Commit Graph

12544 Commits (88a14bfd1da55bbddf5a86b3c452f1d8b1c46a60)

Author SHA1 Message Date
Matthias Schiffer 82aa061251
kernel: remove echainiv.ko from kmod-crypto-iv
There is a separate package kmod-crypto-echainiv for echainiv.ko. Selecting
both packages led to a conflict, so remove the file from kmod-crypto-iv.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-28 02:39:18 +02:00
Rafał Miłecki a0ce6982d8 mac80211: backport brcmfmac changes from 2016-09-27
This fixes bug that could cause WARNING on every add_key/del_key call.
It also replaces WARNING with a simple message. They may still occur
e.g. on station going out of range and A-MPDU stall in the firmware.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-09-27 18:23:53 +02:00
Magnus Kroken b1f39d3d7e openssl: update to 1.0.2j
A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0
but was omitted from OpenSSL 1.0.2i. As a result any attempt to use
CRLs in OpenSSL 1.0.2i will crash with a null pointer exception.

Patches applied upstream:
* 301-fix_no_nextprotoneg_build.patch
* 302-Fix_typo_introduced_by_a03f81f4.patch

Security advisory: https://www.openssl.org/news/secadv/20160926.txt

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-09-27 17:50:22 +02:00
diizzyy 0d4f02dfd6 linux-firmware: Add mirrors
Adds Google's mirrors as primary source and kernel.org as fallback.
Discussed in #lede-dev on Freenode

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-09-27 17:50:22 +02:00
Rosen Penev c0b15b3072 openssl: Make DTLS configurable.
Signed-off by: Rosen Penev <rosenp@gmail.com>
2016-09-27 17:50:22 +02:00
Rosen Penev aaa067ab0b openssl: Remove J-PAKE. Nothing uses it.
Signed-off by: Rosen Penev <rosenp@gmail.com>
2016-09-27 17:50:22 +02:00
Kevin Darbyshire-Bryant 78ae7d8efd busybox: v1.25.0 upstream patches
Include upstream patches for gzip, ip & ntpd.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-09-27 17:50:22 +02:00
Daniel Engberg edbc8fec8a libjson-c: Update to 0.12.1
Updates libjson-c and removes backport patch.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-09-27 17:50:21 +02:00
diizzyy 509708889c libunwind: use url alias
Use alias instead of hardcoded URL

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-09-27 17:50:21 +02:00
Jo-Philipp Wich 875cddd94c iwinfo: fix WPA cipher reporting
Within the Lua binding, use the same logic as the command line interface for
reporting the used WPA ciphers. Instead of printing the intersection of
pairwise and group ciphers, report both group and pairwise ciphers.

This fixes a case where a connection which uses CCMP for pairwise and TKIP
as groupwise cipher is getting reported as using the NONE cipher.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-27 16:23:48 +02:00
Jo-Philipp Wich 8badcba229 iproute: properly support high routing table IDs
The Linux kernel uses two distinct fields to denote the routing table ID in
use by network routes; the 8 bit `rtm_table` member of `struct rtmsg` and the
32 bit `RTA_TABLE` netlink attribute.

If a routing table ID is larger than 255, the `RT_TABLE` attribute must be used
and the `rtm_table` field has to be set to the special `RT_TABLE_UNSPEC` value.

This commit adds a patch which...
 - switches the *_n2a() and *_a2n() functions of rt_names.c to use dynamically
   sized, name-sorted arrays instead of fixed arrays limited to 1024 slots in
   order to support IDs up to 65535
 - adds proper handling of high table IDs to iprule.c and iproute.c when
   adding, removing and dumping ip rules and network routes

After this change, the Busybox ip applet fully supports IP rules with high ID
numbers, using the same logic as the full iproute2.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-27 16:23:06 +02:00
Jo-Philipp Wich 864b2d113a 6in4: fix invalid local variable declaration (FS#188)
Remove an invalid local variable declaration in the tunnel update subshell
invocation. Local declarations outside of function scopes are illegal since
the Busybox update to version 1.25.0 .

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-27 16:23:06 +02:00
Rafał Miłecki 45b73af7f6 mac80211: backport brcmfmac changes from 2016-09-26
All these patches are in wireless-drirvers-next. There is support for
hidden SSID, few new devices and many fixes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-09-27 07:00:53 +02:00
Matthias Schiffer 26b4216f95
base-files: make default_prerm work offline
IPKG_INSTROOT must be respected for offline removal (used for per-device
rootfs).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-26 17:57:57 +02:00
Matthias Schiffer 6c1542787d
base-files: fix check for empty password warning
Now that we know that the password is in /etc/shadow and not in
/etc/passwd, we can properly fix the logic for the empty password check.
Only 'root::' is an empty password, 'root' and 'root:!:' allow no
password login at all.

This fixes the empty password warning still showing after the root password
has been locked using 'passwd -l root' (e.g. to allow public-key auth
only).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-26 17:57:56 +02:00
Matthias Schiffer 77f54eae45
config: enable shadow passwords unconditionally
Configurations without shadow passwords have been broken since the removal
of telnet: as the default entry in /etc/passwd is not empty (but rather
unset), there will be no way to log onto such a system by default. As
disabling shadow passwords is not useful anyways, remove this configuration
option.

The config symbol is kept (for a while), as packages from feeds depend on
it.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-26 17:57:56 +02:00
Felix Fietkau da4e81960d mac80211: fix crash in mac80211_hwsim
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-26 16:19:58 +02:00
Jonas Gorski c4823622d8 uboot-mvebu: reset the 88E1512 PHY to make the wan port work
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-09-26 13:03:18 +02:00
Jonas Gorski d8075b15d0 uboot-mvebu: make hidden and be m for clearfog to fix IB failing to add it
Uboot-mvebu isn't a real package, which will break the image builder
when it tries to install it during the packing step. Instead of cleafog
selecting it through its default packages, make it default to m if the
clearfog profile is selected.

This will ensure it is always build, but never added to the rootfs. This
fixes creating images for clearfog with IB.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-09-26 12:48:18 +02:00
Jonas Gorski bc1f006b4e uboot-mvebu: also install into KDIR to ensure it packaged in IB
The clearfog image requires u-boot, so package it into KDIR to make sure
it is available in imageBuilder.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-09-26 12:47:36 +02:00
Matthias Schiffer b3dd642584
fstools: mark as nonshared and add missing PKG_CONFIG_DEPENDS
The fstools build depends on the CONFIG_NAND_SUPPORT flag, which is
target-specific.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-25 23:26:25 +02:00
Matthias Schiffer 663145e419
image: fix CONFIG_CLEAN_IPKG with CONFIG_TARGET_PER_DEVICE_ROOTFS
Running prepare_rootfs on TARGET_DIR deletes the opkg state when
CONFIG_CLEAN_IPKG is enabled, making the per-device rootfs package install
fail.

To avoid this, create a copy of the TARGET_DIR before prepare_rootfs is run
and use this as basis for per-device rootfs generation.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-25 09:30:55 +02:00
Matthias Schiffer ce89535bce
kernel: remove duplicate br-netfilter file and Kconfig symbol from kmod-ebtables
br_netfilter.ko and the corresponding Kconfig symbol are already provided
by kmod-br-netfilter, which is a dependency of kmod-ebtables.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-24 23:37:54 +02:00
Hauke Mehrtens ea288126db openssl: backport build fix when hardware support is used
This fix added to the openssl 1.0.2 branch.
In addition add the header for the existing backport.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-24 19:53:00 +02:00
Jo-Philipp Wich 1c09849f6c treewide: remove bad local shell variable declarations
Local variable declarations outside of functions are illegal since the Busybox
update to v1.25.0, therfore remove them from the appropriate places.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-24 14:38:20 +02:00
Hauke Mehrtens df9efc9497 curl: update to version 7.50.3
This fixes the following security problems:
7.50.1:
 CVE-2016-5419 TLS session resumption client cert bypass
 CVE-2016-5420 Re-using connections with wrong client cert
 CVE-2016-5421 use of connection struct after free
7.50.2:
 CVE-2016-7141 Incorrect reuse of client certificates
7.50.3:
 CVE-2016-7167 curl escape and unescape integer overflows

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-24 13:48:05 +02:00
Magnus Kroken 6926325829 openssl: update to 1.0.2i
Drop 302-fix_no_cmac_build.patch, it has been applied upstream.

Security fixes:
* (Severity: High) OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
* (Severity: Moderate) SSL_peek() hang on empty record (CVE-2016-6305)
* 10 Low severity issues

Security advisory: https://www.openssl.org/news/secadv/20160922.txt
Changelog: https://www.openssl.org/news/cl102.txt

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-24 13:28:59 +02:00
Jo-Philipp Wich 4f272dd032 linux-firmware: update to current Git head
Update the linux-firmware package in order to force the buildbots to fetch the
proper mirrored version.

Currently each builder has its own copy of the linux-firmware checkout staged
in its own dl/, since the package was updated before the mirrored copy has
been uploaded. The builders then subsequently uploaded their own copy instead,
leading to md5sum mismatches since each clone produces different tarballs.

By bumping the package to a new version and uploading the mirrored archive
with the proper md5sum beforehand, the builders will fetch that instead and
not upload their own copies.

To properly solve that problem in the future we need to ensure that packed
checkouts become reproducable.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-23 12:11:06 +02:00
Felix Fietkau 175237e7df kernel: fix broken dependency of kmod-owl-loader on kmod-ath9k
It messes up the build order of package/kernel/linux vs
package/kernel/mac80211

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-22 20:09:20 +02:00
Jo-Philipp Wich a84d51c85d linux-firmware: update md5sum
Since the md5sum of the mirrored Git clone archive has been set in the Makefile
before that particular archive was uploaded to the source mirror, the buildbots
uploaded their own, different copy instead invalidating the mirror md5sum for
anyone else.

In order to fix the mismatch, update the md5sum to reflect the archive being
present on the download server.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-22 10:47:57 +02:00
Hauke Mehrtens 7b472f7c21 busybox: fix md5sum
The md5sum was not updated in commit 06fa1c46fc "busybox: update
to version 1.25.0"

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-20 22:56:47 +02:00
Hauke Mehrtens e59bbb6fe2 ltq-vdsl-app: update to version 4.17.18.6
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2016-09-20 22:43:43 +02:00
Hauke Mehrtens 7ecbc27951 ltq-vdsl: update to version 4.17.18.6
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2016-09-20 22:43:43 +02:00
Hauke Mehrtens 3a4db8548f ltq-vdsl-mei: update mei driver to version 1.5.17.6
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2016-09-20 22:43:43 +02:00
Hauke Mehrtens 909ed82b10 dsl-vrx200-firmware-xdsl: update to more recent versions
The Annex A firmware will be updated to:
05.08.01.08.01.06_05.08.00.0B.01.01_osc

The Annex B firmware will be updated to:
05.07.09.09.00.06_05.07.04.04.00.02_osc

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2016-09-20 22:43:43 +02:00
Hauke Mehrtens 06fa1c46fc busybox: update to version 1.25.0
The following patches were removed:
010-networking-fix-uninitialized-memory-when-displaying-.patch
  https://git.busybox.net/busybox/commit/?id=f2c043acfcf9dad9fd3d65821b81f89986bbe54e

030-ip-fix-problem-on-mips64-n64-big-endian-musl-systems.patch
  https://git.busybox.net/busybox/commit/?id=4ab372d49a6e82b0bf097dedb96d26330c5f2d5f

204-udhcpc_src_ip_rebind.patch
  https://git.busybox.net/busybox/commit/?id=abe8f7515aded80889d78c2c1c8947997918cf90

230-ntpd_delayed_resolve.patch
  https://git.busybox.net/busybox/commit/?id=c8641962e4cbde48108ddfc1c105e3320778190d
  https://git.busybox.net/busybox/commit/?id=e4caf1dd9ce8569371a0eeb77ccf02a572dc0f11

260-arping_missing_includes.patch
  Not needed any more, still builds with musl for me.
  Add in 92fd6e6f1a "busybox: fix arping applet building on musl"

The Kconfig files were updated with these commands:
cd config
../convert_menuconfig.pl .../build_dir/target-*/busybox-1.25.0
cd ..
./convert_defaults.pl < .../build_dir/target-*/busybox-1.25.0/.config > Config-defaults.in

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-20 22:37:02 +02:00
Florian Fainelli ef64c8694b base-files: Allow subtargets to define base-files.mk
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-09-19 19:42:10 +02:00
Christian Lamparter e9401a2335 kernel: owl-loader for delayed Atheros ath9k fixup
Some devices (like the Cisco Meraki Z1 Cloud Managed Teleworker Gateway)
need to be able to initialize the PCIe wifi device. Normally, this is done
during the early stages of booting linux, because the necessary init code
is read from the memory mapped SPI and passed to pci_enable_ath9k_fixup.
However,this isn't possible for devices which have the init code for the
Atheros chip stored on NAND in an UBI volume. Hence, this module can be
used to initialze the chip when the user-space is ready to extract the
init code.

Martin Blumenstingl made a few fixes and added support for lantiq:
kernel: owl-loader: add support for OWL emulation PCI devices
kernel: owl-loader: don't re-scan the bus when ath9k_pci_fixup failed
kernel: owl-loader: use dev_* instead of pr_* logging functions
kernel: owl-loader: auto-generate the eeprom filename as fallback
kernel: owl-loader: add a debug message when swapping the eeprom data
kernel: owl-loader: add missing newlines in log messages
kernel: owl-loader: add support for the lantiq platform

These patches have been integrated. Thanks!

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
2016-09-19 19:32:35 +02:00
John Crispin edf5b2955e cyassl: remove duplicate submenu level
Signed-off-by: John Crispin <john@phrozen.org>
2016-09-19 16:07:58 +02:00
Andreas Schultz b9e3e38e79 cyassl: make CyaSSL/WolfSSL more configurable
The default configuration might not be suitable for
every use case. Add options to enable/disable additional
options.

Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2016-09-19 15:30:32 +02:00
Hans Dedecker 32f4777530 dnsmasq: Add match section support
Match sections allow to set a tag specified by the option networkid if the client
sends an option and optionally the option value specified by the match option.
The force option will convert the dhcp-option to force-dhcp-option if set to 1 in
the dnsmasq config if options are specified in the dhcp_option option.

config match
    option networkid tag
    option match 12,myhost
    option force 1
    list dhcp_option '3,192.168.1.1'

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-09-19 15:30:32 +02:00
Florian Fainelli 559f55dffc iwinfo: Bump to 2016-07-29
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-09-19 15:30:32 +02:00
John Crispin 63bd73a5cf base-files: remind users to set root password
print a warning when a shell spawns, telling users to set a root password.

Signed-off-by: John Crispin <john@phrozen.org>
2016-09-19 15:30:32 +02:00
Hauke Mehrtens 0109ed87d9 kernel: add nlmon kernel module
This driver allows to monitor netlink communication on the system.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-16 23:00:01 +02:00
Hauke Mehrtens 8b5e128250 busybox: libnetlink: fix alignment of netlink messages
A padding to align a message should not only be added between
different attributes of a netlink message, but also at the end of the
message to pad it to the correct size.

Without this patch the following command does not work and returns an
error code:
ip link add type nlmon

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-16 23:00:01 +02:00
Felix Fietkau 25dab5d217 base-files: reduce vm.min_free_kbytes for devices with 32M RAM
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-16 16:44:45 +02:00
Rafał Miłecki 4fec58be09 linux-firmware: update to the commit from 2016-09-15
This adds e.g. BCM43430 firmware (not packaged yet).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-09-16 12:30:04 +02:00
Álvaro Fernández Rojas 092e77d948 rtl8xxxu: add support for rtl8188eu
Patches by Jes Sorensen:
https://git.kernel.org/cgit/linux/kernel/git/jes/linux.git/

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-09-15 20:23:46 +02:00
Álvaro Fernández Rojas c1678f1fa0 linux-firmware: rename r8188eu-firmware to rtl8188eu-firmware
This is consistent with the names used for other realtek firmwares.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-09-15 20:23:46 +02:00
Álvaro Fernández Rojas f7670a2d07 mac80211: stop brcmfmac from selecting all SDIO firmwares
Now that we have firmwares separated and brcm2708 being the only target that
actually selects SDIO support, avoid selecting all firmwares by default.
sunxi should select the proper firmwares once SDIO support is enabled and
tested.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-09-15 20:23:46 +02:00
Álvaro Fernández Rojas ba5a9aba5c brcmfmac43430-firmware: rename to brcmfmac-firmware-43430-sdio
This is consistent with the rest of brcmfmac firmwares.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-09-15 20:23:46 +02:00
Álvaro Fernández Rojas daa5691a4d linux-firmware: separate packages for Broadcom FullMAC SDIO firmwares
Using few packages will allow saving some space by decreasing rootfs
size.

Moreover there are more firmware files that may require packaging and
even more to come later.

This can especially useful now, with per device rootfs.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-09-15 20:23:46 +02:00
Felix Fietkau fa05f1d41b kernel: fix missing rename on usb gadget kmod cleanup
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-15 17:01:40 +02:00
Tim Harvey dc17fde994 kernel: clean up usb gadget support
clean up usb gadget support:
- rename gadget modules so that they appear together and are easier to
  identify as gadget modules
- make usb-lib-composite and usb-gadget hidden as there is no point in
  selecting those without gadget drivers that require them as deps

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2016-09-15 13:11:21 +02:00
Rafał Miłecki 65c5d097a4 mac80211: stop brcmfmac from selecting all PCIe firmwares
Now we have firmwares separated and bcm53xx selecting required ones make
use of it to actually save that rootfs space.
Other targets using brcmfmac (brcm2708 and sunxi) use SDIO interface and
firmware so they don't won't be affected.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-09-14 22:12:57 +02:00
John Crispin a3f12a8dbe mountd: update to latest git HEAD
fixes cleanup of mount points

Signed-off-by: John Crispin <john@phrozen.org>
2016-09-14 21:37:21 +02:00
Rafał Miłecki e70e3c544a hostapd: fix regression breaking brcmfmac
The latest update of hostapd broke brcmfmac due to upstream regression.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-09-13 12:06:42 +02:00
Rafał Miłecki ac887f4832 linux-firmware: separate packages for Broadcom FullMAC PCIe firmwares
Using few packages will allow saving some space by decreasing rootfs
size. Dropping 43602a1 firmware saves 316 580 B. Dropping 4366b1 saves
468 188 B.

Moreover there are more firmware files that may require packaging and
even more to come later (e.g. 4366c0).

This can especially useful now, with per device rootfs.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-09-13 10:31:01 +02:00
Felix Fietkau f3747020e2 mac80211: fix tx issue with CCMP PN generated in hardware
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-12 11:25:33 +02:00
Álvaro Fernández Rojas ac08cb06f6 brcm2708-gpu-fw: update to latest version
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-09-10 14:54:08 +02:00
Kevin Darbyshire-Bryant 591755ad1a dnsmasq: make NO_ID optional in full variant
Permit users of the full variant to disable the NO_ID *.bind pseudo
domain masking.

Defaulted 'on' in all variants.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-09-10 12:17:39 +02:00
Kevin Darbyshire-Bryant 96f0bbe91d dropbear: hide dropbear version
As security precaution and to limit the attack surface based on
the version reported by tools like nmap mask out the dropbear
version so the version is not visible anymore by snooping on the
wire. Version is still visible by 'dropbear -V'

Based on a patch by Hans Dedecker <dedeckeh@gmail.com>

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [remove trailing _]
2016-09-10 12:17:39 +02:00
Felix Fietkau 1867537d65 fstools: update to the latest version, adds support for ext4/f2fs overlay via loopback device
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-10 12:17:39 +02:00
Felix Fietkau dbbd5eef58 f2fs-tools: import from packages, clean up, and update to latest
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-08 15:28:38 +02:00
Kevin Darbyshire-Bryant 03cd416795 dnsmasq: Don't expose *.bind data incl version
Don't expose dnsmasq version & other data to clients via the *.bind
pseudo domain.  This uses a new 'NO_ID' compile time option which has been
discussed and submitted upstream.

This is an alternate to replacing version with 'unknown' which affects
the version reported to syslog and 'dnsmasq --version'

Run time tested with & without NO_ID on Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-09-08 15:28:38 +02:00
Felix Fietkau c4bfb119d8 mac80211: remove the fq-disable hack, now that reordering is fixed
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-08 15:28:38 +02:00
Felix Fietkau a194ffd4a8 mac80211: fix packet loss on fq reordering
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-08 15:28:38 +02:00
Felix Fietkau 859d940c79 hostapd: update to version 2016-09-05
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-08 15:28:38 +02:00
Florian Fainelli 2728512e15 e2fsprogs: List all libraries explicitly
e2fsprogs would fail linking with external toolchains which would not be able
to find several dependencies, explicit them.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-09-08 13:40:03 +02:00
Florian Fainelli 9a2f2f32cf e2fsprogs: Honor the global verbose flag
Look for OPENWRT_VERBOSE and pass it down to the e2fsprogs entry-point
Makefile.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-09-08 13:40:03 +02:00
Kevin Darbyshire-Bryant 9209f4304b dnsmasq: fix remove pidfile on shutdown regression
Regression introduced by 3481d0d dnsmasq: run as dedicated UID/GID

dnsmasq is unable to remove its own pidfile as /var/run/dnsmasq is owned
by root and now dnsmasq runs as dnsmasq:dnsmasq.  Change directory
ownership to match.

dnsmasq initially starts as root, creates the pidfile, then drops to
requested non-root user.  Until this fix dnsmasq had insufficient
privilege to remove its own pidfile.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-09-06 11:26:05 +02:00
Petko Bordjukov c5913264e7 mwlwifi: Expose the IEEE 802.11w support to hostapd
Add a dependency on DRIVER_11W_SUPPORT in order to enable the IEEE
802.11w functionality in hostapd.

Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>
2016-09-05 19:24:37 +02:00
Johannes Römer e8cb7d30e9 hostapd: fix typo and indentation in ap_sta_support.patch
Signed-off-by: Johannes Römer <jroemer@posteo.net>
2016-09-05 18:03:24 +02:00
Alexis Green aeea251fad ath10k-ct: fix missing symbols if ath9k is not selected
Require kernel to compile with CONFIG_RELAY=y

Signed-off-by: Alexis Green <alexis@cessp.it>
2016-09-05 18:01:59 +02:00
Felix Fietkau 49a6f67c39 mac80211: backport new register bitfield macros
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-05 17:46:26 +02:00
Felix Fietkau 9cf0444768 mac80211: add a tx sequence number allocation fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-05 14:02:34 +02:00
Karl Palsson a4dc9ff934 dropbear: mdns flag is a bool, not integer
Effectively the same for most purposes, but more accurate.

Signed-off-by: Karl Palsson <karlp@etactica.com>
2016-09-05 07:27:16 +02:00
Karl Palsson ad8d197b82 base-files: support oneshot leds properly.
oneshot trigger configurations for LEDs are created, but the on/off
timing configurations are ignored.  generate_config is correctly creating
oneshot configs, but the later led script doesn't recognise the trigger
details.

Fixes: c0c3f2d4c9 leds: support oneshot as well as timer triggers
Signed-off-by: Karl Palsson <karlp@etactica.com>
2016-09-05 07:27:15 +02:00
John Crispin b5f7221afa fstools: fix logic bug in extroot verification code
Signed-off-by: John Crispin <john@phrozen.org>
2016-09-05 07:27:15 +02:00
John Crispin 81b779d4d9 ugps: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-09-05 07:27:15 +02:00
Conn O'Griofa f362dc154d zram-swap: CONFIG_PROCD_ZRAM_TMPFS compatibility
Enable CONFIG_PROCD_ZRAM_TMPFS compatibility via two changes to list_cpu_idx():
* detect if /tmp is being used by /dev/zram0; if yes, offset initial value by 1 to skip first zram device.
* hot-add /dev/zram1, if not already present.

Signed-off-by: Conn O'Griofa >connogriofa@gmail.com>
2016-09-05 07:12:00 +02:00
Tim Harvey 232893037a generic: add NET3380 UDC support
Add a patch to backport 5185c91385d73cdf79836eb8548e4726e43ae831
from Linux 4.8 adding USB2380 support to the NET2280 driver and
create an OpenWrt menu option to select it as a module.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2016-09-04 13:36:10 +02:00
Tim Harvey a4b86b292a boot: kobs-ng: update kobs-ng for newer kernels
This allows kobs-ng to flash the SPL successfully on the 4.4 kernel used by
the Gateworks IMX boards supporting NAND. The previous version of kobs-ng
worked with the 3.14 kernel but will brick a board making its SPL unbootable
for the 4.4 kernel.

See http://trac.gateworks.com/wiki/ventana/bootloader#nandspl for instructions
on updating the SPL from Linux.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2016-09-04 13:36:09 +02:00
Felix Fietkau dbc9ee5b72 ath9k: fix regression in tx queueing patch
power save response frames can go through the old tx path, and the tid
needs to be set for sequence numbers to be assigned correctly.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-02 14:43:53 +02:00
Felix Fietkau 7130833a27 mvebu: fix boot script for booting from mmc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-02 14:43:53 +02:00
Zhao Gang 28a2901cba ath10k-firmware: add QCA9887 firmware
QCA9887 is experimentally supported in compat-wireless-2016-06-20.

Signed-off-by: Zhao Gang <gang.zhao.42@gmail.com>
2016-09-02 14:43:52 +02:00
Gabe Rodriguez 2d418381bb mwlwifi: Updated to latest source
This commit updates the mwlwifi driver to the latest version provided in the repo.

Signed-off-by: Gabe Rodriguez <lifehacksback@gmail.com>
2016-09-02 14:43:52 +02:00
Felix Fietkau a894a535ff mac80211: add fixes for dealing with unexpected BlockAck frames
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-02 14:43:52 +02:00
Felix Fietkau 372d0fea29 ath9k: add a bunch of powersave handling fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-02 14:43:51 +02:00
Felix Fietkau 1e72d1bf16 mac80211: add a powersave handling fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-02 14:43:51 +02:00
Felix Fietkau 00a1056c3f openssl: re-enable ARM assembly
The original reason for disabling it seems to have been fixed
Related discussion: https://github.com/lede-project/source/pull/307

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-31 13:57:05 +02:00
Felix Fietkau 8e0cb8f582 ebtables: fix build with glibc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-30 12:12:34 +02:00
Felix Fietkau 18c7d1c626 dante: remove -D_GNU_SOURCE to fix build errors with current glibc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-30 12:12:34 +02:00
Felix Fietkau 98206cb9c6 iperf: add -lm to fix build with newer glibc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-30 10:51:21 +02:00
Felix Fietkau b0dcb6bfed iperf: drop PKG_BUILD_DIR override
No longer necessary since the removal of build variants

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-30 10:51:21 +02:00
Jo-Philipp Wich bba8a1a9ba Revert "opkg: use vfork on gz_open by default (FS#120)"
This reverts commit 763f5d7873.

Currently the vfork() code path in opkg is broken and relies on unsupported
ftello() / fseeko() operations on pipes - we need to restructure the code
before we can reconsider this approach.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-28 23:03:13 +02:00
Jo-Philipp Wich d0b88b6067 Revert "opkg: disable the use of vfork for the host build"
This reverts commit 02e3c718e9.

Currently the vfork() code path in opkg is broken and relies on unsupported
ftello() / fseeko() operations on pipes - we need to restructure the code
before we can reconsider this approach.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-28 23:03:13 +02:00
Ben Greear 2ca0cdb7bf ath10k-firmware: Update to latest ath10k-ct 9984 firmware.
Tested briefly on Netgear r7800.  Firmware failed to load on first
boot, but then it worked after that and I could not reproduce the
failure.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-28 20:59:23 +02:00
Felix Fietkau 02e3c718e9 opkg: disable the use of vfork for the host build
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-28 14:34:40 +02:00
Felix Fietkau 763f5d7873 opkg: use vfork on gz_open by default (FS#120)
Reduces memory consumption and binary size

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-28 14:18:54 +02:00
Felix Fietkau 3e4d0e3e77 ath9k: revert temperature compensation support patch (FS#111)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-28 14:08:49 +02:00
Felix Fietkau 4530ca3c11 kernel: remove obsolete legacy ide kernel module packages
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-28 13:51:42 +02:00
Ben Greear 545d86490c ct-bugcheck: Add tools to poll for and report ath10k firmware crashes.
This tool can periodically check for ath10k firmware crashes.
If it finds a crash, it will package up the binary crash dump,
some OS level things like dmesg, lspci, etc into a tar file.

It then notifies the user about the crash and asks them to report
the bug to the appropriate email address.

This is most useful when used with ath10k-ct driver and
CT ath10k firmware, but it should also report issues with stock
ath10k driver and firmware in case one has appropriate contacts
to debug them.

This tool could be extended later for other modules/bugs/etc.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-28 13:51:41 +02:00
Ben Greear d66db35a1d ath10k-ct: Remove useless WARNING for 10.4 firmware.
Removes a useless splat in ath10k, and adds some safety code
around setting keys in the firmware.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-28 13:51:41 +02:00
Ben Greear 3a2d142a3a ath10k-fw: Update to latest 9980 CT firmware.
This fixes a nasty memory corruption bug, among other things.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-28 13:51:41 +02:00
Jo-Philipp Wich 885910225d iwinfo: mark as nonshared
The iwinfo library might get compiled with different backends, depending on
the driver selection of the current target, so mark it as nonshared to avoid
broken libiwinfo support on other targets with same cpu architecture but
different wireless driver types.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-25 16:51:57 +02:00
Felix Fietkau acffa62d12 mt76: update to the latest version
Adds client + ad-hoc mode fixes and some initial TPC preparation work

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-25 13:00:10 +02:00
Felix Fietkau 2b0a1292f8 uqmi: update to the latest version, adds QMI-in-MBIM support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-24 15:16:01 +02:00
Magnus Kroken 2653a12c4d openvpn: update to 2.3.12
300-upstream-fix-polarssl-mbedtls-builds.patch has been applied upstream.
Replaced 101-remove_polarssl_debug_call.patch with upstream backport.

Changelog: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.12

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2016-08-24 00:33:08 +02:00
Ralph Sennhauser 012873074f perf: drop sched_getcpu wrapper
Current musl already provides sched_getcpu

Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
2016-08-23 22:47:43 +02:00
Ralph Sennhauser 91362e7aa4 strace: bump to 4.13
Fixes broken btrfs support in 4.12

Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
2016-08-23 22:47:43 +02:00
Toke Høiland-Jørgensen e58c20aac3 ath9k: Set ATH9K_STATION_STATISTICS when enabling debugging
The ATH9K_STATION_STATISTICS kernel config variable enables some extra
statistics that are useful for debugging (in particular with the airtime
fairness patches enabled). This adds that kernel config when selecting
ath9k debugging.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2016-08-23 13:30:59 +02:00
Felix Fietkau d41f56864c ubus: update to the latest version, adds object remove fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-23 13:30:04 +02:00
Felix Fietkau 223c124db8 ubox: move logd into ubox package
Preparation for further build rework

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-23 12:19:23 +02:00
Ash Benz 798cd261ab hostapd: use printf to improve portability.
Signed-off-by: Ash Benz <ash.benz@bk.ru>
2016-08-23 12:15:41 +02:00
Ben Greear 4c451ae0a7 ath10k-ct: Update to latest ath10k-ct driver.
This uses GFP_DMA32 for firmware swap.  Fixes issue on x86-64 with
QCA 9984 chipset when host system does not have vt-d enabled.

Also tested on linksys ea8500 with 9980 chipset.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-23 11:55:32 +02:00
Felix Fietkau c487bde9e4 netifd: update to the latest version
Adds fixes for wireless device error handling
Adds link state fixes for shell proto handlers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-23 11:08:35 +02:00
Andreas Schultz 277f85c21a cyassl: make CyaSSL/WolfSSL more configurable
The default configuration might not be suitable for
every use case. Add options to enable/disable additional
options.

Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2016-08-22 17:30:35 +02:00
Daniel Golle d7e040f8bc kernel: add fake users for udptunnel and iptunnel modules
Without any in-tree users enabled the Kernel's build process doesn't
actually build those modules. Enable some potential in-tree users
during Kernel build, so out-of-tree modules can depend on them.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-08-22 17:23:05 +02:00
Martin Schiller 070edfd92f ltq-deu: fix cra_priority
With the default priority of 0, the DEU algos would be overlapped
by the generic algos (if available).

To fix this, set the cra_priority of the hardware algos to the
recommended value of 300/400.

Signed-off-by: Martin Schiller <mschiller@tdt.de>
2016-08-20 05:33:09 +02:00
Martin Schiller 9391661394 ltq-deu: fix handling of data blocks with sizes != AES/DES block size
This fix is a backport from the lantiq UGW-6.1.1-MR1

Signed-off-by: Martin Schiller <mschiller@tdt.de>
2016-08-20 05:32:56 +02:00
Martin Schiller 8dba24cfc2 ltq-deu: fix aes initialization vector handling
This fix is a backport from the lantiq UGW-6.1.1-MR1

Signed-off-by: Martin Schiller <mschiller@tdt.de>
2016-08-20 05:32:44 +02:00
Jo-Philipp Wich b91e58e606 busybox: enable sha256sum by default
Now that snapshot builds are only publishing SHA-256 checksums, it makes
sense to ship an appropriate utility for verification.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-18 15:09:06 +02:00
Hans Dedecker d7c249fa1c ppp: Extend uci datamodel with persistency sypport
PPP daemon can be put into persist mode meaning the
daemon will not exit after a connection gets terminated
but will instead try to reopen the connection.
The re-initiation after the link has been terminated
can be controlled via holdoff; this is helpfull in
scenarios where a BRAS is in denial of service mode
due to link setup requests after a BRAS has gone down

Following uci parameters have been added :
persist (boolean) : Puts the ppp daemon in persist mode
maxfail (integer) : Number of consecutive fail attempts which
puts the PPP daemon in exit mode
holdoff (interget) : Specifies how many seconds to wait
before re-initiating link setup after it has been terminated

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-08-18 09:49:18 +02:00
Josua Mayer 1e71fca777 mtd: fix building with glibc
src/linksys_bootcount.c misses to include stdint.h.
Apparently musl doesn't mind and includes this header by default,
but glibc does not and causes the build to fail.

Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
2016-08-18 09:49:18 +02:00
Josua Mayer c8580f51ba u-boot-envtools: fix building with glibc
tools/env/fw_env.c misses to include stdint.h.
Apparently musl doesn't mind and includes this header by default,
but glibc does not and causes the build to fail.

Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
2016-08-18 09:49:18 +02:00
John Crispin 5e563262f1 ubox: fixes segfault inside kmodloader
null pointer deref when no modules folder was present

Signed-off-by: John Crispin <john@phrozen.org>
2016-08-18 09:49:18 +02:00
Felix Fietkau fe7fdd3bb4 ath9k: switch to using mac80211 intermediate software queues
Provides a nice latency reduction under load, due to mac80211's fq_codel
support.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-17 07:02:54 +02:00
John Crispin 99a1888287 swconfig: revert the portmapping patches, they seem to cause a segfault
Revert "kernel/swconfig: remove obsolete portmapping feature from swconfig"

This reverts commit 675407baa4.

Revert "swconfig: remove obsolete portmapping feature"

This reverts commit fca1eb349e.

Signed-off-by: John Crispin <john@phrozen.org>
2016-08-16 10:20:01 +02:00
Matteo Croce 2ebb4733e1 kernel: add kmod-squashfs
add kernel package to build squashfs as module when it's not the root filesystem

Signed-off-by: Matteo Croce <matteo.croce@canonical.com>
2016-08-15 15:32:38 +02:00
Hannu Nyman a77ce8ba96 libs/gmp: update to 6.1.1
Update libgmp to 6.1.1

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-08-15 15:32:38 +02:00
Hannu Nyman 785cdc3cf2 package/devel/gdb: Update to 7.11.1
Update gdb to version 7.11.1 to match the version in toolchain.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-08-15 15:32:37 +02:00
John Crispin fca1eb349e swconfig: remove obsolete portmapping feature
Signed-off-by: John Crispin <john@phrozen.org>
2016-08-15 15:32:36 +02:00
Conn O'Griofa 63f6fc5c16 samba: add file/interface reload triggers & filter interfaces
* Only parse interfaces that are up during init_config (as the
  script depends on this to determine the proper IP/subnet range)
* Add reload interface triggers for samba-designated interfaces
* Force full service restart upon config change to ensure Samba
  binds to new interfaces (sending HUP signal doesn't work)
* Rename "interface" variable to "samba_iface" and move into
  global scope

Needed to fix Samba connectivity for clients connecting from a
different LAN subnet (e.g. pseudobridge configurations) due to the
'bind interfaces only' setting.

Signed-off-by: Conn O'Griofa <connogriofa@gmail.com>
2016-08-15 15:18:35 +02:00
John Crispin 40b8cbc2af procd: update to latest git HEAD
adds O_PATH define

Signed-off-by: John Crispin <john@phrozen.org>
2016-08-15 15:16:42 +02:00
Jo-Philipp Wich d36c5152ef ncurses: change handling of PKG_CONFIG_LIBDIR
When PKG_CONFIG_LIBDIR was unset in the environment, the configure
script was deducing the PKG_CONFIG_LIBDIR from the location of the
pkg-config binary, which doesn't make a lot of sense, and isn't done
by other autotools based packages.

Patch imported from the Buildroot project:
https://github.com/buildroot/buildroot/blob/master/package/ncurses/0001-fixup-pkg-config-handling.patch

Also refresh patches while we're at.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-15 13:34:17 +02:00
Jonas Gorski 30352e72ff base-files: set pi_ifname in board.d case to fix deconfig
Due to an empty pi_ifname in the generic failsafe setup, the deconfig
never removed the failsafe networking interface, causing broken
networking later on.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-14 23:10:17 +02:00
Jonas Gorski 6c9588ddf5 base-files: configure switch in failsafe
Also configure the switch based on the failsafe config, and create the
failsafe interface as tagged if necessary.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:50:15 +02:00
Jonas Gorski 072cf26729 base-files: allow failsafe to configure vlans
In preparation of properly setting up vlans and switches, add
support for configuring failsafe on a vlan tagged interface.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:50:06 +02:00
Jonas Gorski c18edcec45 base-files: add preinit ifname detection based on board.json
Make use of the existing board.d to autodetect lan ifname in a generic way.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:50:00 +02:00
Jonas Gorski 0f1ae840c9 base-files: split out preinit interface config
Move preinit interface and ip config to its own function to allow
calling it from more than one place.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:56 +02:00
Jonas Gorski 780ccbf9f1 base-files: board_detect: allow specifying the generated file
Allow passing a filename to change the location of the generated
board.json.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:51 +02:00
Jonas Gorski e934a129f0 base-files: let config_generate call board_detect
Instead of board_detect generating the config as a side effect, let
config_generate call board_detect as needed.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:46 +02:00
Jo-Philipp Wich 4e8c6f3407 dropbear: security update to 2016.74
- Security: Message printout was vulnerable to format string injection.

  If specific usernames including "%" symbols can be created on a system
  (validated by getpwnam()) then an attacker could run arbitrary code as root
  when connecting to Dropbear server.

  A dbclient user who can control username or host arguments could potentially
  run arbitrary code as the dbclient user. This could be a problem if scripts
  or webpages pass untrusted input to the dbclient program.

- Security: dropbearconvert import of OpenSSH keys could run arbitrary code as
  the local dropbearconvert user when parsing malicious key files

- Security: dbclient could run arbitrary code as the local dbclient user if
  particular -m or -c arguments are provided. This could be an issue where
  dbclient is used in scripts.

- Security: dbclient or dropbear server could expose process memory to the
  running user if compiled with DEBUG_TRACE and running with -v

  The security issues were reported by an anonymous researcher working with
  Beyond Security's SecuriTeam Secure Disclosure www.beyondsecurity.com/ssd.html

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-12 11:45:47 +02:00
Imre Kaloz f76f83de71 mwlwifi: upgrade to 10.3.0.18-20160804
adds support for the Linksys WRT1900ACSv2 and WRT1200ACv2

Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
2016-08-11 21:04:42 +02:00
Felix Fietkau 08a27b99a2 kernel: add missing config symbol
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-11 18:33:02 +02:00
Ben Greear 4d39726b21 ath10k-firmware: Update to latest 99X0 CT firmware.
Among other things, this compiles out support for peer caching.
The feature did not seem to work well in my testing of AP mode,
and totally breaks my own special use of station mode.

Briefly tested on ea8500.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-08-11 10:55:22 +02:00
Ben Greear f85c12e07d ath10k-ct: Fix loading 9980 firmware.
ath10k-ct driver was using bad defaults for 9980 if user
had not specified a fwcfg file to over-ride them.

Also, support configurable station-kickout-threshold,
which might work around issues with flakey connections.

Signed-off-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix PKG_VERSION]
2016-08-11 10:54:50 +02:00
Matteo Croce 1645abffea kernel: add plan 9 fs package
9pfs is used by kvm to share files between host and guest,
add proper config option to enable it.

Signed-off-by: Matteo Croce <matteo.croce@canonical.com>
2016-08-11 10:45:33 +02:00
Petko Bordjukov dff6df9625 hostapd: Allow RADIUS accounting without 802.1x
RADIUS accounting can be used even when RADIUS authentication is not
used. Move the accounting configuration outside of the EAP-exclusive
sections.

Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>
2016-08-11 10:45:33 +02:00
Mathias Kresin 5fadd4397b preinit: use only the image config options
The pi_* variables and the fs_failsafe_wait_timeout variable are set by
the CONFIG_TARGET_PREINIT_* config options. No need to maintain the same
values twice.

All other fs_ variables were never used.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-08-10 03:04:08 +02:00
Mathias Kresin 14e0f057c8 ltq-hcd: fix xway dependency
Due to missing parameter the package wasn't build for the xway target.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-08-10 03:04:08 +02:00
Felix Fietkau 7ee9222770 openssl: re-enable CMAC support
Needed by a few packages

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-09 07:18:03 +02:00
Jo-Philipp Wich 27dffa0b0c uclient: change SSL support error message
Change the error message about missing SSL support to be more explicit by
mentioning required package names.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-08 12:20:15 +02:00
Petko Bordjukov b34ccf45df mac80211: Update the regdb to master-2016-06-10
Changes include:

* Higher maximum transmit power in the 5170-5250 band of the BG
  regdomain
* Introduction of the CU regdomain
* Introduction of the 5725-5875 band (short-range devices) in the DE
  regdomain
* Introduction of 60 GHz channels 1-4 in the KR regdomain
* Introduction of the 5725-5875 band (short-range devices) in the NL
  regdomain

Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>
2016-08-07 23:55:38 +03:00
Felix Fietkau 51e70267bd hostapd: remove unused hostapd-common-old package
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-05 11:02:57 +02:00
Felix Fietkau ac642a7514 ath9k: improve powersave filter handling
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 23:10:41 +02:00
Felix Fietkau 4701fd3190 ath9k: improve performance in tx status handling
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 23:10:41 +02:00
Felix Fietkau 1b9dbb8532 Revert "kernel: remove long obsolete gpio spi controller driver patch"
This reverts commit 9e62a7668c.
2016-08-04 23:10:15 +02:00
Felix Fietkau 7c874d18f5 kernel: mark compression modules as hiddden to obsolete the compressor kconfig hack
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Felix Fietkau 93fb6ce05b kernel: mark kmod-udptunnel as hiddden to replace the NET_UDP_TUNNEL kconfig hack
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Felix Fietkau 577f873daf kernel: remove unused morse led trigger driver
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Felix Fietkau 9e62a7668c kernel: remove long obsolete gpio spi controller driver patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Felix Fietkau 56cf1adc50 kernel: remove esfq qdisc
It has been obsolete for years now

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 18:27:54 +02:00
Mathias Kresin 3004298e62 sysupgrade: unmount filesystems before reboot
sysupgrade immediately reboots after flashing an image and doesn't
allow to unmount filesystems. At least in case the image used for
sysupgrade is stored on a FAT formatted usb flash drive, the following
warning is printed during the next mount of the flash drive:

FAT-fs (sda1): Volume was not properly unmounted. Some data may be
corrupt. Please run fsck.

Although a data corruption during read operations is unlikely, there is
no need to scare the users.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-08-04 18:19:46 +02:00
Daniel Golle 877168993a base-files: remove dead code
/etc/init.d/boot tried to create /dev/root based on the kernel's
cmdline which won't work on any recent targets. Remove that code now
that fstools can detect the mounted rootfs based on
/proc/self/mountinfo and /dev/root was long gone anyway.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-08-04 18:19:46 +02:00
Felix Fietkau fa85ee1d4e kernel: modularize bridge netfilter support a bit further to get rid of some kernel bloat
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-03 19:16:32 +02:00
Felix Fietkau a5c32a1f19 kernel: remove switch driver kmod packages
Targets that need switch drivers should select them in their kernel
config. This prevents some bloat from creeping into targets that don't
need switchdev/dsa

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-03 19:16:32 +02:00
Lucian Cristian 6e68a5dd11 linux/modules: Add SCH5627 Super I/O chips
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2016-08-03 15:30:13 +02:00
John Crispin 2feb9433e2 rtc-rv5c386a: package does not build inside the SDK
the packages failed to build inside the SDK due to missing header
files.

Signed-off-by: John Crispin <john@phrozen.org>
2016-08-03 15:30:13 +02:00
John Crispin 10f9ea0bc6 uboot-lantiq: package does not build inside the SDK
the packages failed to build inside the SDK due to missing ethernet
firmware files.

Signed-off-by: John Crispin <john@phrozen.org>
2016-08-03 15:30:13 +02:00
Felix Fietkau 2f8c355850 mkelfimage: remove package, it is a host tool that has been unused for years
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-02 13:54:56 +02:00
Felix Fietkau cc7029f8a9 uboot-ar71xx: fix default selection for NBG460N/550N/550NH
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-02 13:50:43 +02:00
Felix Fietkau 0cd13c53c1 mac80211: fix minor memleak on AP restart / warning on driver unload
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-02 13:08:05 +02:00
Felix Fietkau 18373e24cf ath9k: fix sta initialization bug leading to stability issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-02 13:07:59 +02:00
Hauke Mehrtens 2694d43b05 gdb: fix build with gcc 4.1.2 as host compiler
The additional warnings are causing compile errors on gcc version 4.1.2
as a host compiler.

cc -c  -Wall -Wdeclaration-after-statement -Wpointer-arith
-Wpointer-sign -Wno-unused -Wunused-value -Wunused-function -Wno-switch
-Wno-char-subscripts -Wmissing-prototypes -Wdeclaration-after-statement
-Wempty-body -Wmissing-parameter-type -Wold-style-declaration -Wold-
style-definition -Wformat-nonliteral  -I. -I. -I./../../include
filter_host.c
cc1: error: unrecognized command line option "-Wempty-body"
cc1: error: unrecognized command line option "-Wmissing-parameter-type"
cc1: error: unrecognized command line option "-Wold-style-declaration"
cc1: error: unrecognized command line option "-Wempty-body"
cc1: error: unrecognized command line option "-Wmissing-parameter-type"
cc1: error: unrecognized command line option "-Wold-style-declaration"

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-08-01 22:25:54 +02:00
Felix Fietkau 5c9cc7b7f8 base-files: increase vm.min_free_kbytes
Network drivers typically allocate memory in atomic context. For that to
be reliable, there needs to be enough free memory. Set the value
heuristically based on the total amount of system RAM.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-01 14:53:27 +02:00
Florian Eckert 109c55aea1 uqmi: add metric option to interface config
It is now possible to add an metric option for the qmi proto in dhcp mode.

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-07-26 08:39:36 +02:00
Florian Eckert 15867deac8 uqmi: fix option ipv6
If option ist not set then ipv6 is still enabled on this Interface.
Check if variable is zero will fix this issue.

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-07-26 08:39:36 +02:00
Felix Fietkau 180465c38f build: create a package feed directory containing all packages
Needed for proper dependency handling for per-device rootfs

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-01 11:13:38 +02:00
Felix Fietkau 5e41c1d447 perf: prevent build from within the sdk and mark as nonshared
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-31 12:25:25 +02:00
Felix Fietkau 9201e88f51 kernel: remove hostap driver
It has been marked as broken for well over a month now and nobody has
complained.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-31 12:25:24 +02:00
Felix Fietkau b2ddfbc1c7 dnsmasq: drop --interface and --except-interface options when the interface cannot be found
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 20:58:14 +02:00
Felix Fietkau 009d6d6024 netifd: update to the latest version, adds an event handling fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 19:51:31 +02:00
Felix Fietkau 5cd88f4812 dnsmasq: remove use of uci state for getting network ifname
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 19:48:22 +02:00
Felix Fietkau a1681ce39b dnsmasq: replace the iface hotplug script with a procd trigger
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:09 +02:00
Felix Fietkau 6916ca8d33 dnsmasq: make the check for existing DHCP servers more reliable
If there is no carrier yet, wait for 2 seconds (STP forwarding delay)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:09 +02:00
Ulrich Weber 712b6fdc5c dnsmasq: write atomic config file
multiple invocation of dnsmasq script (e.g. by procd and hotplugd)
might cause procd to restart dnsmasq with an incomplete config file.
Config file generation might take quite a long time on larger configs
due ubus calls for each listening interface...

Signed-off-by: Ulrich Weber <ulrich.weber@riverbed.com>
2016-07-29 16:41:09 +02:00
Felix Fietkau d9ff187003 netifd: update to the latest version
Emits an initial event after the first link-up of a force_link
interface. This is needed for making the dnsmasq dhcp check more
reliable

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:09 +02:00
Felix Fietkau f88e3a4c0a procd: add default timeout for reload trigger actions
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:09 +02:00
Felix Fietkau c02f41c1d2 igmpproxy: remove procd_open_trigger/procd_close_trigger calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:09 +02:00
Felix Fietkau 8299737428 dropbear: remove procd_open_trigger/procd_close_trigger calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:08 +02:00
Felix Fietkau 88304ea6e5 sysntpd: remove procd_open_trigger/procd_close_trigger calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:08 +02:00
Felix Fietkau 8891d941e0 procd: rework trigger handling
Open/close triggers array around service_triggers call to make using
multiple triggers easier to deal with.
The API was quite confusing, because some functions contained implicit
trigger open/close calls and some didn't.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:08 +02:00
Felix Fietkau eed30bc869 procd: update to the latest version
Fixes a long standing design issue in handling of delayed triggers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:08 +02:00
Felix Fietkau 11d47e615b libubox: update to the latest version, adds a few utility functions
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:08 +02:00
Felix Fietkau 731b166528 build: add template for getting opkg package files from package names
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 10:18:26 +02:00
Felix Fietkau 5d30bf8303 build: rework opkg command invocation
Drop included $(XARGS), add support for passing target dir via parameter

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 10:18:26 +02:00
Felix Fietkau 7dffc32ffa build: rework prepare_rootfs to pass target dir via parameter
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 10:18:26 +02:00
Felix Fietkau 973e6e1d71 build: move rootfs processing code to include/rootfs.mk so it can be reused later
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 10:18:26 +02:00
Álvaro Fernández Rojas c58ed54d8c brcmfmac43430-firmware: update to v7.45.41.26
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-07-28 15:17:48 +02:00
Merlijn Wajer 4a0c4d8151 netifd: Use -x hostname:$hostname instead of -H
Passing the hostname is currently broken in since the shipped busybox includes this commit:
https://git.busybox.net/busybox/commit/networking/udhcp/dhcpc.c?id=2017d48c0d70bef8768efb42909e605ea8eb5a21

Before:

    Sun Jan 31 18:11:32 2016 daemon.notice netifd: Interface 'wan' is now down
    Sun Jan 31 18:11:32 2016 daemon.notice netifd: Interface 'wan' is setting up now
    Sun Jan 31 18:11:32 2016 daemon.notice netifd: wan (18158): udhcpc: option -h NAME is deprecated, use -x hostname:NAME
    Sun Jan 31 18:11:32 2016 daemon.notice netifd: wan (18158): udhcpc: malformed hex string 'WR150'

After:

    Sun Jan 31 18:11:33 2016 daemon.notice netifd: wan (18169): udhcpc (v1.23.2) started
    Sun Jan 31 18:11:33 2016 daemon.notice netifd: wan (18169): Sending discover...
    Sun Jan 31 18:11:33 2016 daemon.notice netifd: wan (18169): Sending select for xxx.yyy.zzz.xyz...
    Sun Jan 31 18:11:33 2016 daemon.notice netifd: wan (18169): Lease of xxx.yyy.zzz.xyz obtained, lease time 600

Signed-off-by: Merlijn Wajer <merlijn@wizzup.org>
2016-07-24 06:59:55 +02:00
Conn O'Griofa e1406cd31a base-files: sysupgrade: fix pseudobridge upgrades
Treat 'relayd' as an essential service to avoid connection interruptions during sysupgrade on devices configured as a pseudobridge.

Signed-off-by: Conn O'Griofa <connogriofa@gmail.com>
2016-07-24 06:54:40 +02:00
John Crispin 30d35181cd mountd: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-24 06:38:30 +02:00
John Crispin 74766f4c4f firewall3: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-24 06:38:30 +02:00
John Crispin b15f41d4d6 ugps: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-24 06:38:30 +02:00
Felix Fietkau da328f2865 hostapd: backport mesh/ibss HT20/HT40 related fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-27 17:22:39 +02:00
Daniel Golle 86c0a569f4 fstools: update to latest HEAD
Fixes duplicate ubiblock entries being listed and improves
find_mount_point to also match against a block device's
major:minor numbers (needed e.g. for /dev/root).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-07-27 01:25:07 +02:00
Etienne CHAMPETIER 35e423ca41 base-files: use procd init for urandom_seed
Previous implementation was blocking the init and
breaking halt/reboot/sysupgrade (reported by Daniel Golle)

v2: use procd logging, use set -e + trap for error handling

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Tested-by: Daniel Golle <daniel@makrotopia.org>
2016-07-27 01:24:54 +02:00
Felix Fietkau 5fd2eabeb2 base-files: remove support of profile-specific base-files
It is incompatible with multi-profile builds and has not been used
in-tree anyway.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-26 08:26:24 +02:00
Felix Fietkau 776ca66261 ath9k: fix warning in client mode (GH#195)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-26 08:26:05 +02:00
Felix Fietkau 04a6984319 ath9k: remove intermediate queueing patch until it is fixed properly
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-24 22:41:20 +02:00
Hauke Mehrtens bafeb90745 iperf3: update to version 3.1.3
old size:
iperf3_3.0.11-1_mips_34kc_dsp.ipk       30147

new size:
iperf3_3.1.3-1_mips_34kc_dsp.ipk        33640

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-24 15:05:50 +02:00
Hauke Mehrtens 9cbb51ff8c iperf: update to version 2.0.9
old size:
iperf_2.0.8-1_mips_34kc_dsp.ipk 27911

new size:
iperf_2.0.9-1_mips_34kc_dsp.ipk 28681

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-24 15:05:33 +02:00
Hauke Mehrtens bdf9243c1b cyassl: update to wolfssl version 3.9.6
Changelog: https://www.wolfssl.com/wolfSSL/Docs-wolfssl-changelog.html

old size:
libcyassl_3.9.0-1_mips_34kc_dsp.ipk     147552

new size:
libcyassl_3.9.6-1_mips_34kc_dsp.ipk     150087

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-24 15:05:03 +02:00
Hauke Mehrtens 7d38128f6a curl: update to version 7.50.0
Changelog: https://curl.haxx.se/changes.html

old sizes:
libcurl_7.49.0-1_mips_34kc_dsp.ipk      97569
curl_7.49.0-1_mips_34kc_dsp.ipk         37925

new sizes:
libcurl_7.50.0-1_mips_34kc_dsp.ipk      97578
curl_7.50.0-1_mips_34kc_dsp.ipk         38017

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-24 15:04:13 +02:00
Felix Fietkau cd91f384ac openssl: re-enable NPN by default
Several packages rely on it

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-24 14:43:44 +02:00
Felix Fietkau cb8f322d93 openssl: add back the CAST cipher by default
At least netatalk and some ipsec packages use it

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-24 14:42:18 +02:00
Felix Fietkau 600fd467d8 openssl: revert the no-ripemd change, openssh needs that cipher
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-23 19:03:47 +02:00
Ben Greear 164a405a48 ath10k: Support installing CT firmware for QCA9984 NICs.
This firmware has been lightly tested on non LEDE system
to date, and will be undergoing further testing and development.
Allow users to easily install this on their LEDE system as
they prefer.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-07-23 12:28:48 +02:00
Ben Greear 9971ab0457 ath10k-ct-firmware: Update to latest 9880 firmware.
Fixes some issues with AES encryption and macbooks.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-07-23 12:28:33 +02:00
Ben Greear eb8ffbebf8 ath10k-ct: Update to latest ath10k-ct driver.
Adds support for 9984 NICs, and an upstream bugfix or two.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-07-23 12:28:25 +02:00
Dirk Feytons 3ad8bc4366 openssl: add option to disable SRP support
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 12:10:41 +02:00
Dirk Feytons 057b116e09 openssl: add --gc-sections
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 12:10:08 +02:00
Dirk Feytons 41da31ac2c openssl: remove some unneeded functionality and algorithms
The patch needed for this commit has been sent upstream:
https://github.com/openssl/openssl/pull/1155

Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [add back bf and srp]
2016-07-23 12:09:51 +02:00
Dirk Feytons f16fc21675 openssl: add option to disable PSK support
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 11:59:31 +02:00
Dirk Feytons 0099748fd6 openssl: add option for NPN support
NPN has been superseded by ALPN so NPN is disabled by default
The patch has been sent to OpenSSL for inclusion, see
https://github.com/openssl/openssl/pull/1100

Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 11:59:31 +02:00
Dirk Feytons eb4fc91a81 openssl: add option to disable compression support
By default it's disabled. After the CRIME attack it seems the use of
compression is discouraged.

Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 11:59:31 +02:00
Dirk Feytons db11695aa6 openssl: add option to omit deprecated APIs
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
2016-07-23 11:59:30 +02:00
Christian Lamparter 39f3408732 ppc4xx: remove booke-wdt watchdog package
This patch gets rid of the booke watchdog kmod package.
Instead the affected boards will enable it in their
kernel configs.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-07-22 09:48:12 +02:00
Matthias Schiffer b82c8ddf8c
libpcap: fix dependency of install-shared-so make target
There seems to be a situation in which a rebuild of libpcap.so is triggered
in the install step of the libpcap Makefile. libpcap.so is the wrong
target, leading to the build failure reported in [1].

Fix the dependency of install-shared-so to $(SHAREDLIB) so the build can
succeed in this case.

[1] https://dev.openwrt.org/ticket/19894

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-07-21 17:57:17 +02:00
Felix Fietkau c7a5bb5a7e samba36: avoid picking up a dependency on libunwind (fixes GH #212)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-21 17:33:17 +02:00
Felix Fietkau ca6375ac51 hostapd: fix an error on parsing radius_das_client
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-21 16:58:50 +02:00
Felix Fietkau 14eb09d5c0 ath10k: add NAPI support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-21 16:17:08 +02:00
Felix Fietkau 467d15b73d mac80211: add a mesh related fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-21 16:16:49 +02:00
Zhao Gang d963ddf042 ar71xx: add support for gl-ar300m
This add initial support for gl-ar300m router.
Product page: http://www.gl-inet.com/ar300m/

Signed-off-by: Zhao Gang <gang.zhao.42@gmail.com>
2016-07-20 00:21:48 +02:00
Felix Fietkau 6c2651566c ath9k: switch to using mac80211 intermediate software queues
Provides a nice latency reduction under load, due to mac80211's fq_codel
support.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-19 14:27:08 +02:00
Felix Fietkau 122a7021a9 ubox: update to the latest version, fixes lsmod output
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-19 13:59:04 +02:00
Felix Fietkau 6b654ab741 uboot-oxnas: fix build error on non-linux systems
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-19 12:48:28 +02:00
Hauke Mehrtens 9b05d3aa8e strace: update to version 1.12
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-18 23:25:30 +02:00
Felix Fietkau 56f686b710 samba36: disable local browse master by default
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-18 13:37:12 +02:00
Felix Fietkau 75329fc161 hostapd: fix VLAN support in full wpad builds
Suppress -DCONFIG_NO_VLAN if CONFIG_IBSS_RSN is enabled

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-18 13:37:10 +02:00
Felix Fietkau 7cdb51e046 ath10k: fix stack traces from a-msdu rx reporting issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-17 12:53:30 +02:00
Felix Fietkau 207338c78e ath9k: implement temperature compensation support for AR93xx and newer
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-15 14:19:22 +02:00
Felix Fietkau 98e4b504b4 ath9k: use external reset on AR91xx and QCA955x to improve stability
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-15 14:19:13 +02:00
Felix Fietkau b948c9371b uclibc++: fix build with gcc 6.1.0, which defaults to using C++14 ABI
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-15 14:18:01 +02:00
Felix Fietkau 3273267c2b ath9k: fix spectral scan on AR9285 and newer AR92xx chipsets
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-15 14:15:34 +02:00
Felix Fietkau 9edb651094 ath9k: merge a fix for the minimum CCA threshold on 5 GHz
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-15 14:15:31 +02:00
Felix Fietkau 55761205ef mac80211: fix a harmless uninitialized variable warning
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-14 13:32:00 +02:00
Ben Greear 1c52826010 add ath10k-ct: Candela-Tech ath10k out-of-tree driver.
This lets one use the CT ath10k driver instead of the built-in
ath10k driver from the upstream kernel (or backports).

This should be a drop-in replacement, as well as enabling
better CT firmware support.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-07-14 12:45:06 +02:00
Hauke Mehrtens d43075710b mbedtls: fix missing mbedtls_time_t bug in mbedtls 2.3.0
This backports a commit from mbedtls current git which adds missing
include for platform.h.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-14 09:19:56 +02:00
Hauke Mehrtens 05cc72944c mbedtls: update to version 2.3.0
This fixes 3 minor security problems.
SSLv3 is deactivated by default now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-13 23:03:03 +02:00
Hauke Mehrtens bd20cb272e polarssl: update to version 1.3.17
This fixes 3 minor security problems.
SSLv3 is deactivated by default now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-13 23:03:02 +02:00
Piotr Dymacz 14ee2b0642 uboot-envtools: add support for jjPlus JWAP230
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-07-13 20:03:10 +02:00
Piotr Dymacz c30fd5e87d uboot-envtools: add support for Wallys DR531
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2016-07-13 20:03:10 +02:00
Felix Fietkau 4952469ff9 mac80211: disable fq until performance issues have been found and fixed
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-12 15:05:26 +02:00
Hans Dedecker 99e5bec2c6 netifd: quote vendorid and hostname variables in dhcp script
Quote hostname and vendorid variables in dhcp script so they can
hold strings having white spaces

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-07-12 14:33:49 +02:00
Felix Fietkau cef1f4ef2b ath9k: explicitly clear gpio chip owner
The core can set it based on the parent device on register

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-11 15:53:48 +02:00
Felix Fietkau 5b07e8731b ath9k: remove gpio chip owner field to fix module unloading
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-11 15:46:42 +02:00
Felix Fietkau 5ce2341a03 mac80211: fix a powersave issue in the intermediate queueing code
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-11 15:46:35 +02:00
Felix Fietkau 4f106d6c07 Revert "ath9k: switch to using mac80211 intermediate software queues"
This reverts commit 31e5ed4152.
I've noticed some weird powersave related issues with this commit.
Revert until they've been fixed.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-11 14:55:22 +02:00
John Crispin 9352603fff mtd-utils: merge ubi/nand-utils into one package
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-11 14:19:47 +02:00
Kevin Darbyshire-Bryant 17f4d3967e samba: update smb template socket options defaults
Removed socket options = TCP_NODELAY IPTOS_LOWDELAY

TCP_NODELAY (disables Nagle algorithm) is default since samba2.
IPTOS_LOWDELAY sets DSCP 0x10 coding (CS2)
The alternate IPTOS_THROUGHPUT sets DSCP 0x08 coding (CS1)

CS1 is a scavenger class, whilst CS2 is more OAM/interactive
(SNMP,SSH,syslog)

Using CS2 is definitely an abuse of DSCP classification, CS1 less so
however even if the ISP takes note of DSCP codings having a default that
sets traffic to CS2 is wrong.  Better to use the default Best Effort
class.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-07-11 14:19:47 +02:00
Kevin Darbyshire-Bryant 3dded42f05 iftop: fix mac address display
iftop would display portions of mac address with large ffffff prefixes.
Make if_hw_addr type consistent.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-07-11 14:19:47 +02:00
John Crispin ef3c0cf590 procd: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-11 14:19:47 +02:00
Kevin Darbyshire-Bryant 527696674a igmpproxy: logging options - make work & improve
Move logging command line option to uci:
option verbose [0]/1/2 - mono-syllabic/verbose/noisy

Previously handled as 'OPTIONS' in .init script however variable
was ignored so never worked.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-07-11 14:19:47 +02:00
Felix Fietkau 31e5ed4152 ath9k: switch to using mac80211 intermediate software queues
Provides a nice latency reduction under load, due to mac80211's fq_codel
support.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-11 10:16:49 +02:00
Felix Fietkau 916aebb300 ath10k: fix a compiler warning
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-09 19:42:26 +02:00
Felix Fietkau 73dd59546b ath10k: fix #if vs #ifdef in led trigger patch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-09 19:42:22 +02:00
Felix Fietkau 78ae53ff2f mac80211: make package ath9k-common hidden
It cannot be selected independently of ath9k and ath9k-htc

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-09 19:38:49 +02:00
Álvaro Fernández Rojas f4293e476d brcm2708-gpu-fw: update to latest version
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-07-09 16:29:19 +02:00
Rafał Miłecki c729fe0269 mac80211: backport brcmfmac changes from 2016-07-08
To work correctly hostapd requires wireless driver to allow interfaces
removal. It was working with brcmfmac only partially. Firmware for
BCM43602 got some special hack (feature?) that allowed removing all
interfaces by disabling mbss mode. It wasn't working with BCM4366
firmware and remaining interfaces were preventing hostapd from starting
again.

Those patches add support for "interface_remove" firmware method which
works with BCM4366 firmware and they make it finally possible to use
BCM4366 & brcmfmac & multiple interfaces.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-07-08 18:21:04 +02:00
Felix Fietkau d98409edbc mt76: update to the latest version, fixes powersave issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-08 10:41:45 +02:00
Gabe Rodriguez 07e8cfed8a mwlwifi: Update to latest version
Signed-off-by: Gabe Rodriguez <lifehacksback@gmail.com>
2016-07-07 10:57:45 +02:00
Felix Fietkau bcb1d9399f valgrind: update to the latest version, fix build issues on ARM
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-07 10:57:45 +02:00
Christian Lamparter c1c49d9456 prism54-firmware: change prism54/p54-firmware package versioning
There are multiple prism54/p54 firmware versions for different
drivers and devices. Therefore, assigning the package version
of all the different firmware packages on the old prism54
firmware could break if any of the p54 firmwares are updated
and we need to roll out new packages.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[removed PKG_VERSION]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-07 00:02:18 +02:00
Rafał Miłecki 8d95b665e8 mac80211: backport brcmfmac changes from 2016-06-29
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-07-06 10:34:19 +02:00
Felix Fietkau ad430c1080 hostapd: add a WDS AP fix for reconnecting clients
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-06 10:12:37 +02:00
neheb a3e7d5e7ae samba: Update smb.conf.template
Removed some options which are default anyway and added bind interfaces
only which causes the interfaces line to actually have an effect. Can be
verified with netstat.

Signed-off by: Rosen Penev <rosenp@gmail.com>
2016-07-05 22:59:14 +02:00
John Crispin 9a4345069f procd: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-05 22:59:14 +02:00
John Crispin 21fa645f7a uci: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-05 22:59:14 +02:00
John Crispin cbf6bc296f usign: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-05 22:59:14 +02:00
John Crispin d643ee0260 umbim: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-05 22:59:13 +02:00
John Crispin 1a06dc6dc2 libubox: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-05 22:59:13 +02:00
Daniel Dickinson a7f6dc9f8b px5g: Create mbedtls variant
px5g has been listed as a blocker for switching to new mbedtls
as the default, therefore make and mbedtls variant of px5g so
that an new mbedtls-only image can be created.

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-07-05 22:59:12 +02:00
Zoltan HERPAI df2889c709 packages: fix bmp085-spi typo
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2016-07-05 13:36:36 +02:00
Felix Fietkau bd7289af38 uclient: update to the latest version, fixes HTTP redirect support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-05 12:40:30 +02:00
Felix Fietkau 92d856f50a ath9k: add beacon related stability fixes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-05 10:45:17 +02:00
Felix Fietkau 71753a8286 Revert "ustream-ssl: Fix recursive dependency"
This reverts commit abf0768131.
The description is wrong, there is no recursive dependency here. The
conditions were added intentionally to avoid bogus build dependencies.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-04 16:47:56 +02:00
Jo-Philipp Wich dd9afb8207 iwinfo: fix nl80211 phy lookup without platform prefix
Commit d9b20a6f35 (SVN r48426) changed the
mac80211 phy lookup logic to strip the platform/ directory component from
the phy path specification.

Fix iwinfo to follow that logic by trying to lookup phys both with and
without "platform/" prefix.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-07-04 16:26:38 +02:00
Jo-Philipp Wich 70b4e46804 e2fsprogs: fix build on OS X systems
On OS X systems, the compilation of e2fsprogs fails at subst.c due to a
missing sys/stat.h include:

    subst.c:333:14: error: variable has incomplete type 'struct stat'
            struct stat stbuf;
                        ^
    subst.c:333:9: note: forward declaration of 'struct stat'
            struct stat stbuf;
                   ^
    subst.c:392:8: warning: implicit declaration of function 'fstat' is invalid in C99
          [-Wimplicit-function-declaration]
                            if (fstat(fd, &stbuf) == 0) {
                                ^
    subst.c:438:12: warning: implicit declaration of function 'fchmod' is invalid in C99
          [-Wimplicit-function-declaration]
                                    (void) fchmod(ofd, 0444);
                                           ^
    2 warnings and 1 error generated.
    make[3]: *** [subst.o] Error 1

Declare the nescessary HAVE_SYS_STAT_H macro to include the required header in
order to avoid the undeclared stat structure.

Tested-By: David Thornley <david.thornley@touchstargroup.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-07-04 16:26:26 +02:00
Daniel Dickinson abf0768131 ustream-ssl: Fix recursive dependency
Two variants incorrectly include themselves in
conditional depends on ssl libraries, which results
in a recursive dependency.

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-07-04 10:51:41 +02:00
Felix Fietkau f5088dc13f kernel: fix duplicate drivers for the PC speaker in one package
Only use the ALSA capable one, it supports regular beeps as well

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-03 19:35:43 +02:00
Felix Fietkau f226d5879e mac80211: move include statements for skb_get_hash_perturb() to prevent issues with newer kernels
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-03 18:13:11 +02:00
Felix Fietkau b174832159 mac80211: backport skb_get_hash_perturb() for 4.1 and older
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-03 17:56:53 +02:00
Martin Blumenstingl 70afc0bdd1 kernel: mac80211: set the parent of the ath9k gpio_chip
This allows gpiolib to re-use ath9k's devicetree node as GPIO
controller.
Example:

ath9k: ath9k@0 {
	#gpio-cells = <2>;
	gpio-controller;
}

Now the ath9k node can be used just like any other GPIO controller:
	gpios = <&ath9k 1 GPIO_ACTIVE_HIGH>;

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-07-02 19:34:50 +02:00
Martin Blumenstingl 7b7ea91e24 kernel: mac80211: enable the gpio controller for all ath9k devices
This enables ath9k's built-in GPIO controller for all chip versions
(instead of an explicit whitelist). This also allows us to get rid of
some duplicate code between hw.c and gpio.c because hw.c already
determines the number of GPIOs.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-07-02 19:34:50 +02:00
Martin Blumenstingl 3ce71eaedd kernel: mac80211: fold the AR9280 GPIO patch into the ath9k GPIO patch
This folds 550-ath9k_add_ar9280_gpio_chip.patch into
548-ath9k_enable_gpio_chip.patch because the former patch only extends
code which is introduced in the latter.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-07-02 19:34:50 +02:00
Mathias Kresin cbfeb7796e mac80211: refresh patches
Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2016-07-02 19:34:50 +02:00
Felix Fietkau 76d09dcb01 ath10k: fix tx performance regression on older chipsets
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-02 19:34:50 +02:00