The GatoNetworks GDSP is a re-branded version of the R5000 5G Industrial
router from Yinghua Technologies.
Advantages over stock bootloader:
1. supports serving the external GPIO WDT, allowing for easier work in U-Boot
shell
2. supports cool features like netconsole, easy recovery, scripting and so on
3. allows using FIT image and image integrity validation
and ultimately gives you much more flexibility to implement your tweaks.
Known issues
------------
To make it easier to operate the device, console I/O multiplexing support has
been enabled in U-Boot configuration. Setting I/O related U-Boot environment
variables to something like "serial,nc" will have the desired effect. Still,
setting these variables to such a value in the persistent environment will
lead to a crash and make it impossible to boot the system or recover it. I
decided to leave it on anyway since I think it can be very practical in
development.
Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
c1a3e69f24e2 db: validate package arch against compatible arches
2a3dbfc9db58 db: add and use apk_db_parse_file helper to parse files line by line
b231eacd8121 db: simplify add_repos_from_file
98d7196a48d4 db: fix permissions of arch file
d2aaf13ee488 commit: sort matched dependencies on error analysis
c259642c006d tests: rework solver tests to not require apk-test binary
08b4d21f922e tests: move solver test data to separate directory
563d36481166 tests: minor updates to root tests
a236fdd39040 pkg: use memfd_create only if target root has dev/fd working
a5aeb3db113f test: unify makefile and meson tests
d86afdef88b0 db: print message when a file is written to .apk-new
5dd91e3c387d db: consider --force-no-chroot when determining /dev/fd availability
5add6fce22d4 apk-tools-3.0.0_pre4
8a13ed96d1d5 test: fix solver.sh for parallel use
fcd4defc18e6 test: move vertest to cmocka based unit testing infrastructure
e38d5b5a9d04 test: add missing alpine tests makefile
19b1df79ebca blob: refactor apk_blob_for_each_segment into apk_blob_foreach_word
76970a938dd7 package: move the location of executable package scripts
1e0411568dad package: respect libexecdir instead of hard-coding /usr/libexec
a4837ae8ffe2 package: don't call make_device_tree when APK_NO_CHROOT is set
ade0be3449e4 db, extract: handle file/directory extraction errors more consistently
4050f9e69d2e db: fix hardlink handling: root directory and v3 checksums
89e4bf1db040 db, fs: do not extract devices in --usermode
64ff8c72d9fb db: allow files starting with a dot in the root directory of apk3 packages
d26b65d30f55 db, audit: remove support for files without embedded checksum
417a93ceae54 pkg: truncate apkv3 description to 256 bytes
Fixes: #16929
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Since the image builder pulls package lists from metadata directly,
add procd and busybox as depdendencies to base-files.
As for the package manager itself, since it can be disabled it needs
to be added directly in the image builder makefile
Fixes: 44598c233d ("build: remove broken dependency of metadata on toplevel .config variables")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Duplicate the old opkg index.json using the new apk database.
Needed to get the ASU server working on new snapshots.
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16931
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Change the version schema of perf to be compatible with APK as
described in this commit: e8725a932e.
Signed-off-by: Til Kaiser <mail@tk154.de>
Link: https://github.com/openwrt/openwrt/pull/16930
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Most links and info on the org page are broken or defunct, and all new
versions are available on the github based repo anyway.
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16910
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
For the last ten years, nobody has noticed that this driver doesn't
actually say what it is for. ;)
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16910
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Needed to fix compilation with GCC14.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16912
Signed-off-by: Robert Marko <robimarko@gmail.com>
Instead of relying on .config symbols for metadata, alter the DEFAULT
variable of affected packages. Fixes enabling opkg vs apk among others.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Refactor version of spidev_test for APK.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/16917
Signed-off-by: Robert Marko <robimarko@gmail.com>
Remove backtick from gdb description text, as that seems to
be recognized as a shell action by compilation with apk,
causing error.
Example from test buildbot:
rstrip.sh: /builder/shared-workdir/build/sdk/build_dir/target-aarch64_generic_musl/gdb-15.2/ipkg-aarch64_generic/gdb/usr/bin/gdb: executable
bash: -c: line 1: unexpected EOF while looking for matching ``'
bash: -c: line 2: syntax error: unexpected end of file
make[3]: *** [Makefile:123: /builder/shared-workdir/build/sdk/bin/packages/aarch64_generic/base/gdb-15.2-r1.apk] Error 2
Local compilation:
rstrip.sh: /OpenWrt/aarch64/build_dir/target-aarch64_cortex-a53_musl/gdb-15.2/ipkg-aarch64_cortex-a53/gdb/usr/bin/gdb: executable
bash: -c: line 1: unexpected EOF while looking for matching ``'
make[2]: *** [Makefile:123: /OpenWrt/aarch64/bin/packages/aarch64_cortex-a53/base/gdb-15.2-r1.apk] Error 2
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Link: https://github.com/openwrt/openwrt/pull/16908
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Adjust wolfssl version for apk by removing the "-stable"
from the OpenWrt version, although it is still needed for
upstream download archive name.
Define PKG_BUILD_DIR accordingly.
Utilize new short version to simplify ABI_VERSION calculation.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Link: https://github.com/openwrt/openwrt/pull/16906
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
/sbin/pkg_check uses opkg and is not even packaged when using the
default opkg configuration. remove it when using apk too.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
These two were getting rather long.
Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
Link: https://github.com/openwrt/openwrt/pull/16849
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
We need to exclude packages from the APK index which must not be
upgraded. To do so, the packages `libc`, `kernel` and `base-files` are
excluded to APK never suggestes them as upgradable.
The previous logic would however match packages like `libcomerr0`,
causing build failures. Make the copying and excluding logic more
precise by adding a single dash.
Signed-off-by: Paul Spooren <mail@aparcar.org>
This commit solves multiple issues. First of just install the three
special packages base-files, libc and kernel directly from the index. In
upstream indexes, those will never appear to prevent accidental upgrades
may breaking the system.
Next, enable caching for the ImageBuilder, which speeds up consecutive
builds from ~33 seconds to ~5 seconds. Using cache however makes APK
create the folder `/var/cache/apk/` which conflicts with the base-files
installation, which ships a symlink from `/var` to `/tmp`, so specify
`--no-cache` for the rootfs initialization.
Lastly, drop the use of `apk update` since APK automatically does that.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The Sophos AP15C uses the same hardware as the AP15, but has a reset button.
Based on:
commit 6f1efb2898 ("ath79: add support for Sophos AP100/AP55 family")
author Andrew Powers-Holmes <andrew@omnom.net>
Fri, 3 Sep 2021 15:53:57 +0200 (23:53 +1000)
committer Hauke Mehrtens <hauke@hauke-m.de>
Sat, 16 Apr 2022 16:59:29 +0200 (16:59 +0200)
Unique to AP15C:
- Reset button
- External RJ45 serial console port
Flashing instructions:
This firmware can be flashed either via a compatible Sophos SG or XG
firewall appliance, which does not require disassembling the device, or via
the U-Boot console available on the internal UART header.
To flash via XG appliance:
- Register on Sophos' website for a no-cost Home Use XG firewall license
- Download and install the XG software on a compatible PC or virtual
machine, complete initial appliance setup, and enable SSH console access
- Connect the target AP device to the XG appliance's LAN interface
- Approve the AP from the XG Web UI and wait until it shows as Active
(this can take 3-5 minutes)
- Connect to the XG appliance over SSH and access the Advanced Console
(Menu option 5, then menu option 3)
- Run `sudo awetool` and select the menu option to connect to an AP via
SSH. When prompted to enable SSH on the target AP, select Yes.
- Wait 2-3 minutes, then select the AP from the awetool menu again. This
will connect you to a root shell on the target AP.
- Copy the firmware to /tmp/openwrt.bin on the target AP via SCP/TFTP/etc
- Run `mtd -r write /tmp/openwrt.bin astaro_image`
- When complete, the access point will reboot to OpenWRT.
To flash via U-Boot serial console:
- Configure a TFTP server on your PC, and set IP address 192.168.99.8 with
netmask 255.255.255.0
- Copy the firmware .bin to the TFTP server and rename to 'uImage_AP15C'
- Open the target AP's enclosure and locate the 4-pin 3.3V UART header [4]
- Connect the AP ethernet to your PC's ethernet port
- Connect a terminal to the UART at 115200 8/N/1 as usual
- Power on the AP and press a key to cancel autoboot when prompted
- Run the following commands at the U-Boot console:
- `tftpboot`
- `cp.b $fileaddr 0x9f070000 $filesize`
- `boot`
- The access point will boot to OpenWRT.
Signed-off-by: David Lutz <kpanic@hirnduenger.de>
vrx518_tc currently sets the interface maximum MTU to the ethernet default
of 1500 bytes by default via ether_setup() called from ptm_setup().
To support 1508 byte baby jumbo frames (RFC4638) for PPPoE connections
over VDSL links as already supported by the VR9 ltq_ptm driver ([1], [2])
set the interface maximum MTU to MAX_MTU.
MAX_MTU is defined in dcdp/inc/tc_common.h to 2002 bytes and this value is
used in ptm_change_mtu() and elsewhere as the maximum MTU, however this is
short circuited by checks against the interface maximum MTU.
[1]: https://forum.openwrt.org/t/fritzbox-7530-and-rfc4638-baby-jumbo-frames/181327
[2]: https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=8a2a20e71e2909f84dab47e51dfda9e292a6c1ae
Signed-off-by: Andrew MacIntyre <andymac@pcug.org.au>
Link: https://github.com/openwrt/openwrt/pull/16856
Signed-off-by: Robert Marko <robimarko@gmail.com>
e93f6c3fc729 main: fix format string related warnings for log/debug printf functions
6ab44a2413f9 fix signed/unsigned comparison warnings
4fe997b61d7d system-dummy: add system_if_apply_settings_after_up
992d33cb42a6 ubus: add notifications on wireless device state changes
34eb11eb6f5c device/interface: add "tags" attribute from config to status dump
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This allows annotating wifi interfaces in the config in a way that can be
queried through wifi status. One example use case is to mark wifi interfaces
for use with specific services without having to explicitly reference the
(often unnamed) sections from elsewhere.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Package kmod-drm-panel-mipi-dbi as well as modules it depends on in
order to support a wide range of MIPI DBI complaint SPI-connected
TFT panels.
See https://github.com/notro/panel-mipi-dbi/ for more information on
how to use specific panels.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Patches weren't refreshed when r8168 was updated to v8.054.00 in a85e18b53f.
Fixes: a85e18b53f ("kernel: r8168: update to v8.054.00")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Both packages `ombnia-mcu-firmware` and `omnia-mcutool` would depend on
a specific device. The buildbots however build all devices and therefore
the package isn't build at all, due to unmet dependencies.
While this didn't cause issues with OPKG, APK fails actively due to the
missing packages. Drop the specific dependency, however wants to install
unrelated firmware on any device can do that anyway.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Mark the package as nonshared to build it in the target specific build
step 1 of the build bots instead of the architecture generic build step 2.
In the build step 2 it may be left out if we build it using a different
target.
Fixes: #16857
Link: https://github.com/openwrt/openwrt/pull/16859
Signed-off-by: Robert Marko <robimarko@gmail.com>
zero length arrays are deprecated.
Fixes coccinelle warning:
WARNING use flexible-array member instead
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16848
Signed-off-by: Robert Marko <robimarko@gmail.com>
@KA2107 reported that opkg is not able to verify the artifact signatures
produced by buildbot using the usign 24.10 release keys. So lets fix it
by actually adding the 24.10 usign key with d310c6f2833e97f7 fingerprint
into the openwrt-keyring package.
Fixes: #16850
Reported-by: @KA2107
Fixes: a535cfc09e ("openwrt-keyring: add OpenWrt 24.10 release build usign key")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Package gs_usb CAN driver, which is for Geschwister Schneider and
bytewerk.org candleLight compatible USB/CAN interfaces.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
Using the arrow keys to navigate the U-Boot menu often leads to being
dropped into the U-Boot shell unexpectedly.
This can be prevented in most cases by improving the logic to detect the
arrow key ESC sequence and only reprinting the menu if actually needed.
Also enable CONFIG_SERIAL_RX_BUFFER for all boards as it helps preventing
the remaining cases.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The same that is done in `ipkg-make-index.sh` should happen with APK.
If the pseudo packages, only added to add dependency constraints, are
added to the index, APK happily "upgrades" them and installs updated
kmods, too. However, the Kernel itself is never installed via a regular
package.
Fixes: https://github.com/openwrt/openwrt/issues/16808
Signed-off-by: Paul Spooren <mail@aparcar.org>
The mirror hash has changed after 8009342.
Fixes: 8009342f43 ("bcm27xx-utils: fix version for APK")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Prior to this commit keys would only be generated if `make` is called
alone, but not for something like `make package/busybox/compile`.
The exact reasons are in the depth of make magic, so this is sheer luck!
Signed-off-by: Paul Spooren <mail@aparcar.org>
Drop limitation on depending on only armv8 for armsr target as those
module should support both 32 and 64 bits systems.
Only thunderx-net actually require 64 bit systems.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The version was a mix of strings, hex numbers and semantic numbers.
Switch the PKG_VERSION to something digestible by APK and introduce
PKG_SOURCE_VERSION to handle the actual filename.
While at it, drop the redundant PKG_B_NAME which was the same as
PKG_NAME anyway.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Refactor version of omnia-mcutool for APK.
Switch to git clone and use hash instead of converting 0.3-rc3 to 0.3.3.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Reintroduce rt61/rt73 support as they looks to be pretty standard and
currently required by Gemini or Xway-legacy targets.
Notice that they are b/g card.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
To better support imagebuilder declaring --repositories-file on calling
apk macro, detach this and --repository from rootfs.mk macro and move it
to package Makefile and image.mk where they are used to permit a more
generic usage.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Currently, xdp-tools doesn't compile on build systems where
bpftool is installed because additional tools and BPF programs
will be compiled then, which results in build errors.
This commit disables the compilation of those bpftool-dependent tools.
Signed-off-by: Til Kaiser <mail@tk154.de>
Link: https://github.com/openwrt/openwrt/pull/16787
Signed-off-by: Robert Marko <robimarko@gmail.com>
Improve support for power button handling.
d9a2878 - Use /sys/class/gpio/mcu_power for monitoring the MCU power line
02b6005 - Use "halt" instead of "shutdown"
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
This commit adds u-boot support for the NanoPi R3S.
Signed-off-by: Kevin Zhang <kevin@kevinzhang.me>
Link: https://github.com/openwrt/openwrt/pull/16738
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Drop the patch to re-add the vlan_hdr struct
because it is required now to build xdp-filter.
Signed-off-by: Til Kaiser <mail@tk154.de>
Link: https://github.com/openwrt/openwrt/pull/16798
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Add INET diag socket monitoring interface module for MultiPath TCP.
It allows using native Linux socket diagnostic tools such as 'ss' for
Multipath TCP connections.
Co-authored-by: Rodrigo B. de Sousa Martins <rodrigo.sousa.577@gmail.com>
Signed-off-by: sKy King <29267720+sKyissKy@users.noreply.github.com>
Link: https://github.com/openwrt/openwrt/pull/12884
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Fixes the following security problem:
* CVE-2024-49195: Fix a buffer underrun in mbedtls_pk_write_key_der()
when called on an opaque key, MBEDTLS_USE_PSA_CRYPTO is enabled, and
the output buffer is smaller than the actual output. Fix a related
buffer underrun in mbedtls_pk_write_key_pem() when called on an opaque
RSA key, MBEDTLS_USE_PSA_CRYPTO is enabled and MBEDTLS_MPI_MAX_SIZE is
smaller than needed for a 4096-bit RSA key.
Link: https://github.com/openwrt/openwrt/pull/16768
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
It seems some package (sstp-client) makes use of pppd.pc file to detect
the ppp version as 2.5.0 changed some API.
Also install the .pc file to permit the version detection of pppd.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Supports reading the same parameters currently being used by iwinfo.
Preparation for replacing iwinfo with a rewrite in ucode.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This allows to obtain detailed diagnostic information about the DSL
connection from the modem. The script is copied from the corresponding
packages for VDSL modems.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Link: https://patchwork.ozlabs.org/project/openwrt/patch/20241019174041.1281093-4-jan@3e8.eu/
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This is a preparation for adding support for dsl_cpe_pipe.sh with a
similar set of commands compared to the VDSL variant.
The configuration is simplified by using the "--enable-model" option.
Other options are chosen to match the VDSL variant, while also making
sure that previously enabled options stay like that. However, ReTx
options stay disabled, because of incompatibility with the ubus code.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Link: https://patchwork.ozlabs.org/project/openwrt/patch/20241019174041.1281093-3-jan@3e8.eu/
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This is a preparation for adding support for dsl_cpe_pipe.sh with a
similar set of commands compared to the VDSL variant.
The configuration is simplified by using the "--enable-model" option.
Other options are chosen to match the VDSL variant, while also making
sure that previously enabled options stay like that. However, ReTx
options stay disabled, because of incompatibility with the ubus code.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Link: https://patchwork.ozlabs.org/project/openwrt/patch/20241019174041.1281093-2-jan@3e8.eu/
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
65bb027 CMakeLists.txt: bump minimum cmake version
252a9b0 libubus: Make UBUS_* macros work cleanly in C++
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit adds the build date during compilation to the os-release file.
This information can then be used later to output this via the the ubus,
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Link: https://github.com/openwrt/openwrt/pull/15987
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
don't use configuration directories which are relative
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14975
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Add support for handling of DNS RR (Resource Records) requests, which
are needed for the HTTPS Type 65 records, introduced to support the
DNS-based Service Discovery (DNS-SD) mechanism for HTTPS services and
defined in the RFC 9460 (9.1. Query Names for HTTPS RRs).
Ref: https://forum.openwrt.org/t/resolving-query-type-65-to-local-address-for-ios-clients-in-dnsmasq/179504/11
uci config usage:
config dnsrr
option rrname 'foo.example.com'
option rrnumber '65'
option hexdata '00'
hexdata is optional.
Available since dnsmasq 2.62 (for around 12 years at this point).
Note: dnsmasq dns-rr are not affected by filter-rr
Tested on 22.03.5
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Tested-by: Vladimir Kochkovski <ask@getvladimir.com>
Link: https://github.com/openwrt/openwrt/pull/14975
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Prevents problems when variables contain spaces.
Tested on: 23.05.3
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14975
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Users can now freely add new dnsmasq parameters (i.e. a whole config)
via extraconf. This means users can add their own parameters without
changes to init or GUI.
Co-opted the default of confdir also to include the instance name.
This way each instance gets its own .d directory (and separate instances
do not all inherit the same 'extraconftext').
Usage:
config dnsmasq 'config'
...
option extraconftext 'cache-size=2048\nlog-async=20'
config dnsmasq 'blah'
...
option extraconftext 'cache-size=128\nlog-async=5'
or even (which would produce staggered output but still valid)
config dnsmasq 'blah'
...
option extraconftext 'cache-size=128
log-async=5'
See https://forum.openwrt.org/t/add-dnsmasq-custom-options-field-in-luci-gui/193184
Tested on: 23.05.3, 22.03.6
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Tested-by: Vladimir Kochkovski <ask@getvladimir.com>
Link: https://github.com/openwrt/openwrt/pull/14975
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
dnsmasq v2.90 introduced `--cache-rr=<rrtype>[,<rrtype>...]`.
uci config usage:
config dnsmasq
...
option cache_rr 'AAAA,CNAME,NXDOMAIN,SRV,...'
The dnsmasq instance internally builds a linked list of RR to cache
from the individually supplied parameters, so it's allowed to provide
multiples:
... --cache-rr=AAAA --cache-rr=A ...
See https://forum.openwrt.org/t/resolving-query-type-65-to-local-address-for-ios-clients-in-dnsmasq/179504
Tested on: 23.05.2
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Tested-by: Vladimir Kochkovski <ask@getvladimir.com>
Link: https://github.com/openwrt/openwrt/pull/14975
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
dnsmasq v2.90 introduced `--filter-rr=<rrtype>[,<rrtype>...]`.
uci config usage:
config dnsmasq
...
option filter_rr 'AAAA,CNAME,NXDOMAIN,SRV,...'
The dnsmasq instance internally builds a linked list of RR to filter
from the individually supplied parameters, so it's harmless to provide
synonyms:
... --filter-A --filter-rr=A ...
See https://forum.openwrt.org/t/resolving-query-type-65-to-local-address-for-ios-clients-in-dnsmasq/179504/23
Tested on: 23.05.2
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Tested-by: Vladimir Kochkovski <ask@getvladimir.com>
Link: https://github.com/openwrt/openwrt/pull/14975
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This patch allows the use of SAE when using PPSK after
https://w1.fi/cgit/hostap/commit/?id=fcbdaae8a52e542705a651ee78b39b02935fda20
added support for it.
It also implements a fix so that this option works with SAE. The reason this
doesn't work out of the box is because OpenWRT deviates from hostapd defaults
by setting `sae_pwe` option to 2 which makes this mode not function properly
(results in every auth attempt being denied).
That issue was addressed by not overriding hostapd's default for the `sae_pwe`
option when the PPSK option is in use. This should be fine because hostapd's
test cases specifically test this mode with the default SAE parameters. See:
https://w1.fi/cgit/hostap/commit/?id=c34b35b54e81dbacd9dee513b74604c87f93f6a3
Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/16343
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Allows removal of the remove function by letting devm handle everything.
Avoids gotos as well.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/16507
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Update package to the latest stable version and drop upstreamed patches:
0001-arm-mvebu-turris_omnia-Enable-LTO-by-default-on-Turr.patch
100-mvebu-armada-8k-respect-CONFIG_DISTRO_DEFAULTS.patch
Other patches automatically refreshed (line numbers only)
Add custom config flags to disable building efimkcapsule by default.
This introduces a dependency to GnuTLS which is not present and we do
not need it here.
Signed-off-by: Stefan Kalscheuer <stefan@stklcode.de>
Link: https://github.com/openwrt/openwrt/pull/16676
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
