go1.21.6 (released 2024-01-09) includes fixes to the compiler,
the runtime, and the crypto/tls, maps, and runtime/pprof packages.
go1.21.7 (released 2024-02-06) includes fixes to the compiler,
the go command, the runtime, and the crypto/x509 package.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* add support for destination port & protocol limitations for external feeds (see readme for details),
useful for lan-forward ad- or DoH-blocking, e.g. only tcp ports 80 and 443
* add turris sentinel blocklist feed
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
The new validation_method option can be: dns, webroot or standalone.
Previously we guessed the challenge type:
1. if the DNS provider is specified then it's dns
2. if standalone=1
3. fallback to webroot
The logic is preserved and if the validation_method wasn't set explicitly we'll guess it in old manner.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
The new validation_method option can be: dns, webroot or standalone.
Previously we guessed the challenge type:
1. if the DNS provider is specified then it's dns
2. if standalone=1
3. fallback to webroot
The logic is preserved and if the validation_method wasn't set explicitly we'll guess it in old manner.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Previous commit removed unnecessary linking with libstdc++
but introduced another error on x86 platforms:
undefined reference to `__stack_chk_fail_local'
Fix it by explicitly linking libssp_nonshared.a
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
- ':BOOL' suffix is not needed
- Don't set options which are matching the defaults
- Rename non-existing OT_BORDER_ROUTING_NAT64 to OTBR_NAT64
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
On some builders the package was failing to build:
```
cp: cannot overwrite non-directory '[..]/var' with directory '[..]/var
```
Here we're moving the creation of /var/lib/thread into runtime script,
which eliminates the error.
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
XSK support is set to auto by default and on some hosts it is detected as
on and leads to:
```
In file included from dnsdist-backend.cc:32:
xsk.hh:28:10: fatal error: bits/types/struct_timespec.h: No such file or
directory
28 | #include <bits/types/struct_timespec.h>
```
Here we disable XSK so configure will behave more deterministically and
hopefully fix the builders.
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
- Update package URLs
- Use local tarball for sources
- Switch to CMake
- Drop obsolete patches including 'minimize' (ipk size +3KB only)
- Add 3 new patches to fix musl, openssl and cmake issues
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Most packages already use https URLs and for PHP and PECL
package downloads https is working properly.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Should provide increases in snort3 performance thanks to thread-
caching malloc provided by gperftools. Avg CPU usage is down.
Another user reported higher throughput achieved with snort3
compiled with this on samba transfers on system with CPU-limited
snort3 performance.[1]
1. https://forum.openwrt.org/t/some-help-with-a-makefile-gperftools/165656/22
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
Changelog: https://github.com/snort3/snort3/releases/tag/3.1.81.0
,,_ -*> Snort++ <*-
o" )~ Version 3.1.81.0
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2024 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using DAQ version 3.0.14
Using LuaJIT version 2.1.0-beta3
Using OpenSSL 3.0.13 30 Jan 2024
Using libpcap version 1.10.4 (with TPACKET_V3)
Using PCRE version 8.45 2021-06-15
Using ZLIB version 1.3.1
Using Hyperscan version 5.4.2 2024-02-16
Using LZMA version 5.4.6
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
When looping through addrinfo lists in AddrsMatch, keep a copy of the
original addrinfo pointers to free instead of ending up at the terminating
NULLs and trying to free those.
OpenWRT uses musl in which freeaddrinfo(NULL) is not safe (which is
fine, it's not required by the spec) so this fixes a segfault.
Signed-off-by: Darren Tucker <dtucker@dtucker.net>
- Switch package URLs to HTTPS
- Use .gz for source archive since .xz is no longer available
- Remove upstreamed patches
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
jasle
Dirk Brenken
Fabian Lipken
Tianling Shen
Dengfeng Liu
Sergey Ponomarev
Igor Bezzubchenko
brvphoenix
Florian Eckert
krant
Stijn Tintel
Oskari Rauta
Michael Heimpold
Daniel Golle
John Audia
Rosen Penev
Maxim Storchak
Darren Tucker
Oldřich Jedlička