aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* netfilter: fix file conflicts between kmod-ipt- and kmod-nft- packagesMatthias Schiffer2016-09-301-2/+2
| | | | | | | | The nf_reject_* and nf_nat_masquerade_* modules are moved into the corresponding kmod-nf- packages. Appropriate dependencies are added to the kmod-nft- packages. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* kernel: fix module dependency checkingMatthias Schiffer2016-09-301-0/+1
| | | | | | | Since the kernel makefile is using .ONESHELL, we need to add -e to .SHELLFLAGS so errors are not ignored. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* ath9k: remove patch causing stability issues with powersave devices (FS#176)Felix Fietkau2016-09-306-45/+8
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iproute2: fix no fortify build failureKevin Darbyshire-Bryant2016-09-301-0/+10
| | | | | | | | | | Fix rt_names build failure when FORTIFY_SOURCE disabled. Include limits.h which otherwise gets automatically included by fortify headers. Solves FS #194 Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* brcmfmac43430-firmware: remove package and switch to linux-firmwareÁlvaro Fernández Rojas2016-09-292-63/+9
| | | | | | | Now that the firmware for BCM43430 has been submitted to linux-firmware use it and remove RPiDistro package. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* kernel: do not enable the unpackaged rfkill-gpio driverFelix Fietkau2016-09-291-2/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix rfkill dependencyJohn Crispin2016-09-291-1/+3
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* mac80211: use upstream patches for rtl8xxxuÁlvaro Fernández Rojas2016-09-29108-455/+488
| | | | | | Also improves rtl8188eu support. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* procd: update to latest git HEADJohn Crispin2016-09-281-2/+2
| | | | | | | | this adds 2 new inittab handlers * askconsolelate * respawnlate Signed-off-by: John Crispin <john@phrozen.org>
* netifd: update to the latest version, adds various fixesFelix Fietkau2016-09-281-2/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ath10k-firmware: move to firmware section in buildrootStijn Segers2016-09-281-4/+16
| | | | | | | This patch moves the ath10k firmware packages to the firmware submenu in the buildroot, where it belongs. Signed-off-by: Stijn Segers <francesco.borromini@inventati.org>
* ath10k-firmware: update the qca988x firmware to 10.2.4.70.54Martin Blumenstingl2016-09-281-13/+5
| | | | | | | | | | | | | | Use firmware version 10.2.4.70.54 from kvalo's git repository. The old version (even though it's version number is greater) is an old version from September 2015. Using only the firmware versions from kvalo's git repo is recommended, because those are tested by QCA's internal QCA. The QCA988X directory received a small reorganization as a "hw2.0" subdirectory was added - this patch also takes care of that as board.bin was moved to that subdirectory. Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
* toolchain: Force installation into /libFlorian Fainelli2016-09-281-24/+16
| | | | | | | | For 64-bit capable systems, a symbolic link is set up for /lib64 to point to /lib, so make sure the installation goes into /lib, irrespective of where the C library files come from in an external toolchain. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* rfkill: add fake rfkill supportJohn Crispin2016-09-271-1/+1
| | | | | | allow building of modules depending on RFKILL even if RFKILL is not enabled. Signed-off-by: John Crispin <john@phrozen.org>
* perf: fix build with musl on PowerPCMatthias Schiffer2016-09-281-0/+8
| | | | Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* kernel: remove echainiv.ko from kmod-crypto-ivMatthias Schiffer2016-09-281-4/+3
| | | | | | | There is a separate package kmod-crypto-echainiv for echainiv.ko. Selecting both packages led to a conflict, so remove the file from kmod-crypto-iv. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* mac80211: backport brcmfmac changes from 2016-09-27Rafał Miłecki2016-09-273-1/+97
| | | | | | | | This fixes bug that could cause WARNING on every add_key/del_key call. It also replaces WARNING with a simple message. They may still occur e.g. on station going out of range and A-MPDU stall in the firmware. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* openssl: update to 1.0.2jMagnus Kroken2016-09-273-49/+2
| | | | | | | | | | | | | | A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a result any attempt to use CRLs in OpenSSL 1.0.2i will crash with a null pointer exception. Patches applied upstream: * 301-fix_no_nextprotoneg_build.patch * 302-Fix_typo_introduced_by_a03f81f4.patch Security advisory: https://www.openssl.org/news/secadv/20160926.txt Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* linux-firmware: Add mirrorsdiizzyy2016-09-271-1/+3
| | | | | | | Adds Google's mirrors as primary source and kernel.org as fallback. Discussed in #lede-dev on Freenode Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* openssl: Make DTLS configurable.Rosen Penev2016-09-272-0/+10
| | | | Signed-off by: Rosen Penev <rosenp@gmail.com>
* openssl: Remove J-PAKE. Nothing uses it.Rosen Penev2016-09-271-1/+2
| | | | Signed-off by: Rosen Penev <rosenp@gmail.com>
* busybox: v1.25.0 upstream patchesKevin Darbyshire-Bryant2016-09-273-0/+75
| | | | | | Include upstream patches for gzip, ip & ntpd. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* libjson-c: Update to 0.12.1Daniel Engberg2016-09-272-26/+5
| | | | | | Updates libjson-c and removes backport patch. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libunwind: use url aliasdiizzyy2016-09-271-1/+1
| | | | | | Use alias instead of hardcoded URL Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* iwinfo: fix WPA cipher reportingJo-Philipp Wich2016-09-271-2/+2
| | | | | | | | | | | Within the Lua binding, use the same logic as the command line interface for reporting the used WPA ciphers. Instead of printing the intersection of pairwise and group ciphers, report both group and pairwise ciphers. This fixes a case where a connection which uses CCMP for pairwise and TKIP as groupwise cipher is getting reported as using the NONE cipher. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* iproute: properly support high routing table IDsJo-Philipp Wich2016-09-273-24/+487
| | | | | | | | | | | | | | | | | | | | | The Linux kernel uses two distinct fields to denote the routing table ID in use by network routes; the 8 bit `rtm_table` member of `struct rtmsg` and the 32 bit `RTA_TABLE` netlink attribute. If a routing table ID is larger than 255, the `RT_TABLE` attribute must be used and the `rtm_table` field has to be set to the special `RT_TABLE_UNSPEC` value. This commit adds a patch which... - switches the *_n2a() and *_a2n() functions of rt_names.c to use dynamically sized, name-sorted arrays instead of fixed arrays limited to 1024 slots in order to support IDs up to 65535 - adds proper handling of high table IDs to iprule.c and iproute.c when adding, removing and dumping ip rules and network routes After this change, the Busybox ip applet fully supports IP rules with high ID numbers, using the same logic as the full iproute2. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* 6in4: fix invalid local variable declaration (FS#188)Jo-Philipp Wich2016-09-272-3/+3
| | | | | | | | Remove an invalid local variable declaration in the tunnel update subshell invocation. Local declarations outside of function scopes are illegal since the Busybox update to version 1.25.0 . Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mac80211: backport brcmfmac changes from 2016-09-26Rafał Miłecki2016-09-2726-2/+1316
| | | | | | | All these patches are in wireless-drirvers-next. There is support for hidden SSID, few new devices and many fixes. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: make default_prerm work offlineMatthias Schiffer2016-09-261-4/+12
| | | | | | | IPKG_INSTROOT must be respected for offline removal (used for per-device rootfs). Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: fix check for empty password warningMatthias Schiffer2016-09-261-2/+1
| | | | | | | | | | | | | Now that we know that the password is in /etc/shadow and not in /etc/passwd, we can properly fix the logic for the empty password check. Only 'root::' is an empty password, 'root:x:' and 'root:!:' allow no password login at all. This fixes the empty password warning still showing after the root password has been locked using 'passwd -l root' (e.g. to allow public-key auth only). Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* config: enable shadow passwords unconditionallyMatthias Schiffer2016-09-261-1/+0
| | | | | | | | | | | | | Configurations without shadow passwords have been broken since the removal of telnet: as the default entry in /etc/passwd is not empty (but rather unset), there will be no way to log onto such a system by default. As disabling shadow passwords is not useful anyways, remove this configuration option. The config symbol is kept (for a while), as packages from feeds depend on it. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* mac80211: fix crash in mac80211_hwsimFelix Fietkau2016-09-261-0/+11
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uboot-mvebu: reset the 88E1512 PHY to make the wan port workJonas Gorski2016-09-261-0/+32
| | | | | Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> Acked-by: Felix Fietkau <nbd@nbd.name>
* uboot-mvebu: make hidden and be m for clearfog to fix IB failing to add itJonas Gorski2016-09-261-3/+5
| | | | | | | | | | | | | Uboot-mvebu isn't a real package, which will break the image builder when it tries to install it during the packing step. Instead of cleafog selecting it through its default packages, make it default to m if the clearfog profile is selected. This will ensure it is always build, but never added to the rootfs. This fixes creating images for clearfog with IB. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> Acked-by: Felix Fietkau <nbd@nbd.name>
* uboot-mvebu: also install into KDIR to ensure it packaged in IBJonas Gorski2016-09-261-0/+3
| | | | | | | | The clearfog image requires u-boot, so package it into KDIR to make sure it is available in imageBuilder. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> Acked-by: Felix Fietkau <nbd@nbd.name>
* fstools: mark as nonshared and add missing PKG_CONFIG_DEPENDSMatthias Schiffer2016-09-251-0/+3
| | | | | | | The fstools build depends on the CONFIG_NAND_SUPPORT flag, which is target-specific. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* image: fix CONFIG_CLEAN_IPKG with CONFIG_TARGET_PER_DEVICE_ROOTFSMatthias Schiffer2016-09-251-1/+4
| | | | | | | | | | | Running prepare_rootfs on TARGET_DIR deletes the opkg state when CONFIG_CLEAN_IPKG is enabled, making the per-device rootfs package install fail. To avoid this, create a copy of the TARGET_DIR before prepare_rootfs is run and use this as basis for per-device rootfs generation. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* kernel: remove duplicate br-netfilter file and Kconfig symbol from kmod-ebtablesMatthias Schiffer2016-09-241-5/+2
| | | | | | | br_netfilter.ko and the corresponding Kconfig symbol are already provided by kmod-br-netfilter, which is a dependency of kmod-ebtables. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* openssl: backport build fix when hardware support is usedHauke Mehrtens2016-09-242-0/+35
| | | | | | | This fix added to the openssl 1.0.2 branch. In addition add the header for the existing backport. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* treewide: remove bad local shell variable declarationsJo-Philipp Wich2016-09-242-3/+3
| | | | | | | Local variable declarations outside of functions are illegal since the Busybox update to v1.25.0, therfore remove them from the appropriate places. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* curl: update to version 7.50.3Hauke Mehrtens2016-09-242-3/+3
| | | | | | | | | | | | | | This fixes the following security problems: 7.50.1: CVE-2016-5419 TLS session resumption client cert bypass CVE-2016-5420 Re-using connections with wrong client cert CVE-2016-5421 use of connection struct after free 7.50.2: CVE-2016-7141 Incorrect reuse of client certificates 7.50.3: CVE-2016-7167 curl escape and unescape integer overflows Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* openssl: update to 1.0.2iMagnus Kroken2016-09-247-43/+19
| | | | | | | | | | | | | | | Drop 302-fix_no_cmac_build.patch, it has been applied upstream. Security fixes: * (Severity: High) OCSP Status Request extension unbounded memory growth (CVE-2016-6304) * (Severity: Moderate) SSL_peek() hang on empty record (CVE-2016-6305) * 10 Low severity issues Security advisory: https://www.openssl.org/news/secadv/20160922.txt Changelog: https://www.openssl.org/news/cl102.txt Signed-off-by: Magnus Kroken <mkroken@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* linux-firmware: update to current Git headJo-Philipp Wich2016-09-231-3/+3
| | | | | | | | | | | | | | | | | | | Update the linux-firmware package in order to force the buildbots to fetch the proper mirrored version. Currently each builder has its own copy of the linux-firmware checkout staged in its own dl/, since the package was updated before the mirrored copy has been uploaded. The builders then subsequently uploaded their own copy instead, leading to md5sum mismatches since each clone produces different tarballs. By bumping the package to a new version and uploading the mirrored archive with the proper md5sum beforehand, the builders will fetch that instead and not upload their own copies. To properly solve that problem in the future we need to ensure that packed checkouts become reproducable. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* kernel: fix broken dependency of kmod-owl-loader on kmod-ath9kFelix Fietkau2016-09-221-1/+1
| | | | | | | It messes up the build order of package/kernel/linux vs package/kernel/mac80211 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* linux-firmware: update md5sumJo-Philipp Wich2016-09-221-1/+1
| | | | | | | | | | | | Since the md5sum of the mirrored Git clone archive has been set in the Makefile before that particular archive was uploaded to the source mirror, the buildbots uploaded their own, different copy instead invalidating the mirror md5sum for anyone else. In order to fix the mismatch, update the md5sum to reflect the archive being present on the download server. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* busybox: fix md5sumHauke Mehrtens2016-09-201-1/+1
| | | | | | | The md5sum was not updated in commit 06fa1c46fc3 "busybox: update to version 1.25.0" Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ltq-vdsl-app: update to version 4.17.18.6Hauke Mehrtens2016-09-203-28/+5
| | | | Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* ltq-vdsl: update to version 4.17.18.6Hauke Mehrtens2016-09-202-12/+38
| | | | Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* ltq-vdsl-mei: update mei driver to version 1.5.17.6Hauke Mehrtens2016-09-204-51/+87
| | | | Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* dsl-vrx200-firmware-xdsl: update to more recent versionsHauke Mehrtens2016-09-201-7/+7
| | | | | | | | | | The Annex A firmware will be updated to: 05.08.01.08.01.06_05.08.00.0B.01.01_osc The Annex B firmware will be updated to: 05.07.09.09.00.06_05.07.04.04.00.02_osc Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>