Add actual mirror and use main site as last resport
Source: http://www.tcpdump.org/mirrors.html
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit fd95397ee3)
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Conflicts:
package/network/utils/tcpdump/Makefile
Setting ipv6 to auto in case of a pppoe interface will trigger the
creation of a dynamic wan_6 interface meaning two IPv6 interfaces
(wan6 and wan_6) will be active on top of the pppoe interface.
This leads to unpredictable behavior in the network; therefore set
ipv6 to 1 which will prevent the dynamic creation of the wan_6
interface.
Further alias the wan6 interface on top of the wan interface for pppoe
as the wan6 interface can only be started when the link local address is
ready. In case of pppoe the link local address is negotiated during the
Internet Protocol Control Protocol when the PPP link is setup meaning
all the IP address info is only available when the wan interface is up.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Fix multiple syntax errors in shelscripts (of packages only)
These errors were causing many conditions to not working properly
Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
[increase PKG_RELEASE, drop command substitution from directip.sh]
Signed-off-by: Mathias Kresin <dev@kresin.em>
ifname variable were not assigned due to syntax error
causing the hostapd config file to have an empty iapp_interface= option
Signed-off-by: Lorenzo Santina <lorenzo.santina.dev@gmail.com>
Don't return arcount=1 if EDNS0 RR won't fit in the packet.
Omitting the EDNS0 RR but setting arcount gives a malformed packet.
Also, don't accept UDP packet size less than 512 in received EDNS0.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Remove LEDE partial fix for CVE-2017-13704.
Backport official fix from upstream.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (PKG_RELEASE increase)
Override the failing check in configure with CONFIGURE_VARS instead of
carrying a patch that's unlikely to be accepted by upstream.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
(cherry picked from commit d87f27af54)
At some point kernel.org decided to drop xz generated tarballs, switch to gz which they still provide.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Fix SIGSEGV in rfc1035.c answer_request() line 1228 where memset()
is called with header & limit pointing at the same address and thus
tries to clear memory from before the buffer begins.
answer_request() is called with an invalid edns packet size provided by
the client. Ensure the udp_size provided by the client is bounded by
512 and configured maximum as per RFC 6891 6.2.3 "Values lower than 512
MUST be treated as equal to 512"
The client that exposed the problem provided a payload udp size of 0.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
Since mbedtls 2.5.1, SHA1 has been disallowed in TLS certificates.
This breaks openvpn clients that try to connect to servers that
present a TLS certificate signed with SHA1, which is fairly common.
Run-tested with openvpn-mbedtls 2.4.3, LEDE 17.01.2, on ar71xx.
Fixes: FS#942
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
With failsafe disabled there is no point in early network setup. We
don't send announcement over UDP and there is no way to ssh to the
device.
A side effect of this is avoiding a possibly incorrect network config
(only with failsafe disabled). This problem is related to possible
changes made by user in /etc/config/network.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Remove ping check in DHCPDISCOVER case as too many buggy clients leave
an interface in configured state causing the ping check to fail.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The tftp and irc netfilter modules are provided by nf-nathelper-extra
and not by nf-nathelper.
Signed-off-by: Uwe Arnold <donvipre@gmail.com>
[move the irc module as well]
Signed-off-by: Mathias Kresin <dev@kresin.me>
Backport upstream dnsmasq patch fixing DNS failover when first servers
returns REFUSED in strict mode; fixes issue FS#841.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The following changes are backported from the master branch
bdcb075 libfstools: fix matching device name
(f038a61 on master)
ef2d438 fstools: use -Wno-format-truncation instead of -Wno-error=format-truncation
(c43ae11 on master)
d361923 build: disable the format-truncation warning error to fix gcc 7 build errors
(a19f2b3 on master)
cddc830 libfstools: silence mkfs.{ext4,f2fs}
(88d48d5 on master)
be5004c libfstools: add basic documentation of mount functions
(92b4c2c on master)
34d36c2 add missing includes
(7d78836 on master)
A previously added hotfix was replaced by a git commit, hence the patch
file is removed and we got instead
45c2a6f libfstools: fix multiple volume_identify usages with the same volume
(633a8d0 on master)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Don't start ping-check of address in DHCP discover if there already
exists a lease for the address. It has been reported under some
circumstances android and netbooted windows devices can reply to
ICMP pings if they have a lease and thus block the allocation of
the IP address the device already has during boot.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The following commits have been cherry-picked into the lede-17.01
branch of procd, listed here in git-log-order ie. with head first:
89918c8 system: introduce new attribute board_name
(79bbe6d and 453116e on master branch)
8297c38 preinit: define _GNU_SOURCE
(e5b963a on master branch)
8fd57dd upgraded: cmake: Find and include uloop.h
(e5ff8ca on master branch)
6b0da20 hotplug: fix a memory leak in handle_button_complete()
(f367ec6 on master branch)
558ffb5 service/service_stopped(): fix a use-after-free
(796ba3b on master branch)
22f89e1 upgraded: define __GNU_SOURCE
(e7bb2c8 on master branch)
6e8ea8b rcS: add missing fcntl.h include
(992b796 on master branch)
cd5225d procd/rcS: Use /dev/null as stdin
(d42b21e on master branch)
5131bec procd: Log initscript output prefixed with script name
(1247db1 on master branch)
225b18d procd: Don't use syslog before its initialization
(8d720b2 on master branch)
889442c procd: Add missing \n in debug message
(2555474 on master branch)
2716228 procd: service gets deleted when its last instance is freed
(8f218f5 on master branch)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Including version.mk sets PKG_CONFIG_DEPENDS to config entries used for
VERSION_SED command. We should keep these configs to make sure package
gets refreshed when needed.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Fixes some security issues (no remote exploits), and introduces
some changes. See release notes for details:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.5.1-2.1.8-and-1.3.20-released
* Fixes an unlimited overread of heap-based buffers in mbedtls_ssl_read()
* Adds exponent blinding to RSA private operations
* Wipes stack buffers in RSA private key operations (rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_oaep_decrypt())
* Removes SHA-1 and RIPEMD-160 from the default hash algorithms for certificate verification.
* Fixes offset in FALLBACK_SCSV parsing that caused TLS server to fail to detect it sometimes.
* Tighten parsing of RSA PKCS#1 v1.5 signatures, to avoid a potential Bleichenbacher/BERserk-style attack.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
This reverts commit 78edfff530.
This breaks local dns resolving in case noresolv=1 as resolv.conf is not
populated anymore with 127.0.0.1 as resolvfile does not equal
/tmp/resolv.conf.auto anymore.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* Change network_get_subnet6() to sensibly guess a suitable prefix
Attempt to return the first non-linklocal, non-ula range, then attempt
to return the first non-linklocal range and finally fall back to the
previous behaviour of simply returning the first found item.
* Fix network_get_ipaddrs_all()
Instead of replicating the flawed logic appending a fixed ":1" suffix
to IPv6 addresses, rely on network_get_ipaddrs() and network_get_ipaddrs6()
to build a single list of all interface addresses.
* Fix network_get_subnets6()
Instead of replicating the flawed logic appending a fixed ":1" suffix
to IPv6 addresses, rely on the ipv6-prefix-assignment.local-address
field to figure out the proper network address.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Rework the network_get_ipaddr6() and network_get_ipaddrs6() functions to
fetch the effective local IPv6 address of delegated prefix from the
"local-address" field instead of naively hardcoding ":1" as static suffix.
Fixes FS#829.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Overwrite an already set proto if a new one is passed to
_ucidef_set_interface() similar to what is done for the interface.
It is required when using ""ucidef_set_interface_wan 'ptm0' 'pppoe'"
after some initial wan interface configuration is already done by
ucidef_add_switch.
The "json_is_a protocol string" guard is meant to not reset an earlier
set interface proto in case something like
"ucidef_set_interface_lan 'eth0'" is used afterwards.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The umdns init script includes function/network.sh globally, outside of any
service procedure. This causes init script activation to fail in buildroot
and IB context if umdns is set to builtin.
Additionally, the network.sh helper is not actually used.
Drop the entire include in order to repair init script activation in build
host context. Fixes FS#658.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This is a cumulative backport of multiple dnsmasq update commits in master.
Drops three LEDE specific patches which are included upstream and another
patch which became obsolete. Remaining LEDE specific patches are rebased.
Fixes FS#766 - Intermittent SIGSEGV crash of dnsmasq-full.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
If there's a TFTP root directory configured, create it with mkdir -p
(which does not throw an error if the folder exists already)
before starting dnsmasq. This is useful for TFTP roots in /tmp, for example.
Originally submitted by nfw user aka Nathaniel Wesley Filardo
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
The relay section should use the logical interface name and
not the linux network device name directly. This to be
consistent with other sections of the dnsmasq config where
'interface' means the logical interface.
Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
If noresolv is set, we should not generate a --resolv-file parameter.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [minor cleanup]
Brings the following changes:
22f041e18df0 Extend StandardEject sequence to include LUN 1
61fdf7e9b1cc cmake: Search for libjson-c
2769852e76b5 cmake: Find libubox/blobmsg_json.h
8a47c4b6649f add TargetClass support
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
The previous CVE bugfix commit did not adjust PKG_RELEASE, therefor the
fixed samba package does not appear as opkg update.
Bump the PKG_RELEASE to signify upgrades to downstream users.
Ref: https://forum.lede-project.org/t/sambacry-are-lede-devices-affected/3972/4
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update to latest Git HEAD in order to import a number of fixes and other
improvements:
a4d98ae options: remove stray continue statement
3d2c18a options: improve handling of negations when parsing space separated values
0e5dd73 iptables: support -i, -o, -s and -d in option extra
4cb06c7 ubus: increase ubus network interface dump timeout
e5dfc82 iptables: add exception handling
f625954 firewall3: add check_snat() function
7d3d9dc firewall3: display the section type for UBUS rules
53ef9f1 firewall3: add UBUS support for include scripts
5cd4af4 firewall3: add UBUS support for ipset sections
02d6832 firewall3: add UBUS support for forwarding sections
0a7d36d firewall3: add UBUS support for redirect sections
d44f418 firewall3: add fw3_attr_parse_name_type() function
e264c8e firewall3: replace warn_rule() by warn_section()
6039c7f firewall3: check the return value of fw3_parse_options()
c328d1f build: use -Wno-format-truncation instead of -Wno-error=format-truncation
e06e537 utils: replace sprintf use with snprintf to avoid overflows
533f834 build: disable the format-truncation warning error to fix gcc 7 build errors
e751cde zones: drop outgoing invalid traffic in masqueraded zones
d596f72 rules: fix UCI context in error reporting
1d0564c ubus: fix interface name and proto lookup
82ccd9e firewall3: fix handling of UTC times
1949e0c iptables: support xtables API > 11
Fixes FS#548, FS#640, FS#806, FS#811.
Ref: https://forum.lede-project.org/t/nat-leakage-on-tl-wr1043nd-v4/1712
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
One of the latest mac80211 updates added sanity checks, requiring the
beacon intervals of all VIFs of the same radio to match. This often broke
AP+11s setups, as these modes use different default intervals, at least in
some configurations (observed on ath9k).
Instead of relying on driver or hostapd defaults, change the scripts to
always explicitly set the beacon interval, defaulting to 100. This also
applies the beacon interval to 11s interfaces, which had been forgotten
before. VIF-specific beacon_int setting is removed from hostapd.sh.
Fixes FS#619.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Setting legacy_rates to 0 disables 802.11b data rates.
Setting legacy_rates to 1 enables 802.11b data rates. (Default)
The basic_rate option and supported_rates option are filtered based on this.
The rationale for the change, stronger now than in 2014, can be found in:
https://mentor.ieee.org/802.11/dcn/14/11-14-0099-00-000m-renewing-2-4ghz-band.pptx
The balance of equities between compatibility with b clients and the
detriment to the 2.4 GHz ecosystem as a whole strongly favors disabling b
rates by default.
Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup, defaults change]
Do not select the qca988x by default as soon as kmod-ath10k is
selected. We do support more ath10k chips than the qca988x in the
meantime, so this dependency doesn't make sense any longer.
Signed-off-by: Mathias Kresin <dev@kresin.me>
binutils 2.27 checks if the target compiler supports -Wstack-
usage=262144, and also uses this setting for the host compiler. If the
host compiler is gcc < 4.9 binutils build will fail. This backports 2
commits which are fixing this problem for binutils 2.28.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Fix build of scriptreplay with uClibc.
Some parts of the libm detection were backported to 2.29.2, but some
parts were missing, which are added here. This patch is needed when
libm is a separate library, this is not needed for LEDE master, because
libm is there integrated in the libc for uClibc and musl.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
- Security: Fix double-free in server TCP listener cleanup A double-free
in the server could be triggered by an authenticated user if dropbear is
running with -a (Allow connections to forwarded ports from any host)
This could potentially allow arbitrary code execution as root by an
authenticated user. Affects versions 2013.56 to 2016.74. Thanks to Mark
Shepard for reporting the crash.
CVE-2017-9078 https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c
- Security: Fix information disclosure with ~/.ssh/authorized_keys
symlink. Dropbear parsed authorized_keys as root, even if it were a
symlink. The fix is to switch to user permissions when opening
authorized_keys
A user could symlink their ~/.ssh/authorized_keys to a root-owned file
they couldn't normally read. If they managed to get that file to contain
valid authorized_keys with command= options it might be possible to read
other contents of that file.
This information disclosure is to an already authenticated user.
Thanks to Jann Horn of Google Project Zero for reporting this.
CVE-2017-9079 https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123
Refresh patches, rework 100-pubkey_path.patch to work with new
authorized_keys validation.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
This includes following changes:
0e8b948 Support specifying instance name in JSON file
49fdb9f Support PTR queries for a specific service
26ce7dc Allow filtering with instance name in service_reply
920c62a Store instance name in the struct service
ff09d9a Rename service_name function to the service_instance_name
64f78f1 Rename mdns_hostname variable to the umdns_host_label
Previous package update pulled commit 70c66fbbcde86 ("Fix sending
replies to PTR questions") which introduced a regression which this
update fixes.
Fixes: 474c31a20d ("umdns: update to the version 2017-03-21")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Add rut5xx GPIO PIN selection to om-package startup script.
Testet on a RUT500 device, the timeout value of the hardware watchdog
is about 280 sec.
Signed-off-by: Steffen Weinreich <steve@weinreich.org>
[split into two commits, bump PKG_RELEASE]
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Update OpenVPN to 2.4.1
Remove 200-small_build_enable_occ.patch as it's included upstream.
Refresh patches
Add mirror and switch to HTTPS
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
This change protects the openvpn instances to be marked as "in a crash
loop" and thereby the connection retries will run infinitely.
When the remote site of an openvpn connection goes down for some time
(network failure etc.) the openvpn instance in an openwrt/lede device
should not stop retrying to establish the connection.
With the current limit of 5 retries, there is a user interaction
required, which isn't really what you want when the device should
simply do everything to keep the vpn connection up.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Configuring dhcp_option as an option does not allow the usage of white
spaces in the option value; fix this by supporting dhcp_option as a list
config while still supporting the option config to maintain backwards
compatibility
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Commit 2036ae4 (base-files: support hostname and ntp servers through board.d)
was supposed to implement these procedures but lacked the required changes
to uci-defaults.sh.
Add the missing procedures now to fix config generation on targets relying
on hostname or NTP server presetting.
Fixes FS#754.
Reported-by: Cristian Morales Vega <cristian@samknows.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
update RF register 47 and 54 values according to vendor driver
Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: moved changes into a separate patch]
Use register values from init LNA function instead of the ones from
restore LNA function. Apply register values based on rx path
configuration.
Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: moved changes into a separate patch]
Some of our local patches have been accepted upstream. And there are
some more relevant changes (mostly for rt2800usb). Import them and
rebase our remaining local patches on top.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Introduce RT6352 instead of matching against RF7620.
Clean up channel setting rfvals.
Port bandwidth filter calibration.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
So here is another round of improvements for MT7620 WiFi.
This commit fixes a few significant issues related to TX_PWR_CFG_x and
TX_ALC and also makes the code more readable by adding register
descriptions for things added for MT7620 and use the usual bit-field
access macros and the now defined macros instead of plain bit-ops and
magic numbers.
Properly describe EEPROM_TARGET_POWER at word 0x68 (== byte 0xD0) and
thereby fix internal TXALC which would otherwise just read
out-of-bounds of the EEPROM map.
Split-out tx-power/ALC related stuff into an additional function.
Fix VCO calibration, it was carried out properly in the channel
switching but incomplete in the actual VCO calibration function.
Also there is no need to trigger VCO calibration in channel switching,
the VCO calibration function is already being called at this point.
Remove it from channel switching function to avoid redundant code.
The TX power calibration differs significantly from all other
Mediatek/Ralink chips: They finally allow 0.5dB steps stored as 8-bit
values for (almost) each bitrate -- and promptly ran out of space and
for some reason didn't want to change the EEPROM layout. The hence
opted for a scheme of sharing values for some adjecent bitrates and
a highly over-complicated (or obfuscated?) way to populate the
TX_PWR_CFG_x registers with the values stored in the EEPROM.
The code here now looks much less complicated than what you see in the
vendor's driver, however, it does the exact same thing:
bGpwrdeltaMinus is a constant and always TRUE, hence half of the
code was dead. Gpwrdelta is always 0 (rather than using the value read
from the EEPROM). What remains is some very grotesque effort to avoid
0x20, probably some hardware bug related to some misunderstanding of
what a singed 8-bit value is (imagine: if it was a signed 6-bit value
then someone could believe that 0x20 == 0x0). And then they didn't
clean it up once they later on anandonned that whole story of having a
constant offset for 40 MHz channels and just set the offset to be
constant 0 -- there is no effort for avoiding 0x20 for the 20 MHz
values stored in the EEPROM, hence that's probably just a forbidden
value in the EEPROM specs and won't appear anyway...
Anyway, the whole thing felt like solving some college math test
where in the end everything cancels out and the result equals 0 ;)
To make sure that channel bandwidth power compensation really doesn't
need to be taken care of, output a warning when the corresponding
value stored in the EEPROM is non-zero.
Also there is no apparent reason to refrain from initializing RFCSR
register 13, it doesn't fail what-so-ever.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The tx power applied by set_txpower is limited by the CTL (conformance
test limit) entries in the EEPROM. These can change based on the user
configured regulatory domain.
Depending on the EEPROM data this can cause the tx power to become too
limited, if the original regdomain CTLs impose lowr limits than the CTLs
of the user configured regdomain.
To fix this issue, set the initial channel limits without any CTL
restrictions and only apply the CTL at run time when setting the channel
and the real tx power.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
If a device uses the default EEPROM code, typically only the main CTLs
are valid, and they do not apply properly when switching to a different
regulatory domain. If the regdomain deviates from the EEPROM one, force
the world roaming regdomain to ensure that power limits are sane
Signed-off-by: Felix Fietkau <nbd@nbd.name>
9268ca6 ndp: don't trigger IPv6 ping when neighbor entry is invalid
2b3355f ndp: fix adding proxy neighbor entries
7dff5b4 ndp: fix wrong interface name in syslog message
a54afb5 dhcpv6-ia: Fix segfault when writing DHCPv4 leases in state file
c0e9dbf ubus: don't segfault when there're no leases
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Fixes build issues with some toolchains that don't add lcrypt in the default
search paths:
CMakeFiles/rpcd.dir/session.c.o: In function `rpc_login_test_password':
build_dir/target-mipsel-linux-gnu/rpcd-2016-12-03-0577cfc1/session.c:823: undefined reference to `crypt'
collect2: error: ld returned 1 exit status
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Due to an oversight during patch conflict resolution, the PKG_VERSION got
accidentially bumped instead of the PKG_RELEASE field.
Revert the bad version change as there exists no upstream 1.25.2 version.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When invoking "nslookup_lede" with a domain argument and without explicit
query type, issue both A and AAAA queries and display the resulting IP
addresses in a numbered list style, similar to how the old BusyBox nslookup
used to output the records.
This is required for compatibility with certain scripts.
Ref: https://forum.lede-project.org/t/nslookup-ipv6-in-lede-17-01-1
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The ":*" optstring syntax was only recently introduced with BusyBox v1.26,
older versions need a corresponding hint in the "opt_complementary" variable
to denote flag values that should be stored as llist entries.
Add the required opt_complementary entry to fix random SIGBUS, SIGILL or
SIGSEGV related crashes on BusyBox 1.25.x when attempting to use the "-q"
flag of the "nslookup_lede" applet.
Ref: https://forum.lede-project.org/t/nslookup-ipv6-in-lede-17-01-1
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fixes FS#684 with commit 21a4bd0
Changes since current version. All changes except the ones prefixed
with asterisks are for bugfixes. Module aliases awareness is expected
by the kernel to be a basic facility and is required for properly
initializing wireguard.
16f7e16 syslog: remove unnecessary sizeof struct between messages
21a4bd0 kmodloader: modprobe: return 0 for loaded modules
3dc78a4 kmodloader: don't store aliases info in struct module
c553354 cmake: fix typo
8973576 kmodloader: fix not being able to find some modules
fce9382 cmake: Check for getrandom system call
ac2d43e kmodloader: support '-q' quiet option
*f8d3d16 ubox: Add an option for more accurate timestamps in log
14839f0 kmodloader: make insert_module() idempotent
*6e3c6dc kmodloader: add module alias awareness
9371411 kmodloader: fix out-of-bound access when parsing .modinfo
a62c946 kmodloader: modprobe: skip possible command line arguments
*46a4b5f kmodloader: log to kmsg when loading directories of modules
eacc426 kmodloader: remove redundant glob wildcard char
8488bb5 ubox: Initialize conditionally uninitialized variabled
db070f1 ubox: Fix some memory leaks
acc48b5 kmodloader: Fix typo in error message
Size comparison on x86_64 host
function old new delta
main 2190 2344 +154
scan_module_folder 665 793 +128
alloc_module_node - 113 +113
.rodata 946 1036 +90
alloc_module 202 245 +43
free_modules 77 119 +42
load_modprobe 209 237 +28
scan_loaded_modules 241 265 +24
avl_modcmp 45 67 +22
insert_module 204 224 +20
find_module 13 30 +17
static.optind@@GLIBC_2 - 4 +4
static.load_moddeps 118 117 -1
scan_module_folders 55 54 -1
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 10/2 up/down: 685/-2) Total: 683 bytes
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
The current way of creating a STAMP_CONFIGURED filename for OpenSSL can
lead to an extremely long filename that makes touch unable to create it,
and fail the build.
Use mkhash to produce a hash against OPENSSL_OPTIONS which creates a
shortert stamp file,
Fixes#572
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Protect any IPv6 related with appropriate guards to fix compilation with
disabled IPv6 support in Busybox.
Fixes#728.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Since the LEDE nslookup applet is already specific to LEDE, move the
libresolv detection into the busybox Makefile that LEDE uses.
This fixes builds with external toolchains that don't automatically
search for headers and/or libraries without being told so.
Fixes: de5b8e5d2f ("busybox: add musl compatible nslookup replacement")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Add an alternative nslookup applet implementation which is compatible with
musl libc wrt. name server selection and which supports a number of additional
features such as query type selection.
Fixes#155, #217
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update util-linux to 2.29.2
Remote 0001-fix-uClibc-ng-scanf-check.patch as it's been merged upstream.
Refresh patches
Change ncurses to ncursesw to fix compilation and avoid confusion
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [remove faulty dependency changes]
Commit 131db36 "build: remove separate /install step for host builds" dropped
the package/*/host/install targets in favor to performing the install steps
within the compile target instead.
Adjust package/Makefile accordingly in order to prevent a missing
staging_dir/host/bin/opkg when staging package archives into the rootfs.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>