| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
wolfssl has a fine grained feature and compatibility control
for compiling stunnel, lighthttp or (partly) openssl dropin
ustream-ssl uses features that require normally
HAVE_SNI, HAVE_STUNNEL and the openssl compatibility headers
ar71xx ipkg sizes of wolfssl 3.9.0:
- with stunnel: 144022
- this patch (w.o. stunnel): 131712
- without openssl(extra): 111104
- w.o openssl/sni:108515
- w.o openssl/sni/ecc: 93954
so patch 300 saves around 12k compressed ipkg size
v2: keep & rename patch 300 for clarity, fixes ustream-ssl/cyassl
that broke with v1
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
It contains some quirks for old MIPS devices.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
|
|
|
|
|
|
| |
This regression was introduced in commit cf58007a
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
multiple profiles
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
SUBTARGETS variable
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
adds a SIGCHLD handling fix and jshn performance improvements
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
The network stack does not need it to do GRO
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
| |
The LNA improves the rx path. Within a simple test setup
it improved the signal from -60dbm to -40dbm.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
|
|
|
|
| |
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
| |
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
| |
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
| |
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
| |
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
| |
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change switches ARC tools to the most recent arc-2016.03
version.
ARC GNU tools of version arc-2016.03 bring some quite significant
changes like:
* Binutils v2.26+ (upstream commit id 202ac19 with additional ARC
* patches)
* GCC v4.8.5
* GDB 7.10
More about changes, improvements and fixes could be found here:
https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2016.03
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
|
|
|
|
|
|
|
| |
Typo, missing space before ] in previous commit caused shell syntax
failure and incorrect restoration of time.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
|
|
| |
A hook for ubifs was left-out in the new image building code. Add it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fixes:
CVE-2016-3739: TLS certificate check bypass with mbedTLS/PolarSSL
- remove crypto auth compile fix
curl changelog of 7.46 states its fixed
- fix mbedtls and cyassl usability #19621 :
add path to certificate file (from Mozilla via curl) and
provide this in a new package
tested on ar71xx w. curl/mbedtls/wolfssl
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
| |
upstream change: 8ee4646038e47d065d35703e3e343136c4cd42aa
fixes dependency w. Kernel 4.6
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
|
|
|
|
|
|
|
|
|
|
|
|
| |
conditionally save dnsmasq.time across sysupgrade
dnsmasq uses /etc/dnsmasq.time as record of the last known good
system time to aid its validation of dnssec timestamps. dnsmasq
updates the timestamp on process start/stop once it considers the system
time as valid. The timestamp file should be preserved across system
upgrade but should not be included as part of normal configuration
backups to prevent restores corrupting the current timestamp.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps. By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past. Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.
In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.
Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
|
| |
This reverts commit d830cb08826dc593406d9003d061016061b6c3c4.
Reverting this commit due to a missing Signed-off-by.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
| |
This reverts commit 382779e009af7c1c688fbd98adf71fb19ce66254.
Reverting this commit due to a missing Signed-off-by.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
provides
When imagebuild sorts package lists it breaks opkg's ability to realize
that a providers for a Provides has already been installed, when the sort
results in the provider being later in the list of packages that a package
which depends on a Provides (and hence the provider is not yet installed
for opkg to realize the provider was available doesn't not handle the case
of a package that is to be installed satisfying a dependency, only one that
is already installed (or which it schedules to be installed, which in the
absence of an installed provider is whichever provider happens to be the
default)
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
|
|
|
|
|
|
|
|
|
|
| |
conditionally save dnsmasq.time across sysupgrade
dnsmasq uses /etc/dnsmasq.time as record of the last known good
system time to aid its validation of dnssec timestamps. dnsmasq
updates the timestamp on process start/stop once it considers the system
time as valid. The timestamp file should be preserved across system
upgrade but should not be included as part of normal configuration
backups to prevent restores corrupting the current timestamp.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps. By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past. Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.
In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.
Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.
|
|
|
|
|
|
|
|
|
|
|
| |
Apparently symlink-tree has not been used in quite some time as it
fails to symlink the always required config dir
Also, if we pulled from git but .git is missing we get
many error messages on the symlinked tree without this
patch (which symlinks .git, if present)
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
|
|
|
|
|
|
|
| |
Start arrays on boot, stop them on shutdown, and enable
monitoring to syslog.
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
|
|
|
|
|
|
|
|
| |
Some SSL applications requires a certificates bundle rather
than a directory containing certificates. For thos applications
we build the ca-bundle package
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
|
|
|
|
|
|
|
|
| |
Add packaging of it87 hardware monitor kernel module. It is
a common thermal and voltage monitor that is in many x86
(at least) devices, and is just another i2c hwmon module.
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
|
|
|
|
|
|
| |
This regression was introduced in commit 9195d8da.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
|
|
|
|
|
|
|
| |
Use linux,spidev compatible string.
Move MZK-DP150N spidev to spi1 node.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
size-cells should be 0 in order to avoid dummy values in reg properties.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
|
|
|
|
|
|
| |
It was accidentally left out when 4.4 support was added
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
| |
The patch 300-ath9k-force-rx_clear-when-disabling-rx.patch broke TX99 support
in ath9k. Fix the patch by only applying rx_clear if TX99 mode is not used.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
|