Commit Graph

49795 Commits

Author SHA1 Message Date
Xinfa Deng
d89a7f0120 ramips: add support for GL.iNet GL-MT1300
The GL-MT1300 is a high-performance new generation pocket-sized router
that offers a powerful hardware and first-class cybersecurity protocol
with unique and modern design.

Specifications:
- SoC: MT7621A, Dual-Core @880MHz
- RAM: 256 MB DDR3
- Flash: 32 MB
- Ethernet: 3 x 10/100/1000: 2 x LAN + 1 x WAN
- Wireless: 1 x MT7615D Dual-Band 2.4GHz(400Mbps) + 5GHz(867Mbps)
- USB: 1 x USB 3.0 port
- Slot: 1 x MicroSD card slot
- Button: 1 x Reset button
- Switch: 1 x Mode switch
- LED: 1 x Blue LED + 1 x White LED

MAC addresses based on vendor firmware:
WAN : factory 0x4000
LAN : Mac from factory 0x4000 + 1
2.4GHz : factory 0x4
5GHz : Mac form factory 0x4 + 1

Flashing instructions:
1.Connect to one of LAN ports.
2.Set the static IP on the PC to 192.168.1.2.
3.Press the Reset button and power the device (do not release the button).
  After waiting for the blue led to flash 5 times, the white led will
  come on and release the button.
4.Browse the 192.168.1.1 web page and update firmware according to web
  tips.
5.The blue led will flash when the firmware is being upgraded.
6.The blue led stops blinking to indicate that the firmware upgrade is
  complete and U-Boot automatically starts the firmware.

For more information on GL-MT1300, see the OFFICIAL GL.iNet website:
https://www.gl-inet.com/products/gl-mt1300/

Signed-off-by: Xinfa Deng <xinfa.deng@gl-inet.com>
[add input-type for switch, wrap long line in 10_fix_wifi_mac]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-12-17 12:05:26 +01:00
Hauke Mehrtens
c65faa62be lantiq: falcon: mark as source only sub target
The sub target does not support network and there are not so many users
out there, just mark it as source only, so we do jot have to build it.

The quality is not worse than before, it just does not make much sense
to build this automatically.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-12-16 22:11:19 +01:00
Hauke Mehrtens
94d1b2508c wireless-regdb: Update to version 2020.11.20
9efa1da wireless-regdb: update regulatory rules for Egypt (EG)
ede87f5 wireless-regdb: restore channel 12 & 13 limitation in the US
5bcafa3 wireless-regdb: Update regulatory rules for Croatia (HR)
4e052f1 wireless-regdb: Update regulatory rules for Pakistan (PK) on 5GHz
f9dfc58 wireless-regdb: update 5.8 GHz regulatory rule for GB
c19aad0 wireless-regdb: Update regulatory rules for Kazakhstan (KZ)
07057d3 wireless-regdb: update regulatory database based on preceding changes

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-12-16 22:11:19 +01:00
Hauke Mehrtens
1926ffb5ab build: Add IRQSOFF and PREEMPT TRACER kernel config option
This adds the CONFIG_IRQSOFF_TRACER and the CONFIG_PREEMPT_TRACER kernel
configuration option to the OpenWrt menu. This can be used to debug
latencies in the system.
The CONFIG_PREEMPT_TRACER option needs the CONFIG_PREEMPT option which is
supposed to be used for Low-Latency Desktop and not used by many targets
in OpenWrt.

The help text is copied from the Linux kernel Kconfig.

Signed-off-by: Hauke Mehrtens <hmehrtens@maxlinear.com>
2020-12-16 22:11:19 +01:00
Rosen Penev
47f30a566e util-linux: update to 2.36.1
Removed upstream patch.

Refreshed other ones.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-12-16 22:11:19 +01:00
Rosen Penev
e030a19a57 libunwind: update to 1.5.0
Cleanup Makefile for consistency with other ones.

Remove PKG_SSP. It can be fixed with -lssp_nonshared.

Add PKG_BUILD_PARALLEL for faster compilation.

Add zlib dependency. 1.5.0 requires it now.

Refresh patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-12-16 22:11:19 +01:00
Hauke Mehrtens
6cdc21b20e mac80211: Update to version 5.8.18-1
The removed patches were applied upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-12-16 22:11:19 +01:00
Hauke Mehrtens
c9c7cdbbb7 e2fsprogs: Add TARGET_LDFLAGS to e4crypt
The TARGET_LDFLAGS were dropped in the linking of e4crypt.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-12-16 22:11:19 +01:00
Hauke Mehrtens
080dc619d4 toolchain: gcc: Remove support for GCC 5
GCC was used in 17.01 as the default compiler the last time. We do not
test this old GCC version any more and there are some known problems it
fails to compile the U-Boot for the Allwinner A64 SoC.

Just remove it to make it clear that we will not support this old GCC
version any more.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Paul Spooren <mail@aparcar.org>
2020-12-16 22:11:16 +01:00
Hannu Nyman
bfc433efd4 tools/cmake: update to 3.19.1
Update cmake to version 3.19.1

Release notes: https://cmake.org/cmake/help/v3.19/release/3.19.html

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-12-15 20:35:00 +01:00
John Audia
afd4bf08bc kernel: bump 5.4 to 5.4.83
Manually merged:
  layerscape/808-i2c-0011-i2c-imx-support-slave-mode-for-imx-I2C-driver.patch
  layerscape/808-i2c-0012-i2c-imx-correct-code-of-errata-A-010650-for-layersca.patch

Remaining modifications made by update_kernel.sh

Build system: x86_64
Build-tested: ipq806x/R7800, ath79/generic, bcm27xx/bcm2711, x86/64 [*],
              ramips/mt7621 [*], ath79/tiny [*], ipq40xx [*], octeon [*],
              realtek [*]
Run-tested: ipq806x/R7800, ramips/mt7621 [*], octeon [*], realtek [*]

No dmesg regressions, everything functional

Signed-off-by: John Audia <graysky@archlinux.us>
Tested-by: Stijn Segers <foss@volatilesystems.org> [*]
2020-12-15 12:05:26 +01:00
Rosen Penev
3040791608 libnetfilter-conntrack: update to 1.0.8
Previous git version was 1.0.7.

Switched to using tarballs for simplicity.

Fixed license information.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-12-15 00:18:12 +01:00
Josef Schlehofer
0c866c8186 armvirt: README: rename it from LEDE to OpenWrt
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2020-12-14 21:38:10 +00:00
Josef Schlehofer
222dc0ad91 armvirt/64: change it to cortex-a53 instead of generic
Package architecture aarch64_generic [1] can be used just with three
devices. One is NanoPI R2S and then there are two development boards
from NXP. Let's change armvirt/64 to Cortex A53 (aarch64_cortex-a53)
[2]. It has wider support by multiple devices like NanoPI Neo Plus2/Core2,
ESPRESSObin, Pine64, and Raspberry Pi 2&3.

While looking at ARMvirt/32 it has set CPU_TYPE and CPU_SUBTYPE to be
arm_cortex-a15_neon-vfpv4 [3]. It has support to devices like
Linksys EA8500 v1, Linksys EA7500 v1, Netgear D7800, Netgear R7500 and so on.

Tested with:
qemu-system-aarch64 -m 1024 -smp 2 -cpu cortex-a57 -M virt -nographic \
-kernel openwrt-armvirt-64-Image-initramfs

Successfully compiled and booted.
Here goes the output:
root@OpenWrt:/# uname -a
Linux OpenWrt 5.4.82 #0 SMP Sun Dec 13 12:52:10 2020 aarch64 GNU/Linux
root@OpenWrt:/# cat /etc/openwrt_release
DISTRIB_ID='OpenWrt'
DISTRIB_RELEASE='SNAPSHOT'
DISTRIB_REVISION='r15207-96fca0f807'
DISTRIB_TARGET='armvirt/64'
DISTRIB_ARCH='aarch64_cortex-a53'
DISTRIB_DESCRIPTION='OpenWrt SNAPSHOT r15207-96fca0f807'
DISTRIB_TAINTS='no-all'

Also, change BOARDNAME to be the same as it is in armvirt/32.

[1] https://openwrt.org/docs/techref/instructionset/aarch64_generic
[2] https://openwrt.org/docs/techref/instructionset/aarch64_cortex-a53
[3] https://openwrt.org/docs/techref/instructionset/arm_cortex-a15_neon-vfpv4

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2020-12-14 21:38:10 +00:00
Nick Hainke
05a1b11c71 netifd: update to latest version
458b1a7e9473 netifd: add segment routing support

Signed-off-by: Nick Hainke <vincent@systemli.org>
2020-12-14 20:25:21 +01:00
Daniel Golle
23049f9c31 kernel: enable kernel keyring by default on !SMALL_FLASH
Enable CONFIG_KEYS by default on systems which are not marked as
flash-space constraint by the 'small_flash' feature.
CONFIG_KEYS is required by Docker, enabling it in our kernel allows
users to run Docker on stock OpenWrt.
It is also used of by some network file systems (such as NFSv4) to
store credentials as well as UID/GID mappings.

Adds about 50kB to vmlinux on ath79/generic (~18kB compressed)

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-12-14 17:26:45 +00:00
Daniel Golle
c74ae89574 kernel: package kmod-keys-encrypted and kmod-keys-trusted
Add kernel module packages for handling encrypted and TPM trusted
keys on the kernel chain.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-12-14 17:25:14 +00:00
Daniel Golle
7b85dd3788 kernel: update and clean kernel keyring options
Add KERNEL_KEYS_REQUEST_CACHE option.
'tristate' (ie. module builds) are not valid in Config-kernel.in, hence
remove tristate KERNEL_ENCRYPTED_KEYS. It will be readded as a kernel
module in a follow-up commit.

Fixes: 39d817cf38 ("Add config symbols for kernel keyring support")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-12-14 17:25:14 +00:00
Aleksander Jan Bajkowski
0f43961eef lantiq: xrx200: remove unused lan/wan labels from dts
These labels are not used anywhere and can be removed.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2020-12-14 18:02:51 +01:00
Martin Blumenstingl
b403a6e124 ath79: add support for the Belkin F9K1115 v2 (AC1750 DB Wi-Fi)
This device has (almost?) identical hardware to the F9J1108 v2 but uses
a different firmware magic and model number.

Specifications:

SoC: QCA9558
CPU: 720 MHz
Flash: 16 MiB NOR
RAM: 128 MiB
WiFi 2.4 GHz: QCA9558-AT4A 3x3 MIMO 802.11b/g/n
WiFi 5 GHz: QCA9880-2R4E 3x3 MIMO 802.11a/n/ac
Ethernet: 4x LAN and 1x WAN (all 1Gbit/s ports)
USB: 1 x USB 2.0 (lower), 1 x USB 3.0 (upper)

MAC addresses based on OEM firmware:

Interface   Address   Location
---------   -------   --------
lan         *:5A      sometimes in 0x6
wan         *:5B      0x0
2.4Ghz      *:5A      0x1002
5Ghz        As per mini PCIe EEPROM

Flashing instructions:

The factory.bin can be flashed via the Belkin web UI or via the uboot
HTTP upgrade page (which is by default listening on 192.168.2.1). Once
the factory.bin has been written, sysupgrade.bin will work as usual.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2020-12-14 16:59:49 +01:00
Martin Blumenstingl
563ece8a85 ath79: create shared DTSI/definition for Belkin F9J1108/F9K1115 v2
Belkin F9J1108 v2 and F9K1115 v2 are (seemingly) identical hardware
with different model numbers. Extract all non-device specific code to a
common .dtsi so it can be re-used when adding support for the
F9K1115 v2.

Similar to the .dtsi most of the image building recipe code can be
re-used. Move everything except the device model, edimax header magic
and edimax header model into a shared build recipe.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
[drop duplicate TARGET_DEVICES, add EDIMAX_* to DEVICE_VARS, edit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-12-14 16:57:21 +01:00
Gioacchino Mazzurco
33ad097606 tplink-safeloader: add support for TP-Link CPE510 v3.20
This adds new strings for the v3.20 to the support list of the
already supported TP-Link CPE510 v3.

The underlying hardware appears to be the same, similar to the
situation with CPE210 v3.20 in 4a2380a1e7 ("tplink-safeloader:
expand support list for TP-Link CPE210 v3")

Signed-off-by: Gioacchino Mazzurco <gio@altermundi.net>
[extended commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-12-14 15:19:39 +01:00
Petr Štetiar
ce1163dfa7 uclient: update to Git version 2020-12-10
2c843b2bc04c Add initial GitLab CI support
073f89f567c0 uclient-fetch: wolfSSL: fix certificate validation
086c292160ac uclient-fetch: init_ca_cert: fix memory leak
a3c1a88b031a cmake: enable extra compiler checks
32ff717ed316 uclient-http: fix extra compiler warnings on mips_24kc and cortex-a9+neon
86a2ac6ac46f uclient-fetch: fix potential memory leaks
158dd9dd289c uclient: fix initialized but never read variable
66b4420856a7 uclient-fetch: fix statement may fallt hrough
436f9b3af2ad uclient-http: fix freeing of stack allocated memory
e6b5b8a98ce2 Fix extra compiler warnings
12df67e45bb0 Add basic cram based unit tests
b6e34845124f cmake: fix building out of the tree

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-12-14 09:41:39 +01:00
Petr Štetiar
23bbaa02a9 ustream-ssl: update to Git version 2020-12-10
68d09243b6fd Add initial GitLab CI support
8280140db9d1 wolfssl: remove now deprecated compatibility code
cee6791b362a ustream-mbedtls: fix certificate verification
55c3fd89d508 ustream-mbedtls: implement set_require_validation
c6b4c48689a3 ustream-openssl: wolfSSL: fix certificate validation
3bc05402bfab cmake: enable extra compiler checks
cd2c3d12db43 ustream-mbedtls: fix comparison of integers of different signs
5896991e46a3 ustream-openssl: fix BIO_method memory leak
2c342ae57c5b ustream-openssl: fix wolfSSL includes
fa8ecd6ed140 cmake: fix linking when mbed TLS not in default paths
63656f81045f cmake: fix linking when wolfSSL not in default paths
c26f71e844df cmake: fix building out of the tree

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-12-14 09:41:39 +01:00
Paul Spooren
bc0ffff36a build/json: add filesystem information
Some images are created using different filesystems, most popular
squashfs and ext4. To allow downstream projects to distinguesh between
those, add the `filesystem` information to created json files.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-12-13 22:07:52 -10:00
David Bauer
cdc8d4b46f ipq40xx: revert usage of VLAN S-TAG
This reverts the usage of the S-Tag for separating LAN and WAN port on
the embedded switch. Many users complained about not being able to
manage C-Tag addition / removal on the switch as well as degraded
performance.

Fixes: commit 9da2b56760 ("ipq40xx: fix ethernet vlan double tagging")

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-12-14 01:13:30 +01:00
Rui Salvaterra
116191eddf zram-swap: remove the compression streams settings
Zram switched to per-cpu compression streams since Linux 4.7 [1]. Drop the
irrelevant configuration (no-op).

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/block/zram?h=v4.7&id=43209ea2d17aae1540d4e28274e36404f72702f2

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2020-12-13 13:55:03 -10:00
Christian Lamparter
c29f6121fd bcm53xx: MR32: fix DEVICE_VENODR typo
DEVICE_VENDOR was misspelled as DEVICE_VENODR.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-12-13 17:16:36 +01:00
Yushi Nishida
5e9a5c15ba ipq40xx: fix 5Ghz tx/rx power on the ASUS MAP-AC2200
The ASUS MAP-AC2200 suffers from a lower transmit/receive
signal power as compared to the stock firmware.

Upon investigation, it was discovered that stock firmware from
the GPL_MAP-AC2200_3.0.0.4.384.46249-g97d05bb.tar archive.
set the following GPIOs in "release/src/router/rc/init.c".

GPIO 44 and 46 have to be set to output high
GPIO 45 and 47 have to be set to output low

Here are some results, after activating the relevant
gpios through cmdline:

<https://forum.openwrt.org/t/asus-map-ac2200-low-transmit-receive-signal-5ghz/69005/12>

THX @ slh

Fixes: 9ad3967f14 ("ipq40xx: add support for ASUS Lyra")
Signed-off-by: Yushi Nishida <kyro2man@gmx.net>
[slightly rewritten commit, added missing <>)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-12-13 16:12:45 +01:00
Luis Araneda
8b870418f1 uboot-zynq: fix dtc compilation on host gcc 10
gcc 10 defaults to -fno-common, which causes an error
when linking.

Back-port the following Linux kernel commit to fix it:
e33a814e772c (scripts/dtc: Remove redundant YYLOC global declaration)

Tested on an Arch Linux host with gcc 10.1.0

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
2020-12-13 16:12:45 +01:00
Daniel Golle
b2d48c1dfe odhcpd: remove local mkdir_p implementation
Replace local mkdir_p implementation in favour of using mkdir_p now
added to libubox.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-12-13 00:13:18 +00:00
Daniel Golle
54239ccfe7 procd: update to git HEAD
111416d jail: remove unreachable code
 7f12c89 treewide: replace local mkdir_p implementations

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-12-12 23:34:10 +00:00
Daniel Golle
278b1e95a7 fstools: update to git HEAD
0c6fb90 jffs2-reset: allow doing a factory reset and passing a sysupgrade.tgz
 4862530 mount: restorecon: guard against execl() errors
 f415323 block: replace local mkdir_p implementation

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-12-12 23:34:10 +00:00
Daniel Golle
ee0ff7343e libubox: utils: introduce mkdir_p
Add new utility function mkdir_p(char *path, mode_t mode) to replace
the partially buggy implementations found accross fstools and procd.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-12-12 23:34:10 +00:00
Daniel Golle
be6aa93e4d selinux-policy: update to version 0.4
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-12-12 14:45:32 +00:00
Philip Prindeville
5d2b577a53 xfrm: support 'multicast' attribute on interfaces
You shouldn't need the overhead of GRE just to add multicast
capability on a point-to-point interface (for instance, you might
want to run mDNS over IPsec transport connections, and Avahi
requires IFF_MULTICAST be set on interfaces, even point-to-point
ones).

Borrowed heavily from:

    b3c9321b9e gre: Support multicast configurable gre interfaces

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2020-12-11 20:53:36 +01:00
Eneas U de Queiroz
882ca13d92 openssl: update to 1.1.1i
Fixes: CVE-2020-1971, defined as high severity, summarized as:
NULL pointer deref in GENERAL_NAME_cmp function can lead to a DOS
attack.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-12-11 13:57:04 +01:00
Marty Jones
b63e57ba17 kernel: add Aquantia AQtion USB-to-5GbE adapters
This add support for USB-to-Ethernet Aquantia AQtion
5/2.5GbE adapters based on the AQC111U controllers.

Run-tested: x86
Adapter-tested: Sabrent NT-SS5G
Signed-off-by: Marty Jones <mj8263788@gmail.com>
2020-12-11 13:57:04 +01:00
Karel Kočí
e401a2a42e mvebu: fix initramfs/kernel image for CZNIC Turris Omnia
This adds DTB to kernel and that way makes it possible to easily boot
initramfs image and also kernel.

The sequence to boot initramfs on Omnia is then just:
  env set bootargs earlyprintk console=ttyS0,115200
  dhcp 0x1000000 192.168.1.1:openwrt-mvebu-cortexa9-cznic_turris-omnia-initramfs-kernel.bin
  bootz 0x1000000

Without this change kernel boot won't proceed and is stuck on "Starting
kernel".

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
[fixed From: to match with SoB:]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-12-11 13:56:29 +01:00
Konstantin Demin
52aa2017d3 dropbear: bump package version
Bump package version after previous changes.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-12-11 13:48:24 +01:00
Konstantin Demin
228298290e dropbear: add ssh-askpass support in configuration
binary size cost is much less than 1k.

tested on ath79/generic:
  bin: 215128 -> 215132 (+4b)
  ipk: 111183 -> 111494 (+311b)

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2020-12-11 13:48:24 +01:00
Konstantin Demin
e1bd9645b6 dropbear: roll up recipes into mapping lists
this commit removes manual recipes for options and introduces mapping lists:
- DB_OPT_COMMON holds option mappings which are common for all builds;
- DB_OPT_CONFIG holds option mappings which are depend on config settings.

DB_OPT_COMMON is space-separated list of 'words', each of them is in format:
  'header_option|value'

'header_option' is added with value 'value' to 'localoptions.h'.

if 'header_option' is preceded by two exclamation marks ('!!')
then option is not added to 'localoptions.h' but replaced in 'sysoptions.h'.

in short:
   option|value - add option to localoptions.h
 !!option|value - replace option in sysoptions.h

DB_OPT_CONFIG is space-separated list of 'words', each of them is in format:
  'header_option|config_variable|value_enabled|value_disabled'

'header_option' is handled likewise in DB_OPT_COMMON.

if 'config_variable' is enabled (technically: not disabled)
then 'header_option' is set to 'value_enabled' and 'value_disabled' otherwise.

in short:
   option|config|enabled|disabled = add option to localoptions.h
 !!option|config|enabled|disabled = replace option in sysoptions.h

   option := (config) ? enabled : disabled

If you're not sure that option's value doesn't have '|' within - add your recipe
manually right after '$(Build/Configure/dropbear_headers)' and write some words
about your decision.

PS about two exclamation marks:
early idea was to use one exclamation mark to denote such header options
but then i thought single exclamation mark may be overlooked by mistake.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2020-12-11 13:48:24 +01:00
Konstantin Demin
79d5c24724 dropbear: rework recipes that configure build
- add two helper functions to avoid mistakes with
  choice of correct header file to work with
- update rules accordingly

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2020-12-11 13:48:24 +01:00
Konstantin Demin
42eff7c7e6 dropbear: reorder options in Configure recipe
put static options at first place, then place configurable options.
also put DROPBEAR_ECC right before DROPBEAR_ECC_FULL to ease maintainance.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2020-12-11 13:48:24 +01:00
Konstantin Demin
7e122c353a dropbear: enable back DROPBEAR_USE_PASSWORD_ENV
this option was disabled in 2011 and these long nine years showed us that change was definitely wrong.

binary size cost is much less than 1k.

tested on ath79/generic:
  bin: 215128 -> 215128 (no change)
  ipk: 111108 -> 111183 (+75b)

Fixes: 3c801b3dc0 ("tune some more options by default to decrease size")
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2020-12-11 13:48:24 +01:00
Rafał Mikrut
561bfc96f9 realtek: Add missing case in switch statement
Cppcheck shows here duplicated break.

Code `state->speed = SPEED_1000;` will be never executed because above
it there is break statement.

Almost identical statement is placed in another realtek driver
18a53d43d6/target/linux/realtek/files-5.4/drivers/net/dsa/rtl83xx/dsa.c (L286-L294)

Signed-off-by: Rafał Mikrut <mikrutrafal@protonmail.com>
2020-12-11 13:48:24 +01:00
Rafał Mikrut
848d668427 realtek: Fix self assignment
Cppcheck shows self initialization error, which is an obvious bug.

Basing on logic of similar fragment below I assigned to this variable,
value `RTL838X_LED_GLB_CTRL` which I think is proper.

Signed-off-by: Rafał Mikrut <mikrutrafal@protonmail.com>
2020-12-11 13:48:24 +01:00
John Thomson
d82c191283 package/base-files: caldata: use dd iflag fullblock
This dd flag ensures that the requested size
is retrieved from pipes or special filesystems (if available).

Without this flag, on multi-core systems,
Piped or special filesystem data can be truncated
when a size greater than PIPE_BUF is requested.

Fixes: FS#3494
Fixes: 7557e7f ("package/base-files: caldata: work around dd's
limitation")
Cc: Thibaut VARÈNE <hacks@slashdirt.org>

Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
2020-12-11 13:48:24 +01:00
Petr Štetiar
064d65c2f7 wolfssl: fix broken wolfSSL_X509_check_host
Backport upstream post 4.5.0 fix for broken wolfSSL_X509_check_host().

References: https://github.com/wolfSSL/wolfssl/issues/3329
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-12-11 13:48:24 +01:00
Eneas U de Queiroz
f31c9cd383 wolfssl: compile with --enable-opensslall
This enables all OpenSSL API available.  It is required to avoid some
silent failures, such as when performing client certificate validation.

Package size increases from 356.6K to 374.7K for
arm_cortex-a9_vfpv3-d16.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-12-11 13:48:24 +01:00