Fix typo in patch file suffix.
Signed-off-by: Wei-Ting Yang <williamatcg@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/20178
Signed-off-by: Robert Marko <robimarko@gmail.com>
Removed upstreamed patch: 0001-Don-t-keep-the-store-open-in-by_store_ctrl_ex.patch
Release notes:
This is a bug fix release.
This release incorporates the following bug fixes and mitigations:
Added FIPS 140-3 PCT on DH key generation.
Fixed the synthesised OPENSSL_VERSION_NUMBER.
Build system: x86/64
Build-tested: x86/64-glibc
Run-tested: x86/64-glibc
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/20133
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The version of libxml2 was bumped from 2.13.6 to 2.14.5. Since version
2.14, libxml2 is not binary compatible with older versions. Therefore
add an abi version.
From the NEWS file:
Binary compatibility is restricted to versions 2.14 or newer. On ELF
systems, the soname was bumped from libxml2.so.2 to libxml2.so.16.
Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
Link: https://github.com/openwrt/openwrt/pull/19983
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
gettext-full only provides libintl which is not licensed under
GPL-3.0.-or-later but under LGPL-2.1-or-later as stated in
gettext-runtime/intl/COPYING.LIB
Fixes: c10d97484a (Add more license tags with SPDX identifiers)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19943
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
elfutils libraries are not licensed under GPL-3.0-or-later, they are dual
licensed: GPL-2.0-or-later OR LGPL-3.0-or-later as clearly stated in
source files as well as on https://sourceware.org/elfutils:
The libraries and backends are dual GPLv2+/LGPLv3+. The utilities are GPLv3+.
Fixes: b98fb76646 (elfutils: import package from packages.git)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19941
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6e4ffe2c6657 ucode: add function for getting the number of entries in a snapshot
a62edd89255b ucode: add support for fetching kernel tracepoint events
edeb4d6dc690 udebug-cli: add support for streaming tracing data
Signed-off-by: Felix Fietkau <nbd@nbd.name>
3d953628bf17 udebugd: add support for setting an override config
93f6df0240e5 udebug-cli: add support for overriding config on the command line
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Running the bootstrap script autogen.sh
handles the execution of autotools already,
so calling autoreconf before configure
makes this happen twice, which is unnecessary
and can lead to an occasional build problem.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/19748
Signed-off-by: Robert Marko <robimarko@gmail.com>
Currently, the build system overrides the value of the CC variable
for actual compilation after configuring for target builds.
However, the configure script now modifies the CC variable
to include "-std=gnu23" when the test for C23 features is successful.
The configure script also tests for the ability to use alignof
without including the stdalign.h header, and only includes it if necessary.
The test in the configure script is being done with the C23 standard option
but the compilation is being done without the C23 standard option,
leading to an unusual build error where alignof() is not defined.
Resolving the conflict between the autoconf macros and the build system
causes several other packages to fail, so instead in the meantime,
force the use of C23 standard to compile as part of the new standard
includes alignof as a keyword to deprecate the stdalign.h macro.
Forcing use of the new standard is safe for target builds
as the toolchain is known to support the option
and is always within our scope of version control.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/19748
Signed-off-by: Robert Marko <robimarko@gmail.com>
OpenSSL 3.5.2 is a bug fix release:
This release incorporates the following bug fixes and mitigations:
Miscellaneous minor bug fixes.
The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
This is mandated by FIPS 140-3 IG 10.3.A additional comment 1.
Build system: x86/64
Build-tested: x86/64-glibc
Run-tested: x86/64-glibc (Intel N150 based box)
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/19725
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This enables software that requires this cipher suite (e.g. OpenThread Border
Router) to be compiled against the shared library rather than a separate copy.
Signed-off-by: Karsten Sperling <ksperling@apple.com>
Link: https://github.com/openwrt/openwrt/pull/19489
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Update to a newer bugfix release of gettext.
Include gnulib-l10n as a new dependency.
All patches are automatically refreshed.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/16522
Signed-off-by: Robert Marko <robimarko@gmail.com>
This package is a supplement for part of gettext
that uses gnulib sources, and includes the localizations
for messages specifically in gnulib files.
This is being added as a separate package
instead of a build target of gnulib
because that method of acquiring the localizations
requires the use of gettext and would be a reverse dependency.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/16522
Signed-off-by: Robert Marko <robimarko@gmail.com>
Fallback to default mbedtls configurations in case of the package is
not configured. It is possible for some reasons it get built even if
it's unselected because of build system bugs or other build-only
dependencies. In this case current behavior will comment out all
necessary configurations and lead build errors.
Fixes: 5359639c2b ("mbedtls: Apply configuration in Configure instead of Prepare")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/19495
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5d10084ea885 lib-ucode.c: add #define _GNU_SOURCE
a95364b41d52 udebug-cli: fix terminating uloop
c00eb9b685a8 ucode: use FILE handle for pcap output
4265167cb6e8 ucode: add error reporting to pcap_write
4a908ee731a6 udebug-cli: stop event loop on write failure
6e04f4187231 ucode: use ucv_resource_create_ex for remote rings
c297f04e1852 ucode: drop use ucv_resource_create
f207d37a1055 ucode: add support for specifying ring format
98683a94bcdd ucode: support appending array data, similar to socket.send()
a7ecd483ed38 ucode: allow calling udebug.init() multiple times
d4a4c788c416 ucode: fix allocation size of local ring meta
184706abaf50 ucode: add timestamp argument to foreach()
8442c948c193 ucode: add function for getting ring information
f4958a4c591a ucode: add const entries for enum udebug_format
14d4fec36993 udebug-cli: add logstream command
6ed8536142bb ucode: fix entries/size confusion
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This ensures mbedtls_config.h is correctly updated and the package rebuilt
accordingly when configuration options are changed after the source is first
prepared.
Signed-off-by: Karsten Sperling <ksperling@apple.com>
Link: https://github.com/openwrt/openwrt/pull/19358
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
glibc 2.39 has removed libcrypt completely.
solution: link against libxcrypt built with glibc compatibility.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19293
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Update to 6.5.
Removed patch from pre-2012: 101-ncurses-5.6-20080628-kbs.patch
Build system: x86/64
Build-tested: x86/64-glibc
Run-tested: x86/64-glibc
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/19335
Signed-off-by: Robert Marko <robimarko@gmail.com>
Without the newly introduced flag, building with libc ends in errors such the below.
There is an upstream fix[1], but backporting it is not straight forward.
/scratch/union/staging_dir/toolchain-x86_64_gcc-15.1.0_glibc/x86_64-openwrt-linux-gnu/include/c++/15.1.0/cstddef:81:21: error: redefinition of 'struct std::__byte_operand<unsigned char>'
81 | template<> struct __byte_operand<unsigned char> { using __type = byte; };
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/scratch/union/staging_dir/toolchain-x86_64_gcc-15.1.0_glibc/x86_64-openwrt-linux-gnu/include/c++/15.1.0/cstddef:78:21: note: previous definition of 'struct std::__byte_operand<unsigned char>'
78 | template<> struct __byte_operand<bool> { using __type = byte; };
| ^~~~~~~~~~~~~~~~~~~~
make[4]: *** [Makefile:438: ../obj_s/cursesp.o] Error 1
1. https://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=394a1a6cf317912584592e33184ef550e738a4b9
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/19335
Signed-off-by: Robert Marko <robimarko@gmail.com>
Split the xcrypt package build into two Makefiles and a common part for
the version definition in order to work-around build problems when
combining VARIANT with BUILDONLY and scoped InstallDev.
This is done in order to skip build of libcrypt-compat in case we are
not building against glibc in order to prevent libcrypt.so shared
library being present in staging_dir and by that breaking multiple
packages which then will link against it.
Fixes: e3cf7088f1 ("libcrypt-compat: introduce package")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Link: https://github.com/openwrt/openwrt/pull/19353
Signed-off-by: Robert Marko <robimarko@gmail.com>
Updates libnetfilter-conntrack to version 1.1.0.
Removes patches which should no longer be needed according to changelog for
libnetfilter-conntrack 1.1.0
Signed-off-by: Ian Ladd <ianwladd@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19282
Signed-off-by: Robert Marko <robimarko@gmail.com>
Automatically rebased: 100-Configure-afalg-support.patch
Changes between 3.5.0 and 3.5.1:
Fix x509 application adds trusted use instead of rejected use.
Issue summary: Use of -addreject option with the openssl x509 application
adds a trusted use instead of a rejected use for a certificate.
Impact summary: If a user intends to make a trusted certificate rejected
for a particular use it will be instead marked as trusted for that use.
(CVE-2025-4575)
Aligned the behaviour of TLS and DTLS in the event of a no_renegotiation
alert being received. Older versions of OpenSSL failed with DTLS if a
no_renegotiation alert was received. All versions of OpenSSL do this for TLS.
From 3.2 a bug was exposed that meant that DTLS ignored no_rengotiation.
We have now restored the original behaviour and brought DTLS back into line
with TLS.
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/19283
Signed-off-by: Robert Marko <robimarko@gmail.com>
glibc 2.39 has removed libcrypt completely.
solution: build libxcrypt with glibc compatibility.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19160
Signed-off-by: Robert Marko <robimarko@gmail.com>
Apply same patches to gmp on the host side to fix GCC 15 build errors.
31800db91d
Signed-off-by: John Audia <therealgraysky@proton.me>
Link: https://github.com/openwrt/openwrt/pull/18992
Signed-off-by: Robert Marko <robimarko@gmail.com>
Disable -Wunterminated-string-initialization for now.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/18600
Signed-off-by: Robert Marko <robimarko@gmail.com>
This release includes several fixes, most notable are
"-Wunterminated-string-initialization" fixes for upcoming GCC 15.x
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19011
Signed-off-by: Robert Marko <robimarko@gmail.com>
Import libxcrypt from the packages feed to the main OpenWrt repo,
as glibc 2.41 doesn't provide libcrypt (since 2.39 release).
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/19011
Signed-off-by: Robert Marko <robimarko@gmail.com>
There is no practical value in keeping GCC11 around, as even OpenWrt 23.05
uses GCC12 as the default one, so drop it.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Changelog:
0379096 libtracefs: version 1.8.2
e2e0b4d sqlhist: Add bash completion for the sqlhist utility
78dd6d5 libtracefs: Add trace_sql.bash for tracefs_sql() bash completions
4f66bca libtracefs: Fix trace_sql() to handle buckets cast
6680dae libtracefs: Have tracefs_sql() cast handle stacktrace
4668195 libtracefs: Handle synthetic events with dynamic strings as fields
48a7752 libtracefs: Fix COMM for use as a field for tracefs_sqlhist()
a8d57d2 libtracefs: Fix mistaken update to TRACEFS_STACKTRACE macro
6e913f7 libtracefs: utest: Do not fail if uprobes are not supported by kernel
5db5cf5 libtracefs: Rerun bison and flex via make sqlhist_remake
1514530 libtracefs: Add make sqlhist_remake to run bison and flex
d49b6fa libtrace: Fix memory leak in tracefs_cpu
07cff64 libtracefs: Fix the read file failure code checking
457f02f trace-cmd: Unit test for tracefs_instance_file_append() API
a2bfb49 libtracefs: utest: Rename private functions to fix static building
65f629e libtracefs utest: Do not test more events than what the ring buffer can hold
05a5dc4 libtracefs utest: Fix min percent test
0a46992 libtracefs utest: Add test to check handling multiple dynamic events
bd47435 libtracefs: Destroy synthetic and eprobes before other events
78d8d2e libtracefs: Have tracefs_dynevent_get_all() find kprobes and uprobes properly
ef70c00 libtracefs .gitignore: Ignore utest/trace-utest in git
ff20336 libtracefs utest: Do not test kprobe interface if there's no kprobes
93d9049 libtracefs: Have tracefs_instance_tracers() return instance tracers
4cbebed libtracefs: Documentation: Add missing documentation to meson.build
Link: https://github.com/openwrt/openwrt/pull/18783
Signed-off-by: Nick Hainke <vincent@systemli.org>
libiconv 1.17 fails to compile with GCC15 when doing the host build,
luckily version 1.18 already contains the fixes required so update to it.
New in 1.18:
* Many more transliterations, in particular also of Emoji characters.
* The iconv_open function is now POSIX:2024 compliant: it recognizes a
suffix //NON_IDENTICAL_DISCARD in the 'tocode' argument, with the effect
that characters that cannot be represented in the target character set
will be silently discarded. Whereas the suffix //IGNORE in the 'tocode'
argument has the effect of discarding not only characters that cannot be
represented in the target character set, but also invalid multibyte
sequences in the input.
Accordingly, the iconvctl function accepts requests
ICONV_GET_DISCARD_INVALID, ICONV_SET_DISCARD_INVALID,
ICONV_GET_DISCARD_NON_IDENTICAL, ICONV_SET_DISCARD_NON_IDENTICAL.
* The iconv_open function and the iconv program now support multiple suffixes,
such as //TRANSLIT//IGNORE, not only one.
* GB18030 is now an alias for GB18030:2005. A new converter for GB18030:2022
is added. Since this encoding merely cleans up a few private-use-area
mappings, you can continue to use the GB18030 converter, for backward
compatibility. Its Unicode to GB18030 conversion direction has been
enhanced, to help transitioning away from PUA code points.
* When converting from/to an EBCDIC encoding, a non-standard way of
converting newlines can be requested
- at the C level, by calling iconvctl with argument ICONV_SET_FROM_SURFACE
or ICONV_SET_TO_SURFACE, or
- from the iconv program, by setting the environment variable
ICONV_EBCDIC_ZOS_UNIX to a non-empty value.
* Special support for z/OS: The iconv program adds a charset metadata tag to
its output file. (Contributed by Mike Fulton.)
* For conversions from UCS-2, UCS-4, UTF-16, UTF-32, invoking
iconv(cd,NULL,NULL,...) now preserves the byte order state.
Link: https://github.com/openwrt/openwrt/pull/18698
Signed-off-by: Robert Marko <robimarko@gmail.com>
