| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
For 64-bit capable systems, a symbolic link is set up for /lib64 to point to
/lib, so make sure the installation goes into /lib, irrespective of where the C
library files come from in an external toolchain.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
|
| |
|
|
|
|
| |
allow building of modules depending on RFKILL even if RFKILL is not enabled.
Signed-off-by: John Crispin <john@phrozen.org>
|
| |
|
|
| |
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
| |
|
|
|
|
|
| |
There is a separate package kmod-crypto-echainiv for echainiv.ko. Selecting
both packages led to a conflict, so remove the file from kmod-crypto-iv.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
| |
|
|
|
|
|
|
| |
This fixes bug that could cause WARNING on every add_key/del_key call.
It also replaces WARNING with a simple message. They may still occur
e.g. on station going out of range and A-MPDU stall in the firmware.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0
but was omitted from OpenSSL 1.0.2i. As a result any attempt to use
CRLs in OpenSSL 1.0.2i will crash with a null pointer exception.
Patches applied upstream:
* 301-fix_no_nextprotoneg_build.patch
* 302-Fix_typo_introduced_by_a03f81f4.patch
Security advisory: https://www.openssl.org/news/secadv/20160926.txt
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
|
| |
|
|
|
|
|
| |
Adds Google's mirrors as primary source and kernel.org as fallback.
Discussed in #lede-dev on Freenode
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
|
| |
|
|
| |
Signed-off by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
| |
Signed-off by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
| |
Include upstream patches for gzip, ip & ntpd.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
| |
Updates libjson-c and removes backport patch.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
|
| |
|
|
|
|
| |
Use alias instead of hardcoded URL
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
|
| |
|
|
|
|
|
|
|
|
|
| |
Within the Lua binding, use the same logic as the command line interface for
reporting the used WPA ciphers. Instead of printing the intersection of
pairwise and group ciphers, report both group and pairwise ciphers.
This fixes a case where a connection which uses CCMP for pairwise and TKIP
as groupwise cipher is getting reported as using the NONE cipher.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Linux kernel uses two distinct fields to denote the routing table ID in
use by network routes; the 8 bit `rtm_table` member of `struct rtmsg` and the
32 bit `RTA_TABLE` netlink attribute.
If a routing table ID is larger than 255, the `RT_TABLE` attribute must be used
and the `rtm_table` field has to be set to the special `RT_TABLE_UNSPEC` value.
This commit adds a patch which...
- switches the *_n2a() and *_a2n() functions of rt_names.c to use dynamically
sized, name-sorted arrays instead of fixed arrays limited to 1024 slots in
order to support IDs up to 65535
- adds proper handling of high table IDs to iprule.c and iproute.c when
adding, removing and dumping ip rules and network routes
After this change, the Busybox ip applet fully supports IP rules with high ID
numbers, using the same logic as the full iproute2.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
|
| |
Remove an invalid local variable declaration in the tunnel update subshell
invocation. Local declarations outside of function scopes are illegal since
the Busybox update to version 1.25.0 .
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
| |
All these patches are in wireless-drirvers-next. There is support for
hidden SSID, few new devices and many fixes.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
|
| |
IPKG_INSTROOT must be respected for offline removal (used for per-device
rootfs).
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Now that we know that the password is in /etc/shadow and not in
/etc/passwd, we can properly fix the logic for the empty password check.
Only 'root::' is an empty password, 'root:x:' and 'root:!:' allow no
password login at all.
This fixes the empty password warning still showing after the root password
has been locked using 'passwd -l root' (e.g. to allow public-key auth
only).
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Configurations without shadow passwords have been broken since the removal
of telnet: as the default entry in /etc/passwd is not empty (but rather
unset), there will be no way to log onto such a system by default. As
disabling shadow passwords is not useful anyways, remove this configuration
option.
The config symbol is kept (for a while), as packages from feeds depend on
it.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
| |
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Uboot-mvebu isn't a real package, which will break the image builder
when it tries to install it during the packing step. Instead of cleafog
selecting it through its default packages, make it default to m if the
clearfog profile is selected.
This will ensure it is always build, but never added to the rootfs. This
fixes creating images for clearfog with IB.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
| |
The clearfog image requires u-boot, so package it into KDIR to make sure
it is available in imageBuilder.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
| |
The fstools build depends on the CONFIG_NAND_SUPPORT flag, which is
target-specific.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
| |
|
|
|
|
|
|
|
|
|
| |
Running prepare_rootfs on TARGET_DIR deletes the opkg state when
CONFIG_CLEAN_IPKG is enabled, making the per-device rootfs package install
fail.
To avoid this, create a copy of the TARGET_DIR before prepare_rootfs is run
and use this as basis for per-device rootfs generation.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
| |
|
|
|
|
|
| |
br_netfilter.ko and the corresponding Kconfig symbol are already provided
by kmod-br-netfilter, which is a dependency of kmod-ebtables.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
| |
|
|
|
|
|
| |
This fix added to the openssl 1.0.2 branch.
In addition add the header for the existing backport.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
| |
Local variable declarations outside of functions are illegal since the Busybox
update to v1.25.0, therfore remove them from the appropriate places.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the following security problems:
7.50.1:
CVE-2016-5419 TLS session resumption client cert bypass
CVE-2016-5420 Re-using connections with wrong client cert
CVE-2016-5421 use of connection struct after free
7.50.2:
CVE-2016-7141 Incorrect reuse of client certificates
7.50.3:
CVE-2016-7167 curl escape and unescape integer overflows
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop 302-fix_no_cmac_build.patch, it has been applied upstream.
Security fixes:
* (Severity: High) OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
* (Severity: Moderate) SSL_peek() hang on empty record (CVE-2016-6305)
* 10 Low severity issues
Security advisory: https://www.openssl.org/news/secadv/20160922.txt
Changelog: https://www.openssl.org/news/cl102.txt
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update the linux-firmware package in order to force the buildbots to fetch the
proper mirrored version.
Currently each builder has its own copy of the linux-firmware checkout staged
in its own dl/, since the package was updated before the mirrored copy has
been uploaded. The builders then subsequently uploaded their own copy instead,
leading to md5sum mismatches since each clone produces different tarballs.
By bumping the package to a new version and uploading the mirrored archive
with the proper md5sum beforehand, the builders will fetch that instead and
not upload their own copies.
To properly solve that problem in the future we need to ensure that packed
checkouts become reproducable.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
| |
It messes up the build order of package/kernel/linux vs
package/kernel/mac80211
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Since the md5sum of the mirrored Git clone archive has been set in the Makefile
before that particular archive was uploaded to the source mirror, the buildbots
uploaded their own, different copy instead invalidating the mirror md5sum for
anyone else.
In order to fix the mismatch, update the md5sum to reflect the archive being
present on the download server.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
| |
The md5sum was not updated in commit 06fa1c46fc3 "busybox: update
to version 1.25.0"
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
| |
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
|
| |
|
|
| |
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
|
| |
|
|
| |
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
|
| |
|
|
|
|
|
|
|
|
| |
The Annex A firmware will be updated to:
05.08.01.08.01.06_05.08.00.0B.01.01_osc
The Annex B firmware will be updated to:
05.07.09.09.00.06_05.07.04.04.00.02_osc
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following patches were removed:
010-networking-fix-uninitialized-memory-when-displaying-.patch
https://git.busybox.net/busybox/commit/?id=f2c043acfcf9dad9fd3d65821b81f89986bbe54e
030-ip-fix-problem-on-mips64-n64-big-endian-musl-systems.patch
https://git.busybox.net/busybox/commit/?id=4ab372d49a6e82b0bf097dedb96d26330c5f2d5f
204-udhcpc_src_ip_rebind.patch
https://git.busybox.net/busybox/commit/?id=abe8f7515aded80889d78c2c1c8947997918cf90
230-ntpd_delayed_resolve.patch
https://git.busybox.net/busybox/commit/?id=c8641962e4cbde48108ddfc1c105e3320778190d
https://git.busybox.net/busybox/commit/?id=e4caf1dd9ce8569371a0eeb77ccf02a572dc0f11
260-arping_missing_includes.patch
Not needed any more, still builds with musl for me.
Add in 92fd6e6f1a "busybox: fix arping applet building on musl"
The Kconfig files were updated with these commands:
cd config
../convert_menuconfig.pl .../build_dir/target-*/busybox-1.25.0
cd ..
./convert_defaults.pl < .../build_dir/target-*/busybox-1.25.0/.config > Config-defaults.in
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
| |
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some devices (like the Cisco Meraki Z1 Cloud Managed Teleworker Gateway)
need to be able to initialize the PCIe wifi device. Normally, this is done
during the early stages of booting linux, because the necessary init code
is read from the memory mapped SPI and passed to pci_enable_ath9k_fixup.
However,this isn't possible for devices which have the init code for the
Atheros chip stored on NAND in an UBI volume. Hence, this module can be
used to initialze the chip when the user-space is ready to extract the
init code.
Martin Blumenstingl made a few fixes and added support for lantiq:
kernel: owl-loader: add support for OWL emulation PCI devices
kernel: owl-loader: don't re-scan the bus when ath9k_pci_fixup failed
kernel: owl-loader: use dev_* instead of pr_* logging functions
kernel: owl-loader: auto-generate the eeprom filename as fallback
kernel: owl-loader: add a debug message when swapping the eeprom data
kernel: owl-loader: add missing newlines in log messages
kernel: owl-loader: add support for the lantiq platform
These patches have been integrated. Thanks!
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
|
| |
|
|
| |
Signed-off-by: John Crispin <john@phrozen.org>
|
| |
|
|
|
|
|
|
| |
The default configuration might not be suitable for
every use case. Add options to enable/disable additional
options.
Signed-off-by: Andreas Schultz <aschultz@tpip.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Match sections allow to set a tag specified by the option networkid if the client
sends an option and optionally the option value specified by the match option.
The force option will convert the dhcp-option to force-dhcp-option if set to 1 in
the dnsmasq config if options are specified in the dhcp_option option.
config match
option networkid tag
option match 12,myhost
option force 1
list dhcp_option '3,192.168.1.1'
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
| |
|
|
| |
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
|
| |
|
|
|
|
| |
print a warning when a shell spawns, telling users to set a root password.
Signed-off-by: John Crispin <john@phrozen.org>
|
| |
|
|
|
|
| |
This driver allows to monitor netlink communication on the system.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
A padding to align a message should not only be added between
different attributes of a netlink message, but also at the end of the
message to pad it to the correct size.
Without this patch the following command does not work and returns an
error code:
ip link add type nlmon
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
| |
This adds e.g. BCM43430 firmware (not packaged yet).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
