aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* firewall: update to latest git HEADPetr Štetiar2019-09-151-3/+3
| | | | | | c26f8907d1d2 firewall3: fix typo that affects ICMPv6 rules with numeric icmp_type Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ath10k-ct: update to version 2019-09-09Robert Marko2019-09-159-18/+18
| | | | | | | | | Update the ath10k-ct driver version to 5e8cd86f90dac966d12df6ece84ac41458d0e95f to enable dynamic VLANs to work. Patches refreshed during the bump. Signed-off-by: Robert Marko <robimarko@gmail.com> [commit description facelift] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ath10k-firmware: update Candela Tech firmware imagesRobert Marko2019-09-151-20/+20
| | | | | | | This enables a feature flag in the wave-2 firmware wmi-services indicating it can send software-encrypted raw frames. This should in turn allow the AP-VLAN feature to work. Signed-off-by: Robert Marko <robimarko@gmail.com>
* netifd,lldpd,rpcd,log: use generic service_runningPetr Štetiar2019-09-154-17/+0
| | | | | | | | | | | | | | | | | | commit eb204d14f75c ("base-files: implement generic service_running") introduced generic service_running so it's not needed to copy&paste same 3 lines over and over again. I've removed service_running from netifd/network init script as well, because it was not working properly, looked quite strange and I didn't understand the intention: $ /etc/init.d/network stop $ service network running && echo "yes" || echo "nope" ( have to wait for 30s ) Command failed: Request timed out yes Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files,procd: add generic service statusLuiz Angelo Daros de Luca2019-09-152-1/+35
| | | | | | | | | | | | | | Adds a default status action for init.d scripts. procd "service status" will return: 0) for loaded services (even if disabled by conf or dead) 3) for inactive services 4) when filtering a non-existing instance Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com> [rebased, cleaned up] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: implement generic service_runningPetr Štetiar2019-09-151-1/+6
| | | | | | | DRY is good, otherwise we're going to suffer with a copy&paste disease in the init scripts. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* odhcpd: update to latest git HEADHans Dedecker2019-09-151-3/+3
| | | | | | | | 1d24009 netlink: rename netlink callback handlers 91a28e4 ndp: answer global-addressed NS manually fd93e36 dhcpv6: retry failed PD assignments on addrlist change Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: fix update to git HEADHans Dedecker2019-09-121-2/+2
| | | | | | | | | | | | | | | | Fixes commit 7ff5b12e90 e73bf11 config: ra_management compatibility support d818380 odhcpd: router: Fix out of scope memory access 94a1c94 dhcpv6-ia: free assignment when validity timer expires 752fc2c router: speed up initial router advertisements 09aa022 router: close socket upon NETEV_IFINDEX_CHANGE fixed 79eb160 router: fix previous commit 6034b5c router: close socket upon NETEV_IFINDEX_CHANGE 000182f router: fix lingering uloop socket descriptor f6c2242 router: support ra_lifetime being 0 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* umbim: update to latest git HEADIngo Feinerer2019-09-121-3/+3
| | | | | | 184b707 umbim: add home provider query support Signed-off-by: Ingo Feinerer <feinerer@logic.at>
* odhcpd: update to latest git HEAD (FS#2019)Hans Dedecker2019-09-122-2/+5
| | | | | | | | | | | | | | | | | e73bf11 config: ra_management compatibility support d818380 odhcpd: router: Fix out of scope memory access 94a1c94 dhcpv6-ia: free assignment when validity timer expires 752fc2c router: speed up initial router advertisements 09aa022 router: close socket upon NETEV_IFINDEX_CHANGE fixed 79eb160 router: fix previous commit 6034b5c router: close socket upon NETEV_IFINDEX_CHANGE 000182f router: fix lingering uloop socket descriptor f6c2242 router: support ra_lifetime being 0 d111809 router: make RA flags configurable (FS#2019) Update odhcpd defaults according to the new RA flags implementation Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* mt76: probe load mt7615 driver asynchronouslyFelix Fietkau2019-09-121-0/+1
| | | | | | It can take a long time to load the firmware Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iwinfo: update to latest Git HEADDavid Bauer2019-09-121-3/+3
| | | | | | | a88fb42 iwinfo: add device id for Qualcomm Atheros QCA9886 1b69d86 iwinfo: add device id for Qualcomm Atheros QCA9887 Signed-off-by: David Bauer <mail@david-bauer.net>
* treewide: sysupgrade: use $UPGRADE_BACKUP to check for backupRafał Miłecki2019-09-113-3/+2
| | | | | | | Now that $UPGRADE_BACKUP is set conditionally there is no need to check the $UPGRADE_OPT_SAVE_CONFIG anymore. All conditions can be simplified. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* procd: update to the latest git HEADRafał Miłecki2019-09-111-3/+3
| | | | | | | | | b8238df sysupgrade: support "backup" attribute This update requires "sysupgrade" method callers to pass "backup" attribute if $UPGRADE_BACKUP is used in the project. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: sysupgrade: pass "backup" ubus attributeRafał Miłecki2019-09-111-0/+3
| | | | | | | | This explicitly tells procd what backup file should be used during sysupgrade (if any). It's much more generic this way compared to the magic /tmp/sysupgrade.tgz file that had to be created before a call. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* hostapd: SAE/EAP-pwd side-channel attack updateHauke Mehrtens2019-09-109-1/+397
| | | | | | | | Fixes this security problem: * SAE/EAP-pwd side-channel attack update https://w1.fi/security/2019-6/sae-eap-pwd-side-channel-attack-update.txt Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* hostapd: Fix security problemHauke Mehrtens2019-09-103-1/+81
| | | | | | | | | | | This fixes: CVE-2019-11555 "EAP-pwd message reassembly issue with unexpected fragment" https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt This shouöld not affect OpenWrt in the default settings as we do not use EAP-pwd. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-09-101-3/+3
| | | | | | e2a7bc4 iwinfo: add WPA3 support Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mac80211: brcmfmac: backport more kernel 5.4 changesRafał Miłecki2019-09-098-9/+283
| | | | | | | Patch getting RAM info got upstreamed. A debugging fs entry for testing reset feature was added. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-09-081-4/+4
| | | | | | | | | | | 69eeb1b file: refactor message parsing and permission checking f65527a iwinfo: expose all rate info fields in assoclist reply 7fec636 sys: fix symbol redeclaration 27c24c7 rpcd: sys: actually move timespec declaration 345363b file: add remove operation 604db20 rpcd: Switch to nanosleep Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall: update to latest git HEADHauke Mehrtens2019-09-081-3/+3
| | | | | | 487bd0d utils: Fix string format message Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* base-files: validate firmware for compatibility with backupRafał Miłecki2019-09-081-0/+7
| | | | | | | | | This allows platform code to check if firmware image can be used with preserving a backup. It may be used e.g. when installing vendor firmwares that won't restore appended backup archive. Suggested-by: Luis Araneda <luaraneda@gmail.com> Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* firewal: update to latest git HEADHans Dedecker2019-09-071-3/+3
| | | | | | | | 4d0c703 firewall3: Fix some format string problems 8c404ef iptables.c: lock the xtables.lock c1d3a4d utils: implement fw3_lock_path() & fw3_unlock_path() Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcp6c: update to latest git HEADHans Dedecker2019-09-071-2/+2
| | | | | | e199804 dhcpv6: sanitize oro options Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* uboot-fritz4040: build with ipq40xx "generic" subtargetYousong Zhou2019-09-061-0/+1
| | | | | | Fixes: 853e4dd3 ("ipqx0xx: add Generic subtarget") Ref: https://forum.openwrt.org/t/ipq40xx-snapshot-not-updated-since-22nd-august/44126 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* treewide: use new procd sysupgrade $UPGRADE_BACKUP variableRafał Miłecki2019-09-052-2/+1
| | | | | | | | | | It's a variable set by procd that should replace hardcoded /tmp/sysupgrade.tgz. This change requires the most recent procd with the commit 0f3c136 ("sysupgrade: set UPGRADE_BACKUP env variable"). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* procd: update to the latest git HEADRafał Miłecki2019-09-051-3/+3
| | | | | | | | | | 0f3c136 sysupgrade: set UPGRADE_BACKUP env variable 0bcbbbf system: fix uninitialized variables in firmware validation code This update includes a fix for uninitialized variable usage. Fixes: 7290963d0992 ("procd: update to the latest git HEAD") Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: use get_mac_binary() in mtd_get_mac_binary_ubi()Adrian Schmutzler2019-09-051-6/+1
| | | | | | | | | | | | The actual retrieval of the MAC address in mtd_get_mac_binary_ubi() is the same as in get_mac_binary(). Thus, use the latter function in the former to reduce duplicate code. This will also allow to benefit from the enhanced path check there and bring mtd_get_mac_binary_ubi() more in line with the similar mtd_get_mac_binary(). Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: fix mtd_get_mac_text not accepting hex offsetsDavid Bauer2019-09-051-1/+1
| | | | | | | | | | | The mtd_get_mac_text helper method did not support hexadecimal offset values, resulting them to break after 75bfc393ba6c ("treewide: convert MAC address location offsets to hexadecimal") This commit fixes this by evaluating the hexadecimal input, converting them to decimal. Signed-off-by: David Bauer <mail@david-bauer.net>
* treewide: don't hardcode "sysupgrade.tgz" file nameRafał Miłecki2019-09-052-1/+3
| | | | | | | | 1) Add BACKUP_FILE and use it when copying an archive to be restored after sysupgrade (on the next preinit). 2) Use CONF_TAR for copying backup prepared by the /sbin/sysupgrade Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* uboot-envtools: Update to U-Boot version 2019.07Hauke Mehrtens2019-09-042-7/+7
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* brcm2708-gpu-fw: update to latest firmwareÁlvaro Fernández Rojas2019-09-041-15/+15
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* procd: update to the latest git HEADRafał Miłecki2019-09-041-3/+3
| | | | | | | | | | | | 34ac88c system: reject sysupgrade of invalid firmware images by default f55c235 system: reject sysupgrade of broken firmware images e990e21 system: add "validate_firmware_image" ubus method This update changes "sysupgrade" ubus method API. It's now required to pass "force" attribute whenever invalid firmware is meant to be installed. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: pass "force" parameter to the "sysupgrade" callRafał Miłecki2019-09-041-0/+3
| | | | | | | This makes sysupgrade work with the most recent procd that validates firmware before proceeding. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* uci: update to latest Git HEADHauke Mehrtens2019-09-011-3/+3
| | | | | | 415f9e4 uci/file: replace mktemp() with mkstemp() Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iwinfo: update to latest Git HEADHauke Mehrtens2019-09-011-3/+3
| | | | | | | | f599a8d iwinfo: Fix rate buffer size 71ec9be iwinfo: Fix buffer size f8ef450 iwinfo: Add support for WPA3 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* grub2: bump to 2.04Tomasz Maciej Nowak2019-09-017-187/+11
| | | | | | | | | | | | | | | | | | | | | * GCC 8 and 9 support. * Gnulib integration overhaul. * RISC-V support. * Xen PVH support. * Native UEFI secure boot support. * UEFI TPM driver. * New IEEE 1275 obdisk driver. * Btrfs RAID 5 and RIAD 6 support. * bootin from F2FS support. * PARTUUID support. * VLAN support. * Native DHCP support. * Many ARM and ARM64 fixes. * Many SPARC fixes. * Many IEEE 1275 fixes. * ...and tons of other fixes and cleanups... Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
* uboot-zynq: update to 2019.07Luis Araneda2019-09-015-569/+28
| | | | Signed-off-by: Luis Araneda <luaraneda@gmail.com>
* nftables: bump to version 0.9.2Konstantin Demin2019-09-012-31/+4
| | | | | | | | | | | | | | - exclude Python-related stuff from build - drop patches: * 010-uclibc-ng.patch, applied upstream ipkg size decrease by 2.8%: old: 194.851 nftables_0.9.0-2_arm_cortex-a7_neon-vfpv4.ipk new: 189.581 nftables_0.9.2-1_arm_cortex-a7_neon-vfpv4.ipk Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* libnftnl: bump to version 1.1.4Konstantin Demin2019-09-011-2/+2
| | | | | | | | | | | | ABI version is same. The ipkg size increase by about 2.2%: old: 47.909 libnftnl11_1.1.3-1_arm_cortex-a7_neon-vfpv4.ipk new: 48.985 libnftnl11_1.1.4-1_arm_cortex-a7_neon-vfpv4.ipk Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-09-011-3/+3
| | | | | | | 821045f file: add path based read/write/exec ACL checks fb337e5 file: add stat() information to directory listings Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: add support to generate EC keysEneas U de Queiroz2019-09-013-2/+14
| | | | | | | | This adds the key_type and ec_curve options to enable the generation of EC keys during initialization, using openssl or the new options added to px5g. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* px5g: support EC keysEneas U de Queiroz2019-09-012-19/+71
| | | | | | | | | | | | | | | | | | This adds an 'eckey' command to generate an EC key, with an optional curve name argument, with P-256 as default. For the 'selfsigned' command, it adds an 'ec' algorithm argument to the '-newkey' option, and a '-pkeyopt ec_paramgen_curve:<curvename>' option, mirroring the way openssl specifies the curve name. Notice that curve names are not necessarily the same in mbedtls and openssl. In particular, secp256r1 works for mbedtls, but openssl uses prime256v1 instead. px5g uses mbedtls, but short NIST curve names P-256 and P-384 are specifically supported. Package size increased by about 900 bytes (arm). Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* openssl: always build with EC supportEneas U de Queiroz2019-09-012-19/+2
| | | | Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* libnfnetlink: Avoid passing both -fPIC and -fpicRosen Penev2019-08-311-3/+4
| | | | | | | | Instead, instruct the configure script to use $(FPIC) only. Mixing -fPIC and -fpic can cause issues on some platforms like PPC. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* ncurses: Do not pass both -fPIC and -fpicRosen Penev2019-08-311-2/+4
| | | | | | | | | | The configure scripts matches Linux with -fPIC, which is not exactly what is desired. Since we are already passing $(FPIC), added a CONFIGURE_VAR to avoid passing -fPIC. Removed PKG_BUILD_DIR as it is already the default value. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* lua: create lua symlink for host installationDavid Bauer2019-08-311-1/+3
| | | | | | | | | Since the binaries for both lua as well as lua5.3 contain the version number, invocations of the "lua" binary are failing, as it's not created anymore for the host package. Fixes: fe59b46 ("lua: include version number in installed files") Signed-off-by: David Bauer <mail@david-bauer.net>
* base-files: use JSON for storing firmware validation infoRafał Miłecki2019-08-302-14/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | So far firmware validation result was binary limited: it was either successful or not. That meant various limitations, e.g.: 1) Lack of proper feedback on validation problems 2) No way of marking firmware as totally broken (impossible to install) This change introduces JSON for storing detailed validation info. It provides a list of performed validation tests and their results. It allows marking firmware as non-forceable (broken image that can't be even forced to install). Example: { "tests": { "fwtool_signature": true, "fwtool_device_match": true }, "valid": true, "forceable": true } Implementation is based on *internal* check_image bash script that: 1) Uses existing validation functions 2) Provides helpers for setting extra validation info This allows e.g. platform_check_image() to call notify_check_broken() when needed & prevent user from bricking a device. Right now the new JSON info is used by /sbin/sysupgrade only. It still doesn't make use of "forceable" as that is planned for later development. Further plans for this feature are: 1) Expose firmware validation using some new ubus method 2) Move validation step from /sbin/sysupgrade into "sysupgrade" ubus method so: a) It's possible to safely sysupgrade using ubus only b) /sbin/sysupgrade can be more like just a CLI Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* linux-firmware: add mediatek BT firmwareJohn Crispin2019-08-301-0/+9
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* mac80211: rt2x00: revert commit causing regression in 5GHz bandDaniel Golle2019-08-298-14/+84
| | | | | | | | | | | | | | | | | | | From: Stanislaw Gruszka <sgruszka@redhat.com> This reverts commit 9ad3b55654455258a9463384edb40077439d879f. As reported by Sergey: "I got some problem after upgrade kernel to 5.2 version (debian testing linux-image-5.2.0-2-amd64). 5Ghz client stopped to see AP. Some tests with 1metre distance between client-AP: 2.4Ghz -22dBm, for 5Ghz - 53dBm !, for longer distance (8m + walls) 2.4 - 61dBm, 5Ghz not visible." It was identified that rx signal level degradation was caused by 9ad3b5565445 ("rt2800: enable TX_PIN_CFG_LNA_PE_ bits per band"). So revert this commit. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-09 02:55:23 +0000