| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
| |
- Update to upstream 2.32
- License file 'getopt/COPYING' not present (any more)
- Disable 'chown root:root'-commands during 'make install'
- Add new dependency to wipefs
- Refresh patch 003
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop providing the virtual package ip by busybox which was added in commit
1cec4d4ef0.
Letting busybox provide the virtual package ip is not optimal for the
following reasons :
- Applications depending on ip expect either the ip-full or
ip-tiny package to be enabled.
- Busybox ip applet cannot be added or removed at runtime
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
| |
Adds tool to extract MAC and pre-calibration data required for JBOOT
based D-Link routers.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
|
|
|
|
|
|
| |
Create the correct bin directory before staging the host utilities.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
| |
This callback should have one parameter less, this parameter is not used
so this was not a so big problem.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libext2fs breaks krb5 by always installing its own copies of libcom_err.so
and libss.so.
Move the libraries into separate libcomerr and libss packages respectively
and add a host build recipe to stage the required compile_et and mk_cmds
utilities for use by other packages.
This allows the krb5 package to be fixed to use the system wide libcomerr
and libss libraries.
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
[rename libcom_err to libcomerr, make compile_et and mk_cmds relocatable,
cleanup makefile, add dependency on host build, reword commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
| |
c7e938d implement POSIX regexp support
cd6629f lexer: fix encoding 7 bit escape sequences
8614470 main: implement array mode
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
| |
busybox tries to be smart and passes a number of additional flags to the
compiler. Unfortunately, the i386-specific flags break ABI compatiblity
with libc.
Fixes busybox crashes observed on x86-generic with GCC 7.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
|
|
|
| |
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
|
|
|
|
|
|
| |
lscpu is used by lxc-debian template.
Signed-off-by: Tomasz Moń <desowin@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce a configuration option to build a "hardened" OpenWrt with
ASLR PIE support.
Add new option PKG_ASLR_PIE to enable Address Space Layout Randomization (ASLR)
by building Position Independent Executables (PIE). This new option protects
against "return-to-text" attacks.
Busybox need a special care, link is done with ld, not gcc, leading to
unknown flags. Set BUSYBOX_DEFAULT_PIE instead and disable PKG_ASLR_PIE.
If other failing packages were found, PKG_ASLR_PIE:=0 should be added to
their Makefiles.
Original Work by: Yongkui Han <yonhan@cisco.com>
Signed-off-by: Julien Dusser <julien.dusser@free.fr>
|
|
|
|
|
|
| |
This PR adds optional fstrim support
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
|
|
|
|
|
|
| |
Remove LEDE_GIT references in favor to the new name-agnostic
PROJECT_GIT variable.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
| |
Refresh patches to tidy up fuzz. No functional changes
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
|
|
|
|
|
| |
Refresh patches to tidy up fuzz. No functional changes
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
| |
This is needed for procd init script protection to work.
flock adds 4248 bytes to stripped busybox binary.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2,
the tab autocomplete feature of the shell, used to get a list of filenames
in a directory, does not sanitize filenames and results in executing any
escape sequence in the terminal. This could potentially result in code
execution, arbitrary file writes, or other attacks.
Fixes: FS#1181 - CVE-2017-16544:
Backport the patch from:
https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8
https://nvd.nist.gov/vuln/detail/CVE-2017-16544
Signed-off-by: Derek Werthmuller <thewerthfam@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unconditionally pass TARGET_CPPFLAGS (not passed at all before) and
TARGET_LDFLAGS (passed only in certain non-default configuration before the
Makefile streamlining). Without these flags, hardening options
(PKG_FORTIFY_SOURCE and PKG_RELRO) were not actually applied to busybox.
The addition of these flags increases the size of the stripped busybox
binary by about 6KB (~4KB with fortify headers, ~2KB with "-znow -zrelro")
with the default hardening options PKG_FORTIFY_SOURCE_1 and PKG_RELRO_FULL.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
|
|
|
|
|
|
| |
Use default Build/Install steps where possible. No binary change in default
configuration, so PKG_RELEASE is not incremented.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
|
|
|
|
|
|
|
| |
f40f84c support PantechMode
d8dc335 support Quanta and Blackberry modes
333e486 fix support for Option modems
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
|
|
| |
on binary
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
|
|
|
|
|
|
| |
Compiled and tested on ramips with no noticeable problems.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
|
|
|
|
|
|
| |
Fixes d1ba483472 merge: busybox: update CONFIG_NSLOOKUP in busybox config.
Fixes FS#1212.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
| |
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
|
|
|
|
| |
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
|
|
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
|
|
|
|
|
| |
A "free" call was missing after allocating a buffer.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
| |
Usually this function is called for appending some small files only
(like fs marks) but let's just make it more generic and capable of
handling bigger files easily. Increasing buffer to 1 KiB shouldn't hurt.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
| |
It was there in case of adding some "create" command options that should
be parsed before actually creating the output image. It seems we don't
need any at this point so let's drop this function for now.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
|
| |
CPE ids helps to tracks CVE in packages.
https://cpe.mitre.org/specification/
Thanks to swalker for CPE to package mapping and
keep tracking CVEs.
Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
|
|
|
|
|
|
|
| |
This seems to match what the original trx tool and mjn3's replacement
do.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
| |
The value of nvram_tuple_t is allocated in _nvram_realloc,
but it is not freed in _nvram_free.
Signed-off-by: Zhai Zhaoxuan <zhaizhaoxuan@xiaomi.com>
|
|
|
|
|
|
| |
They are inspired and compatible with the original and mjn3's trx tool.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
| |
There is no need to allocate buffer as big as the whole image in order
to calculate CRC32. It's enough to use small buffer and just read file
content block by block.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
| |
This requires changing this helper to accept initial/current CRC32
value as argument but it allows dropping duplicated (complex?) code
calculating the CRC32.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Matt Mets <matt@blinkinlabs.com>
|
|
|
|
|
|
|
| |
Ensure that path defines are passed quoted to the compiler in order
to avoid cpp syntax errors.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The init script generated something like "DEVICE=/dev/sda" when it should
have been generating "DEVICE /dev/sda". mdadm errors on this. Patch by jow.
Also changed the default sendmail path to /usr/sbin/sendmail. No package
in LEDE provides /sbin/sendmail. msmtp provides /usr/sbin/sendmail so use
that.
Also add a patch to fix file paths for mdadm runtime files. mdadm currently
errors on them since /run is missing. Once /run is added to stock LEDE, this
patch can be removed.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[rewrap commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
| |
Let busybox provide "ip" as it supports the ip applets link, address,
route, rule and neighbor
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
| |
Update f2fs-tools to 1.9.0
Remove patch as its been committed upstream
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
|
|
|
|
| |
Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
|
|
|
|
|
|
|
|
|
|
|
| |
getrandom blocks until the random pool is being initialized.
Unfortunately, this code is being called early during init to create the
overlay filesystem, on some devices leaving little chance for a
successful random pool init.
True randomness is not that important here, so fix this issue by
sticking to using /dev/urandom, like in older versions of this code.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update e2fsprogs to 1.43.6
Disable compilation of fuse2fs (we don't package it)
Disable thread support (only affects fuse2fs)
Enable linking with libblkid instead of using private (included) version.
The libblkid is ~210KBytes in size, but with using the shared library
the binaries are ~25KBytes smaller. This also brings it in sync with
most other Linux distributions.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches, delete patches backported from upstream.
This fixes ntpd sync issues (ntpd would not sync if the first provided
peer address was unreachable).
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
|
|
|
| |
busybox currently installs passwd into /usr/bin which prevents its
'full' shadow-utils variant from being installed.
Move the passwd applet to /bin to avoid that collision.
shadow also provides /usr/bin/login which doesn't collide with busybox
as the busybox login applet is installed at /bin/login.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
|
|
| |
busybox currently installs traceroute and traceroute6 into /usr/bin
which prevents their 'full' iputils variants from being installed.
Move those applets to /bin so they can coexist with their iputils
siblings using the same PATH convention already applied for coreutils
and other drop-in 'full' versions.
Refresh existing patch while at it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
| |
Fixes: FS#749
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
|
|
| |
It is no longer needed since version 1.4.1.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
|
|
|
|
| |
Override the failing check in configure with CONFIGURE_VARS instead of
carrying a patch that's unlikely to be accepted by upstream.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
|