Commit Graph

993 Commits

Author SHA1 Message Date
Florian Fainelli
9e740fa5a5 openssl: Use mkhash for STAMP_CONFIGURED
The current way of creating a STAMP_CONFIGURED filename for OpenSSL can
lead to an extremely long filename that makes touch unable to create it,
and fail the build.

Use mkhash to produce a hash against OPENSSL_OPTIONS which creates a
shortert stamp file,

Fixes #572

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-03-01 17:19:52 -08:00
Ted Hess
23dff07148 libubox: Update to latest version
9d6305a utils: Change calloc_a() to return size_t aligned pointers

Signed-off-by: Ted Hess <thess@kitschensync.net>
2017-02-24 15:32:47 -05:00
Martin Schiller
fdfde3eb21 libpcap: add optional netfilter support
This is needed to use the nflog interface with tcpdump

Signed-off-by: Martin Schiller <mschiller@tdt.de>
2017-02-22 22:52:30 +01:00
Felix Fietkau
7df0069bb5 mbedtls: add --function-sections and --data-sections to CFLAGS
This allows binaries that links these libraries statically to be reduced
by using --gc-sections on link

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-21 16:05:03 +01:00
Felix Fietkau
315498c163 libubox: fix host build on macOS
Use the defaults instead of a custom non-portable Host/Install section

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-20 14:57:20 +01:00
Jo-Philipp Wich
84ceca5148 libubox: add host build
Our opkg fork requires libubox to build, so add a host build for it.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-02-19 19:08:46 +01:00
Felix Fietkau
6c44ac286b libpcap: remove feature dependencies on kmod-* packages
USB support could be built into the kernel as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-17 14:09:21 +01:00
Alexey Brodkin
a3408a5271 toolchain/uclibc: Bump version to 1.0.22
Important change was made in 1.0.18: all sub-libs were merged
in one and only libc similarly to musl.

See [1] for more details.

To support that we had to remove refences to those sub-libs like
libpthread, libcrypt, libdl, libm, libutil etc.

[1] http://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/commit/?id=29ff9055c80efe77a7130767a9fcb3ab8c67e8ce

Signed-off-by: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
2017-02-11 15:38:39 +01:00
Ben Kelly
da0b9110fc uclibc++: patch bugfix erase() on derived __base_associative
When calling erase() on a containers derived from __base_associative
(e.g. multimap) and providing a pair of iterators a segfault will
occur.

Example code to reproduce:

	typedef std::multimap<int, int> testmap;
	testmap t;
	t.insert(std::pair<int, int>(1, 1));
	t.insert(std::pair<int, int>(2, 1));
	t.insert(std::pair<int, int>(3, 1));
	t.erase(t.begin(), t.end());

Signed-off-by: Ben Kelly <ben@benjii.net>
2017-02-09 12:26:55 +01:00
Felix Fietkau
da93c15fd2 libubox: update to the latest version
Adds the following changes:

de3f14b uloop: add uloop_cancelling function
3b6181b utils: fix build on Mac OS X 10.12
7f671b1 blobmsg: add support for double
0fe1374 utils: add helper functions useful for allocating a ring buffer
8fc1c30 libubox: replace strtok with _r version.
4a9f74f libubox: allow reading out the pid of uloop process in lua
372e1e6 uloop: remove useless epoll data assignment
f9db1cb libubox: allow reading out the remaining time of a uloop timer in Lua

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-04 10:19:15 +01:00
Florian Fainelli
200d932322 toolchain: Broaden the executable loader pattern
Some toolchains will produce executables with an interpreter that is e.g:
ld.so.1 (typically a symbolic link). Due to our current LIBC_SPEC_FILE value,
we would not be able to copy this symbolic link/file over to the rootfs and
executables would fail to load. Extend the search pattern to include all
ld*.so* files that could be needed.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-01-29 11:51:02 -08:00
Hauke Mehrtens
12db207e9b openssl: update to version 1.0.2k
This fixes the following security problems:
CVE-2017-3731: Truncated packet could crash via OOB read
CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64
CVE-2016-7055: Montgomery multiplication may produce incorrect results

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-27 23:38:17 +01:00
Jo-Philipp Wich
f798776188 libtool: don't clobber host libtool infrastructure
The libtool target package stages its files into the host staging directory
and moves the libltdl library parts from there into the target staging
directory afterwards.

By doing so, the package essentially renders the host libtool infrastructure
unusable, leading to the below error in subsequent package builds:

    libtoolize: $pkgltdldir is not a directory: `.../hostpkg/share/libtool`

Prevent this problem by using a dedicated libltdl install prefix in order to
avoid overwriting and moving away preexisting files belonging to tools/libtool.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-22 00:40:38 +01:00
Matthias Schiffer
421a6d314a
gettext-full: fix to use $STAGING_DIR_HOSTPKG instead of $STAGING_DIR/host
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-19 00:05:10 +01:00
Daniel Engberg
da5d060ac9 zlib: Update to 1.2.11
Update to 1.2.11 as suggested by upstream
Also add SF as primary source and main site as fallback

Note: SF doesn't carry the 1.2.11 update yet.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-01-16 19:52:07 +01:00
Domagoj Pintaric
b5b83706be mbedtls: add static files in staging_dir
Signed-off-by: Domagoj Pintaric <domagoj.pintaric@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
2017-01-16 11:41:54 +01:00
Matthias Schiffer
0d8381aea3
ncurses: revert $(STAGING_DIR_HOSTPKG) to $(STAGING_DIR)/host where appropriate
Host files installed in Build/InstallDev are target-specific and will stay
in $(STAGING_DIR)/host after the STAGING_DIR_HOSTPKG unification.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-14 18:58:44 +01:00
Felix Fietkau
bd68ddbda4 polarssl: remove package
The mbedTLS 1.3 branch has been EOL since end of 2016 and now all
remaining users have been converted.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:08 +01:00
Jo-Philipp Wich
b95494baed gettext-full: avoid using iconv for host builds
The gettext-full host build might pick up iconv-stub host build  headers
during the build, leading to stray linker errors with unresolved references
to libiconv_open(), libiconv() and libiconv_close().

Since we're not needing iconv support on the host, pass the appropriate
cache variables to configure to prevent detection and linking of iconv.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-11 03:48:30 +01:00
Matthias Schiffer
77beaf2ec9
package: replace $(STAGING_DIR)/host with $(STAGING_DIR_HOSTPKG)
Cleanup to prepare for changing STAGING_DIR_HOSTPKG. The actual change of
STAGING_DIR_HOSTPKG (i.e., moving the host packages back into a common, not
target-specific directory) will be done after the first LEDE release, but
the cleanup will also be useful for projects like Gluon.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-10 22:15:37 +01:00
Daniel Engberg
dfe93c20ec libnl: Update to 3.2.29
Update libnl to 3.2.29

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-01-10 08:26:42 +01:00
Hauke Mehrtens
e9f0b75976 cyassl: update to wolfssl version 3.10.0
This fixes a low level security vulnerability.
Deactivate MIPS16 support, crypto code gets much slower with MIPS16.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-10 00:10:15 +01:00
Felix Fietkau
3e7b894ac0 ustream-ssl: remove legacy polarssl support
The old polarssl 1.3 branch is EOL since end of 2016, and the package
for it will be removed soon.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-09 14:35:09 +01:00
Felix Fietkau
f0353c5e8c mbedtls: re-enable CFB support
It is safe and required by some software, e.g. shadowsocks

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-09 10:59:30 +01:00
Felix Fietkau
355e150065 mbedtls: re-enable RC4 support (needed by transmission and others)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-08 18:22:23 +01:00
Magnus Kroken
186cd4533d zlib: update to 1.2.10
* Fix bug in deflate_stored() for zero-length input
* Fix bug in gzwrite.c that produced corrupt gzip files

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2017-01-07 19:35:22 +01:00
Luiz Angelo Daros de Luca
0bb474652e elfutils: bump to 0.168
Other changes:
- Project moved to sourceware.org
- musl patch where cleaned up and submitted upstream
- TEMP_FAILURE_RETRY macro fixed and submitted upstream

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
[Jo-Philipp Wich: add missing .patch extension to 007-fix_TEMP_FAILURE_RETRY]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-03 14:32:35 +01:00
Daniel Engberg
0050b39fd4 gmp: Update to 6.1.2
Update GMP to 6.1.2

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-01-03 14:24:33 +01:00
Daniel Engberg
6099f22097 zlib: Update to 1.2.9
Update zlib to 1.2.9 and switch to XZ tarballs for download.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-01-03 14:24:33 +01:00
Daniel Engberg
bb4afdc8bc libusb: Update to 1.0.21
Update libusb to 1.0.21

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-01-03 14:24:33 +01:00
Florian Fainelli
55209a9df9 uclient: Update to 2016-12-09
Brings in the following changes:

52d955fd802a remove obsolete mac os x /opt/local include/library search path
a4e49b4163b2 Fix unused results warnings
48cfff3fbec9 uclient-http: send correct "Host:" header if port is set

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-01-02 21:06:13 +01:00
Hannu Nyman
b7677f05d6 ustream-ssl: remove extra DEFAULT_VARIANT from libustream-polarssl
Currently both libustream-polarssl and libustream-mbedtls
variants define themselves as the DEFAULT_VARIANT

Remove extra DEFAULT_VARIANT from libustream-polarssl.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-12-30 17:38:39 +01:00
Magnus Kroken
8ed11ebf7d mbedtls: enable DHE-RSA key exchange
Later OpenVPN 2.3-openssl versions only enable
TLS cipher suites with perfect forward secrecy, i.e. DHE and ECDHE
cipher suites. ECDHE key exchange is not supported by
OpenVPN 2.3-openssl, enable DHE key exchange to allow LEDE
OpenVPN 2.4-mbedtls clients to connect to such servers.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Reported-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Reported-by: Lucian Cristian <luci@createc.ro>
2016-12-30 13:06:43 +01:00
Magnus Kroken
ca963bbf5f mbedtls: enable secp384r1 elliptic curve support
Secp384r1 is the default curve for OpenVPN 2.4+. Enable this to
make OpenVPN-mbedtls clients able to perform ECDHE key exchange
with remote OpenVPN 2.4-openssl servers that use the default
OpenVPN curve.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-12-30 13:06:25 +01:00
Felix Fietkau
ae37f2310b mbedtls: enable support for external private RSA keys to fix openvpn build issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-28 22:56:36 +01:00
Zefir Kurtisi
16725e2db0 libpcap: Fix build when PACKAGECONFIG ipv6 is not enabled
Add patches provided upstream [1] by Fabio Berton to fix error:

> ./gencode.c: In function 'pcap_compile':
> ./gencode.c:693:8: error: 'compiler_state_t {aka struct _compiler_state}' has no member named 'ai'
>   cstate.ai = NULL;
>         ^
> ./gencode.c: In function 'gen_gateway':
> ./gencode.c:4914:13: error: 'cstate' undeclared (first use in this function)
>    bpf_error(cstate, "direction applied to 'gateway'");
>              ^

[1] https://github.com/the-tcpdump-group/libpcap/pull/541

Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Tested-by: Zefir Kurtisi <zefir.kurtisi@neratec.com>
2016-12-24 11:59:42 +01:00
Felix Fietkau
43855793ca ncurses: rename libncursesw to libncurses (more common name)
provide libncursesw via PROVIDES instead

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 21:10:43 +01:00
Felix Fietkau
c7c1cf5618 treewide: clean up and unify PKG_VERSION for git based downloads
Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 16:42:21 +01:00
Alexandru Ardelean
acfb067835 gettext-full: enforce only static lib on the host build
Sometimes I'm getting error on the host-side build:
```
/usr/lib64/gcc/x86_64-suse-linux/4.8/../../../../x86_64-suse-linux/bin/ld: /home/sandu/work/lede/staging_dir/host/lib/liblzma.a(liblzma_la-common.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC
/home/sandu/work/lede/staging_dir/host/lib/liblzma.a: error adding symbols: Bad value
collect2: error: ld returned 1 exit status
Makefile:2847: recipe for target 'libgettextlib.la' failed
make[9]: *** [libgettextlib.la] Error 1
make[9]: Leaving directory '/home/sandu/work/lede/build_dir/target-x86_64_musl-1.1.15/host/gettext-0.19.8.1/gettext-tools/gnulib-lib'
Makefile:2597: recipe for target 'all' failed
```

Disabling the shared-lib build, seems to fix this.

This is when building glib2 on the host-side.
glib2 is required by newer QEMU package [which is in the feeds].

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-22 16:42:20 +01:00
Felix Fietkau
e5e98d58f7 ncurses: set ABI_VERSION to avoid running into rebuild issues
When the version changes, this will force rebuild of packages depending
on it.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 17:07:58 +01:00
Felix Fietkau
cbca3ae92e libs/cyassl: re-enable the stunnel flag
This partially reverts commit 15734b023b.
--enable-stunnel was actually important and properly described in
commit 9b118cde89. Removing it broke ustream-cyassl

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-20 10:42:23 +01:00
Alexandru Ardelean
3c1f20d0bb libnl-tiny: define _GNU_SOURCE if not defined
If _GNU_SOURCE was added as part of a package's TARGET_CFLAGS,
then compilation would fail for that module (especially if
warnings get treated as errors).

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-20 09:35:36 +01:00
Daniel Engberg
15734b023b libs/cyassl: Enable multithreading, drop stunnel
More and more platforms are multicore SoCs, don't enforce singlethreading.
Drop stunnel option as stunnel code isn't available for download from upstream website.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-12-20 09:35:36 +01:00
p-wassi
6a902108a8 libs/ncurses: update to 6.0
Update libncurses to upstream release 6.0

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-12-20 09:35:36 +01:00
Felix Fietkau
720b99215d treewide: clean up download hashes
Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 22:39:22 +01:00
p-wassi
4297f4f901 libs/libpcap: update to 1.8.1
Update libpcap to upstream release 1.8.1
Change the name from libpcap.so.1.3 to libpcap.so.1
Remove parts of patch 201 which moved code among src files.
Import patch 204 from Debian to update the USB path.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix parallel build bug]
2016-12-14 12:13:13 +01:00
Felix Fietkau
64590f3c7e mbedtls: tune config to reduce size and improve performance
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:19 +01:00
Felix Fietkau
732c24a0ca mbedtls: sync with polarssl config
One of those changes is re-enabling blowfish support to make
openvpn-mbedtls compatible with common configurations

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:19 +01:00
Magnus Kroken
4b8c69258e mbedtls: enable MBEDTLS_DHM_C
This option is required by OpenVPN, and OpenVPN 2.4 uses mbedTLS 2.x.
DHM_C is also already enabled in the PolarSSL 1.3.x config.h.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-12-12 10:22:19 +01:00
Alexandru Ardelean
8cb476c853 libs: libnetfilter-queue: update to a newer version in git repo
Last release of libnetfilter-queue was in 2012.
There don't seem to be any release tarballs since then.

This updates it to a more recent version, pointing to the git repo.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-12-04 11:41:53 +01:00
Hauke Mehrtens
abedd718aa cyassl: update to wolfssl version 3.9.10
This fixes the following security problems:
CVE-2016-7440: Software AES table lookups do not properly consider cache-bank access times
CVE-2016-7439: Software RSA does not properly consider cache-bank monitoring
CVE-2016-7438: Software ECC does not properly consider cache-bank monitoring
SWEET32 Attack

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 21:35:35 +01:00
Hauke Mehrtens
99ea26883b mbedtls: update to version 2.4.0
This fixes two minor security problems.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:20 +01:00
Hauke Mehrtens
280fdac18f polarssl: update to version 1.3.18
This fixes two minor security problems.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:36:34 +01:00
Felix Fietkau
a2e197d972 libubox: update to the latest version
- Improves C++ compatibility
- Adds static initializers for the kvlist API

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 20:14:52 +01:00
Florian Fainelli
a9dce48b22 libnl-tiny: Remove GENL_ID_GENERATE
This constant was always defined to 0, and recently got removed in
upstream commit a07ea4d9941af5a0c6f0be2a71b51ac9c083c5e5 ("genetlink: no
longer support using static family IDs")

Fixes libnl-tiny builds with latest upstream kernels.

Fixes: d723f2573a ("libnl-tiny: remove include/linux overrides to fix various build issues")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-11-24 12:53:19 +01:00
Felix Fietkau
d723f2573a libnl-tiny: remove include/linux overrides to fix various build issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-17 13:36:09 +01:00
Jo-Philipp Wich
32f8b36d59 libnetfilter-conntrack: update to v1.0.6
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-14 13:03:53 +01:00
Nikos Mavrogiannopoulos
00e0a7d600 nettle: enable fat build
This allows to include optimizations such as ARM neon which
are detected on run-time.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
[Jo-Philipp Wich: picked from openwrt#191 and rebased onto LEDE master]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-14 13:03:53 +01:00
Luiz Angelo Daros de Luca
e2fd98793e elfutils: bump to 0.167
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2016-11-03 11:08:02 +01:00
Felix Fietkau
70af3bfd57 libreadline: set ABI_VERSION to force rebuild of dependent packages
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-19 20:26:54 +02:00
Alexandru Ardelean
fb789c4821 libs/gettext: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
832cd7ceb5 libs/libiconv: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:51 +02:00
Alexandru Ardelean
ab20b679f6 libs/libnl-tiny: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:51 +02:00
Daniel Engberg
195d2de867 package/libs/libreadline: Update to 7.0
Update libreadline to 7.0

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:51 +02:00
Daniel Engberg
9e87d6bdc8 package/libs/libconfig: Update to 1.5
Update libconfig to 1.5

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:51 +02:00
Daniel Engberg
6e5de6e07b package/libs/libnftnl: Update to 1.0.6
Update libnftnl to 1.0.6

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:51 +02:00
Daniel Engberg
1d7af1a296 package/libs/libtool: Switch to xz tarball
Switch to xz tarball, there's no point pulling two different tarballs of the same source code (tools/libtool uses xz).

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:51 +02:00
Daniel Engberg
f23a44173e package/libs/nettle: Update to 3.3
Update to 3.3

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:51 +02:00
Daniel Engberg
913609a9b1 package/libs/libnl: Update to 3.2.28
Update to 3.2.28
Remove patch as its in upstream

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:50 +02:00
Daniel Engberg
d41e54fb02 package/libs/libmnl: Update to 1.0.4
* Update to 1.0.4
* Remove patch as it's upstreamed

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:50 +02:00
Kevin Darbyshire-Bryant
c5e48abcc6 mbedtls: enable NIST curves optimisation.
luci using ustream-mbedtls is extremely slow vs ustream-polarssl.
polarssl alias mbedtls v1 is configured to use NIST prime speed
optimisation, so no longer disable the default optimisation for
mbedtls v2.

Compile & run tested: Archer C7v2

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
[Jo-Philipp Wich: refresh patch to use common format]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-13 20:25:42 +02:00
Dirk Neukirchen
f14b3705de gettext-full: update to 0.19.8.1
- unify configs of host/target
- disable stuff to decrease build time
- disable interactive gettextize: see
http://lists.busybox.net/pipermail/buildroot/2014-April/093394.html

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-10-13 20:25:42 +02:00
Dirk Neukirchen
d42521fa07 gettext: fix whitespace
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-10-13 20:25:42 +02:00
Daniel Engberg
9edfe7dd13 source: Switch to xz for packages and tools where possible
* Change git packages to xz
* Update mirror checksums in packages where they are used
* Change a few source tarballs to xz if available upstream
* Remove unused lines in packages we're touching, requested by jow- and blogic
* We're relying more on xz-utils so add official mirror as primary source, master site as secondary.
* Add SHA256 checksums to multiple git tarball packages

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-06 12:16:56 +02:00
Florian Fainelli
493b0f3f57 toolchain: Force installation into /lib
For 64-bit capable systems, a symbolic link is set up for /lib64 to point to
/lib, so make sure the installation goes into /lib, irrespective of where the C
library files come from in an external toolchain.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-09-28 08:39:00 +02:00
Magnus Kroken
b1f39d3d7e openssl: update to 1.0.2j
A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0
but was omitted from OpenSSL 1.0.2i. As a result any attempt to use
CRLs in OpenSSL 1.0.2i will crash with a null pointer exception.

Patches applied upstream:
* 301-fix_no_nextprotoneg_build.patch
* 302-Fix_typo_introduced_by_a03f81f4.patch

Security advisory: https://www.openssl.org/news/secadv/20160926.txt

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-09-27 17:50:22 +02:00
Rosen Penev
c0b15b3072 openssl: Make DTLS configurable.
Signed-off by: Rosen Penev <rosenp@gmail.com>
2016-09-27 17:50:22 +02:00
Rosen Penev
aaa067ab0b openssl: Remove J-PAKE. Nothing uses it.
Signed-off by: Rosen Penev <rosenp@gmail.com>
2016-09-27 17:50:22 +02:00
Daniel Engberg
edbc8fec8a libjson-c: Update to 0.12.1
Updates libjson-c and removes backport patch.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-09-27 17:50:21 +02:00
diizzyy
509708889c libunwind: use url alias
Use alias instead of hardcoded URL

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-09-27 17:50:21 +02:00
Hauke Mehrtens
ea288126db openssl: backport build fix when hardware support is used
This fix added to the openssl 1.0.2 branch.
In addition add the header for the existing backport.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-24 19:53:00 +02:00
Magnus Kroken
6926325829 openssl: update to 1.0.2i
Drop 302-fix_no_cmac_build.patch, it has been applied upstream.

Security fixes:
* (Severity: High) OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
* (Severity: Moderate) SSL_peek() hang on empty record (CVE-2016-6305)
* 10 Low severity issues

Security advisory: https://www.openssl.org/news/secadv/20160922.txt
Changelog: https://www.openssl.org/news/cl102.txt

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-24 13:28:59 +02:00
John Crispin
edf5b2955e cyassl: remove duplicate submenu level
Signed-off-by: John Crispin <john@phrozen.org>
2016-09-19 16:07:58 +02:00
Andreas Schultz
b9e3e38e79 cyassl: make CyaSSL/WolfSSL more configurable
The default configuration might not be suitable for
every use case. Add options to enable/disable additional
options.

Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2016-09-19 15:30:32 +02:00
Felix Fietkau
00a1056c3f openssl: re-enable ARM assembly
The original reason for disabling it seems to have been fixed
Related discussion: https://github.com/lede-project/source/pull/307

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-31 13:57:05 +02:00
Andreas Schultz
277f85c21a cyassl: make CyaSSL/WolfSSL more configurable
The default configuration might not be suitable for
every use case. Add options to enable/disable additional
options.

Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2016-08-22 17:30:35 +02:00
Hannu Nyman
a77ce8ba96 libs/gmp: update to 6.1.1
Update libgmp to 6.1.1

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-08-15 15:32:38 +02:00
Jo-Philipp Wich
d36c5152ef ncurses: change handling of PKG_CONFIG_LIBDIR
When PKG_CONFIG_LIBDIR was unset in the environment, the configure
script was deducing the PKG_CONFIG_LIBDIR from the location of the
pkg-config binary, which doesn't make a lot of sense, and isn't done
by other autotools based packages.

Patch imported from the Buildroot project:
https://github.com/buildroot/buildroot/blob/master/package/ncurses/0001-fixup-pkg-config-handling.patch

Also refresh patches while we're at.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-15 13:34:17 +02:00
Felix Fietkau
7ee9222770 openssl: re-enable CMAC support
Needed by a few packages

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-09 07:18:03 +02:00
Jo-Philipp Wich
27dffa0b0c uclient: change SSL support error message
Change the error message about missing SSL support to be more explicit by
mentioning required package names.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-08 12:20:15 +02:00
Felix Fietkau
11d47e615b libubox: update to the latest version, adds a few utility functions
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:08 +02:00
Hauke Mehrtens
bdf9243c1b cyassl: update to wolfssl version 3.9.6
Changelog: https://www.wolfssl.com/wolfSSL/Docs-wolfssl-changelog.html

old size:
libcyassl_3.9.0-1_mips_34kc_dsp.ipk     147552

new size:
libcyassl_3.9.6-1_mips_34kc_dsp.ipk     150087

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-24 15:05:03 +02:00
Felix Fietkau
cd91f384ac openssl: re-enable NPN by default
Several packages rely on it

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-24 14:43:44 +02:00
Felix Fietkau
cb8f322d93 openssl: add back the CAST cipher by default
At least netatalk and some ipsec packages use it

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-24 14:42:18 +02:00
Felix Fietkau
600fd467d8 openssl: revert the no-ripemd change, openssh needs that cipher
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-23 19:03:47 +02:00
Dirk Feytons
3ad8bc4366 openssl: add option to disable SRP support
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 12:10:41 +02:00
Dirk Feytons
057b116e09 openssl: add --gc-sections
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 12:10:08 +02:00
Dirk Feytons
41da31ac2c openssl: remove some unneeded functionality and algorithms
The patch needed for this commit has been sent upstream:
https://github.com/openssl/openssl/pull/1155

Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [add back bf and srp]
2016-07-23 12:09:51 +02:00
Dirk Feytons
f16fc21675 openssl: add option to disable PSK support
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 11:59:31 +02:00
Dirk Feytons
0099748fd6 openssl: add option for NPN support
NPN has been superseded by ALPN so NPN is disabled by default
The patch has been sent to OpenSSL for inclusion, see
https://github.com/openssl/openssl/pull/1100

Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 11:59:31 +02:00
Dirk Feytons
eb4fc91a81 openssl: add option to disable compression support
By default it's disabled. After the CRIME attack it seems the use of
compression is discouraged.

Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 11:59:31 +02:00
Dirk Feytons
db11695aa6 openssl: add option to omit deprecated APIs
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 11:59:30 +02:00
Matthias Schiffer
b82c8ddf8c
libpcap: fix dependency of install-shared-so make target
There seems to be a situation in which a rebuild of libpcap.so is triggered
in the install step of the libpcap Makefile. libpcap.so is the wrong
target, leading to the build failure reported in [1].

Fix the dependency of install-shared-so to $(SHAREDLIB) so the build can
succeed in this case.

[1] https://dev.openwrt.org/ticket/19894

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-07-21 17:57:17 +02:00
Felix Fietkau
b948c9371b uclibc++: fix build with gcc 6.1.0, which defaults to using C++14 ABI
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-15 14:18:01 +02:00
Hauke Mehrtens
d43075710b mbedtls: fix missing mbedtls_time_t bug in mbedtls 2.3.0
This backports a commit from mbedtls current git which adds missing
include for platform.h.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-14 09:19:56 +02:00
Hauke Mehrtens
05cc72944c mbedtls: update to version 2.3.0
This fixes 3 minor security problems.
SSLv3 is deactivated by default now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-13 23:03:03 +02:00
Hauke Mehrtens
bd20cb272e polarssl: update to version 1.3.17
This fixes 3 minor security problems.
SSLv3 is deactivated by default now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-13 23:03:02 +02:00
John Crispin
1a06dc6dc2 libubox: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-05 22:59:13 +02:00
Felix Fietkau
bd7289af38 uclient: update to the latest version, fixes HTTP redirect support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-05 12:40:30 +02:00
Felix Fietkau
71753a8286 Revert "ustream-ssl: Fix recursive dependency"
This reverts commit abf0768131.
The description is wrong, there is no recursive dependency here. The
conditions were added intentionally to avoid bogus build dependencies.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-04 16:47:56 +02:00
Daniel Dickinson
abf0768131 ustream-ssl: Fix recursive dependency
Two variants incorrectly include themselves in
conditional depends on ssl libraries, which results
in a recursive dependency.

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-07-04 10:51:41 +02:00
John Crispin
1e9c066595 ustream-ssl: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-02 10:16:17 +02:00
Hauke Mehrtens
f28502a485 libnl-tiny: Generic Netlink multicast groups support
This adds this commit from normal libnl to libnl-tiny:
2dbc1ca76c

commit 2dbc1ca76c5b82c40749e609eb83877418abb006
Author: dima <dima.ky@gmail.com>
Date:   Wed Oct 13 17:53:34 2010 +0300

    Generic Netlink multicast groups support

    I have a patch against commit d378220c96c3c8b6f27dca33e7d8ba03318f9c2d
    extending libnl with a facility to receive generic netlink messages sent
    to multicast groups.

    Essentially it add one new function genl_ctrl_resolve_grp which
    prototype looks like this
    int genl_ctrl_resolve_grp(struct nl_sock *sk, const char *family_name,
            const char *grp_name)
    It resolves  the family name and the group name to group id. Then
    the returned id can be used in nl_socket_add_membership to subscribe
    to multicast messages.

    Besides that it adds two more functions

    uint32_t nl_socket_get_peer_groups(struct nl_sock *sk)
    void nl_socket_set_peer_groups(struct nl_sock *sk, uint32_t groups)

    allowing to modify the socket peer groups field. So it's possible to
    multicast messages from the user space using the legacy interface.
    Looks like there is no way (or I was not able to find one?) to modify
    the netlink socket destination group from the user space, when the
    group id is greater then 32.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cosmetic style fix]
2016-07-02 10:12:04 +02:00
Alin Năstac
86a2702a00 libnetfilter_queue: fix checksum computation
There are 2 issues fixed by this patch:
  - UDP checksum is computed incorrectly, the used pseudo IP header
    contains transport protocol 6 iso 17
  - on big endian arches the UDP/TCP checksum is incorrectly
    computed when payload length is odd

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [refresh patch]
2016-06-26 16:09:48 +02:00
Rafał Miłecki
952beca4aa uclient: update to the latest version with better help and DELETE
This slightly improves output of help messages and supports sending
message body for DELETE.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-06-16 14:54:25 +02:00
Felix Fietkau
a3cde627f8 libubox: update to the latest version, fixes an uloop signal handling race condition
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-15 17:01:15 +02:00
Yousong Zhou
987f14ab23 libunwind: initial version 1.1
The package Makefile was based on work at link [1] with the following
changes

 1. Disable minidebuginfo support thus no dependency on liblzma
 2. Add 2 patches for building against musl-libc and building with
    mips16 enabled
 3. Add LICENSE and DEPENDS info, etc.

[1] https://github.com/rpi-openwrt/rpi-packages/tree/master/libs/libunwind

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2016-06-13 22:51:43 +02:00
John Crispin
62dc9831d3 package/*: update git urls for project repos
Signed-off-by: John Crispin <john@phrozen.org>
2016-06-13 22:51:41 +02:00
Jo-Philipp Wich
9e45f9d63c polarssl: enable AES-GCM and CAMELLIA-GCM ciphersuites
Recent versions of Chrome require this ciphers to successfully handshake with
a TLS enabled uhttpd server using the ustream-polarssl backend.

If `CONFIG_GCM` is disabled, `ssl_ciphersuite_from_id()` will return `NULL`
when cipher `0x9d` is looked up, causing the calling `ssl_ciphersuite_match()`
to fail with `POLARSSL_ERR_SSL_INTERNAL_ERROR`.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-11 03:24:57 +02:00
Jo-Philipp Wich
24a7ccb056 treewide: replace jow@openwrt.org with jo@mein.io
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-07 11:42:52 +02:00
Karl Palsson
9b118cde89 wolfssl: enable openssl 1.0.1 compatibility
>From wolfssl/openssl/opensslv.h, and from skimming the contents of what
"--enable-stunnel" actually does, it seems that --enable-opensslextra
doesn't give you the "full" openssl compatibility that you may wish for
these days.  Unfortuantely, while wolfssl writes the build time options
into wolfssl/options.h, it doesn't include that file itself.  User
applications must include that directly.

Signed-off-by: Karl Palsson <karlp@etactica.com>
2016-06-07 09:22:16 +02:00
Felix Fietkau
d84bf324ba ustream-ssl: update to the latest version, adds cyassl/wolfssl fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-07 09:22:11 +02:00
Felix Fietkau
7eeb254cc4 treewide: replace nbd@openwrt.org with nbd@nbd.name
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-07 08:58:42 +02:00
Dirk Neukirchen
872075c761 elfutils: remove unrecognized config option
fixes:
configure: WARNING: unrecognized options: --disable-werror

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-06-01 15:18:42 +02:00
Dirk Neukirchen
75dc12dac1 libpcap: remove unrecognized configure options
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-06-01 15:18:42 +02:00
Florian Eckert
44b82ab77a libiconv-full: add license tag
show the license for this package in opkg

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-05-31 14:54:19 -04:00
Jo-Philipp Wich
927ab9a262 gettext-full: prevent using emacs
When the gettext-full host build phase finds an `emacs` exectuble during the
build it will launch an `emacs --batch` command to run some Lisp code.

On certain Debian systems the `/usr/bin/emacs` path might point, via
alternatives, to the `/usr/bin/jove` editor which will then launch an
interactive session when invoked by the gettext build.

In order to avoid this problem, explicitely disable emacs handling during
the build through a configure environment variable.

Also remove my now unreachable maintainer address.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-31 15:18:27 +02:00
Felix Fietkau
7ae6b912ae libpcap: set a static default for PCAP_HAS_USB
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-21 20:02:10 +02:00
Dirk Neukirchen
de27a1adae cyassl/wolfssl: update to 3.9.0
wolfssl has a fine grained feature and compatibility control
for compiling stunnel, lighthttp or (partly) openssl dropin
ustream-ssl uses features that require normally
HAVE_SNI, HAVE_STUNNEL and the openssl compatibility headers

ar71xx ipkg sizes of wolfssl 3.9.0:
- with stunnel: 144022
- this patch (w.o. stunnel): 131712
- without openssl(extra): 111104
- w.o openssl/sni:108515
- w.o openssl/sni/ecc: 93954

so patch 300 saves around 12k compressed ipkg size

v2: keep & rename patch 300 for clarity, fixes ustream-ssl/cyassl
that broke with v1

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-05-21 09:57:12 +02:00
Felix Fietkau
c115058669 libubox: update to the latest version
adds a SIGCHLD handling fix and jshn performance improvements

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-20 14:37:52 +02:00
Jo-Philipp Wich
23a1fa07db libusb: disable parallel building
The libusb package is not parallel build save, a make -j16 reliably breaks it.
Forcibly disable parallel building.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-16 17:17:12 +02:00
Syrone Wong
b4c286fa89 nettle: update to 3.2
Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
2016-05-13 17:03:54 +02:00
Felix Fietkau
3d6d5ccf59 openssl: replace ocf-crypto-headers with a header file from cryptodev-linux
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-12 19:35:32 +02:00
John Crispin
6a5471231b libusb: remove stale patch
this patch fixes a bug when using uclibc on MIPS. The bug does not exist when
using musl, so drop the fix.

Signed-off-by: John Crispin <john@phrozen.org>
2016-05-12 03:29:35 +02:00
Felix Fietkau
15f88192bf ncurses: add a compatibility symlink for packages searching for ncursesw/ncurses.h
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-11 19:10:22 +02:00
Felix Fietkau
ef6d6661e2 ncurses: install a dummy libtinfo.a for packages that try to link it
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-11 11:39:34 +02:00
Felix Fietkau
cf3da7d204 Revert "ncurses: package the tinfo library separately"
This reverts commit 975f7160dd.
2016-05-11 11:38:55 +02:00
Felix Fietkau
86777a40e9 gettext-full: avoid spurious dependencies on ncurses
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-10 16:01:38 +02:00
Felix Fietkau
975f7160dd ncurses: package the tinfo library separately
Some packages expect it that way

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-10 16:00:36 +02:00
Felix Fietkau
b01f296f4f ncurses: provide libncurses compatibility symlinks in libncursesw
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-10 14:06:50 +02:00
Felix Fietkau
dd16b7748d ncurses: install pkg-config files to fix util-linux build breakage
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-10 10:12:01 +02:00
Felix Fietkau
5071fb27b9 ncurses: remove libncurses, provide it via libncursesw
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-09 14:49:33 +02:00
Michal Hrusecky
f6adbdf3cd openssl: Update to version 1.0.2h
Bump to the latest version, fixes several security issues:
 * CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176
More details at https://www.openssl.org/news/openssl-1.0.2-notes.html

Signed-off-by: Michal Hrusecky <Michal.Hrusecky@nic.cz>
2016-05-04 13:00:31 +01:00
Gergely Kiss
a2b555189b libiconv: add all ASCII aliases
This patch adds missing ASCII aliases to the libiconv stub in order to avoid conversion errors like https://github.com/openwrt/packages/issues/2373

Signed-off-by: Gergely Kiss <mail.gery@gmail.com>
2016-05-02 18:35:35 +01:00
Jo-Philipp Wich
9531e0fce5 package: fix toolchain ipk flags
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-22 12:20:47 +02:00
Jo-Philipp Wich
abc828b085 openssl: fix wrong build target strings
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-15 07:40:31 +02:00
Jo-Philipp Wich
addfc0efdd uclibc++: add hack to fix failing patch
One of the patched files, include/unwind-cxx.h, contains windows newlines
which lead to the following failure:

  Applying ./patches/006-eabi_fix.patch using plaintext:
  patching file include/typeinfo
  patching file include/unwind-cxx.h
  Hunk #1 FAILED at 173 (different line endings).
  Hunk #2 FAILED at 181 (different line endings).

Add a fixup command to the prepare phase which normalizes the line endings
before applying source patches.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-14 18:27:12 +02:00
Jo-Philipp Wich
9e04019024 package: flag essential components as nonshared
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-06 22:38:47 +02:00
John Crispin
fa69553900 branding: add LEDE branding
Signed-off-by: John Crispin <blogic@openwrt.org>
2016-03-24 22:40:13 +01:00
Hauke Mehrtens
be252b5795 libnl-tiny: backport 'gnet_stats_rate_est64' support
This has been added to the kernel uapi for a while, and makes
sense to have it here too.
At the moment we're using it for query-ing qdisc via netlink
using libnl-tiny.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49188
2016-04-17 12:53:11 +00:00
John Crispin
82f92b4454 package/libs/libusb: Update to 1.0.20
Updates libusb to version 1.0.20 and changes copyright to 2016.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>

SVN-Revision: 49111
2016-04-01 07:12:14 +00:00
John Crispin
398ad31150 package/libs/lzo: update version to 2.09
Updates lzo to version 2.09 and changes copyright to 2016.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>

SVN-Revision: 49110
2016-04-01 07:12:11 +00:00
Felix Fietkau
21361dbf74 uclibc++: add a patch to fix memory corruption issues on exceptions
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48928
2016-03-05 14:23:49 +00:00
Jo-Philipp Wich
c042adcf74 cyassl: disable Intel ASM for now
With ASM support enabled, CyaSSL fails to build on all x86 subtargets.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48876
2016-03-02 10:01:27 +00:00
Jo-Philipp Wich
25b34dd97f openssl: update to 1.0.2g (8 CVEs)
CVE-2016-0704

s2_srvr.c overwrite the wrong bytes in the master-key when applying
Bleichenbacher protection for export cipher suites. This provides a
Bleichenbacher oracle, and could potentially allow more efficient variants of
the DROWN attack.

CVE-2016-0703

s2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers.
If clear-key bytes are present for these ciphers, they *displace* encrypted-key
bytes. This leads to an efficient divide-and-conquer key recovery attack: if
an eavesdropper has intercepted an SSLv2 handshake, they can use the server as
an oracle to determine the SSLv2 master-key, using only 16 connections to the
server and negligible computation. More importantly, this leads to a more
efficient version of DROWN that is effective against non-export ciphersuites,
and requires no significant computation.

CVE-2016-0702

A side-channel attack was found which makes use of cache-bank conflicts on
the Intel Sandy-Bridge microarchitecture which could lead to the recovery of
RSA keys. The ability to exploit this issue is limited as it relies on an
attacker who has control of code in a thread running on the same hyper-
threaded core as the victim thread which is performing decryptions.

CVE-2016-0799

The internal |fmtstr| function used in processing a "%s" format string in
the BIO_*printf functions could overflow while calculating the length of a
string and cause an OOB read when printing very long strings. Additionally
the internal |doapr_outch| function can attempt to write to an OOB memory
location (at an offset from the NULL pointer) in the event of a memory
allocation failure. In 1.0.2 and below this could be caused where the size
of a buffer to be allocated is greater than INT_MAX. E.g. this could be in
processing a very long "%s" format string. Memory leaks can also occur.
The first issue may mask the second issue dependent on compiler behaviour.
These problems could enable attacks where large amounts of untrusted data is
passed to the BIO_*printf functions. If applications use these functions in
this way then they could be vulnerable. OpenSSL itself uses these functions
when printing out human-readable dumps of ASN.1 data. Therefore applications
that print this data could be vulnerable if the data is from untrusted sources.
OpenSSL command line applications could also be vulnerable where they print out
ASN.1 data, or if untrusted data is passed as command line arguments. Libssl is
not considered directly vulnerable. Additionally certificates etc received via
remote connections via libssl are also unlikely to be able to trigger these
issues because of message size limits enforced within libssl.

CVE-2016-0797

In the BN_hex2bn function the number of hex digits is calculated using an int
value |i|. Later |bn_expand| is called with a value of |i * 4|. For large
values of |i| this can result in |bn_expand| not allocating any memory because
|i * 4| is negative. This can leave the internal BIGNUM data field as NULL
leading to a subsequent NULL ptr deref. For very large values of |i|, the
calculation |i * 4| could be a positive value smaller than |i|. In this case
memory is allocated to the internal BIGNUM data field, but it is insufficiently
sized leading to heap corruption. A similar issue exists in BN_dec2bn. This
could have security consequences if BN_hex2bn/BN_dec2bn is ever called by user
applications with very large untrusted hex/dec data. This is anticipated to be
a rare occurrence. All OpenSSL internal usage of these functions use data that
is not expected to be untrusted, e.g. config file data or application command
line arguments. If user developed applications generate config file data based
on untrusted data then it is possible that this could also lead to security
consequences. This is also anticipated to be rare.

CVE-2016-0798

The SRP user database lookup method SRP_VBASE_get_by_user had confusing memory
management semantics; the returned pointer was sometimes newly allocated, and
sometimes owned by the callee. The calling code has no way of distinguishing
these two cases. Specifically, SRP servers that configure a secret seed to hide
valid login information are vulnerable to a memory leak: an attacker connecting
with an invalid username can cause a memory leak of around 300 bytes per
connection. Servers that do not configure SRP, or configure SRP but do not
configure a seed are not vulnerable. In Apache, the seed directive is known as
SSLSRPUnknownUserSeed. To mitigate the memory leak, the seed handling in
SRP_VBASE_get_by_user is now disabled even if the user has configured a seed.
Applications are advised to migrate to SRP_VBASE_get1_by_user. However, note
that OpenSSL makes no strong guarantees about the indistinguishability of valid
and invalid logins. In particular, computations are currently not carried out
in constant time.

CVE-2016-0705

A double free bug was discovered when OpenSSL parses malformed DSA private keys
and could lead to a DoS attack or memory corruption for applications that
receive DSA private keys from untrusted sources. This scenario is considered
rare.

CVE-2016-0800

A cross-protocol attack was discovered that could lead to decryption of TLS
sessions by using a server supporting SSLv2 and EXPORT cipher suites as a
Bleichenbacher RSA padding oracle. Note that traffic between clients and non-
vulnerable servers can be decrypted provided another server supporting SSLv2
and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or POP)
shares the RSA keys of the non-vulnerable server. This vulnerability is known
as DROWN (CVE-2016-0800). Recovering one session key requires the attacker to
perform approximately 2^50 computation, as well as thousands of connections to
the affected server. A more efficient variant of the DROWN attack exists
against unpatched OpenSSL servers using versions that predate 1.0.2a, 1.0.1m,
1.0.0r and 0.9.8zf released on 19/Mar/2015 (see CVE-2016-0703 below). Users can
avoid this issue by disabling the SSLv2 protocol in all their SSL/TLS servers,
if they've not done so already. Disabling all SSLv2 ciphers is also sufficient,
provided the patches for CVE-2015-3197 (fixed in OpenSSL 1.0.1r and 1.0.2f)
have been deployed. Servers that have not disabled the SSLv2 protocol, and are
not patched for CVE-2015-3197 are vulnerable to DROWN even if all SSLv2
ciphers are nominally disabled, because malicious clients can force the use of
SSLv2 with EXPORT ciphers. OpenSSL 1.0.2g and 1.0.1s deploy the following
mitigation against DROWN: SSLv2 is now by default disabled at build-time.
Builds that are not configured with "enable-ssl2" will not support SSLv2.
Even if "enable-ssl2" is used, users who want to negotiate SSLv2 via the
version-flexible SSLv23_method() will need to explicitly call either of:
SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); or SSL_clear_options(ssl,
SSL_OP_NO_SSLv2); as appropriate. Even if either of those is used, or the
application explicitly uses the version-specific SSLv2_method() or its client
or server variants, SSLv2 ciphers vulnerable to exhaustive search key recovery
have been removed. Specifically, the SSLv2 40-bit EXPORT ciphers, and SSLv2
56-bit DES are no longer available. In addition, weak ciphers in SSLv3 and up
are now disabled in default builds of OpenSSL. Builds that are not configured
with "enable-weak-ssl-ciphers" will not provide any "EXPORT" or "LOW" strength
ciphers.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48868
2016-03-01 14:31:08 +00:00
John Crispin
3aceb54a3b libubox: update to latest git HEAD
adds isdir support to json_script

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 48798
2016-02-26 08:35:41 +00:00
Felix Fietkau
64da662a88 toolchain/glibc: remove obsolete versions
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48780
2016-02-25 13:43:46 +00:00
Felix Fietkau
b77a72ce0c ustream-ssl: update to the latest version, fixes openssl TLS version selection
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48752
2016-02-22 08:54:46 +00:00
John Crispin
a231a9afd3 package/libs/gmp: update libgmp to 6.1.0
Update also the library version of gmp to 6.1.0.
Switch download to use the GNU alias.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 48712
2016-02-12 08:31:39 +00:00
Jo-Philipp Wich
39852286e9 libubox: properly handle "null" values in blobmsg_add_json_element()
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48687
2016-02-09 22:42:48 +00:00
Hauke Mehrtens
6329349cd0 cyassl: update to wolfssl version 3.8.0
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 48616
2016-02-01 22:38:28 +00:00
Felix Fietkau
2911212962 openssl: update to 1.0.2f (fixes CVE-2016-0701, CVE-2015-3197)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48531
2016-01-28 18:20:06 +00:00
Felix Fietkau
02ba90c228 uclient: update to the latest version, fixes connection timeout handling (#21726)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48524
2016-01-28 11:23:50 +00:00
Felix Fietkau
30a8ab5726 libubox: update to the latest version, adds usock_inet_timeout() with RFC6555 support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48523
2016-01-28 11:22:49 +00:00
Felix Fietkau
487efe2508 ustream-ssl: update to the latest version, fixes hostname validation with openssl
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48503
2016-01-26 00:10:19 +00:00
Felix Fietkau
9d0703f016 uclient: update to the latest version, now truncates files when overwriting them
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48465
2016-01-23 20:02:34 +00:00
Felix Fietkau
7e29a768fa uclient: update to the latest version, improves interoperability with quirky servers
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48463
2016-01-23 18:53:17 +00:00
Felix Fietkau
87456ff286 ustream-ssl: update to the latest version, fixes handling SSL connection close notification
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48462
2016-01-23 18:53:12 +00:00
Felix Fietkau
ac734726fe uclient: update to the latest version, fixes overwrite with wget -O
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48441
2016-01-21 15:59:39 +00:00
Felix Fietkau
24f553e2d8 elfutils: fix compatibility with non-glibc builds
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48429
2016-01-21 14:08:33 +00:00
Felix Fietkau
81868a8619 gettext-full: fix relocatable patch
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48420
2016-01-20 23:21:03 +00:00
Felix Fietkau
285f024c88 gettext-full: use $(STAGING_DIR)/host instead of $(STAGING_DIR_HOST)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48407
2016-01-20 19:36:18 +00:00
Felix Fietkau
dcdcbdd50e gettext: use $(STAGING_DIR)/host instead of $(STAGING_DIR_HOST)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48406
2016-01-20 19:36:14 +00:00
Felix Fietkau
4c030333a3 libiconv: install to the new prefix
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48402
2016-01-20 19:12:22 +00:00
Felix Fietkau
1981ee7d75 toolchain: Reverse glibc/eglibc conditionals to check for eglibc
This will make adding future glibc versions easier because the
conditionals won't have to be modified again.

Signed-off-by: Michael Marley <michael@michaelmarley.com>

SVN-Revision: 48399
2016-01-20 19:12:01 +00:00
Felix Fietkau
272a3e03de libiconv: change include guard to make glib2 consider it compatible
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48396
2016-01-20 13:54:30 +00:00
Felix Fietkau
99fb7d9a4e elfutils: bump to 0.165
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

SVN-Revision: 48393
2016-01-20 13:54:13 +00:00
Felix Fietkau
8353ed85f2 uclient: update to the latest version, adds an auth reconnect handling fix and a small uclient-fetch command line fix
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48390
2016-01-20 10:15:25 +00:00
Felix Fietkau
f6e4badfe4 toolchain: Add glibc 2.22
Signed-off-by: Michael Marley <michael@michaelmarley.com>

SVN-Revision: 48383
2016-01-19 22:58:51 +00:00
Felix Fietkau
54baefc480 ustream-ssl: update to the latest version, fixes connection with servers requiring DHE
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48380
2016-01-19 22:41:36 +00:00
Felix Fietkau
23541c6f6f uclient: install a symlink from uclient-fetch to wget into /bin
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48379
2016-01-19 22:41:31 +00:00
Felix Fietkau
977948b15c uclient: update to the latest version, fixes a cosmetic progress bar issue
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48378
2016-01-19 22:41:18 +00:00
Felix Fietkau
8de052800a openssl: remove the separate configuration menu, use the implicit one (via MENU:=1)
Fixes warning on selecting OPENSSL_ENGINE_CRYPTO if openssl is not selected

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48312
2016-01-18 12:42:08 +00:00
Jo-Philipp Wich
1bd8400752 package/libs/libiconv: function names
Currently libiconv-stub and libiconv-full use different names
for functions iconv, iconv_open, and iconv_close.

This may lead to failures when building modules, e.g. with
apr-util when NLS is not activated.

The two modules libiconv-stub and libiconv-full should be
interchangeable, so we need the same function names.

cf.
http://git.savannah.gnu.org/cgit/libiconv.git/tree/include/iconv.h.in

After applying this patch execute

	make distclean

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

SVN-Revision: 48301
2016-01-18 09:23:17 +00:00
Felix Fietkau
c3b01ead44 uclient: update to the latest version, adds many fixes/features
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48278
2016-01-17 12:41:06 +00:00
Felix Fietkau
b075688953 ustream-ssl: fix copy&paste mistake in mbedtls variant title
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48258
2016-01-16 09:14:03 +00:00
Felix Fietkau
b0b0c319f9 polarssl: update to 1.3.16, fixes intermediate certificate validation
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48257
2016-01-16 00:20:05 +00:00
Felix Fietkau
d9494cdf6d ustream-ssl: update to the latest version, adds mbedtls variant
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48256
2016-01-16 00:20:01 +00:00
Felix Fietkau
5bd5c3282b libubox: update to the latest version, adds lua/ustream fixes and extends usock
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48255
2016-01-16 00:19:54 +00:00
Felix Fietkau
6665bbb1a0 mbedtls: update to version 2.2.1
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48254
2016-01-16 00:19:47 +00:00
Jo-Philipp Wich
b809725eb1 gettext-full: make autopoint and gettextize reloctable
The autopoint and gettextize host utilities contain hardcoded staging dir
paths which need to be overridden for the SDK environment.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48208
2016-01-12 07:51:56 +00:00
Felix Fietkau
da19a09b9e Revert "package/libs/libtool: rename to libltdl"
This reverts commit r48149

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48169
2016-01-10 11:39:19 +00:00
Felix Fietkau
3e0615fe8f package/libs/zlib: new package zlib-dev
The patch adds a new package zlib-dev. It contains all files needed for
compiling a program using the zlib library:

/usr/include/zconf.h
/usr/include/zlib.h
/usr/lib/libz.a
/usr/lib/pkgconfig/zlib.pc

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

SVN-Revision: 48151
2016-01-07 21:08:13 +00:00
Felix Fietkau
d65fe30d9b package/libs/libtool: rename to libltdl
Source package libtool is used to package libltdl.
Unfortunately binary libtoolize is missing.
Packaging libtoolize would depend on package file which is in the
packages feed.
Felix Fietkau suggested to rename source libtool to libltdl
and to create a new package libtool in packages.

This patch contains the renaming.

CC: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

SVN-Revision: 48149
2016-01-07 21:08:00 +00:00
Felix Fietkau
04d7cf87e3 ustream-ssl: move to git.openwrt.org
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48126
2016-01-04 15:12:53 +00:00
Felix Fietkau
dce9fb3006 librpc: move to git.openwrt.org
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48125
2016-01-04 15:12:37 +00:00
Felix Fietkau
9cd6162b63 packages: use OPENWRT_GIT to point at the main openwrt git repo
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48118
2016-01-04 15:11:49 +00:00
John Crispin
c75c8ab6a6 libnl: fix warning with poll.h include on musl
Warning is:
  #warning redirecting incorrect #include <sys/poll.h> to <poll.

Not a big issue.
But it can be annoying when building with -Werror set.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

SVN-Revision: 48004
2015-12-23 19:26:26 +00:00
John Crispin
395dd083fc OpenSSL: Added source/old to PKG_SOURCE_URL
OpenSSL moves old versions of the library from
http://www.openssl.org/source/ to
http://www.openssl.org/source/old/$version/ breaking the old links.
That behavior breaks the OpenWRT-build every time OpenSSL releases
a new version.

This patch adds http://www.openssl.org/source/old/$version/ to the
PKG_SOURCE_URL of OpenSSL to avoid breaking the build whenever
OpenSSL releases a new version.

Signed-off-by: Kevin Kirsch <ranlvor@starletp9.de>
Reviewed-by: Alexander Dahl <post@lespocky.de>

SVN-Revision: 47860
2015-12-11 15:07:40 +00:00
John Crispin
354aa80ada ncurses: Fix build of libncursew
Packages using libncursesw can fail to build if both libncurses and libncursesw
are not installed. Currently the ncurses.h file is installed in "usr/include/ncursesw"
directory and includes other .h files in the "usr/include" directory incorrectly.
For example: Including <ncursesw/ncurses.h> fails due to these references. These build
changes will set the correct include paths within the developer includes.

Packages that expect ncurses.h (or curses.h) in the default "usr/include" path fail
even when expecting to build with libncursesw and will need to be fixed as well. However,
they cannot be fixed until this patch is applied.

Signed-off-by: Ted Hess <thess@kitschensync.net>

SVN-Revision: 47853
2015-12-11 15:06:01 +00:00
Felix Fietkau
8af89bbcb6 popt: remove xgettext prereq check, it is not necessary
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47826
2015-12-10 12:40:19 +00:00
Hauke Mehrtens
f1d3b08fc0 openssl: add config option for no_hw support
The hardware support is required by some 3rd party engines (tpm)

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>

SVN-Revision: 47817
2015-12-09 22:26:40 +00:00
Hauke Mehrtens
52df3181c1 cyassl: update to wolfSSL version 3.7.0
This version and version 3.6.8 are fixing the following security problems:
* CVE-2015-7744
* CVE-2015-6925

The activation of SSLv3 support is needed for curl.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 47791
2015-12-05 15:45:31 +00:00
Hauke Mehrtens
82c491708b openssl: update to version 1.0.2e
This fixes the following security problems:
* CVE-2015-3193
* CVE-2015-3194
* CVE-2015-3195)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 47726
2015-12-03 21:01:57 +00:00
Hauke Mehrtens
9453b61c94 mbedtls: update to version 2.1.3
This fixes some non critical bugs.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 47725
2015-12-03 21:01:18 +00:00
Hauke Mehrtens
8c058ae0bd polarssl: update to version 1.3.15
This is a minor version update which fixes some small bugs. None of
these bugs were exploitable according to the release notes.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>

SVN-Revision: 47724
2015-12-03 21:00:45 +00:00
Hauke Mehrtens
bd527a8d18 gettext-full: activate format-security checks
This patch was taken from upstream libcroco

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 47585
2015-11-22 14:18:04 +00:00
Hauke Mehrtens
146dab8841 gettext-full: update to version 0.19.6
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 47584
2015-11-22 14:17:11 +00:00
Felix Fietkau
1e06647d37 libnl-tiny: include <sys/socket.h>
Currently some libnl headers require application code to include
dependencies on its own. E.g. a simple include of <linux/netlink.h>
will trigger an error:
/usr/include/libnl-tiny/linux/netlink.h:32:2: error: unknown type name 'sa_family_t'

Similarly including <netlink/handlers.h> causes:
/usr/include/libnl-tiny/netlink/handlers.h:133:19: warning: 'struct ucred' declared inside parameter list [enabled by default]

Fix it by including <sys/socket.h> where needed in libnl headers.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 47456
2015-11-11 11:39:21 +00:00
Felix Fietkau
77c25c2dd1 elfutils: bump to 0.164
Patches are refreshed except for elfutils-portability, which is gone:
https://lists.fedorahosted.org/pipermail/elfutils-devel/2015-October/005290.html

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

SVN-Revision: 47453
2015-11-11 08:32:28 +00:00
Felix Fietkau
79e14650e0 toolchain: remove obsolete relinking code
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47445
2015-11-10 21:11:03 +00:00
Felix Fietkau
f7939f5e74 gcc: remove version 4.6, it is no longer needed
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47443
2015-11-10 21:10:53 +00:00
Felix Fietkau
d965d94b22 libubox: update to the latest version, adds a small json_script feature
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47418
2015-11-08 20:39:01 +00:00
Felix Fietkau
1242463489 librpc: update to the latest version, fixes build with uclibc-ng (#20856)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47382
2015-11-04 18:33:12 +00:00
John Crispin
4ce2b7cda5 libpcap: USB support by default if usbmon is enabled
If building usbmon support then you'll likely want to have
USB support in libpcap as well.

Signed-off-by: Bjørn Mork <bjorn@mork.no>

SVN-Revision: 47265
2015-10-26 09:02:03 +00:00
Hauke Mehrtens
b792ea7ac0 polarssl: update to version 1.3.14
This fixes CVE-2015-5291 and some other smaller security issues.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 47201
2015-10-18 21:48:32 +00:00
Hauke Mehrtens
43d397d7d6 mbedtls: update to version 2.1.2
This fixes CVE-2015-5291 and some other smaller security issues.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 47200
2015-10-18 21:48:04 +00:00
Luka Perkov
75078acd93 cosmetic: remove trailing whitespaces
Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 47197
2015-10-15 22:12:13 +00:00
Luka Perkov
c420373557 libnl: fix URL
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>

SVN-Revision: 47183
2015-10-11 22:19:25 +00:00
Felix Fietkau
f0ce8d24e6 libnl: Install include files into libnl3
Install header files into same location as pkgconfig/libnl-3.0.pc says:
  Cflags: -I${includedir}/libnl3

Signed-off-by: Bruno Randolf <br1@einfach.org>

SVN-Revision: 47102
2015-10-02 16:24:15 +00:00
Felix Fietkau
b976097bc6 libnl: split libnl into smaller libraries
Some modules may require only libnl-genl, some
libnl-route and fewer would require libnl-nf.

This patch splits the entire libnl package into smaller
more granular libs that can be installed individually as required.

Also added libnl*.so symlinks for convenience.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

SVN-Revision: 47037
2015-09-24 09:08:52 +00:00
John Crispin
c35420c6a5 libubox: update to latest git revision
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 46937
2015-09-15 06:12:42 +00:00
Felix Fietkau
b13d8e55a7 argp-standalone: fix build error with gcc 5.2 (#20460)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46813
2015-09-08 07:10:07 +00:00
Felix Fietkau
3ae9c4fcad uclibc++: fix build with gcc 5.2
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46777
2015-09-03 13:15:05 +00:00
Felix Fietkau
41a9f280c4 libpcap: update to version 1.7.4
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46776
2015-09-03 13:14:56 +00:00
Steven Barth
37160e21bb polarssl: bump to 1.3.12
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46762
2015-09-01 18:48:15 +00:00
Steven Barth
bef52af66f polarssl: Fix build failures due to PKG_NAME != dir name
Packages that depend on PolarSSL fail to build because polarssl's InstallDev
section never actually gets executed because (prior to this patch) the package
name does not match the subdir the package is in (presumably due to upstream
name change).  As a workaround I have changed the package name back to
polarssl and used a new variable SRC_PKG_NAME for the purposes of downloading
the upstream tarball and creating PKG_BUILD_DIR.

Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>

SVN-Revision: 46683
2015-08-18 08:37:38 +00:00
Hauke Mehrtens
252bcd379a cyassl: the upstream package in version 4.6.0 changed
Update the md5sum to the new version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46551
2015-08-03 20:34:28 +00:00
Luka Perkov
18721fa120 openssl: add one more mirror
Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 46517
2015-07-28 21:54:44 +00:00
Steven Barth
da337e211e mbedtls: package version 2.0, make polarssl compatible
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46484
2015-07-24 22:26:44 +00:00
Jo-Philipp Wich
48d9137d31 openssl: update to v1.0.2d (CVE-2015-1793)
During certificate verification, OpenSSL (starting from version 1.0.1n and
1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this
logic can mean that an attacker could cause certain checks on untrusted
certificates to be bypassed, such as the CA flag, enabling them to use a valid
leaf certificate to act as a CA and "issue" an invalid certificate.

This issue will impact any application that verifies certificates including
SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 46285
2015-07-09 13:04:27 +00:00
Steven Barth
f3cacb9e84 uclibc++: link libssp_nonshared only for musl
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46192
2015-07-06 08:55:28 +00:00
Hauke Mehrtens
69a2459c66 cyassl: update to wolfssl 3.6.0
Upstream wolfssl already has better checks to detect broken ssl v2
ClientHellos, we can remove our hack.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46168
2015-07-03 23:20:36 +00:00
Hauke Mehrtens
9177e16098 cyassl: version bump to 3.4.6
This patch introduces a new build error into coova-chilli, but
coova-chilli already fails to build even without it anyway. CyaSSL is
now called wolfSSL, and all the API's have been renamed, and
backward-compatibility headers added.

Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46167
2015-07-03 23:20:01 +00:00
Jo-Philipp Wich
27b9bf4493 uclibc++: make g++-uc* wrappers relocatable
The g++-uc wrapper hardcodes $(STAGING_DIR) and $(TOOLCHAIN_DIR) paths which
will not work outside of the original build environment.

Replace the hardcoded staging_dir occurences with paths relative to the
$STAGING_DIR environment variable to make the g++-uc* wrappers usable in an
SDK environment.

Fixes the libdb47 build failure reported at
  https://lists.openwrt.org/pipermail/openwrt-devel/2015-April/032455.html

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 46162
2015-07-03 13:33:05 +00:00
Steven Barth
6d48dcb8d5 libubox: fix MD5 for musl on big-endian platforms
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46145
2015-06-29 14:12:38 +00:00
Steven Barth
a47a5dd28d elfutils: bump to 0.163
Bugfix only release.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

SVN-Revision: 46136
2015-06-29 06:47:31 +00:00
Jo-Philipp Wich
a98549b8ec libiconv-full: fix build with fortify source
Avoid redefining `realpath` to fix the following error:

    .../include/fortify/stdlib.h:36:13: error: 'realpath' undeclared here (not in a function)

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 46127
2015-06-25 12:13:57 +00:00
Steven Barth
933b588e25 uclibc++: link against libssp_nonshared instead of libssp
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46076
2015-06-20 18:36:52 +00:00
Steven Barth
34aeffef08 libpcap: fixup libtool
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46074
2015-06-20 17:37:28 +00:00
Steven Barth
8a9fd81e55 uclibc++: only disable SSP for ppc
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46067
2015-06-19 14:36:37 +00:00
Steven Barth
38da12f7e4 uclibc++: honor ldflags, disable SSP
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46066
2015-06-19 14:09:02 +00:00
Steven Barth
4d548dce67 libtool: enable passthrough for SSP options
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46065
2015-06-19 13:45:48 +00:00
Steven Barth
6e3b087de8 libnl-tiny: honor CFLAGS when linking
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46029
2015-06-18 08:13:04 +00:00
Felix Fietkau
535f58c362 libusb-compat: fix musl compatibility issues
Use stdint types instead of non-standard ones

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>

SVN-Revision: 46025
2015-06-18 06:39:09 +00:00
Steven Barth
6ac38545c9 openssl: disable parallel builds (spurious linking break)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46005
2015-06-16 17:28:11 +00:00
Felix Fietkau
7ba6500d2c elfutils: bump to 0.162
Besides source.tgz, 001-elfutils-portability.patch (provided by upstream
project) where updated.

Other patches where updated to fix hulk warnings and minor conflicts.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

SVN-Revision: 45984
2015-06-15 07:46:21 +00:00
Felix Fietkau
b98fb76646 elfutils: import package from packages.git
elfutils is required by perf. So we'll move this package from
packages.git and make it part of the core distribution.

Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>

SVN-Revision: 45969
2015-06-14 17:43:40 +00:00
Felix Fietkau
389144d701 argp-standalone: import package from packages.git
argp-standalone is required by elfutils, itself required by perf. So
we'll move this package from packages.git and make it part of the core
distribution.

Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>

SVN-Revision: 45967
2015-06-14 17:43:28 +00:00
Felix Fietkau
0c66367e3f libubox: update to the latest version, adds a few fixes
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45959
2015-06-14 17:41:33 +00:00
Steven Barth
38e0845bd7 openssl: 1.0.2c (srsly, you guys, srsly)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45950
2015-06-12 20:49:20 +00:00
Steven Barth
085a75aec2 openssl: fixes CVE-2015-4000 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792 CVE-2015-1791
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45947
2015-06-11 20:36:46 +00:00
Steven Barth
89c8d78d31 openssl: 1.0.2b (hey, we made it nearly 3 months this time!)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45946
2015-06-11 20:28:44 +00:00
Jo-Philipp Wich
645635801d ustream-ssl: fix compilation against current PolarSSL/mbedTLS version
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45934
2015-06-09 16:52:12 +00:00
Steven Barth
2f463c1112 polarssl: bump to 1.3.11
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45925
2015-06-08 07:38:13 +00:00
Hauke Mehrtens
c1a3a1ac2d ncurses: Fix building with gcc 5.1
This patch is taken from the gentoo guys who extracted this from a large
upstream commit (with many unrelated changes).

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 45878
2015-06-02 21:54:54 +00:00
Felix Fietkau
e79506709f libubox: update to the latest version, adds a base64 implementation
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45641
2015-05-08 12:35:41 +00:00
Felix Fietkau
af9672cfde ustream-ssl: correct year in PKG_VERSION string
ustream-ssl: correct the year in the PKG_VERSION string, as both r45157 and
r45441 left the old year 2014 there. For a casual user it may seem that the
current code is from April 2014, although
a4ca61527236e89eb9efb782fd9bfd04796144e3 is from April 2015.

http://nbd.name/gitweb.cgi?p=ustream-ssl.git;a=commit;h=a4ca61527236e89eb9efb782fd9bfd04796144e3
https://dev.openwrt.org/changeset/45441/
https://dev.openwrt.org/changeset/45157/

signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 45623
2015-05-08 10:43:48 +00:00
Felix Fietkau
334ad1d49f polarssl: include PKG_RELEASE in ABI_VERSION
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45610
2015-05-05 10:14:04 +00:00
Felix Fietkau
34cacae2b9 polarssl: disable runtime version checks to save some space
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45607
2015-05-05 10:00:49 +00:00
Felix Fietkau
434bf8a90b polarssl: disable an unused random number generator
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45606
2015-05-05 10:00:36 +00:00
Steven Barth
4d9694981b nettle: bump to 3.1.1
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45595
2015-05-03 11:19:42 +00:00
Felix Fietkau
4d58f0f4d9 Revert "ncurses: cleanup InstallDev"
This reverts r43204. The symlinks are faulty, as they point to a
temporary staging dir

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45569
2015-04-23 11:06:15 +00:00
Steven Barth
18f55ddf7d nettle: bump to 3.1
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45526
2015-04-20 20:47:42 +00:00
Felix Fietkau
1233e38be8 libnl-tiny: link library with -Bsymbolic-functions
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45510
2015-04-19 18:33:19 +00:00
Felix Fietkau
384ac9cdf7 uclient: update to the latest version, fixes a crash in processing redirect/disconnect after headers
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45446
2015-04-14 21:05:45 +00:00
John Crispin
da2742db3b ustream-ssl: update to latest git HEAD
fixes long writes when using polarssl

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45441
2015-04-14 19:01:24 +00:00
Felix Fietkau
baef360adb librpc: update to the latest version, fixes musl compatibility issues (#19445)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45366
2015-04-10 20:02:55 +00:00
John Crispin
3d248c4dee openssl: disable arm optimisation until we know why it fails on some socs
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45343
2015-04-10 08:27:55 +00:00
Nicolas Thill
fe46689f10 packages: use $(LN) macro, make symlinks relative
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 45250
2015-04-03 00:07:43 +00:00
Nicolas Thill
b8dccba8f2 ustream-ssl: fix SNI when building against cyassl
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 45224
2015-04-01 15:11:38 +00:00
Nicolas Thill
32085b22b0 libreadline: cleanup Makefile, fix shlib perms
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 45223
2015-04-01 15:11:32 +00:00
John Crispin
426d3abe8f cyassl: add --enable-ecc as its needed when using the CA certificates
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45217
2015-04-01 13:00:45 +00:00
John Crispin
97b3237307 ustream-ssl: enable SNI when building for cyassl
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45216
2015-04-01 10:42:33 +00:00
John Crispin
b233fdcfa2 cyassl: add support for SSL_set_tlsext_host_name
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45215
2015-04-01 10:42:28 +00:00
John Crispin
67bf89324d ustream-ssl: properly handle return codes
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45157
2015-03-30 13:17:27 +00:00
Felix Fietkau
2d13d8dc76 conntrack-tools: update package (along with associated libraries) to the latest version, fix musl build issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45077
2015-03-28 10:19:26 +00:00
Felix Fietkau
a24db9522c update libnetfilter_conntrack to version 1.0.4
This updates libnetfilter_conntrack to the latest
stable version 1.0.4 which was released Aug-06-2013.

Changeset is available here:
http://git.netfilter.org/libnetfilter_conntrack/log/

Signed-off-by: Christian Mehlis <christian@m3hlis.de>

SVN-Revision: 45074
2015-03-28 10:19:04 +00:00
Felix Fietkau
6aba44bfe0 toolchain: drop obsolete references to the coldfire target
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44975
2015-03-25 14:29:17 +00:00
Felix Fietkau
5d9eeab64a build: remove obsolete references to cris and avr32
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44965
2015-03-24 10:07:40 +00:00
Felix Fietkau
512066dba4 toolchain: remove obsolete checks for avr32
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44963
2015-03-24 10:07:25 +00:00
John Crispin
752fc0c8d3 libubox: update to latest git HEAD
fix a bug the made uloop_end() not work when called from within a uloop_process
callback handler

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 44945
2015-03-22 19:30:04 +00:00
Steven Barth
3006bc6904 openssl: biweekly critical security update
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 44900
2015-03-20 08:14:42 +00:00
Nicolas Thill
4b382a440b packages: some (e)glibc fixes after r44701
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 44842
2015-03-16 12:25:06 +00:00
Felix Fietkau
8733c8103b json-c: merge an upstream fix for a compiler warning (fixes #19187)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44826
2015-03-16 07:54:55 +00:00
John Crispin
3e2f578353 toolchain: The glorious return of glibc, ver 2.21
It's the eglibc packaging with a bit of spit-polishing. And testing. :-)

[blogic: merged glibc and eglibc into 1 and made eglibc a glibc variant]

Signed-off-by: Jeff Waugh <jdub@bethesignal.org>
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 44701
2015-03-12 19:50:57 +00:00
John Crispin
59c20174f8 json-c: update to 0.12 and bump all depending services
Version 0.12 deprecates json_object_object_get and moves the header files around

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 44657
2015-03-11 15:54:33 +00:00
John Crispin
8573891dfe openssl: enable ARM assembly acceleration
Tested myself on ixp4xx and mvebu, and (originally)
by Daniel on i.MX6. Also tested on a MIPS target,
to make sure the change to ASFLAGS does not break things.

Based on a patch submitted by Daniel Drown:

https://lists.openwrt.org/pipermail/openwrt-devel/2014-July/026639.html

Signed-off-by: Claudio Leite <leitec@staticky.com>
Signed-off-by: Daniel Drown <dan-openwrt@drown.org>

SVN-Revision: 44618
2015-03-06 07:57:10 +00:00
Jo-Philipp Wich
e0f48f8d30 libubox: implement ulog_close() and call it on ulog_open()
This is required to properly update syslog idents when switching between
log modes.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 44546
2015-02-26 13:42:44 +00:00
Jo-Philipp Wich
948483f93c libubox: introduce generic logging api
Update to git head in order to introduce the new ulog() logging api which
supports early boot logging to dmesg.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 44542
2015-02-26 10:25:18 +00:00
Nicolas Thill
4b8ebb5d50 packages: remove uneeded PKG_BUILD_DIR overrides
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 44498
2015-02-22 01:31:21 +00:00
Jo-Philipp Wich
7aa5766ad1 libevent2: remove defunct download mirror
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 44380
2015-02-10 18:55:44 +00:00
Steven Barth
909af3fa4b openssl: fix upstream regression for non-ec builds
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 44364
2015-02-09 15:26:35 +00:00
Steven Barth
1a014d170a polarssl: bump to 1.3.10, work around rename to mbedtls
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 44361
2015-02-09 12:44:32 +00:00
Steven Barth
2ca8a6cce4 openssl: bump to 1.0.2
Fixes CVE-2014-3513, CVE-2014-3567, CVE-2014-3568, CVE-2014-3566

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 44332
2015-02-09 12:04:00 +00:00
Jo-Philipp Wich
74338a700a libevent2: update to v2.0.22
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 44289
2015-02-06 10:30:04 +00:00
Jo-Philipp Wich
66fe4fd966 ncurses: add host build for 'tic'
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 44282
2015-02-05 23:18:42 +00:00
John Crispin
43b0486a1d libubox: update to latest git HEAD
adds "ignore SIGPIPE by default"

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 44178
2015-01-28 12:08:04 +00:00
Felix Fietkau
bc31129b03 gmp: use http instead of ftp download (#18805)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44082
2015-01-23 10:54:56 +00:00
Felix Fietkau
e10da3edbf libubox: update to the latest version
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44080
2015-01-23 10:54:45 +00:00
Jo-Philipp Wich
555492e41a polarssl: patch CVE-2015-1182
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 44060
2015-01-20 12:49:54 +00:00
Rafał Miłecki
7aba4f1539 uclient: update to the latest version with timeout support
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 44053
2015-01-19 16:02:59 +00:00
Rafał Miłecki
e171dc4cf5 libubox: update to the latest commit with JSON and usock fixes
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 44052
2015-01-19 15:56:06 +00:00
John Crispin
09a08fb9e6 toolchain: Add libatomic when using external toolchain
Otherwise libatomic cannot be used in conjunction with external toolchains.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>

SVN-Revision: 43998
2015-01-17 13:58:03 +00:00
John Crispin
748d452899 add pkgconfig information for popt library
Modify makefile to record pkgconfig information for the popt library.

Signed-off-by: Mike Brady <mikebrady@eircom.net>

SVN-Revision: 43994
2015-01-17 12:52:28 +00:00
Steven Barth
3138207f48 openssl: update to 1.0.1l *sigh*
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43976
2015-01-15 17:59:06 +00:00
Felix Fietkau
2ff6a5f618 libusb: update to version 1.0.19
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43930
2015-01-11 16:14:23 +00:00
Felix Fietkau
64e7b41b2e popt: update to latest upstream version, fixes build breakage after autofools changes
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43901
2015-01-09 19:52:27 +00:00
Jo-Philipp Wich
5cda3e9f7f gettext-full: update to v0.19.4
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 43896
2015-01-09 14:51:29 +00:00
Steven Barth
dbca1e5662 openssl: bump to 1.0.1j
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43875
2015-01-08 18:29:26 +00:00
Steven Barth
2c4d88c503 openssl: fix CVE-2014-3569
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43858
2015-01-06 09:59:55 +00:00
Felix Fietkau
5e6f099edb nettle: add CONFIG_LIBNETTLE_MINI to PKG_CONFIG_DEPENDS to fix rebuild issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43852
2015-01-05 13:03:55 +00:00
Steven Barth
c6c0c275bc libnftnl: bump to upstream release 1.0.3
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43729
2014-12-16 09:22:49 +00:00
Steven Barth
21bf45edd2 cyassl: bump to 3.3.0
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43728
2014-12-16 09:16:00 +00:00
Steven Barth
e90e143852 libnftnl: bump to latest git
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43706
2014-12-14 16:03:18 +00:00
Felix Fietkau
d54e759611 toolchain: do not include libatomic.so in the libc package
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43699
2014-12-13 23:58:47 +00:00
Jonas Gorski
e983ee54fd libnl-tiny: fix receiving netlink messages larger than 4K
Apply libnl commit 807fddc4cd9ecb12ba64e1b7fa26d86b6c2f19b0 ("nl:
Increase receive buffer size to 4 pages") also to libnl-tiny to ensure
netlink messages larger than 4KiB can be received, as the restart logic
seems to be broken.

This fixes iwinfo accessing info on dual band b43 cards, as they can
support a lot of channels, breaking the 4K default limit (seen was >5k).

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 43633
2014-12-11 19:35:48 +00:00
Felix Fietkau
0636bb43ae toolchain: disable libatomic for gcc 4.6
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43623
2014-12-11 17:52:22 +00:00
Felix Fietkau
37c5b92d40 uclient: update to the latest version, fixes HTTP digest auth processing
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43600
2014-12-10 16:03:02 +00:00
Felix Fietkau
d928d333e3 libnl-tiny: remove dead code
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43599
2014-12-10 16:02:49 +00:00
Florian Fainelli
acf4691904 libbsd: add support for aarch64
Signed-off-by: Florian Fainelli <florian@openwrt.org>

SVN-Revision: 43354
2014-11-24 06:33:34 +00:00
Felix Fietkau
2ff709e38f libubox: fix a variable handling regression in jshn
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43351
2014-11-23 22:53:14 +00:00
Felix Fietkau
e4d207542e libubox: update to the latest version, adds some jshn optimizations
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43350
2014-11-23 20:10:07 +00:00
Felix Fietkau
061319ec3d lzo: disable unaligned access for everything except x86
Fixes issues on ARM

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43349
2014-11-23 20:10:02 +00:00
Jonas Gorski
4b16b90152 toolchain: musl: fix symlink for ldd
ld-musl-*.so* is a symlink "broken" for the hostsystem, so wildcard
will skip it, causing LD_MUSL_NAME to empty and the ldd symlink pointing
to ../../lib directly.
This causes sysupgrade failing to copy any linked libaries and
consequently failing to run anything after switching to ram disk.

Fix this by creating a symlink directly pointing to where ld-musl-*.so*
points to.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 43314
2014-11-19 12:17:34 +00:00
Nicolas Thill
f4417f7ad8 package/*: replace occurences of 'ln -sf' to '$(LN)'
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 43205
2014-11-06 19:35:34 +00:00
Nicolas Thill
bd92e9806b ncurses: cleanup InstallDev
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 43204
2014-11-06 19:35:23 +00:00
Nicolas Thill
8d515b3b40 libusb-compat: cleanup InstallDev
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 43203
2014-11-06 19:35:14 +00:00
Steven Barth
2a5ad9cf0b openssl: reenable CMS (broke krb5)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43176
2014-11-04 08:37:06 +00:00
Steven Barth
6d1d02eefb polarssl: update to 1.3.9
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43170
2014-11-03 19:36:06 +00:00
John Crispin
74a3a77bcd license info - revert r43155
turns out that r43155 adds duplicate info.

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 43167
2014-11-03 09:56:44 +00:00
John Crispin
c10d97484a Add more license tags with SPDX identifiers
Note, that licensing stuff is a nightmare: many packages does not clearly
state their licenses, and often multiple source files are simply copied
together - each with different licensing information in the file headers.

I tried hard to ensure, that the license information extracted into the OpenWRT's
makefiles fit the "spirit" of the packages, e.g. such small packages which
come without a dedicated source archive "inherites" the OpenWRT's own license
in my opinion.

However, I can not garantee that I always picked the correct information
and/or did not miss license information.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

SVN-Revision: 43155
2014-11-03 08:01:08 +00:00
Steven Barth
bec9d38fa4 Add a few SPDX tags
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43151
2014-11-02 12:20:54 +00:00
Steven Barth
6a4a437e04 openssl: optimize build options, disable old SSL versions
Based on a patchset by Etienne CHAMPETIER <champetier.etienne@gmail.com>
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43123
2014-10-30 13:11:04 +00:00
John Crispin
6dc6e4ed08 libiconv: do not replace untranslatable characters with * or ?
Instead throw an -EILSEQ error.

Signed-off-by: Tjalling Hattink <t.hattink@fugro.nl>

SVN-Revision: 43089
2014-10-27 15:51:25 +00:00
Felix Fietkau
9ac5cfe1ba openssl: fix target definition for x86_64 (#18182)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43045
2014-10-24 13:23:39 +00:00
Steven Barth
0b3fec7e80 libnftnl: bump to latest
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43012
2014-10-21 20:00:46 +00:00
John Crispin
b52651a66e openssl: host build fails when ccache is enabled
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 43002
2014-10-20 11:19:53 +00:00
Felix Fietkau
82c182f828 Revert "openssl: add host build."
This reverts commit r42988

SVN-Revision: 42997
2014-10-20 09:18:21 +00:00
John Crispin
c8ad508d37 openssl: add host build.
Only support Linux at the moment.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 42988
2014-10-20 06:29:27 +00:00
Felix Fietkau
f2a4294ab5 toolchain: drop the mips softfloat symlink hack
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42975
2014-10-19 21:46:03 +00:00
Felix Fietkau
4c4157e287 toolchain: when using musl, install a symlink from ld-musl-*.so to /usr/bin/ldd
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42974
2014-10-19 21:45:58 +00:00
Felix Fietkau
0a7bd0c8b9 openssl: add ABI_VERSION to fix package rebuild issues (fixes #18169)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42963
2014-10-19 16:19:07 +00:00
Felix Fietkau
fedcfd0303 polarssl: do not build the unused programs
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42960
2014-10-19 09:43:31 +00:00
Felix Fietkau
b6086a3079 polarssl: add missing version bump
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42949
2014-10-18 09:20:38 +00:00
Felix Fietkau
e5daecce98 polarssl: disable SSLv3 support, fixes CVE-2014-3566 (POODLE)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42947
2014-10-18 09:17:31 +00:00
Jo-Philipp Wich
7949a3d381 openssl: update to v1.0.1j (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)
Also refresh patches and bump copyright year in Makefile.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 42929
2014-10-16 08:32:54 +00:00
John Crispin
607b3cac36 package: add libnetfilter-log.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 42921
2014-10-14 19:01:16 +00:00
John Crispin
ea74a1119e libubox: update to latest git
this adds a new helper for setting/overriding the signal handlers

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 42917
2014-10-14 15:53:00 +00:00
Steven Barth
e263cd27ee libnftnl: bump to 2014-10-02
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 42799
2014-10-06 05:30:36 +00:00
Steven Barth
64e3cb9fe8 toolchain: Fix libthreaddb not being installed
Signed-off-by: Michel Stam <m.stam@fugro.nl>

SVN-Revision: 42752
2014-10-02 19:47:39 +00:00
Steven Barth
af8367a00b libnftnl: bump for bugfixes
SVN-Revision: 42697
2014-09-29 08:31:31 +00:00
Felix Fietkau
0b148a331b ustream-ssl: select polarssl as default variant, skip openssl/cyassl dependencies if unused
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42655
2014-09-23 10:41:24 +00:00
Steven Barth
2f7d8539bd libnftnl: Add nftables libnftnl
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 42597
2014-09-17 12:10:57 +00:00
Steven Barth
513d516d9c libmnl: add some upstream fixes
SVN-Revision: 42573
2014-09-16 13:31:20 +00:00
Steven Barth
289dbe3a84 libreadline: bump to 6.3
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 42543
2014-09-15 10:15:23 +00:00
Hauke Mehrtens
c8bc803189 cyassl: update to version 3.2.0
This fixes a security problem:
Security fix for RSA Padding check vulnerability

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 42526
2014-09-13 20:56:55 +00:00
Steven Barth
0a5caa47e5 toolchain: packetize libatomic
Based on a patch by Tobias Steinicke <tobias.steinicke@inet.tu-berlin.de>.

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 42514
2014-09-12 12:25:55 +00:00
Felix Fietkau
c329f79dd4 uclient: update to the latest version, fixes some crash issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42419
2014-09-04 11:25:04 +00:00
Felix Fietkau
2efadff06b nettle: disable mips16 support to improve performance
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

SVN-Revision: 42341
2014-08-31 12:03:43 +00:00
Felix Fietkau
a81f356873 uclient: update to latest version, fixes HTTP keepalive issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 42257
2014-08-21 19:12:38 +00:00
John Crispin
db657af409 libubox: update to latest git revision
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 42230
2014-08-20 18:21:59 +00:00
John Crispin
7ba7ddf88e gmp: add host compile
Currently, any package that uses host compile and depends on
libgmp.so will fail. This is because gmp is not compile for
host machine. So, staging_dir/host has only static lib for gmp

 $ ls staging_dir/host/lib/libgmp* -1
 staging_dir/host/lib/libgmp.a
 staging_dir/host/lib/libgmp.la
 staging_dir/host/lib/libgmpxx.a
 staging_dir/host/lib/libgmpxx.la

Addind host compile in gmp, the dependent package can use:

 PKG_BUILD_DEPENDS:=gmp/host

That will compile gmp to staging_dir/host with *.so files

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

SVN-Revision: 42196
2014-08-18 13:10:11 +00:00
Steven Barth
415284ca1c cyassl: update to 3.1.0
SVN-Revision: 42063
2014-08-08 05:25:52 +00:00
Steven Barth
0472c0e22f polarssl: bump to 1.3.8
SVN-Revision: 42061
2014-08-08 05:20:50 +00:00
John Crispin
eb8119d590 openssl: another day another bug fix update
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 42055
2014-08-07 20:54:41 +00:00
Felix Fietkau
354a835390 lzo: enable parallel build
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41734
2014-07-18 14:42:15 +00:00
Hauke Mehrtens
48494962d1 lzo: Update to version 2.08
lzo: Update to 2.08, fixes CVE-2014-4607

Signed-off-by: Luis Dallos <ld@nkvd.ignorelist.com>

SVN-Revision: 41707
2014-07-17 22:06:04 +00:00
Felix Fietkau
0af20bbfc8 libubox: update to the latest version, fixes a jshn parsing error (#17128)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41674
2014-07-16 18:35:25 +00:00
Felix Fietkau
b3b55de395 build: disable the PKG_CHECK_FORMAT_SECURITY check for the failing packages
The idea is to gradually fix the packages

Signed-off-by: Etienne CHAMPETIER <etienne.champetier@free.fr>

SVN-Revision: 41411
2014-06-30 08:19:48 +00:00
Felix Fietkau
07304f4732 librpc: fix compile errors with musl
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41400
2014-06-29 22:25:54 +00:00
Felix Fietkau
8d8868cffc gettext-full: use uclibc workarounds for musl as well
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41397
2014-06-29 22:25:43 +00:00
Jo-Philipp Wich
4255b2fde5 toolchain: only take last found libgcc* file
The current $(wildcard ...) match might return multiple files which will break subsequent cp commands
with an error like:

  cp: target `/home/user/openwrt/staging_dir/target-mips_34kc_uClibc-0.9.33.2/root-ar71xx/tmp-libc/lib/libgcc_s_pic.a' is not a directory

Prevent this issue by only taking the last path returned by globbing.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 41357
2014-06-27 10:40:21 +00:00
John Crispin
64d0d18a4e libubox: update to latest git head
this adds 5 lua fixes to the tree

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 41328
2014-06-24 18:14:01 +00:00
Steven Barth
5142e91b2d nettle: downgrade to 2.7.1 since gnutls is incompatible with 3.0
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 41263
2014-06-18 17:06:30 +00:00
Steven Barth
a0e19ec2f9 nettle: import from packages, update to 3.0
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 41248
2014-06-18 10:04:43 +00:00
Steven Barth
335529e207 gmp: import from packages, update and reduce size
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 41247
2014-06-18 10:04:38 +00:00
Steven Barth
a5df7c0a17 ncurses: Install xterm-256color
Based on a patch by Jonathan Bennett <jbscience87@gmail.com>

SVN-Revision: 41212
2014-06-16 18:21:02 +00:00
John Crispin
18e8ae6b2c libubox: update to latest git
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 41123
2014-06-11 12:59:26 +00:00
Felix Fietkau
24662e6122 libnfnetlink: fix musl compile errors
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41061
2014-06-09 13:47:56 +00:00
Hauke Mehrtens
a56519e1b9 openssl: version bump to 1.0.1h
today appeared another serious vulnerability in openssl. More info is
here http://ccsinjection.lepidum.co.jp. Users are advised to update to
openssl 1.0.1h.

Signed-off-by: Martin Strbacka <martin.strbacka@nic.cz>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 41026
2014-06-05 21:32:36 +00:00
Felix Fietkau
8174c12c23 libubox: update to the latest version, adds static vlist initializer macros
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 41013
2014-06-05 13:51:08 +00:00
John Crispin
39c5628e5a libusb-compat: create directory for libusb-config
Fix a build regression caused by r39975 by making sure $(STAGING_DIR)/host
directory exists before trying to copy files to it.

Cc: Florian Fainelli <florian@openwrt.org>

Signed-off-by: Tim Harvey <tharvey@gateworks.com>

SVN-Revision: 40998
2014-06-04 07:20:02 +00:00
Felix Fietkau
029013d42c polarssl: enable parallel build
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40950
2014-06-02 13:01:48 +00:00
Felix Fietkau
b73259c37a polarssl: remove polarssl-progs, it is just a random collection of test programs
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40949
2014-06-02 13:01:44 +00:00
Steven Barth
b5b0381cbb polarssl: bump to 1.3.7
SVN-Revision: 40892
2014-06-01 09:49:24 +00:00
Felix Fietkau
253892e57f uclient: update to the latest version, fixes an issue with http authentication handling
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40867
2014-05-28 09:44:57 +00:00
Felix Fietkau
af116a5ec3 libubox: update to latest version, fixes a segfault on json_script cleanup
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40861
2014-05-26 13:53:48 +00:00
Felix Fietkau
9a22b006de uclient: fix uclient-fetch permissions
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40742
2014-05-09 09:46:44 +00:00
Felix Fietkau
7991b5ad66 libubox: update to the latest version, adds minor enhancements/fixes for uloop, blobmsg, kvlist and json_script
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40739
2014-05-09 00:52:45 +00:00
Felix Fietkau
5295e5fd34 add uclient, a small HTTP/1.1 client library (+ utility), using ustream-ssl
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40738
2014-05-09 00:17:21 +00:00
Hauke Mehrtens
9be00fc256 cyassl: update to version 3.0.0
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 40621
2014-05-01 14:04:15 +00:00
Felix Fietkau
4bfc83bba9 libubox: update to the latest version, adds a key/value store implementation and fixes an uloop issue
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40570
2014-04-26 14:56:29 +00:00
Steven Barth
8333ce1963 OpenSSL: update to 1.0.1g
This fixes the Heartbleed bug (CVE-2014-0160).

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 40421
2014-04-08 05:24:36 +00:00
Felix Fietkau
500681c380 uclibc++: disable mips16 support to avoid linkage errors with libsupc++ object files
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40390
2014-04-05 21:58:16 +00:00
Felix Fietkau
9ca965ba4c libubox: switch to git.openwrt.org as source
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40025
2014-03-26 16:07:58 +00:00
Felix Fietkau
e7de56916a ustream-ssl: update to latest version, adds certificate validation support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40017
2014-03-25 15:06:24 +00:00
Luka Perkov
8d92259690 libroxml: enable xpath support
Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 40008
2014-03-23 16:08:58 +00:00
Felix Fietkau
8a17353e75 ustream-ssl: update to the latest version, fixes cyassl build
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40004
2014-03-21 23:39:47 +00:00
Felix Fietkau
6d270ebc2b polarssl: add support for generating rsa keys
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39999
2014-03-21 15:55:18 +00:00
Felix Fietkau
a37db0de7e libroxml: add package (tiny XML parser/writer library)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39998
2014-03-21 15:55:15 +00:00
Felix Fietkau
4621a855b2 libnl-tiny: ensure compatibility to libnl version 3 and higher
To be prepared to support keepalived 1.2.10 and higher we need libnl3 or
higher. The attached patch
add some defines so that it can be build be libnl-tiny.
Patch by Thomas Heil

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39991
2014-03-21 15:54:48 +00:00
Felix Fietkau
2b64517dff ustream-ssl: update to latest version, fixes writes before ssl handshake completion
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39985
2014-03-21 15:54:26 +00:00
Florian Fainelli
db87169b41 libusb-compat: install libusb-config in host staging dir
A bunch of packages such as sispctl look for libusb-config to find it, install
libusb-config in staging_dir/*/host/bin which is in the TARGET_PATH.

Signed-off-by: Florian Fainelli <florian@openwrt.org>

SVN-Revision: 39975
2014-03-20 23:16:06 +00:00
Felix Fietkau
f7c29f0eb7 toolchain: remove accidental leftover debug code
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39969
2014-03-20 14:14:34 +00:00
Felix Fietkau
6e6d7003bb toolchain: add a symlink for musl softfloat ldso to the path where our gcc expects it
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39966
2014-03-20 13:51:47 +00:00
Felix Fietkau
41eac52c04 libpolarssl: add missing dependency (#15321)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39959
2014-03-20 11:39:11 +00:00
Felix Fietkau
0fd4ebe2bd libubox: update to the latest version, adds some utility macros
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39953
2014-03-19 14:26:22 +00:00
Felix Fietkau
b9825247c2 polarssl: update to version 1.3.4 and add openssl compat patch
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39930
2014-03-14 15:05:46 +00:00
Felix Fietkau
6ae77556dc ustream-ssl: add support for polarssl 1.3
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39929
2014-03-14 15:05:42 +00:00
Felix Fietkau
2835152df8 openssl: Fix x86_64 build on some 64bit host systems
On some build hosts openssl fails to install since openssl installs itself into
lib64 while the openwrt Makefile expects the libs to end up in lib.

install -m0644 .../openwrt/build_dir/target-x86_64_uClibc-0.9.33.2/openssl-1.0.1e/ipkg-install/usr/lib/libcrypto.so.* .../openwrt/build_dir/target-x86_64_uClibc-0.9.33.2/openssl-1.0.1e/ipkg-x86_64/libopenssl/usr/lib/
install: cannot stat '.../openwrt/build_dir/target-x86_64_uClibc-0.9.33.2/openssl-1.0.1e/ipkg-install/usr/lib/libcrypto.so.*': No such file or directory
make[2]: *** [/openwrt/bin/x86_64/packages/libopenssl_1.0.1e-2_x86_64.ipk] Error 1
make[2]: Leaving directory `/openwrt/package/libs/openssl'
make[1]: *** [package/libs/openssl/compile] Error 2
make[1]: Leaving directory `/openwrt'

Set LIBDIR accordingly to fix this.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>

SVN-Revision: 39885
2014-03-12 10:00:53 +00:00
Felix Fietkau
c2bbaf439c openssl: update to 1.0.1f
This version includes this changes:

    Don't include gmt_unix_time in TLS server and client random values
    Fix for TLS record tampering bug CVE-2013-4353
    Fix for TLS version checking bug CVE-2013-6449
    Fix for DTLS retransmission bug CVE-2013-6450

Signed-off-by: Peter Wagner <tripolar@gmx.at>

SVN-Revision: 39853
2014-03-09 13:23:41 +00:00
Felix Fietkau
836e9fad45 openssl: detect configuration changes and clean build tree accordingly (fixes #15067)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39852
2014-03-09 13:19:29 +00:00
Felix Fietkau
46c8633c45 openssl: move make depend call to Build/Configure
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39851
2014-03-09 13:19:25 +00:00
Felix Fietkau
9a97bfcc2b openssl: use termios instead of termio
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39748
2014-02-24 21:09:03 +00:00
Felix Fietkau
b2ef0616ba libnl-tiny: fix include path to poll.h
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39747
2014-02-24 21:08:28 +00:00
Felix Fietkau
f2719168ba libubox: update to latest version, improves uloop error handling
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39725
2014-02-23 17:32:22 +00:00
Felix Fietkau
538e38f5d3 libubox: declare main version as ABI version
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39721
2014-02-23 17:32:07 +00:00
John Crispin
408306633a openssl: fix up PKG_DEPENDS. there are 2 missing CONFIG_ prefixe
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 39607
2014-02-18 13:33:08 +00:00
Felix Fietkau
5a57185ea1 libpcap: disable some autodetected features to avoid extra dependencies and bloat
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39504
2014-02-06 12:40:28 +00:00
Felix Fietkau
e600fc0d23 libpcap: update to current upstream version 1.5.3
-size_of(old libpcap-1.3.0) = 85228 Byte
-size_of(new libpcap-1.5.3) = 88587 Byte
=> ~3.3 KByte increase

SVN-Revision: 39473
2014-02-05 09:54:34 +00:00
Felix Fietkau
1d9a98689d libubox: update to latest version, fixes a jshn warning in json_get_values (#14891)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 39449
2014-02-02 14:25:06 +00:00
John Crispin
5dcb4cc7d1 libubox: ubox: procd: ubus: update to latest git head
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 39425
2014-01-30 09:02:58 +00:00
John Crispin
ace5076a35 libjson-c: also install .pc file for compatibility libjson
Older packages, which did not follow the renaming yet, do not
find the library otherwise via pkgconfig.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

SVN-Revision: 39228
2014-01-12 12:06:57 +00:00
Imre Kaloz
72f00c8de4 change fixup method and fix CFLAGS handling
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 39151
2013-12-20 20:25:44 +00:00
Felix Fietkau
6cb542d6a4 openssl: Support multi-threaded applications
Allow multi-threaded applications to work properly by
removing the "no-threads" flag that is enabled by default.

Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>

SVN-Revision: 39048
2013-12-14 10:19:48 +00:00
John Crispin
d24434db0a libevent2: Configure with --disable-debug-mode
Saves around 10K.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>

SVN-Revision: 39025
2013-12-09 18:26:58 +00:00
Felix Fietkau
0d557b5fc4 libubox: update to latest version, adds some more jshn performance improvements and fixes
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38983
2013-12-02 13:08:03 +00:00
John Crispin
a95eb4d672 libubox: fix compile error (#14497)
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 38873
2013-11-19 21:54:51 +00:00
John Crispin
fcea2ab05a libubox: ubox: procd: move md5.{c,h} to libubox
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 38870
2013-11-19 20:56:11 +00:00
John Crispin
211ad78989 libubox: update to latest git head
add a renqueue_add_first() api

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 38866
2013-11-19 16:31:47 +00:00
Felix Fietkau
1f819564d1 openssl: add support for RIPEMD/160
RIPEMD is needed to update erlang and i'd like to enable RIPEMD160 support in openssh.

Size compared:

openssl without RIPEMD/160 support:
647K 29. Okt 20:00 bin/ar71xx/packages/libopenssl_1.0.1e-2_ar71xx.ipk

openssl with RIPEMD/160 support:
652K  8. Nov 15:11 bin/ar71xx/packages/libopenssl_1.0.1e-2_ar71xx.ipk

So the file size just grows ~5kb, which shouldn't be a problem.

Signed-off-by: Peter Wagner <tripolar@gmx.at>

SVN-Revision: 38809
2013-11-14 20:42:15 +00:00
Jo-Philipp Wich
8effe85ada cyassl: drop obsolete patches
SVN-Revision: 38610
2013-10-30 15:16:59 +00:00
Jo-Philipp Wich
5e8abac86f cyassl: upgrade to v2.8.0
Un-reverts the previous update commit and forward-ports the patch
to improve legacy SSLv2 handshake handling.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 38609
2013-10-30 13:19:48 +00:00
Felix Fietkau
fdfc296aaf ustream-ssl: update to the latest version, adds support for the current cyassl version (#14386)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38608
2013-10-30 12:56:47 +00:00
Felix Fietkau
ab9619b4c8 libubox: update to latest version, makes jshn roughly twice as fast
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38607
2013-10-30 11:25:05 +00:00
Felix Fietkau
e93b585ff4 libubox: update to latest version, adds minor improvements to jshn, blobmsg and uloop
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38578
2013-10-29 14:12:06 +00:00
Jo-Philipp Wich
8e2106488a Revert "[cyassl]: upgrade to 2.8.0"
Reverts the CyaSSL version bump for now since the update completely broke
trunk building due to incompatible changes in the IO callback API which in
turn breaks the core ustream-ssl package.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 38576
2013-10-29 09:53:48 +00:00
Imre Kaloz
688ac024ac upgrade to 2.8.0
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 38558
2013-10-28 14:34:59 +00:00
Felix Fietkau
39543ea6fc libubox: update to latest version, fixes ustream reuse and a few other minor issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38461
2013-10-19 16:24:38 +00:00
Imre Kaloz
430e641a08 IPv6 support should depend on if we've enabled it
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 38349
2013-10-09 11:03:00 +00:00
Luka Perkov
d6415bf1bd polarssl: update to 1.2.9
Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 38330
2013-10-07 21:28:12 +00:00
John Crispin
513d282d34 libubox: add packaging info for uloop lua binding
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 38018
2013-09-17 21:44:52 +00:00
Felix Fietkau
7e6b26a1f3 openssl: add parallel build support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37927
2013-09-10 12:09:13 +00:00
Felix Fietkau
19283a07df disable mips16 for a few packages that don't compile with it
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37773
2013-08-14 14:29:15 +00:00
Felix Fietkau
ae737b77b5 polarssl: disable mips16
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37772
2013-08-14 13:02:36 +00:00
Felix Fietkau
648bc811f0 openssl: to disable mips16, use the new PKG_USE_MIPS16 flag instead of messing with cflags directly
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37771
2013-08-14 13:02:33 +00:00
Felix Fietkau
98ead7fc2f libubox: update to the latest version, fixes a fd deletion race condition in uloop
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37629
2013-07-31 22:07:13 +00:00
Felix Fietkau
a8e8a31cb8 libubox: update to latest version, adds extra sanity checks to blob/blobmsg iterator macros
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37604
2013-07-29 12:49:04 +00:00
Luka Perkov
f566115085 zlib: update to 1.2.8
Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 37589
2013-07-28 23:27:34 +00:00
Felix Fietkau
4e049d82b4 libconfig: add from /packages, update to latest version, add myself as maintainer
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37552
2013-07-26 10:02:51 +00:00
Felix Fietkau
8ba022ab48 ustream-ssl: update to latest version, add a package for the polarssl build variant
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37528
2013-07-24 16:59:51 +00:00
Felix Fietkau
4cd1ace48d polarssl: update to version 1.2.8
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37527
2013-07-24 16:59:43 +00:00
Felix Fietkau
e4b7360ec6 libubox: update to latest version, includes a small uloop fix
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37526
2013-07-24 13:02:21 +00:00
Felix Fietkau
ca186db09f openssl: enable elliptic curve crypto by default (so that it can be used by things like ipsec as well)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37524
2013-07-24 12:38:06 +00:00
Felix Fietkau
da654a0c42 openssl: add elliptic curve crypto compilation options to openssl
This patch adds EC compilation options to openssl
OPENSSL_WITH_EC is needed for authsae (OPENSSL_WITH_EC2M isn't)
Activating ec (but not ec2m) in openssl take 35Ko more on ar71xx (ipk size)
Activating both take 52Ko.

Signed-off-by: Etienne CHAMPETIER <etienne.champetier@free.fr>

SVN-Revision: 37523
2013-07-24 12:37:55 +00:00
Felix Fietkau
b7edec4b36 gettext-full: use portability header files for byteswapping on non-linux systems
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37186
2013-07-06 14:49:20 +00:00
Felix Fietkau
b1e7072f51 gettext-full: add a patch to suppress duplicate definitions of error_print_progname which break on some systems
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37185
2013-07-06 14:49:16 +00:00
Felix Fietkau
9360b15176 gettext-full: refresh patches
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37184
2013-07-06 14:49:12 +00:00
John Crispin
6bd071724c libubox: update to latest git revision
fixes bug in runqueue complete handling

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 37159
2013-07-04 13:31:04 +00:00
Felix Fietkau
4a86a26650 libjson-c: rename the libjson binary package to libjson-c, add a new libjson package with the compatibility library (to deal with the rename)
SVN-Revision: 37119
2013-07-01 15:36:12 +00:00
Jo-Philipp Wich
7e19bb1854 gettext-full: always use shipped libcroco, unbreaks build if a different libcroco is installed on the host (#12539)
Based on patch from Joerg Hollmann <Joerg.Hollmann@t-online.de>

SVN-Revision: 37115
2013-07-01 11:03:02 +00:00
Felix Fietkau
49bd0eb15a libubox: update to latest version, fixes a bug in safe_list_del()
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37053
2013-06-28 11:07:15 +00:00
John Crispin
4ebf19b48f packages: clean up the package folder
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 37007
2013-06-21 16:54:37 +00:00
Felix Fietkau
9e7adce6a4 libubox: update to latest version, fixes utf-8 corruption issues in blobmsg_json
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 36984
2013-06-21 15:19:31 +00:00
Felix Fietkau
0f19cb3811 libubox: update to latest version, fixes uloop recursion issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 36956
2013-06-18 10:52:40 +00:00
Felix Fietkau
33b35a7b53 ustream-ssl: update to latest version, fixes uhttpd infinite loop issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 36955
2013-06-18 10:52:33 +00:00
Felix Fietkau
cf3643f586 libubox: update to latest version, fixes an uloop use-after-free bug
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 36914
2013-06-11 11:46:54 +00:00
Felix Fietkau
15f17901f9 libubox: update to latest version, adds some helper function
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 36907
2013-06-10 12:42:20 +00:00
Felix Fietkau
e8db72083a libubox: update to latest version, fixes some ustream issues that might be affecting uhttpd
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 36803
2013-05-31 09:19:38 +00:00
Felix Fietkau
1afe1f0a7e json-c: drop compatibility libraries
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 36758
2013-05-29 10:49:22 +00:00
Felix Fietkau
f61933b3e8 libjson-c: Update to 0.11
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>

SVN-Revision: 36757
2013-05-29 10:31:53 +00:00
Felix Fietkau
1c2b8fdc08 libubox: update to latest version, adds support for the new json-c and adds a new blobmsg_json helper
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 36756
2013-05-29 10:31:49 +00:00
Felix Fietkau
aacbb9ba77 openssl: disable mips16, it makes the code slower
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 36602
2013-05-10 00:18:27 +00:00
Felix Fietkau
2430e9a4f5 toolchain: eliminate the INSTALL_LIBSTDCPP config symbol and make c++ support mandatory - fixes recursive config symbol dependency issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 36594
2013-05-09 20:50:49 +00:00
Jo-Philipp Wich
f2f1233149 gettext-full: updated to 0.18.2.1
Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 36400
2013-04-23 10:29:49 +00:00
Jo-Philipp Wich
2da62933d7 libevent2: update to 2.0.21
Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 36399
2013-04-23 10:29:45 +00:00
Jo-Philipp Wich
d4d55b5ec7 libmnl: update to 1.0.3
Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 36398
2013-04-23 10:29:42 +00:00
Jo-Philipp Wich
1170442691 libnetfilter-conntrack: update to 1.0.3
Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 36397
2013-04-23 10:29:38 +00:00
Jonas Gorski
4f7ad789e4 polarssl: update to 1.2.6
Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 36396
2013-04-23 09:22:02 +00:00
Jonas Gorski
6ddfe0590c ncurses: update to 5.9
Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 36395
2013-04-23 09:21:59 +00:00
Jonas Gorski
d1d01636b3 libnl: update to 3.2.21
Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 36394
2013-04-23 09:21:57 +00:00
Felix Fietkau
96bb7c123b build: consistently use 'depends on' instead of 'depends'
make the syntax more compatible with kernel menuconfig

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 36351
2013-04-17 15:36:41 +00:00
Felix Fietkau
ff57fd06eb libubox: update to latest version
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 36335
2013-04-15 13:55:05 +00:00
Florian Fainelli
f223d0927e openssl: Pass in any TARGET_ASFLAGS
Packages not picking up the regular TARGET_AS need their openwrt
Makefiles tweaked. For a basic build, that's just openssl.

This depends on patch 1/5.

Signed-off-by: Jay Carlson <nop@nop.com>
Signed-off-by: Florian Fainelli <florian@openwrt.org>

SVN-Revision: 36201
2013-04-05 12:36:09 +00:00
Felix Fietkau
8ca79490a5 libpcap: get rid of some bloat introduced by the update
SVN-Revision: 36151
2013-04-01 21:07:39 +00:00
Felix Fietkau
5a13c60771 libpcap: update to 1.3.0
Disabled canusb by setting ac_cv_header_libusb_1_0_libusb_h to no in
Makefile.  Upstream configure script ignores --disable-canusb.

Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 36150
2013-04-01 21:07:34 +00:00
Felix Fietkau
033664a588 libubox: update to latest version, adds libjson-script
SVN-Revision: 35996
2013-03-13 15:44:08 +00:00
Florian Fainelli
bfcbabdf15 ncurses: fix build with musl libc toolchains
Signed-off-by: Florian Fainelli <florian@openwrt.org>

SVN-Revision: 35811
2013-02-26 16:40:07 +00:00
Florian Fainelli
16f7554f95 openssl: remove now obsolete cris/etrax patch
The etrax target has been removed in r34768.

Signed-off-by: Florian Fainelli <florian@openwrt.org>

SVN-Revision: 35684
2013-02-19 17:22:51 +00:00
Florian Fainelli
23dc201979 libiconv: compile iconv stub with TARGET_CFLAGS
Fixes spurious build issues when changing target CFLAGS for specific ABI
options (such as ARM's floating point ABI).

Signed-off-by: Florian Fainelli <florian@openwrt.org>

SVN-Revision: 35683
2013-02-19 17:22:46 +00:00
Florian Fainelli
f209bf0eb6 libevent2: do not add librt dependency when targetting eglibc
This is already taken care of by PKG_DEFAULT_DEPENDS

Signed-off-by: Florian Fainelli <florian@openwrt.org>

SVN-Revision: 35607
2013-02-15 13:25:15 +00:00
Florian Fainelli
2cf1a8d73f libbsd: make it available for eglibc only
Signed-off-by: Florian Fainelli <florian@openwrt.org>

SVN-Revision: 35606
2013-02-15 13:25:12 +00:00
Florian Fainelli
22e8b168c8 openssl: update OpenSSL to 1.0.1e, fix Cisco DTLS.
1.0.1d had a rushed fix for CVE-2013-0169 which broke in certain
circumstances. 1.0.1e has the fix for TLS.

Also include a further patch from the 1.0.1 branch which fixes the
breakage this introduced for Cisco's outdated pre-standard version of
DTLS, as used by OpenConnect.

Update mirror URLs to reflect current reality.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Florian Fainelli <florian@openwrt.org>

SVN-Revision: 35600
2013-02-14 13:00:03 +00:00
Tim Yardley
8f54ec7ce7 polarssl: security update (1.2.5) addressing CBC TLS issue
Signed-off-by: Tim Yardley <yardley@gmail.com>

SVN-Revision: 35525
2013-02-08 19:47:48 +00:00
Tim Yardley
b521113aa1 openssl: security update to 1.0.1d to address CBC TLS issue
addressing
CVE-2013-0169: 4th February 2013

Signed-off-by: Tim Yardley <yardley@gmail.com>

SVN-Revision: 35524
2013-02-08 19:36:06 +00:00
Felix Fietkau
e4e460afb5 polarssl: add from /packages, update to 1.2.4, fix openssl compatibility
SVN-Revision: 35411
2013-01-30 20:07:04 +00:00
Felix Fietkau
5ff55bf404 move lzo from /packages to trunk
SVN-Revision: 35410
2013-01-30 19:52:03 +00:00
Felix Fietkau
316f53d066 libubox: update to latest version, fixes a string corruption issue on JSON formatting
SVN-Revision: 35399
2013-01-29 22:23:43 +00:00
Felix Fietkau
71522ce160 add libusb-compat
SVN-Revision: 35387
2013-01-29 16:12:00 +00:00