aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* dnsmasq: 'ipset' config sectionsAleksandr Mezin2020-11-112-1/+28
| | | | | | | | | | | | | | | | | | | | | | | Allow configuring ipsets with dedicated config sections: config ipset list name 'ss_rules_dst_forward' list name 'ss_rules6_dst_forward' list domain 't.me' list domain 'telegram.org' instead of current, rather inconvenient syntax: config dnsmasq ... list ipset '/t.me/telegram.org/ss_rules_dst_forward,ss_rules6_dst_forward' Current syntax will still continue to work though. With this change, a LuCI GUI for DNS ipsets should be easy to implement. Signed-off-by: Aleksandr Mezin <mezin.alexander@gmail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* base-files: bump PKG_RELEASEYousong Zhou2020-11-111-1/+1
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* base-files: upgrade: stage2: use v for log linesYousong Zhou2020-11-111-7/+7
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* base-files: upgrade: fwtool.sh: rewording logsYousong Zhou2020-11-111-2/+2
| | | | | | | | | | The intent is to make it sound more like info level message, not some error like "404 not found". x86 target at the moment makes image with only signature but no metadata (ref commit f8141216 "x86: append metadata to combined images"). Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> Reviewed-By: Philip Prindeville <philipp@redfish-solutions.com>
* base-files: upgrade: fwtool.sh: use v for log linesYousong Zhou2020-11-111-13/+13
| | | | | | | | | This will have at least the following effects - Log lines will have common prefix - They will be output to stderr instead of stdout Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* base-files: upgrade: add get_image_dd()Yousong Zhou2020-11-111-0/+11
| | | | | | | | | | This is mainly to handle stderr message "Broken pipe", "F+P records in/out" by common pattern "xcat | dd .." Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3140 Reported-by: Philip Prindeville <philipp@redfish-solutions.com> Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> Reviewed-By: Philip Prindeville <philipp@redfish-solutions.com>
* base-files: upgrade: use stdin redirection to replace cat commandYousong Zhou2020-11-111-1/+1
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* base-files: upgrade: add vn and variantsYousong Zhou2020-11-111-1/+13
| | | | | | | | | | | | To be used with in the following pattern vn "Remaining: " for p in $xx; do _vn "$p" done _v Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* base-files: upgrade: log with date prefixYousong Zhou2020-11-112-2/+2
| | | | | | And log to stderr Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* dnsmasq: explictly set ednspacket_max valueJan Pavlinec2020-11-092-1/+2
| | | | | | | This is related to DNS Flag Day 2020. It sets default ends buffer size value to 1232. Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* refpolicy: add variant that builds modular policyW. Michael Petullo2020-11-091-2/+33
| | | | | | | | | This adds a variant of refpolicy that builds the modular form of the policy. While this requires more memory on the target device, along with some tricks to deal with OpenWrt's volatile /var directory, it is useful for experiementing with SELinux policy. Signed-off-by: W. Michael Petullo <mike@flyn.org>
* uhttpd: use P-256 for certsPaul Spooren2020-11-091-2/+2
| | | | | | | | | | | | The uhttpd package takes care of creating self-signed certificates if px5g is installed. This improves the security of router management as it encrypts the LuCI connection. The EC P-256 curve is faster than RSA which which improves the user experience on embedded devices. EC P-256 is support for as old devices as Android 4.4. Signed-off-by: Paul Spooren <mail@aparcar.org>
* hostapd: add a hostapd-basic-wolfssl variantRui Salvaterra2020-11-081-0/+13
| | | | | | | | | | | | If only AP mode is needed, this is currently the most space-efficient way to provide support for WPA{2,3}-PSK, 802.11w and 802.11r. openwrt-ath79-generic-ubnt_nanostation-loco-m-squashfs-sysupgrade.bin sizes: 4719426 bytes (with wpad-basic-wolfssl) 4457282 bytes (with hostapd-basic-wolfssl) Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* procd: bump to git HEADDaniel Golle2020-11-071-3/+3
| | | | | | b0de894 jail: fix capabilities Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: bump to git HEADDaniel Golle2020-11-051-3/+3
| | | | | | | | | | | | 2f381fe jail: guard boolean blobmsg attributes 602b8fa jail: add option for pidfile bba6de7 jail: handle mount propagation flags 6963d50 jail: relax seccomp unknown syscall handling e1fcfdc jail: add support for absolute root path in OCI spec 257f29b jail: don't fail if maskedPath cannot be found 75f2374 uxc: mimic runc cmdline by using getopt_long Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* gdb: fix building with NLS enabledDaniel Golle2020-11-051-2/+4
| | | | | | | Building gdb failed with CONFIG_BUILD_NLS enabled. Use nls.mk and add the necessary dependencies for libintl and libiconv. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mac80211: ath9k: enable OEM cards support on x86Rafał Dzięgiel2020-11-041-0/+1
| | | | | | | | | | | A lot of devices running OpenWrt x86 arch (32 or 64 bit) are either "home-made routers" or devices that use PC class OEM components. This commit enables OEM cards support on those devices by default. Signed-off-by: Rafał Dzięgiel <rafostar.github@gmail.com> [reformat commit message] Signed-off-by: David Bauer <mail@david-bauer.net>
* mediatek: update uboot to latest patchset provided by MTKJohn Crispin2020-11-047-717/+7
| | | | | | MTK sent us their latest version of the staging uboot. Lets merge the patches. Signed-off-by: John Crispin <john@phrozen.org>
* base-files: add board.d support for bridge deviceJohn Crispin2020-11-043-3/+38
| | | | | | | | | Latest netifd allows us to setup network bridges with implicit vlan tagging. For this to work, we need to setup several additional uci sections. This feature is particularly usefull for DSA tupe devices. Add board.d and uci-defaults support for generating the sections. Signed-off-by: John Crispin <john@phrozen.org>
* opkg: clean up and fix performance regressionDaniel Golle2020-11-031-3/+3
| | | | | | | da9746a libopkg: clean up handling of unresolved dependencies Signed-off-by: Daniel Golle <daniel@makrotopia.org> Signed-off-by: Paul Spooren <mail@aparcar.org>
* opkg: fix yet another dependency resolution bugDaniel Golle2020-11-021-3/+3
| | | | | | | | | | The previous fix of a fix caused yet another problem leading to `opkg show-upgradable` ending up in an infinite loop. Fix that. Fixes: 4a2b1ff7fb ("opkg: fix dependency resolution") Reported-by: Huangbin Zhan <zhanhb88@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* opkg: fix dependency resolutionDaniel Golle2020-11-021-3/+3
| | | | | | | | | | | | The previous commit broke opkg in a way that it would no longer include dependencies when installing a package, effectively leading to broken images and unusable systems. Fix that by making sure dependencies are still going to be checked. Also reduce size of struct abstract_pkg as suggested by @jow- while at it. Fixes: 1445d333aa ("opkg: bump to git HEAD") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* zram-swap: use new extra_command wrapperFlorian Eckert2020-11-022-4/+3
| | | | | | Use new `extra_command` wrapper to fix the alignement. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* dropbear: use new extra_command wrapperFlorian Eckert2020-11-022-3/+3
| | | | | | Use new `extra_command` wrapper to fix the alignement. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* ltq-vdsl-app: use new extra_command wrapperFlorian Eckert2020-11-022-4/+3
| | | | | | Use new `extra_command` wrapper to fix the alignement. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* ltq-adsl-app: use new extra_command wrapperFlorian Eckert2020-11-022-4/+3
| | | | | | Use new `extra_command` wrapper to fix the alignement. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* base-files: fix rc.common help alignmentFlorian Eckert2020-11-022-15/+25
| | | | | | | | | | | | | | This commit introduces a new function `extra_command` to better format the help text without having to calculate the indentation in every startup script that wants to add a new command. So far it looks weird and is not formatted correctly on some startup scripts. After using the new `extra_command` wrapper the alignement looks correctly. And if the indentation is not sufficient in the future, this can be changed in the function extra_command at a central location. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* linux-firmware: update to 20201022John Audia2020-11-011-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git log --pretty=oneline --abbrev-commit 20200918..20201022 dae4b4c (HEAD -> main, tag: 20201022, origin/master, origin/main, origin/HEAD) Merge branch 'v1.1.5' of https://github.com/irui-wang/linux_fw_vpu_v1.1.5 into main 04f71fe cypress: add Cypress firmware and clm_blob files 4d0755b Merge https://github.com/shahasit/bt-linux-firmware into main 2a262bb Merge https://github.com/shahasit/video-linux-firmware into main c024640 Merge tag 'iwlwifi-fw-2020-10-14' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into main 09e8cff rtl_bt: Update RTL8821C BT FW to 0xAA6C_A99E d7904d5 ath10k: add SDIO firmware for QCA9377 WiFi ecdc272 Merge branch 'dg1_dmc_v2_02' of git://anongit.freedesktop.org/drm/drm-firmware into main c86361d ice: update package file to 1.3.16.0 76ceac8 mediatek: separate venc service thread 8877322 QCA : Updated firmware file for WCN3991 4f41e9d iwlwifi: update and add new FWs from core56-54 release 346057d iwlwifi: update 3168, 7265D, 8000C and 8265 firmwares a140ef3 i915: Add DG1 DMC v2.02 a09b728 qcom : updated venus firmware files for v5.4 58d41d0 ice: Add comms package file for Intel E800 series driver c1bef9e copy-firmware: Always write Link: entries b95e230 Merge commit 'ad1da95d52f1a9206da3ef52f3484f3b89ec6615' of https://github.com/shahasit/linux-firmware-bt into main 0b884ec amdgpu: update vega20 firmware for 20.40 bca0233 amdgpu: update vega12 firmware for 20.40 8652e02 amdgpu: update vega10 firmware for 20.40 9f46d48 amdgpu: update renoir firmware for 20.40 e667605 amdgpu: update raven2 firmware for 20.40 a487f2f amdgpu: update raven firmware for 20.40 aa7b732 amdgpu: update picasso firmware for 20.40 a18981e amdgpu: update navi14 firmware for 20.40 1696e2e amdgpu: update navi12 firmware for 20.40 6b8a6ea amdgpu: update navi10 firmware for 20.40 5b30b38 linux-firmware: Add new VPDMA firmware 1b8.bin ad1da95 QCA : Updated firmware files for WCN3991 b78a66c linux-firmware: Update firmware for Cadence MHDP8546 DP bridge afbfb5f linux-firmware: Update firmware patch for Intel Bluetooth 7265 (D1) a38b8ed Mellanox: Add new mlxsw_spectrum firmware xx.2008.1312 1487a8a linux-firmware: nvidia: move firmware symlinks to WHENCE bdd5617 linux-firmware: move i915 firmware symlinks to WHENCE ab69b57 linux-firmware: move iwlwifi-7265D-10.ucode symlink to WHENCE 49c4ff5 Merge branch 'mrvl-prestera' of https://github.com/PLVision/linux-firmware into main 7a02212 linux-firmware: Update Marvell Switchdev firmware with ABI changes Signed-off-by: John Audia <graysky@archlinux.us>
* gdb: Disable testsHauke Mehrtens2020-11-011-0/+2
| | | | | | We do not use the tests or ubsan in our gdb package. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* gdb: Always use system zlibHauke Mehrtens2020-11-011-1/+2
| | | | | | | | Instead of using the system zlib when the package is selected and using the internal zlib if it is not selected in OpenWrt, just activate it always. This should make the package more deterministic. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* gdb: Update to version 10.1Hauke Mehrtens2020-11-016-24/+24
| | | | | | | | gdb 10.1 adds many new features for example gdbserver support for - ARC GNU/Linux - RISC-V GNU/Linux Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* odhcpd: fix compile problem on 64-bit systemsHans Dedecker2020-11-011-3/+3
| | | | | | | | 735c783 dhcpv6: fix size_t fields in syslog format Fixes 5cdc65f6d1 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: update to latest git HEADHans Dedecker2020-10-311-3/+3
| | | | | | | | | 5700919 dhcpv6: add explicit dhcpv4o6 server address e4f4e62 dhcpv6: add DHCPv4-over-DHCPv6 support aff290b dhcpv6: check message type 2677fa1 router: fix advertisement interval option Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: enable OWE for the basic-{openssl, wolfssl} variantsRui Salvaterra2020-10-311-0/+6
| | | | | | | Opportunistic Wireless Encryption is needed to create/access encrypted networks which don't require authentication. Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* libselinux: remove dependency on musl-fts for non-musl buildsDaniel Golle2020-10-311-3/+6
| | | | | | Suggested-by: Curtis Deptuck <curtdept@users.noreply.github.com> Tested-by: Curtis Deptuck <curtdept@users.noreply.github.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: remove obsolete kernel version switches for 4.19Adrian Schmutzler2020-10-3012-77/+19
| | | | | | | This removes switches dependent on kernel version 4.19 as well as several packages/modules selected only for that version. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* Revert "kmod-nft-reject: Fix for "nft_reject_ipv4.ko missing" warning"Daniel Golle2020-10-301-3/+0
| | | | | | | | | This reverts commit 7f94e2afcf090f751c9f7f7ea46e8ef8d93ee84b. Package kmod-nft-core is missing dependencies for the following libraries: nft_reject.ko Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kmod-nft-reject: Fix for "nft_reject_ipv4.ko missing" warningPhilip Prindeville2020-10-301-0/+3
| | | | | | | | | | Seeing the following: ERROR: module '/home/philipp/lede/build_dir/target-x86_64_musl/linux-x86_64/linux-5.4.33/net/ipv4/netfilter/nft_reject_ipv4.ko' is missing. modules/netfilter.mk:1068: recipe for target '/home/philipp/lede/bin/targets/x86/64/packages/kmod-nft-core_5.4.33-1_x86_64.ipk' failed make[3]: *** [/home/philipp/lede/bin/targets/x86/64/packages/kmod-nft-core_5.4.33-1_x86_64.ipk] Error 1 Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* hostapd: remove hostapd-hs20 variantDaniel Golle2020-10-301-18/+0
| | | | | | | | Hotspot 2.0 AP features have been made available in the -full variants of hostapd and wpad. Hence we no longer need a seperate package for that. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: add {hostapd,wpad}-basic-openssl variantsRui Salvaterra2020-10-302-0/+28
| | | | | | | | | Add OpenSSL-linked basic variants (which provides WPA-PSK only, 802.11r and 802.11w) of both hostapd and wpad. For people who don't need the full hostapd but are stuck with libopenssl for other reasons, this saves space by avoiding the need of an additional library (or a larger hostapd with built-in crypto). Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* opkg: bump to git HEADDaniel Golle2020-10-301-3/+3
| | | | | | 8769c75 pkg_hash: don't suggest incompatible packages Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: wpas: add missing config symbolsDavid Bauer2020-10-282-3/+3
| | | | | | | | | | | | | | | This adds missing config symbols for interworking as well as Hotspot 2.0 to the wpa_supplicant-full configuration. These symbols were added to the hostapd-full configuration prior to this commit. Without adding them to the wpa_supplicant configuration, building of wpad-full fails. Thanks to Rene for reaching out on IRC. Fixes: commit be9694aaa297 ("hostapd: add UCI support for Hotspot 2.0") Fixes: commit 838b412cb527 ("hostapd: add interworking support") Signed-off-by: David Bauer <mail@david-bauer.net>
* dnsmasq: install /etc/hotplug.d/ntp/25-dnsmasqsec world-readableDaniel Golle2020-10-281-2/+2
| | | | | | | | /etc/hotplug.d/ntp/25-dnsmasqsec is being sourced by /sbin/hotplug-call running as ntpd user. For that to work the file needs to be readable by that user. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mac80211: Fix wpa_supplicant config removal ubus callSven Eckelmann2020-10-282-2/+2
| | | | | | | | | | | | | | | If mac80211_setup_supplicant() is called with enabled=0 then it should just destroy the interface and remove the configuration from wpa_supplicant. But the ubus method call always returned Command failed: Method not found because the actual name of the method is "config_remove". Fixes: b5516603dd90 ("mac80211: more wifi reconf related fixes") Signed-off-by: Sven Eckelmann <sven@narfation.org> [bump PKG_RELEASE] Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: bump PKG_RELEASEDavid Bauer2020-10-281-1/+1
| | | | Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: add interworking supportDavid Bauer2020-10-282-1/+79
| | | | | | | | | | | | | | | | | | | | | | | | This adds configuration options to enable interworking for hostapd. All options require iw_enabled to be set to 1 for a given VAP. All IEEE802.11u related settings are supported with exception of the venue information which will be added as separate UCI sections at a later point. The options use the same name as the ones from the hostapd.conf file with a "iw_" prefix added. All UCI configuration options are passed without further modifications to hostapd with exceptions of the following options, whose elements can be provided using UCI lis elements: - iw_roaming_consortium - iw_anqp_elem - iw_nai_realm - iw_domain_name - iw_anqp_3gpp_cell_net Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: add FTM responder supportDavid Bauer2020-10-281-0/+13
| | | | | | | | | | | | | | | This adds support for enabling the FTM responder flag for the APs extended capabilities. On supported hardware, enabling the ftm_responder config key for a given AP will enable the FTM responder bit. FTM support itself is unconditionally implemented in the devices firmware (ath10k 2nd generation with 3.2.1.1 firmware). There's currently no softmac implementation. Also allow to configure LCI and civic location information which can be transmitted to a FTM initiator. Signed-off-by: David Bauer <mail@david-bauer.net>
* mac80211: pass phy name to hostapd_set_bss_optionsDavid Bauer2020-10-281-1/+1
| | | | | | | | | | | | hostapd_set_bss_options expects the PHY as second and the VIF as third argument. However, only the VIF was passed as second argument without a third argument at all. This was never a problem, as both PHY and VIF were never accessed. However, with FTM support the PHY is needed to determine the HW support when configuring the BSS. Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: remove ieee80211v optionDavid Bauer2020-10-281-14/+6
| | | | | | | | | | | | | Remove the ieee80211v option. It previously was required to be enabled in order to use time_advertisement, time_zone, wnm_sleep_mode and bss_transition, however it didn't enable any of these options by default. Remove it, as configuring these options independently is enough. This change does not influence the behavior of any already configured setting. Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: make rrm report independent of ieee80211k settingDavid Bauer2020-10-281-5/+4
| | | | | | | | Allow to configure both RRM beacon as well as neighbor reports independently and only enable them by default in case the ieee80211k config option is set. Signed-off-by: David Bauer <mail@david-bauer.net>