Menu
▾
▴
astlinux-commits — Commits to the AstLinux SVN repository
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(6) |
Jul
(14) |
Aug
(156) |
Sep
(35) |
Oct
(48) |
Nov
(55) |
Dec
(16) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(24) |
Feb
(154) |
Mar
(139) |
Apr
(175) |
May
(87) |
Jun
(34) |
Jul
(42) |
Aug
(68) |
Sep
(41) |
Oct
(76) |
Nov
(77) |
Dec
(50) |
| 2008 |
Jan
(98) |
Feb
(43) |
Mar
(102) |
Apr
(27) |
May
(55) |
Jun
(13) |
Jul
(58) |
Aug
(62) |
Sep
(61) |
Oct
(43) |
Nov
(87) |
Dec
(134) |
| 2009 |
Jan
(175) |
Feb
(106) |
Mar
(58) |
Apr
(41) |
May
(74) |
Jun
(123) |
Jul
(252) |
Aug
(192) |
Sep
(69) |
Oct
(38) |
Nov
(117) |
Dec
(95) |
| 2010 |
Jan
(146) |
Feb
(76) |
Mar
(90) |
Apr
(60) |
May
(23) |
Jun
(19) |
Jul
(208) |
Aug
(140) |
Sep
(103) |
Oct
(114) |
Nov
(50) |
Dec
(47) |
| 2011 |
Jan
(59) |
Feb
(47) |
Mar
(61) |
Apr
(58) |
May
(41) |
Jun
(11) |
Jul
(17) |
Aug
(49) |
Sep
(34) |
Oct
(166) |
Nov
(38) |
Dec
(70) |
| 2012 |
Jan
(87) |
Feb
(37) |
Mar
(28) |
Apr
(25) |
May
(29) |
Jun
(30) |
Jul
(43) |
Aug
(27) |
Sep
(46) |
Oct
(27) |
Nov
(51) |
Dec
(70) |
| 2013 |
Jan
(92) |
Feb
(34) |
Mar
(58) |
Apr
(37) |
May
(46) |
Jun
(9) |
Jul
(38) |
Aug
(22) |
Sep
(28) |
Oct
(42) |
Nov
(44) |
Dec
(34) |
| 2014 |
Jan
(63) |
Feb
(39) |
Mar
(48) |
Apr
(31) |
May
(21) |
Jun
(43) |
Jul
(36) |
Aug
(69) |
Sep
(53) |
Oct
(56) |
Nov
(46) |
Dec
(49) |
| 2015 |
Jan
(63) |
Feb
(35) |
Mar
(30) |
Apr
(38) |
May
(27) |
Jun
(42) |
Jul
(42) |
Aug
(63) |
Sep
(18) |
Oct
(45) |
Nov
(65) |
Dec
(71) |
| 2016 |
Jan
(54) |
Feb
(79) |
Mar
(59) |
Apr
(38) |
May
(32) |
Jun
(46) |
Jul
(42) |
Aug
(30) |
Sep
(58) |
Oct
(33) |
Nov
(98) |
Dec
(59) |
| 2017 |
Jan
(79) |
Feb
(12) |
Mar
(43) |
Apr
(32) |
May
(76) |
Jun
(59) |
Jul
(44) |
Aug
(14) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <abe...@us...> - 2016-02-19 17:02:47
|
Revision: 7545
http://sourceforge.net/p/astlinux/code/7545
Author: abelbeck
Date: 2016-02-19 17:02:45 +0000 (Fri, 19 Feb 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-02-19 16:55:22 UTC (rev 7544)
+++ branches/1.0/docs/ChangeLog.txt 2016-02-19 17:02:45 UTC (rev 7545)
@@ -16,6 +16,8 @@
-- php, version bump to 5.5.32, bug and security fixes
+-- htop, new command is an interactive process viewer, aka a better 'top'
+
-- Monit, version bump to 5.16
-- libsrtp, version bump to 1.5.4
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-19 16:55:24
|
Revision: 7544
http://sourceforge.net/p/astlinux/code/7544
Author: abelbeck
Date: 2016-02-19 16:55:22 +0000 (Fri, 19 Feb 2016)
Log Message:
-----------
htop, enable for standard builds
Modified Paths:
--------------
branches/1.0/astlinux-ast11.config
branches/1.0/astlinux-ast13.config
branches/1.0/astlinux18.config
branches/1.0/project/astlinux/target_skeleton/etc/profile
branches/1.0/x86_64-configs/astlinux-ast11.config
branches/1.0/x86_64-configs/astlinux-ast13.config
branches/1.0/x86_64-configs/astlinux18.config
Modified: branches/1.0/astlinux-ast11.config
===================================================================
--- branches/1.0/astlinux-ast11.config 2016-02-19 01:11:46 UTC (rev 7543)
+++ branches/1.0/astlinux-ast11.config 2016-02-19 16:55:22 UTC (rev 7544)
@@ -830,7 +830,7 @@
#
# BR2_PACKAGE_ACL is not set
# BR2_PACKAGE_ATTR is not set
-# BR2_PACKAGE_HTOP is not set
+BR2_PACKAGE_HTOP=y
BR2_PACKAGE_MODULE_INIT_TOOLS=y
BR2_PACKAGE_UTIL_LINUX=y
# BR2_PACKAGE_UTIL_LINUX_MOUNT is not set
Modified: branches/1.0/astlinux-ast13.config
===================================================================
--- branches/1.0/astlinux-ast13.config 2016-02-19 01:11:46 UTC (rev 7543)
+++ branches/1.0/astlinux-ast13.config 2016-02-19 16:55:22 UTC (rev 7544)
@@ -830,7 +830,7 @@
#
# BR2_PACKAGE_ACL is not set
# BR2_PACKAGE_ATTR is not set
-# BR2_PACKAGE_HTOP is not set
+BR2_PACKAGE_HTOP=y
BR2_PACKAGE_MODULE_INIT_TOOLS=y
BR2_PACKAGE_UTIL_LINUX=y
# BR2_PACKAGE_UTIL_LINUX_MOUNT is not set
Modified: branches/1.0/astlinux18.config
===================================================================
--- branches/1.0/astlinux18.config 2016-02-19 01:11:46 UTC (rev 7543)
+++ branches/1.0/astlinux18.config 2016-02-19 16:55:22 UTC (rev 7544)
@@ -830,7 +830,7 @@
#
# BR2_PACKAGE_ACL is not set
# BR2_PACKAGE_ATTR is not set
-# BR2_PACKAGE_HTOP is not set
+BR2_PACKAGE_HTOP=y
BR2_PACKAGE_MODULE_INIT_TOOLS=y
BR2_PACKAGE_UTIL_LINUX=y
# BR2_PACKAGE_UTIL_LINUX_MOUNT is not set
Modified: branches/1.0/project/astlinux/target_skeleton/etc/profile
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/etc/profile 2016-02-19 01:11:46 UTC (rev 7543)
+++ branches/1.0/project/astlinux/target_skeleton/etc/profile 2016-02-19 16:55:22 UTC (rev 7544)
@@ -43,6 +43,11 @@
export FOSSIL_HOME="/mnt/kd/fossil"
fi
+# Set persistant htop settings
+if [ -d /mnt/kd/home ]; then
+ export HTOPRC="/mnt/kd/home/.htoprc"
+fi
+
# Set UTF-8 character type for vi
if [ -f /usr/lib/locale/.locale ]; then
alias vi="LC_CTYPE=$(cat /usr/lib/locale/.locale) vi"
Modified: branches/1.0/x86_64-configs/astlinux-ast11.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast11.config 2016-02-19 01:11:46 UTC (rev 7543)
+++ branches/1.0/x86_64-configs/astlinux-ast11.config 2016-02-19 16:55:22 UTC (rev 7544)
@@ -811,7 +811,7 @@
#
# BR2_PACKAGE_ACL is not set
# BR2_PACKAGE_ATTR is not set
-# BR2_PACKAGE_HTOP is not set
+BR2_PACKAGE_HTOP=y
BR2_PACKAGE_MODULE_INIT_TOOLS=y
BR2_PACKAGE_UTIL_LINUX=y
# BR2_PACKAGE_UTIL_LINUX_MOUNT is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast13.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast13.config 2016-02-19 01:11:46 UTC (rev 7543)
+++ branches/1.0/x86_64-configs/astlinux-ast13.config 2016-02-19 16:55:22 UTC (rev 7544)
@@ -811,7 +811,7 @@
#
# BR2_PACKAGE_ACL is not set
# BR2_PACKAGE_ATTR is not set
-# BR2_PACKAGE_HTOP is not set
+BR2_PACKAGE_HTOP=y
BR2_PACKAGE_MODULE_INIT_TOOLS=y
BR2_PACKAGE_UTIL_LINUX=y
# BR2_PACKAGE_UTIL_LINUX_MOUNT is not set
Modified: branches/1.0/x86_64-configs/astlinux18.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux18.config 2016-02-19 01:11:46 UTC (rev 7543)
+++ branches/1.0/x86_64-configs/astlinux18.config 2016-02-19 16:55:22 UTC (rev 7544)
@@ -811,7 +811,7 @@
#
# BR2_PACKAGE_ACL is not set
# BR2_PACKAGE_ATTR is not set
-# BR2_PACKAGE_HTOP is not set
+BR2_PACKAGE_HTOP=y
BR2_PACKAGE_MODULE_INIT_TOOLS=y
BR2_PACKAGE_UTIL_LINUX=y
# BR2_PACKAGE_UTIL_LINUX_MOUNT is not set
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-19 01:11:49
|
Revision: 7543
http://sourceforge.net/p/astlinux/code/7543
Author: abelbeck
Date: 2016-02-19 01:11:46 +0000 (Fri, 19 Feb 2016)
Log Message:
-----------
htop, version bump to 1.0.3, not enabled by default (yet)
Modified Paths:
--------------
branches/1.0/package/arp-scan/arp-scan.mk
branches/1.0/package/htop/Config.in
branches/1.0/package/htop/htop.mk
Removed Paths:
-------------
branches/1.0/package/htop/htop.patch
Modified: branches/1.0/package/arp-scan/arp-scan.mk
===================================================================
--- branches/1.0/package/arp-scan/arp-scan.mk 2016-02-18 23:31:57 UTC (rev 7542)
+++ branches/1.0/package/arp-scan/arp-scan.mk 2016-02-19 01:11:46 UTC (rev 7543)
@@ -3,6 +3,7 @@
# arp-scan
#
################################################################################
+
ARP_SCAN_VERSION = 1.9
ARP_SCAN_SOURCE = arp-scan-$(ARP_SCAN_VERSION).tar.gz
ARP_SCAN_SITE = https://github.com/royhills/arp-scan/releases/download/$(ARP_SCAN_VERSION)
Modified: branches/1.0/package/htop/Config.in
===================================================================
--- branches/1.0/package/htop/Config.in 2016-02-18 23:31:57 UTC (rev 7542)
+++ branches/1.0/package/htop/Config.in 2016-02-19 01:11:46 UTC (rev 7543)
@@ -5,4 +5,4 @@
htop is an interactive text-mode process viewer for Linux.
It aims to be a better top.
- http://htop.sf.net
+ http://hisham.hm/htop/
Modified: branches/1.0/package/htop/htop.mk
===================================================================
--- branches/1.0/package/htop/htop.mk 2016-02-18 23:31:57 UTC (rev 7542)
+++ branches/1.0/package/htop/htop.mk 2016-02-19 01:11:46 UTC (rev 7543)
@@ -4,10 +4,25 @@
#
#############################################################
-HTOP_VERSION = 0.9
+HTOP_VERSION = 1.0.3
HTOP_SOURCE = htop-$(HTOP_VERSION).tar.gz
-HTOP_SITE = http://$(BR2_SOURCEFORGE_MIRROR).dl.sourceforge.net/htop/$(HTOP_VERSION)
+HTOP_SITE = http://hisham.hm/htop/releases/$(HTOP_VERSION)
HTOP_DEPENDENCIES = ncurses
HTOP_AUTORECONF = YES
+HTOP_CONF_OPT = \
+ --disable-unicode
+
+HTOP_CONF_ENV = \
+ ac_cv_file__proc_stat=yes \
+ ac_cv_file__proc_meminfo=yes
+
+define HTOP_INSTALL_TARGET_CMDS
+ $(INSTALL) -D -m 0755 $(@D)/htop $(TARGET_DIR)/usr/bin/htop
+endef
+
+define HTOP_UNINSTALL_TARGET_CMDS
+ rm -f $(TARGET_DIR)/usr/bin/htop
+endef
+
$(eval $(call AUTOTARGETS,package,htop))
Deleted: branches/1.0/package/htop/htop.patch
===================================================================
--- branches/1.0/package/htop/htop.patch 2016-02-18 23:31:57 UTC (rev 7542)
+++ branches/1.0/package/htop/htop.patch 2016-02-19 01:11:46 UTC (rev 7543)
@@ -1,75 +0,0 @@
-# This patch removes the hard dependency on backtrace by checking for
-# it at compile time and adds a cross-compile /proc check.
-# Patch given to me by Hisham <his...@gm...> (htop-general)
-#
-# This patch is taken from upstream svn (r213, r215)
-#
-# Signed-off-by: Andy Kennedy <And...@ad...>
-diff -Naur a/CRT.c b/CRT.c
---- a/CRT.c 2010-11-23 09:56:32.000000000 -0600
-+++ b/CRT.c 2011-03-21 17:08:21.000000000 -0500
-@@ -11,7 +11,9 @@
- #include <signal.h>
- #include <stdlib.h>
- #include <stdbool.h>
-+#ifdef HAVE_EXECINFO_H
- #include <execinfo.h>
-+#endif
-
- #include "String.h"
-
-@@ -125,12 +127,14 @@
- CRT_done();
- #if __linux
- fprintf(stderr, "\n\nhtop " VERSION " aborting. Please report bug at http://htop.sf.net\n");
-- #else
-- fprintf(stderr, "\n\nhtop " VERSION " aborting. Unsupported platform.\n");
-- #endif
-+ #ifdef HAVE_EXECINFO_H
- size_t size = backtrace(backtraceArray, sizeof(backtraceArray));
- fprintf(stderr, "Backtrace: \n");
- backtrace_symbols_fd(backtraceArray, size, 2);
-+ #endif
-+ #else
-+ fprintf(stderr, "\n\nhtop " VERSION " aborting. Unsupported platform.\n");
-+ #endif
- abort();
- }
-
-diff -Naur a/CRT.h b/CRT.h
---- a/CRT.h 2010-11-23 09:56:32.000000000 -0600
-+++ b/CRT.h 2011-03-21 17:06:16.000000000 -0500
-@@ -14,7 +14,9 @@
- #include <signal.h>
- #include <stdlib.h>
- #include <stdbool.h>
-+#ifdef HAVE_EXECINFO_H
- #include <execinfo.h>
-+#endif
-
- #include "String.h"
-
-diff -Naur a/configure.ac b/configure.ac
---- a/configure.ac 2010-11-23 09:56:32.000000000 -0600
-+++ b/configure.ac 2011-03-21 17:06:16.000000000 -0500
-@@ -25,6 +25,7 @@
- AC_CHECK_HEADERS([stdlib.h string.h strings.h sys/param.h sys/time.h unistd.h curses.h],[:],[
- missing_headers="$missing_headers $ac_header"
- ])
-+AC_CHECK_HEADERS([execinfo.h],[:],[:])
-
- # Checks for typedefs, structures, and compiler characteristics.
- AC_HEADER_STDBOOL
-@@ -99,10 +100,10 @@
- AC_MSG_ERROR([missing headers: $missing_headers])
- fi
-
--
--
-+if test "$cross_compiling" = "no"; then
- AC_CHECK_FILE($PROCDIR/stat,,AC_MSG_ERROR(Cannot find /proc/stat. Make sure you have a Linux-compatible /proc filesystem mounted. See the file README for help.))
- AC_CHECK_FILE($PROCDIR/meminfo,,AC_MSG_ERROR(Cannot find /proc/meminfo. Make sure you have a Linux-compatible /proc filesystem mounted. See the file README for help.))
-+fi
-
- AC_ARG_ENABLE(plpa, [AC_HELP_STRING([--enable-plpa], [enable PLPA support for CPU affinity])], ,enable_plpa="yes")
- PLPA_INCLUDED
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-18 23:31:59
|
Revision: 7542
http://sourceforge.net/p/astlinux/code/7542
Author: abelbeck
Date: 2016-02-18 23:31:57 +0000 (Thu, 18 Feb 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-02-18 23:26:07 UTC (rev 7541)
+++ branches/1.0/docs/ChangeLog.txt 2016-02-18 23:31:57 UTC (rev 7542)
@@ -22,6 +22,8 @@
-- liburiparser, version bump to 0.8.4
+-- nano, version bump to 2.5.2
+
-- Time Zone Database update, tzdata2016a and php-timezonedb-2016.1
** Networking
@@ -48,6 +50,8 @@
-- wanpipe, version bump to 7.0.16
+-- bfdetect, version bump, CLI command that detects beroNet devices
+
** Web Interface
-- Network tab, remove 'inadyn' dynamic DNS client support, add a few more "DNS Service Type" entries.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-18 23:26:10
|
Revision: 7541
http://sourceforge.net/p/astlinux/code/7541
Author: abelbeck
Date: 2016-02-18 23:26:07 +0000 (Thu, 18 Feb 2016)
Log Message:
-----------
nano, version bump to 2.5.2
Modified Paths:
--------------
branches/1.0/package/nano/nano.mk
Modified: branches/1.0/package/nano/nano.mk
===================================================================
--- branches/1.0/package/nano/nano.mk 2016-02-18 23:12:38 UTC (rev 7540)
+++ branches/1.0/package/nano/nano.mk 2016-02-18 23:26:07 UTC (rev 7541)
@@ -4,7 +4,7 @@
#
#############################################################
-NANO_VERSION = 2.5.1
+NANO_VERSION = 2.5.2
NANO_SITE = http://www.nano-editor.org/dist/v2.5
NANO_MAKE_ENV = CURSES_LIB="-lncurses"
NANO_CONF_ENV = ac_cv_prog_NCURSESW_CONFIG=false
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-18 23:12:40
|
Revision: 7540
http://sourceforge.net/p/astlinux/code/7540
Author: abelbeck
Date: 2016-02-18 23:12:38 +0000 (Thu, 18 Feb 2016)
Log Message:
-----------
bfdetect, version bump to 'Version: 3.0'
Modified Paths:
--------------
branches/1.0/package/bfdetect/Config.in
branches/1.0/package/bfdetect/bfdetect.mk
branches/1.0/toolchain/file_exclude
Modified: branches/1.0/package/bfdetect/Config.in
===================================================================
--- branches/1.0/package/bfdetect/Config.in 2016-02-18 17:17:04 UTC (rev 7539)
+++ branches/1.0/package/bfdetect/Config.in 2016-02-18 23:12:38 UTC (rev 7540)
@@ -5,7 +5,5 @@
help
Simple app that detects a Beronet Berofix card
- See:
- http://www.beronet.com/content/view/95/28/lang,en/
- http://www.beronet.com/download/berofix/
+ http://wiki.beronet.com/index.php/Download
Modified: branches/1.0/package/bfdetect/bfdetect.mk
===================================================================
--- branches/1.0/package/bfdetect/bfdetect.mk 2016-02-18 17:17:04 UTC (rev 7539)
+++ branches/1.0/package/bfdetect/bfdetect.mk 2016-02-18 23:12:38 UTC (rev 7540)
@@ -3,30 +3,32 @@
# bfdetect
#
##############################################################
-BFDETECT_SOURCE:=bfdetect.tar.gz
-BFDETECT_SITE:=http://www.beronet.com/download/berofix/tools/
+BFDETECT_SOURCE:=bfdetect_src.tar.gz
+BFDETECT_SITE:=http://www.beronet.com/downloads/berofix/tools
BFDETECT_DIR := $(BUILD_DIR)/bfdetect
BFDETECT_CAT:=zcat
BFDETECT_BINARY := bfdetect
BFDETECT_TARGET_BINARY = usr/bin/$(BFDETECT_BINARY)
$(DL_DIR)/$(BFDETECT_SOURCE):
- $(WGET) -P $(DL_DIR) $(BFDETECT_SITE)/$(BFDETECT_SOURCE)
+ $(WGET) -P $(DL_DIR) $(BFDETECT_SITE)/$(BFDETECT_SOURCE)
$(BFDETECT_DIR)/.unpacked: $(DL_DIR)/$(BFDETECT_SOURCE)
- $(BFDETECT_CAT) $(DL_DIR)/$(BFDETECT_SOURCE) | tar -C $(BUILD_DIR) $(TAR_OPTIONS) -
+ mkdir -p $(BFDETECT_DIR)
+ $(BFDETECT_CAT) $(DL_DIR)/$(BFDETECT_SOURCE) | tar -C $(BFDETECT_DIR) $(TAR_OPTIONS) -
touch $(BFDETECT_DIR)/.unpacked
-
+
$(BFDETECT_DIR)/.configured: $(BFDETECT_DIR)/.unpacked
touch $(BFDETECT_DIR)/.configured
$(BFDETECT_DIR)/$(BFDETECT_BINARY): $(BFDETECT_DIR)/.configured
+ $(SED) 's/^[[:space:]]*strip /#strip /' $(BFDETECT_DIR)/Makefile
$(MAKE) CC=$(TARGET_CC) CFLAGS='$(TARGET_CFLAGS)' -C $(BFDETECT_DIR)
-
+
$(TARGET_DIR)/$(BFDETECT_TARGET_BINARY): $(BFDETECT_DIR)/$(BFDETECT_BINARY)
$(INSTALL) -D -m 0755 $(BFDETECT_DIR)/$(BFDETECT_BINARY) $(TARGET_DIR)/$(BFDETECT_TARGET_BINARY)
-
+
bfdetect: $(TARGET_DIR)/$(BFDETECT_TARGET_BINARY)
bfdetect-source: $(BFDETECT_DIR)/bfdetect.c
Modified: branches/1.0/toolchain/file_exclude
===================================================================
--- branches/1.0/toolchain/file_exclude 2016-02-18 17:17:04 UTC (rev 7539)
+++ branches/1.0/toolchain/file_exclude 2016-02-18 23:12:38 UTC (rev 7540)
@@ -2,6 +2,6 @@
nProbe-4.9.4.tar.gz
dialog.tar.gz
oui.txt
-bfdetect.tar.gz
+bfdetect_src.tar.gz
fop2-2.27-debian-i386.tgz
memtest86+-4.20.tar.gz
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-18 17:17:07
|
Revision: 7539
http://sourceforge.net/p/astlinux/code/7539
Author: abelbeck
Date: 2016-02-18 17:17:04 +0000 (Thu, 18 Feb 2016)
Log Message:
-----------
ddclient, use 'curl' for all network transactions, Thanks to David Kerr
Modified Paths:
--------------
branches/1.0/package/ddclient/ddclient-10-curl-ssl.patch
Modified: branches/1.0/package/ddclient/ddclient-10-curl-ssl.patch
===================================================================
--- branches/1.0/package/ddclient/ddclient-10-curl-ssl.patch 2016-02-17 18:52:14 UTC (rev 7538)
+++ branches/1.0/package/ddclient/ddclient-10-curl-ssl.patch 2016-02-18 17:17:04 UTC (rev 7539)
@@ -1,15 +1,15 @@
---- ddclient-3.8.3/ddclient.orig 2014-05-09 18:00:02.000000000 -0500
-+++ ddclient-3.8.3/ddclient 2014-05-09 18:00:51.000000000 -0500
+--- ddclient-3.8.3/ddclient.orig 2015-06-27 16:55:28.055154000 -0400
++++ ddclient-3.8.3/ddclient 2016-02-17 19:35:16.741410191 -0500
@@ -1916,7 +1916,7 @@
if ( $force_ssl || ($globals{'ssl'} and (caller(1))[3] ne 'main::get_ip') ) {
$use_ssl = 1;
$default_port = 443;
- load_ssl_support;
-+ #load_ssl_support;
++# load_ssl_support;
} else {
$use_ssl = 0;
$default_port = 80;
-@@ -1953,14 +1953,18 @@
+@@ -1953,58 +1953,32 @@
debug("skipped network connection");
verbose("SENDING:", "%s", $request);
} elsif ($use_ssl) {
@@ -21,7 +21,7 @@
- Timeout => opt('timeout'),
- );
- defined $sd or warning("cannot connect to $peer:$port socket: $@ " . IO::Socket::SSL::errstr());
-+ $0 = sprintf("%s - curl sending to %s port %s", $program, $peer, $port);
++ $0 = sprintf("%s - curl (SSL) sending to %s port %s", $program, $peer, $port);
+ my $timeout = opt('timeout');
+
+ $reply = <<`CURL_SSL`;
@@ -31,8 +31,64 @@
+CURL_SSL
+
+ if (! $reply) {
-+ warning("curl cannot connect to $peer:$port");
++ warning("curl (SSL) cannot connect to $peer:$port");
+ }
} else {
- $sd = IO::Socket::INET->new(
- PeerAddr => $peer,
+- $sd = IO::Socket::INET->new(
+- PeerAddr => $peer,
+- PeerPort => $port,
+- Proto => 'tcp',
+- MultiHomed => 1,
+- Timeout => opt('timeout'),
+- );
+- defined $sd or warning("cannot connect to $peer:$port socket: $@");
+- }
++ $0 = sprintf("%s - curl (non-SSL) sending to %s port %s", $program, $peer, $port);
++ my $timeout = opt('timeout');
+
+- if (defined $sd) {
+- ## send the request to the http server
+- verbose("CONNECTED: ", $use_ssl ? 'using SSL' : 'using HTTP');
+- verbose("SENDING:", "%s", $request);
+-
+- $0 = sprintf("%s - sending to %s port %s", $program, $peer, $port);
+- my $result = syswrite $sd, $rq;
+- if ($result != length($rq)) {
+- warning("cannot send to $peer:$port ($!).");
+- } else {
+- $0 = sprintf("%s - reading from %s port %s", $program, $peer, $port);
+- eval {
+- local $SIG{'ALRM'} = sub { die "timeout";};
+- alarm(opt('timeout')) if opt('timeout') > 0;
+- while ($_ = <$sd>) {
+- $0 = sprintf("%s - read from %s port %s", $program, $peer, $port);
+- verbose("RECEIVE:", "%s", define($_, "<undefined>"));
+- $reply .= $_ if defined $_;
+- }
+- if (opt('timeout') > 0) {
+- alarm(0);
+- }
+- };
+- close($sd);
+-
+- if ($@ and $@ =~ /timeout/) {
+- warning("TIMEOUT: %s after %s seconds", $to, opt('timeout'));
+- $reply = '';
+- }
+- $reply = '' if !defined $reply;
+- }
+- }
+- $0 = sprintf("%s - closed %s port %s", $program, $peer, $port);
++ $reply = <<`CURL`;
++/usr/bin/curl -si0 --user '${login}:${password}' --user-agent '${program}/${version}' \\
++ --connect-timeout $timeout --max-time $timeout \\
++ --url 'http://${server}/${url}' 2>/dev/null
++CURL
++
++ if (! $reply) {
++ warning("curl (non-SSL) cannot connect to $peer:$port");
++ }
++ }
+
+ ## during testing simulate reading the URL
+ if (opt('test')) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-17 18:52:16
|
Revision: 7538
http://sourceforge.net/p/astlinux/code/7538
Author: abelbeck
Date: 2016-02-17 18:52:14 +0000 (Wed, 17 Feb 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-02-17 18:49:08 UTC (rev 7537)
+++ branches/1.0/docs/ChangeLog.txt 2016-02-17 18:52:14 UTC (rev 7538)
@@ -12,6 +12,8 @@
** System
+-- eglibc 2.18 (patched), security fixes: CVE-2015-7547, CVE-2015-1472, CVE-2014-9402, CVE-2015-1781, CVE-2014-8121
+
-- php, version bump to 5.5.32, bug and security fixes
-- Monit, version bump to 5.16
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-17 18:49:10
|
Revision: 7537
http://sourceforge.net/p/astlinux/code/7537
Author: abelbeck
Date: 2016-02-17 18:49:08 +0000 (Wed, 17 Feb 2016)
Log Message:
-----------
eglibc toolchain, security fixes: CVE-2015-7547, CVE-2015-1472, CVE-2014-9402, CVE-2015-1781, CVE-2014-8121 and a couple important bug fixes to allow the security patches to apply cleanly
Note: At this time we are not able to demonstate Google's proof-of-concept for CVE-2015-7547 with previously un-patched eglibc
Modified Paths:
--------------
branches/1.0/astlinux-ast11.config
branches/1.0/astlinux-ast13.config
branches/1.0/astlinux18.config
branches/1.0/crosstool-ng-src/README
branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2-x86_64.config
branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2.config
branches/1.0/initrd.config
branches/1.0/runnix-iso.config
branches/1.0/runnix.config
branches/1.0/x86_64-configs/astlinux-ast11.config
branches/1.0/x86_64-configs/astlinux-ast13.config
branches/1.0/x86_64-configs/astlinux18.config
branches/1.0/x86_64-configs/initrd.config
Added Paths:
-----------
branches/1.0/crosstool-ng-src/patches/eglibc/2_18/100-CVE-2014-8121.patch
branches/1.0/crosstool-ng-src/patches/eglibc/2_18/101-CVE-2014-9402.patch
branches/1.0/crosstool-ng-src/patches/eglibc/2_18/102-CVE-2015-1472.patch
branches/1.0/crosstool-ng-src/patches/eglibc/2_18/103-CVE-2015-1781.patch
branches/1.0/crosstool-ng-src/patches/eglibc/2_18/110-submitted-resolv-first-query-failure.patch
branches/1.0/crosstool-ng-src/patches/eglibc/2_18/120-gethostbyname4-memory-leak.patch
branches/1.0/crosstool-ng-src/patches/eglibc/2_18/122-resolv-reuse-fd.patch
branches/1.0/crosstool-ng-src/patches/eglibc/2_18/130-CVE-2015-7547-getaddrinfo.patch
Modified: branches/1.0/astlinux-ast11.config
===================================================================
--- branches/1.0/astlinux-ast11.config 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/astlinux-ast11.config 2016-02-17 18:49:08 UTC (rev 7537)
@@ -97,7 +97,7 @@
BR2_TOOLCHAIN_EXTERNAL=y
# BR2_TOOLCHAIN_CTNG is not set
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
-BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2/i586-unknown-linux-gnu"
+BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2p1/i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_PREFIX="i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_GLIBC=y
Modified: branches/1.0/astlinux-ast13.config
===================================================================
--- branches/1.0/astlinux-ast13.config 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/astlinux-ast13.config 2016-02-17 18:49:08 UTC (rev 7537)
@@ -97,7 +97,7 @@
BR2_TOOLCHAIN_EXTERNAL=y
# BR2_TOOLCHAIN_CTNG is not set
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
-BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2/i586-unknown-linux-gnu"
+BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2p1/i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_PREFIX="i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_GLIBC=y
Modified: branches/1.0/astlinux18.config
===================================================================
--- branches/1.0/astlinux18.config 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/astlinux18.config 2016-02-17 18:49:08 UTC (rev 7537)
@@ -97,7 +97,7 @@
BR2_TOOLCHAIN_EXTERNAL=y
# BR2_TOOLCHAIN_CTNG is not set
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
-BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2/i586-unknown-linux-gnu"
+BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2p1/i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_PREFIX="i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_GLIBC=y
Modified: branches/1.0/crosstool-ng-src/README
===================================================================
--- branches/1.0/crosstool-ng-src/README 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/crosstool-ng-src/README 2016-02-17 18:49:08 UTC (rev 7537)
@@ -3,7 +3,7 @@
## http://crosstool-ng.org
##
## Building the eglibc toolchain for AstLinux 1.x using Buildroot
-## The resulting toolchain is output to $HOME/astlinux/x-tools-1.20.0-3.2
+## The resulting toolchain is output to $HOME/astlinux/x-tools-1.20.0-3.2p1
## Make sure you have a $HOME/astlinux/ directory.
##
## Note: If "crosstool-ng-1.20.0" is already installed, jump to "## Build i586 32-bit toolchain ##"
Modified: branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2-x86_64.config
===================================================================
--- branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2-x86_64.config 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2-x86_64.config 2016-02-17 18:49:08 UTC (rev 7537)
@@ -25,7 +25,7 @@
#
CT_LOCAL_TARBALLS_DIR=""
CT_WORK_DIR="${CT_TOP_DIR}/.build"
-CT_PREFIX_DIR="${HOME}/astlinux/x-tools-1.20.0-3.2/${CT_TARGET}"
+CT_PREFIX_DIR="${HOME}/astlinux/x-tools-1.20.0-3.2p1/${CT_TARGET}"
CT_INSTALL_DIR="${CT_PREFIX_DIR}"
CT_RM_RF_PREFIX_DIR=y
CT_REMOVE_DOCS=y
Modified: branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2.config
===================================================================
--- branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2.config 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2.config 2016-02-17 18:49:08 UTC (rev 7537)
@@ -25,7 +25,7 @@
#
CT_LOCAL_TARBALLS_DIR=""
CT_WORK_DIR="${CT_TOP_DIR}/.build"
-CT_PREFIX_DIR="${HOME}/astlinux/x-tools-1.20.0-3.2/${CT_TARGET}"
+CT_PREFIX_DIR="${HOME}/astlinux/x-tools-1.20.0-3.2p1/${CT_TARGET}"
CT_INSTALL_DIR="${CT_PREFIX_DIR}"
CT_RM_RF_PREFIX_DIR=y
CT_REMOVE_DOCS=y
Added: branches/1.0/crosstool-ng-src/patches/eglibc/2_18/100-CVE-2014-8121.patch
===================================================================
--- branches/1.0/crosstool-ng-src/patches/eglibc/2_18/100-CVE-2014-8121.patch (rev 0)
+++ branches/1.0/crosstool-ng-src/patches/eglibc/2_18/100-CVE-2014-8121.patch 2016-02-17 18:49:08 UTC (rev 7537)
@@ -0,0 +1,17 @@
+2015-04-29 Florian Weimer <fw...@re...>
+
+ [BZ #18007]
+ * nss/nss_files/files-XXX.c (CONCAT): Always enable stayopen.
+ (CVE-2014-8121)
+
+--- a/nss/nss_files/files-XXX.c
++++ b/nss/nss_files/files-XXX.c
+@@ -134,7 +134,7 @@ CONCAT(_nss_files_set,ENTNAME) (int stayopen)
+
+ __libc_lock_lock (lock);
+
+- status = internal_setent (stayopen);
++ status = internal_setent (1);
+
+ if (status == NSS_STATUS_SUCCESS && fgetpos (stream, &position) < 0)
+ {
Added: branches/1.0/crosstool-ng-src/patches/eglibc/2_18/101-CVE-2014-9402.patch
===================================================================
--- branches/1.0/crosstool-ng-src/patches/eglibc/2_18/101-CVE-2014-9402.patch (rev 0)
+++ branches/1.0/crosstool-ng-src/patches/eglibc/2_18/101-CVE-2014-9402.patch 2016-02-17 18:49:08 UTC (rev 7537)
@@ -0,0 +1,19 @@
+2014-12-16 Florian Weimer <fw...@re...>
+
+ [BZ #17630]
+ * resolv/nss_dns/dns-network.c (getanswer_r): Iterate over alias
+ names.
+
+--- a/resolv/nss_dns/dns-network.c
++++ b/resolv/nss_dns/dns-network.c
+@@ -398,8 +398,8 @@ getanswer_r (const querybuf *answer, int anslen, struct netent *result,
+
+ case BYNAME:
+ {
+- char **ap = result->n_aliases++;
+- while (*ap != NULL)
++ char **ap;
++ for (ap = result->n_aliases; *ap != NULL; ++ap)
+ {
+ /* Check each alias name for being of the forms:
+ 4.3.2.1.in-addr.arpa = net 1.2.3.4
Added: branches/1.0/crosstool-ng-src/patches/eglibc/2_18/102-CVE-2015-1472.patch
===================================================================
--- branches/1.0/crosstool-ng-src/patches/eglibc/2_18/102-CVE-2015-1472.patch (rev 0)
+++ branches/1.0/crosstool-ng-src/patches/eglibc/2_18/102-CVE-2015-1472.patch 2016-02-17 18:49:08 UTC (rev 7537)
@@ -0,0 +1,82 @@
+2015-02-05 Paul Pluzhnikov <ppl...@go...>
+
+ [BZ #16618]
+ * stdio-common/tst-sscanf.c (main): Test for buffer overflow.
+ * stdio-common/vfscanf.c (_IO_vfscanf_internal): Compute needed
+ size in bytes. Store needed elements in wpmax. Use needed size
+ in bytes for extend_alloca.
+
+--- a/stdio-common/tst-sscanf.c
++++ b/stdio-common/tst-sscanf.c
+@@ -232,5 +232,38 @@
+ }
+ }
+
++ /* BZ #16618
++ The test will segfault during SSCANF if the buffer overflow
++ is not fixed. The size of `s` is such that it forces the use
++ of malloc internally and this triggers the incorrect computation.
++ Thus the value for SIZE is arbitrariy high enough that malloc
++ is used. */
++ {
++#define SIZE 131072
++ CHAR *s = malloc ((SIZE + 1) * sizeof (*s));
++ if (s == NULL)
++ abort ();
++ for (size_t i = 0; i < SIZE; i++)
++ s[i] = L('0');
++ s[SIZE] = L('\0');
++ int i = 42;
++ /* Scan multi-digit zero into `i`. */
++ if (SSCANF (s, L("%d"), &i) != 1)
++ {
++ printf ("FAIL: bug16618: SSCANF did not read one input item.\n");
++ result = 1;
++ }
++ if (i != 0)
++ {
++ printf ("FAIL: bug16618: Value of `i` was not zero as expected.\n");
++ result = 1;
++ }
++ free (s);
++ if (result != 1)
++ printf ("PASS: bug16618: Did not crash.\n");
++#undef SIZE
++ }
++
++
+ return result;
+ }
+--- a/stdio-common/vfscanf.c
++++ b/stdio-common/vfscanf.c
+@@ -272,9 +272,10 @@
+ if (__builtin_expect (wpsize == wpmax, 0)) \
+ { \
+ CHAR_T *old = wp; \
+- size_t newsize = (UCHAR_MAX + 1 > 2 * wpmax \
+- ? UCHAR_MAX + 1 : 2 * wpmax); \
+- if (use_malloc || !__libc_use_alloca (newsize)) \
++ bool fits = __builtin_expect (wpmax <= SIZE_MAX / sizeof (CHAR_T) / 2, 1); \
++ size_t wpneed = MAX (UCHAR_MAX + 1, 2 * wpmax); \
++ size_t newsize = fits ? wpneed * sizeof (CHAR_T) : SIZE_MAX; \
++ if (!__libc_use_alloca (newsize)) \
+ { \
+ wp = realloc (use_malloc ? wp : NULL, newsize); \
+ if (wp == NULL) \
+@@ -286,14 +287,13 @@
+ } \
+ if (! use_malloc) \
+ MEMCPY (wp, old, wpsize); \
+- wpmax = newsize; \
++ wpmax = wpneed; \
+ use_malloc = true; \
+ } \
+ else \
+ { \
+ size_t s = wpmax * sizeof (CHAR_T); \
+- wp = (CHAR_T *) extend_alloca (wp, s, \
+- newsize * sizeof (CHAR_T)); \
++ wp = (CHAR_T *) extend_alloca (wp, s, newsize); \
+ wpmax = s / sizeof (CHAR_T); \
+ if (old != NULL) \
+ MEMCPY (wp, old, wpsize); \
Added: branches/1.0/crosstool-ng-src/patches/eglibc/2_18/103-CVE-2015-1781.patch
===================================================================
--- branches/1.0/crosstool-ng-src/patches/eglibc/2_18/103-CVE-2015-1781.patch (rev 0)
+++ branches/1.0/crosstool-ng-src/patches/eglibc/2_18/103-CVE-2015-1781.patch 2016-02-17 18:49:08 UTC (rev 7537)
@@ -0,0 +1,18 @@
+2015-04-21 Arjun Shankar <arj...@lo...>
+
+ [BZ #18287]
+ * resolv/nss_dns/dns-host.c (getanswer_r): Adjust buffer length
+ based on padding. (CVE-2015-1781)
+
+--- a/resolv/nss_dns/dns-host.c
++++ b/resolv/nss_dns/dns-host.c
+@@ -615,7 +615,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
+ int have_to_map = 0;
+ uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data);
+ buffer += pad;
+- if (__builtin_expect (buflen < sizeof (struct host_data) + pad, 0))
++ buflen = buflen > pad ? buflen - pad : 0;
++ if (__builtin_expect (buflen < sizeof (struct host_data), 0))
+ {
+ /* The buffer is too small. */
+ too_small:
Added: branches/1.0/crosstool-ng-src/patches/eglibc/2_18/110-submitted-resolv-first-query-failure.patch
===================================================================
--- branches/1.0/crosstool-ng-src/patches/eglibc/2_18/110-submitted-resolv-first-query-failure.patch (rev 0)
+++ branches/1.0/crosstool-ng-src/patches/eglibc/2_18/110-submitted-resolv-first-query-failure.patch 2016-02-17 18:49:08 UTC (rev 7537)
@@ -0,0 +1,40 @@
+eglibc-2.13/debian/patches/any/submitted-resolv-first-query-failure.diff
+@@ -0,0 +1,38 @@
+2012-02-02 Aurelien Jarno <au...@de...>
+
+ * resolv/res_query.c(__libc_res_nsearch): succeed if the first
+ query fails, but the second query succeeds.
+
+---
+ resolv/res_query.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/resolv/res_query.c
++++ b/resolv/res_query.c
+@@ -378,7 +378,7 @@
+ ret = __libc_res_nquerydomain(statp, name, NULL, class, type,
+ answer, anslen, answerp,
+ answerp2, nanswerp2, resplen2);
+- if (ret > 0 || trailing_dot)
++ if (ret > 0 || (ret == 0 && *resplen2 > 0) || trailing_dot)
+ return (ret);
+ saved_herrno = h_errno;
+ tried_as_is++;
+@@ -418,7 +418,7 @@
+ answer, anslen, answerp,
+ answerp2, nanswerp2,
+ resplen2);
+- if (ret > 0)
++ if ((ret > 0) || (ret == 0 && *resplen2 > 0))
+ return (ret);
+
+ if (answerp && *answerp != answer) {
+@@ -487,7 +487,7 @@
+ ret = __libc_res_nquerydomain(statp, name, NULL, class, type,
+ answer, anslen, answerp,
+ answerp2, nanswerp2, resplen2);
+- if (ret > 0)
++ if ((ret > 0) || (ret == 0 && *resplen2 > 0))
+ return (ret);
+ }
+
Added: branches/1.0/crosstool-ng-src/patches/eglibc/2_18/120-gethostbyname4-memory-leak.patch
===================================================================
--- branches/1.0/crosstool-ng-src/patches/eglibc/2_18/120-gethostbyname4-memory-leak.patch (rev 0)
+++ branches/1.0/crosstool-ng-src/patches/eglibc/2_18/120-gethostbyname4-memory-leak.patch 2016-02-17 18:49:08 UTC (rev 7537)
@@ -0,0 +1,449 @@
+eglibc-2.13/debian/patches/any/cvs-gethostbyname4-memory-leak.diff
+@@ -0,0 +1,447 @@
+2014-02-18 Andreas Schwab <sc...@su...>
+
+ [BZ #16574]
+ * resolv/res_send.c (send_vc): Add parameter ansp2_malloced.
+ Store non-zero if the second buffer was newly allocated.
+ (send_dg): Likewise.
+ (__libc_res_nsend): Add parameter ansp2_malloced and pass it down
+ to send_vc and send_dg.
+ (res_nsend): Pass NULL for ansp2_malloced.
+ * resolv/res_query.c (__libc_res_nquery): Add parameter
+ answerp2_malloced and pass it down to __libc_res_nsend.
+ (res_nquery): Pass additional NULL to __libc_res_nquery.
+ (__libc_res_nsearch): Add parameter answerp2_malloced and pass it
+ down to __libc_res_nquery and __libc_res_nquerydomain. Deallocate
+ second answer buffer if answerp2_malloced was set.
+ (res_nsearch): Pass additional NULL to __libc_res_nsearch.
+ (__libc_res_nquerydomain): Add parameter
+ answerp2_malloced and pass it down to __libc_res_nquery.
+ (res_nquerydomain): Pass additional NULL to
+ __libc_res_nquerydomain.
+ * resolv/nss_dns/dns-network.c (_nss_dns_getnetbyname_r): Pass
+ additional NULL to __libc_res_nsend and __libc_res_nquery.
+ * resolv/nss_dns/dns-host.c (_nss_dns_gethostbyname3_r): Pass
+ additional NULL to __libc_res_nsearch.
+ (_nss_dns_gethostbyname4_r): Revert last change. Use new
+ parameter of __libc_res_nsearch to check for separately allocated
+ second buffer.
+ (_nss_dns_gethostbyaddr2_r): Pass additional NULL to
+ __libc_res_nquery.
+ * resolv/nss_dns/dns-canon.c (_nss_dns_getcanonname_r): Pass
+ additional NULL to __libc_res_nquery.
+ * resolv/gethnamaddr.c (gethostbyname2): Pass additional NULL to
+ __libc_res_nsearch.
+ (gethostbyaddr): Pass additional NULL to __libc_res_nquery.
+ * include/resolv.h: Update prototypes of __libc_res_nquery,
+ __libc_res_nsearch, __libc_res_nsend.
+
+2014-02-13 Andreas Schwab <sc...@su...>
+
+ [BZ #16574]
+ * resolv/nss_dns/dns-host.c (_nss_dns_gethostbyname4_r): Free the
+ second answer buffer if it was separately allocated.
+
+--- a/include/resolv.h
++++ b/include/resolv.h
+@@ -58,11 +58,11 @@
+ libc_hidden_proto (__res_state)
+
+ int __libc_res_nquery (res_state, const char *, int, int, u_char *, int,
+- u_char **, u_char **, int *, int *);
++ u_char **, u_char **, int *, int *, int *);
+ int __libc_res_nsearch (res_state, const char *, int, int, u_char *, int,
+- u_char **, u_char **, int *, int *);
++ u_char **, u_char **, int *, int *, int *);
+ int __libc_res_nsend (res_state, const u_char *, int, const u_char *, int,
+- u_char *, int, u_char **, u_char **, int *, int *)
++ u_char *, int, u_char **, u_char **, int *, int *, int *)
+ attribute_hidden;
+
+ libresolv_hidden_proto (_sethtent)
+--- a/resolv/gethnamaddr.c
++++ b/resolv/gethnamaddr.c
+@@ -621,7 +621,7 @@
+ buf.buf = origbuf = (querybuf *) alloca (1024);
+
+ if ((n = __libc_res_nsearch(&_res, name, C_IN, type, buf.buf->buf, 1024,
+- &buf.ptr, NULL, NULL, NULL)) < 0) {
++ &buf.ptr, NULL, NULL, NULL, NULL)) < 0) {
+ if (buf.buf != origbuf)
+ free (buf.buf);
+ Dprintf("res_nsearch failed (%d)\n", n);
+@@ -716,12 +716,12 @@
+ buf.buf = orig_buf = (querybuf *) alloca (1024);
+
+ n = __libc_res_nquery(&_res, qbuf, C_IN, T_PTR, buf.buf->buf, 1024,
+- &buf.ptr, NULL, NULL, NULL);
++ &buf.ptr, NULL, NULL, NULL, NULL);
+ if (n < 0 && af == AF_INET6 && (_res.options & RES_NOIP6DOTINT) == 0) {
+ strcpy(qp, "ip6.int");
+ n = __libc_res_nquery(&_res, qbuf, C_IN, T_PTR, buf.buf->buf,
+ buf.buf != orig_buf ? MAXPACKET : 1024,
+- &buf.ptr, NULL, NULL, NULL);
++ &buf.ptr, NULL, NULL, NULL, NULL);
+ }
+ if (n < 0) {
+ if (buf.buf != orig_buf)
+--- a/resolv/nss_dns/dns-canon.c
++++ b/resolv/nss_dns/dns-canon.c
+@@ -62,7 +62,7 @@
+ {
+ int r = __libc_res_nquery (&_res, name, ns_c_in, qtypes[i],
+ buf, sizeof (buf), &ansp.ptr, NULL, NULL,
+- NULL);
++ NULL, NULL);
+ if (r > 0)
+ {
+ /* We need to decode the response. Just one question record.
+--- a/resolv/nss_dns/dns-host.c
++++ b/resolv/nss_dns/dns-host.c
+@@ -195,7 +195,7 @@
+ host_buffer.buf = orig_host_buffer = (querybuf *) alloca (1024);
+
+ n = __libc_res_nsearch (&_res, name, C_IN, type, host_buffer.buf->buf,
+- 1024, &host_buffer.ptr, NULL, NULL, NULL);
++ 1024, &host_buffer.ptr, NULL, NULL, NULL, NULL);
+ if (n < 0)
+ {
+ switch (errno)
+@@ -225,7 +225,7 @@
+ n = __libc_res_nsearch (&_res, name, C_IN, T_A, host_buffer.buf->buf,
+ host_buffer.buf != orig_host_buffer
+ ? MAXPACKET : 1024, &host_buffer.ptr,
+- NULL, NULL, NULL);
++ NULL, NULL, NULL, NULL);
+
+ if (n < 0)
+ {
+@@ -308,12 +308,13 @@
+ u_char *ans2p = NULL;
+ int nans2p = 0;
+ int resplen2 = 0;
++ int ans2p_malloced = 0;
+
+ int olderr = errno;
+ enum nss_status status;
+ int n = __libc_res_nsearch (&_res, name, C_IN, T_UNSPEC,
+ host_buffer.buf->buf, 2048, &host_buffer.ptr,
+- &ans2p, &nans2p, &resplen2);
++ &ans2p, &nans2p, &resplen2, &ans2p_malloced);
+ if (n < 0)
+ {
+ switch (errno)
+@@ -340,6 +341,10 @@
+ resplen2, name, pat, buffer, buflen,
+ errnop, herrnop, ttlp);
+
++ /* Check whether ans2p was separately allocated. */
++ if (ans2p_malloced)
++ free (ans2p);
++
+ if (host_buffer.buf != orig_host_buffer)
+ free (host_buffer.buf);
+
+@@ -448,7 +453,7 @@
+ strcpy (qp, "].ip6.arpa");
+ n = __libc_res_nquery (&_res, qbuf, C_IN, T_PTR,
+ host_buffer.buf->buf, 1024, &host_buffer.ptr,
+- NULL, NULL, NULL);
++ NULL, NULL, NULL, NULL);
+ if (n >= 0)
+ goto got_it_already;
+ }
+@@ -469,14 +474,14 @@
+ }
+
+ n = __libc_res_nquery (&_res, qbuf, C_IN, T_PTR, host_buffer.buf->buf,
+- 1024, &host_buffer.ptr, NULL, NULL, NULL);
++ 1024, &host_buffer.ptr, NULL, NULL, NULL, NULL);
+ if (n < 0 && af == AF_INET6 && (_res.options & RES_NOIP6DOTINT) == 0)
+ {
+ strcpy (qp, "ip6.int");
+ n = __libc_res_nquery (&_res, qbuf, C_IN, T_PTR, host_buffer.buf->buf,
+ host_buffer.buf != orig_host_buffer
+ ? MAXPACKET : 1024, &host_buffer.ptr,
+- NULL, NULL, NULL);
++ NULL, NULL, NULL, NULL);
+ }
+ if (n < 0)
+ {
+--- a/resolv/nss_dns/dns-network.c
++++ b/resolv/nss_dns/dns-network.c
+@@ -130,7 +130,7 @@
+ net_buffer.buf = orig_net_buffer = (querybuf *) alloca (1024);
+
+ anslen = __libc_res_nsearch (&_res, qbuf, C_IN, T_PTR, net_buffer.buf->buf,
+- 1024, &net_buffer.ptr, NULL, NULL, NULL);
++ 1024, &net_buffer.ptr, NULL, NULL, NULL, NULL);
+ if (anslen < 0)
+ {
+ /* Nothing found. */
+@@ -206,7 +206,7 @@
+ net_buffer.buf = orig_net_buffer = (querybuf *) alloca (1024);
+
+ anslen = __libc_res_nquery (&_res, qbuf, C_IN, T_PTR, net_buffer.buf->buf,
+- 1024, &net_buffer.ptr, NULL, NULL, NULL);
++ 1024, &net_buffer.ptr, NULL, NULL, NULL, NULL);
+ if (anslen < 0)
+ {
+ /* Nothing found. */
+--- a/resolv/res_query.c
++++ b/resolv/res_query.c
+@@ -98,7 +98,7 @@
+ __libc_res_nquerydomain(res_state statp, const char *name, const char *domain,
+ int class, int type, u_char *answer, int anslen,
+ u_char **answerp, u_char **answerp2, int *nanswerp2,
+- int *resplen2);
++ int *resplen2, int *answerp2_malloced);
+
+ /*
+ * Formulate a normal query, send, and await answer.
+@@ -119,7 +119,8 @@
+ u_char **answerp, /* if buffer needs to be enlarged */
+ u_char **answerp2,
+ int *nanswerp2,
+- int *resplen2)
++ int *resplen2,
++ int *answerp2_malloced)
+ {
+ HEADER *hp = (HEADER *) answer;
+ HEADER *hp2;
+@@ -224,7 +225,8 @@
+ }
+ assert (answerp == NULL || (void *) *answerp == (void *) answer);
+ n = __libc_res_nsend(statp, query1, nquery1, query2, nquery2, answer,
+- anslen, answerp, answerp2, nanswerp2, resplen2);
++ anslen, answerp, answerp2, nanswerp2, resplen2,
++ answerp2_malloced);
+ if (use_malloc)
+ free (buf);
+ if (n < 0) {
+@@ -316,7 +318,7 @@
+ int anslen) /* size of answer buffer */
+ {
+ return __libc_res_nquery(statp, name, class, type, answer, anslen,
+- NULL, NULL, NULL, NULL);
++ NULL, NULL, NULL, NULL, NULL);
+ }
+ libresolv_hidden_def (res_nquery)
+
+@@ -335,7 +337,8 @@
+ u_char **answerp,
+ u_char **answerp2,
+ int *nanswerp2,
+- int *resplen2)
++ int *resplen2,
++ int *answerp2_malloced)
+ {
+ const char *cp, * const *domain;
+ HEADER *hp = (HEADER *) answer;
+@@ -360,7 +363,7 @@
+ if (!dots && (cp = res_hostalias(statp, name, tmp, sizeof tmp))!= NULL)
+ return (__libc_res_nquery(statp, cp, class, type, answer,
+ anslen, answerp, answerp2,
+- nanswerp2, resplen2));
++ nanswerp2, resplen2, answerp2_malloced));
+
+ #ifdef DEBUG
+ if (statp->options & RES_DEBUG)
+@@ -377,7 +380,8 @@
+ if (dots >= statp->ndots || trailing_dot) {
+ ret = __libc_res_nquerydomain(statp, name, NULL, class, type,
+ answer, anslen, answerp,
+- answerp2, nanswerp2, resplen2);
++ answerp2, nanswerp2, resplen2,
++ answerp2_malloced);
+ if (ret > 0 || (ret == 0 && *resplen2 > 0) || trailing_dot)
+ return (ret);
+ saved_herrno = h_errno;
+@@ -386,11 +390,11 @@
+ answer = *answerp;
+ anslen = MAXPACKET;
+ }
+- if (answerp2
+- && (*answerp2 < answer || *answerp2 >= answer + anslen))
++ if (answerp2 && *answerp2_malloced)
+ {
+ free (*answerp2);
+ *answerp2 = NULL;
++ *answerp2_malloced = 0;
+ }
+ }
+
+@@ -417,7 +421,7 @@
+ class, type,
+ answer, anslen, answerp,
+ answerp2, nanswerp2,
+- resplen2);
++ resplen2, answerp2_malloced);
+ if ((ret > 0) || (ret == 0 && *resplen2 > 0))
+ return (ret);
+
+@@ -425,12 +429,11 @@
+ answer = *answerp;
+ anslen = MAXPACKET;
+ }
+- if (answerp2
+- && (*answerp2 < answer
+- || *answerp2 >= answer + anslen))
++ if (answerp2 && *answerp2_malloced)
+ {
+ free (*answerp2);
+ *answerp2 = NULL;
++ *answerp2_malloced = 0;
+ }
+
+ /*
+@@ -486,7 +489,8 @@
+ && !(tried_as_is || root_on_list)) {
+ ret = __libc_res_nquerydomain(statp, name, NULL, class, type,
+ answer, anslen, answerp,
+- answerp2, nanswerp2, resplen2);
++ answerp2, nanswerp2, resplen2,
++ answerp2_malloced);
+ if ((ret > 0) || (ret == 0 && *resplen2 > 0))
+ return (ret);
+ }
+@@ -498,10 +502,11 @@
+ * else send back meaningless H_ERRNO, that being the one from
+ * the last DNSRCH we did.
+ */
+- if (answerp2 && (*answerp2 < answer || *answerp2 >= answer + anslen))
++ if (answerp2 && *answerp2_malloced)
+ {
+ free (*answerp2);
+ *answerp2 = NULL;
++ *answerp2_malloced = 0;
+ }
+ if (saved_herrno != -1)
+ RES_SET_H_ERRNO(statp, saved_herrno);
+@@ -521,7 +526,7 @@
+ int anslen) /* size of answer */
+ {
+ return __libc_res_nsearch(statp, name, class, type, answer,
+- anslen, NULL, NULL, NULL, NULL);
++ anslen, NULL, NULL, NULL, NULL, NULL);
+ }
+ libresolv_hidden_def (res_nsearch)
+
+@@ -539,7 +544,8 @@
+ u_char **answerp,
+ u_char **answerp2,
+ int *nanswerp2,
+- int *resplen2)
++ int *resplen2,
++ int *answerp2_malloced)
+ {
+ char nbuf[MAXDNAME];
+ const char *longname = nbuf;
+@@ -577,7 +583,7 @@
+ }
+ return (__libc_res_nquery(statp, longname, class, type, answer,
+ anslen, answerp, answerp2, nanswerp2,
+- resplen2));
++ resplen2, answerp2_malloced));
+ }
+
+ int
+@@ -589,7 +595,8 @@
+ int anslen) /* size of answer */
+ {
+ return __libc_res_nquerydomain(statp, name, domain, class, type,
+- answer, anslen, NULL, NULL, NULL, NULL);
++ answer, anslen, NULL, NULL, NULL, NULL,
++ NULL);
+ }
+ libresolv_hidden_def (res_nquerydomain)
+
+--- a/resolv/res_send.c
++++ b/resolv/res_send.c
+@@ -186,12 +186,12 @@
+ static int send_vc(res_state, const u_char *, int,
+ const u_char *, int,
+ u_char **, int *, int *, int, u_char **,
+- u_char **, int *, int *);
++ u_char **, int *, int *, int *);
+ static int send_dg(res_state, const u_char *, int,
+ const u_char *, int,
+ u_char **, int *, int *, int,
+ int *, int *, u_char **,
+- u_char **, int *, int *);
++ u_char **, int *, int *, int *);
+ #ifdef DEBUG
+ static void Aerror(const res_state, FILE *, const char *, int,
+ const struct sockaddr *);
+@@ -343,7 +343,7 @@
+ __libc_res_nsend(res_state statp, const u_char *buf, int buflen,
+ const u_char *buf2, int buflen2,
+ u_char *ans, int anssiz, u_char **ansp, u_char **ansp2,
+- int *nansp2, int *resplen2)
++ int *nansp2, int *resplen2, int *ansp2_malloced)
+ {
+ int gotsomewhere, terrno, try, v_circuit, resplen, ns, n;
+
+@@ -546,7 +546,8 @@
+ try = statp->retry;
+ n = send_vc(statp, buf, buflen, buf2, buflen2,
+ &ans, &anssiz, &terrno,
+- ns, ansp, ansp2, nansp2, resplen2);
++ ns, ansp, ansp2, nansp2, resplen2,
++ ansp2_malloced);
+ if (n < 0)
+ return (-1);
+ if (n == 0 && (buf2 == NULL || *resplen2 == 0))
+@@ -556,7 +557,7 @@
+ n = send_dg(statp, buf, buflen, buf2, buflen2,
+ &ans, &anssiz, &terrno,
+ ns, &v_circuit, &gotsomewhere, ansp,
+- ansp2, nansp2, resplen2);
++ ansp2, nansp2, resplen2, ansp2_malloced);
+ if (n < 0)
+ return (-1);
+ if (n == 0 && (buf2 == NULL || *resplen2 == 0))
+@@ -646,7 +647,7 @@
+ const u_char *buf, int buflen, u_char *ans, int anssiz)
+ {
+ return __libc_res_nsend(statp, buf, buflen, NULL, 0, ans, anssiz,
+- NULL, NULL, NULL, NULL);
++ NULL, NULL, NULL, NULL, NULL);
+ }
+ libresolv_hidden_def (res_nsend)
+
+@@ -657,7 +658,7 @@
+ const u_char *buf, int buflen, const u_char *buf2, int buflen2,
+ u_char **ansp, int *anssizp,
+ int *terrno, int ns, u_char **anscp, u_char **ansp2, int *anssizp2,
+- int *resplen2)
++ int *resplen2, int *ansp2_malloced)
+ {
+ const HEADER *hp = (HEADER *) buf;
+ const HEADER *hp2 = (HEADER *) buf2;
+@@ -823,6 +824,8 @@
+ }
+ *thisanssizp = MAXPACKET;
+ *thisansp = newp;
++ if (thisansp == ansp2)
++ *ansp2_malloced = 1;
+ anhp = (HEADER *) newp;
+ len = rlen;
+ } else {
+@@ -1000,7 +1003,7 @@
+ const u_char *buf, int buflen, const u_char *buf2, int buflen2,
+ u_char **ansp, int *anssizp,
+ int *terrno, int ns, int *v_circuit, int *gotsomewhere, u_char **anscp,
+- u_char **ansp2, int *anssizp2, int *resplen2)
++ u_char **ansp2, int *anssizp2, int *resplen2, int *ansp2_malloced)
+ {
+ const HEADER *hp = (HEADER *) buf;
+ const HEADER *hp2 = (HEADER *) buf2;
+@@ -1175,6 +1178,8 @@
+ if (newp != NULL) {
+ *anssizp = MAXPACKET;
+ *thisansp = ans = newp;
++ if (thisansp == ansp2)
++ *ansp2_malloced = 1;
+ }
+ }
+ HEADER *anhp = (HEADER *) *thisansp;
Added: branches/1.0/crosstool-ng-src/patches/eglibc/2_18/122-resolv-reuse-fd.patch
===================================================================
--- branches/1.0/crosstool-ng-src/patches/eglibc/2_18/122-resolv-reuse-fd.patch (rev 0)
+++ branches/1.0/crosstool-ng-src/patches/eglibc/2_18/122-resolv-reuse-fd.patch 2016-02-17 18:49:08 UTC (rev 7537)
@@ -0,0 +1,16 @@
+2014-06-03 Andreas Schwab <sc...@su...>
+
+ [BZ #15946]
+ * resolv/res_send.c (send_dg): Reload file descriptor after
+ calling reopen.
+
+--- a/resolv/res_send.c
++++ b/resolv/res_send.c
+@@ -1410,6 +1410,7 @@ send_dg(res_state statp,
+ retval = reopen (statp, terrno, ns);
+ if (retval <= 0)
+ return retval;
++ pfd[0].fd = EXT(statp).nssocks[ns];
+ }
+ }
+ goto wait;
Added: branches/1.0/crosstool-ng-src/patches/eglibc/2_18/130-CVE-2015-7547-getaddrinfo.patch
===================================================================
--- branches/1.0/crosstool-ng-src/patches/eglibc/2_18/130-CVE-2015-7547-getaddrinfo.patch (rev 0)
+++ branches/1.0/crosstool-ng-src/patches/eglibc/2_18/130-CVE-2015-7547-getaddrinfo.patch 2016-02-17 18:49:08 UTC (rev 7537)
@@ -0,0 +1,540 @@
+eglibc-2.13/debian/patches/any/local-CVE-2015-7547.diff
+@@ -0,0 +1,538 @@
+--- a/resolv/nss_dns/dns-host.c
++++ b/resolv/nss_dns/dns-host.c
+@@ -1036,7 +1036,10 @@
+ int h_namelen = 0;
+
+ if (ancount == 0)
+- return NSS_STATUS_NOTFOUND;
++ {
++ *h_errnop = HOST_NOT_FOUND;
++ return NSS_STATUS_NOTFOUND;
++ }
+
+ while (ancount-- > 0 && cp < end_of_message && had_error == 0)
+ {
+@@ -1205,7 +1208,14 @@
+ /* Special case here: if the resolver sent a result but it only
+ contains a CNAME while we are looking for a T_A or T_AAAA record,
+ we fail with NOTFOUND instead of TRYAGAIN. */
+- return canon == NULL ? NSS_STATUS_TRYAGAIN : NSS_STATUS_NOTFOUND;
++ if (canon != NULL)
++ {
++ *h_errnop = HOST_NOT_FOUND;
++ return NSS_STATUS_NOTFOUND;
++ }
++
++ *h_errnop = NETDB_INTERNAL;
++ return NSS_STATUS_TRYAGAIN;
+ }
+
+
+@@ -1219,11 +1229,101 @@
+
+ enum nss_status status = NSS_STATUS_NOTFOUND;
+
++ /* Combining the NSS status of two distinct queries requires some
++ compromise and attention to symmetry (A or AAAA queries can be
++ returned in any order). What follows is a breakdown of how this
++ code is expected to work and why. We discuss only SUCCESS,
++ TRYAGAIN, NOTFOUND and UNAVAIL, since they are the only returns
++ that apply (though RETURN and MERGE exist). We make a distinction
++ between TRYAGAIN (recoverable) and TRYAGAIN' (not-recoverable).
++ A recoverable TRYAGAIN is almost always due to buffer size issues
++ and returns ERANGE in errno and the caller is expected to retry
++ with a larger buffer.
++
++ Lastly, you may be tempted to make significant changes to the
++ conditions in this code to bring about symmetry between responses.
++ Please don't change anything without due consideration for
++ expected application behaviour. Some of the synthesized responses
++ aren't very well thought out and sometimes appear to imply that
++ IPv4 responses are always answer 1, and IPv6 responses are always
++ answer 2, but that's not true (see the implemetnation of send_dg
++ and send_vc to see response can arrive in any order, particlarly
++ for UDP). However, we expect it holds roughly enough of the time
++ that this code works, but certainly needs to be fixed to make this
++ a more robust implementation.
++
++ ----------------------------------------------
++ | Answer 1 Status / | Synthesized | Reason |
++ | Answer 2 Status | Status | |
++ |--------------------------------------------|
++ | SUCCESS/SUCCESS | SUCCESS | [1] |
++ | SUCCESS/TRYAGAIN | TRYAGAIN | [5] |
++ | SUCCESS/TRYAGAIN' | SUCCESS | [1] |
++ | SUCCESS/NOTFOUND | SUCCESS | [1] |
++ | SUCCESS/UNAVAIL | SUCCESS | [1] |
++ | TRYAGAIN/SUCCESS | TRYAGAIN | [2] |
++ | TRYAGAIN/TRYAGAIN | TRYAGAIN | [2] |
++ | TRYAGAIN/TRYAGAIN' | TRYAGAIN | [2] |
++ | TRYAGAIN/NOTFOUND | TRYAGAIN | [2] |
++ | TRYAGAIN/UNAVAIL | TRYAGAIN | [2] |
++ | TRYAGAIN'/SUCCESS | SUCCESS | [3] |
++ | TRYAGAIN'/TRYAGAIN | TRYAGAIN | [3] |
++ | TRYAGAIN'/TRYAGAIN' | TRYAGAIN' | [3] |
++ | TRYAGAIN'/NOTFOUND | TRYAGAIN' | [3] |
++ | TRYAGAIN'/UNAVAIL | UNAVAIL | [3] |
++ | NOTFOUND/SUCCESS | SUCCESS | [3] |
++ | NOTFOUND/TRYAGAIN | TRYAGAIN | [3] |
++ | NOTFOUND/TRYAGAIN' | TRYAGAIN' | [3] |
++ | NOTFOUND/NOTFOUND | NOTFOUND | [3] |
++ | NOTFOUND/UNAVAIL | UNAVAIL | [3] |
++ | UNAVAIL/SUCCESS | UNAVAIL | [4] |
++ | UNAVAIL/TRYAGAIN | UNAVAIL | [4] |
++ | UNAVAIL/TRYAGAIN' | UNAVAIL | [4] |
++ | UNAVAIL/NOTFOUND | UNAVAIL | [4] |
++ | UNAVAIL/UNAVAIL | UNAVAIL | [4] |
++ ----------------------------------------------
++
++ [1] If the first response is a success we return success.
++ This ignores the state of the second answer and in fact
++ incorrectly sets errno and h_errno to that of the second
++ answer. However because the response is a success we ignore
++ *errnop and *h_errnop (though that means you touched errno on
++ success). We are being conservative here and returning the
++ likely IPv4 response in the first answer as a success.
++
++ [2] If the first response is a recoverable TRYAGAIN we return
++ that instead of looking at the second response. The
++ expectation here is that we have failed to get an IPv4 response
++ and should retry both queries.
++
++ [3] If the first response was not a SUCCESS and the second
++ response is not NOTFOUND (had a SUCCESS, need to TRYAGAIN,
++ or failed entirely e.g. TRYAGAIN' and UNAVAIL) then use the
++ result from the second response, otherwise the first responses
++ status is used. Again we have some odd side-effects when the
++ second response is NOTFOUND because we overwrite *errnop and
++ *h_errnop that means that a first answer of NOTFOUND might see
++ its *errnop and *h_errnop values altered. Whether it matters
++ in practice that a first response NOTFOUND has the wrong
++ *errnop and *h_errnop is undecided.
++
++ [4] If the first response is UNAVAIL we return that instead of
++ looking at the second response. The expectation here is that
++ it will have failed similarly e.g. configuration failure.
++
++ [5] Testing this code is complicated by the fact that truncated
++ second response buffers might be returned as SUCCESS if the
++ first answer is a SUCCESS. To fix this we add symmetry to
++ TRYAGAIN with the second response. If the second response
++ is a recoverable error we now return TRYAGIN even if the first
++ response was SUCCESS. */
++
+ if (anslen1 > 0)
+ status = gaih_getanswer_slice(answer1, anslen1, qname,
+ &pat, &buffer, &buflen,
+ errnop, h_errnop, ttlp,
+ &first);
++
+ if ((status == NSS_STATUS_SUCCESS || status == NSS_STATUS_NOTFOUND
+ || (status == NSS_STATUS_TRYAGAIN
+ /* We want to look at the second answer in case of an
+@@ -1233,8 +1333,15 @@
+ &pat, &buffer, &buflen,
+ errnop, h_errnop, ttlp,
+ &first);
++ /* Use the second response status in some cases. */
+ if (status != NSS_STATUS_SUCCESS && status2 != NSS_STATUS_NOTFOUND)
+ status = status2;
++ /* Do not return a truncated second response (unless it was
++ unavoidable e.g. unrecoverable TRYAGAIN). */
++ if (status == NSS_STATUS_SUCCESS
++ && (status2 == NSS_STATUS_TRYAGAIN
++ && *errnop == ERANGE && *h_errnop != NO_RECOVERY))
++ status = NSS_STATUS_TRYAGAIN;
+ }
+
+ return status;
+--- a/resolv/res_query.c
++++ b/resolv/res_query.c
+@@ -394,6 +394,7 @@
+ {
+ free (*answerp2);
+ *answerp2 = NULL;
++ *nanswerp2 = 0;
+ *answerp2_malloced = 0;
+ }
+ }
+@@ -433,6 +434,7 @@
+ {
+ free (*answerp2);
+ *answerp2 = NULL;
++ *nanswerp2 = 0;
+ *answerp2_malloced = 0;
+ }
+
+@@ -506,6 +508,7 @@
+ {
+ free (*answerp2);
+ *answerp2 = NULL;
++ *nanswerp2 = 0;
+ *answerp2_malloced = 0;
+ }
+ if (saved_herrno != -1)
+--- a/resolv/res_send.c
++++ b/resolv/res_send.c
+@@ -1,3 +1,20 @@
++/* Copyright (C) 2016 Free Software Foundation, Inc.
++ This file is part of the GNU C Library.
++
++ The GNU C Library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2.1 of the License, or (at your option) any later version.
++
++ The GNU C Library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public
++ License along with the GNU C Library; if not, see
++ <http://www.gnu.org/licenses/>. */
++
+ /*
+ * Copyright (c) 1985, 1989, 1993
+ * The Regents of the University of California. All rights reserved.
+@@ -360,6 +377,8 @@
+ #ifdef USE_HOOKS
+ if (__builtin_expect (statp->qhook || statp->rhook, 0)) {
+ if (anssiz < MAXPACKET && ansp) {
++ /* Always allocate MAXPACKET, callers expect
++ this specific size. */
+ u_char *buf = malloc (MAXPACKET);
+ if (buf == NULL)
+ return (-1);
+@@ -653,6 +672,77 @@
+
+ /* Private */
+
++/* The send_vc function is responsible for sending a DNS query over TCP
++ to the nameserver numbered NS from the res_state STATP i.e.
++ EXT(statp).nssocks[ns]. The function supports sending both IPv4 and
++ IPv6 queries at the same serially on the same socket.
++
++ Please note that for TCP there is no way to disable sending both
++ queries, unlike UDP, which honours RES_SNGLKUP and RES_SNGLKUPREOP
++ and sends the queries serially and waits for the result after each
++ sent query. This implemetnation should be corrected to honour these
++ options.
++
++ Please also note that for TCP we send both queries over the same
++ socket one after another. This technically violates best practice
++ since the server is allowed to read the first query, respond, and
++ then close the socket (to service another client). If the server
++ does this, then the remaining second query in the socket data buffer
++ will cause the server to send the client an RST which will arrive
++ asynchronously and the client's OS will likely tear down the socket
++ receive buffer resulting in a potentially short read and lost
++ response data. This will force the client to retry the query again,
++ and this process may repeat until all servers and connection resets
++ are exhausted and then the query will fail. It's not known if this
++ happens with any frequency in real DNS server implementations. This
++ implementation should be corrected to use two sockets by default for
++ parallel queries.
++
++ The query stored in BUF of BUFLEN length is sent first followed by
++ the query stored in BUF2 of BUFLEN2 length. Queries are sent
++ serially on the same socket.
++
++ Answers to the query are stored firstly in *ANSP up to a max of
++ *ANSSIZP bytes. If more than *ANSSIZP bytes are needed and ANSCP
++ is non-NULL (to indicate that modifying the answer buffer is allowed)
++ then malloc is used to allocate a new response buffer and ANSCP and
++ ANSP will both point to the new buffer. If more than *ANSSIZP bytes
++ are needed but ANSCP is NULL, then as much of the response as
++ possible is read into the buffer, but the results will be truncated.
++ When truncation happens because of a small answer buffer the DNS
++ packets header feild TC will bet set to 1, indicating a truncated
++ message and the rest of the socket data will be read and discarded.
++
++ Answers to the query are stored secondly in *ANSP2 up to a max of
++ *ANSSIZP2 bytes, with the actual response length stored in
++ *RESPLEN2. If more than *ANSSIZP bytes are needed and ANSP2
++ is non-NULL (required for a second query) then malloc is used to
++ allocate a new response buffer, *ANSSIZP2 is set to the new buffer
++ size and *ANSP2_MALLOCED is set to 1.
++
++ The ANSP2_MALLOCED argument will eventually be removed as the
++ change in buffer pointer can be used to detect the buffer has
++ changed and that the caller should use free on the new buffer.
++
++ Note that the answers may arrive in any order from the server and
++ therefore the first and second answer buffers may not correspond to
++ the first and second queries.
++
++ It is not supported to call this function with a non-NULL ANSP2
++ but a NULL ANSCP. Put another way, you can call send_vc with a
++ single unmodifiable buffer or two modifiable buffers, but no other
++ combination is supported.
++
++ It is the caller's responsibility to free the malloc allocated
++ buffers by detecting that the pointers have changed from their
++ original values i.e. *ANSCP or *ANSP2 has changed.
++
++ If errors are encountered then *TERRNO is set to an appropriate
++ errno value and a zero result is returned for a recoverable error,
++ and a less-than zero result is returned for a non-recoverable error.
++
++ If no errors are encountered then *TERRNO is left unmodified and
++ a the length of the first response in bytes is returned. */
+ static int
+ send_vc(res_state statp,
+ const u_char *buf, int buflen, const u_char *buf2, int buflen2,
+@@ -662,11 +752,7 @@
+ {
+ const HEADER *hp = (HEADER *) buf;
+ const HEADER *hp2 = (HEADER *) buf2;
+- u_char *ans = *ansp;
+- int orig_anssizp = *anssizp;
+- // XXX REMOVE
+- // int anssiz = *anssizp;
+- HEADER *anhp = (HEADER *) ans;
++ HEADER *anhp = (HEADER *) *ansp;
+ struct sockaddr_in6 *nsap = EXT(statp).nsaddrs[ns];
+ int truncating, connreset, resplen, n;
+ struct iovec iov[4];
+@@ -742,6 +828,8 @@
+ * Receive length & response
+ */
+ int recvresp1 = 0;
++ /* Skip the second response if there is no second query.
++ To do that we mark the second response as received. */
+ int recvresp2 = buf2 == NULL;
+ uint16_t rlen16;
+ read_len:
+@@ -778,33 +866,14 @@
+ u_char **thisansp;
+ int *thisresplenp;
+ if ((recvresp1 | recvresp2) == 0 || buf2 == NULL) {
++ /* We have not received any responses
++ yet or we only have one response to
++ receive. */
+ thisanssizp = anssizp;
+ thisansp = anscp ?: ansp;
+ assert (anscp != NULL || ansp2 == NULL);
+ thisresplenp = &resplen;
+ } else {
+- if (*anssizp != MAXPACKET) {
+- /* No buffer allocated for the first
+- reply. We can try to use the rest
+- of the user-provided buffer. */
+-#ifdef _STRING_ARCH_unaligned
+- *anssizp2 = orig_anssizp - resplen;
+- *ansp2 = *ansp + resplen;
+-#else
+- int aligned_resplen
+- = ((resplen + __alignof__ (HEADER) - 1)
+- & ~(__alignof__ (HEADER) - 1));
+- *anssizp2 = orig_anssizp - aligned_resplen;
+- *ansp2 = *ansp + aligned_resplen;
+-#endif
+- } else {
+- /* The first reply did not fit into the
+- user-provided buffer. Maybe the second
+- answer will. */
+- *anssizp2 = orig_anssizp;
+- *ansp2 = *ansp;
+- }
+-
+ thisanssizp = anssizp2;
+ thisansp = ansp2;
+ thisresplenp = resplen2;
+@@ -812,10 +881,14 @@
+ anhp = (HEADER *) *thisansp;
+
+ *thisresplenp = rlen;
+- if (rlen > *thisanssizp) {
+- /* Yes, we test ANSCP here. If we have two buffers
+- both will be allocatable. */
+- if (__builtin_expect (anscp != NULL, 1)) {
++ /* Is the answer buffer too small? */
++ if (*thisanssizp < rlen) {
++ /* If the current buffer is non-NULL and it's not
++ pointing at the static user-supplied buffer then
++ we can reallocate it. */
++ if (thisansp != NULL && thisansp != ansp) {
++ /* Always allocate MAXPACKET, callers expect
++ this specific size. */
+ u_char *newp = malloc (MAXPACKET);
+ if (newp == NULL) {
+ *terrno = ENOMEM;
+@@ -827,6 +900,9 @@
+ if (thisansp == ansp2)
+ *ansp2_malloced = 1;
+ anhp = (HEADER *) newp;
++ /* A uint16_t can't be larger than MAXPACKET
++ thus it's safe to allocate MAXPACKET but
++ read RLEN bytes instead. */
+ len = rlen;
+ } else {
+ Dprint(statp->options & RES_DEBUG,
+@@ -998,6 +1074,66 @@
+ return 1;
+ }
+
++/* The send_dg function is responsible for sending a DNS query over UDP
++ to the nameserver numbered NS from the res_state STATP i.e.
++ EXT(statp).nssocks[ns]. The function supports IPv4 and IPv6 queries
++ along with the ability to send the query in parallel for both stacks
++ (default) or serially (RES_SINGLKUP). It also supports serial lookup
++ with a close and reopen of the socket used to talk to the server
++ (RES_SNGLKUPREOP) to work around broken name servers.
++
++ The query stored in BUF of BUFLEN length is sent first followed by
++ the query stored in BUF2 of BUFLEN2 length. Queries are sent
++ in parallel (default) or serially (RES_SINGLKUP or RES_SNGLKUPREOP).
++
++ Answers to the query are stored firstly in *ANSP up to a max of
++ *ANSSIZP bytes. If more than *ANSSIZP bytes are needed and ANSCP
++ is non-NULL (to indicate that modifying the answer buffer is allowed)
++ then malloc is used to allocate a new response buffer and ANSCP and
++ ANSP will both point to the new buffer. If more than *ANSSIZP bytes
++ are needed but ANSCP is NULL, then as much of the response as
++ possible is read into the buffer, but the results will be truncated.
++ When truncation happens because of a small answer buffer the DNS
++ packets header feild TC will bet set to 1, indicating a truncated
++ message, while the rest of the UDP packet is discarded.
++
++ Answers to the query are stored secondly in *ANSP2 up to a max of
++ *ANSSIZP2 bytes, with the actual response length stored in
++ *RESPLEN2. If more than *ANSSIZP bytes are needed and ANSP2
++ is non-NULL (required for a second query) then malloc is used to
++ allocate a new response buffer, *ANSSIZP2 is set to the new buffer
++ size and *ANSP2_MALLOCED is set to 1.
++
++ The ANSP2_MALLOCED argument will eventually be removed as the
++ change in buffer pointer can be used to detect the buffer has
++ changed and that the caller should use free on the new buffer.
++
++ Note that the answers may arrive in any order from the server and
++ therefore the first and second answer buffers may not correspond to
++ the first and second queries.
++
++ It is not supported to call this function with a non-NULL ANSP2
++ but a NULL ANSCP. Put another way, you can call send_vc with a
++ single unmodifiable buffer or two modifiable buffers, but no other
++ combination is supported.
++
++ It is the caller's responsibility to free the malloc allocated
++ buffers by detecting that the pointers have changed from their
++ original values i.e. *ANSCP or *ANSP2 has changed.
++
++ If an answer is truncated because of UDP datagram DNS limits then
++ *V_CIRCUIT is set to 1 and the return value non-zero to indicate to
++ the caller to retry with TCP. The value *GOTSOMEWHERE is set to 1
++ if any progress was made reading a response from the nameserver and
++ is used by the caller to distinguish between ECONNREFUSED and
++ ETIMEDOUT (the latter if *GOTSOMEWHERE is 1).
++
++ If errors are encountered then *TERRNO is set to an appropriate
++ errno value and a zero result is returned for a recoverable error,
++ and a less-than zero result is returned for a non-recoverable error.
++
++ If no errors are encountered then *TERRNO is left unmodified and
++ a the length of the first response in bytes is returned. */
+ static int
+ send_dg(res_state statp,
+ const u_char *buf, int buflen, const u_char *buf2, int buflen2,
+@@ -1007,8 +1143,6 @@
+ {
+ const HEADER *hp = (HEADER *) buf;
+ const HEADER *hp2 = (HEADER *) buf2;
+- u_char *ans = *ansp;
+- int orig_anssizp = *anssizp;
+ struct timespec now, timeout, finish;
+ struct pollfd pfd[1];
+ int ptimeout;
+@@ -1040,6 +1174,8 @@
+ int need_recompute = 0;
+ int nwritten = 0;
+ int recvresp1 = 0;
++ /* Skip the second response if there is no second query.
++ To do that we mark the second response as received. */
+ int recvresp2 = buf2 == NULL;
+ pfd[0].fd = EXT(statp).nssocks[ns];
+ pfd[0].events = POLLOUT;
+@@ -1136,52 +1272,53 @@
+ int *thisresplenp;
+
+ if ((recvresp1 | recvresp2) == 0 || buf2 == NULL) {
++ /* We have not received any responses
++ yet or we only have one response to
++ receive. */
+ thisanssizp = anssizp;
+ thisansp = anscp ?: ansp;
+ assert (anscp != NULL || ansp2 == NULL);
+ thisresplenp = &resplen;
+ } else {
+- if (*anssizp != MAXPACKET) {
+- /* No buffer allocated for the first
+- reply. We can try to use the rest
+- of the user-provided buffer. */
+-#ifdef _STRING_ARCH_unaligned
+- *anssizp2 = orig_anssizp - resplen;
+- *ansp2 = *ansp + resplen;
+-#else
+- int aligned_resplen
+- = ((resplen + __alignof__ (HEADER) - 1)
+- & ~(__alignof__ (HEADER) - 1));
+- *anssizp2 = orig_anssizp - aligned_resplen;
+- *ansp2 = *ansp + aligned_resplen;
+-#endif
+- } else {
+- /* The first reply did not fit into the
+- user-provided buffer. Maybe the second
+- answer will. */
+- *anssizp2 = orig_anssizp;
+- *ansp2 = *ansp;
+- }
+-
+ thisanssizp = anssizp2;
+ thisansp = ansp2;
+ thisresplenp = resplen2;
+ }
+
+ if (*thisanssizp < MAXPACKET
+- /* Yes, we test ANSCP here. If we have two buffers
+- both will be allocatable. */
+- && anscp
++ /* If the current buffer is non-NULL and it's not
++ pointing at the static user-supplied buffer then
++ we can reallocate it. */
++ && (thisansp != NULL && thisansp != ansp)
++ /* Is the size too small? */
+ && (ioctl (pfd[0].fd, FIONREAD, thisresplenp) < 0
+ || *thisanssizp < *thisresplenp)) {
++ /* Always allocate MAXPACKET, callers expect
++ this specific size. */
+ u_char *newp = malloc (MAXPACKET);
+ if (newp != NULL) {
+- *anssizp = MAXPACKET;
+- *thisansp = ans = newp;
++ *thisanssizp = MAXPACKET;
++ *thisansp = newp;
+ if (thisansp == ansp2)
+ *ansp2_malloced = 1;
+ }
+ }
++ /* We could end up with truncation if anscp was NULL
++ (not allowed to change caller's buffer) and the
++ response buffer size is too small. This isn't a
++ reliable way to detect truncation because the ioctl
++ may be an inaccurate report of the UDP message size.
++ Therefore we use this only to issue debug output.
++ To do truncation accurately with UDP we need
++ MSG_TRUNC which is only available on Linux. We
++ can abstract out the Linux-specific feature in the
++ future to detect truncation. */
++ if (__glibc_unlikely (*thisanssizp < *thisresplenp)) {
++ Dprint(statp->options & RES_DEBUG,
++ (stdout, ";; response may be truncated (UDP)\n")
++ );
++ }
++
+ HEADER *anhp = (HEADER *) *thisansp;
+ socklen_t fromlen = sizeof(struct sockaddr_in6);
+ assert (sizeof(from) <= fromlen);
Modified: branches/1.0/initrd.config
===================================================================
--- branches/1.0/initrd.config 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/initrd.config 2016-02-17 18:49:08 UTC (rev 7537)
@@ -97,7 +97,7 @@
BR2_TOOLCHAIN_EXTERNAL=y
# BR2_TOOLCHAIN_CTNG is not set
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
-BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2/i586-unknown-linux-gnu"
+BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2p1/i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_PREFIX="i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_GLIBC=y
Modified: branches/1.0/runnix-iso.config
===================================================================
--- branches/1.0/runnix-iso.config 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/runnix-iso.config 2016-02-17 18:49:08 UTC (rev 7537)
@@ -97,7 +97,7 @@
BR2_TOOLCHAIN_EXTERNAL=y
# BR2_TOOLCHAIN_CTNG is not set
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
-BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2/i586-unknown-linux-gnu"
+BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2p1/i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_PREFIX="i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_GLIBC=y
Modified: branches/1.0/runnix.config
===================================================================
--- branches/1.0/runnix.config 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/runnix.config 2016-02-17 18:49:08 UTC (rev 7537)
@@ -97,7 +97,7 @@
BR2_TOOLCHAIN_EXTERNAL=y
# BR2_TOOLCHAIN_CTNG is not set
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
-BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2/i586-unknown-linux-gnu"
+BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2p1/i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_PREFIX="i586-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_GLIBC=y
Modified: branches/1.0/x86_64-configs/astlinux-ast11.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast11.config 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/x86_64-configs/astlinux-ast11.config 2016-02-17 18:49:08 UTC (rev 7537)
@@ -78,7 +78,7 @@
BR2_TOOLCHAIN_EXTERNAL=y
# BR2_TOOLCHAIN_CTNG is not set
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
-BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2/x86_64-unknown-linux-gnu"
+BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2p1/x86_64-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="x86_64-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_PREFIX="x86_64-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_GLIBC=y
Modified: branches/1.0/x86_64-configs/astlinux-ast13.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast13.config 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/x86_64-configs/astlinux-ast13.config 2016-02-17 18:49:08 UTC (rev 7537)
@@ -78,7 +78,7 @@
BR2_TOOLCHAIN_EXTERNAL=y
# BR2_TOOLCHAIN_CTNG is not set
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
-BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2/x86_64-unknown-linux-gnu"
+BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2p1/x86_64-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="x86_64-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_PREFIX="x86_64-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_GLIBC=y
Modified: branches/1.0/x86_64-configs/astlinux18.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux18.config 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/x86_64-configs/astlinux18.config 2016-02-17 18:49:08 UTC (rev 7537)
@@ -78,7 +78,7 @@
BR2_TOOLCHAIN_EXTERNAL=y
# BR2_TOOLCHAIN_CTNG is not set
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
-BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2/x86_64-unknown-linux-gnu"
+BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2p1/x86_64-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="x86_64-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_PREFIX="x86_64-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_GLIBC=y
Modified: branches/1.0/x86_64-configs/initrd.config
===================================================================
--- branches/1.0/x86_64-configs/initrd.config 2016-02-16 22:55:38 UTC (rev 7536)
+++ branches/1.0/x86_64-configs/initrd.config 2016-02-17 18:49:08 UTC (rev 7537)
@@ -78,7 +78,7 @@
BR2_TOOLCHAIN_EXTERNAL=y
# BR2_TOOLCHAIN_CTNG is not set
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
-BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2/x86_64-unknown-linux-gnu"
+BR2_TOOLCHAIN_EXTERNAL_PATH="$(HOME)/astlinux/x-tools-1.20.0-3.2p1/x86_64-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="x86_64-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_PREFIX="x86_64-unknown-linux-gnu"
BR2_TOOLCHAIN_EXTERNAL_GLIBC=y
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-16 22:55:40
|
Revision: 7536
http://sourceforge.net/p/astlinux/code/7536
Author: abelbeck
Date: 2016-02-16 22:55:38 +0000 (Tue, 16 Feb 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-02-16 22:53:23 UTC (rev 7535)
+++ branches/1.0/docs/ChangeLog.txt 2016-02-16 22:55:38 UTC (rev 7536)
@@ -34,6 +34,8 @@
-- arp-scan, new command for ethernet device discovery.
+-- miniupnpd, version bump to 1.9.20160216
+
** Asterisk
-- Asterisk 1.8.32.3 (security patches), 11.21.2 (version bump) and 13.7.2 (version bump)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-16 22:53:25
|
Revision: 7535
http://sourceforge.net/p/astlinux/code/7535
Author: abelbeck
Date: 2016-02-16 22:53:23 +0000 (Tue, 16 Feb 2016)
Log Message:
-----------
miniupnpd, version bump to 1.9.20160216
Modified Paths:
--------------
branches/1.0/package/miniupnpd/Config.in
branches/1.0/package/miniupnpd/miniupnpd.mk
Modified: branches/1.0/package/miniupnpd/Config.in
===================================================================
--- branches/1.0/package/miniupnpd/Config.in 2016-02-15 22:35:36 UTC (rev 7534)
+++ branches/1.0/package/miniupnpd/Config.in 2016-02-16 22:53:23 UTC (rev 7535)
@@ -2,6 +2,9 @@
bool "miniupnpd"
depends on BR2_LINUX_KERNEL
select BR2_PACKAGE_IPTABLES
+ select BR2_PACKAGE_OPENSSL
+ select BR2_PACKAGE_UTIL_LINUX
+ select BR2_PACKAGE_UTIL_LINUX_LIBUUID
help
Implements UPnP and NAT-PMP/PCP protocols.
Modified: branches/1.0/package/miniupnpd/miniupnpd.mk
===================================================================
--- branches/1.0/package/miniupnpd/miniupnpd.mk 2016-02-15 22:35:36 UTC (rev 7534)
+++ branches/1.0/package/miniupnpd/miniupnpd.mk 2016-02-16 22:53:23 UTC (rev 7535)
@@ -4,14 +4,15 @@
#
#############################################################
-MINIUPNPD_VERSION = 1.9.20160113
+MINIUPNPD_VERSION = 1.9.20160216
MINIUPNPD_SOURCE = miniupnpd-$(MINIUPNPD_VERSION).tar.gz
MINIUPNPD_SITE = http://miniupnp.free.fr/files
-MINIUPNPD_DEPENDENCIES = host-pkg-config linux iptables
+MINIUPNPD_DEPENDENCIES = host-pkg-config linux iptables openssl util-linux
define MINIUPNPD_IPTABLES_PATH_FIX
$(SED) 's:/sbin/iptables:/usr/sbin/iptables:g' \
-e 's:/sbin/ip6tables:/usr/sbin/ip6tables:g' $(@D)/netfilter/ip*.sh
+ $(SED) 's:#define ENABLE_PORT_TRIGGERING:/*&*/:' $(@D)/genconfig.sh
endef
MINIUPNPD_POST_PATCH_HOOKS += MINIUPNPD_IPTABLES_PATH_FIX
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-15 22:35:39
|
Revision: 7534
http://sourceforge.net/p/astlinux/code/7534
Author: abelbeck
Date: 2016-02-15 22:35:36 +0000 (Mon, 15 Feb 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-02-15 22:26:44 UTC (rev 7533)
+++ branches/1.0/docs/ChangeLog.txt 2016-02-15 22:35:36 UTC (rev 7534)
@@ -30,7 +30,7 @@
-- dnscrypt-proxy, version bump to 1.6.1
--- ddclient, now the only dynamic DNS client support, remove 'inadyn' support
+-- ddclient, now the only dynamic DNS client support, enable SSL updates in configs, remove 'inadyn' support.
-- arp-scan, new command for ethernet device discovery.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-15 22:26:45
|
Revision: 7533
http://sourceforge.net/p/astlinux/code/7533
Author: abelbeck
Date: 2016-02-15 22:26:44 +0000 (Mon, 15 Feb 2016)
Log Message:
-----------
ddclient, enable ssl=yes for all supported service types to protect credentials. Seems supported via googling and testing with curl
Modified Paths:
--------------
branches/1.0/package/ddclient/ddclient.conf
Modified: branches/1.0/package/ddclient/ddclient.conf
===================================================================
--- branches/1.0/package/ddclient/ddclient.conf 2016-02-15 15:54:26 UTC (rev 7532)
+++ branches/1.0/package/ddclient/ddclient.conf 2016-02-15 22:26:44 UTC (rev 7533)
@@ -11,6 +11,7 @@
#@zoneedit@>@DDHOST@
#@dyndns@>
#@dyndns@>## dyndns.org dynamic addresses
+#@dyndns@>ssl=yes
#@dyndns@>server=members.dyndns.org
#@dyndns@>protocol=dyndns2
#@dyndns@>login=@DDUSER@
@@ -18,6 +19,7 @@
#@dyndns@>@DDHOST@
#@dyndns-static@>
#@dyndns-static@>## dyndns.org static addresses
+#@dyndns-static@>ssl=yes
#@dyndns-static@>server=members.dyndns.org
#@dyndns-static@>protocol=dyndns2
#@dyndns-static@>login=@DDUSER@
@@ -25,6 +27,7 @@
#@dyndns-static@>static=yes, @DDHOST@
#@dyndns-custom@>
#@dyndns-custom@>## dyndns.org custom addresses
+#@dyndns-custom@>ssl=yes
#@dyndns-custom@>server=members.dyndns.org
#@dyndns-custom@>protocol=dyndns2
#@dyndns-custom@>login=@DDUSER@
@@ -32,6 +35,7 @@
#@dyndns-custom@>custom=yes, @DDHOST@
#@no-ip@>
#@no-ip@>## No-IP
+#@no-ip@>ssl=yes
#@no-ip@>server=dynupdate.no-ip.com
#@no-ip@>protocol=noip
#@no-ip@>login=@DDUSER@
@@ -39,6 +43,7 @@
#@no-ip@>@DDHOST@
#@freedns@>
#@freedns@>## FreeDNS
+#@freedns@>ssl=yes
#@freedns@>server=freedns.afraid.org
#@freedns@>protocol=freedns
#@freedns@>login=@DDUSER@
@@ -70,6 +75,7 @@
#@nsupdate-ipv4@>@DDHOST@
#@easydns@>
#@easydns@>## EasyDNS
+#@easydns@>ssl=yes
#@easydns@>server=members.easydns.com
#@easydns@>protocol=easydns
#@easydns@>login=@DDUSER@
@@ -77,6 +83,7 @@
#@easydns@>@DDHOST@
#@dnspark@>
#@dnspark@>## dnspark.com
+#@dnspark@>ssl=yes
#@dnspark@>server=www.dnspark.com
#@dnspark@>protocol=dnspark
#@dnspark@>login=@DDUSER@
@@ -84,6 +91,7 @@
#@dnspark@>@DDHOST@
#@namecheap@>
#@namecheap@>## NameCheap
+#@namecheap@>ssl=yes
#@namecheap@>server=dynamicdns.park-your-domain.com
#@namecheap@>protocol=namecheap
#@namecheap@>login=@DDUSER@
@@ -91,6 +99,7 @@
#@namecheap@>@DDHOST@
#@changeip@>
#@changeip@>## ChangeIP
+#@changeip@>ssl=yes
#@changeip@>server=nic.changeip.com
#@changeip@>protocol=changeip
#@changeip@>login=@DDUSER@
@@ -98,6 +107,7 @@
#@changeip@>@DDHOST@
#@dtdns@>
#@dtdns@>## DtDNS
+#@dtdns@>ssl=yes
#@dtdns@>server=www.dtdns.com
#@dtdns@>protocol=dtdns
#@dtdns@>client=ddclient
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-15 15:54:29
|
Revision: 7532
http://sourceforge.net/p/astlinux/code/7532
Author: abelbeck
Date: 2016-02-15 15:54:26 +0000 (Mon, 15 Feb 2016)
Log Message:
-----------
asterisk, no functional change, use the 1.8 patches against the latest release rather than the 1.8.28 release, though not mentioned in the PDF, use these patches:
http://downloads.asterisk.org/pub/security/AST-2016-001-1.8.diff
http://downloads.asterisk.org/pub/security/AST-2016-002-1.8.diff
http://downloads.asterisk.org/pub/security/AST-2016-003-1.8.diff
Added Paths:
-----------
branches/1.0/package/asterisk/asterisk-1.8-AST-2016-001-1.8.patch
branches/1.0/package/asterisk/asterisk-1.8-AST-2016-002-1.8.patch
branches/1.0/package/asterisk/asterisk-1.8-AST-2016-003-1.8.patch
Removed Paths:
-------------
branches/1.0/package/asterisk/asterisk-1.8-AST-2016-001-1.8.28.patch
branches/1.0/package/asterisk/asterisk-1.8-AST-2016-002-1.8.28.patch
branches/1.0/package/asterisk/asterisk-1.8-AST-2016-003-1.8.28.patch
Deleted: branches/1.0/package/asterisk/asterisk-1.8-AST-2016-001-1.8.28.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-1.8-AST-2016-001-1.8.28.patch 2016-02-13 22:58:22 UTC (rev 7531)
+++ branches/1.0/package/asterisk/asterisk-1.8-AST-2016-001-1.8.28.patch 2016-02-15 15:54:26 UTC (rev 7532)
@@ -1,140 +0,0 @@
-diff --git a/configs/http.conf.sample b/configs/http.conf.sample
-index 1a7f4fd..9a06fcf 100644
---- a/configs/http.conf.sample
-+++ b/configs/http.conf.sample
-@@ -67,10 +67,31 @@ bindaddr=127.0.0.1
- ; If no path is given for tlscertfile or tlsprivatekey, default is to look in current
- ; directory. If no tlsprivatekey is given, default is to search tlscertfile for private key.
- ;
-+;
- ; To produce a certificate you can e.g. use openssl. This places both the cert and
- ; private in same .pem file.
- ; openssl req -new -x509 -days 365 -nodes -out /tmp/foo.pem -keyout /tmp/foo.pem
- ;
-+; tlscipher= ; The list of allowed ciphers
-+; ; if none are specified the following cipher
-+; ; list will be used instead:
-+; ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:
-+; ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:
-+; kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:
-+; ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:
-+; ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:
-+; DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:
-+; AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:
-+; AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:
-+; !EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
-+;
-+; tlsdisablev1=yes ; Disable TLSv1 support - if not set this defaults to "yes"
-+; tlsdisablev11=yes ; Disable TLSv1.1 support - if not set this defaults to "no"
-+; tlsdisablev12=yes ; Disable TLSv1.2 support - if not set this defaults to "no"
-+;
-+; tlsservercipherorder=yes ; Use the server preference order instead of the client order
-+; ; Defaults to "yes"
-+;
- ; The post_mappings section maps URLs to real paths on the filesystem. If a
- ; POST is done from within an authenticated manager session to one of the
- ; configured POST mappings, then any files in the POST will be placed in the
-diff --git a/include/asterisk/tcptls.h b/include/asterisk/tcptls.h
-index f3f5e1f..eb7166f 100644
---- a/include/asterisk/tcptls.h
-+++ b/include/asterisk/tcptls.h
-@@ -79,7 +79,15 @@ enum ast_ssl_flags {
- /*! Use SSLv3 for outgoing client connections */
- AST_SSL_SSLV3_CLIENT = (1 << 4),
- /*! Use TLSv1 for outgoing client connections */
-- AST_SSL_TLSV1_CLIENT = (1 << 5)
-+ AST_SSL_TLSV1_CLIENT = (1 << 5),
-+ /*! Use server cipher order instead of the client order */
-+ AST_SSL_SERVER_CIPHER_ORDER = (1 << 6),
-+ /*! Disable TLSv1 support */
-+ AST_SSL_DISABLE_TLSV1 = (1 << 7),
-+ /*! Disable TLSv1.1 support */
-+ AST_SSL_DISABLE_TLSV11 = (1 << 8),
-+ /*! Disable TLSv1.2 support */
-+ AST_SSL_DISABLE_TLSV12 = (1 << 9),
- };
-
- struct ast_tls_config {
-diff --git a/main/http.c b/main/http.c
-index 9bebbe7..4bfa985 100644
---- a/main/http.c
-+++ b/main/http.c
-@@ -1118,10 +1118,13 @@ static int __ast_http_load(int reload)
- }
- http_tls_cfg.pvtfile = ast_strdup("");
-
-+ /* Apply modern intermediate settings according to the Mozilla OpSec team as of July 30th, 2015 but disable TLSv1 */
-+ ast_set_flag(&http_tls_cfg.flags, AST_SSL_DISABLE_TLSV1 | AST_SSL_SERVER_CIPHER_ORDER);
-+
- if (http_tls_cfg.cipher) {
- ast_free(http_tls_cfg.cipher);
- }
-- http_tls_cfg.cipher = ast_strdup("");
-+ http_tls_cfg.cipher = ast_strdup("ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA");
-
- AST_RWLIST_WRLOCK(&uri_redirects);
- while ((redirect = AST_RWLIST_REMOVE_HEAD(&uri_redirects, entry))) {
-@@ -1146,8 +1149,6 @@ static int __ast_http_load(int reload)
- && strcasecmp(v->name, "tlsdontverifyserver")
- && strcasecmp(v->name, "tlsclientmethod")
- && strcasecmp(v->name, "sslclientmethod")
-- && strcasecmp(v->name, "tlscipher")
-- && strcasecmp(v->name, "sslcipher")
- && !ast_tls_read_conf(&http_tls_cfg, &https_desc, v->name, v->value)) {
- continue;
- }
-diff --git a/main/tcptls.c b/main/tcptls.c
-index 6f918ce..0f27e45 100644
---- a/main/tcptls.c
-+++ b/main/tcptls.c
-@@ -749,6 +749,7 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client)
- return 0;
- #else
- int disable_ssl = 0;
-+ long ssl_opts = 0;
-
- if (!cfg->enabled)
- return 0;
-@@ -793,11 +794,24 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client)
- * them. SSLv23_*_method supports TLSv1+.
- */
- if (disable_ssl) {
-- long ssl_opts;
-+ ssl_opts |= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
-+ }
-+
-+ if (ast_test_flag(&cfg->flags, AST_SSL_SERVER_CIPHER_ORDER)) {
-+ ssl_opts |= SSL_OP_CIPHER_SERVER_PREFERENCE;
-+ }
-
-- ssl_opts = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
-- SSL_CTX_set_options(cfg->ssl_ctx, ssl_opts);
-+ if (ast_test_flag(&cfg->flags, AST_SSL_DISABLE_TLSV1)) {
-+ ssl_opts |= SSL_OP_NO_TLSv1;
- }
-+ if (ast_test_flag(&cfg->flags, AST_SSL_DISABLE_TLSV11)) {
-+ ssl_opts |= SSL_OP_NO_TLSv1_1;
-+ }
-+ if (ast_test_flag(&cfg->flags, AST_SSL_DISABLE_TLSV12)) {
-+ ssl_opts |= SSL_OP_NO_TLSv1_2;
-+ }
-+
-+ SSL_CTX_set_options(cfg->ssl_ctx, ssl_opts);
-
- SSL_CTX_set_verify(cfg->ssl_ctx,
- ast_test_flag(&cfg->flags, AST_SSL_VERIFY_CLIENT) ? SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT : SSL_VERIFY_NONE,
-@@ -1109,6 +1123,14 @@ int ast_tls_read_conf(struct ast_tls_config *tls_cfg, struct ast_tcptls_session_
- ast_clear_flag(&tls_cfg->flags, AST_SSL_TLSV1_CLIENT);
- ast_clear_flag(&tls_cfg->flags, AST_SSL_SSLV3_CLIENT);
- }
-+ } else if (!strcasecmp(varname, "tlsservercipherorder")) {
-+ ast_set2_flag(&tls_cfg->flags, ast_true(value), AST_SSL_SERVER_CIPHER_ORDER);
-+ } else if (!strcasecmp(varname, "tlsdisablev1")) {
-+ ast_set2_flag(&tls_cfg->flags, ast_true(value), AST_SSL_DISABLE_TLSV1);
-+ } else if (!strcasecmp(varname, "tlsdisablev11")) {
-+ ast_set2_flag(&tls_cfg->flags, ast_true(value), AST_SSL_DISABLE_TLSV11);
-+ } else if (!strcasecmp(varname, "tlsdisablev12")) {
-+ ast_set2_flag(&tls_cfg->flags, ast_true(value), AST_SSL_DISABLE_TLSV12);
- } else {
- return -1;
- }
Added: branches/1.0/package/asterisk/asterisk-1.8-AST-2016-001-1.8.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-1.8-AST-2016-001-1.8.patch (rev 0)
+++ branches/1.0/package/asterisk/asterisk-1.8-AST-2016-001-1.8.patch 2016-02-15 15:54:26 UTC (rev 7532)
@@ -0,0 +1,140 @@
+diff --git a/configs/http.conf.sample b/configs/http.conf.sample
+index 1a7f4fd..9a06fcf 100644
+--- a/configs/http.conf.sample
++++ b/configs/http.conf.sample
+@@ -67,10 +67,31 @@ bindaddr=127.0.0.1
+ ; If no path is given for tlscertfile or tlsprivatekey, default is to look in current
+ ; directory. If no tlsprivatekey is given, default is to search tlscertfile for private key.
+ ;
++;
+ ; To produce a certificate you can e.g. use openssl. This places both the cert and
+ ; private in same .pem file.
+ ; openssl req -new -x509 -days 365 -nodes -out /tmp/foo.pem -keyout /tmp/foo.pem
+ ;
++; tlscipher= ; The list of allowed ciphers
++; ; if none are specified the following cipher
++; ; list will be used instead:
++; ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:
++; ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:
++; kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:
++; ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:
++; ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:
++; DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:
++; AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:
++; AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:
++; !EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
++;
++; tlsdisablev1=yes ; Disable TLSv1 support - if not set this defaults to "yes"
++; tlsdisablev11=yes ; Disable TLSv1.1 support - if not set this defaults to "no"
++; tlsdisablev12=yes ; Disable TLSv1.2 support - if not set this defaults to "no"
++;
++; tlsservercipherorder=yes ; Use the server preference order instead of the client order
++; ; Defaults to "yes"
++;
+ ; The post_mappings section maps URLs to real paths on the filesystem. If a
+ ; POST is done from within an authenticated manager session to one of the
+ ; configured POST mappings, then any files in the POST will be placed in the
+diff --git a/include/asterisk/tcptls.h b/include/asterisk/tcptls.h
+index f3f5e1f..eb7166f 100644
+--- a/include/asterisk/tcptls.h
++++ b/include/asterisk/tcptls.h
+@@ -79,7 +79,15 @@ enum ast_ssl_flags {
+ /*! Use SSLv3 for outgoing client connections */
+ AST_SSL_SSLV3_CLIENT = (1 << 4),
+ /*! Use TLSv1 for outgoing client connections */
+- AST_SSL_TLSV1_CLIENT = (1 << 5)
++ AST_SSL_TLSV1_CLIENT = (1 << 5),
++ /*! Use server cipher order instead of the client order */
++ AST_SSL_SERVER_CIPHER_ORDER = (1 << 6),
++ /*! Disable TLSv1 support */
++ AST_SSL_DISABLE_TLSV1 = (1 << 7),
++ /*! Disable TLSv1.1 support */
++ AST_SSL_DISABLE_TLSV11 = (1 << 8),
++ /*! Disable TLSv1.2 support */
++ AST_SSL_DISABLE_TLSV12 = (1 << 9),
+ };
+
+ struct ast_tls_config {
+diff --git a/main/http.c b/main/http.c
+index 9bebbe7..4bfa985 100644
+--- a/main/http.c
++++ b/main/http.c
+@@ -1118,10 +1118,13 @@ static int __ast_http_load(int reload)
+ }
+ http_tls_cfg.pvtfile = ast_strdup("");
+
++ /* Apply modern intermediate settings according to the Mozilla OpSec team as of July 30th, 2015 but disable TLSv1 */
++ ast_set_flag(&http_tls_cfg.flags, AST_SSL_DISABLE_TLSV1 | AST_SSL_SERVER_CIPHER_ORDER);
++
+ if (http_tls_cfg.cipher) {
+ ast_free(http_tls_cfg.cipher);
+ }
+- http_tls_cfg.cipher = ast_strdup("");
++ http_tls_cfg.cipher = ast_strdup("ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA");
+
+ AST_RWLIST_WRLOCK(&uri_redirects);
+ while ((redirect = AST_RWLIST_REMOVE_HEAD(&uri_redirects, entry))) {
+@@ -1146,8 +1149,6 @@ static int __ast_http_load(int reload)
+ && strcasecmp(v->name, "tlsdontverifyserver")
+ && strcasecmp(v->name, "tlsclientmethod")
+ && strcasecmp(v->name, "sslclientmethod")
+- && strcasecmp(v->name, "tlscipher")
+- && strcasecmp(v->name, "sslcipher")
+ && !ast_tls_read_conf(&http_tls_cfg, &https_desc, v->name, v->value)) {
+ continue;
+ }
+diff --git a/main/tcptls.c b/main/tcptls.c
+index a5a2af6..f73c2aa 100644
+--- a/main/tcptls.c
++++ b/main/tcptls.c
+@@ -749,6 +749,7 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client)
+ return 0;
+ #else
+ int disable_ssl = 0;
++ long ssl_opts = 0;
+
+ if (!cfg->enabled)
+ return 0;
+@@ -793,11 +794,24 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client)
+ * them. SSLv23_*_method supports TLSv1+.
+ */
+ if (disable_ssl) {
+- long ssl_opts;
++ ssl_opts |= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
++ }
++
++ if (ast_test_flag(&cfg->flags, AST_SSL_SERVER_CIPHER_ORDER)) {
++ ssl_opts |= SSL_OP_CIPHER_SERVER_PREFERENCE;
++ }
+
+- ssl_opts = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
+- SSL_CTX_set_options(cfg->ssl_ctx, ssl_opts);
++ if (ast_test_flag(&cfg->flags, AST_SSL_DISABLE_TLSV1)) {
++ ssl_opts |= SSL_OP_NO_TLSv1;
+ }
++ if (ast_test_flag(&cfg->flags, AST_SSL_DISABLE_TLSV11)) {
++ ssl_opts |= SSL_OP_NO_TLSv1_1;
++ }
++ if (ast_test_flag(&cfg->flags, AST_SSL_DISABLE_TLSV12)) {
++ ssl_opts |= SSL_OP_NO_TLSv1_2;
++ }
++
++ SSL_CTX_set_options(cfg->ssl_ctx, ssl_opts);
+
+ SSL_CTX_set_verify(cfg->ssl_ctx,
+ ast_test_flag(&cfg->flags, AST_SSL_VERIFY_CLIENT) ? SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT : SSL_VERIFY_NONE,
+@@ -1109,6 +1123,14 @@ int ast_tls_read_conf(struct ast_tls_config *tls_cfg, struct ast_tcptls_session_
+ ast_clear_flag(&tls_cfg->flags, AST_SSL_TLSV1_CLIENT);
+ ast_clear_flag(&tls_cfg->flags, AST_SSL_SSLV3_CLIENT);
+ }
++ } else if (!strcasecmp(varname, "tlsservercipherorder")) {
++ ast_set2_flag(&tls_cfg->flags, ast_true(value), AST_SSL_SERVER_CIPHER_ORDER);
++ } else if (!strcasecmp(varname, "tlsdisablev1")) {
++ ast_set2_flag(&tls_cfg->flags, ast_true(value), AST_SSL_DISABLE_TLSV1);
++ } else if (!strcasecmp(varname, "tlsdisablev11")) {
++ ast_set2_flag(&tls_cfg->flags, ast_true(value), AST_SSL_DISABLE_TLSV11);
++ } else if (!strcasecmp(varname, "tlsdisablev12")) {
++ ast_set2_flag(&tls_cfg->flags, ast_true(value), AST_SSL_DISABLE_TLSV12);
+ } else {
+ return -1;
+ }
Deleted: branches/1.0/package/asterisk/asterisk-1.8-AST-2016-002-1.8.28.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-1.8-AST-2016-002-1.8.28.patch 2016-02-13 22:58:22 UTC (rev 7531)
+++ branches/1.0/package/asterisk/asterisk-1.8-AST-2016-002-1.8.28.patch 2016-02-15 15:54:26 UTC (rev 7532)
@@ -1,18 +0,0 @@
-diff --git a/channels/chan_sip.c b/channels/chan_sip.c
-index 16e3e53..86c52e9 100644
---- a/channels/chan_sip.c
-+++ b/channels/chan_sip.c
-@@ -3771,6 +3771,13 @@ static int retrans_pkt(const void *data)
- }
-
- /* For non-invites, a maximum of 4 secs */
-+ if (INT_MAX / pkt->timer_a < pkt->timer_t1) {
-+ /*
-+ * Uh Oh, we will have an integer overflow.
-+ * Recalculate previous timeout time instead.
-+ */
-+ pkt->timer_a = pkt->timer_a / 2;
-+ }
- siptimer_a = pkt->timer_t1 * pkt->timer_a; /* Double each time */
- if (pkt->method != SIP_INVITE && siptimer_a > 4000) {
- siptimer_a = 4000;
Added: branches/1.0/package/asterisk/asterisk-1.8-AST-2016-002-1.8.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-1.8-AST-2016-002-1.8.patch (rev 0)
+++ branches/1.0/package/asterisk/asterisk-1.8-AST-2016-002-1.8.patch 2016-02-15 15:54:26 UTC (rev 7532)
@@ -0,0 +1,18 @@
+diff --git a/channels/chan_sip.c b/channels/chan_sip.c
+index 5de304a..277eec7 100644
+--- a/channels/chan_sip.c
++++ b/channels/chan_sip.c
+@@ -3771,6 +3771,13 @@ static int retrans_pkt(const void *data)
+ }
+
+ /* For non-invites, a maximum of 4 secs */
++ if (INT_MAX / pkt->timer_a < pkt->timer_t1) {
++ /*
++ * Uh Oh, we will have an integer overflow.
++ * Recalculate previous timeout time instead.
++ */
++ pkt->timer_a = pkt->timer_a / 2;
++ }
+ siptimer_a = pkt->timer_t1 * pkt->timer_a; /* Double each time */
+ if (pkt->method != SIP_INVITE && siptimer_a > 4000) {
+ siptimer_a = 4000;
Deleted: branches/1.0/package/asterisk/asterisk-1.8-AST-2016-003-1.8.28.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-1.8-AST-2016-003-1.8.28.patch 2016-02-13 22:58:22 UTC (rev 7531)
+++ branches/1.0/package/asterisk/asterisk-1.8-AST-2016-003-1.8.28.patch 2016-02-15 15:54:26 UTC (rev 7532)
@@ -1,28 +0,0 @@
-diff --git a/main/udptl.c b/main/udptl.c
-index 8885d7a..136dcb6 100644
---- a/main/udptl.c
-+++ b/main/udptl.c
-@@ -231,16 +231,15 @@ static int decode_open_type(uint8_t *buf, unsigned int limit, unsigned int *len,
- if (decode_length(buf, limit, len, &octet_cnt) != 0)
- return -1;
-
-- if (octet_cnt > 0) {
-- /* Make sure the buffer contains at least the number of bits requested */
-- if ((*len + octet_cnt) > limit)
-- return -1;
--
-- *p_num_octets = octet_cnt;
-- *p_object = &buf[*len];
-- *len += octet_cnt;
-+ /* Make sure the buffer contains at least the number of bits requested */
-+ if ((*len + octet_cnt) > limit) {
-+ return -1;
- }
-
-+ *p_num_octets = octet_cnt;
-+ *p_object = &buf[*len];
-+ *len += octet_cnt;
-+
- return 0;
- }
- /*- End of function --------------------------------------------------------*/
Added: branches/1.0/package/asterisk/asterisk-1.8-AST-2016-003-1.8.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-1.8-AST-2016-003-1.8.patch (rev 0)
+++ branches/1.0/package/asterisk/asterisk-1.8-AST-2016-003-1.8.patch 2016-02-15 15:54:26 UTC (rev 7532)
@@ -0,0 +1,28 @@
+diff --git a/main/udptl.c b/main/udptl.c
+index a8244e8..6960487 100644
+--- a/main/udptl.c
++++ b/main/udptl.c
+@@ -231,16 +231,15 @@ static int decode_open_type(uint8_t *buf, unsigned int limit, unsigned int *len,
+ if (decode_length(buf, limit, len, &octet_cnt) != 0)
+ return -1;
+
+- if (octet_cnt > 0) {
+- /* Make sure the buffer contains at least the number of bits requested */
+- if ((*len + octet_cnt) > limit)
+- return -1;
+-
+- *p_num_octets = octet_cnt;
+- *p_object = &buf[*len];
+- *len += octet_cnt;
++ /* Make sure the buffer contains at least the number of bits requested */
++ if ((*len + octet_cnt) > limit) {
++ return -1;
+ }
+
++ *p_num_octets = octet_cnt;
++ *p_object = &buf[*len];
++ *len += octet_cnt;
++
+ return 0;
+ }
+ /*- End of function --------------------------------------------------------*/
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-13 22:58:23
|
Revision: 7531
http://sourceforge.net/p/astlinux/code/7531
Author: abelbeck
Date: 2016-02-13 22:58:22 +0000 (Sat, 13 Feb 2016)
Log Message:
-----------
arnofw, added support for ICMPv6 Multicast Listener Discovery, eliminate annoying ICMPv6 logging, Thanks David Kerr
Ref: https://github.com/arno-iptables-firewall/aif/commit/7bd64927a401050769b7da18fd2ae52370cc2390
Added Paths:
-----------
branches/1.0/package/arnofw/arnofw-icmpv6-add-MLD-cleanup-logging.patch
Added: branches/1.0/package/arnofw/arnofw-icmpv6-add-MLD-cleanup-logging.patch
===================================================================
--- branches/1.0/package/arnofw/arnofw-icmpv6-add-MLD-cleanup-logging.patch (rev 0)
+++ branches/1.0/package/arnofw/arnofw-icmpv6-add-MLD-cleanup-logging.patch 2016-02-13 22:58:22 UTC (rev 7531)
@@ -0,0 +1,75 @@
+From 7bd64927a401050769b7da18fd2ae52370cc2390 Mon Sep 17 00:00:00 2001
+From: Lonnie Abelbeck <lo...@ab...>
+Date: Sat, 13 Feb 2016 16:16:16 -0600
+Subject: [PATCH] changed: added support for ICMPv6 Multicast Listener
+ Discovery, disabled by default with OPEN_ICMPV6_MLD=0. Additionally make sure
+ all un-needed ICMPv6 packets are dropped so they don't appear as annoying
+ logs, more common with native IPv6 support by ISP's. Thanks to David Kerr for
+ pointing out the issue and testing a solution.
+
+---
+ bin/arno-iptables-firewall | 10 ++++++++++
+ etc/arno-iptables-firewall/firewall.conf | 6 ++++++
+ share/arno-iptables-firewall/environment | 4 ++++
+ 3 files changed, 20 insertions(+)
+
+diff --git a/bin/arno-iptables-firewall b/bin/arno-iptables-firewall
+index f5095a5..b02a85f 100755
+--- a/bin/arno-iptables-firewall
++++ b/bin/arno-iptables-firewall
+@@ -4574,6 +4574,11 @@ setup_firewall_rules()
+ for icmpv6_type in $ICMPV6_SPECIAL_TYPES; do
+ ip6tables -A INPUT -i $interface -p icmpv6 --icmpv6-type $icmpv6_type -m hl --hl-eq 255 -j ACCEPT
+ done
++ if [ "$OPEN_ICMPV6_MLD" = "1" ]; then
++ for icmpv6_type in $ICMPV6_MLD_TYPES; do
++ ip6tables -A INPUT -i $interface -p icmpv6 --icmpv6-type $icmpv6_type -s fe80::/10 -m hl --hl-eq 1 -j ACCEPT
++ done
++ fi
+ fi
+
+ # Apply external (internet) interface policy for the input chain:
+@@ -4592,6 +4597,11 @@ setup_firewall_rules()
+
+ # ICMP traffic (flood)
+ iptables -A INPUT -i $interface -p icmp -m state --state NEW -j EXT_ICMP_FLOOD_CHAIN
++
++ # Drop any remaining ICMPv6 traffic
++ if [ "$IPV6_SUPPORT" = "1" ]; then
++ ip6tables -A INPUT -i $interface -p icmpv6 -j POST_INPUT_DROP_CHAIN
++ fi
+ done
+
+
+diff --git a/etc/arno-iptables-firewall/firewall.conf b/etc/arno-iptables-firewall/firewall.conf
+index 9e80e20..2291916 100644
+--- a/etc/arno-iptables-firewall/firewall.conf
++++ b/etc/arno-iptables-firewall/firewall.conf
+@@ -1158,6 +1158,12 @@ OPEN_ICMP=0
+ # -----------------------------------------------------------------------------
+ OPEN_ICMPV6=1
+
++# Enable (1) to make the default policy allow IPv6 ICMPv6
++# Multicast Listener Discovery (RFC 2710, 3810) for INET access
++# Note: Requires setting OPEN_ICMPV6=1 to apply.
++# -----------------------------------------------------------------------------
++OPEN_ICMPV6_MLD=0
++
+ # Put in the following variables which ports or IP protocols you want to leave
+ # open to the whole world.
+ # -----------------------------------------------------------------------------
+diff --git a/share/arno-iptables-firewall/environment b/share/arno-iptables-firewall/environment
+index 5728e4c..616c29c 100644
+--- a/share/arno-iptables-firewall/environment
++++ b/share/arno-iptables-firewall/environment
+@@ -1698,6 +1698,10 @@ fi
+ ######################################################################
+ ICMPV6_SPECIAL_TYPES="133 134 135 136"
+
++# IPv6 ICMPv6 Multicast Listener Discovery (RFC 2710, 3810)
++######################################################################
++ICMPV6_MLD_TYPES="130 131 132 143"
++
+ # Check plugin bin path and fallback in case it's empty
+ #######################################################
+ if [ -z "$PLUGIN_BIN_PATH" ]; then
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-13 05:26:56
|
Revision: 7530
http://sourceforge.net/p/astlinux/code/7530
Author: abelbeck
Date: 2016-02-13 05:26:54 +0000 (Sat, 13 Feb 2016)
Log Message:
-----------
arp-scan, fix build issue for 32-bit targets
Modified Paths:
--------------
branches/1.0/package/arp-scan/arp-scan.mk
Modified: branches/1.0/package/arp-scan/arp-scan.mk
===================================================================
--- branches/1.0/package/arp-scan/arp-scan.mk 2016-02-13 00:31:23 UTC (rev 7529)
+++ branches/1.0/package/arp-scan/arp-scan.mk 2016-02-13 05:26:54 UTC (rev 7530)
@@ -9,6 +9,9 @@
ARP_SCAN_DEPENDENCIES = libpcap
+# Only used and needed for 32-bit targets
+ARP_SCAN_CONF_ENV = pgac_cv_snprintf_long_long_int_format="%lld"
+
define ARP_SCAN_INSTALL_TARGET_CMDS
$(INSTALL) -D -m 0755 $(@D)/arp-scan $(TARGET_DIR)/usr/bin/arp-scan
endef
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-13 00:31:25
|
Revision: 7529
http://sourceforge.net/p/astlinux/code/7529
Author: abelbeck
Date: 2016-02-13 00:31:23 +0000 (Sat, 13 Feb 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-02-13 00:28:43 UTC (rev 7528)
+++ branches/1.0/docs/ChangeLog.txt 2016-02-13 00:31:23 UTC (rev 7529)
@@ -32,6 +32,8 @@
-- ddclient, now the only dynamic DNS client support, remove 'inadyn' support
+-- arp-scan, new command for ethernet device discovery.
+
** Asterisk
-- Asterisk 1.8.32.3 (security patches), 11.21.2 (version bump) and 13.7.2 (version bump)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-13 00:28:45
|
Revision: 7528
http://sourceforge.net/p/astlinux/code/7528
Author: abelbeck
Date: 2016-02-13 00:28:43 +0000 (Sat, 13 Feb 2016)
Log Message:
-----------
arp-scan, new package, patched to share mac2vendor OUI database, only adds 55 KB uncompressed
Modified Paths:
--------------
branches/1.0/astlinux-ast11.config
branches/1.0/astlinux-ast13.config
branches/1.0/astlinux18.config
branches/1.0/initrd.config
branches/1.0/package/Config.in
branches/1.0/runnix-iso.config
branches/1.0/runnix.config
branches/1.0/x86_64-configs/astlinux-ast11.config
branches/1.0/x86_64-configs/astlinux-ast13.config
branches/1.0/x86_64-configs/astlinux18.config
branches/1.0/x86_64-configs/initrd.config
Added Paths:
-----------
branches/1.0/package/arp-scan/
branches/1.0/package/arp-scan/Config.in
branches/1.0/package/arp-scan/arp-scan-local-oui-db.patch
branches/1.0/package/arp-scan/arp-scan.mk
Modified: branches/1.0/astlinux-ast11.config
===================================================================
--- branches/1.0/astlinux-ast11.config 2016-02-12 17:02:42 UTC (rev 7527)
+++ branches/1.0/astlinux-ast11.config 2016-02-13 00:28:43 UTC (rev 7528)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7510-dirty Configuration
-# Tue Feb 9 12:36:48 2016
+# Buildroot 2011.08-svn7527-dirty Configuration
+# Fri Feb 12 18:21:26 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -679,6 +679,7 @@
# BR2_PACKAGE_APCUPSD is not set
# BR2_PACKAGE_ARGUS is not set
BR2_PACKAGE_ARNOFW=y
+BR2_PACKAGE_ARP_SCAN=y
# BR2_PACKAGE_AVAHI is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
Modified: branches/1.0/astlinux-ast13.config
===================================================================
--- branches/1.0/astlinux-ast13.config 2016-02-12 17:02:42 UTC (rev 7527)
+++ branches/1.0/astlinux-ast13.config 2016-02-13 00:28:43 UTC (rev 7528)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7510-dirty Configuration
-# Tue Feb 9 12:36:51 2016
+# Buildroot 2011.08-svn7527-dirty Configuration
+# Fri Feb 12 18:21:26 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -679,6 +679,7 @@
# BR2_PACKAGE_APCUPSD is not set
# BR2_PACKAGE_ARGUS is not set
BR2_PACKAGE_ARNOFW=y
+BR2_PACKAGE_ARP_SCAN=y
# BR2_PACKAGE_AVAHI is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
Modified: branches/1.0/astlinux18.config
===================================================================
--- branches/1.0/astlinux18.config 2016-02-12 17:02:42 UTC (rev 7527)
+++ branches/1.0/astlinux18.config 2016-02-13 00:28:43 UTC (rev 7528)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7510-dirty Configuration
-# Tue Feb 9 12:36:45 2016
+# Buildroot 2011.08-svn7527-dirty Configuration
+# Fri Feb 12 18:21:26 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -679,6 +679,7 @@
# BR2_PACKAGE_APCUPSD is not set
# BR2_PACKAGE_ARGUS is not set
BR2_PACKAGE_ARNOFW=y
+BR2_PACKAGE_ARP_SCAN=y
# BR2_PACKAGE_AVAHI is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
Modified: branches/1.0/initrd.config
===================================================================
--- branches/1.0/initrd.config 2016-02-12 17:02:42 UTC (rev 7527)
+++ branches/1.0/initrd.config 2016-02-13 00:28:43 UTC (rev 7528)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7510-dirty Configuration
-# Tue Feb 9 12:36:57 2016
+# Buildroot 2011.08-svn7527-dirty Configuration
+# Fri Feb 12 18:21:26 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -559,6 +559,7 @@
# BR2_PACKAGE_APCUPSD is not set
# BR2_PACKAGE_ARGUS is not set
# BR2_PACKAGE_ARNOFW is not set
+# BR2_PACKAGE_ARP_SCAN is not set
# BR2_PACKAGE_AVAHI is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
Modified: branches/1.0/package/Config.in
===================================================================
--- branches/1.0/package/Config.in 2016-02-12 17:02:42 UTC (rev 7527)
+++ branches/1.0/package/Config.in 2016-02-13 00:28:43 UTC (rev 7528)
@@ -443,6 +443,7 @@
source "package/apcupsd/Config.in"
source "package/argus/Config.in"
source "package/arnofw/Config.in"
+source "package/arp-scan/Config.in"
source "package/avahi/Config.in"
source "package/axel/Config.in"
source "package/bluez_utils/Config.in"
Added: branches/1.0/package/arp-scan/Config.in
===================================================================
--- branches/1.0/package/arp-scan/Config.in (rev 0)
+++ branches/1.0/package/arp-scan/Config.in 2016-02-13 00:28:43 UTC (rev 7528)
@@ -0,0 +1,13 @@
+config BR2_PACKAGE_ARP_SCAN
+ bool "arp-scan"
+ default n
+ select BR2_PACKAGE_LIBPCAP
+ # mac2vendor is only a runtime dependency
+ select BR2_PACKAGE_MAC2VENDOR
+ help
+ The ARP scanner
+
+ https://github.com/royhills/arp-scan/
+
+ http://linux.die.net/man/1/arp-scan
+
Added: branches/1.0/package/arp-scan/arp-scan-local-oui-db.patch
===================================================================
--- branches/1.0/package/arp-scan/arp-scan-local-oui-db.patch (rev 0)
+++ branches/1.0/package/arp-scan/arp-scan-local-oui-db.patch 2016-02-13 00:28:43 UTC (rev 7528)
@@ -0,0 +1,54 @@
+--- arp-scan-1.9/arp-scan.c.orig 2016-02-12 16:06:08.000000000 -0600
++++ arp-scan-1.9/arp-scan.c 2016-02-12 16:48:27.000000000 -0600
+@@ -331,32 +331,21 @@
+ * Create MAC/Vendor hash table if quiet if not in effect.
+ */
+ if (!quiet_flag) {
+- char *fn;
++ const char *list = "0123456789ABCDEF";
++ const char *cp;
++ char fn[32];
+ int count;
+
+ if ((hash_table = hash_new()) == NULL)
+ err_sys("hash_new");
+
+- fn = get_mac_vendor_filename(ouifilename, DATADIR, OUIFILENAME);
+- count = add_mac_vendor(hash_table, fn);
+- if (verbose > 1 && count > 0)
+- warn_msg("DEBUG: Loaded %d IEEE OUI/Vendor entries from %s.",
+- count, fn);
+- free(fn);
+-
+- fn = get_mac_vendor_filename(iabfilename, DATADIR, IABFILENAME);
+- count = add_mac_vendor(hash_table, fn);
+- if (verbose > 1 && count > 0)
+- warn_msg("DEBUG: Loaded %d IEEE IAB/Vendor entries from %s.",
+- count, fn);
+- free(fn);
+-
+- fn = get_mac_vendor_filename(macfilename, DATADIR, MACFILENAME);
+- count = add_mac_vendor(hash_table, fn);
+- if (verbose > 1 && count > 0)
+- warn_msg("DEBUG: Loaded %d MAC/Vendor entries from %s.",
+- count, fn);
+- free(fn);
++ for (cp = list; *cp != '\0'; cp++) {
++ snprintf(fn, 32, "/usr/share/oui-db/xxxxx%c", *cp);
++ count = add_mac_vendor(hash_table, fn);
++ if (verbose > 1 && count > 0)
++ warn_msg("DEBUG: Loaded %d IEEE OUI/Vendor entries from %s.",
++ count, fn);
++ }
+ }
+ /*
+ * Populate the list from the specified file if --file was specified, or
+@@ -2269,7 +2258,7 @@
+ add_mac_vendor(struct hash_control *table, const char *map_filename) {
+ static int first_call=1;
+ FILE *fp; /* MAC/Vendor file handle */
+- static const char *oui_pat_str = "([^\t]+)\t[\t ]*([^\t\r\n]+)";
++ static const char *oui_pat_str = "([^~]+)~[\t ]*([^\t\r\n]+)";
+ static regex_t oui_pat;
+ regmatch_t pmatch[3];
+ size_t key_len;
Added: branches/1.0/package/arp-scan/arp-scan.mk
===================================================================
--- branches/1.0/package/arp-scan/arp-scan.mk (rev 0)
+++ branches/1.0/package/arp-scan/arp-scan.mk 2016-02-13 00:28:43 UTC (rev 7528)
@@ -0,0 +1,20 @@
+################################################################################
+#
+# arp-scan
+#
+################################################################################
+ARP_SCAN_VERSION = 1.9
+ARP_SCAN_SOURCE = arp-scan-$(ARP_SCAN_VERSION).tar.gz
+ARP_SCAN_SITE = https://github.com/royhills/arp-scan/releases/download/$(ARP_SCAN_VERSION)
+
+ARP_SCAN_DEPENDENCIES = libpcap
+
+define ARP_SCAN_INSTALL_TARGET_CMDS
+ $(INSTALL) -D -m 0755 $(@D)/arp-scan $(TARGET_DIR)/usr/bin/arp-scan
+endef
+
+define ARP_SCAN_UNINSTALL_TARGET_CMDS
+ rm -f $(TARGET_DIR)/usr/bin/arp-scan
+endef
+
+$(eval $(call AUTOTARGETS,package,arp-scan))
Modified: branches/1.0/runnix-iso.config
===================================================================
--- branches/1.0/runnix-iso.config 2016-02-12 17:02:42 UTC (rev 7527)
+++ branches/1.0/runnix-iso.config 2016-02-13 00:28:43 UTC (rev 7528)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7510-dirty Configuration
-# Tue Feb 9 12:37:09 2016
+# Buildroot 2011.08-svn7527-dirty Configuration
+# Fri Feb 12 18:21:27 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -587,6 +587,7 @@
# BR2_PACKAGE_APCUPSD is not set
# BR2_PACKAGE_ARGUS is not set
# BR2_PACKAGE_ARNOFW is not set
+# BR2_PACKAGE_ARP_SCAN is not set
# BR2_PACKAGE_AVAHI is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
Modified: branches/1.0/runnix.config
===================================================================
--- branches/1.0/runnix.config 2016-02-12 17:02:42 UTC (rev 7527)
+++ branches/1.0/runnix.config 2016-02-13 00:28:43 UTC (rev 7528)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7510-dirty Configuration
-# Tue Feb 9 12:37:03 2016
+# Buildroot 2011.08-svn7527-dirty Configuration
+# Fri Feb 12 18:21:26 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -588,6 +588,7 @@
# BR2_PACKAGE_APCUPSD is not set
# BR2_PACKAGE_ARGUS is not set
# BR2_PACKAGE_ARNOFW is not set
+# BR2_PACKAGE_ARP_SCAN is not set
# BR2_PACKAGE_AVAHI is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast11.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast11.config 2016-02-12 17:02:42 UTC (rev 7527)
+++ branches/1.0/x86_64-configs/astlinux-ast11.config 2016-02-13 00:28:43 UTC (rev 7528)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7510-dirty Configuration
-# Tue Feb 9 12:37:21 2016
+# Buildroot 2011.08-svn7527-dirty Configuration
+# Fri Feb 12 18:21:27 2016
#
BR2_HAVE_DOT_CONFIG=y
BR2_ARCH_IS_64=y
@@ -660,6 +660,7 @@
# BR2_PACKAGE_APCUPSD is not set
# BR2_PACKAGE_ARGUS is not set
BR2_PACKAGE_ARNOFW=y
+BR2_PACKAGE_ARP_SCAN=y
# BR2_PACKAGE_AVAHI is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast13.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast13.config 2016-02-12 17:02:42 UTC (rev 7527)
+++ branches/1.0/x86_64-configs/astlinux-ast13.config 2016-02-13 00:28:43 UTC (rev 7528)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7510-dirty Configuration
-# Tue Feb 9 12:37:23 2016
+# Buildroot 2011.08-svn7527-dirty Configuration
+# Fri Feb 12 18:21:27 2016
#
BR2_HAVE_DOT_CONFIG=y
BR2_ARCH_IS_64=y
@@ -660,6 +660,7 @@
# BR2_PACKAGE_APCUPSD is not set
# BR2_PACKAGE_ARGUS is not set
BR2_PACKAGE_ARNOFW=y
+BR2_PACKAGE_ARP_SCAN=y
# BR2_PACKAGE_AVAHI is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
Modified: branches/1.0/x86_64-configs/astlinux18.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux18.config 2016-02-12 17:02:42 UTC (rev 7527)
+++ branches/1.0/x86_64-configs/astlinux18.config 2016-02-13 00:28:43 UTC (rev 7528)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7510-dirty Configuration
-# Tue Feb 9 12:37:14 2016
+# Buildroot 2011.08-svn7527-dirty Configuration
+# Fri Feb 12 18:21:27 2016
#
BR2_HAVE_DOT_CONFIG=y
BR2_ARCH_IS_64=y
@@ -660,6 +660,7 @@
# BR2_PACKAGE_APCUPSD is not set
# BR2_PACKAGE_ARGUS is not set
BR2_PACKAGE_ARNOFW=y
+BR2_PACKAGE_ARP_SCAN=y
# BR2_PACKAGE_AVAHI is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
Modified: branches/1.0/x86_64-configs/initrd.config
===================================================================
--- branches/1.0/x86_64-configs/initrd.config 2016-02-12 17:02:42 UTC (rev 7527)
+++ branches/1.0/x86_64-configs/initrd.config 2016-02-13 00:28:43 UTC (rev 7528)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7510-dirty Configuration
-# Tue Feb 9 12:37:26 2016
+# Buildroot 2011.08-svn7527-dirty Configuration
+# Fri Feb 12 18:21:27 2016
#
BR2_HAVE_DOT_CONFIG=y
BR2_ARCH_IS_64=y
@@ -540,6 +540,7 @@
# BR2_PACKAGE_APCUPSD is not set
# BR2_PACKAGE_ARGUS is not set
# BR2_PACKAGE_ARNOFW is not set
+# BR2_PACKAGE_ARP_SCAN is not set
# BR2_PACKAGE_AVAHI is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-12 17:02:44
|
Revision: 7527
http://sourceforge.net/p/astlinux/code/7527
Author: abelbeck
Date: 2016-02-12 17:02:42 +0000 (Fri, 12 Feb 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-02-12 16:47:43 UTC (rev 7526)
+++ branches/1.0/docs/ChangeLog.txt 2016-02-12 17:02:42 UTC (rev 7527)
@@ -12,20 +12,36 @@
** System
--- no change
+-- php, version bump to 5.5.32, bug and security fixes
+-- Monit, version bump to 5.16
+
+-- libsrtp, version bump to 1.5.4
+
+-- liburiparser, version bump to 0.8.4
+
+-- Time Zone Database update, tzdata2016a and php-timezonedb-2016.1
+
** Networking
--- ddclient, now the only dynamic DNS client support, remove 'inadyn' dynamic DNS client support
+-- libcurl (curl) version bump to 7.47.1
+-- openldap, version bump to 2.4.44
+
+-- dnscrypt-proxy, version bump to 1.6.1
+
+-- ddclient, now the only dynamic DNS client support, remove 'inadyn' support
+
** Asterisk
--- Asterisk 1.8.32.3 (no change), 11.19.0 (no change) and 13.5.0 (no change)
+-- Asterisk 1.8.32.3 (security patches), 11.21.2 (version bump) and 13.7.2 (version bump)
-- DAHDI, dahdi-linux 2.8.0.1 (no change) and dahdi-tools 2.8.0 (no change)
--- pjsip 2.4 (no change)
+-- pjsip 2.4.5 (version bump)
+-- wanpipe, version bump to 7.0.16
+
** Web Interface
-- Network tab, remove 'inadyn' dynamic DNS client support, add a few more "DNS Service Type" entries.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-12 16:47:45
|
Revision: 7526
http://sourceforge.net/p/astlinux/code/7526
Author: abelbeck
Date: 2016-02-12 16:47:43 +0000 (Fri, 12 Feb 2016)
Log Message:
-----------
monit, version bump to 5.16
Modified Paths:
--------------
branches/1.0/package/monit/monit-0001-no-force-static.patch
branches/1.0/package/monit/monit-0100-localhost-sendmail.patch
branches/1.0/package/monit/monit-0120-style-sheet.patch
branches/1.0/package/monit/monit.mk
Modified: branches/1.0/package/monit/monit-0001-no-force-static.patch
===================================================================
--- branches/1.0/package/monit/monit-0001-no-force-static.patch 2016-02-12 15:58:34 UTC (rev 7525)
+++ branches/1.0/package/monit/monit-0001-no-force-static.patch 2016-02-12 16:47:43 UTC (rev 7526)
@@ -9,7 +9,7 @@
diff -durN monit-5.7.orig/Makefile.am monit-5.7/Makefile.am
--- monit-5.7.orig/Makefile.am 2014-02-20 09:00:42.000000000 +0100
+++ monit-5.7/Makefile.am 2014-09-05 12:49:43.711104001 +0200
-@@ -89,7 +89,7 @@
+@@ -88,7 +88,7 @@
src/ssl/Ssl.c
monit_LDADD = libmonit/libmonit.la
Modified: branches/1.0/package/monit/monit-0100-localhost-sendmail.patch
===================================================================
--- branches/1.0/package/monit/monit-0100-localhost-sendmail.patch 2016-02-12 15:58:34 UTC (rev 7525)
+++ branches/1.0/package/monit/monit-0100-localhost-sendmail.patch 2016-02-12 16:47:43 UTC (rev 7526)
@@ -1,6 +1,6 @@
--- monit/src/sendmail.c.orig 2014-12-13 08:14:20.000000000 -0600
+++ monit/src/sendmail.c 2014-12-13 13:50:02.000000000 -0600
-@@ -183,6 +183,56 @@
+@@ -205,6 +205,56 @@
}
@@ -57,7 +57,7 @@
/* ------------------------------------------------------------------ Public */
-@@ -198,6 +248,10 @@
+@@ -220,6 +270,10 @@
ASSERT(mail);
@@ -66,8 +66,8 @@
+ }
+
memset(&S, 0, sizeof(S));
- S.status_message = StringBuffer_create(STRLEN);
+ TRY
--- monit/src/spawn.c.orig 2014-12-13 12:50:23.000000000 -0600
+++ monit/src/spawn.c 2014-12-13 13:16:12.000000000 -0600
@@ -244,3 +244,89 @@
Modified: branches/1.0/package/monit/monit-0120-style-sheet.patch
===================================================================
--- branches/1.0/package/monit/monit-0120-style-sheet.patch 2016-02-12 15:58:34 UTC (rev 7525)
+++ branches/1.0/package/monit/monit-0120-style-sheet.patch 2016-02-12 16:47:43 UTC (rev 7526)
@@ -1,6 +1,6 @@
--- monit-5.10/src/http/cervlet.c.orig 2014-12-18 15:56:05.000000000 -0600
+++ monit-5.10/src/http/cervlet.c 2014-12-18 15:57:08.000000000 -0600
-@@ -321,10 +321,10 @@
+@@ -322,10 +322,10 @@
" a:hover {text-decoration: none;} "\
" a {text-decoration: underline;color:#222} "\
" table {border-collapse:collapse; border:0;} "\
@@ -15,7 +15,7 @@
" .gray-text {color:#999999;} "\
" .blue-text {color:#0000ff;} "\
" .orange-text {color:#ff8800;} "\
-@@ -334,16 +334,16 @@
+@@ -335,16 +335,16 @@
" /*Opera Fix*/body:before {content:\"\";height:100%%;float:left;width:0;margin-top:-32767px;/} "\
" #footer {position: relative;margin-top: -50px; height: 50px; clear:both; font-size:11px;color:#777;text-align:center;} "\
" #footer a {color:#333;} #footer a:hover {text-decoration: none;} "\
Modified: branches/1.0/package/monit/monit.mk
===================================================================
--- branches/1.0/package/monit/monit.mk 2016-02-12 15:58:34 UTC (rev 7525)
+++ branches/1.0/package/monit/monit.mk 2016-02-12 16:47:43 UTC (rev 7526)
@@ -4,7 +4,7 @@
#
################################################################################
-MONIT_VERSION = 5.15
+MONIT_VERSION = 5.16
MONIT_SITE = http://mmonit.com/monit/dist
MONIT_DEPENDENCIES = host-bison host-flex
#
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-12 15:58:36
|
Revision: 7525
http://sourceforge.net/p/astlinux/code/7525
Author: abelbeck
Date: 2016-02-12 15:58:34 +0000 (Fri, 12 Feb 2016)
Log Message:
-----------
liburiparser, version bump to 0.8.4
Modified Paths:
--------------
branches/1.0/package/liburiparser/liburiparser.mk
Modified: branches/1.0/package/liburiparser/liburiparser.mk
===================================================================
--- branches/1.0/package/liburiparser/liburiparser.mk 2016-02-12 15:21:48 UTC (rev 7524)
+++ branches/1.0/package/liburiparser/liburiparser.mk 2016-02-12 15:58:34 UTC (rev 7525)
@@ -4,11 +4,14 @@
#
################################################################################
-LIBURIPARSER_VERSION = 0.8.1
+LIBURIPARSER_VERSION = 0.8.4
LIBURIPARSER_SOURCE = uriparser-$(LIBURIPARSER_VERSION).tar.bz2
-LIBURIPARSER_SITE = http://sourceforge.net/projects/uriparser/files/Sources/$(LIBURIPARSER_VERSION)
+LIBURIPARSER_SITE = http://downloads.sourceforge.net/project/uriparser/Sources/$(LIBURIPARSER_VERSION)
LIBURIPARSER_INSTALL_STAGING = YES
+# Cleanup build-aux/missing error
+LIBURIPARSER_AUTORECONF = YES
+
LIBURIPARSER_CONF_OPT = \
--disable-test \
--disable-doc
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-12 15:21:50
|
Revision: 7524
http://sourceforge.net/p/astlinux/code/7524
Author: abelbeck
Date: 2016-02-12 15:21:48 +0000 (Fri, 12 Feb 2016)
Log Message:
-----------
asterisk, version bump to 11.21.2 and 13.7.2
Modified Paths:
--------------
branches/1.0/package/asterisk/asterisk-11-configure-cross-fix.patch
branches/1.0/package/asterisk/asterisk-11-extension-changed-verbosity-chan_sip.patch
branches/1.0/package/asterisk/asterisk-13-configure-menuselect-cross-fix.patch
branches/1.0/package/asterisk/asterisk-13-extension-changed-verbosity-chan_sip.patch
branches/1.0/package/asterisk/asterisk.mk
Modified: branches/1.0/package/asterisk/asterisk-11-configure-cross-fix.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-11-configure-cross-fix.patch 2016-02-11 22:17:41 UTC (rev 7523)
+++ branches/1.0/package/asterisk/asterisk-11-configure-cross-fix.patch 2016-02-12 15:21:48 UTC (rev 7524)
@@ -1,6 +1,6 @@
--- asterisk-1.8.25.0/configure.ac.orig 2014-01-24 16:52:23.000000000 -0600
+++ asterisk-1.8.25.0/configure.ac 2014-01-24 16:55:14.000000000 -0600
-@@ -2398,11 +2398,13 @@
+@@ -2410,11 +2410,13 @@
AC_OUTPUT
${ac_cv_path_EGREP} 'CURSES|GTK2|OSARCH|NEWT' makeopts > makeopts.acbak2
Modified: branches/1.0/package/asterisk/asterisk-11-extension-changed-verbosity-chan_sip.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-11-extension-changed-verbosity-chan_sip.patch 2016-02-11 22:17:41 UTC (rev 7523)
+++ branches/1.0/package/asterisk/asterisk-11-extension-changed-verbosity-chan_sip.patch 2016-02-12 15:21:48 UTC (rev 7524)
@@ -1,6 +1,6 @@
--- asterisk-11.17.1/channels/chan_sip.c.orig 2015-04-23 10:22:04.000000000 -0500
+++ asterisk-11.17.1/channels/chan_sip.c 2015-04-23 10:22:40.000000000 -0500
-@@ -16743,7 +16743,7 @@
+@@ -16790,7 +16790,7 @@
}
if (!force) {
Modified: branches/1.0/package/asterisk/asterisk-13-configure-menuselect-cross-fix.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-13-configure-menuselect-cross-fix.patch 2016-02-11 22:17:41 UTC (rev 7523)
+++ branches/1.0/package/asterisk/asterisk-13-configure-menuselect-cross-fix.patch 2016-02-12 15:21:48 UTC (rev 7524)
@@ -1,6 +1,6 @@
--- asterisk-13.1.0/configure.ac.orig 2014-01-24 16:52:23.000000000 -0600
+++ asterisk-13.1.0/configure.ac 2014-01-24 16:55:14.000000000 -0600
-@@ -2511,11 +2511,13 @@
+@@ -2523,11 +2523,13 @@
AC_OUTPUT
${ac_cv_path_EGREP} 'CURSES|GTK2|OSARCH|NEWT' makeopts > makeopts.acbak2
Modified: branches/1.0/package/asterisk/asterisk-13-extension-changed-verbosity-chan_sip.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-13-extension-changed-verbosity-chan_sip.patch 2016-02-11 22:17:41 UTC (rev 7523)
+++ branches/1.0/package/asterisk/asterisk-13-extension-changed-verbosity-chan_sip.patch 2016-02-12 15:21:48 UTC (rev 7524)
@@ -1,6 +1,6 @@
--- asterisk-11.17.1/channels/chan_sip.c.orig 2015-04-23 10:22:04.000000000 -0500
+++ asterisk-11.17.1/channels/chan_sip.c 2015-04-23 10:22:40.000000000 -0500
-@@ -16894,7 +16894,7 @@
+@@ -16943,7 +16943,7 @@
}
if (!force) {
Modified: branches/1.0/package/asterisk/asterisk.mk
===================================================================
--- branches/1.0/package/asterisk/asterisk.mk 2016-02-11 22:17:41 UTC (rev 7523)
+++ branches/1.0/package/asterisk/asterisk.mk 2016-02-12 15:21:48 UTC (rev 7524)
@@ -7,9 +7,9 @@
ASTERISK_VERSION := 1.8.32.3
else
ifeq ($(BR2_PACKAGE_ASTERISK_v11),y)
-ASTERISK_VERSION := 11.19.0
+ASTERISK_VERSION := 11.21.2
else
-ASTERISK_VERSION := 13.5.0
+ASTERISK_VERSION := 13.7.2
endif
endif
ASTERISK_SOURCE := asterisk-$(ASTERISK_VERSION).tar.gz
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-11 22:17:44
|
Revision: 7523
http://sourceforge.net/p/astlinux/code/7523
Author: abelbeck
Date: 2016-02-11 22:17:41 +0000 (Thu, 11 Feb 2016)
Log Message:
-----------
php, version bump to 5.5.32
Modified Paths:
--------------
branches/1.0/package/php/php.mk
Modified: branches/1.0/package/php/php.mk
===================================================================
--- branches/1.0/package/php/php.mk 2016-02-11 22:03:31 UTC (rev 7522)
+++ branches/1.0/package/php/php.mk 2016-02-11 22:17:41 UTC (rev 7523)
@@ -4,7 +4,7 @@
#
#############################################################
-PHP_VERSION = 5.5.31
+PHP_VERSION = 5.5.32
PHP_SITE = http://www.php.net/distributions
PHP_SOURCE = php-$(PHP_VERSION).tar.xz
PHP_INSTALL_STAGING = YES
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-11 22:03:33
|
Revision: 7522
http://sourceforge.net/p/astlinux/code/7522
Author: abelbeck
Date: 2016-02-11 22:03:31 +0000 (Thu, 11 Feb 2016)
Log Message:
-----------
zoneinfo, version bump to 2016a and PHP_TIMEZONEDB 2016.1
Modified Paths:
--------------
branches/1.0/package/php/php.mk
branches/1.0/package/zoneinfo/zoneinfo.mk
Modified: branches/1.0/package/php/php.mk
===================================================================
--- branches/1.0/package/php/php.mk 2016-02-11 21:54:19 UTC (rev 7521)
+++ branches/1.0/package/php/php.mk 2016-02-11 22:03:31 UTC (rev 7522)
@@ -13,7 +13,7 @@
PHP_DEPENDENCIES = host-pkg-config
ifeq ($(BR2_PACKAGE_PHP_EXT_TIMEZONEDB),y)
-PHP_TIMEZONEDB_VERSION = 2015.7
+PHP_TIMEZONEDB_VERSION = 2016.1
PHP_TIMEZONEDB_SITE = http://files.astlinux.org
PHP_TIMEZONEDB_SOURCE = timezonedb-$(PHP_TIMEZONEDB_VERSION).tar.gz
Modified: branches/1.0/package/zoneinfo/zoneinfo.mk
===================================================================
--- branches/1.0/package/zoneinfo/zoneinfo.mk 2016-02-11 21:54:19 UTC (rev 7521)
+++ branches/1.0/package/zoneinfo/zoneinfo.mk 2016-02-11 22:03:31 UTC (rev 7522)
@@ -3,7 +3,7 @@
# zoneinfo
#
##############################################################
-ZONEINFO_VERSION := 2015g
+ZONEINFO_VERSION := 2016a
ZONEINFO_DATA := tzdata$(ZONEINFO_VERSION).tar.gz
ZONEINFO_SOURCE := tzcode$(ZONEINFO_VERSION).tar.gz
ZONEINFO_SITE := http://www.iana.org/time-zones/repository/releases
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-02-11 21:54:21
|
Revision: 7521
http://sourceforge.net/p/astlinux/code/7521
Author: abelbeck
Date: 2016-02-11 21:54:19 +0000 (Thu, 11 Feb 2016)
Log Message:
-----------
libcurl, version bump to 7.47.1
Modified Paths:
--------------
branches/1.0/package/libcurl/libcurl.mk
Modified: branches/1.0/package/libcurl/libcurl.mk
===================================================================
--- branches/1.0/package/libcurl/libcurl.mk 2016-02-11 21:41:57 UTC (rev 7520)
+++ branches/1.0/package/libcurl/libcurl.mk 2016-02-11 21:54:19 UTC (rev 7521)
@@ -3,7 +3,7 @@
# libcurl
#
#############################################################
-LIBCURL_VERSION = 7.46.0
+LIBCURL_VERSION = 7.47.1
LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.gz
LIBCURL_SITE = http://curl.haxx.se/download
LIBCURL_INSTALL_STAGING = YES
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
1 message has been excluded from this view by a project administrator.
