Commit graph

642 commits

Author SHA1 Message Date
Rosy Song
c7e9d72f05 libnftnl: bump to 1.1.0
Signed-off-by: Rosy Song <rosysong@rosinson.com>
2018-05-21 18:07:47 +02:00
Hans Dedecker
419238fdb3 nghttp2: bump to 1.32.0
572735e4 Update manual pages
e8d693c3 Bump up version number to 1.32.0, LT revision to 30:2:16
f44dfcd9 Update AUTHORS
1f1b0d93 Update manual pages
ce8c749b Merge pull request #1173 from nghttp2/asio-client-sni
3e4f257b asio: Support client side SNI
86fab997 Upgrade neverbleed to the latest master
c3ecd445 Merge pull request #1171 from nghttp2/h2load-rate-and-duration
c65ca20a h2load: -r and --duration are mutually exclusive
a5c408c5 Ignore all input after calling session_terminate_session
06379b28 Fix treatment of padding
e04de48e Merge pull request #1162 from nghttp2/libressl
00964642 Use LIBRESSL_IN_USE instead of defined(LIBRESSL_VERSION_NUMBER)
8d0b4544 libressl 2.7 has X509_VERIFY_PARAM_*
d8a34131 libressl 2.7 has SSL_CTX_get0_certificate
5db17d0a Compile with libressl 2.7.2
1bf69b56 Define LIBRESSL_LEGACY_API and LIBRESSL_2_7_API
3febaef1 Bump up LT revision to 30:1:16 due to v1.31.1 release
b1bd6035 Fix frame handling
b48bcb21 examples: Use C style comment in .c files
6f3ce2c7 examples: Remove unused lambda capture
2f9121cf Merge branch 'Sp1l-Sp1l/allow-no-npn'
e65e7711 Add comment on #endif
636ef51b Fix compile error with -Wunused-function
400934e5 [PATCH] Allow building without NPN
4c3a3acf Merge pull request #1146 from vszakats/cmakestaticlib
9aa6002c Merge pull request #1144 from hellojaewon/master
f342260b cmake: add ENABLE_STATIC_LIB option to build static lib
a6dd4970 Fix typo
842509da Don't allow 101 HTTP status code because HTTP/2 removes HTTP Upgrade
4add618a Bump up version number to 1.32.0-DEV

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-05-09 11:26:45 +02:00
Rosen Penev
2c4294f786 libusb: Add SourceForge mirror.
SourceForge is still getting updated so might as well have it here.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-05-02 09:18:26 +02:00
Daniel Golle
c67a9bed20 wolfssl: fix options and add support for wpa_supplicant features
Some options' default values have been changed upstream, others were
accidentally inverted (CONFIG_WOLFSSL_HAS_DES3). Also add options
needed to build hostapd/wpa_supplicant against wolfssl.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-05-02 09:18:26 +02:00
John Crispin
52ba5760b7 ustream-ssl: update to latest git HEAD
527e700 ustream-ssl: Remove RC4 from ciphersuite in server mode.
39a6ce2 ustream-ssl: Enable ECDHE with OpenSSL.
45ac930 remove polarssl support

Signed-off-by: John Crispin <john@phrozen.org>
2018-05-01 11:12:15 +02:00
Hauke Mehrtens
3088c2a63d libnl: Disable debug support
This dereses the size of the libnl pakcage a little bit
old:
   857 bin/packages/mips_24kc/base/libnl_3.4.0-1_mips_24kc.ipk
 41195 bin/packages/mips_24kc/base/libnl-core_3.4.0-1_mips_24kc.ipk
  7818 bin/packages/mips_24kc/base/libnl-genl_3.4.0-1_mips_24kc.ipk
 24322 bin/packages/mips_24kc/base/libnl-nf_3.4.0-1_mips_24kc.ipk
136075 bin/packages/mips_24kc/base/libnl-route_3.4.0-1_mips_24kc.ipk

new:
   852 bin/packages/mips_24kc/base/libnl_3.4.0-1_mips_24kc.ipk
 35020 bin/packages/mips_24kc/base/libnl-core_3.4.0-1_mips_24kc.ipk
  7615 bin/packages/mips_24kc/base/libnl-genl_3.4.0-1_mips_24kc.ipk
 24114 bin/packages/mips_24kc/base/libnl-nf_3.4.0-1_mips_24kc.ipk
131134 bin/packages/mips_24kc/base/libnl-route_3.4.0-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-04-30 09:01:28 +02:00
Rosen Penev
c0574d08da libusb: Update to 1.0.22
Switched download from SourceForge to GitHub. It seems the author migrated to that.

Also fixed the website URL as the SourceForge link is dead.

Compile tested on ar71xx and mvebu. Small size decrease on ar71xx: 30444 vs. 30099 bytes.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-04-30 09:01:12 +02:00
Hauke Mehrtens
8dcd941d8b tools/zlib: move zlib build to tools
This allows us to link the other tools against our libz and we do not
need the system zlib any more.

Only the static linked library is copied to the staging directory so we
have a statically linked library on all systems and not only on Linux.
This also adds the new dependencies of the packages which are depending
on zlib.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-04-28 15:28:59 +02:00
Hauke Mehrtens
7b758f7f4f ustream-ssl: px5g: Rebuild package
mbedtls changed in version 2.7.0 the soversion of the libmbedcrypto.so
library, all applications using this shared library have to be
recompiled to be able to load the new library.

Some binaries got rebuild to for the 2.7.0 release and are now using
libmbedcrypto.so.1, the older ones are still using libmbedcrypto.so.0.

Fixes: 75c5ab4ca ("mbedtls: update to version 2.7.0")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-04-18 23:57:25 +02:00
Hans Dedecker
d78dd1f306 nghttp2: bump to 1.31.1
1e22b36c Update manual pages
0f818baf Bump up version number to 1.31.1
c411d169 Fix frame handling

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-04-15 20:24:44 +02:00
Hans Dedecker
b28e995fc7 libubox: update to latest git HEAD
6eff829 utils: fix build error with g++

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-04-12 14:02:07 +02:00
Felix Fietkau
08ccfdea78 libubox: update to the latest version
42a8ecd jshn: fix format string for int64 type
92009b7 utils: ensure that byte-order conversion functions evaluate the argument only once
ace6489 switch from typeof to the more portable __typeof__

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-04-07 15:26:11 +02:00
Felix Fietkau
1566dbd57d Revert "libubox: update to the latest version"
This reverts commit def82714d9.
Needs further fixes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-04-07 15:06:14 +02:00
Felix Fietkau
def82714d9 libubox: update to the latest version
42a8ecd jshn: fix format string for int64 type
92009b7 utils: ensure that byte-order conversion functions evaluate the argument only once

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-04-07 14:47:56 +02:00
Jo-Philipp Wich
1ef0be3e5b Revert "ncurses: Remove obsolete compile fixes"
This reverts commit 4fb684a755.

The compile fixes are still required for host systems using GCC 5.x,
such as Ubuntu 16.04 LTS.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-04-04 17:08:10 +02:00
Rosen Penev
4fb684a755 ncurses: Remove obsolete compile fixes
It seems both issues (GCC5 and Musl) were fixed at some point. Thus, they can be dropped.

Did not bump version as there is no change in functionality or size.

Compile-tested on ar71xx and mvebu, both with musl.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-04-03 23:26:45 +02:00
Paul Wassi
ef6939b0af package/libs/mbedtls: add package with some mbedtls binaries.
Add some basic binaries required for private key and CSR generation.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2018-03-31 16:31:26 +02:00
Hauke Mehrtens
2e75914bee mbedtls: update to version 2.8.0
This fixes some minor security problems.

Old size:
162262 bin/packages/mips_24kc/base/libmbedtls_2.7.0-1_mips_24kc.ipk

New size:
163162 bin/packages/mips_24kc/base/libmbedtls_2.8.0-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-31 16:30:30 +02:00
Rosen Penev
af35ce1065 ncurses: Update to 6.1.
Compile tested on ar71xx.

Old size:
  6527 bin/packages/mips_24kc/base/terminfo_6.0-1_mips_24kc.ipk
141465 bin/packages/mips_24kc/base/libncurses_6.0-1_mips_24kc.ipk

New size:
  6873 bin/packages/mips_24kc/base/terminfo_6.1-1_mips_24kc.ipk
146950 bin/packages/mips_24kc/base/libncurses_6.1-1_mips_24kc.ipk

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-03-31 16:28:36 +02:00
Rosen Penev
2a82db7ed5 libtool: Update to 2.4.6
Compile tested on mvebu.

old size:
12947 bin/packages/mips_24kc/base/libltdl_2.4-2_mips_24kc.ipk

new size:
13002 bin/packages/mips_24kc/base/libltdl_2.4.6-1_mips_24kc.ipk

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-03-31 16:27:24 +02:00
Paul Wassi
db893ec7f0 openssl: update to 1.0.2o
Fixes CVE-2018-0739

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2018-03-31 10:20:20 +02:00
Felix Fietkau
5f7d134454 libubox: update to the latest version
3aad294 libubox: Plug a small memory leak.
eebe3fc utils: use constant byte-order conversion

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-23 20:56:34 +01:00
Hans Dedecker
5cbd22bb0f nghttp2: bump to 1.31.0
6e744662 Update bash_completion
478eac09 Update manual pages
88e2029e Bump up version number to 1.31.0, LT revision to 30:0:16
45d76cf5 nghttpx: Close listening socket on graceful shutdown
54573f28 Merge pull request #1137 from nghttp2/session-set-user-data
17793e99 Add nghttp2_session_set_user_data() public API function
5eac3c90 Update manual pages
e70195ae nghttpx: Update doc
fe51e7fa Merge pull request #1130 from nghttp2/avoid-inet_pton-macro
eb951c2c src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro
39f0ce7c Merge pull request #1126 from nghttp2/nghttpx-expired-client-cert
65157811 Merge pull request #1123 from nghttp2/mruby-client-cert-not-before-after
e8af7afc nghttpx: Add an option to accept expired client certificate
38abfd18 nghttpx: Add mruby tls_client_not_before, and tls_client_not_after
ff3edc09 nghttpx: Fix potential memory leak
0bb15406 Bump up version number to 1.31.0-DEV

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-03-05 10:44:20 +01:00
Matthias Schiffer
05dba65569
libunwind: fix build with musl on PPC
Works around two incompatiblities between glibc and (POSIX-compliant) musl:

- missing register definitions from asm/ptrace.h
- non-POSIX-compliant ucontext_t on PPC32 with glibc

Compile tested on mpc85xx.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-02-25 16:58:10 +01:00
Felix Fietkau
8cdc71fc92 libnftnl: backport flowtable support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-21 20:12:41 +01:00
Hauke Mehrtens
9f5a4f8a42 mbedtls: activate deprecated functions
Some functions used by a lot of other software was renamed and is only
active when deprecated functions are allowed, deactivate the removal of
deprecated functions for now.

Fixes: 75c5ab4caf ("mbedtls: update to version 2.7.0")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-16 20:09:34 +01:00
Hauke Mehrtens
75c5ab4caf mbedtls: update to version 2.7.0
This fixes the following security problems:
* CVE-2018-0488: Risk of remote code execution when truncated HMAC is enabled
* CVE-2018-0487: Risk of remote code execution when verifying RSASSA-PSS signatures

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-15 21:58:47 +01:00
Hauke Mehrtens
b6d6e3fdf1 bunwind: build for ARM64
ARM64 is supported by libunwind since some versions, allow building it
for aarch64.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-10 20:17:21 +01:00
Hans Dedecker
30d34358a9 libubox: bump to git HEAD version
b0c830 sh/jshn.sh: add json_for_each_item()

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-02-08 13:14:36 +01:00
Hans Dedecker
ecc347dd6e nghttp2: bump to 1.30.0
f0836c7e Update manual pages
25db178b Bump up version number to 1.30.0, LT revision to 29:2:15
1b6713e6 Update AUTHORS
c1a496cf nghttpx: Fix bug that h1 backend idle timeout expires sooner
e098a211 mruby: Fix bug that response header is unexpectedly overwritten
0ba4bf51 Merge pull request #1120 from dylanplecki/issue-1119-mruby-header-overwrite
6deee203 Fix #1119: Stop overwrite of first header on mruby call to env.req.set_header(..)
6761a933 Merge pull request #1105 from nghttp2/nghttpx-upgrade-scheme
5cc3d159 nghttpx: Add upgrade-scheme parameter to backend option
652f57e7 Merge pull request #1104 from nghttp2/allow-ping-after-goaway
acd6b40e Allow PING frame to be sent after GOAWAY
0fbb46ed Merge pull request #1101 from nghttp2/remember-pushed-links
6ad629de Merge pull request #1102 from nghttp2/fix-missing-alpn-validation
74754982 nghttpx: Fix missing ALPN validation (--npn-list)
a31a2e3b nghttpx: Remember which resource is pushed
a776b0db Merge pull request #1092 from nghttp2/define-103
cfd926f0 src: Define 103 status code
72f52716 Bump up version number to 1.30.0-DEV

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-02-04 21:19:51 +01:00
Yousong Zhou
c9c2e4d78d openssl: remove call to now absent clean-staging make target
It's not needed now since commit a621b8c ("include: clean package
staging dir files before configure")

Fixes FS#1309

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-01-30 14:36:44 +08:00
Julien Dusser
241e6dd3e9 build: cleanup SSP_SUPPORT configure option
Configure variable SSP_SUPPORT is ambiguous for packages (tor, openssh,
avahi, freeswitch). It means 'toolchain supporting SSP', but for toolchain
and depends it means 'build gcc with libssp'.

Musl no longer uses libssp (1877bc9d8f), it has internal support, so
SSP_SUPPORT was disabled leading some package to not use SSP.

No information why Glibc and uClibc use libssp, but they may also provide
their own SSP support. uClibc used it own with commit 933b588e25 but it was
reverted in f3cacb9e84 without details.

Create an new configure GCC_LIBSSP and automatically enable SSP_SUPPORT
if either USE_MUSL or GCC_LIBSSP.

Signed-off-by: Julien Dusser <julien.dusser@free.fr>
2018-01-27 19:02:48 +01:00
Maxim Gorbachyov
8590a5c06d libunwind: enable build for arm
Tested with perf on mvebu.

Signed-off-by: Maxim Gorbachyov <maxim.gorbachyov@gmail.com>
2018-01-27 16:46:45 +01:00
Yousong Zhou
2c50af0cea openssl: tell the build system that we are doing CROSS_COMPILE
So that it will not try to run c_rehash with the just built binaries on
certs/demo.

Fixes openwrt/packages#5432

Reported-by: Val Kulkov <val.kulkov@gmail.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-01-26 18:19:00 +08:00
Philip Prindeville
3d8040e04f libnftnl: update to 1.0.9
Also, drop unsupported configure options.

Don't use git retrieve but released tarball instead.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2018-01-20 20:22:01 +01:00
Jo-Philipp Wich
fe920d01bb treewide: replace LEDE_GIT with PROJECT_GIT
Remove LEDE_GIT references in favor to the new name-agnostic
PROJECT_GIT variable.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-10 21:27:32 +01:00
Jo-Philipp Wich
f089b1fda2 libubox: fix package bump
The previous commit was incorrectly rebased and referred to a not
yet existing PROJECT_GIT variable.

Fixes: d86a269c1f libubox: update to latest git HEAD
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-07 16:34:29 +01:00
Jo-Philipp Wich
d86a269c1f libubox: update to latest git HEAD
1c08e80 jshn: properly support JSON "null" type

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-07 16:28:22 +01:00
Jo-Philipp Wich
3f5e39e960 zlib: only enable NEON optimizations on eligible targets
Instead of inferring the availability of NEON support from the target
optimization flags, use a preprocessor test to decide whether to enable
ARMv8 NEON optimizations.

Fixes the following build error spotted by the mediatek/32 buildbot:

    [ 26%] Building C object CMakeFiles/zlib.dir/contrib/arm/inflate.o
    In file included from .../zlib-1.2.11/contrib/arm/chunkcopy.h:10:0,
                     from .../zlib-1.2.11/contrib/arm/inflate.c:87:
    .../arm_neon.h:31:2: error: #error You must enable NEON instructions (e.g. -mfloat-abi=softfp -mfpu=neon) to use arm_neon.h
     #error You must enable NEON instructions (e.g. -mfloat-abi=softfp -mfpu=neon) to use arm_neon.h
      ^
    In file included from .../zlib-1.2.11/contrib/arm/inflate.c:87:0:
    .../zlib-1.2.11/contrib/arm/chunkcopy.h:18:9: error: unknown type name 'uint8x16_t'
     typedef uint8x16_t chunkcopy_chunk_t;
             ^
    [...]
    CMakeFiles/zlib.dir/build.make:302: recipe for target 'CMakeFiles/zlib.dir/contrib/arm/inflate.o' failed

Fixes: 3acecba520 "package/libs/zlib: Add ARM and NEON optimizations"
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-07 12:33:47 +01:00
Kevin Darbyshire-Bryant
b153dbf046 argp-standalone: clean up patch fuzz
Refresh patches to tidy up fuzz.  No functional changes

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-05 11:59:59 +01:00
Daniel Engberg
cbe71649bc package/libs/zlib: Add host build
Some packages such as Python/Python3 (host pip/pip3) needs this
to compile.

More detailed explanation provided by Alexandru:

"i need the zlib/host for Python/Python3 ; because, it seems the
host pip/pip3 needs this to work ; i suspect in older versions
this worked, because some of the host's build env would be used
in the build, and then the zlib-dev from the host distro would
be used ; now, the host-build does not seem to have any
-I/usr/include stuff, which is good

and it also seems that Python/Python3 does not like it if the
zlib-dev package is too old, so using this zlib/host would be
good for this as well"

Source:
https://github.com/lede-project/source/pull/1329#issuecomment-351055861

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-01-02 17:11:12 +01:00
Daniel Engberg
0dd439141d package/libs/zlib: Add option for O3 optimization
Add option to use O3 optimization as not all devices have
space constraints. This option is default using GCC in upstream
but isn't in the CMake makefile for some reason.

Source: https://github.com/madler/zlib/blob/master/configure#L170

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-01-02 17:11:12 +01:00
Daniel Engberg
3acecba520 package/libs/zlib: Add ARM and NEON optimizations
This adds two optimizations for ARM:
NEON optimized Adler(-)32 checksum algorithm (ARMv7 and newer NEON CPUs)
ARM(v7+) specific optimization for inflate
I've also connected inflate optimization to the build using the following
source as template.
0397489124 (diff-a62ad2db6c83dbc205d34bb9a8884f16)

Additional info:
https://codereview.chromium.org/2676493007/
https://codereview.chromium.org/2722063002/

Sources:
https://github.com/madler/zlib/pull/251 (only the first commit)
https://github.com/madler/zlib/pull/256

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-01-02 17:11:12 +01:00
Daniel Engberg
383e8aeec7 package/libs/zlib: Use toolchain build logic
Use build logic provided by toolchain instead of doing it manually.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-01-02 17:11:12 +01:00
Hans Dedecker
67c1c145f0 nghttp2: bump to 1.29.0
439b9b6c (tag: v1.29.0) Update manual pages
48498452 Bump up version number to v1.29.0, LT revision to 29:1:15
d30f3816 Update manual pages
4d1139f6 Remove SPDY
48f57407 nghttpx: Update doc
c1f14d73 Update manual pages
216f4dad nghttpx: Remove redundant check
a4e27d76 Revert "nghttpx: Use an existing h2 backend connection as much as possible"
2365f12e Fix CMAKE_MODULE_PATH
03f7ec0f nghttpx: Write API request body in temporary file
2056e812 nghttpx: Increase api-max-request-body
1ebb6810 nghttpx: Faster configuration loading with lots of backends
a3ebeeaf nghttpx: Fix crash with --backend-http-proxy-uri option
422ad1be Use NGHTTP2_REFUSED_STREAM for streams which are closed by GOAWAY
97f1735c Bump up version number to 1.29.0

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-12-24 17:06:16 +01:00
Jake Staehle
e80ab48777 libiconv-full: fix compile-time linking error GCC7
LEDE Flyspray Task 1091:
Fix libiconv-full 'undefined reference' compile linker error using GCC7 Musl
Tested with targets x86 (i386 and x86_64)
Addition of CFLAGS "std=gnu89" fixes the linker issues, credit to harrylwc
Issue found with 'minidlna' package, which depends on 'libiconv-full'
Error in compile log:
../lib/.libs/libiconv.so: undefined reference to `aliases_lookup'
../lib/.libs/libiconv.so: undefined reference to `aliases2_lookup'
collect2: error: ld returned 1 exit status
Makefile:64: recipe for target 'iconv_no_i18n' failed

Signed-off-by: Jake Staehle <jacob@staehle.us>
2017-12-19 22:23:42 +01:00
Jo-Philipp Wich
902961c148 wolfssl: update to 3.12.2 (1 CVE)
Update wolfssl to the latest release v3.12.2 and backport an upstream
pending fix for CVE-2017-13099 ("ROBOT vulnerability").

Ref: https://github.com/wolfSSL/wolfssl/pull/1229
Ref: https://robotattack.org/

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-12-12 17:39:52 +01:00
Peter Wagner
55e70c8b72 openssl: update to 1.0.2n
add no-ssl3-method again as 1.0.2n compiles without the ssl3-method(s)

Fixes CVEs: CVE-2017-3737, CVE-2017-3738

Signed-off-by: Peter Wagner <tripolar@gmx.at>
2017-12-08 10:47:51 +01:00
Hans Dedecker
0b3087eebf nghttp2: bump to 1.28.0
939ad5dd Update manual pages
24d92b97 Add deprecation warning when spdylay support is enabled
4c92ff18 Bump up version number to 1.28.0, LT revision to 29:0:15
280db5c6 Update neverbleed
7fbcb2d0 Merge pull request #1074 from nghttp2/fix-doc
53aeb2c3 Fix doc
ff200bfc clang-format-5.0
fee3151f Switch to clang-format-5.0
99a85159 Update manual pages
2a981a3f Merge pull request #1066 from nghttp2/nghttpx-add-affinity-cookie-secure
0028275d nghttpx: Add affinity-cookie-secure parameter to backend option
ee8bfddf Merge pull request #1063 from nghttp2/error_callback2
194acb1f src: Use nghttp2_error_callback2
43a2a70a Add nghttp2_error_callback2
73344ae9 nghttpx: Use plain hex string format for client serial
c479f612 Merge pull request #1060 from nghttp2/nghttpx-add-client-serial
eca0a302 nghttpx: Add $tls_client_serial log variable
4720c5cb nghttpx: Make client serial available in mruby script
cd55ab28 nghttpx: Add function to get serial number from certificate
d402cfdf Merge pull request #1057 from nghttp2/nghttpx-add-tls-client-issuer-name
22502182 Add tls_client_issuer_name log variable and expose it to mruby
05e1fd5e Update manual pages
943d7923 Add Session Affinity section to nghttpx howto
568ecbfb doc: Add missing port
f5ddd7f4 nghttpx: Make initial_addr_idx_ unsigned
88abbce7 nghttpx: Fix compile error with gcc
16e90365 nghttpx: Fix affinity retry
fa7945c6 nghttpx: Refactor
daca43f0 nghttpx: Fix stalled backend connection on retry
16bc11e6 nghttpx: Remove duplicated util::make_socket_nodelay
6f7e94cd Merge pull request #1047 from PiotrSikora/go_vet
61efa15a integration: Fix issues reported by the `go vet` tool.
8c0ea56b Merge pull request #1036 from nghttp2/nghttpx-affinity-cookie
54905371 nghttpx: Refactor
6010d393 integration: Add tests
be5c39a1 src: Add tests
b8fda680 nghttpx: Cookie based session affinity
e29b9c12 Merge pull request #1045 from nghttp2/nghttpx-sha1-fingerprint
539e2781 nghttpx: Add tls_client_fingerprint_sha1 to mruby and accesslog
7008afd4 nghttpx: Refactor get_x509_fingerprint to accept hash function
77a41756 Merge pull request #1041 from nghttp2/fix-examples-client-server
b15045d6 Merge pull request #1040 from nghttp2/nghttpx-mruby-add-more-tls-vars
03084f75 examples: Make client and server work with libevent-2.1.8
60baca27 nghttpx: Add more TLS related attributes to mruby Env object
86990db2 Merge pull request #1038 from nghttp2/nghttpx-add-more-logging-vars
cb376bcd nghttpx: Add client fingerprint and subject name to accesslog
f2b8edd1 nghttpx: Fix memory leak
c4f8afcf nghttpx: Get TLS info only when it is necessary when writing accesslog
1a1a216d Merge pull request #1037 from nghttp2/nghttpx-mruby-tls-client-vars
9f80a82c nghttpx: Add client fingerprint and subject name to mruby env
c573c80b nghttpx: Pass a pointer to SSL instead of TLSSessionInfo to LogSpec
3cd6817e Fix typos
d4a69658 Add another warning about mruby
8e06fe49 Fix typo
aaeeec8f Fix typos
66d5e246 Bump up version number to 1.28.0-DEV

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-11-27 10:12:03 +01:00
Rosen Penev
9052dd6534 libusb-compat: Upgrade to 0.1.15
Compile tested on ramips (mt7621)

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-11-22 20:45:28 +01:00