degrees 
+Date: Wed, 19 Jul 2017 16:22:04 +0100
+Subject: [PATCH 10/18] DOC: Updated 51Degrees git URL to point to a stable
+ version.
+
+The previously documented location doesn't work anymore and must not be
+used. Warning for backports, different branches are in use depending on
+the version (v3.2.10 for 1.7, v3.2.5 for 1.6).
+(cherry picked from commit ac752ff68cd3ac88a7a27ce17daa5c3f0c839694)
+
+Signed-off-by: Willy Tarreau 
+---
+ doc/51Degrees-device-detection.txt | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/doc/51Degrees-device-detection.txt b/doc/51Degrees-device-detection.txt
+index 1ee912d9..71b2eb76 100644
+--- a/doc/51Degrees-device-detection.txt
++++ b/doc/51Degrees-device-detection.txt
+@@ -14,7 +14,7 @@ headers as configurable parameters.
+ In order to enable 51Degrees download the 51Degrees source code from the
+ official github repository :
+ 
+-    git clone https://github.com/51Degrees/Device-Detection
++    git clone https://git.51Degrees.com/Device-Detection.git -b v3.2.10
+ 
+ then run 'make' with USE_51DEGREES and 51DEGREES_SRC set. Both 51DEGREES_INC
+ and 51DEGREES_LIB may additionally be used to force specific different paths
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0011-BUG-MINOR-http-Set-the-response-error-state-in-http_.patch b/net/haproxy/patches/0011-BUG-MINOR-http-Set-the-response-error-state-in-http_.patch
new file mode 100644
index 0000000..435a457
--- /dev/null
+++ b/net/haproxy/patches/0011-BUG-MINOR-http-Set-the-response-error-state-in-http_.patch
@@ -0,0 +1,33 @@
+From 9304b76fb37a36f6249ec963093d74210bd237f6 Mon Sep 17 00:00:00 2001
+From: Christopher Faulet 
+Date: Tue, 18 Jul 2017 10:35:55 +0200
+Subject: [PATCH 11/18] BUG/MINOR: http: Set the response error state in
+ http_sync_res_state
+
+This is just typo. It may only report a wrong response message state in
+"show errors" on the CLI.
+
+This patch must be backported in 1.7.
+
+(cherry picked from commit a3992e06a6e74142d9784d18d8cb3527fadb64d6)
+Signed-off-by: William Lallemand 
+---
+ src/proto_http.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index 94c8d639..796955f5 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -5530,7 +5530,7 @@ int http_sync_res_state(struct stream *s)
+ 			goto http_msg_closed;
+ 		}
+ 		else if (chn->flags & CF_SHUTW) {
+-			txn->req.err_state = txn->req.msg_state;
++			txn->rsp.err_state = txn->rsp.msg_state;
+ 			txn->rsp.msg_state = HTTP_MSG_ERROR;
+ 			s->be->be_counters.cli_aborts++;
+ 			if (objt_server(s->target))
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0012-MINOR-http-Reorder-rewrite-checks-in-http_resync_sta.patch b/net/haproxy/patches/0012-MINOR-http-Reorder-rewrite-checks-in-http_resync_sta.patch
new file mode 100644
index 0000000..c26e080
--- /dev/null
+++ b/net/haproxy/patches/0012-MINOR-http-Reorder-rewrite-checks-in-http_resync_sta.patch
@@ -0,0 +1,100 @@
+From a49007a187ab7fddfcec58e1d9fc8a707e4531c9 Mon Sep 17 00:00:00 2001
+From: Christopher Faulet 
+Date: Tue, 18 Jul 2017 11:18:46 +0200
+Subject: [PATCH 12/18] MINOR: http: Reorder/rewrite checks in
+ http_resync_states
+
+The previous patch removed the forced symmetry of the TUNNEL mode during the
+state synchronization. Here, we take care to remove body analyzer only on the
+channel in TUNNEL mode. In fact, today, this change has no effect because both
+sides are switched in same time. But this way, with some changes, it will be
+possible to keep body analyzer on a side (to finish the states synchronization)
+with the other one in TUNNEL mode.
+
+WARNING: This patch will be used to fix a bug. The fix will be commited in a
+very next commit. So if the fix is backported, this one must be backported too.
+
+(cherry picked from commit f77bb539d4846ab278269b99a3165a5608ca0cf4)
+Signed-off-by: William Lallemand 
+---
+ src/proto_http.c | 48 +++++++++++++++++++++++++++++-------------------
+ 1 file changed, 29 insertions(+), 19 deletions(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index 796955f5..aaf9f648 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -5577,34 +5577,27 @@ int http_resync_states(struct stream *s)
+ 
+ 	/* OK, both state machines agree on a compatible state.
+ 	 * There are a few cases we're interested in :
+-	 *  - HTTP_MSG_TUNNEL on either means we have to disable both analysers
+ 	 *  - HTTP_MSG_CLOSED on both sides means we've reached the end in both
+ 	 *    directions, so let's simply disable both analysers.
+-	 *  - HTTP_MSG_CLOSED on the response only means we must abort the
+-	 *    request.
+-	 *  - HTTP_MSG_CLOSED on the request and HTTP_MSG_DONE on the response
+-	 *    with server-close mode means we've completed one request and we
+-	 *    must re-initialize the server connection.
++	 *  - HTTP_MSG_CLOSED on the response only or HTTP_MSG_ERROR on either
++	 *    means we must abort the request.
++	 *  - HTTP_MSG_TUNNEL on either means we have to disable analyser on
++	 *    corresponding channel.
++	 *  - HTTP_MSG_DONE or HTTP_MSG_CLOSED on the request and HTTP_MSG_DONE
++	 *    on the response with server-close mode means we've completed one
++	 *    request and we must re-initialize the server connection.
+ 	 */
+-
+-	if (txn->req.msg_state == HTTP_MSG_TUNNEL ||
+-	    txn->rsp.msg_state == HTTP_MSG_TUNNEL ||
+-	    (txn->req.msg_state == HTTP_MSG_CLOSED &&
+-	     txn->rsp.msg_state == HTTP_MSG_CLOSED)) {
++	if (txn->req.msg_state == HTTP_MSG_CLOSED &&
++	    txn->rsp.msg_state == HTTP_MSG_CLOSED) {
+ 		s->req.analysers &= AN_REQ_FLT_END;
+ 		channel_auto_close(&s->req);
+ 		channel_auto_read(&s->req);
+ 		s->res.analysers &= AN_RES_FLT_END;
+ 		channel_auto_close(&s->res);
+ 		channel_auto_read(&s->res);
+-		if (txn->req.msg_state == HTTP_MSG_TUNNEL && HAS_REQ_DATA_FILTERS(s))
+-			s->req.analysers |= AN_REQ_FLT_XFER_DATA;
+-		if (txn->rsp.msg_state == HTTP_MSG_TUNNEL && HAS_RSP_DATA_FILTERS(s))
+-			s->res.analysers |= AN_RES_FLT_XFER_DATA;
+-	}
+-	else if ((txn->req.msg_state >= HTTP_MSG_DONE &&
+-		  (txn->rsp.msg_state == HTTP_MSG_CLOSED || (s->res.flags & CF_SHUTW))) ||
+-		 txn->rsp.msg_state == HTTP_MSG_ERROR ||
++	}
++	else if (txn->rsp.msg_state == HTTP_MSG_CLOSED ||
++		 txn->rsp.msg_state == HTTP_MSG_ERROR  ||
+ 		 txn->req.msg_state == HTTP_MSG_ERROR) {
+ 		s->res.analysers &= AN_RES_FLT_END;
+ 		channel_auto_close(&s->res);
+@@ -5615,6 +5608,23 @@ int http_resync_states(struct stream *s)
+ 		channel_auto_read(&s->req);
+ 		channel_truncate(&s->req);
+ 	}
++	else if (txn->req.msg_state == HTTP_MSG_TUNNEL ||
++		 txn->rsp.msg_state == HTTP_MSG_TUNNEL) {
++		if (txn->req.msg_state == HTTP_MSG_TUNNEL) {
++			s->req.analysers &= AN_REQ_FLT_END;
++			if (HAS_REQ_DATA_FILTERS(s))
++				s->req.analysers |= AN_REQ_FLT_XFER_DATA;
++		}
++		if (txn->rsp.msg_state == HTTP_MSG_TUNNEL) {
++			s->res.analysers &= AN_RES_FLT_END;
++			if (HAS_RSP_DATA_FILTERS(s))
++				s->res.analysers |= AN_RES_FLT_XFER_DATA;
++		}
++		channel_auto_close(&s->req);
++		channel_auto_read(&s->req);
++		channel_auto_close(&s->res);
++		channel_auto_read(&s->res);
++	}
+ 	else if ((txn->req.msg_state == HTTP_MSG_DONE ||
+ 		  txn->req.msg_state == HTTP_MSG_CLOSED) &&
+ 		 txn->rsp.msg_state == HTTP_MSG_DONE &&
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0013-MINOR-http-Switch-requests-responses-in-TUNNEL-mode-.patch b/net/haproxy/patches/0013-MINOR-http-Switch-requests-responses-in-TUNNEL-mode-.patch
new file mode 100644
index 0000000..ea2923d
--- /dev/null
+++ b/net/haproxy/patches/0013-MINOR-http-Switch-requests-responses-in-TUNNEL-mode-.patch
@@ -0,0 +1,153 @@
+From 1430a0c0f62fcff4303706f5baf2b544e00fcda3 Mon Sep 17 00:00:00 2001
+From: Christopher Faulet 
+Date: Tue, 18 Jul 2017 10:48:24 +0200
+Subject: [PATCH 13/18] MINOR: http: Switch requests/responses in TUNNEL mode
+ only by checking txn flags
+
+Today, the only way to have a request or a response in HTTP_MSG_TUNNEL state is
+to have the flag TX_CON_WANT_TUN set on the transaction. So this is a symmetric
+state. Both the request and the response are switch in same time in this
+state. This can be done only by checking transaction flags instead of relying on
+the other side state. This is the purpose of this patch.
+
+This way, if for any reason we need to switch only one side in TUNNEL mode, it
+will be possible. And to prepare asymmetric cases, we check channel flags in
+DONE _AND_ TUNNEL states.
+
+WARNING: This patch will be used to fix a bug. The fix will be commited in a
+very next commit. So if the fix is backported, this one must be backported too.
+
+(cherry picked from commit 4be9803914ae7156109c915659aad216e4a3c6c1)
+Signed-off-by: William Lallemand 
+---
+ src/proto_http.c | 65 +++++++++++++++++++-------------------------------------
+ 1 file changed, 22 insertions(+), 43 deletions(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index aaf9f648..00a92cdb 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -5294,7 +5294,7 @@ int http_sync_req_state(struct stream *s)
+ 	unsigned int old_flags = chn->flags;
+ 	unsigned int old_state = txn->req.msg_state;
+ 
+-	if (unlikely(txn->req.msg_state < HTTP_MSG_BODY))
++	if (unlikely(txn->req.msg_state < HTTP_MSG_DONE))
+ 		return 0;
+ 
+ 	if (txn->req.msg_state == HTTP_MSG_DONE) {
+@@ -5338,13 +5338,6 @@ int http_sync_req_state(struct stream *s)
+ 			goto wait_other_side;
+ 		}
+ 
+-		if (txn->rsp.msg_state == HTTP_MSG_TUNNEL) {
+-			/* if any side switches to tunnel mode, the other one does too */
+-			channel_auto_read(chn);
+-			txn->req.msg_state = HTTP_MSG_TUNNEL;
+-			goto wait_other_side;
+-		}
+-
+ 		/* When we get here, it means that both the request and the
+ 		 * response have finished receiving. Depending on the connection
+ 		 * mode, we'll have to wait for the last bytes to leave in either
+@@ -5377,20 +5370,7 @@ int http_sync_req_state(struct stream *s)
+ 			}
+ 		}
+ 
+-		if (chn->flags & (CF_SHUTW|CF_SHUTW_NOW)) {
+-			/* if we've just closed an output, let's switch */
+-			s->si[1].flags |= SI_FL_NOLINGER;  /* we want to close ASAP */
+-
+-			if (!channel_is_empty(chn)) {
+-				txn->req.msg_state = HTTP_MSG_CLOSING;
+-				goto http_msg_closing;
+-			}
+-			else {
+-				txn->req.msg_state = HTTP_MSG_CLOSED;
+-				goto http_msg_closed;
+-			}
+-		}
+-		goto wait_other_side;
++		goto check_channel_flags;
+ 	}
+ 
+ 	if (txn->req.msg_state == HTTP_MSG_CLOSING) {
+@@ -5419,6 +5399,16 @@ int http_sync_req_state(struct stream *s)
+ 		goto wait_other_side;
+ 	}
+ 
++ check_channel_flags:
++	/* Here, we are in HTTP_MSG_DONE or HTTP_MSG_TUNNEL */
++	if (chn->flags & (CF_SHUTW|CF_SHUTW_NOW)) {
++		/* if we've just closed an output, let's switch */
++		s->si[1].flags |= SI_FL_NOLINGER;  /* we want to close ASAP */
++		txn->req.msg_state = HTTP_MSG_CLOSING;
++		goto http_msg_closing;
++	}
++
++
+  wait_other_side:
+ 	return txn->req.msg_state != old_state || chn->flags != old_flags;
+ }
+@@ -5438,7 +5428,7 @@ int http_sync_res_state(struct stream *s)
+ 	unsigned int old_flags = chn->flags;
+ 	unsigned int old_state = txn->rsp.msg_state;
+ 
+-	if (unlikely(txn->rsp.msg_state < HTTP_MSG_BODY))
++	if (unlikely(txn->rsp.msg_state < HTTP_MSG_DONE))
+ 		return 0;
+ 
+ 	if (txn->rsp.msg_state == HTTP_MSG_DONE) {
+@@ -5461,14 +5451,6 @@ int http_sync_res_state(struct stream *s)
+ 			goto wait_other_side;
+ 		}
+ 
+-		if (txn->req.msg_state == HTTP_MSG_TUNNEL) {
+-			/* if any side switches to tunnel mode, the other one does too */
+-			channel_auto_read(chn);
+-			txn->rsp.msg_state = HTTP_MSG_TUNNEL;
+-			chn->flags |= CF_NEVER_WAIT;
+-			goto wait_other_side;
+-		}
+-
+ 		/* When we get here, it means that both the request and the
+ 		 * response have finished receiving. Depending on the connection
+ 		 * mode, we'll have to wait for the last bytes to leave in either
+@@ -5506,18 +5488,7 @@ int http_sync_res_state(struct stream *s)
+ 				txn->rsp.msg_state = HTTP_MSG_TUNNEL;
+ 		}
+ 
+-		if (chn->flags & (CF_SHUTW|CF_SHUTW_NOW)) {
+-			/* if we've just closed an output, let's switch */
+-			if (!channel_is_empty(chn)) {
+-				txn->rsp.msg_state = HTTP_MSG_CLOSING;
+-				goto http_msg_closing;
+-			}
+-			else {
+-				txn->rsp.msg_state = HTTP_MSG_CLOSED;
+-				goto http_msg_closed;
+-			}
+-		}
+-		goto wait_other_side;
++		goto check_channel_flags;
+ 	}
+ 
+ 	if (txn->rsp.msg_state == HTTP_MSG_CLOSING) {
+@@ -5548,6 +5519,14 @@ int http_sync_res_state(struct stream *s)
+ 		goto wait_other_side;
+ 	}
+ 
++ check_channel_flags:
++	/* Here, we are in HTTP_MSG_DONE or HTTP_MSG_TUNNEL */
++	if (chn->flags & (CF_SHUTW|CF_SHUTW_NOW)) {
++		/* if we've just closed an output, let's switch */
++		txn->rsp.msg_state = HTTP_MSG_CLOSING;
++		goto http_msg_closing;
++	}
++
+  wait_other_side:
+ 	/* We force the response to leave immediately if we're waiting for the
+ 	 * other side, since there is no pending shutdown to push it out.
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0014-BUG-MEDIUM-http-Switch-HTTP-responses-in-TUNNEL-mode.patch b/net/haproxy/patches/0014-BUG-MEDIUM-http-Switch-HTTP-responses-in-TUNNEL-mode.patch
new file mode 100644
index 0000000..aca24c1
--- /dev/null
+++ b/net/haproxy/patches/0014-BUG-MEDIUM-http-Switch-HTTP-responses-in-TUNNEL-mode.patch
@@ -0,0 +1,118 @@
+From f82344c1cf20afcf77e8c3df8f9d341d659da93b Mon Sep 17 00:00:00 2001
+From: Christopher Faulet 
+Date: Tue, 18 Jul 2017 11:42:08 +0200
+Subject: [PATCH 14/18] BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode
+ when body length is undefined
+
+When the body length of a HTTP response is undefined, the HTTP parser is blocked
+in the body parsing. Before HAProxy 1.7, in this case, because
+AN_RES_HTTP_XFER_BODY is never set, there is no visible effect. When the server
+closes its connection to terminate the response, HAProxy catches it as a normal
+closure. Since 1.7, we always set this analyzer to enter at least once in
+http_response_forward_body. But, in the present case, when the server connection
+is closed, http_response_forward_body is called one time too many. The response
+is correctly sent to the client, but an error is catched and logged with "SD--"
+flags.
+
+To reproduce the bug, you can use the configuration "tests/test-fsm.cfg". The
+tests 3 and 21 hit the bug.
+
+Idea to fix the bug is to switch the response in TUNNEL mode without switching
+the request. This is possible because of previous patches.
+
+First, we need to detect responses with undefined body length during states
+synchronization. Excluding tunnelled transactions, when the response length is
+undefined, TX_CON_WANT_CLO is always set on the transaction. So, when states are
+synchronized, if TX_CON_WANT_CLO is set, the response is switched in TUNNEL mode
+and the request remains unchanged.
+
+Then, in http_msg_forward_body, we add a specific check to switch the response
+in DONE mode if the body length is undefined and if there is no data filter.
+
+This patch depends on following previous commits:
+
+  * MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags
+  * MINOR: http: Reorder/rewrite checks in http_resync_states
+
+This patch must be backported in 1.7 with 2 previous ones.
+
+(cherry picked from commit 1486b0ab6de744e14ae684af105951345534f9ec)
+Signed-off-by: William Lallemand 
+---
+ src/proto_http.c | 37 +++++++++++++++++++++++++------------
+ 1 file changed, 25 insertions(+), 12 deletions(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index 00a92cdb..e776e4d5 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -5354,7 +5354,16 @@ int http_sync_req_state(struct stream *s)
+ 			 * let's enforce it now that we're not expecting any new
+ 			 * data to come. The caller knows the stream is complete
+ 			 * once both states are CLOSED.
++			 *
++			 *  However, there is an exception if the response
++			 *  length is undefined. In this case, we need to wait
++			 *  the close from the server. The response will be
++			 *  switched in TUNNEL mode until the end.
+ 			 */
++			if (!(txn->rsp.flags & HTTP_MSGF_XFER_LEN) &&
++			    txn->rsp.msg_state != HTTP_MSG_CLOSED)
++				goto check_channel_flags;
++
+ 			if (!(chn->flags & (CF_SHUTW|CF_SHUTW_NOW))) {
+ 				channel_shutr_now(chn);
+ 				channel_shutw_now(chn);
+@@ -5471,8 +5480,16 @@ int http_sync_res_state(struct stream *s)
+ 			 * let's enforce it now that we're not expecting any new
+ 			 * data to come. The caller knows the stream is complete
+ 			 * once both states are CLOSED.
++			 *
++			 * However, there is an exception if the response length
++			 * is undefined. In this case, we switch in TUNNEL mode.
+ 			 */
+-			if (!(chn->flags & (CF_SHUTW|CF_SHUTW_NOW))) {
++			if (!(txn->rsp.flags & HTTP_MSGF_XFER_LEN)) {
++				channel_auto_read(chn);
++				txn->rsp.msg_state = HTTP_MSG_TUNNEL;
++				chn->flags |= CF_NEVER_WAIT;
++			}
++			else if (!(chn->flags & (CF_SHUTW|CF_SHUTW_NOW))) {
+ 				channel_shutr_now(chn);
+ 				channel_shutw_now(chn);
+ 			}
+@@ -6952,14 +6969,6 @@ int http_response_forward_body(struct stream *s, struct channel *res, int an_bit
+ 	if ((msg->flags & HTTP_MSGF_TE_CHNK) || (msg->flags & HTTP_MSGF_COMPRESSING))
+ 		res->flags |= CF_EXPECT_MORE;
+ 
+-	/* If there is neither content-length, nor transfer-encoding header
+-	 * _AND_ there is no data filtering, we can safely forward all data
+-	 * indefinitely. */
+-	if (!(msg->flags & HTTP_MSGF_XFER_LEN) && !HAS_DATA_FILTERS(s, res)) {
+-		buffer_flush(res->buf);
+-		channel_forward_forever(res);
+-	}
+-
+ 	/* the stream handler will take care of timeouts and errors */
+ 	return 0;
+ 
+@@ -7036,9 +7045,13 @@ http_msg_forward_body(struct stream *s, struct http_msg *msg)
+ 		goto missing_data_or_waiting;
+ 	}
+ 
+-	/* The server still sending data that should be filtered */
+-	if (!(msg->flags & HTTP_MSGF_XFER_LEN) && !(chn->flags & CF_SHUTR))
+-		goto missing_data_or_waiting;
++	/* This check can only be true for a response. HTTP_MSGF_XFER_LEN is
++	 * always set for a request. */
++	if (!(msg->flags & HTTP_MSGF_XFER_LEN)) {
++		/* The server still sending data that should be filtered */
++		if (!(chn->flags & CF_SHUTR) && HAS_DATA_FILTERS(s, chn))
++			goto missing_data_or_waiting;
++	}
+ 
+ 	msg->msg_state = HTTP_MSG_ENDING;
+ 
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0015-BUG-MAJOR-http-Fix-possible-infinity-loop-in-http_sy.patch b/net/haproxy/patches/0015-BUG-MAJOR-http-Fix-possible-infinity-loop-in-http_sy.patch
new file mode 100644
index 0000000..1552dfc
--- /dev/null
+++ b/net/haproxy/patches/0015-BUG-MAJOR-http-Fix-possible-infinity-loop-in-http_sy.patch
@@ -0,0 +1,43 @@
+From af9b52e92be8ca6a07f9156dcb0b08dd2ad8db75 Mon Sep 17 00:00:00 2001
+From: Christopher Faulet 
+Date: Thu, 20 Jul 2017 11:05:10 +0200
+Subject: [PATCH 15/18] BUG/MAJOR: http: Fix possible infinity loop in
+ http_sync_(req|res)_state
+
+In commit "MINOR: http: Switch requests/responses in TUNNEL mode only by
+checking txn flags", it is possible to have an infinite loop on HTTP_MSG_CLOSING
+state.
+
+(cherry picked from commit 56d260916f61e48c8b2f1fd2f9431afac776d160)
+Signed-off-by: William Lallemand 
+---
+ src/proto_http.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/proto_http.c b/src/proto_http.c
+index e776e4d5..4a030013 100644
+--- a/src/proto_http.c
++++ b/src/proto_http.c
+@@ -5394,8 +5394,8 @@ int http_sync_req_state(struct stream *s)
+ 		else if (chn->flags & CF_SHUTW) {
+ 			txn->req.err_state = txn->req.msg_state;
+ 			txn->req.msg_state = HTTP_MSG_ERROR;
+-			goto wait_other_side;
+ 		}
++		goto wait_other_side;
+ 	}
+ 
+ 	if (txn->req.msg_state == HTTP_MSG_CLOSED) {
+@@ -5523,8 +5523,8 @@ int http_sync_res_state(struct stream *s)
+ 			s->be->be_counters.cli_aborts++;
+ 			if (objt_server(s->target))
+ 				objt_server(s->target)->counters.cli_aborts++;
+-			goto wait_other_side;
+ 		}
++		goto wait_other_side;
+ 	}
+ 
+ 	if (txn->rsp.msg_state == HTTP_MSG_CLOSED) {
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0016-BUG-MINOR-lua-Fix-Server.get_addr-port-values.patch b/net/haproxy/patches/0016-BUG-MINOR-lua-Fix-Server.get_addr-port-values.patch
new file mode 100644
index 0000000..0e1d9ab
--- /dev/null
+++ b/net/haproxy/patches/0016-BUG-MINOR-lua-Fix-Server.get_addr-port-values.patch
@@ -0,0 +1,45 @@
+From c00347899e9f0c3420f98c53eab1469644e28e06 Mon Sep 17 00:00:00 2001
+From: Nenad Merdanovic 
+Date: Sun, 23 Jul 2017 22:04:58 -0400
+Subject: [PATCH 16/18] BUG/MINOR: lua: Fix Server.get_addr() port values
+
+The get_addr() method of the Lua Server class was using the
+'sockaddr_storage addr' member to get the port value. HAProxy does not
+store ports in this member as it uses a separate member, called
+'svc_port'.
+
+This fix should be backported to 1.7.
+
+(cherry picked from commit 3849473828f319829aff422d2fbbce0823e65d64)
+Signed-off-by: William Lallemand 
+---
+ src/hlua_fcn.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/src/hlua_fcn.c b/src/hlua_fcn.c
+index fe899a4a..0752220e 100644
+--- a/src/hlua_fcn.c
++++ b/src/hlua_fcn.c
+@@ -545,8 +545,7 @@ int hlua_server_get_addr(lua_State *L)
+ 		          addr, INET_ADDRSTRLEN);
+ 		luaL_addstring(&b, addr);
+ 		luaL_addstring(&b, ":");
+-		snprintf(addr, INET_ADDRSTRLEN, "%d",
+-		         ntohs(((struct sockaddr_in *)&srv->addr)->sin_port));
++		snprintf(addr, INET_ADDRSTRLEN, "%d", srv->svc_port);
+ 		luaL_addstring(&b, addr);
+ 		break;
+ 	case AF_INET6:
+@@ -554,8 +553,7 @@ int hlua_server_get_addr(lua_State *L)
+ 		          addr, INET_ADDRSTRLEN);
+ 		luaL_addstring(&b, addr);
+ 		luaL_addstring(&b, ":");
+-		snprintf(addr, INET_ADDRSTRLEN, "%d",
+-		         ntohs(((struct sockaddr_in6 *)&srv->addr)->sin6_port));
++		snprintf(addr, INET_ADDRSTRLEN, "%d", srv->svc_port);
+ 		luaL_addstring(&b, addr);
+ 		break;
+ 	case AF_UNIX:
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0017-BUG-MINOR-lua-Correctly-use-INET6_ADDRSTRLEN-in-Serv.patch b/net/haproxy/patches/0017-BUG-MINOR-lua-Correctly-use-INET6_ADDRSTRLEN-in-Serv.patch
new file mode 100644
index 0000000..408b42d
--- /dev/null
+++ b/net/haproxy/patches/0017-BUG-MINOR-lua-Correctly-use-INET6_ADDRSTRLEN-in-Serv.patch
@@ -0,0 +1,34 @@
+From e79fe9bc0ae363e91555f1ba64889e2ddf475b8e Mon Sep 17 00:00:00 2001
+From: Nenad Merdanovic 
+Date: Sun, 23 Jul 2017 22:04:59 -0400
+Subject: [PATCH 17/18] BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in
+ Server.get_addr()
+
+The get_addr() method of the Lua Server class incorrectly used
+INET_ADDRSTRLEN for IPv6 addresses resulting in failing to convert
+longer IPv6 addresses to strings.
+
+This fix should be backported to 1.7.
+
+(cherry picked from commit a9f040453acc09e888c3f2dc983f15dcf3fa66e3)
+Signed-off-by: William Lallemand 
+---
+ src/hlua_fcn.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/hlua_fcn.c b/src/hlua_fcn.c
+index 0752220e..f8b9b5ec 100644
+--- a/src/hlua_fcn.c
++++ b/src/hlua_fcn.c
+@@ -550,7 +550,7 @@ int hlua_server_get_addr(lua_State *L)
+ 		break;
+ 	case AF_INET6:
+ 		inet_ntop(AF_INET6, &((struct sockaddr_in6 *)&srv->addr)->sin6_addr,
+-		          addr, INET_ADDRSTRLEN);
++		          addr, INET6_ADDRSTRLEN);
+ 		luaL_addstring(&b, addr);
+ 		luaL_addstring(&b, ":");
+ 		snprintf(addr, INET_ADDRSTRLEN, "%d", srv->svc_port);
+-- 
+2.13.0
+
diff --git a/net/haproxy/patches/0018-BUG-MINOR-lua-always-detach-the-tcp-http-tasks-befor.patch b/net/haproxy/patches/0018-BUG-MINOR-lua-always-detach-the-tcp-http-tasks-befor.patch
new file mode 100644
index 0000000..c1f2310
--- /dev/null
+++ b/net/haproxy/patches/0018-BUG-MINOR-lua-always-detach-the-tcp-http-tasks-befor.patch
@@ -0,0 +1,45 @@
+From dd18f945c26fc30872a52c66b06b5a0a86b10060 Mon Sep 17 00:00:00 2001
+From: Willy Tarreau 
+Date: Mon, 24 Jul 2017 17:35:27 +0200
+Subject: [PATCH 18/18] BUG/MINOR: lua: always detach the tcp/http tasks before
+ freeing them
+
+In hlua_{http,tcp}_applet_release(), a call to task_free() is performed
+to release the task, but no task_delete() is made on these tasks. Till
+now it wasn't much of a problem because this was normally not done with
+the task in the run queue, and the task was never put into the wait queue
+since it doesn't have any timer. But with threading it will become an
+issue. And not having this already prevents another bug from being fixed.
+
+Thanks to Christopher for spotting this one. A backport to 1.7 and 1.6 is
+preferred for safety.
+
+(cherry picked from commit bd7fc95edbce821f1d7b745a7b75deef4d6b1e27)
+Signed-off-by: William Lallemand 
+---
+ src/hlua.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/hlua.c b/src/hlua.c
+index a998860e..67b9458c 100644
+--- a/src/hlua.c
++++ b/src/hlua.c
+@@ -5948,6 +5948,7 @@ error:
+ 
+ static void hlua_applet_tcp_release(struct appctx *ctx)
+ {
++	task_delete(ctx->ctx.hlua_apptcp.task);
+ 	task_free(ctx->ctx.hlua_apptcp.task);
+ 	ctx->ctx.hlua_apptcp.task = NULL;
+ 	hlua_ctx_destroy(&ctx->ctx.hlua_apptcp.hlua);
+@@ -6226,6 +6227,7 @@ error:
+ 
+ static void hlua_applet_http_release(struct appctx *ctx)
+ {
++	task_delete(ctx->ctx.hlua_apphttp.task);
+ 	task_free(ctx->ctx.hlua_apphttp.task);
+ 	ctx->ctx.hlua_apphttp.task = NULL;
+ 	hlua_ctx_destroy(&ctx->ctx.hlua_apphttp.hlua);
+-- 
+2.13.0
+
diff --git a/net/horst/Makefile b/net/horst/Makefile
new file mode 100644
index 0000000..1eb7409
--- /dev/null
+++ b/net/horst/Makefile
@@ -0,0 +1,51 @@
+#
+# Copyright (C) 2006-2016 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=horst
+PKG_VERSION:=5.0
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-git.tar.gz
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=git://github.com/br101/horst.git
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=version-$(PKG_VERSION)
+
+PKG_MAINTAINER:=Bruno Randolf 
+PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE_FILES:=LICENSE
+
+PKG_BUILD_PARALLEL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+MAKE_FLAGS += DEBUG=1 LIBNL=tiny
+
+define Package/horst
+	SECTION:=net
+	CATEGORY:=Network
+	SUBMENU:=wireless
+	DEPENDS:=+libncurses +libnl-tiny
+	MAINTAINER:=Bruno Randolf 
+	TITLE:=Highly Optimized 802.11 Radio Scanning Tool
+	URL:=http://br1.einfach.org/tech/horst/
+endef
+
+define Package/horst/description
+	[horst] is a scanning and analysis tool for 802.11 wireless networks
+	and especially IBSS (ad-hoc) mode and mesh networks (OLSR).
+endef
+
+define Package/horst/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/horst $(1)/usr/sbin/
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/horst.sh $(1)/usr/sbin/
+endef
+
+$(eval $(call BuildPackage,horst))
diff --git a/net/https-dns-proxy/Makefile b/net/https-dns-proxy/Makefile
index 42e154c..daecceb 100644
--- a/net/https-dns-proxy/Makefile
+++ b/net/https-dns-proxy/Makefile
@@ -1,14 +1,15 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=https_dns_proxy
-PKG_VERSION:=2017-01-07
-PKG_RELEASE=2
+PKG_VERSION:=2018-01-24
+PKG_RELEASE=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_MIRROR_HASH:=0eef98106c584b986117f33458e8d1e2447a8b6eb12a2e3bfc5df06d45114144
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
 PKG_SOURCE_URL:=https://github.com/aarond10/https_dns_proxy/
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=c62ce3f6807a4067230a8bc5ea5a829f532de785
+PKG_SOURCE_VERSION:=f08b51d7c07c0156794e2c23d7a4d1a5344b2e07
 PKG_MAINTAINER:=Aaron Drew 
 PKG_LICENSE:=MIT
 
@@ -19,7 +20,7 @@ define Package/https_dns_proxy
   SECTION:=net
   CATEGORY:=Network
   TITLE:=DNS over HTTPS proxy server
-  DEPENDS:=+libcares +libcurl +libev
+  DEPENDS:=+libcares +libcurl +libev +ca-bundle
 endef
 
 define Package/https_dns_proxy/install
diff --git a/net/jool/Makefile b/net/jool/Makefile
index aa0e1b9..0a6d691 100644
--- a/net/jool/Makefile
+++ b/net/jool/Makefile
@@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=jool
 PKG_VERSION:=2016.12.17
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_LICENSE:=GPL-3.0
 PKG_LICENSE_FILES:=COPYING
@@ -19,7 +19,7 @@ PKG_SOURCE_VERSION:=66a791c90751d7941b08c142babe1deec73d0996
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_SOURCE_VERSION)
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.xz
 
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_SOURCE_SUBDIR)
+PKG_BUILD_DIR=$(KERNEL_BUILD_DIR)/$(PKG_SOURCE_SUBDIR)
 PKG_BUILD_PARALLEL:=1
 PKG_BUILD_DEPENDS:=USE_UCLIBC:argp-standalone USE_MUSL:argp-standalone
 
diff --git a/net/luci-app-cjdns/Makefile b/net/luci-app-cjdns/Makefile
deleted file mode 100644
index 793b4ec..0000000
--- a/net/luci-app-cjdns/Makefile
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# Copyright (C) 2014,2015 Hyperboria.net
-#
-# You may redistribute this program and/or modify it under the terms of
-# the GNU General Public License as published by the Free Software Foundation,
-# either version 3 of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see .
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=luci-app-cjdns
-PKG_VERSION:=1.3
-PKG_RELEASE:=5
-
-PKG_LICENSE:=GPL-3.0
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/luci-app-cjdns
-	SECTION:=luci
-	CATEGORY:=LuCI
-	SUBMENU:=3. Applications
-	TITLE:=Encrypted near-zero-conf mesh routing protocol
-	URL:=https://github.com/hyperboria/cjdns
-	MAINTAINER:=Lars Gierth 
-	DEPENDS:=+cjdns +luci-base
-endef
-
-define Package/luci-app-cjdns/description
-	This package allows you to configure and inspect cjdns networking using LuCI.
-
-	Cjdns implements an encrypted IPv6 network using public-key cryptography
-	for address allocation and a distributed hash table for routing.
-	This provides near-zero-configuration networking, and prevents many
-	of the security and scalability issues that plague existing networks.
-endef
-
-define Build/Compile
-endef
-
-define Package/luci-app-cjdns/install
-	$(INSTALL_DIR) $(1)/usr/lib/lua/luci
-	$(CP) ./luasrc/* $(1)/usr/lib/lua/luci
-endef
-
-$(eval $(call BuildPackage,luci-app-cjdns))
diff --git a/net/luci-app-cjdns/luasrc/controller/cjdns.lua b/net/luci-app-cjdns/luasrc/controller/cjdns.lua
deleted file mode 100644
index 63644cb..0000000
--- a/net/luci-app-cjdns/luasrc/controller/cjdns.lua
+++ /dev/null
@@ -1,105 +0,0 @@
-module("luci.controller.cjdns", package.seeall)
-
-cjdns  = require "cjdns/init"
-dkjson = require "dkjson"
-
-function index()
-	if not nixio.fs.access("/etc/config/cjdns") then
-		return
-	end
-
-	entry({"admin", "services", "cjdns"},
-		cbi("cjdns/overview"), _("cjdns")).dependent = true
-
-	entry({"admin", "services", "cjdns", "overview"},
-		cbi("cjdns/overview"), _("Overview"), 1).leaf = false
-
-	entry({"admin", "services", "cjdns", "peering"},
-		cbi("cjdns/peering"), _("Peers"), 2).leaf = false
-
-	entry({"admin", "services", "cjdns", "iptunnel"},
-		cbi("cjdns/iptunnel"), _("IP Tunnel"), 3).leaf = false
-
-	entry({"admin", "services", "cjdns", "settings"},
-		cbi("cjdns/settings"), _("Settings"), 4).leaf = false
-
-	entry({"admin", "services", "cjdns", "cjdrouteconf"},
-		cbi("cjdns/cjdrouteconf"), _("cjdroute.conf"), 5).leaf = false
-
-	entry({"admin", "services", "cjdns", "peers"}, call("act_peers")).leaf = true
-	entry({"admin", "services", "cjdns", "ping"}, call("act_ping")).leaf = true
-end
-
-function act_peers()
-	require("cjdns/uci")
-	admin = cjdns.uci.makeInterface()
-
-	local page = 0
-	local peers = {}
-
-	while page do
-		local response, err = admin:auth({
-			q = "InterfaceController_peerStats",
-			page = page
-		})
-
-		if err or response.error then
-			luci.http.status(502, "Bad Gateway")
-			luci.http.prepare_content("application/json")
-			luci.http.write_json({ err = err, response = response })
-			return
-		end
-
-		for i,peer in pairs(response.peers) do
-			peer.ipv6 = publictoip6(peer.publicKey)
-			if peer.user == nil then
-				peer.user = ''
-				uci.cursor():foreach("cjdns", "udp_peer", function(udp_peer)
-					if peer.publicKey == udp_peer.public_key then
-						peer.user = udp_peer.user
-					end
-				end)
-			end
-			peers[#peers + 1] = peer
-		end
-
-		if response.more then
-			page = page + 1
-		else
-			page = nil
-		end
-	end
-
-	luci.http.status(200, "OK")
-	luci.http.prepare_content("application/json")
-	luci.http.write_json(peers)
-end
-
-function act_ping()
-	require("cjdns/uci")
-	admin = cjdns.uci.makeInterface()
-
-	local response, err = admin:auth({
-		q = "SwitchPinger_ping",
-		path = luci.http.formvalue("label"),
-		timeout = tonumber(luci.http.formvalue("timeout"))
-	})
-
-	if err or response.error then
-		luci.http.status(502, "Bad Gateway")
-		luci.http.prepare_content("application/json")
-		luci.http.write_json({ err = err, response = response })
-		return
-	end
-
-	luci.http.status(200, "OK")
-	luci.http.prepare_content("application/json")
-	luci.http.write_json(response)
-end
-
-function publictoip6(publicKey)
-	local process = io.popen("/usr/bin/publictoip6 " .. publicKey, "r")
-	local ipv6    = process:read()
-	process:close()
-	return ipv6
-end
diff --git a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/cjdrouteconf.lua b/net/luci-app-cjdns/luasrc/model/cbi/cjdns/cjdrouteconf.lua
deleted file mode 100644
index 00e9ae0..0000000
--- a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/cjdrouteconf.lua
+++ /dev/null
@@ -1,32 +0,0 @@
-m = Map("cjdns", translate("cjdns"),
-  translate("Implements an encrypted IPv6 network using public-key \
-    cryptography for address allocation and a distributed hash table for \
-    routing. This provides near-zero-configuration networking, and prevents \
-    many of the security and scalability issues that plague existing \
-    networks."))
-
-dkjson = require("dkjson")
-cjdns = require("cjdns")
-require("cjdns/uci")
-
-local f = SimpleForm("cjdrouteconf", translate("Edit cjdroute.conf"),
-	translate("JSON interface to what's /etc/cjdroute.conf on other systems. \
-    Will be parsed and written to UCI by cjdrouteconf set."))
-
-local o = f:field(Value, "_cjdrouteconf")
-o.template = "cbi/tvalue"
-o.rows = 25
-
-function o.cfgvalue(self, section)
-	return dkjson.encode(cjdns.uci.get(), { indent = true })
-end
-
-function o.write(self, section, value)
-  local obj, pos, err = dkjson.decode(value, 1, nil)
-
-  if obj then
-    cjdns.uci.set(obj)
-  end
-end
-
-return f
diff --git a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/iptunnel.lua b/net/luci-app-cjdns/luasrc/model/cbi/cjdns/iptunnel.lua
deleted file mode 100644
index 02b37dd..0000000
--- a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/iptunnel.lua
+++ /dev/null
@@ -1,46 +0,0 @@
-uci = require "luci.model.uci"
-cursor = uci:cursor_state()
-
-m = Map("cjdns", translate("cjdns"),
-  translate("Implements an encrypted IPv6 network using public-key \
-    cryptography for address allocation and a distributed hash table for \
-    routing. This provides near-zero-configuration networking, and prevents \
-    many of the security and scalability issues that plague existing \
-    networks."))
-
-m.on_after_commit = function(self)
-  os.execute("/etc/init.d/cjdns restart")
-end
-
--- Outgoing
-outgoing = m:section(TypedSection, "iptunnel_outgoing", translate("Outgoing IP Tunnel Connections"),
-  translate("Enter the public keys of the nodes that will provide Internet access."))
-outgoing.anonymous = true
-outgoing.addremove = true
-outgoing.template  = "cbi/tblsection"
-
-outgoing:option(Value, "public_key", translate("Public Key")).size = 55
-
--- Allowed
-allowed = m:section(TypedSection, "iptunnel_allowed", translate("Allowed IP Tunnel Connections"),
-  translate("Enter the public key of the node you will provide Internet access to, along with the \
-             IPv4 and/or IPv6 address you will assign them."))
-allowed.anonymous = true
-allowed.addremove = true
-
-public_key = allowed:option(Value, "public_key", translate("Public Key"))
-public_key.template = "cjdns/value"
-public_key.size = 55
-
-ipv4 = allowed:option(Value, "ipv4", translate("IPv4"))
-ipv4.template = "cjdns/value"
-ipv4.datatype = 'ipaddr'
-ipv4.size = 55
-
-ipv6 = allowed:option(Value, "ipv6", translate("IPv6"),
-  translate("IPv6 addresses should be entered without brackets here, e.g. 2001:123:ab::10."))
-ipv6.template = "cjdns/value"
-ipv6.datatype = 'ip6addr'
-ipv6.size = 55
-
-return m
diff --git a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/overview.lua b/net/luci-app-cjdns/luasrc/model/cbi/cjdns/overview.lua
deleted file mode 100644
index efa3a03..0000000
--- a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/overview.lua
+++ /dev/null
@@ -1,10 +0,0 @@
-m = Map("cjdns", translate("cjdns"),
-  translate("Implements an encrypted IPv6 network using public-key \
-    cryptography for address allocation and a distributed hash table for \
-    routing. This provides near-zero-configuration networking, and prevents \
-    many of the security and scalability issues that plague existing \
-    networks."))
-
-m:section(SimpleSection).template  = "cjdns/status"
-
-return m
diff --git a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/peering.lua b/net/luci-app-cjdns/luasrc/model/cbi/cjdns/peering.lua
deleted file mode 100644
index 2b1fc1b..0000000
--- a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/peering.lua
+++ /dev/null
@@ -1,73 +0,0 @@
-uci = require "luci.model.uci"
-cursor = uci:cursor_state()
-
-cjdns = require("cjdns")
-require("cjdns/uci")
-
-m = Map("cjdns", translate("cjdns"),
-  translate("Implements an encrypted IPv6 network using public-key \
-    cryptography for address allocation and a distributed hash table for \
-    routing. This provides near-zero-configuration networking, and prevents \
-    many of the security and scalability issues that plague existing \
-    networks."))
-
-m.on_after_commit = function(self)
-  os.execute("/etc/init.d/cjdns restart")
-end
-
--- Authorized Passwords
-passwords = m:section(TypedSection, "password", translate("Authorized Passwords"),
-  translate("Anyone offering one of the these passwords will be allowed to peer with you on the existing UDP and Ethernet interfaces."))
-passwords.anonymous = true
-passwords.addremove = true
-passwords.template  = "cbi/tblsection"
-
-passwords:option(Value, "user", translate("User/Name"),
-  translate("Must be unique.")
-).default = "user-" .. cjdns.uci.random_string(6)
-passwords:option(Value, "contact", translate("Contact"), translate("Optional, for out-of-band communication."))
-passwords:option(Value, "password", translate("Password"),
-  translate("Hand out to your peer, in accordance with the peering best practices of the network.")
-).default = cjdns.uci.random_string(32)
-
--- UDP Peers
-udp_peers = m:section(TypedSection, "udp_peer", translate("Outgoing UDP Peers"),
-  translate("For peering via public IP networks, the peer handed you their Public Key and IP address/port along with a password. IPv6 addresses should be entered with square brackets, like so: [2001::1]."))
-udp_peers.anonymous = true
-udp_peers.addremove = true
-udp_peers.template  = "cbi/tblsection"
-udp_peers:option(Value, "user", translate("User/Name")).datatype = "string"
-
-udp_interface = udp_peers:option(Value, "interface", translate("UDP interface"))
-local index = 1
-for i,section in pairs(cursor:get_all("cjdns")) do
-  if section[".type"] == "udp_interface" then
-    udp_interface:value(index, section.address .. ":" .. section.port)
-  end
-end
-udp_interface.default = 1
-udp_peers:option(Value, "address", translate("IP address"))
-udp_peers:option(Value, "port", translate("Port")).datatype = "portrange"
-udp_peers:option(Value, "public_key", translate("Public key"))
-udp_peers:option(Value, "password", translate("Password"))
-
--- Ethernet Peers
-eth_peers = m:section(TypedSection, "eth_peer", translate("Outgoing Ethernet Peers"),
-  translate("For peering via local Ethernet networks, the peer handed you their Public Key and MAC address along with a password."))
-eth_peers.anonymous = true
-eth_peers.addremove = true
-eth_peers.template  = "cbi/tblsection"
-
-eth_interface = eth_peers:option(Value, "interface", translate("Ethernet interface"))
-local index = 1
-for i,section in pairs(cursor:get_all("cjdns")) do
-  if section[".type"] == "eth_interface" then
-    eth_interface:value(index, section.bind)
-  end
-end
-eth_interface.default = 1
-eth_peers:option(Value, "address", translate("MAC address")).datatype = "macaddr"
-eth_peers:option(Value, "public_key", translate("Public key"))
-eth_peers:option(Value, "password", translate("Password"))
-
-return m
diff --git a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/settings.lua b/net/luci-app-cjdns/luasrc/model/cbi/cjdns/settings.lua
deleted file mode 100644
index d188915..0000000
--- a/net/luci-app-cjdns/luasrc/model/cbi/cjdns/settings.lua
+++ /dev/null
@@ -1,67 +0,0 @@
-m = Map("cjdns", translate("cjdns"),
-  translate("Implements an encrypted IPv6 network using public-key \
-    cryptography for address allocation and a distributed hash table for \
-    routing. This provides near-zero-configuration networking, and prevents \
-    many of the security and scalability issues that plague existing \
-    networks."))
-
-m.on_after_commit = function(self)
-  os.execute("/etc/init.d/cjdns restart")
-end
-
-s = m:section(NamedSection, "cjdns", nil, translate("Settings"))
-s.addremove = false
-
--- Identity
-s:tab("identity", translate("Identity"))
-node6 = s:taboption("identity", Value, "ipv6", translate("IPv6 address"),
-      translate("This node's IPv6 address within the cjdns network."))
-node6.datatype = "ip6addr"
-pbkey = s:taboption("identity", Value, "public_key", translate("Public key"),
-      translate("Used for packet encryption and authentication."))
-pbkey.datatype = "string"
-prkey = s:taboption("identity", Value, "private_key", translate("Private key"),
-      translate("Keep this private. When compromised, generate a new keypair and IPv6."))
-prkey.datatype = "string"
-
--- Admin Interface
-s:tab("admin", translate("Admin API"), translate("The Admin API can be used by other applications or services to configure and inspect cjdns' routing and peering.

Documentation: admin/README.md"))
-aip = s:taboption("admin", Value, "admin_address", translate("IP Address"),
-      translate("IPv6 addresses should be entered like so: [2001::1]."))
-apt = s:taboption("admin", Value, "admin_port", translate("Port"))
-apt.datatype = "port"
-apw = s:taboption("admin", Value, "admin_password", translate("Password"))
-apw.datatype = "string"
-
--- Security
-s:tab("security", translate("Security"), translate("Functionality related to hardening the cjdroute process."))
-s:taboption("security", Flag, "seccomp", translate("SecComp sandboxing"))
-
--- UDP Interfaces
-udp_interfaces = m:section(TypedSection, "udp_interface", translate("UDP Interfaces"),
-  translate("These interfaces allow peering via public IP networks, such as the Internet, or many community-operated wireless networks. IPv6 addresses should be entered with square brackets, like so: [2001::1]."))
-udp_interfaces.anonymous = true
-udp_interfaces.addremove = true
-udp_interfaces.template = "cbi/tblsection"
-
-udp_address = udp_interfaces:option(Value, "address", translate("IP Address"))
-udp_address.placeholder = "0.0.0.0"
-udp_interfaces:option(Value, "port", translate("Port")).datatype = "portrange"
-
--- Ethernet Interfaces
-eth_interfaces = m:section(TypedSection, "eth_interface", translate("Ethernet Interfaces"),
-  translate("These interfaces allow peering via local Ethernet networks, such as home or office networks, or phone tethering. If an interface name is set to \"all\" each available device will be used."))
-eth_interfaces.anonymous = true
-eth_interfaces.addremove = true
-eth_interfaces.template = "cbi/tblsection"
-
-eth_bind = eth_interfaces:option(Value, "bind", translate("Network Interface"))
-eth_bind.placeholder = "br-lan"
-eth_beacon = eth_interfaces:option(Value, "beacon", translate("Beacon Mode"))
-eth_beacon:value(0, translate("0 -- Disabled"))
-eth_beacon:value(1, translate("1 -- Accept beacons"))
-eth_beacon:value(2, translate("2 -- Accept and send beacons"))
-eth_beacon.default = 2
-eth_beacon.datatype = "integer(range(0,2))"
-
-return m
diff --git a/net/luci-app-cjdns/luasrc/view/admin_status/index/cjdns.htm b/net/luci-app-cjdns/luasrc/view/admin_status/index/cjdns.htm
deleted file mode 100644
index 58c3843..0000000
--- a/net/luci-app-cjdns/luasrc/view/admin_status/index/cjdns.htm
+++ /dev/null
@@ -1 +0,0 @@
-<%+cjdns/status%>
diff --git a/net/luci-app-cjdns/luasrc/view/cjdns/status.htm b/net/luci-app-cjdns/luasrc/view/cjdns/status.htm
deleted file mode 100644
index 9d43e85..0000000
--- a/net/luci-app-cjdns/luasrc/view/cjdns/status.htm
+++ /dev/null
@@ -1,116 +0,0 @@
-
-
-
-
-

-	Active cjdns peers
-	
-		
-			
-			
-			
-			
-			
-			
-		
-		
-			
-		
-	
User/NameIPv6StatusVersionRx / TxLatency
Querying Admin API

-

diff --git a/net/luci-app-cjdns/luasrc/view/cjdns/value.htm b/net/luci-app-cjdns/luasrc/view/cjdns/value.htm
deleted file mode 100644
index d1e54bb..0000000
--- a/net/luci-app-cjdns/luasrc/view/cjdns/value.htm
+++ /dev/null
@@ -1,35 +0,0 @@
-<%+cbi/valueheader%>
-	 style="width: auto" />
-	<% if self.password then %><% end %>
-	<% if #self.keylist > 0 or self.datatype then -%>
-	
-	<% end -%>
-<%+cbi/valuefooter%>
diff --git a/net/miniupnpd/Makefile b/net/miniupnpd/Makefile
deleted file mode 100644
index 42023ff..0000000
--- a/net/miniupnpd/Makefile
+++ /dev/null
@@ -1,81 +0,0 @@
-#
-# Copyright (C) 2006-2014 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=miniupnpd
-PKG_VERSION:=2.0.20170421
-PKG_RELEASE:=1
-
-PKG_SOURCE_URL:=http://miniupnp.free.fr/files
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=9677aeccadf73b4bf8bb9d832c32b5da8266b4d58eed888f3fd43d7656405643
-
-PKG_MAINTAINER:=Markus Stenberg 
-PKG_LICENSE:=BSD-3-Clause
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/miniupnpd
-  SECTION:=net
-  CATEGORY:=Network
-  DEPENDS:=+iptables +libip4tc +IPV6:libip6tc +IPV6:ip6tables +libuuid
-  TITLE:=Lightweight UPnP IGD, NAT-PMP & PCP daemon
-  SUBMENU:=Firewall
-  URL:=http://miniupnp.free.fr/
-endef
-
-define Package/miniupnpd/config
-config MINIUPNPD_IGDv2
-	bool
-	default y
-	prompt "Enable IGDv2"
-endef
-
-define Package/miniupnpd/conffiles
-/etc/config/upnpd
-endef
-
-define Package/miniupnpd/postinst
-#!/bin/sh
-
-if [ -z "$$IPKG_INSTROOT" ]; then
-  ( . /etc/uci-defaults/99-miniupnpd )
-  rm -f /etc/uci-defaults/99-miniupnpd
-fi
-
-exit 0
-endef
-
-define Build/Prepare
-	$(call Build/Prepare/Default)
-	echo "OpenWrt" | tr \(\)\  _ >$(PKG_BUILD_DIR)/os.openwrt
-endef
-
-MAKE_FLAGS += \
-	TARGET_OPENWRT=1 TEST=0 \
-	LIBS="" \
-	CC="$(TARGET_CC) -DIPTABLES_143 \
-		-lip4tc $(if $(CONFIG_IPV6),-lip6tc) -luuid" \
-	CONFIG_OPTIONS="--portinuse --leasefile \
-		$(if $(CONFIG_IPV6),--ipv6) \
-		$(if $(CONFIG_MINIUPNPD_IGDv2),--igd2)" \
-	-f Makefile.linux \
-	miniupnpd
-
-
-define Package/miniupnpd/install
-	$(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/init.d $(1)/etc/config $(1)/etc/uci-defaults $(1)/etc/hotplug.d/iface $(1)/usr/share/miniupnpd
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/miniupnpd $(1)/usr/sbin/miniupnpd
-	$(INSTALL_BIN) ./files/miniupnpd.init $(1)/etc/init.d/miniupnpd
-	$(INSTALL_CONF) ./files/upnpd.config $(1)/etc/config/upnpd
-	$(INSTALL_DATA) ./files/miniupnpd.hotplug $(1)/etc/hotplug.d/iface/50-miniupnpd
-	$(INSTALL_DATA) ./files/miniupnpd.defaults $(1)/etc/uci-defaults/99-miniupnpd
-	$(INSTALL_DATA) ./files/firewall.include $(1)/usr/share/miniupnpd/firewall.include
-endef
-
-$(eval $(call BuildPackage,miniupnpd))
diff --git a/net/miniupnpd/files/firewall.include b/net/miniupnpd/files/firewall.include
deleted file mode 100644
index 0eb96d7..0000000
--- a/net/miniupnpd/files/firewall.include
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/bin/sh
-# miniupnpd integration for firewall3
-
-IP6TABLES=/usr/sbin/ip6tables
-
-iptables -t filter -N MINIUPNPD 2>/dev/null
-iptables -t nat -N MINIUPNPD 2>/dev/null
-iptables -t nat -N MINIUPNPD-POSTROUTING 2>/dev/null
-
-[ -x $IP6TABLES ] && $IP6TABLES -t filter -N MINIUPNPD 2>/dev/null
-
-. /lib/functions/network.sh
-
-ADDED=0
-
-add_extzone_rules() {
-    local ext_zone=$1
-
-    [ -z "$ext_zone" ] && return
-
-    # IPv4 - due to NAT, need to add both to nat and filter table
-    iptables -t filter -I zone_${ext_zone}_forward -j MINIUPNPD
-    iptables -t nat -I zone_${ext_zone}_prerouting -j MINIUPNPD
-    iptables -t nat -I zone_${ext_zone}_postrouting -j MINIUPNPD-POSTROUTING
-
-    # IPv6 if available - filter only
-    [ -x $IP6TABLES ] && {
-        $IP6TABLES -t filter -I zone_${ext_zone}_forward -j MINIUPNPD
-    }
-    ADDED=$(($ADDED + 1))
-}
-
-# By default, user configuration is king.
-
-for ext_iface in $(uci -q get upnpd.config.external_iface); do
-    add_extzone_rules $(fw3 -q network "$ext_iface")
-done
-
-add_extzone_rules $(uci -q get upnpd.config.external_zone)
-
-[ ! $ADDED = 0 ] && exit 0
-
-
-# If really nothing is available, resort to network_find_wan{,6} and
-# assume external interfaces all have same firewall zone.
-
-# (This heuristic may fail horribly, in case of e.g. multihoming, so
-# please set external_zone in that case!)
-
-network_find_wan wan_iface
-network_find_wan6 wan6_iface
-
-for ext_iface in $wan_iface $wan6_iface; do
-    # fw3 -q network fails on sub-interfaces => map to device first
-    network_get_device ext_device $ext_iface
-    add_extzone_rules $(fw3 -q device "$ext_device")
-done
diff --git a/net/miniupnpd/files/miniupnpd.defaults b/net/miniupnpd/files/miniupnpd.defaults
deleted file mode 100644
index 7271389..0000000
--- a/net/miniupnpd/files/miniupnpd.defaults
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-
-uci -q batch <<-EOT
-	delete firewall.miniupnpd
-	set firewall.miniupnpd=include
-	set firewall.miniupnpd.type=script
-	set firewall.miniupnpd.path=/usr/share/miniupnpd/firewall.include
-	set firewall.miniupnpd.family=any
-	set firewall.miniupnpd.reload=1
-	commit firewall
-EOT
-
-exit 0
diff --git a/net/miniupnpd/files/miniupnpd.hotplug b/net/miniupnpd/files/miniupnpd.hotplug
deleted file mode 100644
index 320437e..0000000
--- a/net/miniupnpd/files/miniupnpd.hotplug
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/sh
-
-/etc/init.d/miniupnpd enabled || exit 0
-
-. /lib/functions/service.sh
-
-# If miniupnpd is not running:
-# - check on _any_ event (even updates may contribute to network_find_wan*)
-
-# If miniupnpd _is_ running:
-# - check only on ifup (otherwise lease updates etc would cause
-#   miniupnpd state loss)
-
-[ ! "$ACTION" = "ifup" ] && service_check /usr/sbin/miniupnpd && exit 0
-
-tmpconf="/var/etc/miniupnpd.conf"
-extiface=$(uci get upnpd.config.external_iface)
-extzone=$(uci get upnpd.config.external_zone)
-
-. /lib/functions/network.sh
-
-for iface in $(uci get upnpd.config.internal_iface); do
-    network_get_device device $iface
-    [ "$DEVICE" = "$device" ] && /etc/init.d/miniupnpd restart && exit 0
-done
-
-
-if [ -z "$extiface" ] ; then
-  # manual external zone (if dynamically find interfaces
-  # belonging to it) overrides network_find_wan*
-  if [ -n "$extzone" ] ; then
-    ifname=$(fw3 -q zone $extzone | head -1)
-  fi
-  [ -n "$extiface" ] || network_find_wan extiface
-  [ -n "$extiface" ] || network_find_wan6 extiface
-fi
-
-[ -n "$ifname" ] || network_get_device ifname ${extiface}
-grep -q "ext_ifname=$ifname" $tmpconf || /etc/init.d/miniupnpd restart
diff --git a/net/miniupnpd/files/miniupnpd.init b/net/miniupnpd/files/miniupnpd.init
deleted file mode 100644
index c934a28..0000000
--- a/net/miniupnpd/files/miniupnpd.init
+++ /dev/null
@@ -1,212 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2006-2014 OpenWrt.org
-
-START=94
-STOP=15
-
-SERVICE_USE_PID=1
-
-upnpd_get_port_range() {
-	local _var="$1"; shift
-	local _val
-
-	config_get _val "$@"
-
-	case "$_val" in
-		[0-9]*[:-][0-9]*)
-			export -n -- "${_var}_start=${_val%%[:-]*}"
-			export -n -- "${_var}_end=${_val##*[:-]}"
-		;;
-		[0-9]*)
-			export -n -- "${_var}_start=$_val"
-			export -n -- "${_var}_end="
-		;;
-	esac
-}
-
-conf_rule_add() {
-	local cfg="$1"
-	local tmpconf="$2"
-	local action external_port_start external_port_end int_addr
-	local internal_port_start internal_port_end
-
-	config_get action "$cfg" action "deny"               # allow or deny
-	upnpd_get_port_range "ext" "$cfg" ext_ports "0-65535" # external ports: x, x-y, x:y
-	config_get int_addr "$cfg" int_addr "0.0.0.0/0"       # ip or network and subnet mask (internal)
-	upnpd_get_port_range "int" "$cfg" int_ports "0-65535" # internal ports: x, x-y, x:y or range
-
-	# Make a single IP IP/32 so that miniupnpd.conf can use it.
-	case "$int_addr" in
-		*/*) ;;
-		*) int_addr="$int_addr/32" ;;
-	esac
-
-	echo "${action} ${ext_start}${ext_end:+-}${ext_end} ${int_addr} ${int_start}${int_end:+-}${int_end}" >>$tmpconf
-}
-
-upnpd_write_bool() {
-	local opt="$1"
-	local def="${2:-0}"
-	local alt="$3"
-	local val
-
-	config_get_bool val config "$opt" "$def"
-	if [ "$val" -eq 0 ]; then
-		echo "${alt:-$opt}=no" >> $tmpconf
-	else
-		echo "${alt:-$opt}=yes" >> $tmpconf
-	fi
-}
-
-boot() {
-	return
-}
-
-start() {
-	config_load "upnpd"
-	local extiface intiface upload download logging secure enabled natpmp
-	local extip port usesysuptime conffile serial_number model_number
-	local uuid notify_interval presentation_url enable_upnp
-	local upnp_lease_file clean_ruleset_threshold clean_ruleset_interval
-        local ipv6_listening_ip enabled
-
-	config_get_bool enabled config enabled 1
-
-	[ "$enabled" -gt 0 ] || return 1
-
-	config_get extiface config external_iface
-	config_get extzone config external_zone
-	config_get intiface config internal_iface
-	config_get extip config external_ip
-	config_get port config port 5000
-	config_get upload   config upload
-	config_get download config download
-	config_get_bool logging config log_output 0
-	config_get conffile config config_file
-	config_get serial_number config serial_number
-	config_get model_number config model_number
-	config_get uuid config uuid
-	config_get notify_interval config notify_interval
-	config_get presentation_url config presentation_url
-	config_get upnp_lease_file config upnp_lease_file
-	config_get clean_ruleset_threshold config clean_ruleset_threshold
-	config_get clean_ruleset_interval config clean_ruleset_interval
-	config_get ipv6_listening_ip config ipv6_listening_ip
-
-	local args
-
-	. /lib/functions/network.sh
-
-	local ifname
-
-        # manual external interface overrides everything
-        if [ -z "$extiface" ] ; then
-            # manual external zone (if dynamically find interfaces
-            # belonging to it) overrides network_find_wan*
-            if [ -n "$extzone" ] ; then
-                ifname=$(fw3 -q zone $extzone | head -1)
-            fi
-            [ -n "$extiface" ] || network_find_wan extiface
-            [ -n "$extiface" ] || network_find_wan6 extiface
-        fi
-
-	[ -n "$ifname" ] || network_get_device ifname ${extiface}
-
-	if [ -n "$conffile" ]; then
-		args="-f $conffile"
-	else
-		local tmpconf="/var/etc/miniupnpd.conf"
-		args="-f $tmpconf"
-		mkdir -p /var/etc
-
-		echo "ext_ifname=$ifname" >$tmpconf
-
-		[ -n "$extip" ] && \
-			echo "ext_ip=$extip" >>$tmpconf
-
-		local iface
-		for iface in ${intiface:-lan}; do
-			local device
-			network_get_device device "$iface" && {
-				echo "listening_ip=$device" >>$tmpconf
-			}
-		done
-
-		[ "$port" != "auto" ] && \
-			echo "port=$port" >>$tmpconf
-
-		config_load "upnpd"
-		upnpd_write_bool enable_natpmp 1
-		upnpd_write_bool enable_upnp 1
-		upnpd_write_bool secure_mode 1
-		upnpd_write_bool pcp_allow_thirdparty 0
-		upnpd_write_bool system_uptime 1
-
-		[ -n "$upnp_lease_file" ] && \
-			echo "lease_file=$upnp_lease_file" >>$tmpconf
-
-		[ -n "$upload" -a -n "$download" ] && {
-			echo "bitrate_down=$(($download * 1024 * 8))" >>$tmpconf
-			echo "bitrate_up=$(($upload * 1024 * 8))" >>$tmpconf
-		}
-
-		[ -n "${presentation_url}" ] && \
-			echo "presentation_url=${presentation_url}" >>$tmpconf
-
-		[ -n "${notify_interval}" ] && \
-			echo "notify_interval=${notify_interval}" >>$tmpconf
-
-		[ -n "${clean_ruleset_threshold}" ] && \
-			echo "clean_ruleset_threshold=${clean_ruleset_threshold}" >>$tmpconf
-
-		[ -n "${clean_ruleset_interval}" ] && \
-			echo "clean_ruleset_interval=${clean_ruleset_interval}" >>$tmpconf
-
-		[ -n "${ipv6_listening_ip}" ] && \
-			echo "ipv6_listening_ip=${ipv6_listening_ip}" >>$tmpconf
-
-		[ -z "$uuid" ] && {
-			uuid="$(cat /proc/sys/kernel/random/uuid)"
-			uci set upnpd.config.uuid=$uuid
-			uci commit upnpd
-		}
-
-		[ "$uuid" = "nocli" ] || \
-			echo "uuid=$uuid" >>$tmpconf
-
-		[ -n "${serial_number}" ] && \
-			echo "serial=${serial_number}" >>$tmpconf
-
-		[ -n "${model_number}" ] && \
-			echo "model_number=${model_number}" >>$tmpconf
-
-	    config_foreach conf_rule_add perm_rule "$tmpconf"
-	fi
-
-
-	if [ -n "$ifname" ]; then
-		# start firewall
-		iptables -L MINIUPNPD >/dev/null 2>/dev/null || fw3 reload
-
-		if [ "$logging" = "1" ]; then
-			SERVICE_DAEMONIZE=1 \
-			service_start /usr/sbin/miniupnpd $args -d
-		else
-			SERVICE_DAEMONIZE= \
-			service_start /usr/sbin/miniupnpd $args
-		fi
-	else
-		logger -t "upnp daemon" "external interface not found, not starting"
-	fi
-}
-
-stop() {
-	service_stop /usr/sbin/miniupnpd
-
-	iptables -t nat -F MINIUPNPD 2>/dev/null
-	iptables -t filter -F MINIUPNPD 2>/dev/null
-
-        [ -x /usr/sbin/ip6tables ] && {
-	    ip6tables -t filter -F MINIUPNPD 2>/dev/null
-        }
-}
diff --git a/net/miniupnpd/files/upnpd.config b/net/miniupnpd/files/upnpd.config
deleted file mode 100644
index 9a65bfa..0000000
--- a/net/miniupnpd/files/upnpd.config
+++ /dev/null
@@ -1,27 +0,0 @@
-config upnpd config
-	option enabled		0
-	option enable_natpmp	1
-	option enable_upnp	1
-	option secure_mode	1
-	option log_output	0
-	option download 	1024
-	option upload   	512
-        #by default, looked up dynamically from ubus
-	#option external_iface	wan
-	option internal_iface	lan
-	option port		5000
-	option upnp_lease_file	/var/upnp.leases
-	
-config perm_rule
-	option action		allow
-	option ext_ports	1024-65535
-	option int_addr		0.0.0.0/0	# Does not override secure_mode
-	option int_ports	1024-65535
-	option comment		"Allow high ports"
-
-config perm_rule
-       option action		deny
-       option ext_ports		0-65535
-       option int_addr		0.0.0.0/0
-       option int_ports		0-65535
-       option comment		"Default deny"
diff --git a/net/miniupnpd/patches/101-no-ssl-uuid.patch b/net/miniupnpd/patches/101-no-ssl-uuid.patch
deleted file mode 100644
index 81cea10..0000000
--- a/net/miniupnpd/patches/101-no-ssl-uuid.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-We do not need to autodetect SSL/UUID; SSL we do not support, UUID we always do.
-
---- a/Makefile.linux
-+++ b/Makefile.linux
-@@ -153,14 +153,18 @@ LDLIBS += $(shell $(PKG_CONFIG) --static
- LDLIBS += $(shell $(PKG_CONFIG) --static --libs-only-l libnetfilter_conntrack)
- endif # ($(TEST),1)
- 
-+ifeq ($(TARGET_OPENWRT),)
-+# n/a - we don't enable https server for IGD v2 anyway in OpenWrt
- LDLIBS += $(shell $(PKG_CONFIG) --static --libs-only-l libssl)
- 
-+# n/a - we hardcodedly support libuuid
- TEST := $(shell $(PKG_CONFIG) --exists uuid && echo 1)
- ifeq ($(TEST),1)
- LDLIBS += $(shell $(PKG_CONFIG) --static --libs-only-l uuid)
- else
- $(info please install uuid-dev package / libuuid)
- endif # ($(TEST),1)
-+endif
- 
- TESTUPNPDESCGENOBJS = testupnpdescgen.o upnpdescgen.o
- 
diff --git a/net/miniupnpd/patches/102-ipv6-ext-port.patch b/net/miniupnpd/patches/102-ipv6-ext-port.patch
deleted file mode 100644
index 806c7fd..0000000
--- a/net/miniupnpd/patches/102-ipv6-ext-port.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/pcpserver.c
-+++ b/pcpserver.c
-@@ -982,6 +982,7 @@ static int CreatePCPMap_NAT(pcp_info_t *
- 				   timestamp);
- 	if (r < 0)
- 		return PCP_ERR_NO_RESOURCES;
-+	pcp_msg_info->ext_port = pcp_msg_info->int_port;
- 	return PCP_SUCCESS;
- }
- 
diff --git a/net/miniupnpd/patches/103-no-ipv6-autodetection.patch b/net/miniupnpd/patches/103-no-ipv6-autodetection.patch
deleted file mode 100644
index 50d5a39..0000000
--- a/net/miniupnpd/patches/103-no-ipv6-autodetection.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-The miniupnpd makefile tries to autodetect iptables capabilities.
-This will incorrectly detect capabilities such as ipv6 support even though it is disabled for the target build.
-
-As the OpenWRT buildsystem already passes the right compile flags, we can skip the autodetection.
-
-
---- a/netfilter/Makefile
-+++ b/netfilter/Makefile
-@@ -38,8 +38,6 @@ endif
- endif
- endif
- 
--LIBS +=  /lib/libip4tc.so /lib/libip6tc.so
--
- all:	iptcrdr.o testiptcrdr iptpinhole.o \
-         testiptcrdr_peer testiptcrdr_dscp test_nfct_get
- #        testiptpinhole
---- a/Makefile.linux
-+++ b/Makefile.linux
-@@ -73,7 +73,6 @@ CPPFLAGS += -DIPTABLES_143
- endif
- 
- CFLAGS  += $(shell $(PKG_CONFIG) --cflags libiptc)
--LDLIBS  += $(shell $(PKG_CONFIG) --static --libs-only-l libiptc)
- LDFLAGS += $(shell $(PKG_CONFIG) --libs-only-L libiptc)
- LDFLAGS += $(shell $(PKG_CONFIG) --libs-only-other libiptc)
- else
diff --git a/net/miniupnpd/patches/104-always-libuuid.patch b/net/miniupnpd/patches/104-always-libuuid.patch
deleted file mode 100644
index d6c0770..0000000
--- a/net/miniupnpd/patches/104-always-libuuid.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-As it turns out, the 'magic' libuuid/bsd uuid check just checks
-outside buildtree altogether for the uuid_generate. So we just
-hardcode it.
-
---- a/genconfig.sh
-+++ b/genconfig.sh
-@@ -367,12 +367,7 @@ case $FW in
- esac
- 
- # UUID API
--if grep uuid_create /usr/include/uuid.h > /dev/null 2>&1 ; then
--	echo "#define BSD_UUID" >> ${CONFIGFILE}
--fi
--if grep uuid_generate /usr/include/uuid/uuid.h > /dev/null 2>&1 ; then
--	echo "#define LIB_UUID" >> ${CONFIGFILE}
--fi
-+echo "#define LIB_UUID" >> ${CONFIGFILE}
- 
- # set V6SOCKETS_ARE_V6ONLY to 0 if it was not set above
- if [ -z "$V6SOCKETS_ARE_V6ONLY" ] ; then
diff --git a/net/mwan3-luci/Makefile b/net/mwan3-luci/Makefile
index 8c77394..fa2a244 100644
--- a/net/mwan3-luci/Makefile
+++ b/net/mwan3-luci/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-mwan3
 PKG_VERSION:=1.4
-PKG_RELEASE:=5
+PKG_RELEASE:=6
 PKG_MAINTAINER:=Aedan Renner 
 PKG_LICENSE:=GPLv2
 
diff --git a/net/mwan3-luci/files/usr/lib/lua/luci/controller/mwan3.lua b/net/mwan3-luci/files/usr/lib/lua/luci/controller/mwan3.lua
index 3d5a23d..bec0e6b 100644
--- a/net/mwan3-luci/files/usr/lib/lua/luci/controller/mwan3.lua
+++ b/net/mwan3-luci/files/usr/lib/lua/luci/controller/mwan3.lua
@@ -65,7 +65,8 @@ end
 
 function getInterfaceStatus(ruleNumber, interfaceName)
 	if ut.trim(sys.exec("uci -p /var/state get mwan3." .. interfaceName .. ".enabled")) == "1" then
-		if ut.trim(sys.exec(ip .. "route list table " .. ruleNumber)) ~= "" then
+		local fs = require "nixio.fs"
+		if fs.readfile("/var/run/mwan3/iface_state/%s" % interfaceName) == "online" then
 			if ut.trim(sys.exec("uci -p /var/state get mwan3." .. interfaceName .. ".track_ip")) ~= "" then
 				return "online"
 			else
diff --git a/net/mwan3/Makefile b/net/mwan3/Makefile
index 394a642..b75b71b 100644
--- a/net/mwan3/Makefile
+++ b/net/mwan3/Makefile
@@ -8,8 +8,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=mwan3
-PKG_VERSION:=2.5.2
-PKG_RELEASE:=5
+PKG_VERSION:=2.0.2
+PKG_RELEASE:=1
 PKG_MAINTAINER:=Florian Eckert 
 PKG_LICENSE:=GPLv2
 
@@ -21,7 +21,6 @@ define Package/mwan3
    SUBMENU:=Routing and Redirection
    DEPENDS:=+ip +ipset +iptables +iptables-mod-conntrack-extra +iptables-mod-ipopt
    TITLE:=Multiwan hotplug script with connection tracking support
-   MAINTAINER:=Florian Eckert 
    PKGARCH:=all
 endef
 
@@ -33,7 +32,6 @@ endef
 
 define Package/mwan3/conffiles
 /etc/config/mwan3
-/etc/mwan3.user
 endef
 
 define Build/Compile
diff --git a/net/mwan3/files/etc/hotplug.d/iface/15-mwan3 b/net/mwan3/files/etc/hotplug.d/iface/15-mwan3
index e3fd16c..1e9599e 100644
--- a/net/mwan3/files/etc/hotplug.d/iface/15-mwan3
+++ b/net/mwan3/files/etc/hotplug.d/iface/15-mwan3
@@ -11,33 +11,33 @@ if [ "$ACTION" == "ifup" ]; then
         [ -n "$DEVICE" ] || exit 3
 fi
 
+[ -x /usr/bin/ip ] || exit 4
+[ -x /usr/sbin/ipset ] || exit 5
+[ -x /usr/sbin/iptables ] || exit 6
+[ -x /usr/sbin/ip6tables ] || exit 7
+[ -x /usr/bin/logger ] || exit 8
+
+mwan3_lock
 mwan3_set_connected_iptables
+mwan3_unlock
 
 config_load mwan3
 config_get enabled $INTERFACE enabled 0
 [ "$enabled" == "1" ] || exit 0
 
-if [ "$ACTION" == "ifup" ]; then
-	config_get family $INTERFACE family ipv4
-	if [ "$family" = "ipv4" ]; then
-		ubus call network.interface.${INTERFACE}_4 status &>/dev/null
-		if [ "$?" -eq "0" ]; then
-			network_get_gateway gateway ${INTERFACE}_4
-		else
-			network_get_gateway gateway $INTERFACE
-		fi
-	elif [ "$family" = "ipv6" ]; then
-		ubus call network.interface.${INTERFACE}_6 status &>/dev/null
-		if [ "$?" -eq "0" ]; then
-			network_get_gateway6 gateway ${INTERFACE}_6
-		else
-			network_get_gateway6 gateway ${INTERFACE}
-		fi
-	fi
+config_get family $INTERFACE family ipv4
+
+if [ "$family" == "ipv4" ]; then
+	network_get_gateway gateway $INTERFACE
+elif [ "$family" == "ipv6" ]; then
+	network_get_gateway6 gateway $INTERFACE
+fi
 
+if [ "$ACTION" == "ifup" ]; then
 	[ -n "$gateway" ] || exit 9
 fi
 
+mwan3_lock
 $LOG notice "$ACTION interface $INTERFACE (${DEVICE:-unknown})"
 
 case "$ACTION" in
@@ -47,21 +47,19 @@ case "$ACTION" in
 		mwan3_create_iface_rules $INTERFACE $DEVICE
 		mwan3_create_iface_iptables $INTERFACE $DEVICE
 		mwan3_create_iface_route $INTERFACE $DEVICE
+		mwan3_set_iface_hotplug_state $INTERFACE "online"
 		mwan3_track $INTERFACE $DEVICE
 		mwan3_set_policies_iptables
 		mwan3_set_user_rules
-		mwan3_flush_conntrack $INTERFACE $DEVICE "ifup"
 	;;
 	ifdown)
-		mwan3_delete_iface_rules $INTERFACE
-		mwan3_delete_iface_iptables $INTERFACE
-		mwan3_delete_iface_route $INTERFACE
+		mwan3_set_iface_hotplug_state $INTERFACE "offline"
 		mwan3_delete_iface_ipset_entries $INTERFACE
-		mwan3_track_signal $INTERFACE $DEVICE
 		mwan3_set_policies_iptables
 		mwan3_set_user_rules
-		mwan3_flush_conntrack $INTERFACE $DEVICE "ifdown"
 	;;
 esac
 
+mwan3_unlock
+
 exit 0
diff --git a/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user b/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user
deleted file mode 100644
index 485f8de..0000000
--- a/net/mwan3/files/etc/hotplug.d/iface/16-mwan3-user
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-
-[ -f "/etc/mwan3.user" ] && {
-	. /lib/functions.sh
-
-	config_load mwan3
-	config_get enabled "$INTERFACE" enabled 0
-	[ "${enabled}" = "1" ] || exit 0
-	env -i ACTION="$ACTION" INTERFACE="$INTERFACE" DEVICE="$DEVICE" \
-		/bin/sh /etc/mwan3.user
-}
-
-exit 0
diff --git a/net/mwan3/files/etc/mwan3.user b/net/mwan3/files/etc/mwan3.user
deleted file mode 100644
index 3c1f9fb..0000000
--- a/net/mwan3/files/etc/mwan3.user
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-#
-# This file is interpreted as shell script.
-# Put your custom mwan3 action here, they will
-# be executed with each netifd hotplug interface event
-# on interfaces for which mwan3 is enabled.
-#
-# There are three main environment variables that are passed to this script.
-#
-# $ACTION	Either "ifup" or "ifdown"
-# $INTERFACE	Name of the interface which went up or down (e.g. "wan" or "wwan")
-# $DEVICE	Physical device name which interface went up or down (e.g. "eth0" or "wwan0")
diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh
index 3798d7e..f7baccd 100644
--- a/net/mwan3/files/lib/mwan3/mwan3.sh
+++ b/net/mwan3/files/lib/mwan3/mwan3.sh
@@ -1,12 +1,27 @@
 #!/bin/sh
 
-IP4="ip -4"
-IP6="ip -6"
-IPS="ipset"
-IPT4="iptables -t mangle -w"
-IPT6="ip6tables -t mangle -w"
-LOG="logger -t mwan3 -p"
-CONNTRACK_FILE="/proc/net/nf_conntrack"
+IP4="/usr/bin/ip -4"
+IP6="/usr/bin/ip -6"
+IPS="/usr/sbin/ipset"
+IPT4="/usr/sbin/iptables -t mangle -w"
+IPT6="/usr/sbin/ip6tables -t mangle -w"
+LOG="/usr/bin/logger -t mwan3 -p"
+
+MWAN3_STATUS_DIR="/var/run/mwan3"
+
+[ -d $MWAN3_STATUS_DIR ] || mkdir -p $MWAN3_STATUS_DIR/iface_state
+
+mwan3_lock() {
+	lock /var/run/mwan3.lock
+}
+
+mwan3_unlock() {
+	lock -u /var/run/mwan3.lock
+}
+
+mwan3_lock_clean() {
+	rm -rf /var/run/mwan3.lock
+}
 
 mwan3_get_iface_id()
 {
@@ -130,12 +145,7 @@ mwan3_create_iface_iptables()
 
 	if [ "$family" == "ipv4" ]; then
 
-		ubus call network.interface.${1}_4 status &>/dev/null
-		if [ "$?" -eq "0" ]; then
-			network_get_ipaddr src_ip ${1}_4
-		else
-			network_get_ipaddr src_ip $1
-		fi
+		network_get_ipaddr src_ip $1
 
 		$IPS -! create mwan3_connected list:set
 
@@ -171,12 +181,7 @@ mwan3_create_iface_iptables()
 
 	if [ "$family" == "ipv6" ]; then
 
-		ubus call network.interface.${1}_6 status &>/dev/null
-		if [ "$?" -eq "0" ]; then
-			network_get_ipaddr6 src_ipv6 ${1}_6
-		else
-			network_get_ipaddr6 src_ipv6 $1
-		fi
+		network_get_ipaddr6 src_ipv6 $1
 
 		$IPS -! create mwan3_connected_v6 hash:net family inet6
 
@@ -248,13 +253,8 @@ mwan3_create_iface_route()
 	[ -n "$id" ] || return 0
 
 	if [ "$family" == "ipv4" ]; then
-		ubus call network.interface.${1}_4 status &>/dev/null
-		if [ "$?" -eq "0" ]; then
-			network_get_gateway route_args ${1}_4
-		else
-			network_get_gateway route_args $1
-		fi
 
+		network_get_gateway route_args $1
 		route_args="via $route_args dev $2"
 
 		$IP4 route flush table $id
@@ -263,13 +263,7 @@ mwan3_create_iface_route()
 
 	if [ "$family" == "ipv6" ]; then
 
-		ubus call network.interface.${1}_6 status &>/dev/null
-		if [ "$?" -eq "0" ]; then
-			network_get_gateway6 route_args ${1}_6
-		else
-			network_get_gateway6 route_args $1
-		fi
-
+		network_get_gateway6 route_args $1
 		route_args="via $route_args dev $2"
 
 		$IP6 route flush table $id
@@ -382,7 +376,7 @@ mwan3_delete_iface_ipset_entries()
 
 mwan3_track()
 {
-	local track_ip track_ips
+	local track_ip track_ips reliability count timeout interval down up
 
 	mwan3_list_track_ips()
 	{
@@ -390,21 +384,20 @@ mwan3_track()
 	}
 	config_list_foreach $1 track_ip mwan3_list_track_ips
 
-	kill $(pgrep -f "mwan3track $1") &> /dev/null
-	if [ -n "$track_ips" ]; then
-		[ -x /usr/sbin/mwan3track ] && /usr/sbin/mwan3track $1 $2 $track_ips &
+	if [ -e /var/run/mwan3track-$1.pid ] ; then
+		kill $(cat /var/run/mwan3track-$1.pid) &> /dev/null
+		rm /var/run/mwan3track-$1.pid &> /dev/null
 	fi
-}
 
-mwan3_track_signal()
-{
-	local pid
-
-	pid="$(pgrep -f "mwan3track $1")"
-	if [ "${pid}" != "" ]; then
-		kill -USR1 "${pid}"
-	else
-		$LOG warn "Unable to send signal USR1 to mwan3track on interface $1 with pid ${pid}"
+	if [ -n "$track_ips" ]; then
+		config_get reliability $1 reliability 1
+		config_get count $1 count 1
+		config_get timeout $1 timeout 4
+		config_get interval $1 interval 10
+		config_get down $1 down 5
+		config_get up $1 up 5
+
+		[ -x /usr/sbin/mwan3track ] && /usr/sbin/mwan3track $1 $2 $reliability $count $timeout $interval $down $up $track_ips &
 	fi
 }
 
@@ -426,7 +419,7 @@ mwan3_set_policy()
 
 	if [ "$family" == "ipv4" ]; then
 
-		if [ -n "$($IP4 route list table $id)" ]; then
+		if [ "$(mwan3_get_iface_hotplug_state $iface)" = "online" ]; then
 			if [ "$metric" -lt "$lowest_metric_v4" ]; then
 
 				total_weight_v4=$weight
@@ -459,7 +452,7 @@ mwan3_set_policy()
 
 	if [ "$family" == "ipv6" ]; then
 
-		if [ -n "$($IP6 route list table $id)" ]; then
+		if [ "$(mwan3_get_iface_hotplug_state $iface)" = "online" ]; then
 			if [ "$metric" -lt "$lowest_metric_v6" ]; then
 
 				total_weight_v6=$weight
@@ -690,6 +683,19 @@ mwan3_set_user_rules()
 	config_foreach mwan3_set_user_iptables_rule rule
 }
 
+mwan3_set_iface_hotplug_state() {
+	local iface=$1
+	local state=$2
+
+	echo -n $state > $MWAN3_STATUS_DIR/iface_state/$iface
+}
+
+mwan3_get_iface_hotplug_state() {
+	local iface=$1
+
+	cat $MWAN3_STATUS_DIR/iface_state/$iface 2>/dev/null || echo "unknown"
+}
+
 mwan3_report_iface_status()
 {
 	local device result track_ips tracking IP IPT
@@ -711,16 +717,14 @@ mwan3_report_iface_status()
 
 	if [ -z "$id" -o -z "$device" ]; then
 		result="unknown"
-	elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')"i -a -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -a -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -a -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -a -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
-		result="online"
+	elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -a -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -a -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -a -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -a -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
+		result="$(mwan3_get_iface_hotplug_state $1)"
 	elif [ -n "$($IP rule | awk '$1 == "'$(($id+1000)):'"')" -o -n "$($IP rule | awk '$1 == "'$(($id+2000)):'"')" -o -n "$($IPT -S mwan3_iface_in_$1 2> /dev/null)" -o -n "$($IPT -S mwan3_iface_out_$1 2> /dev/null)" -o -n "$($IP route list table $id default dev $device 2> /dev/null)" ]; then
 		result="error"
+	elif [ "$enabled" == "1" ]; then
+		result="offline"
 	else
-		if [ "$enabled" == "1" ]; then
-			result="offline"
-		else
-			result="disabled"
-		fi
+		result="disabled"
 	fi
 
 	mwan3_list_track_ips()
@@ -827,36 +831,3 @@ mwan3_report_rules_v6()
 		$IPT6 -L mwan3_rules -n -v 2> /dev/null | tail -n+3 | sed 's/mark.*//' | sed 's/mwan3_policy_/- /' | sed 's/mwan3_rule_/S /'
 	fi
 }
-
-mwan3_flush_conntrack()
-{
-	local flush_conntrack
-
-	config_get flush_conntrack $1 flush_conntrack never
-
-	if [ -e "$CONNTRACK_FILE" ]; then
-		case $flush_conntrack in
-			ifup)
-				[ "$3" = "ifup" ] && {
-					echo f > ${CONNTRACK_FILE}
-					$LOG info "connection tracking flushed on interface $1 ($2) $3"
-				}
-				;;
-			ifdown)
-				[ "$3" = "ifdown" ] && {
-					echo f > ${CONNTRACK_FILE}
-					$LOG info "connection tracking flushed on interface $1 ($2) $3"
-				}
-				;;
-			always)
-				echo f > ${CONNTRACK_FILE}
-				$LOG info "connection tracking flushed on interface $1 ($2) $3"
-				;;
-			never)
-				$LOG info "connection tracking not flushed on interface $1 ($2) $3"
-				;;
-		esac
-	else
-		$LOG warning "connection tracking not enabled"
-	fi
-}
diff --git a/net/mwan3/files/usr/libexec/rpcd/mwan3 b/net/mwan3/files/usr/libexec/rpcd/mwan3
deleted file mode 100755
index bbc570f..0000000
--- a/net/mwan3/files/usr/libexec/rpcd/mwan3
+++ /dev/null
@@ -1,122 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-. /usr/share/libubox/jshn.sh
-
-MWAN3_STATUS_DIR="/var/run/mwan3track"
-MWAN3_PID_FILE="/var/run/mwan3track"
-
-IPS="ipset"
-IPT4="iptables -t mangle -w"
-IPT6="ip6tables -t mangle -w"
-
-report_connected_v4() {
-	local address
-
-	if [ -n "$($IPT4 -S mwan3_connected 2> /dev/null)" ]; then
-		for address in $($IPS list mwan3_connected_v4 | tail -n +8); do
-			json_add_string "" "${address}"
-		done
-	fi
-}
-
-report_connected_v6() {
-	local address
-
-	if [ -n "$($IPT6 -S mwan3_connected 2> /dev/null)" ]; then
-		for address in $($IPS list mwan3_connected_v6 | tail -n +8); do
-			json_add_string "" "${address}"
-		done
-	fi
-}
-
-get_mwan3_status() {
-	local iface="${1}"
-	local iface_select="${2}"
-	local running="0"
-	local pid
-
-	if [ "${iface}" = "${iface_select}" ] || [ "${iface_select}" = "" ]; then
-		pid="$(pgrep -f "mwan3track $iface_selected")"
-		if [ "${pid}" != "" ]; then
-			running="1"
-		fi
-
-		json_add_object "${iface}"
-		json_add_string "score" "$(cat "$MWAN3_STATUS_DIR/${iface}/SCORE")"
-		json_add_string "lost" "$(cat "$MWAN3_STATUS_DIR/${iface}/LOST")"
-		json_add_string "turn" "$(cat "$MWAN3_STATUS_DIR/${iface}/TURN")"
-		json_add_string "status" "$(cat "$MWAN3_STATUS_DIR/${iface}/STATUS")"
-		json_add_boolean "running" "${running}"
-		json_add_array "track_ip"
-		for file in $MWAN3_STATUS_DIR/${iface}/*; do
-			track="${file#*/TRACK_}"
-			if [ "${track}" != "${file}" ]; then
-				json_add_object
-				json_add_string ip "${track}"
-				json_add_string status "$(cat "${file}")"
-				json_close_object
-			fi
-		done
-		json_close_array
-		json_close_object
-	fi
-}
-
-case "$1" in
-	list)
-		json_init
-		json_add_object "status"
-		json_add_string "section" "x"
-		json_add_string "interface" "x"
-		json_close_object
-		json_dump
-		;;
-	call)
-		case "$2" in
-		status)
-			local section iface
-			read input;
-			json_load "$input"
-			json_get_var section section
-			json_get_var iface interface
-
-			config_load mwan3
-			json_init
-			case "$section" in
-				interfaces)
-					json_add_object interfaces
-					config_foreach get_mwan3_status interface "${iface}"
-					json_close_object
-					;;
-				connected)
-					json_add_object connected
-					json_add_array ipv4
-					report_connected_v4
-					json_close_array
-					json_add_array ipv6
-					report_connected_v6
-					json_close_array
-					json_close_object
-					;;
-				*)
-					# interfaces
-					json_add_object interfaces
-					config_foreach get_mwan3_status interface
-					json_close_object
-					# connected
-					json_add_object connected
-					json_add_array ipv4
-					report_connected_v4
-					json_close_array
-					json_add_array ipv6
-					report_connected_v6
-					json_close_array
-					json_close_object
-					;;
-			esac
-			json_dump
-			;;
-		esac
-		;;
-esac
diff --git a/net/mwan3/files/usr/sbin/mwan3 b/net/mwan3/files/usr/sbin/mwan3
index f23d2e7..3355a0f 100755
--- a/net/mwan3/files/usr/sbin/mwan3
+++ b/net/mwan3/files/usr/sbin/mwan3
@@ -1,5 +1,11 @@
 #!/bin/sh
 
+[ -x /usr/bin/ip ] || exit 4
+[ -x /usr/sbin/ipset ] || exit 5
+[ -x /usr/sbin/iptables ] || exit 6
+[ -x /usr/sbin/ip6tables ] || exit 7
+[ -x /usr/bin/logger ] || exit 8
+
 . /lib/functions.sh
 . /lib/functions/network.sh
 . /lib/mwan3/mwan3.sh
@@ -36,7 +42,10 @@ ifdown()
 
 	ACTION=ifdown INTERFACE=$1 /sbin/hotplug-call iface
 
-	kill $(pgrep -f "mwan3track $1") &> /dev/null
+	if [ -e /var/run/mwan3track-$1.pid ] ; then
+		kill $(cat /var/run/mwan3track-$1.pid)
+		rm /var/run/mwan3track-$1.pid
+	fi
 }
 
 ifup()
@@ -120,6 +129,7 @@ stop()
 	local ipset route rule table IP IPT
 
 	killall mwan3track &> /dev/null
+	rm /var/run/mwan3track-* &> /dev/null
 
 	for IP in "$IP4" "$IP6"; do
 
@@ -153,6 +163,9 @@ stop()
 	for ipset in $($IPS -n list | grep mwan3 | grep -E '_v4|_v6'); do
 		$IPS -q destroy $ipset
 	done
+
+	mwan3_lock_clean
+	rm -rf $MWAN3_STATUS_DIR
 }
 
 restart() {
diff --git a/net/mwan3/files/usr/sbin/mwan3track b/net/mwan3/files/usr/sbin/mwan3track
index 8afe901..326d8ab 100755
--- a/net/mwan3/files/usr/sbin/mwan3track
+++ b/net/mwan3/files/usr/sbin/mwan3track
@@ -1,129 +1,66 @@
 #!/bin/sh
 
-. /lib/functions.sh
+[ -z "$9" ] && echo "Error: should not be started manually" && exit 0
 
-LOG="logger -t $(basename "$0")[$$] -p"
-INTERFACE=""
-DEVICE=""
+if [ -e /var/run/mwan3track-$1.pid ] ; then
+	kill $(cat /var/run/mwan3track-$1.pid) &> /dev/null
+	rm /var/run/mwan3track-$1.pid &> /dev/null
+fi
 
-IFDOWN_EVENT=0
+echo "$$" > /var/run/mwan3track-$1.pid
 
-clean_up() {
-	$LOG notice "Stopping mwan3track for interface \"${INTERFACE}\""
-	if [ "$(pgrep -f "mwan3track ${INTERFACE}")" = "" ]; then
-		rm -rf "/var/run/mwan3track/${INTERFACE}" &> /dev/null
-	fi
-	if [ -z "$(ls -A "/var/run/mwan3track")" ]; then
-		rm -rf "/var/run/mwan3track"
-	fi
-	exit 0
-}
-
-if_down() {
-	$LOG info "Detect ifdown event on interface ${INTERFACE} (${DEVICE})"
-	IFDOWN_EVENT=1
-}
-
-main() {
-	local reliability count timeout interval failure_interval
-	local recovery_interval down up size
-
-	[ -z "$3" ] && echo "Error: should not be started manually" && exit 0
-
-	INTERFACE=$1
-	DEVICE=$2
-	mkdir -p /var/run/mwan3track/$1
-	trap clean_up SIGINT SIGTERM
-	trap if_down SIGUSR1
-
-	config_load mwan3
-	config_get reliability $1 reliability 1
-	config_get count $1 count 1
-	config_get timeout $1 timeout 4
-	config_get interval $1 interval 10
-	config_get down $1 down 5
-	config_get up $1 up 5
-	config_get size $1 size 56
-	config_get failure_interval $1 failure_interval $interval
-	config_get recovery_interval $1 recovery_interval $interval
-
-	local score=$(($down+$up))
-	local track_ips=$(echo $* | cut -d ' ' -f 3-99)
-	local host_up_count=0
-	local lost=0
-	local sleep_time=0
-	local turn=0
-
-	echo "offline" > /var/run/mwan3track/$1/STATUS
-	while true; do
-
-		sleep_time=$interval
-
-		for track_ip in $track_ips; do
-			ping -I $2 -c $count -W $timeout -s $size -q $track_ip &> /dev/null
-			if [ $? -eq 0 ]; then
-				let host_up_count++
-				echo "up" > /var/run/mwan3track/$1/TRACK_${track_ip}
-			else
-				let lost++
-				echo "down" > /var/run/mwan3track/$1/TRACK_${track_ip}
-			fi
-		done
-
-		if [ $host_up_count -lt $reliability ]; then
-			let score--
-
-			if [ $score -lt $up ]; then
-				score=0
-			else
-				sleep_time=$failure_interval
-			fi
-
-			if [ $score -eq $up ]; then
-				echo "offline" > /var/run/mwan3track/$1/STATUS
-				$LOG notice "Interface $1 ($2) is offline"
-				env -i ACTION=ifdown INTERFACE=$1 DEVICE=$2 /sbin/hotplug-call iface
-				score=0
-			fi
+score=$(($7+$8))
+track_ips=$(echo $* | cut -d ' ' -f 9-99)
+host_up_count=0
+lost=0
+
+while true; do
+
+	for track_ip in $track_ips; do
+		ping -I $2 -c $4 -W $5 -q $track_ip &> /dev/null
+		if [ $? -eq 0 ]; then
+			let host_up_count++
 		else
-			if [ $score -lt $(($down+$up)) ] && [ $lost -gt 0 ]; then
-				$LOG info "Lost $(($lost*$count)) ping(s) on interface $1 ($2)"
-			fi
-
-			let score++
-			lost=0
-
-			if [ $score -gt $up ]; then
-				echo "online" > /var/run/mwan3track/$1/STATUS
-				score=$(($down+$up))
-			elif [ $score -le $up ]; then
-				sleep_time=$recovery_interval
-			fi
-
-			if [ $score -eq $up ]; then
-				$LOG notice "Interface $1 ($2) is online"
-				env -i ACTION=ifup INTERFACE=$1 DEVICE=$2 /sbin/hotplug-call iface
-				rm -rf "/var/run/mwan3track/${1}" &> /dev/null
-				exit 0
-			fi
+			let lost++
 		fi
+	done
 
-		let turn++
-		mkdir -p "/var/run/mwan3track/${1}"
-		echo "${lost}" > /var/run/mwan3track/$1/LOST
-		echo "${score}" > /var/run/mwan3track/$1/SCORE
-		echo "${turn}" > /var/run/mwan3track/$1/TURN
+	if [ $host_up_count -lt $3 ]; then
+		let score--
 
-		host_up_count=0
-		sleep "${sleep_time}" &
-		wait
+		if [ $score -lt $8 ]; then score=0 ; fi
+		if [ $score -eq $8 ]; then
 
-		if [ "${IFDOWN_EVENT}" -eq 1 ]; then
+			logger -t mwan3track -p notice "Interface $1 ($2) is offline"
+			env -i ACTION=ifdown INTERFACE=$1 DEVICE=$2 /sbin/hotplug-call iface
 			score=0
-			echo "offline" > /var/run/mwan3track/$1/STATUS
-			IFDOWN_EVENT=0
+
 		fi
-	done
-}
 
-main "$@"
+	else
+
+		if [ $score -lt $(($7+$8)) ] && [ $lost -gt 0 ]; then
+
+			logger -t mwan3track -p info "Lost $(($lost*$4)) ping(s) on interface $1 ($2)"
+
+		fi
+
+		let score++
+		lost=0
+
+		if [ $score -gt $8 ]; then score=$(($7+$8)); fi
+		if [ $score -eq $8 ]; then
+
+			logger -t mwan3track -p notice "Interface $1 ($2) is online"
+			env -i ACTION=ifup INTERFACE=$1 DEVICE=$2 /sbin/hotplug-call iface
+			rm /var/run/mwan3track-$1.pid
+			exit 0
+		fi
+	fi
+
+	host_up_count=0
+	sleep $6 &
+	wait
+done
+
+exit 1
diff --git a/net/nlbwmon/Makefile b/net/nlbwmon/Makefile
new file mode 100644
index 0000000..009592e
--- /dev/null
+++ b/net/nlbwmon/Makefile
@@ -0,0 +1,42 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=nlbwmon
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/jow-/nlbwmon.git
+PKG_SOURCE_DATE:=2017-08-02
+PKG_SOURCE_VERSION:=32fc0925cbc30a4a8f71392e976aa94b586c4086
+PKG_MIRROR_HASH:=caedb66cf6dcbdcee0d1525923e203d003ef15f34a13a328686794666f16171f
+
+CMAKE_INSTALL:=1
+
+PKG_MAINTAINER:=Jo-Philipp Wich 
+PKG_LICENSE:=ISC
+PKG_LICENSE_FILES:=COPYING
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include/libnl-tiny
+
+define Package/nlbwmon
+  SECTION:=net
+  CATEGORY:=Network
+  DEPENDS:=+libubox +libnl-tiny +zlib +kmod-nf-conntrack-netlink
+  TITLE:=LEDE Traffic Usage Monitor
+endef
+
+define Package/nlbwmon/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/nlbwmon $(1)/usr/sbin/nlbwmon
+	$(LN) nlbwmon $(1)/usr/sbin/nlbw
+	$(INSTALL_DIR) $(1)/usr/share/nlbwmon
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/protocols.txt $(1)/usr/share/nlbwmon/protocols
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/nlbwmon.init $(1)/etc/init.d/nlbwmon
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_CONF) ./files/nlbwmon.config $(1)/etc/config/nlbwmon
+endef
+
+$(eval $(call BuildPackage,nlbwmon))
diff --git a/net/nlbwmon/files/nlbwmon.config b/net/nlbwmon/files/nlbwmon.config
new file mode 100644
index 0000000..3b15396
--- /dev/null
+++ b/net/nlbwmon/files/nlbwmon.config
@@ -0,0 +1,51 @@
+config nlbwmon
+	# Interval at which the temporary in-memory database is committed to
+	# the persistent database directory
+	option commit_interval 24h
+
+	# Interval at which traffic counters of still established connections
+	# are refreshed from netlink information
+	option refresh_interval 30s
+
+	# Storage directory for the database files
+	option database_directory /var/lib/nlbwmon
+
+	# Amount of database generations to retain. If the limit is reached,
+	# the oldest database files are deleted.
+	option database_generations 10
+
+	# Accounting period interval; may be either in the format YYYY-MM-DD/NN
+	# to start a new accounting period exactly every NN days, beginning at
+	# the given date, or a number specifiying the day of month at which to
+	# start the next accounting period.
+	#option database_interval '2017-01-17/14' # every 14 days, starting at Tue
+	#option database_interval '-2' # second last day of month, e.g. 30th in March
+	option database_interval '1' # first day of month (default)
+
+	# The maximum amount of entries that should be put into the database,
+	# setting the limit to 0 will allow databases to grow indefinitely.
+	option database_limit 10000
+
+	# Whether to preallocate the maximum possible database size in memory.
+	# This is mainly useful for memory constrained systems which might not
+	# be able to satisfy memory allocation after longer uptime periods.
+	# Only effective in conjunction with database_limit, ignored otherwise.
+	#option database_prealloc 0
+
+	# Whether to gzip compress archive databases. Compressing the database
+	# files makes accessing old data slightly slower but helps to reduce
+	# storage requirements.
+	#option database_compress 1
+
+	# Protocol description file, used to distinguish traffic streams by
+	# IP protocol number and port
+	option protocol_database /usr/share/nlbwmon/protocols
+
+	# List of local subnets. Only conntrack streams from or to any of these
+	# subnets are counted. Logical interface names may be specified to
+	# resolve the local subnets on the fly.
+	list local_network '192.168.0.0/16'
+	list local_network '172.16.0.0/12'
+	list local_network '10.0.0.0/8'
+	list local_network 'lan'
+
diff --git a/net/nlbwmon/files/nlbwmon.init b/net/nlbwmon/files/nlbwmon.init
new file mode 100755
index 0000000..3f01d0f
--- /dev/null
+++ b/net/nlbwmon/files/nlbwmon.init
@@ -0,0 +1,89 @@
+#!/bin/sh /etc/rc.common
+
+START=60
+
+USE_PROCD=1
+NAME=nlbwmon
+PROG=/usr/sbin/nlbwmon
+
+add_subnet() {
+	local network="$1"
+	local range ranges
+
+	case "$network" in
+		*.*|*:*)
+			procd_append_param command '-s' "$network"
+		;;
+		*)
+			if network_get_subnets ranges "$network"; then
+				for range in $ranges; do
+					procd_append_param command '-s' "$range"
+				done
+			fi
+
+			if network_get_subnets6 ranges "$network"; then
+				for range in $ranges; do
+					procd_append_param command '-s' "$range"
+				done
+			fi
+		;;
+	esac
+}
+
+add_option() {
+	local cfg="$1"
+	local flag="$2"
+	local option="$3"
+	local default="$4"
+	local value
+
+	config_get value "$cfg" "$option" "$default"
+	[ -n "$value" ] && procd_append_param command "$flag" "$value"
+}
+
+add_bool() {
+	local cfg="$1"
+	local flag="$2"
+	local option="$3"
+	local default="$4"
+	local value
+
+	config_get_bool value "$cfg" "$option" "$default"
+	[ $value -eq 1 ] && procd_append_param command "$flag"
+}
+
+parse_config() {
+	. /lib/functions/network.sh
+
+	local cfg="$1"
+	local dir
+
+	config_get dir "$cfg" database_directory /var/lib/nlbwmon
+
+	mkdir -p "$dir"
+	procd_append_param command -o "$dir"
+
+	add_option "$cfg" -i commit_interval 24h
+	add_option "$cfg" -r refresh_interval 30s
+	add_option "$cfg" -p protocol_database /usr/share/nlbwmon/protocols
+	add_option "$cfg" -G database_generations 10
+	add_option "$cfg" -I database_interval 1
+	add_option "$cfg" -L database_limit 10000
+
+	add_bool "$cfg" -P database_prealloc 0
+	add_bool "$cfg" -Z database_compress 1
+
+	config_list_foreach "$cfg" local_network add_subnet
+}
+
+start_service() {
+	procd_open_instance
+	procd_set_param stderr 1
+	procd_set_param command "$PROG"
+
+	config_load nlbwmon
+	config_foreach parse_config nlbwmon
+
+	procd_close_instance
+}
+
diff --git a/net/seafile-ccnet/Makefile b/net/seafile-ccnet/Makefile
deleted file mode 100644
index 384fe46..0000000
--- a/net/seafile-ccnet/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#
-# Copyright (C) 2007-2016 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=seafile-ccnet
-PKG_VERSION:=5.1.4
-PKG_RELEASE=$(PKG_SOURCE_VERSION)-1
-PKG_LICENSE:=GPL-3.0
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/haiwen/ccnet.git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=44f74fdc5160c1bf16a92e71d79b856763ddbc15
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_FIXUP:=autoreconf
-PKG_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
-$(call include_mk, python-package.mk)
-
-define Package/seafile-ccnet
-    SECTION:=net
-    CATEGORY:=Network
-    TITLE:=Seafile server - ccnet component
-    MAINTAINER:=Gergely Kiss 
-    URL:=http://seafile.com/
-    DEPENDS:=+libsearpc +libevent2 +libopenssl \
-		+glib2 +python +libzdb +libuuid \
-		+libpthread +libsqlite3 +jansson $(ICONV_DEPENDS)
-    EXTRA_DEPENDS:=libsearpc (=5.1.4-8998e7b2c5587f0b94c48db24e2952d08def5add-1)
-endef
-
-define Package/seafile-ccnet/description
-   Ccnet is a framework for writing networked applications in C.
-endef
-
-CONFIGURE_ARGS += --disable-client \
-		    --enable-server \
-		    --disable-ldap \
-		    --disable-cluster \
-		    --enable-python \
-		    --disable-server-pkg \
-		    --disable-static-build \
-		    --disable-compile-demo \
-		    --disable-console
-
-PKG_BUILD_DEPENDS:=vala/host
-
-TARGET_LDFLAGS += -Wl,-rpath-link=$(STAGING_DIR)/usr/lib -liconv \
-		    -L$(STAGING_DIR)/usr/lib/mysql -lmysqlclient -lz
-
-define Package/seafile-ccnet/install
-	$(INSTALL_DIR) $(1)/usr/{bin,lib}
-	$(INSTALL_DIR) $(1)$(PYTHON_PKG_DIR)
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/ccnet* $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)$(PYTHON_PKG_DIR)/ccnet $(1)$(PYTHON_PKG_DIR)
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libccnet.so* $(1)/usr/lib/
-	find $(1) -name "*\.pyc" -o -name "*\.pyo" | xargs rm -f
-endef
-
-define Build/InstallDev
-	$(INSTALL_DIR) $(1)/usr/include
-	$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
-	$(CP) $(PKG_INSTALL_DIR)/usr/include/ccnet* $(1)/usr/include/
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libccnet.pc $(1)/usr/lib/pkgconfig/
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libccnet.so* $(1)/usr/lib/
-endef
-
-$(eval $(call BuildPackage,seafile-ccnet))
diff --git a/net/seafile-ccnet/patches/010-Makefile.patch b/net/seafile-ccnet/patches/010-Makefile.patch
deleted file mode 100644
index a30abbd..0000000
--- a/net/seafile-ccnet/patches/010-Makefile.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-diff -rupN seafile-ccnet-5.1.1.orig/lib/Makefile.am seafile-ccnet-5.1.1/lib/Makefile.am
---- seafile-ccnet-5.1.1.orig/lib/Makefile.am	2016-04-21 11:04:46.000000000 +0200
-+++ seafile-ccnet-5.1.1/lib/Makefile.am	2016-04-22 10:02:52.583732050 +0200
-@@ -1,3 +1,4 @@
-+include $(TOPDIR)/rules.mk
- 
- AM_CPPFLAGS = @GLIB2_CFLAGS@ -I$(top_srcdir)/include \
- 	-I$(top_srcdir)/include/ccnet \
-@@ -72,11 +73,11 @@ ccnet-client.c: ccnet-object.h
- 
- ccnet-object.h: ${ccnet_object_define}
- 	rm -f $@
--	valac --pkg posix ${ccnet_object_define} -C -H ccnet-object.h
-+	"$(STAGING_DIR_HOSTPKG)/bin/valac" --pkg posix ${ccnet_object_define} -C -H ccnet-object.h
- 
- ccnetobj.c: ${ccnet_object_define}
- 	rm -f $@
--	valac -C --pkg posix ${ccnet_object_define}
-+	"$(STAGING_DIR_HOSTPKG)/bin/valac" -C --pkg posix ${ccnet_object_define}
- 
- searpc_gen = searpc-signature.h searpc-marshal.h
- 
-@@ -86,7 +87,7 @@ rpc_table.stamp: ${top_srcdir}/lib/rpc_t
- 	@rm -f rpc_table.tmp
- 	@touch rpc_table.tmp
- 	@echo "[libsearpc]: generating rpc header files"
--	@PYTHON@ `which searpc-codegen.py` ${top_srcdir}/lib/rpc_table.py
-+	@PYTHON@ "$(STAGING_DIR)/usr/bin/searpc-codegen.py" ${top_srcdir}/lib/rpc_table.py
- 	@echo "[libsearpc]: done"
- 	@mv -f rpc_table.tmp $@
- 
diff --git a/net/seafile-seahub/Makefile b/net/seafile-seahub/Makefile
deleted file mode 100644
index 09458b6..0000000
--- a/net/seafile-seahub/Makefile
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# Copyright (C) 2007-2016 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=seafile-seahub
-PKG_VERSION:=5.1.4
-PKG_RELEASE=$(PKG_SOURCE_VERSION)-1
-PKG_LICENSE:=Apache-2.0
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/haiwen/seahub.git
-PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=1e1c02aa4f2a0256ffa29a28224aad2d678f43a0
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-
-include $(INCLUDE_DIR)/package.mk
-$(call include_mk, python-package.mk)
-
-define Package/seafile-seahub
-    SECTION:=net
-    CATEGORY:=Network
-    TITLE:=Seafile server - seahub component
-    MAINTAINER:=Gergely Kiss 
-    URL:=http://seafile.com/
-    DEPENDS:=+simplejson +python +pillow +chardet +django +django-appconf \
-		+django-compressor +django-constance +django-jsonfield +django-picklefield \
-		+django-postoffice +django-restframework +django-statici18n +et_xmlfile \
-		+flup +gunicorn +jdcal +openpyxl +python-dateutil +python-mysql +pytz +rcssmin
-endef
-
-define Build/Configure
-endef
-
-define Build/Compile
-	$(call Build/Compile/Default,locale)
-endef
-
-define Package/seafile-seahub/description
-   The web end of seafile server.
-
-   NOTE: in order to have better performance, localization support is turned off by default.
-   Please set 'USE_I18N = True' in seahub_settings.py if you intend to use languages other than English.
-endef
-
-define Package/seafile-seahub/install
-	$(INSTALL_DIR) $(1)/usr/share/seafile/seafile-server/seahub
-	$(CP) $(PKG_BUILD_DIR)/{locale,media,fabfile,seahub,sql,tests,thirdpart,tools} $(1)/usr/share/seafile/seafile-server/seahub/
-	$(CP) $(PKG_BUILD_DIR)/*.{sh,template,py,txt} $(1)/usr/share/seafile/seafile-server/seahub/
-	$(CP) $(PKG_BUILD_DIR)/{CONTRIBUTORS,HACKING,README.markdown} $(1)/usr/share/seafile/seafile-server/seahub/
-	$(CP) $(PKG_BUILD_DIR)/pylintrc* $(1)/usr/share/seafile/seafile-server/seahub/
-	find $(1) -name "*\.pyc" -o -name "*\.pyo" | xargs rm -f
-	$(SED) "s/\(SEAFILE_VERSION\s*=\s*\)'\([0-9]\.[0-9]\.[0-9]\)'/\1'$(PKG_VERSION)'/g" $(1)/usr/share/seafile/seafile-server/seahub/seahub/settings.py
-endef
-
-$(eval $(call BuildPackage,seafile-seahub))
diff --git a/net/seafile-seahub/patches/010-default-config.patch b/net/seafile-seahub/patches/010-default-config.patch
deleted file mode 100644
index 4168dc1..0000000
--- a/net/seafile-seahub/patches/010-default-config.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-diff -rupN seahub-3.1.7-server.orig/seahub/settings.py seahub-3.1.7-server/seahub/settings.py
---- seahub-3.1.7-server.orig/seahub/settings.py	2014-10-20 09:32:35.000000000 +0200
-+++ seahub-3.1.7-server/seahub/settings.py	2014-12-10 15:47:21.625104606 +0100
-@@ -46,7 +46,7 @@ SITE_ID = 1
- 
- # If you set this to False, Django will make some optimizations so as not
- # to load the internationalization machinery.
--USE_I18N = True
-+USE_I18N = False
- 
- # If you set this to False, Django will not format dates, numbers and
- # calendars according to the current locale.
-@@ -209,7 +209,7 @@ SHOW_REPO_DOWNLOAD_BUTTON = False
- REPO_PASSWORD_MIN_LENGTH = 8
- 
- # mininum length for user's password
--USER_PASSWORD_MIN_LENGTH = 6
-+USER_PASSWORD_MIN_LENGTH = 8
- 
- # LEVEL based on four types of input:
- # num, upper letter, lower letter, other symbols
-@@ -218,7 +218,7 @@ USER_PASSWORD_STRENGTH_LEVEL = 3
- 
- # default False, only check USER_PASSWORD_MIN_LENGTH
- # when True, check password strength level, STRONG(or above) is allowed
--USER_STRONG_PASSWORD_REQUIRED = False
-+USER_STRONG_PASSWORD_REQUIRED = True
- 
- # Using server side crypto by default, otherwise, let user choose crypto method.
- FORCE_SERVER_CRYPTO = True
diff --git a/net/seafile-seahub/patches/020-Makefile-fixes.patch b/net/seafile-seahub/patches/020-Makefile-fixes.patch
deleted file mode 100644
index 49b67f8..0000000
--- a/net/seafile-seahub/patches/020-Makefile-fixes.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-diff -rupN seafile-seahub-5.1.1.orig/Makefile seafile-seahub-5.1.1/Makefile
---- seafile-seahub-5.1.1.orig/Makefile	2016-04-26 23:59:48.000000000 +0200
-+++ seafile-seahub-5.1.1/Makefile	2016-04-28 09:03:35.507105416 +0200
-@@ -1,3 +1,6 @@
-+include $(TOPDIR)/rules.mk
-+$(call include_mk, python-package.mk)
-+
- PROJECT=seahub
- 
- develop: setup-git
-@@ -9,7 +12,7 @@ dist: locale uglify statici18n collectst
- 
- locale:
- 	@echo "--> Compile locales"
--	django-admin.py compilemessages
-+	$(call HostPython,,$(STAGING_DIR)/usr/bin/django-admin.py compilemessages)
- 	@echo ""
- 
- uglify:
-@@ -19,7 +22,7 @@ uglify:
- 
- statici18n:
- 	@echo "--> Generate JS locale files in static/scripts/i18n"
--	python manage.py compilejsi18n
-+	$(call HostPython,,manage.py compilejsi18n)
- 
- collectstatic:
- 	@echo "--> Collect django static files to media/assets"
diff --git a/net/sqm-scripts/Makefile b/net/sqm-scripts/Makefile
index 3aa81b1..4b28755 100644
--- a/net/sqm-scripts/Makefile
+++ b/net/sqm-scripts/Makefile
@@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=sqm-scripts
 PKG_SOURCE_VERSION:=8217081f7e52af342c362b29480461575c496387
 PKG_VERSION:=1.1.3
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 PKG_LICENSE:=GPLv2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE).tar.xz
@@ -80,7 +80,7 @@ uci -q get ucitrack.@sqm[0] > /dev/null && {
   uci delete ucitrack.@sqm[0]
   uci del_list ucitrack.@firewall[0].affects=sqm
   uci commit
-}
+} || exit 0
 endef
 
 $(eval $(call BuildPackage,sqm-scripts))
diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile
index 5289d3f..4223d29 100644
--- a/net/strongswan/Makefile
+++ b/net/strongswan/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=strongswan
-PKG_VERSION:=5.5.1
+PKG_VERSION:=5.5.3
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_HASH:=c5ea54b199174708de11af9b8f4ecf28b5b0743d4bc0e380e741f25b28c0f8d4
 PKG_SOURCE_URL:=http://download.strongswan.org/ http://download2.strongswan.org/
-PKG_MD5SUM:=4eba9474f7dc6c8c8d7037261358e68d
 PKG_LICENSE:=GPL-2.0+
 PKG_MAINTAINER:=Stijn Tintel 
 
@@ -32,6 +32,7 @@ PKG_MOD_AVAILABLE:= \
 	coupling \
 	ctr \
 	curl \
+	curve25519 \
 	des \
 	dhcp \
 	dnskey \
@@ -150,6 +151,7 @@ $(call Package/strongswan/Default)
 	+strongswan-mod-coupling \
 	+strongswan-mod-ctr \
 	+strongswan-mod-curl \
+	+strongswan-mod-curve25519 \
 	+strongswan-mod-des \
 	+strongswan-mod-dhcp \
 	+strongswan-mod-dnskey \
@@ -517,6 +519,7 @@ $(eval $(call BuildPlugin,constraints,advanced X509 constraint checking,))
 $(eval $(call BuildPlugin,coupling,IKEv2 plugin to couple peer certificates permanently to authentication,))
 $(eval $(call BuildPlugin,ctr,Counter Mode wrapper crypto,))
 $(eval $(call BuildPlugin,curl,cURL fetcher plugin,+PACKAGE_strongswan-mod-curl:libcurl))
+$(eval $(call BuildPlugin,curve25519,Curve25519 Diffie-Hellman,))
 $(eval $(call BuildPlugin,des,DES crypto,))
 $(eval $(call BuildPlugin,dhcp,DHCP based attribute provider,))
 $(eval $(call BuildPlugin,dnskey,DNS RR key decoding,))
diff --git a/net/strongswan/patches/101-musl-fixes.patch b/net/strongswan/patches/101-musl-fixes.patch
index e48d22b..753bd8e 100644
--- a/net/strongswan/patches/101-musl-fixes.patch
+++ b/net/strongswan/patches/101-musl-fixes.patch
@@ -72,8 +72,8 @@
  #include 
 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
 +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
-@@ -15,6 +15,8 @@
-  * for more details.
+@@ -38,6 +38,8 @@
+  * THE SOFTWARE.
   */
  
 +#include "musl.h"
diff --git a/net/strongswan/patches/203-uci.patch b/net/strongswan/patches/203-uci.patch
index 274ea86..21ae848 100644
--- a/net/strongswan/patches/203-uci.patch
+++ b/net/strongswan/patches/203-uci.patch
@@ -1,6 +1,6 @@
 --- a/src/libcharon/plugins/uci/uci_parser.c
 +++ b/src/libcharon/plugins/uci/uci_parser.c
-@@ -78,7 +78,7 @@ METHOD(enumerator_t, section_enumerator_
+@@ -75,7 +75,7 @@ METHOD(enumerator_t, section_enumerator_
  		if (uci_lookup(this->ctx, &element, this->package,
  					   this->current->name, "name") == UCI_OK)
  		{	/* use "name" attribute as config name if available ... */
@@ -9,7 +9,7 @@
  		}
  		else
  		{	/* ... or the section name becomes config name */
-@@ -93,7 +93,7 @@ METHOD(enumerator_t, section_enumerator_
+@@ -90,7 +90,7 @@ METHOD(enumerator_t, section_enumerator_
  		if (value && uci_lookup(this->ctx, &element, this->package,
  						  this->current->name, this->keywords[i]) == UCI_OK)
  		{
@@ -17,4 +17,4 @@
 +			*value = uci_to_option(element)->v.string;
  		}
  	}
- 	va_end(args);
+ 
diff --git a/net/strongswan/patches/210-sleep.patch b/net/strongswan/patches/210-sleep.patch
index d8adec3..d8f2f3b 100644
--- a/net/strongswan/patches/210-sleep.patch
+++ b/net/strongswan/patches/210-sleep.patch
@@ -1,6 +1,6 @@
 --- a/src/ipsec/_ipsec.in
 +++ b/src/ipsec/_ipsec.in
-@@ -259,7 +259,7 @@ stop)
+@@ -257,7 +257,7 @@ stop)
  			loop=110
  			while [ $loop -gt 0 ] ; do
  				kill -0 $spid 2>/dev/null || break
diff --git a/net/strongswan/patches/305-minimal_dh_plugin.patch b/net/strongswan/patches/305-minimal_dh_plugin.patch
index 597510f..eb8d83c 100644
--- a/net/strongswan/patches/305-minimal_dh_plugin.patch
+++ b/net/strongswan/patches/305-minimal_dh_plugin.patch
@@ -1,40 +1,40 @@
 --- a/configure.ac
 +++ b/configure.ac
-@@ -133,6 +133,7 @@ ARG_DISBL_SET([fips-prf],       [disable
+@@ -135,6 +135,7 @@ ARG_DISBL_SET([fips-prf],       [disable
  ARG_ENABL_SET([gcm],            [enables the GCM AEAD wrapper crypto plugin.])
  ARG_ENABL_SET([gcrypt],         [enables the libgcrypt plugin.])
  ARG_DISBL_SET([gmp],            [disable GNU MP (libgmp) based crypto implementation plugin.])
 +ARG_DISBL_SET([gmpdh],          [disable GNU MP (libgmp) based static-linked crypto DH minimal implementation plugin.])
+ ARG_DISBL_SET([curve25519],     [disable Curve25519 Diffie-Hellman plugin.])
  ARG_DISBL_SET([hmac],           [disable HMAC crypto implementation plugin.])
  ARG_ENABL_SET([md4],            [enable MD4 software implementation plugin.])
- ARG_DISBL_SET([md5],            [disable MD5 software implementation plugin.])
-@@ -1347,6 +1348,7 @@ ADD_PLUGIN([gcrypt],               [s ch
+@@ -1379,6 +1380,7 @@ ADD_PLUGIN([gcrypt],               [s ch
  ADD_PLUGIN([af-alg],               [s charon scepclient pki scripts medsrv attest nm cmd aikgen])
  ADD_PLUGIN([fips-prf],             [s charon nm cmd])
- ADD_PLUGIN([gmp],                  [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
+ ADD_PLUGIN([gmp],                  [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz])
 +ADD_PLUGIN([gmpdh],                [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen])
+ ADD_PLUGIN([curve25519],           [s charon pki scripts nm cmd])
  ADD_PLUGIN([agent],                [s charon nm cmd])
  ADD_PLUGIN([keychain],             [s charon cmd])
- ADD_PLUGIN([chapoly],              [s charon scripts nm cmd])
-@@ -1480,6 +1482,7 @@ AM_CONDITIONAL(USE_SHA2, test x$sha2 = x
- AM_CONDITIONAL(USE_SHA3, test x$sha3 = xtrue)
+@@ -1516,6 +1518,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x
+ AM_CONDITIONAL(USE_MGF1, test x$mgf1 = xtrue)
  AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue)
  AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue)
 +AM_CONDITIONAL(USE_GMPDH, test x$gmpdh = xtrue)
+ AM_CONDITIONAL(USE_CURVE25519, test x$curve25519 = xtrue)
  AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue)
  AM_CONDITIONAL(USE_AESNI, test x$aesni = xtrue)
- AM_CONDITIONAL(USE_RANDOM, test x$random = xtrue)
-@@ -1733,6 +1736,7 @@ AC_CONFIG_FILES([
- 	src/libstrongswan/plugins/sha3/Makefile
+@@ -1783,6 +1786,7 @@ AC_CONFIG_FILES([
+ 	src/libstrongswan/plugins/mgf1/Makefile
  	src/libstrongswan/plugins/fips_prf/Makefile
  	src/libstrongswan/plugins/gmp/Makefile
 +	src/libstrongswan/plugins/gmpdh/Makefile
+ 	src/libstrongswan/plugins/curve25519/Makefile
  	src/libstrongswan/plugins/rdrand/Makefile
  	src/libstrongswan/plugins/aesni/Makefile
- 	src/libstrongswan/plugins/random/Makefile
 --- a/src/libstrongswan/Makefile.am
 +++ b/src/libstrongswan/Makefile.am
-@@ -307,6 +307,13 @@ if MONOLITHIC
+@@ -323,6 +323,13 @@ if MONOLITHIC
  endif
  endif
  
@@ -45,8 +45,8 @@
 +endif
 +endif
 +
- if USE_RDRAND
-   SUBDIRS += plugins/rdrand
+ if USE_CURVE25519
+   SUBDIRS += plugins/curve25519
  if MONOLITHIC
 --- /dev/null
 +++ b/src/libstrongswan/plugins/gmpdh/Makefile.am
diff --git a/net/subversion/Makefile b/net/subversion/Makefile
index 976ca3b..561322a 100644
--- a/net/subversion/Makefile
+++ b/net/subversion/Makefile
@@ -9,13 +9,13 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=subversion
 PKG_RELEASE:=2
-PKG_VERSION:=1.9.7
+PKG_VERSION:=1.9.5
 PKG_SOURCE_URL:=@APACHE/subversion
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=c3b118333ce12e501d509e66bb0a47bcc34d053990acab45559431ac3e491623
+PKG_MD5SUM:=9fcbae352a5efe73d46a88c97c6bba14
 PKG_LICENSE:=Apache-2.0
 PKG_LICENSE_FILES:=LICENSE
-PKG_MAINTAINER:=
+PKG_MAINTAINER:=Val Kulkov 
 
 PKG_FIXUP:=autoreconf
 PKG_MACRO_PATHS:=build/ac-macros
diff --git a/net/tinc/Makefile b/net/tinc/Makefile
index d8f4c00..dcc3a07 100644
--- a/net/tinc/Makefile
+++ b/net/tinc/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=tinc
-PKG_VERSION:=1.0.30
+PKG_VERSION:=1.0.33
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.tinc-vpn.org/packages
-PKG_MD5SUM:=f3ca1fc1154ed1f2cac408ea06a1c1ca
+PKG_HASH:=7f6f5dc6444bc651ac635c81f4745bcce581bbd1d45ed60cbdc4ee11bebb10f4
 
 PKG_INSTALL:=1
 
diff --git a/net/tor/Makefile b/net/tor/Makefile
index b6ab886..f5778ff 100644
--- a/net/tor/Makefile
+++ b/net/tor/Makefile
@@ -8,13 +8,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=tor
-PKG_VERSION:=0.2.9.9
+PKG_VERSION:=0.2.9.12
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://dist.torproject.org/ \
 	https://archive.torproject.org/tor-package-archive
-PKG_MD5SUM:=33325d2b250fd047ba2ddc5d11c2190c4e2951f4b03ec48ebd8bf0666e990d43
+PKG_MD5SUM:=12e50d893c1a34e6c7a241abf3e00807
+PKG_HASH:=6e7466625d53812f23c2ad60a873c5855f63f756fde0fc5cbeda8d32cee1086b
 PKG_MAINTAINER:=Hauke Mehrtens 
 PKG_LICENSE_FILES:=LICENSE
 
diff --git a/net/travelmate/Makefile b/net/travelmate/Makefile
index 6f2d2a0..71e196c 100644
--- a/net/travelmate/Makefile
+++ b/net/travelmate/Makefile
@@ -1,32 +1,33 @@
 #
-# Copyright (c) 2016-2017 Dirk Brenken (dev@brenken.org)
+# Copyright (c) 2016-2018 Dirk Brenken (dev@brenken.org)
 # This is free software, licensed under the GNU General Public License v3.
 #
 
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=travelmate
-PKG_VERSION:=0.3.2
+PKG_VERSION:=1.0.2
 PKG_RELEASE:=1
 PKG_LICENSE:=GPL-3.0+
 PKG_MAINTAINER:=Dirk Brenken 
 
 include $(INCLUDE_DIR)/package.mk
 
-define Package/$(PKG_NAME)
+define Package/travelmate
 	SECTION:=net
 	CATEGORY:=Network
 	TITLE:=A wlan connection manager for travel router
+	DEPENDS:=+iwinfo +jshn +jsonfilter
 	PKGARCH:=all
 endef
 
-define Package/$(PKG_NAME)/description
+define Package/travelmate/description
 A wlan connection manager for travel router.
 Please see https://github.com/openwrt/packages/blob/master/net/travelmate/files/README.md for further information.
 
 endef
 
-define Package/$(PKG_NAME)/conffiles
+define Package/travelmate/conffiles
 /etc/config/travelmate
 endef
 
@@ -39,7 +40,7 @@ endef
 define Build/Compile
 endef
 
-define Package/$(PKG_NAME)/install
+define Package/travelmate/install
 	$(INSTALL_DIR) $(1)/usr/bin
 	$(INSTALL_BIN) ./files/travelmate.sh $(1)/usr/bin/
 
@@ -50,4 +51,4 @@ define Package/$(PKG_NAME)/install
 	$(INSTALL_CONF) ./files/travelmate.conf $(1)/etc/config/travelmate
 endef
 
-$(eval $(call BuildPackage,$(PKG_NAME)))
+$(eval $(call BuildPackage,travelmate))
diff --git a/net/travelmate/files/README.md b/net/travelmate/files/README.md
index 4cd39d6..486145b 100644
--- a/net/travelmate/files/README.md
+++ b/net/travelmate/files/README.md
@@ -8,48 +8,63 @@ To avoid these kind of deadlocks, travelmate set all station interfaces in an "a
 ## Main Features
 * STA interfaces operating in an "always off" mode, to make sure that the AP is always accessible
 * easy setup within normal OpenWrt/LEDE environment
+* strong LuCI-Support with builtin interface wizard and a wireless station manager
 * fast uplink connections
-* procd init system support
-* procd based hotplug support, the travelmate start will be triggered by interface triggers
+* support all kinds of uplinks, incl. hidden and enterprise uplinks
+* trigger- or automatic-mode support, the latter one is the default and checks the existing uplink connection regardless of ifdown event trigger actions every n seconds
+* support of devices with multiple radios
+* procd init and hotplug support
+* runtime information available via LuCI & via 'status' init command
 * status & debug logging to syslog
 
 ## Prerequisites
-* [OpenWrt](https://openwrt.org) or [LEDE](https://www.lede-project.org) trunk
-* iw (default) or iwinfo for wlan scanning
+* [LEDE](https://www.lede-project.org) 17.01 or latest snapshot
+* iwinfo for wlan scanning
 
-## OpenWrt / LEDE trunk Installation & Usage
+## LEDE trunk Installation & Usage
 * download the package [here](https://downloads.lede-project.org/snapshots/packages/x86_64/packages)
 * install 'travelmate' (_opkg install travelmate_)
-* configure your network to support (multiple) wlan uplinks and set travelmate config options (details see below)
-* set 'trm\_enabled' option in travelmate config to '1'
-* travelmate starts automatically during boot and will be triggered by procd interface triggers
+* configure your network:
+    * recommended: use the LuCI frontend with builtin interface wizard and a wireless station manager
+    * manual: see detailed configure steps below
+    * at least you need one configured AP and one STA interface
 
 ## LuCI travelmate companion package
 * download the package [here](https://downloads.lede-project.org/snapshots/packages/x86_64/luci)
 * install 'luci-app-travelmate' (_opkg install luci-app-travelmate_)
 * the application is located in LuCI under 'Services' menu
-* _Thanks to Hannu Nyman for this great LuCI frontend!_
-
-## Chaos Calmer installation notes
-* 'travelmate' and 'luci-app-travelmate' are _not_ available as ipk packages in the Chaos Calmer download repository
-* download the packages from a development snapshot directory (see download links above)
-* manually transfer the packages to your routers temp directory (with tools like _sshfs_ or _winscp_)
-* install the packages as described above
 
 ## Travelmate config options
-* travelmate config options:
+* usually the pre-configured travelmate setup works quite well and no manual config overrides are needed, all listed options apply to the 'global' config section:
     * trm\_enabled => main switch to enable/disable the travelmate service (default: '0', disabled)
     * trm\_debug => enable/disable debug logging (default: '0', disabled)
-    * trm\_maxwait => how long (in seconds) should travelmate wait for wlan interface reload action (default: '20')
-    * trm\_maxretry => how many times should travelmate try to find an uplink after a trigger event (default: '3')
-    * trm\_iw => set this option to '0' to use iwinfo for wlan scanning (default: '1', use iw)
-    * trm\_iface => restrict the procd interface trigger to a (list of) certain wan interface(s) or disable it at all (default: not set, disabled)
+    * trm\_automatic => keep travelmate in an active state (default: '1', enabled)
+    * trm\_maxwait => how long (in seconds) should travelmate wait for a successful wlan interface reload action (default: '30')
+    * trm\_maxretry => how many times should travelmate try to connect to an uplink, '0' means unlimited retries. (default: '3')
+    * trm\_timeout => timeout in seconds for "automatic mode" (default: '60')
+    * trm\_radio => limit travelmate to a dedicated radio, e.g. 'radio0' (default: not set, use all radios)
+    * trm\_iface => main uplink / procd trigger network interface (default: trm_wwan)
+    * trm\_triggerdelay => additional trigger delay in seconds before travelmate processing starts (default: '2')
+
+## Runtime information
 
-## Setup
-**1. configure a wwan interface in /etc/config/network:**
+**receive travelmate runtime information:**
+

+::: travelmate runtime information
+ travelmate_version : 1.0.0
+ station_connection : true
+ station_id         : blackhole/04:F0:21:2F:B7:64
+ station_interface  : trm_wwan
+ station_radio      : radio1
+ last_rundate       : 15.12.2017 13:51:30
+ system             : TP-LINK RE450, OpenWrt SNAPSHOT r5422+84-9fe59abef8
+

+
+## Manual Setup
+**1. configure the travelmate wwan interface in /etc/config/network:**
 

 [...]
-config interface 'wwan'
+config interface 'trm_wwan'
         option proto 'dhcp'
 [...]
 

@@ -59,22 +74,16 @@ config interface 'wwan'
 [...]
 config zone
         option name 'wan'
-        option input 'REJECT'
-        option output 'ACCEPT'
-        option forward 'REJECT'
-        option masq '1'
-        option mtu_fix '1'
-        option network 'wan wan6 wwan'
+        option network 'wan wan6 trm_wwan'
 [...]
 

 
-**3. add required ap and wwan stations to your wireless configuration in etc/config/wireless:**
+**3. at least add one ap and (multiple) wwan stations to your wireless configuration in etc/config/wireless:**
 

 [...]
 config wifi-iface
         option device 'radio0'
         option network 'lan'
-        option ifname 'wlan0'
         option mode 'ap'
         option ssid 'example_ap'
         option encryption 'psk2+ccmp'
@@ -83,41 +92,43 @@ config wifi-iface
 [...]
 config wifi-iface
         option device 'radio0'
-        option network 'wwan'
+        option network 'trm_wwan'
         option mode 'sta'
         option ssid 'example_01'
-        option ifname 'wwan01'
         option encryption 'psk2+ccmp'
         option key 'abc'
         option disabled '1'
+[...]
 config wifi-iface
         option device 'radio0'
-        option network 'wwan'
+        option network 'trm_wwan'
         option mode 'sta'
         option ssid 'example_02'
-        option ifname 'wwan02'
         option encryption 'psk2+ccmp'
         option key 'xyz'
         option disabled '1'
-config wifi-iface
-        option device 'radio0'
-        option network 'wwan'
-        option mode 'sta'
-        option ssid 'example_03'
-        option ifname 'wwan03'
-        option encryption 'none'
-        option disabled '1'
 [...]
 

 
-**4. reload network configuration & start travelmate:**
+**4. start travelmate:**
 

-/etc/init.d/network reload
-/etc/init.d/travelmate start
+edit /etc/config/travelmate and set 'trm_enabled' to '1'
+/etc/init.d/travelmate restart
 

 
+## FAQ
+**Q:** What's about 'trigger' and 'automatic' mode?  
+**A:** In "trigger" mode travelmate will be triggered solely by procd interface down events, whenever an uplink disappears travelmate tries n times (default 3) to find a new uplink or reconnect to the old one. The 'automatic' mode keeps travelmate in an active state and checks every n seconds the connection status / the uplink availability regardless of procd event trigger.  
+
+**Q:** What happen with misconfigured uplinks, e.g. due to outdated wlan passwords?  
+**A:** Travelmate tries n times (default 3) to connect, then the respective uplink SSID will be marked / renamed to '_SSID_\_err'. In this case use the builtin wireless station manager to update your wireless credentials. To disable this functionality at all set the Connection Limit ('trm\_maxretry') to '0', which means unlimited retries.  
+
+**Q:** Is travelmate compatible with CC/Openwrt?  
+**A:** Travelmate was never tested with an ancient CC/OpenWrt release ... it should still work, but no promises.  
+
+[...] to be continued [...]
 ## Support
-Please join the travelmate discussion in this [forum thread](https://forum.openwrt.org/viewtopic.php?id=67697) or contact me by [mail](mailto:dev@brenken.org)  
+Please join the travelmate discussion in this [forum thread](https://forum.lede-project.org/t/travelmate-support-thread/5155) or contact me by [mail](mailto:dev@brenken.org)  
 
 ## Removal
 * stop the travelmate daemon with _/etc/init.d/travelmate stop_
diff --git a/net/travelmate/files/travelmate.conf b/net/travelmate/files/travelmate.conf
index c63000f..5674ed2 100644
--- a/net/travelmate/files/travelmate.conf
+++ b/net/travelmate/files/travelmate.conf
@@ -4,6 +4,10 @@
 config travelmate 'global'
 	option trm_enabled '0'
 	option trm_debug '0'
-	option trm_maxwait '20'
+	option trm_triggerdelay '1'
+	option trm_automatic '1'
+	option trm_maxwait '30'
 	option trm_maxretry '3'
-	option trm_iw '1'
+	option trm_timeout '60'
+	option trm_iface 'trm_wwan'
+	option trm_rtfile '/tmp/trm_runtime.json'
diff --git a/net/travelmate/files/travelmate.init b/net/travelmate/files/travelmate.init
index 255a641..52609c0 100755
--- a/net/travelmate/files/travelmate.init
+++ b/net/travelmate/files/travelmate.init
@@ -1,39 +1,73 @@
 #!/bin/sh /etc/rc.common
 
-START=85
+START=25
 USE_PROCD=1
 
+EXTRA_COMMANDS="status"
+EXTRA_HELP="	status	Print runtime information"
+
+trm_init="/etc/init.d/travelmate"
 trm_script="/usr/bin/travelmate.sh"
 
 boot()
 {
-    ubus -t 30 wait_for network.interface
+    ubus -t 30 wait_for network.interface network.wireless 2>/dev/null
     rc_procd start_service
 }
 
 start_service()
 {
-    procd_open_instance "travelmate"
-    procd_set_param env trm_procd="true"
-    procd_set_param command "${trm_script}" "${@}"
-    procd_set_param stdout 1
-    procd_set_param stderr 1
-    procd_close_instance
+    if [ $("${trm_init}" enabled; printf "%u" ${?}) -eq 0 ]
+    then
+        procd_open_instance "travelmate"
+        procd_set_param command "${trm_script}" "${@}"
+        procd_set_param stdout 1
+        procd_set_param stderr 1
+        procd_close_instance
+    fi
 }
 
-service_triggers()
+stop_service()
+{
+    local rtfile="$(uci -q get travelmate.global.trm_rtfile)"
+
+    rtfile="${rtfile:-"/tmp/trm_runtime.json"}"
+    > "${rtfile}"
+    rc_procd start_service
+}
+
+status()
 {
-    local iface="$(uci -q get travelmate.global.trm_iface)"
+    local key keylist value rtfile="$(uci_get travelmate.global.trm_rtfile)"
 
-    if [ -z "${iface}" ]
+    rtfile="${rtfile:-"/tmp/trm_runtime.json"}"
+    if [ -s "${rtfile}" ]
     then
-        procd_add_raw_trigger "interface.*.down" 1000 /etc/init.d/travelmate start
-    else
-        for name in ${iface}
+        printf "%s\n" "::: travelmate runtime information"
+        json_load "$(cat "${rtfile}" 2>/dev/null)"
+        json_select data
+        json_get_keys keylist
+        for key in ${keylist}
         do
-            procd_add_interface_trigger "interface.*.down" "${name}" /etc/init.d/travelmate start
+            json_get_var value "${key}"
+            printf "  + %-18s : %s\n" "${key}" "${value}"
         done
+    else
+        printf "%s\n" "::: no travelmate runtime information available"
     fi
+}
 
-    procd_add_config_trigger "config.change" "travelmate" /etc/init.d/travelmate start
+service_triggers()
+{
+    local auto="$(uci_get travelmate.global.trm_automatic)"
+
+    if [ "${auto}" = "0" ]
+    then
+        local trigger="$(uci_get travelmate.global.trm_iface)"
+        local delay="$(uci_get travelmate.global.trm_triggerdelay)"
+
+        PROCD_RELOAD_DELAY=$((${delay:-2} * 1000))
+        procd_add_interface_trigger "interface.*.down" "${trigger}" "${trm_init}" start
+    fi
+    procd_add_reload_trigger "travelmate"
 }
diff --git a/net/travelmate/files/travelmate.sh b/net/travelmate/files/travelmate.sh
index f626f39..39bc79e 100755
--- a/net/travelmate/files/travelmate.sh
+++ b/net/travelmate/files/travelmate.sh
@@ -6,28 +6,50 @@
 # You should have received a copy of the GNU General Public License
 # along with this program. If not, see .
 
-# prepare environment
+# set initial defaults
 #
 LC_ALL=C
 PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-trm_ver="0.3.2"
-trm_enabled=1
+trm_ver="1.0.2"
+trm_sysver="unknown"
+trm_enabled=0
 trm_debug=0
-trm_maxwait=20
+trm_automatic=1
 trm_maxretry=3
-trm_iw=1
+trm_maxwait=30
+trm_timeout=60
+trm_iwinfo="$(command -v iwinfo)"
+trm_radio=""
+trm_rtfile="/tmp/trm_runtime.json"
+trm_wpa="$(command -v wpa_supplicant)"
 
+# load travelmate environment
+#
 f_envload()
 {
-    # source required system libraries
+    local sys_call sys_desc sys_model sys_ver
+
+    # get system information
     #
-    if [ -r "/lib/functions.sh" ]
+    sys_call="$(ubus -S call system board 2>/dev/null)"
+    if [ -n "${sys_call}" ]
     then
-        . "/lib/functions.sh"
-    else
-        f_log "error" "status  ::: required system library not found"
+        sys_desc="$(printf '%s' "${sys_call}" | jsonfilter -e '@.release.description')"
+        sys_model="$(printf '%s' "${sys_call}" | jsonfilter -e '@.model')"
+        sys_ver="$(cat /etc/turris-version 2>/dev/null)"
+        if [ -n "${sys_ver}" ]
+        then
+            sys_desc="${sys_desc}/${sys_ver}"
+        fi
+        trm_sysver="${sys_model}, ${sys_desc}"
     fi
 
+    # initialize lists
+    #
+    trm_devlist=""
+    trm_stalist=""
+    trm_radiolist=""
+
     # load uci config and check 'enabled' option
     #
     option_cb()
@@ -40,72 +62,134 @@ f_envload()
 
     if [ ${trm_enabled} -ne 1 ]
     then
-        f_log "info " "status  ::: travelmate is currently disabled, please set 'trm_enabled' to '1' to use this service"
+        f_log "info" "travelmate is currently disabled, please set 'trm_enabled' to '1' to use this service"
         exit 0
     fi
 
-    # check for preferred wireless tool
+    # check eap capabilities
     #
-    if [ ${trm_iw} -eq 1 ]
-    then
-        trm_scanner="$(which iw)"
-    else
-        trm_scanner="$(which iwinfo)"
-    fi
-    if [ -z "${trm_scanner}" ]
-    then
-        f_log "error" "status  ::: no wireless tool for wlan scanning found, please install 'iw' or 'iwinfo'"
-    fi
+    trm_eap="$("${trm_wpa}" -veap >/dev/null 2>&1; printf "%u" ${?})"
 }
 
-# function to bring down all STA interfaces
+# gather radio information & bring down all STA interfaces
 #
-f_prepare()
+f_prep()
 {
     local config="${1}"
     local mode="$(uci -q get wireless."${config}".mode)"
     local network="$(uci -q get wireless."${config}".network)"
+    local radio="$(uci -q get wireless."${config}".device)"
     local disabled="$(uci -q get wireless."${config}".disabled)"
+    local eaptype="$(uci -q get wireless."${config}".eap_type)"
 
-    if [ "${mode}" = "sta" ] && [ -n "${network}" ]
+    if ([ -z "${trm_radio}" ] || [ "${trm_radio}" = "${radio}" ]) && \
+        [ -z "$(printf "%s" "${trm_radiolist}" | grep -Fo " ${radio}")" ]
+    then
+        trm_radiolist="${trm_radiolist} ${radio}"
+    fi
+    if [ "${mode}" = "sta" ] && [ "${network}" = "${trm_iface}" ]
     then
-        trm_stalist="${trm_stalist} ${config}_${network}"
         if [ -z "${disabled}" ] || [ "${disabled}" = "0" ]
         then
             uci -q set wireless."${config}".disabled=1
-            f_log "debug" "prepare ::: config: ${config}, interface: ${network}"
+        fi
+        if [ -z "${eaptype}" ] || [ ${trm_eap} -eq 0 ]
+        then
+            trm_stalist="${trm_stalist} ${config}_${radio}"
         fi
     fi
+    f_log "debug" "f_prep ::: config: ${config}, mode: ${mode}, network: ${network}, radio: ${radio}, disabled: ${disabled}"
 }
 
+# check interface status
+#
 f_check()
 {
-    local ifname cnt=1 mode="${1}"
-    trm_ifstatus="false"
+    local ifname radio dev_status cnt=1 mode="${1}" status="${2:-"false"}"
 
+    trm_ifstatus="false"
+    ubus call network reload
     while [ ${cnt} -le ${trm_maxwait} ]
     do
-        if [ "${mode}" = "ap" ]
+        dev_status="$(ubus -S call network.wireless status 2>/dev/null)"
+        if [ -n "${dev_status}" ]
         then
-            trm_ifstatus="$(ubus -S call network.wireless status | jsonfilter -l1 -e '@.*.up')"
-        else
-            ifname="$(ubus -S call network.wireless status | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].ifname')"
-            if [ -n "${ifname}" ]
+            if [ "${mode}" = "dev" ]
             then
-                trm_ifstatus="$(ubus -S call network.interface dump | jsonfilter -e "@.interface[@.device=\"${ifname}\"].up")"
+                if [ "${trm_ifstatus}" != "${status}" ]
+                then
+                    trm_ifstatus="${status}"
+                    f_jsnup
+                fi
+                for radio in ${trm_radiolist}
+                do
+                    trm_ifstatus="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e "@.${radio}.up")"
+                    if [ "${trm_ifstatus}" = "true" ] && [ -z "$(printf "%s" "${trm_devlist}" | grep -Fo " ${radio}")" ]
+                    then
+                        trm_devlist="${trm_devlist} ${radio}"
+                    fi
+                done
+                if [ "${trm_radiolist}" = "${trm_devlist}" ] || [ ${cnt} -eq ${trm_maxwait} ] || [ "${status}" = "false" ]
+                then
+                    ifname="${trm_devlist}"
+                    break
+                fi
+            else
+                ifname="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].ifname')"
+                if [ -n "${ifname}" ]
+                then
+                    trm_ifstatus="$(ubus -S call network.interface dump 2>/dev/null | jsonfilter -l1 -e "@.interface[@.device=\"${ifname}\"].up")"
+                fi
+            fi
+            if [ "${mode}" = "initial" ] || [ "${trm_ifstatus}" = "true" ]
+            then
+                if [ "${mode}" != "initial" ] && [ "${trm_ifstatus}" != "${status}" ]
+                then
+                    f_jsnup
+                fi
+                break
             fi
-        fi
-        if [ "${mode}" = "initial" ] || [ "${trm_ifstatus}" = "true" ]
-        then
-            break
         fi
         cnt=$((cnt+1))
         sleep 1
     done
-    f_log "debug" "check   ::: mode: ${mode}, name: ${ifname}, status: ${trm_ifstatus}, count: ${cnt}, max-wait: ${trm_maxwait}"
+    f_log "debug" "f_check::: mode: ${mode}, name: ${ifname}, status: ${trm_ifstatus}, cnt: ${cnt}, max-wait: ${trm_maxwait}, automatic: ${trm_automatic}"
 }
 
-# function to write to syslog
+# update runtime information
+#
+f_jsnup()
+{
+    local status iface="${1}" radio="${2}" essid="${3}" bssid="${4}"
+
+    if [ "${trm_ifstatus}" = "true" ]
+    then
+        status="connected"
+    elif [ "${trm_ifstatus}" = "false" ]
+    then
+        status="not connected"
+    elif [ "${trm_ifstatus}" = "running" ]
+    then
+        status="running"
+    elif [ "${trm_ifstatus}" = "error" ]
+    then
+        status="error"
+    fi
+
+    json_init
+    json_add_object "data"
+    json_add_string "travelmate_status" "${status}"
+    json_add_string "travelmate_version" "${trm_ver}"
+    json_add_string "station_id" "${essid:-"-"}/${bssid:-"-"}"
+    json_add_string "station_interface" "${iface:-"n/a"}"
+    json_add_string "station_radio" "${radio:-"n/a"}"
+    json_add_string "last_rundate" "$(/bin/date "+%d.%m.%Y %H:%M:%S")"
+    json_add_string "system" "${trm_sysver}"
+    json_close_object
+    json_dump > "${trm_rtfile}"
+}
+
+# write to syslog
 #
 f_log()
 {
@@ -114,91 +198,136 @@ f_log()
 
     if [ -n "${log_msg}" ] && ([ "${class}" != "debug" ] || [ ${trm_debug} -eq 1 ])
     then
-        logger -t "travelmate-[${trm_ver}] ${class}" "${log_msg}"
-        if [ "${class}" = "error" ]
+        logger -p "${class}" -t "travelmate-[${trm_ver}]" "${log_msg}"
+        if [ "${class}" = "err" ]
         then
-            exit 255
+            trm_ifstatus="error"
+            f_jsnup
+            logger -p "${class}" -t "travelmate-[${trm_ver}]" "Please check 'https://github.com/openwrt/packages/blob/master/net/travelmate/files/README.md' (${trm_sysver})"
+            exit 1
         fi
     fi
 }
 
+# main function for connection handling
+#
 f_main()
 {
-    local ap_list ssid_list config network ssid cnt=1
-    local sysver="$(ubus -S call system board | jsonfilter -e '@.release.description')"
+    local dev config raw_scan essid_list bssid_list sta_essid sta_bssid sta_radio sta_iface cnt=1
 
     f_check "initial"
     if [ "${trm_ifstatus}" != "true" ]
     then
         config_load wireless
-        config_foreach f_prepare wifi-iface
+        config_foreach f_prep wifi-iface
         if [ -n "$(uci -q changes wireless)" ]
         then
             uci -q commit wireless
-            ubus call network reload
         fi
-        f_check "ap"
-        ap_list="$(ubus -S call network.wireless status | jsonfilter -e '@.*.interfaces[@.config.mode="ap"].ifname')"
-        f_log "debug" "main    ::: ap-list: ${ap_list}, sta-list: ${trm_stalist}"
-        if [ -z "${ap_list}" ] || [ -z "${trm_stalist}" ]
-        then
-            f_log "error" "status  ::: no usable AP/STA configuration found"
-        fi
-        for ap in ${ap_list}
+        f_check "dev" "running"
+        f_log "debug" "f_main ::: iwinfo: ${trm_iwinfo}, eap_rc: ${trm_eap}, dev_list: ${trm_devlist}, sta_list: ${trm_stalist}"
+        for dev in ${trm_devlist}
         do
-            while [ ${cnt} -le ${trm_maxretry} ]
+            cnt=1
+            if [ -z "$(printf "%s" "${trm_stalist}" | grep -Fo "_${dev}")" ]
+            then
+                continue
+            fi
+            while [ ${trm_maxretry} -eq 0 ] || [ ${cnt} -le ${trm_maxretry} ]
             do
-                if [ ${trm_iw} -eq 1 ]
-                then
-                    ssid_list="$(${trm_scanner} dev "${ap}" scan 2>/dev/null | \
-                        awk '/SSID: /{if(!seen[$0]++){printf "\"";for(i=2; i<=NF; i++)if(i==2)printf $i;else printf " "$i;printf "\" "}}')"
-                else
-                    ssid_list="$(${trm_scanner} "${ap}" scan | \
-                        awk '/ESSID: ".*"/{ORS=" ";if (!seen[$0]++) for(i=2; i<=NF; i++) print $i}')"
-                fi
-                f_log "debug" "main    ::: scan-tool: ${trm_scanner}, ssidlist: ${ssid_list}"
-                if [ -n "${ssid_list}" ]
+                raw_scan="$(${trm_iwinfo} "${dev}" scan)"
+                essid_list="$(printf "%s" "${raw_scan}" | awk '/ESSID: "/{ORS=" ";if (!seen[$0]++) for(i=2; i<=NF; i++) print $i}')"
+                bssid_list="$(printf "%s" "${raw_scan}" | awk '/Address: /{ORS=" ";if (!seen[$5]++) print $5}')"
+                f_log "debug" "f_main ::: dev: ${dev}, ssid_list: ${essid_list}, bssid_list: ${bssid_list}"
+                if [ -n "${essid_list}" ] || [ -n "${bssid_list}" ]
                 then
                     for sta in ${trm_stalist}
                     do
                         config="${sta%%_*}"
-                        network="${sta##*_}"
-                        ssid="\"$(uci -q get wireless."${config}".ssid)\""
-                        if [ -n "$(printf "${ssid_list}" | grep -Fo "${ssid}")" ]
+                        sta_radio="${sta##*_}"
+                        sta_essid="$(uci -q get wireless."${config}".ssid)"
+                        sta_bssid="$(uci -q get wireless."${config}".bssid)"
+                        sta_iface="$(uci -q get wireless."${config}".network)"
+                        if (([ -n "$(printf "%s" "${essid_list}" | grep -Fo "\"${sta_essid}\"")" ] && [ -z "${sta_bssid}" ]) || \
+                            ([ -n "$(printf "%s" "${bssid_list}" | grep -Fo "${sta_bssid}")" ] && [ -z "$(printf "%s" "${essid_list}" | grep -Fo "\"${sta_essid}\"")" ]) || \
+                            ([ -n "$(printf "%s" "${essid_list}" | grep -Fo "\"${sta_essid}\"")" ] && [ -n "$(printf "%s" "${bssid_list}" | grep -Fo "${sta_bssid}")" ])) && \
+                             [ "${dev}" = "${sta_radio}" ]
                         then
                             uci -q set wireless."${config}".disabled=0
-                            uci -q commit wireless
-                            ubus call network reload
                             f_check "sta"
                             if [ "${trm_ifstatus}" = "true" ]
                             then
-                                f_log "info " "status  ::: wwan interface connected to uplink ${ssid} (${cnt}/${trm_maxretry}, ${sysver})"
-                                sleep 5
+                                uci -q commit wireless
+                                f_log "info" "interface '${sta_iface}' on '${sta_radio}' connected to uplink '${sta_essid:-"-"}/${sta_bssid:-"-"}' (${trm_sysver})"
+                                f_jsnup "${sta_iface}" "${sta_radio}" "${sta_essid}" "${sta_bssid}"
                                 return 0
-                            else
+                            elif [ ${trm_maxretry} -ne 0 ] && [ ${cnt} -eq ${trm_maxretry} ]
+                            then
                                 uci -q set wireless."${config}".disabled=1
+                                if [ -n "${sta_essid}" ]
+                                then
+                                    uci -q set wireless."${config}".ssid="${sta_essid}_err"
+                                fi
+                                if [ -n "${sta_bssid}" ]
+                                then
+                                    uci -q set wireless."${config}".bssid="${sta_bssid}_err"
+                                fi
                                 uci -q commit wireless
-                                ubus call network reload
-                                f_log "info " "status  ::: wwan interface can't connect to uplink ${ssid} (${cnt}/${trm_maxretry}, ${sysver})"
+                                f_check "dev"
+                                f_log "info" "can't connect to uplink '${sta_essid:-"-"}/${sta_bssid:-"-"}' (${cnt}/${trm_maxretry}), uplink disabled (${trm_sysver})"
+                            else
+                                if [ ${trm_maxretry} -eq 0 ]
+                                then
+                                    cnt=0
+                                fi
+                                uci -q revert wireless
+                                f_check "dev"
+                                f_log "info" "can't connect to uplink '${sta_essid:-"-"}/${sta_bssid:-"-"}' (${cnt}/${trm_maxretry}) (${trm_sysver})"
                             fi
+                            f_jsnup "${sta_iface}" "${sta_radio}" "${sta_essid}" "${sta_bssid}"
                         fi
                     done
-                else
-                    f_log "info " "status  ::: empty uplink list (${cnt}/${trm_maxretry}, ${sysver})"
                 fi
                 cnt=$((cnt+1))
                 sleep 5
             done
         done
-        f_log "info " "status  ::: no wwan uplink found (${sysver})"
+        if [ ! -s "${trm_rtfile}" ]
+        then
+            trm_ifstatus="false"
+            f_jsnup
+        fi
     else
-        f_log "info " "status  ::: wwan uplink still connected (${sysver})"
+        if [ ! -s "${trm_rtfile}" ]
+        then
+            config="$(ubus -S call network.wireless status | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].section')"
+            sta_radio="$(uci -q get wireless."${config}".device)"
+            sta_essid="$(uci -q get wireless."${config}".ssid)"
+            sta_bssid="$(uci -q get wireless."${config}".bssid)"
+            sta_iface="$(uci -q get wireless."${config}".network)"
+            f_jsnup "${sta_iface}" "${sta_radio}" "${sta_essid}" "${sta_bssid}"
+        fi
     fi
 }
 
-if [ "${trm_procd}" = "true" ]
+# source required system libraries
+#
+if [ -r "/lib/functions.sh" ] && [ -r "/usr/share/libubox/jshn.sh" ]
 then
+    . "/lib/functions.sh"
+    . "/usr/share/libubox/jshn.sh"
+else
+    f_log "err" "system libraries not found"
+fi
+
+# control travelmate actions
+#
+f_envload
+f_main
+while [ ${trm_automatic} -eq 1 ]
+do
+    sleep ${trm_timeout}
     f_envload
     f_main
-fi
-exit 0
\ No newline at end of file
+done
+exit 0
diff --git a/net/ulogd/Makefile b/net/ulogd/Makefile
index 2fa9f6c..c6c5eb5 100644
--- a/net/ulogd/Makefile
+++ b/net/ulogd/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ulogd
 PKG_VERSION:=2.0.5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=ftp://ftp.netfilter.org/pub/ulogd/ \
diff --git a/net/ulogd/patches/101-ulogd-use-strncpy-instead-of-memcpy.patch b/net/ulogd/patches/101-ulogd-use-strncpy-instead-of-memcpy.patch
new file mode 100644
index 0000000..3671a95
--- /dev/null
+++ b/net/ulogd/patches/101-ulogd-use-strncpy-instead-of-memcpy.patch
@@ -0,0 +1,31 @@
+From e0c75c9d20b76ff3d496a776ce43341c752914c3 Mon Sep 17 00:00:00 2001
+From: Eric Leblond 
+Date: Tue, 21 Mar 2017 21:49:46 +0100
+Subject: [PATCH] ulogd: use strncpy instead of memcpy
+
+On some architecture, ulogd is not starting due to a
+crash in memcpy. This patch switches to strncpy to
+avoid the problem.
+
+Reported-by: Alexandru Ardelean 
+Signed-off-by: Eric Leblond 
+---
+ src/ulogd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/ulogd.c b/src/ulogd.c
+index 5b9a586..919a317 100644
+--- a/src/ulogd.c
++++ b/src/ulogd.c
+@@ -668,7 +668,7 @@ pluginstance_alloc_init(struct ulogd_plugin *pl, char *pi_id,
+ 	INIT_LLIST_HEAD(&pi->plist);
+ 	pi->plugin = pl;
+ 	pi->stack = stack;
+-	memcpy(pi->id, pi_id, sizeof(pi->id));
++	strncpy(pi->id, pi_id, ULOGD_MAX_KEYLEN);
+ 
+ 	ptr = (void *)pi + sizeof(*pi);
+ 
+-- 
+2.7.4
+
diff --git a/net/unbound/Makefile b/net/unbound/Makefile
index d8db017..5adcd86 100644
--- a/net/unbound/Makefile
+++ b/net/unbound/Makefile
@@ -8,8 +8,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=unbound
-PKG_VERSION:=1.6.1
-PKG_RELEASE:=6
+PKG_VERSION:=1.6.8
+PKG_RELEASE:=1
 
 PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE
@@ -17,9 +17,8 @@ PKG_MAINTAINER:=Eric Luehrsen 
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.unbound.net/downloads
-PKG_HASH:=42df63f743c0fe8424aeafcf003ad4b880b46c14149d696057313f5c1ef51400
+PKG_HASH:=e3b428e33f56a45417107448418865fe08d58e0e7fea199b855515f60884dd49
 
-PKG_BUILD_DEPENDS:=libexpat
 PKG_BUILD_PARALLEL:=1
 PKG_FIXUP:=autoreconf
 PKG_INSTALL:=1
diff --git a/net/unbound/patches/001-conf.patch b/net/unbound/patches/001-conf.patch
index 8aa0502..4fd77d6 100644
--- a/net/unbound/patches/001-conf.patch
+++ b/net/unbound/patches/001-conf.patch
@@ -1,12 +1,12 @@
 diff --git a/doc/example.conf.in b/doc/example.conf.in
-index 83e7c5c..3ea2b28 100644
+index 5396029..cbb51ec 100644
 --- a/doc/example.conf.in
 +++ b/doc/example.conf.in
 @@ -1,9 +1,10 @@
 -#
 -# Example configuration file.
 -#
--# See unbound.conf(5) man page, version 1.6.1.
+-# See unbound.conf(5) man page, version 1.6.8.
 -#
 -# this is a comment.
 +##############################################################################
@@ -16,17 +16,17 @@ index 83e7c5c..3ea2b28 100644
 +# no longer supported ... are exceptional for the DNS.
 +# (http://unbound.net/documentation/unbound.conf.html)
 +##############################################################################
- 
+
  #Use this to include other text into the file.
  #include: "otherfile.conf"
 @@ -12,9 +13,71 @@
  server:
  	# whitespace is not necessary, but looks cleaner.
- 
+
 -	# verbosity number, 0 is least verbose. 1 is default.
 +	# verbosity 1 is default
  	verbosity: 1
- 
+
 +	# Self jail Unbound with user "unbound" to /var/lib/unbound
 +	# The script /etc/init.d/unbound will setup the location
 +	username: "unbound"
diff --git a/net/vallumd/Makefile b/net/vallumd/Makefile
new file mode 100644
index 0000000..37e34ee
--- /dev/null
+++ b/net/vallumd/Makefile
@@ -0,0 +1,49 @@
+#
+# Copyright (C) 2017 Stijn Tintel 
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=vallumd
+PKG_VERSION:=0.1.3
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/stintel/vallumd/archive/$(PKG_VERSION)/
+PKG_MD5SUM:=b40bede34ea321daf799276111e0e804007dc7c10eb031a0a654982957dcfb25
+
+PKG_LICENSE:=GPL-3.0
+PKG_LICENSE_FILES:=COPYING
+
+PKG_MAINTAINER:=Stijn Tintel 
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/vallumd
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=Centralized or distributed blacklist
+  DEPENDS:=+ipset +libmosquitto
+endef
+
+define Package/vallumd/description
+  Centralized or distributed blacklist
+endef
+
+define Package/vallumd/conffiles
+/etc/config/vallumd
+endef
+
+define Package/vallumd/install
+	$(INSTALL_DIR) $(1)/etc/config $(1)/etc/init.d $(1)/usr/sbin
+	$(INSTALL_CONF) ./files/vallumd.conf $(1)/etc/config/vallumd
+	$(INSTALL_BIN) ./files/vallumd.init $(1)/etc/init.d/vallumd
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/vallumd $(1)/usr/sbin/vallumd
+endef
+
+
+$(eval $(call BuildPackage,vallumd))
diff --git a/net/vallumd/files/vallumd.conf b/net/vallumd/files/vallumd.conf
new file mode 100644
index 0000000..75703ab
--- /dev/null
+++ b/net/vallumd/files/vallumd.conf
@@ -0,0 +1,6 @@
+config vallumd mqtt
+	option host 127.0.0.1
+	option port 1883
+	list topics blacklist4
+	list topics blacklist6
+	option enabled 0
diff --git a/net/vallumd/files/vallumd.init b/net/vallumd/files/vallumd.init
new file mode 100644
index 0000000..d0cb781
--- /dev/null
+++ b/net/vallumd/files/vallumd.init
@@ -0,0 +1,34 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+USE_PROCD=1
+PROG=/usr/sbin/vallumd
+
+add_topic() {
+	procd_append_param command -t "$1"
+}
+
+start_service() {
+	local enabled
+	local mqtt_host
+	local mqtt_port
+
+	config_load "vallumd"
+	config_get_bool enabled "mqtt" "enabled" 1
+	[ "$enabled" -gt 0 ] || return 1
+
+	config_get mqtt_host "mqtt" "host"
+	config_get mqtt_port "mqtt" "port"
+
+	procd_open_instance
+
+	procd_set_param command $PROG
+
+	[ -n "$mqtt_host" ] && procd_append_param command -h "$mqtt_host"
+	[ -n "$mqtt_port" ] && procd_append_param command -p "$mqtt_port"
+	config_list_foreach mqtt topics add_topic
+
+	procd_set_param respawn
+
+	procd_close_instance
+}
diff --git a/net/vpnc/Makefile b/net/vpnc/Makefile
index 147bca9..df9ed00 100644
--- a/net/vpnc/Makefile
+++ b/net/vpnc/Makefile
@@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=vpnc
 PKG_REV:=550
 PKG_VERSION:=0.5.3.r$(PKG_REV)
-PKG_RELEASE:=5
+PKG_RELEASE:=6
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://svn.unix-ag.uni-kl.de/vpnc/trunk/
diff --git a/net/vpnc/files/vpnc.sh b/net/vpnc/files/vpnc.sh
index 971b823..bc3f912 100755
--- a/net/vpnc/files/vpnc.sh
+++ b/net/vpnc/files/vpnc.sh
@@ -43,7 +43,7 @@ proto_vpnc_setup() {
 	logger -t vpnc "initializing..."
 	serv_addr=
 	for ip in $(resolveip -t 10 "$server"); do
-		( proto_add_host_dependency "vpn-$config" "$ip" $interface )
+		( proto_add_host_dependency "$config" "$ip" $interface )
 		serv_addr=1
 	done
 	[ -n "$serv_addr" ] || {
diff --git a/net/wget/Makefile b/net/wget/Makefile
index 052f2d8..3fcd321 100644
--- a/net/wget/Makefile
+++ b/net/wget/Makefile
@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wget
-PKG_VERSION:=1.18
+PKG_VERSION:=1.19.2
 PKG_RELEASE:=2
 
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=@GNU/$(PKG_NAME)
-PKG_MD5SUM:=af9ca95a4bb8ac4a9bf10aeae66fa5ec
-PKG_MAINTAINER:=Maxim Storchak 
+PKG_HASH:=4f4a673b6d466efa50fbfba796bd84a46ae24e370fa562ede5b21ab53c11a920
+PKG_MAINTAINER:=Peter Wagner 
 PKG_LICENSE:=GPL-3.0+
 PKG_LICENSE_FILES:=COPYING
 
@@ -66,6 +66,7 @@ endef
 CONFIGURE_ARGS+= \
 	--disable-rpath \
 	--disable-iri \
+	--with-included-libunistring \
 	--without-libuuid
 
 CONFIGURE_VARS += \
diff --git a/net/wireguard/Makefile b/net/wireguard/Makefile
deleted file mode 100644
index 8dacfeb..0000000
--- a/net/wireguard/Makefile
+++ /dev/null
@@ -1,110 +0,0 @@
-#
-# Copyright (C) 2016 Jason A. Donenfeld 
-# Copyright (C) 2016 Baptiste Jonglez 
-# Copyright (C) 2016-2017 Dan Luedtke 
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-
-include $(TOPDIR)/rules.mk
-include $(INCLUDE_DIR)/kernel.mk
-
-PKG_NAME:=wireguard
-
-PKG_VERSION:=0.0.20170115
-PKG_RELEASE:=1
-
-PKG_SOURCE:=WireGuard-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://git.zx2c4.com/WireGuard/snapshot/
-PKG_MD5SUM:=7e5f9f4699a2d4ace90d0df5d81bf0f67205ee08c45b95e0acc379bedef5ffe8
-
-PKG_LICENSE:=GPL-2.0
-PKG_LICENSE_FILES:=COPYING
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/WireGuard-$(PKG_VERSION)
-PKG_BUILD_PARALLEL:=1
-PKG_USE_MIPS16:=0
-
-# Wireguard's makefile needs this to know where to build the kernel module
-export KERNELDIR:=$(LINUX_DIR)
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/wireguard/Default
-  SECTION:=net
-  CATEGORY:=Network
-  URL:=https://www.wireguard.io
-  MAINTAINER:=Baptiste Jonglez , \
-              Dan Luedtke 
-endef
-
-define Package/wireguard/Default/description
-  WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
-  state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
-  more useful than IPSec, while avoiding the massive headache. It intends to
-  be considerably more performant than OpenVPN.  WireGuard is designed as a
-  general purpose VPN for running on embedded interfaces and super computers
-  alike, fit for many different circumstances.
-  It runs over UDP.
-endef
-
-define Package/wireguard
-  $(call Package/wireguard/Default)
-  TITLE:=Wireguard meta-package
-  DEPENDS:=+wireguard-tools +kmod-wireguard
-endef
-
-include $(INCLUDE_DIR)/kernel-defaults.mk
-include $(INCLUDE_DIR)/package-defaults.mk
-
-# Used by Build/Compile/Default
-MAKE_PATH:=src/tools
-
-define Build/Compile
-	$(MAKE) $(KERNEL_MAKEOPTS) M="$(PKG_BUILD_DIR)/src" modules
-	$(call Build/Compile/Default)
-endef
-
-define Package/wireguard/description
-  $(call Package/wireguard/Default/description)
-endef
-
-define Package/wireguard-tools
-  $(call Package/wireguard/Default)
-  TITLE:=Wireguard userspace control program (wg)
-  DEPENDS:=+libmnl
-endef
-
-define Package/wireguard-tools/description
-  $(call Package/wireguard/Default/description)
-
-  This package provides the userspace control program for wireguard, `wg`,
-  and a netifd protocol helper.
-endef
-
-define Package/wireguard-tools/install
-	$(INSTALL_DIR) $(1)/usr/bin/
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/tools/wg $(1)/usr/bin/
-	$(INSTALL_DIR) $(1)/lib/netifd/proto/
-	$(INSTALL_BIN) ./files/wireguard.sh $(1)/lib/netifd/proto/
-endef
-
-define KernelPackage/wireguard
-  SECTION:=kernel
-  CATEGORY:=Kernel modules
-  SUBMENU:=Network Support
-  TITLE:=Wireguard kernel module
-  DEPENDS:=+IPV6:kmod-udptunnel6 +kmod-udptunnel4 +kmod-ipt-hashlimit
-  FILES:= $(PKG_BUILD_DIR)/src/wireguard.$(LINUX_KMOD_SUFFIX)
-  AUTOLOAD:=$(call AutoProbe,wireguard)
-endef
-
-define KernelPackage/wireguard/description
-  $(call Package/wireguard/Default/description)
-
-  This package provides the kernel module for wireguard.
-endef
-
-$(eval $(call BuildPackage,wireguard))
-$(eval $(call BuildPackage,wireguard-tools))
-$(eval $(call KernelPackage,wireguard))
diff --git a/net/wireguard/files/wireguard.sh b/net/wireguard/files/wireguard.sh
deleted file mode 100644
index 2eb3024..0000000
--- a/net/wireguard/files/wireguard.sh
+++ /dev/null
@@ -1,183 +0,0 @@
-#!/bin/sh
-# Copyright 2016-2017 Dan Luedtke 
-# Licensed to the public under the Apache License 2.0.
-
-
-WG=/usr/bin/wg
-if [ ! -x $WG ]; then
-  logger -t "wireguard" "error: missing wireguard-tools (${WG})"
-  exit 0
-fi
-
-
-[ -n "$INCLUDE_ONLY" ] || {
-  . /lib/functions.sh
-  . ../netifd-proto.sh
-  init_proto "$@"
-}
-
-
-proto_wireguard_init_config() {
-  proto_config_add_string "private_key"
-  proto_config_add_int    "listen_port"
-  proto_config_add_int    "mtu"
-  proto_config_add_string "preshared_key"
-  available=1
-  no_proto_task=1
-}
-
-
-proto_wireguard_setup_peer() {
-  local peer_config="$1"
-
-  local public_key
-  local allowed_ips
-  local route_allowed_ips
-  local endpoint_host
-  local endpoint_port
-  local persistent_keepalive
-
-  config_get      public_key           "${peer_config}" "public_key"
-  config_get      allowed_ips          "${peer_config}" "allowed_ips"
-  config_get_bool route_allowed_ips    "${peer_config}" "route_allowed_ips" 0
-  config_get      endpoint_host        "${peer_config}" "endpoint_host"
-  config_get      endpoint_port        "${peer_config}" "endpoint_port"
-  config_get      persistent_keepalive "${peer_config}" "persistent_keepalive"
-
-  # peer configuration
-  echo "[Peer]"                                         >> "${wg_cfg}"
-  echo "PublicKey=${public_key}"                        >> "${wg_cfg}"
-  for allowed_ip in $allowed_ips; do
-    echo "AllowedIPs=${allowed_ip}"                     >> "${wg_cfg}"
-  done
-  if [ "${endpoint_host}" ]; then
-    case "${endpoint_host}" in
-      *:*)
-        endpoint="[${endpoint_host}]"
-      ;;
-      *)
-        endpoint="${endpoint_host}"
-      ;;
-    esac
-    if [ "${endpoint_port}" ]; then
-      endpoint="${endpoint}:${endpoint_port}"
-    else
-      endpoint="${endpoint}:51820"
-    fi
-    echo "Endpoint=${endpoint}"                         >> "${wg_cfg}"
-  fi
-  if [ "${persistent_keepalive}" ]; then
-    echo "PersistentKeepalive=${persistent_keepalive}"  >> "${wg_cfg}"
-  fi
-
-  # add routes for allowed ips
-  if [ ${route_allowed_ips} -ne 0 ]; then
-    for allowed_ip in ${allowed_ips}; do
-      case "${allowed_ip}" in
-        *:*/*)
-          proto_add_ipv6_route "${allowed_ip%%/*}" "${allowed_ip##*/}"
-        ;;
-        */*)
-          proto_add_ipv4_route "${allowed_ip%%/*}" "${allowed_ip##*/}"
-        ;;
-      esac
-    done
-  fi
-}
-
-
-proto_wireguard_setup() {
-  local config="$1"
-  local wg_dir="/tmp/wireguard"
-  local wg_cfg="${wg_dir}/${config}"
-
-  local private_key
-  local listen_port
-  local mtu
-  local preshared_key
-
-  # load configuration
-  config_load network
-  config_get private_key   "${config}" "private_key"
-  config_get listen_port   "${config}" "listen_port"
-  config_get addresses     "${config}" "addresses"
-  config_get mtu           "${config}" "mtu"
-  config_get preshared_key "${config}" "preshared_key"
-
-  # create interface
-  ip link del dev "${config}" 2>/dev/null
-  ip link add dev "${config}" type wireguard
-
-  if [ "${mtu}" ]; then
-    ip link set mtu "${mtu}" dev "${config}"
-  fi
-
-  proto_init_update "${config}" 1
-
-  # generate configuration file
-  umask 077
-  mkdir -p "${wg_dir}"
-  echo "[Interface]"                     >  "${wg_cfg}"
-  echo "PrivateKey=${private_key}"       >> "${wg_cfg}"
-  if [ "${listen_port}" ]; then
-    echo "ListenPort=${listen_port}"     >> "${wg_cfg}"
-  fi
-  if [ "${preshared_key}" ]; then
-    echo "PresharedKey=${preshared_key}" >> "${wg_cfg}"
-  fi
-  config_foreach proto_wireguard_setup_peer "wireguard_${config}"
-
-  # apply configuration file
-  ${WG} setconf ${config} "${wg_cfg}"
-  WG_RETURN=$?
-
-  # delete configuration file
-  rm -f "${wg_cfg}"
-
-  # check status
-  if [ ${WG_RETURN} -ne 0 ]; then
-    sleep 5
-    proto_setup_failed "${config}"
-    exit 1
-  fi
-
-  # add ip addresses
-  for address in ${addresses}; do
-    case "${address}" in
-      *:*/*)
-        proto_add_ipv6_address "${address%%/*}" "${address##*/}"
-      ;;
-      *.*/*)
-        proto_add_ipv4_address "${address%%/*}" "${address##*/}"
-      ;;
-      *:*)
-        proto_add_ipv6_address "${address%%/*}" "128"
-      ;;
-      *.*)
-        proto_add_ipv4_address "${address%%/*}" "32"
-      ;;
-    esac
-  done
-
-  # endpoint dependency
-  wg show "${config}" endpoints | \
-    sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
-    while IFS=$'\t ' read -r key address port; do
-    [ -n "${port}" ] || continue
-    echo "adding host depedency for ${address} at ${config}"
-    proto_add_host_dependency "${config}" "${address}"
-  done
-
-  proto_send_update "${config}"
-}
-
-
-proto_wireguard_teardown() {
-  local config="$1"
-  ip link del dev "${config}" >/dev/null 2>&1
-}
-
-
-[ -n "$INCLUDE_ONLY" ] || {
-  add_protocol wireguard
-}
diff --git a/utils/attendedsysupgrade-common/Makefile b/utils/attendedsysupgrade-common/Makefile
new file mode 100644
index 0000000..d1419ae
--- /dev/null
+++ b/utils/attendedsysupgrade-common/Makefile
@@ -0,0 +1,56 @@
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=attendedsysupgrade-common
+PKG_VERSION:=0.1
+PKG_RELEASE:=2
+PKG_LICENSE:=GPL-2.0
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/attendedsysupgrade-common
+  SECTION:=utils
+  CATEGORY:=Base system
+  TITLE:=Common files neede by attendedsysupgrade packages
+  MAINTAINER:=Paul Spooren 
+  DEPENDS:=+rpcd +rpcd-mod-rpcsys
+endef
+
+define Package/attendedsysupgrade-common/description
+	Common needed files for attendedsysupgrade tool
+
+	Manages dependencies and brings settings used by clients.
+
+	UCI options:
+
+	attendedsysupgrade.server.url
+	URL of compatible upgrade server [1]
+
+	attendedsysupgrade.client.upgrade_packages
+	Client should request image also if no new release but new packages upgrade are available.
+
+	attendedsysupgrade.client.advanced_mode
+	Offer advanced options like editing packages before request and show additional information.
+
+	attendedsysupgrade.client.auto_search
+	Tells the client to automattically search for upgrades
+	This can be done when opening luci or login in to console - depends on client.
+
+	[1]: https://github.com/aparcar/gsoc17-attended-sysupgrade
+endef
+
+define Build/Compile
+endef
+
+define Build/Configure
+endef
+
+define Package/attendedsysupgrade-common/install
+	$(INSTALL_DIR) $(1)/etc/uci-defaults/
+	$(INSTALL_BIN) ./files/attendedsysupgrade.defaults $(1)/etc/uci-defaults/attendedsysupgrade
+endef
+
+$(eval $(call BuildPackage,attendedsysupgrade-common))
diff --git a/utils/attendedsysupgrade-common/files/attendedsysupgrade.defaults b/utils/attendedsysupgrade-common/files/attendedsysupgrade.defaults
new file mode 100644
index 0000000..f7fb1eb
--- /dev/null
+++ b/utils/attendedsysupgrade-common/files/attendedsysupgrade.defaults
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+[ -e /etc/config/attendedsysupgrade ] && return 0
+
+touch /etc/config/attendedsysupgrade
+
+uci -q batch <
-
-PKG_BUILD_PARALLEL:=1
-PKG_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/nls.mk
-
-define Package/bluez/Default
-  TITLE:=Bluetooth
-  URL:=http://www.bluez.org/
-endef
-
-define Package/bluez-examples
-$(call Package/bluez/Default)
-  SECTION:=utils
-  CATEGORY:=Utilities
-  TITLE+= python example apps
-  DEPENDS:=+python
-endef
-
-define Package/bluez-examples/description
-  contains many examples apps for bluetooth, requiring python
-endef
-
-define Package/bluez-libs
-$(call Package/bluez/Default)
-  SECTION:=libs
-  CATEGORY:=Libraries
-  TITLE+= library
-  DEPENDS:=+libpthread +kmod-bluetooth
-endef
-
-define Package/bluez-utils
-$(call Package/bluez/Default)
-  SECTION:=utils
-  CATEGORY:=Utilities
-  TITLE+= utilities
-  DEPENDS:=+bluez-libs +libpthread +librt +glib2 +libncurses +libreadline $(INTL_DEPENDS) $(ICONV_DEPENDS)
-endef
-
-define Package/bluez-daemon
-$(call Package/bluez/Default)
-  SECTION:=utils
-  CATEGORY:=Utilities
-  TITLE+= daemon
-  DEPENDS:=+bluez-libs +bluez-utils +dbus +libical $(INTL_DEPENDS) $(ICONV_DEPENDS)
-endef
-
-define Package/bluez-daemon/conffiles
-/etc/bluetooth/main.conf
-/etc/bluetooth/network.conf
-/etc/bluetooth/input.conf
-/etc/bluetooth/proximity.conf
-/etc/config/bluetooth
-endef
-
-CONFIGURE_ARGS += \
-	--enable-static \
-	--enable-shared \
-	--enable-client \
-	--enable-datafiles \
-	--enable-experimental \
-	--enable-library \
-	--enable-monitor \
-	--enable-obex \
-	--enable-threads \
-	--enable-tools \
-	--disable-android \
-	--disable-cups \
-	--disable-manpages \
-	--disable-sixaxis \
-	--disable-systemd \
-	--disable-test \
-	--disable-udev \
-
-TARGET_CPPFLAGS += \
-	-D_GNU_SOURCE
-
-define Build/InstallDev
-	$(INSTALL_DIR) $(1)/usr/include
-	$(CP) $(PKG_INSTALL_DIR)/usr/include/bluetooth $(1)/usr/include/
-	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libbluetooth.{a,so*} $(1)/usr/lib/
-	$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/bluez.pc $(1)/usr/lib/pkgconfig/
-endef
-
-define Package/bluez-examples/install
-	$(INSTALL_DIR) $(1)/usr/bin/bluez
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/test/* $(1)/usr/bin/bluez/
-endef
-
-define Package/bluez-libs/install
-	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/libbluetooth.so.* $(1)/usr/lib/
-endef
-
-define Package/bluez-utils/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/bccmd $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/bluemoon $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/btmon $(1)/usr/bin/
-	$(CP) $(PKG_BUILD_DIR)/tools/btmgmt $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/ciptool $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/hciattach $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/hciconfig $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/hcidump $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/hcitool $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/hex2hcd $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/l2ping $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/l2test $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/rctest $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/rfcomm $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/sdptool $(1)/usr/bin/
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/attrib/gatttool $(1)/usr/bin/
-endef
-
-define Package/bluez-daemon/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/bluetooth/bluetoothd $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/bin/bluetoothctl $(1)/usr/bin/
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/bluetooth/obexd $(1)/usr/bin/
-	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DATA) ./files/bluetooth.config $(1)/etc/config/bluetooth
-	$(INSTALL_DIR) $(1)/etc/dbus-1/system.d/
-	$(INSTALL_DATA) ./files/bluetooth.dbus $(1)/etc/dbus-1/system.d/bluetooth.conf
-	$(INSTALL_DIR) $(1)/etc/bluetooth
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/src/main.conf $(1)/etc/bluetooth/main.conf
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/profiles/network/network.conf $(1)/etc/bluetooth/network.conf
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/profiles/input/input.conf $(1)/etc/bluetooth/input.conf
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/profiles/proximity/proximity.conf $(1)/etc/bluetooth/proximity.conf
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_BIN) ./files/bluetoothd.init $(1)/etc/init.d/bluetoothd
-endef
-
-$(eval $(call BuildPackage,bluez-examples))
-$(eval $(call BuildPackage,bluez-libs))
-$(eval $(call BuildPackage,bluez-utils))
-$(eval $(call BuildPackage,bluez-daemon))
diff --git a/utils/bluez/files/bluetooth.config b/utils/bluez/files/bluetooth.config
deleted file mode 100644
index 6f23617..0000000
--- a/utils/bluez/files/bluetooth.config
+++ /dev/null
@@ -1,15 +0,0 @@
-config bluetoothd
-#	option config	/etc/bluetooth/main.conf
-	option enabled	1
-
-config hciattach
-	option initspeed	115200
-	option tty	ttyS1
-	option type	csr
-	option speed	115200
-	option flow	noflow
-	option enabled 	0
-
-config rfcomm
-#	option config	/etc/bluetooth/rfcomm.conf
-	option enabled	0
diff --git a/utils/bluez/files/bluetooth.dbus b/utils/bluez/files/bluetooth.dbus
deleted file mode 100644
index 88545fa..0000000
--- a/utils/bluez/files/bluetooth.dbus
+++ /dev/null
@@ -1,37 +0,0 @@
-
-
-
-
-
-  
-
-  
-    
-  
-
-  
-    
-    
-
-    
-    
-
-    
-    
-
-    
-    
-
-    
-    
-
-    
-    
-
-    
-    
-  
-
-
diff --git a/utils/bluez/files/bluetoothd.init b/utils/bluez/files/bluetoothd.init
deleted file mode 100644
index 75f4d96..0000000
--- a/utils/bluez/files/bluetoothd.init
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2007 OpenWrt.org
-
-#start after dbus (60)
-START=62
-USE_PROCD=1
-PROG=/usr/bin/bluetoothd
-
-start_service() {
-	procd_open_instance
-	procd_set_param command "$PROG" -n
-	procd_close_instance
-}
diff --git a/utils/bluez/files/givepin b/utils/bluez/files/givepin
deleted file mode 100644
index e52a338..0000000
--- a/utils/bluez/files/givepin
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/bin/sh
-
-# Write bluetooth PIN number here:
-pin=
-
-if [ -z "$pin" ]; then
-	msg="Set bluetooth PIN in file $0"
-	logger -p user.err "$msg"
-	for i in /dev/pts/* ; do
-		[ -w $i ] && echo "$msg" > $i
-	done
-else
-	echo "PIN:$pin"
-fi
diff --git a/utils/bluez/patches/001-bcm43xx-Add-bcm43xx-3wire-variant.patch b/utils/bluez/patches/001-bcm43xx-Add-bcm43xx-3wire-variant.patch
deleted file mode 100644
index 96e8a26..0000000
--- a/utils/bluez/patches/001-bcm43xx-Add-bcm43xx-3wire-variant.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-From b4f2b77472aeb967d3a7595e8a965785c7a37c87 Mon Sep 17 00:00:00 2001
-From: Phil Elwell 
-Date: Tue, 16 Feb 2016 16:40:46 +0000
-Subject: [PATCH 1/4] bcm43xx: Add bcm43xx-3wire variant
-
----
- tools/hciattach.c | 3 +++
- 1 file changed, 3 insertions(+)
-
---- a/tools/hciattach.c
-+++ b/tools/hciattach.c
-@@ -1144,6 +1144,9 @@ struct uart_t uart[] = {
- 	{ "bcm43xx",    0x0000, 0x0000, HCI_UART_H4,   115200, 3000000,
- 				FLOW_CTL, DISABLE_PM, NULL, bcm43xx, NULL  },
- 
-+	{ "bcm43xx-3wire",    0x0000, 0x0000, HCI_UART_3WIRE, 115200, 3000000,
-+				0, DISABLE_PM, NULL, bcm43xx, NULL  },
-+
- 	{ "ath3k",    0x0000, 0x0000, HCI_UART_ATH3K, 115200, 115200,
- 			FLOW_CTL, DISABLE_PM, NULL, ath3k_ps, ath3k_pm  },
- 
diff --git a/utils/bluez/patches/002-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch b/utils/bluez/patches/002-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch
deleted file mode 100644
index a221861..0000000
--- a/utils/bluez/patches/002-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From e145c9621f976063e5c573db1f2053d906f63427 Mon Sep 17 00:00:00 2001
-From: Phil Elwell 
-Date: Tue, 16 Feb 2016 16:39:09 +0000
-Subject: [PATCH 2/4] bcm43xx: The UART speed must be reset after the firmware
- download
-
----
- tools/hciattach_bcm43xx.c | 6 ++----
- 1 file changed, 2 insertions(+), 4 deletions(-)
-
---- a/tools/hciattach_bcm43xx.c
-+++ b/tools/hciattach_bcm43xx.c
-@@ -366,11 +366,8 @@ int bcm43xx_init(int fd, int def_speed,
- 		return -1;
- 
- 	if (bcm43xx_locate_patch(FIRMWARE_DIR, chip_name, fw_path)) {
--		fprintf(stderr, "Patch not found, continue anyway\n");
-+		fprintf(stderr, "Patch not found for %s, continue anyway\n", chip_name);
- 	} else {
--		if (bcm43xx_set_speed(fd, ti, speed))
--			return -1;
--
- 		if (bcm43xx_load_firmware(fd, fw_path))
- 			return -1;
- 
-@@ -380,6 +377,7 @@ int bcm43xx_init(int fd, int def_speed,
- 			return -1;
- 		}
- 
-+		sleep(1);
- 		if (bcm43xx_reset(fd))
- 			return -1;
- 	}
diff --git a/utils/bluez/patches/003-Increase-firmware-load-timeout-to-30s.patch b/utils/bluez/patches/003-Increase-firmware-load-timeout-to-30s.patch
deleted file mode 100644
index fa0948d..0000000
--- a/utils/bluez/patches/003-Increase-firmware-load-timeout-to-30s.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-From d41dc2046dd08d8c95197f677e224506f5b39bdd Mon Sep 17 00:00:00 2001
-From: Phil Elwell 
-Date: Wed, 20 Jan 2016 16:00:37 +0000
-Subject: [PATCH 3/4] Increase firmware load timeout to 30s
-
----
- tools/hciattach.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/tools/hciattach.c
-+++ b/tools/hciattach.c
-@@ -1293,7 +1293,7 @@ int main(int argc, char *argv[])
- {
- 	struct uart_t *u = NULL;
- 	int detach, printpid, raw, opt, i, n, ld, err;
--	int to = 10;
-+	int to = 30;
- 	int init_speed = 0;
- 	int send_break = 0;
- 	pid_t pid;
diff --git a/utils/bluez/patches/004-Move-the-43xx-firmware-into-lib-firmware.patch b/utils/bluez/patches/004-Move-the-43xx-firmware-into-lib-firmware.patch
deleted file mode 100644
index 80b052d..0000000
--- a/utils/bluez/patches/004-Move-the-43xx-firmware-into-lib-firmware.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-From 76681284b0ea49852041fdb97a35175089a08781 Mon Sep 17 00:00:00 2001
-From: Phil Elwell 
-Date: Tue, 23 Feb 2016 17:52:29 +0000
-Subject: [PATCH 4/4] Move the 43xx firmware into /lib/firmware
-
----
- tools/hciattach_bcm43xx.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/tools/hciattach_bcm43xx.c
-+++ b/tools/hciattach_bcm43xx.c
-@@ -43,7 +43,7 @@
- #include "hciattach.h"
- 
- #ifndef FIRMWARE_DIR
--#define FIRMWARE_DIR "/etc/firmware"
-+#define FIRMWARE_DIR "/lib/firmware/brcm"
- #endif
- 
- #define FW_EXT ".hcd"
diff --git a/utils/bluez/patches/200-uart-speed.patch b/utils/bluez/patches/200-uart-speed.patch
deleted file mode 100644
index ebe0153..0000000
--- a/utils/bluez/patches/200-uart-speed.patch
+++ /dev/null
@@ -1,40 +0,0 @@
---- a/tools/hciattach.c
-+++ b/tools/hciattach.c
-@@ -101,20 +101,37 @@ int uart_speed(int s)
- 		return B230400;
- 	case 460800:
- 		return B460800;
-+/* FIX: Not all platform support this high serial speed
-+   claudyus84 @gamil.com
-+*/
-+#ifdef B500000
- 	case 500000:
- 		return B500000;
-+#endif
-+#ifdef B576000
- 	case 576000:
- 		return B576000;
-+#endif
-+#ifdef B921600
- 	case 921600:
- 		return B921600;
-+#endif
-+#ifdef B1000000
- 	case 1000000:
- 		return B1000000;
-+#endif
-+#ifdef B1152000
- 	case 1152000:
- 		return B1152000;
-+#endif
-+#ifdef B1500000
- 	case 1500000:
- 		return B1500000;
-+#endif
-+#ifdef B2000000
- 	case 2000000:
- 		return B2000000;
-+#endif
- #ifdef B2500000
- 	case 2500000:
- 		return B2500000;
diff --git a/utils/bluez/patches/201-readline.patch b/utils/bluez/patches/201-readline.patch
deleted file mode 100644
index 45e1553..0000000
--- a/utils/bluez/patches/201-readline.patch
+++ /dev/null
@@ -1,48 +0,0 @@
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -2441,7 +2441,7 @@ unit_tests = $(am__append_35) unit/test-
- @CLIENT_TRUE@					monitor/uuid.h monitor/uuid.c
- 
- @CLIENT_TRUE@client_bluetoothctl_LDADD = gdbus/libgdbus-internal.la @GLIB_LIBS@ @DBUS_LIBS@ \
--@CLIENT_TRUE@				-lreadline
-+@CLIENT_TRUE@				-lreadline -lncurses
- 
- @MONITOR_TRUE@monitor_btmon_SOURCES = monitor/main.c monitor/bt.h \
- @MONITOR_TRUE@				monitor/display.h monitor/display.c \
-@@ -2691,13 +2691,13 @@ unit_tests = $(am__append_35) unit/test-
- @READLINE_TRUE@				client/display.h
- 
- @READLINE_TRUE@attrib_gatttool_LDADD = lib/libbluetooth-internal.la \
--@READLINE_TRUE@			src/libshared-glib.la @GLIB_LIBS@ -lreadline
-+@READLINE_TRUE@			src/libshared-glib.la @GLIB_LIBS@ -lreadline -lncurses
- 
- @READLINE_TRUE@tools_obex_client_tool_SOURCES = $(gobex_sources) $(btio_sources) \
- @READLINE_TRUE@						tools/obex-client-tool.c
- 
- @READLINE_TRUE@tools_obex_client_tool_LDADD = lib/libbluetooth-internal.la \
--@READLINE_TRUE@						@GLIB_LIBS@ -lreadline
-+@READLINE_TRUE@						@GLIB_LIBS@ -lreadline -lncurses
- 
- @READLINE_TRUE@tools_obex_server_tool_SOURCES = $(gobex_sources) $(btio_sources) \
- @READLINE_TRUE@						tools/obex-server-tool.c
-@@ -2707,17 +2707,17 @@ unit_tests = $(am__append_35) unit/test-
- @READLINE_TRUE@				client/display.h client/display.c
- 
- @READLINE_TRUE@tools_bluetooth_player_LDADD = gdbus/libgdbus-internal.la \
--@READLINE_TRUE@				@GLIB_LIBS@ @DBUS_LIBS@ -lreadline
-+@READLINE_TRUE@				@GLIB_LIBS@ @DBUS_LIBS@ -lreadline -lncurses
- 
- @READLINE_TRUE@tools_obexctl_SOURCES = tools/obexctl.c \
- @READLINE_TRUE@				client/display.h client/display.c
- 
- @READLINE_TRUE@tools_obexctl_LDADD = gdbus/libgdbus-internal.la \
--@READLINE_TRUE@				@GLIB_LIBS@ @DBUS_LIBS@ -lreadline
-+@READLINE_TRUE@				@GLIB_LIBS@ @DBUS_LIBS@ -lreadline -lncurses
- 
- @READLINE_TRUE@tools_btmgmt_SOURCES = tools/btmgmt.c src/uuid-helper.c client/display.c
- @READLINE_TRUE@tools_btmgmt_LDADD = lib/libbluetooth-internal.la src/libshared-mainloop.la \
--@READLINE_TRUE@				-lreadline
-+@READLINE_TRUE@				-lreadline -lncurses
- 
- @EXPERIMENTAL_TRUE@tools_gatt_service_SOURCES = tools/gatt-service.c
- @EXPERIMENTAL_TRUE@tools_gatt_service_LDADD = @GLIB_LIBS@ @DBUS_LIBS@ gdbus/libgdbus-internal.la
diff --git a/utils/canutils/Makefile b/utils/canutils/Makefile
index 58ae762..853b926 100644
--- a/utils/canutils/Makefile
+++ b/utils/canutils/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=canutils
-PKG_RELEASE=1
+PKG_RELEASE=2
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/linux-can/can-utils
@@ -24,9 +24,6 @@ PKG_FIXUP:=autoreconf
 
 include $(INCLUDE_DIR)/package.mk
 
-FILES:=canbusload can-calc-bit-timing candump \
-	cangen cangw canplayer cansniffer cansend
-
 define Package/canutils/Default
   SECTION:=utils
   CATEGORY:=Utilities
@@ -39,30 +36,30 @@ define Package/canutils
   MENU:=1
 endef
 
-define Package/canutils-log-conversion
-  $(call Package/canutils/Default)
-  TITLE:=canutils log conversion
-  DEPENDS:=canutils
-endef
+define GenPlugin
+  define Package/$(addprefix canutils-,$(1))
+    $(call Package/canutils/Default)
+    DEPENDS:=canutils
+    TITLE:=Utility $(1) from the CAN utilities
+  endef
 
-define PartGen
-define Package/canutils-$(1)
-  $(call Package/canutils/Default)
-  TITLE:=$(1) tool from canutils
-  DEPENDS:=canutils
-endef
+   define Package/$(addprefix canutils-,$(1))/description
+     Utility $(1) from the CAN utilities package.
+   endef
 endef
 
-$(foreach file,$(FILES),$(eval $(call PartGen,$(file))))
+FILES:=canbusload can-calc-bit-timing candump \
+	cangen cangw canplayer cansniffer cansend \
+	canfdtest asc2log log2asc log2long bcmserver \
+	canlogserver isotpdump isotpperf isotprecv \
+	isotpsend isotpserver isotpsniffer isotptun \
+	slcan_attach slcand slcanpty
+
 
-define Package/canutils/install
-endef
+$(foreach a,$(FILES),$(eval $(call GenPlugin,$(a))))
 
-define Package/canutils-log-conversion/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/asc2log $(1)/usr/bin/
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/log2asc $(1)/usr/bin/
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/log2long $(1)/usr/bin/
+define Package/canutils/install
+	true
 endef
 
 define PartInstall
@@ -74,43 +71,7 @@ define Package/canutils-$(1)/install
 endef
 endef
 
-define Package/canutils-log-conversion/description
-asc2log - convert ASC logfile to compact CAN frame logfile.
-log2asc - convert compact CAN frame logfile to ASC logfile.
-log2long - convert compact CAN frame representation into user readable.
-endef
-
-define Package/canutils-canbusload/description
-canbusload - display the load percentage of can buses.
-endef
-
-define Package/canutils-can-calc-bit-timing/description
-can-calc-bit-timing - calculate hw bittiming for supported can chips.
-endef
-
-define Package/canutils-candump/description
-candump - dumps can frames to terminal, logfile or another can device,
-with optional filtering.
-endef
-
-define Package/canutils-cangen/description
-cangen - CAN frames generator for testing purposes.
-endef
-
-define Package/canutils-cangw/description
-cangw - manage PF_CAN netlink gateway.
-endef
-
-define Package/canutils-canplayer/description
-canplayer - replay a compact CAN frame logfile to CAN devices.
-endef
-
-define Package/canutils-cansend/description
-cansend - simple command line tool to send CAN-frames via CAN_RAW sockets.
-endef
-
 $(foreach file,$(FILES),$(eval $(call PartInstall,$(file))))
 
 $(eval $(call BuildPackage,canutils))
-$(eval $(call BuildPackage,canutils-log-conversion))
 $(foreach file,$(FILES),$(eval $(call BuildPackage,canutils-$(file))))
diff --git a/utils/collectd/Makefile b/utils/collectd/Makefile
index 27491c6..77ffd23 100644
--- a/utils/collectd/Makefile
+++ b/utils/collectd/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=collectd
 PKG_VERSION:=5.5.3
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=http://collectd.org/files/
diff --git a/utils/collectd/patches/500-fix-uptime-reading.patch b/utils/collectd/patches/500-fix-uptime-reading.patch
new file mode 100644
index 0000000..2e77c95
--- /dev/null
+++ b/utils/collectd/patches/500-fix-uptime-reading.patch
@@ -0,0 +1,173 @@
+From af01dd6fa3eb458e2fbb272703b0cae37ea54a9b Mon Sep 17 00:00:00 2001
+From: Marcin Jurkowski 
+Date: Tue, 11 Jul 2017 15:00:25 +0200
+Subject: [PATCH] uptime plugin: don't cache boot time and simplify Linux code
+
+Caching boottime on startup yields incorrect uptime values if system
+date changes after the daemon is started.
+This is almost certain to happen on embedded systems without RTC, where
+clock is set from NTP server at some point after boot process.
+
+On Linux, we can retrieve uptime directly by either reading /proc/uptime
+(it's sufficient to read a few bytes) or calling sysinfo() function.
+Use the latter since it's the most efficient way in speed, memory
+requirements and code simplicity terms.
+
+--- a/src/uptime.c
++++ b/src/uptime.c
+@@ -24,8 +24,7 @@
+ #include "plugin.h"
+ 
+ #if KERNEL_LINUX
+-# define STAT_FILE "/proc/stat"
+-/* Using /proc filesystem to retrieve the boot time, Linux only. */
++#include 
+ /* #endif KERNEL_LINUX */
+ 
+ #elif HAVE_LIBKSTAT
+@@ -50,8 +49,6 @@
+ /*
+  * Global variables
+  */
+-/* boottime always used, no OS distinction */
+-static time_t boottime;
+ 
+ #if HAVE_LIBKSTAT
+ extern kstat_ctl_t *kc;
+@@ -74,8 +71,6 @@ static void uptime_submit (gauge_t uptim
+ 	plugin_dispatch_values (&vl);
+ }
+ 
+-static int uptime_init (void) /* {{{ */
+-{
+ 	/*
+ 	 * On most unix systems the uptime is calculated by looking at the boot
+ 	 * time (stored in unix time, since epoch) and the current one. We are
+@@ -86,52 +81,21 @@ static int uptime_init (void) /* {{{ */
+ 	 * the boot time, the plugin is unregistered and there is no chance to
+ 	 * try again later. Nevertheless, this is very unlikely to happen.
+ 	 */
+-
++static time_t uptime_get_sys(void) { /* {{{ */
++  time_t result;
+ #if KERNEL_LINUX
+-	unsigned long starttime;
+-	char buffer[1024];
+-	int ret;
+-	FILE *fh;
+-
+-	ret = 0;
+-
+-	fh = fopen (STAT_FILE, "r");
++	struct sysinfo info;
++	int status;
+ 
+-	if (fh == NULL)
+-	{
++	status = sysinfo(&info);
++	if (status != 0) {
+ 		char errbuf[1024];
+-		ERROR ("uptime plugin: Cannot open "STAT_FILE": %s",
++		ERROR ("uptime plugin: Error calling sysinfo: %s",
+ 			sstrerror (errno, errbuf, sizeof (errbuf)));
+ 		return (-1);
+ 	}
+ 
+-	while (fgets (buffer, 1024, fh) != NULL)
+-	{
+-		/* look for the btime string and read the value */
+-		ret = sscanf (buffer, "btime %lu", &starttime);
+-		/* avoid further loops if btime has been found and read
+-		 * correctly (hopefully) */
+-		if (ret == 1)
+-			break;
+-	}
+-
+-	fclose (fh);
+-
+-	/* loop done, check if no value has been found/read */
+-	if (ret != 1)
+-	{
+-		ERROR ("uptime plugin: No value read from "STAT_FILE"");
+-		return (-1);
+-	}
+-
+-	boottime = (time_t) starttime;
+-
+-	if (boottime == 0)
+-	{
+-		ERROR ("uptime plugin: btime read from "STAT_FILE", "
+-				"but `boottime' is zero!");
+-		return (-1);
+-	}
++	result = (time_t)info.uptime;
+ /* #endif KERNEL_LINUX */
+ 
+ #elif HAVE_LIBKSTAT
+@@ -168,14 +132,13 @@ static int uptime_init (void) /* {{{ */
+ 		return (-1);
+ 	}
+ 
+-	boottime = (time_t) knp->value.ui32;
+-
+-	if (boottime == 0)
+-	{
++	if (knp->value.ui32 == 0) {
+ 		ERROR ("uptime plugin: kstat_data_lookup returned success, "
+ 			"but `boottime' is zero!");
+ 		return (-1);
+ 	}
++
++  result = time(NULL) - (time_t)knp->value.ui32;
+ /* #endif HAVE_LIBKSTAT */
+ 
+ # elif HAVE_SYS_SYSCTL_H
+@@ -201,14 +164,13 @@ static int uptime_init (void) /* {{{ */
+ 		return (-1);
+ 	}
+ 
+-	boottime = boottv.tv_sec;
+-
+-	if (boottime == 0)
+-	{
++	if (boottv.tv_sec == 0) {
+ 		ERROR ("uptime plugin: sysctl(3) returned success, "
+ 				"but `boottime' is zero!");
+ 		return (-1);
+ 	}
++
++	result = time(NULL) - boottv.tv_sec;
+ /* #endif HAVE_SYS_SYSCTL_H */
+ 
+ #elif HAVE_PERFSTAT
+@@ -230,11 +192,11 @@ static int uptime_init (void) /* {{{ */
+ 	if (hertz <= 0)
+ 		hertz = HZ;
+ 
+-	boottime = time(NULL) - cputotal.lbolt / hertz;
++	result = cputotal.lbolt / hertz;
+ #endif /* HAVE_PERFSTAT */
+ 
+-	return (0);
+-} /* }}} int uptime_init */
++	return result;
++} /* }}} int uptime_get_sys */
+ 
+ static int uptime_read (void)
+ {
+@@ -242,7 +204,7 @@ static int uptime_read (void)
+ 	time_t elapsed;
+ 
+ 	/* calculate the amount of time elapsed since boot, AKA uptime */
+-	elapsed = time (NULL) - boottime;
++	elapsed = uptime_get_sys();
+ 
+ 	uptime = (gauge_t) elapsed;
+ 
+@@ -253,6 +215,5 @@ static int uptime_read (void)
+ 
+ void module_register (void)
+ {
+-	plugin_register_init ("uptime", uptime_init);
+ 	plugin_register_read ("uptime", uptime_read);
+ } /* void module_register */
diff --git a/utils/coreutils/Makefile b/utils/coreutils/Makefile
index 0d52b60..3fbc75e 100644
--- a/utils/coreutils/Makefile
+++ b/utils/coreutils/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=coreutils
 PKG_VERSION:=8.23
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=@GNU/coreutils
@@ -43,6 +43,8 @@ DEPENDS_ls = +libacl +libcap
 DEPENDS_mv = +libacl
 DEPENDS_vdir = +libacl +libcap
 
+FILES_stdbuf := usr/lib/coreutils/libstdbuf.so
+
 define Package/coreutils/Default
   SECTION:=utils
   CATEGORY:=Utilities
@@ -105,6 +107,10 @@ define BuildPlugin
   define Package/$(1)/install
 	$(INSTALL_DIR) $$(1)/usr/bin
 	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/$(2) $$(1)/usr/bin/
+	$(foreach f,$(FILES_$(2)),
+		$(INSTALL_DIR) $$(1)/$(dir $(f))
+		$(INSTALL_BIN) $(PKG_INSTALL_DIR)/$(f) $$(1)/$(f)
+	)
   endef
 
   $$(eval $$(call BuildPackage,$(1)))
diff --git a/utils/tree/Makefile b/utils/tree/Makefile
new file mode 100644
index 0000000..b7ff3d4
--- /dev/null
+++ b/utils/tree/Makefile
@@ -0,0 +1,33 @@
+#
+# Copyright (C) 2017 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=tree
+PKG_RELEASE:=1
+PKG_VERSION:=1.7.0
+PKG_SOURCE_URL:=ftp://mama.indstate.edu/linux/tree/
+PKG_HASH:=6957c20e82561ac4231638996e74f4cfa4e6faabc5a2f511f0b4e3940e8f7b12
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz
+PKG_MAINTAINER:=Banglang Huang 
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/tree
+  SECTION:=utils
+  CATEGORY:=Utilities
+  TITLE:=List contents of directories in a tree-like format
+  DEPENDS:=+libc +libgcc
+endef
+
+define Package/tree/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/tree $(1)/usr/sbin/
+endef
+
+$(eval $(call BuildPackage,tree))
diff --git a/utils/ttyd/Makefile b/utils/ttyd/Makefile
new file mode 100644
index 0000000..3927cd0
--- /dev/null
+++ b/utils/ttyd/Makefile
@@ -0,0 +1,47 @@
+#
+# Copyright (C) 2016 Shuanglei Tao 
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=ttyd
+PKG_VERSION:=1.2.1
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE_URL:=https://github.com/tsl0922/ttyd.git
+PKG_SOURCE_VERSION:=$(PKG_VERSION)
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+
+CMAKE_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/ttyd
+	SECTION:=utils
+	CATEGORY:=Utilities
+	TITLE:=Command-line tool for sharing terminal over the web
+	DEPENDS:=+libopenssl +libjson-c +libpthread +libwebsockets-openssl
+	URL:=https://github.com/tsl0922/ttyd
+	SUBMENU:=Terminal
+	MAINTAINER:=Shuanglei Tao 
+endef
+
+define Package/ttyd/description
+ttyd is a command-line tool for sharing terminal over the web.
+endef
+
+define Package/ttyd/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ttyd $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,ttyd))
-- 
2.25.1