Commit Graph

13087 Commits

Author SHA1 Message Date
Ben Kelly
3d52251df4 swconfig: Bugfix switch_port uci option parsing
When not defining 'device' or 'vlan' in relevant switch_port uci
sections, behaviour is inconsistent due to *devn, *port and *vlan
pointers not being zero initialized.

Signed-off-by: Ben Kelly <ben@benjii.net>
2017-03-01 20:37:37 +01:00
Felix Fietkau
df041b6520 netifd: fix stopping netifd + interfaces
stop() is overwritten by rc.common, so implement stop_service instead.
While at it, remove the now unnecessary restart() override

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-01 20:37:37 +01:00
Martin Schiller
87e021e6e3 libpcap: add optional netfilter support
This is needed to use the nflog interface with tcpdump

Signed-off-by: Martin Schiller <mschiller@tdt.de>
2017-03-01 20:37:37 +01:00
Felix Fietkau
0f2757dce4 px5g: replace px5g-standalone with a statically linked variant of px5g-mbedtls
px5g-standalone only supports SHA1 for certificates, which is strongly
deprecated. The new px5g-standalone is about 27k bigger (compressed),
and has identical behavior to px5g-mbedtls (it uses SHA256).

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-01 20:37:37 +01:00
Felix Fietkau
2e8545333a mbedtls: add --function-sections and --data-sections to CFLAGS
This allows binaries that links these libraries statically to be reduced
by using --gc-sections on link

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-01 20:37:37 +01:00
Hsing-Wang Liao
b036a22fcc kernel: add Chinese codepages
Signed-off-by: Hsing-Wang Liao <kuoruan@gmail.com>
2017-03-01 20:37:36 +01:00
Felix Fietkau
db7f80c587 libpcap: remove feature dependencies on kmod-* packages
USB support could be built into the kernel as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-01 20:37:36 +01:00
Ansuel Smith
00e4f6fd36 ebtables: update to last commit
Refreshed patches

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2017-03-01 20:37:36 +01:00
Daniel Albers
8aa92deaf6 hostapd: mv netifd.sh hostapd.sh
same name for the file on the host and target

Signed-off-by: Daniel Albers <daniel.albers@public-files.de>
2017-03-01 20:37:36 +01:00
Pavel Kubelun
2856c7e320 ath10k-firmware: update qca9984 firmware
Bump qca9984 firmware.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2017-03-01 20:37:36 +01:00
Ulrich Weber
3983b4ad0f ppp: honor ip6table for IPv6 PPP interfaces
as we do for IPv4 PPP interfaces. When we create the
dynamic IPv6 interface we should inherit ip6table from
main interface.

Signed-off-by: Ulrich Weber <ulrich.weber@riverbed.com>
2017-03-01 20:37:36 +01:00
Florian Eckert
352f92fe08 ppp: add pppoe-discovery to an independent package
pppoe-discovery performs the same discovery process as pppoe, but does
not initiate a session

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-03-01 20:37:36 +01:00
David Pinilla Caparrós
31c2461e3f base-files: Added a deprecation notice on wifi detect
When running wifi detect, the user will be told on error output that
wifi detect is deprecated, that wifi config must be used instead. Also
the commit that changes it is referenced for further info.

Signed-off-by: David Pinilla Caparrós <dpinitux@gmail.com>
2017-03-01 20:37:36 +01:00
David Pinilla Caparrós
8bb839e85a base-files: Add wifi config to wifi command usage
Since commit 5f8f8a3661 wifi detect does
not longer work and wifi config it's used to configure not yet
configured wireless devices.

This commit changes command usage to reflect that change.

Signed-off-by: David Pinilla Caparrós <dpinitux@gmail.com>
2017-03-01 20:37:36 +01:00
Ben Kelly
e1e9d27655 uclibc++: patch bugfix erase() on derived __base_associative
When calling erase() on a containers derived from __base_associative
(e.g. multimap) and providing a pair of iterators a segfault will
occur.

Example code to reproduce:

	typedef std::multimap<int, int> testmap;
	testmap t;
	t.insert(std::pair<int, int>(1, 1));
	t.insert(std::pair<int, int>(2, 1));
	t.insert(std::pair<int, int>(3, 1));
	t.erase(t.begin(), t.end());

Signed-off-by: Ben Kelly <ben@benjii.net>
2017-03-01 20:37:36 +01:00
Felix Fietkau
37b0d547db ath10k-firmware: revert faulty PKG_SOURCE_DATE change from 7cb27b46
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-01 20:37:35 +01:00
Pavel Kubelun
e591831430 ath10k-firmware: update qca9984 firmware and board data
Fixes firmware crash in rare cases and a bug
ath10k_pci 0001:01:00.0: received unexpected tx_fetch_ind event: in
push mode
for those who kept experiencing it after previous firmware update.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
2017-03-01 20:37:35 +01:00
Ben Greear
8a3ac15a47 ath10k-ct: Support ath10k CT firmware for 9887 chipsets.
And, update support for 9880 chipsets.  The new firmware
fixes a regression with EAPOL 4/4 packets added in
a recent commit.

It also fixes a case where the firmware would improperly try
to use STBC when configured for 1x1 (as 9887 always is).

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-03-01 20:37:35 +01:00
Chris Blake
9451cd7c5b leds-apu2: Add PC Engines APU2 LED driver
This adds support for the PCB LEDs and Reset Button found on the PC
Engines APU2/APU3 embedded boards.

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2017-03-01 20:37:35 +01:00
Koen Vandeputte
65b05463d7 netfilter: re-enable TEE support for kernel 4.4
It got disabled in commit 4454a3fb63
but works nicely these days.

Tested on cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2017-03-01 20:37:35 +01:00
Chris Blake
2b122a6750 gpio-nct5104d: Add nct5104d driver package
This adds support for the SuperIO chip nct5104d found on the PC Engines
APU boards, which allows for a handful of additional ports, such as 2x
additional UART pinouts, enabling an external watchdog (no driver for
this functionality yet), and 16 GPIO pins. More info can be found at
https://pcengines.ch/ht_gpio.htm

Thanks to @feckert for helping package this.

Cc: Florian Eckert <Eckert.Florian@googlemail.com>

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2017-03-01 20:37:35 +01:00
Mathias Kresin
c5d8d8fd64 x86: drop ep80579-drivers
The subtarget on which the driver still depends was removed with
dee8986b95 because it was unmaintained
for a long time.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-03-01 20:37:35 +01:00
Daniel Golle
83d3e393bf 6in4: add missing colon when setting default ca_path
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-03-01 20:37:35 +01:00
John Crispin
ee1cd31d2b procd: update to latest git HEAD
5f91241 procd: add cancel_timeout on rc scripts when a runtime_timeout is specified
961dc69 procd: stop service using SIGKILL if SIGTERM failed to do so

Fixes FS#516.

Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit 946d1dfb87)
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-03-01 12:10:06 +01:00
Felix Fietkau
bc61c1328d procd: update to the latest version
Fixes compatibility issues with glibc 2.25

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 2ffb80bc9f)
2017-03-01 12:10:06 +01:00
Jo-Philipp Wich
709c326461 hostapd: fix feature indication
- Fix eap test to work with standalone hostapd builds
 - Fix 11n test to check the correct define
 - Add 11ac, 11r and 11w tests

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-03-01 01:18:58 +01:00
Yousong Zhou
ef5cb964b1 relayd: fix making incomplete instance json data
Defer procd_open_instance only after validity check passed.

Fixes FS#541

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-02-26 14:38:25 +08:00
Yousong Zhou
77fb98ee41 relayd: remove old start-stop-service related code
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-02-26 14:38:24 +08:00
Yousong Zhou
b24273fe71 ppp: ppp6-up: add executable permission bit
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-02-26 14:38:24 +08:00
Yousong Zhou
5f5fae27b5 mac80211: hwsim: select DRIVER_11AC_SUPPORT and DRIVER_11W_SUPPORT
This is required for default wireless configuration of malta target to
work out of the box again.  Fixes "77ece30e: hostapd: Add ability to
specify that that wireless driver supports 802.11ac"

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-02-26 14:38:24 +08:00
Brandon Koepke
2b22e1d5c3 openvpn: adding key_direction to append_params.
key_direction shows up as an openvpn option in the user-interface but does not end up in the /var/etc/openvpn*.conf file. Adding it to the list here fixed the issue for me.

Signed-off-by: Brandon Koepke <bdkoepke@fastmail.com>
[Fixes FS#537]
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-02-26 14:36:16 +08:00
Felix Fietkau
6cb46adbc9 ubus: update to the latest version
c09e4f0 ubusd: fix incomplete copy of shared buf during queue-ing
453b87f cli: add support for subscribing to objects
6eb3c96 cli: do not use default timeout for listen
dfe3383 libubus: reset ctx->sock.error when doing ubus reconnect
34c6e81 cli: fix listen_timeout compile issue

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-25 11:15:46 +01:00
Felix Fietkau
fdc22b616c ubus: update to the latest version
Adds the following fixes:

91acde6 libubus: do not modify uloop_cancelled
763b9b2 libubus: reset ctx->sock.eof to fix reconnect issues

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-25 11:11:24 +01:00
Ted Hess
4c9b45966e libubox: Update to latest version
9d6305a utils: Change calloc_a() to return size_t aligned pointers

Signed-off-by: Ted Hess <thess@kitschensync.net>
2017-02-25 11:10:41 +01:00
Felix Fietkau
67c2a176ce libubox: update to the latest version
Adds the following changes:

de3f14b uloop: add uloop_cancelling function
3b6181b utils: fix build on Mac OS X 10.12
7f671b1 blobmsg: add support for double
0fe1374 utils: add helper functions useful for allocating a ring buffer
8fc1c30 libubox: replace strtok with _r version.
4a9f74f libubox: allow reading out the pid of uloop process in lua
372e1e6 uloop: remove useless epoll data assignment
f9db1cb libubox: allow reading out the remaining time of a uloop timer in Lua

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-25 11:10:35 +01:00
Felix Fietkau
bf53a8327f acx-mac80211: fix scan API error that could lead to a crash
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-24 15:03:48 +01:00
Felix Fietkau
f1336d2a70 iw: sync nl80211.h with mac80211 package
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-24 12:22:29 +01:00
Felix Fietkau
703515f889 mac80211: sync with master branch as of 9edff13abd
Includes the following changes:
9edff13abd mac80211: disable potentially harmful PS software retry for A-MPDU sessions
75216a76b0 mac80211: backport upstream fix for CSA in IBSS mode
368cc8ef47 mac80211: update brcmfmac backporting brcmf_err cleanups
66a63d25c4 mac80211: fix build on linux 3.18
9eacb9d7fc rt2x00: mt7620: lots of improvements
fd94fa61a7 mac80211: brcmfmac: update Raspberry Pi patches for linux 4.9
649e766a64 mac80211: update to wireless-testing 2017-01-31
47540afa5d ath9k: add a warning to the tx99 config option
b367eef21d mac80211: rt2x00: add support for external LNA on MT7620
9200e168f2 mac80211: move (& update) upstream accepted brcmfmac patches

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-24 12:22:29 +01:00
Felix Fietkau
d27dd6298b ath10k-ct: depend on kmod-hwmon-core, it gets used when CONFIG_THERMAL is set
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-24 12:22:29 +01:00
Felix Fietkau
0ce2d5b6bf ath10k-ct: fix kernel api compatibility issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-24 12:22:28 +01:00
Ben Greear
09620c0825 ath10k-ct: Fix performance of 2x2 hardware running 3x3 firmware.
The driver had a bug when calculating the rateset.  This resolves
that and allows full VHT mcs rates on 2x2 hardware.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-02-24 12:22:28 +01:00
Joseph C. Lehner
0a3088cb4b mt76: split kmod package
This patch splits `kmod-mt76` into three separate packages:
`kmod-mt76-core`, `kmod-mt76x2` and `kmod-mt7603`. By making
`kmod-mt76` a metapackage containing these new packages,
the previous behaviour of including all drivers and firmware
is left unchanged, unless explicitly unselected in
`DEVICE_PACKAGES`.

This splitting is especially beneficial for devices with
small flash chips, since the `kmod-mt76` package currently
requires ~160K on squashfs (after compression).

Signed-off-by: Joseph C. Lehner <joseph.c.lehner@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup]
2017-02-23 17:34:14 +01:00
Baptiste Jonglez
59508e309e dnsmasq: Add upstream patch fixing SERVFAIL issues with multiple servers
This fixes FS#391 for lede-17.01

Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
2017-02-20 18:13:44 +01:00
Stijn Tintel
5612114090 Revert "px5g-standalone: provide px5g via PROVIDES"
This reverts commit cc66f819b4.

This commit causes opkg to install px5g-standalone instead of px5g when
installing luci-ssl. As luci-ssl depends on mbedtls, using
px5g-standalone makes no sense. Next to that, it creates deprecated SHA1
certificates. Revert the commit to avoid pxg5-standalone to be
installed by accident.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit ca8aee0c57)
2017-02-20 15:17:20 +01:00
Alberto Bursi
4d1ab84f1e uboot-kirkwood: fix goflexhome/net bootcommand
Goflexhome/net use uImage, and to boot an uImage the u-boot
must use bootm command, not bootz.

Fixes the "i cannot boot LEDE with this u-boot" issue that I
found out myself with my goflexnet.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2017-02-19 21:00:19 +01:00
Felix Fietkau
c835c9ebe5 uhttpd: use sha256 when generating certificates with openssl (FS#512)
Patch from attachment to FS#512

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-17 14:43:11 +01:00
Stijn Tintel
6ebb8723a6 dropbear: bump PKG_RELEASE
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 27040dbf89)
2017-02-17 12:31:52 +01:00
Joseph C. Sible
f527436364 dropbear: enable SHA256 HMACs
The only HMACs currently available use MD5 and SHA1, both of which have known
weaknesses. We already compile in the SHA256 code since we use Curve25519
by default, so there's no significant size penalty to enabling this.

Signed-off-by: Joseph C. Sible <josephcsible@users.noreply.github.com>
(cherry picked from commit 0bf85ef048)
2017-02-17 12:31:39 +01:00
Cezary Jackiewicz
44aec27112 ugps: fix typo
Removing redundant spaces from the name of the option. Without fix:

root@LEDE:~# opkg install ugps
Installing ugps (2016-10-24-32a6b2b7-1) to root...
Downloading http://downloads.lede-project.org/releases/17.01-SNAPSHOT/packages/mips_24kc/base/ugps_2016-10-24-32a6b2b7-1_mips_24kc.ipk
Configuring ugps.
uci: Parse error (invalid character in name field) at line 3, byte 23
uci: Parse error (invalid character in name field) at line 3, byte 23
sh: out of range
root@LEDE:~# uci show gps
uci: Parse error (invalid character in name field) at line 3, byte 23

With this fix:

root@LEDE:~# uci show gps
gps.@gps[0]=gps
gps.@gps[0].tty='ttyACM0'
gps.@gps[0].adjust_time='1'

Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
2017-02-16 09:54:14 +01:00
Felix Fietkau
dbb8e04472 qos-scripts: fix module load commands (FS#438)
fq_codel is built-in, and xt_CONNMARK is provided by the xt_connmark
module

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-15 14:02:04 +01:00
Rafał Miłecki
df49e49bc7 mdns: update and rename package to the umdns
This update includes numerous small fixes for:
1) Interfaces setup
2) Packets parsing
3) Sending replies
Without this there were multiple problems with exchanging information
between (u)mdns and other implementations (including (u)mdns as well).

This also follows project rename to umdns which was required to avoid
confusion with Apple's mdnsd from mDNSResponder project.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-15 13:07:21 +01:00
Felix Fietkau
b8c9ded999 build: add buildbot specific config option for setting defaults
This can be used to tweak the buildbot behavior without having to change
buildbot's configuration.
It will also allow us to add more aggressive clean steps (e.g. on
toolchain changes), which would break developers' workflows if enable
by default.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-15 11:37:13 +01:00
Sven Eckelmann
d6d9f256ff package/uboot-envtools: add OpenMesh A40 support
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2017-02-15 09:35:54 +01:00
Sven Eckelmann
e6057ed207 package/om-watchdog: add OpenMesh A40 support
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2017-02-15 09:35:53 +01:00
Sven Eckelmann
8785ebc471 package/uboot-envtools: add OpenMesh a60 support
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2017-02-15 09:35:49 +01:00
Sven Eckelmann
eb383710e2 package/om-watchdog: add OpenMesh A60 support
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2017-02-15 09:35:48 +01:00
Sven Eckelmann
a3061e57e8 package/uboot-envtools: add OpenMesh OM2Pv4/-HSv4 support
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2017-02-15 09:35:45 +01:00
Sven Eckelmann
8a35c489ad package/om-watchdog: add OpenMesh OM2Pv4/-HSv4 support
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2017-02-15 09:35:44 +01:00
Denis Osvald
cbd69f7e4e procd: fix default timeout for reload trigger actions
Default trigger action timeout was added to procd.sh in commit f88e3a4c0
(procd: add default timeout for reload trigger actions)
However, the timeout value was not placed under the correct JSON-script
array nesting level and thus did not apply.

To fix this and make the timeout actually apply to the reload triggers,
we place it in the correct scope, that is the per-trigger array.

Fixes: f88e3a4c0a
Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
2017-02-15 09:35:12 +01:00
Felix Fietkau
e967f4dd27 ath9k: fix various issues in the airtime-fairness implementation
Effects of the bugs could include memory corruption, tx hangs, kernel
crahes, possibly other things as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-12 14:27:21 +01:00
Hans Dedecker
b8567cb44e odhcpd: update to git HEAD version (FS#396)
8df4253 ndp: harden netlink event socket error handling
b02f3e6 ndp: close proc file descriptor also during error handling
8a615ad npd: rework IPv6 relay logic (FS#396)
0129f79 config: restore interface defaults when cleaning interface

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-09 21:42:48 +01:00
Hans Dedecker
03ff2d7359 odhcpd: update to git HEAD version (FS#388)
3317c86 dhcpv6-ia: apply lease delete based on assignment bound state
df50429 odhcpd: properly handle netlink messages (FS#388)
83d72cf odhcpd: fix coding style

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-09 21:42:00 +01:00
John Crispin
bd64568d27 procd: update to latest git HEAD
cdc3dab ujail: fix signal forwarding

Signed-off-by: John Crispin <john@phrozen.org>
2017-02-08 15:03:16 +01:00
Álvaro Fernández Rojas
86bd886697 brcmfmac: improve Raspberry Pi 3 stability
- Really disable power management (wrong config flags).
- Disable internal roaming engine.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2017-02-07 18:00:16 +01:00
Hauke Mehrtens
2ad4383b74 tcpdump: update to version 4.9.0
This fixes the following 41 security problems:
 + CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
 + CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
 + CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
 + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
 + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
 + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
 + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
 + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
 + CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
 + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
 + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
 + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
 + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
 + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
 + CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
 + CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
 + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
 + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
 + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
 + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
 + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
 + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
 + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
 + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
 + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
 + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
 + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
 + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
      buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
      lightweight resolver protocol, PIM).
 + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
 + CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
 + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
 + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
 + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
 + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
 + CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
 + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
      OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
      print-ether.c:ether_print().
 + CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
 + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
 + CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
 + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
 + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().

The size of the package is only incread very little:
new size:
306430 tcpdump_4.9.0-1_mips_24kc.ipk
130324 tcpdump-mini_4.9.0-1_mips_24kc.ipk

old size:
302782 tcpdump_4.8.1-1_mips_24kc.ipk
129033 tcpdump-mini_4.8.1-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-02-06 22:34:28 +01:00
Rafał Miłecki
5c4b2eb3dd mac80211: brcmfmac: backport wowlan netdetect fixes
I needed a moment to figure out relation between this patchset and the
nl80211: fix validation of scheduled scan info for wowlan netdetect

It appears nl80211 commit will go on top of brcmfmac changes so it's
safe to backport these patches.

One patch that was excluded is commit 2a2a5d1835b6 ("brcmfmac: add
.update_connect_params() callback") as it depends on missing commit
088e8df82f91 ("cfg80211: Add support to update connection parameters").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-06 00:10:49 +01:00
Rafał Miłecki
52add1988c mac80211: brcmfmac: backport PSM watchdog improvements
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-06 00:10:49 +01:00
Rafał Miłecki
c578da6198 mac80211: brcmfmac: backport minor code cleanups
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-06 00:10:49 +01:00
Rafał Miłecki
4b9bdb48d9 mac80211: brcmfmac: backport 4.10 fixes & typo fix
This includes memory leak fix in initialization path.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-06 00:10:49 +01:00
Rafał Miłecki
85d128f145 mac80211: brcmfmac: backport scheduled scan cleanup and chip support
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-06 00:10:49 +01:00
Rafał Miłecki
e48b1c2c07 mac80211: brcmfmac: backport some old patches from 2016
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-06 00:10:48 +01:00
Rafał Miłecki
e8f42223be mac80211: rename brcmfmac patches to use higher prefix
There are more patches to backport that should go before these.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-06 00:10:48 +01:00
Rafał Miłecki
36288db2fd mac80211: start hostapd with logging wpa_printf messages to syslog
Some debugging/error messages are printed using wpa_printf and this
change allows finally reading them out of the syslog.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-05 22:33:05 +01:00
Rafał Miłecki
bc49d7902c hostapd: enable support for logging wpa_printf messages to syslog
This will allow starting hostapd with the new -s parameter and finally
read all (error) messages from the syslog.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-05 22:31:02 +01:00
Rafał Miłecki
a0bc62fe08 hostapd: backport support for sending debug messages to the syslog
It wasn't possible to read hostapd wpa_printf messages unless running
hostapd manually. It was because hostapd was printing them using vprintf
and not directly to the syslog.

We were trying to workaround this problem by redirecting STDIN_FILENO
and STDOUT_FILENO but it was working only for the initialization phase.
As soon as hostapd did os_daemonize our solution stopped working.

Please note despite the subject this change doesn't affect debug level
messages only but just everything printed by hostapd with wpa_printf
including MSG_ERROR-s. This makes it even more important as reading
error messages can be quite useful for debugging.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-02-05 22:29:56 +01:00
Hannu Nyman
1b51a49a9d ccache, samba36: fix samba.org addresses to use https
samba.org has started to enforce https and
currently plain http downloads with curl/wget fail,
so convert samba.org download links to use https.

Modernise links at the same time.

Also convert samba.org URL fields to have https.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2017-02-02 00:26:05 +01:00
Wilco Baan Hofman
f8d8b60f1b Fix dependency for hostapd
Signed-off-by: Wilco Baan Hofman <wilco@baanhofman.nl>
2017-02-01 16:06:58 +01:00
Kevin Darbyshire-Bryant
4cd9625dd4 iproute2: cake: update cake support
Updated cake's tc patch to match the official cake repository
formatting.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-02-01 16:06:24 +01:00
Kevin Darbyshire-Bryant
4f5ff0041a kmod-sched-cake: Bump to latest version
wash, mpu & some memory optimisation have now made it to the official
cake repository.

Point LEDE to the official repository.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-02-01 16:06:24 +01:00
Jo-Philipp Wich
d1d970e235 libtool: don't clobber host libtool infrastructure
The libtool target package stages its files into the host staging directory
and moves the libltdl library parts from there into the target staging
directory afterwards.

By doing so, the package essentially renders the host libtool infrastructure
unusable, leading to the below error in subsequent package builds:

    libtoolize: $pkgltdldir is not a directory: `.../hostpkg/share/libtool`

Prevent this problem by using a dedicated libltdl install prefix in order to
avoid overwriting and moving away preexisting files belonging to tools/libtool.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-02-01 16:05:52 +01:00
Hans Dedecker
786160cd76 odhcp6c: use LEDE_GIT in package source url
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-01 16:00:01 +01:00
Hans Dedecker
4d9106afa6 odhcp6c: update to git HEAD version
c13b6a0 dhcpv6: fix white space error
e9d80cc dhcpv6: trigger restart of DHCPv6 state machine when not
		receiving statefull options
c7122ec update README
419fb63 dhcpv6: server unicast option support

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-01 15:53:21 +01:00
Hans Dedecker
02d511818f odhcpd: use LEDE_GIT in package source url
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-01 15:53:21 +01:00
Hans Dedecker
036cf93edf odhcpd: update to git HEAD version
c4f9ace odhcpd: decrease default log level to LOG_INFO
a6eadd7 odhcpd: rework IPv6 interface address dump
44965f1 odhcpd: extra syslog tracing

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-01 15:53:21 +01:00
Hans Dedecker
cd99f3c744 odhcpd: update to git HEAD version
e447ff9 router: fix compile issue on 64 bit systems

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-01 15:53:20 +01:00
Hans Dedecker
ef170bff32 odhcpd: update to git HEAD version
237f1f4 router: convert syslog lifetime traces into LOG_INFO prio
da660c7 treewide: rework prio of syslog messages
0485580 ndp: code cleanup
c5040fe router: add syslog debug tracing for trouble shooting
df023ad treewide: use RELAYD_MAX_ADDRS as address array size
c8ac572 ndp: don't scan netlink attributes in case of netlink route
event

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-01 15:53:20 +01:00
Hans Dedecker
fe253bcb99 netifd: update to git HEAD version
650758b interface-ip: route proto config support (FS#170)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-01 15:53:20 +01:00
Hans Dedecker
718c201b82 base-files: add /etc/iproute2/rt_protos
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-02-01 15:53:20 +01:00
Yousong Zhou
754f474568 base-files: uppercase default hostname: LEDE
The name will appear in shell prompt and LuCI page title.  Uppercase
letters seem to be more vigorous

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-02-01 15:40:20 +01:00
Bastian Bittorf
be7480cb5a procd: update procd.sh to disallow signal-numbers, enforce signal-names
A given signal-name is now converted to the corresonding number. In general
it's good style to use names (readability) and it's more portable: signal
numbers can be architecture-dependent, so we are more safe giving names.

A real world example is signal 10, which is BUS on ramips and USR1 on PPC.

All users of 'procd_send_signal' must change their code to reflect this.

Signed-off-by: Bastian Bittorf <bb@npl.de>
2017-02-01 15:40:20 +01:00
Sven Roederer
7c5bc827b7 openvpn: ssl-enabled variants also provide a virtual openvpn-crypto package
When relying on x.509 certs for auth and / or encryption of traffic you can't
use package openvpn-nossl.
Just have your package depend on openvpn-crypto to have SSL-encryption and
X.509-support enabled in OpenVPN. If encryption / X.509 is not a must, use
virtual packge openvpn, which is provided by all OpenVPN-variants.

Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
2017-02-01 15:40:20 +01:00
Kevin Darbyshire-Bryant
acebb4a990 iproute2: cake: add 'mpu' minimum packet length support
Add 'mpu' minimum length packet size parameter for scheduling/bandwidth
accounting.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-02-01 15:40:20 +01:00
Kevin Darbyshire-Bryant
06fca0c48b kmod-sched-cake: add 'mpu' minimum packet length support
Add 'mpu' minimum packet length for scheduling/bandwidth accounting
purposes.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-02-01 15:40:20 +01:00
Steven Honson
ff813588fd hostapd: default to wps_independent 1
Signed-off-by: Steven Honson <steven@honson.id.au>
2017-02-01 15:40:20 +01:00
Steven Honson
2f9568ac2a hostapd: expose wps_independent and ap_setup_locked as uci options
ap_setup_locked is named wps_ap_setup_locked in uci for consistency with other
wps related uci options.

Signed-off-by: Steven Honson <steven@honson.id.au>
2017-02-01 15:40:20 +01:00
Gabe Rodriguez
f9519636f5 mwlwifi: Fixes rewritten history hash and latest version
The author of the upstream mwlwifi edited the history of the previous commit.
This commit not only fixes the updated hash but also sends in the latest
commits he made to the code which are mainly testing.

Signed-off-by: Gabe Rodriguez <lifehacksback@gmail.com>
2017-02-01 15:40:20 +01:00
Hannu Nyman
d7cae5f0b4 opkg: clarify messages and errors related to downloads
Clarify opkg's messages related to downloads:

* more visible error message for package list download failure
* separate error message for signature file download error
* if wget returns 4, signal the network error more clearly
* remove '.' from end of filenames and URLs

* try signature check only if the package list was downloaded ok.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2017-02-01 15:40:20 +01:00
Felix Fietkau
b2cd9b80ef ubus: update to the latest version
Adds uloop related libubus fixes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-01 15:40:20 +01:00
Felix Fietkau
977eb2c019 ubus: update to the latest version
- Adds support for passing file descriptors in ubus invoke requests
- Fixes clearing pending timers on ubus_shutdown()
- Fixes checking the amount of written data in ubusd
- Fixes an ubusd crash when trying to subscribe to system objects

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-01 15:40:19 +01:00
Mathias Kresin
b2437a02a4 base-files: don't overwrite model name set by target
The condition is always true due to the literal string followed the
-n test parameter. A model name set by target scripts always gets
overwritten this way.

Change the condition to check for an already existing destination file
as it was before 5e85ae9 ("base-files: fix error message during boot").

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-02-01 07:40:09 +01:00
Felix Fietkau
f4162bf3ca mt76: update to the latest version
Fixes DFS detection false positive issues

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-31 21:29:33 +01:00
Felix Fietkau
5f2a1ac59a ath9k: remove the deaf rx path state check patch
This needs to be refined and reworked before we can safely leave it
enabled by default

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-31 11:45:23 +01:00
Felix Fietkau
406f85a328 mdns: update to the latest version
- fixes unaligned acccesses, causing DNS parsing issues on ARMv5
- fixes service timeout handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-31 11:25:22 +01:00
Toke Høiland-Jørgensen
b8fcbbf31d kmod-sched-core: Add HTB and TBF traffic shapers
HTB and TBF are the basic traffic shapers used by sqm-scripts. Moving
these into kmod-sched-core enables sqm-scripts to downgrade its
dependency from kmod-sched to kmod-sched-core, potentially making it
useful on devices with smaller flash sizes.

This adds around 30k to the size of kmod-sched-core (20k for sch_htb.ko
and 10k for sch_tbf.ko).

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2017-01-29 15:13:21 +01:00
Magnus Kroken
69f773daa3 openvpn: add support for various new 2.4 configuration options
Updates to openvpn.init were included in early OpenVPN 2.4 patch
series, but got lost along the way and were never merged.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2017-01-28 20:20:02 +01:00
Hauke Mehrtens
f5ab082243 openssl: update to version 1.0.2k
This fixes the following security problems:
CVE-2017-3731: Truncated packet could crash via OOB read
CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64
CVE-2016-7055: Montgomery multiplication may produce incorrect results

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-28 13:33:22 +01:00
Felix Fietkau
36db143690 ath9k: fix up a refcount imbalance error in the IRQ related fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-27 15:46:07 +01:00
Matthias Schiffer
ecc362ed04
procd: update to latest git HEAD
0f58977 init: fix /tmp permissions on zram

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-27 10:10:12 +01:00
Matthias Schiffer
a1f918cd92
base-files: fix user creation on sysupgrade with few opkg control files
If only a single opkg control file exists (which can happen with
CONFIG_CLEAN_IPKG), grep would not print the file name by default. Instead
of forcing it using -H, we just switch to -l (print only file names) and
get rid of the cut.

Add -s to suppress an error message when no control files exist.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-27 10:10:02 +01:00
Felix Fietkau
f9022964cf ath9k: add stability fixes for long standing hang issues (FS#13, #34, #373, #383)
The radio would stop communicating completely. This issue was easiest to
trigger on AR913x devices, e.g. the TP-Link TL-WR1043ND, but other
hardware was occasionally affected as well.

The most critical issue was a race condition in disabling/enabling IRQs
between the IRQ handler and the IRQ processing tasklet

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-25 17:28:17 +01:00
Felix Fietkau
acd1795a60 mac80211: refresh patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-25 17:28:13 +01:00
Felix Fietkau
a6f3ea5e84 Add back the commit "ath9k: Add airtime fairness scheduler"
This reverts commit c296ba834d.
According to several reports, the issues with the airtime fairness
changes are gone in current versions.
It's time to re-apply the patch now.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-25 17:28:10 +01:00
Rafał Miłecki
e9d2173921 mac80211: brcmfmac: don't use uninitialize mem for country codes
There was a bug in brcmfmac patch that could result in treating random
memory as source of country codes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-01-24 23:01:46 +01:00
Rafał Miłecki
81f2196bb1 mac80211: move (& update) upstream accepted brcmfmac patches
These 3 patches are now in wireless-drivers-next tree.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-01-24 23:01:34 +01:00
Mathias Kresin
806d3cc2c3 packages: mark packages depending on a target as nonshared
The packages can't be build as shared packages due to the unmet
dependencies.

Fixes FS#418.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-01-24 19:59:55 +01:00
Jo-Philipp Wich
b850218584 hostapd: fix stray "out of range" shell errors in hostapd.sh
The hostapd_append_wpa_key_mgmt() procedure uses the possibly uninitialized
$ieee80211r and $ieee80211w variables in a numerical comparisation, leading
to stray "netifd: radio0 (0000): sh: out of range" errors in logread when
WPA-PSK security is enabled.

Ensure that those variables are substituted with a default value in order to
avoid emitting this (harmless) shell error.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-23 14:56:20 +01:00
Jo-Philipp Wich
ef08595c3f openvpn: let all openvpn variants provide a virtual openvpn package
Add PROVIDES:=openvpn to the default recipe in order to let all build variants
provide a virtual openvpn package.

The advantage of this approach is that downstream packages can depend on just
"openvpn" without having to require a specific flavor.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-21 23:05:54 +01:00
Kevin Darbyshire-Bryant
3a9926e40f kmod-sched-cake: fix parameter passing kernel/user space
The last two parameters passed between user space tc and kernel space
sched-cake were transposed due to a merge mistake in a parameter header
file.

As such, using a packet overhead figure was likely to set cake to wash
packet DSCP values.  Similarly, the DSCP wash flag was used as an offset
to the displayed packet overhead value.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-01-21 14:27:37 +01:00
Daniel Engberg
12392e5600 zlib: Update to 1.2.11
Update to 1.2.11 as suggested by upstream
Also add SF as primary source and main site as fallback

Note: SF doesn't carry the 1.2.11 update yet.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-01-21 14:27:23 +01:00
Jo-Philipp Wich
cfb3ef3a97 lede-keyring: bundle latest usign certificates
Includes the public usign certificates used by the 17.01.* release builds.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-20 10:11:15 +01:00
Hans Dedecker
c71e13a81a netifd: update to git HEAD version
a057f6e device: fix DEV_OPT_SENDREDIRECTS definition

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-01-17 14:07:47 +01:00
Stijn Segers
2ac776ac76 curl: fix HTTPS network timeouts with OpenSSL
Backport an upstream change to fix HTTPS timeouts with OpenSSL.
Upstream curl bug #1174.

Signed-off-by: Stijn Segers <francesco.borromini@inventati.org>
[Jo-Philipp Wich: reword commit message, rename patch to 001-*]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-16 19:41:08 +01:00
Jo-Philipp Wich
1e1e3ef2fb LEDE v17.01: set branch defaults
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-16 18:56:07 +01:00
Matthias Schiffer
b9a408c2b4
base-files: add ARCH_PACKAGES to openwrt_release and os-release
Knowing the package architecture at runtime can be useful, e.g. to
configure opkg repository URLs. The value of ARCH_PACKAGES ("%A" in
VERSION_SED) as added to openwrt_release (as DISTRIB_ARCH) and os-release
(as LEDE_ARCH).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-16 13:29:47 +01:00
Andrej Vlasic
5c20a4fec9 ubox: turn logd into a separate package
Currently system log is always included as a part of ubox. Add logd as a
seperate package and add it to default packages list.

Signed-off-by: Andrej Vlasic <andrej.vlasic@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
2017-01-16 11:41:54 +01:00
Domagoj Pintaric
b5b83706be mbedtls: add static files in staging_dir
Signed-off-by: Domagoj Pintaric <domagoj.pintaric@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
2017-01-16 11:41:54 +01:00
Matthias Schiffer
621fd9fd62
opkg: use default PKG_BUILD_DIR
opkg doesn't have BUILD_VARIANTs anymore, so the previously defined
PKG_BUILD_DIR would lead to a weird 'opkg-' path component.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-16 09:02:42 +01:00
Rafał Miłecki
25200ae7a5 mac80211: brcmfmac: add early (& hacky) patch for storing country codes
This allows some basic region switching on Netgear R8000. More devices &
codes may be added. Ideally it should be converted into DT info & patch.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-01-16 00:32:27 +01:00
Rafał Miłecki
5fba00a686 mac80211: use wiphy_read_of_freq_limits in brcmfmac
This makes use of cfg80211 feature backported & described in
188626f17c ("mac80211: backport cfg80211 support for
ieee80211-freq-limit DT property").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-01-15 23:10:55 +01:00
Stijn Tintel
f4f2dd04bd mt76: select 802.11w support
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Felix Fietkau <nbd@nbd.name>
2017-01-15 20:13:56 +01:00
Florian Fainelli
dea191914c kernel: can: Add missing regmap dependency for kernel 4.4
Fixes build failure for kmod-can-c-can-platform which depends on
kmod-regmap for kernel 4.1 and 4.4.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-01-15 17:43:14 +01:00
Timo Sigurdsson
21baa25009 ath10k-firmware: Update QCA988X firmware to latest version
This patch updates the QCA988X firmware to the latest revision
  firmware-5.bin_10.2.4-1.0-00016
found in the official ath10k-firmware repository.

Tested on TP-Link Archer C7 v2.

Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
2017-01-15 14:59:24 +01:00
Felix Fietkau
7e8fecb224 hostapd: fix passing jobserver to hostapd/supplicant build processes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-15 14:57:53 +01:00
Felix Fietkau
40e4c342fd hostapd: backport a few upstream fixes
Fixes reassoc issues with WDS mode
Fixes reassoc issues in AP mode
Fixes IBSS reauthentication issues

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-15 14:53:28 +01:00
Felix Fietkau
a206394efa mt76: update to the latest version, adds support for 802.11w
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-15 14:53:27 +01:00
Matthias Schiffer
0d8381aea3
ncurses: revert $(STAGING_DIR_HOSTPKG) to $(STAGING_DIR)/host where appropriate
Host files installed in Build/InstallDev are target-specific and will stay
in $(STAGING_DIR)/host after the STAGING_DIR_HOSTPKG unification.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-14 18:58:44 +01:00
Felix Fietkau
e7e91e62bb mac80211: backport a fix for a tx related race condition
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-14 18:28:28 +01:00
Felix Fietkau
a46d1fde4b mac80211: refresh patches
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-14 18:28:24 +01:00
Koen Vandeputte
adf2fef5e8 mac80211: backport some upstream fixes
Backports the following upstream fixes:

mac80211: initialize fast-xmit 'info' later
mac80211: fix legacy and invalid rx-rate report
mac80211: fix tid_agg_rx NULL dereference

Compiled and tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2017-01-14 18:28:21 +01:00
Hauke Mehrtens
5b089e45a6 kernel: update 4.4 kernel to 4.4.42
Refresh patches on all 4.4 supported platforms.
Compile & run tested: lantiq/xrx200

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-13 23:05:36 +01:00
Jo-Philipp Wich
920170a27f firewall: fix forwarding local subnet traffic
Packets which are merely forwarded by the router and which are neither
involved in any DNAT/SNAT nor originate locally, are considered INVALID
from a conntrack point of view, causing them to get dropped in the
zone_*_dest_ACCEPT chains, since those only allow stream with state NEW
or UNTRACKED.

Remove the ctstate restriction on dest accept chains to properly pass-
through unrelated 3rd party traffic.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-13 18:31:36 +01:00
Kevin Darbyshire-Bryant
c914fa04a3 dnsmasq: use ubus signalling in ntp hotplug script
Use ubus process signalling instead of 'kill pidof dnsmasq' for
SIGHUP signalling to dnsmasq when ntp says time is valid.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-01-13 16:08:22 +01:00
Felix Fietkau
402fea62c4 netifd: update to the latest version
This disables IGMP snooping by default, which was causing various issues
over time, like FS#95

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 14:54:12 +01:00
Felix Fietkau
f44663c673 uqmi: mark as nonshared because of the usb dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:09 +01:00
Felix Fietkau
185b06f04a umbim: mark as nonshared because of the usb dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:08 +01:00
Felix Fietkau
1ca31b0931 comgt: mark as nonshared because of the usb dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:08 +01:00
Felix Fietkau
bd68ddbda4 polarssl: remove package
The mbedTLS 1.3 branch has been EOL since end of 2016 and now all
remaining users have been converted.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:08 +01:00
Felix Fietkau
2b6284f5a8 mac80211: fix broken spatial multiplexing defaults
Most mac80211 drivers leave the SMPS field in the HT capabilities
uninitialized (unfortunately defaults to static SMPS), which leads to
some devices limiting themselves to single-stream rates in some modes
(mostly mesh and IBSS).

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 10:22:22 +01:00
Ben Greear
544dee575d ath10k-fw: Update to latest CT firmware
For 988X, 9980, 9984 CT firmware.

This should allow IBSS + RSN on at least the 988X firmware,
and includes recent stability fixes for all firmware.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-01-13 10:22:20 +01:00
Ben Greear
5c09d7f23d ath10k-ct: Update to latest CT 4.7 ath10k driver.
This at least makes it harder to hit some txq related
crashes on firmware restart, a potential memory leak,
and some other fixes.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-01-13 10:22:20 +01:00