aboutsummaryrefslogtreecommitdiffstats
path: root/package/network
Commit message (Collapse)AuthorAgeFilesLines
* wireguard: bump to 0.0.20181006Jason A. Donenfeld2018-10-061-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Account for big-endian 2^26 conversion in Poly1305. * Account for big-endian NEON in Curve25519. * Fix macros in big-endian AArch64 code so that this will actually run there at all. * Prefer if (IS_ENABLED(...)) over ifdef mazes when possible. * Call simd_relax() within any preempt-disabling glue code every once in a while so as not to increase latency if folks pass in super long buffers. * Prefer compiler-defined architecture macros in assembly code, which puts us in closer alignment with upstream CRYPTOGAMS code, and is cleaner. * Non-static symbols are prefixed with wg_ to avoid polluting the global namespace. * Return a bool from simd_relax() indicating whether or not we were rescheduled. * Reflect the proper simd conditions on arm. * Do not reorder lines in Kbuild files for the simd asm-generic addition, since we don't want to cause merge conflicts. * WARN() if the selftests fail in Zinc, since if this is an initcall, it won't block module loading, so we want to be loud. * Document some interdependencies beside include statements. * Add missing static statement to fpu init functions. * Use union in chacha to access state words as a flat matrix, instead of casting a struct to a u8 and hoping all goes well. Then, by passing around that array as a struct for as long as possible, we can update counter[0] instead of state[12] in the generic blocks, which makes it clearer what's happening. * Remove __aligned(32) for chacha20_ctx since we no longer use vmovdqa on x86, and the other implementations do not require that kind of alignment either. * Submit patch to ARM tree for adjusting RiscPC's cflags to be -march=armv3 so that we can build code that uses umull. * Allow CONFIG_ARM[64] to imply [!]CONFIG_64BIT, and use zinc arch config variables consistently throughout. * Document rationale for the 2^26->2^64/32 conversion in code comments. * Convert all of remaining BUG_ON to WARN_ON. * Replace `bxeq lr` with `reteq lr` in ARM assembler to be compatible with old ISAs via the macro in <asm/assembler.h>. * Do not allow WireGuard to be a built-in if IPv6 is a module. * Writeback the base register and reorder multiplications in the NEON x25519 implementation. * Try all combinations of different implementations in selftests, so that potential bugs are more immediately unearthed. * Self tests and SIMD glue code work with #include, which lets the compiler optimize these. Previously these files were .h, because they were included, but a simple grep of the kernel tree shows 259 other files that carry out this same pattern. Only they prefer to instead name the files with a .c instead of a .h, so we now follow the convention. * Support many more platforms in QEMU, especially big endian ones. * Kernels < 3.17 don't have read_cpuid_part, so fix building there. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* iw: add iw-full package without size reduction hacksFelix Fietkau2018-10-062-20/+43
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* package/lldp: don't link against libbsd on !USE_GLIBC buildsAlexander Couzens2018-10-051-0/+3
| | | | Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* ipset: update to 6.38Syrone Wong2018-10-042-27/+2
| | | | | | dropped already upstream patch Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
* netifd: update to latest git HEAD (FS#1875)Hans Dedecker2018-10-021-3/+3
| | | | | | | 83428fa iprule: coding style fixes aeec2a0 iprule: fix segfault (FS#1875) Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd-ipv6only: fix dependency for IPV6Rosy Song2018-09-301-1/+2
| | | | Signed-off-by: Rosy Song <rosysong@rosinson.com>
* netifd: update to latest git HEADHans Dedecker2018-09-301-3/+3
| | | | | | | 94e156f scripts: fix previous commit 3c8ac1c netifd: fix wpa mixed mode matching Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: add acs feature indicationEnrique Giraldo2018-09-291-0/+4
| | | | Signed-off-by: Enrique Giraldo <enrique.giraldo@galgus.net>
* wireguard: bump to 0.0.20180925Kevin Darbyshire-Bryant2018-09-271-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 33523a5 version: bump snapshot 0759480 curve25519-hacl64: reduce stack usage under KASAN b9ab0fc chacha20: add bounds checking to selftests 2e99d19 chacha20-mips32r2: reduce stack and branches in loop, refactor jumptable handling d6ac367 qemu: bump musl 28d8b7e crypto: make constant naming scheme consistent 56c4ea9 hchacha20: keep in native endian in words 0c3c0bc chacha20-arm: remove unused preambles 3dcd246 chacha20-arm: updated scalar code from Andy 6b9d5ca poly1305-mips64: remove useless preprocessor error 3ff3990 crypto-arm: rework KERNEL_MODE_NEON handling again dd2f91e crypto: flatten out makefile 67a3cfb curve25519-fiat32: work around m68k compiler stack frame bug 9aa2943 allowedips: work around kasan stack frame bug in selftest 317b318 chacha20-arm: use new scalar implementation b715e3b crypto-arm: rework KERNEL_MODE_NEON handling 77b07d9 global: reduce stack frame size ddc2bd6 chacha20: add chunked selftest and test sliding alignments and hchacha20 2eead02 chacha20-mips32r2: reduce jumptable entry size and stack usage a0ac620 chacha20-mips32r2: use simpler calling convention 09247c0 chacha20-arm: go with Ard's version to optimize for Cortex-A7 a329e0a chacha20-mips32r2: remove reorder directives 3b22533 chacha20-mips32r2: fix typo to allow reorder again d4ac6bb poly1305-mips32r2: remove all reorder directives 197a30c global: put SPDX identifier on its own line 305806d ratelimiter: disable selftest with KASAN 4e06236 crypto: do not waste space on selftest items 5e0fd08 netlink: reverse my christmas trees a61ea8b crypto: explicitly dual license b161aff poly1305: account for simd being toggled off midway 470a0c5 allowedips: change from BUG_ON to WARN_ON aa9e090 chacha20: prefer crypto_xor_cpy to avoid memmove 1b0adf5 poly1305: no need to trick gcc 8.1 a849803 blake2s: simplify final function 073f3d1 poly1305: better module description Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* dnsmasq: bump to v2.80test7Kevin Darbyshire-Bryant2018-09-273-102/+3
| | | | | | | | | | | | | | | | | | | Bump to latest test release: 3a610a0 Finesse allocation of memory for "struct crec" cache entries. 48b090c Fix b6f926fbefcd2471699599e44f32b8d25b87b471 to not SEGV on startup (rarely). 4139298 Change behavior when RD bit unset in queries. 51cc10f Add warning about 0.0.0.0 and :: addresses to man page. ea6cc33 Handle memory allocation failure in make_non_terminals() ad03967 Add debian/tmpfiles.conf f4fd07d Debian bugfix. e3c08a3 Debian packaging fix. (restorecon) 118011f Debian packaging fix. (tmpfiles.d) Delete our own backports of ea6cc33 & 4139298, so the only real changes here, since we don't care about the Debian stuff are 48b090c & 3a610a0 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* iptables: fix dependency for libip6tc on IPV6Rosy Song2018-09-261-2/+2
| | | | Signed-off-by: Rosy Song <rosysong@rosinson.com>
* iw: update nl80211.hHauke Mehrtens2018-09-261-17/+607
| | | | | | Now this file matches the version in backports. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* netifd: do not validate relevant section when ipv6 is not supportedRosy Song2018-09-252-3/+3
| | | | Signed-off-by: Rosy Song <rosysong@rosinson.com>
* dante: disable sched_getscheduler() - not implemented in muslDavid Yang2018-09-241-3/+4
| | | | | | | | | | | | | | | | | musl doesn't come with an valid implementation of `sched_getscheduler()`; it simply returns -ENOSYS for it. Without this option (and compile dante with `sched_getscheduler()` enabled), you will get error: serverinit(): sched_getscheduler(2): failed to retrieve current cpuscheduling policy: Function not implemented and dante won't start at all. Ref: http://lists.alpinelinux.org/alpine-devel/3932.html Ref: http://lists.alpinelinux.org/alpine-devel/3936.html Signed-off-by: David Yang <mmyangfl@gmail.com> [slightly reword commit message] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* lldpd: inhibit linking of libbsd on !GLIBCJo-Philipp Wich2018-09-241-0/+4
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* layerscape: fix get_device_file() function of restoolYangbo Lu2018-09-221-0/+107
| | | | | | | | | | | | | | The restool failed to work with current gcc-7.3.0-musl. This patch is to add a restool fix-up patch to fix multiple problems encountered in the get_device_file() function: - The deprecated atoi() function is replaced by strtoul - An invalid memory access was being performed by using memory from dir->d_name even after closedir(). This is fixed by a strdup() on the device filename. - Also, error prints now print any relevant error code. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* layerscape: update restool to LSDK-18.06Yangbo Lu2018-09-221-6/+5
| | | | | | | | The restool source code had been migrated to codeaurora for LSDK-18.06 release and the future release. This patch is to update restool to LSDK-18.06 release. Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
* dnsmasq: Change behavior when RD bit unset in queries.Kevin Darbyshire-Bryant2018-09-212-1/+55
| | | | | | | | | | | Backport upstream commit Change anti cache-snooping behaviour with queries with the recursion-desired bit unset. Instead to returning SERVFAIL, we now always forward, and never answer from the cache. This allows "dig +trace" command to work. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* dropbear: Install /etc/config as 600Rosen Penev2018-09-191-3/+3
| | | | | | | | /etc/config/dropbear is used by the init script which only runs as root. Small whitespace change. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* lldpd: Install /etc/config file as 600Rosen Penev2018-09-191-6/+4
| | | | | | | | | | /etc/config/lldpd is only used by the init script, which only runs as root Adjusted homepage and download URLs to use HTTPS. -std=c99 is useful for GCC versions less than 6. Current OpenWrt uses 7. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* netifd: update to latest git HEADHans Dedecker2018-09-191-3/+3
| | | | | | 23941d7 system-linux: enable by default ignore encaplimit for ip6 tunnels Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* map: drop default encaplimit valueHans Dedecker2018-09-192-2/+2
| | | | | | | | | | | | | Setting encaplimit to a numerical value results into the value being included as tunnel encapsulation limit in the destination option header for tunneled packets. Several users have reported interop issues as not all ISPs support the destination option header containing the tunnel encapsulation limit resulting into broken map connectivity. Therefore drop the default encaplimit value for map tunnels so no destination option header is included by default. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ds-lite: drop default encaplimit valueHans Dedecker2018-09-192-2/+2
| | | | | | | | | | | | | Setting encaplimit to a numerical value results into the value being included as tunnel encapsulation limit in the destination option header for tunneled packets. Several users have reported interop issues as not all ISPs support the destination option header containing the tunnel encapsulation limit resulting into broken ds-lite connectivity. Therefore drop the default encaplimit value for ds-lite tunnels so no destination option header is included by default. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* wireguard: bump to 0.0.20180918Jason A. Donenfeld2018-09-191-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * blake2s-x86_64: fix whitespace errors * crypto: do not use compound literals in selftests * crypto: make sure UML is properly disabled * kconfig: make NEON depend on CPU_V7 * poly1305: rename finish to final * chacha20: add constant for words in block * curve25519-x86_64: remove useless define * poly1305: precompute 5*r in init instead of blocks * chacha20-arm: swap scalar and neon functions * simd: add __must_check annotation * poly1305: do not require simd context for arch * chacha20-x86_64: cascade down implementations * crypto: pass simd by reference * chacha20-x86_64: don't activate simd for small blocks * poly1305-x86_64: don't activate simd for small blocks * crypto: do not use -include trick * crypto: turn Zinc into individual modules * chacha20poly1305: relax simd between sg chunks * chacha20-x86_64: more limited cascade * crypto: allow for disabling simd in zinc modules * poly1305-x86_64: show full struct for state * chacha20-x86_64: use correct cut off for avx512-vl * curve25519-arm: only compile if symbols will be used * chacha20poly1305: add __init to selftest helper functions * chacha20: add independent self test Tons of improvements all around the board to our cryptography library, including some performance boosts with how we handle SIMD for small packets. * send/receive: reduce number of sg entries This quells a powerpc stack usage warning. * global: remove non-essential inline annotations We now allow the compiler to determine whether or not to inline certain functions, while still manually choosing so for a few performance-critical sections. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* dnsmasq: Handle memory allocation failure in make_non_terminals()Kevin Darbyshire-Bryant2018-09-192-1/+46
| | | | | | | | Backport upstream commit: ea6cc33 Handle memory allocation failure in make_non_terminals() Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* uqmi: pass-through ipXtable to child interfacesDaniel Golle2018-09-152-2/+5
| | | | | | | | Allow setting specific routing tables via the ip4table and ip6table options also when ${ifname}_4 and ${ifname}_6 child interfaces are being created. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* iproute2: q_cake: Also print nonat, nowash and no-ack-filter keywordsKevin Darbyshire-Bryant2018-09-152-3/+7
| | | | | | | | Pull in latest upstream tweaks: Similar to the previous patch for no-split-gso, the negative keywords for 'nat', 'wash' and 'ack-filter' were not printed either. Add those as well. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* odhcpd: enable ipv6 server mode only when it is supportedRosy Song2018-09-122-2/+2
| | | | Signed-off-by: Rosy Song <rosysong@rosinson.com>
* iproute2: q_cake: Add printing of no-split-gso optionKevin Darbyshire-Bryant2018-09-122-2/+4
| | | | | | | | When the GSO splitting was turned into dual split-gso/no-split-gso options, the printing of the latter was left out. Add that, so output is consistent with the options passed Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* netifd: update to latest HEADFlorian Fainelli2018-09-111-3/+3
| | | | | | 0059335c5b60 CMakeList: Check that compiler supports -Wimplicit-fallthrough Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* wireguard: bump to 0.0.20180910Jason A. Donenfeld2018-09-111-2/+2
| | | | | | | | | | | | | | | | | | | | | | | * curve25519: arm: do not modify sp directly * compat: support neon.h on old kernels * compat: arch-namespace certain includes * compat: move simd.h from crypto to compat since it's going upstream This fixes a decent amount of compat breakage and thumb2-mode breakage introduced by our move to Zinc. * crypto: use CRYPTOGAMS license Rather than using code from OpenSSL, use code directly from AndyP. * poly1305: rewrite self tests from scratch * poly1305: switch to donna This makes our C Poly1305 implementation a bit more intensely tested and also faster, especially on 64-bit systems. It also sets the stage for moving to a HACL* implementation when that's ready. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* hostapd: Fix compile with OpenSSL 1.1.0 + no deprecated APIsRosen Penev2018-09-101-0/+40
| | | | | | | | Patch was accepted upsteam: https://w1.fi/cgit/hostap/commit/?id=373c796948599a509bad71695b5b72eef003f661 Signed-off-by: Rosen Penev <rosenp@gmail.com>
* dnsmasq: bump to dnsmasq 2.80test6Hans Dedecker2018-09-092-4/+4
| | | | | | | | | | | | | | | | Refresh patches Changes since latest bump: af3bd07 Man page typo. d682099 Picky changes to 47b45b2967c931fed3c89a2e6a8df9f9183a5789 47b45b2 Fix lengths of interface names 2b38e38 Minor improvements in lease-tools 282eab7 Mark die function as never returning c346f61 Handle ANY queries in context of da8b6517decdac593e7ce24bde2824dd841725c8 03212e5 Manpage typo. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* curl: Update to 7.61.1Daniel Engberg2018-09-091-3/+3
| | | | | | Update curl to 7.61.1 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* odhcp6c: add client fqdn and reconfigure optionspacien2018-09-082-3/+9
| | | | | | | | Allowing DHCPV6_CLIENT_FQDN and DHCPV6_ACCEPT_RECONFIGURE to be turned off. Defaulting to false, former behavior remains unchanged. Signed-off-by: pacien <pacien.trangirard@pacien.net> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* dnsmasq: allow dnsmasq variants to be included in imageHenrique de Moraes Holschuh2018-09-061-0/+2
| | | | | | | | | | | The dnsmasq variants should provide dnsmasq, otherwise it is impossible to include them in the image. This change allows one to have CONFIG_PACKAGE_dnsmasq=m and CONFIG_PACKAGE_dnsmasq-full=y, e.g. because you want DNSSEC support, or IPSETs suport on your 3000-devices fleet ;-) Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br>
* dnsmasq: bump to dnsmasq v2.80test5Hans Dedecker2018-09-064-132/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refresh patches Remove 240-ubus patch as upstream accepted. Add uci option ubus which allows to enable/disable ubus support (enabled by default) Upstream commits since last bump: da8b651 Implement --address=/example.com/# c5db8f9 Tidy 7f876b64c22b2b18412e2e3d8506ee33e42db7c 974a6d0 Add --caa-record b758b67 Improve logging of RRs from --dns-rr. 9bafdc6 Tidy up file parsing code. 97f876b Properly deal with unaligned addresses in DHCPv6 packets. cbfbd17 Fix broken DNSSEC records in previous. b6f926f Don't return NXDOMAIN to empty non-terminals. c822620 Add --dhcp-name-match 397c050 Handle case of --auth-zone but no --auth-server. 1682d15 Add missing EDNS0 section. EDNS0 section missing in replies to EDNS0-containing queries where answer generated from --local=/<domain>/ dd33e98 Fix crash parsing a --synth-domain with no prefix. Problem introduced in 2.79/6b2b564ac34cb3c862f168e6b1457f9f0b9ca69c c16d966 Add copyright to src/metrics.h 1dfed16 Remove C99 only code. 6f835ed Format fixes - ubus.c 9d6fd17 dnsmasq.c fix OPT_UBUS option usage 8c1b6a5 New metrics and ubus files. 8dcdb33 Add --enable-ubus option. aba8bbb Add collection of metrics caf4d57 Add OpenWRT ubus patch Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: bump to git HEAD (detect broken hostnames)Hans Dedecker2018-09-051-4/+4
| | | | | | | 881f66b odhcpd: detect broken hostnames 3e17fd9 config: fix odhcpd_attrs array size Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* wireguard: bump to 0.0.20180904Jason A. Donenfeld2018-09-051-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Kconfig: use new-style help marker * global: run through clang-format * uapi: reformat * global: satisfy check_patch.pl errors * global: prefer sizeof(*pointer) when possible * global: always find OOM unlikely Tons of style cleanups. * crypto: use unaligned helpers We now avoid unaligned accesses for generic users of the crypto API. * crypto: import zinc More style cleanups and a rearrangement of the crypto routines to fit how this is going to work upstream. This required some fairly big changes to our build system, so there may be some build errors we'll have to address in subsequent snapshots. * compat: rng_is_initialized made it into 4.19 We therefore don't need it in the compat layer anymore. * curve25519-hacl64: use formally verified C for comparisons The previous code had been proved in Z3, but this new code from upstream KreMLin is directly generated from the F*, which is preferable. The assembly generated is identical. * curve25519-x86_64: let the compiler decide when/how to load constants Small performance boost. * curve25519-arm: reformat * curve25519-arm: cleanups from lkml * curve25519-arm: add spaces after commas * curve25519-arm: use ordinary prolog and epilogue * curve25519-arm: do not waste 32 bytes of stack * curve25519-arm: prefix immediates with # This incorporates ASM nits from upstream review. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* hostapd: fix build of wpa-supplicant-p2pAlexander Couzens2018-09-031-0/+1
| | | | | | | VARIANT:= got removed by accident. Fixes: 3838b16943c6 ("hostapd: fix conflicts hell") Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* iproute2: update cake man pageKevin Darbyshire-Bryant2018-08-312-3/+81
| | | | | | | | | | | CAKE supports overriding of its internal classification of packets through the tc filter mechanism. Update the man page in our package, even though we don't build them. Someone may find the documentation useful. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (cherry picked from commit 30598a05385b0ac2380dd4f30037a9f9d0318cf2)
* ppp: remove hardcoded lcp-echo-failure, lcp-echo-interval valuesJo-Philipp Wich2018-08-302-2/+2
| | | | | | | | | | | | | | | | | | | | | | OpenWrt used to ship hardcoded defaults for lcp-echo-failure and lcp-echo-interval in the non-uci /etc/ppp/options file. These values break uci support for *disabling* LCP echos through the use of "option keepalive 0" as either omitting the keepalive option or setting it to 0 will result in no lcp-echo-* flags getting passed to the pppd cmdline, causing the pppd process to revert to the defaults in /etc/ppp/options. Address this issue by letting the uci "keepalive" option default to the former hardcoded values "5, 1" and by removing the fixed lcp-echo-failure and lcp-echo-interval settings from the /etc/ppp/options files. Ref: https://github.com/openwrt/luci/issues/2112 Ref: https://dev.archive.openwrt.org/ticket/2373.html Ref: https://bugs.openwrt.org/index.php?do=details&task_id=854 Ref: https://bugs.openwrt.org/index.php?do=details&task_id=1259 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uqmi: wait for the control device tooThomas Equeter2018-08-291-2/+2
| | | | | | | | | | | | | | | | The control device /dev/cdc-wdm0 is not available immediately on the D-Link DWR-921 Rev.C3, therefore the wwan interface fails to start at boot with a "The specified control device does not exist" error. This patch alters /lib/netifd/proto/qmi.sh to wait for network.wwan.delay earlier, before checking for the control device, instead of just before interacting with the modem. One still has to use network.wwan.proto='qmi', as the "wwan" proto performs that sort of check before any delay is possible, failing with a "No valid device was found" error. Signed-off-by: Thomas Equeter <tequeter@users.noreply.github.com>
* comgt: increase timeout on runcommandsGiuseppe Lippolis2018-08-291-1/+1
| | | | | | | | | Some combination of modem/wireless operator requires more time to execute the commands. Tested on DWR-512 embedded wwan modem and italian operator iliad (new virtual operator). Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
* ethtool: Update to 4.18Robert Marko2018-08-281-2/+2
| | | | | | | | | | | Tested on 8devices Jalapeno(ipq40xx) Introduces following changes: Feature: Add support for WAKE_FILTER (WoL using filters) Feature: Add support for action value -2 (wake-up filter) Fix: document WoL filters option also in help message Feature: ixgbe dump strings for security registers Signed-off-by: Robert Marko <robimarko@gmail.com>
* iproute2: update to 4.18.0Hans Dedecker2018-08-252-40/+3
| | | | | | | | Update to the latest version of iproute2; see https://lwn.net/Articles/762515/ for a full overview of the changes in 4.18. Remove upstream patch 001-rdma-sync-some-IP-headers-with-glibc Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dropbear: backport upstream fix for CVE-2018-15599Hans Dedecker2018-08-243-3/+224
| | | | | | | | | | CVE description : The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* uhttpd: support multiple Lua prefixesJo-Philipp Wich2018-08-233-21/+32
| | | | | | | | | | | | | | | | | | | Update to latest git HEAD in order to support configuring multiple concurrent Lua prefixes in a single uhttpd instance: b741dec lua: support multiple Lua prefixes Additionally rework the init script and update the default configuration example to treat the lua_prefix option as key=value uci list, similar to the interpreter extension mapping. Support for the old "option lua_prefix" plus "option lua_handler" notation is still present. Finally drop the sed postinstall hack in uhttpd-mod-lua to avoid mangling files belonging to other packages. Since Lua prefixes have precedence over CGI prefixes, simply register `/cgi-bin/luci` as Lua handler which will only become active if both luci-base and uhttpd-mod-lua is installed. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* samba36: Enable umdnsd supportRosen Penev2018-08-222-1/+2
| | | | | | | | | | Allows discovery without having to use NetBIOS. Useful for mobile devices. Could eventually throw nbmd away. But that requires Windows 10... Tested on Fedora 28 with avahi-discover. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* iptables: make iptables-mod-conntrack-extra depend on kmod-ipt-rawJo-Philipp Wich2018-08-221-2/+2
| | | | | | | Since kernel 4.14 there is no auto assignment of conntrack helpers anymore so fw3 needs raw table support in order to stage ct helper assignment rules. Signed-off-by: Jo-Philipp Wich <jo@mein.io>