* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 2d7bc118d0222caebd06ce25c68b930f4e668e4d
@ 2025-11-23 15:27 Michael Tremer
0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2025-11-23 15:27 UTC (permalink / raw)
To: ipfire-scm
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 77681 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 2d7bc118d0222caebd06ce25c68b930f4e668e4d (commit)
via 2fc10855417831b7a51faf01c83f9436e32ff069 (commit)
via a05fdcf7d654e5b99dea4cbd8fde1407d6a01299 (commit)
via 2c4a1ed604044664a70f235d9aaa9cb68363278c (commit)
via 9953d4c1254615f6d80ac7497dabb2df8500ea5a (commit)
via e9fb498941ca734f1309a4cd25ec17d05b18b206 (commit)
via c1a85fac5a5661e0c2eaab868efa7820ef0b7672 (commit)
via f42a8d3e2952f5c2ad104cbd64890f24b74acdec (commit)
via df81ace361109f953e2ce1e46ada7f6d743ec1cc (commit)
via 0b49b2fa0468f8d65680e150afc7e7a964d3faf4 (commit)
via 4a2999cc9969b0e087f5e1e8dc90663ea70e7757 (commit)
via 79da30641d5e3ab9ec33f78e842da851b469def6 (commit)
via c8b8237a34f35e89203df549fd68af20b48de78d (commit)
via f181db761a25366905df5e402057b280e61450f3 (commit)
via 073a159822b404f8ccd331115ce753646198b803 (commit)
via 08c93c3dd9328574694f3e985783330b3ef7b0b0 (commit)
via 03390e241bd0aa7b2cd6f9f0945688d5f1d5a1db (commit)
from 65b5aa5d46a6c95933c321273fd2239f3e9e872c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2d7bc118d0222caebd06ce25c68b930f4e668e4d
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Sun Nov 23 15:25:11 2025 +0000
Run ./make.sh update-contributors
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 2fc10855417831b7a51faf01c83f9436e32ff069
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Sun Nov 23 15:24:44 2025 +0000
doc: Run ./make.sh lang
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit a05fdcf7d654e5b99dea4cbd8fde1407d6a01299
Author: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Sat Nov 15 11:09:22 2025 +0100
lldp: Add translations for invlid description input
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 2c4a1ed604044664a70f235d9aaa9cb68363278c
Author: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Sat Nov 15 11:07:58 2025 +0100
lldp.cgi: Show discovered peers in alphabetical order
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 9953d4c1254615f6d80ac7497dabb2df8500ea5a
Author: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Sat Nov 15 11:07:57 2025 +0100
lldp.cgi: Call binary for peers and do json stuff only if the service is enabled
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit e9fb498941ca734f1309a4cd25ec17d05b18b206
Author: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Sat Nov 15 11:07:56 2025 +0100
lldp.cgi: Add mission validation for description field
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit c1a85fac5a5661e0c2eaab868efa7820ef0b7672
Author: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Tue Nov 11 21:01:23 2025 +0100
lldpd: Set green address as management address
At default the first available IP address (which heavily depends on your
and your ISP assigned addresses) will be used as management address.
This patch changes this behaviour to set the address of the green zone
as management address and broadcast it.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit f42a8d3e2952f5c2ad104cbd64890f24b74acdec
Author: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Tue Nov 11 21:01:22 2025 +0100
lldpd: Enable support for cisco discovery protocol
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit df81ace361109f953e2ce1e46ada7f6d743ec1cc
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Sun Nov 23 15:21:43 2025 +0000
core199: Ship cURL
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 0b49b2fa0468f8d65680e150afc7e7a964d3faf4
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Tue Nov 11 13:02:59 2025 +0100
curl: Update to version 8.17.0
- Update from version 8.16.0 to 8.17.0
- Update of rootfile
- Changelog
8.17.0
Changes:
build: drop Heimdal support
build: drop the winbuild build system
krb5: drop support for Kerberos FTP
libssh2: up the minimum requirement to 1.9.0
multi: add notifications API
progress: expand to use 6 characters per size
ssl: support Apple SecTrust configurations
tool_getparam: add --knownhosts
vssh: drop support for wolfSSH
wcurl: import v2025.11.04
write-out: make %header{} able to output *all* occurrences of a header
Bugfixes:
ares: fix leak in tracing
asyn-ares: remove wrong comment about the callback argument
asyn-ares: use the duped hostname pointer for all calls
asyn-thrdd resolver: clear timeout when done
asyn-thrdd: drop pthread_cancel
autotools: add support for libgsasl auto-detection via pkg-config
autotools: capitalize Rustls in the log output
autotools: drop detection of ancient OpenSSL libs RSAglue and rsaref
autotools: fix duplicate UNIX and BSD flags in buildinfo.txt
autotools: fix silly mistake in clang detection for buildinfo.txt
autotools: make --enable-code-coverage support llvm/clang
autotools: merge `if`s in GnuTLS/OpenSSL feature detection
aws-lc: re-enable large read-ahead with v1.61.0 again
base64: accept zero length argument to base64_encode
build: address some -Weverything warnings, update picky warnings
build: avoid overriding system open and stat symbols
build: avoid overriding system symbols for fopen functions
build: avoid overriding system symbols for socket functions
build: show llvm/clang in platform flags and buildinfo.txt
c-ares: when resolving failed, persist error
cf-h2-proxy: break loop on edge case
cf-ip-happy: mention unix domain path, not port number
cf-socket: always check Curl_cf_socket_peek() return code
cf-socket: check params and remove accept procondition
cf-socket: make set_local_ip void, and remove failf()
cf-socket: set FD_CLOEXEC on all sockets opened
cf-socket: tweak a memcpy() to read better
cf-socket: use the right byte order for ports in bindlocal
cfilter: unlink and discard
cfilters: check return code from Curl_pollset_set_out_only()
checksrc: allow disabling warnings on FIXME/TODO comments
checksrc: catch banned functions when preceded by (
checksrc: fix possible endless loop when detecting BANNEDFUNC
checksrc: fix possible endless loops in the banned function logic
checksrc: fix to handle ) predecing a banned function
checksrc: reduce directory-specific exceptions
CI.md: refresh
cmake/FindGSS: dedupe pkg-config module strings
cmake/FindGSS: drop wrong header check for GNU GSS
cmake/FindGSS: fix pkg-config fallback logic for CMake <3.16
cmake/FindGSS: simplify/de-dupe lib setup
cmake/FindGSS: whitespace/formatting
cmake: add and use local FindGnuTLS module
cmake: add CURL_CODE_COVERAGE option
cmake: build the "all" examples source list dynamically
cmake: clang detection tidy-ups
cmake: drop exclamation in comment looking like a name
cmake: fix `HAVE_GNUTLS_SRP` detection after adding local FindGnuTLS module
cmake: fix building docs when the base directory contains .3
cmake: fix Linux pre-fill `HAVE_POSIX_STRERROR_R` (when `_CURL_PREFILL=ON`)
cmake: fix Linux pre-fills for non-glibc (when `_CURL_PREFILL=ON`)
cmake: minor Heimdal flavour detection fix
cmake: pre-fill three more type sizes on Windows
cmake: say 'absolute path' in option descriptions and docs
cmake: support building some complicated examples, build them in CI
cmake: use modern alternatives for get_filename_component()
cmake: use more COMPILER_OPTIONS, LINK_OPTIONS / LINK_FLAGS
cmdline-docs: extended, clarified, refreshed
cmdline-opts/_PROGRESS.md: explain the suffixes
configure: add "-mt" for pthread support on HP-UX
conn: fix hostname move on connection reuse
conncache: prevent integer overflow in maxconnects calculation
connect: for CONNECT_ONLY, CURLOPT_TIMEOUT does not apply
connect: remove redundant condition in shutdown start
cookie: avoid saving a cookie file if no transfer was done
cookie: only count accepted cookies in Curl_cookie_add
cookie: remove the temporary file on (all) errors
cpool: make bundle->dest an array; fix UB
curl.h: remove incorrect comment about CURLOPT_PINNEDPUBLICKEY
curl_easy_getinfo: error code on NULL arg
curl_easy_setopt.md: add missing CURLOPT_POSTFIELDS
curl_mem_undef.h: limit to CURLDEBUG for non-memalloc overrides
curl_ngtcp2: fix `-Wunreachable-code` with H3 !verbose !unity clang
curl_osslq: error out properly if BIO_ADDR_rawmake() fails
curl_path: make sure just whitespace is illegal
Curl_resolv: fix comment. 'entry' argument is not optional
curl_slist_append.md: clarify that a NULL pointer is not acceptable
curl_threads: delete WinCE fallback branch
CURLINFO_FTP_ENTRY_PATH.md: this is for SFTP as well
CURLOPT_COOKIEFILE.md: clarify when the cookies are loaded
CURLOPT_COPYPOSTFIELDS.md: used with MQTT and RTSP as well
CURLOPT_HEADER/WRITEFUNCTION.md: drop '* size' since size is always 1
CURLOPT_MAXLIFETIME_CONN: make default 24 hours
CURLOPT_POSTFIELDSIZE*: these also work for MQTT and RTSP
CURLOPT_SERVER_RESPONSE_TIMEOUT*: add default and see-also
CURLOPT_SSL_VERIFYHOST.md: add see-also to two other VERIFYHOST options
CURLOPT_TIMECONDITION.md: works for FILE and FTP as well
cw-out: fix EAGAIN handling on pause
cw-out: unify the error handling pattern in cw_out_do_write
digest_sspi: fix two memory leaks in error branches
dist: do not distribute CI.md
docs/cmdline-opts: drop double quotes from GLOBBING and URL examples
docs/libcurl: clarify some timeout option behavior
docs/libcurl: remove ancient version references
docs/libcurl: use lowercase must
docs: expand on quoting rules for file names in SFTP quote
docs: fix/tidy code fences
doh: cleanup resources on error paths
doswin: CloseHandle the thread on shutdown
easy_getinfo: check magic, Curl_close safety
ECH.md: make OpenSSL branch clone instructions work
examples/chkspeed: portable printing when outputting curl_off_t values
examples/http2-serverpush: fix file handle leaks
examples/sessioninfo: cast printf string mask length to int
examples/sessioninfo: do not disable security
examples/synctime: fix null termination assumptions
examples/synctime: make the sscanf not overflow the local buffer
examples/usercertinmem: avoid stripping const
examples/websocket: fix use of uninitialized rlen
examples: call curl_global_cleanup() where missing
examples: check more errors, fix cleanups, scope variables
examples: drop unused curl/mprintf.h includes
examples: fix build issues in 'complicated' examples
examples: fix more potential resource leaks, and more
examples: fix two build issues surfaced with WinCE
examples: fix two issues found by CodeQL
examples: fix two more cases of stat() TOCTOU
examples: improve global init, error checks and returning errors
examples: replace casts with `curl_off_t` printf masks
examples: return curl_easy_perform() results
firefox-db2pem.sh: add macOS support, tidy-ups
form.md: drop reference to MANUAL
ftp: add extra buffer length check
ftp: check errors on remote ip for data connection
ftp: fix ftp_do_more returning with *completep unset
ftp: fix port number range loop for PORT commands
ftp: fix the 213 scanner memchr buffer limit argument
ftp: improve fragile check for first digit > 3
ftp: reduce size of some struct fields
ftp: remove 'newhost' and 'newport' from the ftp_conn struct
ftp: remove misleading comments
ftp: remove the retr_size_saved struct field
ftp: remove the state_saved struct field
ftp: replace strstr() in ;type= handling
ftp: simplify the 150/126 size scanner
gnutls: check conversion of peer cert chain
gnutls: fix re-handshake comments
gssapi: make channel binding conditional on GSS_C_CHANNEL_BOUND_FLAG
gtls: avoid potential use of uninitialized variable in trace output
gtls: check the return value of gnutls_pubkey_init()
header.md: see-also --proxy-header and vice versa
hmac: free memory properly on errors
hostip: don't store negative resolves due unrelated errors
hostip: fix infof() output for non-ipv6 builds using IPv6 address
hostip: remove leftover INT_MAX check in Curl_dnscache_prune
http2: check push header names by length first
http2: cleanup pushed newhandle on fail
http2: ingress handling edge cases
HTTP3: clarify the status for "old" OpenSSL, not current
http: check the return value of strdup
http: fix `-Wunreachable-code` in !websockets !unity builds
http: fix `-Wunused-variable` in !alt-svc !proxy !ws builds
http: handle user-defined connection headers
http: look for trailing 'type=' in ftp:// without strstr
http: make Content-Length parser more WHATWG
http: only accept ';' as a separator for custom headers
http: return error for a second Location: header
http_aws_sigv4: check the return value of curl_maprintf()
http_proxy: fix adding custom proxy headers
httpsrr: free old pointers when storing new
httpsrr: send HTTPS query to the right target
imap: fix custom FETCH commands to handle literal responses
imap: parse and use UIDVALIDITY as a number
imap: treat capabilities case insensitively
INSTALL-CMAKE.md: add manual configuration examples
INSTALL-CMAKE.md: document useful build targets
INSTALL-CMAKE.md: fix descriptions for LDAP dependency options
INSTALL: update the list of known operating systems
INTERNALS: drop Winsock 2.2 from the dependency list
ip-happy: do not set unnecessary timeout
ip-happy: prevent event-based stall on retry
kerberos: bump minimum to 1.3 (2003-07-08), drop legacy logic
kerberos: drop logic for MIT Kerberos <1.2.3 (pre-2002) versions
kerberos: stop including gssapi/gssapi_generic.h
krb5: fix output_token allocators in the GSS debug stub (Windows)
krb5: return appropriate error on send failures
krb5_gssapi: fix memory leak on error path
krb5_sspi: the chlg argument is NOT optional
ldap: avoid null ptr deref on failure
ldap: do not base64 encode zero length string
ldap: do not pass a \n to failf()
ldap: tidy-up types, fix error code confusion
lib1514: fix return code mixup
lib: delete unused crypto header includes
lib: drop unused include and duplicate guards
lib: fix build error with verbose strings disabled
lib: remove newlines from failf() calls
lib: remove personal names from comments
lib: SSL connection reuse
lib: stop NULL-checking conn->passwd and ->user
lib: upgrade/multiplex handling
libcurl-multi.md: added curl_multi_get_offt mention
libcurl-security.md: mention long-running connections
libssh/libssh2: reject quote command lines with too much data
libssh/sftp: fix resume corruption by avoiding O_APPEND with rresume
libssh2/sftp: fix resume corruption by avoiding O_APPEND with rresume
libssh2/sftp_realpath: change state consistently
libssh2: avoid risking using an uninitialized local struct field
libssh2: bail out on chgrp and chown number parsing errors
libssh2: clarify that sshp->path is always at least one byte
libssh2: drop two redundant null-terminations
libssh2: error check and null-terminate in ssh_state_sftp_readdir_link()
libssh2: fix EAGAIN return in ssh_state_auth_agent
libssh2: fix return code for EAGAIN
libssh2: use sockindex consistently
libssh: acknowledge SSH_AGAIN in the SFTP state machine
libssh: catch a resume point larger than the size
libssh: clarify myssh_block2waitfor
libssh: drop two unused assignments
libssh: error on bad chgrp number
libssh: error on bad chown number and store the value
libssh: fix range parsing error handling mistake
libssh: make atime and mtime cap the timestamp instead of wrap
libssh: react on errors from ssh_scp_read
libssh: return out of memory correctly if aprintf fails
libssh: return the proper error for readdir problems
Makefile.example: bump default example from FTP to HTTPS
Makefile.example: fix option order
Makefile.example: make default options more likely to work
Makefile.example: simplify and make it configurable
managen: ignore version mentions < 7.66.0
managen: render better manpage references/links
managen: strict protocol check
managen: verify the options used in example lines
mbedtls: add support for 4.0.0
mbedtls: check result of setting ALPN
mbedtls: fix building with <3.6.1
mbedtls: fix building with sha-256 missing from PSA
mbedtls: handle WANT_WRITE from mbedtls_ssl_read()
md4: drop mbedtls implementation (not available in mbedtls v3+)
mdlinkcheck: reject URLs containing quotes
memdup0: handle edge case
mime: fix unpausing of readers
mime: fix use of fseek()
multi.h: add CURLMINFO_LASTENTRY
multi: check the return value of strdup()
multi_ev: remove unnecessary data check that confuses analysers
netrc: when the cached file is discarded, unmark it as loaded
nghttp3: return NGHTTP3_ERR_CALLBACK_FAILURE from recv_header
ngtcp2: add a comment explaining write result handling
ngtcp2: adopt ngtcp2_conn_get_stream_user_data if available
ngtcp2: check error code on connect failure
ngtcp2: close just-opened QUIC stream when submit_request fails
ngtcp2: compare idle timeout in ms to avoid overflow
ngtcp2: fix early return
ngtcp2: fix handling of blocked stream data
ngtcp2: fix returns when TLS verify failed
ngtcp2: overwrite rate-limits defaults
noproxy: fix the IPV6 network mask pattern match
NTLM: disable if DES support missing from OpenSSL or mbedTLS
ntlm: improved error path on bad incoming NTLM TYPE3 message
openldap/ldap; check for binary attribute case insensitively
openldap: avoid indexing the result at -1 for blank responses
openldap: check ber_sockbuf_add_io() return code
openldap: check ldap_get_option() return codes
openldap: do not pass newline to infof()
openldap: fix memory-leak in error path
openldap: fix memory-leak on oldap_do's exit path
openldap: limit max incoming size
openssl-quic: check results better
openssl-quic: handle error in SSL_get_stream_read_error_code
openssl-quic: ignore unexpected streams opened by server
openssl: better return code checks when logging cert data
openssl: call SSL_get_error() with proper error
openssl: check CURL_SSLVERSION_MAX_DEFAULT properly
openssl: clear retry flag on x509 error
openssl: combine all the x509-store flags
openssl: fail if more than MAX_ALLOWED_CERT_AMOUNT certs
openssl: fail the transfer if ossl_certchain() fails
openssl: fix build for v1.0.2
openssl: fix peer certificate leak in channel binding
openssl: fix resource leak in provider error path
openssl: fix unable do typo in failf() calls
openssl: free UI_METHOD on exit path
openssl: make the asn1_object_dump name null terminated
openssl: only try engine/provider if a cert file/name is provided
openssl: set io_need always
openssl: skip session resumption when verifystatus is set
os400: document threads handling in code.
OS400: fix a use-after-free/double-free case
osslq: set idle timeout to 0
pingpong: remove two old leftover debug infof() calls
pop3: check for CAPA responses case insensitively
pop3: fix CAPA response termination detection
pop3: function could get the ->transfer field wrong
pytest: skip specific tests for no-verbose builds
quic: fix min TLS version handling
quic: ignore EMSGSIZE on receive
quic: improve UDP GRO receives
quic: remove data_idle handling
quiche: fix possible leaks on teardown
quiche: fix verbose message when ip quadruple cannot be obtained.
quiche: handle tls fail correctly
quiche: when ingress processing fails, return that error code
rtsp: use explicit postfieldsize if specified
runtests: tag tests that require curl verbose strings
rustls: exit on error
rustls: fix clang-tidy warning
rustls: fix comment describing cr_recv()
rustls: limit snprintf proper in cr_keylog_log_cb()
rustls: make read_file_into not reject good files
rustls: pass the correct result to rustls_failf
rustls: typecast variable for safer trace output
rustls: use %zu for size_t in failf() format string
sasl: clear canceled mechanism instead of toggling it
schannel: assign result before using it
schannel: fix memory leak
schannel: handle Curl_conn_cf_send() errors better
schannel: lower the maximum allowed time to block to 7 seconds
schannel: properly close the certfile on error
schannel_verify: do not call infof with an appended \n
schannel_verify: fix mem-leak in Curl_verify_host
schannel_verify: use more human friendly error messages
scp/sftp: fix disconnect
scripts: pass -- before passing xargs
setopt: accept *_SSL_VERIFYHOST set to 2L
setopt: allow CURLOPT_DNS_CACHE_TIMEOUT set to -1
setopt: fix unused variable warning in minimal build
setopt: make CURLOPT_MAXREDIRS accept -1 (again)
singleuse.pl: fix string warning
smb: adjust buffer size checks
smb: transfer debugassert to real check
smtp: check EHLO responses case insensitively
smtp: fix EOB handling
smtp: return value ignored
socks: advance iobuf instead of reset
socks: avoid UAF risk in error path
socks: deny server basic-auth if not configured
socks: handle error in verbose trace gracefully
socks: handle premature close
socks: make Curl_blockread_all return CURLcode
socks: properly maintain the status of 'done'
socks: rewwork, cleaning up socks state handling
socks_gssapi: also reset buffer length after free
socks_gssapi: make the gss_context a local variable
socks_gssapi: reject too long tokens
socks_gssapi: remove superfluous releases of the gss_recv_token
socks_gssapi: remove the forced "no protection"
socks_gssapi: replace `gss_release_buffer()` with curl free
socks_sspi: bail out on too long fields
socks_sspi: fix memory cleanup calls
socks_sspi: remove the enforced mode clearing
socks_sspi: restore non-blocking socket on error paths
socks_sspi: use the correct free function
socksd: remove --bindonly mention, there is no such option
spelling: fix new finds by typos-cli 1.39.0
src/var: remove dead code
ssl-session-cache: check use on config and availability
ssl-sessions.md: mark option experimental
strerror: drop workaround for SalfordC win32 header bug
sws: fix checking sscanf() return value
sws: pass in socket reference to allow function to close it
tcp-nodelay.md: expand the documentation
telnet: ignore empty suboptions
telnet: make bad_option() consider NULL a bad option too
telnet: make printsub require another byte input
telnet: print DISPlay LOCation in printsub without mutating buffer
telnet: refuse IAC codes in content
telnet: return error if WSAEventSelect fails
telnet: return error on crazy TTYPE or XDISPLOC lengths
telnet: send failure logged but not returned
telnet: use pointer[0] for "unknown" option instead of pointer[i]
test1100: fix missing `<protocol>` section
tests/libtest/cli*: fix init/deinit, leaks, and more
tests/server: drop pointless memory allocation overrides
tests/server: drop unsafe open() override in signal handler (Windows)
tftp: check and act on tftp_set_timeouts() returning error
tftp: check for trailing ";mode=" in URL without strstr
tftp: default timeout per block is now 15 seconds
tftp: error requests for blank filenames
tftp: handle tftp_multi_statemach() return code
tftp: pin the first used address
tftp: propagate expired timer from tftp_state_timeout()
tftp: return error if it hits an illegal state
tftp: return error when sendto() fails
thread: errno on thread creation
tidy-up: assortment of small fixes
tidy-up: avoid using the reserved macro namespace
tidy-up: fcntl.h includes
tidy-up: update MS links, allow long URLs via checksrc
tidy-up: URLs
time-cond.md: refer to the singular curl_getdate man page
TLS: IP address verification, extend test
TODO: fix a typo
TODO: remove already implemented or bad items
tool: fix exponential retry delay
tool_cb_hdr: fix fwrite check in header callback
tool_cb_hdr: size is always 1
tool_cb_rea: use poll instead of select if available
tool_cfgable: remove superfluous free calls
tool_doswin: fix to use curl socket functions
tool_filetime: cap crazy file times instead of erroring
tool_filetime: replace cast with the fitting printf mask (Windows)
tool_formparse: rewrite the headers file parser
tool_getparam/set_rate: skip the multiplication on overflow
tool_getparam: always disable "lib-ids" for tracing
tool_getparam: make --fail and --fail-with-body override each other
tool_getparam: warn if provided header looks malformed
tool_ipfs: check the return value of curl_url_get for gwpath
tool_ipfs: simplify the ipfs gateway logic
tool_msgs: make errorf() show if --show-error
tool_operate: improve wording in retry message
tool_operate: keep failed partial download for retry auto-resume
tool_operate: keep the progress meter for --out-null
tool_operate: move the checks that skip ca cert detection
tool_operate: retry on HTTP response codes 522 and 524
tool_operate: return error on strdup() failure
tool_paramhlp: remove outdated comment in str2tls_max()
tool_parsecfg: detect and error on recursive --config use
tool_progress: handle possible integer overflows
tool_progress: make max5data() use an algorithm
transfer: avoid busy loop with tiny speed limit
transfer: fix retry for empty downloads on reuse
transfer: reset retry count on each request
unit1323: sync time types and printf masks, drop casts
unit1664: drop casts, expand masks to full values
url: make Curl_init_userdefined return void
urldata: FILE is not a list-only protocol
urldata: make 'retrycount' a single byte
urldata: make redirect counter 16 bit
vauth/digest: improve the digest parser
version: add GSS backend name and version
vquic: fix idle-timeout checks (ms<-->ns), 64-bit log & honor 0=no-timeout
vquic: fix recvmsg loop for max_pkts
vquic: handling of io improvements
vquic: sending non-gso packets fix for EAGAIN
vtls: alpn setting, check proto parameter
vtls: check final cfilter node in find_ssl_filter
vtls: drop duplicate `CURL_SHA256_DIGEST_LENGTH` definition
vtls: properly handle SSL shutdown timeout
vtls: remove call to PKCS12_PBE_add()
vtls: unify the error handling in ssl_cf_connect().
vtls_int.h: clarify data_pending
vtls_scache: fix race condition
wcurl: sync to +dev snapshot
windows: replace _beginthreadex() with CreateThread()
windows: stop passing unused, optional argument for Win9x compatibility
windows: use consistent format when showing error codes
windows: use native error code types more
wolfssl: check BIO read parameters
wolfssl: clear variable to avoid uninitialized use
wolfssl: fix error check in shutdown
wolfssl: fix resource leak in verify_pinned error paths
wolfssl: no double get_error() detail
ws: clarify an error message
ws: fix some edge cases
ws: fix type conversion check
ws: reject curl_ws_recv called with NULL buffer with a buflen
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 4a2999cc9969b0e087f5e1e8dc90663ea70e7757
Author: Matthias Fischer <matthias.fischer@ipfire.org>
Date: Fri Nov 21 17:39:59 2025 +0100
bind: Update ot 9.20.16
For details see:
https://downloads.isc.org/isc/bind9/9.20.16/doc/arm/html/notes.html#notes-for-bind-9-20-16
"Notes for BIND 9.20.16
Bug Fixes
Skip unsupported algorithms when looking for a signing key.
A mix of supported and unsupported DNSSEC algorithms in the same zone
could cause validation failures. Unsupported algorithms are now ignored
when looking for signing keys. [GL #5622]
Fix dnssec-keygen key collision checking for KEY RRtype keys.
The dnssec-keygen utility program failed to detect possible KEY ID
collisions with existing keys generated using the non-default -T KEY
option (e.g., for SIG(0)). This has been fixed. [GL #5506]
dnssec-verify now uses exit code 1 when failing due to illegal options.
Previously, dnssec-verify exited with code 0 if the options could not
be parsed. This has been fixed. [GL #5574]
Prevent assertion failures of dig when a server is specified before the -b option.
Previously, dig could exit with an assertion failure when a server was
specified before the dig -b option. This has been fixed. [GL #5609]
Skip buffer allocations if not logging.
Previously, we allocated a 2KB buffer for IXFR change logging,
regardless of the log level.
This results in a 28% speedup in some scenarios."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 79da30641d5e3ab9ec33f78e842da851b469def6
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Mon Nov 17 18:30:47 2025 +0100
fwhosts.cgi: Don't check Country Code when locationgrp initially created
- When a location group is initially created the Country Code variable is blank. This
causes an error message that the Country Code is invalid before any country code
has been selected. This was flagged up by a new forum member.
- This change only checks the Country Code variable for being valid if it is not blank
- If this is not the best way to fix this problem, feel free to modify or replace it.
- Tested as working on my vm testbed.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit c8b8237a34f35e89203df549fd68af20b48de78d
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Thu Nov 20 15:22:29 2025 +0100
tshark: Update to version 4.6.1
- Update from version 4.6.0 to 4.6.1
- Update of rootfile
- Changelog
4.6.1
Bug Fixes
wnpa-sec-2025-05 BPv7 dissector crash. Issue 20770.
wnpa-sec-2025-06 Kafka dissector crash. Issue 20823.
The following bugs have been fixed:
L2CAP dissector doesn’t understand retransmission mode. Issue 2241.
DNS HIP dissector labels PK algorithm as HIT length. Issue 20768.
clang-cl error in "packet-zbee-direct.c" Issue 20776.
Writing to an LZ4-compressed output file might fail. Issue 20779.
endian.h conflics with libc for building plugins. Issue 20786.
TShark crash caused by Lua plugin. Issue 20794.
Wireshark stalls for a few seconds when selecting specific messages.
Issue 20797.
TLS Abbreviated Handshake Using New Session Ticket. Issue 20802.
Custom websocket dissector does not run. Issue 20803.
WINREG QueryValue triggers dissector bug in packet-dcerpc.c. Issue 20813.
Lua: FileHandler causing crash when reading packets. Issue 20817.
Apply As Filter for field with FT_NONE and BASE_NONE for a single byte
does not use the hex value. Issue 20818.
Layout preference Pane 3 problem with selecting Packet Diagram or None.
Issue 20819.
TCP dissector creates invalid packet diagram. Issue 20820.
Too many nested VLAN tags when opening as File Format. Issue 20831.
Omnipeek files not working in 4.6.0. Issue 20842.
Support UTF-16 strings in the IsoBus dissector for the string operations.
Issue 20845.
SNMP getBulkRequest request-id does not get filtered for correctly.
Issue 20849.
Fuzz job issue: fuzz-2025-11-12-12064814316.pcap. Issue 20852.
UDP Port 853 (DoQ) should be decoded as QUIC. Issue 20856.
Updated Protocol Support
802.11 Radiotap, AC DR, ASN.1 BER, ASN.1 PER, BPv7, BT L2CAP, CFM,
Darwin, DNS, DTLS, EAPOL-MKA, HTTP, HTTP3, ISObus VT, KRB5, LTP,
NAS-EPS, NETDFS, NMEA 0183, P1, RPC_NETLOGON, RTSE, SGP.22, SGP.32,
SMB, SNMP, TCP, TECMP, TFTP, VLAN, WINREG, X509AF, X509SAT, and ZBD
New and Updated Capture File Support
Peektagged
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit f181db761a25366905df5e402057b280e61450f3
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Thu Nov 20 15:22:28 2025 +0100
c-ares: Update to version 1.34.5
- Update from version 1.34.3 to 1.34.5
- Update of rootfile
- Changelog
1.34.5
Security:
CVE-2025-31498. A use-after-free bug has been uncovered in read_answers()
that was introduced in v1.32.3. Please see CVE-2025-31498
Changes:
Restore Windows XP support. PR #958
Bugfixes:
A missing mutex initialization would make busy polling for configuration
changes (platforms other than Windows, Linux, MacOS) eat too much CPU
PR #974
Pkgconfig may be generated wrong for static builds in relation to -pthread
PR #965
Localhost resolution can fail if only one address family is in /etc/hosts
PR #947
1.34.4
Changes:
QNX Port: Port to QNX 8, add primary config reading support, add CI build.
PR #934, PR #937, PR #938
Bugfixes:
Empty TXT records were not being preserved. PR #922
docs: update deprecation notices for ares_create_query() and
ares_mkquery(). PR #910
license: some files weren’t properly updated. PR #920
Fix bind local device regression from 1.34.0. PR #929, PR #931, PR #935
CMake: set policy version to prevent deprecation warnings. PR #932
CMake: shared and static library names should be the same on unix
platforms like autotools uses. PR #933
Update to latest autoconf archive macros for enhanced system compatibility.
PR #936
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 073a159822b404f8ccd331115ce753646198b803
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Sun Nov 23 15:09:24 2025 +0000
installer: Load our own custom font again
This is required to show cyrillic and other non-latin character sets
correctly.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 08c93c3dd9328574694f3e985783330b3ef7b0b0
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Sat Nov 22 20:52:27 2025 +0100
btrfs-progs: Update to version 6.17.1
- Update from version 6.17 to 6.17.1
- No change in rootfile
- Changelog
6.17.1
* inspect list-chunks: more sorting keys, descending order
* fi resize: add support for offline (unmounted) growing of single device
* device stats: add support for offline (unmounted) reads
* quota status: new command, overview what mode is enabled, tunables
* fi commit-stats: new command, print various commit stats from sysfs (since
kernel 6.1)
* balance start: print warning and delay start if there's a missing device
in the filesystem
* mkfs:
* print zoned mode (native, emulated)
* check:
* verify device bytes in super block item and in chunk tree
* other
* updated CI, new and updated tests
* cleanups, refactoring
* documentation updates
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 03390e241bd0aa7b2cd6f9f0945688d5f1d5a1db
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Sat Nov 22 20:45:04 2025 +0100
openvpn: Update to version 2.6.16
- Update from version 2.6.15 to 2.6.16
- No change to rootfile
- Changelog
2.6.16
Security fixes:
CVE-2025-13086: Fix memcmp check for the hmac verification in the 3way
handshake. This bug renders the HMAC based protection against state
exhaustion on receiving spoofed TLS handshake packets in the OpenVPN
server inefficient.
Bug fixes:
fix invalid pointer creation in tls_pre_decrypt() - technically this is a
memory over-read issue, in practice, the compilers optimize it away so
no negative effects could be observed.
Windows: in the interactive service, fix the "undo DNS config" handling.
Windows: in the interactive service, disallow using of "stdin" for the
config file, unless the caller is authorized OpenVPN Administrator
Windows: in the interactive service, change all netsh calls to use
interface index and not interface name - sidesteps all possible attack
avenues with special characters in interface names.
Windows: in the interactive service, improve error handling in some
"unlikely to happen" paths.
auth plugin/script handling: properly check for errors in creation on
$auth_failed_reason_file (arf).
for incoming TCP connections, close-on-exec option was applied to the wrong
socket fd, leaking socket FDs to child processes.
sitnl: set close-on-exec flag on netlink socket
ssl_mbedtls: fix missing perf_pop() call (optional performance profiling)
Windows MSI changes since 2.6.15-I001:
Built against OpenSSL 3.6.0
Included openvpn-gui updated to 11.58.0.0
Check the return value of GetProp()
Make config path check similar to that in interactive service
Escape the type id of password message received from openvpn
Add a message source for event logging
Check correct management daemon path when OpenVPN3 is enabled
Fix OpenVPN3 radio button label size when OVPN3 is enabled
Use GetTempPath() for debug file in plap as well
Migrate all saved plain usernames to encrypted format
Included win-dco driver updated to 2.8.0
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/common/bind | 10 ++--
config/rootfiles/common/curl | 4 ++
.../{oldcore/104 => core/199}/filelists/curl | 0
config/rootfiles/packages/c-ares | 2 +-
config/rootfiles/packages/tshark | 8 +--
doc/language_issues.de | 1 +
doc/language_issues.en | 2 +-
doc/language_issues.es | 2 +
doc/language_issues.fr | 2 +
doc/language_issues.it | 2 +
doc/language_issues.nl | 2 +
doc/language_issues.pl | 2 +
doc/language_issues.ru | 2 +
doc/language_issues.tr | 2 +
doc/language_issues.tw | 2 +
doc/language_issues.zh | 2 +
doc/language_missings | 9 +++
html/cgi-bin/credits.cgi | 2 +-
html/cgi-bin/fwhosts.cgi | 6 +-
html/cgi-bin/lldp.cgi | 64 ++++++++++++++--------
langs/de/cgi-bin/de.pl | 1 +
langs/en/cgi-bin/en.pl | 1 +
lfs/bind | 4 +-
lfs/btrfs-progs | 4 +-
lfs/c-ares | 8 +--
lfs/curl | 4 +-
lfs/openvpn | 4 +-
lfs/tshark | 14 ++---
src/initscripts/system/lldpd | 15 ++++-
src/installer/dracut-module/run-installer.sh | 3 +
30 files changed, 128 insertions(+), 56 deletions(-)
copy config/rootfiles/{oldcore/104 => core/199}/filelists/curl (100%)
Difference in files:
diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind
index eff7149ca..90ce93c01 100644
--- a/config/rootfiles/common/bind
+++ b/config/rootfiles/common/bind
@@ -241,18 +241,18 @@ usr/bin/nsupdate
#usr/include/ns/types.h
#usr/include/ns/update.h
#usr/include/ns/xfrout.h
-usr/lib/libdns-9.20.15.so
+usr/lib/libdns-9.20.16.so
#usr/lib/libdns.la
#usr/lib/libdns.so
-usr/lib/libisc-9.20.15.so
+usr/lib/libisc-9.20.16.so
#usr/lib/libisc.la
#usr/lib/libisc.so
-usr/lib/libisccc-9.20.15.so
+usr/lib/libisccc-9.20.16.so
#usr/lib/libisccc.la
#usr/lib/libisccc.so
-usr/lib/libisccfg-9.20.15.so
+usr/lib/libisccfg-9.20.16.so
#usr/lib/libisccfg.la
#usr/lib/libisccfg.so
-usr/lib/libns-9.20.15.so
+usr/lib/libns-9.20.16.so
#usr/lib/libns.la
#usr/lib/libns.so
diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl
index 42ad12a98..9eb01f389 100644
--- a/config/rootfiles/common/curl
+++ b/config/rootfiles/common/curl
@@ -113,6 +113,8 @@ usr/lib/libcurl.so.4.8.0
#usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3
#usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3
#usr/share/man/man3/CURLMOPT_NETWORK_CHANGED.3
+#usr/share/man/man3/CURLMOPT_NOTIFYDATA.3
+#usr/share/man/man3/CURLMOPT_NOTIFYFUNCTION.3
#usr/share/man/man3/CURLMOPT_PIPELINING.3
#usr/share/man/man3/CURLMOPT_PIPELINING_SERVER_BL.3
#usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3
@@ -490,6 +492,8 @@ usr/lib/libcurl.so.4.8.0
#usr/share/man/man3/curl_multi_get_offt.3
#usr/share/man/man3/curl_multi_info_read.3
#usr/share/man/man3/curl_multi_init.3
+#usr/share/man/man3/curl_multi_notify_disable.3
+#usr/share/man/man3/curl_multi_notify_enable.3
#usr/share/man/man3/curl_multi_perform.3
#usr/share/man/man3/curl_multi_poll.3
#usr/share/man/man3/curl_multi_remove_handle.3
diff --git a/config/rootfiles/core/199/filelists/curl b/config/rootfiles/core/199/filelists/curl
new file mode 120000
index 000000000..4b84bef53
--- /dev/null
+++ b/config/rootfiles/core/199/filelists/curl
@@ -0,0 +1 @@
+../../../common/curl
\ No newline at end of file
diff --git a/config/rootfiles/packages/c-ares b/config/rootfiles/packages/c-ares
index 6fdaf3b18..38891e2b5 100644
--- a/config/rootfiles/packages/c-ares
+++ b/config/rootfiles/packages/c-ares
@@ -7,7 +7,7 @@
#usr/lib/libcares.la
#usr/lib/libcares.so
usr/lib/libcares.so.2
-usr/lib/libcares.so.2.19.2
+usr/lib/libcares.so.2.19.4
#usr/lib/pkgconfig/libcares.pc
#usr/share/man/man3/ares_cancel.3
#usr/share/man/man3/ares_create_query.3
diff --git a/config/rootfiles/packages/tshark b/config/rootfiles/packages/tshark
index bddb0bd2d..ec74f5030 100644
--- a/config/rootfiles/packages/tshark
+++ b/config/rootfiles/packages/tshark
@@ -11,10 +11,10 @@ usr/bin/dumpcap
usr/bin/tshark
#usr/lib/libwireshark.so
usr/lib/libwireshark.so.19
-usr/lib/libwireshark.so.19.0.0
+usr/lib/libwireshark.so.19.0.1
#usr/lib/libwiretap.so
usr/lib/libwiretap.so.16
-usr/lib/libwiretap.so.16.0.0
+usr/lib/libwiretap.so.16.0.1
#usr/lib/libwsutil.so
usr/lib/libwsutil.so.17
usr/lib/libwsutil.so.17.0.0
@@ -72,8 +72,8 @@ usr/libexec/wireshark/extcap/wifidump
#usr/share/doc/wireshark/randpktdump.html
#usr/share/doc/wireshark/rawshark.html
#usr/share/doc/wireshark/reordercap.html
-#usr/share/doc/wireshark/sshdig.html
#usr/share/doc/wireshark/sdjournal.html
+#usr/share/doc/wireshark/sshdig.html
#usr/share/doc/wireshark/sshdump.html
#usr/share/doc/wireshark/strato.html
#usr/share/doc/wireshark/stratoshark.html
@@ -98,8 +98,8 @@ usr/libexec/wireshark/extcap/wifidump
#usr/share/man/man1/randpktdump.1
#usr/share/man/man1/rawshark.1
#usr/share/man/man1/reordercap.1
-#usr/share/man/man1/sshdig.1
#usr/share/man/man1/sdjournal.1
+#usr/share/man/man1/sshdig.1
#usr/share/man/man1/sshdump.1
#usr/share/man/man1/strato.1
#usr/share/man/man1/stratoshark.1
diff --git a/doc/language_issues.de b/doc/language_issues.de
index 37be0c63c..fcadb5ace 100644
--- a/doc/language_issues.de
+++ b/doc/language_issues.de
@@ -102,6 +102,7 @@ WARNING: translation string unused: advproxy invalid num of children
WARNING: translation string unused: advproxy no clients defined
WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy squid version
+WARNING: translation string unused: advproxy squidclamav
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy suppress version
WARNING: translation string unused: advproxy throttle binary
diff --git a/doc/language_issues.en b/doc/language_issues.en
index b2250d8af..3292205f7 100644
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -270,7 +270,6 @@ WARNING: untranslated string: advproxy reset = Reset
WARNING: untranslated string: advproxy saturday = Sat
WARNING: untranslated string: advproxy save and restart = Save and Restart
WARNING: untranslated string: advproxy selectively announcements detection = Deny access to destinations hosted on selectively announced networks
-WARNING: untranslated string: advproxy squidclamav = SquidClamav
WARNING: untranslated string: advproxy ssl ports = Allowed SSL ports (one per line)
WARNING: untranslated string: advproxy standard = Standard
WARNING: untranslated string: advproxy standard ports = Allowed standard ports (one per line)
@@ -1237,6 +1236,7 @@ WARNING: untranslated string: legend = Legend
WARNING: untranslated string: lifetime = Lifetime:
WARNING: untranslated string: link-layer encapsulation = Link-Layer Encapsulation
WARNING: untranslated string: lldp = Link Layer Discovery Protocol
+WARNING: untranslated string: lldp invalid description = Invalid description. Allowed characters are A-Z, a-z, numbers, hypen and underscrores.
WARNING: untranslated string: lldp neighbors = Neighbors
WARNING: untranslated string: lldp there are no neighbors = There are currently no neighbors
WARNING: untranslated string: load average = Load Average
diff --git a/doc/language_issues.es b/doc/language_issues.es
index 48c69f189..75557dfb2 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -103,6 +103,7 @@ WARNING: translation string unused: advproxy invalid num of children
WARNING: translation string unused: advproxy no clients defined
WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy squid version
+WARNING: translation string unused: advproxy squidclamav
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy suppress version
WARNING: translation string unused: advproxy throttle binary
@@ -1075,6 +1076,7 @@ WARNING: untranslated string: ids send email on alert = Send email on alert
WARNING: untranslated string: indirect target selection = Indirect target selection
WARNING: untranslated string: info messages = unknown string
WARNING: untranslated string: lldp = Link Layer Discovery Protocol
+WARNING: untranslated string: lldp invalid description = Invalid description. Allowed characters are A-Z, a-z, numbers, hypen and underscrores.
WARNING: untranslated string: lldp neighbors = Neighbors
WARNING: untranslated string: lldp there are no neighbors = There are currently no neighbors
WARNING: untranslated string: mdstat = Mdstat
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index 28408469c..ad703d24a 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -106,6 +106,7 @@ WARNING: translation string unused: advproxy invalid num of children
WARNING: translation string unused: advproxy no clients defined
WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy squid version
+WARNING: translation string unused: advproxy squidclamav
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy suppress version
WARNING: translation string unused: advproxy throttle binary
@@ -1071,6 +1072,7 @@ WARNING: untranslated string: invalid network = Invalid Network
WARNING: untranslated string: ips throughput = Throughput
WARNING: untranslated string: last updated = Last Updated
WARNING: untranslated string: lldp = Link Layer Discovery Protocol
+WARNING: untranslated string: lldp invalid description = Invalid description. Allowed characters are A-Z, a-z, numbers, hypen and underscrores.
WARNING: untranslated string: lldp neighbors = Neighbors
WARNING: untranslated string: lldp there are no neighbors = There are currently no neighbors
WARNING: untranslated string: load average = Load Average
diff --git a/doc/language_issues.it b/doc/language_issues.it
index e1a71dea0..18ebfa257 100644
--- a/doc/language_issues.it
+++ b/doc/language_issues.it
@@ -76,6 +76,7 @@ WARNING: translation string unused: advproxy invalid num of children
WARNING: translation string unused: advproxy no clients defined
WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy squid version
+WARNING: translation string unused: advproxy squidclamav
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy suppress version
WARNING: translation string unused: advproxy throttle binary
@@ -1263,6 +1264,7 @@ WARNING: untranslated string: itlb multihit = iTLB MultiHit
WARNING: untranslated string: last updated = Last Updated
WARNING: untranslated string: link-layer encapsulation = Link-Layer Encapsulation
WARNING: untranslated string: lldp = Link Layer Discovery Protocol
+WARNING: untranslated string: lldp invalid description = Invalid description. Allowed characters are A-Z, a-z, numbers, hypen and underscrores.
WARNING: untranslated string: lldp neighbors = Neighbors
WARNING: untranslated string: lldp there are no neighbors = There are currently no neighbors
WARNING: untranslated string: load average = Load Average
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index 2a5f24b9d..169abfccb 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -76,6 +76,7 @@ WARNING: translation string unused: advproxy invalid num of children
WARNING: translation string unused: advproxy no clients defined
WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy squid version
+WARNING: translation string unused: advproxy squidclamav
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy suppress version
WARNING: translation string unused: advproxy throttle binary
@@ -1270,6 +1271,7 @@ WARNING: untranslated string: itlb multihit = iTLB MultiHit
WARNING: untranslated string: last updated = Last Updated
WARNING: untranslated string: link-layer encapsulation = Link-Layer Encapsulation
WARNING: untranslated string: lldp = Link Layer Discovery Protocol
+WARNING: untranslated string: lldp invalid description = Invalid description. Allowed characters are A-Z, a-z, numbers, hypen and underscrores.
WARNING: untranslated string: lldp neighbors = Neighbors
WARNING: untranslated string: lldp there are no neighbors = There are currently no neighbors
WARNING: untranslated string: load average = Load Average
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index 570f4a3d5..944774110 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -75,6 +75,7 @@ WARNING: translation string unused: advproxy invalid num of children
WARNING: translation string unused: advproxy no clients defined
WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy squid version
+WARNING: translation string unused: advproxy squidclamav
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy suppress version
WARNING: translation string unused: advproxy throttle binary
@@ -1399,6 +1400,7 @@ WARNING: untranslated string: least preferred = least preferred
WARNING: untranslated string: lifetime = Lifetime:
WARNING: untranslated string: link-layer encapsulation = Link-Layer Encapsulation
WARNING: untranslated string: lldp = Link Layer Discovery Protocol
+WARNING: untranslated string: lldp invalid description = Invalid description. Allowed characters are A-Z, a-z, numbers, hypen and underscrores.
WARNING: untranslated string: lldp neighbors = Neighbors
WARNING: untranslated string: lldp there are no neighbors = There are currently no neighbors
WARNING: untranslated string: load average = Load Average
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 272998de3..d2a4f57a5 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -75,6 +75,7 @@ WARNING: translation string unused: advproxy invalid num of children
WARNING: translation string unused: advproxy no clients defined
WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy squid version
+WARNING: translation string unused: advproxy squidclamav
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy suppress version
WARNING: translation string unused: advproxy throttle binary
@@ -1398,6 +1399,7 @@ WARNING: untranslated string: least preferred = least preferred
WARNING: untranslated string: lifetime = Lifetime:
WARNING: untranslated string: link-layer encapsulation = Link-Layer Encapsulation
WARNING: untranslated string: lldp = Link Layer Discovery Protocol
+WARNING: untranslated string: lldp invalid description = Invalid description. Allowed characters are A-Z, a-z, numbers, hypen and underscrores.
WARNING: untranslated string: lldp neighbors = Neighbors
WARNING: untranslated string: lldp there are no neighbors = There are currently no neighbors
WARNING: untranslated string: load average = Load Average
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 3b30c7d4c..fe2e0e527 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -98,6 +98,7 @@ WARNING: translation string unused: advproxy invalid num of children
WARNING: translation string unused: advproxy no clients defined
WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy squid version
+WARNING: translation string unused: advproxy squidclamav
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy suppress version
WARNING: translation string unused: advproxy throttle binary
@@ -1201,6 +1202,7 @@ WARNING: untranslated string: itlb multihit = iTLB MultiHit
WARNING: untranslated string: last updated = Last Updated
WARNING: untranslated string: link-layer encapsulation = Link-Layer Encapsulation
WARNING: untranslated string: lldp = Link Layer Discovery Protocol
+WARNING: untranslated string: lldp invalid description = Invalid description. Allowed characters are A-Z, a-z, numbers, hypen and underscrores.
WARNING: untranslated string: lldp neighbors = Neighbors
WARNING: untranslated string: lldp there are no neighbors = There are currently no neighbors
WARNING: untranslated string: load average = Load Average
diff --git a/doc/language_issues.tw b/doc/language_issues.tw
index 9fe0df551..4da8e6224 100644
--- a/doc/language_issues.tw
+++ b/doc/language_issues.tw
@@ -104,6 +104,7 @@ WARNING: translation string unused: advproxy invalid num of children
WARNING: translation string unused: advproxy no clients defined
WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy squid version
+WARNING: translation string unused: advproxy squidclamav
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy suppress version
WARNING: translation string unused: advproxy throttle binary
@@ -1083,6 +1084,7 @@ WARNING: untranslated string: ids send email on alert = Send email on alert
WARNING: untranslated string: indirect target selection = Indirect target selection
WARNING: untranslated string: info messages = unknown string
WARNING: untranslated string: lldp = Link Layer Discovery Protocol
+WARNING: untranslated string: lldp invalid description = Invalid description. Allowed characters are A-Z, a-z, numbers, hypen and underscrores.
WARNING: untranslated string: lldp neighbors = Neighbors
WARNING: untranslated string: lldp there are no neighbors = There are currently no neighbors
WARNING: untranslated string: max bandwidth = Maximum bandwidth
diff --git a/doc/language_issues.zh b/doc/language_issues.zh
index 9fe0df551..4da8e6224 100644
--- a/doc/language_issues.zh
+++ b/doc/language_issues.zh
@@ -104,6 +104,7 @@ WARNING: translation string unused: advproxy invalid num of children
WARNING: translation string unused: advproxy no clients defined
WARNING: translation string unused: advproxy redirector children
WARNING: translation string unused: advproxy squid version
+WARNING: translation string unused: advproxy squidclamav
WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy suppress version
WARNING: translation string unused: advproxy throttle binary
@@ -1083,6 +1084,7 @@ WARNING: untranslated string: ids send email on alert = Send email on alert
WARNING: untranslated string: indirect target selection = Indirect target selection
WARNING: untranslated string: info messages = unknown string
WARNING: untranslated string: lldp = Link Layer Discovery Protocol
+WARNING: untranslated string: lldp invalid description = Invalid description. Allowed characters are A-Z, a-z, numbers, hypen and underscrores.
WARNING: untranslated string: lldp neighbors = Neighbors
WARNING: untranslated string: lldp there are no neighbors = There are currently no neighbors
WARNING: untranslated string: max bandwidth = Maximum bandwidth
diff --git a/doc/language_missings b/doc/language_missings
index bb07f3fab..fa60126e7 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -180,6 +180,7 @@
< ids send email on alert
< indirect target selection
< lldp
+< lldp invalid description
< lldp neighbors
< lldp there are no neighbors
< mdstat
@@ -292,6 +293,7 @@
< ips throughput
< last updated
< lldp
+< lldp invalid description
< lldp neighbors
< lldp there are no neighbors
< load average
@@ -777,6 +779,7 @@
< legacy architecture warning
< link-layer encapsulation
< lldp
+< lldp invalid description
< lldp neighbors
< lldp there are no neighbors
< load average
@@ -1474,6 +1477,7 @@
< legacy architecture warning
< link-layer encapsulation
< lldp
+< lldp invalid description
< lldp neighbors
< lldp there are no neighbors
< load average
@@ -2481,6 +2485,7 @@
< lifetime
< link-layer encapsulation
< lldp
+< lldp invalid description
< lldp neighbors
< lldp there are no neighbors
< load average
@@ -3647,6 +3652,7 @@
< lifetime
< link-layer encapsulation
< lldp
+< lldp invalid description
< lldp neighbors
< lldp there are no neighbors
< load average
@@ -4388,6 +4394,7 @@
< legacy architecture warning
< link-layer encapsulation
< lldp
+< lldp invalid description
< lldp neighbors
< lldp there are no neighbors
< load average
@@ -4675,6 +4682,7 @@
< ids send email on alert
< indirect target selection
< lldp
+< lldp invalid description
< lldp neighbors
< lldp there are no neighbors
< max bandwidth
@@ -4774,6 +4782,7 @@
< ids send email on alert
< indirect target selection
< lldp
+< lldp invalid description
< lldp neighbors
< lldp there are no neighbors
< max bandwidth
diff --git a/html/cgi-bin/credits.cgi b/html/cgi-bin/credits.cgi
index b380aa268..e0c1b3d8b 100644
--- a/html/cgi-bin/credits.cgi
+++ b/html/cgi-bin/credits.cgi
@@ -93,6 +93,7 @@ Ersan Yildirim,
Jörn-Ingo Weigert,
Alexander Koch,
Wolfgang Apolinarski,
+Peer Dietzmann,
Alfred Haas,
Lars Schuhmacher,
Rene Zingel,
@@ -147,7 +148,6 @@ Nico Prenzel,
Oliver Fuhrer,
Osmar Gonzalez,
Paul T. Simmons,
-Peer Dietzmann,
Robert Möker,
Stefan Ernst,
Stefan Ferstl,
diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi
index 7820523c5..684b18794 100644
--- a/html/cgi-bin/fwhosts.cgi
+++ b/html/cgi-bin/fwhosts.cgi
@@ -703,8 +703,10 @@ if ($fwhostsettings{'ACTION'} eq 'savelocationgrp')
# Check name
if (!&validhostname($grp)){$errormessage.=$Lang::tr{'fwhost err name'};}
- unless (&General::validcc($fwhostsettings{'COUNTRY_CODE'})) {
- $errormessage = $Lang::tr{'fwhost invalid country code'};
+ if ($fwhostsettings{'COUNTRY_CODE'} ne ''){
+ unless (&General::validcc($fwhostsettings{'COUNTRY_CODE'})) {
+ $errormessage = $Lang::tr{'fwhost invalid country code'};
+ }
}
# Check for existing group name.
diff --git a/html/cgi-bin/lldp.cgi b/html/cgi-bin/lldp.cgi
index 755d3dc46..a1b1d4bf9 100644
--- a/html/cgi-bin/lldp.cgi
+++ b/html/cgi-bin/lldp.cgi
@@ -39,6 +39,9 @@ my @errormessages = ();
my %settings = ();
&General::readhash("${General::swroot}/lldp/settings", \%settings);
+# Hash which will contain any discovered peers.
+my %peerhash = ();
+
# Save on main page
if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) {
# Store whether enabled or not
@@ -46,8 +49,13 @@ if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) {
$settings{'ENABLED'} = $cgiparams{'ENABLED'};
}
- # XXX Validate the description
- $settings{"DESCRIPTION"} = $cgiparams{"DESCRIPTION"};
+ # Validate the description
+ if (($cgiparams{"DESCRIPTION"} eq "") || ($cgiparams{"DESCRIPTION"} =~ /^[A-Za-z0-9_\-]+$/)) {
+ $settings{"DESCRIPTION"} = $cgiparams{"DESCRIPTION"};
+ } else {
+ # Add error message about invalid characters in description.
+ push(@errormessages, "$Lang::tr{'lldp invalid description'}");
+ }
# Don't continue on error
goto MAIN if (scalar @errormessages);
@@ -81,6 +89,9 @@ MAIN:
"ENABLED" => ($settings{"ENABLED"} eq "on") ? "checked" : "",
);
+ # Description field, defaults to CGI input otherwise use configured description.
+ my $description = $cgiparams{'DESCRIPTION'} // $settings{'DESCRIPTION'};
+
print <<END;
<form method="POST" action="">
<table class="form">
@@ -94,7 +105,7 @@ MAIN:
<tr>
<td>$Lang::tr{'description'}</td>
<td>
- <input type="text" name="DESCRIPTION" value="$settings{'DESCRIPTION'}" />
+ <input type="text" name="DESCRIPTION" value="$description" />
</td>
</tr>
@@ -108,26 +119,34 @@ MAIN:
END
&Header::closebox();
- # Load data about all peers
- my @output = &General::system_output("lldpctl", "-f", "json0");
+ # Show a list with all peers if the service is enabled
+ if ($settings{"ENABLED"} eq "on") {
+ # Load data about all peers
+ my @output = &General::system_output("lldpctl", "-f", "json0");
- my $json;
+ my $json;
- # Parse the JSON output
- eval {
- $json = decode_json join("\n", @output);
- 1;
- } or do {
- $json = undef;
- };
+ # Parse the JSON output
+ eval {
+ $json = decode_json join("\n", @output);
+ 1;
+ } or do {
+ $json = undef;
+ };
- # Show a list with all peers if the service is enabled
- if ($settings{"ENABLED"} eq "on") {
&Header::opensection($Lang::tr{'lldp neighbors'});
# Fetch the interface object
my $interface = $json->{"lldp"}[0]->{"interface"};
+ # Loop through all detected peers and add their sent names as keys
+ # and their data as values to the peerhash.
+ foreach my $peer (@{ $interface}) {
+ my $name = &Header::escape($peer->{"chassis"}[0]->{"name"}[0]->{"value"});
+
+ $peerhash{$name} = $peer;
+ }
+
print <<END;
<table class='tbl'>
<tr>
@@ -157,16 +176,17 @@ END
</tr>
END
- foreach my $peer (@{ $interface }) {
- my $intf = $peer->{"name"};
- my $proto = $peer->{"via"};
+ # Sort the detected peers alphabetically and loop over them.
+ foreach my $peer (sort { $a cmp $b } keys %peerhash) {
+ my $intf = $peerhash{$peer}{"name"};
+ my $proto = $peerhash{$peer}{"via"};
my $name = "";
my $descr = "";
my $port_name = "";
my $vlan_id = "";
# Fetch the chassis
- foreach my $chassis (@{ $peer->{"chassis"} }) {
+ foreach my $chassis (@{ $peerhash{$peer}{"chassis"} }) {
$name = &Header::escape(
$chassis->{"name"}[0]->{"value"}
);;
@@ -179,12 +199,12 @@ END
}
# Fetch the port
- foreach my $port (@{ $peer->{"port"} }) {
+ foreach my $port (@{ $peerhash{$peer}{"port"} }) {
$port_name = $port->{"descr"}[0]->{"value"};
}
# Fetch the VLAN
- foreach my $vlan (@{ $peer->{"vlan"} }) {
+ foreach my $vlan (@{ $peerhash{$peer}{"vlan"} }) {
$vlan_id = $vlan->{"vlan-id"};
}
@@ -218,7 +238,7 @@ END
}
# Show a message if there are no neighbors
- unless (scalar @{ $interface }) {
+ unless (keys %peerhash) {
print <<END;
<tr>
<td colspan="6" style="text-align: center;">
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 132c04ff1..deca00171 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1640,6 +1640,7 @@
'line' => 'Leitung',
'linkq' => 'Antwortzeit',
'lldp' => 'Link-Layer-Discovery-Protokoll',
+'lldp invalid description' => 'Ungültige Beschreibung. Erlaubte Zeichen sind A-Z, a-Z, Zahlen, Bindestriche und Unterstriche.',
'lldp neighbors' => 'Nachbarn',
'lldp there are no neighbors' => 'Aktuell gibt es keine Nachbarn',
'load average' => 'Load Average',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 9cef3edd2..e5f10db74 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1706,6 +1706,7 @@
'link-layer encapsulation' => 'Link-Layer Encapsulation',
'linkq' => 'Link Quality',
'lldp' => 'Link Layer Discovery Protocol',
+'lldp invalid description' => 'Invalid description. Allowed characters are A-Z, a-z, numbers, hypen and underscrores.',
'lldp neighbors' => 'Neighbors',
'lldp there are no neighbors' => 'There are currently no neighbors',
'load average' => 'Load Average',
diff --git a/lfs/bind b/lfs/bind
index e5f8de750..fc86eb54a 100644
--- a/lfs/bind
+++ b/lfs/bind
@@ -25,7 +25,7 @@
include Config
-VER = 9.20.15
+VER = 9.20.16
THISAPP = bind-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = f272fc5e7a107b28cb71b55d2e87cfb2b215612c38289483044445f6c5ae57b0eb7003a368386122fb1fed551ac7be2e4e9bb34c2f8908e379e1aaf4e761c394
+$(DL_FILE)_BLAKE2 = 1a083efbd7a95df8c9c05966681be577cb119f1a75292cbf65a31cdf0fc7677a70834be4f8599984635b9ea09a909c1453b489e920e5f27502ab2b496aa278b0
install : $(TARGET)
diff --git a/lfs/btrfs-progs b/lfs/btrfs-progs
index d5b4fa812..34592b3e9 100644
--- a/lfs/btrfs-progs
+++ b/lfs/btrfs-progs
@@ -24,7 +24,7 @@
include Config
-VER = 6.17
+VER = 6.17.1
# https://mirrors.edge.kernel.org/pub/linux/kernel/people/kdave/btrfs-progs/
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 301409e4f0e17c25620070bab0aedc1e57ad672bc7b4e4c1f9db2cd34c6104667800df2979ff456554c94e415be649dd7b8f43859d6539f84a1c050c2db27dd4
+$(DL_FILE)_BLAKE2 = 6340fb5f87d3dcf9598785fbb00ccd2278e268c1b798a1013ede9d25fc8e2005376c2333c84befcf95ec9ae2b7e75562750a2bf8fbfc7bbf966d713e1feb5818
install : $(TARGET)
diff --git a/lfs/c-ares b/lfs/c-ares
index 0b29a6c1c..612fb54a7 100644
--- a/lfs/c-ares
+++ b/lfs/c-ares
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -26,7 +26,7 @@ include Config
SUMMARY = Tools for asynchronous name resolves
-VER = 1.34.3
+VER = 1.34.5
THISAPP = c-ares-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = c-ares
-PAK_VER = 4
+PAK_VER = 5
DEPS =
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = fb66f4c8ae4c2e03e8f75ee72259dbe83d7bed5e72a7936f785121c3d02267375f67c734bae7213ec48bac9277d48e3bed4225fd03ba69dacd120b97dcc3e421
+$(DL_FILE)_BLAKE2 = 5e8c262acf07cb387294170bba53618db1768436a3f7bf800eb31cf7b02ef8afc737122126c742424d4675f8c4944c730b8ba84028e6cee6bf65026cd2eeb56c
install : $(TARGET)
diff --git a/lfs/curl b/lfs/curl
index e999ed3e6..33f46881a 100644
--- a/lfs/curl
+++ b/lfs/curl
@@ -24,7 +24,7 @@
include Config
-VER = 8.16.0
+VER = 8.17.0
THISAPP = curl-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 573d56779481abf0b7d20225bba4f068cb726f23f69ce10076438e32cc6c16d1229c211aee05fc5e3e9cb9d78bbfdc5da0d8b73e730c0865879000eb90accf6a
+$(DL_FILE)_BLAKE2 = a7a804afe058f323b40177bcb4ffc523decde92da3da0a051f2dc1b566131250a96afe1ebf2bebc071993c893bddeef883ef33ddc0a9bee86d4e54402a546fba
install : $(TARGET)
diff --git a/lfs/openvpn b/lfs/openvpn
index 152e25f63..9252c44f8 100644
--- a/lfs/openvpn
+++ b/lfs/openvpn
@@ -24,7 +24,7 @@
include Config
-VER = 2.6.15
+VER = 2.6.16
THISAPP = openvpn-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = d77f8d67bffeb7cdd6fe9b3892add3b62001d7e01d5f9b0703f57a5a5a19c58a9dfb5e86b6ba1acad743c39af1d965b2180d6a5fabd32d40cddf4b13f3d91b46
+$(DL_FILE)_BLAKE2 = d4219d5974ecb0d73b865f436ed5a57874dee7295446a10d47354024564a25098ea2210f3356f3938fd24fb99c2310797bb70936ad5423eafad7cbacc94c71c5
install : $(TARGET)
diff --git a/lfs/tshark b/lfs/tshark
index f01063087..6d566504e 100644
--- a/lfs/tshark
+++ b/lfs/tshark
@@ -26,7 +26,7 @@ include Config
SUMMARY = A Network Traffic Analyser
-VER = 4.6.0
+VER = 4.6.1
THISAPP = wireshark-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -35,7 +35,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = tshark
DEPS = c-ares
-PAK_VER = 29
+PAK_VER = 30
SERVICES =
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = df4245158422dae95bb6a68d8093cf5d1456290f25a8b8f664e6f9bf7f70661fc881e100c48c616ca077621dbb0ff55a5b14c1e385e8b6d52a7dc2d7fd1acd0a
+$(DL_FILE)_BLAKE2 = 4ca4b482ec58003c78413e29b11d3b628c835ffc0a635150415a91d570952b958f80a3baf0da7fc952fd338697c06631d20dbb7a29a42a46a22bb1be32ab2265
install : $(TARGET)
@@ -82,10 +82,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar Jxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && mkdir build
cd $(DIR_APP)/build && cmake .. \
- -DBUILD_wireshark=OFF \
- -DCMAKE_INSTALL_PREFIX=/usr \
- -DCMAKE_BUILD_TYPE=Release \
- -DBUILD_mmdbresolve=OFF
+ -D BUILD_wireshark=OFF \
+ -D CMAKE_INSTALL_PREFIX=/usr \
+ -D CMAKE_BUILD_TYPE=Release \
+ -D BUILD_mmdbresolve=OFF
cd $(DIR_APP)/build && make $(MAKETUNING)
cd $(DIR_APP)/build && make install
@rm -rf $(DIR_APP)
diff --git a/src/initscripts/system/lldpd b/src/initscripts/system/lldpd
index 128115dbb..9b2cbcaf4 100755
--- a/src/initscripts/system/lldpd
+++ b/src/initscripts/system/lldpd
@@ -22,9 +22,14 @@
. /etc/sysconfig/rc
. ${rc_functions}
+LLDPDARGS=""
+
# Read the configuration
readhash CONFIG "/var/ipfire/lldp/settings"
+# Read-in network settings
+eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
+
generate_config() {
# Set the description (if given)
if [ -n "${CONFIG["DESCRIPTION"]}" ]; then
@@ -34,6 +39,9 @@ generate_config() {
return 0
}
+# Enable support for Cisco Discovery Protocol (CDP)
+LLDPDARGS+="-c"
+
case "${1}" in
start)
# Do nothing if the service is not enabled
@@ -48,8 +56,13 @@ case "${1}" in
exit 1
fi
+ # Set green address as management address if there is one.
+ if [ -n ${GREEN_ADDRESS} ]; then
+ LLDPDARGS+=" -m ${GREEN_ADDRESS}"
+ fi
+
boot_mesg "Starting Link-Layer Discovery Protocol Daemon..."
- loadproc /usr/sbin/lldpd
+ loadproc /usr/sbin/lldpd ${LLDPDARGS}
;;
stop)
diff --git a/src/installer/dracut-module/run-installer.sh b/src/installer/dracut-module/run-installer.sh
index c6af855f0..b23b3e71d 100644
--- a/src/installer/dracut-module/run-installer.sh
+++ b/src/installer/dracut-module/run-installer.sh
@@ -19,6 +19,9 @@ if [ -d "/sys/firmware/efi" ]; then
mount -t efivarfs efivarfs /sys/firmware/efi/efivars
fi
+# Load default console font
+setfont latarcyrheb-sun16
+
# Silence the kernel
echo >/proc/sys/kernel/printk "1 4 1 7"
echo -n -e "\033[9;0]"
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2025-11-23 15:27 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-11-23 15:27 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 2d7bc118d0222caebd06ce25c68b930f4e668e4d Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox