| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(backported from c4aadbdaf69bad3fbb3ef54601a3629ba24a6e9b)
|
|
|
|
|
|
|
|
|
| |
Replace 204-udhcpc_no_msg_dontroute patch by the upstream busybox fix
which removes the code which requires the server ID to be on local
network
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from c6e50075f245b076b57f3f87b5401764a2e11b92)
|
|
|
|
|
| |
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(backported from ccc728a0e2a7c9717d3d1bcc59f0462e9dbed01e)
|
|
|
|
|
| |
Signed-off-by: Rosy Song <rosysong@rosinson.com>
(backported from 1ee98fdef3d6d71c1b0b3b120a9e24ac4b93c94f)
|
|
|
|
|
| |
Signed-off-by: Rosy Song <rosysong@rosinson.com>
(backported from 9d6a0352e7af9aef95f4d983e39516b76e7fc8ba)
|
|
|
|
|
|
|
|
|
|
|
| |
It avoids confusing situations like:
> Could not get image magic
> Image check failed.
> Upgrade completed
> Rebooting system...
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(backported from 5b2e20807d2b38de1cc4185d15bb4320b8bd743a)
|
|
|
|
|
|
|
|
|
|
|
| |
Since kernel 4.10 commit 61e84623ace3 ("net: centralize net_device
min/max MTU checking"), the range of mtu is [min_mtu, max_mtu], which
is [68, 1500] by default.
It's necessary to set a max_mtu if a mtu > 1500 is supported.
Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from 5da2c68d001ee44b15a58639ed03a0ebb6f68020)
|
|
|
|
|
|
|
|
|
| |
(should fix IPSec)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from b560c1748a4edf0d02046e5a988cc0caf1f4f987)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid infinite loop at 100% CPU when running hostapd_cli
if CONFIG_CTRL_IFACE_MIB is not defined.
_newselect(4, [3], NULL, NULL, ...)
recvfrom(3, "UNKNOWN COMMAND\n", 4095, 0, NULL, NULL) = 16
sendto(3, "STA-NEXT UNKNOWN COMMAND", 24, 0, NULL, 0) = 24
Signed-off-by: Denton Gentry <denny@geekhold.com>
(backported from a84962ea35e4e97f1c4a42f2eac0242cc2cbd879)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some board vendors actually changed the loader to expect the chip
to come up in 4-address-mode and flipped the ADP bit in the flash
chip's configuration register which makes it come up in 4-address-mode.
Hence it doesn't make sense to avoid switching to 4-address-mode on
those boards but the opposite as otherwise reboot hangs eg. on the
WrtNode2 boards. Fix this by checking the ADP register and only using
SPI_NOR_4B_READ_OP on chips which have ADP==0 (come up in 3-byte mode).
See also datasheet section 7.1.11 Power Up Address Mode (ADP)
Fixes: 22d982ea0 ("ramips: add support for switching between 3-byte and 4-byte addressing on w25q256 flash")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 8796680277f4b231386fbc6e8a1ccae91d9fcbe8)
|
|
|
|
|
|
|
|
| |
5699354 extensions: fix build failure on fc28
e6359ee build: update ebtables.h from kernel and drop local unused copy
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from 1bbe813db0bb8dc65b8ed7740cf7f35a81b8ba0e)
|
|
|
|
|
| |
Signed-off-by: Ted Hess <thess@kitschensync.net>
(backported from 7590c3c58f5e9d580c86da10473d1d29a2f081c9)
|
|
|
|
|
|
|
|
|
|
|
| |
Do not set device runtime property on interfaces in the hotplug handler
and in fixup_interfaces(). This property conflicts with device option
in several proto handlers (mainly QMI and other WWAN/3G protos) and does
not seem to be used anywhere.
Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(backported from 91b5b2e20d531584918c62a6c6cd046f0580f50a)
|
|
|
|
|
|
|
|
|
|
|
|
| |
3.4 is mainly a bug fix/maintenance release.
3KB increase in ipk lib size on mips.
Compile tested for: ar71xx, ramips
Run tested on: ar71xx Archer C7 v2, ramips mir3g
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from 1ee5051f202f600d854bcf939ba4ee37f057ace2)
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem. This change is
needed for wget-ssl and possibly others to work seamlessly with fresh
ca-bundle installation
Fixes openwrt/packages#6152
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(backported from 191078e83d127f5ed9a38366d2edaac49f9333c5)
|
|
|
|
|
|
|
|
|
| |
While building, curl complains that the path specified is missing.
Also, without ca-bundle, something like 'curl https://www.google.com'
does not work due to a certificate verify error.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported from 7a20c7a05d52f9bb3c82742098457bfbed869a8a)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It simplifies the Makefile a bit. In addition, using ca-bundle
saves some space as well.
It also fixes an issue with at least transmission, which has a dependency
on ca-bundle, but currently libcurl with OpenSSL or GnuTLS cause it not
to work.
This has been tested on mt7621 with OpenSSL and GnuTLS just by running
'curl https://www.google.com' and seeing if there's a verify error.
The rest are already using ca-bundle and therefore work fine.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from f97946c49680a5fe713d0e2caaf072789f70e68d)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently when installing the firmware, a bunch of files and directories
that the ath10k driver does not look for are created.
The package now installs firmware for both hw 2.1 and 3.0 devices.
2.1 is abandonware but may be useful to keep.
3.0 firmware was tested on a Killer 1535 to be relatively stable with
802.11w disabled. 802.11w causes multiple firmware crashes but that's true
of other ath10k firmwares as well.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(backported and squashed from
27eab4fa578d696ab55b6264a1b35fad6488b664,
d0fbe1956b3b9f07b6dcb54a8ed43a4904581e1d,
e191c7ee797c8b3458eb9791212a56b16febeeb4)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
| |
Make sure hostapd-openssl is actually build against OpenSSL, same
for wolfSSL.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 987900f2de76e6d292e55aa068c39b03f79c8812)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clean up conflicts/provides/depends hell and add PROVIDES for
eapol-test variants while at it.
Update mesh-DFS patchset from Peter Oh to v5 (with local fixes) which
allows to drop two revert-patches for upstream commits which previously
were necessary to un-break mesh-DFS support.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 78f1974bc565d7544589a49ad8efd92c4ddec5b3)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of selecting the SSL provider at compile time, build package
variants for each option so users can select the binary package without
having to build it themselves.
Most likely not all variants have actually ever been user by anyone.
We should reduce the selection to the reasonable and most used
combinations at some point in future. For now, build them all.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from c8fdd0e9c843dd483f6677dc41f7df17313aa3cd)
|
|
|
|
|
|
|
|
|
|
| |
Support for building wpa_supplicant/hostapd against wolfssl has been
added upstream recently, add build option to allow users using it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 69f544937f8498e856690f9809a016f0d7f5f68b)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit 39a6ce205d (ustream-ssl: Enable ECDHE with OpenSSL.) broke
build against wolfSSL because wolfSSL doesn't (yet) support
SSL_CTX_set_ecdh_auto() of the OpenSSL API.
Fix this in ustream-ssl:
189cd38b41 don't use SSL_CTX_set_ecdh_auto with wolfSSL
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 4f442f5f383837efcfb345033169178f74f63440)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implicetely selecting the required options via Kconfig snippet from
hostapd worked fine in local builds when using menuconfig but confused
the buildbots which (in phase1) may build wpad-mini and hence already
come with CONFIG_WPA_WOLFSSL being defined as unset which then won't
trigger changing the defaults of wolfssl.
Work around by explicitely reflecting wpa_supplicant's needs in
wolfssl's default settings to make buildbots happy.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from dad39249fb91d6f320256ac12944863f09bb2dc9)
|
|
|
|
|
|
|
|
|
| |
This change will trigger rebuild on buildbots in case of changed config
symbols, like in the case of hostapd selecting some wolfssl symbols
lately.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 5857088c5eb3a5a2409e3c57dbfa2487e08bbf4a)
|
|
|
|
|
|
|
|
|
| |
Use download from github archive corresponding to v3.14.4 tag because
the project's website apparently only offers 3.14.0-stable release
downloads.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(backported from 4f67c1522d92bc4512c3ecf58c38ff9886530b48)
|
|
|
|
|
|
|
| |
This patch is based on sysfsutils package's behaviour on Debian OS.
Signed-off-by: Rodolfo Giometti <giometti@linux.it>
(backported from 2437e0f67050cad79cc1778b18cefd8d3cd86d07)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As of commit in kernel:
6104c37094 fbcon: Make fbcon a built-time depency for fbdev
framebuffer console is build in into framebuffer module and there's no
standalone fbcon module. Therefore drop the kmod-fbcon and enable
console in kmod-fb. The only targets which use these modules are imx6
and geode, both are on kernel 4.14 so no fallback for other kernels is
introduced.
Being at that this commit also fixes autoload of fbdev for x86.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
(backported from 9c0ddafd4663948fe5c6f3f4a7a7601fdbb36737)
|
|
|
|
|
|
|
|
|
| |
This now matches what was generated locally on my PC and the file on the
mirror server.
Fixes: 349fe46103359 ("ath10k-firmware: Update QCA988X firmware to the latest version")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from 56a03e434386ccd1359d5c995a5a3c0fcc44f6af)
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updates the QCA988X firmware to the latest revision
firmware-5.bin_10.2.4-1.0-00037
found in the ath10k-firmware and linux-firmware repositories.
Tested on TP-Link Archer C7 v2 (ar71xx).
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
(backported from 349fe46103359682692e6b175d22f8c05ff75f74)
|
|
|
|
|
| |
Signed-off-by: Rosy Song <rosysong@rosinson.com>
(backported from 39e87e0ffc4eabf27d25459a369be425e9ef0474)
|
|
|
|
|
| |
Signed-off-by: Rosy Song <rosysong@rosinson.com>
(backported from c7e9d72f056a190fe14b1ebc3f07e726121e2965)
|
|
|
|
|
|
|
|
|
|
|
| |
66a9701 ebtables: Fix build errors and warnings
9fff3d5 include: Fix musl libc compatibility
b1cdae8 extensions: Add string filter to ebtables
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(backported from ac70ac3532fefa78c944d8a26c8df0ca5d88d04e)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds the build option for UniFi AC Mesh Pro as well as
model detection for it.
The device is a hardware clone of the AC Pro.
- SoC: QCA9563-AL3A (775Mhz)
- RAM: 128MiB
- Flash: 16MiB - dual firmware partitions!
- LAN: 2x 1000M - POE+
- Wireless:
2.4G: QCA9563
5G: UniFi Chip, QCA988X compatible
Signed-off-by: Christoph Krapp <achterin@googlemail.com>
(cherry picked from commit 987b961537b7002eda21df97dd8bfebe8882bc6d)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Altered patches:
- 180-usb-xhci-add-support-for-performing-fake-doorbell.patch
Fixes CVE:
- CVE-2018-14625
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Fixes CVE:
- CVE-2018-14625
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested: ar71xx
Runtime-tested: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Altered patches:
- 180-usb-xhci-add-support-for-performing-fake-doorbell.patch
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Altered patches:
- 950-0063-Improve-__copy_to_user-and-__copy_from_user-performa.patch
- 950-0149-Update-vfpmodule.c.patch
- 201-extra_optimization.patch
New symbol:
- CONFIG_HARDEN_BRANCH_PREDICTOR
Compile-tested on: ar71xx, ar7, arc770, at91, brcm2708, brcm63xx, ixp4xx, lantiq, layerscape, mpc85xx, orion, rb532, uml
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This option is deprecated but needs to be kept for backward compatibility. [0]
[0] https://community.openvpn.net/openvpn/wiki/DeprecatedOptions#a--comp-lzo
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(cherry picked from commit 3850b41f01925a7eddc24033ed155503c1ad2112)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
3aa81d0 file: access exec timeout via daemon ops structure
7235f34 plugin: store pointer to exec timeout value in the ops structure
ccd7c0a treewide: rename exec_timeout to rpc_exec_timeout
c79ef22 main: fix logic bug when not specifying a timeout option
2cc4b99 file: use global exec timeout instead of own hardcoded limit
ecd1660 exec: increase maximum execution time to 120s
Also expose the socket and timeout options in /etc/config/rpcd for
easier use.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commits 41055551151e12abf8efe710efa4dc025a7b7b6a,
952b11766cd83898cf8f9626b75141eac6d4ad1a and
e533fb17061027dca2cc60a9555fc2edb9e832eb)
|
|
|
|
|
|
|
|
| |
The WAN LED now shows the link state. It's color is green,
not blue.
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
(cherry picked from commit 0411813c6f0520dea23a1c4f58f5956c504bf129)
|
|
|
|
|
|
|
|
|
|
|
|
| |
The tar extraction depends on the order in which the files
are added to the tar file. Since the order is not guaranteed
and depends on the host system, the combined mtd write fails
with sysupgrade images built on some systems.
Fix by changing to tar file order independent mtd write.
Fixes: 86e18f6706e1 ("ipq806x: add support for OpenMesh A42")
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
|
|
|
|
|
|
|
|
| |
Fix broken assignment operator added in a previous commit.
Fixes db73ec9f51 ("rules.mk: add INSTALL_SUID macro")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 1416b63dcbadbb5c11c2591b4513f5276b6dc744)
|
|
|
|
|
|
|
| |
This is useful for packages that want to stage SUID executables.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit b0261ee5e9bcbc743960727b5aad1829250d1add)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The return value of a package prerm script is discarded and not returned
correctly by default_prerm(). This allows other operations like service
shutdown to "leak" their return value, prompting workarounds like commit
48cfc826 which do not address the root cause.
Preserve a package prerm script return value for use by default_prerm(),
sharing the corresponding code from default_postinst() for consistency.
Also use consistent code for handling of /etc/init.d/ scripts.
Run Tested on: LEDE 17.01.4 running ar71xx.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 8806da86f5da3b1b1e4d24259d168e2219c01a26)
|
|
|
|
|
|
|
|
|
|
|
|
| |
The find statement would not return any results if the KDIR_BASE pointed to a
symlink. Ran into this issue due to a custom Kernel/Prepare that was installing
a symlink to the kernel directory.
The extra slash at the end fixes this scenario and does no harm for targets that
have a proper KDIR.
Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
(cherry picked from commit ae980458abf8299d614f4b34add32e18d054378d)
|
|
|
|
|
|
|
|
|
|
|
| |
cdfc902 cgi: escape url in 403 error output
0bba1ce uhttpd: fix building without TLS and Lua support
2ed3341 help: document -A option
fa5fd45 file: fix CPP syntax error
77b774b build: avoid redefining _DEFAULT_SOURCE
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 56378bc12da1aa4f9434bd1119ec770096d92cac)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to latest git HEAD in order to support configuring multiple
concurrent Lua prefixes in a single uhttpd instance:
b741dec lua: support multiple Lua prefixes
Additionally rework the init script and update the default configuration
example to treat the lua_prefix option as key=value uci list, similar to
the interpreter extension mapping. Support for the old "option lua_prefix"
plus "option lua_handler" notation is still present.
Finally drop the sed postinstall hack in uhttpd-mod-lua to avoid mangling
files belonging to other packages. Since Lua prefixes have precedence
over CGI prefixes, simply register `/cgi-bin/luci` as Lua handler which
will only become active if both luci-base and uhttpd-mod-lua is installed.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 214146c6f298e593695c29b8c04a418dac914040)
|