Commit Graph

38326 Commits

Author SHA1 Message Date
Felix Fietkau
1aedf2f149 tools/squashfs: use host cflags
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 20d363aed3)
2017-12-13 16:41:40 +01:00
Hauke Mehrtens
7fa70027d4 ppp: make the patches apply correctly again
This fixes a compile problem recently introduced by me.

Fixes: f40fd43ab2 ("ppp: fix compile warning")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a29848c671)
2017-12-13 16:40:21 +01:00
Hauke Mehrtens
d63eb474b3 ppp: fix compile warning
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f40fd43ab2)
2017-12-13 16:40:21 +01:00
Hans Dedecker
9bd667fc24 dropbear: fix PKG_CONFIG_DEPENDS
Add CONFIG_DROPBEAR_UTMP, CONFIG_DROPBEAR_PUTUTLINE to PKG_CONFIG_DEPENDS

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 834c93e00b)
2017-12-13 16:38:28 +01:00
Marcin Jurkowski
9d1bfb8f4d dropbear: make ssh compression support configurable
Adds config option to enable compression support which is usefull
when using a terminal sessions over a slow link. Impact on binary
size is negligible but additional 60 kB (uncompressed) is needed for
a shared zlib library.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
(cherry picked from commit a816e1eac7)
2017-12-13 16:37:14 +01:00
Michal Sojka
ed4f4f1a8e procd: Install seccomp-trace symlink
Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
(cherry picked from commit 1a5bf778fb)
2017-12-13 16:36:38 +01:00
Magnus Kroken
77e79b2dd0 openvpn: update to 2.4.4
Fixes CVE-2017-12166: out of bounds write in key-method 1.

Remove the mirror that was temporarily added during the
2.4.3 release.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit a9a37526a9)
2017-12-13 16:36:02 +01:00
Philip Prindeville
5beb0abc83 build: remove @ as it's causing an error
Since $(DownloadMethod/unknown) is being invoked in the expansion of
$(call locked ...) anyway, you can't have an @ because the shell
doesn't know what to do with it.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit 76ba01a392)
2017-12-13 16:34:40 +01:00
Philip Prindeville
eff1f7e7ef usbutils: avoid duplicating the git revision
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit 3008fc9a7b)
2017-12-13 16:34:10 +01:00
Florian Fainelli
9cf371c1f4 dnsmasq: Pass TARGET_CPPFLAGS to Makefile
With the introduction of the ubus notifications, we would now fail building
dnsmasq with external toolchains that don't automatically search for headers.
Pass TARGET_CPPFLAGS to the Makefile to resolve that.

Fixes: 34a206bc11 ("dnsmasq: add ubus notifications for new leases")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit ef485bb23d)
2017-12-13 16:33:33 +01:00
Alexandru Ardelean
2f80d84638 wwan: json format in some modem definitions
Method used:
```
cd package/network/utils/wwan/files/data
sed -e 's/}}/}/g' -i *
sed -e 's/}\t"acm": 1/\t"acm": 1/g' -i *
sed -e 's/}\t"generic": 1/\t"generic": 1/g' -i *
```

Manually adjusted commas.
Validated with
```
for f in `ls` ; do echo $f ; python -m json.tool < $f || break ; done
```

Thanks to @lynxis for pointing out the commas.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit ad510c4d62)
2017-12-13 16:32:39 +01:00
Stijn Tintel
c61cf4a447 base-files: add /etc/profile.d to conffiles
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit ef255fc57e)
2017-12-13 16:30:13 +01:00
Stijn Tintel
bdc998c696 base-files: order conffiles alphabetically
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 8446d3de05)
2017-12-13 16:30:12 +01:00
Karl Palsson
c58e824acc procd: mdns: Support txt values with spaces
Properly quote the arguments so that you can register a service with TXT
entries that contains spaces.

Example:
   procd_add_mdns myservice tcp 9999 "key=descriptive text field 1" \
         "another=something equally verbose"

Output before:
$ avahi-browse -r -v _myservice._tcp
_myservice._tcp      local
   hostname = [blah.local]
   address = [192.168.255.74]
   port = [9999]
   txt = ["verbose" "equally" "another=something" "1" "field" "text" "key=descriptive"]

Output now:
$ avahi-browse -r -v _myservice._tcp
_myservice._tcp      local
   hostname = [blah.local]
   address = [192.168.255.74]
   port = [9999]
   txt = ["another=something equally verbose" "key=descriptive text field 1"]

Signed-off-by: Karl Palsson <karlp@etactica.com>
(cherry picked from commit 7a423c389a)
2017-12-13 16:29:22 +01:00
João Chaínho
aaa73fea36 ar71xx: fix switch port numbering on RB750r2 and RB750UPr2
This patch fixes the switch port numbering on Mikrotik RB750r2 (hEX lite) and RB750UPr2 (hEX PoE lite).
Tested on a RB750UPr2. Maybe this patch is applicable to other devices (e.g. RB951Ui-2nD, RB952Ui-5ac2nD) but I have no way to test them.

Signed-off-by: João Chaínho <joaochainho@gmail.com>
(cherry picked from commit 61027e3430)
2017-12-13 16:29:22 +01:00
Zoltan Gyarmati
b69ea02a00 scripts/dowload.pl: use glob to expand target dir
If CONFIG_DOWNLOAD_FOLDER is set to for example "~/dl", the download
script fails to create the .hash and .dl files with the following
errors:
 Cannot create file ~/dl/dropbear-2017.75.tar.bz2.dl: No such file or directory
 sh: 1: cannot create ~/dl/dropbear-2017.75.tar.bz2.hash: Directory nonexistent

If the tarball already exists in the ~/dl dir, it's properly found and
used, so this issue only affects the download.pl script.
 This patch calls glob() on the target dir parameter, which will expand `~`.

Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
(cherry picked from commit 0a761fe8ef)
2017-12-13 16:29:22 +01:00
Rosen Penev
80a22eee4b samba36: Remove syslog and load printers lines.
printer support is removed using 200-remove_printer_support.patch. the syslog parameter requires samba to be compiled with --with-syslog. Currently samba does not log to syslog and probably has not for a long time.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 343e3d2ba8)
2017-12-13 16:29:22 +01:00
Rosen Penev
71797b6eca samba36: Don't resolve interfaces.
It's redundant and also buggy. IPv6 link local addresses and ::1 are not resolved for example. Doesn't matter since lo and br-lan for example, resolve to them.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
(cherry picked from commit b2f60e6a72)
2017-12-13 16:29:22 +01:00
Rosen Penev
1458bc2d9c samba36: Remove guest ok since LuCI configures it.
guest ok is set per share and as such, don't override it. also, fix an error introduced in the last commit.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit ccb79a310c)
2017-12-13 16:29:22 +01:00
Hauke Mehrtens
f0065554b2 config: make CONFIG_ALL_* select other CONIFG_ALL_* options
Select the other CONFIG_ALL_* options in the hierarchy when the master
option is selected. Currently CONFIG_ALL_KMODS is not selected when the
build bot selects CONFIG_ALL_NONSHARED for example.

Now the rtc kmods should get build when CONFIG_ALL_KMODS,
CONFIG_ALL_NONSHARED or CONFIG_ALL and CONFIG_RTC_SUPPORT are selected
like it is done by the build bots for targets with rtc support.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 589621b1c0)
2017-12-13 16:29:22 +01:00
BangLang Huang
2b88309335 nvram: add help message for nvram magic not found
The program would failed if nvram magic not found
in specific partition.

Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
(cherry picked from commit 69da83d9f1)
2017-12-13 16:23:40 +01:00
BangLang Huang
118a2ea0bc nvram: improve argument check when program start
print help message when argument count is less
than 2.

Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
(cherry picked from commit c7e2a6fe92)
2017-12-13 16:23:39 +01:00
BangLang Huang
c446ee4ad4 nvram: add usage() function
Merge the help message into a single function,
so that we can use it somewhere else.

Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
(cherry picked from commit 2a253e7cdb)
2017-12-13 16:23:39 +01:00
BangLang Huang
9e84d333b1 nvram: fix memory leak
Fix memory leak on nvram_open() and nvram_open_rdonly().

For nvram_open(), the 'fd' should be closed on error, and
mmap_area should be unmap when nvram magic can not be found.

For nvram_open_rdonly(), the 'file' variable should free before
return. Once nvram_find_mtd() return successfully, it will allocate
memory to save mtd device string.

Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
(cherry picked from commit 1948d8e08c)
2017-12-13 16:23:39 +01:00
Christian Schoenebeck
3b6b892d67 ca-certificates: Update to 20170717
Update to 20170717

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
(cherry picked from commit a2a226e6e8)
2017-12-13 16:23:39 +01:00
Rafał Miłecki
23b9dc2eca base-files: drop unused preinit_echo function
It isn't used for years since the old 99_10_run_init has been dropped.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1e13c6f77f)
2017-12-13 16:23:39 +01:00
Daniel Engberg
ca7c9db47f tools/pkg-config: Update to 0.29.2
* Update pkg-config to 0.29.2
* Remove patch as it's upstreamed

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit 965df21fd1)
2017-12-13 16:23:39 +01:00
Florian Eckert
75d8127338 base-files: suppress uci not found output in login.sh
Fix "uci: Entry not found" output if "ttylogin" is not set in
"etc/config/system"

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit c31f0421ce)
2017-12-13 16:23:39 +01:00
Jo-Philipp Wich
b616aa6db7 scripts/package-metadata.pl: inhibit compile deps on missing build types
When a package declares a PKG_BUILD_DEPENDENCY or HOST_BUILD_DEPENDENCY on
a not existing build type, the metadata script will emit a reference to an
unresolvable build target in tmp/.packagedeps, causing the make process to
fail hard in a way not catchable by the IGNORE_ERRORS mechanism.

In a situation where a package "test-a" declares a build dependency
"PKG_BUILD_DEPENDS:=test-b/host" while the Makefile of "test-b" does not
implement a HostBuild, make fails with an unrecoverable error in the form:

    make[1]: Entering directory '...'
    make[1]: *** No rule to make target 'package/test-b/host/compile',
                 needed by 'package/test-a/compile'.  Stop.
    make[1]: Leaving directory '...'
    .../toplevel.mk:200: recipe for target 'package/test-a/compile' failed
    make: *** [package/test-a/compile] Error 2

Extend the metadata generation script to catch such unresolved references
and emit a visable warning upon detection.

After this change, the script will emit a warning similar to:

    WARNING: Makefile "package/test-a/Makefile" has a build dependency on
    "test-b/host" but "package/test-b/Makefile" does not implement a
    "host" build type

Fixes a global build cluster outage which occured after the "python-cffi"
feed package removed its HostBuild which the "python-cryptography" package
build-depended on.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit bf5d32af2a)
2017-12-13 16:23:39 +01:00
Jo-Philipp Wich
2e1a87a3e1 build: bundle-libraries.sh: do not override argv[0] in inner exec calls
Only mangle argv[0] of the first executed process and leave the argument
vector of subsequent invocations as-is to allow child programs to properly
discover resources relative to their binary locations.

Fixes "cc1" discovery when executing the host gcc through the bundled
"ccache" executable.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 9e64874fb2)
2017-12-13 16:23:39 +01:00
Rosen Penev
a37f8b0c6e samba36: Remove legacy options
Browseable is now set through LuCI per share, so remove it. Same with
writeable (inverted synonym for read only). domain master and preferred
master seem to be legacy settings for Windows 9x. encrypt passwords
defaults to yes. Probably should not be disabled either.

Also reordered alphabetically.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[rewrap commit message, fix SoB, fix author, bump pkg revsion]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 9dcb3fe7eb)
2017-12-13 16:23:39 +01:00
Daniel Engberg
89c4f47caa scripts/download.pl: Adjust URLs
Internet2 isn't considered a trusted issuer meaning that https links to
rit.edu will fail.

The host mirror.csclub.uwaterloo.ca has a trusted SSL cert and peering
is good so it can replace rit.edu without performance issues.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
[Jo-Philipp Wich: rewrapped commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 99c4295126)
2017-12-13 16:23:39 +01:00
Jo-Philipp Wich
338968a170 build: fix invocation of bundled ld.so in SDK and Imagebuilder
Commit 72d751cba9 "build: rework library bundling" introduced a new helper
binary "runas" whose sole purpose was mangling the argv vector passed to
the actual called ELF image so that the renamed executable could obtain the
proper name from argv[0].

This approach, however totally defeated the purpose of calling bundled ELF
executables through the shipped ld.so loader since the execv() invocation
performed by "runas" would cause the kernel the interprete the final program
image through the system ELF loader again.

To solve the problem, use an alternative approach of shipping a shared object
"runas.so" which uses an ELF ".init_array" function pointer to obtain the
argv[] vector of the to-be-executed main() function and mangle it in-place.

The actual argv[0] value to use is communicated out-of-band using an
environment variable "RUNAS_ARG0" by the shell wrapper script. The wrapper
script also takes care of setting LD_PRELOAD to instruct the shipped ELF
loader to preload the actual ELF program image with the "runas.so" helper
library.

Fixes FS#909.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit ef1cafa736)
2017-12-13 16:23:39 +01:00
Kevin Darbyshire-Bryant
0a976262a5 kmod-sched-cake: drop maintainer
Drop myself from maintainership of 'cake'.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
(cherry picked from commit c7f8bcede6)
2017-12-13 16:23:39 +01:00
Stijn Tintel
610e2afdcc zlib: use default Build/Configure rule
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 462ca4e059)
2017-12-13 16:23:39 +01:00
Stijn Tintel
cf11a41af6 lzo: use default Build/Configure rule
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit b3cba687a4)
2017-12-13 16:23:38 +01:00
Alin Nastac
c86490605c netfilter: add iptables-mod-rpfilter package
Unlike /proc/sys/net/ipv4/conf/INTF/rp_filter flag, rule iptables -t raw
-I PREROUTING -m rpfilter --invert -j DROP prevents conntrack table to
become full when a packet flood with randomly selected source IP addresses
is received from the lan side.

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
(cherry picked from commit d8748e537f)
2017-12-13 16:23:38 +01:00
Daniel Golle
ea23ba9a25 bzip2: add symlink to binary
Other distributions incl. the OpenWrt ImageBuilder and SDK
expect to find the bzip2 executable in /bin.
Create a symlink at that location for compatibility.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit eb7c14d512)
2017-12-13 16:23:38 +01:00
Stijn Tintel
d413c75d24 dropbear: add option to set max auth tries
Add a uci option to set the new max auth tries paramater in dropbear.
Set the default to 3, as 10 seems excessive.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 6371159b4a)
2017-12-13 16:23:38 +01:00
Kevin Darbyshire-Bryant
8693ab5152 dropbear: server support option '-T' max auth tries
Add support for '-T n' for a run-time specification for maximum number
of authentication attempts where 'n' is between 1 and compile time
option MAX_AUTH_TRIES.

A default number of tries can be specified at compile time using
'DEFAULT_AUTH_TRIES' which itself defaults to MAX_AUTH_TRIES for
backwards compatibility.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
(cherry picked from commit 9aaf3d3501)
2017-12-13 16:23:38 +01:00
Yury Shvedov
0e6a6c8487 hostapd: configure NAS ID regardless of encryption
RADIUS protocol could be used not only for authentication but for
accounting too. Accounting could be configured for any type of networks.
However there is no way to configure NAS Identifier for non-WPA
networks without this patch.

Signed-off-by: Yury Shvedov <yshvedov@wimarksystems.com>
[cleanup commit message]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 37c1513b1f)
2017-12-13 16:23:38 +01:00
Yury Shvedov
ef3649d90e hostapd: add acct_interval option
Make an ability to configure Accounting-Interim-Interval via UCI

Signed-off-by: Yury Shvedov <yshvedov@wimarksystems.com>
[add hostapd prefix, cleanup commit message]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 0e7bbcd43b)
2017-12-13 16:23:38 +01:00
Luiz Angelo Daros de Luca
3027a68093 valgrind: bump to 3.13.0
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit 991899cc54)
2017-12-13 16:23:38 +01:00
Stefan Tomanek
3129db331c busybox: backport 'ip rule suppress_{prefixlength, ifgroup}'
This is a backport from the busybox repository
(192dce4b84fb32346ebc5194de7daa5da3b8d1b4); it enables the use of the
suppress_{prefixlength,ifgroup} flags for policy routing rules.

Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
(cherry picked from commit de6ff15129)
2017-12-13 16:02:53 +01:00
Yousong Zhou
86158ad37d libunwind: update to version 1.2.1
Changes since 1.2

    a77b0cd Bump version to v1.2.1
    5f354cb mips/tilegx: Add missing unwind_i.h header file
    620d1c3 Add aarch64 getcontext functionality.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 77dc6a2ae7)
2017-12-13 16:02:24 +01:00
Daniel Golle
59004433e9 imagebuilder: don't rewrite package list output
No longer rewrite opkg list output in package_list function, remove
the awk call in the pipe (which was intended for a single specific
use-case).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit d80d1b6c42)
2017-12-13 16:00:57 +01:00
Daniel Golle
74eeb07817 imagebuilder: clean package_list
commit 19ac879954 (imagebuilder: add package_list function) introduced
a new function 'package_list' to the imagebuilder Makefile.
Unfortunately the package list was poluted by stdout noise of the
Makefile itself as well as opkg. Redirect those outputs to stderr to
make sure that the package_list returned doesn't contain progress
info output but really only packages.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 1b555e1d2b)
2017-12-13 16:00:57 +01:00
Felix Fietkau
7f3f2bc03b build: remove old kernel-headers build directories
Saves space after updating kernel versions

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 76b62e6022)
2017-12-13 16:00:27 +01:00
Paul Spooren
c7234e3036 imagebuilder: add package_list function
The imagebuilder can now list all available packages by using make
package_list. This is usefull for scripts to retrieve a list of all
packages with versions (and size)

Signed-off-by: Paul Spooren <paul@spooren.de>
[daniel@makrotopia.org: fixed commit message]
(cherry picked from commit 19ac879954)
2017-12-13 15:59:35 +01:00
Jonas Gorski
9c3e4b5434 base-files: board.json's switch reset means existence, not argument
Don't pass the value unconditionally to swconfig as a parameter but
instead only call reset if it is 1.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(cherry picked from commit fd952c7a83)
2017-12-13 15:58:35 +01:00