From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 502f6c63a3120a85ca855ec9aaec9c6cb90cbefd Date: Mon, 18 Jan 2021 19:04:39 +0000 Message-ID: <4DKLnM5xwRz2xLY@people01.haj.ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3551913744874383462==" List-Id: --===============3551913744874383462== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 502f6c63a3120a85ca855ec9aaec9c6cb90cbefd (commit) via bb859c27f08b67d05c204455849f173df29cfdf1 (commit) via 387d4b5e43fb602c3be6078ce3a2284f07be55ba (commit) via 9f2779d71c9289e0c01da191666eef77062eb91d (commit) via bcc66365764642ffa529a5bd6623110fa78c44b6 (commit) via 597e584f3dcbec0488f7471f7f657a0d092df627 (commit) via 0de7cc50ac420b3a635a342197a0174d5eeb4e1d (commit) via 37ff8e005db883c8e476dedd1b73e6623e271cc9 (commit) via 161613165a64dffeef9a0d5bc545c698dfdda002 (commit) via 93d540832a2077e276c8c5d8eec14f3aa9fe47a4 (commit) via 5b2fc5d65f85917e906af70f63c2fc238b266420 (commit) from 50f75f88068420c66a64661120ab24f32feda22a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 502f6c63a3120a85ca855ec9aaec9c6cb90cbefd Author: Michael Tremer Date: Mon Jan 18 17:05:46 2021 +0000 network-hotplug-bridges: Fix logical error in STP_PRIORITY check =20 Reported-by: Daniel Weism=C3=BCller Signed-off-by: Michael Tremer commit bb859c27f08b67d05c204455849f173df29cfdf1 Author: Matthias Fischer Date: Sat Jan 16 18:11:35 2021 +0100 nano: Update to 5.5 =20 For details see: https://www.nano-editor.org/news.php =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 387d4b5e43fb602c3be6078ce3a2284f07be55ba Author: Michael Tremer Date: Mon Jan 18 13:06:25 2021 +0000 core154: Ship logrotate =20 Signed-off-by: Michael Tremer commit 9f2779d71c9289e0c01da191666eef77062eb91d Author: Matthias Fischer Date: Sat Jan 16 16:57:56 2021 +0100 logrotate: Update to 3.18.0 =20 Exerpt from 'ChangeLog.md': =20 "## [3.18.0] - 2021-01-08 - allow UIDs and GIDs to be specified numerically (#217) - add support for Zstandard compressed files (#355) - make `delaycompress` not to fail with `rotate 0` (#341)" =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit bcc66365764642ffa529a5bd6623110fa78c44b6 Author: Matthias Fischer Date: Sat Jan 16 16:53:07 2021 +0100 htop: Update to 3.0.5 =20 For details see: https://github.com/htop-dev/htop/blob/master/ChangeLog =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 597e584f3dcbec0488f7471f7f657a0d092df627 Author: Michael Tremer Date: Mon Jan 18 13:05:42 2021 +0000 core154: Ship ipsec-interfaces =20 Signed-off-by: Michael Tremer commit 0de7cc50ac420b3a635a342197a0174d5eeb4e1d Author: Michael Tremer Date: Thu Jan 14 18:54:03 2021 +0000 IPsec: Disable XFRM policy lookup for VTI devices =20 This speeds up throughput slightly =20 Signed-off-by: Michael Tremer commit 37ff8e005db883c8e476dedd1b73e6623e271cc9 Author: Michael Tremer Date: Mon Jan 18 13:04:55 2021 +0000 core154: Ship sudo =20 Signed-off-by: Michael Tremer commit 161613165a64dffeef9a0d5bc545c698dfdda002 Author: Adolf Belka Date: Thu Jan 14 19:37:11 2021 +0100 sudo: Upgrade to 1.9.5p1 =20 - Upgrade sudo from 1.8.10p3 to 1.9.5p1 - Move sudo from legacy release (1.8) branch to stable release (1.9) bran= ch - Update rootfile - Changelog available at https://www.sudo.ws/changes.html - Tested out on vm testbed and sudo is working correctly =20 Signed-off-by: Adolf Belka Reviewed-by: Peter M=C3=BCller Signed-off-by: Michael Tremer commit 93d540832a2077e276c8c5d8eec14f3aa9fe47a4 Author: Michael Tremer Date: Mon Jan 18 13:02:43 2021 +0000 wpa_supplicant: Update to development version =20 Signed-off-by: Michael Tremer commit 5b2fc5d65f85917e906af70f63c2fc238b266420 Author: Michael Tremer Date: Mon Jan 18 13:02:15 2021 +0000 hostapd: Update to development version =20 Signed-off-by: Michael Tremer ----------------------------------------------------------------------- Summary of changes: config/hostapd/config | 60 ++++++++++++--------= -- config/rootfiles/common/sudo | 58 +++++++++++++++++++-- config/rootfiles/core/154/filelists/files | 2 + .../{oldcore/111 =3D> core/154}/filelists/logrotate | 0 .../{oldcore/112 =3D> core/154}/filelists/sudo | 0 config/udev/network-hotplug-bridges | 4 +- lfs/hostapd | 10 ++-- lfs/htop | 6 +-- lfs/logrotate | 4 +- lfs/nano | 6 +-- lfs/sudo | 4 +- lfs/wpa_supplicant | 13 +++-- src/patches/hostapd/hostapd-2.9-noscan.patch | 42 +++++++-------- src/scripts/ipsec-interfaces | 5 ++ 14 files changed, 136 insertions(+), 78 deletions(-) copy config/rootfiles/{oldcore/111 =3D> core/154}/filelists/logrotate (100%) copy config/rootfiles/{oldcore/112 =3D> core/154}/filelists/sudo (100%) Difference in files: diff --git a/config/hostapd/config b/config/hostapd/config index 78206ed78..4fa6df19f 100644 --- a/config/hostapd/config +++ b/config/hostapd/config @@ -44,41 +44,35 @@ CONFIG_LIBNL32=3Dy # Driver interface for no driver (e.g., RADIUS server only) #CONFIG_DRIVER_NONE=3Dy =20 -# IEEE 802.11F/IAPP -CONFIG_IAPP=3Dy - # WPA2/IEEE 802.11i RSN pre-authentication CONFIG_RSN_PREAUTH=3Dy =20 -# IEEE 802.11w (management frame protection) -CONFIG_IEEE80211W=3Dy - # Support Operating Channel Validation #CONFIG_OCV=3Dy =20 # Integrated EAP server -CONFIG_EAP=3Dy +#CONFIG_EAP=3Dy =20 # EAP Re-authentication Protocol (ERP) in integrated EAP server -CONFIG_ERP=3Dy +#CONFIG_ERP=3Dy =20 # EAP-MD5 for the integrated EAP server -CONFIG_EAP_MD5=3Dy +#CONFIG_EAP_MD5=3Dy =20 # EAP-TLS for the integrated EAP server -CONFIG_EAP_TLS=3Dy +#CONFIG_EAP_TLS=3Dy =20 # EAP-MSCHAPv2 for the integrated EAP server -CONFIG_EAP_MSCHAPV2=3Dy +#CONFIG_EAP_MSCHAPV2=3Dy =20 # EAP-PEAP for the integrated EAP server -CONFIG_EAP_PEAP=3Dy +#CONFIG_EAP_PEAP=3Dy =20 # EAP-GTC for the integrated EAP server -CONFIG_EAP_GTC=3Dy +#CONFIG_EAP_GTC=3Dy =20 # EAP-TTLS for the integrated EAP server -CONFIG_EAP_TTLS=3Dy +#CONFIG_EAP_TTLS=3Dy =20 # EAP-SIM for the integrated EAP server #CONFIG_EAP_SIM=3Dy @@ -138,7 +132,7 @@ CONFIG_EAP_TTLS=3Dy =20 # PKCS#12 (PFX) support (used to read private key and certificate file from # a file that usually has extension .p12 or .pfx) -CONFIG_PKCS12=3Dy +#CONFIG_PKCS12=3Dy =20 # RADIUS authentication server. This provides access to the integrated EAP # server from external hosts using RADIUS. @@ -154,9 +148,6 @@ CONFIG_PKCS12=3Dy # the IEEE 802.11 Management capability (e.g., FreeBSD/net80211) #CONFIG_DRIVER_RADIUS_ACL=3Dy =20 -# IEEE 802.11n (High Throughput) support -CONFIG_IEEE80211N=3Dy - # Wireless Network Management (IEEE Std 802.11v-2011) # Note: This is experimental and not complete implementation. #CONFIG_WNM=3Dy @@ -168,7 +159,7 @@ CONFIG_IEEE80211AC=3Dy # Note: This is experimental and work in progress. The definitions are still # subject to change and this should not be expected to interoperate with the # final IEEE 802.11ax version. -#CONFIG_IEEE80211AX=3Dy +CONFIG_IEEE80211AX=3Dy =20 # Remove debugging code that is printing out debug messages to stdout. # This can be used to reduce the size of the hostapd considerably if debuggi= ng @@ -189,13 +180,13 @@ CONFIG_IEEE80211AC=3Dy #CONFIG_DEBUG_LINUX_TRACING=3Dy =20 # Remove support for RADIUS accounting -#CONFIG_NO_ACCOUNTING=3Dy +CONFIG_NO_ACCOUNTING=3Dy =20 # Remove support for RADIUS -#CONFIG_NO_RADIUS=3Dy +CONFIG_NO_RADIUS=3Dy =20 # Remove support for VLANs -#CONFIG_NO_VLAN=3Dy +CONFIG_NO_VLAN=3Dy =20 # Enable support for fully dynamic VLANs. This enables hostapd to # automatically create bridge and VLAN interfaces if necessary. @@ -279,7 +270,7 @@ CONFIG_ELOOP_EPOLL=3Dy # internal =3D Internal TLSv1 implementation (experimental) # linux =3D Linux kernel AF_ALG and internal TLSv1 implementation (experimen= tal) # none =3D Empty template -#CONFIG_TLS=3Dopenssl +CONFIG_TLS=3Dopenssl =20 # TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.= 1) # can be enabled to get a stronger construction of messages when block ciphe= rs @@ -360,7 +351,7 @@ CONFIG_ELOOP_EPOLL=3Dy CONFIG_ACS=3Dy =20 # Multiband Operation support -# These extentions facilitate efficient use of multiple frequency bands +# These extensions facilitate efficient use of multiple frequency bands # available to the AP and the devices that may associate with it. #CONFIG_MBO=3Dy =20 @@ -377,7 +368,7 @@ CONFIG_TAXONOMY=3Dy =20 # Include internal line edit mode in hostapd_cli. This can be used to provide # limited command line editing and history support. -#CONFIG_WPA_CLI_EDIT=3Dy +CONFIG_WPA_CLI_EDIT=3Dy =20 # Opportunistic Wireless Encryption (OWE) # Experimental implementation of draft-harkins-owe-07.txt @@ -390,5 +381,20 @@ CONFIG_AIRTIME_POLICY=3Dy # parameter. See that parameter in hostapd.conf for more details. #CFLAGS +=3D -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=3D1 =20 -# Custom configuration -CONFIG_SAE=3Dy +# Wired equivalent privacy (WEP) +# WEP is an obsolete cryptographic data confidentiality algorithm that is not +# considered secure. It should not be used for anything anymore. The +# functionality needed to use WEP is available in the current hostapd +# release under this optional build parameter. This functionality is subject= to +# be completely removed in a future release. +#CONFIG_WEP=3Dy + +# Remove all TKIP functionality +# TKIP is an old cryptographic data confidentiality algorithm that is not +# considered secure. It should not be used anymore. For now, the default hos= tapd +# build includes this to allow mixed mode WPA+WPA2 networks to be enabled, b= ut +# that functionality is subject to be removed in the future. +#CONFIG_NO_TKIP=3Dy + +# Manually added options +CONFIG_IEEE80211W=3Dy diff --git a/config/rootfiles/common/sudo b/config/rootfiles/common/sudo index 860981890..babdcb484 100644 --- a/config/rootfiles/common/sudo +++ b/config/rootfiles/common/sudo @@ -1,13 +1,31 @@ +#etc/sudo.conf +#etc/sudo_logsrvd.conf etc/sudoers +#etc/sudoers.dist +#usr/bin/cvtsudoers usr/bin/sudo usr/bin/sudoedit usr/bin/sudoreplay #usr/include/sudo_plugin.h usr/lib/sudo +#usr/lib/sudo/audit_json.la +#usr/lib/sudo/audit_json.so +#usr/lib/sudo/group_file.la usr/lib/sudo/group_file.so +#usr/lib/sudo/libsudo_util.la +#usr/lib/sudo/libsudo_util.so +#usr/lib/sudo/libsudo_util.so.0 +usr/lib/sudo/libsudo_util.so.0.0.0 +#usr/lib/sudo/sample_approval.la +usr/lib/sudo/sample_approval.so +#usr/lib/sudo/sudo_noexec.la usr/lib/sudo/sudo_noexec.so +#usr/lib/sudo/sudoers.la usr/lib/sudo/sudoers.so +#usr/lib/sudo/system_group.la usr/lib/sudo/system_group.so +#usr/sbin/sudo_logsrvd +#usr/sbin/sudo_sendlog usr/sbin/visudo #usr/share/doc/sudo #usr/share/doc/sudo/CONTRIBUTORS @@ -18,17 +36,23 @@ usr/sbin/visudo #usr/share/doc/sudo/README #usr/share/doc/sudo/TROUBLESHOOTING #usr/share/doc/sudo/UPGRADE -#usr/share/doc/sudo/sample.pam -#usr/share/doc/sudo/sample.sudo.conf -#usr/share/doc/sudo/sample.sudoers -#usr/share/doc/sudo/sample.syslog.conf +#usr/share/doc/sudo/examples +#usr/share/doc/sudo/examples/pam.conf +#usr/share/doc/sudo/examples/sudo.conf +#usr/share/doc/sudo/examples/sudo_logsrvd.conf +#usr/share/doc/sudo/examples/sudoers +#usr/share/doc/sudo/examples/syslog.conf +#usr/share/locale/ast/LC_MESSAGES/sudo.mo +#usr/share/locale/ast/LC_MESSAGES/sudoers.mo #usr/share/locale/ca/LC_MESSAGES/sudo.mo +#usr/share/locale/ca/LC_MESSAGES/sudoers.mo #usr/share/locale/cs/LC_MESSAGES/sudo.mo #usr/share/locale/cs/LC_MESSAGES/sudoers.mo #usr/share/locale/da/LC_MESSAGES/sudo.mo #usr/share/locale/da/LC_MESSAGES/sudoers.mo #usr/share/locale/de/LC_MESSAGES/sudo.mo #usr/share/locale/de/LC_MESSAGES/sudoers.mo +#usr/share/locale/el/LC_MESSAGES/sudoers.mo #usr/share/locale/eo/LC_MESSAGES/sudo.mo #usr/share/locale/eo/LC_MESSAGES/sudoers.mo #usr/share/locale/es/LC_MESSAGES/sudo.mo @@ -37,21 +61,38 @@ usr/sbin/visudo #usr/share/locale/fi/LC_MESSAGES/sudo.mo #usr/share/locale/fi/LC_MESSAGES/sudoers.mo #usr/share/locale/fr/LC_MESSAGES/sudo.mo +#usr/share/locale/fr/LC_MESSAGES/sudoers.mo +#usr/share/locale/fur/LC_MESSAGES/sudo.mo +#usr/share/locale/fur/LC_MESSAGES/sudoers.mo #usr/share/locale/gl/LC_MESSAGES/sudo.mo #usr/share/locale/hr/LC_MESSAGES/sudo.mo #usr/share/locale/hr/LC_MESSAGES/sudoers.mo +#usr/share/locale/hu/LC_MESSAGES/sudo.mo +#usr/share/locale/hu/LC_MESSAGES/sudoers.mo #usr/share/locale/it/LC_MESSAGES/sudo.mo #usr/share/locale/it/LC_MESSAGES/sudoers.mo #usr/share/locale/ja/LC_MESSAGES/sudo.mo #usr/share/locale/ja/LC_MESSAGES/sudoers.mo +#usr/share/locale/ko/LC_MESSAGES/sudo.mo +#usr/share/locale/ko/LC_MESSAGES/sudoers.mo #usr/share/locale/lt/LC_MESSAGES/sudoers.mo +#usr/share/locale/nb/LC_MESSAGES/sudo.mo +#usr/share/locale/nb/LC_MESSAGES/sudoers.mo #usr/share/locale/nl/LC_MESSAGES/sudo.mo #usr/share/locale/nl/LC_MESSAGES/sudoers.mo +#usr/share/locale/nn/LC_MESSAGES/sudo.mo #usr/share/locale/pl/LC_MESSAGES/sudo.mo #usr/share/locale/pl/LC_MESSAGES/sudoers.mo +#usr/share/locale/pt/LC_MESSAGES/sudo.mo +#usr/share/locale/pt/LC_MESSAGES/sudoers.mo #usr/share/locale/pt_BR/LC_MESSAGES/sudo.mo #usr/share/locale/pt_BR/LC_MESSAGES/sudoers.mo +#usr/share/locale/ro/LC_MESSAGES/sudo.mo +#usr/share/locale/ro/LC_MESSAGES/sudoers.mo #usr/share/locale/ru/LC_MESSAGES/sudo.mo +#usr/share/locale/ru/LC_MESSAGES/sudoers.mo +#usr/share/locale/sk/LC_MESSAGES/sudo.mo +#usr/share/locale/sk/LC_MESSAGES/sudoers.mo #usr/share/locale/sl/LC_MESSAGES/sudo.mo #usr/share/locale/sl/LC_MESSAGES/sudoers.mo #usr/share/locale/sr/LC_MESSAGES/sudo.mo @@ -66,11 +107,20 @@ usr/sbin/visudo #usr/share/locale/vi/LC_MESSAGES/sudoers.mo #usr/share/locale/zh_CN/LC_MESSAGES/sudo.mo #usr/share/locale/zh_CN/LC_MESSAGES/sudoers.mo +#usr/share/locale/zh_TW/LC_MESSAGES/sudo.mo +#usr/share/locale/zh_TW/LC_MESSAGES/sudoers.mo +#usr/share/man/man1/cvtsudoers.1 #usr/share/man/man5/sudo.conf.5 +#usr/share/man/man5/sudo_logsrv.proto.5 +#usr/share/man/man5/sudo_logsrvd.conf.5 #usr/share/man/man5/sudoers.5 +#usr/share/man/man5/sudoers_timestamp.5 #usr/share/man/man8/sudo.8 +#usr/share/man/man8/sudo_logsrvd.8 #usr/share/man/man8/sudo_plugin.8 +#usr/share/man/man8/sudo_sendlog.8 #usr/share/man/man8/sudoedit.8 #usr/share/man/man8/sudoreplay.8 #usr/share/man/man8/visudo.8 var/db/sudo +#var/db/sudo/lectured diff --git a/config/rootfiles/core/154/filelists/files b/config/rootfiles/cor= e/154/filelists/files index a30521c94..ec58127a2 100644 --- a/config/rootfiles/core/154/filelists/files +++ b/config/rootfiles/core/154/filelists/files @@ -5,6 +5,7 @@ etc/rc.d/init.d/functions etc/rc.d/init.d/sshd etc/rc.d/init.d/unbound etc/rc.d/init.d/wlanclient +lib/udev/network-hotplug-bridges opt/pakfire/lib/functions.sh srv/web/ipfire/cgi-bin/country.cgi srv/web/ipfire/cgi-bin/credits.cgi @@ -18,6 +19,7 @@ srv/web/ipfire/cgi-bin/pakfire.cgi srv/web/ipfire/cgi-bin/remote.cgi srv/web/ipfire/cgi-bin/services.cgi srv/web/ipfire/cgi-bin/wirelessclient.cgi +usr/local/bin/ipsec-interfaces usr/local/bin/sshctrl var/ipfire/extrahd/bin/extrahd.pl var/ipfire/general-functions.pl diff --git a/config/rootfiles/core/154/filelists/logrotate b/config/rootfiles= /core/154/filelists/logrotate new file mode 120000 index 000000000..bc192c05d --- /dev/null +++ b/config/rootfiles/core/154/filelists/logrotate @@ -0,0 +1 @@ +../../../common/logrotate \ No newline at end of file diff --git a/config/rootfiles/core/154/filelists/sudo b/config/rootfiles/core= /154/filelists/sudo new file mode 120000 index 000000000..0d3c45e04 --- /dev/null +++ b/config/rootfiles/core/154/filelists/sudo @@ -0,0 +1 @@ +../../../common/sudo \ No newline at end of file diff --git a/config/udev/network-hotplug-bridges b/config/udev/network-hotplu= g-bridges index 89470fec0..4fc11fb33 100644 --- a/config/udev/network-hotplug-bridges +++ b/config/udev/network-hotplug-bridges @@ -87,8 +87,8 @@ STP_PRIORITY=3D"$(get_value "${ZONE}_STP_PRIORITY")" case "${MODE}" in bridge) # We need to check if $STP_PRIORITY has a valid value if not set it - if [ -n "${STP_PRIORITY}" ]; then - STP_PRIORITY=3D16384; + if [ -z "${STP_PRIORITY}" ]; then + STP_PRIORITY=3D16384 fi =20 ADDRESS=3D"$(get_value "${ZONE}_MACADDR")" diff --git a/lfs/hostapd b/lfs/hostapd index 3cac20c8a..e6b92db3a 100644 --- a/lfs/hostapd +++ b/lfs/hostapd @@ -24,15 +24,15 @@ =20 include Config =20 -VER =3D 2.9 +VER =3D 581dfcc =20 THISAPP =3D hostapd-$(VER) DL_FILE =3D $(THISAPP).tar.gz DL_FROM =3D $(URL_IPFIRE) -DIR_APP =3D $(DIR_SRC)/$(THISAPP) +DIR_APP =3D $(DIR_SRC)/hostap-$(VER) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D hostapd -PAK_VER =3D 53 +PAK_VER =3D 54 =20 DEPS =3D =20 @@ -44,7 +44,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D f188fc53a495fe7af3b6d77d3c31dee8 +$(DL_FILE)_MD5 =3D eed922f2daabe16d74adf2b23455d8bd =20 install : $(TARGET) =20 @@ -83,7 +83,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) =20 cd $(DIR_APP)/hostapd && cp $(DIR_SRC)/config/hostapd/config ./.config cd $(DIR_APP)/hostapd && sed -e "s@/usr/local@/usr(a)g" -i Makefile - cd $(DIR_APP)/hostapd && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_APP)/hostapd && make $(MAKETUNING) cd $(DIR_APP)/hostapd && make install install -v -m 644 $(DIR_SRC)/config/backup/includes/hostapd /var/ipfire/bac= kup/addons/includes/hostapd # install initscript diff --git a/lfs/htop b/lfs/htop index 12622beec..0dfdf011f 100644 --- a/lfs/htop +++ b/lfs/htop @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 3.0.4 +VER =3D 3.0.5 =20 THISAPP =3D htop-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM =3D $(URL_IPFIRE) DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D htop -PAK_VER =3D 15 +PAK_VER =3D 16 =20 DEPS =3D =20 @@ -46,7 +46,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D d2ed5c2c060399319675874c44942838 +$(DL_FILE)_MD5 =3D 780b79322cfc576a762c2dadb5575d04 =20 install : $(TARGET) =20 diff --git a/lfs/logrotate b/lfs/logrotate index 45a0d47e2..cc6f07fa3 100644 --- a/lfs/logrotate +++ b/lfs/logrotate @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 3.17.0 +VER =3D 3.18.0 =20 THISAPP =3D logrotate-$(VER) DL_FILE =3D logrotate-$(VER).tar.gz @@ -42,7 +42,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 6bd4d3102ae9c86d37e46ca93bcffa66 +$(DL_FILE)_MD5 =3D f8ad01f87865cd7b80136eccf16ba4a1 =20 install : $(TARGET) =20 diff --git a/lfs/nano b/lfs/nano index 826bd82b3..a9fa2a1d9 100644 --- a/lfs/nano +++ b/lfs/nano @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 5.4 +VER =3D 5.5 =20 THISAPP =3D nano-$(VER) DL_FILE =3D $(THISAPP).tar.xz @@ -32,7 +32,7 @@ DL_FROM =3D $(URL_IPFIRE) DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D nano -PAK_VER =3D 34 +PAK_VER =3D 35 =20 DEPS =3D "" =20 @@ -44,7 +44,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 703d9b5317486c6f49918e27c435fbc9 +$(DL_FILE)_MD5 =3D 145bc1ae94e25bd4f9168b7c56fee984 =20 install : $(TARGET) =20 diff --git a/lfs/sudo b/lfs/sudo index 066a29fa0..feba249cd 100644 --- a/lfs/sudo +++ b/lfs/sudo @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 1.8.10p3 +VER =3D 1.9.5p1 =20 THISAPP =3D sudo-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D fcd8d0d9f9f0397d076ee901e242ed39 +$(DL_FILE)_MD5 =3D 145f6e69c116f82cf0377ccf459344eb =20 install : $(TARGET) =20 diff --git a/lfs/wpa_supplicant b/lfs/wpa_supplicant index 549cee152..c64b6aab4 100644 --- a/lfs/wpa_supplicant +++ b/lfs/wpa_supplicant @@ -24,14 +24,13 @@ =20 include Config =20 -VER =3D 2.9 +VER =3D 581dfcc =20 THISAPP =3D wpa_supplicant-$(VER) -DL_FILE =3D $(THISAPP).tar.gz +DL_FILE =3D hostapd-$(VER).tar.gz DL_FROM =3D $(URL_IPFIRE) -DIR_APP =3D $(DIR_SRC)/$(THISAPP) +DIR_APP =3D $(DIR_SRC)/hostap-$(VER) TARGET =3D $(DIR_INFO)/$(THISAPP) -PROG =3D wpa_supplicant =20 ############################################################################= ### # Top-level Rules @@ -41,7 +40,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 2d2958c782576dc9901092fbfecb4190 +$(DL_FILE)_MD5 =3D eed922f2daabe16d74adf2b23455d8bd =20 install : $(TARGET) =20 @@ -74,10 +73,10 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP)/wpa_supplicant && cp $(DIR_SRC)/config/wpa_supplicant/config = ./.config cd $(DIR_APP)/wpa_supplicant && sed -e "s/wpa_cli\ dynamic_eap_methods/wpa_= cli\ #dynamic_eap_methods/" -i Makefile cd $(DIR_APP)/wpa_supplicant && sed -e "s@/usr/local@/usr(a)g" -i Makefile - cd $(DIR_APP)/wpa_supplicant && make && make install + cd $(DIR_APP)/wpa_supplicant && make $(MAKETUNING) + cd $(DIR_APP)/wpa_supplicant && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/src/patches/hostapd/hostapd-2.9-noscan.patch b/src/patches/hosta= pd/hostapd-2.9-noscan.patch index c4df23029..638b76f84 100644 --- a/src/patches/hostapd/hostapd-2.9-noscan.patch +++ b/src/patches/hostapd/hostapd-2.9-noscan.patch @@ -1,10 +1,9 @@ -diff U3 hostapd/config_file.c hostapd/config_file.c ---- a/hostapd/config_file.c Wed Aug 7 15:25:25 2019 -+++ b/hostapd/config_file.c Fri Sep 20 17:36:33 2019 -@@ -3411,6 +3411,10 @@ +--- a/hostapd/config_file.c ++++ b/hostapd/config_file.c +@@ -3493,6 +3493,10 @@ static int hostapd_config_fill(struct ho + if (bss->ocv && !bss->ieee80211w) bss->ieee80211w =3D 1; #endif /* CONFIG_OCV */ - #ifdef CONFIG_IEEE80211N + } else if (os_strcmp(buf, "noscan") =3D=3D 0) { + conf->noscan =3D atoi(pos); + } else if (os_strcmp(buf, "ht_coex") =3D=3D 0) { @@ -12,10 +11,9 @@ diff U3 hostapd/config_file.c hostapd/config_file.c } else if (os_strcmp(buf, "ieee80211n") =3D=3D 0) { conf->ieee80211n =3D atoi(pos); } else if (os_strcmp(buf, "ht_capab") =3D=3D 0) { -diff U3 src/ap/ap_config.h src/ap/ap_config.h ---- a/src/ap/ap_config.h Wed Aug 7 15:25:25 2019 -+++ b/src/ap/ap_config.h Fri Sep 20 17:38:06 2019 -@@ -932,6 +932,8 @@ +--- a/src/ap/ap_config.h ++++ b/src/ap/ap_config.h +@@ -984,6 +984,8 @@ struct hostapd_config { =20 int ht_op_mode_fixed; u16 ht_capab; @@ -24,10 +22,9 @@ diff U3 src/ap/ap_config.h src/ap/ap_config.h int ieee80211n; int secondary_channel; int no_pri_sec_switch; -diff U3 src/ap/hw_features.c src/ap/hw_features.c ---- a/src/ap/hw_features.c Wed Aug 7 15:25:25 2019 -+++ b/src/ap/hw_features.c Fri Sep 20 17:39:02 2019 -@@ -477,7 +477,8 @@ +--- a/src/ap/hw_features.c ++++ b/src/ap/hw_features.c +@@ -500,7 +500,8 @@ static int ieee80211n_check_40mhz(struct int ret; =20 /* Check that HT40 is used and PRI / SEC switch is allowed */ @@ -37,10 +34,9 @@ diff U3 src/ap/hw_features.c src/ap/hw_features.c return 0; =20 hostapd_set_state(iface, HAPD_IFACE_HT_SCAN); -diff U3 src/ap/ieee802_11_ht.c src/ap/ieee802_11_ht.c ---- a/src/ap/ieee802_11_ht.c Wed Aug 7 15:25:25 2019 -+++ b/src/ap/ieee802_11_ht.c Fri Sep 20 17:41:24 2019 -@@ -252,6 +252,9 @@ +--- a/src/ap/ieee802_11_ht.c ++++ b/src/ap/ieee802_11_ht.c +@@ -230,6 +230,9 @@ void hostapd_2040_coex_action(struct hos return; } =20 @@ -50,13 +46,13 @@ diff U3 src/ap/ieee802_11_ht.c src/ap/ieee802_11_ht.c if (len < IEEE80211_HDRLEN + 2 + sizeof(*bc_ie)) { wpa_printf(MSG_DEBUG, "Ignore too short 20/40 BSS Coexistence Management frame"); -@@ -410,6 +413,9 @@ - void ht40_intolerant_add(struct hostapd_iface *iface, struct sta_info *sta) - { +@@ -390,6 +393,9 @@ void ht40_intolerant_add(struct hostapd_ if (iface->current_mode->mode !=3D HOSTAPD_MODE_IEEE80211G) -+ return; -+ -+ if (iface->conf->noscan || iface->conf->no_ht_coex) return; =20 ++ if (iface->conf->noscan || iface->conf->no_ht_coex) ++ return; ++ wpa_printf(MSG_INFO, "HT: Forty MHz Intolerant is set by STA " MACSTR + " in Association Request", MAC2STR(sta->addr)); +=20 diff --git a/src/scripts/ipsec-interfaces b/src/scripts/ipsec-interfaces index 2546f8927..f0983dbdc 100644 --- a/src/scripts/ipsec-interfaces +++ b/src/scripts/ipsec-interfaces @@ -228,6 +228,11 @@ main() { ip addr flush dev "${intf}" ip addr add "${interface_address}" dev "${intf}" =20 + # Disable IPsec policy lookup for VTI + if [ "${interface_mode}" =3D "vti" ]; then + sysctl -qw "net.ipv4.conf.${intf}.disable_policy=3D1" + fi + # Set MTU ip link set dev "${intf}" mtu "${interface_mtu}" =20 hooks/post-receive -- IPFire 2.x development tree --===============3551913744874383462==--