Commit Graph

36464 Commits

Author SHA1 Message Date
Hannu Nyman
9097dc5ad8 uhttpd: create self-signed certificates with unique subjects
Add a partially random O= item to the certificate subject in order
to make the automatically generated certificates' subjects unique.

Firefox has problems when several self-signed certificates
with CA:true attribute and identical subjects have been
seen (and stored) by the browser. Reference to upstream bugs:
https://bugzilla.mozilla.org/show_bug.cgi?id=1147544
https://bugzilla.mozilla.org/show_bug.cgi?id=1056341
https://bugzilla.redhat.com/show_bug.cgi?id=1204670#c34

Certificates created by the OpenSSL one-liner fall into that category.

Avoid identical certificate subjects by including a new 'O=' item
with CommonName + a random part (8 chars). Example:
/CN=LEDE/O=LEDEb986be0b/L=Unknown/ST=Somewhere/C=ZZ

That ensures that the browser properly sees the accumulating
certificates as separate items and does not spend time
trying to form a trust chain from them.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-10-26 15:16:52 +02:00
Hannu Nyman
82132540a3 uhttpd: prefer px5g for certificate creation
Prefer the old default 'px5g' for certificate creation
as Firefox seems to dislike OpenSSL-created certs.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-10-26 15:16:51 +02:00
Baptiste Jonglez
89817614bb netifd: Request DHCP option 121 (classless route) by default
This option, defined by RFC3442, allows a DHCP server to send static
routes to a client.  But the client has to request this option
explicitely.

Static routes are useful when the gateway configured by DHCP cannot be
in the same subnet as the client.  This happens, for instance, when
using DHCP to hand out addresses in /32 subnets.

A new configuration option "classlessroute" is available, allowing
users to disable this feature (the option defaults to true).

Other DHCP clients already request this option by default (dhcpcd, for
instance, and possibly Windows).  If a DHCP server does not support
this option, it will simply ignore it.

Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
2016-10-26 15:16:51 +02:00
Simon Hailes
86c6b07e15 wwan: rename data files
This is to ensure that git can be cloned onto a windows drive without failing.

Signed-off-by: Simon Hailes <btsimonh@googlemail.com>
2016-10-26 15:16:51 +02:00
Simon Hailes
a2361eebfd usbmode: rename data files
This is to ensure that git can be cloned onto a windows drive without failing.

Signed-off-by: Simon Hailes <btsimonh@googlemail.com>
2016-10-26 15:16:51 +02:00
Chuanhong Guo
c5a7e2c2fb ar71xx: Ignore firmware building errors of UBNT and CyberTAN devices
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2016-10-26 14:07:20 +02:00
Alberto Bursi
9275964e1d px5g-standalone: move to Encryption submenu and fix Title
moved px5g-standalone to Encryption submenu of Utilities.
Fixed title by removing the first "standalone" word from title.
The name is now consistent with other px5g packages, it is also shorter and will be shown in make menuconfig.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 14:06:52 +02:00
Alberto Bursi
7fa89d7f3c px5g: move to Encryption submenu
moved px5g to Encryption submenu of Utilities, in an effort to tidy up a bit the Utilities section of make menuconfig.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 14:06:48 +02:00
André Valentin
ebd7e565c7 package/uboot-envtools: Add support for ZyXEL NBG6817
Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:47 +02:00
André Valentin
783875f18b package/basefiles: add mkfs.ext4 and losetup binaries to ramfs list
mkfs.ext4 und losetup are needed for sysupgrade support on mmc devices
with automatic rootfs split (loopback device usage).

Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:47 +02:00
André Valentin
1465bebd74 ipq806x/nbg6817: add sysupgrade support
Add new way of flashing to mmc devices based on rootfs split with loop devices.

Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:47 +02:00
André Valentin
d8059e3a30 linux/mtd: add id for mx25u3235f needed by ZyXEL NBG6817
Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:47 +02:00
André Valentin
a0ed7af6c6 ipq806x/nbg6817: add support for ZyXEL NBG6817
CPU: 2x1.8GHz ARM, RAM: 512MiB
Storage: 4MiB serial Flash, 3.9GiB MMC
NIC: 2x1GBit/s, Switch with 5 external and 2 internal ports
WiFi: Dualband, ath10k 2.4GHz, 5GHz MU-MIMO

For installation copy xx-mmcblk0p4-kernel.bin and xx-mmcblk0p5-rootfs-full.bin
to device. Then run:
cat xx-mmcblk0p4-kernel.bin > /dev/mmc0blk0p4
cat xx-mmcblk0p5-rootfs-full.bin > /dev/mmc0blk0p5
reboot -f

For debugging serial console is easily visible on board, no soldering needed.

Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:46 +02:00
Daniel Engberg
91b518512d strace: Update to 4.14
Update to version 4.14

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-26 12:37:46 +02:00
Stefan Koch
b760afa09a lantiq: danube fxs bugfix: changed compatible attribute of vmmc
This bugfix enables FXS support on dabube based devices.
Changed "compatible" attribute from "vmmc" to "vmmc-xway".
The vmmc driver uses "vmmc-xway".

Signed-off-by: Stefan Koch <stefan.koch10@gmail.com>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
85fbffd74b qmi: add metric, defaultroute and peerdns options for qmi protocol
Adds generic network options for qmi protocol dynamic interfaces
as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

IPv6-related code taken from Bruno's patch https://patchwork.ozlabs.org/patch/584816.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
Signed-off-by: Bruno Randolf <br1@einfach.org>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
35129469ca mbim: add metric, defaultroute and peerdns options for mbim protocol
Adds generic network options for mbim protocol dynamic interfaces
as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
72eb2b8e22 comgt: add metric, defaultroute and peerdns options for directip protocol
Adds generic network options for directip protocol dynamic interfaces
as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
c560d25d19 comgt: add metric, defaultroute and peerdns options for ncm protocol
Adds generic network options for ncm protocol dynamic interfaces
as suggested by Felix in
http://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2016-10-26 12:37:46 +02:00
Paul Wassi
d2606107ab kirkwood: fix pogo_e02 LED name
The pogo_e02's dts file has its LEDs named "pogo_e02:(...)"
Fix the status-LED's name for this device.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-10-26 12:37:46 +02:00
Yutang Jiang
e7dc511e64 uboot-zynq: fix compile error for be short of dtc
While enable zynq uboot:
CONFIG_PACKAGE_uboot-zynq-zc702
CONFIG_PACKAGE_uboot-zynq-zed
CONFIG_PACKAGE_uboot-zynq-zybo

make will arise dtc error:
./scripts/dtc-version.sh: line 17: dtc: command not found
./scripts/dtc-version.sh: line 18: dtc: command not found
*** Your dtc is too old, please upgrade to dtc 1.4 or newer
make[4]: *** [checkdtc] Error 1

Pass the kernel dtc to uboot for compile.

Signed-off-by: Yutang Jiang <yutang.jiang@nxp.com>
2016-10-26 12:37:46 +02:00
Alberto Bursi
d140648622 grub2: move to Boot Loaders category
because boot loaders are in Boot Loaders, not in Utilities -> Boot Loaders

Also moved brub2-editenv in Utilities -> Boot Loaders

Part of a wider housekeeping effort on the packages repository.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 12:37:45 +02:00
Alberto Bursi
f9ed2bc92f fconfig: move to Boot Loaders submenu of Utilities
Boot Loaders submenu of Utilities is the most logical place to find fconfig and other bootloader tools.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 12:37:45 +02:00
Alberto Bursi
762928a13e rbcfg: move to Boot Loaders submenu of Utilities
Boot Loaders submenu of Utilities is the most logical place to find rbcfg and other bootloader tools.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 12:37:45 +02:00
Xuefu Lin
8312738806 ramips: fix PSG1218 LEDs
Signed-off-by: Xuefu Lin  <xuefulin@gmail.com>
2016-10-26 12:37:45 +02:00
Julius Schulz-Zander
a71a8955f2 ar71xx: add support for TP-Link WR802N v1
This patch adds support solely for version 1 of the TP-Link WR802N.
It is based on Rick Pannen's patch posted on the OpenWrt devel list.

Signed-off-by: Julius Schulz-Zander <julius@inet.tu-berlin.de>
2016-10-26 12:37:45 +02:00
Paul Wassi
da1b33fc4d package/system/mtd: fix usage message
Minor fix in the usage message on the explanation of the -p option.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-10-26 12:37:45 +02:00
Paul Wassi
f6b5df44d9 kirkwood: remove redundant code in etc/board.d/02_network
Remove redundant code: merge boards/cases that share
the same network configuration.
Also fix the alphabetical ordering of the cases.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-10-26 12:37:45 +02:00
Chris Blake
fac018b25e ar71xx: Remove switch config for the MR12/MR16
These boards do not have a switch, so they should have never been added
to this file in the first place.

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2016-10-26 12:37:45 +02:00
Chris Blake
28dd52b079 ar71xx: add mac partition to the MR12/MR16
On the stock Meraki Firmare for the MR12/MR16, a chunk of SPI space
after u-boot-env is used to store the boards Mac address. Sadly as this
was removed on any device already on OpenWRT/LEDE, moving forward a new,
64k partition named "mac" will be used to store the mac address for the
device (which is the minimum size). This allows users to properly set
the correct MAC, without editing the ART partition (which holds the same
MAC for all devices).

The reason the space is taken from kernel instead of rootfs is currently
kernels are only 1.3MB, so that way we can leave the current rootfs
space alone for users who fully utilize the available storage space.

Once this partition is added to a device, you can set your MAC doing the
following:

mtd erase mac
echo -n -e '\x00\x18\x0a\x33\x44\x55' > /dev/mtd5
sync && reboot

Where 00:18:0a:33:44:55 is your MAC address.

This was tested, and confirmed working on both the MR12 and MR16.

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2016-10-26 12:37:45 +02:00
Chris Blake
d8662ac3c6 ar71xx: Move MR12 & MR16 from legacy to generic
This moves the Meraki MR12 and Meraki MR16 to the new generic target.
Tested and verified working on both devices.

Note that kernel/rootfs images are still generated. This is because they
are used for the inital flashing process due to the fun pace at which
UBoot erases/writes to SPI.

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2016-10-26 12:37:44 +02:00
John Crispin
7b9ac39afa ugps: update to latest git HEAD
* fixes a few error that uClibc users were seeing
* add switch to disable time adjustment

Signed-off-by: John Crispin <john@phrozen.org>
2016-10-26 12:37:40 +02:00
Petr Štetiar
5481ce9a11 imx6: Add ds1307 RTC to kernel for working hctosys
Otherwise if we use ds1307 as kernel module, hctosys fails as ds1307 is
being initialized later then hctosys:

 [    2.427349] hctosys: unable to open rtc device (rtc0)
 [    3.714263] snvs_rtc 20cc000.snvs:snvs-rtc-lp: rtc core: registered 20cc000.snvs:snvs-r as rtc1
 [    8.990061] rtc-ds1307 3-006f: rtc core: registered mcp7941x as rtc0

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2016-10-26 09:41:29 +02:00
Paul Wassi
5528573039 kirkwood: Add RTC driver to kernel for working hctosys
Build the RTC driver into the kernel, (and remove the optional module), in order
to make hctosys working. (Currently the module is loaded after hctosys has failed previously)

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-10-26 09:41:28 +02:00
Jing Lin
7ba9a3a504 ar71xx: Add support to DomyWifi DW33D
Signed-off-by: Jing Lin <mumuqz@163.com>
2016-10-25 17:51:08 +02:00
Jo-Philipp Wich
81b256ee00 uhttpd: fix handling of special "/" prefix when matching handlers
The special prefix of "/" should match any url by definition but the final
assertion which ensures that the matched prefix ends in '\0' or '/' is causing
matches against the "/" prefix to fail.

Update to current HEAD in order to fix this particular case.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-25 16:38:50 +02:00
Rafał Miłecki
93f9a9c71c kernel: backport MIPS's ioremap_cache from 4.5
It's needed by (updated) bcm47xxsflash driver.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-24 22:52:44 +02:00
Rafał Miłecki
13e6f7a75d brcm47xx: reorder older entries in image Makefile
Keep all entries sorted and replace tabs with spaces while at it.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-24 20:35:24 +02:00
Stijn Tintel
839b657a61 kernel: add fix for CVE-2016-5195
Add fix for CVE-2016-5195 to kernel 3.18 and 4.1.
Kernel 4.4 is already fixed since version 4.4.26 which was committed in
32c28a78f7.

Patches taken from Sasha Levin's linux-stable git tree:
http://git.kernel.org/cgit/linux/kernel/git/sashal/linux-stable.git/

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-10-24 20:25:14 +03:00
Stijn Tintel
75e63c2494 kernel: update kernel 3.18 to version 3.18.43
Refresh patches for all targets supporting 3.18 and not marked broken.
Compile-tested on all targets using 3.18 and not marked broken.

Changes to generic/610-netfilter_match_bypass_default_checks.patch based
on 84d489f64f.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-10-24 20:25:14 +03:00
Stijn Tintel
2fc3680dd0 kernel: update kernel 4.1 to version 4.1.34
Refresh patches for all targets supporting 4.1 and not marked broken.
Compile-tested on all targets using 4.1 and not marked broken.

Changes to generic/610-netfilter_match_bypass_default_checks.patch based
on 84d489f64f.
Changes to generic/666-Add-support-for-MAP-E-FMRs-mesh-mode.patch based
on a90ee92337.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-10-24 20:25:14 +03:00
Rafał Miłecki
06405df7a8 brcm47xx: bump kernel to 4.4
Kernel 4.4 was ready for brcm47xx for almost a year now but I kept
postponing the bump due to problems with Linksys WRT300N v1.0. OpenWrt
and LEDE with 4.4 were hanging at the booting with the:
> Starting program at 0x80001000
(the last CFE message).

This was a permanent state, "make distclean" wasn't helping, I spent
hours debugging this and I was reliably reproducing the issue every
time. I also reported it on linux-mips ML in the thread:
> BCM4704 stopped booting with 4.4 (due to vmlinux size?)

After ~month I started working on WRT300N again. I got hangs as expected
every time I switched from 4.1 to 4.4. I started experimenting with:
1) TRX content (I tried dropping rootfs partition)
2) BZ_TEXT_START of lzma-loader
3) Flashing other variants of image: lzma compressed kernel (without a
   loader), gzip compressed one, uncompressed one.

At some point I got rootfs-less image booting and after that I couldn't
reproduce problem anymore, even with a complete firmware. It seems like
hardware was in some locked/unstable state that got magically fixed.

I have LEDE working now, tested it even with "make distclean", it seems
we can bump kernel now. I'll keep testing it on WRT300N for some time.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-24 17:22:23 +02:00
Rafał Miłecki
6e64a38b00 brcm47xx: build also TRX image for Linksys WRT300N V1
Linksys WRT300N V1 has pretty bugged CFE bootloader (it crashes in a lot
of situations) that doesn't accept .bin image.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-24 10:34:59 +02:00
Rafał Miłecki
337f219130 brcm47xx: open code Makefile entries for all devices
If we want to use some of new features like per device rootfs we will
need this to specify them there.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-24 10:33:33 +02:00
Felix Fietkau
0ec2738b21 toolchain/gdb: update to version 7.12
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-24 08:45:06 +02:00
Felix Fietkau
ecc091b0f6 binutils: remove old unused versions
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-24 08:45:06 +02:00
Imre Kaloz
3764caa934 mvebu: add support for the Linksys WRT3200ACM (Rango)
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-10-24 08:45:06 +02:00
Imre Kaloz
5da412bf80 mwlwifi: upgrade to 10.3.2.0-20161013
Also install the 88W8964 firmware.

Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
2016-10-24 08:45:06 +02:00
Imre Kaloz
2beab73fad mvebu: add missing status LEDs for Linksys WRT1200AC and WRT1900ACv2
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
2016-10-24 08:45:06 +02:00
Álvaro Fernández Rojas
920f922652 kernel: update kernel 4.4 to version 4.4.27
Refresh patches for all targets that support kernel 4.4.
compile/run-tested on brcm2708/bcm2710 only.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-10-23 14:56:09 +02:00