Menu
▾
▴
astlinux-commits — Commits to the AstLinux SVN repository
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(6) |
Jul
(14) |
Aug
(156) |
Sep
(35) |
Oct
(48) |
Nov
(55) |
Dec
(16) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(24) |
Feb
(154) |
Mar
(139) |
Apr
(175) |
May
(87) |
Jun
(34) |
Jul
(42) |
Aug
(68) |
Sep
(41) |
Oct
(76) |
Nov
(77) |
Dec
(50) |
| 2008 |
Jan
(98) |
Feb
(43) |
Mar
(102) |
Apr
(27) |
May
(55) |
Jun
(13) |
Jul
(58) |
Aug
(62) |
Sep
(61) |
Oct
(43) |
Nov
(87) |
Dec
(134) |
| 2009 |
Jan
(175) |
Feb
(106) |
Mar
(58) |
Apr
(41) |
May
(74) |
Jun
(123) |
Jul
(252) |
Aug
(192) |
Sep
(69) |
Oct
(38) |
Nov
(117) |
Dec
(95) |
| 2010 |
Jan
(146) |
Feb
(76) |
Mar
(90) |
Apr
(60) |
May
(23) |
Jun
(19) |
Jul
(208) |
Aug
(140) |
Sep
(103) |
Oct
(114) |
Nov
(50) |
Dec
(47) |
| 2011 |
Jan
(59) |
Feb
(47) |
Mar
(61) |
Apr
(58) |
May
(41) |
Jun
(11) |
Jul
(17) |
Aug
(49) |
Sep
(34) |
Oct
(166) |
Nov
(38) |
Dec
(70) |
| 2012 |
Jan
(87) |
Feb
(37) |
Mar
(28) |
Apr
(25) |
May
(29) |
Jun
(30) |
Jul
(43) |
Aug
(27) |
Sep
(46) |
Oct
(27) |
Nov
(51) |
Dec
(70) |
| 2013 |
Jan
(92) |
Feb
(34) |
Mar
(58) |
Apr
(37) |
May
(46) |
Jun
(9) |
Jul
(38) |
Aug
(22) |
Sep
(28) |
Oct
(42) |
Nov
(44) |
Dec
(34) |
| 2014 |
Jan
(63) |
Feb
(39) |
Mar
(48) |
Apr
(31) |
May
(21) |
Jun
(43) |
Jul
(36) |
Aug
(69) |
Sep
(53) |
Oct
(56) |
Nov
(46) |
Dec
(49) |
| 2015 |
Jan
(63) |
Feb
(35) |
Mar
(30) |
Apr
(38) |
May
(27) |
Jun
(42) |
Jul
(42) |
Aug
(63) |
Sep
(18) |
Oct
(45) |
Nov
(65) |
Dec
(71) |
| 2016 |
Jan
(54) |
Feb
(79) |
Mar
(59) |
Apr
(38) |
May
(32) |
Jun
(46) |
Jul
(42) |
Aug
(30) |
Sep
(58) |
Oct
(33) |
Nov
(98) |
Dec
(59) |
| 2017 |
Jan
(79) |
Feb
(12) |
Mar
(43) |
Apr
(32) |
May
(76) |
Jun
(59) |
Jul
(44) |
Aug
(14) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <abe...@us...> - 2017-07-17 15:19:42
|
Revision: 8452
http://sourceforge.net/p/astlinux/code/8452
Author: abelbeck
Date: 2017-07-17 15:19:40 +0000 (Mon, 17 Jul 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-07-17 15:12:52 UTC (rev 8451)
+++ branches/1.0/docs/ChangeLog.txt 2017-07-17 15:19:40 UTC (rev 8452)
@@ -46,7 +46,7 @@
-- php, version bump to 5.6.31, security fixes.
--- libsodium, version bump to 1.0.12
+-- libsodium, version bump to 1.0.13
-- sqlite, version bump to 3.19.3
@@ -89,6 +89,8 @@
-- strongSwan, version bump to 5.5.3, security fixes: CVE-2017-9022, CVE-2017-9023
+-- stunnel, version bump to 5.42
+
-- dnscrypt-proxy, version bump to 1.9.5
-- openldap, version bump to 2.4.45
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-17 15:12:55
|
Revision: 8451
http://sourceforge.net/p/astlinux/code/8451
Author: abelbeck
Date: 2017-07-17 15:12:52 +0000 (Mon, 17 Jul 2017)
Log Message:
-----------
libsodium, version bump to 1.0.13
Modified Paths:
--------------
branches/1.0/package/libsodium/libsodium.mk
Modified: branches/1.0/package/libsodium/libsodium.mk
===================================================================
--- branches/1.0/package/libsodium/libsodium.mk 2017-07-17 14:53:18 UTC (rev 8450)
+++ branches/1.0/package/libsodium/libsodium.mk 2017-07-17 15:12:52 UTC (rev 8451)
@@ -3,7 +3,7 @@
# libsodium
#
#############################################################
-LIBSODIUM_VERSION = 1.0.12
+LIBSODIUM_VERSION = 1.0.13
LIBSODIUM_SOURCE = libsodium-$(LIBSODIUM_VERSION).tar.gz
LIBSODIUM_SITE = https://github.com/jedisct1/libsodium/releases/download/$(LIBSODIUM_VERSION)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-17 14:53:20
|
Revision: 8450
http://sourceforge.net/p/astlinux/code/8450
Author: abelbeck
Date: 2017-07-17 14:53:18 +0000 (Mon, 17 Jul 2017)
Log Message:
-----------
stunnel, version bump to 5.42, autoreconf of stunnel is now broken but our configure.ac patch is not needed since /dev/urandom is hard-coded in the source as a default entropy source
Modified Paths:
--------------
branches/1.0/package/stunnel/stunnel.mk
Removed Paths:
-------------
branches/1.0/package/stunnel/stunnel-configure.patch
Deleted: branches/1.0/package/stunnel/stunnel-configure.patch
===================================================================
--- branches/1.0/package/stunnel/stunnel-configure.patch 2017-07-17 12:32:06 UTC (rev 8449)
+++ branches/1.0/package/stunnel/stunnel-configure.patch 2017-07-17 14:53:18 UTC (rev 8450)
@@ -1,23 +0,0 @@
---- stunnel-5.01/configure.ac.orig 2014-04-11 10:43:39.000000000 -0500
-+++ stunnel-5.01/configure.ac 2014-04-11 10:49:05.000000000 -0500
-@@ -132,7 +132,8 @@
- AC_CHECK_FILE("/dev/ptc", AC_DEFINE([HAVE_DEV_PTS_AND_PTC], [1],
- [Define to 1 if you have '/dev/ptc' device.]))
- else
-- AC_MSG_WARN([cross-compilation: assuming /dev/ptmx and /dev/ptc are not available])
-+ AC_DEFINE([HAVE_DEV_PTMX], [1], [Define to 1 if you have '/dev/ptmx' device.])
-+ AC_MSG_WARN([cross-compilation: assuming /dev/ptmx is available])
- fi
-
- AC_MSG_NOTICE([**************************************** entropy sources])
-@@ -161,7 +162,9 @@
- AC_DEFINE_UNQUOTED([RANDOM_FILE], ["$RANDOM_FILE"], [Random file path])
- fi
- else
-- AC_MSG_WARN([cross-compilation: assuming entropy sources are not available])
-+ RANDOM_FILE="/dev/urandom"
-+ AC_DEFINE_UNQUOTED([RANDOM_FILE], ["$RANDOM_FILE"], [Random file path])
-+ AC_MSG_WARN([cross-compilation: assuming entropy source /dev/urandom is available])
- fi
-
- AC_MSG_NOTICE([**************************************** default group])
Modified: branches/1.0/package/stunnel/stunnel.mk
===================================================================
--- branches/1.0/package/stunnel/stunnel.mk 2017-07-17 12:32:06 UTC (rev 8449)
+++ branches/1.0/package/stunnel/stunnel.mk 2017-07-17 14:53:18 UTC (rev 8450)
@@ -4,14 +4,11 @@
#
#############################################################
-STUNNEL_VERSION = 5.40
+STUNNEL_VERSION = 5.42
STUNNEL_SITE = http://www.usenix.org.uk/mirrors/stunnel/archive/5.x
STUNNEL_DEPENDENCIES = openssl
-# We're patching configure.ac
-STUNNEL_AUTORECONF = YES
-
-STUNNEL_CONF_OPT += \
+STUNNEL_CONF_OPT = \
--with-ssl=$(STAGING_DIR)/usr \
--localstatedir=/var \
--disable-libwrap \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-17 12:32:08
|
Revision: 8449
http://sourceforge.net/p/astlinux/code/8449
Author: abelbeck
Date: 2017-07-17 12:32:06 +0000 (Mon, 17 Jul 2017)
Log Message:
-----------
expat, also add HOST build fix for version 2.2.2
Modified Paths:
--------------
branches/1.0/package/expat/expat.mk
Modified: branches/1.0/package/expat/expat.mk
===================================================================
--- branches/1.0/package/expat/expat.mk 2017-07-16 20:02:33 UTC (rev 8448)
+++ branches/1.0/package/expat/expat.mk 2017-07-17 12:32:06 UTC (rev 8449)
@@ -15,5 +15,9 @@
EXPAT_CONF_ENV = CFLAGS='$(TARGET_CFLAGS) -DXML_POOR_ENTROPY'
+HOST_EXPAT_DEPENDENCIES = host-pkg-config
+
+HOST_EXPAT_CONF_ENV = CFLAGS='$(HOST_CFLAGS) -DXML_POOR_ENTROPY'
+
$(eval $(call AUTOTARGETS,package,expat))
$(eval $(call AUTOTARGETS,package,expat,host))
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-16 20:02:35
|
Revision: 8448
http://sourceforge.net/p/astlinux/code/8448
Author: abelbeck
Date: 2017-07-16 20:02:33 +0000 (Sun, 16 Jul 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-07-16 19:59:33 UTC (rev 8447)
+++ branches/1.0/docs/ChangeLog.txt 2017-07-16 20:02:33 UTC (rev 8448)
@@ -146,7 +146,9 @@
-- Status tab, add optional "ACME Certificates" section, show via Prefs tab.
+-- System tab, add "english-nz" (New Zealand) sound language.
+
Additions for AstLinux 1.2.10:
=============================
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-16 19:59:36
|
Revision: 8447
http://sourceforge.net/p/astlinux/code/8447
Author: abelbeck
Date: 2017-07-16 19:59:33 +0000 (Sun, 16 Jul 2017)
Log Message:
-----------
web interface, System tab, Asterisk Sounds Packages, add support for core en_NZ (english-nz) sounds
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/system.php
Modified: branches/1.0/package/webinterface/altweb/admin/system.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/system.php 2017-07-16 13:26:12 UTC (rev 8446)
+++ branches/1.0/package/webinterface/altweb/admin/system.php 2017-07-16 19:59:33 UTC (rev 8447)
@@ -47,6 +47,7 @@
'en' => 'english',
'en_AU' => 'english-au',
'en_GB' => 'english-gb',
+ 'en_NZ' => 'english-nz',
'nl' => 'dutch',
'fr' => 'french',
'de' => 'german',
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-16 13:26:15
|
Revision: 8446
http://sourceforge.net/p/astlinux/code/8446
Author: abelbeck
Date: 2017-07-16 13:26:12 +0000 (Sun, 16 Jul 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-07-16 13:24:29 UTC (rev 8445)
+++ branches/1.0/docs/ChangeLog.txt 2017-07-16 13:26:12 UTC (rev 8446)
@@ -144,7 +144,9 @@
-- Network tab, add "ACME (Let's Encrypt) Certificate" section with topic help info.
More info: http://doc.astlinux-project.org/userdoc:tt_acme_certificates
+-- Status tab, add optional "ACME Certificates" section, show via Prefs tab.
+
Additions for AstLinux 1.2.10:
=============================
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-16 13:24:31
|
Revision: 8445
http://sourceforge.net/p/astlinux/code/8445
Author: abelbeck
Date: 2017-07-16 13:24:29 +0000 (Sun, 16 Jul 2017)
Log Message:
-----------
web interface, Status tab, add optional 'ACME Certificates' section, show via Prefs tab
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/prefs.php
branches/1.0/package/webinterface/altweb/common/status.inc
Modified: branches/1.0/package/webinterface/altweb/admin/prefs.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/prefs.php 2017-07-15 16:51:17 UTC (rev 8444)
+++ branches/1.0/package/webinterface/altweb/admin/prefs.php 2017-07-16 13:24:29 UTC (rev 8445)
@@ -21,6 +21,7 @@
// 12-16-2014, Added Show Monit Tab
// 08-12-2015, Added Show Fossil Tab
// 02-16-2017, Added Disable CLI Tab for "staff" user
+// 07-16-2017, Added Show ACME Certificates
//
$myself = $_SERVER['PHP_SELF'];
@@ -57,6 +58,10 @@
$value = 'status_show_wan_failover = no';
fwrite($fp, $value."\n");
}
+ if (isset($_POST['acme_certificates'])) {
+ $value = 'status_show_acme_certificates = yes';
+ fwrite($fp, $value."\n");
+ }
if (! isset($_POST['ntp_sessions'])) {
$value = 'status_ntp_sessions = no';
fwrite($fp, $value."\n");
@@ -592,6 +597,10 @@
putHtml('<input type="checkbox" value="wan_failover" name="wan_failover"'.$sel.' /></td><td colspan="5">Show WAN Failover Status</td></tr>');
putHtml('<tr class="dtrow1"><td style="text-align: right;">');
+ $sel = (getPREFdef($global_prefs, 'status_show_acme_certificates') === 'yes') ? ' checked="checked"' : '';
+ putHtml('<input type="checkbox" value="acme_certificates" name="acme_certificates"'.$sel.' /></td><td colspan="5">Show ACME Certificates</td></tr>');
+
+ putHtml('<tr class="dtrow1"><td style="text-align: right;">');
$sel = (getPREFdef($global_prefs, 'status_ntp_sessions') !== 'no') ? ' checked="checked"' : '';
putHtml('<input type="checkbox" value="ntp_sessions" name="ntp_sessions"'.$sel.' /></td><td colspan="5">Show NTP Time Sources</td></tr>');
putHtml('<tr class="dtrow1"><td style="text-align: right;">');
Modified: branches/1.0/package/webinterface/altweb/common/status.inc
===================================================================
--- branches/1.0/package/webinterface/altweb/common/status.inc 2017-07-15 16:51:17 UTC (rev 8444)
+++ branches/1.0/package/webinterface/altweb/common/status.inc 2017-07-16 13:24:29 UTC (rev 8445)
@@ -38,6 +38,7 @@
// 10-14-2016, Added Check for default admin password
// 12-01-2016, Added chronyc to replace ntpq
// 05-15-2017, Added IPv6 Prefixes/Address
+// 07-16-2017, Added ACME Certificates
//
// System location of OpenVPN Client logfile
$OVPNCLOGFILE = '/var/log/openvpnclient-status.log';
@@ -767,6 +768,21 @@
}
}
+if (is_dir('/mnt/kd/acme')) {
+ if (getPREFdef($global_prefs, 'status_show_acme_certificates') === 'yes') {
+ putHtml("<h2>ACME Certificates:</h2>");
+ putHtml("<pre>");
+
+ $output = array();
+ @exec('/usr/sbin/acme-client --list', $output);
+ foreach ($output as $line) {
+ putText(rtrim($line));
+ }
+ unset($output);
+ putHtml("</pre>");
+ }
+}
+
if ($daemon['chronyd'] > 0) {
if (getPREFdef($global_prefs, 'status_ntp_sessions') !== 'no') {
putHtml("<h2>NTP Time Sources:</h2>");
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-15 16:51:19
|
Revision: 8444
http://sourceforge.net/p/astlinux/code/8444
Author: abelbeck
Date: 2017-07-15 16:51:17 +0000 (Sat, 15 Jul 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-07-15 16:47:43 UTC (rev 8443)
+++ branches/1.0/docs/ChangeLog.txt 2017-07-15 16:51:17 UTC (rev 8444)
@@ -50,9 +50,9 @@
-- sqlite, version bump to 3.19.3
--- tiff, version bump to 4.0.8, security fixes: 13 CVE's
+-- tiff, version bump to 4.0.8, security fixes: 13 CVE's and CVE-2017-10688
--- expat, version bump to 2.2.1, security fixes: CVE-2016-9063, CVE-2017-9233
+-- expat, version bump to 2.2.2, security fixes: CVE-2016-9063, CVE-2017-9233
-- pcre, version bump to 8.41
@@ -121,7 +121,7 @@
** Asterisk
--- Asterisk 11.25.1 (no change) and 13.16.0 (version bump)
+-- Asterisk 11.25.1 (no change) and 13.17.0 (version bump)
-- DAHDI, dahdi-linux 2.10.2 (version bump) and dahdi-tools 2.10.2 (version bump)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-15 16:47:46
|
Revision: 8443
http://sourceforge.net/p/astlinux/code/8443
Author: abelbeck
Date: 2017-07-15 16:47:43 +0000 (Sat, 15 Jul 2017)
Log Message:
-----------
asterisk, version bump to 13.17.0
Modified Paths:
--------------
branches/1.0/package/asterisk/asterisk-13-configure-menuselect-cross-fix.patch
branches/1.0/package/asterisk/asterisk.mk
Added Paths:
-----------
branches/1.0/package/pjsip/pjsip-0070-Set-PJSIP_INV_SUPPORT_UPDATE-correctly-in-pjsip_inv_.patch
Removed Paths:
-------------
branches/1.0/package/asterisk/asterisk-13-configure-have-usable-eventfd.patch
branches/1.0/package/asterisk/asterisk-13-upstream-missing-ari-conf-crash.patch
Deleted: branches/1.0/package/asterisk/asterisk-13-configure-have-usable-eventfd.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-13-configure-have-usable-eventfd.patch 2017-07-15 16:05:11 UTC (rev 8442)
+++ branches/1.0/package/asterisk/asterisk-13-configure-have-usable-eventfd.patch 2017-07-15 16:47:43 UTC (rev 8443)
@@ -1,12 +0,0 @@
---- asterisk-13.16.0/configure.ac.orig 2017-06-07 11:56:41.261126679 -0500
-+++ asterisk-13.16.0/configure.ac 2017-06-07 12:01:48.732815227 -0500
-@@ -1104,7 +1104,8 @@
- [return eventfd(0, EFD_NONBLOCK | EFD_SEMAPHORE) == -1;])],
- AC_MSG_RESULT(yes)
- AC_DEFINE([HAVE_EVENTFD], 1, [Define to 1 if your system supports eventfd and the EFD_NONBLOCK and EFD_SEMAPHORE flags.]),
-- AC_MSG_RESULT(no)
-+ AC_MSG_RESULT(no),
-+ AC_MSG_RESULT(cross-compile)
- )
-
- AST_GCC_ATTRIBUTE(pure)
Modified: branches/1.0/package/asterisk/asterisk-13-configure-menuselect-cross-fix.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-13-configure-menuselect-cross-fix.patch 2017-07-15 16:05:11 UTC (rev 8442)
+++ branches/1.0/package/asterisk/asterisk-13-configure-menuselect-cross-fix.patch 2017-07-15 16:47:43 UTC (rev 8443)
@@ -1,6 +1,6 @@
--- asterisk-13/configure.ac.orig 2014-01-24 16:52:23.000000000 -0600
+++ asterisk-13/configure.ac 2014-01-24 16:55:14.000000000 -0600
-@@ -2659,11 +2659,13 @@
+@@ -2684,11 +2684,13 @@
AC_OUTPUT
${ac_cv_path_EGREP} 'CURSES|GTK2|OSARCH|NEWT' makeopts > makeopts.acbak2
Deleted: branches/1.0/package/asterisk/asterisk-13-upstream-missing-ari-conf-crash.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-13-upstream-missing-ari-conf-crash.patch 2017-07-15 16:05:11 UTC (rev 8442)
+++ branches/1.0/package/asterisk/asterisk-13-upstream-missing-ari-conf-crash.patch 2017-07-15 16:47:43 UTC (rev 8443)
@@ -1,295 +0,0 @@
-From: George Joseph <gj...@di...>
-Date: Tue, 13 Jun 2017 16:33:34 +0000 (-0600)
-Subject: res_ari: Add "module loaded" check to ari stubs
-X-Git-Url: http://git.asterisk.org/gitweb/?p=asterisk%2Fasterisk.git;a=commitdiff_plain;h=7901b9853e8f60e1d2dce44ce81dec6f7f866ccc
-
-res_ari: Add "module loaded" check to ari stubs
-
-The recent change to make the use of LOAD_DECLINE more consistent
-caused res_ari to unload itself before declining if the ari.conf
-file wasn't found. The ari stubs though still tried to use the
-configuration resulting in segfaults.
-
-This patch creates a new CHECK_ARI_MODULE_LOADED macro which tests
-to see if res_ari is actually loaded and causes the stubs to also
-decline if it isn't. The macro was then added to the mustache
-template's "load_module" function.
-
-ASTERISK-27026 #close
-Reported-by: Ronald Raikes
-
-Change-Id: I263d56efa628ee3c411bdcd16d49af6260c6c91d
----
-
-diff --git a/include/asterisk/ari.h b/include/asterisk/ari.h
-index cad9b32..f83df04 100644
---- a/include/asterisk/ari.h
-+++ b/include/asterisk/ari.h
-@@ -266,4 +266,14 @@ void ast_ari_response_created(struct ast_ari_response *response,
- */
- void ast_ari_response_alloc_failed(struct ast_ari_response *response);
-
-+/*! \brief Determines whether the res_ari module is loaded */
-+#define CHECK_ARI_MODULE_LOADED() \
-+ do { \
-+ if (!ast_module_check("res_ari.so") \
-+ || !ast_ari_oom_json()) { \
-+ return AST_MODULE_LOAD_DECLINE; \
-+ } \
-+ } while(0)
-+
-+
- #endif /* _ASTERISK_ARI_H */
-diff --git a/res/res_ari_applications.c b/res/res_ari_applications.c
-index cb12e84..290719d 100644
---- a/res/res_ari_applications.c
-+++ b/res/res_ari_applications.c
-@@ -502,6 +502,10 @@ static int unload_module(void)
- static int load_module(void)
- {
- int res = 0;
-+
-+ CHECK_ARI_MODULE_LOADED();
-+
-+
- stasis_app_ref();
- res |= ast_ari_add_handler(&applications);
- if (res) {
-diff --git a/res/res_ari_asterisk.c b/res/res_ari_asterisk.c
-index 1a574aa..73e4d0c 100644
---- a/res/res_ari_asterisk.c
-+++ b/res/res_ari_asterisk.c
-@@ -1223,6 +1223,10 @@ static int unload_module(void)
- static int load_module(void)
- {
- int res = 0;
-+
-+ CHECK_ARI_MODULE_LOADED();
-+
-+
- stasis_app_ref();
- res |= ast_ari_add_handler(&asterisk);
- if (res) {
-diff --git a/res/res_ari_bridges.c b/res/res_ari_bridges.c
-index 69d4d6e..b923330 100644
---- a/res/res_ari_bridges.c
-+++ b/res/res_ari_bridges.c
-@@ -1415,6 +1415,10 @@ static int unload_module(void)
- static int load_module(void)
- {
- int res = 0;
-+
-+ CHECK_ARI_MODULE_LOADED();
-+
-+
- stasis_app_ref();
- res |= ast_ari_add_handler(&bridges);
- if (res) {
-diff --git a/res/res_ari_channels.c b/res/res_ari_channels.c
-index f59f206..6217679 100644
---- a/res/res_ari_channels.c
-+++ b/res/res_ari_channels.c
-@@ -2479,6 +2479,10 @@ static int unload_module(void)
- static int load_module(void)
- {
- int res = 0;
-+
-+ CHECK_ARI_MODULE_LOADED();
-+
-+
- stasis_app_ref();
- res |= ast_ari_add_handler(&channels);
- if (res) {
-diff --git a/res/res_ari_device_states.c b/res/res_ari_device_states.c
-index a3711e6..fe1817d 100644
---- a/res/res_ari_device_states.c
-+++ b/res/res_ari_device_states.c
-@@ -333,6 +333,10 @@ static int unload_module(void)
- static int load_module(void)
- {
- int res = 0;
-+
-+ CHECK_ARI_MODULE_LOADED();
-+
-+
- stasis_app_ref();
- res |= ast_ari_add_handler(&deviceStates);
- if (res) {
-diff --git a/res/res_ari_endpoints.c b/res/res_ari_endpoints.c
-index 43d2558..a46b0dc 100644
---- a/res/res_ari_endpoints.c
-+++ b/res/res_ari_endpoints.c
-@@ -457,6 +457,10 @@ static int unload_module(void)
- static int load_module(void)
- {
- int res = 0;
-+
-+ CHECK_ARI_MODULE_LOADED();
-+
-+
- stasis_app_ref();
- res |= ast_ari_add_handler(&endpoints);
- if (res) {
-diff --git a/res/res_ari_events.c b/res/res_ari_events.c
-index fd208c5..b6a44d9 100644
---- a/res/res_ari_events.c
-+++ b/res/res_ari_events.c
-@@ -430,22 +430,29 @@ static int unload_module(void)
- static int load_module(void)
- {
- int res = 0;
-- struct ast_websocket_protocol *protocol;
-
-- events.ws_server = ast_websocket_server_create();
-- if (!events.ws_server) {
-- return AST_MODULE_LOAD_DECLINE;
-- }
-+ CHECK_ARI_MODULE_LOADED();
-
-- protocol = ast_websocket_sub_protocol_alloc("ari");
-- if (!protocol) {
-- ao2_ref(events.ws_server, -1);
-- events.ws_server = NULL;
-- return AST_MODULE_LOAD_DECLINE;
-+ /* This is scoped to not conflict with CHECK_ARI_MODULE_LOADED */
-+ {
-+ struct ast_websocket_protocol *protocol;
-+
-+ events.ws_server = ast_websocket_server_create();
-+ if (!events.ws_server) {
-+ return AST_MODULE_LOAD_DECLINE;
-+ }
-+
-+ protocol = ast_websocket_sub_protocol_alloc("ari");
-+ if (!protocol) {
-+ ao2_ref(events.ws_server, -1);
-+ events.ws_server = NULL;
-+ return AST_MODULE_LOAD_DECLINE;
-+ }
-+ protocol->session_attempted = ast_ari_events_event_websocket_ws_attempted_cb;
-+ protocol->session_established = ast_ari_events_event_websocket_ws_established_cb;
-+ res |= ast_websocket_server_add_protocol2(events.ws_server, protocol);
- }
-- protocol->session_attempted = ast_ari_events_event_websocket_ws_attempted_cb;
-- protocol->session_established = ast_ari_events_event_websocket_ws_established_cb;
-- res |= ast_websocket_server_add_protocol2(events.ws_server, protocol);
-+
- stasis_app_ref();
- res |= ast_ari_add_handler(&events);
- if (res) {
-diff --git a/res/res_ari_mailboxes.c b/res/res_ari_mailboxes.c
-index f85541c..600ecfd 100644
---- a/res/res_ari_mailboxes.c
-+++ b/res/res_ari_mailboxes.c
-@@ -339,6 +339,10 @@ static int unload_module(void)
- static int load_module(void)
- {
- int res = 0;
-+
-+ CHECK_ARI_MODULE_LOADED();
-+
-+
- stasis_app_ref();
- res |= ast_ari_add_handler(&mailboxes);
- if (res) {
-diff --git a/res/res_ari_playbacks.c b/res/res_ari_playbacks.c
-index 25e211c..106463b 100644
---- a/res/res_ari_playbacks.c
-+++ b/res/res_ari_playbacks.c
-@@ -291,6 +291,10 @@ static int unload_module(void)
- static int load_module(void)
- {
- int res = 0;
-+
-+ CHECK_ARI_MODULE_LOADED();
-+
-+
- stasis_app_ref();
- res |= ast_ari_add_handler(&playbacks);
- if (res) {
-diff --git a/res/res_ari_recordings.c b/res/res_ari_recordings.c
-index 29720a8..c43148d 100644
---- a/res/res_ari_recordings.c
-+++ b/res/res_ari_recordings.c
-@@ -807,6 +807,10 @@ static int unload_module(void)
- static int load_module(void)
- {
- int res = 0;
-+
-+ CHECK_ARI_MODULE_LOADED();
-+
-+
- stasis_app_ref();
- res |= ast_ari_add_handler(&recordings);
- if (res) {
-diff --git a/res/res_ari_sounds.c b/res/res_ari_sounds.c
-index 6d09d2c..e58ecd1 100644
---- a/res/res_ari_sounds.c
-+++ b/res/res_ari_sounds.c
-@@ -221,6 +221,10 @@ static int unload_module(void)
- static int load_module(void)
- {
- int res = 0;
-+
-+ CHECK_ARI_MODULE_LOADED();
-+
-+
- stasis_app_ref();
- res |= ast_ari_add_handler(&sounds);
- if (res) {
-diff --git a/rest-api-templates/res_ari_resource.c.mustache b/rest-api-templates/res_ari_resource.c.mustache
-index 921b007..b4d8010 100644
---- a/rest-api-templates/res_ari_resource.c.mustache
-+++ b/rest-api-templates/res_ari_resource.c.mustache
-@@ -262,30 +262,37 @@ static int unload_module(void)
- static int load_module(void)
- {
- int res = 0;
-+
-+ CHECK_ARI_MODULE_LOADED();
-+
- {{#apis}}
- {{#operations}}
- {{#has_websocket}}
-- struct ast_websocket_protocol *protocol;
-+ /* This is scoped to not conflict with CHECK_ARI_MODULE_LOADED */
-+ {
-+ struct ast_websocket_protocol *protocol;
-
-- {{full_name}}.ws_server = ast_websocket_server_create();
-- if (!{{full_name}}.ws_server) {
-- return AST_MODULE_LOAD_DECLINE;
-- }
-+ {{full_name}}.ws_server = ast_websocket_server_create();
-+ if (!{{full_name}}.ws_server) {
-+ return AST_MODULE_LOAD_DECLINE;
-+ }
-
-- protocol = ast_websocket_sub_protocol_alloc("{{websocket_protocol}}");
-- if (!protocol) {
-- ao2_ref({{full_name}}.ws_server, -1);
-- {{full_name}}.ws_server = NULL;
-- return AST_MODULE_LOAD_DECLINE;
-- }
-- protocol->session_attempted = ast_ari_{{c_name}}_{{c_nickname}}_ws_attempted_cb;
-- protocol->session_established = ast_ari_{{c_name}}_{{c_nickname}}_ws_established_cb;
-+ protocol = ast_websocket_sub_protocol_alloc("{{websocket_protocol}}");
-+ if (!protocol) {
-+ ao2_ref({{full_name}}.ws_server, -1);
-+ {{full_name}}.ws_server = NULL;
-+ return AST_MODULE_LOAD_DECLINE;
-+ }
-+ protocol->session_attempted = ast_ari_{{c_name}}_{{c_nickname}}_ws_attempted_cb;
-+ protocol->session_established = ast_ari_{{c_name}}_{{c_nickname}}_ws_established_cb;
- {{/has_websocket}}
- {{#is_websocket}}
-- res |= ast_websocket_server_add_protocol2({{full_name}}.ws_server, protocol);
-+ res |= ast_websocket_server_add_protocol2({{full_name}}.ws_server, protocol);
-+ }
- {{/is_websocket}}
- {{/operations}}
- {{/apis}}
-+
- stasis_app_ref();
- res |= ast_ari_add_handler(&{{root_full_name}});
- if (res) {
Modified: branches/1.0/package/asterisk/asterisk.mk
===================================================================
--- branches/1.0/package/asterisk/asterisk.mk 2017-07-15 16:05:11 UTC (rev 8442)
+++ branches/1.0/package/asterisk/asterisk.mk 2017-07-15 16:47:43 UTC (rev 8443)
@@ -7,7 +7,7 @@
ASTERISK_VERSION := 11.25.1
else
ifeq ($(BR2_PACKAGE_ASTERISK_v13),y)
-ASTERISK_VERSION := 13.16.0
+ASTERISK_VERSION := 13.17.0
else
ASTERISK_VERSION := 15.0.0
endif
Added: branches/1.0/package/pjsip/pjsip-0070-Set-PJSIP_INV_SUPPORT_UPDATE-correctly-in-pjsip_inv_.patch
===================================================================
--- branches/1.0/package/pjsip/pjsip-0070-Set-PJSIP_INV_SUPPORT_UPDATE-correctly-in-pjsip_inv_.patch (rev 0)
+++ branches/1.0/package/pjsip/pjsip-0070-Set-PJSIP_INV_SUPPORT_UPDATE-correctly-in-pjsip_inv_.patch 2017-07-15 16:47:43 UTC (rev 8443)
@@ -0,0 +1,29 @@
+From 1193681959816effa121c4470748d5faa3a59272 Mon Sep 17 00:00:00 2001
+From: George Joseph <gj...@di...>
+Date: Thu, 29 Jun 2017 13:42:10 -0600
+Subject: [PATCH] Set PJSIP_INV_SUPPORT_UPDATE correctly in
+ pjsip_inv_verify_request3
+
+pjsip_inv_verify_request3 was setting rem_options when UPDATE was
+detected in the Allow header. That's just an internal variable and
+doesn't go anywhere. It's '*options' that needs to be set.
+---
+ pjsip/src/pjsip-ua/sip_inv.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/pjsip/src/pjsip-ua/sip_inv.c b/pjsip/src/pjsip-ua/sip_inv.c
+index fbc8ebe..6db7e6b 100644
+--- a/pjsip/src/pjsip-ua/sip_inv.c
++++ b/pjsip/src/pjsip-ua/sip_inv.c
+@@ -1237,7 +1237,7 @@ PJ_DEF(pj_status_t) pjsip_inv_verify_request3(pjsip_rx_data *rdata,
+
+ if (i != allow->count) {
+ /* UPDATE is present in Allow */
+- rem_option |= PJSIP_INV_SUPPORT_UPDATE;
++ *options |= PJSIP_INV_SUPPORT_UPDATE;
+ }
+
+ }
+--
+2.9.4
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-15 16:05:12
|
Revision: 8442
http://sourceforge.net/p/astlinux/code/8442
Author: abelbeck
Date: 2017-07-15 16:05:11 +0000 (Sat, 15 Jul 2017)
Log Message:
-----------
expat, version bump to 2.2.2
Modified Paths:
--------------
branches/1.0/package/expat/expat.mk
Modified: branches/1.0/package/expat/expat.mk
===================================================================
--- branches/1.0/package/expat/expat.mk 2017-07-15 15:27:35 UTC (rev 8441)
+++ branches/1.0/package/expat/expat.mk 2017-07-15 16:05:11 UTC (rev 8442)
@@ -4,7 +4,7 @@
#
#############################################################
-EXPAT_VERSION = 2.2.1
+EXPAT_VERSION = 2.2.2
EXPAT_SITE = http://downloads.sourceforge.net/project/expat/expat/$(EXPAT_VERSION)
EXPAT_SOURCE = expat-$(EXPAT_VERSION).tar.bz2
EXPAT_INSTALL_STAGING = YES
@@ -13,5 +13,7 @@
EXPAT_DEPENDENCIES = host-pkg-config
+EXPAT_CONF_ENV = CFLAGS='$(TARGET_CFLAGS) -DXML_POOR_ENTROPY'
+
$(eval $(call AUTOTARGETS,package,expat))
$(eval $(call AUTOTARGETS,package,expat,host))
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-15 15:27:36
|
Revision: 8441
http://sourceforge.net/p/astlinux/code/8441
Author: abelbeck
Date: 2017-07-15 15:27:35 +0000 (Sat, 15 Jul 2017)
Log Message:
-----------
tiff, add upstream security fix for CVE-2017-10688
Added Paths:
-----------
branches/1.0/package/tiff/tiff-0001-libtiff-tif_dirwrite.c-in-TIFFWriteDirectoryTagCheck.patch
Added: branches/1.0/package/tiff/tiff-0001-libtiff-tif_dirwrite.c-in-TIFFWriteDirectoryTagCheck.patch
===================================================================
--- branches/1.0/package/tiff/tiff-0001-libtiff-tif_dirwrite.c-in-TIFFWriteDirectoryTagCheck.patch (rev 0)
+++ branches/1.0/package/tiff/tiff-0001-libtiff-tif_dirwrite.c-in-TIFFWriteDirectoryTagCheck.patch 2017-07-15 15:27:35 UTC (rev 8441)
@@ -0,0 +1,70 @@
+From 6173a57d39e04d68b139f8c1aa499a24dbe74ba1 Mon Sep 17 00:00:00 2001
+From: Even Rouault <eve...@sp...>
+Date: Fri, 30 Jun 2017 17:29:44 +0000
+Subject: [PATCH] * libtiff/tif_dirwrite.c: in
+ TIFFWriteDirectoryTagCheckedXXXX() functions associated with LONG8/SLONG8
+ data type, replace assertion that the file is BigTIFF, by a non-fatal error.
+ Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2712 Reported by team
+ OWL337
+
+[Peter: drop ChangeLog modification]
+Signed-off-by: Peter Korsgaard <pe...@ko...>
+---
+ libtiff/tif_dirwrite.c | 20 ++++++++++++++++----
+ 1 file changed, 23 insertions(+), 4 deletions(-)
+
+diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
+index 2967da58..8d6686ba 100644
+--- a/libtiff/tif_dirwrite.c
++++ b/libtiff/tif_dirwrite.c
+@@ -2111,7 +2111,10 @@ TIFFWriteDirectoryTagCheckedLong8(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, ui
+ {
+ uint64 m;
+ assert(sizeof(uint64)==8);
+- assert(tif->tif_flags&TIFF_BIGTIFF);
++ if( !(tif->tif_flags&TIFF_BIGTIFF) ) {
++ TIFFErrorExt(tif->tif_clientdata,"TIFFWriteDirectoryTagCheckedLong8","LONG8 not allowed for ClassicTIFF");
++ return(0);
++ }
+ m=value;
+ if (tif->tif_flags&TIFF_SWAB)
+ TIFFSwabLong8(&m);
+@@ -2124,7 +2127,10 @@ TIFFWriteDirectoryTagCheckedLong8Array(TIFF* tif, uint32* ndir, TIFFDirEntry* di
+ {
+ assert(count<0x20000000);
+ assert(sizeof(uint64)==8);
+- assert(tif->tif_flags&TIFF_BIGTIFF);
++ if( !(tif->tif_flags&TIFF_BIGTIFF) ) {
++ TIFFErrorExt(tif->tif_clientdata,"TIFFWriteDirectoryTagCheckedLong8","LONG8 not allowed for ClassicTIFF");
++ return(0);
++ }
+ if (tif->tif_flags&TIFF_SWAB)
+ TIFFSwabArrayOfLong8(value,count);
+ return(TIFFWriteDirectoryTagData(tif,ndir,dir,tag,TIFF_LONG8,count,count*8,value));
+@@ -2136,7 +2142,10 @@ TIFFWriteDirectoryTagCheckedSlong8(TIFF* tif, uint32* ndir, TIFFDirEntry* dir, u
+ {
+ int64 m;
+ assert(sizeof(int64)==8);
+- assert(tif->tif_flags&TIFF_BIGTIFF);
++ if( !(tif->tif_flags&TIFF_BIGTIFF) ) {
++ TIFFErrorExt(tif->tif_clientdata,"TIFFWriteDirectoryTagCheckedLong8","SLONG8 not allowed for ClassicTIFF");
++ return(0);
++ }
+ m=value;
+ if (tif->tif_flags&TIFF_SWAB)
+ TIFFSwabLong8((uint64*)(&m));
+@@ -2149,7 +2158,10 @@ TIFFWriteDirectoryTagCheckedSlong8Array(TIFF* tif, uint32* ndir, TIFFDirEntry* d
+ {
+ assert(count<0x20000000);
+ assert(sizeof(int64)==8);
+- assert(tif->tif_flags&TIFF_BIGTIFF);
++ if( !(tif->tif_flags&TIFF_BIGTIFF) ) {
++ TIFFErrorExt(tif->tif_clientdata,"TIFFWriteDirectoryTagCheckedLong8","SLONG8 not allowed for ClassicTIFF");
++ return(0);
++ }
+ if (tif->tif_flags&TIFF_SWAB)
+ TIFFSwabArrayOfLong8((uint64*)value,count);
+ return(TIFFWriteDirectoryTagData(tif,ndir,dir,tag,TIFF_SLONG8,count,count*8,value));
+--
+2.11.0
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-15 15:19:00
|
Revision: 8440
http://sourceforge.net/p/astlinux/code/8440
Author: abelbeck
Date: 2017-07-15 15:18:58 +0000 (Sat, 15 Jul 2017)
Log Message:
-----------
web interface, Update package license info
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/common/license-packages.txt
Modified: branches/1.0/package/webinterface/altweb/common/license-packages.txt
===================================================================
--- branches/1.0/package/webinterface/altweb/common/license-packages.txt 2017-07-14 03:18:12 UTC (rev 8439)
+++ branches/1.0/package/webinterface/altweb/common/license-packages.txt 2017-07-15 15:18:58 UTC (rev 8440)
@@ -14,23 +14,23 @@
Asterisk~Copyright (c) 1999-2017 Digium, Inc.
DAHDI~Copyright (c) 2001-2015 Digium, Inc.
libPRI~Copyright (c) 2001-2015 Digium, Inc.
-Arno's Firewall~Copyright (c) 2001-2016 Arno van Amersfoort.
+Arno's Firewall~Copyright (c) 2001-2017 Arno van Amersfoort.
dnsmasq~Copyright (c) 2000-2015 Simon Kelley.
-OpenSSL~Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved.
-OpenSSH~Copyright (c) 1995-2015 Tatu Ylonen, Espoo, Finland. All rights reserved.
+OpenSSL~Copyright (c) 1998-2017 The OpenSSL Project. All rights reserved.
+OpenSSH~Copyright (c) 1995-2017 Tatu Ylonen, Espoo, Finland. All rights reserved.
OpenVPN~Copyright (c) 2002-2017 OpenVPN Technologies, Inc.
PHP~Copyright (c) 1999-2017 The PHP Group. All rights reserved.
vsftpd~Copyright (c) 2001-2015 Daniel Jacobowitz.
lighttpd~Copyright (c) 2004-2017 Jan Kneschke.
-msmtp~Copyright (c) 2000-2016 Martin Lambers.
-libxml2~Copyright (c) 1998-2016 Daniel Veillard. All Rights Reserved.
-libtiff~Copyright (c) 1988-2015 Sam Leffler, Copyright (c) 1991-1997 Silicon Graphics, Inc.
+msmtp~Copyright (c) 2000-2017 Martin Lambers.
+libxml2~Copyright (c) 1998-2017 Daniel Veillard. All Rights Reserved.
+libtiff~Copyright (c) 1988-2017 Sam Leffler, Copyright (c) 1991-1997 Silicon Graphics, Inc.
libjpeg~Copyright (c) 1991-2016 Thomas G. Lane, Guido Vollbeding.
-iptables~Copyright (c) 2000-2013 the netfilter coreteam.
-ipset~Copyright (c) 2003-2016 Jozsef Kadlecsik.
-curl~Copyright (c) 1996-2016 Daniel Stenberg.
+iptables~Copyright (c) 2000-2015 the netfilter coreteam.
+ipset~Copyright (c) 2003-2017 Jozsef Kadlecsik.
+curl~Copyright (c) 1996-2017 Daniel Stenberg.
rp-pppoe~Copyright (c) 2001-2012 Roaring Penguin Software Inc.
-zabbix~Copyright (c) 2000-2016 SIA Zabbix.
+zabbix~Copyright (c) 2000-2017 SIA Zabbix.
zlib~Copyright (c) 1995-2017 Jean-loup Gailly.
SILK CODEC~Copyright (c) 2010-2016 Skype and/or Microsoft. All rights reserved. Licensed via Digium, Inc.
SpanDSP~Copyright (c) 2003-2015 Steve Underwood. All rights reserved.
@@ -42,27 +42,28 @@
FOP2~Copyright (c) 2009-2017 House Internet S.R.L. (http://www.fop2.com)
ddclient-curl~Copyright (c) 1999-2017 David Kerr, Paul Burry, wimpunk, et al.
vCard converter~Copyright (c) 2006-2013 Thomas Bruederli.
-OpenLDAP~Copyright (c) 1998-2016 The OpenLDAP Foundation. All rights reserved.
+OpenLDAP~Copyright (c) 1998-2017 The OpenLDAP Foundation. All rights reserved.
darkstat~Copyright (c) 2001-2015 Emil Mikulic, et al.
NUT~Copyright (c) 1999-2016 Russell Kroll, Arnaud Quette, et al.
iftop~Copyright (c) 2002-2014 Paul Warren, Chris Lightfoot, et al.
dnscrypt-proxy~Copyright (c) 2011-2017 Frank Denis.
-libsodium~Copyright (c) 2013-2016 Frank Denis.
+libsodium~Copyright (c) 2013-2017 Frank Denis.
phoneprov-tools~Copyright (c) 2015-2016 Lonnie Abelbeck and Michael Keuter.
smartmontools~Copyright (c) 2002-2016 Bruce Allen, Christian Franke, et al.
-Monit~Copyright (c) 2001-2016 Tildeslash. All rights reserved.
+Monit~Copyright (c) 2001-2017 Tildeslash. All rights reserved.
sqlite~Copyright (c) 1995-2017 SQLite Consortium.
-sqliteodbc~Copyright (c) 2001-2016 Christian Werner.
+sqliteodbc~Copyright (c) 2001-2017 Christian Werner.
Fossil~Copyright (c) 2007-2017 D. Richard Hipp. All rights reserved.
BusyBox~Copyright (c) 1998-2011 Erik Andersen, Rob Landley, Denys Vlasenko, et al.
dhcp6c~Copyright (c) 1998-2008 WIDE Project with 2016 Debian patches.
htop~Copyright (c) 2004-2012 Hisham Muhammad.
-stunnel~Copyright (c) 1998-2016 Michal Trojnara.
-unbound~Copyright (c) 2007-2016 NLnet Labs. All rights reserved.
+stunnel~Copyright (c) 1998-2017 Michal Trojnara.
+unbound~Copyright (c) 2007-2017 NLnet Labs. All rights reserved.
avahi~Copyright (c) 2004-2016 Lennart Poettering, Trent Lloyd, Avahi developers.
-Linux Kernel~Copyright (c) 1997-2016 The Linux Kernel Organization, Inc.; Linux is a Registered Trademark of Linus Torvalds.
-whois~Copyright (c) 1999-2016 Marco d'Itri.
-strongSwan~Copyright (c) 2006-2016 Andreas Steffen, Tobias Brunner, et al.
+Linux Kernel~Copyright (c) 1997-2017 The Linux Kernel Organization, Inc.; Linux is a Registered Trademark of Linus Torvalds.
+whois~Copyright (c) 1999-2017 Marco d'Itri.
+strongSwan~Copyright (c) 2006-2017 Andreas Steffen, Tobias Brunner, et al.
chrony~Copyright (c) 1997-2017 Richard P. Curnow, Miroslav Lichvar.
gntp-send~Copyright (c) 2009-2016 Yasuhiro Matsumoto.
netcalc~Copyright (c) 2003-2017 Simon Ekstrand, Joachim Nilsson.
+acme.sh~Copyright (c) 2016-2017 Neilpang.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-14 03:18:14
|
Revision: 8439
http://sourceforge.net/p/astlinux/code/8439
Author: abelbeck
Date: 2017-07-14 03:18:12 +0000 (Fri, 14 Jul 2017)
Log Message:
-----------
web interface, Network tab, tweak an edit field width
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/network.php
Modified: branches/1.0/package/webinterface/altweb/admin/network.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/network.php 2017-07-13 21:20:26 UTC (rev 8438)
+++ branches/1.0/package/webinterface/altweb/admin/network.php 2017-07-14 03:18:12 UTC (rev 8439)
@@ -2128,7 +2128,7 @@
$value = getVARdef($db, 'HTTPSCERT', $cur_db);
putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
- putHtml('HTTPS Certificate File:<input type="text" size="36" maxlength="64" value="'.$value.'" name="https_cert" />');
+ putHtml('HTTPS Certificate File:<input type="text" size="45" maxlength="64" value="'.$value.'" name="https_cert" />');
putHtml('</td></tr>');
putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-13 21:20:28
|
Revision: 8438
http://sourceforge.net/p/astlinux/code/8438
Author: abelbeck
Date: 2017-07-13 21:20:26 +0000 (Thu, 13 Jul 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-07-13 20:34:42 UTC (rev 8437)
+++ branches/1.0/docs/ChangeLog.txt 2017-07-13 21:20:26 UTC (rev 8438)
@@ -74,6 +74,7 @@
-- acme-client, new command to generate Let's Encrypt certificates using the ACME protocol.
The acme-client command is a front-end to the core acme.sh script, version 2.7.2.
+ New rc.conf variables: ACME_SERVICE and ACME_ACCOUNT_EMAIL
More info: http://doc.astlinux-project.org/userdoc:tt_acme_certificates
-- ca-certificates, update trusted root certificates 2017-06-07
@@ -140,7 +141,10 @@
Note: "Assign GUA Prefix" only applies if Network tab -> Connection Type: includes DHCPv6.
More info: http://doc.astlinux-project.org/userdoc:tt-dhcpv6-prefix-delegation
+-- Network tab, add "ACME (Let's Encrypt) Certificate" section with topic help info.
+ More info: http://doc.astlinux-project.org/userdoc:tt_acme_certificates
+
Additions for AstLinux 1.2.10:
=============================
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-13 20:34:45
|
Revision: 8437
http://sourceforge.net/p/astlinux/code/8437
Author: abelbeck
Date: 2017-07-13 20:34:42 +0000 (Thu, 13 Jul 2017)
Log Message:
-----------
Network tab, add "ACME (Let's Encrypt) Certificate" section with topic help info
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/network.php
branches/1.0/package/webinterface/altweb/admin/siptlscert.php
branches/1.0/package/webinterface/altweb/admin/slapd.php
branches/1.0/package/webinterface/altweb/admin/xmpp.php
branches/1.0/package/webinterface/altweb/common/topics.info
Modified: branches/1.0/package/webinterface/altweb/admin/network.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/network.php 2017-07-12 16:54:49 UTC (rev 8436)
+++ branches/1.0/package/webinterface/altweb/admin/network.php 2017-07-13 20:34:42 UTC (rev 8437)
@@ -44,6 +44,7 @@
// 01-29-2017, Added DDGETIPV6 support
// 02-16-2017, Added Restart FTP Server support
// 06-02-2017, Added selectable Prefix Delegation interfaces
+// 07-12-2017, Added ACME (Let's Encrypt) Certificate configuration
//
// System location of rc.conf file
$CONFFILE = '/etc/rc.conf';
@@ -474,7 +475,25 @@
$value = 'SMTP_PASS="'.string2RCconfig(trim($_POST['smtp_pass'])).'"';
fwrite($fp, "### SMTP Auth Password\n".$value."\n");
-
+
+ $x_value = '';
+ if (isset($_POST['acme_lighttpd'])) {
+ $x_value .= ' lighttpd';
+ }
+ if (isset($_POST['acme_asterisk'])) {
+ $x_value .= ' asterisk';
+ }
+ if (isset($_POST['acme_prosody'])) {
+ $x_value .= ' prosody';
+ }
+ if (isset($_POST['acme_slapd'])) {
+ $x_value .= ' slapd';
+ }
+ $value = 'ACME_SERVICE="'.trim($x_value).'"';
+ fwrite($fp, "### ACME Certificate\n".$value."\n");
+ $value = 'ACME_ACCOUNT_EMAIL="'.tuq($_POST['acme_account_email']).'"';
+ fwrite($fp, $value."\n");
+
$value = 'FTPD="'.$_POST['ftp'].'"';
fwrite($fp, "### FTP Server\n".$value."\n");
$value = 'FTPD_WRITE="'.$_POST['ftpd_write'].'"';
@@ -568,7 +587,7 @@
fwrite($fp, "### HTTPS access logging\n".$value."\n");
$value = 'HTTPSCERT="'.tuq($_POST['https_cert']).'"';
- if (isset($_POST['create_cert']) && is_opensslHERE()) {
+ if (isset($_POST['submit_self_signed_https']) && isset($_POST['confirm_self_signed_https'])) {
if (($countryName = getPREFdef($global_prefs, 'dn_country_name_cmdstr')) === '') {
$countryName = 'US';
}
@@ -598,6 +617,8 @@
}
}
fwrite($fp, "### HTTPS Certificate File\n".$value."\n");
+ $value = isset($_POST['acme_lighttpd']) ? 'HTTPSCHAIN="/mnt/kd/ssl/https_ca_chain.pem"' : 'HTTPSCHAIN=""';
+ fwrite($fp, $value."\n");
$value = 'PHONEPROV_ALLOW="'.tuq($_POST['phoneprov_allow']).'"';
fwrite($fp, "### /phoneprov/ Allowed IPs\n".$value."\n");
@@ -980,7 +1001,15 @@
$result = saveNETWORKsettings($NETCONFDIR, $NETCONFFILE);
header('Location: /admin/dnscrypt.php');
exit;
- } elseif (isset($_POST['submit_sip_tls'])) {
+ } elseif (isset($_POST['submit_self_signed_https'])) {
+ if (isset($_POST['confirm_self_signed_https'])) {
+ if (($result = saveNETWORKsettings($NETCONFDIR, $NETCONFFILE)) == 11) {
+ $result = 12;
+ }
+ } else {
+ $result = 2;
+ }
+ } elseif (isset($_POST['submit_self_signed_sip_tls'])) {
$result = saveNETWORKsettings($NETCONFDIR, $NETCONFFILE);
header('Location: /admin/siptlscert.php');
exit;
@@ -1212,6 +1241,8 @@
putHtml('<p style="color: green;">System is Rebooting... back in <span id="count_down"><script language="JavaScript" type="text/javascript">document.write(count_down_secs);</script></span> seconds.</p>');
} elseif ($result == 11) {
putHtml('<p style="color: green;">Settings saved, click "Reboot/Restart" to apply any changed settings, a "Reboot System" is required for Interface changes.</p>');
+ } elseif ($result == 12) {
+ putHtml('<p style="color: green;">Settings saved, a new Self-Signed HTTPS certificate is installed, a "Reboot System" is required to apply changes.</p>');
} elseif ($result == 21) {
putHtml('<p style="color: green;">PPPoE has Restarted.</p>');
} elseif ($result == 22) {
@@ -1881,8 +1912,40 @@
}
putHtml('<tr class="dtrow0"><td colspan="6"> </td></tr>');
-
+
putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="6">');
+ putHtml('<strong>ACME (Let\'s Encrypt) Certificate:</strong>'.includeTOPICinfo('ACME-Certificate'));
+ putHtml('</td></tr>');
+
+ putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
+ putHtml('ACME Deploy Service:');
+ $sel = isVARtype('ACME_SERVICE', $db, $cur_db, 'lighttpd') ? ' checked="checked"' : '';
+ putHtml('<input type="checkbox" value="acme_lighttpd" name="acme_lighttpd"'.$sel.' /> HTTPS Server');
+ $sel = isVARtype('ACME_SERVICE', $db, $cur_db, 'asterisk') ? ' checked="checked"' : '';
+ putHtml('<input type="checkbox" value="acme_asterisk" name="acme_asterisk"'.$sel.' /> Asterisk SIP-TLS');
+ $sel = isVARtype('ACME_SERVICE', $db, $cur_db, 'prosody') ? ' checked="checked"' : '';
+ putHtml('<input type="checkbox" value="acme_prosody" name="acme_prosody"'.$sel.' /> XMPP Server');
+ $sel = isVARtype('ACME_SERVICE', $db, $cur_db, 'slapd') ? ' checked="checked"' : '';
+ putHtml('<input type="checkbox" value="acme_slapd" name="acme_slapd"'.$sel.' /> LDAP Server');
+ putHtml('</td></tr>');
+
+ putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
+ $value = getVARdef($db, 'ACME_ACCOUNT_EMAIL', $cur_db);
+ putHtml('ACME Account Email Address:<input type="text" size="36" maxlength="128" value="'.$value.'" name="acme_account_email" /></td></tr>');
+
+ putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
+ putHtml('Non-ACME Self-Signed HTTPS Certificate:');
+ putHtml('<input type="submit" value="Self-Signed HTTPS Cert" name="submit_self_signed_https" class="button" />');
+ putHtml('–');
+ putHtml('<input type="checkbox" value="self_signed_https" name="confirm_self_signed_https" /> Confirm</td></tr>');
+
+ putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
+ putHtml('Non-ACME Self-Signed SIP-TLS Certificate:');
+ putHtml('<input type="submit" value="Self-Signed SIP-TLS Cert" name="submit_self_signed_sip_tls" class="button" /></td></tr>');
+
+ putHtml('<tr class="dtrow0"><td colspan="6"> </td></tr>');
+
+ putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="6">');
putHtml('<strong>Network Services:</strong>');
putHtml('</td></tr>');
putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
@@ -1902,10 +1965,6 @@
}
putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
- putHtml('Asterisk SIP-TLS Server Certificate:');
- putHtml('<input type="submit" value="SIP-TLS Certificate" name="submit_sip_tls" class="button" /></td></tr>');
-
- putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
putHtml('XMPP Server, Messaging and Presence:');
putHtml('<input type="submit" value="Configure XMPP" name="submit_xmpp" class="button" /></td></tr>');
@@ -2068,15 +2127,8 @@
putHtml('</td></tr>');
$value = getVARdef($db, 'HTTPSCERT', $cur_db);
- if (is_opensslHERE()) {
- putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="4">');
- putHtml('HTTPS Certificate File:<input type="text" size="36" maxlength="64" value="'.$value.'" name="https_cert" /></td>');
- putHtml('<td style="text-align: left;" colspan="2">');
- putHtml('<input type="checkbox" value="create_cert" name="create_cert" /> Create New HTTPS Certificate');
- } else {
- putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
- putHtml('HTTPS Certificate File:<input type="text" size="36" maxlength="64" value="'.$value.'" name="https_cert" />');
- }
+ putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
+ putHtml('HTTPS Certificate File:<input type="text" size="36" maxlength="64" value="'.$value.'" name="https_cert" />');
putHtml('</td></tr>');
putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
Modified: branches/1.0/package/webinterface/altweb/admin/siptlscert.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/siptlscert.php 2017-07-12 16:54:49 UTC (rev 8436)
+++ branches/1.0/package/webinterface/altweb/admin/siptlscert.php 2017-07-13 20:34:42 UTC (rev 8437)
@@ -1,6 +1,6 @@
<?php
-// Copyright (C) 2008-2012 Lonnie Abelbeck
+// Copyright (C) 2008-2017 Lonnie Abelbeck
// This is free software, licensed under the GNU General Public License
// version 3 as published by the Free Software Foundation; you can
// redistribute it and/or modify it under the terms of the GNU
@@ -9,6 +9,7 @@
// siptlscert.php for AstLinux
// 11-12-2012
// 12-14-2015, Added Signature Algorithm support
+// 07-12-2017, Added ACME warning
//
// System location of /mnt/kd/rc.conf.d directory
$SIPTLSCERTCONFDIR = '/mnt/kd/rc.conf.d';
@@ -271,7 +272,7 @@
<form id="iform" method="post" action="<?php echo $myself;?>">
<table width="100%" class="stdtable">
<tr><td style="text-align: center;" colspan="2">
- <h2>Asterisk SIP-TLS Server Certificate:</h2>
+ <h2>Self-Signed SIP-TLS Server Certificate:</h2>
</td></tr><tr><td width="240" style="text-align: center;">
<input type="submit" class="formbtn" value="Save Settings" name="submit_save" />
</td><td class="dialogText" style="text-align: center;">
@@ -280,6 +281,14 @@
<table class="stdtable">
<tr class="dtrow0"><td width="140"> </td><td width="50"> </td><td width="100"> </td><td> </td><td width="100"> </td><td width="80"> </td></tr>
<?php
+if (is_dir('/mnt/kd/acme')) {
+ putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="6">');
+ putHtml('<strong>ACME (Let\'s Encrypt) Certificate Exists!</strong>');
+ putHtml('</td></tr>');
+
+ putHtml('<tr class="dtrow1"><td style="color: red; text-align: center;" colspan="6">');
+ putHtml('Warning: "Create New" may overwrite deployed ACME credentials.</td></tr>');
+}
if ($openssl !== FALSE) {
putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="6">');
putHtml('<strong>Server Certificate and Key:</strong>');
Modified: branches/1.0/package/webinterface/altweb/admin/slapd.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/slapd.php 2017-07-12 16:54:49 UTC (rev 8436)
+++ branches/1.0/package/webinterface/altweb/admin/slapd.php 2017-07-13 20:34:42 UTC (rev 8437)
@@ -1,6 +1,6 @@
<?php
-// Copyright (C) 2013 Lonnie Abelbeck
+// Copyright (C) 2013-2017 Lonnie Abelbeck
// This is free software, licensed under the GNU General Public License
// version 3 as published by the Free Software Foundation; you can
// redistribute it and/or modify it under the terms of the GNU
@@ -120,7 +120,7 @@
} else {
$result = 2;
}
- } elseif (isset($_POST['submit_sip_tls'])) {
+ } elseif (isset($_POST['submit_self_signed_sip_tls'])) {
$result = saveSLAPDsettings($SLAPDCONFDIR, $SLAPDCONFFILE);
header('Location: /admin/siptlscert.php');
exit;
@@ -186,15 +186,19 @@
<table class="stdtable">
<tr class="dtrow0"><td width="60"> </td><td width="100"> </td><td width="50"> </td><td> </td><td> </td><td width="60"> </td></tr>
<?php
-if (! is_file('/mnt/kd/ssl/sip-tls/keys/server.crt') || ! is_file('/mnt/kd/ssl/sip-tls/keys/server.key')) {
+if ((! is_file('/mnt/kd/ssl/sip-tls/keys/server.crt') || ! is_file('/mnt/kd/ssl/sip-tls/keys/server.key')) &&
+ (! is_file('/mnt/kd/ldap/certs/server.crt') || ! is_file('/mnt/kd/ldap/certs/server.key'))) {
putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="6">');
- putHtml('<strong>Missing SIP-TLS Server Certificate:</strong> <i>(Shared with LDAP Server)</i>');
+ putHtml('<strong>Missing Server Certificate!</strong>');
putHtml('</td></tr>');
+ putHtml('<tr class="dtrow1"><td style="text-align: center;" colspan="6">');
+ putHtml('How to Issue an ACME (Let\'s Encrypt) Certificate:'.includeTOPICinfo('ACME-Certificate'));
+ putHtml('</td></tr>');
putHtml('<tr class="dtrow1"><td style="text-align: right;" colspan="2">');
- putHtml('Create SIP-TLS<br />Server Certificate:');
+ putHtml('Non-ACME SIP-TLS<br />Server Certificate:');
putHtml('</td><td style="text-align: left;" colspan="4">');
- putHtml('<input type="submit" value="SIP-TLS Certificate" name="submit_sip_tls" class="button" />');
+ putHtml('<input type="submit" value="Self-Signed SIP-TLS Cert" name="submit_self_signed_sip_tls" class="button" />');
putHtml('</td></tr>');
}
Modified: branches/1.0/package/webinterface/altweb/admin/xmpp.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/xmpp.php 2017-07-12 16:54:49 UTC (rev 8436)
+++ branches/1.0/package/webinterface/altweb/admin/xmpp.php 2017-07-13 20:34:42 UTC (rev 8437)
@@ -1,6 +1,6 @@
<?php
-// Copyright (C) 2013-2016 Lonnie Abelbeck
+// Copyright (C) 2013-2017 Lonnie Abelbeck
// This is free software, licensed under the GNU General Public License
// version 3 as published by the Free Software Foundation; you can
// redistribute it and/or modify it under the terms of the GNU
@@ -294,7 +294,7 @@
if (reloadModule('groups') === TRUE) {
$result = 16;
}
- } elseif (isset($_POST['submit_sip_tls'])) {
+ } elseif (isset($_POST['submit_self_signed_sip_tls'])) {
$result = saveXMPPsettings($XMPPCONFDIR, $XMPPCONFFILE);
header('Location: /admin/siptlscert.php');
exit;
@@ -373,15 +373,19 @@
putHtml('<tr class="dtrow0"><td width="180"> </td><td> </td></tr>');
if ($global_admin) {
-if (! is_file('/mnt/kd/ssl/sip-tls/keys/server.crt') || ! is_file('/mnt/kd/ssl/sip-tls/keys/server.key')) {
+if ((! is_file('/mnt/kd/ssl/sip-tls/keys/server.crt') || ! is_file('/mnt/kd/ssl/sip-tls/keys/server.key')) &&
+ (! is_file('/mnt/kd/prosody/certs/server.crt') || ! is_file('/mnt/kd/prosody/certs/server.key'))) {
putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="2">');
- putHtml('<strong>Missing SIP-TLS Server Certificate:</strong> <i>(Shared with XMPP)</i>');
+ putHtml('<strong>Missing Server Certificate!</strong>');
putHtml('</td></tr>');
+ putHtml('<tr class="dtrow1"><td style="text-align: center;" colspan="2">');
+ putHtml('How to Issue an ACME (Let\'s Encrypt) Certificate:'.includeTOPICinfo('ACME-Certificate'));
+ putHtml('</td></tr>');
putHtml('<tr class="dtrow1"><td style="text-align: right;">');
- putHtml('Create SIP-TLS<br />Server Certificate:');
+ putHtml('Non-ACME SIP-TLS<br />Server Certificate:');
putHtml('</td><td style="text-align: left;">');
- putHtml('<input type="submit" value="SIP-TLS Certificate" name="submit_sip_tls" class="button" />');
+ putHtml('<input type="submit" value="Self-Signed SIP-TLS Cert" name="submit_self_signed_sip_tls" class="button" />');
putHtml('</td></tr>');
}
putHtml('<tr class="dtrow0"><td class="dialogText" style="text-align: left;" colspan="2">');
Modified: branches/1.0/package/webinterface/altweb/common/topics.info
===================================================================
--- branches/1.0/package/webinterface/altweb/common/topics.info 2017-07-12 16:54:49 UTC (rev 8436)
+++ branches/1.0/package/webinterface/altweb/common/topics.info 2017-07-13 20:34:42 UTC (rev 8437)
@@ -448,3 +448,150 @@
Options:
hex_revision_num revert given FILE back to given REVISION
+[[ACME-Certificate]]
+
+---------------------------------
+ACME (Let's Encrypt) Certificates
+---------------------------------
+AstLinux uses the "acme-client" command as a front-end to the core acme.sh script provided by the https://github.com/Neilpang/acme.sh project.
+
+The acme-client command limits issued certificates to only use DNS challenge validation, as such you need a supported DNS provider, of which there are well over 20 as of this writing.
+
+The Command Line Interface (CLI) must be used to initially issue and deploy ACME certificates.
+
+
+------------------
+ACME Configuration
+------------------
+Use the web interface "Network tab -> ACME (Let's Encrypt) Certificate:" section to define which services will be deployed ACME certificates.
+
+The "ACME Account Email Address" registration email address is used for expiry notifications, while optional it seems like a good idea to specify.
+
+In order to apply web interface settings changes, use the CLI command:
+
+CLI> gen-rc-conf
+
+
+--------------------
+Issuing Certificates
+--------------------
+This example on host pbx4 uses the acme-client command, the core acme.sh version can be obtained by issuing:
+
+CLI> acme-client --version
+https://github.com/Neilpang/acme.sh
+v2.7.2
+
+Only DNS challenge validation is supported within AstLinux, as such you need a supported DNS provider, in this example we are using Cloudflare. We need to export the CF_Key and CF_Email variables, adjust to match your credentials ...
+
+CLI> export CF_Key="sdfdxxxxxxxosdfgje"
+CLI> export CF_Email="em...@ex..."
+
+Other DNS providers require different exported variables, see the acme.sh documentation for the details.
+
+Now for the fundamental CLI command, where we issue a new certificate for the single domain "pbx4.example.org" ...
+
+CLI> acme-client --issue --dns dns_cf -d pbx4.example.org
+[Sat Jul 1 10:08:04 CDT 2017] Registering account
+[Sat Jul 1 10:08:06 CDT 2017] Registered
+[Sat Jul 1 10:08:06 CDT 2017] Update success.
+[Sat Jul 1 10:08:06 CDT 2017] ACCOUNT_THUMBPRINT='...'
+[Sat Jul 1 10:08:06 CDT 2017] Creating domain key
+[Sat Jul 1 10:08:07 CDT 2017] The domain key is here: /mnt/kd/acme/pbx4.example.org/pbx4.example.org.key
+[Sat Jul 1 10:08:07 CDT 2017] Single domain='pbx4.example.org'
+[Sat Jul 1 10:08:07 CDT 2017] Getting domain auth token for each domain
+[Sat Jul 1 10:08:07 CDT 2017] Getting webroot for domain='pbx4.example.org'
+[Sat Jul 1 10:08:07 CDT 2017] Getting new-authz for domain='pbx4.example.org'
+[Sat Jul 1 10:08:07 CDT 2017] The new-authz request is ok.
+[Sat Jul 1 10:08:08 CDT 2017] Found domain api file: /stat/etc/acme/dnsapi/dns_cf.sh
+[Sat Jul 1 10:08:09 CDT 2017] Adding record
+[Sat Jul 1 10:08:09 CDT 2017] Added, OK
+[Sat Jul 1 10:08:09 CDT 2017] Sleep 120 seconds for the txt records to take effect
+
+[Sat Jul 1 10:10:11 CDT 2017] Verifying:pbx4.example.org
+[Sat Jul 1 10:10:14 CDT 2017] Success
+[Sat Jul 1 10:10:16 CDT 2017] Verify finished, start to sign.
+[Sat Jul 1 10:10:16 CDT 2017] Cert success.
+-----BEGIN CERTIFICATE-----
+... snip ...
+-----END CERTIFICATE-----
+[Sat Jul 1 10:10:16 CDT 2017] Your cert is in /mnt/kd/acme/pbx4.example.org/pbx4.example.org.cer
+[Sat Jul 1 10:10:16 CDT 2017] Your cert key is in /mnt/kd/acme/pbx4.example.org/pbx4.example.org.key
+[Sat Jul 1 10:10:17 CDT 2017] The intermediate CA cert is in /mnt/kd/acme/pbx4.example.org/ca.cer
+[Sat Jul 1 10:10:17 CDT 2017] And the full chain certs is there: /mnt/kd/acme/pbx4.example.org/fullchain.cer
+
+After the certificates are issued, they need to be deployed to the various services that can utilize them.
+In this example only "HTTPS Server" is checked after "ACME Deploy Service:" in the web interface.
+
+CLI> acme-client --deploy --deploy-hook astlinux -d pbx4.example.org
+Stopping lighttpd...
+Starting lighttpd...
+acme-client: New ACME certificates deployed for HTTPS and 'lighttpd' restarted
+[Sat Jul 1 10:14:10 CDT 2017] Success
+
+While not required, it is a good idea to unset the exported variables above that contain the DNS challenge validation credentials.
+
+CLI> unset CF_Key
+CLI> unset CF_Email
+
+NOTE: The DNS challenge validation credentials remain stored in the /mnt/kd/acme/account.conf file so auto-renewals can be performed via cron.
+
+
+--------------------------
+Auto-Renewing Certificates
+--------------------------
+Let's Encrypt certificates are only valid for 90 days, renewable after 60 days from the issue date. As such it is important to automate the process of renewing the certificate, this can be done by installing a cron entry using the command:
+
+CLI> acme-client --install-cronjob
+acme-client: Successfully added cron entry.
+
+
+----------------------------
+Multiple Domain Certificates
+----------------------------
+In the example above only one domain pbx4.example.org was specified. Let's Encrypt allows multiple domains to be specified with valid "Subject Alternative Name" entries in a single certificate. This assumes the DNS A and/or AAAA and/or SRV record of each domain points to the server with the issued certificate.
+
+As an additional example let's say both example.org and subdomain pbx4.example.org are valid DNS entries you want to include in the "Subject Alternative Name" of the issued certificate.
+
+Proceed as above, but simply include -d example.org when issuing the certificate, (specify the more general domain first) ...
+
+CLI> acme-client --issue --dns dns_cf -d example.org -d pbx4.example.org
+
+Likewise, when deploying the certificate, though you only need to specify the first -d example.org domain ...
+
+CLI> acme-client --deploy --deploy-hook astlinux -d example.org
+
+
+-----------------------
+Additional CLI Commands
+-----------------------
+Some additional commands that may be useful to know ...
+
+List the issued certificate(s):
+
+CLI> acme-client --list
+
+Revoke an issued certificate by domain:
+
+CLI> acme-client --revoke -d pbx4.example.org
+
+Remove a certificate by domain:
+
+CLI> acme-client --remove -d pbx4.example.org
+
+
+----------------
+Advanced Options
+----------------
+For advanced users there may be situations where it would be useful to add special options for every occurrence of the acme-client command. Increasing the log-level and defining a log file would be one such example.
+
+The /mnt/kd/acme/account.opts file does not exist by default, and needs to be manually created to enable this feature.
+
+Example /mnt/kd/acme/account.opts file with persistent options added by acme-client to the acme.sh script:
+-- /mnt/kd/acme/account.opts --
+## acme.sh options
+
+log-level 3
+log /var/log/acme-client.log
+--
+
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-12 16:54:52
|
Revision: 8436
http://sourceforge.net/p/astlinux/code/8436
Author: abelbeck
Date: 2017-07-12 16:54:49 +0000 (Wed, 12 Jul 2017)
Log Message:
-----------
prosody, init.d script tweak to allow a pre-existing /mnt/kd/prosody/certs to still create /mnt/kd/prosody/data if missing
Modified Paths:
--------------
branches/1.0/package/prosody/prosody.init
Modified: branches/1.0/package/prosody/prosody.init
===================================================================
--- branches/1.0/package/prosody/prosody.init 2017-07-12 14:42:51 UTC (rev 8435)
+++ branches/1.0/package/prosody/prosody.init 2017-07-12 16:54:49 UTC (rev 8436)
@@ -196,10 +196,9 @@
exit
fi
- if [ ! -d /mnt/kd/prosody ]; then
- mkdir /mnt/kd/prosody
- mkdir /mnt/kd/prosody/data
- mkdir /mnt/kd/prosody/certs
+ if [ ! -d /mnt/kd/prosody/data ]; then
+ mkdir -p /mnt/kd/prosody/data
+ mkdir -p /mnt/kd/prosody/certs
find /mnt/kd/prosody -print0 | xargs -0 chown prosody:prosody
chmod 750 /mnt/kd/prosody/data
fi
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-12 14:42:54
|
Revision: 8435
http://sourceforge.net/p/astlinux/code/8435
Author: abelbeck
Date: 2017-07-12 14:42:51 +0000 (Wed, 12 Jul 2017)
Log Message:
-----------
acme, add 'slapd' service type to ACME_SERVICE for LDAP SSL support
Modified Paths:
--------------
branches/1.0/package/acme/deploy/astlinux.sh
branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
Modified: branches/1.0/package/acme/deploy/astlinux.sh
===================================================================
--- branches/1.0/package/acme/deploy/astlinux.sh 2017-07-10 21:29:00 UTC (rev 8434)
+++ branches/1.0/package/acme/deploy/astlinux.sh 2017-07-12 14:42:51 UTC (rev 8435)
@@ -55,7 +55,7 @@
fi
sleep 1
service lighttpd init
- logger -s -t acme-client "New ACME certificates deployed for HTTPS and Lighttpd restarted"
+ logger -s -t acme-client "New ACME certificates deployed for HTTPS and 'lighttpd' restarted"
fi
fi
@@ -69,7 +69,7 @@
cat "$_ckey" > /mnt/kd/ssl/sip-tls/keys/server.key
chmod 600 /mnt/kd/ssl/sip-tls/keys/server.key
asterisk -rx "core restart when convenient" >/dev/null 2>&1 &
- logger -s -t acme-client "New ACME certificates deployed for SIP-TLS and Asterisk restart when convenient requested"
+ logger -s -t acme-client "New ACME certificates deployed for SIP-TLS and 'asterisk' restart when convenient requested"
fi
if astlinux_is_acme_service prosody; then
@@ -86,8 +86,25 @@
chown prosody:prosody /mnt/kd/prosody/certs/server.key
sleep 1
service prosody init
- logger -s -t acme-client "New ACME certificates deployed for XMPP and Prosody restarted"
+ logger -s -t acme-client "New ACME certificates deployed for XMPP and 'prosody' restarted"
fi
+ if astlinux_is_acme_service slapd; then
+ service slapd stop
+ mkdir -p /mnt/kd/ldap/certs
+ if [ -f "$_cfullchain" ]; then
+ cat "$_cfullchain" > /mnt/kd/ldap/certs/server.crt
+ else
+ cat "$_ccert" > /mnt/kd/ldap/certs/server.crt
+ fi
+ cat "$_ckey" > /mnt/kd/ldap/certs/server.key
+ chmod 600 /mnt/kd/ldap/certs/server.key
+ chown ldap:ldap /mnt/kd/ldap/certs/server.crt
+ chown ldap:ldap /mnt/kd/ldap/certs/server.key
+ sleep 1
+ service slapd init
+ logger -s -t acme-client "New ACME certificates deployed for LDAP and 'slapd' restarted"
+ fi
+
return 0
}
Modified: branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2017-07-10 21:29:00 UTC (rev 8434)
+++ branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2017-07-12 14:42:51 UTC (rev 8435)
@@ -1061,7 +1061,7 @@
## For use with "Let's Encrypt" using the "acme-client" command.
## Note: Only DNS challenge validation is supported within AstLinux.
##
-## Deploy service types: lighttpd, asterisk and prosody
+## Deploy service types: lighttpd, asterisk, prosody and slapd
#ACME_SERVICE="lighttpd" # space separated list of deploy service types
## Registration email address, used for expiry notifications (optional)
#ACME_ACCOUNT_EMAIL="ac...@my..."
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-10 21:29:03
|
Revision: 8434
http://sourceforge.net/p/astlinux/code/8434
Author: abelbeck
Date: 2017-07-10 21:29:00 +0000 (Mon, 10 Jul 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-07-10 21:24:57 UTC (rev 8433)
+++ branches/1.0/docs/ChangeLog.txt 2017-07-10 21:29:00 UTC (rev 8434)
@@ -116,6 +116,8 @@
-- wide-dhcpv6, by default generate a syslog and reload the "net-prefix-translation" plugin (if enabled)
on a prefix change. The optional script '/mnt/kd/dhcp6c.script' can add additional actions.
+-- ddclient, configuration update of 'pairNIC' to 'pairDomains'
+
** Asterisk
-- Asterisk 11.25.1 (no change) and 13.16.0 (version bump)
@@ -124,7 +126,7 @@
-- pjsip 2.6 (no change)
--- FOP2, available version bump to 2.31.10.
+-- FOP2, available version bump to 2.31.11.
Note: If you have a license, you may need to purchase an "Annual Software Maintenance" license if you upgrade.
More info: http://doc.astlinux-project.org/userdoc:tt_asterisk-fop2-upgrade
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-10 21:25:00
|
Revision: 8433
http://sourceforge.net/p/astlinux/code/8433
Author: abelbeck
Date: 2017-07-10 21:24:57 +0000 (Mon, 10 Jul 2017)
Log Message:
-----------
asterisk-fop2, version bump to 2.31.11
Modified Paths:
--------------
branches/1.0/package/asterisk-fop2/asterisk-fop2.mk
branches/1.0/project/astlinux/target_skeleton/usr/sbin/upgrade-package
Modified: branches/1.0/package/asterisk-fop2/asterisk-fop2.mk
===================================================================
--- branches/1.0/package/asterisk-fop2/asterisk-fop2.mk 2017-07-10 21:01:07 UTC (rev 8432)
+++ branches/1.0/package/asterisk-fop2/asterisk-fop2.mk 2017-07-10 21:24:57 UTC (rev 8433)
@@ -3,7 +3,7 @@
# asterisk-fop2
#
#############################################################
-ASTERISK_FOP2_VERSION = 2.31.10
+ASTERISK_FOP2_VERSION = 2.31.11
ASTERISK_FOP2_SOURCE = fop2-$(ASTERISK_FOP2_VERSION)-debian-i386.tgz
ASTERISK_FOP2_SITE = http://download2.fop2.com
# Note: be sure to edit "project/astlinux/target_skeleton/usr/sbin/upgrade-package" on version change
Modified: branches/1.0/project/astlinux/target_skeleton/usr/sbin/upgrade-package
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/usr/sbin/upgrade-package 2017-07-10 21:01:07 UTC (rev 8432)
+++ branches/1.0/project/astlinux/target_skeleton/usr/sbin/upgrade-package 2017-07-10 21:24:57 UTC (rev 8433)
@@ -248,7 +248,7 @@
if ! RAM_needed_MB 475; then
finish $RED "Not enough RAM installed. Minimum: 512 MB, Recommended: 1024+ MB"
fi
- SRC_URL="https://files.astlinux-project.org/fop2-2.31.10-debian-$(uname -m | sed -e 's/i.86/i386/').tgz"
+ SRC_URL="https://files.astlinux-project.org/fop2-2.31.11-debian-$(uname -m | sed -e 's/i.86/i386/').tgz"
;;
show)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-10 21:01:10
|
Revision: 8432
http://sourceforge.net/p/astlinux/code/8432
Author: abelbeck
Date: 2017-07-10 21:01:07 +0000 (Mon, 10 Jul 2017)
Log Message:
-----------
ddclient, update 'pairNIC' to 'pairDomains', keep using 'de...@pa...' to be backward compatible
Ref: https://www.pairdomains.com/kb/posts/336
Modified Paths:
--------------
branches/1.0/package/ddclient/ddclient.conf
branches/1.0/package/ddclient/dynamicdns.init
branches/1.0/package/webinterface/altweb/admin/network.php
Modified: branches/1.0/package/ddclient/ddclient.conf
===================================================================
--- branches/1.0/package/ddclient/ddclient.conf 2017-07-07 18:14:21 UTC (rev 8431)
+++ branches/1.0/package/ddclient/ddclient.conf 2017-07-10 21:01:07 UTC (rev 8432)
@@ -59,14 +59,14 @@
#@dnsomatic@>login=@DDUSER@
#@dnsomatic@>password=@DDPASS@
#@dnsomatic@>@DDHOST@
-#@pairnic@>
-#@pairnic@>## pairNIC
-#@pairnic@>ssl=yes
-#@pairnic@>server=dynamic.pairnic.com
-#@pairnic@>protocol=dyndns2
-#@pairnic@>login=@DDUSER@
-#@pairnic@>password=@DDPASS@
-#@pairnic@>@DDHOST@
+#@pairdomains@>
+#@pairdomains@>## pairDomains
+#@pairdomains@>ssl=yes
+#@pairdomains@>server=dynamic.pairdomains.com
+#@pairdomains@>protocol=dyndns2
+#@pairdomains@>login=pairdomains
+#@pairdomains@>password=@DDPASS@
+#@pairdomains@>@DDHOST@
#@nsupdate-ipv4@>
#@nsupdate-ipv4@>## nsupdate.info
#@nsupdate-ipv4@>ssl=yes
Modified: branches/1.0/package/ddclient/dynamicdns.init
===================================================================
--- branches/1.0/package/ddclient/dynamicdns.init 2017-07-07 18:14:21 UTC (rev 8431)
+++ branches/1.0/package/ddclient/dynamicdns.init 2017-07-10 21:01:07 UTC (rev 8432)
@@ -59,7 +59,7 @@
'de...@no...') service="no-ip" ;;
'de...@fr...') service="freedns" ;;
'de...@dn...') service="dnsomatic" ;;
- 'de...@pa...') service="pairnic" ;;
+ 'de...@pa...') service="pairdomains" ;;
'de...@ns...') service="nsupdate-ipv4" ;;
*) service="$(echo "$DDSERVICE" | tr -d '^$*[]|"')" ;; # sanitize for sed regex
esac
Modified: branches/1.0/package/webinterface/altweb/admin/network.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/network.php 2017-07-07 18:14:21 UTC (rev 8431)
+++ branches/1.0/package/webinterface/altweb/admin/network.php 2017-07-10 21:01:07 UTC (rev 8432)
@@ -103,7 +103,7 @@
'NameCheap' => 'namecheap',
'No-IP' => 'de...@no...',
'nsupdate.info' => 'de...@ns...',
- 'pairNIC' => 'de...@pa...',
+ 'pairDomains' => 'de...@pa...',
'ZoneEdit' => 'de...@zo...'
);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-07 18:14:24
|
Revision: 8431
http://sourceforge.net/p/astlinux/code/8431
Author: abelbeck
Date: 2017-07-07 18:14:21 +0000 (Fri, 07 Jul 2017)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2017-07-07 18:09:16 UTC (rev 8430)
+++ branches/1.0/docs/ChangeLog.txt 2017-07-07 18:14:21 UTC (rev 8431)
@@ -44,6 +44,8 @@
-- core system, mount /dev/shm on tmpfs to support POSIX named semaphores (DAHDI uses them).
+-- php, version bump to 5.6.31, security fixes.
+
-- libsodium, version bump to 1.0.12
-- sqlite, version bump to 3.19.3
@@ -52,6 +54,8 @@
-- expat, version bump to 2.2.1, security fixes: CVE-2016-9063, CVE-2017-9233
+-- pcre, version bump to 8.41
+
-- sudo, version bump to 1.8.20p2, security fix: CVE-2017-1000367
-- Monit, version bump to 5.23.0
@@ -62,8 +66,10 @@
-- logrotate, version bump to 3.12.3
--- strace, version bump to 4.17
+-- pciutils, version bump to 3.5.5
+-- strace, version bump to 4.18
+
-- jansson, version bump to 2.10 (Asterisk 13)
-- acme-client, new command to generate Let's Encrypt certificates using the ACME protocol.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-07 18:09:18
|
Revision: 8430
http://sourceforge.net/p/astlinux/code/8430
Author: abelbeck
Date: 2017-07-07 18:09:16 +0000 (Fri, 07 Jul 2017)
Log Message:
-----------
php, version bump to 5.6.31, security fixes
Modified Paths:
--------------
branches/1.0/package/php/php.mk
Modified: branches/1.0/package/php/php.mk
===================================================================
--- branches/1.0/package/php/php.mk 2017-07-07 17:58:25 UTC (rev 8429)
+++ branches/1.0/package/php/php.mk 2017-07-07 18:09:16 UTC (rev 8430)
@@ -4,7 +4,7 @@
#
#############################################################
-PHP_VERSION = 5.6.30
+PHP_VERSION = 5.6.31
PHP_SITE = http://www.php.net/distributions
PHP_SOURCE = php-$(PHP_VERSION).tar.xz
PHP_INSTALL_STAGING = YES
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-07 17:58:27
|
Revision: 8429
http://sourceforge.net/p/astlinux/code/8429
Author: abelbeck
Date: 2017-07-07 17:58:25 +0000 (Fri, 07 Jul 2017)
Log Message:
-----------
pcre, version bump to 8.41
Modified Paths:
--------------
branches/1.0/package/pcre/pcre.mk
Removed Paths:
-------------
branches/1.0/package/pcre/pcre-0003-CVE-2017-6004.patch
branches/1.0/package/pcre/pcre-0004-CVE-2017-7186.patch
Deleted: branches/1.0/package/pcre/pcre-0003-CVE-2017-6004.patch
===================================================================
--- branches/1.0/package/pcre/pcre-0003-CVE-2017-6004.patch 2017-07-07 17:43:50 UTC (rev 8428)
+++ branches/1.0/package/pcre/pcre-0003-CVE-2017-6004.patch 2017-07-07 17:58:25 UTC (rev 8429)
@@ -1,21 +0,0 @@
-Description: CVE-2017-6004: crafted regular expression may cause denial of service
-Origin: upstream, https://vcs.pcre.org/pcre/code/trunk/pcre_jit_compile.c?r1=1676&r2=1680&view=patch
-Bug: https://bugs.exim.org/show_bug.cgi?id=2035
-Bug-Debian: https://bugs.debian.org/855405
-Forwarded: not-needed
-Author: Salvatore Bonaccorso <ca...@de...>
-Last-Update: 2017-02-17
-
-Signed-off-by: Baruch Siach <ba...@tk...>
-
---- a/pcre_jit_compile.c
-+++ b/pcre_jit_compile.c
-@@ -8111,7 +8111,7 @@ if (opcode == OP_COND || opcode == OP_SC
-
- if (*matchingpath == OP_FAIL)
- stacksize = 0;
-- if (*matchingpath == OP_RREF)
-+ else if (*matchingpath == OP_RREF)
- {
- stacksize = GET2(matchingpath, 1);
- if (common->currententry == NULL)
Deleted: branches/1.0/package/pcre/pcre-0004-CVE-2017-7186.patch
===================================================================
--- branches/1.0/package/pcre/pcre-0004-CVE-2017-7186.patch 2017-07-07 17:43:50 UTC (rev 8428)
+++ branches/1.0/package/pcre/pcre-0004-CVE-2017-7186.patch 2017-07-07 17:58:25 UTC (rev 8429)
@@ -1,60 +0,0 @@
-Description: Upstream fix for CVE-2017-7186 (Upstream rev 1688)
- Fix Unicode property crash for 32-bit characters greater than 0x10ffff.
-Author: Matthew Vernon <ma...@de...>
-X-Dgit-Generated: 2:8.39-3 c4c2c7c4f74d53b263af2471d8e11db88096bd13
-
-Signed-off-by: Baruch Siach <ba...@tk...>
----
-
---- pcre3-8.39.orig/pcre_internal.h
-+++ pcre3-8.39/pcre_internal.h
-@@ -2772,6 +2772,9 @@ extern const pcre_uint8 PRIV(ucd_stage1
- extern const pcre_uint16 PRIV(ucd_stage2)[];
- extern const pcre_uint32 PRIV(ucp_gentype)[];
- extern const pcre_uint32 PRIV(ucp_gbtable)[];
-+#ifdef COMPILE_PCRE32
-+extern const ucd_record PRIV(dummy_ucd_record)[];
-+#endif
- #ifdef SUPPORT_JIT
- extern const int PRIV(ucp_typerange)[];
- #endif
-@@ -2780,9 +2783,15 @@ extern const int PRIV(ucp_typera
- /* UCD access macros */
-
- #define UCD_BLOCK_SIZE 128
--#define GET_UCD(ch) (PRIV(ucd_records) + \
-+#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \
- PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \
- UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE])
-+
-+#ifdef COMPILE_PCRE32
-+#define GET_UCD(ch) ((ch > 0x10ffff)? PRIV(dummy_ucd_record) : REAL_GET_UCD(ch))
-+#else
-+#define GET_UCD(ch) REAL_GET_UCD(ch)
-+#endif
-
- #define UCD_CHARTYPE(ch) GET_UCD(ch)->chartype
- #define UCD_SCRIPT(ch) GET_UCD(ch)->script
---- pcre3-8.39.orig/pcre_ucd.c
-+++ pcre3-8.39/pcre_ucd.c
-@@ -38,6 +38,20 @@ const pcre_uint16 PRIV(ucd_stage2)[] = {
- const pcre_uint32 PRIV(ucd_caseless_sets)[] = {0};
- #else
-
-+/* If the 32-bit library is run in non-32-bit mode, character values
-+greater than 0x10ffff may be encountered. For these we set up a
-+special record. */
-+
-+#ifdef COMPILE_PCRE32
-+const ucd_record PRIV(dummy_ucd_record)[] = {{
-+ ucp_Common, /* script */
-+ ucp_Cn, /* type unassigned */
-+ ucp_gbOther, /* grapheme break property */
-+ 0, /* case set */
-+ 0, /* other case */
-+ }};
-+#endif
-+
- /* When recompiling tables with a new Unicode version, please check the
- types in this structure definition from pcre_internal.h (the actual
- field names will be different):
Modified: branches/1.0/package/pcre/pcre.mk
===================================================================
--- branches/1.0/package/pcre/pcre.mk 2017-07-07 17:43:50 UTC (rev 8428)
+++ branches/1.0/package/pcre/pcre.mk 2017-07-07 17:58:25 UTC (rev 8429)
@@ -4,7 +4,7 @@
#
#############################################################
-PCRE_VERSION = 8.40
+PCRE_VERSION = 8.41
PCRE_SITE = https://downloads.sourceforge.net/project/pcre/pcre/$(PCRE_VERSION)
PCRE_SOURCE = pcre-$(PCRE_VERSION).tar.bz2
PCRE_INSTALL_STAGING = YES
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-07-07 17:43:53
|
Revision: 8428
http://sourceforge.net/p/astlinux/code/8428
Author: abelbeck
Date: 2017-07-07 17:43:50 +0000 (Fri, 07 Jul 2017)
Log Message:
-----------
strace, version bump to 4.18
Modified Paths:
--------------
branches/1.0/package/strace/strace.mk
Modified: branches/1.0/package/strace/strace.mk
===================================================================
--- branches/1.0/package/strace/strace.mk 2017-07-07 17:35:41 UTC (rev 8427)
+++ branches/1.0/package/strace/strace.mk 2017-07-07 17:43:50 UTC (rev 8428)
@@ -4,7 +4,7 @@
#
#############################################################
-STRACE_VERSION = 4.17
+STRACE_VERSION = 4.18
STRACE_SOURCE = strace-$(STRACE_VERSION).tar.xz
STRACE_SITE = http://downloads.sourceforge.net/project/strace/strace/$(STRACE_VERSION)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
1 message has been excluded from this view by a project administrator.
