The quoting added in r18 for pinghosts is not needed. Multi-host support
remains fully functional, but the extra quotes caused inconsistent argument
handling between /etc/init.d/watchcat and /usr/bin/watchcat.sh,
especially for single-IP configurations.
This revert removes the unnecessary quoting in the init script and LUCI,
restoring consistent behavior while keeping multiple ping hosts supported.
Fixes: #28100 (watchcat: error if only one address is specified in pinghosts)
Signed-off-by: Ivan Diaz <diaz.it@icloud.com>
commit ea66e463cf added a new config
option LIBCURL_HTTP_AUTH to enable or disable HTTP_AUTH support in
cURL. It defaulted the option to n (disabled).
However, prior to this change HTTP_AUTH was enabled for cURL, as the
configure script defaults to HTTP_AUTH enabled when it is not
explicitly disabled.
This impacts any consumer of cURL that uses HTTP_AUTH, including
authentication by username and password in the URL. (Confirmed via
run testing).
So we set the default for the option to y (enabled).
Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
For zabbix-server-frontend, the absence of php8-mod-filter results in
many of the frontend's pages failing to render. Therefore add this
module as a frontend dependency.
Without php8-mod-openssl the frontend fails with:
[13-Dec-2025 18:47:25 UTC] PHP Fatal error: Uncaught Error: Call to
undefined function openssl_random_pseudo_bytes() in
/www/zabbix/include/classes/helpers/CEncryptHelper.php:89
Stack trace:
CEncryptHelper::generateKey()
thrown in /www/zabbix/include/classes/helpers/CEncryptHelper.php on
line 89
Therefore add php8-mod-openssl as a frontend dependency.
Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
Due to the incorrect DEPENDS configuration, the vim-full and vim-fuller
packages won't show up in menuconfig if the vim-runtime package is not
selected. This happens because these packages depend on vim-runtime.
To fix this, add the '+' symbol to the DEPENDS line. This ensures that
when either vim-full or vim-fuller is selected, the vim-runtime package
(which is a dependency) will also be selected automatically.
Fixes: d1351b3 ("vim: fix config and runtime")
Signed-off-by: TeleostNaCl Dai <teleostnacl@gmail.com>
nginx modules must not provide nginx which causes them to not be able
to be installed alongside nginx due to the new apk provide fixes.
Remove PROVIDES from modules.
Remove nginx-ssl from PROVIDES as there is no non-ssl variant, i.e. all
version provide ssl.
Set nginx-ssl as the default variant.
Remove non-existent config value.
Signed-off-by: George Sapkin <george@sapk.in>
- Update daemon to 2.3.9 to fix removal of nftables rules in
`upnp_forward` and return the correct internal port; also resulted in
the excessive opening of new ports. Accept interface names starting
with digits
- Build from GitHub releases to get a reliable HTTPS server, as the
HTTP-only/HTTPS mirror were only available ~85%/77% over 3 months
https://redirect.github.com/miniupnp/miniupnp/issues/770https://stats.uptimerobot.com/DwGDxUB914
- Build daemon with `--disable-pppconn` to remove the old/IGDv1-only
extra WANPPPConnection SSDP announcements workaround not included in
other implementations since >15y
- Build daemon with `--vendorcfg` to allow customisation of the
router/friendly name (+5 potential options) displayed in Windows
Explorer, 384 bytes extra required on ARMv7 (binary)
- Remove old (iptables variant only) patches, as no longer needed
- Remove `clean_ruleset_interval/threshold` UCI config options as not
standard/working since OpenWrt 22.03, as nftables not supported
Fixes: https://github.com/openwrt/openwrt/issues/18011
Fixes: https://github.com/openwrt/luci/issues/7759
Fixes: https://github.com/openwrt/packages/issues/26352
Signed-off-by: Self-Hosting-Group <selfhostinggroup-git+openwrt@shost.ing>
[update fixes tag]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Without it the build fails for me with:
/usr/lib/libltdl.so: file not recognized: file format not recognized
Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
tar depended both on xz and xz-utils which xz already depended on.
Coupled with if PACKAGE_tar check it caused all packages that depended
on tar to have a circular Kconfig dependency. Remove the check and
dependency on xz-utils and leave xz one only.
Move libzstd dependency into DEPENDS.
Fixes: ad82c17 ("tar: fix EXTRA_DEPENDS")
Fixes: https://github.com/openwrt/packages/issues/28141
Signed-off-by: George Sapkin <george@sapk.in>
A patch is included in order to get the compiler (csc) to work properly
on the target device (comment in the OpenWRT package Makefile). csc,
chicken-install, chicken-status have been verified to work. What the
patch does is to remove -fmacro-prefix-map and -ldl in the strings that
are passed to gcc when the Scheme compiler runs. Without that, the
compiler will not run on the router. A longer description is in the
patch header.
Co-authored-by: George Sapkin <george@sapk.in>
Signed-off-by: Jeronimo Pellegrini <j_p@aleph0.info>
Split library into a separate package and refactor Makefile.
Strip all executable binaries without stripping the library that's
used by the compiler.
Add SPDX license identifier.
Signed-off-by: George Sapkin <george@sapk.in>
Check csi version and check if csc can compile a simple s-expression.
Co-authored-by: George Sapkin <george@sapk.in>
Signed-off-by: Jeronimo Pellegrini <j_p@aleph0.info>
The Plasma Cloud PSX10 and Plasma Cloud PSX28 are officially supported by
upstream main. Install their default configuration files to be able to use
poemgr on these devices out of the box.
Signed-off-by: Sven Eckelmann <se@simonwunderlich.de>
EXTRA_DEPENDS should be used for version constraints. Change to DEPENDS.
Fixes: 6a559a9 ("chicken-scheme: version 5.2.0; include compiler")
Signed-off-by: George Sapkin <george@sapk.in>
EXTRA_DEPENDS should be used for version constraints. Change to DEPENDS.
Fixes: 488be84 ("utils/tar: Make compression, acl, and xattr support configuration options")
Fixes: 7a49296 ("utils/tar: Fix defaulting to selecting dependencies")
Signed-off-by: George Sapkin <george@sapk.in>
rlwrap is a 'readline wrapper', a small utility that uses the GNU
Readline library to allow the editing of keyboard input for any
command.
The input history is preserved even across different invocations,
history search and completion are supported
Co-authored-by: George Sapkin <george@sapk.in>
Signed-off-by: Jeronimo Pellegrini <j_p@aleph0.info>
This package is only used by `fail2ban`. After updating `fail2ban` to
`1.1.0` (2a202b2091), the `2to3` package
is no longer needed. If required, anyone can reintroduce the package.
Signed-off-by: Wesley Gimenes <wehagy@proton.me>
When PHP8_DOM is enabled then xmlreader automatically gains a
dependency to php8-mod-dom, not only when the dom module
is actually built.
So fix it by declaring this dependency.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Updates Zabbix to 7.0.21-r1 (latest 7.0 LTS version)
Note that for the frontend, clearing browser cache, cookies and other
site data for the zabbix frontend server may be necessary.
Security fixes compared to 7.0.12 (most are frontend only):
* CVE-2025-27238: API hostprototype.get lists data to users with
insufficient authorization https://support.zabbix.com/browse/ZBX-26988
* CVE-2025-27236: User information disclosure via api_jsonrpc.php on
method user.get with param search:
https://support.zabbix.com/browse/ZBX-27060
* CVE-2025-27231: LDAP 'Bind password' field value can be leaked by a
Zabbix Super Admin: https://support.zabbix.com/browse/ZBX-27062
* CVE-2025-49641: Insufficient permission check for the
problem.view.refresh action:
https://support.zabbix.com/browse/ZBX-27063
* CVE-2025-49643: Frontend DoS vulnerability due to asymmetric
resource consumption: https://support.zabbix.com/browse/ZBX-27284
Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
- Install shared runtime for both full and fuller.
- Switch big to huge as big is just an alias to normal.
- Fix default config path for tiny variant.
- Use upstream default config for both full and fuller.
- Don't mark default config files for backup.
- Don't mix variant files.
- Mark fuller variant config files for backup.
- Update configure arguments and remove deprecated ones.
- Remove deprecated configuration variables.
- Improve descriptions.
- Fix the following error by installing the missing runtime files for
full and correctly installing the default config for tiny:
E1187: Failed to source defaults.vim
- Fix the following fuller error by installing the missing directory in
runtime:
Error detected while processing /usr/share/vim/vim91/plugin/netrwPlugin.vim:
line 7:
E919: Directory not found in 'packpath': "pack/*/opt/netrw"
Fixes: https://github.com/openwrt/packages/issues/20203
Fixes: https://github.com/openwrt/packages/issues/28104
Signed-off-by: George Sapkin <george@sapk.in>
https://github.com/mikebrady/shairport-sync/blob/master/
CONFIGURATION%20FLAGS.md#cryptography states that only the OpenSSL
cryptography backend is suitable for Airplay 2.
Further investigation revealed that the pair_ap module within
shairport-sync, which is needed for Airplay 2, does not have an Mbed TLS
backend.
Accordingly, this commit enables Airplay 2 only for the OpenSSL build.
This has the nice side effect that for Airplay 1 the -mini or -mbedtls
versions can be used without pulling in 6 MB of ffmepg libs.
Signed-off-by: Christian Beier <info@christianbeier.net>
This reverts commit 65d83de7f8.
Seems to cause trouble at least in ipq806x/R7800, so let's revert
for cautionary reasons.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
To check if the update was successful.
Not all DDNS implementations have such huge latencies updating their services.
nsupdate for example, updates immediately and the update is immediately checkable.
Add new check_interval_min value to be able to set a check interval lower than the
previously hard-coded 5 minutes.
Fixes: #20564
Signed-off-by: Brian J. Murrell <brian@interlinx.bc.ca>
