This fixes: CVE-2014-3158 and some other bugs.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42525 3c298f89-4303-0410-b956-a3cf2f4a3e73
Main changes:
- URL parser: IPv6 zone identifiers are now supported
- cyassl: Use error-ssl.h when available (drop local patch)
- polarssl: support CURLOPT_CAPATH / --capath
- mkhelp: generate code for --disable-manual as well (drop local patch)
Full release notes: http://curl.haxx.se/changes.html
MIPS 34kc binary size:
- 7.36.0 before: 82,539 bytes
- 7.38.0 after: 83,321 bytes
Signed-off-by: Catalin Patulea <cat@vv.carleton.ca>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42517 3c298f89-4303-0410-b956-a3cf2f4a3e73
use the new ipkg based mechanism
Signed-off-by: John Crispin <blogic@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42472 3c298f89-4303-0410-b956-a3cf2f4a3e73
add a proto handler for sierra wireless directip modems
Signed-off-by: John Crispin <blogic@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42465 3c298f89-4303-0410-b956-a3cf2f4a3e73
With this patch WPS discovery can be started or canceled over ubus if
WPS is enabled in wireless configuration. This is equivalent of
'hostapd_cli wps_pbc' and 'hostapd_cli wps_cancel' commands.
Signed-off-by: Petar Koretic <petar.koretic@sartura.hr>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42459 3c298f89-4303-0410-b956-a3cf2f4a3e73
* ipv6
* 4 bugs in the dns parser
* service announcement
* tx goodbye support
* proper handling of rx goodbye
Signed-off-by: John Crispin <blogic@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42325 3c298f89-4303-0410-b956-a3cf2f4a3e73
Use an if/else statement to cover the two different syntaxes. Add
comments explaining what the end results should look like.
This patch should not change the script's output.
Signed-off-by: Kevin Cernekee <cernekee@gmail.com>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42320 3c298f89-4303-0410-b956-a3cf2f4a3e73
An entry like this in /etc/config/dhcp:
config 'host'
option 'name' 'pc2'
option 'ip' '192.168.100.56'
option 'dns' '1'
results in a /tmp/hosts/dhcp entry that looks like this:
192.168.100.56 .lan
Obviously it should say "pc2.lan".
This happens because $name is set to "" in order to support the MAC-less
syntax: "--dhcp-host=lap,192.168.0.199". Fix this by reordering the
operations. Also, refuse to add a DNS entry if the hostname or IP is
missing.
Fixes#17683
Reported-by: Kostas Papadopoulos <kpapad75@travelguide.gr>
Signed-off-by: Kevin Cernekee <cernekee@gmail.com>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42319 3c298f89-4303-0410-b956-a3cf2f4a3e73
LuCI creates "domain" UCI config sections, which the dnsmasq init file
then, currently, translates into "address" config lines. This is not
the correct usage of "address" (see r36943), and also causes rDNS
records to not be created. This patches dnsmasq.init to utilize the
additional hosts file introduced in r40799 for such domain names,
resolving both issues.
Signed-off-by: Tyler Fenby <tylerf@securecominc.com>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42318 3c298f89-4303-0410-b956-a3cf2f4a3e73
add pincode sanitization and handling for authproto/user/pass
Signed-off-by: John Crispin <blogic@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42299 3c298f89-4303-0410-b956-a3cf2f4a3e73
A quite frequent problem after sysupgrading from an older, SSL enabled build
is that ustream-ssl is not installed so uhttpd fails to come up again due to
https listening directives in the preserved configuration.
Skip key/cert and ssl listen options when libustream-ssl.so is not present.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42284 3c298f89-4303-0410-b956-a3cf2f4a3e73
somebody started to set a function returncode in the validation
stuff and everybody copies it, e.g.
myfunction()
{
fire_command
return $?
}
a function automatically returns with the last returncode,
so we can safely remove the command 'return $?'. reference:
http://tldp.org/LDP/abs/html/exit-status.html
"The last command executed in the function or script determines the exit status."
Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42278 3c298f89-4303-0410-b956-a3cf2f4a3e73
Disable MIPS16 to prevent it negatively affecting performance.
Observed was a increase of connection delay from ~6 to ~11 seconds
and a reduction of scp speed from 1.1MB/s to 710kB/s on brcm63xx.
Fixes#15209.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42250 3c298f89-4303-0410-b956-a3cf2f4a3e73
Add a further upstream commit to more closely match the keepalive
to OpenSSH.
Should now really fix#17523.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42249 3c298f89-4303-0410-b956-a3cf2f4a3e73
Don't send SSH_MSG_UNIMPLEMENTED for keepalive responses, which broke
at least putty.
Fixes#17522 / #17523.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42162 3c298f89-4303-0410-b956-a3cf2f4a3e73
This is a bug revealed in r41830.
First, the static variable `char nif[IFNAMSIZ]` of nl80211_phy2ifname()
would be zeroed out if the argument is "wlan0" or the like. This will
happen in the following call stack.
nl80211_get_scanlist("radio0", buf, len);
nl80211_phy2ifname("radio0") // return static var nif with content "wlan0"
nl80211_get_scanlist(nif, buf, len); // tail call
nl80211_get_mode(nif);
nl80211_phy2ifname(nif); // zero out nif
Later we try nl80211_ifadd("") which was supposed to create interface
"tmp.", but that won't happen because nl80211_msg() will put an invalid
ifidx 0 to the nlmsg.
Then iwinfo_ifup() and iwinfo_ifdown() would fail and happily
nl80211_get_scanlist() returned 0 and left *len undefined.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42151 3c298f89-4303-0410-b956-a3cf2f4a3e73
Utilize the new selective conntrack flushing facility to clear
out active conntrack entries referring to old IP addresses after
a firewall reload.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@42114 3c298f89-4303-0410-b956-a3cf2f4a3e73