This was causing issues recently as samba36 is not API compatible with the
libtdb in the packages repo. It shouldn't be using it anyway. Nor tevent.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported from 1f2612a4dd)
The return value of the function isn't used anywhere.
Fixes missing return value, CID 1329717.
Found-by: Coverity
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
(backported from b06c447c5f)
In order to be able to better compare files to sync in the future, include
all BIN_DIR subdirectories in the checksum calculation.
To not break existing applications, restrict the recursive checksumming to
CONFIG_BUILDBOT for now.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from 681e825f8f)
Add a menuconfig option to set the HOME_URL exposed in
/usr/lib/os-release independent from the
LEDE_DEVICE_MANUFACTURER_URL.
Fixes: FS#1123
Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from 52a9edb1bf)
Add xt_bpf modules to {kmod-ipt,iptables-mod}-filter.
Match using Linux Socket Filter. Expects a BPF program in decimal
format. This is the format generated by the nfbpf_compile utility.
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
(backported from ab07ae2f27)
Replace 204-udhcpc_no_msg_dontroute patch by the upstream busybox fix
which removes the code which requires the server ID to be on local
network
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from c6e50075f2)
Since kernel 4.10 commit 61e84623ace3 ("net: centralize net_device
min/max MTU checking"), the range of mtu is [min_mtu, max_mtu], which
is [68, 1500] by default.
It's necessary to set a max_mtu if a mtu > 1500 is supported.
Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from 5da2c68d00)
Some board vendors actually changed the loader to expect the chip
to come up in 4-address-mode and flipped the ADP bit in the flash
chip's configuration register which makes it come up in 4-address-mode.
Hence it doesn't make sense to avoid switching to 4-address-mode on
those boards but the opposite as otherwise reboot hangs eg. on the
WrtNode2 boards. Fix this by checking the ADP register and only using
SPI_NOR_4B_READ_OP on chips which have ADP==0 (come up in 3-byte mode).
See also datasheet section 7.1.11 Power Up Address Mode (ADP)
Fixes: 22d982ea0 ("ramips: add support for switching between 3-byte and 4-byte addressing on w25q256 flash")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 8796680277)
5699354 extensions: fix build failure on fc28
e6359ee build: update ebtables.h from kernel and drop local unused copy
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from 1bbe813db0)
Do not set device runtime property on interfaces in the hotplug handler
and in fixup_interfaces(). This property conflicts with device option
in several proto handlers (mainly QMI and other WWAN/3G protos) and does
not seem to be used anywhere.
Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(backported from 91b5b2e20d)
3.4 is mainly a bug fix/maintenance release.
3KB increase in ipk lib size on mips.
Compile tested for: ar71xx, ramips
Run tested on: ar71xx Archer C7 v2, ramips mir3g
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from 1ee5051f20)
OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem. This change is
needed for wget-ssl and possibly others to work seamlessly with fresh
ca-bundle installation
Fixesopenwrt/packages#6152
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(backported from 191078e83d)
While building, curl complains that the path specified is missing.
Also, without ca-bundle, something like 'curl https://www.google.com'
does not work due to a certificate verify error.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported from 7a20c7a05d)
It simplifies the Makefile a bit. In addition, using ca-bundle
saves some space as well.
It also fixes an issue with at least transmission, which has a dependency
on ca-bundle, but currently libcurl with OpenSSL or GnuTLS cause it not
to work.
This has been tested on mt7621 with OpenSSL and GnuTLS just by running
'curl https://www.google.com' and seeing if there's a verify error.
The rest are already using ca-bundle and therefore work fine.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from f97946c496)
Currently when installing the firmware, a bunch of files and directories
that the ath10k driver does not look for are created.
The package now installs firmware for both hw 2.1 and 3.0 devices.
2.1 is abandonware but may be useful to keep.
3.0 firmware was tested on a Killer 1535 to be relatively stable with
802.11w disabled. 802.11w causes multiple firmware crashes but that's true
of other ath10k firmwares as well.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported and squashed from
27eab4fa57,
d0fbe1956b,
e191c7ee79)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Make sure hostapd-openssl is actually build against OpenSSL, same
for wolfSSL.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 987900f2de)
Clean up conflicts/provides/depends hell and add PROVIDES for
eapol-test variants while at it.
Update mesh-DFS patchset from Peter Oh to v5 (with local fixes) which
allows to drop two revert-patches for upstream commits which previously
were necessary to un-break mesh-DFS support.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 78f1974bc5)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Instead of selecting the SSL provider at compile time, build package
variants for each option so users can select the binary package without
having to build it themselves.
Most likely not all variants have actually ever been user by anyone.
We should reduce the selection to the reasonable and most used
combinations at some point in future. For now, build them all.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from c8fdd0e9c8)
Support for building wpa_supplicant/hostapd against wolfssl has been
added upstream recently, add build option to allow users using it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 69f544937f)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
commit 39a6ce205d (ustream-ssl: Enable ECDHE with OpenSSL.) broke
build against wolfSSL because wolfSSL doesn't (yet) support
SSL_CTX_set_ecdh_auto() of the OpenSSL API.
Fix this in ustream-ssl:
189cd38b41 don't use SSL_CTX_set_ecdh_auto with wolfSSL
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 4f442f5f38)
Implicetely selecting the required options via Kconfig snippet from
hostapd worked fine in local builds when using menuconfig but confused
the buildbots which (in phase1) may build wpad-mini and hence already
come with CONFIG_WPA_WOLFSSL being defined as unset which then won't
trigger changing the defaults of wolfssl.
Work around by explicitely reflecting wpa_supplicant's needs in
wolfssl's default settings to make buildbots happy.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from dad39249fb)
This change will trigger rebuild on buildbots in case of changed config
symbols, like in the case of hostapd selecting some wolfssl symbols
lately.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 5857088c5e)
Use download from github archive corresponding to v3.14.4 tag because
the project's website apparently only offers 3.14.0-stable release
downloads.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 4f67c1522d)
As of commit in kernel:
6104c37094 fbcon: Make fbcon a built-time depency for fbdev
framebuffer console is build in into framebuffer module and there's no
standalone fbcon module. Therefore drop the kmod-fbcon and enable
console in kmod-fb. The only targets which use these modules are imx6
and geode, both are on kernel 4.14 so no fallback for other kernels is
introduced.
Being at that this commit also fixes autoload of fbdev for x86.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
(backported from 9c0ddafd46)
This now matches what was generated locally on my PC and the file on the
mirror server.
Fixes: 349fe46103 ("ath10k-firmware: Update QCA988X firmware to the latest version")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from 56a03e4343)
This patch updates the QCA988X firmware to the latest revision
firmware-5.bin_10.2.4-1.0-00037
found in the ath10k-firmware and linux-firmware repositories.
Tested on TP-Link Archer C7 v2 (ar71xx).
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
(backported from 349fe46103)
This adds the build option for UniFi AC Mesh Pro as well as
model detection for it.
The device is a hardware clone of the AC Pro.
- SoC: QCA9563-AL3A (775Mhz)
- RAM: 128MiB
- Flash: 16MiB - dual firmware partitions!
- LAN: 2x 1000M - POE+
- Wireless:
2.4G: QCA9563
5G: UniFi Chip, QCA988X compatible
Signed-off-by: Christoph Krapp <achterin@googlemail.com>
(cherry picked from commit 987b961537)
3aa81d0 file: access exec timeout via daemon ops structure
7235f34 plugin: store pointer to exec timeout value in the ops structure
ccd7c0a treewide: rename exec_timeout to rpc_exec_timeout
c79ef22 main: fix logic bug when not specifying a timeout option
2cc4b99 file: use global exec timeout instead of own hardcoded limit
ecd1660 exec: increase maximum execution time to 120s
Also expose the socket and timeout options in /etc/config/rpcd for
easier use.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commits 4105555115,
952b11766c and
e533fb1706)
The WAN LED now shows the link state. It's color is green,
not blue.
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
(cherry picked from commit 0411813c6f)
The tar extraction depends on the order in which the files
are added to the tar file. Since the order is not guaranteed
and depends on the host system, the combined mtd write fails
with sysupgrade images built on some systems.
Fix by changing to tar file order independent mtd write.
Fixes: 86e18f6706 ("ipq806x: add support for OpenMesh A42")
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Sven Eckelmann <sven@narfation.org>