aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* opkg: bump to version 2017-12-07Rafał Miłecki2017-12-071-3/+3
| | | | | | | | | | | | | Changes: 3b417b9 opkg_download: decode file:/ URLs 71c27cb file_util: implement urldecode_path() d1fe095 file_util: consolidate hex/unhex routines ebdfc12 add opkg option http_timeout 9f003e3 opkg: encode archive filenames while constructing download URLs 73e6c81 file_util: implement urlencode_path() helper 468158f libopkg: fix SHA256 calculation for big endian system Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* rpcd: update to version from 2017-12-07Daniel Golle2017-12-071-3/+3
| | | | | | | cfe1e75c91bc1 sys: packagelist: allow listing all packages 74a784f037867 sys: fix passwd path Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* dnsmasq: write atomic host fileHans Dedecker2017-12-072-4/+6
| | | | | | | | | | | Different invocations of the dnsmasq init script (e.g. at startup by procd) will rewrite the dhcp host file which might result into dnsmasq reading an empty dhcp host file as it is being rewritten by the dnsmasq init script. Let the dnsmasq init script first write to a temp dhcp host file so it does not overwrite the contents of the existing dhcp host file. Reported-by: Hartmut Birr <e9hack@gmail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* strace: Update to 4.20Rosen Penev2017-12-071-3/+2
| | | | | | | Compiled and tested on mvebu. Mainly a kernel 4.14 change. Also reordered the Makefile a little bit. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* hostapd: backport fix for wnm_sleep_mode=0Timo Sigurdsson2017-12-072-1/+36
| | | | | | | | | | | | | wpa_disable_eapol_key_retries can't prevent attacks against the Wireless Network Management (WNM) Sleep Mode handshake. Currently, hostapd processes WNM Sleep Mode requests from clients regardless of the setting wnm_sleep_mode. Backport Jouni Malinen's upstream patch 114f2830 in order to ignore such requests by clients when wnm_sleep_mode is disabled (which is the default). Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de> [rewrite commit subject (<= 50 characters), bump PKG_RELEASE] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* hostapd: Expose the tdls_prohibit option to UCITimo Sigurdsson2017-12-071-1/+6
| | | | | | | | | | | | | | | | wpa_disable_eapol_key_retries can't prevent attacks against the Tunneled Direct-Link Setup (TDLS) handshake. Jouni Malinen suggested that the existing hostapd option tdls_prohibit can be used to further complicate this possibility at the AP side. tdls_prohibit=1 makes hostapd advertise that use of TDLS is not allowed in the BSS. Note: If an attacker manages to lure both TDLS peers into a fake AP, hiding the tdls_prohibit advertisement from them, it might be possible to bypass this protection. Make this option configurable via UCI, but disabled by default. Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
* iproute2: align ip help text for tiny variantHans Dedecker2017-12-061-1/+18
| | | | | | | | Tiny variant supports a subset of the ip commands; align the ip help text so it actually reflects which commands are supported in the tiny variant. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* iproute2: update to v4.14.1Russell Senior2017-12-0610-66/+64
| | | | | | | Preserves optionality of libmnl by letting configuration script follow the HAVE_MNL environment variable. Signed-off-by: Russell Senior <russell@personaltelco.net>
* odhcpd: update to latest git HEADHans Dedecker2017-12-061-4/+4
| | | | | | c516801 dhcpv4: notify DHCP ACK and RELEASE via ubus Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dnsmasq: backport infinite dns retries fixHans Dedecker2017-12-063-3/+48
| | | | | | | | | | If all configured dns servers return refused in response to a query in strict mode; dnsmasq will end up in an infinite loop retransmitting the dns query resulting into high CPU load. Problem is fixed by checking for the end of a dns server list iteration in strict mode. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* samba36: backport an upstream fix for an information leak (CVE-2017-15275)Felix Fietkau2017-12-042-1/+41
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mt76: update to the latest version, adds stability fixesFelix Fietkau2017-12-031-3/+3
| | | | | | | | | | | | | | | | | | | | | 11f42a8 mt76x2: add channel argument to eeprom tx power functions 3bd7e76 mt76x2: initialize channel power limits 19fff41 mt76x2: convert between per-chain tx power and combined output 737cf2b mt7603: rename mt7603_mac_reset to mt7603_pse_reset 8026638 mt7603: rename MT_PSE_RESET register c4dd32a mt7603: remove watchdog reset on interface stop d99092b mt7603: remove WARN_ON_ONCE for workaround checks c8807b4 mt7603: simplify PSE reset d8a5990 mt7603: warn if PSE reset fails c079960 mt7603: clean up dma debug reads 96817d6 mt7603: make mt7603_mac_watchdog_reset() static e953c78 mt7603: clear wtbl PS bit for powersave responses 57a2e33 mt7603: set tx-skip flag for powersave clients c8e5ab1 mt7603: initialize wtbl ps flag on station add b4034cf mt76x2: remove some harmless WARN_ONs in tx status and rx path 8e17d36 mt7603: remove some harmless WARN_ONs in rx path Signed-off-by: Felix Fietkau <nbd@nbd.name>
* layerscape: rename firmware packages to avoid name collisionsTed Hess2017-12-025-16/+16
| | | | | | | | | | layerscape firmware package names collide with existing package contributions. Ex: layerscape mc and midnight-commander(mc) are in conflict. Firmware packages: mc, ppa, rcw and dpl are renamed to ls-mc, ls-ppa, ls-rcw and ls-dpl respectively. Signed-off-by: Ted Hess <thess@kitschensync.net>
* packages: dnsmasq: remove unused stamp fileRoman Yeryomin2017-12-022-5/+1
| | | | | Signed-off-by: Roman Yeryomin <roman@advem.lv> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* curl: bump to 7.57.0 (3 CVEs)Hans Dedecker2017-11-302-4/+4
| | | | | | | | | | CVE-2017-8816: NTLM buffer overflow via integer overflow CVE-2017-8817: FTP wildcard out of bounds read CVE-2017-8818: SSL out of buffer access For other bugfixes and changes in 7.57.0 see https://curl.haxx.se/changes.html Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ltq-ifxos: fix compilation against glibcYousong Zhou2017-11-302-3/+60
| | | | | | Fixes FS#1196 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* dnsmasq: add interface to ubus notificationBorja Salazar2017-11-291-5/+7
| | | | Signed-off-by: Borja Salazar <borja.salazar@fon.com>
* mt76: update to the latest version, fixes encrypted mesh support and HT20 issuesFelix Fietkau2017-11-291-3/+3
| | | | | | | | | fc28872 mac80211: add missing include a4c82ca mt7603: add missing include required on newer kernels 792859b mt76x2: fix transmission of encrypted management frames a51358e mt76x2: increase OFDM SIFS time Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: tweak TSQ settingsFelix Fietkau2017-11-292-1/+16
| | | | | | | | | | Latencies can be much higher on wifi devices, especially with aggregation. Tune the network stack setting introduced in the previous commit to account for that. This commit reintroduces the previously reverted one with a fix for the crash issues Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dnsmasq: fix dhcp-host entries with empty macsJo-Philipp Wich2017-11-281-3/+1
| | | | | | | | | | | | | | Due to improper localization of helper variables, "config host" entries without a given mac address may inherit the mac address of a preceeding, leading to invalid generated netive configuration. Fix the issue by marking the "macs" and "tags" helper variables in dhcp_host_add() local, avoiding the need for explicitely resetting them with each invocation. Reported-by: Russell Senior <russell@personaltelco.net> Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* Revert "mac80211: tweak TSQ settings"Felix Fietkau2017-11-282-15/+1
| | | | | | | | This reverts commit 2dc485250d516f1535eeaf53f0f2f5742e5f9e0c. This patch needs some additional checks in order to avoid overwriting unrelated fields for request sockets. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* wireguard: bump to snapshot 20171127Kevin Darbyshire-Bryant2017-11-271-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | == Changes == * compat: support timespec64 on old kernels * compat: support AVX512BW+VL by lying * compat: fix typo and ranges * compat: support 4.15's netlink and barrier changes * poly1305-avx512: requires AVX512F+VL+BW Numerous compat fixes which should keep us supporting 3.10-4.15-rc1. * blake2s: AVX512F+VL implementation * blake2s: tweak avx512 code * blake2s: hmac space optimization Another terrific submission from Samuel Neves: we now have an implementation of Blake2s using AVX512, which is extremely fast. * allowedips: optimize * allowedips: simplify * chacha20: directly assign constant and initial state Small performance tweaks. * tools: fix removing preshared keys * qemu: use netfilter.org https site * qemu: take shared lock for untarring Small bug fixes. Remove myself from the maintainers list: we have enough and I'm happy to carry on doing package bumps on ad-hoc basis without the 'official' title. Run-tested: ar71xx Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* lldpd: bump to 0.9.9Stijn Tintel2017-11-271-2/+2
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* nghttp2: bump to 1.28.0Hans Dedecker2017-11-271-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 939ad5dd Update manual pages 24d92b97 Add deprecation warning when spdylay support is enabled 4c92ff18 Bump up version number to 1.28.0, LT revision to 29:0:15 280db5c6 Update neverbleed 7fbcb2d0 Merge pull request #1074 from nghttp2/fix-doc 53aeb2c3 Fix doc ff200bfc clang-format-5.0 fee3151f Switch to clang-format-5.0 99a85159 Update manual pages 2a981a3f Merge pull request #1066 from nghttp2/nghttpx-add-affinity-cookie-secure 0028275d nghttpx: Add affinity-cookie-secure parameter to backend option ee8bfddf Merge pull request #1063 from nghttp2/error_callback2 194acb1f src: Use nghttp2_error_callback2 43a2a70a Add nghttp2_error_callback2 73344ae9 nghttpx: Use plain hex string format for client serial c479f612 Merge pull request #1060 from nghttp2/nghttpx-add-client-serial eca0a302 nghttpx: Add $tls_client_serial log variable 4720c5cb nghttpx: Make client serial available in mruby script cd55ab28 nghttpx: Add function to get serial number from certificate d402cfdf Merge pull request #1057 from nghttp2/nghttpx-add-tls-client-issuer-name 22502182 Add tls_client_issuer_name log variable and expose it to mruby 05e1fd5e Update manual pages 943d7923 Add Session Affinity section to nghttpx howto 568ecbfb doc: Add missing port f5ddd7f4 nghttpx: Make initial_addr_idx_ unsigned 88abbce7 nghttpx: Fix compile error with gcc 16e90365 nghttpx: Fix affinity retry fa7945c6 nghttpx: Refactor daca43f0 nghttpx: Fix stalled backend connection on retry 16bc11e6 nghttpx: Remove duplicated util::make_socket_nodelay 6f7e94cd Merge pull request #1047 from PiotrSikora/go_vet 61efa15a integration: Fix issues reported by the `go vet` tool. 8c0ea56b Merge pull request #1036 from nghttp2/nghttpx-affinity-cookie 54905371 nghttpx: Refactor 6010d393 integration: Add tests be5c39a1 src: Add tests b8fda680 nghttpx: Cookie based session affinity e29b9c12 Merge pull request #1045 from nghttp2/nghttpx-sha1-fingerprint 539e2781 nghttpx: Add tls_client_fingerprint_sha1 to mruby and accesslog 7008afd4 nghttpx: Refactor get_x509_fingerprint to accept hash function 77a41756 Merge pull request #1041 from nghttp2/fix-examples-client-server b15045d6 Merge pull request #1040 from nghttp2/nghttpx-mruby-add-more-tls-vars 03084f75 examples: Make client and server work with libevent-2.1.8 60baca27 nghttpx: Add more TLS related attributes to mruby Env object 86990db2 Merge pull request #1038 from nghttp2/nghttpx-add-more-logging-vars cb376bcd nghttpx: Add client fingerprint and subject name to accesslog f2b8edd1 nghttpx: Fix memory leak c4f8afcf nghttpx: Get TLS info only when it is necessary when writing accesslog 1a1a216d Merge pull request #1037 from nghttp2/nghttpx-mruby-tls-client-vars 9f80a82c nghttpx: Add client fingerprint and subject name to mruby env c573c80b nghttpx: Pass a pointer to SSL instead of TLSSessionInfo to LogSpec 3cd6817e Fix typos d4a69658 Add another warning about mruby 8e06fe49 Fix typo aaeeec8f Fix typos 66d5e246 Bump up version number to 1.28.0-DEV Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* mwlwifi: Update to latest commit in upstream repoDaniel Engberg2017-11-251-3/+3
| | | | | | | Update to latest commit in upstream repo Bumps 88W8964 firmware to 9.3.0.8 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* kmod-sched-cake: update to latest git HEADFushan Wen2017-11-252-21/+24
| | | | | | | | | | dfb2f6c pkt_sched: make compile again 5ab7026 sch_cake: make compile again 6f28803 codel5: make more checkpatch compliant bd426aa Fix build error on 4.12 e4a3628 Whitespace tidy up Signed-off-by: Fushan Wen <qydwhotmail@gmail.com>
* odhcpd: update to latest git HEADHans Dedecker2017-11-251-3/+3
| | | | | | 92e205d dhcpv6: fix compile issues when CER-ID extension is enabled Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: add a full and ipv6only variant (FS#1188)Hans Dedecker2017-11-251-27/+58
| | | | | | | | | Add an ipv6only variant providing server services for RA, stateful and stateless DHCPv6, prefix delegation and relay support for DHCPv6, NDP and RA. The full variant called odhcpd supports DHCPv4 server as before. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* wireguard: bump to 20171122Kevin Darbyshire-Bryant2017-11-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bump to latest WireGuard snapshot release: ed479fa (tag: 0.0.20171122) version: bump snapshot efd9db0 chacha20poly1305: poly cleans up its own state 5700b61 poly1305-x86_64: unclobber %rbp 314c172 global: switch from timeval to timespec 9e4aa7a poly1305: import MIPS64 primitive from OpenSSL 7a5ce4e chacha20poly1305: import ARM primitives from OpenSSL abad6ee chacha20poly1305: import x86_64 primitives from OpenSSL 6507a03 chacha20poly1305: add more test vectors, some of which are weird 6f136a3 compat: new kernels have netlink fixes e4b3875 compat: stable finally backported fix cc07250 qemu: use unprefixed strip when not cross-compiling 64f1a6d tools: tighten up strtoul parsing c3a04fe device: uninitialize socket first in destruction 82e6e3b socket: only free socket after successful creation of new df318d1 compat: fix compilation with PaX d911cd9 curve25519-neon: compile in thumb mode d355e57 compat: 3.16.50 got proper rt6_get_cookie 666ee61 qemu: update kernel 2420e18 allowedips: do not write out of bounds 185c324 selftest: allowedips: randomized test mutex update 3f6ed7e wg-quick: document localhost exception and v6 rule Compile-tested-for: ar71xx Run-tested-on: ar71xx Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* uboot-sunxi: fix build of HAOYU Electronics Marsboard A10Hauke Mehrtens2017-11-231-1/+2
| | | | | | | | The uboot target is named MarsBoard_A10 and it was not build at all. This fixes a build problem seen by the build bot. Fixes: 6a3565985fde ("sunxi: Added profile for HAOYU Electronics Marsboard A10") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: i2c-piix4: fix dependency on TARGET_x86Hauke Mehrtens2017-11-221-1/+1
| | | | | | | Fix the target dependency to make it possible to select this module also on x86 target and its subtargets. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: e100: take e100 firmware from linux-firmware repositoryHauke Mehrtens2017-11-222-8/+10
| | | | | | | | | The firmware directory in the Linux kernel was removed in kernel 4.14, take the e100 firmware files now from the linux-firmware repository instead. To do so create the new package e100-firmware. This will also work with older kernel versions. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: add NFS4 client supportMarcin Jurkowski2017-11-222-17/+68
| | | | | | | | | | | | | | | | | | | Adds NFS4 client support: 1. Package kmod-fs-nfs is split into kmod-fs-nfs (nfs.ko) and kmod-fs-nfs-v3 (nfsv3.ko). 2. A new package kmod-fs-nfs-v4 (nfsv4.ko) is created. 3. Package kmod-fs-nfs-common-v4 is renamed to kmod-fs-nfs-rpcsec and includes additional module rpcsec_gss_krb5.ko. CONFIG_NFS_V4 goes into kmod-fs-nfs-v4, CONFIG_NFSD_V4 (NFS4 server) is removed. Missing kernel module oid_registry.ko needed by auth_rpcgss.ko is added to the package. A new package kmod-crypto-cts needed by rpcsec_gss_krb5.ko is also created. Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com> [add dependency to kmod-crypto-ecb in fs-nfs-common-rpcsec] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: add kmod-i2c-i801Martin Schiller2017-11-221-0/+26
| | | | | | Signed-off-by: Martin Schiller <ms@dev.tdt.de> [Add i2c-smbus.ko and fix target dependency] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: add it87-wdt watchdog timer moduleMartin Schiller2017-11-221-0/+18
| | | | | | | | | | | The module parameters "nogameport=1" and "nocir=1" are needed, because this is not supported on recent chips and doesn't really tell if the system is stable. As this features will already be removed in linux-4.13 or newer, this module parameters can be removed in the future. Signed-off-by: Martin Schiller <ms@dev.tdt.de>
* libusb-compat: Upgrade to 0.1.15Rosen Penev2017-11-221-3/+3
| | | | | | Compile tested on ramips (mt7621) Signed-off-by: Rosen Penev <rosenp@gmail.com>
* usbutils: Update usb.ids file to latestRosen Penev2017-11-221-3/+3
| | | | Signed-off-by: Rosen Penev <rosenp@gmail.com>
* wireless-regdb: fix PKG_MIRROR_HASHChristian Lamparter2017-11-221-1/+1
| | | | | | | | | make check complains about PKG_MIRROR_HASH of the wireless-regdb package: WARNING: PKG_MIRROR_HASH does not match wireless-regdb-2017-10-20-4343d359.tar.xz hash 5f5b669f32ae36cb65b1d99efbbbfd42c2983cda32f6448346e3e54ffaba3889 Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* acx-mac80211: fix build on kernel 4.9Mathias Kresin2017-11-221-0/+16
| | | | | | | | | | | The DEFINE_PCI_DEVICE_TABLE macro was removed with upstream commit 7e9321599011 ("treewide: remove references to the now unnecessary DEFINE_PCI_DEVICE_TABLE"). Use the pci_device_id struct to fix the acx-mac80211 build failure on ramips. Signed-off-by: Mathias Kresin <dev@kresin.me>
* odhcpd: fix gcc7 build errorHans Dedecker2017-11-211-3/+3
| | | | | | 0573422 ndp: add switch/case fallthrough comments Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: remove unused local var declarationLeon M. George2017-11-211-2/+0
| | | | Signed-off-by: Leon M. George <leon@georgemail.eu>
* hostapd: don't set htmode for wpa_supplicantLeon M. George2017-11-211-2/+0
| | | | | | no longer supported Signed-off-by: Leon M. George <leon@georgemail.eu>
* odhcpd: update to latest git HEAD (make dhcpv4 support optional)Hans Dedecker2017-11-201-12/+25
| | | | | | | | | fd80621 dhcpv4: make DHCPv4 support compiletime configurable cf29925 treewide: rework handling of netlink events 24cdc1b treewide: add netlink file 5dfb716 treewide: align function naming Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* mac80211: fix a race condition that could lead to a use-after-free on a timerFelix Fietkau2017-11-201-0/+37
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix netlink family id for nl80211 messagesFelix Fietkau2017-11-201-0/+10
| | | | | | | Fixes responses for nl80211 calls Reported-by: Koen Vandeputte <koen.vandeputte@ncentric.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: fix lzo and lz4 modulesJohn Crispin2017-11-201-2/+6
| | | | | | both of these have been split up and require additional ko files. Signed-off-by: John Crispin <john@phrozen.org>
* dnsmasq: load instance-specific conf-file if existsEmerson Pinter2017-11-192-8/+8
| | | | | | | Without this change, the instance-specific conf-file is being added to procd_add_jail_mount, but not used by dnsmasq. Signed-off-by: Emerson Pinter <dev@pinter.com.br>
* wolfssl: add PKG_CPE_ID ids to package and toolsAlexander Couzens2017-11-191-0/+1
| | | | | | | CPE ids helps to tracks CVE in packages. https://cpe.mitre.org/specification/ Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* openssl: Add optimization optionDaniel Engberg2017-11-182-2/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add option to optimize for speed instead of size cmd: openssl speed md5 sha1 sha256 sha512 des des-ede3 aes-128-cbc \ aes-192-cbc aes-256-cbc rsa2048 dsa2048 === Linksys WRT3200ACM === Default optimization: The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md5 14111.49k 47147.75k 123375.02k 206937.09k 258828.97k sha1 14495.71k 46763.99k 116679.94k 188115.29k 228294.66k des cbc 22315.63k 23118.98k 23323.14k 23348.22k 23363.58k des ede3 8085.97k 8217.26k 8255.74k 8266.41k 8273.92k aes-128 cbc 48740.10k 52606.12k 54224.98k 56263.68k 54774.44k aes-192 cbc 43410.83k 47325.31k 48994.05k 49377.96k 48532.14k aes-256 cbc 39132.46k 42512.60k 43692.63k 43997.18k 44070.23k sha256 19987.80k 47314.69k 86119.08k 109352.28k 119466.67k sha512 8034.63k 32321.92k 47495.94k 65777.32k 74080.26k sign verify sign/s verify/s rsa 2048 bits 0.020387s 0.000528s 49.1 1892.2 sign verify sign/s verify/s dsa 2048 bits 0.005920s 0.006396s 168.9 156.3 Optimize for speed (-O3 instead of -Os and disable -DOPENSSL_SMALL_FOOTPRINT): The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md5 14655.49k 48561.79k 126953.56k 210741.93k 262430.72k sha1 14607.90k 47032.15k 117725.87k 188226.22k 228499.46k des cbc 28041.11k 29586.84k 29939.80k 30047.91k 30067.37k des ede3 10697.93k 10899.75k 10956.97k 10972.84k 10980.01k aes-128 cbc 58852.70k 65956.07k 68675.67k 69388.29k 69607.42k aes-192 cbc 50299.73k 56501.23k 58491.65k 59008.00k 59159.89k aes-256 cbc 44684.38k 47944.36k 49098.67k 49573.89k 49463.30k sha256 19673.53k 47248.58k 86775.04k 110053.72k 119382.02k sha512 8029.67k 32033.02k 47440.04k 65740.12k 74072.06k sign verify sign/s verify/s rsa 2048 bits 0.019666s 0.000529s 50.8 1892.0 sign verify sign/s verify/s dsa 2048 bits 0.005882s 0.006450s 170.0 155.0 === D-Link DIR-860L (B1) === Default optimization: The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md5 3376.97k 11654.74k 32966.76k 60016.27k 80729.43k sha1 2310.95k 6024.87k 11680.32k 15273.93k 16784.07k des cbc 6787.21k 7014.36k 7072.49k 7088.73k 7092.48k des ede3 2462.47k 2499.87k 2509.48k 2511.35k 2514.75k aes-128 cbc 10014.28k 11018.87k 11308.99k 11381.03k 11406.20k aes-192 cbc 8930.35k 9675.27k 9895.97k 9954.57k 9971.92k aes-256 cbc 8022.81k 8624.03k 8799.60k 8843.14k 8856.07k sha256 2546.33k 5542.19k 9326.99k 11249.03k 11969.57k sha512 877.22k 3503.44k 4856.01k 6554.96k 7299.32k sign verify sign/s verify/s rsa 2048 bits 0.109348s 0.003132s 9.1 319.3 sign verify sign/s verify/s dsa 2048 bits 0.032745s 0.037212s 30.5 26.9 Optimize for speed (-O3 instead of -Os and disable -DOPENSSL_SMALL_FOOTPRINT): The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md5 3660.39k 12401.37k 34501.23k 62438.83k 81786.64k sha1 3500.20k 10730.70k 25056.19k 37715.86k 44253.13k des cbc 7189.75k 7545.88k 7641.90k 7665.71k 7672.18k des ede3 2690.64k 2734.33k 2745.24k 2748.13k 2748.81k aes-128 cbc 11325.29k 12731.75k 13151.34k 13259.95k 13289.55k aes-192 cbc 9932.36k 10997.65k 11309.84k 11389.53k 11408.92k aes-256 cbc 8845.13k 9677.01k 9920.30k 9980.77k 9996.42k sha256 3200.50k 7107.76k 12230.85k 14933.73k 15962.15k sha512 879.12k 3510.79k 4956.45k 6711.45k 7484.39k sign verify sign/s verify/s rsa 2048 bits 0.085641s 0.002365s 11.7 422.9 sign verify sign/s verify/s dsa 2048 bits 0.023881s 0.026120s 41.9 38.3 -O3 is considered safe for OpenSSL Ref: https://wiki.openssl.org/index.php/Compilation_and_Installation Tested hardware: Linksys WRT3200ACM / D-Link DIR-860L (B1) Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* netifd: update to latest git HEADHans Dedecker2017-11-171-3/+3
| | | | | | c92106e interface-ip: add missing IPv6 policy rule Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>