aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* ltq-vdsl-fw: update firmware filename and download URLDaniel Golle2019-09-213-5/+5
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-09-211-3/+3
| | | | | | 95f0973 file: increase minimum read buffer size to 4096 bytes Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* usign: update to latest Git HEADHauke Mehrtens2019-09-211-3/+3
| | | | | | f34a383 main: fix some resource leaks Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* fstools: update to latest Git HEADHauke Mehrtens2019-09-211-3/+3
| | | | | | | | 4327ed4 mkdev: Avoid out of bounds read 9b3eb63 libblkid-tiny: use blkid_probe_set_utf8label for label set c9d0462 libblkid-tiny: adds blkid_probe_set_utf8label support Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* procd: update to the latest git HEADHauke Mehrtens2019-09-211-3/+3
| | | | | | | 8e9fb51 procd: Switch to nanosleep c844ace system: Fix possible integer overflows Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* hostapd: Fix AP mode PMF disconnection protection bypassHauke Mehrtens2019-09-214-6/+72
| | | | | | | | This fixes * CVE-2019-16275 AP mode PMF disconnection protection bypass https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* sunxi: Add support for Banana Pi M2 UltraHal Martin2019-09-212-0/+32
| | | | | | | | | | | | | | | | | | CPU: Allwinner R40 Quad-Core Cortex-A7 @ 1.2GHz GPU: Mali 400 MP2 Memory: 2GB DDR3 onboard (shared with GPU) Onboard: Storage microSD card slot Onboard: Storage 8GB eMMC Onboard: Network 10/100/1000M Ethernet RJ45 Onboard: Network WiFi 802.11b/g/n 1x1 (AMPAK AP6212; brcmfmac) Onboard header: SPI, I2C, GPIO, UART USB: Two USB 2.0 Host, One USB 2.0 OTG Known issues: - WiFi doesn't work - eMMC not supported Signed-off-by: Hal Martin <hal.martin@gmail.com>
* elfutils: Add host buildRosen Penev2019-09-212-16/+9
| | | | | | | | | | | | | | | | | | | | | | | Needed for glib2 host build: gresource-tool.c:32:20: fatal error: libelf.h: No such file or directory #include <libelf.h> Changed PKG_LICENSE to the SPDX version. Switched build dependency for argp-standalone to !USE_GLIBC. argp is a glibc extension. Treat it as such. Adjusted patch to use strerror_l, which works properly with both glibc and musl. The patch errors under glibc with: dwfl_error.c:158:7: error: ignoring return value of 'strerror_r', declared with attribute warn_unused_result [-Werror=unused-result] strerror_r (error & 0xffff, s, sizeof(s)); void casting does not fix the error. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* wolfssl: allow building with hw-crytpo and AES-CCMEneas U de Queiroz2019-09-204-21/+160
| | | | | | | | Hardware acceleration was disabled when AES-CCM was selected as a workaround for a build failure. This applies a couple of upstream patches fixing this. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* mbedtls: update to 2.16.3Magnus Kroken2019-09-203-52/+25
| | | | | | | Remove 300-bn_mul.h-Use-optimized-MULADDC-code-only-on-ARM-6.patch, the issue has been fixed upstream. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* uClibc++: Remove faulty patchRosen Penev2019-09-202-14/+1
| | | | | | | | | | | | | | | This patch was originally added to fix compilation with v4l2rtspserver. Turns out it was v4l2rtspserver that was broken, not uClibc++. This now causes issues with a different package where the arguments are being split. Note that with this patch, shellcheck throws an error: SC2068: Double quote array expansions to avoid re-splitting elements. More: https://github.com/openwrt/packages/pull/9972#discussion_r324878373 Signed-off-by: Rosen Penev <rosenp@gmail.com>
* iwinfo: update to latest Git HEADJo-Philipp Wich2019-09-201-3/+3
| | | | | | | | | 02112f9 cli: fix reporting of mixed WPA2/WPA3 versions 7faeaea nl80211: properly detect WEP encryption in wpa_supp scan results 629b5ff nl80211: do not confuse open connections with WEP ones 3d47ddd nl80211: rework hostapd and wpa_supplicant wpa suite parsing Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* hostapd: mirror ieee80211w ap mode defaults in station modeJo-Philipp Wich2019-09-202-1/+10
| | | | | | | | | | | For AP mode, OpenWrt automatically sets ieee80211w to either 1 or 2, depending on whether the encryption is set to sae-mixed, or sae/owe/eap suite-b. Mirror the same defaults for client mode connections, in order to allow an OpenWrt station to associate to an OpenWrt ap with SAE, OWE or Suite-B encryption without the need to manually specify "option ieee80211w" on the station. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* hostapd: fix OWE settings in client modeJo-Philipp Wich2019-09-202-1/+2
| | | | | | | | This changes fixes the generation of the wpa_supplicant client configuration in WPA3 OWE client mode. Instead of incorrectly emitting key_mgmt=NONE, use the proper key_mgmt=OWE setting instead. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* kernel: add module for Emulex OneConnect 10GbitAlberto Bursi2019-09-191-0/+21
| | | | | | | | add module to support Emulex OneConnect common in 10Gbit SFP+ cards by Dell/HP/IBM supports OneConnect OCe10xxx OCe11xxx OCe14xxx, LightPulse LPe12xxx Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
* hostapd: declare struct wpa_bss earlyLeon M. George2019-09-191-0/+19
| | | | | | | | | | | | | | | | wps_supplicant.h assumes that 'struct wpa_bss' is forward declared if CONFIG_WPS is not defined. With the later inclusion of 600-ubus_support, the issue manifests in warnings like these: wps_supplicant.h:113:15: warning: 'struct wpa_bss' declared inside parameter list will not be visible outside of this definition or declaration struct wpa_bss *bss) ^~~~~~~ This patch forward declares 'struct wpa_bss' regardless. Signed-off-by: Leon M. George <leon@georgemail.eu> [commit message facelift] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* hostapd: revert signature change in patchLeon M. George2019-09-191-1/+1
| | | | | | | | | | | | The original wpa_hexdump uses a 'void *' for the payload. With patch 410-limit_debug_messages, the signature changes and compiler warnings occur at various places. One such warning is: wpa_debug.h:106:20: note: expected 'const u8 * {aka const unsigned char *}' but argument is of type 'struct wpa_eapol_key *' Signed-off-by: Leon M. George <leon@georgemail.eu> [commit message facelift] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: provide option to specify label MAC address in board.dAdrian Schmutzler2019-09-193-0/+14
| | | | | | | | | | | | | | For many devices, MAC addresses cannot be retrieved via the device tree alias. To still provide the label MAC address for those, this implements a second mechanism that will put the address into uci config. Note that this stores the actual MAC address, whereas in DTS we reference the bearing device. This is based on the work of Rosy Song <rosysong@rosinson.com> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: add function to retrieve label MAC addressAdrian Schmutzler2019-09-191-0/+10
| | | | | | | | | | | | | | | | To refer to the MAC address on a device's label, one can specify the alias label-mac-device in the DTS which should point to the bearer of the corresponding MAC address. With the function get_mac_label, the user can retrieve then retrieve this address and use it as a value that uniquely identifies his device. This is severely helpful for several downstream functionalities, e.g. define MAC addresses of custom netifs or change the SSID to be easily recognizable. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* curl: bump to 7.66.0Hans Dedecker2019-09-192-4/+4
| | | | | | | | | | Refresh patches, for changes in version 7.66.0 see https://curl.haxx.se/changes.html#7_66_0 Fixes CVEs: CVE-2019-5481 CVE-2019-5482 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* openssl: bump to 1.1.1dEneas U de Queiroz2019-09-1912-2524/+223
| | | | | | | | | | | | | This version fixes 3 low-severity vulnerabilities: - CVE-2019-1547: ECDSA remote timing attack - CVE-2019-1549: Fork Protection - CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey Patches were refreshed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* brcm2708-gpu-fw: update to latest firmwareÁlvaro Fernández Rojas2019-09-191-15/+15
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* procd: fix invalid JSON filter expression in procd_running()Jo-Philipp Wich2019-09-192-2/+2
| | | | | | | | | Since service and instance names may contain characters which are not allowed in JSON path labels, such as dashes or spaces, change the filter expression to array square bracket notation to properly match these cases as well. Fixes: 2c3dd70741 ("procd: add procd_running() helper for checking running state") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall: update to latest Git HEADJo-Philipp Wich2019-09-181-3/+3
| | | | | | | 383eb58 ubus: do not overwrite ipset name attribute Ref: https://forum.openwrt.org/t/fw3-ipset-procd-objects/44044 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* procd: update to the latest git HEADRafał Miłecki2019-09-181-3/+3
| | | | | | | 62dc8c0 system: sysupgrade: send reply on error 2710c65 system: refuse sysupgrade with backup if it's unsupported Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* mac80211: brcmfmac: backport the last 5.4 changesRafał Miłecki2019-09-164-1/+413
| | | | | | | This makes brcmfmac use the same wiphy after PCIe reset to help user space handle corner cases (e.g. firmware crash). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* firewall: update to latest git HEADPetr Štetiar2019-09-151-3/+3
| | | | | | c26f8907d1d2 firewall3: fix typo that affects ICMPv6 rules with numeric icmp_type Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ath10k-ct: update to version 2019-09-09Robert Marko2019-09-159-18/+18
| | | | | | | | | Update the ath10k-ct driver version to 5e8cd86f90dac966d12df6ece84ac41458d0e95f to enable dynamic VLANs to work. Patches refreshed during the bump. Signed-off-by: Robert Marko <robimarko@gmail.com> [commit description facelift] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ath10k-firmware: update Candela Tech firmware imagesRobert Marko2019-09-151-20/+20
| | | | | | | This enables a feature flag in the wave-2 firmware wmi-services indicating it can send software-encrypted raw frames. This should in turn allow the AP-VLAN feature to work. Signed-off-by: Robert Marko <robimarko@gmail.com>
* netifd,lldpd,rpcd,log: use generic service_runningPetr Štetiar2019-09-154-17/+0
| | | | | | | | | | | | | | | | | | commit eb204d14f75c ("base-files: implement generic service_running") introduced generic service_running so it's not needed to copy&paste same 3 lines over and over again. I've removed service_running from netifd/network init script as well, because it was not working properly, looked quite strange and I didn't understand the intention: $ /etc/init.d/network stop $ service network running && echo "yes" || echo "nope" ( have to wait for 30s ) Command failed: Request timed out yes Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files,procd: add generic service statusLuiz Angelo Daros de Luca2019-09-152-1/+35
| | | | | | | | | | | | | | Adds a default status action for init.d scripts. procd "service status" will return: 0) for loaded services (even if disabled by conf or dead) 3) for inactive services 4) when filtering a non-existing instance Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com> [rebased, cleaned up] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: implement generic service_runningPetr Štetiar2019-09-151-1/+6
| | | | | | | DRY is good, otherwise we're going to suffer with a copy&paste disease in the init scripts. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* odhcpd: update to latest git HEADHans Dedecker2019-09-151-3/+3
| | | | | | | | 1d24009 netlink: rename netlink callback handlers 91a28e4 ndp: answer global-addressed NS manually fd93e36 dhcpv6: retry failed PD assignments on addrlist change Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: fix update to git HEADHans Dedecker2019-09-121-2/+2
| | | | | | | | | | | | | | | | Fixes commit 7ff5b12e90 e73bf11 config: ra_management compatibility support d818380 odhcpd: router: Fix out of scope memory access 94a1c94 dhcpv6-ia: free assignment when validity timer expires 752fc2c router: speed up initial router advertisements 09aa022 router: close socket upon NETEV_IFINDEX_CHANGE fixed 79eb160 router: fix previous commit 6034b5c router: close socket upon NETEV_IFINDEX_CHANGE 000182f router: fix lingering uloop socket descriptor f6c2242 router: support ra_lifetime being 0 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* umbim: update to latest git HEADIngo Feinerer2019-09-121-3/+3
| | | | | | 184b707 umbim: add home provider query support Signed-off-by: Ingo Feinerer <feinerer@logic.at>
* odhcpd: update to latest git HEAD (FS#2019)Hans Dedecker2019-09-122-2/+5
| | | | | | | | | | | | | | | | | e73bf11 config: ra_management compatibility support d818380 odhcpd: router: Fix out of scope memory access 94a1c94 dhcpv6-ia: free assignment when validity timer expires 752fc2c router: speed up initial router advertisements 09aa022 router: close socket upon NETEV_IFINDEX_CHANGE fixed 79eb160 router: fix previous commit 6034b5c router: close socket upon NETEV_IFINDEX_CHANGE 000182f router: fix lingering uloop socket descriptor f6c2242 router: support ra_lifetime being 0 d111809 router: make RA flags configurable (FS#2019) Update odhcpd defaults according to the new RA flags implementation Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* mt76: probe load mt7615 driver asynchronouslyFelix Fietkau2019-09-121-0/+1
| | | | | | It can take a long time to load the firmware Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iwinfo: update to latest Git HEADDavid Bauer2019-09-121-3/+3
| | | | | | | a88fb42 iwinfo: add device id for Qualcomm Atheros QCA9886 1b69d86 iwinfo: add device id for Qualcomm Atheros QCA9887 Signed-off-by: David Bauer <mail@david-bauer.net>
* treewide: sysupgrade: use $UPGRADE_BACKUP to check for backupRafał Miłecki2019-09-113-3/+2
| | | | | | | Now that $UPGRADE_BACKUP is set conditionally there is no need to check the $UPGRADE_OPT_SAVE_CONFIG anymore. All conditions can be simplified. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* procd: update to the latest git HEADRafał Miłecki2019-09-111-3/+3
| | | | | | | | | b8238df sysupgrade: support "backup" attribute This update requires "sysupgrade" method callers to pass "backup" attribute if $UPGRADE_BACKUP is used in the project. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: sysupgrade: pass "backup" ubus attributeRafał Miłecki2019-09-111-0/+3
| | | | | | | | This explicitly tells procd what backup file should be used during sysupgrade (if any). It's much more generic this way compared to the magic /tmp/sysupgrade.tgz file that had to be created before a call. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* hostapd: SAE/EAP-pwd side-channel attack updateHauke Mehrtens2019-09-109-1/+397
| | | | | | | | Fixes this security problem: * SAE/EAP-pwd side-channel attack update https://w1.fi/security/2019-6/sae-eap-pwd-side-channel-attack-update.txt Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* hostapd: Fix security problemHauke Mehrtens2019-09-103-1/+81
| | | | | | | | | | | This fixes: CVE-2019-11555 "EAP-pwd message reassembly issue with unexpected fragment" https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt This shouöld not affect OpenWrt in the default settings as we do not use EAP-pwd. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-09-101-3/+3
| | | | | | e2a7bc4 iwinfo: add WPA3 support Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mac80211: brcmfmac: backport more kernel 5.4 changesRafał Miłecki2019-09-098-9/+283
| | | | | | | Patch getting RAM info got upstreamed. A debugging fs entry for testing reset feature was added. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-09-081-4/+4
| | | | | | | | | | | 69eeb1b file: refactor message parsing and permission checking f65527a iwinfo: expose all rate info fields in assoclist reply 7fec636 sys: fix symbol redeclaration 27c24c7 rpcd: sys: actually move timespec declaration 345363b file: add remove operation 604db20 rpcd: Switch to nanosleep Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall: update to latest git HEADHauke Mehrtens2019-09-081-3/+3
| | | | | | 487bd0d utils: Fix string format message Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* base-files: validate firmware for compatibility with backupRafał Miłecki2019-09-081-0/+7
| | | | | | | | | This allows platform code to check if firmware image can be used with preserving a backup. It may be used e.g. when installing vendor firmwares that won't restore appended backup archive. Suggested-by: Luis Araneda <luaraneda@gmail.com> Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* firewal: update to latest git HEADHans Dedecker2019-09-071-3/+3
| | | | | | | | 4d0c703 firewall3: Fix some format string problems 8c404ef iptables.c: lock the xtables.lock c1d3a4d utils: implement fw3_lock_path() & fw3_unlock_path() Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcp6c: update to latest git HEADHans Dedecker2019-09-071-2/+2
| | | | | | e199804 dhcpv6: sanitize oro options Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>