This update fixes incompatibility with python-msgpack 1.1.2.
Add missing dependency on python3-openssl and drop the optional
dependency on python-pyfuse3, which doesn't work with the current
version.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
* rework wlan scanning
- drop iw/ip - use ubus/iwinfo calls instead
- build a new, central wlan scan function (used in LuCI and during
* simplify uci config parsing
Signed-off-by: Dirk Brenken <dev@brenken.org>
Update modbus to version 3.1.12
https://github.com/stephane/libmodbus/releases/tag/v3.1.12
Fix FD_SET overflow when socket fd >= FD_SETSIZE.
Check dest pointer not null and nb in read functions.
NULL check for src and nb < 1 validation in write functions.
modbus_reply: don't compute address for FC 0x07/0x11.
Use O_NONBLOCK instead of deprecated O_NDELAY.
Explicit cast for Coverity CID 416366.
Document required buffer size of modbus_receive.
Document macros for error codes corresponding to Modbus exceptions.
Fix example of modbus_rtu_set_serial_mode.
Test filesystem provides symlink in autogen.sh.
Sync API signatures with the documentation.
Many documentation fixes and typo corrections.
Add coverage target and helper script.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Closes#28587
nginx: many module recursive dependencies
The solution turns out to be pretty trivial.
Replace the +nginx in the module DEPENDS.
This means the modules do not 'select' nginx, but the do 'depend on'
nginx. So nginx is required to install the modules.
This is the same approach taken with PHP8 and #28585 for Zabbix.
Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
records
Problem:
When using Cloudflare with proxy enabled (orange cloud), DNS lookups
return Cloudflare's edge IP instead of the actual origin IP registered
in the dashboard. This causes ddns-scripts to incorrectly detect IP
mismatches, triggering unnecessary updates and potential rate limiting.
Solution:
Add an optional 'use_api_check' configuration option that enables
provider scripts to fetch the registered IP directly via their API,
bypassing DNS lookups.
Changes:
- dynamic_dns_functions.sh: Add API check block to get_registered_ip()
(~25 lines). When use_api_check is enabled, sources the provider
script with GET_REGISTERED_IP=1 flag. Falls back to DNS lookup if
API check is disabled, unsupported, or fails.
- update_cloudflare_com_v4.sh: Add handler for GET_REGISTERED_IP mode
(~15 lines). Reuses existing cURL setup and authentication to query
Cloudflare API for actual record content.
- etc/config/ddns: Document use_api_check option
Behavior:
- use_api_check=0 or unset: DNS lookup (existing behavior, no changes)
- use_api_check=1 with API support: API query for registered IP
- use_api_check=1 without API support: Falls back to DNS lookup
- API failure: Gracefully falls back to DNS lookup
Testing:
- Cloudflare (proxied): Correctly retrieves origin IP via API
- Cloudflare (non-proxied): Works correctly
- No-IP: DNS lookup works (no regression)
- IPv4 and IPv6 records tested
- API failure gracefully falls back to DNS
Signed-off-by: Wayne King 244781262+bdk38@users.noreply.github.com
We aren't using packages with the same name as the provides, so don't
use an virtual (@) provides for providing zabbix-get
Signed-off-by: Daniel F. Dickinson <dfdpublic@wildtechgarden.ca>
Our triggering code was using the logical network name and
not the ifname as required.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Use specific SIM path instead of 'any' when unlocking with PIN
code. This fixes PIN unlock issues on devices with multiple modems
where 'any' could select the wrong modem.
Bump modemmanager PKG_RELEASE
Signed-off-by: micpf <micpf@westermo.com>
version 8.3.0 (February 2, 2026):
- Don't use `true` variable (Stanisław Pitucha <stan.pitucha@envato.com>)
- Add VPATH to Makefile.in (saproj <saproj@gmail.com>)
- FileUnopen: always return a valid file descriptor (Jeff Moyer <jmoyer@redhat.com>)
- fix SEGFAULT on early exit with IPv6 enabled (Bjørn Mork <bjorn@mork.no>)
- In AddrsMatch, keep copies of addrinfos to free. (Darren Tucker <dtucker@dtucker.net>)
- Increase buffer size for GSSAPI exchanges (Alexander Bokovoy <abokovoy@redhat.com>)
- Show "(inactive)" rather than an invalid pty device name for ondemand consoles that
are closed. Show "(inactive)" rather than "(null)" for ondemand consoles that have
never been opened. (Greg Becker <becker.greg@att.net>)
- Prevent spy-mode clients from being promoted to the attached/writable state. (Greg Becker <becker.greg@att.net>)
- autoconf upgrade (Jörg Sommer <joerg@jo-so.de>)
- reinitcheck allows time units (Jacek Tomasiak <jtomasiak@arista.com>)
- reduce level of string alloc management debug messages (Greg A. Woods <woods@robohack.ca>)
- fix bug with parser and "#" lines, fix debug output in ParseFile()
- Fix clobbering of breaklist and replstring (Anton Lundin <glance@ac2.se>)
- Use strcmp() rather than strcasecmp() to compare console names when reading the config
file and creating the list of consoles. (Greg Becker <becker.greg@att.net>)
- Added passwordfile config option (Jason Ni <jni@hudson-trading.com>)
Drop upstreamed patches:
002-addrsmatch-freeaddrinfo.patch
002-fix-SEGFAULT-on-early-exit-with-IPv6-enabled.patch
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Some of the X.509 API got retired in 3.0.0 so we should check
against the backward compatibility not being enabled.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
There were 2 missing "$" when options "maxsessions" and "optionsfile"
are checked for some content.
Also the local declaration of "optionsfile" was incorrect.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
For reasons that have not been investigated in detail, the package blocks
during 'postinst' with the new 'apk' backend when the package is installed
on the target.
After much back and forth, it turned out that the '/etc/init.d/ddns start'
command is responsible for this. The call is blocking.
The command '/etc/init.d/ddns enabled' in the 'postinst' also makes no sense
here, as it only checks whether the ddns service is enabled. The return value
is not checked at all. And the 'prerm' script is also not needed, as the
calls made there are implicitly called during package deinstallation.
Therefore, this commit removes the entire and not needed 'postinst' and
'prerm' script call.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This will activate owut in buildbot builds for targets with large flash
by default. This will integrate it into most images by default.
The buildbots already build LuCI with luci-app-attendedsysupgrade. This
adds ucode-mod-uclient and owut to the image.
These are the package sizes for mips_24kc:
29270 bin/packages/mips_24kc/packages/owut-2026.01.13~2526d84b-r1.apk
5449 bin/packages/mips_24kc/base/ucode-mod-uclient-2026.01.31~931bbfeb-r1.apk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
If you're building against 3.0.0 or later and you've defined
OPENSSL_NO_DEPRECATED, this breaks.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* Remote DNS Allow: this additional firewall feature lets selected client devices
temporarily bypass local DNS blocking and use an external, unfiltered DNS resolver.
* LuCI: new Firewall options for remote Access
* readme update
Signed-off-by: Dirk Brenken <dev@brenken.org>
