wgsd (WireGuard Service Discovery plugin) pulls in
golang.zx2c4.com/wireguard/wgctrl -> mdlayher/genetlink v1.2.0 ->
mdlayher/netlink v1.6.2. This version of netlink calls
mdlayher/socket's Sendmsg/Recvmsg with the old API signatures
(pre-context.Context, single-return-value Sendmsg), but coredns
itself requires mdlayher/socket v0.5.1 which changed these
signatures to include context.Context and return (int, error).
Add a go get step that upgrades netlink to v1.7.2 after the wgsd
plugin dependencies are pulled in, ensuring the build uses a
netlink version compatible with socket v0.5.x.
Should fix:
https://downloads.openwrt.org/snapshots/faillogs/i386_pentium-mmx/packages/coredns/compile.txt
```
../../../../../dl/go-mod-cache/github.com/mdlayher/netlink@v1.6.2/conn_linux.go:105:9: too many return values
have (int, error)
want (error)
../../../../../dl/go-mod-cache/github.com/mdlayher/netlink@v1.6.2/conn_linux.go:105:35: not enough arguments in call to c.s.Sendmsg
have ([]byte, nil, *"golang.org/x/sys/unix".SockaddrNetlink, number)
want (context.Context, []byte, []byte, "golang.org/x/sys/unix".Sockaddr, int)
../../../../../dl/go-mod-cache/github.com/mdlayher/netlink@v1.6.2/conn_linux.go:116:9: too many return values
have (int, error)
want (error)
../../../../../dl/go-mod-cache/github.com/mdlayher/netlink@v1.6.2/conn_linux.go:116:33: not enough arguments in call to c.s.Sendmsg
have ([]byte, nil, *"golang.org/x/sys/unix".SockaddrNetlink, number)
want (context.Context, []byte, []byte, "golang.org/x/sys/unix".Sockaddr, int)
../../../../../dl/go-mod-cache/github.com/mdlayher/netlink@v1.6.2/conn_linux.go:127:42: not enough arguments in call to c.s.Recvmsg
have ([]byte, nil, number)
want (context.Context, []byte, []byte, int)
../../../../../dl/go-mod-cache/github.com/mdlayher/netlink@v1.6.2/conn_linux.go:142:41: not enough arguments in call to c.s.Recvmsg
have ([]byte, nil, number)
want (context.Context, []byte, []byte, int)
github.com/aws/aws-sdk-go-v2/aws/protocol/query
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding
github.com/aws/smithy-go/private/requestcompression
```
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
The prosody.im upstream updated the 0.12.4 tarball in-place, changing
its content without bumping the version. Update PKG_HASH to match the
currently published tarball.
Fixes: f4d305b73 ("prosody: update to 0.12.4")
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Update config for vrrp_script in keepalived.config.
Add option name, direction and timeout in config.
Add some docs for option weight and option direction.
Signed-off-by: Rishabh <rishabhshah2005@gmail.com>
Update keepalived.config to add config for section peer.
`peer` is a section that can be used via 'list unicast_peer'
Signed-off-by: Rishabh <rishabhshah2005@gmail.com>
Add option timeout in vrrp_script section.
This option specifies the timeout duration for script execution.
Signed-off-by: Rishabh <rishabhshah2005@gmail.com>
`track_script` and `vrrp_script` are both sections that run custom scripts
which handle priority of a vrrp_instance.
`track_script` is not supported by this uci implementation
`vrrp_instance` was still trying to fetch config for track_script from section
'track_script'.
After the changes, when listing track_script in vrrp_instance,
it tries to fetch config from section `vrrp_script` which is supported.
Signed-off-by: Rishabh <rishabhshah2005@gmail.com>
Add logic to parse track_script section for vrrp_sync_group.
Keepalived supports script tracking in vrrp_sync_group but this was not
implemented by the uci implementation.
Note that if a vrrp_script is added to a sync group, you cannot use
priority/weight for that script as a vrrp_sync_group does not have a
priority/weight attached to it. It will do up/down as whole.
This option is optional and wouldn't affect any older configurations
during upgrade.
Signed-off-by: Rishabh <rishabhshah2005@gmail.com>
Added options min_ttl and max_ttl in section peer. These options are
supported by keepalived but were not supported by the uci implementation.
This allows accepting packets within a specific TTL range.
These options are optional and wouldn't affect any older configurations
during upgrade.
Signed-off-by: Rishabh <rishabhshah2005@gmail.com>
Removed unnecessary option value. This was not needed as option name is
already being used. Also removed a condition where the section was not
parsed if option value was not given. Value was being used to name the
script. Now the option name is used as the name when the script is called
in track_script.
Also added a condition where the section is not parsed if
option name is not given. This is because the script cannot be called if
it does not have a name.
No upgrade script is required.
The removed `value` option in `vrrp_script` was previously used to
identify scripts referenced by `track_script`. However, this mechanism
was non-functional:
- `track_script` attempted to reference a `track_script` section, which
is not implemented in the UCI configuration.
- As a result, script references were not resolved correctly even if
`value` was defined.
With this change, `track_script` now correctly references the
`vrrp_script` section, and the `name` option is used as the identifier.
Since the previous behavior was not working as intended, removing the
`value` option does not break any valid existing configurations.
Signed-off-by: Rishabh <rishabhshah2005@gmail.com>
The new updated config_section_open and close functions are now used in places
where they can be used. The following sections use these functions:
(inside vrrp_instance)
- virtual_ipaddress
- virtual_routes
- track_script
- track_interface
- track_bfd
- unicast_peer
Signed-off-by: Rishabh <rishabhshah2005@gmail.com>
Add a parameter for indent in config_section_open and
config_section_close. Previously you had to separately add indents
while parsing if a section was inside another section.
Now this is supported by these two functions.
You can specify how much indent you need to add before opening or closing
a section.
Signed-off-by: Rishabh <rishabhshah2005@gmail.com>
Adjust the update error handling path to avoid hard failures on
recoverable errors. This allows ddns to retry updates after the
configured retry interval and improves reliability.
Signed-off-by: Tim Flubshi <flubshi@gmail.com>
Replace manual file loading via cat with json_load_file for parsing
JSON data. This uses the intended helper function and improves
code clarity and robustness.
Signed-off-by: Tim Flubshi <flubshi@gmail.com>
The netcup ddns update script fails on subsequent runs because a
readonly variable is assigned again. Fix this by removing the readonly
declaration to allow repeated execution.
Signed-off-by: Tim Flubshi <flubshi@gmail.com>
Prompted by
https://github.com/openwrt/luci/pull/8420#issuecomment-4071252681
we update upsmon configs to ensure they are correct according to
upstream. We reorder the options so that they match upstream
documentation at
<https://networkupstools.org/docs/man/upsmon.conf.html> to be sure
we have not missed any items.
While at it, we add configuration options from the upstream
documentation that are not currently present in the UCI configs.
Some years ago upstream changed the names the primary/secondary
UPS system/monitor from master/slave to primary/secondary. It
is uncertain how much longer these deprecated names will be
accepted by NUT.
Therefore update naming to match upstream documentation and
configuration. See
<https://networkupstools.org/docs/man/upsmon.html>,
<https://networkupstools.org/docs/man/upsmon.conf.html>, and
<https://networkupstools.org/docs/man/upsd.users.html>.
At the same time, prompted by
https://github.com/openwrt/packages/pull/28875#issuecomment-4079307540
we simplify the configuration and add checks to avoid bad configs
due to misspellings/typos of configuation options by users.
A sample config
config upsmon 'upsmon'
option notifycmd '/usr/bin/logger -t nut-monitor-exec '
config monitor
option type primary
option upsname upsname
option hostname localhost
option username upsuser
option password upspassword
config notifications 'ONLINE'
option message "UPS %s is on line power"
option flag "SYSLOG"
config notifications 'ONBATT'
option message "UPS %s is on battery power"
option flag "SYSLOG+EXEC"
In order to iterate through the notifications, we use named
'notifications' sections and compare the section name to list of
notification events defined by NUT. If they don't match, warn
during initscript startup.
Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
This is a follow-up revert. Since the underlying commit was reverted,
this one must be reverted too to avoid breakage. See commit e46654db2 for context.
This reverts commit f74183a239.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
The pyproject.toml for zope.event 6.1 specifies a strict build
dependency of setuptools>=78.1.1,<81. We currently package
setuptools>=81, causing pip to report a missing dependency and
fail the build.
Add patch 001-relax-setuptools-version.patch to drop the <81 upper
bound, allowing the package to build with any recent setuptools.
Add test.sh to verify the installed version and exercise the core
event API (subscribers list, notify(), event dispatch).
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Following the split of glib2, depend on the more fine-grained packages
to reduce the installed size. Gkrellmd only needs to depend on the core glib2
library, gmodule and gthread, and not on gobject or gio.
Signed-off-by: Peter Denison <openwrt@marshadder.org>
Existing package contains five libraries, some of which are > 1MB. Allow
packages which depend on only some of them to only pull in the ones they
need by splitting this package into finer-grained packages. Transition
can be done piecemeal as depending on glib2 will still pull in all the
libraries.
Signed-off-by: Peter Denison <openwrt@marshadder.org>
Update Makefile with the version
Remove LuaJIT fix patch - No longer needed
Add "ts-time-cb-signature" patch - Fixes build on various platforms
Signed-off-by: Amnon Paz <pazamnon@gmail.com>
This upstream release allows clean builds against linux 6.18. Fix LUA
PacketScript build on 6.18 by switching to ccflags-y and restoring the
required -isystem include path. Remove compat_xtables since the module
no longer exists in 3.30 and drop all dependent kmod references.
Fix CI build failure with backport:
600-xt_pknock-fox-do_div-signness-mismatch.patch
Note that upstream tarball changed from xz to zst.
Signed-off-by: John Audia <therealgraysky@proton.me>
ovpn-dco is currently incompatible with the SafeXcel EIP-197
cryptographic engine. Disable async until this is fixed.
Signed-off-by: Qingfang Deng <dqfext@gmail.com>
Maintainer: me
Compile tested: x86_64, Dell EMC Edge620, OpenWrt 25.12.1
Run tested: x86_64, Dell EMC Edge620, OpenWrt 25.12.1
Description:Add nftables notrack for localhost traffic
- Removed. License is now included in the main project.
net/https-dns-proxy/Makefile:
- Bumped PKG_RELEASE to 5.
net/https-dns-proxy/files/etc/config/https-dns-proxy:
- Added 'option notrack_dns '1'' to the default configuration.
net/https-dns-proxy/files/etc/init.d/https-dns-proxy:
- Defined NOTRACK_NFT_FILE constant.
- Added 'notrack_dns' and 'notrack_ports' variables.
- Implemented 'notrack_nft' function to manage nftables rules for notracking local DNS traffic.
- Enabled loading of 'notrack_dns' boolean from configuration.
- Modified start_instance to collect listen_port into notrack_ports if notrack_dns is enabled.
- Modified start_service to call notrack_nft update/remove based on notrack_dns and collected ports.
- Modified stop_service to call notrack_nft remove.
- Updated service_started and service_stopped to trigger firewall config changes when notrack_dns is enabled.
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Add --no-build-isolation to PYTHON_SETUP_ARGS. Without it, pip creates
an isolated build environment which fails during cross-compilation
because _sysconfigdata is missing for the target arch.
Add test.sh verifying python3-sepolgen module loads correctly and
selinux-audit2allow binary is functional.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Add HOST_PYTHON3_PIP_VARS and --no-build-isolation to MAKE_VARS.
Without --no-build-isolation, pip creates an isolated build environment
which fails during cross-compilation because _sysconfigdata is missing.
Aligns with python-selinux which already has this fix.
The libsemanage pywrap uses the host Python's EXT_SUFFIX to name the
C extension, so we will use the PYCEXT env-var to correct that.
Add basic test.sh to verify the semanage Python bindings load correctly
in environments without SELinux kernel support.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Add --no-build-isolation to PYTHON_SETUP_ARGS. Without it, pip creates
an isolated build environment which fails during cross-compilation
because _sysconfigdata is missing for the target arch.
Add test.sh with basic import and API sanity checks.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Alexandru Ardelean