Commit Graph

581 Commits

Author SHA1 Message Date
Hans Dedecker
54a864d914 curl: bump to 7.60.0
Refresh patches; remove 320-mbedtls_dont_use_deprecated_sha256_function
patch as upstream fixed

For changes in version 2.60 see https://curl.haxx.se/changes.html#7_60_0

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-05-17 09:49:55 +02:00
Kevin Darbyshire-Bryant
080fb7a3fb iproute2: import latest cake
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Bearing fruits of the latest upstreaming efforts on cake.

Changes: diffserv-llt dropped.  The paper describing this DSCP
allocation has gone stale and doesn't appear used.

The userspace to kernel netlink messages for cake have been reworked in
a backwards incompatible way, so tc & cake must be bumped together this
once.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-05-07 08:09:12 +02:00
Kevin Darbyshire-Bryant
ad5af37ca7 iproute2: backport json_print-fix-hidden-64-bit-type-promotion
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
print_uint() will silently promote its variable type to uint64_t, but there
is nothing that ensures that the format string specifier passed along with
it fits (and the function name suggest to pass "%u").

Fix this by changing print_uint() to use a native 'unsigned int' type, and
introduce a separate print_u64() function for printing 64-bit values. All
call sites that were actually printing 64-bit values using print_uint() are
converted to use print_u64() instead.

Since print_int() was already using native int types, just add a
print_s64() to match, but don't convert any call sites.

Fixes wonkyness in some stats from some qdiscs under tc

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-05-07 08:09:05 +02:00
Hans Dedecker
2f1e329d7a iproute2: update to 4.16
Update to latest version of iproute2, refresh patches.
See https://lkml.org/lkml/2018/4/2/349 for a full overview of the
changes in 4.16.
Build and tested on AR7xxx against musl

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-05-02 09:18:26 +02:00
John Crispin
90e65763a4 iptables: fix per object LDFLAGS for aggragate object builds
Without this patch the extra LDFLAGS of objects were selected based on the
name of the extension being built, which breaks for aggregate so builds.

Signed-off-by: John Crispin <john@phrozen.org>
2018-05-01 11:12:15 +02:00
Kevin Darbyshire-Bryant
78f4305933 iftop: bump to latest
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Choose first running interface, rather than first "up" interface (Redhat #1403025)

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-04-27 09:59:28 +02:00
Florian Eckert
4a243f7a09 network/uqmi: pipe the output off qmi_wds_stop to /dev/null
Pipe uqmi output from qmi_wds_stop function into /dev/null.
This will supress the following output in proto teardown.

netifd: wwan (x): "No effect"
netifd: wwan (x): Command failed: Permission denied

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-04-19 14:39:38 +02:00
Daniel Engberg
ed4ac0ed65 curl: Deprecate idn(1) support and switch to xz tarball
libidn(1) is deprecated, add libidn2 support
Switch to xz tarball (smaller size)

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-04-16 22:01:09 +02:00
Matthias Schiffer
85a35c644e
ebtables: update to latest git 2018-04-11
2e783b227766 ebt_ip: add support for matching IGMP type
b5fbb8d786c9 ebt_ip: add support for matching ICMP type and code
c5e5b784fd1a Move ICMP type handling functions from ebt_ip6 to useful_functions.c
11da52177196 include: sync linux/netfilter_bridge/ebt_ip.h with kernel

Note: the new features require at least kernel 4.17 or backported patches.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-04-12 07:34:57 +02:00
Matthias Schiffer
177fa14340
iptables: split physdev match out as a separate package
Split physdev match out of ipt-extra to allow installing ipt-extra without
pulling in br-netfilter.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-04-09 19:41:48 +02:00
Felix Fietkau
d073f650cd kernel: add support for enabling hardware flow offload via iptables
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-04-05 18:12:30 +02:00
Kevin Darbyshire-Bryant
a64fae8354 Revert "iproute2: fix hidden uint to uin64_t promotion in json_print"
This reverts commit 745d0e7f4b.

It looks like upstream don't want the patch so let's revert it here too.

I hope a fix from upstream is forthcoming.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-03-31 09:18:31 +02:00
Rosen Penev
43788a91fb ethtool: Update to 4.15.
Contains kernel 4.14 updates. Compile tested on mvebu.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-03-23 23:49:55 +01:00
Kevin Darbyshire-Bryant
4a788fcf63 iproute2: cake: support new overhead reporting & stats structures
Cake in kernel space now splits stats structure handling across netlink
messages to reduce stack usage issue flagged by upstream kernel checks.
Update user space (tc) qdisc handling to understand this new regime.

Cake also reports packet overheads & compensation in a different way so
add display code for this. e.g.

'tc -s qdisc show dev eth0' reports this extra detail:

 min/max transport layer size:         28 /    1500
 min/max overhead-adjusted size:       65 /    1550
 average transport hdr offset:         14

Cake also supports output in JSON format.

Patch is bulkier than before because a (slightly out of date - see above
stats) man page is included for reference. Better than nothing!

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-03-23 22:08:22 +01:00
Kevin Darbyshire-Bryant
745d0e7f4b iproute2: fix hidden uint to uin64_t promotion in json_print
print_int used 'int' type internally, whereas print_uint used 'uint64_t'

These helper functions eventually call vfprintf(fp, fmt, args) which is
a variable argument list function and is dependent upon 'fmt' containing
correct information about the length of the passed arguments.

Unfortunately print_int v print_uint offered no clue to the programmer
that internally passed ints to print_uint were being promoted to 64bits,
thus the format passed in 'fmt' string vs the actual passed integer
could be different lengths.  This is even more interesting on big endian
architectures where 'vfprintf' would be looking in the middle of an
int64 type.  Symptoms of this included tc qdisc showing bizarre values
for a variety of fields across a variety of qdiscs (e.g. refcnt, flows,
quantum)

print_u/int now stick with native int size.

A similar patch has been sent upstream.

Fixes FS#1425

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-03-19 11:40:01 +01:00
Rosen Penev
f4ea74abb6 curl: Update to 7.59
Compile tested on ar71xx.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-03-19 11:39:13 +01:00
Philip Prindeville
61e0af06d9 iperf3: update to 3.5
Get rid of patches which are already upstream.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2018-03-09 22:13:22 +01:00
Hans Dedecker
332b736a3e ebtables: update to latest git 2018-01-17
068ba95 Fix locking if LOCKDIR does not exist

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-03-08 21:16:24 +01:00
Felix Fietkau
13224f8b73 iw: update to version 4.14
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-28 12:46:02 +01:00
Hauke Mehrtens
fc54256bc8 iptables: fix compile with kernel 3.18
This fixes a compile bug found by build bot with kernel 3.18

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-26 17:52:15 +01:00
Felix Fietkau
0f54d96d24 ethtool: import from packages, add myself as maintainer
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-24 16:12:57 +01:00
Hauke Mehrtens
92419ab4c7 iproute2: Add support for ports in xfrm on SCTP
Remove this old patch which prevents showing the xfrm ports for SCTP

This was added in commit 60c1f0f64d ("finally move buildroot-ng to trunk")

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-24 10:29:25 +01:00
Ansuel Smith
2805402f86 iptables: update to 1.6.2
459b6932 policy: add nft translation for simple policy none/strict use case
255e55b7 tests: xlate-test: no need to require superuser privileges
6990bbc5 extensions: hashlimit: remove space before burst in translation to nft
13ecaeb0 extensions: hashlimit: Rename 'flow table' keyword to meter
c252a2b0 extensions: Add test for cluster nft translation
bda1daa4 extensions: ip6t_{S,D}NAT: add more tests
88fa4543 extensions: ip6t_{S,D}NAT: multiple to-dst/to-src arguments not reported
64a0e098 extensions: libxt_cluster: Add translation to nft
6067208f extensions: add support for 'srh' match
0f387b07 extensions: hashlimit: fix incorrect burst in translations
1ffe6a74 extensions: libxt_hashlimit: Do not print default timeout and burst
27de281d extensions: Add macro _DEFAULT_SOURCE.
75364151 iptables: Remove const qualifier from struct option.
8b0da213 iptables: masquerade: add randomize-full support
e64db006 iptables: patch to correct linker flag sequence
033eac81 extensions: libxt_tcpmss: Add test case for invalid ranges.
505bfa11 iptables: xtables-eb: Remove const qualifier from struct option
a6d6821a iptables: extensions: Fix MARK target help
71de414c libxt_sctp: fix array out of range in print_chunk
1a32381a extensions: add tests for ipcomp protocol
4bd51770 tests: xlate: print output in same way as nft-test.py
d0e3d95f libxt_recent: Remove ineffective checks for info->name
23e6ed71 libxt_TOS: add tests for translation infrastructure
9564595e Update .gitignore
bebce197 iptables: iptables-compat translation for TCPMSS
dbbab0aa extensions: libxt_tcpmss: Detect invalid ranges
0e958281 iptables-translate: add test file for TCPMSS extension
de3c68b6 iptables-compat: do not allow to delete populated user define chains
f4b80ce7 iptables: change large file support handling
f5b46c2f iptables: Constify option struct
21ba5b38 ip{,6}tables-restore: Don't accept wait-interval without wait
60e0ffd3 ip{,6}tables-restore: Don't ignore missing wait-interval value
af468b6e utils: Add a man page for nfnl_osf
1773dcaa utils: nfnl_osf: Fix synopsis in help text
895ce096 extensions: libxt_bpf: fix missing __NR_bpf declaration
3c633296 xtables-compat-restore: fix translation of mangle's OUTPUT
1c32e560 netfilter: xt_hashlimit: add rate match mode
b5331f88 xtables-compat: fix memory leak when listing
91ae12e3 xtables-compat-restore: fix several memory leaks
79e1edd1 iptables-xml: Fix segfault on jump without a target
c49a93f1 xtables-translate: fix double space before comment
79fa7cc2 libip6t_icmp6: xlate: remove leftover space
8e62f572 tests: xlate: generalize owner
8d994bcf iptables: Add file output option to iptables-save
f8e5ebc5 iptables: Fix crash on malformed iptables-restore
80d8bfaa iptables: insist that the lock is held.
c29d99c8 libxtables: Display weird character warning for wildcards
1fe96cfb tests: xlate: check if it is being run as root
3f92b259 tests: xlate: remove python 3.5 dependency
d89dc47a iptables-restore/save: exit when given an unknown option
65801d02 iptables-restore.8: document -w/-W options
9cd3adbe iptables-restore/ip6tables-restore: add --version/-V argument
1ec1fb7a extensions: libxt_hashlimit: fix 64-bit printf formats
27f69f4a iptables: extensions: Remove typedef in struct.
340105fa tests: add regression tests for xtables-translate
b669e184 extensions: libxt_TOS: Add translation to nft
b2a84476 iptables: Remove unnecessary braces.
2963a8df iptables: Remove explicit static variables initalization.
1cf4ba6f iptables: Constify option struct
999eaa24 iptables-restore: support acquiring the lock.
6e2e169e iptables: remove duplicated argument parsing code
836846f0 iptables: move XT_LOCK_NAME from CFLAGS to config.h.
b91af533 iptables: set the path of the lock file via a configure option.
0e94eb2e iptables-translate: print nft iff there are more expanded rules to print
48ad179b libxtables: abolish AI_CANONNAME
9f50bbdf libxtables: remove unnecessary nesting from host_to_ip(6)addr
c6df55d6 iptables-translate: print nft command for each expand rules via dns names
82dacbb8 xtables-translate: Avoid querying the kernel
9f972f45 extensions: libxt_addrtype: Add translation to nft
2c8e251e utils: nfsynproxy: fix build with musl libc
9b8cb756 libiptc: don't set_changed() when checking rules with module jumps
eb66632d extensions: libxt_hashlimit: Add translation to nft
72bb3dbf xshared: using the blocking file lock request when we wait indefinitely
24f81746 xshared: do not lock again and again if "-w" option is not specified
fc3c3b4e libxt_hashlimit: add new unit test to catch kernel bug
516d9191 iptables: update pf.os

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2018-02-23 19:15:54 +01:00
Felix Fietkau
820f030998 netfilter: add a xt_FLOWOFFLOAD target for NAT/routing offload support
This makes it possible to add an iptables rule that offloads routing/NAT
packet processing to a software fast path. This fast path is much
quicker than running packets through the regular tables/chains.

Requires Linux 4.14

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-21 20:12:42 +01:00
Felix Fietkau
bc3e0f6052 nftables: update to 0.8.2, backport flowtable support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-21 20:12:41 +01:00
Koen Vandeputte
e16cc7a8c8 uqmi: ensure CID is a numeric value before proceeding
The current implementation only checked if uqmi itself executed
correctly which is also the case when the returned value is actually
an error.

Rework this, checking that CID is a numeric value, which can only
be true if uqmi itself also executed correctly.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-02-20 08:33:07 +01:00
Philip Prindeville
81ccf24c09 iperf3: update to 3.4
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2018-02-17 13:48:02 +01:00
Russell Senior
e05a6018fc curl: fix interface with mbedtls_sha256
Between mbedtls 2.6.0 and 2.7.0, the void returning mbedtls_MODULE* functions
were deprecated in favor of functions returning an int error code.  Use
the new function mbedtls_sha256_ret().

Signed-off-by: Russell Senior <russell@personaltelco.net>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-02-17 12:29:23 +01:00
Hauke Mehrtens
95745516a2 nftables: update to version 0.8.2
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-15 23:31:23 +01:00
Hauke Mehrtens
e7c179326a iproute2: update to version 4.15.0
The musl compatibility patches are now included in the upstream version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-15 23:31:23 +01:00
Daniel Golle
a3b9cbafc3 iwinfo: update to latest git HEAD
223e09b add support for expected throughput

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-02-15 04:57:38 +01:00
Koen Vandeputte
f21f8376e9 uqmi: bump package release
fixes: da8990e717 ("uqmi: use built-in command for data-link verification")

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-02-13 10:25:30 +01:00
Koen Vandeputte
da8990e717 uqmi: use built-in command for data-link verification
uqmi contains a command for directly querying the modem if there
is a valid data connection, so let's use it.

This avoids the cases were all previous tests are succesful, but the
actual data link is not up for some reasons, leading to states were we
thought the link was up when it actually wasn't ..

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-02-13 10:01:53 +01:00
Koen Vandeputte
3508f8abb4 uqmi: use correct value for connection checking
Originally, the implementation only checked if uqmi command
execution succeeded properly without actually checking it's returned data.

This lead to a pass, even when the returned data was indicating an error.

Rework the verification to actually check the returned data,
which can only be correct if the uqmi command itself also executed correctly.

On command execution success, value "pdh_" is a pure numeric value.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-02-13 10:01:53 +01:00
Koen Vandeputte
3c5471032b uqmi: use general method for state cleaning
Debugging shows that using the general method properly cleans on each
run, while the method specifying the client-ID shows "No effect"
even while in connected state.

Fixes several connectivity issues seen on specific modems.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-02-13 10:01:53 +01:00
Kristian Evensen
2d27ebbb93 iptables: Support building connlabel module
It is currently possible to enable connlabel-support in iptables.
However, in order for connlabel to work properly, the kernel module must
also be present. This patch adds support for building the
connlabel-module, and selects it by default when connlabel-support is
enabled.

Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
2018-02-13 10:01:52 +01:00
Yangbo Lu
3a0fa1e7b8 layerscape: update restool to 2017-12-03
Updated restool to 2017-12-03 and removed patches
since the new version had involved them.

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
2018-02-13 10:01:49 +01:00
Matthias Schiffer
bbef76f1b1
nftables: remove dependency on kmod-nf-nat
For minimal firewall setups, NAT support may be unnecessary.

It would be possible to further reduce the minimum number of installed
modules, e.g. by separating IPv4 and IPv6 support or moving conntrack
support into a separate kmod package. We go with a more complete
kmod-nft-core for now, until a concrete usecase for smaller packages
arises.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-01-31 13:32:40 +01:00
Hans Dedecker
1d9296dcdb curl: bump to 7.58.0
a0b5e8944 progress-bar: get screen width on windows
65ceb20df test1454: --connect-to with IPv6 address w/o IPv6 support!
eb6e3c4f6 CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support
96186de1f docs: fix man page syntax to make test 1140 OK again
af32cd385 http: prevent custom Authorization headers in redirects
993dd5651 curl: progress bar refresh, get width using ioctl()
9d82cde7b RELEASE-NOTES: synced with bb0ffcc36
bb0ffcc36 libcurl-env.3: first take
ec122c4c8 TODO: two possible name resolver improvements
a5e6d6ebc http2: don't close connection when single transfer is stopped
87ddeee59 test558: fix for multissl builds
da07dbb86 examples/url2file.c: add missing curl_global_cleanup() call
ddafd45af SSH: Fix state machine for ssh-agent authentication
9e4ad1e2a openssl: fix potential memory leak in SSLKEYLOGFILE logic
ca9c93e3e openssl: fix the libressl build again
2c0c4dff0 unit1307: test many wildcards too
2a1b2b4ef curl_fnmatch: only allow 5 '*' sections in a single pattern
cb5accab9 ftp-wildcard: fix matching an empty string with "*[^a]"
25c40c9af SMB: fix numeric constant suffix and variable types
945df7410 CURLOPT_TCP_NODELAY.3: fix typo
8dd4edeb9 smtp/pop3/imap_get_message: decrease the data length too...
84fcaa2e7 openssl: enable SSLKEYLOGFILE support by default
e44ddfd47 mime: clone mime tree upon easy handle duplication.
2c821bba8 docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata
a06311be2 test395: HTTP with overflow Content-Length value
67595e7d2 test394: verify abort of rubbish in Content-Length: value
ac17d7947 test393: verify --max-filesize with excessive Content-Length
f68e67271 HTTP: bail out on negative Content-Length: values
0616dfa1e configure.ac: append extra linker flags instead of prepending them.
650b9c1d6 RELEASE-NOTES: synced with 6fa10c8fa
6fa10c8fa setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values
3b548ffde setopt: reintroduce non-static Curl_vsetopt() for OS400 support
fa3dbb9a1 http2: fix incorrect trailer buffer size
2a6dbb815 easy: fix connection ownership in curl_easy_pause
89f680473 system.h: Additionally check __LONG_MAX__ for defining curl_off_t
14d07be37 COPYING: it's 2018!
a8ce5efba progress: calculate transfer speed on milliseconds if possible
d4e40f069 scripts: allow all perl scripts to be run directly
e4f86025d mail-rcpt.d: fix short-text description
908a9a674 build: remove HAVE_LIMITS_H check
129390a51 openssl: fix memory leak of SSLKEYLOGFILE filename
272613df0 Revert "curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX"
481539e90 test1554: improve the error handling
593dcc553 test1554: add global initialization and cleanup
dc831260b curl_version_info.3: call the argument 'age'
58d7cd28a brotli: data at the end of content can be lost
a0f3eaf25 examples/cacertinmem: ignore cert-already-exists error
859ac3602 tool_getparam: Support size modifiers for --max-filesize
b399b0490 build: Fixed incorrect script termination from commit ad1dc10e61
a9b774a77 Makefile.vc: Added our standard copyright header
22fddb85a winbuild: Added support for VC15
ad1dc10e6 build: Added Visual Studio 2017 project files
d409640d6 build-wolfssl.bat: Added support for VC15
a4e88317d build-openssl.bat: Added support for VC15
c97648b55 curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX
b43755789 examples/rtsp: fix error handling macros
f009bbe1f curl_easy_reset: release mime-related data.
4acc9d3d1 content_encoding: rework zlib_inflate
e639d4ca4 brotli: allow compiling with version 0.6.0.
9c6a6be88 CURLOPT_READFUNCTION.3: refer to argument with correct name
02f207a76 rand: add a clang-analyzer work-around
13ce373a5 krb5: fix a potential access of uninitialized memory
41982b6ac conncache: fix a return code [regression]
5d0ba70e1 curl: support >256 bytes warning messsages
188a43a8f libssh: fix a syntax error in configure.ac
7ef0c2d86 examples/smtp-mail.c: use separate defines for options and mail
621b24505 THANKS: added missing names
cc0cca1ba mailmap: added/clarified several names
9d7a59c8f setopt: less *or equal* than INT_MAX/1000 should be fine
2437dbbf1 vtls: replaced getenv() with curl_getenv()
ef5633d4b RELEASE-NOTES: synced with 3b9ea70ee
3b9ea70ee TODO: Expose tried IP addresses that failed
48c184a60 curl.1: mention http:// and https:// as valid proxy prefixes
76db03dd9 curl.1: documented two missing valid exit codes
63e58b8b4 CURLOPT_DNS_LOCAL_IP4.3: fixed the seel also to not self-reference
671f0b506 Revert "curl: don't set CURLOPT_INTERLEAVEDATA"
4b6f3cff7 tests: mark data files as non-executable in git
98c572ed3 tests: update .gitignore for libtests
e959f16c5 multi_done: prune DNS cache
06a0a26fb mailmap: fixup two old git Author "aliases"
7ab4e7adb openssl: Disable file buffering for Win32 SSLKEYLOGFILE
b1b94305d RESOLVE: output verbose text when trying to set a duplicate name
bbea75ad6 CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVE
a4a56ec93 sftp: allow quoted commands to use relative paths
9fb5a943f CURLOPT_PRIVATE.3: fix grammar
179ee78e8 curl: remove __EMX__ #ifdefs
9dfb19483 openssl: improve data-pending check for https proxy
9ffad8eb1 curl: don't set CURLOPT_INTERLEAVEDATA
912324024 curl.h: remove incorrect comment about ERRORBUFFER
ebaab4d17 configure: add AX_CODE_COVERAGE only if using gcc
b5881d1fb curl: limit -# update frequency for unknown total size
546e7db78 BINDINGS: another PostgreSQL client
55e609890 CONNECT: keep close connection flag in http_connect_state struct
c103cac3c include: get netinet/in.h before linux/tcp.h
00cda0f9b openldap: fix checksrc nits
ff07f07cc openldap: add commented out debug possibilities
bb0ca2d44 examples: move threaded-shared-conn.c to the "complicated" ones
4fb85b87b RELEASE-NOTES: synced with b261c44e8
b261c44e8 URL: tolerate backslash after drive letter for FILE:
24dcd7466 tests: added netinet/in6.h includes in test servers
76ebd5417 configure: check for netinet/in6.h
0c65678e7 curl-config: add --ssl-backends
ea3a5d07d conncache: only allow multiplexing within same multi handle
415b8dff8 threaded-shared-conn.c: fixed typo in commenta
5254d8bf2 threaded-shared-conn.c: new example
07cb27c98 conncache: fix several lock issues
85f0133ea libssh: remove dead code in sftp_qoute
615edc1f7 sasl_getmesssage: make sure we have a long enough string to pass
440140946 libssh2: remove dead code from SSH_SFTP_QUOTE
6401ddad4 ssh-libssh.c: please checksrc
918530752 libssh: fixed dereference in statvfs access
8dad32bcf RESOURCES: update spec names
a08f5a77c libssh: corrected use of sftp_statvfs() in SSH_SFTP_QUOTE_STATVFS
8843c0939 libssh: no need to call sftp_get_error as ssh_get_error is sufficient
3cef6f22e libssh: fix minor static code analyzer nits
10bb0b471 openssl: pkcs12 is supported by boringssl
8eff32f0b travis: use pip2 instead of pip
b7f534597 lib582: do not verify host for SFTP
a2f396680 libssh: added SFTP support
c75c9d4fb symbols-in-versions: added new symbols with 7.56.3 version
05675ab5a .travis.yml: added build --with-libssh
38aef6dc4 libssh2: return CURLE_UPLOAD_FAILED on failure to upload
75427291e libssh2: send the correct CURLE error code on scp file not found
c92d2e14c Added support for libssh SSH SCP back-end
3973ee6a6 RELEASE-NOTES: synced with af8cc7a69
af8cc7a69 curlver: towards 7.57.1
4b4142491 lib: don't export all symbols, just everything curl_*
9194a9959 SSL: Avoid magic allocation of SSL backend specific data
744ee5838 examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL
270494e1a travis: add boringssl build

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-01-28 21:03:46 +01:00
Yousong Zhou
e6de92cdcc iptables: make kmod-ipt-debug part of default ALL build
The iptables TRACE target is only available in raw table that's why the
dependency was moved from iptables-mod-trace into kmod-ipt-debug

Fixes FS#1219

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-01-26 15:29:02 +08:00
Koen Vandeputte
5bdbc10b1b uqmi: silence error on pin verification
If a device only supports the 2nd verification method (uim),
the first method will fail as expected reporting an error:

"Command not supported"

Silence both separate methods and only report an error regarding
pin verification if both fail.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-01-22 08:46:46 +01:00
Hauke Mehrtens
4336efe14b kernel: use upstream patches for musl
This replaces the current patches used to make the kernel headers
compatible with musl with the version which was accepted upstream. This
is included in upstream kernel 4.15.
This was compile tested with iproute2 build on all supported kernel
versions with musl and one one with glibc.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-01-20 22:11:33 +01:00
Philip Prindeville
a30791242b nftables: update to 0.8.1
Note this requires libnftnl-1.0.8 or higher, so that update needs
to be merged first.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2018-01-20 20:22:01 +01:00
Jo-Philipp Wich
5bbcd80e3f xtables-addons: remove from base
The package has been moved to the package feed repository to allow for
non-base dependencies such as Perl.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-16 19:40:29 +01:00
Jo-Philipp Wich
190c1c3cc8 iwinfo: update to latest git HEAD
5a5e21b nl80211: skip event notifications in wpa_supplicant scan result reply

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-16 14:10:52 +01:00
Koen Vandeputte
7488be7010 uqmi: fix raw-ip mode for newer lte modems
Some newer LTE modems, like the MC7455 or EC25-E do not support
"802.3" mode, and will stay in "raw-ip" regardless of the mode being
set.

In this case, the driver must be informed that it should handle all
packets in raw mode. [1]

This commit fixes connectivity issues for these devices.

Before:

[ Node 5 ] udhcpc -i wwan0
udhcpc: started, v1.27.2
udhcpc: sending discover
udhcpc: sending discover
udhcpc: sending discover

After:

[ Node 5 ] udhcpc -i wwan0
udhcpc: started, v1.27.2
udhcpc: sending discover
udhcpc: sending select for 100.66.245.226
udhcpc: lease of 100.66.245.226 obtained, lease time 7200
udhcpc: ifconfig wwan0 100.66.245.226 netmask 255.255.255.252 broadcast
+
udhcpc: setting default routers: 100.66.245.225

[1] https://lists.freedesktop.org/archives/libqmi-
devel/2017-January/002064.html

Tested on cns3xxx using a Sierra Wireless MC7455 LTE-A

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[bumped PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-15 15:30:53 +01:00
Matthias Schiffer
f73f1aee76
ebtables: update to latest git 2017-10-24
6a82659 Use flock() for --concurrent option
73c2371 ebtables: extensions: Constify option struct

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-01-11 11:50:50 +01:00
Jo-Philipp Wich
fe920d01bb treewide: replace LEDE_GIT with PROJECT_GIT
Remove LEDE_GIT references in favor to the new name-agnostic
PROJECT_GIT variable.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-10 21:27:32 +01:00
Martin Schiller
1b1388f640 linux-atm: add br2684ctl option to specify the netdev name
Add the uci option nameprefix to specifc a target netdev name. Patch the
br2684ctl code to accept and set a netdev name via commandline parameters.

It allows to use the same netdev name for ATM and PTM lines on lantiq
xdsl hardware.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Mathis Kresin <dev@kresin.me>
2018-01-10 08:08:53 +01:00
Hauke Mehrtens
9f626501cb nftables: fix sha256sum
The mirror was delivering a file with a different hash.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-31 18:46:13 +01:00