From a2cae1facdfb5084baf169ed17421255c6d6b552 Mon Sep 17 00:00:00 2001 From: Hannu Nyman Date: Mon, 18 Nov 2024 20:08:50 +0200 Subject: [PATCH 01/11] kafs-client: Make version apk compatible Adjust version to compatible with apk's semantic rules. Signed-off-by: Hannu Nyman --- net/kafs-client/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/kafs-client/Makefile b/net/kafs-client/Makefile index bef3e85f0e..ca10e62e7d 100644 --- a/net/kafs-client/Makefile +++ b/net/kafs-client/Makefile @@ -1,13 +1,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=kafs-client -PKG_VERSION:=0.5-9957339e +PKG_VERSION:=0.5~9957339e PKG_RELEASE:=2 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://gitlab.com/linux-afs/kafs-client.git PKG_SOURCE_VERSION:=99573359e25c1e31b84b23592ff72ae40c8756f5 -PKG_MIRROR_HASH:=69436e5e8760be7bf2fd50a316a6596ee910e3dfd888bdea8a2ee506a0a5c5f2 +PKG_MIRROR_HASH:=0accad975a25d9f3a7c55613c7cf172c021d3e31d4b86e79d35bf5a96463ec1f PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=LICENSE From 4b9453b9a4c865f5eb722761a1f7120d954a1b57 Mon Sep 17 00:00:00 2001 From: Martin Pecka Date: Sun, 7 Jan 2024 23:00:07 +0100 Subject: [PATCH 02/11] strongswan: Add support for send_cert option This option is required by some clients, e.g. iOS. Signed-off-by: Martin Pecka --- net/strongswan/files/swanctl.init | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/strongswan/files/swanctl.init b/net/strongswan/files/swanctl.init index 2469001595..b081f776f0 100644 --- a/net/strongswan/files/swanctl.init +++ b/net/strongswan/files/swanctl.init @@ -466,6 +466,7 @@ config_remote() { config_get ca_cert "$conf" ca_cert "" config_get rekeytime "$conf" rekeytime config_get overtime "$conf" overtime + config_get send_cert "$conf" send_cert config_list_foreach "$conf" local_sourceip append_var local_sourceip "," config_list_foreach "$conf" remote_ca_certs append_var remote_ca_certs "," @@ -560,6 +561,8 @@ config_remote() { ;; esac + [ -n "$send_cert" ] && swanctl_xappend2 "send_cert = $send_cert" + [ $mobike -eq 1 ] && swanctl_xappend2 "mobike = yes" || swanctl_xappend2 "mobike = no" if [ -n "$rekeytime" ]; then From 6b824ee7d71f6c4e001a8ec41aa47d97860c9fae Mon Sep 17 00:00:00 2001 From: Martin Pecka Date: Sun, 7 Jan 2024 23:23:57 +0100 Subject: [PATCH 03/11] strongswan: Fix pools to be only generated once Before this commit, if a user configures multiple remotes in UCI, each remote generates one output section of pools. This doesn't hurt because swanctl just merges all of them, but it is apparently not needed to have N copies of the same. This commit changes the behavior to only create one pools section at the end of the generated swanctl config. Signed-off-by: Martin Pecka Signed-off-by: Martin Pecka --- net/strongswan/files/swanctl.init | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/strongswan/files/swanctl.init b/net/strongswan/files/swanctl.init index b081f776f0..8a7e9a3ec5 100644 --- a/net/strongswan/files/swanctl.init +++ b/net/strongswan/files/swanctl.init @@ -610,10 +610,6 @@ config_remote() { fatal "AuthenticationMode $auth_mode not supported" fi - swanctl_xappend0 "pools {" - config_list_foreach "$conf" pools config_pool - swanctl_xappend0 "}" - swanctl_xappend0 "" } @@ -689,6 +685,10 @@ prepare_env() { config_load ipsec config_foreach config_ipsec ipsec config_foreach config_remote remote + + swanctl_xappend0 "pools {" + config_foreach config_pool pools + swanctl_xappend0 "}" do_postamble } From 88d1876f382f3fad99502679abb9914c429c7a7d Mon Sep 17 00:00:00 2001 From: Martin Pecka Date: Mon, 8 Jan 2024 01:24:07 +0100 Subject: [PATCH 04/11] strongswan: Add support for EAP-MSCHAPv2 authentication Support for EAP-MSCHAPv2 authentication scheme is added. Different from the previously supported schemes, this one is usually asymmetric in the way that server auth method (pubkey) is different from the client auth method (eap-mschapv2). The code handles this asymmetry automatically. A new UCI config section mschapv2_secrets is added where the user can specify the EAP identities and their passwords that are accepted by the server. AFAIK, there is no way to select which EAP IDs should be accepted by which remote, except setting `eap_id` to something different than `%any`. But `eap_id` does not support template matching, so either only a single identity or all can be configured for one remote. This is why the EAP identities are not subsections of remotes, but are a standalone section. Signed-off-by: Martin Pecka Signed-off-by: Martin Pecka --- net/strongswan/Makefile | 2 +- net/strongswan/files/swanctl.init | 35 +++++++++++++++++++++++++++++-- 2 files changed, 34 insertions(+), 3 deletions(-) diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile index 63525bfa05..d9869cc7d4 100644 --- a/net/strongswan/Makefile +++ b/net/strongswan/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=strongswan PKG_VERSION:=5.9.14 -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/ diff --git a/net/strongswan/files/swanctl.init b/net/strongswan/files/swanctl.init index 8a7e9a3ec5..7fc4a0d10b 100644 --- a/net/strongswan/files/swanctl.init +++ b/net/strongswan/files/swanctl.init @@ -421,6 +421,21 @@ config_pool() { swanctl_xappend1 "}" } +config_mschapv2_secret() { + local conf="$1" + + local id + local secret + + config_get id "$conf" id + config_get secret "$conf" secret + + swanctl_xappend1 "eap-${conf} {" + swanctl_xappend2 "id = $id" + swanctl_xappend2 "secret = $secret" + swanctl_xappend1 "}" +} + config_remote() { local conf="$1" @@ -445,6 +460,7 @@ config_remote() { local rekeytime local remote_ca_certs local pools + local eap_id config_get_bool enabled "$conf" enabled 0 [ $enabled -eq 0 ] && return @@ -467,6 +483,7 @@ config_remote() { config_get rekeytime "$conf" rekeytime config_get overtime "$conf" overtime config_get send_cert "$conf" send_cert + config_get eap_id "$conf" eap_id "%any" config_list_foreach "$conf" local_sourceip append_var local_sourceip "," config_list_foreach "$conf" remote_ca_certs append_var remote_ca_certs "," @@ -526,11 +543,14 @@ config_remote() { [ -n "$fragmentation" ] && swanctl_xappend2 "fragmentation = $fragmentation" [ -n "$pools" ] && swanctl_xappend2 "pools = $pools" + local local_auth_method="$auth_method" + [ "$auth_method" = "eap-mschapv2" ] && local_auth_method="pubkey" + swanctl_xappend2 "local {" - swanctl_xappend3 "auth = $auth_method" + swanctl_xappend3 "auth = $local_auth_method" [ -n "$local_identifier" ] && swanctl_xappend3 "id = \"$local_identifier\"" - [ "$auth_method" = pubkey ] && [ -n "$local_cert" ] && \ + [ "$local_auth_method" = pubkey ] && [ -n "$local_cert" ] && \ swanctl_xappend3 "certs = $local_cert" swanctl_xappend2 "}" @@ -538,6 +558,7 @@ config_remote() { swanctl_xappend3 "auth = $auth_method" [ -n "$remote_identifier" ] && swanctl_xappend3 "id = \"$remote_identifier\"" [ -n "$remote_ca_certs" ] && swanctl_xappend3 "cacerts = \"$remote_ca_certs\"" + [ "$auth_method" = eap-mschapv2 ] && swanctl_xappend3 "eap_id = $eap_id" swanctl_xappend2 "}" swanctl_xappend2 "children {" @@ -606,6 +627,9 @@ config_remote() { fi swanctl_xappend1 "}" swanctl_xappend0 "}" + elif [ "$auth_method" = eap-mschapv2 ]; then + # EAP-MSCHAPv2 secrets are handled in config_mschapv2_secrets globally + : # empty command else fatal "AuthenticationMode $auth_mode not supported" fi @@ -686,10 +710,17 @@ prepare_env() { config_foreach config_ipsec ipsec config_foreach config_remote remote + swanctl_xappend0 "# Global config" + swanctl_xappend0 "" + swanctl_xappend0 "pools {" config_foreach config_pool pools swanctl_xappend0 "}" + swanctl_xappend0 "secrets {" + config_foreach config_mschapv2_secret mschapv2_secrets + swanctl_xappend0 "}" + do_postamble } From 30db86cc9c0e5e0a9ec7b651f22515bf2c5e765d Mon Sep 17 00:00:00 2001 From: Ray Wang Date: Tue, 19 Nov 2024 22:04:59 +0800 Subject: [PATCH 05/11] hev-socks5-server: update to 2.6.9 Signed-off-by: Ray Wang --- net/hev-socks5-server/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/hev-socks5-server/Makefile b/net/hev-socks5-server/Makefile index 813e4ba15a..4f7c57bfef 100644 --- a/net/hev-socks5-server/Makefile +++ b/net/hev-socks5-server/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=hev-socks5-server -PKG_VERSION:=2.6.8 +PKG_VERSION:=2.6.9 PKG_RELEASE:=1 -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://github.com/heiher/hev-socks5-server/releases/download/$(PKG_VERSION) -PKG_HASH:=43fadd353767fdd6b750948289fdae855a473f9335fb5a4e42c5d362dc99d0a8 +PKG_HASH:=40b4c0df7d1982f56aecce0b51091111d81e08ee7def83920a23284fdaf91e84 PKG_MAINTAINER:=Ray Wang PKG_LICENSE:=MIT From a813c3a266baf64dce74dc7af490f6ad3cc5a7ce Mon Sep 17 00:00:00 2001 From: Ray Wang Date: Tue, 19 Nov 2024 22:08:59 +0800 Subject: [PATCH 06/11] hev-socks5-tproxy: update to 2.5.8 Signed-off-by: Ray Wang --- net/hev-socks5-tproxy/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/hev-socks5-tproxy/Makefile b/net/hev-socks5-tproxy/Makefile index 64a8242ebb..a2c44c044a 100644 --- a/net/hev-socks5-tproxy/Makefile +++ b/net/hev-socks5-tproxy/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=hev-socks5-tproxy -PKG_VERSION:=2.5.7 +PKG_VERSION:=2.5.8 PKG_RELEASE:=1 -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://github.com/heiher/hev-socks5-tproxy/releases/download/$(PKG_VERSION) -PKG_HASH:=b5f29fef18ffe335fce4d6f96ce83c8bee04ce29fda420ba7248252d3b210578 +PKG_HASH:=f8ca8ab2dcfd4e0f4c595f3407644ec6b9798f7c1c8637f95c5cd59f85afde9b PKG_MAINTAINER:=Ray Wang PKG_LICENSE:=MIT From 102ce164eb8d50558218d8238ef14f865a384d34 Mon Sep 17 00:00:00 2001 From: Ray Wang Date: Tue, 19 Nov 2024 22:12:37 +0800 Subject: [PATCH 07/11] hev-socks5-tunnel: update to 2.7.5 Signed-off-by: Ray Wang --- net/hev-socks5-tunnel/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/hev-socks5-tunnel/Makefile b/net/hev-socks5-tunnel/Makefile index 753d501abe..71ed42a8e3 100644 --- a/net/hev-socks5-tunnel/Makefile +++ b/net/hev-socks5-tunnel/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=hev-socks5-tunnel -PKG_VERSION:=2.7.3 +PKG_VERSION:=2.7.5 PKG_RELEASE:=1 -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://github.com/heiher/hev-socks5-tunnel/releases/download/$(PKG_VERSION) -PKG_HASH:=613c4132cfed26ccd6e9f59a3e8590723f07969ac677f4957cbe000b13737fea +PKG_HASH:=a6dffa86d1a4f95025386a666628781415fb15e3d8e846d777e5a06086e5c769 PKG_MAINTAINER:=Ray Wang PKG_LICENSE:=MIT From c342279eb6386f707e6982fec95a31c51e74cb98 Mon Sep 17 00:00:00 2001 From: Ryan Keane Date: Mon, 18 Nov 2024 05:56:10 -0800 Subject: [PATCH 08/11] rclone: Bump to 1.68.2 Release notes in links below. Link: https://rclone.org/changelog/#v1-68-2-2024-11-15 Signed-off-by: Ryan Keane --- net/rclone/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/rclone/Makefile b/net/rclone/Makefile index 378061ac1e..b4b23a330e 100644 --- a/net/rclone/Makefile +++ b/net/rclone/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=rclone -PKG_VERSION:=1.68.1 +PKG_VERSION:=1.68.2 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/rclone/rclone/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=26259526855a12499d00e3a3135ee95e7aeb3ecf2f85886d8c837a2e7b236226 +PKG_HASH:=6c4c1a1702633c7a8f8755a9cfb951c3ae0b7bcc2e210b92e191250b6aae2e9f PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE From 10fcc5d390651ef58eff7f66c83d3aff3b853a03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jon=20Henrik=20Bj=C3=B8rnstad?= Date: Tue, 19 Nov 2024 15:36:34 +0100 Subject: [PATCH 09/11] qbee-agent: bump version to 2024.45 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jon Henrik Bjørnstad --- admin/qbee-agent/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/admin/qbee-agent/Makefile b/admin/qbee-agent/Makefile index 21f8f2a8b0..986b654d6a 100755 --- a/admin/qbee-agent/Makefile +++ b/admin/qbee-agent/Makefile @@ -1,13 +1,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=qbee-agent -PKG_VERSION:=2024.36 +PKG_VERSION:=2024.45 PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/qbee-io/qbee-agent.git -PKG_SOURCE_VERSION:=d52fb5e69b479550636570a2db6cebe06f5f129b -PKG_MIRROR_HASH:=58b4e7b741754bf86d315eb32e43d4a8b80c8b8f5a95cf94b77f48c193385d60 +PKG_SOURCE_VERSION:=bdf5f11771964dbb69a0d8f1f93e69f75e5a83c5 +PKG_MIRROR_HASH:=b0f62bfe66ecb33a4f703b372d66ba5cfcf15330fa1c7c60c0bd136f55727142 PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE From bf07d331b0b15168d8047e0bbf4786a1e8265470 Mon Sep 17 00:00:00 2001 From: Ryan Keane Date: Tue, 19 Nov 2024 07:50:30 -0800 Subject: [PATCH 10/11] alist: Bump to 3.39.2 Change Github repository owner from `alist-org` to `AlistGo`. web-dist 3.39.2: - No significant changes. Release notes in links below. Close: #25405 Link: https://github.com/AlistGo/alist/releases/tag/v3.39.2 Link: https://github.com/AlistGo/alist-web/compare/3.39.0...3.39.2 Signed-off-by: Ryan Keane --- net/alist/Makefile | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/net/alist/Makefile b/net/alist/Makefile index b16259dd42..f8bc9b7585 100644 --- a/net/alist/Makefile +++ b/net/alist/Makefile @@ -5,12 +5,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=alist -PKG_VERSION:=3.39.1 +PKG_VERSION:=3.39.2 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://codeload.github.com/alist-org/alist/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=f211a3b35b6c600a94dbee9041cb5e167284613be383c5944afef6b0b86ab330 +PKG_SOURCE_URL:=https://codeload.github.com/AlistGo/alist/tar.gz/v$(PKG_VERSION)? +PKG_HASH:=c455b3fc14f4fd2b81ce1a590113027e3cb278a66a77fd5d21f3a295eb3ea987 PKG_LICENSE:=AGPL-3.0-only PKG_LICENSE_FILES:=LICENSE @@ -49,13 +49,13 @@ define Package/alist/conffiles /etc/config/alist endef -WEB_VERSION:=3.39.0 +WEB_VERSION:=3.39.2 WEB_FILE:=$(PKG_NAME)-web-$(WEB_VERSION).tar.gz define Download/alist-web - URL:=https://github.com/alist-org/alist-web/releases/download/$(WEB_VERSION)/ + URL:=https://github.com/AlistGo/alist-web/releases/download/$(WEB_VERSION)/ URL_FILE:=dist.tar.gz FILE:=$(WEB_FILE) - HASH:=59f5dae6fed76ca708b12a7a6323ef85cdee48861ffafb8864c785b7d7c36e89 + HASH:=d998315aff5544e7d7248214d02a3b04a92366bf0ac50fb4791b23833e8b543a endef define Build/Prepare From 6945c7bb65d8f9e9eb42f53c3cd390c6cffc0aa5 Mon Sep 17 00:00:00 2001 From: Tianling Shen Date: Wed, 20 Nov 2024 21:18:50 +0800 Subject: [PATCH 11/11] yq: Update to 4.44.5 Signed-off-by: Tianling Shen --- utils/yq/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/yq/Makefile b/utils/yq/Makefile index 6526db04f8..2cef8c3b42 100644 --- a/utils/yq/Makefile +++ b/utils/yq/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=yq -PKG_VERSION:=4.44.3 +PKG_VERSION:=4.44.5 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/mikefarah/yq/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=ea950f5622480fc0ff3708c52589426a737cd4ec887a52922a74efa1be8f2fbf +PKG_HASH:=1505367f4a6c0c4f3b91c6197ffed4112d29ef97c48d0b5e66530cfa851d3f0e PKG_MAINTAINER:=Tianling Shen PKG_LICENSE:=MIT