aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
...
* netifd: handle hotplug event socket errorsHans Dedecker2019-01-311-3/+3
| | | | | | 5cd7215 system-linux: handle hotplug event socket ENOBUFS errors Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* openssl: update list of mirrorsSven Roederer2019-01-311-2/+2
| | | | | | Host "gd.tuwien.ac.at" does not exists anymore, so we replace it by "ftp.pca.dfn.de" from the official list of mirrors. Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
* uboot-omap: add 'rootwait' to the kernel cmdlineAndre Heider2019-01-311-1/+1
| | | | | | Some SD cards take a while to get detected, fix booting of those. Signed-off-by: Andre Heider <a.heider@gmail.com>
* dnsmasq: latest pre-2.81 patchesKevin Darbyshire-Bryant2019-01-3132-34/+96
| | | | Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* opkg: update to latest Git headJo-Philipp Wich2019-01-311-2/+2
| | | | | | | d4ba162 libopkg: only perform size check when information is available Fixes: e079591b84 ("opkg: update to latest Git head") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* opkg: update to latest Git headJo-Philipp Wich2019-01-311-3/+3
| | | | | | cb66403 libopkg: check for file size mismatches Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mt76: update to the latest versionFelix Fietkau2019-01-301-3/+3
| | | | | | | | | | | | | | c3da1aa mt7603: trigger beacon stuck detection faster 7a53138 mt7603: trigger watchdog reset if flushing CAB queue fails 6eef33b mt7603: remove mt7603_txq_init ae30c30 mt76: add driver callback for when a sta is associated 0db925f mt7603: update HT/VHT capabilities after assoc b5ac8e4 mt7603: initialize LED callbacks only if CONFIG_MT76_LEDS is set c989bac mt76x0: eeprom: fix chan_vs_power map in mt76x0_get_power_info 24bd2c0 mt76x0: phy: report target_power in debugfs bc7ce2a mt76x0: init: introduce mt76x0_init_txpower routine Signed-off-by: Felix Fietkau <nbd@nbd.name>
* base-files: config_get: prevent filename globbingGünther Kelleter2019-01-302-2/+2
| | | | | | | | | When config_get is called as "config_get section option" the option is unexpectedly globbed by the shell which differs from the way options are read to a variable with "config_get variable section option". Add another layer of double quotes to fix it. Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>
* busybox: keep syslog.conf during sysupgradeVal Kulkov2019-01-301-0/+6
| | | | | | | | | | | | | If a user finds that logd is too barebone for their needs and wishes to have more control over syslog, the user presently has an option to enable CONFIG_BUSYBOX_CONFIG_FEATURE_SYSLOG and configure syslog with settings in /etc/syslog.conf. Presently /etc/syslog.conf silently disappears on sysupgrade. This patch prevents such unwanted behaviour if busybox syslog is enabled via CONFIG_BUSYBOX_CONFIG_FEATURE_SYSLOG. Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
* openssl: bump to 1.0.2qSven Roederer2019-01-301-2/+2
| | | | | | | | | This fixes the following security problems: * CVE-2018-5407: Microarchitecture timing vulnerability in ECC scalar multiplication * CVE-2018-0734: Timing vulnerability in DSA signature generation * Resolve a compatibility issue in EC_GROUP handling with the FIPS Object Module Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
* uhttpd: disable concurrent requests by defaultJo-Philipp Wich2019-01-302-2/+2
| | | | | | | | In order to avoid straining CPU and memory resources on lower end devices, avoid running multiple CGI requests in parallel. Ref: https://forum.openwrt.org/t/high-load-fix-on-openwrt-luci/29006 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* iproute2: drop libbsd dependencyHans Dedecker2019-01-291-0/+19
| | | | | | | As the usage of libbsd is no longer limited to glibc, prevent libbsd being picked up by removing the dependency on libbsd. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* wpa_supplicant: fix calling channel switch via wpa_cli on mesh interfacesFelix Fietkau2019-01-291-0/+39
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: add support for passing CSA events from sta/mesh to AP interfacesFelix Fietkau2019-01-292-2/+183
| | | | | | Fixes handling CSA when using AP+STA or AP+Mesh Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix an issue with allocated tailroom for encrypted mgmt packetsFelix Fietkau2019-01-291-0/+48
| | | | | | Fixes kernel warnings and connectivity issues in encrypted mesh networks Signed-off-by: Felix Fietkau <nbd@nbd.name>
* map: depend on nat46, provide map-tHans Dedecker2019-01-271-6/+7
| | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* 464xlat: import from routing, add myself as maintainerHans Dedecker2019-01-274-0/+316
| | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* nat46: import for routing, add myself as maintainerHans Dedecker2019-01-271-0/+35
| | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* mbedtls: Kconfig option to enable/disable debug functionsMichael Heimpold2019-01-272-10/+28
| | | | | | | | | | | | | | | | | | | | | This introduces a new Kconfig option to switch on/off mbedtls' support for debug functions. The idea behind is to inspect TLS traffic with Wireshark for debug purposes. At the moment, there is no native or 'nice' support for this, but at https://github.com/Lekensteyn/mbedtls/commit/68aea15833e1ac9290b8f52a4223fb4585fb3986 an example implementation can be found which uses the debug functions of the library. However, this requires to have this debug stuff enabled in the library, but at the moment it is staticly patched out. So this patch removes the static part from the configuration patch and introduces a dynamic config file editing during build. When enabled, this heavily increases the library size, so I added a warning in the Kconfig help section. Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* mbedtls: update to 2.16.0Deng Qingfang2019-01-272-27/+27
| | | | | | | | Refresh patch https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.0-2.7.9-and-2.1.18-released Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
* kernel: add kmod-usb-gadget-cdc-compositeKarl Pálsson2019-01-271-0/+16
| | | | | | This builds the "g_cdc" gadget module, providing ethernet+serial. Signed-off-by: Karl Pálsson <karlp@etactica.com>
* kernel: Build: Split kmod-regmapHauke Mehrtens2019-01-276-37/+76
| | | | | | | | | | | | | | | | | | | | | | | This reduces the needed modifications to the mainline Linux kernel and also makes the regmap package work with an out of tree kernel which does not have these modifications. The regmap-core is only added when it is really build as a module. The regmap-core is normally bool so it cannot be built as a module in an unmodified kernel. When it is selected by on other kernel module it will always be selected as build in and it also does not show up in $(LINUX_DIR)/modules.builtin as it is not supposed to be a kernel module. When it is not in $(LINUX_DIR)/modules.builtin the build system expects it to be built as a .ko file. Just check if the module is really there and only add it in that case. This splits the regmap package into multiple packages, one for each bus type. This way only the bus maps which are really needed have to be added. This also splits the I2C, SPI and MMIO regmap into separate packages to not require all these subsystems to build them, on an unmodified upstream kernel this also causes problems in some situations. Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* e2fsprogs: Update to 1.44.5Rosen Penev2019-01-262-19/+27
| | | | | | | | | | | Added e4crypt tool for encrypting files and directories. To work properly requires kernel and work on keyutils. That will be done in a future commit Some top-level reorganization for consistency between packages. Tested on GnuBee PC1 (mt7621). Signed-off-by: Rosen Penev <rosenp@gmail.com>
* uboot-imx6: Bump to 2019.01Petr Štetiar2019-01-263-10/+10
| | | | | | | | | | | | Build tested: apalis, mx6sabresd, nitrogen6dl, nitrogen6dl2g, nitrogen6q, nitrogen6q2g, nitrogen6s, nitrogen6s1g, wandboard Run tested: apalis (pending PR #1595) Cc: Felix Fietkau <nbd@nbd.name> Cc: Vladimir Vid <vladimir.vid@sartura.hr> Cc: Koen Vandeputte <koen.vandeputte@ncentric.com> Signed-off-by: Petr Štetiar <ynezz@true.cz>
* uboot-mxs: bump to v2019.01Michael Heimpold2019-01-262-9/+35
| | | | | | Also update the U-Boot BSP patch for I2SE Duckbill devices. Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* base-files: sysupgrade: support additional mtd optionsDavid Bauer2019-01-262-2/+3
| | | | | | | | | | Add support for passing additional parameters to mtd called during sysupgrade. It will be required to toggle the "recovery moe" flag supported by recent tp-link boards. Signed-off-by: David Bauer <mail@david-bauer.net> [split code from board support patch; add commit message] Signed-off-by: Mathias Kresin <dev@kresin.me>
* mtd: add logic for TP-Link ramips recovery magicDavid Bauer2019-01-265-3/+130
| | | | | | | | | | | | | | | | | | | | | | | | | | This adds an option to set the recovery flag of newer TP-Link MediaTek boards and remove it after a successful write. To make use of this feature, add the '-t' option to mtd-write. The '-t' option takes the mtd partition containing the recovery flag (usually 'romfile') as an argument. Make sure this partition is not flagged as read-only! Example: > mtd -t romfile write owrt.bin firmware This command writes the recovery-flag before it begins writing the image to the firmware partition. After the image-write has been successful, the recovery flag is removed. This way, the TP-Link web-recovery is automatically enabled on an unsucessful flash (e.g. power loss). This option is only available if the mtd package is compiled for the ramips target. Signed-off-by: David Bauer <mail@david-bauer.net>
* mtd: add linksys_bootcount to the ipq40xx targetOever González2019-01-262-0/+116
| | | | | | | | | | | | This commit adds the object 'linksys_bootcount_fix.o' to the ipq40xx target. This is needed for the Linksys EA6350v3 device. Without this patch, the device will switch-back between the current and the last flashed firmware every 3 (three) reboots. With this patch, the device works as expected. Signed-off-by: Ryan Pannell <ryan@osukl.com> Signed-off-by: Oever González <notengobattery@gmail.com>
* uboot-envtools: add support for Linksys EA6350v3Oever González2019-01-261-0/+3
| | | | | | | | | | | | | This commit adds support for the Linksys EA6350v3 device in the ipq40xx target. This is needed for uboot-envtools to access the environment. Without this patch, the Linksys EA6350v3 will not be able to access the uboot environment. As a side effect, the feature auto_recovery will make the device unstable by switching between the latest and the current firmware. Signed-off-by: Ryan Pannell <ryan@osukl.com> Signed-off-by: Oever González <notengobattery@gmail.com>
* ipq-wifi: add support for Linksys EA6350v3Oever González2019-01-262-1/+2
| | | | | | | | | | | | This commit adds support for the Linksys EA6350v3 device in the ipq-wifi target. Without this patch, the Linksys EA6350v3 won't be hable to have fully functional wireless interfaces. This is not permanent: the board data has already been sent to ath10k _at_ lists _dot_ infradead _dot_ org Signed-off-by: Ryan Pannell <ryan@osukl.com> Signed-off-by: Oever González <notengobattery@gmail.com>
* mac80211: ath: add extra 'regulatory domains'Oever González2019-01-261-0/+35
| | | | | | | | | | | | This patch adds several country codes to the regd.h and regd_common.h files in order to support devices whose country codes are not present in the original list. Without this patch, all devices whose manufacturer programmed any of these code in their EEPROM will run without wireless interfaces. Signed-off-by: Oever González <notengobattery@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [matched signed-off]
* uboot-fritz4040: update package to 2019-01-25Christian Lamparter2019-01-261-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | David Bauer reported a u-boot crash (data abort) at a odd place (byteswap) when he ran ping/tftp on his 7530. |(FRITZ7530) # ping 192.168.1.70 |eth0 PHY0 up Speed :1000 Full duplex |eth0 PHY1 Down Speed :10 Half duplex |eth0 PHY2 Down Speed :10 Half duplex |eth0 PHY3 Down Speed :10 Half duplex |eth0 PHY4 Down Speed :10 Half duplex |Using eth0 device |data abort |pc : [<84234774>] lr : [<842351a4>] |sp : 8412fdb0 ip : 0000009b fp : 00000000 |r10: 00000000 r9 : 00000001 r8 : 8412ff68 |r7 : 00000000 r6 : 0000002a r5 : 84244e90 r4 : 8425e28e |r3 : 84244e90 r2 : 14000045 r1 : 8412fdb0 r0 : 8425e28e |Flags: nZCv IRQs off FIQs off Mode SVC_32 |Resetting CPU ... | |resetting ... This issue is caused by switch from gcc 5.5 to 7.1+ as explained in the upstream patch: |From a768e513b07b5999a8e7d7740ac8d9da04ee7e51 Mon Sep 17 00:00:00 2001 |From: Denis Pynkin <denis.pynkin@collabora.com> |Date: Fri, 21 Jul 2017 19:28:42 +0300 |Subject: [PATCH] net: Use packed structures for networking | |PXE boot is broken with GCC 7.1 due option '-fstore-merging' enabled |by default for '-O2': | |BOOTP broadcast 1 |data abort |pc : [<8ff8bb30>] lr : [<00004f1f>] |reloc pc : [<17832b30>] lr : [<878abf1f>] |sp : 8f558bc0 ip : 00000000 fp : 8ffef5a4 |r10: 8ffed248 r9 : 8f558ee0 r8 : 8ffef594 |r7 : 0000000e r6 : 8ffed700 r5 : 00000000 r4 : 8ffed74e |r3 : 00060101 r2 : 8ffed230 r1 : 8ffed706 r0 : 00000ddd |Flags: nzcv IRQs off FIQs off Mode S | |Core reason is usage of structures for network headers without packed |attribute. Reported-by: David Bauer <mail@david-bauer.net> Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* mpc85xx: add support for OCEDO PandaDavid Bauer2019-01-261-0/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CPU: FSL P1020 (2x 800MHz E500 PPC) RAM: 1GB DDR3 FLASH: 256MiB NAND WiFi: 2x Atheros AR9382 2x2:2 abgn ETH: 2x BCM54616S - 1x BCM53128 8-port switch LED: 5x LEDs (Power, WiFi1, WiFi2, N/D, SYS) BTN: 1x RESET Installation ------------ 1. Download initrams kernel image, dtb binary and sysupgrade image. 2. Place initramfs kernel into tftp root directory. Rename to "panda-uimage-factory". 3. Place dtb binary into tftp root directory. Rename to "panda.fdt". 4. Start tftp server on 192.168.100.8/24. 5. Power up the device with the reset button pressed. It will download the initrams and dtb via tftp and boot into OpenWRT in RAM. 6. SSH into the device and remove the factory partitions. > ubirmvol /dev/ubi0 --name=kernel1 > ubirmvol /dev/ubi0 --name=rootfs1 > ubirmvol /dev/ubi0 --name=devicetree1 You will have around 60 MiB of free space with that. You can also delete "kernel2", "devicetree2", "rootfs2" and "storage" respectively in case you do not want to go back to the vendor firmware. 7. Modify the U-Boot bootcmd to allow for booting OpenWRT > fw_setenv bootcmd_owrt "ubi part ubi && ubi read 0x1000000 kernel && bootm 0x1000000" > fw_setenv bootargs_owrt "setenv bootargs console=ttyS0,115200 ubi.mtd=3,2048" > fw_setenv bootcmd "run bootargs_owrt; run bootcmd_owrt" 8. Transfer the sysupgrade image via scp into the /tmp directory. 9. Upgrade the device > sysupgrade -n /tmp/<imagename> Signed-off-by: David Bauer <mail@david-bauer.net>
* mt76: update to the latest versionFelix Fietkau2019-01-251-3/+3
| | | | | | | | | | | | | | | | | | | | | 3e9a7d5 Revert "mt7603: fix txd q_idx field value" 815fd03 mt7603: fix CCA timing values b35cc8e mt7603: set timing on channel change before starting MAC 79b337c mt7603: move CF-End rate update to mt7603_mac_set_timing 3df341d mt7603: avoid redundant MAC timing updates 1c751f3 mt76: avoid scheduling tx queues for powersave stations 2efa389 mt7603: limit station power save queue length to 64 63a79ff mt76: do not report out-of-range rx nss fe30bd3 mt7603: issue PSE reset on tx hang ce8cc5d mt7603: issue PSE client reset on init e342cc5 mt7603: fix buffered multicast count register aa470d8 mt7603: fix buffered multicast queue flush b4ee01f mt76: fix tx status timeout processing 7d00d58 mt76x02: fix per-chain signal strength reporting 64abb35 mt76: fix corrupted software generated tx CCMP PN 0b939dc mt76: fix resetting software IV flag on key delete Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libelf: fix library packagingJo-Philipp Wich2019-01-251-2/+2
| | | | | | | | | The library has an usual shared object file name, which caused the install glob pattern to miss the actual so. Fixes: #2082 Fixes; 0e70f69a35 ("treewide: revise library packaging") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ppp: update to version 2.4.7.git-2018-06-23Martin Schiller2019-01-2533-406/+270
| | | | | | | | | | | This bumps ppp to latest git version. There is one upstream commit, which changes DES encryption calls from libcrypt / glibc to openssl. As long as we don't use glibc-2.28, revert this commit. Signed-off-by: Martin Schiller <ms@dev.tdt.de>
* procd: update to latest git HEADHans Dedecker2019-01-241-3/+3
| | | | | | e2b055e hotplug.c: Make sure hotplug buffer is NULL terminated Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* mac80211: ath10k: remove "ath10k: fix otp failure result" patchChristian Lamparter2019-01-241-11/+0
| | | | | | | | | | | | | | Initially this patch was introduced as a quick fix following the removal of 936-ath10k_skip_otp_check.patch which caused multiple ath10k pcie devices in various ipq806x and ar71xx/ath79 targets to malfunction. Thankfully, the affected devices have been updated to utilize the pre-caldata method. And finally with the switch to ath10k-ct, which never had the patch or any reports of similar issues, I think it's time to remove this patch since it is no longer needed. Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* iproute2: replace libelf1 dependency with libelfJo-Philipp Wich2019-01-241-1/+1
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* perf: replace libelf1 dependency with libelfJo-Philipp Wich2019-01-241-1/+1
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* elfutils: rename libelf1 to libelfJo-Philipp Wich2019-01-241-5/+6
| | | | | | | | | | The ABI_VERSION:=1 tag will take care of transforming the binary library package basename. Add a virtual PROVIDES:=libelf1 for packages still having libelf1 in their DEPENDS:=... lists. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* treewide: revise library packagingJo-Philipp Wich2019-01-2443-86/+126
| | | | | | | | | | | - Annotate versionless libraries (such as libubox, libuci etc.) with a fixed ABI_VERSION resembling the source date of the last incompatible change - Annotate packages shipping versioned library objects with ABI_VERSION - Stop shipping unversioned library symlinks for packages with ABI_VERSION Ref: https://openwrt.org/docs/guide-developer/package-policies#shared_libraries Ref: https://github.com/KanjiMonster/maintainer-tools/blob/master/check-abi-versions.pl Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uclient: set fixed ABI_VERSION on libuclientJo-Philipp Wich2019-01-241-1/+1
| | | | | | | | Last incompatible change appeared to be 4924411 ("http: add proper error handling to uclient_http_redirect()") which changed the return value of uclient_http_redirect() from bool to int. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* wireguard: bump to 0.0.20190123Jason A. Donenfeld2019-01-231-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tools: curve25519: handle unaligned loads/stores safely This should fix sporadic crashes with `wg pubkey` on certain architectures. * netlink: auth socket changes against namespace of socket In WireGuard, the underlying UDP socket lives in the namespace where the interface was created and doesn't move if the interface is moved. This allows one to create the interface in some privileged place that has Internet access, and then move it into a container namespace that only has the WireGuard interface for egress. Consider the following situation: 1. Interface created in namespace A. Socket therefore lives in namespace A. 2. Interface moved to namespace B. Socket remains in namespace A. 3. Namespace B now has access to the interface and changes the listen port and/or fwmark of socket. Change is reflected in namespace A. This behavior is arguably _fine_ and perhaps even expected or acceptable. But there's also an argument to be made that B should have A's cred to do so. So, this patch adds a simple ns_capable check. * ratelimiter: build tests with !IPV6 Should reenable building in debug mode for systems without IPv6. * noise: replace getnstimeofday64 with ktime_get_real_ts64 * ratelimiter: totalram_pages is now a function * qemu: enable FP on MIPS Linux 5.0 support. * keygen-html: bring back pure javascript implementation Benoît Viguier has proofs that values will stay well within 2^53. We also have an improved carry function that's much simpler. Probably more constant time than emscripten's 64-bit integers. * contrib: introduce simple highlighter library This is the highlighter library being used in: - https://twitter.com/EdgeSecurity/status/1085294681003454465 - https://twitter.com/EdgeSecurity/status/1081953278248796165 It's included here as a contrib example, so that others can paste it into their own GUI clients for having the same strictly validating highlighting. * netlink: use __kernel_timespec for handshake time This readies us for Y2038. See https://lwn.net/Articles/776435/ for more info. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* iproute2: update to 4.20.0Deng Qingfang2019-01-237-389/+21
| | | | | | | | | Update to the latest version of iproute2; see https://lwn.net/Articles/776174/ for a full overview of the changes in 4.20. Remove upstream patch 001-fix-print_0xhex-on-32-bit.patch and 002-tc-fix-xtables-incorrect-usage-of-LDFLAGS.patch Introduce a patch to include <linux/limits.h> for XATTR_SIZE_MAX in tc Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
* uboot-ar71xx: fix musl host buildAndy Walsh2019-01-221-0/+13
| | | | | | | | | | | | | | On musl based distributions, u-boot 2010.03 fails to build with: u-boot-2010.03/include/u-boot/crc.h:29:50: error: unknown type name 'uint' uint32_t crc32 (uint32_t, const unsigned char *, uint); The issue was fixed in the newer u-boot-2018.03 version, this commit backports the change to the older version used by ar71xx/ath79. Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com> [add commit message from PR description] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* librpc: remove packageAndy Walsh2019-01-225-73/+2
| | | | | | | | | * replaced with packages/libtirpc * remove busybox options rarely used/deprecated BUSYBOX_CONFIG_FEATURE_MOUNT_NFS BUSYBOX_CONFIG_FEATURE_INETD_RPC Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* busybox: handle crypt() errors in loginutilsJo-Philipp Wich2019-01-222-1/+54
| | | | | | | | | | | | | | | | The crypt(3) function is allowed to fail with either EINVAL or ENOSYS when the given salt is either invalid or when the requested algorithm is not implemented. In such a case, libbb's pw_encrypt() function will silently convert the crypt() NULL return value into an empty string which is then processed without further errors by utilities such as chpasswd or passwd, causing them to set an empty password when an unsupported cipher is requested. Patch the relevant users of pw_encrypt() to abort in case an empty hash is returned by pw_encrypt() in order to mitigate the problem. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ncurses: build host libraries with -fPICJo-Philipp Wich2019-01-221-1/+3
| | | | | | | Since readline/host links ncurses/host now, we need to ensure that the libncursesw.so host library is built with -fPIC. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* build: Optionally provide file checksums in package metadataMichal Hrusecky2019-01-222-0/+132
| | | | | | | This may be useful if you don't entirely trust your flash and want to be able to check for corruptions. Signed-off-by: Michal Hrusecky <Michal@Hrusecky.net>