aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* hostapd: fix MAC filter related log spamJo-Philipp Wich2018-10-164-11/+78
| | | | | | | | Backport two upstream fixes to address overly verbose logging of MAC ACL rejection messages. Fixes: FS#1468 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* dnsmasq: fix dnsmasq failure to start when ujail'dChristian Lamparter2018-10-162-2/+2
| | | | | | | | | | | | | | This patch fixes jailed dnsmasq running into the following issue: |dnsmasq[1]: cannot read /usr/share/dnsmasq/dhcpbogushostname.conf: No such file or directory |dnsmasq[1]: FAILED to start up |procd: Instance dnsmasq::cfg01411c s in a crash loop 6 crashes, 0 seconds since last crash Fixes: a45f4f50e16 ("dnsmasq: add dhcp-ignore-names support - CERT VU#598349") Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [bump package release] Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* toolchain/glibc: update to 2.27+Hans Dedecker2018-10-162-4/+4
| | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* kernel: bump 4.14 to 4.14.76Koen Vandeputte2018-10-169-37/+37
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.133Koen Vandeputte2018-10-163-5/+5
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, layerscape Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 3.18 to 3.18.124Koen Vandeputte2018-10-163-7/+7
| | | | | | | | | Refreshed all patches. Compile-tested: adm5120 Runtime-tested: none Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* dnsmasq: bump to v2.80rc1Kevin Darbyshire-Bryant2018-10-162-32/+4
| | | | | | | | | | | | 53792c9 fix typo df07182 Update German translation. Remove local patch 001-fix-typo which is a backport of the above 53792c9 There is no practical difference between our test8 release and this rc release, but this does at least say 'release candidate' Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* dnsmasq: fix compile issueHans Dedecker2018-10-151-0/+28
| | | | | | Fix compile issue in case HAVE_BROKEN_RTC is enabled Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ramips: refresh mt7621 kernel configFelix Fietkau2018-10-151-5/+29
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: add CONFIG_CC_OPTIMIZE_FOR_* to the default configFelix Fietkau2018-10-154-6/+2
| | | | | | | Avoid repeating them in the target config, they are overwritten by top-level menuconfig anyway Signed-off-by: Felix Fietkau <nbd@nbd.name>
* wolfssl: update to version 3.15.3-stableDaniel Golle2018-10-151-3/+3
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mt76: move mt76x2e firmware to kmod-mt76x2-common and use it for mt76x2uFelix Fietkau2018-10-141-1/+7
| | | | | | USB and PCIe devices can run the same firmware Signed-off-by: Felix Fietkau <nbd@nbd.name>
* tools: patch: Fix build by not modifing Makefile.amHauke Mehrtens2018-10-143-73/+3
| | | | | | | | | | | | | | A new test case was adding in one of the patches fixing a problem, this also included a change in the test/Makefile.am to add this test case. The build system detected a change in the Makefile.am and wants to regenerate the Makefile.in, but this fails because automake-1.15 is not installed yet. As automake depends on patch being build first, make sure we do not modify the Makefile.am. This fixes build problem seen by the build bots. Fixes: 4797dddfde6 ("patch: apply upstream cve fixes") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* tools: patch: make patch build depend on automakeHauke Mehrtens2018-10-141-0/+1
| | | | | | | | | | The Makefile.am changed and now patch wants to use automake to regenerate the Makefile.in. Make sure automake was build before we build patch. This fixes build problem seen by the build bots. Fixes: 4797dddfde6 ("patch: apply upstream cve fixes") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* patch: apply upstream cve fixesRussell Senior2018-10-143-0/+241
| | | | | | | | | | | | | Apply two upstream patches to address two CVEs: * CVE-2018-1000156 * CVE-2018-6952 Add PKG_CPE_ID to Makefile. Build tested on apm821xx and ar71xx. Signed-off-by: Russell Senior <russell@personaltelco.net>
* hostapd: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise)Hauke Mehrtens2018-10-143-5/+18
| | | | | | | | | | | | This adds support for the WPA3-Enterprise mode authentication. The settings for the WPA3-Enterpriese mode are defined in WPA3_Specification_v1.0.pdf. This mode also requires ieee80211w and guarantees at least 192 bit of security. This does not increase the ipkg size by a significant size. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* hostapd: Activate Opportunistic Wireless Encryption (OWE)Hauke Mehrtens2018-10-143-4/+21
| | | | | | | | | | | | | | | | | | OWE is defined in RFC 8110 and provides encryption and forward security for open networks. This is based on the requirements in the Wifi alliance document Opportunistic_Wireless_Encryption_Specification_v1.0_0.pdf The wifi alliance requires ieee80211w for the OWE mode. This also makes it possible to configure the OWE transission mode which allows it operate an open and an OWE BSSID in parallel and the client should only show one network. This increases the ipkg size by 5.800 Bytes. Old: 402.541 Bytes New: 408.341 Bytes Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* hostapd: Activate Simultaneous Authentication of Equals (SAE)Hauke Mehrtens2018-10-143-9/+42
| | | | | | | | | | | | | | | | | | | | This build the full openssl and wolfssl versions with SAE support which is the main part of WPA3 PSK. This needs elliptic curve cryptography which is only provided by these two external cryptographic libraries and not by the internal implementation. The WPA3_Specification_v1.0.pdf file says that in SAE only mode Protected Management Frames (PMF) is required, in mixed mode with WPA2-PSK PMF should be required for clients using SAE, and optional for clients using WPA2-PSK. The defaults are set now accordingly. This increases the ipkg size by 8.515 Bytes. Old: 394.026 Bytes New: 402.541 Bytes Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* hostapd: SAE: Do not ignore option sae_require_mfpHauke Mehrtens2018-10-141-0/+26
| | | | | | This patch was send for integration into the hostapd project. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* hostapd: backport build fix when OWE is activatedHauke Mehrtens2018-10-145-18/+35
| | | | | | This backports a compile fix form the hostapd project. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* hostapd: sync config with default configurationHauke Mehrtens2018-10-145-35/+41
| | | | | | | | | This replaces the configuration files with the versions from the hostapd project and the adaptions done by OpenWrt. The resulting binaries should be the same. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* netifd: update to latest git HEADHauke Mehrtens2018-10-141-2/+2
| | | | | | | | 22476ff wireless: Add Simultaneous Authentication of Equals (SAE) c6c3a0d wireless: Add Opportunistic Wireless Encryption (OWE) a117e41 wireless: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise) Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* uqmi: fix variable initilization for timeout handlingFlorian Eckert2018-10-121-0/+2
| | | | | | Also add logging output for SIM initilization. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* mac80211: fix A-MSDU packet handling with TCP retransmissionFelix Fietkau2018-10-112-1/+32
| | | | | | | Improves local TCP throughput and fixes use-after-free bugs that could lead to crashes. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* bcm53xx: add pending pinctrl driverRafał Miłecki2018-10-112-0/+427
| | | | | | | It's required to support devices using adjustable SoC pins for some specific purpose (e.g. I2C, PWM, UART1). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* ath10k-ct: Update to 29-09-2018Robert Marko2018-10-113-102/+4
| | | | | | | | | | | | | | | | | Update ath10k-ct to be able to drop 210-ath10k-fix-recent-bandwidth-conversion-bug.patch as its upstream. b9989fbd5d6e ath10k-ct: Add upstream patch to fix peer rate reporting. ac9224344dbf ath10k-ct: Support sending custom frames with no-ack flag. bc938bc2021e ath10k-ct: Support sending pkts with specific rate on 10.4 firmware. Runtime tested on: - GL-iNet GL-B1300 - Mikrotik RB912 + QCA9882 Signed-off-by: Robert Marko <robimarko@gmail.com> [Added list of all changes from previous version + add own test device] Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* uqmi: update PKG_RELEASE versionFlorian Eckert2018-10-111-1/+1
| | | | | | update PKG_RELEASE Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* uqmi: stop proto handler if verify pin count is not 3Florian Eckert2018-10-111-0/+7
| | | | | | | | Check pin count value from pin status and stop verification the pin if the value is less then 3. This should prevent the proto-handler to lock the SIM. If SIM is locked then the PUK is needed. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* uqmi: evaluate pin-status output in qmi_setup functionFlorian Eckert2018-10-111-7/+49
| | | | | | | | | | | | | | | | | | | | | | Load the json output from uqmi --get-pin-status command and evaluate the "pin1_status" value. The following uqmi "pin1_status" values are evaluated: - disabled Do not verify PIN because SIM verification is disabled on this SIM - blocked Stop qmi_setup because SIM is locked and a PUK is required - not_verified SIM is not yet verified. Do a uqmi --verify-pin1 command if a SIM is specified - verified: Do not verify the PIN because this was already done before Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* uqmi: do not block proto handler if SIM is uninitializedFlorian Eckert2018-10-111-1/+9
| | | | | | | | QMI proto setup-handler will wait forever if SIM does not get initialized. To fix this stop polling pin status and notify netifd. Netifd will generate then a "ifup-failed" ACTION. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* uqmi: do not block proto handler if modem is unable to registrateFlorian Eckert2018-10-111-1/+10
| | | | | | | | QMI proto setup-handler will wait forever if it is unable to registrate to the mobile network. To fix this stop polling network registration status and notify netifd. Netifd will generate then a "ifup-failed" ACTION. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* uqmi: add timeout option valueFlorian Eckert2018-10-111-2/+5
| | | | | | | | | | | This value will be used for now during following situations: * Ask the sim with the uqmi --get-pin-status command. * Wait for network registration with the uqmi --get-serving-system command. This two commands wait forever in a while loop. Add a timeout to stop waiting and so inform netifd. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* uqmi: redirect uqmi commands output to /dev/nullFlorian Eckert2018-10-111-12/+12
| | | | | | | Move uqmi std and error output on commands without using them to /dev/null. This will remove useless outputs in the syslog. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* uqmi: fix indentingFlorian Eckert2018-10-111-16/+16
| | | | | | fix indenting Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* bcm53xx: replace SPI revert with a fix sent upstreamRafał Miłecki2018-10-112-146/+42
| | | | | | | | | Instead of reverting whole commit it's enough to just revert a single line change. It seems the real problem with the regressing commit was a bump of read chunk size. Switching back to 256 B chunks is enough to fix the problem/regression. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* procd: update to latest git HEADJohn Crispin2018-10-111-3/+3
| | | | | | 94944ab procd: Add cpu string to board detection Signed-off-by: John Crispin <john@phrozen.org>
* package/: fix $(PROJECT_GIT) usageJohn Crispin2018-10-114-4/+4
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* procd: Install hotplug files as 600Rosen Penev2018-10-111-3/+3
| | | | | | procd runs as root, so it only makes sense that its files are restricted. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* linux-atm: Install hotplug file as 600Rosen Penev2018-10-111-2/+2
| | | | | | The hotplug files is only used by procd, which runs as root. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* comgt: Install hotplug and netifd files as 600Rosen Penev2018-10-111-3/+3
| | | | | | procd and netifd both run as root. These files are not used elsewhere. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* samba36: Install several config files as 600Rosen Penev2018-10-111-4/+4
| | | | | | | Hotplug is managed by procd, which runs as root. The other files are used by root as well. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* soloscli: Install hotplug file as 600Rosen Penev2018-10-111-2/+2
| | | | | | Hotplug is managed by procd, which runs as root. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* firewall: Install config files as 600Rosen Penev2018-10-111-6/+6
| | | | | | None of the files in firewall are used by non-root. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* mpc85xx: remove kernel 4.9 supportMagnus Kroken2018-10-115-516/+0
| | | | Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* mpc85xx: switch to kernel 4.14Magnus Kroken2018-10-111-1/+1
| | | | Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* mpc85xx: add kernel 4.14 supportMagnus Kroken2018-10-115-0/+521
| | | | | | | | | Based on patches previously submitted by Achim Gottinger: http://lists.infradead.org/pipermail/openwrt-devel/2018-June/012719.html Tested on TP-Link TL-WDR4900 v1. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* netfilter: add missing dependency for kernel 4.14Koen Vandeputte2018-10-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since kernel 4.14.75 commit ("netfilter: xt_cluster: add dependency on conntrack module") a dependency is required on kmod-nf-conntrack. It seems this was already present for kmod-ipt-clusterip but not yet for kmod-ipt-cluster Add it fixing a build error when including kmod-ipt-cluster: Package kmod-ipt-cluster is missing dependencies for the following libraries: nf_conntrack.ko modules/netfilter.mk:665: recipe for target '/mnt/ramdisk/koen/firmware/builds/openwrt/bin/targets/cns3xxx/generic/packages/kmod-ipt-cluster_4.14.75-1_arm_mpcore_vfp.ipk' failed make[3]: *** [/mnt/ramdisk/koen/firmware/builds/openwrt/bin/targets/cns3xxx/generic/packages/kmod-ipt-cluster_4.14.75-1_arm_mpcore_vfp.ipk] Error 1 make[3]: Leaving directory '/mnt/ramdisk/koen/firmware/builds/openwrt/package/kernel/linux' Command exited with non-zero status 2 time: package/kernel/linux/compile#1.80#0.05#2.07 package/Makefile:107: recipe for target 'package/kernel/linux/compile' failed make[2]: *** [package/kernel/linux/compile] Error 2 make[2]: Leaving directory '/mnt/ramdisk/koen/firmware/builds/openwrt' package/Makefile:103: recipe for target '/mnt/ramdisk/koen/firmware/builds/openwrt/staging_dir/target-arm_mpcore+vfp_musl_eabi/stamp/.package_compile' failed make[1]: *** [/mnt/ramdisk/koen/firmware/builds/openwrt/staging_dir/target-arm_mpcore+vfp_musl_eabi/stamp/.package_compile] Error 2 make[1]: Leaving directory '/mnt/ramdisk/koen/firmware/builds/openwrt' /mnt/ramdisk/koen/firmware/builds/openwrt/include/toplevel.mk:216: recipe for target 'world' failed make: *** [world] Error 2 Fixes: f983956a8b72 ("kernel: bump 4.14 to 4.14.75") Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> [1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.14.75&id=b969656b46626a674232c0eadf92a394b89df07c
* ar71xx: remove linux 4.9 supportKoen Vandeputte2018-10-1092-8105/+0
| | | | Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ar71xx: switch to kernel 4.14Koen Vandeputte2018-10-101-1/+1
| | | | Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.75Koen Vandeputte2018-10-1023-101/+101
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 18:09:50 +0000