[OpenWrt-Devel] [PATCH 1/6] netifd: Apply interface metric on configured interface gateway parameters
Signed-off-by: Hans Dedecker
---
proto.c |1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/proto.c b/proto.c
index 3a7b2a8..0ba2fbe 100644
--- a/proto.c
+++ b/proto.c
@@ -270,6 +270,7 @@ parse_gateway_option(struct interface *iface, struct
blob_attr *attr, bool v6)
route->mask = 0;
route->flags = (v6 ? DEVADDR_INET6 : DEVADDR_INET4);
+ route->metric = iface->metric;
unsigned int table = (v6) ? iface->ip6table : iface->ip4table;
if (table) {
--
1.7.1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 2/6] netifd: Don't assume routes are always applied in all cases
Signed-off-by: Hans Dedecker
---
interface-ip.c |9 ++---
1 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/interface-ip.c b/interface-ip.c
index 018b657..8458666 100644
--- a/interface-ip.c
+++ b/interface-ip.c
@@ -622,8 +622,10 @@ interface_update_host_route(struct vlist_tree *tree,
free(route_old);
}
- if (node_new)
- system_add_route(dev, route_new);
+ if (node_new) {
+ if (system_add_route(dev, route_new))
+ route_new->failed = true;
+ }
}
@@ -1140,7 +1142,8 @@ void interface_ip_set_enabled(struct
interface_ip_settings *ip, bool enabled)
if (!(route->flags & DEVROUTE_METRIC))
route->metric = ip->iface->metric;
- system_add_route(dev, route);
+ if (system_add_route(dev, route))
+ route->failed = true;
} else
system_del_route(dev, route);
route->enabled = _enabled;
--
1.7.1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 3/6] netifd: Remove useless route table parameter check in update_proto_route
Not necessary since route table parameter is used as key element in route_cmp
Signed-off-by: Hans Dedecker
---
interface-ip.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/interface-ip.c b/interface-ip.c
index 8458666..a82d8e7 100644
--- a/interface-ip.c
+++ b/interface-ip.c
@@ -581,7 +581,7 @@ interface_update_proto_route(struct vlist_tree *tree,
if (node_old && node_new)
keep = !memcmp(&route_old->nexthop, &route_new->nexthop,
sizeof(route_old->nexthop)) &&
- (route_old->table == route_new->table) &&
!route_old->failed;
+ !route_old->failed;
if (node_old) {
if (!(route_old->flags & DEVADDR_EXTERNAL) &&
route_old->enabled && !keep)
--
1.7.1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 4/6] netifd: Effectively apply configured route mtu
Signed-off-by: Hans Dedecker
---
interface-ip.c |2 +-
system-linux.c | 15 +++
2 files changed, 16 insertions(+), 1 deletions(-)
diff --git a/interface-ip.c b/interface-ip.c
index a82d8e7..33b5d43 100644
--- a/interface-ip.c
+++ b/interface-ip.c
@@ -581,7 +581,7 @@ interface_update_proto_route(struct vlist_tree *tree,
if (node_old && node_new)
keep = !memcmp(&route_old->nexthop, &route_new->nexthop,
sizeof(route_old->nexthop)) &&
- !route_old->failed;
+ (route_old->mtu == route_new->mtu) &&
!route_old->failed;
if (node_old) {
if (!(route_old->flags & DEVADDR_EXTERNAL) &&
route_old->enabled && !keep)
diff --git a/system-linux.c b/system-linux.c
index 8f46705..b513948 100644
--- a/system-linux.c
+++ b/system-linux.c
@@ -1260,7 +1260,22 @@ static int system_rt(struct device *dev, struct
device_route *route, int cmd)
if (table >= 256)
nla_put_u32(msg, RTA_TABLE, table);
+ if (route->flags & DEVROUTE_MTU) {
+ struct nlattr *metrics;
+
+ if (!(metrics = nla_nest_start(msg, RTA_METRICS)))
+ goto nla_put_failure;
+
+ nla_put_u32(msg, RTAX_MTU, route->mtu);
+
+ nla_nest_end(msg, metrics);
+ }
+
return system_rtnl_call(msg);
+
+nla_put_failure:
+ nlmsg_free(msg);
+ return -ENOMEM;
}
int system_add_route(struct device *dev, struct device_route *route)
--
1.7.1
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 5/6] netifd: Check interface state only when main device is set during interface_change_config
Fixes a regression issue introduced by commit d2a33f3f0fe704e4396fa2ada08401cb955ba7cb for device less protocol handlers. An active interface using a deviceless protocol handler will be be teared down when the interface config is checked upon an update as the interface link and enabled parameters are unset as no underlying device is present (eg tunnel interfaces) Signed-off-by: Hans Dedecker --- interface.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/interface.c b/interface.c index 95e1ee8..a4d7b8d 100644 --- a/interface.c +++ b/interface.c @@ -1020,7 +1020,8 @@ interface_change_config(struct interface *if_old, struct interface *if_new) } interface_write_resolv_conf(); - interface_check_state(if_old); + if (if_old->main_dev.dev) + interface_check_state(if_old); out: if_new->config = NULL; -- 1.7.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 6/6] netifd: Fix node version set after free
Fixes an issue where a bridge member will be removed from the bridge upon an interface ifup as the bridge node version -1 is overwritten by vlist_add while the new created bridge member pointer is freed in bridge_member_update Signed-off-by: Hans Dedecker --- bridge.c |6 +- 1 files changed, 5 insertions(+), 1 deletions(-) diff --git a/bridge.c b/bridge.c index 3edfeaa..5660480 100644 --- a/bridge.c +++ b/bridge.c @@ -344,7 +344,11 @@ bridge_create_member(struct bridge_state *bst, struct device *dev, bool hotplug) strcpy(bm->name, dev->ifname); bm->dev.dev = dev; vlist_add(&bst->members, &bm->node, bm->name); - if (hotplug) + // Need to look up the bridge member again as the above + // created pointer will be freed in case the bridge member + // already existed + bm = vlist_find(&bst->members, dev->ifname, bm, node); + if (hotplug && bm) bm->node.version = -1; return bm; -- 1.7.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] Fix sysntpd to use multiple servers.
Hi. Can you elaborate on this fix? The current implementation works fine here as well and I cannot spot a functional difference with your change. ~ Jow signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 1/3] Made several parts of gnutls configurable and updated to 3.2.14.
---
libs/gnutls/Config.in | 33 +++
libs/gnutls/Makefile | 62 ++-
2 files changed, 89 insertions(+), 6 deletions(-)
create mode 100644 libs/gnutls/Config.in
diff --git a/libs/gnutls/Config.in b/libs/gnutls/Config.in
new file mode 100644
index 000..550565d
--- /dev/null
+++ b/libs/gnutls/Config.in
@@ -0,0 +1,33 @@
+# gnutls avanced configuration
+
+menu "Configuration"
+ depends on PACKAGE_libgnutls
+
+config GNUTLS_DTLS_SRTP
+ bool "enable DTLS SRTP support"
+
+config GNUTLS_ALPN
+ bool "enable ALPN support"
+
+config GNUTLS_OCSP
+ bool "enable ocsp support"
+
+config GNUTLS_CRYPTODEV
+ bool "enable /dev/crypto support"
+
+config GNUTLS_HEARTBEAT
+ bool "enable DTLS heartbeat support"
+
+config GNUTLS_OPENPGP
+ bool "enable OPENPGP authentication support"
+
+config GNUTLS_SRP
+ bool "enable SRP authentication support"
+
+config GNUTLS_PSK
+ bool "enable PSK authentication support"
+
+config GNUTLS_ANON
+ bool "enable anonymous authentication support"
+
+endmenu
diff --git a/libs/gnutls/Makefile b/libs/gnutls/Makefile
index 349e492..c2a010a 100644
--- a/libs/gnutls/Makefile
+++ b/libs/gnutls/Makefile
@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=gnutls
-PKG_VERSION:=3.2.13
+PKG_VERSION:=3.2.14
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2
-PKG_MD5SUM:=300e5f413054e2f4719c1c3b5179a611
+PKG_MD5SUM:=807bbf14a5b6c81a9249fffab5c3982b
PKG_MAINTAINER:=Nikos Mavrogiannopoulos
PKG_INSTALL:=1
@@ -21,6 +21,7 @@ PKG_LIBTOOL_PATHS:=. lib
include $(INCLUDE_DIR)/package.mk
+
define Package/gnutls/Default
SUBMENU:=SSL
SECTION:=libs
@@ -67,6 +68,9 @@ $(call Package/gnutls/Default/description)
and srptool utilities.
endef
+define Package/libgnutls/config
+ source "$(SOURCE)/Config.in"
+endef
define Package/libgnutls
$(call Package/gnutls/Default)
@@ -94,7 +98,6 @@ endef
CONFIGURE_ARGS+= \
--enable-shared \
--enable-static \
- --disable-openpgp-authentication \
--disable-libdane \
--disable-guile \
--disable-nls \
@@ -105,8 +108,43 @@ CONFIGURE_ARGS+= \
--disable-tests \
--disable-rsa-export \
--disable-crywrap \
- --without-p11-kit \
- --disable-hardware-acceleration
+ --without-p11-kit
+
+ifneq ($(CONFIG_GNUTLS_DTLS_SRTP),y)
+CONFIGURE_ARGS += --disable-dtls-srtp-support
+endif
+
+ifneq ($(CONFIG_GNUTLS_ALPN),y)
+CONFIGURE_ARGS += --disable-alpn-support
+endif
+
+ifneq ($(CONFIG_GNUTLS_HEARTBEAT),y)
+CONFIGURE_ARGS += --disable-heartbeat-support
+endif
+
+ifneq ($(CONFIG_GNUTLS_SRP),y)
+CONFIGURE_ARGS += --disable-srp-authentication
+endif
+
+ifneq ($(CONFIG_GNUTLS_PSK),y)
+CONFIGURE_ARGS += --disable-psk-authentication
+endif
+
+ifneq ($(CONFIG_GNUTLS_OPENPGP),y)
+CONFIGURE_ARGS += --disable-openpgp-authentication
+endif
+
+ifneq ($(CONFIG_GNUTLS_ANON),y)
+CONFIGURE_ARGS += --disable-anon-authentication
+endif
+
+ifneq ($(CONFIG_GNUTLS_OCSP),y)
+CONFIGURE_ARGS += --disable-ocsp
+endif
+
+ifeq ($(CONFIG_GNUTLS_CRYPTODEV),y)
+CONFIGURE_ARGS += --enable-cryptodev
+endif
# XXX: AM_CFLAGS duplicates with CFLAGS
MAKE_FLAGS:= \
@@ -150,10 +188,22 @@ define Package/gnutls-utils/install
$(INSTALL_DIR) $(1)/usr/bin
$(CP) \
$(PKG_INSTALL_DIR)/usr/bin/gnutls-{cli,serv} \
- $(PKG_INSTALL_DIR)/usr/bin/psktool \
+ $(1)/usr/bin/
+ifeq ($(CONFIG_GNUTLS_OCSP),y)
+ $(CP) \
$(PKG_INSTALL_DIR)/usr/bin/ocsptool \
+ $(1)/usr/bin/
+endif
+ifeq ($(CONFIG_GNUTLS_SRP),y)
+ $(CP) \
$(PKG_INSTALL_DIR)/usr/bin/srptool \
$(1)/usr/bin/
+endif
+ifeq ($(CONFIG_GNUTLS_PSK),y)
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/bin/psktool \
+ $(1)/usr/bin/
+endif
endef
--
1.9.2
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 3/3] Allow gnutls to be compiled using nettle-mini.
--- libs/gnutls/Makefile | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/libs/gnutls/Makefile b/libs/gnutls/Makefile index c2a010a..997532b 100644 --- a/libs/gnutls/Makefile +++ b/libs/gnutls/Makefile @@ -75,7 +75,7 @@ endef define Package/libgnutls $(call Package/gnutls/Default) TITLE+= (library) - DEPENDS+= +libnettle + DEPENDS+= +libnettle +!LIBNETTLE_MINI:libgmp endef define Package/libgnutls/description @@ -110,6 +110,10 @@ CONFIGURE_ARGS+= \ --disable-crywrap \ --without-p11-kit +ifeq ($(CONFIG_LIBNETTLE_MINI),y) +CONFIGURE_ARGS += --with-nettle-mini +endif + ifneq ($(CONFIG_GNUTLS_DTLS_SRTP),y) CONFIGURE_ARGS += --disable-dtls-srtp-support endif -- 1.9.2 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 1/3] Made several parts of gnutls configurable and updated to 3.2.14.
Hi Nikos,
2014-05-07 14:32 GMT-07:00 Nikos Mavrogiannopoulos :
Could you resubmit these patches with your Signed-off-by tag? They
look good otherwise, thank you!
>
> ---
> libs/gnutls/Config.in | 33 +++
> libs/gnutls/Makefile | 62
> ++-
> 2 files changed, 89 insertions(+), 6 deletions(-)
> create mode 100644 libs/gnutls/Config.in
>
> diff --git a/libs/gnutls/Config.in b/libs/gnutls/Config.in
> new file mode 100644
> index 000..550565d
> --- /dev/null
> +++ b/libs/gnutls/Config.in
> @@ -0,0 +1,33 @@
> +# gnutls avanced configuration
> +
> +menu "Configuration"
> + depends on PACKAGE_libgnutls
> +
> +config GNUTLS_DTLS_SRTP
> + bool "enable DTLS SRTP support"
> +
> +config GNUTLS_ALPN
> + bool "enable ALPN support"
> +
> +config GNUTLS_OCSP
> + bool "enable ocsp support"
> +
> +config GNUTLS_CRYPTODEV
> + bool "enable /dev/crypto support"
> +
> +config GNUTLS_HEARTBEAT
> + bool "enable DTLS heartbeat support"
> +
> +config GNUTLS_OPENPGP
> + bool "enable OPENPGP authentication support"
> +
> +config GNUTLS_SRP
> + bool "enable SRP authentication support"
> +
> +config GNUTLS_PSK
> + bool "enable PSK authentication support"
> +
> +config GNUTLS_ANON
> + bool "enable anonymous authentication support"
> +
> +endmenu
> diff --git a/libs/gnutls/Makefile b/libs/gnutls/Makefile
> index 349e492..c2a010a 100644
> --- a/libs/gnutls/Makefile
> +++ b/libs/gnutls/Makefile
> @@ -8,12 +8,12 @@
> include $(TOPDIR)/rules.mk
>
> PKG_NAME:=gnutls
> -PKG_VERSION:=3.2.13
> +PKG_VERSION:=3.2.14
> PKG_RELEASE:=1
>
> PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
> PKG_SOURCE_URL:=ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2
> -PKG_MD5SUM:=300e5f413054e2f4719c1c3b5179a611
> +PKG_MD5SUM:=807bbf14a5b6c81a9249fffab5c3982b
> PKG_MAINTAINER:=Nikos Mavrogiannopoulos
>
> PKG_INSTALL:=1
> @@ -21,6 +21,7 @@ PKG_LIBTOOL_PATHS:=. lib
>
> include $(INCLUDE_DIR)/package.mk
>
> +
> define Package/gnutls/Default
>SUBMENU:=SSL
>SECTION:=libs
> @@ -67,6 +68,9 @@ $(call Package/gnutls/Default/description)
> and srptool utilities.
> endef
>
> +define Package/libgnutls/config
> + source "$(SOURCE)/Config.in"
> +endef
>
> define Package/libgnutls
> $(call Package/gnutls/Default)
> @@ -94,7 +98,6 @@ endef
> CONFIGURE_ARGS+= \
> --enable-shared \
> --enable-static \
> - --disable-openpgp-authentication \
> --disable-libdane \
> --disable-guile \
> --disable-nls \
> @@ -105,8 +108,43 @@ CONFIGURE_ARGS+= \
> --disable-tests \
> --disable-rsa-export \
> --disable-crywrap \
> - --without-p11-kit \
> - --disable-hardware-acceleration
> + --without-p11-kit
> +
> +ifneq ($(CONFIG_GNUTLS_DTLS_SRTP),y)
> +CONFIGURE_ARGS += --disable-dtls-srtp-support
> +endif
> +
> +ifneq ($(CONFIG_GNUTLS_ALPN),y)
> +CONFIGURE_ARGS += --disable-alpn-support
> +endif
> +
> +ifneq ($(CONFIG_GNUTLS_HEARTBEAT),y)
> +CONFIGURE_ARGS += --disable-heartbeat-support
> +endif
> +
> +ifneq ($(CONFIG_GNUTLS_SRP),y)
> +CONFIGURE_ARGS += --disable-srp-authentication
> +endif
> +
> +ifneq ($(CONFIG_GNUTLS_PSK),y)
> +CONFIGURE_ARGS += --disable-psk-authentication
> +endif
> +
> +ifneq ($(CONFIG_GNUTLS_OPENPGP),y)
> +CONFIGURE_ARGS += --disable-openpgp-authentication
> +endif
> +
> +ifneq ($(CONFIG_GNUTLS_ANON),y)
> +CONFIGURE_ARGS += --disable-anon-authentication
> +endif
> +
> +ifneq ($(CONFIG_GNUTLS_OCSP),y)
> +CONFIGURE_ARGS += --disable-ocsp
> +endif
> +
> +ifeq ($(CONFIG_GNUTLS_CRYPTODEV),y)
> +CONFIGURE_ARGS += --enable-cryptodev
> +endif
>
> # XXX: AM_CFLAGS duplicates with CFLAGS
> MAKE_FLAGS:= \
> @@ -150,10 +188,22 @@ define Package/gnutls-utils/install
> $(INSTALL_DIR) $(1)/usr/bin
> $(CP) \
> $(PKG_INSTALL_DIR)/usr/bin/gnutls-{cli,serv} \
> - $(PKG_INSTALL_DIR)/usr/bin/psktool \
> + $(1)/usr/bin/
> +ifeq ($(CONFIG_GNUTLS_OCSP),y)
> + $(CP) \
> $(PKG_INSTALL_DIR)/usr/bin/ocsptool \
> + $(1)/usr/bin/
> +endif
> +ifeq ($(CONFIG_GNUTLS_SRP),y)
> + $(CP) \
> $(PKG_INSTALL_DIR)/usr/bin/srptool \
> $(1)/usr/bin/
> +endif
> +ifeq ($(CONFIG_GNUTLS_PSK),y)
> + $(CP) \
> + $(PKG_INSTALL_DIR)/usr/bin/psktool \
> + $(1)/usr/bin/
> +endif
> endef
>
>
> --
> 1.9.2
> ___
> openwrt-devel mailing list
> openwrt-devel@lists.openwrt.org
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
--
Florian
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] Fix sysntpd to use multiple servers.
On Wed, May 07, 2014 at 04:28:00PM +0200, Jo-Philipp Wich wrote: > Hi. > > Can you elaborate on this fix? > > The current implementation works fine here as well and I cannot spot a > functional difference with your change. > > ~ Jow It adds a -p before each server specification. If run with -d you can see that the remaining servers arent considered without -p, only the first. -- Ben Kibbey ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 1/3] Made several parts of gnutls configurable and updated to 3.2.14.
Signed-off-by: Nikos Mavrogiannopoulos
---
libs/gnutls/Config.in | 33 +++
libs/gnutls/Makefile | 62 ++-
2 files changed, 89 insertions(+), 6 deletions(-)
create mode 100644 libs/gnutls/Config.in
diff --git a/libs/gnutls/Config.in b/libs/gnutls/Config.in
new file mode 100644
index 000..550565d
--- /dev/null
+++ b/libs/gnutls/Config.in
@@ -0,0 +1,33 @@
+# gnutls avanced configuration
+
+menu "Configuration"
+ depends on PACKAGE_libgnutls
+
+config GNUTLS_DTLS_SRTP
+ bool "enable DTLS SRTP support"
+
+config GNUTLS_ALPN
+ bool "enable ALPN support"
+
+config GNUTLS_OCSP
+ bool "enable ocsp support"
+
+config GNUTLS_CRYPTODEV
+ bool "enable /dev/crypto support"
+
+config GNUTLS_HEARTBEAT
+ bool "enable DTLS heartbeat support"
+
+config GNUTLS_OPENPGP
+ bool "enable OPENPGP authentication support"
+
+config GNUTLS_SRP
+ bool "enable SRP authentication support"
+
+config GNUTLS_PSK
+ bool "enable PSK authentication support"
+
+config GNUTLS_ANON
+ bool "enable anonymous authentication support"
+
+endmenu
diff --git a/libs/gnutls/Makefile b/libs/gnutls/Makefile
index 349e492..c2a010a 100644
--- a/libs/gnutls/Makefile
+++ b/libs/gnutls/Makefile
@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=gnutls
-PKG_VERSION:=3.2.13
+PKG_VERSION:=3.2.14
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2
-PKG_MD5SUM:=300e5f413054e2f4719c1c3b5179a611
+PKG_MD5SUM:=807bbf14a5b6c81a9249fffab5c3982b
PKG_MAINTAINER:=Nikos Mavrogiannopoulos
PKG_INSTALL:=1
@@ -21,6 +21,7 @@ PKG_LIBTOOL_PATHS:=. lib
include $(INCLUDE_DIR)/package.mk
+
define Package/gnutls/Default
SUBMENU:=SSL
SECTION:=libs
@@ -67,6 +68,9 @@ $(call Package/gnutls/Default/description)
and srptool utilities.
endef
+define Package/libgnutls/config
+ source "$(SOURCE)/Config.in"
+endef
define Package/libgnutls
$(call Package/gnutls/Default)
@@ -94,7 +98,6 @@ endef
CONFIGURE_ARGS+= \
--enable-shared \
--enable-static \
- --disable-openpgp-authentication \
--disable-libdane \
--disable-guile \
--disable-nls \
@@ -105,8 +108,43 @@ CONFIGURE_ARGS+= \
--disable-tests \
--disable-rsa-export \
--disable-crywrap \
- --without-p11-kit \
- --disable-hardware-acceleration
+ --without-p11-kit
+
+ifneq ($(CONFIG_GNUTLS_DTLS_SRTP),y)
+CONFIGURE_ARGS += --disable-dtls-srtp-support
+endif
+
+ifneq ($(CONFIG_GNUTLS_ALPN),y)
+CONFIGURE_ARGS += --disable-alpn-support
+endif
+
+ifneq ($(CONFIG_GNUTLS_HEARTBEAT),y)
+CONFIGURE_ARGS += --disable-heartbeat-support
+endif
+
+ifneq ($(CONFIG_GNUTLS_SRP),y)
+CONFIGURE_ARGS += --disable-srp-authentication
+endif
+
+ifneq ($(CONFIG_GNUTLS_PSK),y)
+CONFIGURE_ARGS += --disable-psk-authentication
+endif
+
+ifneq ($(CONFIG_GNUTLS_OPENPGP),y)
+CONFIGURE_ARGS += --disable-openpgp-authentication
+endif
+
+ifneq ($(CONFIG_GNUTLS_ANON),y)
+CONFIGURE_ARGS += --disable-anon-authentication
+endif
+
+ifneq ($(CONFIG_GNUTLS_OCSP),y)
+CONFIGURE_ARGS += --disable-ocsp
+endif
+
+ifeq ($(CONFIG_GNUTLS_CRYPTODEV),y)
+CONFIGURE_ARGS += --enable-cryptodev
+endif
# XXX: AM_CFLAGS duplicates with CFLAGS
MAKE_FLAGS:= \
@@ -150,10 +188,22 @@ define Package/gnutls-utils/install
$(INSTALL_DIR) $(1)/usr/bin
$(CP) \
$(PKG_INSTALL_DIR)/usr/bin/gnutls-{cli,serv} \
- $(PKG_INSTALL_DIR)/usr/bin/psktool \
+ $(1)/usr/bin/
+ifeq ($(CONFIG_GNUTLS_OCSP),y)
+ $(CP) \
$(PKG_INSTALL_DIR)/usr/bin/ocsptool \
+ $(1)/usr/bin/
+endif
+ifeq ($(CONFIG_GNUTLS_SRP),y)
+ $(CP) \
$(PKG_INSTALL_DIR)/usr/bin/srptool \
$(1)/usr/bin/
+endif
+ifeq ($(CONFIG_GNUTLS_PSK),y)
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/bin/psktool \
+ $(1)/usr/bin/
+endif
endef
--
1.9.2
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 3/3] Allow gnutls to be compiled using nettle-mini.
Signed-off-by: Nikos Mavrogiannopoulos --- libs/gnutls/Makefile | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/libs/gnutls/Makefile b/libs/gnutls/Makefile index c2a010a..997532b 100644 --- a/libs/gnutls/Makefile +++ b/libs/gnutls/Makefile @@ -75,7 +75,7 @@ endef define Package/libgnutls $(call Package/gnutls/Default) TITLE+= (library) - DEPENDS+= +libnettle + DEPENDS+= +libnettle +!LIBNETTLE_MINI:libgmp endef define Package/libgnutls/description @@ -110,6 +110,10 @@ CONFIGURE_ARGS+= \ --disable-crywrap \ --without-p11-kit +ifeq ($(CONFIG_LIBNETTLE_MINI),y) +CONFIGURE_ARGS += --with-nettle-mini +endif + ifneq ($(CONFIG_GNUTLS_DTLS_SRTP),y) CONFIGURE_ARGS += --disable-dtls-srtp-support endif -- 1.9.2 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 1/3] Made several parts of gnutls configurable and updated to 3.2.14.
On Wed, 2014-05-07 at 14:44 -0700, Florian Fainelli wrote: > Could you resubmit these patches with your Signed-off-by tag? They > look good otherwise, thank you! Thanks for checking them. Just resubmitted. regards, Nikos ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 1/3] Made several parts of gnutls configurable and updated to 3.2.14.
2014-05-07 14:56 GMT-07:00 Nikos Mavrogiannopoulos : > > Signed-off-by: Nikos Mavrogiannopoulos Applied in r40721, had to disable cryptodev since it was missing a bunch of definitions to build. thanks! -- Florian ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 3/3] Allow gnutls to be compiled using nettle-mini.
2014-05-07 14:56 GMT-07:00 Nikos Mavrogiannopoulos : > > Signed-off-by: Nikos Mavrogiannopoulos Applied in r40723, thanks! -- Florian ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH v4] ppp: add new protocol PPPoSSH.
This patch adds protocol support for PPP over SSH. The protocol name is
'pppossh' with the following options.
- server, required, SSH server name.
- port, SSH server port.
- sshuser, required, SSH login username.
- identity, list of client private key files. ~/.ssh/id_{rsa,dsa} will
be used if no identity file was specified. At least one of them must
be valid key file for the public key authentication to proceed.
- ipaddr, local ip address to be assigned.
- peeraddr, peer ip address to be assigned.
- acceptunknown, accept the connection if the remote host key is
unknown. This option is only avaiable in dropbear client. OpenSSH
client must NOT use it.
- ssh_options, extra ssh client options.
Because the protocol script file ppp.sh will be called with $HOME set to
'/', we need to explicitly set it to the right value so that dropbear
client can read '~/known_hosts' correctly.
Signed-off-by: Yousong Zhou
---
v1 -> v2
- Use common option names as suggested by jow and nbd.
- Default to using ~/.ssh/id_{rsa,dsa} as the identity file.
- Set $HOME to correct value for the current user instead of unset it.
v2 -> v3
- Change type of acceptunknown to boolean.
- Squeeze multiple calls to proto_config_add_string to one.
v3 -> v4
- Use default identity files only when no explicit key files were
specified.
- Added a new option `ssh_options' which will be added as part of ssh
client options.
- Change the type of `port' option to int.
- Change the type of `identity` option to array type.
package/network/services/ppp/Makefile |2 +-
package/network/services/ppp/files/ppp.sh | 59 +
2 files changed, 60 insertions(+), 1 deletions(-)
diff --git a/package/network/services/ppp/Makefile
b/package/network/services/ppp/Makefile
index 9bf9616..a707985 100644
--- a/package/network/services/ppp/Makefile
+++ b/package/network/services/ppp/Makefile
@@ -10,7 +10,7 @@ include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=ppp
PKG_VERSION:=2.4.5
-PKG_RELEASE:=10
+PKG_RELEASE:=11
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.samba.org/pub/ppp/
diff --git a/package/network/services/ppp/files/ppp.sh
b/package/network/services/ppp/files/ppp.sh
index 8824409..735b7fb 100755
--- a/package/network/services/ppp/files/ppp.sh
+++ b/package/network/services/ppp/files/ppp.sh
@@ -206,10 +206,69 @@ proto_pptp_teardown() {
ppp_generic_teardown "$@"
}
+proto_pppossh_init_config() {
+ ppp_generic_init_config
+ proto_config_add_string server sshuser ipaddr peeraddr ssh_options
+ proto_config_add_string 'identity:list(string)'
+ proto_config_add_int port
+ proto_config_add_boolean acceptunknown
+ available=1
+ no_device=1
+}
+
+proto_pppossh_setup() {
+ local config="$1"
+ local iface="$2"
+ local user="$(id -nu)"
+ local home=$(sh -c "echo ~$user")
+ local ip serv_addr
+ local errmsg
+ local opts
+
+ json_get_vars port sshuser identity ipaddr peeraddr acceptunknown
ssh_options
+ json_get_var server server && {
+ for ip in $(resolveip -t 5 "$server"); do
+ ( proto_add_host_dependency "$config" "$ip" )
+ serv_addr=1
+ done
+ }
+ [ -n "$serv_addr" ] || errmsg="${errmsg}Could not resolve $server.\n"
+ [ -n "$sshuser" ] || errmsg="${errmsg}Missing sshuser option.\n"
+ [ -z "$identity" ] && identity="'$home/.ssh/id_rsa' '$home/.ssh/id_dsa'"
+ {
+ local fn
+ for fn in $identity; do
+ [ -f "$fn" ] && opts="$opts -i $fn"
+ done
+ [ -n "$opts" ] || errmsg="${errmsg}Cannot find valid identity
file.\n"
+ }
+ [ -n "$errmsg" ] && {
+ echo -ne "$errmsg"
+ sleep 5
+ proto_setup_failed "$config"
+ exit 1
+ }
+ [ "$acceptunknown" = "1" ] || acceptunknown=""
+ opts="$opts ${port:+-p $port}"
+ opts="$opts ${acceptunknown:+-y}"
+ opts="$opts ${ssh_options}"
+ opts="$opts $sshuser@$server"
+ pty="env 'HOME=$home' /usr/bin/ssh $opts pppd nodetach notty noauth"
+ ippair="$ipaddr:$peeraddr"
+
+ ppp_generic_setup "$config" \
+ noauth pty "$pty" "$ippair"
+}
+
+proto_pppossh_teardown() {
+ ppp_generic_teardown "$@"
+}
+
[ -n "$INCLUDE_ONLY" ] || {
add_protocol ppp
[ -f /usr/lib/pppd/*/rp-pppoe.so ] && add_protocol pppoe
[ -f /usr/lib/pppd/*/pppoatm.so ] && add_protocol pppoa
[ -f /usr/lib/pppd/*/pptp.so ] && add_protocol pptp
+ [ -x /usr/bin/ssh ] && add_protocol pppossh
}
--
1.7.2.5
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] Fix sysntpd to use multiple servers.
On Wed, May 7, 2014 at 5:46 PM, Ben Kibbey wrote: > On Wed, May 07, 2014 at 04:28:00PM +0200, Jo-Philipp Wich wrote: > > Hi. > > > > Can you elaborate on this fix? > > > > The current implementation works fine here as well and I cannot spot a > > functional difference with your change. > > > > ~ Jow > > It adds a -p before each server specification. If run with -d you can > see that the remaining servers arent considered without -p, only the > first. Uhh? ~/projects/openwrt $ grep -C2 peer package/utils/busybox/files/sysntpd procd_set_param command "$PROG" -n [ "$enable_server" = "1" ] && procd_append_param command -l for peer in $server; do procd_append_param command -p $peer done procd_set_param respawn root@OpenWrt:~# ps w|grep ntp 420 root 1352 Sgrep ntp 2110 root 1364 S/usr/sbin/ntpd -n -l -p tock.usask.ca -p tock.utoronto.ca -p tick.usask.ca -p clock.uregina.ca ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
