aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* uhttpd: add enable instance optionFlorian Eckert2020-01-152-1/+5
| | | | | | | | With this change it is now possible to switch off single instances of the uhttpd config. Until now it was only possible to switch all instances of uhttpd on or off. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* hostapd: add wpa_strict_rekey supportKyle Copperfield2020-01-151-1/+3
| | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Rekey GTK on STA disassociate Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
* hostapd: add dtim_period, local_pwr_constraint, spectrum_mgmt_requiredKyle Copperfield2020-01-152-3/+12
| | | | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Allows dtim_period to be configurable, the default is from hostapd. Adds additional regulatory tunables for power constraint and spectrum managment. Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
* dropbear: move failsafe code out of base-filesKyle Copperfield2020-01-154-8/+11
| | | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Failsafe code of dropbear should be in the dropbear package not the base-files package. Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
* busybox: Include hdparm by default on nas type deviceLinus Walleij2020-01-151-0/+3
| | | | | | | | | NAS devices certainly need to have hdparm to configure things like spin-down time or their disks will be constantly spinning. Just catenate CONFIG_HDPARM=y on these configs. Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
* cryptodev-linux: remove DEFAULT redefinitionEneas U de Queiroz2020-01-151-1/+0
| | | | | | | | The 'DEFAULT:=m if ALL' line prevents the phase1 buildbots from building the package, and users from downloading it, since they use 'ALL_KMODS=y' but 'ALL' is not set. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* mac80211: fix MAC address allocations if the local bit is set on the base addrFelix Fietkau2020-01-151-1/+1
| | | | | | | If it's set, don't subtract 1 from the interface index encoded into the first byte of the address Signed-off-by: Felix Fietkau <nbd@nbd.name>
* valgrind: do not strip internal preload libraries and executablesJo-Philipp Wich2020-01-141-2/+20
| | | | | | | | | | Implement the suggestions laid out in README_PACKAGERS, mainly by preventing the stripping of the internal vgpreload*.so libraries. Also retain the symbol information of valgrind's private helper executables and enable LTO as suggested in the packagers readme. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: fix build for /sbin/pkg_checkXu Wang2020-01-141-2/+2
| | | | | | | | | | Setting CONFIG_IPK_FILES_CHECKSUMS=y causes sha256 checksum files to be included with the packages to check for corruption. This commit fixes two issues: - /sbin/pkg_check was being removed incorrectly if IPK_FILES_CHECKSUMS=y - checksums were being saved in the wrong file Signed-off-by: Xu Wang <xwang1498@gmx.com>
* hostapd: add support for subject validationDavid Lam2020-01-142-1/+93
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The wpa_supplicant supports certificate subject validation via the subject match(2) and altsubject_match(2) fields. domain_match(2) and domain_suffix_match(2) fields are also supported for advanced matches. This validation is especially important when connecting to access points that use PAP as the Phase 2 authentication type. Without proper validation, the user's password can be transmitted to a rogue access point in plaintext without the user's knowledge. Most organizations already require these attributes to be included to ensure that the connection from the STA and the AP is secure. Includes LuCI changes via openwrt/luci#3444. From the documentation: subject_match - Constraint for server certificate subject. This substring is matched against the subject of the authentication server certificate. If this string is set, the server sertificate is only accepted if it contains this string in the subject. The subject string is in following format: /C=US/ST=CA/L=San Francisco/CN=Test AS/emailAddress=as .example.com subject_match2 - Constraint for server certificate subject. This field is like subject_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel) authentication. altsubject_match - Constraint for server certificate alt. subject. Semicolon separated string of entries to be matched against the alternative subject name of the authentication server certificate. If this string is set, the server sertificate is only accepted if it contains one of the entries in an alternative subject name extension. altSubjectName string is in following format: TYPE:VALUE Example: EMAIL:server@example.com Example: DNS:server.example.com;DNS:server2.example.com Following types are supported: EMAIL, DNS, URI altsubject_match2 - Constraint for server certificate alt. subject. This field is like altsubject_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel) authentication. domain_match - Constraint for server domain name. If set, this FQDN is used as a full match requirement for the server certificate in SubjectAltName dNSName element(s). If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using same full match comparison. This behavior is similar to domain_suffix_match, but has the requirement of a full match, i.e., no subdomains or wildcard matches are allowed. Case-insensitive comparison is used, so "Example.com" matches "example.com", but would not match "test.Example.com". More than one match string can be provided by using semicolons to separate the strings (e.g., example.org;example.com). When multiple strings are specified, a match with any one of the values is considered a sufficient match for the certificate, i.e., the conditions are ORed together. domain_match2 - Constraint for server domain name. This field is like domain_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel) authentication. domain_suffix_match - Constraint for server domain name. If set, this FQDN is used as a suffix match requirement for the AAA server certificate in SubjectAltName dNSName element(s). If a matching dNSName is found, this constraint is met. If no dNSName values are present, this constraint is matched against SubjectName CN using same suffix match comparison. Suffix match here means that the host/domain name is compared one label at a time starting from the top-level domain and all the labels in domain_suffix_match shall be included in the certificate. The certificate may include additional sub-level labels in addition to the required labels. More than one match string can be provided by using semicolons to separate the strings (e.g., example.org;example.com). When multiple strings are specified, a match with any one of the values is considered a sufficient match for the certificate, i.e., the conditions are ORed together. For example, domain_suffix_match=example.com would match test.example.com but would not match test-example.com. This field is like domain_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel) authentication. domain_suffix_match2 - Constraint for server domain name. This field is like domain_suffix_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel) authentication. Signed-off-by: David Lam <david@thedavid.net>
* mac80211: fix list_phy_interfaces for multiple wiphys on the same deviceFelix Fietkau2020-01-141-1/+10
| | | | | | | Network interfaces are looked up based on the device behind a phy, so the phy needs to be checked separately Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix a page refcounting issue leading to leaks/crashes in rx A-MSDU ↵Felix Fietkau2020-01-141-0/+25
| | | | | | decap Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix sta TID stats leak on a few nl80211 callsFelix Fietkau2020-01-142-0/+43
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: renumber subsys patches accepted upstreamFelix Fietkau2020-01-144-0/+0
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* base-files: use jshn lib for ubus sysupgrade argument generationFlorian Eckert2020-01-141-14/+11
| | | | | | | | With this change the well known jshn library will be used, to build the json arguments for the ubus sysupgrade method. This is also used in all other shell program that uses JSON. This commit unifies that. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* rpcd: activate PIE ASLR by defaultPetr Štetiar2020-01-141-0/+1
| | | | | | | This activates PIE ASLR support by default when the regular option is selected. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* odhcpd: activate PIE ASLR by defaultPetr Štetiar2020-01-141-0/+1
| | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. Size increase on x86/64: odhcpd-ipv6only Installed-Size: 36821 -> 38216 Signed-off-by: Petr Štetiar <ynezz@true.cz>
* procd: activate PIE ASLR by defaultPetr Štetiar2020-01-141-0/+1
| | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. Size increase on x86/64: procd Installed-Size: 44931 -> 47362 Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ubus: activate PIE ASLR by defaultPetr Štetiar2020-01-141-1/+2
| | | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. Size increase on x86/64: ubus Installed-Size: 5602 -> 5950 ubusd Installed-Size: 11643 -> 12119 Signed-off-by: Petr Štetiar <ynezz@true.cz>
* uhttpd: Activate PIE by defaultHauke Mehrtens2020-01-131-0/+1
| | | | | | | | | | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. This increases the binary size by 39% uncompressed and 21% compressed on MIPS BE. old: 33,189 /usr/sbin/uhttpd 23,016 uhttpd_2019-08-17-6b03f960-4_mips_24kc.ipk new: 46,212 /usr/sbin/uhttpd 27,979 uhttpd_2019-08-17-6b03f960-4_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Petr Štetiar <ynezz@true.cz>
* hostapd: Activate PIE by defaultHauke Mehrtens2020-01-131-0/+1
| | | | | | | | | | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. This increases the binary size by 26% uncompressed and 16% compressed on MIPS BE. old: 460,933 /usr/sbin/wpad 283,891 wpad-basic_2019-08-08-ca8c2bd2-1_mips_24kc.ipk new: 584,508 /usr/sbin/wpad 330,281 wpad-basic_2019-08-08-ca8c2bd2-1_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Petr Štetiar <ynezz@true.cz>
* dropbear: Activate PIE by defaultHauke Mehrtens2020-01-131-0/+1
| | | | | | | | | | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. This increases the binary size by 18% uncompressed and 17% compressed on MIPS BE. old: 164,261 /usr/sbin/dropbear 85,648 dropbear_2019.78-2_mips_24kc.ipk new: 194,492 /usr/sbin/dropbear 100,309 dropbear_2019.78-2_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Petr Štetiar <ynezz@true.cz>
* dnsmasq: Activate PIE by defaultHauke Mehrtens2020-01-131-0/+1
| | | | | | | | | | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. This increases the binary size by 37% uncompressed and 18% compressed on MIPS BE. old: 146,933 /usr/sbin/dnsmasq 101,837 dnsmasq_2.80-14_mips_24kc.ipk new: 202,020 /usr/sbin/dnsmasq 120,577 dnsmasq_2.80-14_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Petr Štetiar <ynezz@true.cz>
* ethtool: bump to 5.4Hans Dedecker2020-01-121-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 7dc0af7 Release version 5.4. 914912e ethtool: add 0x16 and 0x1c extended compliance codes 600b779 ethtool: mark 10G Base-ER as SFF-8472 revision 10.4 onwards 696565d ethtool: correctly interpret bitrate of 255 2941970 fix unused parameter warning in e1000_get_mac_type() 5e814f2 fix unused parameter warning in fjes_dump_regs() b1a5279 fix unused parameter warning in ixgb_dump_regs() 6608751 fix unused parameter warning in ibm_emac_dump_regs() 1c30119 fix unused parameter warning in et131x_dump_regs() a56aba4 fix unused parameter warning in amd8111e_dump_regs() f40d32d fix unused parameter warning in fec_dump_regs() 8b84f1a fix unused parameter warning in at76c50x_usb_dump_regs() f725f5a fix unused parameter warning in smsc911x_dump_regs() a12cd66 fix unused parameter warning in e1000_dump_regs() e058656 fix unused parameter warning in igb_dump_regs() debac02 fix unused parameter warning in de2104[01]_dump_regs() d434eea fix unused parameter warning in e100_dump_regs() 8df12f3 fix unused parameter warning in vioc_dump_regs() 92d716b fix unused parameter warning in tg3_dump_{eeprom, regs}() 211c99e fix unused parameter warning in fec_8xx_dump_regs() 362fb8b fix unused parameter warning in ixgbevf_dump_regs() 87903c2 fix unused parameter warning in st_{mac100, gmac}_dump_regs() c1eaddf fix unused parameter warning in vmxnet3_dump_regs() 313c9f8 fix unused parameter warning in dsa_dump_regs() 183e8a2 fix unused parameter warning in {skge, sky2}_dump_regs() 7f84c13 fix unused parameter warning in lan78xx_dump_regs() 02d0aaa fix unused parameter warning in realtek_dump_regs() 726d607 fix unused parameter warning in ixgbe_dump_regs() 967177c fix unused parameter warning in netsemi_dump_eeprom() 710a414 fix unused parameter warning in natsemi_dump_regs() 283398a fix unused parameter warning in print_simple_table() 0404267 fix unused parameter warning in sfc_dump_regs() 57c7298 fix unused parameter warning in altera_tse_dump_regs() 302e91a fix unused parameter warning in dump_eeprom() 2054a8c fix unused parameter warning in find_option() d5432a9 fix unused parameter warnings in do_version() and show_usage() c430e75 fix arithmetic on pointer to void is a GNU extension warning e568431 ethtool: implement support for Energy Detect Power Down e391f4c ethtool: sync ethtool-copy.h: adds support for EDPD Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* kernel: remove obsolete kernel version switchesAdrian Schmutzler2020-01-1217-99/+57
| | | | | | | | | After kernel 4.9 has been removed, this removes all (now obsolete) kernel version switches that deal with versions before 4.14. Package kmod-crypto-iv is empty now and thus removed entirely. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ipq40xx: add support for EZVIZ CS-W3-WD1200G EUPTom Brouwer2020-01-122-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hardware: SOC: Qualcomm IPQ4018 RAM: 128 MB Nanya NT5CC64M16GP-DI FLASH: 16 MB Macronix MX25L12805D ETH: Qualcomm QCA8075 (4 Gigabit ports, 3xLAN, 1xWAN) WLAN: Qualcomm IPQ4018 (2.4 & 5 Ghz) BUTTON: Shared WPS/Reset button LED: RGB Status/Power LED SERIAL: Header J8 (UART, Left side of board). Numbered from top to bottom: (1) GND, (2) TX, (3) RX, (4) VCC (White triangle next to it). 3.3v, 115200, 8N1 Tested/Working: * Ethernet * WiFi (2.4 and 5GHz) * Status LED * Reset Button (See note below) Implementation notes: * The shared WPS/Reset button is implemented as a Reset button * I could not find a original firmware image to reverse engineer, meaning currently it's not possible to flash OpenWrt through the Web GUI. Installation (Through Serial console & TFTP): 1. Set your PC to fixed IP 192.168.1.12, Netmask 255.255.255.0, and connect to one of the LAN ports 2. Rename the initramfs image to 'C0A8010B.img' and enable a TFTP server on your pc, to serve the image 2. Connect to the router through serial (See connection properties above) 3. Hit a key during startup, to pause startup 4. type `setenv serverip 192.168.1.12`, to set the tftp server address 5. type `tftpboot`, to load the image from the laptop through tftp 6. type `bootm` to run the loaded image from memory 6. (If you want to return to stock firmware later, create an full MTD backup, e.g. using instructions here https://openwrt.org/docs/guide-user/installation/generic.backup#create_full_mtd_backup) 7. Transfer the 'sysupgrade' OpenWrt firmware image from PC to router, e.g.: `scp xxx-squashfs-sysupgrade.bin root@192.168.1.1:/tmp/upgrade.bin` 8. Run sysupgrade to permanently install OpenWrt to flash: `sysupgrade -n /tmp/upgrade.bin` Revert to stock: To revert to stock, you need the MTD backup from step 6 above: 1. Unpack the MTD backup archive 2. Transfer the 'firmware' partition image to the router (e.g. mtd8_firmware.backup) 3. On the router, do `mtd write mtd8_firmware.backup firmware` Signed-off-by: Tom Brouwer <tombrouwer@outlook.com> [removed BOARD_NAME, OpenWRT->OpenWrt, changed LED device name to board name] Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* kernel: add kmod packages for Broadcom bcm53xxx switch supportTobias Schramm2020-01-121-0/+30
| | | | Signed-off-by: Tobias Schramm <tobleminer@gmail.com>
* kmod-sched-cake: bump to 20200110Kevin Darbyshire-Bryant2020-01-111-2/+2
| | | | | | | | | | | | | | | | | Keep up with a small amount of churn in the upstream repository. Upstream now represents the version of CAKE as found in the linux kernel from 4.19 onwards but with some compatibility stubs to allow building on <4.19. After a diversion related to an experimental ECN implementation which has now been reverted, the important and relevant changes for us are: 8a8946b sch_cake: avoid possible divide by zero in cake_enqueue() 183b320 RFC 8622 diffserv3, 4 & 8 LE PHB support 6ff4561 sch_cake: Make sure we can write the IP header before changing DSCP bits 9fba602 sch_cake: Use tc_skb_protocol for getting packet protocol Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* wireguard-tools: bump to 1.0.20200102Jason A. Donenfeld2020-01-091-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * systemd: update documentation URL * global: bump copyright Usual house keeping. * Makefile: DEBUG_TOOLS -> DEBUG and document * Makefile: port static analysis check * dns-hatchet: adjust path for new repo layout * Makefile: rework automatic version.h mangling These are some important-ish cleanups for downstream package maintainers that should make packaging this a lot smoother. * man: add documentation about removing explicit listen-port Documentation improvement. * wg-quick: linux: quote ifname for nft This should fix issues with weirdly named ifnames and odd versions of nft(8). * fuzz: find bugs in the config syntax parser * fuzz: find bugs when parsing uapi input These are two fuzzers that have been laying around without a repo for a while. Perhaps somebody with enough compute power will find bugs with them. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* wireguard: bump to 0.0.20200105Jason A. Donenfeld2020-01-091-2/+2
| | | | | | | | | | | | | | | | | | | * socket: mark skbs as not on list when receiving via gro Certain drivers will pass gro skbs to udp, at which point the udp driver simply iterates through them and passes them off to encap_rcv, which is where we pick up. At the moment, we're not attempting to coalesce these into bundles, but we also don't want to wind up having cascaded lists of skbs treated separately. The right behavior here, then, is to just mark each incoming one as not on a list. This can be seen in practice, for example, with Qualcomm's rmnet_perf driver. This lead to crashes on OnePlus devices and possibly other Qualcomm 4.14 devices. But I fear that it could lead to issues on other drivers on weird OpenWRT routers. This commit is upstream in net-next as: https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=736775d06bac60d7a353e405398b48b2bd8b1e54 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* dnsmasq: add uci-defaults script for config migrationDaniel Golle2020-01-092-1/+9
| | | | | | | | | When running sysupgrade from an existing configuration, UCI option dhcp.@dnsmasq[0].resolvfile needs to be modified in case it has not been changed from it's original value. Accomplish that using a uci-defaults script. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: disable ft_psk_generate_local for non-PSK networksDavid Bauer2020-01-091-1/+9
| | | | | | | | | | | | Without this commit, ft_psk_generate_local is enabled for non-PSK networks by default. This breaks 802.11r for EAP networks. Disable ft_psk_generate_local by default for non-PSK networks resolves this misbehavior. Reported-by: Martin Weinelt <martin@darmstadt.freifunk.net> Signed-off-by: David Bauer <mail@david-bauer.net> Tested-by: Martin Weinelt <martin@darmstadt.freifunk.net>
* ixp4xx: remove unmaintained targetAdrian Schmutzler2020-01-0814-712/+0
| | | | | | | | | | | This target is still on kernel 4.9, and it looks like there is no active maintainer for this target anymore. Remove the code and all the packages which are only used by this target. To add this target to OpenWrt again port it to a recent and supported kernel version. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ar7: remove unmaintained targetAdrian Schmutzler2020-01-0839-10017/+1
| | | | | | | | | | | This target seems to have been unmaintained for quite a while, and not a single tester for the (now outdated) kernel 4.14 patches has been found. Remove the code and all the packages which are only used by this target. To add this target to OpenWrt again port it to a recent and supported kernel version. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ar7: update kernel to version 4.14Hauke Mehrtens2020-01-081-0/+51
| | | | | | | | | | | | | This adds support for kernel 4.14 to the target and directly make it the default kernel version to use. This patch is build-tested only, but has never been device-tested. It is only added to preserve the changes in Git history prior to removing this target. Use it with care. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> [rebased and extended commit message, refreshed patches for 4.14.162] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ethtool: fix PKG_CONFIG_DEPENDSMatthias Schiffer2020-01-071-1/+1
| | | | | | Add missing CONFIG_ prefix. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* iperf: fix PKG_CONFIG_DEPENDSMatthias Schiffer2020-01-071-1/+1
| | | | | | | Fix typo in PKG_CONFIG_DEPENDS and missing CONFIG_ prefix. Fixes: e98e046f06f3 ("iperf: Allow enabling multicast support") Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* dnsmasq: bump PKG_RELEASEDaniel Golle2020-01-071-1/+1
| | | | | | | | Previous commit should have bumped PKG_RELEASE, but git add was forgotten... Add it now. Fixes: cd48d8d342 ("dnsmasq: switch to /tmp/resolv.conf.d/resolv.conf.auto") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* dnsmasq: switch to /tmp/resolv.conf.d/resolv.conf.autoDaniel Golle2020-01-072-7/+8
| | | | | | | Mount-bind directory instead of resolv.conf.auto file in jail to avoid problems when the file is deleted/replaced. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* netifd: move /tmp/resolv.conf.auto to /tmp/resolv.conf.d/Daniel Golle2020-01-071-4/+4
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: move /tmp/resolv.conf.auto to /tmp/resolv.conf.d/Daniel Golle2020-01-073-4/+5
| | | | | | Having it in a directory it more friendly for mount-bind. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* dnsmasq: Fix potential dnsmasq crash with TCPHauke Mehrtens2020-01-062-1/+36
| | | | | | | | | | | | | | | This is a backport from the dnsmasq master which should fix a bug which could cause a crash in dnsmasq. I saw the following crashes in my log: [522413.117215] do_page_fault(): sending SIGSEGV to dnsmasq for invalid read access from 2a001450 [522413.124464] epc = 004197f1 in dnsmasq[400000+23000] [522413.129459] ra = 004197ef in dnsmasq[400000+23000] This is happening in blockdata_write() when block->next is dereferenced, but I am not sure if this is related to this problem or if this is a different problem. I am unable to reproduce this problem. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* rpcd: Update to version 2020-01-05Hauke Mehrtens2020-01-051-3/+3
| | | | | | efe51f4 iwinfo: add current hw and ht mode to info call Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iwinfo: Update to version 2020-01-05Hauke Mehrtens2020-01-051-4/+4
| | | | | | bf2c106 nl80211: add htmode to iwinfo_ops Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* uclient: Update to version 2020-01-05Hauke Mehrtens2020-01-051-3/+3
| | | | | | fef6d3d uclient: Add string error function Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ustream-ssl: Update to version 2020-01-05Hauke Mehrtens2020-01-051-3/+3
| | | | | | | 30cebb4 ustream-ssl: mbedtls: fix ssl client verification 77de09f ustream-ssl: mbedtls: fix net_sockets.h include warning Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ubus: Update to version 2020-01-05Hauke Mehrtens2020-01-051-3/+3
| | | | | | d35df8a ubus: make libubus ready for linking into C++ Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ead: fix resource leak in tinysrpAndrea Dalla Costa2020-01-051-1/+3
| | | | | | | Add call to fclose for file pointer fp in function t_openpw. The resource leak could happen during an error handling. Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
* pppd: update to 2.4.8DENG Qingfang2020-01-0521-68/+67
| | | | | | | | | | | | | | | | | | | | 78cd384 Update README and patchlevel.h for 2.4.8 release 5d03403 pppd: Avoid use of strnlen (and strlen) in vslprintf a1e950a pppd: Fix IPv6 default route code for Solaris ca5e61b plugins/rp-pppoe: Make tag parsing loop condition more accurate c10c3c7 pppd: Make sure word read from options file is null-terminated b311e98 pppd: Limit memory accessed by string formats with max length specified 3ea9de9 pppd: Eliminate some more compiler warnings 57edb1a pppd: Include time.h header before using time_t 09f695f pppd: Don't free static string 03104ba pppd.h: Add missing headers 388597e pppd: Add defaultroute6 and related options 66ce4ba pppd: Avoid declarations within statements in main.c 5637180 pppd: Fix `ifname` option in case of multilink (#105) d00f8a0 pppd: Fix variable reference syntax in Makefile.linux b6b4d28 pppd: Check tdb pointer before closing Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
* dropbear: add missing zlib dependency for dropbearconvertMatt Merhar2020-01-051-0/+1
| | | | | | | | | | If CONFIG_DROPBEAR_ZLIB is set, building fails at the packaging stage due to an undeclared dependency on libz.so.1. As is already done for the main dropbear package, conditionally add a dependency on zlib. Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>