This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 502f6c63a3120a85ca855ec9aaec9c6cb90cbefd (commit) via bb859c27f08b67d05c204455849f173df29cfdf1 (commit) via 387d4b5e43fb602c3be6078ce3a2284f07be55ba (commit) via 9f2779d71c9289e0c01da191666eef77062eb91d (commit) via bcc66365764642ffa529a5bd6623110fa78c44b6 (commit) via 597e584f3dcbec0488f7471f7f657a0d092df627 (commit) via 0de7cc50ac420b3a635a342197a0174d5eeb4e1d (commit) via 37ff8e005db883c8e476dedd1b73e6623e271cc9 (commit) via 161613165a64dffeef9a0d5bc545c698dfdda002 (commit) via 93d540832a2077e276c8c5d8eec14f3aa9fe47a4 (commit) via 5b2fc5d65f85917e906af70f63c2fc238b266420 (commit) from 50f75f88068420c66a64661120ab24f32feda22a (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 502f6c63a3120a85ca855ec9aaec9c6cb90cbefd Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Jan 18 17:05:46 2021 +0000
network-hotplug-bridges: Fix logical error in STP_PRIORITY check
Reported-by: Daniel Weismüller daniel.weismueller@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit bb859c27f08b67d05c204455849f173df29cfdf1 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Sat Jan 16 18:11:35 2021 +0100
nano: Update to 5.5
For details see: https://www.nano-editor.org/news.php
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 387d4b5e43fb602c3be6078ce3a2284f07be55ba Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Jan 18 13:06:25 2021 +0000
core154: Ship logrotate
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 9f2779d71c9289e0c01da191666eef77062eb91d Author: Matthias Fischer matthias.fischer@ipfire.org Date: Sat Jan 16 16:57:56 2021 +0100
logrotate: Update to 3.18.0
Exerpt from 'ChangeLog.md':
"## [3.18.0] - 2021-01-08 - allow UIDs and GIDs to be specified numerically (#217) - add support for Zstandard compressed files (#355) - make `delaycompress` not to fail with `rotate 0` (#341)"
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit bcc66365764642ffa529a5bd6623110fa78c44b6 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Sat Jan 16 16:53:07 2021 +0100
htop: Update to 3.0.5
For details see: https://github.com/htop-dev/htop/blob/master/ChangeLog
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 597e584f3dcbec0488f7471f7f657a0d092df627 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Jan 18 13:05:42 2021 +0000
core154: Ship ipsec-interfaces
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 0de7cc50ac420b3a635a342197a0174d5eeb4e1d Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jan 14 18:54:03 2021 +0000
IPsec: Disable XFRM policy lookup for VTI devices
This speeds up throughput slightly
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 37ff8e005db883c8e476dedd1b73e6623e271cc9 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Jan 18 13:04:55 2021 +0000
core154: Ship sudo
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 161613165a64dffeef9a0d5bc545c698dfdda002 Author: Adolf Belka adolf.belka@ipfire.org Date: Thu Jan 14 19:37:11 2021 +0100
sudo: Upgrade to 1.9.5p1
- Upgrade sudo from 1.8.10p3 to 1.9.5p1 - Move sudo from legacy release (1.8) branch to stable release (1.9) branch - Update rootfile - Changelog available at https://www.sudo.ws/changes.html - Tested out on vm testbed and sudo is working correctly
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Reviewed-by: Peter Müller peter.mueller@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 93d540832a2077e276c8c5d8eec14f3aa9fe47a4 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Jan 18 13:02:43 2021 +0000
wpa_supplicant: Update to development version
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5b2fc5d65f85917e906af70f63c2fc238b266420 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Jan 18 13:02:15 2021 +0000
hostapd: Update to development version
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/hostapd/config | 60 ++++++++++++---------- config/rootfiles/common/sudo | 58 +++++++++++++++++++-- config/rootfiles/core/154/filelists/files | 2 + .../{oldcore/111 => core/154}/filelists/logrotate | 0 .../{oldcore/112 => core/154}/filelists/sudo | 0 config/udev/network-hotplug-bridges | 4 +- lfs/hostapd | 10 ++-- lfs/htop | 6 +-- lfs/logrotate | 4 +- lfs/nano | 6 +-- lfs/sudo | 4 +- lfs/wpa_supplicant | 13 +++-- src/patches/hostapd/hostapd-2.9-noscan.patch | 42 +++++++-------- src/scripts/ipsec-interfaces | 5 ++ 14 files changed, 136 insertions(+), 78 deletions(-) copy config/rootfiles/{oldcore/111 => core/154}/filelists/logrotate (100%) copy config/rootfiles/{oldcore/112 => core/154}/filelists/sudo (100%)
Difference in files: diff --git a/config/hostapd/config b/config/hostapd/config index 78206ed78..4fa6df19f 100644 --- a/config/hostapd/config +++ b/config/hostapd/config @@ -44,41 +44,35 @@ CONFIG_LIBNL32=y # Driver interface for no driver (e.g., RADIUS server only) #CONFIG_DRIVER_NONE=y
-# IEEE 802.11F/IAPP -CONFIG_IAPP=y - # WPA2/IEEE 802.11i RSN pre-authentication CONFIG_RSN_PREAUTH=y
-# IEEE 802.11w (management frame protection) -CONFIG_IEEE80211W=y - # Support Operating Channel Validation #CONFIG_OCV=y
# Integrated EAP server -CONFIG_EAP=y +#CONFIG_EAP=y
# EAP Re-authentication Protocol (ERP) in integrated EAP server -CONFIG_ERP=y +#CONFIG_ERP=y
# EAP-MD5 for the integrated EAP server -CONFIG_EAP_MD5=y +#CONFIG_EAP_MD5=y
# EAP-TLS for the integrated EAP server -CONFIG_EAP_TLS=y +#CONFIG_EAP_TLS=y
# EAP-MSCHAPv2 for the integrated EAP server -CONFIG_EAP_MSCHAPV2=y +#CONFIG_EAP_MSCHAPV2=y
# EAP-PEAP for the integrated EAP server -CONFIG_EAP_PEAP=y +#CONFIG_EAP_PEAP=y
# EAP-GTC for the integrated EAP server -CONFIG_EAP_GTC=y +#CONFIG_EAP_GTC=y
# EAP-TTLS for the integrated EAP server -CONFIG_EAP_TTLS=y +#CONFIG_EAP_TTLS=y
# EAP-SIM for the integrated EAP server #CONFIG_EAP_SIM=y @@ -138,7 +132,7 @@ CONFIG_EAP_TTLS=y
# PKCS#12 (PFX) support (used to read private key and certificate file from # a file that usually has extension .p12 or .pfx) -CONFIG_PKCS12=y +#CONFIG_PKCS12=y
# RADIUS authentication server. This provides access to the integrated EAP # server from external hosts using RADIUS. @@ -154,9 +148,6 @@ CONFIG_PKCS12=y # the IEEE 802.11 Management capability (e.g., FreeBSD/net80211) #CONFIG_DRIVER_RADIUS_ACL=y
-# IEEE 802.11n (High Throughput) support -CONFIG_IEEE80211N=y - # Wireless Network Management (IEEE Std 802.11v-2011) # Note: This is experimental and not complete implementation. #CONFIG_WNM=y @@ -168,7 +159,7 @@ CONFIG_IEEE80211AC=y # Note: This is experimental and work in progress. The definitions are still # subject to change and this should not be expected to interoperate with the # final IEEE 802.11ax version. -#CONFIG_IEEE80211AX=y +CONFIG_IEEE80211AX=y
# Remove debugging code that is printing out debug messages to stdout. # This can be used to reduce the size of the hostapd considerably if debugging @@ -189,13 +180,13 @@ CONFIG_IEEE80211AC=y #CONFIG_DEBUG_LINUX_TRACING=y
# Remove support for RADIUS accounting -#CONFIG_NO_ACCOUNTING=y +CONFIG_NO_ACCOUNTING=y
# Remove support for RADIUS -#CONFIG_NO_RADIUS=y +CONFIG_NO_RADIUS=y
# Remove support for VLANs -#CONFIG_NO_VLAN=y +CONFIG_NO_VLAN=y
# Enable support for fully dynamic VLANs. This enables hostapd to # automatically create bridge and VLAN interfaces if necessary. @@ -279,7 +270,7 @@ CONFIG_ELOOP_EPOLL=y # internal = Internal TLSv1 implementation (experimental) # linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental) # none = Empty template -#CONFIG_TLS=openssl +CONFIG_TLS=openssl
# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1) # can be enabled to get a stronger construction of messages when block ciphers @@ -360,7 +351,7 @@ CONFIG_ELOOP_EPOLL=y CONFIG_ACS=y
# Multiband Operation support -# These extentions facilitate efficient use of multiple frequency bands +# These extensions facilitate efficient use of multiple frequency bands # available to the AP and the devices that may associate with it. #CONFIG_MBO=y
@@ -377,7 +368,7 @@ CONFIG_TAXONOMY=y
# Include internal line edit mode in hostapd_cli. This can be used to provide # limited command line editing and history support. -#CONFIG_WPA_CLI_EDIT=y +CONFIG_WPA_CLI_EDIT=y
# Opportunistic Wireless Encryption (OWE) # Experimental implementation of draft-harkins-owe-07.txt @@ -390,5 +381,20 @@ CONFIG_AIRTIME_POLICY=y # parameter. See that parameter in hostapd.conf for more details. #CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
-# Custom configuration -CONFIG_SAE=y +# Wired equivalent privacy (WEP) +# WEP is an obsolete cryptographic data confidentiality algorithm that is not +# considered secure. It should not be used for anything anymore. The +# functionality needed to use WEP is available in the current hostapd +# release under this optional build parameter. This functionality is subject to +# be completely removed in a future release. +#CONFIG_WEP=y + +# Remove all TKIP functionality +# TKIP is an old cryptographic data confidentiality algorithm that is not +# considered secure. It should not be used anymore. For now, the default hostapd +# build includes this to allow mixed mode WPA+WPA2 networks to be enabled, but +# that functionality is subject to be removed in the future. +#CONFIG_NO_TKIP=y + +# Manually added options +CONFIG_IEEE80211W=y diff --git a/config/rootfiles/common/sudo b/config/rootfiles/common/sudo index 860981890..babdcb484 100644 --- a/config/rootfiles/common/sudo +++ b/config/rootfiles/common/sudo @@ -1,13 +1,31 @@ +#etc/sudo.conf +#etc/sudo_logsrvd.conf etc/sudoers +#etc/sudoers.dist +#usr/bin/cvtsudoers usr/bin/sudo usr/bin/sudoedit usr/bin/sudoreplay #usr/include/sudo_plugin.h usr/lib/sudo +#usr/lib/sudo/audit_json.la +#usr/lib/sudo/audit_json.so +#usr/lib/sudo/group_file.la usr/lib/sudo/group_file.so +#usr/lib/sudo/libsudo_util.la +#usr/lib/sudo/libsudo_util.so +#usr/lib/sudo/libsudo_util.so.0 +usr/lib/sudo/libsudo_util.so.0.0.0 +#usr/lib/sudo/sample_approval.la +usr/lib/sudo/sample_approval.so +#usr/lib/sudo/sudo_noexec.la usr/lib/sudo/sudo_noexec.so +#usr/lib/sudo/sudoers.la usr/lib/sudo/sudoers.so +#usr/lib/sudo/system_group.la usr/lib/sudo/system_group.so +#usr/sbin/sudo_logsrvd +#usr/sbin/sudo_sendlog usr/sbin/visudo #usr/share/doc/sudo #usr/share/doc/sudo/CONTRIBUTORS @@ -18,17 +36,23 @@ usr/sbin/visudo #usr/share/doc/sudo/README #usr/share/doc/sudo/TROUBLESHOOTING #usr/share/doc/sudo/UPGRADE -#usr/share/doc/sudo/sample.pam -#usr/share/doc/sudo/sample.sudo.conf -#usr/share/doc/sudo/sample.sudoers -#usr/share/doc/sudo/sample.syslog.conf +#usr/share/doc/sudo/examples +#usr/share/doc/sudo/examples/pam.conf +#usr/share/doc/sudo/examples/sudo.conf +#usr/share/doc/sudo/examples/sudo_logsrvd.conf +#usr/share/doc/sudo/examples/sudoers +#usr/share/doc/sudo/examples/syslog.conf +#usr/share/locale/ast/LC_MESSAGES/sudo.mo +#usr/share/locale/ast/LC_MESSAGES/sudoers.mo #usr/share/locale/ca/LC_MESSAGES/sudo.mo +#usr/share/locale/ca/LC_MESSAGES/sudoers.mo #usr/share/locale/cs/LC_MESSAGES/sudo.mo #usr/share/locale/cs/LC_MESSAGES/sudoers.mo #usr/share/locale/da/LC_MESSAGES/sudo.mo #usr/share/locale/da/LC_MESSAGES/sudoers.mo #usr/share/locale/de/LC_MESSAGES/sudo.mo #usr/share/locale/de/LC_MESSAGES/sudoers.mo +#usr/share/locale/el/LC_MESSAGES/sudoers.mo #usr/share/locale/eo/LC_MESSAGES/sudo.mo #usr/share/locale/eo/LC_MESSAGES/sudoers.mo #usr/share/locale/es/LC_MESSAGES/sudo.mo @@ -37,21 +61,38 @@ usr/sbin/visudo #usr/share/locale/fi/LC_MESSAGES/sudo.mo #usr/share/locale/fi/LC_MESSAGES/sudoers.mo #usr/share/locale/fr/LC_MESSAGES/sudo.mo +#usr/share/locale/fr/LC_MESSAGES/sudoers.mo +#usr/share/locale/fur/LC_MESSAGES/sudo.mo +#usr/share/locale/fur/LC_MESSAGES/sudoers.mo #usr/share/locale/gl/LC_MESSAGES/sudo.mo #usr/share/locale/hr/LC_MESSAGES/sudo.mo #usr/share/locale/hr/LC_MESSAGES/sudoers.mo +#usr/share/locale/hu/LC_MESSAGES/sudo.mo +#usr/share/locale/hu/LC_MESSAGES/sudoers.mo #usr/share/locale/it/LC_MESSAGES/sudo.mo #usr/share/locale/it/LC_MESSAGES/sudoers.mo #usr/share/locale/ja/LC_MESSAGES/sudo.mo #usr/share/locale/ja/LC_MESSAGES/sudoers.mo +#usr/share/locale/ko/LC_MESSAGES/sudo.mo +#usr/share/locale/ko/LC_MESSAGES/sudoers.mo #usr/share/locale/lt/LC_MESSAGES/sudoers.mo +#usr/share/locale/nb/LC_MESSAGES/sudo.mo +#usr/share/locale/nb/LC_MESSAGES/sudoers.mo #usr/share/locale/nl/LC_MESSAGES/sudo.mo #usr/share/locale/nl/LC_MESSAGES/sudoers.mo +#usr/share/locale/nn/LC_MESSAGES/sudo.mo #usr/share/locale/pl/LC_MESSAGES/sudo.mo #usr/share/locale/pl/LC_MESSAGES/sudoers.mo +#usr/share/locale/pt/LC_MESSAGES/sudo.mo +#usr/share/locale/pt/LC_MESSAGES/sudoers.mo #usr/share/locale/pt_BR/LC_MESSAGES/sudo.mo #usr/share/locale/pt_BR/LC_MESSAGES/sudoers.mo +#usr/share/locale/ro/LC_MESSAGES/sudo.mo +#usr/share/locale/ro/LC_MESSAGES/sudoers.mo #usr/share/locale/ru/LC_MESSAGES/sudo.mo +#usr/share/locale/ru/LC_MESSAGES/sudoers.mo +#usr/share/locale/sk/LC_MESSAGES/sudo.mo +#usr/share/locale/sk/LC_MESSAGES/sudoers.mo #usr/share/locale/sl/LC_MESSAGES/sudo.mo #usr/share/locale/sl/LC_MESSAGES/sudoers.mo #usr/share/locale/sr/LC_MESSAGES/sudo.mo @@ -66,11 +107,20 @@ usr/sbin/visudo #usr/share/locale/vi/LC_MESSAGES/sudoers.mo #usr/share/locale/zh_CN/LC_MESSAGES/sudo.mo #usr/share/locale/zh_CN/LC_MESSAGES/sudoers.mo +#usr/share/locale/zh_TW/LC_MESSAGES/sudo.mo +#usr/share/locale/zh_TW/LC_MESSAGES/sudoers.mo +#usr/share/man/man1/cvtsudoers.1 #usr/share/man/man5/sudo.conf.5 +#usr/share/man/man5/sudo_logsrv.proto.5 +#usr/share/man/man5/sudo_logsrvd.conf.5 #usr/share/man/man5/sudoers.5 +#usr/share/man/man5/sudoers_timestamp.5 #usr/share/man/man8/sudo.8 +#usr/share/man/man8/sudo_logsrvd.8 #usr/share/man/man8/sudo_plugin.8 +#usr/share/man/man8/sudo_sendlog.8 #usr/share/man/man8/sudoedit.8 #usr/share/man/man8/sudoreplay.8 #usr/share/man/man8/visudo.8 var/db/sudo +#var/db/sudo/lectured diff --git a/config/rootfiles/core/154/filelists/files b/config/rootfiles/core/154/filelists/files index a30521c94..ec58127a2 100644 --- a/config/rootfiles/core/154/filelists/files +++ b/config/rootfiles/core/154/filelists/files @@ -5,6 +5,7 @@ etc/rc.d/init.d/functions etc/rc.d/init.d/sshd etc/rc.d/init.d/unbound etc/rc.d/init.d/wlanclient +lib/udev/network-hotplug-bridges opt/pakfire/lib/functions.sh srv/web/ipfire/cgi-bin/country.cgi srv/web/ipfire/cgi-bin/credits.cgi @@ -18,6 +19,7 @@ srv/web/ipfire/cgi-bin/pakfire.cgi srv/web/ipfire/cgi-bin/remote.cgi srv/web/ipfire/cgi-bin/services.cgi srv/web/ipfire/cgi-bin/wirelessclient.cgi +usr/local/bin/ipsec-interfaces usr/local/bin/sshctrl var/ipfire/extrahd/bin/extrahd.pl var/ipfire/general-functions.pl diff --git a/config/rootfiles/core/154/filelists/logrotate b/config/rootfiles/core/154/filelists/logrotate new file mode 120000 index 000000000..bc192c05d --- /dev/null +++ b/config/rootfiles/core/154/filelists/logrotate @@ -0,0 +1 @@ +../../../common/logrotate \ No newline at end of file diff --git a/config/rootfiles/core/154/filelists/sudo b/config/rootfiles/core/154/filelists/sudo new file mode 120000 index 000000000..0d3c45e04 --- /dev/null +++ b/config/rootfiles/core/154/filelists/sudo @@ -0,0 +1 @@ +../../../common/sudo \ No newline at end of file diff --git a/config/udev/network-hotplug-bridges b/config/udev/network-hotplug-bridges index 89470fec0..4fc11fb33 100644 --- a/config/udev/network-hotplug-bridges +++ b/config/udev/network-hotplug-bridges @@ -87,8 +87,8 @@ STP_PRIORITY="$(get_value "${ZONE}_STP_PRIORITY")" case "${MODE}" in bridge) # We need to check if $STP_PRIORITY has a valid value if not set it - if [ -n "${STP_PRIORITY}" ]; then - STP_PRIORITY=16384; + if [ -z "${STP_PRIORITY}" ]; then + STP_PRIORITY=16384 fi
ADDRESS="$(get_value "${ZONE}_MACADDR")" diff --git a/lfs/hostapd b/lfs/hostapd index 3cac20c8a..e6b92db3a 100644 --- a/lfs/hostapd +++ b/lfs/hostapd @@ -24,15 +24,15 @@
include Config
-VER = 2.9 +VER = 581dfcc
THISAPP = hostapd-$(VER) DL_FILE = $(THISAPP).tar.gz DL_FROM = $(URL_IPFIRE) -DIR_APP = $(DIR_SRC)/$(THISAPP) +DIR_APP = $(DIR_SRC)/hostap-$(VER) TARGET = $(DIR_INFO)/$(THISAPP) PROG = hostapd -PAK_VER = 53 +PAK_VER = 54
DEPS =
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = f188fc53a495fe7af3b6d77d3c31dee8 +$(DL_FILE)_MD5 = eed922f2daabe16d74adf2b23455d8bd
install : $(TARGET)
@@ -83,7 +83,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP)/hostapd && cp $(DIR_SRC)/config/hostapd/config ./.config cd $(DIR_APP)/hostapd && sed -e "s@/usr/local@/usr@g" -i Makefile - cd $(DIR_APP)/hostapd && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_APP)/hostapd && make $(MAKETUNING) cd $(DIR_APP)/hostapd && make install install -v -m 644 $(DIR_SRC)/config/backup/includes/hostapd /var/ipfire/backup/addons/includes/hostapd # install initscript diff --git a/lfs/htop b/lfs/htop index 12622beec..0dfdf011f 100644 --- a/lfs/htop +++ b/lfs/htop @@ -24,7 +24,7 @@
include Config
-VER = 3.0.4 +VER = 3.0.5
THISAPP = htop-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = htop -PAK_VER = 15 +PAK_VER = 16
DEPS =
@@ -46,7 +46,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d2ed5c2c060399319675874c44942838 +$(DL_FILE)_MD5 = 780b79322cfc576a762c2dadb5575d04
install : $(TARGET)
diff --git a/lfs/logrotate b/lfs/logrotate index 45a0d47e2..cc6f07fa3 100644 --- a/lfs/logrotate +++ b/lfs/logrotate @@ -24,7 +24,7 @@
include Config
-VER = 3.17.0 +VER = 3.18.0
THISAPP = logrotate-$(VER) DL_FILE = logrotate-$(VER).tar.gz @@ -42,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 6bd4d3102ae9c86d37e46ca93bcffa66 +$(DL_FILE)_MD5 = f8ad01f87865cd7b80136eccf16ba4a1
install : $(TARGET)
diff --git a/lfs/nano b/lfs/nano index 826bd82b3..a9fa2a1d9 100644 --- a/lfs/nano +++ b/lfs/nano @@ -24,7 +24,7 @@
include Config
-VER = 5.4 +VER = 5.5
THISAPP = nano-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = nano -PAK_VER = 34 +PAK_VER = 35
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 703d9b5317486c6f49918e27c435fbc9 +$(DL_FILE)_MD5 = 145bc1ae94e25bd4f9168b7c56fee984
install : $(TARGET)
diff --git a/lfs/sudo b/lfs/sudo index 066a29fa0..feba249cd 100644 --- a/lfs/sudo +++ b/lfs/sudo @@ -24,7 +24,7 @@
include Config
-VER = 1.8.10p3 +VER = 1.9.5p1
THISAPP = sudo-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = fcd8d0d9f9f0397d076ee901e242ed39 +$(DL_FILE)_MD5 = 145f6e69c116f82cf0377ccf459344eb
install : $(TARGET)
diff --git a/lfs/wpa_supplicant b/lfs/wpa_supplicant index 549cee152..c64b6aab4 100644 --- a/lfs/wpa_supplicant +++ b/lfs/wpa_supplicant @@ -24,14 +24,13 @@
include Config
-VER = 2.9 +VER = 581dfcc
THISAPP = wpa_supplicant-$(VER) -DL_FILE = $(THISAPP).tar.gz +DL_FILE = hostapd-$(VER).tar.gz DL_FROM = $(URL_IPFIRE) -DIR_APP = $(DIR_SRC)/$(THISAPP) +DIR_APP = $(DIR_SRC)/hostap-$(VER) TARGET = $(DIR_INFO)/$(THISAPP) -PROG = wpa_supplicant
############################################################################### # Top-level Rules @@ -41,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 2d2958c782576dc9901092fbfecb4190 +$(DL_FILE)_MD5 = eed922f2daabe16d74adf2b23455d8bd
install : $(TARGET)
@@ -74,10 +73,10 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP)/wpa_supplicant && cp $(DIR_SRC)/config/wpa_supplicant/config ./.config cd $(DIR_APP)/wpa_supplicant && sed -e "s/wpa_cli\ dynamic_eap_methods/wpa_cli\ #dynamic_eap_methods/" -i Makefile cd $(DIR_APP)/wpa_supplicant && sed -e "s@/usr/local@/usr@g" -i Makefile - cd $(DIR_APP)/wpa_supplicant && make && make install + cd $(DIR_APP)/wpa_supplicant && make $(MAKETUNING) + cd $(DIR_APP)/wpa_supplicant && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/src/patches/hostapd/hostapd-2.9-noscan.patch b/src/patches/hostapd/hostapd-2.9-noscan.patch index c4df23029..638b76f84 100644 --- a/src/patches/hostapd/hostapd-2.9-noscan.patch +++ b/src/patches/hostapd/hostapd-2.9-noscan.patch @@ -1,10 +1,9 @@ -diff U3 hostapd/config_file.c hostapd/config_file.c ---- a/hostapd/config_file.c Wed Aug 7 15:25:25 2019 -+++ b/hostapd/config_file.c Fri Sep 20 17:36:33 2019 -@@ -3411,6 +3411,10 @@ +--- a/hostapd/config_file.c ++++ b/hostapd/config_file.c +@@ -3493,6 +3493,10 @@ static int hostapd_config_fill(struct ho + if (bss->ocv && !bss->ieee80211w) bss->ieee80211w = 1; #endif /* CONFIG_OCV */ - #ifdef CONFIG_IEEE80211N + } else if (os_strcmp(buf, "noscan") == 0) { + conf->noscan = atoi(pos); + } else if (os_strcmp(buf, "ht_coex") == 0) { @@ -12,10 +11,9 @@ diff U3 hostapd/config_file.c hostapd/config_file.c } else if (os_strcmp(buf, "ieee80211n") == 0) { conf->ieee80211n = atoi(pos); } else if (os_strcmp(buf, "ht_capab") == 0) { -diff U3 src/ap/ap_config.h src/ap/ap_config.h ---- a/src/ap/ap_config.h Wed Aug 7 15:25:25 2019 -+++ b/src/ap/ap_config.h Fri Sep 20 17:38:06 2019 -@@ -932,6 +932,8 @@ +--- a/src/ap/ap_config.h ++++ b/src/ap/ap_config.h +@@ -984,6 +984,8 @@ struct hostapd_config {
int ht_op_mode_fixed; u16 ht_capab; @@ -24,10 +22,9 @@ diff U3 src/ap/ap_config.h src/ap/ap_config.h int ieee80211n; int secondary_channel; int no_pri_sec_switch; -diff U3 src/ap/hw_features.c src/ap/hw_features.c ---- a/src/ap/hw_features.c Wed Aug 7 15:25:25 2019 -+++ b/src/ap/hw_features.c Fri Sep 20 17:39:02 2019 -@@ -477,7 +477,8 @@ +--- a/src/ap/hw_features.c ++++ b/src/ap/hw_features.c +@@ -500,7 +500,8 @@ static int ieee80211n_check_40mhz(struct int ret;
/* Check that HT40 is used and PRI / SEC switch is allowed */ @@ -37,10 +34,9 @@ diff U3 src/ap/hw_features.c src/ap/hw_features.c return 0;
hostapd_set_state(iface, HAPD_IFACE_HT_SCAN); -diff U3 src/ap/ieee802_11_ht.c src/ap/ieee802_11_ht.c ---- a/src/ap/ieee802_11_ht.c Wed Aug 7 15:25:25 2019 -+++ b/src/ap/ieee802_11_ht.c Fri Sep 20 17:41:24 2019 -@@ -252,6 +252,9 @@ +--- a/src/ap/ieee802_11_ht.c ++++ b/src/ap/ieee802_11_ht.c +@@ -230,6 +230,9 @@ void hostapd_2040_coex_action(struct hos return; }
@@ -50,13 +46,13 @@ diff U3 src/ap/ieee802_11_ht.c src/ap/ieee802_11_ht.c if (len < IEEE80211_HDRLEN + 2 + sizeof(*bc_ie)) { wpa_printf(MSG_DEBUG, "Ignore too short 20/40 BSS Coexistence Management frame"); -@@ -410,6 +413,9 @@ - void ht40_intolerant_add(struct hostapd_iface *iface, struct sta_info *sta) - { +@@ -390,6 +393,9 @@ void ht40_intolerant_add(struct hostapd_ if (iface->current_mode->mode != HOSTAPD_MODE_IEEE80211G) -+ return; -+ -+ if (iface->conf->noscan || iface->conf->no_ht_coex) return;
++ if (iface->conf->noscan || iface->conf->no_ht_coex) ++ return; ++ wpa_printf(MSG_INFO, "HT: Forty MHz Intolerant is set by STA " MACSTR + " in Association Request", MAC2STR(sta->addr)); + diff --git a/src/scripts/ipsec-interfaces b/src/scripts/ipsec-interfaces index 2546f8927..f0983dbdc 100644 --- a/src/scripts/ipsec-interfaces +++ b/src/scripts/ipsec-interfaces @@ -228,6 +228,11 @@ main() { ip addr flush dev "${intf}" ip addr add "${interface_address}" dev "${intf}"
+ # Disable IPsec policy lookup for VTI + if [ "${interface_mode}" = "vti" ]; then + sysctl -qw "net.ipv4.conf.${intf}.disable_policy=1" + fi + # Set MTU ip link set dev "${intf}" mtu "${interface_mtu}"
hooks/post-receive -- IPFire 2.x development tree