When enabling multilib with lib32, the radiusd will use etc file for lib32 as default
#systemctl status radiusd
......
/usr/sbin/radiusd -d /etc/lib32-raddb
It should be lib64 as default.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The project has switched to cmake since the last update.
The changelog is long, but there is a link:
https://github.com/znc/znc/blob/master/ChangeLog.md
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
- dig wrapper function was broken since 2.1.2
- No longer send nslookup/dig stderr to /dev/null
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
https://github.com/appneta/tcpreplay/releases/tag/v4.5.2
Drop patches that have been merged upstream.
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The patches were submitted to upstream, they are not pending anymore.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
When compiling for 32-bit targets, two issues came to surface:
1. gcc was complaining that math.h is not included in snprintf, and some
calls were implicitly defined. Added a patch that includes the required
headers in snprintf.c file:
| snprintf.c: In function 'fmtfloat':
| snprintf.c:1232:13: error: implicit declaration of function 'isnan' [-Wimplicit-function-declaration]
| 1232 | if (isnan(value))
| | ^~~~~
| snprintf.c:50:1: note: include '<math.h>' or provide a declaration of 'isnan'
2. The code passes a time_t argument to a function that expects a long. This works for
64-bit targets, because on those usually time_t is long.
However on 32-bit systems time_t is usually long long, which makes compilation fail
with the following error:
| wd_json_data.c:540:66: error: passing argument 3 of 'json_get_long_value_for_key' from incompatible pointer type [-Wincompatible-pointer-types]
| 540 | if (json_get_long_value_for_key(root, "StartupTimeSecs", &wdNode->startup_time.tv_sec))
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
To account for this, add a new helper method in a patch that returns the required json value
as a time_t value.
The patches are in pending state, because the mailing list of the project is sufferring from
technical problems - when the site loads, sign up attempts throw internal server errors.
It is planned to submit the patches and to update the status once their infrastructure is back.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
- Memory allocation safety checks for event storage (thanks David.A for bug report)
- Fix off-by-one boundary check in seqmap code
- The minimum value for the period (-p flag) is now 0.001 milliseconds,
since it probably never makes sense to use a smaller value, and to avoid doing
a very large memory allocation for event storage.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The format selected is the automake "simple test" format: "result: testname".
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
* Fix bug that caused that challenge was incorrectly reused if invalid or expired.
* Add support for "data-ciphers-fallback" option.
* Add GUI support for "data-ciphers" option.
* Fix export for password connection type that was not exporting some fields.
* Fix mnemonics in editor's Identity - Advanced view
* Auth-dialog ported to GTK4
* Import certificates into the XDG_DATA_HOME directory.
* Update translations: Hindi, Slovenian, Catalan, Polish, Brazilian Portuguese, Ukrainian, Georgian,
Swedish, Hebrew, Russian and Danish.
* Skip release 1.12.1 because of a bug in the release pipeline.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
api: add support for handling DIOCTL_SET_INJECT_DROP
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Moved the iproute2 backend enablement into a new PACKAGECONFIG.
It is enabled to keep the current defaults. Added the explicit
runtime dependency on iproute2-ip (the "ip" command) which this
backend requires.
Added a new PACKAGECONFIG[dco] which enables the libnl backend,
which is mutually incompatible with iproute2 backend in OpenVPN.
With these:
PACKAGECONFIG:remove = "iproute2"
PACKAGECONFIG:append = " dco"
the data channel offload is enabled:
checking for LIBNL_GENL... yes
configure: Enabled ovpn-dco support for Linux
With Linux kernel 6.16 or newer, and CONFIG_OVPN enabled,
the data channel offload will be used.
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Includes the provided service and defaults files for using the
tailscale daemon on systemd init machines.
Added the other kernel modules necessary for tailscaled to work
without warnings to RRECOMMENDS.
Tested with `core-image-minimal` under qemu with machines
`qemux86-64`, `genericx86-64` and `qemuarm64`. Ping
host on tailscale network using magicDNS host lookup.
Signed-off-by: Dean Sellers <dean@sellers.id.au>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Add opencommands directive to select remote monitoring commands
- Add interval option to driftfile directive
- Add waitsynced and waitunsynced options to local directive
- Add sanity checks for integer values in configuration
- Add support for systemd Type=notify service
- Add RTC refclock driver
- Allow PHC refclock to be specified with network interface name
- Don’t require multiple refclock samples per poll to simplify filter configuration
- Keep refclock reachable when dropping samples with large delay
- Improve quantile-based filtering to adapt faster to larger delay
- Improve logging of selection failures
- Detect clock interference from other processes
- Try to reopen message log (-l option) on cyclelogs command
- Fix sourcedir reloading to not multiply sources
- Fix tracking offset after failed clock step
- Drop support for NTS with Nettle < 3.6 and GnuTLS < 3.6.14
- Drop support for building without POSIX threads
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This fixed issues like incompatible hash sections
it was added in 2009 [1], however these errors are
not seen in todays OE builds
On the contrary it regresses build with clang since
it rejects the options which results in some configure
test failures, resulting finally in build/compile failures
arm-yoe-linux-gnueabi-clang: warning: -Wl,-O1: 'linker' input unused [-Wunused-command-line-argument]
[1] https://git.openembedded.org/openembedded/commit/?id=07f750c6382476b799201b5ca47f93a5f7aa7e84
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Jan Luebbe <jlu@pengutronix.de>
Fixes several security vulnerabilities:
CVE-2025-49601, CVE-2025-49600, CVE-2025-52496,
CVE-2025-47917, CVE-2025-48965, CVE-2025-52497,
and CVE-2025-49087
The framework directory has been changed into a git submodule.[1][2]
The recipe now uses Git Submodule Fetcher (gitsm)
Changelog:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.4
[1] 8cf5666a17
[2] c90c6d8ff7
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Tailscale is a mesh VPN built on the WireGuard protocol.
On the client side, it includes a node agent (tailscaled)
and a client application for configuration (tailscale).
These components can be bundled into a single binary for
a more smaller total size, which is done in this recipe.
Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com>
Signed-off-by: Mark Bath <mark@baggywrinkle.co.uk>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-pki-Fix-signature-of-help-to-match-that-of-a-callbac.patch
0002-callback-job-Replace-return_false-in-constructors-wi.patch
0003-Cast-uses-of-return_-nop-and-enumerator_create_empty.patch
removed since they're included in 6.0.2
Changelog:
=============
- Support for per-CPU SAs (RFC 9611) has been added (Linux 6.13+).
- Basic support for AGGFRAG mode (RFC 9347) has been added (Linux 6.14+).
- POSIX regular expressions can be used to match remote identities.
- Switching configs based on EAP-Identities is supported. Setting
'remote.eap_id' now always initiates an EAP-Identity exchange.
- On Linux, sequence numbers from acquires are used when installing SAs. This
allows handling narrowing properly.
- During rekeying, the narrowed traffic selectors are now proposed instead of
the configured ones.
- The default AH/ESP proposals contain all supported key exchange methods plus
'none' to make PFS optional and accept proposals of older peers.
- GRO for ESP in enabled for NAT-T UDP sockets, which can improve performance
if the esp4|6_offload modules are loaded.
- charon-nm sets the VPN connection as persistent, preventing NetworkManager
from tearing down the connection if the network connectivity changes.
- ML-KEM is supported via OpenSSL 3.5+.
- The wolfssl plugin is now compatible to wolfSSL's FIPS module.
- The libsoup plugin has been migrated to libsoup 3, libsoup 2 is not supported
anymore.
- The long defunct uci plugin has been removed.
- Log messages by watcher_t are now logged in a separate log group ('wch').
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Bump minimum cmake dialect to be 3.5+, this is an openwrt
component, which does not get many updates these days. Ideally
the cmake files for the project should be fixed.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to mosquitto 2.0.21. Update the patch status for issue 2895 and create a
new patch for an issue introduced in 2.0.19 which causes connections to get down
when the clock is changed.
Signed-off-by: Louis Rannou <louis.rannou@non.se.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Appends -Wno-error=vla-cxx-extension to CXXFLAGS as a temporary workaround for the following Clang error:
sctpthread.cpp:95:18: error: variable length arrays in C++ are a Clang extension [-Werror,-Wvla-cxx-extension]
95 | uint8_t buffer[m_linkMtuSize];
| ^~~~~~~~~~~~~
An upstream fix has been proposed: https://github.com/mguentner/cannelloni/pull/82
Please remove this workaround once the upstream patch is merged or fixed in some other way. Make sure it is fixed in the new version.
- Drop 0001-include-bits-stdc-.h-only-when-using-libstdc.patch because already fixed in newer version.
Changelog:
https://github.com/mguentner/cannelloni/compare/v1.1.0...v2.0.0
Fix:
| CMake Error at CMakeLists.txt:1 (cmake_minimum_required):
| Compatibility with CMake < 3.5 has been removed from CMake.
|
| Update the VERSION argument <min> value. Or, use the <min>...<max> syntax
| to tell CMake that the project requires at least <min> but has been updated
| to work with policies introduced by <max> or earlier.
|
| Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.
|
|
| -- Configuring incomplete, errors occurred!
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix:
| CMake Error at CMakeLists.txt:1 (cmake_minimum_required):
| Compatibility with CMake < 3.5 has been removed from CMake.
|
| Update the VERSION argument <min> value. Or, use the <min>...<max> syntax
| to tell CMake that the project requires at least <min> but has been updated
| to work with policies introduced by <max> or earlier.
|
| Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.
|
|
| -- Configuring incomplete, errors occurred!
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix:
| CMake Error at CMakeLists.txt:27 (cmake_minimum_required):
| Compatibility with CMake < 3.5 has been removed from CMake.
|
| Update the VERSION argument <min> value. Or, use the <min>...<max> syntax
| to tell CMake that the project requires at least <min> but has been updated
| to work with policies introduced by <max> or earlier.
|
| Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.
|
|
| -- Configuring incomplete, errors occurred!
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Drop 0001-Fix-build-with-gcc-15.patch because fixed in the newer version.
Changelog:
https://github.com/snort3/snort3/blob/3.9.1.0/ChangeLog.md
Fix:
| CMake Error at CMakeLists.txt:1 (cmake_minimum_required):
| Compatibility with CMake < 3.5 has been removed from CMake.
|
| Update the VERSION argument <min> value. Or, use the <min>...<max> syntax
| to tell CMake that the project requires at least <min> but has been updated
| to work with policies introduced by <max> or earlier.
|
| Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.
|
|
| -- Configuring incomplete, errors occurred!
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix:
| CMake Error at CMakeLists.txt:24 (CMAKE_MINIMUM_REQUIRED):
| Compatibility with CMake < 3.5 has been removed from CMake.
|
| Update the VERSION argument <min> value. Or, use the <min>...<max> syntax
| to tell CMake that the project requires at least <min> but has been updated
| to work with policies introduced by <max> or earlier.
|
| Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.
|
|
| -- Configuring incomplete, errors occurred!
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=============
- decode: add check for ipv4 fragmentation for decode_ip
- example: added IP configs for other systems
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
