Commit Graph

31338 Commits

Author SHA1 Message Date
Felix Fietkau
06556a8e6b hostapd: fix remote denial of service vulnerability in WMM action frame parsing
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45619
2015-05-06 09:45:39 +00:00
Rafał Miłecki
501da07c5d brcm47xx: fix regression in NVRAM support for WGT634U
We were calculating wrong offset, NVRAM wasn't found and OpenWrt didn't
boot.

Fixes: 9019803 ("brcm47xx: backport BCM47XX arch patches (clean NVRAM code, later init)")
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45618
2015-05-06 05:54:19 +00:00
Felix Fietkau
1f689613b6 iptables: disable unused xml support to save some space
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45617
2015-05-06 00:59:41 +00:00
Felix Fietkau
a503023ec2 hostapd: enable 802.11w only for the full variants
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45616
2015-05-06 00:59:36 +00:00
Felix Fietkau
102522e0cd uboot-envtools: disable AES support, reduces code size
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45615
2015-05-06 00:59:28 +00:00
Felix Fietkau
ec73574027 build: enable package list signing by default
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45614
2015-05-05 21:16:13 +00:00
Steven Barth
d534883a52 firewall: Allow IGMP and MLD input on WAN
The WAN port should at least respond to IGMP and MLD queries as
otherwise a snooping bridge/switch might drop traffic.

RFC4890 recommends to leave IGMP and MLD unfiltered as they are always
link-scoped anyways.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>

SVN-Revision: 45613
2015-05-05 13:22:41 +00:00
Steven Barth
336fc7a702 netsupport: l2tp-ip: only depend on IPv6 if IPv6 support is enabled
Before r45593 kmod-l2tp-ip did not depend on kmod-ipv6.
With r45593 support for L2TP IPv6 encapsulation was added and
included in the kmod-l2tp-ip package. This change also
added the dependency to kmod-ipv6 to kmod-l2tp-ip, regardless
of whether the user chose to generally include IPv6 support
or not.
Change this so L2TP over IPv6 and the resulting dependency
to kmod-ipv6 is only included in kmod-l2tp-ip if IPv6 support
is enabled.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 45612
2015-05-05 13:22:33 +00:00
Jo-Philipp Wich
2a196a68cd procd: fix uid/gid changing for service instances
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45611
2015-05-05 11:00:53 +00:00
Felix Fietkau
334ad1d49f polarssl: include PKG_RELEASE in ABI_VERSION
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45610
2015-05-05 10:14:04 +00:00
Felix Fietkau
632ba15a56 curl: replace polarssl run-time version check with a compile-time one
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45609
2015-05-05 10:12:49 +00:00
Felix Fietkau
5533a67e3a openvpn: replace polarssl run-time version check with a compile-time one
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45608
2015-05-05 10:09:16 +00:00
Felix Fietkau
34cacae2b9 polarssl: disable runtime version checks to save some space
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45607
2015-05-05 10:00:49 +00:00
Felix Fietkau
434bf8a90b polarssl: disable an unused random number generator
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45606
2015-05-05 10:00:36 +00:00
Imre Kaloz
9bcd551962 tools/pkg-config: fix compile on musl hosts
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 45605
2015-05-04 13:22:54 +00:00
Imre Kaloz
a2bec91b3b tools/autoconf: fix compile on musl hosts
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 45604
2015-05-04 13:22:36 +00:00
Imre Kaloz
d0e8830c31 tools/sed: fix compile on musl hosts
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 45603
2015-05-04 13:22:17 +00:00
Jo-Philipp Wich
a28deda590 openvpn: disable CBC record splitting in PolarSSL/mbedTLS (#19101)
OpenVPN assumes that its control channel messages are sent and received
unfragmented, this assumption is broken when CBC record splitting is
enabled in mbedTLS.

The record splitting is intended as countermeasure against BEAST attacks
which do not apply to OpenVPN, therefore we simply disable it until
upstream OpenVPN gains the ability to process fragmented control
messages.

Disabling the splitting also works around a (not remotely triggerable)
segmentation fault in mbedTLS.

References:

 * https://dev.openwrt.org/ticket/19101
 * https://community.openvpn.net/openvpn/ticket/524
 * https://github.com/ARMmbed/mbedtls/pull/185

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45602
2015-05-04 08:49:21 +00:00
Imre Kaloz
aea93173d1 generic/4.0: update to 4.0.1
Also refresh one patch.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 45601
2015-05-03 18:04:46 +00:00
Felix Fietkau
2659762e62 base-files: fix logic error in led default handling (patch from #19593)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45600
2015-05-03 18:04:27 +00:00
Imre Kaloz
3ee45e61fe mpc85xx: replace WDR4900 uci-defaults ethernet MAC address hack with DTS entry
This also changes the MAC address to one of the adresses actually used by the
stock firmware on one of the ethernet interfaces.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>

SVN-Revision: 45599
2015-05-03 18:00:47 +00:00
Imre Kaloz
322d798510 mpc85xx: gianfar: add mtd-mac-address support
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>

SVN-Revision: 45598
2015-05-03 17:59:46 +00:00
Imre Kaloz
b9fbf31fe7 mpc85xx: move newly created files from patch files to files directory
This will make these files much more maintainable.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>

SVN-Revision: 45597
2015-05-03 17:58:45 +00:00
Imre Kaloz
f86c07d8d4 The ability to read MAC addresses from MTD is useful for other targets besides ramips and lantiq as well.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>

SVN-Revision: 45596
2015-05-03 17:56:32 +00:00
Steven Barth
4d9694981b nettle: bump to 3.1.1
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45595
2015-05-03 11:19:42 +00:00
Steven Barth
a132313238 dhcp: add option specifying overriding custom-routes
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45594
2015-05-02 07:44:55 +00:00
Steven Barth
498e3a7fd4 netsupport: package L2TPv3 over IPv6 as well
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45593
2015-05-02 07:44:47 +00:00
Jo-Philipp Wich
f2277a967d env: allow passing a commit message on save
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45592
2015-05-01 17:23:15 +00:00
Jo-Philipp Wich
1170a3de76 make-ext4fs: avoid using libc internal declarations
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45591
2015-05-01 16:18:25 +00:00
Steven Barth
58f7d9676b map: shorten autogenerated sub-interface names to account for limits
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45590
2015-04-30 12:43:46 +00:00
Luka Perkov
8084b056e2 ar71xx: fix leds and gpio on wpj344
Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 45589
2015-04-29 20:04:46 +00:00
Luka Perkov
cd419afd2c ar71xx: fix sysupgrade for compex-wpj344
Moved board to the right magic case.

Signed-off-by: Christian Mehlis <christian@m3hlis.de>

SVN-Revision: 45588
2015-04-29 13:52:34 +00:00
Steven Barth
fc84123c2f dnsmasq: bump to 2.73rc7
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45587
2015-04-29 07:19:24 +00:00
Steven Barth
4fb99ec22f odhcpd: Remove prefix class config option as not supported anymore by odhcpd
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 45586
2015-04-28 14:58:54 +00:00
Steven Barth
64aa0929b9 odhcp6c: Fix white space errors
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 45585
2015-04-28 14:57:52 +00:00
Jonas Gorski
954004eccc kernel: disable INET_LRO by default
INET_LRO deprecated and there are exactly two drivers using it, neither
being included in any of the targets enabling INET_LRO. At the same time
both drivers needing it select it.

So just disable it for everyone.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 45584
2015-04-28 13:31:08 +00:00
Jonas Gorski
9feb1361c4 brcm63xx: fix bcm6348 ext irqc compatible name
This was a remnant of an old version.

Reported-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 45583
2015-04-27 11:06:05 +00:00
Jonas Gorski
5e7f4ab632 brcm63xx: fix bcm3368.dtsi typo.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 45582
2015-04-27 11:06:00 +00:00
Felix Fietkau
d2e02d6377 sdk: filter out CONFIG_SIGNED_PACKAGES for generated config
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45581
2015-04-25 12:39:02 +00:00
Felix Fietkau
51d0476ab0 kernel: implement RENAME_EXCHANGE support for jffs2 - overlayfs requires it
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45580
2015-04-25 10:47:18 +00:00
Rafał Miłecki
63bb07b28c Revert "nvram: increase NVRAM size to 64 KiB"
This reverts commit ff84c27a281bc19df19bc62ee8688cca5586f6e3.
This tool has really broken size handling (many values hardcoded), it
crashes right now in case of NVRAM not filling whole MTD partition.

Conflicts:
	package/utils/nvram/src/nvram.h

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45579
2015-04-24 15:38:38 +00:00
Rafał Miłecki
97a0e165a6 nvram: fix regression in finding NVRAM beginning
The loop was giving up too early as it never expected NVRAM smaller
than 0x10000.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45578
2015-04-24 14:28:57 +00:00
Rafał Miłecki
84a3e668fc mac80211: backport brcmfmac to support multiple devices NVRAM
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45577
2015-04-24 10:53:11 +00:00
Rafał Miłecki
c1a7e13587 mac80211: update brcmfmac to the wireless-drivers-next-for-davem-2015-04-09
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45576
2015-04-24 10:45:33 +00:00
Rafał Miłecki
33e597b241 bcm53xx: sort ports from NVRAM entries before matching them
Some devices have unsorted ports which may lead to broken config.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45575
2015-04-24 07:47:25 +00:00
Florian Fainelli
00fb1bc098 netlogic: copy initramfs image to $(BIN_DIR)
Signed-off-by: Florian Fainelli <florian@openwrt.org>

SVN-Revision: 45574
2015-04-23 22:31:36 +00:00
Rafał Miłecki
e175b199f8 kernel: backport rest of bgmac patches to 4.0
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45573
2015-04-23 19:11:11 +00:00
Steven Barth
62e7f07615 dnsmasq: bump to 2.73rc6
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45572
2015-04-23 13:05:15 +00:00
Rafał Miłecki
6bfb1a4b11 kernel: backport few bgmac patches to 4.0
I still need to test following patch before backporting:
bgmac: leave interrupts disabled as long as there is work to do

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45571
2015-04-23 12:30:51 +00:00
Rafał Miłecki
8d1580c4bb brcm47xx: add patches for kernel 4.0
SVN-Revision: 45570
2015-04-23 11:31:54 +00:00