aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services
Commit message (Collapse)AuthorAgeFilesLines
* samba36: update to 3.6.25, fixes remote code execution bug (CVE-2015-0240)Felix Fietkau2015-02-241-2/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 44515
* ppp: Allow PPTP over a specified interfaceJohn Crispin2015-02-221-3/+5
| | | | | | | | | In a dual-WAN setup, it's useful to specify an interface over which to have PPTP. Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us> SVN-Revision: 44507
* packages: remove uneeded PKG_BUILD_DIR overridesNicolas Thill2015-02-221-2/+0
| | | | | | Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 44498
* hostapd: fix c&p typoJohn Crispin2015-02-171-1/+1
| | | | | | | | https://dev.openwrt.org/ticket/19010 Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 44484
* hostapd: backport BSSID black/whitelistsJohn Crispin2015-02-133-0/+687
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change adds the configuration options "bssid_whitelist" and "bssid_blacklist" used to limit the AP selection of a network to a specified (finite) set or discard certain APs. This can be useful for environments where multiple networks operate using the same SSID and roaming between those is not desired. It is also useful to ignore a faulty or otherwise unwanted AP. In many applications it is useful not just to enumerate a group of well known access points, but to use a address/mask notation to match an entire set of addresses (ca:ff:ee:00:00:00/ff:ff:ff:00:00:00). This is especially useful if an OpenWrt device with two radios is used to retransmit the same network (one in AP mode for other clients, one as STA for the uplink); the following configuration prevents the device from associating with itself, given that the own AP to be avoided is using the bssid 'C0:FF:EE:D0:0D:42': config wifi-iface option device 'radio2' option network 'uplink' option mode 'sta' option ssid 'MyNetwork' option encryption 'none' list bssid_blacklist 'C0:FF:EE:D0:0D:42/00:FF:FF:FF:FF:FF' This change consists of the following cherry-picked upstream commits: b3d6a0a8259002448a29f14855d58fe0a624ab76 b83e455451a875ba233b3b8ac29aff8b62f064f2 79cd993a623e101952b81fa6a29c674cd858504f (squashed to implement bssid_{white,black}lists) 0047306bc9ab7d46e8cc22ff9a3e876c47626473 (Add os_snprintf_error() helper) Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de> SVN-Revision: 44438
* relayd: update to the latest version, adds fixes by Alejandro EnriqueFelix Fietkau2015-02-111-2/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 44389
* openvpn: autostart openvpn instances for each .conf file in /etc/openvpnJo-Philipp Wich2015-02-072-4/+32
| | | | | | | | | | | | | | | Align init behaviour with other distros by starting an OpenVPN instance for each config file found in /etc/openvpn/. This removes the additional requirement to "register" the configs with uci and thus simplifies the setup. Make sure to respect the disabled state in uci to not suddenly autostart instances which have been previously set to disabled, also skip configs which are already started due to uci configuration. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44310
* uhttpd: fix another remaining relro issue in the Lua pluginJo-Philipp Wich2015-01-251-2/+2
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44143
* uhttpd: fix time_t type mismatch on 32bit systemsJo-Philipp Wich2015-01-251-2/+2
| | | | | | | | | | | | The previous update introducing LFS support unconditionally changed the sprintf() pattern used to print the file modification time to use PRIx64. Explicitely convert the st_mtime member of the stat struct to uint64_t in order to avoid type mismatch errors when building for non-64bit targets. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44138
* uhttpd: fix crash with enabled relro, memory leak in dirlists and lfsJo-Philipp Wich2015-01-251-3/+3
| | | | | | | | | | | | * Fix the ubus plugin to not make its uhttpd_plugin entry symbol constant as uhttpd needs to modify its list_head member * Make sure that uhttpd supports large files by using 64bit ints where appropriate and by passing _FILE_OFFSET_BITS=64 to the build * Plug a possible memleak in the directory listing code Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44135
* uhttpd: fix exit code of mod-ubus postinstall scriptJo-Philipp Wich2015-01-251-0/+2
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44132
* mac80211/hostapd: fix HT mode setup for RSN ad-hoc networksFelix Fietkau2015-01-241-1/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 44100
* relayd: prevent start for disabled interfacesFelix Fietkau2015-01-241-0/+3
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 44099
* ppp: on PPPoE, always send PADT when shutting down the connectionFelix Fietkau2015-01-241-0/+11
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 44097
* ppp: rework host-uniq support to take hex encoded stringsJo-Philipp Wich2015-01-243-49/+149
| | | | | | | | | | | The previous implementation of the "host-uniq" option used plain strings for passing the value to pppd which made it impossible to specify binary data. Switch the format to a hex encoded string to support binary data. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44094
* igmpproxy: add patch to silence unnecessary logging of downstream igmp trafficFelix Fietkau2015-01-181-0/+19
| | | | | | | | | | | | | This patch adds a simple check to silence logging of messages about unrecognized igmp packets which originate from devices in local network. Without this patch igmpproxy floods openwrt syslog with messages such as: user.warn igmpproxy[19818]: The source address 192.168.1.175 for group 239.255.250.250, is not in any valid net for upstream VIF. Signed-off-by: Antti Seppälä <a.seppala@gmail.com> SVN-Revision: 44020
* dnsmasq: add option --quiet-dhcpJohn Crispin2015-01-171-0/+1
| | | | | | | | The --quiet-dhcp setting increases privacy by omitting DHCP lease logs including MAC addresses. Signed-off-by: Lars Kruse <devel@sumpfralle.de> SVN-Revision: 44006
* Support for building an hardened OpenWRTJohn Crispin2015-01-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduce configuration options to build an "hardened" OpenWRT. Options to enable Stack-Smashing Protection, FORTIFY_SOURCE and RELRO have been introduced. uClibc makefile now automatically detects if SSP support is necessary. hostapd makefile has been fixed to use "^" as sed separator since using a comma was problematic when using "-Wl,-z,now" and the like in TARGET_CFLAGS. Currently enabling SSP on user space depends on enabling SSP kernel side, this is due to the fact that TARGET_CFLAGS are used to build kernel modules (at least). Suggestions on how to avoid this are welcome. Using "select" instead of "depends on" doesn't seem to work with choice entries. Tested with a lantiq (WBMR) router, GCC 4.8, uClibc and a subset of the available packages. Needs to be tested with GCC 4.9 and the remaining packages. PIE not currently included. Signed-off-by: Alessandro Di Federico <ale+owrt@clearmind.me> SVN-Revision: 44005
* dnsmasq: support and use local-service by default (#14951)Jo-Philipp Wich2015-01-163-2/+4
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 43982
* mdns: install uci package as configLuka Perkov2015-01-141-1/+1
| | | | | | Signed-off-by: Alexander Couzens <lynxis@fe80.eu> SVN-Revision: 43967
* hostapd: backport patch fixing handling new stationsRafał Miłecki2015-01-121-0/+37
| | | | | | | | | This patch fixes adding new stations for some specific drivers when using more than 1 BSS. Signed-off-by: Rafał Miłecki <zajec5@gmail.com> SVN-Revision: 43951
* lldpd: update to v0.7.13Jo-Philipp Wich2015-01-092-5/+5
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 43891
* openvpn: procd_set_param respawnJohn Crispin2015-01-081-0/+1
| | | | | | | | | | | Makes sure that the openvpn instance gets restarted in case of a crash. Intentional stops using /etc/init.d/openvpn stop will not result in respawning. Anything else will, e.g. killall openvpn. Signed-off-by: Lars Gierth <larsg@systemli.org> SVN-Revision: 43886
* openvpn: bump PKG_REVISION and copyright yearJo-Philipp Wich2015-01-061-2/+2
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 43859
* dnsmasq: fix dependency problems of the dnsmasq-full variant.Felix Fietkau2015-01-052-21/+70
| | | | | | | | | | | | | | | | | | | | This patch tries to - Let the DHCPv6 feature depend on CONFIG_IPV6. - Conditionally select libnettle, kmod-ipv6, kmod-ipt-ipset only if the corresponding features are enabled. - Install `trust-anchors.conf` only if DNSSEC is selected. - Add PKG_CONFIG_DEPENDS for the configurable options. - Add a patch to let the Makefile of dnsmasq be aware of changes in COPTS variable. Big thanks goes to Frank Schäfer <fschaefer.oss@googlemail.com> for providing necessary information on connections and dependency relations between these CONFIGs and packages. Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> SVN-Revision: 43851
* hostapd: Add uapsd option to netifd.shFelix Fietkau2015-01-051-2/+4
| | | | | | | | | | | | | The uapsd option sets the uapsd_advertisement_enabled flag in hostapd. The check for phy support is already implemented here in hostapd since 2011: http://w1.fi/cgit/hostap/commit/?id=70619a5d8a3d32faa43d66bcb1b670cacf0c243e So this can be safely set to 1 as default. Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net> SVN-Revision: 43846
* openvpn: backport an upstream fix for a regression in using --cipher none ↵Felix Fietkau2015-01-041-0/+57
| | | | | | | | (fixes #18676) Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 43823
* hostapd: add support for configuring supported ratesFelix Fietkau2014-12-271-5/+15
| | | | | | | | patch by Wilco Baan Hofman from #18627 Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 43782
* dnsmasq: also add the actual patches...Steven Barth2014-12-222-0/+110
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 43759
* dnsmasq: backport some dnssec fixesSteven Barth2014-12-221-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 43758
* dnsmasq: allow de-selecting features from -full variant.Steven Barth2014-12-172-2/+30
| | | | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> SVN-Revision: 43733
* igmpproxy: do not attempt to ifstatus error messages as jsonFelix Fietkau2014-12-121-1/+4
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 43660
* igmpproxy: do not start instance if no upstream interface is availableFelix Fietkau2014-12-121-1/+6
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 43659
* igmpproxy: fix init script indentationFelix Fietkau2014-12-121-4/+4
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 43658
* openvpn: update to 2.3.6, fixes CVE-2014-8104Felix Fietkau2014-12-012-25/+46
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 43482
* hostapd: improve 802.1x dynamic vlan support with bridge namesJohn Crispin2014-12-011-2/+5
| | | | | | | | | | In r41872 and r42787 Dynamic VLAN support was reintroduced, but the vlan_bridge parameter is not read while setting up the config, so the default is used which is undesirable for some uses. Signed-off-by: Ben Franske <ben.mm@franske.com> SVN-Revision: 43473
* hostapd: fix build error on some variants with CONFIG_WPA_RFKILL_SUPPORT=y ↵Felix Fietkau2014-11-231-1/+3
| | | | | | | | (#17765) Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 43345
* hostapd: switch dependency from mac80211 to cfg80211Felix Fietkau2014-11-211-4/+4
| | | | | | Signed-off-by: Rafał Miłecki <zajec5@gmail.com> SVN-Revision: 43339
* pppd: add option to set custom host-uniq pppoe tagMatteo Croce2014-11-142-1/+173
| | | | SVN-Revision: 43241
* lldpd: allow discovery protocols to be disabled from menuconfigJo-Philipp Wich2014-11-113-6/+60
| | | | | | | | Signed-off-by: Michel Stam <m.stam@fugro.nl> [jow: fixed condition for CONFIG_LLDPD_WITH_JSON] Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 43233
* package/*: replace occurences of 'ln -sf' to '$(LN)'Nicolas Thill2014-11-064-12/+12
| | | | | | Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 43205
* odhcpd: disable flash-renumbering hack for non-64 prefixesSteven Barth2014-11-061-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 43202
* mdnsd: add query / fetch methods, fix some bugsSteven Barth2014-11-031-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 43169
* license info - revert r43155John Crispin2014-11-0313-36/+3
| | | | | | | | turns out that r43155 adds duplicate info. Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 43167
* Add more license tags with SPDX identifiersJohn Crispin2014-11-0313-3/+36
| | | | | | | | | | | | | | | | | | Note, that licensing stuff is a nightmare: many packages does not clearly state their licenses, and often multiple source files are simply copied together - each with different licensing information in the file headers. I tried hard to ensure, that the license information extracted into the OpenWRT's makefiles fit the "spirit" of the packages, e.g. such small packages which come without a dedicated source archive "inherites" the OpenWRT's own license in my opinion. However, I can not garantee that I always picked the correct information and/or did not miss license information. Signed-off-by: Michael Heimpold <mhei@heimpold.de> SVN-Revision: 43155
* Add a few SPDX tagsSteven Barth2014-11-0215-3/+15
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 43151
* ppp: support adaptive LCP echosJo-Philipp Wich2014-11-014-9/+68
| | | | | | | | | | | | | | | | | | Port Debians adaptive LCP echo patch to pppd, make it configurable with UCI and enable it by default. When adaptive LCP echo is enabled, LCP echo requests are only sent if the link is idle, this avoids the common situation where a congested PPP link (e.g. during torrenting) is falsely detected as disconnected because the LCP replies are not received in time. Also bump the copyright year in the Makefile, remove a redundant maintainer entry and fix the shell processing of the keepalive option when the two- value syntax is used. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 43143
* uhttpd: fix HTTP incompatibilities in file handlerJo-Philipp Wich2014-10-271-2/+2
| | | | | | | | | | | * Fixes sending an extraneous message body for 204 and 304 resoponses which breaks Chrome in keep-alive mode. * Adds mimetypes for JSON and JSONP. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 43078
* hostapd: update to 2014-10-25Felix Fietkau2014-10-2531-409/+113
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 43059
* hostapd: Add wpa_psk_file option to netifd.shJohn Crispin2014-10-201-1/+7
| | | | | | | | | | | | | | | | | | The wpa_psk_file option offers the possibility to use a different WPA-PSK key for each client. The directive points to a file with the following syntax: mac_address wpa_passphrase_or_hex_key Example: 00:11:22:33:44:55 passphrase_for_client_1 00:11:22:33:44:67 passphrase_for_client_2 00:11:22:33:44:89 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef So it is possible to specify both ASCII passphrases and raw 64-chars hex keys. Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net> SVN-Revision: 43001