Commit Graph

11466 Commits

Author SHA1 Message Date
Felix Fietkau
4c030333a3 libiconv: install to the new prefix
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48402
2016-01-20 19:12:22 +00:00
Felix Fietkau
1981ee7d75 toolchain: Reverse glibc/eglibc conditionals to check for eglibc
This will make adding future glibc versions easier because the
conditionals won't have to be modified again.

Signed-off-by: Michael Marley <michael@michaelmarley.com>

SVN-Revision: 48399
2016-01-20 19:12:01 +00:00
Felix Fietkau
c49bc55669 netifd: update to the latest version, adds a cosmetic fix for a wpa related variable
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48397
2016-01-20 19:11:41 +00:00
Felix Fietkau
272a3e03de libiconv: change include guard to make glib2 consider it compatible
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48396
2016-01-20 13:54:30 +00:00
Felix Fietkau
99fb7d9a4e elfutils: bump to 0.165
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

SVN-Revision: 48393
2016-01-20 13:54:13 +00:00
Felix Fietkau
99856ebf5c 6in4: use uclient-fetch instead of wget/curl
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48391
2016-01-20 10:15:29 +00:00
Felix Fietkau
8353ed85f2 uclient: update to the latest version, adds an auth reconnect handling fix and a small uclient-fetch command line fix
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48390
2016-01-20 10:15:25 +00:00
Felix Fietkau
5cafb9240e qos-scripts: Fix classification of ingress traffic
Set the save-mark mask for the qos_${cg} chain to 0xff instead of
0xf0.  With the old value, the nibble that was saved would be
masked during the restore, preventing ingress traffic from being
classified.  Thanks to nbd for recommending the fix.

Signed-off-by: Michael Marley <michael@michaelmarley.com>

SVN-Revision: 48388
2016-01-19 23:56:34 +00:00
Felix Fietkau
e771a31b39 opkg: depend on uclient-fetch, disable busybox wget
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48386
2016-01-19 23:35:04 +00:00
Felix Fietkau
208b96cacd uhttpd: fix typo in default config for px5g
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48385
2016-01-19 23:27:14 +00:00
Jo-Philipp Wich
939b944c6e Revert "6in4: Corrected tunnelbroker tunnel update URL"
The auth change appears to break the endpoint update for most users and with
my local tests the old update url works just fine.

This reverts commit 99c03a88cb6fed0519efdfaac305794653a12542.

SVN-Revision: 48384
2016-01-19 23:25:38 +00:00
Felix Fietkau
f6e4badfe4 toolchain: Add glibc 2.22
Signed-off-by: Michael Marley <michael@michaelmarley.com>

SVN-Revision: 48383
2016-01-19 22:58:51 +00:00
Felix Fietkau
54baefc480 ustream-ssl: update to the latest version, fixes connection with servers requiring DHE
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48380
2016-01-19 22:41:36 +00:00
Felix Fietkau
23541c6f6f uclient: install a symlink from uclient-fetch to wget into /bin
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48379
2016-01-19 22:41:31 +00:00
Felix Fietkau
977948b15c uclient: update to the latest version, fixes a cosmetic progress bar issue
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48378
2016-01-19 22:41:18 +00:00
Zoltan Herpai
76b903a415 packages: bump uboot-mxs to 2016.01, refresh patches
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>

SVN-Revision: 48374
2016-01-19 21:50:11 +00:00
Felix Fietkau
20ba5a01cf kernel: modularize dma shared buffer code to eliminate kernel bloat
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48371
2016-01-19 21:09:11 +00:00
John Crispin
ff7f5eb13d procd: emit events for sound subsystem
Useful e.g. for plugable USB-soundcards.
With this change an event/hotplug-call looks like:

ACTION: add DEVNAME: snd/timer DEVPATH: /devices/virtual/sound/timer SUBSYSTEM: sound
ACTION: add DEVNAME:  DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0 SUBSYSTEM: sound
ACTION: add DEVNAME: snd/controlC0 DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0/controlC0 SUBSYSTEM: sound
ACTION: add DEVNAME: snd/pcmC0D0p DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0/pcmC0D0p SUBSYSTEM: sound
ACTION: add DEVNAME: snd/pcmC0D0c DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0/pcmC0D0c SUBSYSTEM: sound
ACTION: add DEVNAME: dsp DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0/dsp SUBSYSTEM: sound
ACTION: add DEVNAME: audio DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0/audio SUBSYSTEM: sound
ACTION: add DEVNAME: mixer DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0/mixer SUBSYSTEM: sound

This fixes #21466.

Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>

SVN-Revision: 48366
2016-01-19 15:31:35 +00:00
Felix Fietkau
e34acd64f5 kernel: disable AFS support by default
This pulls in CONFIG_KEYS, which bloats up the kernel size and is thus
very undesirable. It also currently exposes the kernel to a local root
vulnerability

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48364
2016-01-19 15:14:51 +00:00
Felix Fietkau
d33c0dd6d0 kernel/modules: add kmod-crypto-hw-ccp
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 48347
2016-01-19 10:06:43 +00:00
Felix Fietkau
faad8b68a4 wpa_supplicant: add support for EAP-TLS phase2
Introduce config options client_cert2, priv_key2 and priv_key2_pwd
used for EAP-TLS phase2 authentication in WPA-EAP client mode.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 48345
2016-01-19 10:06:29 +00:00
Felix Fietkau
3b15eb0ade hostap/wpa_supplicant: enable EAP-FAST in -full builds
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 48344
2016-01-19 10:06:23 +00:00
Felix Fietkau
808a605453 uhttpd: add option for mbedtls
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 48343
2016-01-19 10:06:18 +00:00
Felix Fietkau
cd5d3f9240 kernel/modules: add missing symbol for crypto-rng
Since CRYPTO_DRBG_MENU was added in r48277, CRYPTO_DRBG_HMAC is missing.
It does not appear in kernel_menuconfig and defaults to yes, so enable
it in crypto-rng as well and add dependencies to HMAC and SHA256.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 48341
2016-01-18 23:35:12 +00:00
Felix Fietkau
f6e38ec125 br2684ctl: resolve a boot time race condition with nas0 bringup by using explicit notification when init is done
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48321
2016-01-18 15:35:30 +00:00
Felix Fietkau
262f054c6e br2684ctl: add support for notifying nas* bringup via a script
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48320
2016-01-18 15:35:24 +00:00
Felix Fietkau
614ebec4d2 firewall: add CONFIG_IPV6 to PKG_CONFIG_DEPENDS to fix a rebuild error
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48315
2016-01-18 13:21:37 +00:00
Felix Fietkau
3c8827fa7f iptables: fix rebuild errors on configuration changes
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48314
2016-01-18 13:21:32 +00:00
Felix Fietkau
8de052800a openssl: remove the separate configuration menu, use the implicit one (via MENU:=1)
Fixes warning on selecting OPENSSL_ENGINE_CRYPTO if openssl is not selected

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48312
2016-01-18 12:42:08 +00:00
Felix Fietkau
e4cf25cfab wpa_supplicant: improve generating phase2 config line for WPA-EAP
WPA-EAP supports several phase2 (=inner) authentication methods when
using EAP-TTLS, EAP-PEAP or EAP-FAST (the latter is added as a first
step towards the UCI model supporting EAP-FAST by this commit)
The value of the auth config variable was previously expected to be
directly parseable as the content of the 'phase2' option of
wpa_supplicant.
This exposed wpa_supplicant's internals, leaving it to view-level to
set the value properly. Unfortunately, this is currently not the case,
as LuCI currently allows values like 'PAP', 'CHAP', 'MSCHAPV2'.
Users thus probably diverged and set auth to values like
'auth=MSCHAPV2' as a work-around.
This behaviour isn't explicitely documented anywhere and is not quite
intuitive...

The phase2-string is now generated according to $eap_type and $auth,
following the scheme also found in hostap's test-cases:
http://w1.fi/cgit/hostap/tree/tests/hwsim/test_ap_eap.py
The old behaviour is also still supported for the sake of not breaking
existing, working configurations.

Examples:
  eap_type   auth
  'ttls'     'EAP-MSCHAPV2'     -> phase2="autheap=MSCHAPV2"
  'ttls'     'MSCHAPV2'         -> phase2="auth=MSCHAPV2"
  'peap'     'EAP-GTC'          -> phase2="auth=GTC"

Deprecated syntax supported for compatibility:
  'ttls'     'autheap=MSCHAPV2' -> phase2="autheap=MSCHAPV2"

I will suggest a patch to LuCI adding EAP-MSCHAPV2, EAP-GTC, ... to
the list of Authentication methods available.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 48309
2016-01-18 11:40:44 +00:00
Felix Fietkau
fc8a7051cd lantiq: ltq-deu: Remove the "DEU test manager"
Remove the "DEU test manager" code which has not been used for more than
two years (as the kernel module is not installed anymore since r38731).
This fixes compilation on kernel 4.3, which removes
aead_request_set_assoc (and newer kernels).

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>

SVN-Revision: 48308
2016-01-18 11:40:40 +00:00
Felix Fietkau
e0bfd25295 busybox: fix broken IPv6 address displaying in ifconfig
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48306
2016-01-18 11:11:26 +00:00
Jo-Philipp Wich
1bd8400752 package/libs/libiconv: function names
Currently libiconv-stub and libiconv-full use different names
for functions iconv, iconv_open, and iconv_close.

This may lead to failures when building modules, e.g. with
apr-util when NLS is not activated.

The two modules libiconv-stub and libiconv-full should be
interchangeable, so we need the same function names.

cf.
http://git.savannah.gnu.org/cgit/libiconv.git/tree/include/iconv.h.in

After applying this patch execute

	make distclean

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

SVN-Revision: 48301
2016-01-18 09:23:17 +00:00
Felix Fietkau
495935a3b8 iproute2: remove odd conffiles generation
This was generating a conffiles list that included the binary
and CONTROL/ files.

Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>

SVN-Revision: 48296
2016-01-17 20:41:09 +00:00
Felix Fietkau
95699dd312 lantiq: ltq-deu: Make the DEU driver compatible with linux 4.2 and newer
Upstream linux 4.2 commit 84be456f883c4685680fba8e5154b5f72e92957e
"remove <asm/scatterlist.h>" requires us to include linux/scatterlist.h
instead. This also works with older kernels (at least 4.1, thanks to
Hauke Mehrtens for testing).

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>

SVN-Revision: 48282
2016-01-17 19:23:14 +00:00
Jo-Philipp Wich
740a2ee163 base-files: Fix sysupgrade overlay saving
A previous change to sysupgrade moved the overlay files into upper/
The -c switch generates a list of files to backup, but the sed
calls did not take this into consideration.

Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>

SVN-Revision: 48281
2016-01-17 18:24:30 +00:00
Jo-Philipp Wich
5cf88bb032 netifd: fix PKG_VERSION (#21630)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48280
2016-01-17 17:15:01 +00:00
Felix Fietkau
c3b01ead44 uclient: update to the latest version, adds many fixes/features
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48278
2016-01-17 12:41:06 +00:00
Felix Fietkau
33d1b2e0f5 kernel: add missing kernel config symbol for crypto-rng (fixes #21596)
Signed-off-by: Lucian Cristian <luci@createc.ro>

SVN-Revision: 48277
2016-01-17 11:17:06 +00:00
Felix Fietkau
e2e8cb8347 network: add virtual tunnel interface (VTI) support
This adds support for configuring VTI interfaces within /etc/config/network.
VTI interfaces are used to create IPsec tunnel interfaces. These interfaces
may be used for routing and other purposes.

Example config:
config interface 'vti1'
	option proto 'vti'
	option mtu '1500'
	option tunlink 'wan'
	option peeraddr '192.168.5.16'
	option zone 'VPN'
	option ikey 2
	option okey 2

config interface 'vti1_static'
	option proto 'static'
	option ifname '@vti1'
	option ipaddr '192.168.7.2/24'

The options ikey and okey correspond to the fwmark value of a ipsec policy.
The may be null if you do not want fwmarks.
Also peeraddr may be 0.0.0 if you want all ESP packets go through the
interface.
Example strongswan config:
conn vti
	left=%any
	leftcert=peer2.test.der
	leftid=@peer2.test
	right=192.168.5.16
	rightid=@peer3.test
	leftsubnet=0.0.0.0/0
	rightsubnet=0.0.0.0/0
	mark=2
	auto=route

Signed-off-by: André Valentin <avalentin@marcant.net>

SVN-Revision: 48274
2016-01-17 11:06:02 +00:00
Felix Fietkau
eb1ac66ce7 netifd: update to the latest version, adds VTI support and a policy routing fix
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48273
2016-01-17 11:05:53 +00:00
Felix Fietkau
0200735bda kernel: add usb-net-sr9700 package
Add support for
CoreChip-sz SR9700 based USB 1.1 10/100 ethernet devices

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

SVN-Revision: 48272
2016-01-17 11:03:41 +00:00
Felix Fietkau
20a67881f4 ca-certificates: update to version 20160104
- update to latest version 20160104
- remove cpu dependency (PKGARCH:=all)
- set myself as package maintainer

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>

SVN-Revision: 48271
2016-01-17 11:03:36 +00:00
Felix Fietkau
b075688953 ustream-ssl: fix copy&paste mistake in mbedtls variant title
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48258
2016-01-16 09:14:03 +00:00
Felix Fietkau
b0b0c319f9 polarssl: update to 1.3.16, fixes intermediate certificate validation
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48257
2016-01-16 00:20:05 +00:00
Felix Fietkau
d9494cdf6d ustream-ssl: update to the latest version, adds mbedtls variant
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48256
2016-01-16 00:20:01 +00:00
Felix Fietkau
5bd5c3282b libubox: update to the latest version, adds lua/ustream fixes and extends usock
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48255
2016-01-16 00:19:54 +00:00
Felix Fietkau
6665bbb1a0 mbedtls: update to version 2.2.1
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48254
2016-01-16 00:19:47 +00:00
Zoltan Herpai
39f385d0d6 packages: bump uboot-sunxi to 2016.01
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>

SVN-Revision: 48252
2016-01-15 20:27:32 +00:00
Felix Fietkau
b2e374346b mwlwifi: fix build with latest mac80211
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48251
2016-01-15 16:58:00 +00:00
Felix Fietkau
ba8a603a49 mt76: update to the latest version, fixes build with latest mac80211
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48250
2016-01-15 16:53:44 +00:00
Felix Fietkau
82c5e2c497 mac80211: update to wireless-testing 2016-01-10
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48247
2016-01-15 15:03:48 +00:00
Felix Fietkau
56f6d35716 dnsmasq: Add option --min-port
By default dnsmasq uses random ports for outbound dns queries;
when the minport UCI option is specified the ports used will
always be larger than the specified value.
This is usefull for systems behind firewalls.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 48244
2016-01-15 11:24:15 +00:00
Felix Fietkau
64c23711ea dropbear: update version to 2015.71
Update dropbear to version 2015.71, released on 3 Dec 2015.
Refresh patches.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 48243
2016-01-15 11:24:09 +00:00
Felix Fietkau
708bbe9382 kernel: add missing kmod-video-videobuf2's object file in 4.4
CONFIG_VIDEOBUF2_CORE produces two object files in Linux >= 4.4.
Conditionally add the new file to FILES of kmod-video-videobuf2.

Signed-off-by: Jan Čermák <jan.cermak@nic.cz>

SVN-Revision: 48242
2016-01-15 10:49:21 +00:00
Jo-Philipp Wich
1133101bc8 procd: align early init PATH with rest of OpenWrt
This fixes diverging executable search paths observed in programs
launched throughn etifd which in turn inherited the search path from
procd early on boot.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48235
2016-01-14 12:52:18 +00:00
Felix Fietkau
711e28f012 mt76: update to the latest version, fixes signal strength reporting
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48234
2016-01-14 11:59:10 +00:00
Felix Fietkau
cb85e21fd1 ath9k: add support for a newer tx gain table used in some TP-Link devices
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48233
2016-01-14 02:17:49 +00:00
Felix Fietkau
155f7ba037 mt76: update to the latest version, adds mac address fixes and some performance tuning
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48232
2016-01-14 01:00:42 +00:00
Felix Fietkau
abc99463b4 ubus: update to the latest version, fixes an acl related crash
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48226
2016-01-13 11:32:41 +00:00
Felix Fietkau
bd99318c82 perf: fix strerror_r override detection, apparently part of tools/ relies on non-GNU behavior
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48221
2016-01-12 16:42:12 +00:00
Imre Kaloz
2a170e4086 mac80211: resync regulatory db with master-2015-12-14
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 48219
2016-01-12 14:28:09 +00:00
Felix Fietkau
10e6d3ade9 perf: fix build errors on x86 and other platforms
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48218
2016-01-12 11:15:34 +00:00
Jo-Philipp Wich
722badfa82 dnsmasq: add local hostname record for own lan ula address as well
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48214
2016-01-12 10:03:50 +00:00
Jo-Philipp Wich
b809725eb1 gettext-full: make autopoint and gettextize reloctable
The autopoint and gettextize host utilities contain hardcoded staging dir
paths which need to be overridden for the SDK environment.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48208
2016-01-12 07:51:56 +00:00
Felix Fietkau
44df607a43 linux-firmware: fix mediatek/ralink package names
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48204
2016-01-11 20:51:19 +00:00
Rafał Miłecki
2611a5538e hostapd: fix disassociation with FullMAC drivers and multi-BSS
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 48202
2016-01-11 18:51:47 +00:00
Felix Fietkau
37a57c1d71 openvpn: update to version 2.3.10
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48201
2016-01-11 18:37:28 +00:00
Felix Fietkau
2f55804f13 uci: update to the latest version, adds a small optimization to uci commit
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48200
2016-01-11 12:29:59 +00:00
Felix Fietkau
4c7983a00a dropbear: enable curve25519 support by default, increases compressed binary size by ~5 kb
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48196
2016-01-10 22:38:59 +00:00
Felix Fietkau
1455b5b89a dropbear: split out curve25519 support into a separate config option
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48195
2016-01-10 22:38:53 +00:00
Felix Fietkau
8c138d4ae8 fstools: fix off-by-one error in the version number
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48193
2016-01-10 18:04:36 +00:00
Felix Fietkau
cb42ea1c70 fstools: update to the latest version, fixes filesystem state rewrite on every boot
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48191
2016-01-10 17:36:53 +00:00
Felix Fietkau
6c40914c0c hostapd: fix post v2.4 security issues
- WPS: Fix HTTP chunked transfer encoding parser (CVE-2015-4141)
- EAP-pwd peer: Fix payload length validation for Commit and Confirm
  (CVE-2015-4143)
- EAP-pwd server: Fix payload length validation for Commit and Confirm
  (CVE-2015-4143)
- EAP-pwd peer: Fix Total-Length parsing for fragment reassembly
  (CVE-2015-4144, CVE-2015-4145)
- EAP-pwd server: Fix Total-Length parsing for fragment reassembly
  (CVE-2015-4144, CVE-2015-4145)
- EAP-pwd peer: Fix asymmetric fragmentation behavior (CVE-2015-4146)
- NFC: Fix payload length validation in NDEF record parser (CVE-2015-8041)
- WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use
  (CVE-2015-5310)
- EAP-pwd peer: Fix last fragment length validation (CVE-2015-5315)
- EAP-pwd server: Fix last fragment length validation (CVE-2015-5314)
- EAP-pwd peer: Fix error path for unexpected Confirm message (CVE-2015-5316)

Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>

SVN-Revision: 48185
2016-01-10 17:03:37 +00:00
Felix Fietkau
a960fcef29 mac80211: move b43legacy firmware to a separate package
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48184
2016-01-10 16:37:01 +00:00
Felix Fietkau
805c40351e mac80211: remove linux-firmware download
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48183
2016-01-10 16:36:54 +00:00
Felix Fietkau
26eb793589 mac80211: move broadcom firmware to the linux-firmware package
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48182
2016-01-10 16:36:48 +00:00
Felix Fietkau
4a791c8d4e mac80211: move ti firmware to the linux-firmware package
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48181
2016-01-10 16:36:40 +00:00
Felix Fietkau
78efb85fa1 mac80211: move mediatek/ralink firmware to the linux-firmware package
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48180
2016-01-10 16:36:31 +00:00
Felix Fietkau
9e5df4a939 mac80211: move atheros/qca firmware to the linux-firmware package
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48179
2016-01-10 16:36:25 +00:00
Felix Fietkau
6d0d89dc65 mac80211: move marvell firmware to the linux-firmware package
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48178
2016-01-10 16:36:17 +00:00
Felix Fietkau
35baa05d80 mac80211: move intel firmware to the linux-firmware package
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48177
2016-01-10 16:36:08 +00:00
Felix Fietkau
9dee1adc0f mac80211: move realtek firmware to the linux-firmware package
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48176
2016-01-10 16:36:00 +00:00
Felix Fietkau
ce6edb31ce linux-firmware: add commented out BuildPackage section for metadata scanning
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48175
2016-01-10 16:35:53 +00:00
Felix Fietkau
b6fcd06204 linux-firmware: remove duplication in package metadata
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48174
2016-01-10 16:35:46 +00:00
Felix Fietkau
2d21f6c6d6 linux-firmware: move realtek firmware packages to realtek.mk
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48173
2016-01-10 16:35:40 +00:00
Felix Fietkau
727f2d336d linux-firmware: update to the latest version, sync with subdir used by the mac80211 package
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48172
2016-01-10 16:35:31 +00:00
Felix Fietkau
da19a09b9e Revert "package/libs/libtool: rename to libltdl"
This reverts commit r48149

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48169
2016-01-10 11:39:19 +00:00
Zoltan Herpai
c03f792aac mac80211: brcmfmac: copy SDIO firmwares when CONFIG_BRCMFMAC_SDIO is selected
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>

SVN-Revision: 48162
2016-01-09 16:46:42 +00:00
Zoltan Herpai
f15fc140f1 packages: bump uboot-sunxi to 2016.01-rc3, along with H3 PSCI/SMP patches
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>

SVN-Revision: 48154
2016-01-08 20:37:43 +00:00
Imre Kaloz
f6340da7df mwlwifi: update to 10.3.0.16-20160105 (adds DFS support)
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 48152
2016-01-08 19:23:16 +00:00
Felix Fietkau
3e0615fe8f package/libs/zlib: new package zlib-dev
The patch adds a new package zlib-dev. It contains all files needed for
compiling a program using the zlib library:

/usr/include/zconf.h
/usr/include/zlib.h
/usr/lib/libz.a
/usr/lib/pkgconfig/zlib.pc

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

SVN-Revision: 48151
2016-01-07 21:08:13 +00:00
Felix Fietkau
1aa774053b openvpn: added service_triggers() to init script
Follow up of #21469
This patch enables autoreloading openvpn via procd.

Signed-off-by: Federico Capoano <nemesis@ninux.org>

SVN-Revision: 48150
2016-01-07 21:08:05 +00:00
Felix Fietkau
d65fe30d9b package/libs/libtool: rename to libltdl
Source package libtool is used to package libltdl.
Unfortunately binary libtoolize is missing.
Packaging libtoolize would depend on package file which is in the
packages feed.
Felix Fietkau suggested to rename source libtool to libltdl
and to create a new package libtool in packages.

This patch contains the renaming.

CC: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

SVN-Revision: 48149
2016-01-07 21:08:00 +00:00
Felix Fietkau
92b56a9aa2 perf: drop @!USE_UCLIBC from depends
perf builds fine with uClibc too

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

SVN-Revision: 48148
2016-01-07 21:07:48 +00:00
Rafał Miłecki
a09e713299 swconfig: support sending SWITCH_TYPE_LINK to kernel
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 48141
2016-01-06 18:32:13 +00:00
Felix Fietkau
fa8a94f845 bzip2: only build the static library for the host, fixes build errors on mac os x
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48135
2016-01-05 12:15:41 +00:00
Felix Fietkau
44b6a5e549 samba36: add three CVE patches from 2015-12-16
This is a patch for CVE-2015-5252, CVE-2015-5296 and CVE-2015-5299. A
patchset for these vulnerabilities was published on 16th December 2015.

Signed-off-by: Jan Čermák <jan.cermak@nic.cz>

SVN-Revision: 48133
2016-01-05 10:42:52 +00:00
Felix Fietkau
33beafa8d8 Configure IPv6 kernel options in config/Config-kernel.in
Revision 46834 changed IPv6 support from a module to builtin. But
since the configuration of the IPv6 kernel options was left in
package/kernel/linux/modules/netsupport.mk, this means that an
empty kmod-ipv6 module was still being generated (not packaged).

This patch moves the configuration of the IPv6 kernel options to
config/Config-kernel.in to remove this last bit of the module.

Note that CONFIG_IPV6_PRIVACY was dropped (enabled by default
since Linux v3.13), so this option is no longer needed.

See 5d9efa7ee9

Signed-off-by: Arjen de Korte <arjen+openwrt@de-korte.org>

SVN-Revision: 48132
2016-01-04 23:30:36 +00:00
Felix Fietkau
f500c8f3ac relayd: move to git.openwrt.org
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48129
2016-01-04 15:13:17 +00:00