aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* base-files: fix wrong sysctl parameter orderLuiz Angelo Daros de Luca2018-12-181-1/+1
| | | | | | | | | | | | Restarting service sysctl echos multiple errors like: sysctl: -e: No such file or directory After the first filename, all remaining arguments are treated as files. Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com> (backported from 4c4288728611d334efb777b74e737e1f98e0dc1b)
* hostapd: fix conflicts hellMathias Kresin2018-12-181-95/+47
| | | | | | | | | | | | | | Add each variant to the matching PROVIDERS variables after evaluating the respective hostapd*, wpad* and wpa* variant. Each package providing the same feature will automatically conflict with all prior packages providing the same feature. This way we can handle the conflicts automatically without introducing recursive dependencies. Signed-off-by: Mathias Kresin <dev@kresin.me> (backported from 3838b16943c6021e3ff06d5733df890408ad7158)
* hostapd: cleanup package definitionMathias Kresin2018-12-181-46/+48
| | | | | | | | | | | | | Move common variables and/or values to the package (variant) default. Add additional values in variant packages if necessary. Remove further duplicates by introducing new templates. Remove the ANY_[HOSTAPD|SUPPLICANT_PROVIDERS]_PROVIDERS. The are the same as the variables without the any prefix. No need to maintain both variables. Signed-off-by: Mathias Kresin <dev@kresin.me> (backported from 8af8ceb1c8558a6f25c50cb68b87a3a3425f3417)
* openvpn: increase procd termination timeout to 15sJo-Philipp Wich2018-12-182-1/+2
| | | | | | | | | | Increase the termination timeout to 15s to let OpenVPN properly tear down its connections, especially when weak links or complex down scripts are involved. Fixes FS#859. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from 28d3a1b54b6726a0a93477d75d09a25f74ee361f)
* librpc: add host build to install h files needed for nfs-kernel-server to ↵Peter Wagner2018-12-181-0/+9
| | | | | | | get compiled Signed-off-by: Peter Wagner <tripolar@gmx.at> (backported from d8d2133c35c9c9b410e16cdebe878acd0da6382f)
* ebtables: update to latest git 2018-06-27Hans Dedecker2018-12-183-5/+5
| | | | | | | | | | 48cff25 build: drop install -o/-g root 53d7e7a extensions: ebt_string: take action if snprintf discards data Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (backported from afac2a2dd67502ef8bd9799f328fa2e3b39292b1) (rebased patches) Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* usbutils: Switch to Fedora usbutilsRosen Penev2018-12-181-5/+5
| | | | | | | | The Gentoo GitHub mirror went down. One benefit of Fedora's usb.ids file is that it's versioned. Signed-off-by: Rosen Penev <rosenp@gmail.com> (backported from f23271f3b4f54d1e5ddf7b85786f9a30f38409ad)
* samba36: Disable external libtdb and libteventRosen Penev2018-12-181-1/+3
| | | | | | | | This was causing issues recently as samba36 is not API compatible with the libtdb in the packages repo. It shouldn't be using it anyway. Nor tevent. Signed-off-by: Rosen Penev <rosenp@gmail.com> (backported from 1f2612a4ddbb83af0c6daf3719ab74c3b7db6590)
* swconfig: swlib_map_settings(): change return type to voidAlexander Couzens2018-12-181-1/+1
| | | | | | | | | The return value of the function isn't used anywhere. Fixes missing return value, CID 1329717. Found-by: Coverity Signed-off-by: Alexander Couzens <lynxis@fe80.eu> (backported from b06c447c5f66fd13078327bda3d885d48e2c0e42)
* swconfig: fix un-initialized return valueAlexander Couzens2018-12-181-2/+3
| | | | | | | | Fix CID 1330844 Found-by: Coverity Signed-off-by: Alexander Couzens <lynxis@fe80.eu> (backported from e37ad4e5ca2e70387656da81704ee4d4589c6d70)
* base-files: add menuconfig option for HOME_URLMathias Kresin2018-12-182-1/+7
| | | | | | | | | | | Add a menuconfig option to set the HOME_URL exposed in /usr/lib/os-release independent from the LEDE_DEVICE_MANUFACTURER_URL. Fixes: FS#1123 Signed-off-by: Mathias Kresin <dev@kresin.me> (backported from 52a9edb1bfaf51c250a33303beacba95dd1dbc05)
* netfilter: add bpf match supportAlin Nastac2018-12-182-0/+2
| | | | | | | | | | Add xt_bpf modules to {kmod-ipt,iptables-mod}-filter. Match using Linux Socket Filter. Expects a BPF program in decimal format. This is the format generated by the nfbpf_compile utility. Signed-off-by: Alin Nastac <alin.nastac@gmail.com> (backported from ab07ae2f27dd920cb7ba186d9f7ad2ccb1c980c4)
* dropbear: let opkg manage symlinks of ssh, scpYousong Zhou2018-12-181-3/+5
| | | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> (backported from c4aadbdaf69bad3fbb3ef54601a3629ba24a6e9b)
* busybox: udhcpc: replace udhcpc_no_msg_dontroute patch by upstream fixHans Dedecker2018-12-181-1/+1
| | | | | | | | | Replace 204-udhcpc_no_msg_dontroute patch by the upstream busybox fix which removes the code which requires the server ID to be on local network Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (backported from c6e50075f245b076b57f3f87b5401764a2e11b92)
* busybox: update to 1.28.4Magnus Kroken2018-12-181-3/+3
| | | | | Signed-off-by: Magnus Kroken <mkroken@gmail.com> (backported from ccc728a0e2a7c9717d3d1bcc59f0462e9dbed01e)
* nftables: bump to version 0.9.0Rosy Song2018-12-181-2/+2
| | | | | Signed-off-by: Rosy Song <rosysong@rosinson.com> (backported from 1ee98fdef3d6d71c1b0b3b120a9e24ac4b93c94f)
* libnftnl: bump to version 1.1.1Rosy Song2018-12-181-2/+2
| | | | | Signed-off-by: Rosy Song <rosysong@rosinson.com> (backported from 9d6a0352e7af9aef95f4d983e39516b76e7fc8ba)
* base-files: exit if mtd write command fails during sysupgradeRafał Miłecki2018-12-181-0/+1
| | | | | | | | | | | It avoids confusing situations like: > Could not get image magic > Image check failed. > Upgrade completed > Rebooting system... Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (backported from 5b2e20807d2b38de1cc4185d15bb4320b8bd743a)
* hostapd: make cli treat UNKNOWN COMMAND as failingDenton Gentry2018-12-181-0/+11
| | | | | | | | | | | | | | Avoid infinite loop at 100% CPU when running hostapd_cli if CONFIG_CTRL_IFACE_MIB is not defined. _newselect(4, [3], NULL, NULL, ...) recvfrom(3, "UNKNOWN COMMAND\n", 4095, 0, NULL, NULL) = 16 sendto(3, "STA-NEXT UNKNOWN COMMAND", 24, 0, NULL, 0) = 24 Signed-off-by: Denton Gentry <denny@geekhold.com> (backported from a84962ea35e4e97f1c4a42f2eac0242cc2cbd879) (rebased patches) Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ebtables: update to latest git 2018-06-06Hans Dedecker2018-12-181-3/+3
| | | | | | | | 5699354 extensions: fix build failure on fc28 e6359ee build: update ebtables.h from kernel and drop local unused copy Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (backported from 1bbe813db0bb8dc65b8ed7740cf7f35a81b8ba0e)
* netifd: drop conflicting 'device' interface propertyIvan Shapovalov2018-12-183-5/+1
| | | | | | | | | | | Do not set device runtime property on interfaces in the hotplug handler and in fixup_interfaces(). This property conflicts with device option in several proto handlers (mainly QMI and other WWAN/3G protos) and does not seem to be used anywhere. Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase] (backported from 91b5b2e20d531584918c62a6c6cd046f0580f50a)
* nettle: bump to 3.4Kevin Darbyshire-Bryant2018-12-181-2/+2
| | | | | | | | | | | | 3.4 is mainly a bug fix/maintenance release. 3KB increase in ipk lib size on mips. Compile tested for: ar71xx, ramips Run tested on: ar71xx Archer C7 v2, ramips mir3g Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (backported from 1ee5051f202f600d854bcf939ba4ee37f057ace2)
* ca-certificates: ca-bundle: add symlink for openssl default settingYousong Zhou2018-12-181-0/+2
| | | | | | | | | | | OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem. This change is needed for wget-ssl and possibly others to work seamlessly with fresh ca-bundle installation Fixes openwrt/packages#6152 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> (backported from 191078e83d127f5ed9a38366d2edaac49f9333c5)
* curl: Add ca-bundle dependencyRosen Penev2018-12-181-1/+1
| | | | | | | | | While building, curl complains that the path specified is missing. Also, without ca-bundle, something like 'curl https://www.google.com' does not work due to a certificate verify error. Signed-off-by: Rosen Penev <rosenp@gmail.com> (backported from 7a20c7a05d52f9bb3c82742098457bfbed869a8a)
* curl: Use ca-bundle for all TLS libraries.Rosen Penev2018-12-181-4/+6
| | | | | | | | | | | | | | | | | It simplifies the Makefile a bit. In addition, using ca-bundle saves some space as well. It also fixes an issue with at least transmission, which has a dependency on ca-bundle, but currently libcurl with OpenSSL or GnuTLS cause it not to work. This has been tested on mt7621 with OpenSSL and GnuTLS just by running 'curl https://www.google.com' and seeing if there's a verify error. The rest are already using ca-bundle and therefore work fine. Signed-off-by: Rosen Penev <rosenp@gmail.com> Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (backported from f97946c49680a5fe713d0e2caaf072789f70e68d)
* ath10k-firmware: Fix QCA6174 supportRosen Penev2018-12-181-2/+14
| | | | | | | | | | | | | | | | | | | Currently when installing the firmware, a bunch of files and directories that the ath10k driver does not look for are created. The package now installs firmware for both hw 2.1 and 3.0 devices. 2.1 is abandonware but may be useful to keep. 3.0 firmware was tested on a Killer 1535 to be relatively stable with 802.11w disabled. 802.11w causes multiple firmware crashes but that's true of other ath10k firmwares as well. Signed-off-by: Rosen Penev <rosenp@gmail.com> (backported and squashed from 27eab4fa578d696ab55b6264a1b35fad6488b664, d0fbe1956b3b9f07b6dcb54a8ed43a4904581e1d, e191c7ee797c8b3458eb9791212a56b16febeeb4) Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* hostapd: properly build hostapd-only SSL variantsDaniel Golle2018-12-181-11/+11
| | | | | | | | Make sure hostapd-openssl is actually build against OpenSSL, same for wolfSSL. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (backported from 987900f2de76e6d292e55aa068c39b03f79c8812)
* hostapd: update packaging and patchesDaniel Golle2018-12-1834-445/+366
| | | | | | | | | | | | | Clean up conflicts/provides/depends hell and add PROVIDES for eapol-test variants while at it. Update mesh-DFS patchset from Peter Oh to v5 (with local fixes) which allows to drop two revert-patches for upstream commits which previously were necessary to un-break mesh-DFS support. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (backported from 78f1974bc565d7544589a49ad8efd92c4ddec5b3) (rebased patches) Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* hostapd: convert ssl provider build options to variantsDaniel Golle2018-12-182-85/+285
| | | | | | | | | | | | Instead of selecting the SSL provider at compile time, build package variants for each option so users can select the binary package without having to build it themselves. Most likely not all variants have actually ever been user by anyone. We should reduce the selection to the reasonable and most used combinations at some point in future. For now, build them all. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (backported from c8fdd0e9c843dd483f6677dc41f7df17313aa3cd)
* hostapd: update to git HEAD of 2018-05-21, allow build against wolfsslDaniel Golle2018-12-1841-325/+627
| | | | | | | | | | Support for building wpa_supplicant/hostapd against wolfssl has been added upstream recently, add build option to allow users using it. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (backported from 69f544937f8498e856690f9809a016f0d7f5f68b) (rebased patches) Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ustream-ssl: fix build against wolfSSLDaniel Golle2018-12-181-3/+3
| | | | | | | | | | | | | commit 39a6ce205d (ustream-ssl: Enable ECDHE with OpenSSL.) broke build against wolfSSL because wolfSSL doesn't (yet) support SSL_CTX_set_ecdh_auto() of the OpenSSL API. Fix this in ustream-ssl: 189cd38b41 don't use SSL_CTX_set_ecdh_auto with wolfSSL Signed-off-by: Daniel Golle <daniel@makrotopia.org> (backported from 4f442f5f383837efcfb345033169178f74f63440)
* wolfssl: change defaults to cover wpa_supplicant needsDaniel Golle2018-12-182-10/+10
| | | | | | | | | | | | | | Implicetely selecting the required options via Kconfig snippet from hostapd worked fine in local builds when using menuconfig but confused the buildbots which (in phase1) may build wpad-mini and hence already come with CONFIG_WPA_WOLFSSL being defined as unset which then won't trigger changing the defaults of wolfssl. Work around by explicitely reflecting wpa_supplicant's needs in wolfssl's default settings to make buildbots happy. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (backported from dad39249fb91d6f320256ac12944863f09bb2dc9)
* wolfssl: add PKG_CONFIG_DEPENDS symbolsDaniel Golle2018-12-181-1/+10
| | | | | | | | | This change will trigger rebuild on buildbots in case of changed config symbols, like in the case of hostapd selecting some wolfssl symbols lately. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (backported from 5857088c5eb3a5a2409e3c57dbfa2487e08bbf4a)
* wolfssl: update to version 3.14.4Daniel Golle2018-12-183-149/+6
| | | | | | | | | Use download from github archive corresponding to v3.14.4 tag because the project's website apparently only offers 3.14.0-stable release downloads. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (backported from 4f67c1522d92bc4512c3ecf58c38ff9886530b48)
* package sysfsutils: add support for sysfs settings at bootRodolfo Giometti2018-12-184-0/+83
| | | | | | | This patch is based on sysfsutils package's behaviour on Debian OS. Signed-off-by: Rodolfo Giometti <giometti@linux.it> (backported from 2437e0f67050cad79cc1778b18cefd8d3cd86d07)
* kernel: merge kmod-fbcon with kmod-fbTomasz Maciej Nowak2018-12-181-36/+14
| | | | | | | | | | | | | | As of commit in kernel: 6104c37094 fbcon: Make fbcon a built-time depency for fbdev framebuffer console is build in into framebuffer module and there's no standalone fbcon module. Therefore drop the kmod-fbcon and enable console in kmod-fb. The only targets which use these modules are imx6 and geode, both are on kernel 4.14 so no fallback for other kernels is introduced. Being at that this commit also fixes autoload of fbdev for x86. Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl> (backported from 9c0ddafd4663948fe5c6f3f4a7a7601fdbb36737)
* ath10k-firmware: Fix mirror hash sumHauke Mehrtens2018-12-181-1/+1
| | | | | | | | | This now matches what was generated locally on my PC and the file on the mirror server. Fixes: 349fe46103359 ("ath10k-firmware: Update QCA988X firmware to the latest version") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (backported from 56a03e434386ccd1359d5c995a5a3c0fcc44f6af)
* ath10k-firmware: Update QCA988X firmware to the latest versionTimo Sigurdsson2018-12-181-4/+4
| | | | | | | | | | | This patch updates the QCA988X firmware to the latest revision firmware-5.bin_10.2.4-1.0-00037 found in the ath10k-firmware and linux-firmware repositories. Tested on TP-Link Archer C7 v2 (ar71xx). Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de> (backported from 349fe46103359682692e6b175d22f8c05ff75f74)
* nftables: bump to 0.8.5 versionRosy Song2018-12-188-1594/+8
| | | | | Signed-off-by: Rosy Song <rosysong@rosinson.com> (backported from 39e87e0ffc4eabf27d25459a369be425e9ef0474)
* libnftnl: bump to 1.1.0Rosy Song2018-12-183-1706/+3
| | | | | Signed-off-by: Rosy Song <rosysong@rosinson.com> (backported from c7e9d72f056a190fe14b1ebc3f07e726121e2965)
* ebtables: update to latest git 2018-05-15Hans Dedecker2018-12-183-5/+16
| | | | | | | | | | | 66a9701 ebtables: Fix build errors and warnings 9fff3d5 include: Fix musl libc compatibility b1cdae8 extensions: Add string filter to ebtables Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (backported from ac70ac3532fefa78c944d8a26c8df0ca5d88d04e) (rebased patches) Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* openvpn: re-add option comp_lzoMartin Schiller2018-12-122-1/+2
| | | | | | | | | | | This option is deprecated but needs to be kept for backward compatibility. [0] [0] https://community.openvpn.net/openvpn/wiki/DeprecatedOptions#a--comp-lzo Signed-off-by: Martin Schiller <ms@dev.tdt.de> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase] (cherry picked from commit 3850b41f01925a7eddc24033ed155503c1ad2112)
* rpcd: update to latest Git headJo-Philipp Wich2018-12-123-4/+10
| | | | | | | | | | | | | | | | | 3aa81d0 file: access exec timeout via daemon ops structure 7235f34 plugin: store pointer to exec timeout value in the ops structure ccd7c0a treewide: rename exec_timeout to rpc_exec_timeout c79ef22 main: fix logic bug when not specifying a timeout option 2cc4b99 file: use global exec timeout instead of own hardcoded limit ecd1660 exec: increase maximum execution time to 120s Also expose the socket and timeout options in /etc/config/rpcd for easier use. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commits 41055551151e12abf8efe710efa4dc025a7b7b6a, 952b11766cd83898cf8f9626b75141eac6d4ad1a and e533fb17061027dca2cc60a9555fc2edb9e832eb)
* base-files: fix prerm return value, align with postinst codeTony Ambardar2018-11-291-5/+10
| | | | | | | | | | | | | | | | The return value of a package prerm script is discarded and not returned correctly by default_prerm(). This allows other operations like service shutdown to "leak" their return value, prompting workarounds like commit 48cfc826 which do not address the root cause. Preserve a package prerm script return value for use by default_prerm(), sharing the corresponding code from default_postinst() for consistency. Also use consistent code for handling of /etc/init.d/ scripts. Run Tested on: LEDE 17.01.4 running ar71xx. Signed-off-by: Tony Ambardar <itugrok@yahoo.com> (cherry picked from commit 8806da86f5da3b1b1e4d24259d168e2219c01a26)
* uhttpd: update to latest Git headJo-Philipp Wich2018-11-281-3/+3
| | | | | | | | | | | cdfc902 cgi: escape url in 403 error output 0bba1ce uhttpd: fix building without TLS and Lua support 2ed3341 help: document -A option fa5fd45 file: fix CPP syntax error 77b774b build: avoid redefining _DEFAULT_SOURCE Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 56378bc12da1aa4f9434bd1119ec770096d92cac)
* uhttpd: support multiple Lua prefixesJo-Philipp Wich2018-11-283-21/+32
| | | | | | | | | | | | | | | | | | | | Update to latest git HEAD in order to support configuring multiple concurrent Lua prefixes in a single uhttpd instance: b741dec lua: support multiple Lua prefixes Additionally rework the init script and update the default configuration example to treat the lua_prefix option as key=value uci list, similar to the interpreter extension mapping. Support for the old "option lua_prefix" plus "option lua_handler" notation is still present. Finally drop the sed postinstall hack in uhttpd-mod-lua to avoid mangling files belonging to other packages. Since Lua prefixes have precedence over CGI prefixes, simply register `/cgi-bin/luci` as Lua handler which will only become active if both luci-base and uhttpd-mod-lua is installed. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 214146c6f298e593695c29b8c04a418dac914040)
* uhttpd: update to latest Git headJo-Philipp Wich2018-11-281-3/+3
| | | | | | | | 952bf9d build: use _DEFAULT_SOURCE 30a18cb uhttpd: recognize PATCH, PUT and DELETE HTTP methods Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 22681cdef21be45d4d2c3e21939209ea618b66e4)
* uclient: update to latest Git headJo-Philipp Wich2018-11-241-3/+3
| | | | | | | 3ba74eb uclient-http: properly handle HTTP redirects via proxy connections Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 0bd99db5118665bbe17f84427238c322af3deaae)
* base-files: fix unkillable processes after restartLinus Kardell2018-11-221-0/+1
| | | | | | | | | | | | | | | | When restart is run on an init script, the script traps SIGTERM. This is done as a workaround for scripts named the same name as the program they start. In that case, the init script process will have the same name as the program process, and so when the init script runs killall, it will kill itself. So SIGTERM is trapped to make the init script unkillable. However, the trap is retained when the init script runs start, and thus processes started by restart will not respond to SIGTERM, and will thus be unkillable unless you use SIGKILL. This fixes that by removing the trap before running start. Signed-off-by: Linus Kardell <linus@telliq.com> (cherry picked from commit 2ac1a57677ce4e21513dca2a8efab1eb6e0a9c58)
* mac80211: fix spurious disconnections with powersave clientsFelix Fietkau2018-11-131-0/+26
| | | | | | Affects all drivers using ieee80211_tx_status_noskb, e.g. ath9k and mt76 Signed-off-by: Felix Fietkau <nbd@nbd.name>