ar71xx has just one board name "wndr3700" for WNDR3700 V1/V2,
WNDR3800 and WNDR3800CH, whereas ath79 provides separate images for
the boards. So, update SUPPORTED_DEVICES to store the correct
ar71xx board names.
Fixes: FS#2510
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit fc44a8481c)
Some Ubiquiti devices had the RSSI LEDs configured in 01_leds but
were missing the rssileds package, while others that don't have
RSSI LEDS had the package included.
This commit includes the rssileds package only for those devices
that need it.
Tested on a NanoStation M XW.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit 1c6066a867)
[backported to 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The two ASUS WL-330N and WL-330N3G had the
reset keycode assigned to the WPS button. This patch
changes all three devices to use KEY_WPS_BUTTON in
the hopes that this fixes unwanted restarts/
unexpected behavior from the users point of view.
[dropped RG21S]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit ad65d9d7b2)
The WPS button was mapped to the restart/reset. This patch
changes it to emit the KEY_WPS_BUTTON keycode so pressing
the WPS button does initiate WPS.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 7a7610c21b)
Disable the DIR-300 B1 image by default as the device has insufficient
flash space for release build images.
Fixes: FS#2606
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Commit 60f41c6c9e ("ramips: add usb-ledtrig-usbport to DEVICE_PACKAGES
of CY-SWR1100") added stray | during backport which caused build
breakage on the buildbots:
bash: -c: line 0: syntax error near unexpected token `|'
bash: -c: line 0: `echo kmod-usb-core kmod-usb-ledtrig-usbport kmod-usb-ohci kmod-usb2 swconfig | | mkhash md5 | head -c 8'
Fixes: 60f41c6c9e ("ramips: add usb-ledtrig-usbport to DEVICE_PACKAGES of CY-SWR1100")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
CY-SWR1100 has a USB LED but kmod-usb-ledtrig-usbport is missing
in default images. This commit adds it.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
[changed commit title, backported to 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 261c746631)
Ethernet MAC address setup has been broken since c3e420f28c. Restore
original setting.
Fixes: c3e420f28c ("ramips: Add support for D-Link DCH-M225")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 7231c1edd9)
[backported due to base-files split]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
AutoLoad parameter must match the exact kernel module name. Fix it.
Fixes: 125f1ce9ad ("kernel: video: add DRM core and IMX DRM support for HDMI/LVDS")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 6990510aca)
Enables radio resource management to be reported by hostapd to clients.
Ref: https://github.com/lede-project/source/pull/1430
Co-developed-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
[removed the DMARC crap]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 87f9292300)
hostapd will not use the getrandom() syscall and as a fallback use
/dev/random, the syscall is supported since Linux 3.17 and in the musl,
glibc and uclibc version used by OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 998686364d)
All the content of this function is proceeded by IEEE8021X_EAPOL no code
accesses the ssid variable outside of this ifdef.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 0d86bf518a)
Instead of patching the workaround away, just use the config option.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9b4a27455c)
The size of the ipkgs increase a bit (between 0.7% and 1.1%):
old 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk
new 2019-08-08 (2.9):
290217 wpad-basic_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
258745 wpad-mini_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
431732 wpad-openssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
427641 wpad-wolfssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 167028b750)
This also syncs the configuration files with the default configuration
files, but no extra options are activated or deactivated.
The mesh patches were partially merged into hostapd 2.8, the remaining
patches were extracted from patchwork and are now applied by OpenWrt.
The patches still have open questions which are not fixed by the author.
They were taken from this page:
https://patchwork.ozlabs.org/project/hostap/list/?series=62725&state=*
The changes in 007-mesh-apply-channel-attributes-before-running-Mesh.patch
where first applied to hostapd, but later reverted in hostapd commit
3e949655ccc5 because they caused memory leaks.
The size of the ipkgs increase a bit (between 1.3% and 2.3%):
old 2018-12-02 (2.7):
283337 wpad-basic_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
252857 wpad-mini_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
417473 wpad-openssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
415105 wpad-wolfssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
new 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit 8af79550e6)
For AP mode, OpenWrt automatically sets ieee80211w to either 1 or 2, depending
on whether the encryption is set to sae-mixed, or sae/owe/eap suite-b.
Mirror the same defaults for client mode connections, in order to allow an
OpenWrt station to associate to an OpenWrt ap with SAE, OWE or Suite-B encryption
without the need to manually specify "option ieee80211w" on the station.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit abb4f4075e)
This changes fixes the generation of the wpa_supplicant client configuration
in WPA3 OWE client mode. Instead of incorrectly emitting key_mgmt=NONE, use
the proper key_mgmt=OWE setting instead.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 4209b28d23)
wps_supplicant.h assumes that 'struct wpa_bss' is forward declared if
CONFIG_WPS is not defined. With the later inclusion of
600-ubus_support, the issue manifests in warnings like these:
wps_supplicant.h:113:15: warning: 'struct wpa_bss' declared inside parameter list will not be visible outside of this definition or declaration
struct wpa_bss *bss)
^~~~~~~
This patch forward declares 'struct wpa_bss' regardless.
Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f974f8213b)
The original wpa_hexdump uses a 'void *' for the payload. With patch
410-limit_debug_messages, the signature changes and compiler warnings
occur at various places. One such warning is:
wpa_debug.h:106:20: note: expected 'const u8 * {aka const unsigned char *}' but argument is of type 'struct wpa_eapol_key *'
Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit a123df2758)
This edjusts the selection of recently removed wolfssl options which
have always been built into the library even in their abscence.
Also remove the selection of libwolfssl itself, allowing the library to
be built as a module.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 94d131332b)
Discovered recent changes had broken sysupgrade for ar71xx mikrotik
rb-493g, traced the problem to missing /usr/share/libubox/jshn.sh after
switching to tmpfs.
Signed-off-by: Russell Senior <russell@personaltelco.net>
Boards added: WNR1000v2, WNR2000v3, WNR612v2, WNDR3700.
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
(cherry picked from commit d47b687006)
[removed WNR1000v2/WNR2000v3 since not supported in 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
In ar71xx, the board name for the TL-WR1043ND v3 is equal to v2:
tl-wr1043nd-v2
Fix SUPPORTED_DEVICES for v3 in ath79 accordingly.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit b5791118cc)
Fix the error that tl-wdr3320-v2 can't upgrade firmware via web
interface by using magic_ver="0200" for this device.
Signed-off-by: 南浦月 <nanpuyue@gmail.com>
[commit message facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 0ff2385a92)
When Nanostation M was renamed from ubnt,nano-m to ubnt,nanostation-m
in commit f1396ac753 ("ath79: align naming of Ubiquiti Nanostation M"),
the caldata extraction in 10-ath9k-eeprom was overlooked.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 5dc535419f)
Many bugs were fixed--2 patches removed here.
This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:
- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit f4853f7cca)
Hardware acceleration was disabled when AES-CCM was selected as a
workaround for a build failure. This applies a couple of upstream
patches fixing this.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit ab19627ecc)
c9b6668 ustream-ssl: skip writing pending data if .eof is true after connect
Fixes: CVE-2019-5101, CVE-2019-5102
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 6f9157e6bd)
Instead of depending on kmod-usb2 make it depend on the normal USB
dependencies. This should hopefully fix some problems seen in the build
bot builds for powerpc_8540.
In addition also activate DRIVER_11N_SUPPORT support.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3ff3b044c0)
This patch breaks building on PowerPC, like the mpc85xx_generic
target for me.
Fixes: FS#2585
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b01305c8d2)
Forward the OpenWrt TARGET_LDFLAGS to the linker of the fw_printenv tool.
In addition also use the more standard make invocation script.
With this change the fw_printenv tool is built with PIE and Full RELRO
support when activated globally in OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
(cherry picked from commit b7b2be0b26)
All buttons on the Netgear R6220 are active-low while they are flagged
as active-high.
The GPIO status reads the following for no buttons pressed:
root@64367-r6220:~# cat /sys/kernel/debug/gpio
gpio-7 ( |wps ) in hi
gpio-8 ( |wifi ) in hi
gpio-14 ( |reset ) in hi
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f7f9fe5256ebb660d3160452c3c01a9eb080938f)
This fixes the netdev LED trigger for interfaces, which are renamed
during initialization (e.g. ppp interfaces).
Fixes: FS#2193
Fixes: FS#2239
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit edbadec843)
When switching from master branch to 19.07 or older, we need to ensure
that Python symlink in staging bin directory points to Python 2.
We can't rely completly just on SetupHostCommand as its executed only in
cases when the $(STAGING_DIR_HOST)/bin/python doesn't already exist, so
we need to remove it before running SetupHostCommand.
This is a cherry-pick of 3b68fb57c9
with python3 instead of python2
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Here is a way to break your build env without this patch:
1) have python point to python3, and no python2
2) start the build, SetupHostCommand will create a symlink
./staging_dir/host/bin/python -> /usr/bin/python
3) build fails on scons because it can't find any python2
4) install python2 and restart the build
5) the build fails on wireless-regdb compile because python is python3 instead of python
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Refresh patches, for changes in version 7.66.0 see https://curl.haxx.se/changes.html#7_66_0
Fixes CVEs:
CVE-2019-5481
CVE-2019-5482
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 71cf4a272c)
To simplify the upgrade process and ensure easier identification of
device partitioning, the following devices are disabled on ath79
target in openwrt-19.07 branch:
- glinet,gl-ar300m-nor
- glinet,gl-ar300m-nand
- glinet,gl-ar750s
Proper ath79 (NAND) support for the devices is expected to be
introduced based on kernel 4.19 (see GitHub PR #2184).
In openwrt-19.07, ar71xx should be used for those devices.
With this, we ensure that the new ath79 image names (at least for
releases) refer to the updated partitioning.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The QCA953x only supports 25 MHz refclk, however some OEMs set an
invalid bootstrap value for the REF_CLK option, which would break the
clock detection in ath9k.
Force the QCA953x refclk to 25MHz in ath9k, as this is (according to the
datasheet) the only valid frequency.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4c6fe32468)
This fixes commit bae927c551 ("ar71xx: add support for TP-LINK CPE510
V2.0") where the support for this device wasn't optimal.
Device support for the CPE510v2 so far has been a hack to enable
flashing with CPE510v1 images. Those even have different hardware (e.g.
additional ethernet port).
With this patch, we provide proper support for this device in ar71xx.
Installation:
- Flash factory image through stock firmware WEB UI or through TFTP
- To get to TFTP recovery just hold reset button while powering on
for around 4-5 seconds and release.
- Rename factory image to recovery.bin
- Stock TFTP server IP: 192.168.0.100
- Stock device TFTP address: 192.168.0.254
Fixes: bae927c551 ("ar71xx: add support for TP-LINK CPE510 V2.0")
Signed-off-by: Andrew Cameron <apcameron@softhome.net>
[Rebased onto revert commit, changed comments in mach-cpe510.c,
changed commit title and description, fixed eth0 MAC address,
removed eth1 initialization]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[squashed revert, added fixes tag]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit c79b796280)
[added CPE510V2 entry to tplink-safeloader.c]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>