Re: [LEDE-DEV] [PATCH v3] dnsmasq: manage resolv.conf if when listening on 127.0.0.1#53

2017-06-21 Thread Paul Oranje
You are absolutely right. Thanks, I post an update of the patch. Paul > Op 20 jun. 2017, om 16:41 heeft e9hack het volgende > geschreven: > > Am 18.06.2017 um 09:46 schrieb Paul Oranje: >> @@ -854,14 +895,15 @@ dnsmasq_start() >> config_get_bool cachelocal "$cfg" cachelocal 1 >> >>

[LEDE-DEV] [PATCH v4] dnsmasq: manage resolv.conf iff when listening on 127.0.0.1#53

2017-06-21 Thread Paul Oranje
With this patch the dnsmasq init script manages resolv.conf if and only if when dnsmasq will listen on 127.0.0.1#53 (is main resolver instance). Also adds ::1 to the resolver file. For unbound a likewise patch exists (PR#4454). Fixes (combined with the unbound PR) FS#785 Signed-off-by: Paul Oranj

[LEDE-DEV] [PATCH] mbedtls: update to 2.5.1

2017-06-21 Thread Magnus Kroken
Fixes some security issues (no remote exploits), and introduces some changes. See release notes for details: https://tls.mbed.org/tech-updates/releases/mbedtls-2.5.1-2.1.8-and-1.3.20-released * Fixes an unlimited overread of heap-based buffers in mbedtls_ssl_read() * Adds exponent blinding to RSA

[LEDE-DEV] [PATCH] openvpn: update to 2.4.3

2017-06-21 Thread Magnus Kroken
Fixes for security and other issues. See security announcement for more details: https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243 * Remotely-triggerable ASSERT() on malformed IPv6 packet (CVE-2017-7508) * Pre-authentication remote crash/information disclosure for clients

[LEDE-DEV] dns setup problem

2017-06-21 Thread e9hack
Hi, the dns setup for dnsmasq does have a bug. If option resolvfile is used and its value isn't '/tmp/resolv.conf.auto', name resolution doesn't work. The given file is empty. A file '/tmp/resolv.conf.auto' is generated and contains the correct dns servers, but it isn't used by dnsmasq. This mak

[LEDE-DEV] [PATCH] uhttpd: fix PKG_BUILD_DEPENDS

2017-06-21 Thread Daniel Golle
uhttpd refered to ustream-ssl as PKG_BUILD_DEPENDS. While this intuitively seems like the correct thing to do, it turns out not to have the desired effect: PKG_BUILD_DEPENDS needs to list the resulting package name (ie. one of libustream-*) and not the source package name. This seems a bit ugly, as

Re: [LEDE-DEV] dns setup problem

2017-06-21 Thread Eric Luehrsen
On 06/21/2017 03:42 PM, e9hack wrote: > Hi, > > the dns setup for dnsmasq does have a bug. If option resolvfile is used and > its value isn't '/tmp/resolv.conf.auto', > name resolution doesn't work. The given file is empty. A file > '/tmp/resolv.conf.auto' is generated and contains the > correct