puts br2684ctl init after ADSL init instead of before, so that the ESI
is set at the right time, and for consistency with the PTM driver.
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
Original URL got 303 redirect which then also dropped the commit id
leading to different file revision & MD5 mismatch.
Corrected URL & clarified commit ID use in Makefile
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
/etc/init.d/fstab had some warnings in it to let users know that they
should call "block mount" directly. these ended up in the bootlog.
fix this by splitting the code into boot() and start(). this way the system
will boot without warning but manually starting the script will lead to the
message.
fixes FS#3
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: John Crispin <john@phrozen.org>
The package Makefile was based on work at link [1] with the following
changes
1. Disable minidebuginfo support thus no dependency on liblzma
2. Add 2 patches for building against musl-libc and building with
mips16 enabled
3. Add LICENSE and DEPENDS info, etc.
[1] https://github.com/rpi-openwrt/rpi-packages/tree/master/libs/libunwind
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
ARC port of GDB is not yet upstream so we need to use
sources from Synopsys GitHub repo.
Given Synopys' commitment to upstream ARC support in GDB
in the nearest future it might be simpler to add a separate
package for ARC GDB instead of patching generic GDB package.
This way once ARC GDB stuff gets uptreamed we'll only need
to remove that new "gdb-arc" package.
Note 1 very minor change in generic gdb package was done -
it now depends on !arc (while "gdb-arc" depends on "arc").
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Recent versions of Chrome require this ciphers to successfully handshake with
a TLS enabled uhttpd server using the ustream-polarssl backend.
If `CONFIG_GCM` is disabled, `ssl_ciphersuite_from_id()` will return `NULL`
when cipher `0x9d` is looked up, causing the calling `ssl_ciphersuite_match()`
to fail with `POLARSSL_ERR_SSL_INTERNAL_ERROR`.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Add support for hostid dhcp config entry to dnsmasq. This allows
specification of dhcpv6 hostid suffix and works in the same way as
odhcpd.
Entries in auto generated dnsmasq.conf should conform to:
dhcp-host=mm:mm:mm:mm:mm:mm,IPv4addr,[::V6su:ffix],hostname
example based on sample config/dhcp entry:
config host
option name 'Kermit'
option mac 'E0:3F:49:A1:D4:AA'
option ip '192.168.235.4'
option hostid '4'
dhcp-host=E0:3F:49:A1:D4:AA,192.168.235.4,[::0:4],Kermit
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
- Fix calculation of `$vht_cap` bit field
- Replace wrong reference to `$tx_stbc` variable with proper `$tx_stbc_2by1` one
- Emit proper `RX-STBC-{1,12,123,1234}` tokens for the VHT capability list
See https://dev.openwrt.org/ticket/22535 for reference.
Signed-off-by: Scott Shambarger <devel@shambarger.net>
Daemons that are waiting for a timesync are only triggered when the action is stratum.
As step is the first sync action pass all actions to the ntpd hotplug scripts; it's up
to the ntpd hotplugscript to filter out the actions it is interested in.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
By default dnsmasq uses random ports for outbound dns queries;
when the maxport UCI option is specified the ports used will
always be smaller than the specified value.
This is usefull for systems behind firewalls.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Increase the default system log buffer size
from 16 kB (default both in logd source and in the startup script)
to 64 kB by adjusting the default value in startup script.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Increase the default system log buffer size
from 16 kB (built-in default in ubox logd)
to 64 kB by setting the option in /etc/config/system.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Record the state of any hardware LED configured through UCI and use that
information to revert the state when applying updated settings while
maintaining default behaviour of system LEDs.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The board_detect framework is now able to create the entire system config from
scratch so we can finally drop the copy shipped by base-files.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Now that config_generate is able to generate the entire /etc/config/system
from scratch we can apply the same logic as used for /etc/config/network;
when the configuration file exists already then do not do anything, else
generate it from the values provided by /etc/board.json .
In order to facilitate that move the file existance checking inside
/bin/config_generate and call it unconditionally from /bin/board_detect.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Currently, the uci data model does not provide support for specifying
the minimum TLS version supported in an OpenVPN instance (be it server
or client).
This patch adds support for writing the relevant option to the openvpn
configuration file at service startup.
Signed-off-by: Matteo Panella <morpheus@level28.org>
[Jo-Philipp Wich: shorten commit title, bump pkg release]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Attempt to reset all LED states before applying the UCI configuration to
avoid leaving disabled LEDs behind in lingering glowing state, e.g. when
changing the sysfs entry in the config from one hardware LED to another.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
>From wolfssl/openssl/opensslv.h, and from skimming the contents of what
"--enable-stunnel" actually does, it seems that --enable-opensslextra
doesn't give you the "full" openssl compatibility that you may wish for
these days. Unfortuantely, while wolfssl writes the build time options
into wolfssl/options.h, it doesn't include that file itself. User
applications must include that directly.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Add 'cake' qdisc kernel module package.
V2 - KDB Small update to base on latest cake tc changes (wash option
deprecated)
V3 - KDB Move kmod-sched-cake package to kernel as is kernel related
V4 - KDB Split into individual patches, kmod & tc
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Acked-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Add cake support to 'tc' in iproute2
- Use a patch to modify tc instead of adding a new tc-adv package.
Patch creates q_cake.c that matches commit 3314230bc4
- Do not include the other things from tc-adv (cake0, cake2, pie etc.).
V2 - KDB Small update to base on latest cake tc changes (wash option
deprecated)
V3 - KDB Move kmod-sched-cake package to kernel as is kernel related
v4 - KDB Split into individual patches, tc & kmod
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Acked-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
uClibc-ng pretends to be GNU libc 2.2 and then a fallback
scanf check is tried, so that libmount is disabled
afterwards. Add a fix already suggested upstream.
Add librt dependency required for other apps, too.
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
It turns out most device vendors don't set the correct country code
in their devices' on-flash-EEPROM sections as they apparently rather
provide a complete per-target-market firmware with patched drivers
instead of just setting the country code.
This results in the driver to incorrectly assume the value stored in
the on-flash-EERPOM (usually US or China) being the regulatory domain
inside which the device is being used.
To work around this issue, OpenWrt introduced the ATH_USER_REGD config
variable to decide during build whether or not to allow the user to
override the regulatory domain setting. This option, however, is not
enabled by default and thus ends up being disabled for snapshots builds
and released binaries.
As we know for a long time that most devices got borked regulatory
domain values set in their EEPROMs we should allow our users to respect
their local law (instead of just assume US or China laws).
Note that also the current default has great potential of users not
ever setting their regulatory domain and thus using inapproriate and
potentially illegal frequencies and/or tx-power settings
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This allows one to select CT firmware for ath10k
if one prefers to try this firmware instead of stock
ath10k firmware.
The 10.1 (988X) firmware can actually be installed beside the
default firmware, but it will not be used as long as the firmware-5.bin
file exists. Users could rename the files and reboot to use different
images.
The 99X0 (wave-2) firmware uses the same firmware-5.bin name as default
firmware, so it cannot be installed at the same time as default firmware.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Kernel module for the OMAP Random Number Generator
found on OMAP16xx, OMAP2/3/4/5 and AM33xx/AM43xx
multimedia processors.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
When the gettext-full host build phase finds an `emacs` exectuble during the
build it will launch an `emacs --batch` command to run some Lisp code.
On certain Debian systems the `/usr/bin/emacs` path might point, via
alternatives, to the `/usr/bin/jove` editor which will then launch an
interactive session when invoked by the gettext build.
In order to avoid this problem, explicitely disable emacs handling during
the build through a configure environment variable.
Also remove my now unreachable maintainer address.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Based on a submission to the uboot-lantiq repo by Eddi De Pieri.
Major cleanup and addition of brnboot second stage u-boot was done by
me.
The second stage brnboot u-boot is untested, since the brnboot prompt
is secured by a still unknown password. But should work.
The former ram values are replaced with the ram values extracted from
the original brnboot. The old ones didn't worked with the ramboot
image.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The default bootloader partition of some devices is to small for an
u-boot with uncompressed gphy firmware(s).
Instead of increasing the bootloader partition size, in compare to the
stock firmware, compress the firmware. This would allow the bootloader
of at least the FritzBox 3370 as well as the bootloader of the
VGV7510KW22 to fit into the bootloader partition of the stock firmware.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Based on a submission to the uboot-lantiq repo by Eddi De Pieri.
Devices like the xrx200 Arcadyan VGV7519 are using two NOR flash chips.
Signed-off-by: Mathias Kresin <dev@kresin.me>
This makes brcmfmac compatible with mac80211 which uses dev_alloc_name
(and so returns -ENFILE on error).
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
LEDE project seems to be using "LEDE" as its acronym everywhere. To keep
things consistent adjust default wireless SSID.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: John Crispin <john@phrozen.org>
Acked-by: Alexander Couzens <lynxis@fe80.eu>
The igb kmods selects kmod-i2c-algo-bit which in turn is invisible until
kmod-i2c-core gets selected, causing kmod-igb to be hidden from menuconfig
as well.
Let kmod-igb select kmod-i2c-core as well in order to make it visible
in menuconfig right away.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
- install correct libs to staging/usr/lib
fixes eudev, nfs-kernel-server
the lib*.a seem broken - use the correct .so files
and remove .a libs
- some build breakage was observed with parallel builds:
text-utils/more-more.o: In function `putstring':
more.c:(.text+0x1f4): undefined reference to `tputs'
text-utils/more-more.o: In function `initterm':
more.c:(.text+0x1b74): undefined reference to `setupterm'
more.c:(.text+0x1f0c): undefined reference to `tparm'
more.c:(.text+0x20ac): undefined reference to `tigetnum'
more.c:(.text+0x20c8): undefined reference to `tigetflag'
more.c:(.text+0x20ec): undefined reference to `tigetstr'
more.c:(.text+0x2148): undefined reference to `PC'
text-utils/more-more.o: In function `reset_tty':
more.c:(.text+0x2630): undefined reference to `tputs'
- fix line length
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
Some package postinstall operations, e.g. those emitted by the LuCI build
system, source and delete the uci-defaults themselves upon package insteall,
causing the generic defaults apply code to trigger shell errors like:
.../luci-app-ddns.postinst: .: line 130: can't open './40_luci-ddns'
Rework the generic apply code to check the existence of the uci-defaults
script before trying to source it, use sed to prefilter the list of entries
from the control file and perform the directory change in a subshell,
avoiding the need for cd $OLDPWD.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
reported by reproducible openwrt project[1]:
we package some libtool shell script
- add missing dependencies
- fix paths
- make in InstallDev does not seem to be necessary
tested (cal,dmesg,sfdisk) on x86 qemu VM with allyesconfig
[1]: https://reproducible.debian.net/openwrt/openwrt.html
[Jo-Philipp Wich: fix double slash in sfdisk path, reword commit message]
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Allow path specifications to refer to just '@' or '$' which is useful for
exporting the keys or array indizes of the toplevel object to the shell.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fix a „semantic typo“ introduced in b78aae793e,
where TARGET_INIT_PATH was used instead of CONFIG_TARGET_INIT_PATH.
Signed-off-by: Dario Ernst <Dario.Ernst@riverbed.com>
Generalize the partition discovery in sysupgrade in order to fix sysupgrade
and config backup/recovery on MMC block devices which use a different naming
scheme compared to mtdblock or sd* devices.
The change also adds the find applet to the ramdisk utilities so that upgrade
code can rely on it.
The commit is based on the initial submission by Russell Senior at
http://patchwork.ozlabs.org/patch/625440/ .
Signed-off-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Centralize setting all version information in include/version.mk
* Set RELEASE env variable in include/version.mk instead of toplevel.mk.
Stop exporting the variable.
* Remove hardcoded release name from /etc/banner
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
The busybox ntpd utility currently uses ntp servers specified in uci.
This patch allows the ntpd utility to use NTP servers received via DHCP(v6)
Following uci parameters have been added:
use_dhcp : enables NTP server config via DHCP(v6)
dhcp_interface : use NTP servers received only on the specified DHCP(v6) interfaces; if empty all interfaces are considered
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Instead of making assumptions about the leasefile and resolv file make sure
we use what the user configures, but fall back to defaults if no configuration
is specified
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
Update to dnsmasq2.76. Refresh patches. Add new patch to fix musl
'poll.h' location warning.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Storage of such zones is provided by a nf_ct_ext struct, hence conntrack
memory foot print will not be increased if zones are not used.
Signed-off-by: Alin Năstac <alin.nastac@gmail.com>
According to the author, all SPI related configs are copy & paste
leftovers. Which makes sense since nothing is connected to the SPI bus
on this device.
The NOR SPL isn't required for this board, since the NOR is directly
memory mapped.
Allow to overwrite the env in ram while using brn variant. Do not set
the power GPIO pin twice.
Signed-off-by: Mathias Kresin <dev@kresin.me>
use:
- 00nn for u-boot patches
- 01nn for new boards
While doing the rework, the board definitions for the easy50712 and
easy80920 were moved to distinct board definitions patches.
Signed-off-by: Mathias Kresin <dev@kresin.me>
wolfssl has a fine grained feature and compatibility control
for compiling stunnel, lighthttp or (partly) openssl dropin
ustream-ssl uses features that require normally
HAVE_SNI, HAVE_STUNNEL and the openssl compatibility headers
ar71xx ipkg sizes of wolfssl 3.9.0:
- with stunnel: 144022
- this patch (w.o. stunnel): 131712
- without openssl(extra): 111104
- w.o openssl/sni:108515
- w.o openssl/sni/ecc: 93954
so patch 300 saves around 12k compressed ipkg size
v2: keep & rename patch 300 for clarity, fixes ustream-ssl/cyassl
that broke with v1
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
Typo, missing space before ] in previous commit caused shell syntax
failure and incorrect restoration of time.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
fixes:
CVE-2016-3739: TLS certificate check bypass with mbedTLS/PolarSSL
- remove crypto auth compile fix
curl changelog of 7.46 states its fixed
- fix mbedtls and cyassl usability #19621 :
add path to certificate file (from Mozilla via curl) and
provide this in a new package
tested on ar71xx w. curl/mbedtls/wolfssl
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
conditionally save dnsmasq.time across sysupgrade
dnsmasq uses /etc/dnsmasq.time as record of the last known good
system time to aid its validation of dnssec timestamps. dnsmasq
updates the timestamp on process start/stop once it considers the system
time as valid. The timestamp file should be preserved across system
upgrade but should not be included as part of normal configuration
backups to prevent restores corrupting the current timestamp.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps. By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past. Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.
In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.
Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
conditionally save dnsmasq.time across sysupgrade
dnsmasq uses /etc/dnsmasq.time as record of the last known good
system time to aid its validation of dnssec timestamps. dnsmasq
updates the timestamp on process start/stop once it considers the system
time as valid. The timestamp file should be preserved across system
upgrade but should not be included as part of normal configuration
backups to prevent restores corrupting the current timestamp.
dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps. By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past. Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.
In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.
Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.
Some SSL applications requires a certificates bundle rather
than a directory containing certificates. For thos applications
we build the ca-bundle package
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
Add packaging of it87 hardware monitor kernel module. It is
a common thermal and voltage monitor that is in many x86
(at least) devices, and is just another i2c hwmon module.
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
The patch 300-ath9k-force-rx_clear-when-disabling-rx.patch broke TX99 support
in ath9k. Fix the patch by only applying rx_clear if TX99 mode is not used.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
The libusb package is not parallel build save, a make -j16 reliably breaks it.
Forcibly disable parallel building.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
the recent fixes to make mount_root work during failsafe caused lots of
unwanted side effects. use the new preinit sentinel file to detect if
we are in preinit. this will also work if logged in via ssh.
Signed-off-by: John Crispin <john@phrozen.org>
- Update the terminal window title with the current directory and hostname, if using an xterm-compatible terminal emulator.
- Add ll, an useful alias to ls.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
This was found while investigating why luarocks does not work. It was
traced to a quite old lnum patch for 5.1.3. I compared against the
latest 5.1.4 patch - https://github.com/LuaDist/lualnum and discovered
the lessthan/lessequal evaluation was not falling through to the
call_orderTM (tag methods).
I have tested LuCI (simple tests) and used the following lua code to
validate the patch (both host and target patches supplied): -
> local my_mt = {
> __eq = function(v1, v2)
> print("__eq")
> return false
> end,
> __lt = function(v1, v2)
> print("__lt")
> return false
> end,
> __le = function(v1, v2)
> print("__le")
> return false
> end
> }
>
> function get_my(vstring)
> local my = {}
> my.string = vstring;
> setmetatable(my, my_mt);
> return my;
> end
>
> local a = get_my("1.0")
> local b = get_my("1.0")
>
> local eq_works = a == b;
> local lt_works = a < b;
> local gt_works = a > b;
>
> local lte_works = a <= b;
> local gte_works = a >= b;
Without the patch the following error will be presented: -
“attempt to compare two table values”
Signed-off-by: David Thornley <david.thornley@touchstargroup.com>
Update the dropbear package to version 2016.73, refresh patches.
The measured .ipk sizes on an x86_64 build are:
94588 dropbear_2015.71-3_x86_64.ipk
95316 dropbear_2016.73-1_x86_64.ipk
This is an increase of roughly 700 bytes after compression.
Tested-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The original iperf package is unmaintained. This switches to the "iperf2"
project on sourceforge, a fork that started where the previous iperf left
off.
Version 2.0.8 fixes the issue that patch 002 handled, so that can be dropped.
Due to a faulty check in configure.ac, this version needs _GNU_SOURCE
defined to build properly against musl. Various other obsolete build
options were also removed.
Signed-off-by: Bert Vermeulen <bert@biot.com>
The option --disable-utmpx was deleted by accident in commit 7545c1d;
add it again to the CONFIGURE_ARGS list
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
this patch fixes a bug when using uclibc on MIPS. The bug does not exist when
using musl, so drop the fix.
Signed-off-by: John Crispin <john@phrozen.org>
The json_select call fails when there are no roles or ports objects in board.json. "json_select .." must not be executed after failing.
This fixes for example LEDs not being set up in /etc/config/system.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
Remove the udhcpc -R release option as sending a DHCP release
is configurable via the uci option release.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The patch made sure the ncursesw library was not selected to save space,
but that library doesn't exist in this distribution at all.
Signed-off-by: Bert Vermeulen <bert@biot.com>
Currently system log is always included as a part of ubox.
Add logd as a seperate package and add it to default packages list.
Signed-off-by: Andrej Vlasic <andrej.vlasic@sartura.hr>
SVN-Revision: 49285
So far fixtrx was calculating checksum over amount of data matching
partition erase size. It was mostly a workaround of checksum problem
after changing anything in initial TRX content (e.g. formatting JFFS2).
Its main purpose was to make bootloader accept modified TRX. This didn't
provide much protection of flash data against corruption.
This new option lets caller request calculating checksum over a bigger
amount of data. It may be used e.g. to include whole kernel data for
checksum and hopefully make bootloader go info failsafe mode if
something goes wrong.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
We plan to adjust usage of the main buffer to allow reading custom
amount of data for CRC32. This means we need another buffer that will be
always block aligned.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
1) Put sanity checks in one place
2) Respect provided offset
3) Read only as much data as needed for MD5 calculation
Thanks to the last change this is a great speedup and memory saver. On
devices with NAND flash we were allocating & reading about 128 MiB while
something about 8 MiB is enough.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
This avoid long (and unneeded) process of reading all data in case of
running on MTD not containig Seama entity.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
On platforms supporting both: TRX and Seama calling "fixtrx" was
resulting in trying to fix Seama as well.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Packages may install scripts into /etc/uci-defaults to be executed once
after installation, usually at the first boot of the target. This works
fine if the package was installed to the rootfs during build or using
the ImageBuilder.
If the package is installed using opkg during run-time uci-defaults
were applied only after a reboot of the device. Avoid the need to
reboot by evaluting the package's uci-defaults in default-postinst.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Bump to the latest version, fixes several security issues:
* CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176
More details at https://www.openssl.org/news/openssl-1.0.2-notes.html
Signed-off-by: Michal Hrusecky <Michal.Hrusecky@nic.cz>
Update to latest HEAD in order to fix MARK rule generation for local traffic,
also fix a possible race condition during firewall start.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This patch adds missing ASCII aliases to the libiconv stub in order to avoid conversion errors like https://github.com/openwrt/packages/issues/2373
Signed-off-by: Gergely Kiss <mail.gery@gmail.com>
Patch Lua packet script defines SHRT_MAX which is already defined in <linux/kernel.h> and
is included indirectly by lauxlib.h. Fix the redefintion as it leads to compile failure
on systems which treat macro redefinition as an error
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Remove the public unatteded buildkey from the opkg package to avoid
having hardcoded keys in tree. Use the external keyring package instead
which can be easily updated by users.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Conntrack support reads the connection track mark associated with
incoming DNS queries and sets the same mark value on the upstream
forwarded DNS query. This can be usefull to track traffic generated
by dnsmasq to associate it with the clients who generate the queries,
usefull for bandwidth accouting and firewall.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
A dropbear instance having an interface config won't start if the interface is down as no
IP address is available.
Adding interface triggers for each configured interface executing the dropbear reload script
will start the dropbear instance when the interface is up.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Utmp support tracks who is currenlty logged in by logging info to the file /var/run/utmp (supported by busybox)
Putuline support will use the utmp structure to write to the utmp file
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Make sending a DHCP release configurable when the client exits allowing to clean up
IP/mac state info in intermediate devices.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
lua_packet_segment parameter start has type char pointer; in function lua_tg
it's assigned an uint16 value generating compiler warnings obviously indicating
posssible seg fault problems. Fix the issue by using the correct skb functions
so the parameter points to the position inside the sk_buff
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Stijn Cleynhens <stijn.cleynhens@gmail.com>
Add nonshared flag to package depending on specific targets or subtargets as
there's no guarantee otherwise that they'll be available in the shared repo.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When the same package file is specified multiple times on the opkg install
command line, the name pointer on the argv array becomes stale after the
package structures have been merged, leading to invalid memory accesses
upon install.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Instead of converting the firmware files ourselves, use the files
generated during the normal kernel build process. This fixes packaging
kmod-e100 in the SDK environment.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
One of the patched files, include/unwind-cxx.h, contains windows newlines
which lead to the following failure:
Applying ./patches/006-eabi_fix.patch using plaintext:
patching file include/typeinfo
patching file include/unwind-cxx.h
Hunk #1 FAILED at 173 (different line endings).
Hunk #2 FAILED at 181 (different line endings).
Add a fixup command to the prepare phase which normalizes the line endings
before applying source patches.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
- Add %A placeholder for substituting the package architecture
- Change %U placeholder to refer to the toplevel repository URL
- Construct package feed URLs relative to the toplevel one to match new layout
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Use the new repository metadata field to choose the output directory of the
final package archives.
Non-sharable packages will be placed in the per-target package directory
while the rest will be placed in a per-repository sub directory within the
$OUTPUT_DIR/packages/$CPU_TYPE/ prefix.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This update also adds individual download of firmware files instead of fetching
every file on the repository (10-MiB vs 100+MiB).
Also copy Linux license from kernel directory instead of using the rpi-firmware
one.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
The settimeofday() syscall wrapper provided by musl filters out the timezone
argument, breaking the ability to set the kernel timezone through the function.
Adjust busybox patch to issue the syscall directly in order to circumvent the
problem.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Let DHCP client send a release when it exists so the DHCP server is
informed the IP address is released and allowing to clean up IP/mac
state info in intermediate devices.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Update to latest HEAD in order to remove the faulty "prelocal" ip rule leading
to unexpected policy rule precedence.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Running dnsmasq in a dedicated user/group allows matching its outgoing
traffic more easily using iptables' owner match.
Add UID/GID to the package metadata and append the user/group
parameters to the init script.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 49252
Enable access to GPIO on Atheros wireless chip AR9280.
Support for 9280 is added to existing 9285/9287 subsystem
because these 3 chips differ only in number of GPIO pins.
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
SVN-Revision: 49251
Change mirror to Github (Gentoo repo) and drop the gzip compression.
Worst case there's about 4kbyte increase in size but most images ends up
beign somewhere between 4-100kbyte smaller due to the lzma compression.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
SVN-Revision: 49246
Respect user configured mount flags such as "ro" or "sync" when processing
external overlay mount points.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
SVN-Revision: 49223
Fixes build with /bin/sh pointing to certain versions of dash (for example
on Void Linux).
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 49218
The following patches were merged upstream:
* 0001-switch_root-improve-statfs-f_type-portability.patch
* 0002-lib-colors-use-static-buffers-when-parse-scheme.patch
* 002-mkostemp.patch
The following patch is not needed any more because all libc
implementations support alloc in sscanf:
* 001-no-printf-alloc.patch
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49191
This has been added to the kernel uapi for a while, and makes
sense to have it here too.
At the moment we're using it for query-ing qdisc via netlink
using libnl-tiny.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49188
Parameter allows to enable/disable static leases; by default the value is 1
to keep backwards compatibility
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49187
The wpa_supplicant supports an "anonymous_identity" field, which some
EAP networks require. From the documentation:
anonymous_identity: Anonymous identity string for EAP (to be used as the
unencrypted identity with EAP types that support different tunnelled
identity, e.g., EAP-TTLS).
This change modifies the hostapd.sh script to propagate this field
from the UCI config to the wpa_supplicant.conf file.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Reviewed-by: Manuel Munz <freifunk@somakoma.de>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49181
If you have your ./files/ directory stored in a git repository,
the .git will be included into images using precious space.
This patch removes .git directories before packing images.
Signed-off-by: Joerg Jungermann <jj@borkum.net>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49180
Misc fixes for LinkIt 7688 board:
- Copy the right wireless firmware for the mt7688
- Add back '0065-mt7688-fixes.patch', left out after the move to Linux 4.4.
- Remove SPI_DEV from linux config which otherwise causes a massive warning
- Add wmac to LINKIT7688.dts so wireless works
Signed-off-by: Adam Kent <adam@semicircular.net>
SVN-Revision: 49130
Updates USB IDs list to snapshot 2015-12-17 and changes copyright to
2016.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
SVN-Revision: 49112
This adds the firmware needed for the BCM43438 included in Raspberry Pi 3.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
SVN-Revision: 49102
airo requires ISA_DMA_API and
that symbol is only set on some ppc,malta,x86
x86 is probably only platform where that driver is used
fixes buildbot errors on ar71xx,lantiq ...:
airo.ko is missing
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 49073
Silence warning "daemon.notice netifd: wan6 (1139): sh: write error: Invalid argument"
when an invalid MTU is received via RA as kernel refuses to accept IPv6 mtu values
which are smaller than 1280 and bigger than the device mtu.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
git-svn-id: svn+ssh://svn.openwrt.org/openwrt/trunk@49054 3c298f89-4303-0410-b956-a3cf2f4a3e73
- depends on CFG80211 (upstream: 9da4aa48d04bbdbae3c959809e14da2bf0c53f61)
in os_dep/mon.c
This removes rtl8188eu completely from OpenWrt
since mac80211/compat-wireless/backports does not
provide staging wireless drivers
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 49049
Some parts of this package were named rt73-pci-firmware before which
looks like a copy and past error. This renames all parts to rt73-usb-
firmware and then the firmware gets build and the dependencies from the
package with the kernel module are also working correctly.
This fixes#22069
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49037
The UML target does not have spi support.
This fixes a build problem found by the build bot.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 49034
Xiaomi MiWiFi Nano is based on Mediatek MT7628 with 64MB ram 16MB flash
Signed-off-by: Noble Pepper <openwrtmail@noblepepper.com>
v3 includes changes suggested by L. D. Pinney & Karl Palsson-
Eliminate en25q64 (4MB) flash chip
Alphabetization
Remove hyphen in model
Rename profile from miwifinano.mk to xiaomi.mk
Add gpios that are attached to leds
SVN-Revision: 49024
Explicit sets the size of the mtdparts, because the kernel has also an explicit value.
If they have diffent sizes the ubi won't be detected.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
SVN-Revision: 49018
otherwise the uboot is missing important commands like bootz
Signed-off-by: Martin Mueller <mm@sig21.net>
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
SVN-Revision: 49017
Since switching to new ubi(kernel,squashfs,ubifs) layout, the kernel lies in a
ubi volume. Dropping the mtd parts because the mtd layout is saved in the
device-tree, which is appended to the zImage.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
SVN-Revision: 49016
procd from revision b12bb150ed38a4409bef5127c77b060ee616b860 supports
writing a pidfile. This adds support for setting that parameter with
standard init script hooks:
procd_set_param pidfile /var/run/someprocess.pid
Signed-off-by: Karl Palsson <karlp@etactica.com>
SVN-Revision: 48984
IPVS (IP Virtual Server) implements transport-layer load balancing inside the Linux kernel
so called Layer-4 switching.
IPVS running on a host acts as a load balancer at the front of a cluster of real servers, it
can direct requests for TCP/UDP based services to the real servers, and makes services of
the real servers to appear as a virtual service on a single IP address.
Signed-off-by: Mauro Mozzarelli <mauro@ezplanet.net>
SVN-Revision: 48982
x509-username-field was added in OpenVPN 2.2, and verify-x509-name was
added in 2.3. This fixes ticket #18807.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
SVN-Revision: 48969
This prepares brcmfmac for better country handling and fixes BCM4360
support which was always failing with:
[ 13.249195] brcmfmac: brcmf_pcie_download_fw_nvram: FW failed to initialize
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 48959
I do not know if this causes any problems now, but we should not set
it, because it is reserved. Some more recent versions of the Lantiq DSL
API driver and Control is checking if only valid bits are set.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48948
There are some cases where ISPs are running ATM over VDSL or PTM over
ADSL, this is not the common case, but these cases exist. Make it
possible to configure OpenWrt for such cases by adding a new config
option line_mode.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48947
The detailed annex option were only available in the danube DSL app
including the activation of G.992.2 Annex A (ADSL Lite). This is now
also added to the vdsl app for the vrx200.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48946
The adsl control app missed the activation of annex M and annex L in
the Annex A part, this now activates everything the firmware supports.
In Annex L type only the wide US (Mask1) was activated, now also the
narrow US (Mask2) version gets activated.
In addition annex J was also added.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48945
Instead of having two different types adsl and vdsl just create one dsl
type. This way we can use the same luci code for adsl and vdsl and the
config parameters are not so different.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48944
I am not calling dsl_cmd because I want to ignore the lock, quit
should also be send when someone else is accessing it. I saw that some
other call was stuck here and all following calls were stuck in the
dsl_cmd lock.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48943
Instead of having two big binaries only add one binary and then a patch
to create the other one when needed at runtime.
This is easier to handle in one Makefile for both firmware files.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 48939
Fix buildbot error for mpc85xx.
ehci-fsl.ko should be packaged inside the usb2 package, because it
depends on the ehci kernel module. The fsl-mph-dr-of.ko module can stay
in an own package because the ehci driver depends on it.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48932
This fixes this section mismatch warning:
The function spi_gpio_custom_get_slave_cs() references
the variable __initdata bus_nump.
This is often because spi_gpio_custom_get_slave_cs lacks a __initdata
annotation or the annotation of bus_nump is wrong.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48930
Ensure that ikey and okey are sent in network byte order to the kernel.
Also don't mangle external IP addrs and routes when reconfiguring iinterfaces.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48919
Apply the error ignore mechanism to host builds as well in order to skip over
broken feed packages.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48918
MD5s are shorter than SHA256, so reading buffer has to be bigger to read the
whole hash.
Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>
SVN-Revision: 48917
Extend /etc/config/system with a parameter to set the
default respawn retry for procd launched services that
have respawn enabled.
config service
option respawn_retry -1
All services that don't specify specific respawn parameters
will get their defaults added by procd.sh. If respawn_retry
is specified in /etc/config/system the default retry limit
will be set to this value by procd.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
SVN-Revision: 48915
One of the host patches introduces the new header file lnum_config.h
included by luaconf.h, but doesn't install it.
Install it to allow building C modules for the host Lua.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 48907
Without the IRQF_ONESHOT flag in devm_request_threaded_irq() call I get
following error:
genirq: Threaded irq requested with handler=NULL and !ONESHOT for irq 56
gpio-keys gpio-keys: failed to request irq:56 for gpio:20
>From kernel/irq/manage.c:
The interrupt was requested with handler = NULL, so we use the default
primary handler for it. But it does not have the oneshot flag set. In
combination with level interrupts this is deadly, because the default
primary handler just wakes the thread, then the irq lines is reenabled,
but the device still has the level irq asserted. Rinse and repeat....
While this works for edge type interrupts, we play it safe and reject
unconditionally because we can't say for sure which type this interrupt
really has. The type flags are unreliable as the underlying chip
implementation can override them.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
SVN-Revision: 48894
The image_check currently fails when it cannot read all magic bytes in a
single chunk. But this can happen when the data are read from a pipe. This
currently breaks the openmesh.sh upgrade script with musl because it uses
dd with a blocksize of 1 to copy the image file to the mtd process.
The read can simply be repeated until enough bytes are read for the magic
byte check. It only stops when either an error was returned or 0 bytes were
read.
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
SVN-Revision: 48891
It was noticed that the system can hang during the reboot before the kernel
actually triggers the system reset and before all processes are stopped. The
watchdog didn't automatically restart the system because the om-watchdog
process was still running and triggering the hardware watchdog.
Instead the system should stop the watchdog during the shutdown to get the
benefit of an hardware reset in case of an software related problem. This stop
can be done quite easily with procd because it keeps track of its started
processes.
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
SVN-Revision: 48889
Enable access to GPIO chip and its pins for Atheros AR92xx
wireless devices. For now AR9285 and AR9287 are supported.
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
Acked-by: Hartmut Knaack <knaack.h@gmx.de>
SVN-Revision: 48881
Support default state for platform LEDs connected to ath9k device.
Now LEDs are correctly set on or off at ath9k module initialization.
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
Acked-by: Hartmut Knaack <knaack.h@gmx.de>
SVN-Revision: 48880
Enable platform-supplied WLAN LED name for ath9k device.
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
Acked-by: Hartmut Knaack <knaack.h@gmx.de>
SVN-Revision: 48879
CVE-2016-0704
s2_srvr.c overwrite the wrong bytes in the master-key when applying
Bleichenbacher protection for export cipher suites. This provides a
Bleichenbacher oracle, and could potentially allow more efficient variants of
the DROWN attack.
CVE-2016-0703
s2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers.
If clear-key bytes are present for these ciphers, they *displace* encrypted-key
bytes. This leads to an efficient divide-and-conquer key recovery attack: if
an eavesdropper has intercepted an SSLv2 handshake, they can use the server as
an oracle to determine the SSLv2 master-key, using only 16 connections to the
server and negligible computation. More importantly, this leads to a more
efficient version of DROWN that is effective against non-export ciphersuites,
and requires no significant computation.
CVE-2016-0702
A side-channel attack was found which makes use of cache-bank conflicts on
the Intel Sandy-Bridge microarchitecture which could lead to the recovery of
RSA keys. The ability to exploit this issue is limited as it relies on an
attacker who has control of code in a thread running on the same hyper-
threaded core as the victim thread which is performing decryptions.
CVE-2016-0799
The internal |fmtstr| function used in processing a "%s" format string in
the BIO_*printf functions could overflow while calculating the length of a
string and cause an OOB read when printing very long strings. Additionally
the internal |doapr_outch| function can attempt to write to an OOB memory
location (at an offset from the NULL pointer) in the event of a memory
allocation failure. In 1.0.2 and below this could be caused where the size
of a buffer to be allocated is greater than INT_MAX. E.g. this could be in
processing a very long "%s" format string. Memory leaks can also occur.
The first issue may mask the second issue dependent on compiler behaviour.
These problems could enable attacks where large amounts of untrusted data is
passed to the BIO_*printf functions. If applications use these functions in
this way then they could be vulnerable. OpenSSL itself uses these functions
when printing out human-readable dumps of ASN.1 data. Therefore applications
that print this data could be vulnerable if the data is from untrusted sources.
OpenSSL command line applications could also be vulnerable where they print out
ASN.1 data, or if untrusted data is passed as command line arguments. Libssl is
not considered directly vulnerable. Additionally certificates etc received via
remote connections via libssl are also unlikely to be able to trigger these
issues because of message size limits enforced within libssl.
CVE-2016-0797
In the BN_hex2bn function the number of hex digits is calculated using an int
value |i|. Later |bn_expand| is called with a value of |i * 4|. For large
values of |i| this can result in |bn_expand| not allocating any memory because
|i * 4| is negative. This can leave the internal BIGNUM data field as NULL
leading to a subsequent NULL ptr deref. For very large values of |i|, the
calculation |i * 4| could be a positive value smaller than |i|. In this case
memory is allocated to the internal BIGNUM data field, but it is insufficiently
sized leading to heap corruption. A similar issue exists in BN_dec2bn. This
could have security consequences if BN_hex2bn/BN_dec2bn is ever called by user
applications with very large untrusted hex/dec data. This is anticipated to be
a rare occurrence. All OpenSSL internal usage of these functions use data that
is not expected to be untrusted, e.g. config file data or application command
line arguments. If user developed applications generate config file data based
on untrusted data then it is possible that this could also lead to security
consequences. This is also anticipated to be rare.
CVE-2016-0798
The SRP user database lookup method SRP_VBASE_get_by_user had confusing memory
management semantics; the returned pointer was sometimes newly allocated, and
sometimes owned by the callee. The calling code has no way of distinguishing
these two cases. Specifically, SRP servers that configure a secret seed to hide
valid login information are vulnerable to a memory leak: an attacker connecting
with an invalid username can cause a memory leak of around 300 bytes per
connection. Servers that do not configure SRP, or configure SRP but do not
configure a seed are not vulnerable. In Apache, the seed directive is known as
SSLSRPUnknownUserSeed. To mitigate the memory leak, the seed handling in
SRP_VBASE_get_by_user is now disabled even if the user has configured a seed.
Applications are advised to migrate to SRP_VBASE_get1_by_user. However, note
that OpenSSL makes no strong guarantees about the indistinguishability of valid
and invalid logins. In particular, computations are currently not carried out
in constant time.
CVE-2016-0705
A double free bug was discovered when OpenSSL parses malformed DSA private keys
and could lead to a DoS attack or memory corruption for applications that
receive DSA private keys from untrusted sources. This scenario is considered
rare.
CVE-2016-0800
A cross-protocol attack was discovered that could lead to decryption of TLS
sessions by using a server supporting SSLv2 and EXPORT cipher suites as a
Bleichenbacher RSA padding oracle. Note that traffic between clients and non-
vulnerable servers can be decrypted provided another server supporting SSLv2
and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or POP)
shares the RSA keys of the non-vulnerable server. This vulnerability is known
as DROWN (CVE-2016-0800). Recovering one session key requires the attacker to
perform approximately 2^50 computation, as well as thousands of connections to
the affected server. A more efficient variant of the DROWN attack exists
against unpatched OpenSSL servers using versions that predate 1.0.2a, 1.0.1m,
1.0.0r and 0.9.8zf released on 19/Mar/2015 (see CVE-2016-0703 below). Users can
avoid this issue by disabling the SSLv2 protocol in all their SSL/TLS servers,
if they've not done so already. Disabling all SSLv2 ciphers is also sufficient,
provided the patches for CVE-2015-3197 (fixed in OpenSSL 1.0.1r and 1.0.2f)
have been deployed. Servers that have not disabled the SSLv2 protocol, and are
not patched for CVE-2015-3197 are vulnerable to DROWN even if all SSLv2
ciphers are nominally disabled, because malicious clients can force the use of
SSLv2 with EXPORT ciphers. OpenSSL 1.0.2g and 1.0.1s deploy the following
mitigation against DROWN: SSLv2 is now by default disabled at build-time.
Builds that are not configured with "enable-ssl2" will not support SSLv2.
Even if "enable-ssl2" is used, users who want to negotiate SSLv2 via the
version-flexible SSLv23_method() will need to explicitly call either of:
SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); or SSL_clear_options(ssl,
SSL_OP_NO_SSLv2); as appropriate. Even if either of those is used, or the
application explicitly uses the version-specific SSLv2_method() or its client
or server variants, SSLv2 ciphers vulnerable to exhaustive search key recovery
have been removed. Specifically, the SSLv2 40-bit EXPORT ciphers, and SSLv2
56-bit DES are no longer available. In addition, weak ciphers in SSLv3 and up
are now disabled in default builds of OpenSSL. Builds that are not configured
with "enable-weak-ssl-ciphers" will not provide any "EXPORT" or "LOW" strength
ciphers.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48868
Opkg now uses sha256 by default and expects them. Making it optionally
understand md5s also and detect md5 sum so we can migrate from configuration
that used md5.
Signed-off-by: Michal Hrusecky <Michal.Hrusecky@nic.cz>
SVN-Revision: 48867
This will be used to create a diff between the Lantiq annex A and the
annex B firmware.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48810
Enable setting a host-specific lease time for static hosts.
The new option is called "leasetime" and the format is similar
as for the default lease time: e.g. 12h, 3d, infinite
Default lease time is used for all hosts for which there is
no host-specific definition.
The option is added to /etc/config/dhcp for the selected hosts:
config host
option name 'Nexus'
option mac 'd8:50:66:55:59:7c'
option ip '192.168.1.245'
option leasetime '2h'
It gets appended to /var/etc/dnsmasq.conf like this:
dhcp-host=d8:50:66:55:59:7c,192.168.1.245,Nexus,2h
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
SVN-Revision: 48801
There are time that programs need to be notified of events from
subsystems that are not enumerated in the .json definition, e.g. QEMU
guest agent by default requires /dev/virtio-ports/org.qemu.guest_agent.0
which is a symlink to /dev/vportMpN from virtio-ports subsystem.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
SVN-Revision: 48799
This activates the format warnings in this package and that makes it
possible to activate format-security checks.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48785
This patch adds extra parameter to switch LED trigger initialization
functions. New functionality maintains backward compatibility, so
calling functions without setting new speed_mask parameter works
as expected.
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
SVN-Revision: 48776
oneshot and timer have the same configuration options, just a different
trigger name.
Signed-off-by: Karl Palsson <karlp@etactica.com>
SVN-Revision: 48770
Before r47933 Bit 1 (first bit) of xTSE Octet 1 (first octet) defaulted
to 1, which allowed T1.413 to operate.
Signed-off-by: Jonathan A. Kollasch <jakllsch@kollasch.net>
SVN-Revision: 48763
This adds option to build kernel module and firmware packages
for a Marvell 8686 SPI Wireless device
Signed-off-by: Joseph Honold <mozzwald@gmail.com>
SVN-Revision: 48750
Changeset r47775 introduced a wrong default value "n" for the ip applets
config search path, breaking the handling of named routing tables and other
objects having alias configurations.
Fix the issue by providing a proper default value aligned with the value
used by full iproute2.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48716
The Linux Distributed Switch Architecture drivers provide richer support than
the swconfig driver API in that each switch port gets its own interface which
allows protocols such as STP, LLDP, 802.1x etc.
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Signed-off-by: Pushpal Sidhu <psidhu@gateworks.com>
SVN-Revision: 48713
Update also the library version of gmp to 6.1.0.
Switch download to use the GNU alias.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
SVN-Revision: 48712
This adds support for MPLS protocol including usage of lightweight tunnels.
Kernel size of vmlinuz.bin grows by ~8k.
Signed-off-by: André Valentin <avalentin@marcant.net>
SVN-Revision: 48710
Add support for Xilinx ZC702 Dev board
Zynq target is using 4.4 kernel and mainline 2016.1 u-boot.
Patch is tested with Xilinx ZC702 Dev board with SD boot mode.
known issues:
- no QSPI driver in 4.4 kernel: no QSPI flash support
- USB is not working in 4.4 kernel
Signed-off-by: Jason Wu <jason.wu.misc@gmail.com>
create mode 100644 package/boot/uboot-zynq/Makefile
create mode 100644 target/linux/zynq/Makefile
create mode 100644 target/linux/zynq/base-files.mk
create mode 100755 target/linux/zynq/base-files/etc/board.d/02_network
create mode 100644 target/linux/zynq/base-files/etc/config/network
create mode 100644 target/linux/zynq/base-files/etc/inittab
create mode 100644 target/linux/zynq/config-4.4
create mode 100644 target/linux/zynq/image/Makefile
create mode 100755 target/linux/zynq/image/mkits.sh
create mode 100644 target/linux/zynq/patches-4.4/0001-arm-dts-zynq-zc702.dts-Set-default-rdinit-to-sbin-in.patch
create mode 100644 target/linux/zynq/profiles/zc702.mk
SVN-Revision: 48697
Many gpio controllers 'cansleep' due to the fact that they are behind busses
e.g. i2c etc.
Using threaded irq's allows for 'sleep-able' gpio's to be used.
Signed-off-by: Pushpal Sidhu <psidhu@gateworks.com>
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
SVN-Revision: 48696
Seama header has MD5 similarly to TRX and its CRC32. We need to update
it after replacing anything in Seama entity content to make bootloader
accept it.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 48688
Update OpenWRT build tree to reflect changes in TLC-591xx LED family driver.
In kernels < 4.0 the driver was present in form of a patch for the TLC-59116 chip,
and was upstreamed later in kernels > 4.0 to support the entire chip family.
Signed-off-by: Sebastian Careba <nitroshift@yahoo.com>
[jow: fix Kconfig symbol name]
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48684
With this patch sysupgrade will write directly to the partitions
instead of to the main disk. The UUID is copied from the image
to the MBR as well. This prevents the mbr from being completely
overwritten and losing the partition table. The -p option has
been added to maintain the original behavior and overwite the
entire disk with the new image. Tests have been added to ensure
that the image partitions match up with the active partitions.
Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>
SVN-Revision: 48682
On systems that have an RTC prefer it to the file-based time fixup (i.e.
use hwclock when there is a permanent clock instead of the faked up time
logic that is needed when there is not RTC).
We can't rely on hctosys kernel feature either as we're usually using
RTC as kernel modules which are usually being loaded after hctosys was
run, leading in the following error:
hctosys: unable to open rtc device (rtc0)
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
SVN-Revision: 48661
iptables is the only exception in the package tree, causing patch
behaviour to be inconsistent on this package.
Signed-off-by: Rick van der Zwet <rick.vanderzwet@anywi.com>
SVN-Revision: 48643
It's not really supported yet as it still fails with:
brcmfmac: brcmf_pcie_download_fw_nvram: FW failed to initialize
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 48640
Recently TRX checking code was changed to detect Seama format and don't
abort whole writing operation because of it. This isn't a good long-term
solution. It's a poor idea to teach every format handler recognizing all
possible formats. Instead it should be handled in a generic code which
should run check depending on the detected format.
This will also allow further improvements like fixing formats other than
TRX after replacing JFFS2.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 48639
Supported syntax is inspired by ethtool. Example usages:
swconfig dev switch0 port 2 set link "duplex half speed 100"
swconfig dev switch0 port 2 set link "autoneg on"
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 48624
This fixes the following security problems:
CVE-2016-0754: remote file name path traversal in curl tool for Windows
http://curl.haxx.se/docs/adv_20160127A.html
CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use
http://curl.haxx.se/docs/adv_20160127B.html
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48614
UCI paramater multicast is added which allows to toggle multicast support on gre interfaces.
By default multicast support is enabled as gre tunnels are often used in combination with
routing protocols using multicast.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Nick Podolak <nicholas.podolak@dtechlabs.com>
SVN-Revision: 48596
This will be needed to handle sysupgrade on NAND in a smart way. We'll
need to extract kernel our of provided Seama container, put in in a new
Seama entity and flash.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 48552
* Enable drop_invalid by default to catch unnatted packets (#21738)
* Fix processing of inversions for -i, -o, -s, -d and -p flags
* Remove delegate_* chain indirection but rely on xt_id to identify own rules
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48551
Commit 6a7e56b adds support for adding local hostname for own lan ula adress
but if ula prefix is not specified results into an invalid config (address=/OpenWrt.lan/1)
causing dnsmasq not to start up.
Use lanaddr6 when adding local hostname as the lan ula address is constructed based on the
UCI parameters ip6hint and ip6ifaceid and thus not always ula prefix suffixed with 1
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 48495
RSA keys should be generated with sufficient length.
Using 1024 bits is considered unsafe.
In other packages the used key length is 2048 bits.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
SVN-Revision: 48494
Update to upstream Git HEAD to include VHT rate support and a number of
coverity scan fixes.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48487
kmod-mrf24j40 select REGMAP_SPI since 4.3, thus add dependency to
kmod-regmap.
Found by buildbot:
Package kmod-mrf24j40 is missing dependencies for the following libraries:
regmap-spi.ko
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 48484
change 48451 tried to add support for uclient-fetch by moving
/usr/bin/wget to /bin/wget, but this change kept the symbolic
link to /bin/busybox as install_bin creates links to param 1
the desired fix is to link to uclient-fetch to wget:
install_bin /bin/uclient-fetch /bin/wget
Signed-off-by: John Clark <inindev@gmail.com>
SVN-Revision: 48483
This is useful to just use the kmods from an official build while supplying
base packages from a custom feed or the other way around; for just overriding
the kmods with a local repo while using official repos for the rest.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48475
This adds IPv6 support to qos-scripts for both tc/qdisc and the
iptables classification rules. The tc/qdisc part is accomplished
by removing "protocol ip" from the tc command line, causing the
rule to be applied to all protocols. The iptables part is
accomplished by adding each rule using both iptables and ip6tables.
This patch is based on previous work by Ilkka Ollakka and
Dominique Martinet.
Signed-off-by: Michael Marley <michael@michaelmarley.com>
SVN-Revision: 48452
with r48379 and r48386 the path of wget changed.
respect that and adjust the dirname.
this fixes#21680
Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
SVN-Revision: 48451
This adds a "srciface" option that can be used on classification
rules in /etc/config/qos. This is useful to allow prioritization
based on the local network from which the traffic originates, for
example to deprioritize traffic from a guest network.
Signed-off-by: Michael Marley <michael@michaelmarley.com>
SVN-Revision: 48446
This will make adding future glibc versions easier because the
conditionals won't have to be modified again.
Signed-off-by: Michael Marley <michael@michaelmarley.com>
SVN-Revision: 48399
Set the save-mark mask for the qos_${cg} chain to 0xff instead of
0xf0. With the old value, the nibble that was saved would be
masked during the restore, preventing ingress traffic from being
classified. Thanks to nbd for recommending the fix.
Signed-off-by: Michael Marley <michael@michaelmarley.com>
SVN-Revision: 48388
The auth change appears to break the endpoint update for most users and with
my local tests the old update url works just fine.
This reverts commit 99c03a88cb6fed0519efdfaac305794653a12542.
SVN-Revision: 48384
This pulls in CONFIG_KEYS, which bloats up the kernel size and is thus
very undesirable. It also currently exposes the kernel to a local root
vulnerability
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 48364
Introduce config options client_cert2, priv_key2 and priv_key2_pwd
used for EAP-TLS phase2 authentication in WPA-EAP client mode.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 48345
Since CRYPTO_DRBG_MENU was added in r48277, CRYPTO_DRBG_HMAC is missing.
It does not appear in kernel_menuconfig and defaults to yes, so enable
it in crypto-rng as well and add dependencies to HMAC and SHA256.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
SVN-Revision: 48341
WPA-EAP supports several phase2 (=inner) authentication methods when
using EAP-TTLS, EAP-PEAP or EAP-FAST (the latter is added as a first
step towards the UCI model supporting EAP-FAST by this commit)
The value of the auth config variable was previously expected to be
directly parseable as the content of the 'phase2' option of
wpa_supplicant.
This exposed wpa_supplicant's internals, leaving it to view-level to
set the value properly. Unfortunately, this is currently not the case,
as LuCI currently allows values like 'PAP', 'CHAP', 'MSCHAPV2'.
Users thus probably diverged and set auth to values like
'auth=MSCHAPV2' as a work-around.
This behaviour isn't explicitely documented anywhere and is not quite
intuitive...
The phase2-string is now generated according to $eap_type and $auth,
following the scheme also found in hostap's test-cases:
http://w1.fi/cgit/hostap/tree/tests/hwsim/test_ap_eap.py
The old behaviour is also still supported for the sake of not breaking
existing, working configurations.
Examples:
eap_type auth
'ttls' 'EAP-MSCHAPV2' -> phase2="autheap=MSCHAPV2"
'ttls' 'MSCHAPV2' -> phase2="auth=MSCHAPV2"
'peap' 'EAP-GTC' -> phase2="auth=GTC"
Deprecated syntax supported for compatibility:
'ttls' 'autheap=MSCHAPV2' -> phase2="autheap=MSCHAPV2"
I will suggest a patch to LuCI adding EAP-MSCHAPV2, EAP-GTC, ... to
the list of Authentication methods available.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 48309
Remove the "DEU test manager" code which has not been used for more than
two years (as the kernel module is not installed anymore since r38731).
This fixes compilation on kernel 4.3, which removes
aead_request_set_assoc (and newer kernels).
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
SVN-Revision: 48308
Currently libiconv-stub and libiconv-full use different names
for functions iconv, iconv_open, and iconv_close.
This may lead to failures when building modules, e.g. with
apr-util when NLS is not activated.
The two modules libiconv-stub and libiconv-full should be
interchangeable, so we need the same function names.
cf.
http://git.savannah.gnu.org/cgit/libiconv.git/tree/include/iconv.h.in
After applying this patch execute
make distclean
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
SVN-Revision: 48301
This was generating a conffiles list that included the binary
and CONTROL/ files.
Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>
SVN-Revision: 48296
Upstream linux 4.2 commit 84be456f883c4685680fba8e5154b5f72e92957e
"remove <asm/scatterlist.h>" requires us to include linux/scatterlist.h
instead. This also works with older kernels (at least 4.1, thanks to
Hauke Mehrtens for testing).
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
SVN-Revision: 48282
A previous change to sysupgrade moved the overlay files into upper/
The -c switch generates a list of files to backup, but the sed
calls did not take this into consideration.
Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>
SVN-Revision: 48281
This adds support for configuring VTI interfaces within /etc/config/network.
VTI interfaces are used to create IPsec tunnel interfaces. These interfaces
may be used for routing and other purposes.
Example config:
config interface 'vti1'
option proto 'vti'
option mtu '1500'
option tunlink 'wan'
option peeraddr '192.168.5.16'
option zone 'VPN'
option ikey 2
option okey 2
config interface 'vti1_static'
option proto 'static'
option ifname '@vti1'
option ipaddr '192.168.7.2/24'
The options ikey and okey correspond to the fwmark value of a ipsec policy.
The may be null if you do not want fwmarks.
Also peeraddr may be 0.0.0 if you want all ESP packets go through the
interface.
Example strongswan config:
conn vti
left=%any
leftcert=peer2.test.der
leftid=@peer2.test
right=192.168.5.16
rightid=@peer3.test
leftsubnet=0.0.0.0/0
rightsubnet=0.0.0.0/0
mark=2
auto=route
Signed-off-by: André Valentin <avalentin@marcant.net>
SVN-Revision: 48274
- update to latest version 20160104
- remove cpu dependency (PKGARCH:=all)
- set myself as package maintainer
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 48271
By default dnsmasq uses random ports for outbound dns queries;
when the minport UCI option is specified the ports used will
always be larger than the specified value.
This is usefull for systems behind firewalls.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 48244
CONFIG_VIDEOBUF2_CORE produces two object files in Linux >= 4.4.
Conditionally add the new file to FILES of kmod-video-videobuf2.
Signed-off-by: Jan Čermák <jan.cermak@nic.cz>
SVN-Revision: 48242
This fixes diverging executable search paths observed in programs
launched throughn etifd which in turn inherited the search path from
procd early on boot.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48235
The autopoint and gettextize host utilities contain hardcoded staging dir
paths which need to be overridden for the SDK environment.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48208
The patch adds a new package zlib-dev. It contains all files needed for
compiling a program using the zlib library:
/usr/include/zconf.h
/usr/include/zlib.h
/usr/lib/libz.a
/usr/lib/pkgconfig/zlib.pc
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
SVN-Revision: 48151
Source package libtool is used to package libltdl.
Unfortunately binary libtoolize is missing.
Packaging libtoolize would depend on package file which is in the
packages feed.
Felix Fietkau suggested to rename source libtool to libltdl
and to create a new package libtool in packages.
This patch contains the renaming.
CC: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
SVN-Revision: 48149
This is a patch for CVE-2015-5252, CVE-2015-5296 and CVE-2015-5299. A
patchset for these vulnerabilities was published on 16th December 2015.
Signed-off-by: Jan Čermák <jan.cermak@nic.cz>
SVN-Revision: 48133
Revision 46834 changed IPv6 support from a module to builtin. But
since the configuration of the IPv6 kernel options was left in
package/kernel/linux/modules/netsupport.mk, this means that an
empty kmod-ipv6 module was still being generated (not packaged).
This patch moves the configuration of the IPv6 kernel options to
config/Config-kernel.in to remove this last bit of the module.
Note that CONFIG_IPV6_PRIVACY was dropped (enabled by default
since Linux v3.13), so this option is no longer needed.
See 5d9efa7ee9
Signed-off-by: Arjen de Korte <arjen+openwrt@de-korte.org>
SVN-Revision: 48132
OpenWrt is often used to develop or test new devices
Some users might want to test and help to improve
this new driver
upstream commit notice 26f1fad29ad973b0fb26a9ca3dcb2a73dde781aa
New driver: rtl8xxxu (mac80211)
This is an alternate driver for a number of Realtek WiFi USB devices,
including RTL8723AU, RTL8188CU, RTL8188RU, RTL8191CU, and RTL8192CU.
It was written from scratch utilizing the Linux mac80211 stack.
After spending months cleaning up the vendor provided rtl8723au
driver, which comes with it's own 802.11 stack included, I decided to
rewrite this driver from the bottom up.
Many thanks to Johannes Berg for 802.11 insights and help and Larry
Finger for help with the vendor driver.
The full git log for the development of this driver can be found here:
git git://git.kernel.org/pub/scm/linux/kernel/git/jes/linux.git
branch rtl8723au-mac80211
This driver is still under development, but has proven to be very
stable for me. It currently supports station mode only. It has support
for OFDM and CCK rates. It does lack certain features found in the
staging driver, such as power management, AMPDU, and 40MHz channel
support. In addition it does not support AD-HOC, AP, and monitor mode
support at this point.
The driver is known to work with the following devices:
Lenovo Yoga (rtl8723au)
TP-Link TL-WN823N (rtl8192cu)
Etekcity 6R (rtl8188cu)
Daffodil LAN03 (rtl8188cu)
Alfa AWUS036NHR (rtl8188ru)
Compile tested only
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 48104
We don't use Kernel drivers but ucode -16 is
usable on Kernel 4.3+ - with backports and mac80211
this should work on older Kernel versions too.
Intel does not provide a changelog.
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 48103
Source package gre was depending on kmod-ip6-gre, however the actual
kernel module package that is created is kmod-gre6. Therefore
update (source) package gre for ipv6 gre support.
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
SVN-Revision: 48100
In sta-only configuration, wpa_supplicant needs correct regulatory
domain because otherwise it may skip channel of its AP during scan.
Another alternative is to fix "iw reg set" in mac80211 netifd script.
Currently it fails if some phy has private regulatory domain which
matches configured one.
Signed-off-by: Dmitry Ivanov <dima@ubnt.com>
SVN-Revision: 48099
iproute2-4.0 had connmark support added by nbd. This does not work
with 4.x kernels. iproute2-4.3 is the latest version and has his
changes mainlined. This patch updates the package to iproute2-4.3
and fixes the patches so that it compiles. This should resolve
ticket #21374.
Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>
SVN-Revision: 48098
Add back a slightly modified version of the lowlevel settings which
where removed with r46920.
In compare to the old lowlevel settings, the B43c tone is added to
tone_adsl_b and tone_adsl_bv.
If an unsupported tone value is used, the auto probing mode is used, in
compare to the fallback to tone_adsl_av and tone_vdsl_av with the old
lowlevel settings.
Signed-off-by: Mathias Kresin <openwrt@kresin.me>
SVN-Revision: 48054
According to ITU-T G.997.1 Amendment 2 (04/2013) section 2.1, bit 3 of
XTSE octet 8 either allow or denies the initialization of G.993.5.
Even if the current redistributable xDSL firmware doesn't include
G.993.5 vectoring support, enable this bit by default to allow people to
get their G.993.5 line working using a custom xDSL firmware.
Signed-off-by: Mathias Kresin <openwrt@kresin.me>
SVN-Revision: 48053
r47933 revealed that the driver/app in combination with the chosen
firmware does a good job in selecting a working xtse.
Use this probing mode if no annex is specified.
Signed-off-by: Mathias Kresin <openwrt@kresin.me>
SVN-Revision: 48052
This patch adds the missing VDSL2 bits to the annex specific XTSE (like
it should be according to the comments above the XTSE bits).
Since r47933 it's mandatory to remove the annex option to switch to
VDSL2 (only) operation mode.
As shown by ticket #21436 and a few mails I received personally, even
experienced users are not aware that they have to remove the annex
option to get their VDSL2 line working and as shown by this patch it
doesn't need to be that "complicated".
Signed-off-by: Mathias Kresin <openwrt@kresin.me>
SVN-Revision: 48051
MD5SUM is wrong, it was not updated during last update to v1.4.1.
Thanks to Daniel Dickinson <openwrt@daniel.thecshore.com> for reporting it.
Signed-off-by: Nicolas Thill <nico@openwrt.org>
SVN-Revision: 48017
U-boot ships with the `mx6qsabresd` configuration file to configure a
bootloader suitable for booting the Freescale i.MX6q SABRE evaluation board
from SD card. Expose this option in the uboot-imx6 Makefile.
Signed-off-by: Keno Fischer <keno@juliacomputing.com>
SVN-Revision: 48014
Changed the tunnel update URL into format tunnelbrokers
example has, that made it work again. Current method gives "Username/Password
Authentication Failed." when I tried the wget line manually and logread
eventually says also "6in4: update failed". With corrected URL it works fine:
"good 111.222.333.444" or "nochg 111.222.333.444" and logread concurs with
success, and tunnel actually updates.
Tested-by: Vaasa Hacklab <info@vaasa.hacklab.fi>
Signed-off-by: Sami Olmari <sami@olmari.fi>
SVN-Revision: 48006
Warning is:
#warning redirecting incorrect #include <sys/poll.h> to <poll.
Not a big issue.
But it can be annoying when building with -Werror set.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
SVN-Revision: 48004
Fixes build:
config/tc-i386.c: In function 'build_modrm_byte':
config/tc-i386.c:6143:31: error: logical not is only applied to the left hand side of comparison [-Werror=logical-not-parentheses]
&& !op.bitfield.reg64 != 1
Contains this fix:
https://sourceware.org/ml/binutils/2014-09/msg00095.html
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
SVN-Revision: 48003
When using cli, print link state the same way kernel used to do it.
This will allow kernel switching PORT_LINK from SWITCH_TYPE_STRING.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 47998
Only the conditional dependency ought to be required;
if build fails with JSON there is some other problem
at work.
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
SVN-Revision: 47976
By default dnsmasq sends an ICMP echo request before allocating
an IP address to a host; the uci option noping allows to disable
this check.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 47974
Changed option nonwildcard from --bind-interfaces into --bind-dynamic.
With this, Dnsmasq binds the address of individual interfaces, allowing multiple
dnsmasq instances, but if new interfaces or addresses appear, it automatically
listens on those. This makes dynamically created interfaces work in the same way as
the default, but allows also use of other DNS-servers (like Named) at the same time
on diffirent interfaces where Dnsmasq is NOT configured, whereas with
--bind-interfaces will still reserve every interface even if not used and thus
disallowing use of any other DNS-program even on unused interfaces.
Tested-by: Vaasa Hacklab <info@vaasa.hacklab.fi>
Signed-off-by: Sami Olmari <sami@olmari.fi>
SVN-Revision: 47953
This reverts r47245.
Linking to shared libraries under $STAGING_DIR_HOST{,/usr}/lib is harmful,
as these directories aren't added to LD_LIBRARY_PATH (see r47103 for an
explanation why LD_LIBRARY_PATH is not used).
Revert to static linking; in particular, this fixes the build of the python
bz2 module on OpenSUSE and Fedora (which in turn broke the build of
nodejs).
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 47950
The MR18 stores the ath9k eeprom values on the NAND.
This patch makes it possible to retrieve the images
from there.
Signed-off-by: Chris R Blake <chrisrblake93@gmail.com>
SVN-Revision: 47948
OpenWrt configuration part of support for the PowerCloud Systems
CR5000. The CR5000 is a dual-band 802.11n wireless router with
8MB flash, 64MB RAM, (unused on stock firmware) USB 2.0 port and
five port gigabit ethernet switch. The CR5000 was sold as
hardware for the Skydog cloud-managed router service.
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
SVN-Revision: 47946
OpenWRt configuration part of support for the PowerCloud
Systems CR3000. The CR3000 is a 802.11n 2.4 GHz wireless router with
8MB flash, 64MB RAM, a four port gigabit ethernet switch, and a fast
ethernet wan port that was sold by PowerCloud Systems as
hardware for the Skydog cloud-managed router service.
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
SVN-Revision: 47945
Openwrt configuration part of support for PowerCloud CAP324
Cloud AP. The CAP324 Cloud AP is a device sold by PowerCloud Systems
who's stock firmware (CloudCommand) provides 'cloud' based managment
of large numbers access points.
The CAP324 is a dual-band 802.11n wireless access point with 16MB flash
and 128MB RAM and single gigabit ethernet port. It can be powered via PoE
or a wall wart.
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
SVN-Revision: 47944
Using the JSON output option depends on json library so
add select json-c library when JSON output is selected.
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
SVN-Revision: 47928
- 1.4.x has IPv6 support
- set C std explicitly due to gcc 5 changes/old code style of dante
- disable pam via configure vars since detection of without pam option
is broken (-lpam gets linked in if available)
- remove and refresh patches
only compile tested
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 47926
- tested on Beagleboard C4
- remove upstream patches
- disable THUMB mode on OMAP3 this increases binary size
(remove CONFIG_SYS_THUMB_BUILD)
- reduce SPL size by disabling EXT feature
(remove CONFIG_SPL_EXT_SUPPORT)
this fixes 2015.07 and 2015.10-rc3
Beagleboard C4 booting
which were broken by upstream commit
with id: bd2c4522c26d535515aebca52d27c004a7e0c05c
Arm THUMB mode is broken because of an yet unknown errata
see: http://lists.denx.de/pipermail/u-boot/2015-August/225793.html
- backport upstream fix that was introduced in 2015.10-rc5
and was not fixed in 2015.10 final
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 47924
since Kernel 3.14
408eccce net: ptp: move PTP classifier in its own file
found while bug search
thx olmari on IRC
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 47923
Principal purpose is to prevent the error message
ifxmips_ptm_vdsl.c:281:ptm_hard_start_xmit: not in showtime
which is printed at least once per second to the serial console, if the
ptm interface is not in showtime, but a processes already sends
packages over that interface. This happens for adsl as well as vdsl
over ptm.
It's pppd which sends packages over the ptm device before in showtime.
As far as I can see, pppd is started unconditionally since netif can
not gather the link status of the ptm network interface.
Signed-off-by: Mathias Kresin <openwrt@kresin.me>
SVN-Revision: 47917
This prevents the unconditionally start of pppd since netifd will be
triggered if the device goes into showtime. The same applies to lost
showtime as well.
In compare to the ptm driver, this changeset isn't strictly required,
since the "not in showtime" message is limited to the debug loglevel.
But it reduces the amount of ppp related messages significant.
Signed-off-by: Mathias Kresin <openwrt@kresin.me>
SVN-Revision: 47916
- CONFIG_IFX_CLI is unused, couldn't find any reference to this config variable
- use disable-feature instead of enable-feature=no
- reorder configure args to have depending args together
- remove configure args which set the default value
- group enable-model and configure args which enable or disable features that
are covered by the feature set
The config.log contains the same values as before. The vdsl_cpe_control binary
has the same checksum as before.
Signed-off-by: Mathias Kresin <openwrt@kresin.me>
SVN-Revision: 47888
The typicial feature set doesn't include "DSL PM showtime counters support"
(INCLUDE_DSL_CPE_PM_SHOWTIME_COUNTERS). This feature provides the
vdsl_cpe_control command 'pmccsg', which is used by 'dsl_control status' to get
the line uptime.
The binary size increases to 103912 byte (+4256 byte) uncompressed.
Signed-off-by: Mathias Kresin <openwrt@kresin.me>
SVN-Revision: 47887
Add 'platform_nand_pre_upgrade' callback to allow platform specific
preparation right before flashinng, when already in ramdisk.
Example uses might be setting correct values for CI_{KERNPART,UBIPART}.
Signed-off-by: Nikolay Martynov <mar.kolya@gmail.com>
SVN-Revision: 47879
Replace former uci-defaults.sh implementation with the uci-defaults-new.sh one
and update all users accordingly.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47867
OpenSSL moves old versions of the library from
http://www.openssl.org/source/ to
http://www.openssl.org/source/old/$version/ breaking the old links.
That behavior breaks the OpenWRT-build every time OpenSSL releases
a new version.
This patch adds http://www.openssl.org/source/old/$version/ to the
PKG_SOURCE_URL of OpenSSL to avoid breaking the build whenever
OpenSSL releases a new version.
Signed-off-by: Kevin Kirsch <ranlvor@starletp9.de>
Reviewed-by: Alexander Dahl <post@lespocky.de>
SVN-Revision: 47860
Add the option "--all-servers" which forces dnsmasq to send all
queries to all servers and then take the first answer.
Signed-off-by: Andréas Gustafsson <gurgalof@gmail.com>
SVN-Revision: 47857
LEDs which are controlled by a PWM need to use the supplied
max_brightness instead. Otherwise they might appear to be
very dim / broken.
Signed-off-by: Chris R Blake <chrisrblake93@gmail.com>
SVN-Revision: 47854
Packages using libncursesw can fail to build if both libncurses and libncursesw
are not installed. Currently the ncurses.h file is installed in "usr/include/ncursesw"
directory and includes other .h files in the "usr/include" directory incorrectly.
For example: Including <ncursesw/ncurses.h> fails due to these references. These build
changes will set the correct include paths within the developer includes.
Packages that expect ncurses.h (or curses.h) in the default "usr/include" path fail
even when expecting to build with libncursesw and will need to be fixed as well. However,
they cannot be fixed until this patch is applied.
Signed-off-by: Ted Hess <thess@kitschensync.net>
SVN-Revision: 47853
Useful when using sound players that can send to icecast, etc. without any sound device attached.
Signed-off-by: Ted Hess <thess@kitschensync.net>
SVN-Revision: 47852
Because of dsl-vrx200-firmware-xdsl-* there's no need anymore to
download a dsl firmware at runtime.
Signed-off-by: Andre Heider <a.heider@gmail.com>
SVN-Revision: 47851
this error was not visible until recent bump to
busybox 1.24.1 stable which introduced a warning message
when keyword 'local' is not used with a shell-function.
this does not change behavior and is a cosmetic cleanup.
fixes the following output:
root@box:~ ifup <interface>
/sbin/ifup: local: line 362: not in a function
/sbin/ifup: local: line 362: not in a function
/sbin/ifup: local: line 1: not in a function
Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
SVN-Revision: 47828
Since kernel 4.2, DRBG is the default crypto API RNG, replacing krng. As
DRBG is not enabled, there is no crypto API RNG available when running
kernel 4.2 or later. Because of this, IPsec SAs fail to install. In
strongSwan, this results in a vague error that is difficult to debug:
received netlink error: No such file or directory (2)
Solve this by adding DRBG to the kmod-crypto-rng package. As enabling
DRBG in the kernel config also enables the Jitterentropy RNG, include it
in kmod-crypto-rng instead of having it in a separate package.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
SVN-Revision: 47827
Bump ubus to current Git HEAD in order to:
* Fix a null pointer access when user ACLs are loaded into memory
* Fix wrong permission handling for uid=0, gid!=0 peers
* Fix return code for permission defined cases
* Fix socket error handling when the server connection dies
* Make ACL file path configurable
* Remove invalid usages of poll() when using a zero timeout
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47816
The "iw" utility expects the VHT80 to be specified as uppercase "80MHZ",
change the script to reflect that.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47814
This version and version 3.6.8 are fixing the following security problems:
* CVE-2015-7744
* CVE-2015-6925
The activation of SSLv3 support is needed for curl.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47791
This should ensure that lldpd is among the first processes to stop,
so that it has time to send the shutdown LLDPU to the other side,
before the network goes down.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
SVN-Revision: 47786
Support next to the non-HT/HT channel widths like HT20 or NOHT also VHT80
channels during the mesh join
iw dev mesh0 mesh join "meshnet" freq 5180 80MHz
Signed-off-by: Sven Eckelmann <sven@open-mesh.com>
SVN-Revision: 47782
Fix the id of NL80211_ATTR_WIPHY_ANTENNA_GAIN for antenna_gain command when
using compat-wireless 2015-10-26.
Signed-off-by: Sven Eckelmann <sven@open-mesh.com>
SVN-Revision: 47778
r47288 updated to Busybox 1.24.1 but did not update the configuration.
The configuration is updated by running
cd config
../convert_menuconfig.pl .../build_dir/target-*/busybox-1.24.1
cd ..
./convert_defaults.pl < .../build_dir/target-*/busybox-1.24.1/.config > \
Config-defaults.in
Signed-off-by: Mark Mentovai <mark@moxienet.com>
SVN-Revision: 47775
Use the 'typical' compile configuration instead of 'full', which most
notably excludes the soap support.
/sbin/vdsl_cpe_control shrinks down to ~50%, from 178kb(!) to 90kb.
Signed-off-by: Andre Heider <a.heider@gmail.com>
SVN-Revision: 47769
This adds support for specifying the dsl modem, atm bridge configs and setting
the pppoe protocol for wan.
These additions are required to port the Lantiq target to board.d.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47750
Some boards, e.g. the Sheeva Plug, require the lan interface to be set
to DHCP instead of a static address, therfore support that.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47732
This is a minor version update which fixes some small bugs. None of
these bugs were exploitable according to the release notes.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
SVN-Revision: 47724
This changes uci-defaults-new.sh, config_generate and all relevant board.d
files in order combine ucidef_add_switch() and ucidef_add_switch_ports() into
a single function.
Also removes now superfluous enable and reset arguments.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47721
Out of 69 switch definitions, only 3 pass something different than "1" as
values for reset and enable, with one of those three being invalid.
This change ...
* removes the reset and enable arguments from ucidef_add_switch()
* unconditionally writes reset:1 and enable:1 to JSON
* converts the three users of nonstandard values to ucidef_add_switch_attr()
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47720
Remove support for now unused ucidef_add_switch_vlan(), move port->vlan and
vlan->interfaces conversion to uci-defaults-new.sh and massively simplify
config_generate.
This change prepares the following upcoming steps:
* Eliminate use of ucidef_set_interface_lan_wan() for switch only devices
* Merge ucidef_add_switch() with ucidef_add_switch_ports()
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47719
Update dependencies for linux 4.4 and mark as broken where source code
needs updating.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 47700
Only se4t the force_link property for non-lan, non-wan ifaces as it is
unnecessary in the default cases.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47675
Properly quote variables in ucidef_set_interface_lan() and
ucidef_set_interface_lan(), otherwise interfaces with multiple devices
are not properly written into the configuration.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47673
Add ucidef_set_board_id() and ucidef_set_model_name() procedures to store
model information in the board.json file.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47671
The only user was the hg255d board and config_generate did not even emit
proper uci for it.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47658
Remove extra nesting of rssi leds in the led object and move rssi monitor
declaration to its own object.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47655
This just renamed the package to indicate that this is the annex a version.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@lantiq.com>
SVN-Revision: 47649
Add support for generating vlans solely from the port layout description
given through ucidef_add_switch_ports().
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47639
Add further helper functions to uci-defaults-new.sh for easier declarations
of complex switch layouts.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47638
In this upstream dsl driver app version the autoboot is deactivated activate
it again.
In addition to the update this also fixes some build warnings and makes it
use the same configure option as used in Lantiq UGW.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@lantiq.com>
SVN-Revision: 47637
In addition to the update this also fixes some build warnings and makes it
use the same configure option as used in Lantiq UGW.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@lantiq.com>
SVN-Revision: 47635
In addition to the update this also fixes some build warnings and makes it
use the same configure option as used in Lantiq UGW.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@lantiq.com>
SVN-Revision: 47634
This application helps to debug some internal problems in the MEI driver.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@lantiq.com>
SVN-Revision: 47632
This makes the build script use the same configure options as used by
Lantiq UGW and fixes some warnings and cleans up some of the patches.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@lantiq.com>
SVN-Revision: 47630
since r45833 and r45848 the overlayfs is automatically mounted read-only
(and blocks remounts as r/w) when JFFS2 is full. see ticket #19564
because of this normal file deletion is not possible anymore.
if a user logins interactively (e.g. SSH) show a hint for this,
that files must be removed in /overlay/upper/...
v2: fix subject line
Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
SVN-Revision: 47623
The scripts for authsae and iw use the option mesh_id to get set the
"meshid" during a mesh join. But the script for wpad-mesh ignores the
option mesh_id and instead uses the option ssid. Unify the mesh
configuration and let the wpa_supplicant script also use the mesh_id from
the configuration.
Signed-off-by: Sven Eckelmann <sven@open-mesh.com>
SVN-Revision: 47615
The OpenWrt wireless configuration for mcast_rate is defined as Kbit/s when
using wpa_supplicant for IBSS/802.11s and iw for unencrypted IBSS/802.11s.
But when using authsae, the unit for the same option is redefined as
Mbit/s. Better use the same unit for this option independent of the backend
which is used.
Old values for mcast_rate (< 1000) are still interpreted Mbit/s to avoid
problems during upgrades from older versions.
Signed-off-by: Sven Eckelmann <sven@open-mesh.com>
SVN-Revision: 47614
The variable $mesh_id was never defined in authsae_start_interface and thus
the option meshid in $authsae_conf_file was always set to "".
Signed-off-by: Sven Eckelmann <sven@open-mesh.com>
SVN-Revision: 47613
This version fixes a potential uncontrolled format string problem. This
makes it possible to activate the format security check.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47600
This version fixes a potential uncontrolled format string problem. This
makes it possible to activate the format security check.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47599
This version fixes a potential uncontrolled format string problem. This
makes it possible to activate the format security check.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47598
If the user sets any preinit options in .config, the wrong path may get
applied due to wrong default value in image-config.in and due to Makefile
writing also the unchanged options into 00_preinit.conf
Modify the default path in image-config.in to match the current default
path set by r47080. Also modify the fall-back default in Makefile.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
SVN-Revision: 47590
I accidentally deactivated it. This should be set to active it in any case
independently what was set in the user config.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47587
All RTC drivers require the kernel to be built with CONFIG_RTC_CLASS=y.
Set it accordingly.
Tested only with DS1307.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
SVN-Revision: 47564
gcc-5 handles inline without static differently and that makes
uboot-mxs fail to build. Remove the inline so it gets exported and can
be used in other functions.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47533
Now we have all targets using platform_pre_upgrade (and calling
nand_do_upgrade directly) we don't need nand_upgrade_stage1 to be in
sysupgrade_pre_upgrade hooks anymore.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 47489
Spotted a missing 'ip6_udp_tunnel.ko' build failure during a local
build with all kmods enabled but globally disabled IPv6 support.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47487
Support for scsi tape devices as kernel module.
This allow to use scsi tape devices in openwrt.
Signed-off-by: Giuseppe Magnotta <giuseppe.magnotta@gmail.com>
[moved to block.mk]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47482
Fixes compilation with Linux 4.3. Runtime tested on Ubiquiti EdgeRouter
Lite with Linux 3.18, 4.1 and 4.3.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
SVN-Revision: 47470
Updates the ath10-firmware release to current git and updates the
QCA988X firmware in use to version 10.2.4.70.12-2 which appears to
actually fix the stability problems when using a Nexus 5X phone as
per issue #20854. Also updates the Makefile for a change in the
location of the board.bin file for QCA988X in the source repository.
Signed-off-by: Robert Hancock <hancockrwd@gmail.com>
SVN-Revision: 47469
compat-wireless/backports now contains a bcm47xx_nvram.h file to
backport some of the functions in it which are used by the bcmfmac
driver. This file just checks for the kernel versions and provide an
empty implementations on older kernel versions. This is OK on most
systems, but on bcm47xx / bcm53xx systems we want to call the real
functions here. This commit removes the file from backports in our
build process like we do it with the bcma and ssb header files. Instead
we add a recent version into our kernel so all code uses only one
header file. On bcm47xx / bcm53xx the real implementations of this code
will be used.
Reported-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47467
Currently some libnl headers require application code to include
dependencies on its own. E.g. a simple include of <linux/netlink.h>
will trigger an error:
/usr/include/libnl-tiny/linux/netlink.h:32:2: error: unknown type name 'sa_family_t'
Similarly including <netlink/handlers.h> causes:
/usr/include/libnl-tiny/netlink/handlers.h:133:19: warning: 'struct ucred' declared inside parameter list [enabled by default]
Fix it by including <sys/socket.h> where needed in libnl headers.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 47456
Updates the ath10k firmware version for QCA988X to version
10.2.4.70.10-2, which appears to fix problems with the 5GHz wireless
failing on TP-Link Archer C7 v2 when using a Nexus 5X phone. Fixes
issue #20854.
Signed-off-by: Robert Hancock <hancockrwd@gmail.com>
SVN-Revision: 47454
Only costs about 3k compressed, but significantly improves handling of
configuration mismatch
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 47439
This is done with existing code from the WRT1900AC port.
It makes sure the "auto_recovery" bootloader option is set,
and resets the s_env boot counter after a successful boot.
This gives users without a serial console connection some
measure of safety.
Signed-off-by: Claudio Leite <leitec@staticky.com>
SVN-Revision: 47433
- Use board engineering names rather than marketing names
- Linksys uses a dual firmware layout, where the bootloader
will switch to the other stored image when one fails to
boot three consecutive times.
In order to make this firmware compatible with the factory
images and the stock bootloader we must match this layout.
Signed-off-by: Claudio Leite <leitec@staticky.com>
SVN-Revision: 47429
Add a new config option "channels" for mac80211 wifi devices. It's only
valid if automatic channel selection is used and restricts the channel
selection to one of the given channels.
config wifi-device
list channels 1
list channels 6
list channels 11
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
SVN-Revision: 47427
as conntrack and conntrackd are completely independent programs,
serving a different purpose.
Also split by other distributions, as Debian and Ubuntu.
Signed-off-by: Ulrich Weber <uw@ocedo.com>
SVN-Revision: 47424
default configuration will fill up disk by
writing /var/log/conntrackd-stats.log
Introduced due init script auto start.
Signed-off-by: Ulrich Weber <uw@ocedo.com>
SVN-Revision: 47422
In order to set the multicast rate for mesh point interfaces the "mesh join"
was made explicit and moved to mac80211_setup_vif(), similar to how it is
done for IBSS interfaces.
Previously, the mesh join was made implicit in case authentication (i.e.
$key) was not used when creating the interface in mac80211_prepare_vif(),
while using authentication would create the interface first, then join
later in mac80211_setup_vif() by starting authsae.
Signed-off-by: Nils Schneider <nils@nilsschneider.net>
SVN-Revision: 47408
Seems the default one is not working as expected.
The way that reload should work is that the 'start' service
call should return 1 (if lldpd is running) and then a normal
restart would be called.
However, for lldpd a reload would mean just clearing all custom TLVs
(if they're configured) and reloading the configuration.
So, this patch adds a reload hook, which would:
- 'start' lldpd if it's not running (because we return 1 if not running)
- reload configuration if it is running (also previously
clearing custom TLVs if present)
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
SVN-Revision: 47367
llid_in_use needs to be limited to stations of the same VIF, otherwise it
will cause a NULL deref as the sta_info of non-mesh-VIFs don't have
sta->mesh set.
Steps to reproduce:
modprobe mac80211_hwsim channels=2
iw phy phy0 interface add ibss0 type ibss
iw phy phy0 interface add mesh0 type mp
iw phy phy1 interface add ibss1 type ibss
iw phy phy1 interface add mesh1 type mp
ip link set ibss0 up
ip link set mesh0 up
ip link set ibss1 up
ip link set mesh1 up
iw dev ibss0 ibss join foo 2412
iw dev ibss1 ibss join foo 2412
# Ensure that ibss0 and ibss1 are actually associated; I often need to
# leave and join the cell on ibss1 a second time.
iw dev mesh0 mesh join bar
iw dev mesh1 mesh join bar # crash
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 47364
r46861 introduced a new option eapol_version to hostapd, but did not
provide a default value. When the option value is evaluated,
the non-existing value causes errors to the systen log:
"netifd: radio0: sh: out of range"
Add a no-op default value 0 for eapol_version. Only values 1 or 2 are
actually passed on, so 0 will not change the default action in hostapd.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
SVN-Revision: 47361
This fix contains 2 parts:
- kernel 4.1: backport upstream patch "perf build: Do not fail on missing Build file"
- add NO_LZMA=1 to perf MAKE_FLAGS to disable LZMA support
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
SVN-Revision: 47338
If building usbmon support then you'll likely want to have
USB support in libpcap as well.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
SVN-Revision: 47265
It looks like the bzip2 package does not install any shared libs
and has no build rules to install any shared libs.
So, for the host build we're installing the libbz2 shared libs manually
so that other modules can link against them.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
SVN-Revision: 47245
The CONFIG_BT_HCIUART_ATH3K may not be "m", therfore we cannot inherit the
kmod selection state. Force the "CONFIG_BT_HCIUART_ATH3K" symbol to "y" in
order to avoid `warning: symbol value 'm' invalid for BT_HCIUART_ATH3K` and
subsequent kconfig stalls.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47237
This is another useful gadget driver that can allow an OTG port to act as a
mass storage device.
Signed-off-by: Pushpal Sidhu <psidhu@gateworks.com>
SVN-Revision: 47225
Adds the package to select the mvsw61xx module present in the 3.18/4.0/4.1
kernels.
Signed-off-by: Pushpal Sidhu <psidhu@gateworks.com>
SVN-Revision: 47224
FHS mandates presence of /var/tmp on compliant systems.
The lack of /var/tmp was discovered when using MIT Kerberos libraries
which default to that location for storing credentials cache.
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
SVN-Revision: 47219
Update iperf3 to point to the correct project website. Prior URL was the
old iperf2 website.
Signed-off-by: Karl Palsson <karlp@remake.is>
SVN-Revision: 47184
The two commits
5162e3b0ee7bd1d0fd6e75e1ca7993a1834b5291
"allow request handlers to disable chunked reponses"
and
618493e378e2239f0d30902e47adfa134e649fdc
"file: disable chunked encoding for file responses"
broke the chunked transfer encoding handling for proc responses in keep-alive
connections that followed a file response with http status 204 or 304.
The effect of this bug is that cgi responses following a 204 or 304 one where
sent neither in chunked encoding nor with a content-length header, causing
browsers to stall until the keep alive timeout was reached.
Fix the logic flaw by inverting the chunk prevention flag in the client state
and by testing the chunked encoding preconditions every time instead of
once upon client (re-)initialization.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47161
One second is not enough for some devices to ackowledge null data frame
which is sent at the end of ap_max_inactivity interval. In particular,
this causes severe Wi-Fi instability with Apple iPhone which may take
up to 3 seconds to respond.
Signed-off-by: Dmitry Ivanov <dima@ubnt.com>
SVN-Revision: 47149
Seems the match pattern was being adapted from 'eth0' to ' eth0'
because of the way I added the procd command args.
This did not seem to be a problem when there were multiple interfaces,
just on devices with single interfaces for lldpd to listen on.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
SVN-Revision: 47136
This URL can be embedded e.g. within UPnP announcements where a link
to the manufacturer's homepage is desired.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
SVN-Revision: 47135
OpenVPN 2.3 added a route-pre-down option, to run a command before
routes are removed upon disconnection.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
SVN-Revision: 47134
Install header files into same location as pkgconfig/libnl-3.0.pc says:
Cflags: -I${includedir}/libnl3
Signed-off-by: Bruno Randolf <br1@einfach.org>
SVN-Revision: 47102
Recently all targets have been updated to call nand_do_upgrade directly.
It's not needed anymore to leave a magic /tmp/sysupgrade-nand-path mark
during image check.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Acked-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 47079
When using FullMAC drivers (e.g. brcmfmac) we don't get mgmt frames so
check for banned client in probe request handler won't ever be used.
Since cfg80211 provides us info about STA associating let's put a check
there.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 47064
There is no RFC requirement that DHCPv6 servers must reply with a link local
address and some ISP servers in the wild appear to using addresses in the ULA
range to send DHCPv6 offers.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47048
Some modules may require only libnl-genl, some
libnl-route and fewer would require libnl-nf.
This patch splits the entire libnl package into smaller
more granular libs that can be installed individually as required.
Also added libnl*.so symlinks for convenience.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
SVN-Revision: 47037
Since r46834, IPv6 support is builtin if selected. Therefor, dependencies
on kmod-ipv6 can no longer be fulfilled, since it is not a module anymore.
Signed-off-by: Arjen de Korte <arjen+openwrt@de-korte.org>
SVN-Revision: 47022
Even though there are not many users left within the OpenWrt tree it seems
this function broke during the kernel 3.18 transition.
Fix it by providing a workdir as required by overlayfs.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
SVN-Revision: 47015
Using protocol qmi does not work since qmi.sh is not executable.
Setting option dhcp explicitely to 0 actually enables it.
This patch fixes both problems.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 47014
The current patch to add Duckbill support is wrong and does not
even compile. So replace this patch with a working one.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
SVN-Revision: 47007
Our ruleset requires kernel support for conntrack state matching, therfore
depend on the require kmod. Fixes#20542.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46990
'opkg list' command only displays the available packages' name, version and
description. It would be useful to also see the approximate size of the
available package.
This patch extends "opkg list" command with "--size" to optionally show also
the *.ipk size.
* Default behaviour is to list the available packages as earlier:
"name - version - description"
* with "--size" the output of is "name - version - size - description".
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
SVN-Revision: 46980
- Simplify user spec parsing code
- Alias IPKG_INSTROOT to shorten code
- Quote variables where appropriate
- Remove a useless-use-of-cat instance
- Suppress errors in case control or list files are missing
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46975
This call is no longer supported.
Maybe a come-back for it would be to use a config /etc/lldpd.conf
or /etc/lldpd.d/<some-file>.conf
Signed-off-by: Alexandru Ardelean <aa@ocedo.com>
SVN-Revision: 46966
OpenWrt should support an optional /etc/profile.d directory like
most other Linux distributions. This allows packages to install
their own scripts into /etc/profile.d/ directory.
The file suffix should make clear, that these scripts
are (sourced) shell-snippets. If the user needs e.g. php or lua,
one must make sure that the interpreter is called.
The reverse failsafe test makes sure, that the effective returncode is 0.
A typcal usecase is the inclusion of private helpers,
special variables or aliases, which at the moment needs
patching the sourcecode and is not well maintainable.
Now the builder can simply add there files.
v1 initial work of Hendrik Lüth <hendrik@linux-nerds.de>
v2 changes regarding RFC (e.g. thomas.langer@lantiq.com)
v3 changes regarding RFC (e.g. mschiffer@universe-factory.net)
v4 keep it simple and mimic OpenWrt style
Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
SVN-Revision: 46965
This patch fix https://lists.openwrt.org/pipermail/openwrt-devel/
2015-August/034979.html. As the peak detect calibration is set
incorrectly.
Signed-off-by: Miaoqing Pan <miaoqing@codeaurora.org>
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 46948
this need to be applied after my work on ujail (procd git)
ujail doesn't depend on seccomp and some archs dont support seccomp
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
SVN-Revision: 46936
Thanks to Sylwester Petela for testing my patch (successfully on an
ADSL connection) and for pointing out some configuration mistakes.
Others (including me) have also successfully tested this extensively
on VDSL connections.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
SVN-Revision: 46920
DWC2 driver has config symbol CONFIG_USB_DWC2_DEBUG_PERIODIC which
should be defined for the module build.
Signed-off-by: Antti Seppälä <a.seppala@gmail.com>
SVN-Revision: 46916
Expose the "lists_dir" configuration file option as command line
switch so that we can override it for the Image Builder environment.
Also add a more standard PKG_MAINTAINER variable while touching
the Makefile.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46911
The driver only supports wl18xx-fw-4.bin and does not support the old
firmware wl18xx-fw-3.bin and more.
The wl18xx-conf.bin file was removed upstream it does not fit all
devices any more, see this on how to generate one:
http://processors.wiki.ti.com/index.php/Open_Source_Wireless_Connectivity_wlconf
If someone has a config file for the common platforms with the wifi nic
OpenWrt uses please send a patch.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46887
- should fix issue: https://forum.openwrt.org/viewtopic.php?id=57315
- enable support of more USB stick with rt28xx chipsets
- experimental: USB-IDs not in vendor linux driver
- experimental: "exact chipset is unknown"
- experimental: "enabling these devices may or may not work"
only compile tested
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 46882
due to ordering PKG_SOURCE_VERSION is not defined leading
to a filename "ugps-.tar.bz2"
This errors out when an older version is in the dl/ dir (or LOCALMIRROR)
fix order and use uhttpd file naming scheme to visibly include date
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 46868
Move the pattern setting from netifd's service script to
/etc/sysctl.conf. Put the timestamp component '%t' just after
executable name '%e' for more natural order from output of ls command.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
SVN-Revision: 46867
Add eapol_version to the openwrt wireless config ssid section.
Only eapol_version=1 and 2 will get passed to hostapd, the default
in hostapd is 2.
This is only useful for really old client devices that don't
accept eapol_version=2.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
SVN-Revision: 46861
As the OpenWrt build system only resolves build dependencies per directory,
all hostapd variants were causing libopenssl to be downloaded and built,
not only wpad-mesh. Fix this by applying the same workaround as in
ustream-ssl.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 46851
As the OpenWrt build system only resolves build dependencies per directory,
all opkg variants were causing libopenssl to be downloaded and built,
not only opkg-smime. Fix this by applying the same workaround as in
ustream-ssl.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 46850
By setting the option pdptype to IP, IPV6 or IPV4V6 the user can
choose the context type between IPv4, IPv6 and dual stack,
respectively. The default setting is dual stack, except if option
ipv6=0 is specified, in which case IPv4 context is the default.
This allows for an out-of-the-box IPv6 support with modems
utilizing NCM-like protocols.
While we are at it, also add commands for Sierra DirectIP modems
(currently untested), which will allow us to drop the separate
comgt-directip package (once tested and verified working).
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 46844
Use the new --ip-family option to start both IPv4 and IPv6 sessions
by default. Autoconnect can't be used when starting two sessions,
so revert back to using the client IDs and packet data handles for
handling the network connection.
Some modem firmwares do not implement a RA server, therefore by
default use outband IP configuration and static addressing. Some
other firmwares report bogus IP configuration with the WDS get
current settings command. In this case inband configuration with
DHCP/RA can be optionally enabled by setting option dhcp to 1.
Per 3GPP standard a /64 prefix is served to all clients, which is
extended to LAN as specified in RFC 7278.
v2: Restrict the IPv6 gateway route source address
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 46843
Seems like my second try was again whitespace broken. Sorry for the noise.
Remove src_port from firewall.config to receive dhcpv6 replies. Fixes#20295.
Signed-off-by: Anselm Eberhardt <a.eberhardt@cygnusnetworks.de>
SVN-Revision: 46842
lock -n is similiar to flock -n. If the lock was already taken,
fail with exit code = 1 and write error message to stderr.
example:
if ! lock -n /tmp/foo ; then
echo lock exits.
else
echo lock was free. But is locked now.
fi
> lock was free. But is locked now.
> lock exists.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
SVN-Revision: 46836
added: ip addr, ip route, ip link, traceroute6
removed: hostid, devmem, vconfig, arping
deprecated (to be removed): ifconfig, route
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 46829
Everything except for blkcipher was already built-in, so make blkcipher
built-in as well.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 46820
While technically required by the RFC, they are usually completely
unused (DSA), or have security issues (3DES, CBC)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 46814
This enables passworldless login for root via SSH whenever no root
password is set (e.g. after reset, flashing without keeping config
or in failsafe) and removes telnet support alltogether.
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 46809
* ra: don't announce as default router if we aren't (regression)
* ra: reduce maximum announced dns lifetimes due to buggy clients
* dhcpv6: fix mac-based lease-matching
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 46802
Without this patch adding the wifi device to the bridge may fail
because the bridge is not already configured when the wifi device gets
configured. This patch makes broadcom-wl wait till the bridge is ready.
This fixes#17262
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46749
Add CONFIG_IEEE80211W variable to DRIVER_MAKEOPTS so that 802.11w
support is properly compiled in full variant.
This fixes#20179
Signed-off-by: Janusz Dziemidowicz <rraptorr@nails.eu.org>
SVN-Revision: 46737
So far support for multiple interface was somehow broken in brcmfmac.
Driver couldn't correctly match firmware and system interfaces resulting
in not working APs and WARNINGs. This pending patches fixes that :)
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46734
We sill don't use kernel 4.2 which is required for backporting using
upstream NVRAM support patch.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46724
The ipw2x00 drivers assume that the system they are running is little
endian, and access everything in native byte order. When run on a big
endian system, everything breaks apart.
Since fixing this is non trivial on a first glance, disable them for
big endian targets.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 46708
The u-boot boot counter was never reset after a successful boot,
which sometimes could make some variables become out of sync.
This patch adds support for the boot counter and enables
auto_recovery unconditionally.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
SVN-Revision: 46690
Packages that depend on PolarSSL fail to build because polarssl's InstallDev
section never actually gets executed because (prior to this patch) the package
name does not match the subdir the package is in (presumably due to upstream
name change). As a workaround I have changed the package name back to
polarssl and used a new variable SRC_PKG_NAME for the purposes of downloading
the upstream tarball and creating PKG_BUILD_DIR.
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
SVN-Revision: 46683
firmware is not available in linux-firmware yet
so use official driver source
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 46682
Using the postinst script for sanity checks and expecting opkg to fail
if the postinst didn't return 0 was possible in Barrier Breaker, propagate
the real postinst return code through default_postinst to restore this
behaviour.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 46653
Other VLAN related options are already being processed in netifd.sh
but the vlan_file option is missing. This option allows the mapping
of vlan IDs to network interfaces and will be used in dynamic VLAN
feature for binding stations to interfaces based on VLAN
assignments. The change is done similarly to the wpa_psk_file
option.
Signed-off-by: Gong Cheng <chengg11@yahoo.com>
SVN-Revision: 46652
With this change we let user know 5 seconds have passed and reset button
can be released (to trigger factory reset)
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46650
fix generating syscall-names.h
Sometimes the syscall number is not defined with a number but with an
offset to an other syscall and then make_syscall_h.sh created some
broken header file.
For example the bit/syscall.h from musl for i386 has this:
#define __NR_timer_create 259
#define __NR_timer_settime (__NR_timer_create+1)
With this patch the resulting array looks like this:
[259] = "timer_create",
[(__NR_timer_create+1)] = "timer_settime",
This closes#20195.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46612
Add /etc/samba/smbpasswd to list of samba conffiles
thus preserving samba passwords across sysupgrade
by default.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
SVN-Revision: 46606
Install uboot files to KERNEL_BUILD_DIR instead of BIN_DIR to fix
ImageBuilder. Similar fixes are necessary for many (all?) other uboot
targets.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 46605
Fixes a 100% cpu usage issue if using dhcp-script.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46550
Better synchronize RA & DHCPv6 events
Accumulate some events to avoid flooding
Restart softwires for address and prefix changes
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 46518
of_get_gpio_flags() could return an error like EPROBE_DEFER which was
not handled before. This patch takes the code from gpio_keys_polled.c
for error handling and also improves some other unrelated small parts.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46502
This was deactivated in r21954 because it depended on kernel 2.4, but
this module also compiles with kernel 3.18.
This closes#20199.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46495
An #ifdef for the kernel version was missing around the header of
debugfs_create_devm_seqfile() and the LINUX_BACKPORT() was also not
done.
This closes#20181
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46492
Split the opkg.conf into three files, to make it easier to support custom
feeds and configs:
* /etc/opkg.conf -> base opkg configuration
* /etc/opkg/distfeeds.conf -> default Openwrt package feeds
* /etc/opkg/customfeeds.conf -> custom package feeds
Of these three, only the base opkg.conf and the customfeeds.conf is marked
as to be kept, so that the distfeeds.conf from the image is always used.
To ease migration, a script is added that moves any feeds from /etc/opkg.conf
to /etc/opkg/customfeeds.conf on first boot.
Also ensure that any keys used for verification are also kept in upgrade.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 46491
Ath debug mode applies to ath10k as well as ath9k.
Update Makefile help text to clarify.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
SVN-Revision: 46468
We need a+x rights on the path to the root of the jails
so we can use users other than root (like nobody)
This partly fixes jailed dnsmasq
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
SVN-Revision: 46466
request_mem_region returns NULL when requesting the region failed, and
a valid pointer when it was successful. Currently the condition is
inverted.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
SVN-Revision: 46452
The HOST_*FLAGS are for compiling programs which will run on the machine that is
running the build. Setting these flags is frequently required for unusual
cross-compiles.
Signed-off-by: Lawrence D'Anna <larry@elder-gods.org>
SVN-Revision: 46422
otherwise it's not picked up by toolchain:
staging_dir/toolchain-mipsel_24kec+dsp_gcc-4.8-linaro_musl-1.1.10/lib/gcc/mipsel-openwrt-linux-musl/4.8.3/../../../../mipsel-openwrt-linux-musl/bin/ld: cannot find -lsw
Signed-off-by: Roman Yeryomin <roman@advem.lv>
SVN-Revision: 46406
kmod-at86rf230 select REGMAP_SPI since 3.17, so add a dependency to
kmod-regmap.
Fixes the following error:
Package kmod-at86rf230 is missing dependencies for the following libraries:
regmap-core.ko
regmap-spi.ko
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 46387
Also drop the configure (not .ac) patch part as autoreconf will
overwrite it anyway with a newly generated version.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
Acked-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46385
This update adds a couple of file plugin enhancements, such as base64 support
and setting mode when files are written.
Signed-off-by: Luka Perkov <luka@openwrt.org>
SVN-Revision: 46384
Add 802.11r client support to wpa_supplicant. It's only enabled in
wpa_supplicant-full. hostapd gained 802.11r support in commit r45051.
Tested on a TP-Link TL-WR710N sta psk client with two 802.11r enabled
openwrt accesspoints (TP-Link TL-WDR3600).
Signed-off-by: Stefan Hellermann <stefan@the2masters.de>
SVN-Revision: 46377
This controls the old Broadcom switch driver which was removed over a
year ago, since then this is useless. Use swconfig instead it works
with more (Broadcom) switches.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46373
caddr_t is not defined everywhere any more, cast it the the real
pointer type of ifr_data.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46371
To improve reproducibility, prevent the inclusion of timestamps
in the gzip header.
Signed-off-by: Reiner Herrmann <reiner@reiner-h.de>
SVN-Revision: 46361
odhcpd now sends unsolicited RAs also via unicast to known link-local
neighbors. This is an attempt to work-around common smartphone issues
https://code.google.com/p/android/issues/detail?id=32662
Also NDP-relay should now work more reliably now
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 46357
Added option for old firmware version (10.1 API v2). It seems that recent
firmware versions are constantly crashing (at least on a QCA9880-BR4A-R) and
this provides the option to select an older version instead.
Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>
SVN-Revision: 46340
This updates valgrind to version 3.10.1 and make configure work with
kernel version > 4.0. This patch was taken from upstream valgrind.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46302
The musl build "fix" introduced in r45108 removed all netinet/ether.h
includes, which made the prototypes of ether_aton and ether_ntoa
unavailable. As a result, the compiler assumed they return int instead
of a pointer. This currupted the pointer on 64bit targets, causing ebtables
to segfault in commands containing MAC addresses.
Since r46161 made it possible to include both the kernel and the libc
if_ether.h as long as the libc version is included first, this patch
changes the fix to remove the linux/if_ether.h from the ebtables source
(so the fixed version from the kernel is used) and ensures netinet/ether.h
is included early.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 46292
During certificate verification, OpenSSL (starting from version 1.0.1n and
1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this
logic can mean that an attacker could cause certain checks on untrusted
certificates to be bypassed, such as the CA flag, enabling them to use a valid
leaf certificate to act as a CA and "issue" an invalid certificate.
This issue will impact any application that verifies certificates including
SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46285
Make wpan depend on not kernel 3.18 so it will get activated on all
other kernel versions like 4.0 and 4.1.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46276
Internal GPIO pins are used for PoE passthrough setups in multi-port
routers. This patch implemnets control over this hardware feature for
Ubiquiti Nanostations and TP-Link CPE510.
Signed-off-by: Lars Kruse <lists@sumpfralle.de>
SVN-Revision: 46271
This reverts commit r45579.
With the latest change r46251 ("nvram: fix "Segmentation fault" caused
by setting memory out of buffer") nvram utility shouldn't crash anymore.
It was tested on 3 brcm47xx devices:
1) Unknown with 0x10000 NVRAM size (0x8000 offset)
2) Linksys E1000 V2.1 with 0x10000 (0x8000 offset)
3) Linksys WRT300N V1 with 0x10000 (0x8000 offset)
And 3 bcm53xx devices:
1) Buffalo WZR-600DHP2 with 0x160000 NVRAM size
2) Buffalo WZR-1750DHP with 0x10000 NVRAM size
3) Netgear R6250 V1 with 0x180000 NVRAM size
(all using 0 offset)
This is an important change as it allows reading whole NVRAM. This may
critical when reading some basic configuration (e.g. switch ports).
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46253
Some MTD partitions with NVRAM have content starting in the middle. In
such case offset is set and nvram_header returns pointer to the middle.
It means we have to respect offset when calculating remaining space.
By the way use real MTD partition size (nvram_part_size variable) as we
may want to bump NVRAM_SPACE in the (very near) future.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46251
Ath10k has now a proper method of providing calibration data via
the kernel firmware API. This patch can be dropped as all boards
now use the proper method.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 46245
This changes makes it possible to store custom settings
in individual files inside the directory /etc/sysctl.d/.
Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de>
SVN-Revision: 46239
When enabled the dnsmasq DHCP server allocates the IP addresses sequentially
starting from the lowest available IP address.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 46211
reorder some parts of the patch to remove the declaration-after-
statement warning.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46205
Current firmware should work for station mode as well, and the older
firmware will usually behave worse and become unsupported over time.
Also, the MAC address handling on ar71xx is only implemented on one
firmware version.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 46197
This firmware adds support for management frames over normal
packet transport interface instead of over the WMI management
interface.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 46195
sd_mod depends on scsi_mod, but due to it being an AutoLoad and not
AutoProbe module, it was not loading when installing the package,
causing unknown symbol errors for sd_mod and anything depending on it.
Closes#14927, #18293, #19351.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 46176
We were not copying the additional files needed to get USB to work on
the AT91 platforms, make sure we do this.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
SVN-Revision: 46172
This brings curl to version 7.43.0 and contains fixes for the following
security vulnerabilities:
CVE-2015-3236: lingering HTTP credentials in connection re-use
http://curl.haxx.se/docs/adv_20150617A.html
CVE-2015-3237: SMB send off unrelated memory contents
http://curl.haxx.se/docs/adv_20150617B.html
The 100-check_long_long patch is not needed any more, because the
upstream autoconf script already checks for long long when cyassl is
selected.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46169
This patch introduces a new build error into coova-chilli, but
coova-chilli already fails to build even without it anyway. CyaSSL is
now called wolfSSL, and all the API's have been renamed, and
backward-compatibility headers added.
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46167
The g++-uc wrapper hardcodes $(STAGING_DIR) and $(TOOLCHAIN_DIR) paths which
will not work outside of the original build environment.
Replace the hardcoded staging_dir occurences with paths relative to the
$STAGING_DIR environment variable to make the g++-uc* wrappers usable in an
SDK environment.
Fixes the libdb47 build failure reported at
https://lists.openwrt.org/pipermail/openwrt-devel/2015-April/032455.html
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46162
A long time ago, ath9k had issues during reset where the DMA engine
would stay active and could potentially corrupt memory.
To debug those issues, the driver would print warnings whenever they
occur.
Nowadays, these issues are gone and the primary cause of these messages
is if the MAC is stuck during reset or busy processing a long
transmission. This is fairly harmless, yet these messages continue to
worry users.
To reduce the number of bogus bug reports, turn these messages into
debug messages and count their occurence in the "reset" debugfs file.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 46158
A duplicate include guard prevents inclusion of barrier.h in UML build and this prevents mac80211 from building.
This patch re-enables mac80211 hwsim and renames the include guard.
See https://lists.openwrt.org/pipermail/openwrt-devel/2015-June/033614.html for details.
Signed-off-by: Martin Tippmann <martin.tippmann@gmail.com>
Signed-off-by: Nicolas Thill <nico@openwrt.org>
SVN-Revision: 46133
Avoid redefining `realpath` to fix the following error:
.../include/fortify/stdlib.h:36:13: error: 'realpath' undeclared here (not in a function)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46127
Invert the `__GLIBC__` guards into `!__UCLIBC__` ones to avoid
invalid references to `_llseek` on musl.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46125
- include upstream fixes for musl compatibility
Include <sys/stat.h> for S_I* macros
d34e00b293942b1012ddc49ed3ab379a32337611
Include <linux/ioctl.h> for _IOC_* macros
3460dc486d333231998de0f19918204aacee9ae3
strace 4.8 is broken with musl on some arch
(arm: omap,oxnas according to buildbot)
compile tested only
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 46124
Boot tested: http://pastebin.com/L6aAb9xj
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
[jogo:
update to 4.1 final
add patches added since submission
delete patches applied in later rcs
restore commit messages in 220-gc-sections and 304-mips_disable_fpu
fix 050-backport_netfilter_rtcache to match new API
update inlined dma ops with upstream changes
add missing config symbols
enabled CONFIG_MULTIUSER
update kmod defintions for 4.1
]
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 46112
Without this the condition
if __BYTE_ORDER == __BIG_ENDIAN
was always true.
Thanks Szabolcs.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46105
There are two important patches in this patchset: updating read pointer
quicker & rework of .get_station().
There are few more upstream patches that are p2p-related and weren't
backported in this commit.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46084
So far we got only one generic function accessing this table, but
implementing optimizations will require calculating crc32 in other code
parts as well.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46077
This fixes some build problems with musl. The binary only program
nas.exe wants to link against __assert, which is copied from uClibc.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46021
On bcm53xx we still need usb-ohci to support USB 1.1 devices and it
obviously needs bcma-hcd.ko that will init controller and register
platform device.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45994
This one cannot possibly work, as it depends on cfg80211, which is built
out of tree.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 45985
Besides source.tgz, 001-elfutils-portability.patch (provided by upstream
project) where updated.
Other patches where updated to fix hulk warnings and minor conflicts.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
SVN-Revision: 45984
elfutils is required by perf. So we'll move this package from
packages.git and make it part of the core distribution.
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
SVN-Revision: 45969
bzip2 is required by elfutils, itself required by perf. So we'll move
this package from packages.git and make it part of the core
distribution.
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
SVN-Revision: 45968
argp-standalone is required by elfutils, itself required by perf. So
we'll move this package from packages.git and make it part of the core
distribution.
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
SVN-Revision: 45967
This is for security precautions. As persist_tun and persist_key are
already there, this should not cause compatibility issue.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
SVN-Revision: 45961
- fix iconv detection because it adds host paths
- disable python detection (host python-config is found)
iconv issue is reported by buildbot config.log + replicated locally
see config.log in logs.tar.gz
python issue observed locally on Arch Linux
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 45953
Adds PPP unnumbered support via the parameter unnumbered which points to a logical OpenWRT interface.
The PPP proto shell handler will "borrow" an IP address from the unnumbered interface (if multiple
IP addresses are present the longest prefix different from 32 will be "borrowed") for which a host
interface dependency will be created. Due to the host interface dependency the PPP unnumbered interface
will only "borrow" an IP address from an interface which is up.
The borrowed IP address will be shared as local IP address by the PPP daemon and no other local IP
will be accepted from the peer in the IPCP negotiation.
A typical use case is the usage of a public IP subnet on the Lan interface which will be shared
by the PPP interface as local IP address.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 45948
Commit 31214c38c8dd0f70366b523f9b0335145b9386bd removes IPv6 unneeded source-dest-routing workarounds;
as a result sourcerouting parameter is unused and can be removed.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 45940
Commit 31214c38c8dd0f70366b523f9b0335145b9386bd removes IPv6 unneeded source-dest-routing workarounds;
as a result sourcerouting parameter is unused and can be removed.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 45939
This allows e.g. BCM43602 to work out of box, without dumping a proper
MTD partition to /lib/firmware/ NVRAM file.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45931
They are useless, as the platform already selects the right options for
NAND support. The main reason for removing them is the fact that it
makes kernel configs more annoying to maintain on platforms that provide
NAND drivers but disable them (e.g. ramips)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 45919
Add three download mirrors for 'grub', as the Makefile currently defines only
one download location.
@GNU can not be used, as the most recent version of 'grub' is not available
at the general GNU mirrors, and can only be found at the "gnu-alpha" mirrors.
Signed-off-by: Hannu Nyman <hannu.nyman at iki.fi>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 45909
get_image allows passing 2nd argument that is used in a pipe for
extracting firmware from a non-native format. By accepting such command
in default_do_upgrade we allow platforms to use this helper for vendor
specific images.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45900
trx.c in mtd would not include endian.h, so on systems that do not have
this header implicitly included from the other headers (like musl), both
__BYTE_ORDER and __BIG_ENDIAN would be undefined and thus 0, leading to
it always presuming a big-endian system. this would lead to issues when
running mtd fixtrx on little-endian systems, as it would never recognize
the TRX magic as result of the broken STORE32_LE() macro.
Signed-off-by: Shiz <hi@shiz.me>
Tested-by: Shiz <hi@shiz.me>
SVN-Revision: 45896
These are two new packet schedulers introduced in Linux 3.12 and 3.14
respectively. sch_fq is a perfect fairness queueing scheduler that also
adds pacing on host TCP flows, and sch_pie is an AQM.
Having them available in kmod-sched makes it easier for people to test
these new queueing schemes.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
SVN-Revision: 45885
there is a conceptual design flaw in our interface events. workaround this by
disabling duplicate message supression in procd. we need to fix this properly
for the next release
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 45883
This patch is taken from the gentoo guys who extracted this from a large
upstream commit (with many unrelated changes).
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 45878
this is an ugly hack that will be removed when the netifd maintainers
have time to look at the problem.
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 45876
We just moved the stmmac support in the kernel for ipq806x. Therefore,
nobody needs this driver so we'll just get rid of it.
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
SVN-Revision: 45872
Add dependency of kmod-crypto-ecb to kmod-bluetooth to avoid the kernel warning
"Bluetooth: Unable to create crypto context".
Signed-off-by: Bruno Randolf <br1@einfach.org>
SVN-Revision: 45860
This prevents auto-detection of libxml2 and thus the error:
Package lldpd is missing dependencies for the following libraries:
libxml2.so.2
Preventing a dependency to libxml2 is preferred, since libxml2
would be a out-of-(core-)tree dependency.
Reported-by: Buildbot
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
SVN-Revision: 45859
Before starting hostapd we create interface for it. The problem is we
try to create STA interface just to let hostapd change it to AP later.
It may fail if device doesn't support STA interfaces or if we already
hit a limit. Consider following phy (it's from BCM43602 and brcmfmac):
$ iw phy phy0 info | tail
valid interface combinations:
* #{ IBSS, managed } <= 1, #{ AP } <= 4, #{ P2P-client, P2P-GO } <= 1, #{ P2P-device } <= 1,
total <= 3, #channels <= 1
Trying to setup 2 interfaces: STA + AP results in:
radio0 (1101): command failed: Operation not supported (-95)
radio0 (1101): command failed: Operation not supported (-95)
radio0 (1101): command failed: Operation not supported (-95)
radio0 (1101): command failed: Operation not supported (-95)
radio0 (1101): Configuration file: /var/run/hostapd-phy0.conf
radio0 (1101): Could not read interface wlan0-1 flags: No such device
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45856
nss-gmac has been replaced by its upstream counterpart "stmmac", to
which we added the SoC glue layer required for it to run on IPQ806x.
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
SVN-Revision: 45832
This fixes various problems with parsing platform NVRAM. It's required
to get BCM43602 working in most cases.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45802
This introduces a common macro to assemble the correct url templates to
avoid code duplication and have the feed config handling in a central place.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45799
* Rework hostapd and wpa_supplicant status parsing code
* Add support for querying available HT rates
* Relax definition of restricted channels
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45766
When CONFIG_PER_FEED_REPO_ADD_DISABLED is set, trigger index creation for
any available feed, regardless of whether there where binaries built or not.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45765
Use shared libipt{,4,6}ext.so libraries instead of statically linking
the userspace matches into the fw3 executable.
As a side effect the match initialization is extremely simplified
compared to the weak function pointer juggling performed before.
This also fixes the initialization of the multiport match.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45764
* drop unused lenient restore patch
* instead of statically linking core extensions, build shared libraries
for reuse in fw3
* strip outdated match revisions and aliases to trim down library size
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45758
modules relating to CONFIG_USB_AUDIO
Kernel <2.6.35 is not supported in trunk
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 45734
If the first resolveip call will fail, peeraddr will be now empty, and
the subsequent resolveip call will try to resolve an empty string.
Fix this by storing the result in a temporary variable.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 45712
3.18.12 backported 61ada528dea028331e99e8ceaed87c683ad25de2 ("sched/wait:
Provide infrastructure to deal with nested blocking") from 3.19, causing
the following error on load:
[ 13.588000] compat: exports duplicate symbol woken_wake_function (owned by kernel)
Fix this by guarding it with a check for 3.18.11 or earlier instead of
3.19.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 45710
Instead of stripping everything after the first dot, strip everything
after the last dot.
This fixes pre-/postrm actions for packages with a dot in their name,
like libusb-1.0.
Fixes#19668.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 45702
Bump dnsmasq to v2.73rc8
Important - fixes remotely exploitable buffer overflow introduced in all v2.73 test/release candidates.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
SVN-Revision: 45693
hand over parameters to user-script e.g. $1=deconfig
Signed-off-by: Leon George <leon@georgemail.de>
Signed-off-by: Christian Mehlis <christian@m3hlis.de>
SVN-Revision: 45626
fixes compile error:
(observed w. target arm64, all kernel build opts enabled)
error: call to '__open_missing_mode' declared with attribute
error: open with O_CREAT in second argument needs 3 arguments
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 45625
