aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services
Commit message (Collapse)AuthorAgeFilesLines
* BB: samba36: add three CVE patches from 2015-12-16Jo-Philipp Wich2016-01-114-1/+253
| | | | | | | | | | | This is a patch for CVE-2015-5252, CVE-2015-5296 and CVE-2015-5299. A patchset for these vulnerabilities was published on 16th December 2015. Signed-off-by: Jan Čermák <jan.cermak@nic.cz> Backport of r48133 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@48199 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: check for banned client on association eventRafał Miłecki2015-09-281-0/+26
| | | | | | | | | | | | | When using FullMAC drivers (e.g. brcmfmac) we don't get mgmt frames so check for banned client in probe request handler won't ever be used. Since cfg80211 provides us info about STA associating let's put a check there. Signed-off-by: Rafał Miłecki <zajec5@gmail.com> Backport of r47064 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@47068 3c298f89-4303-0410-b956-a3cf2f4a3e73
* dnsmasq: backport CVE-2015-3294 security fixRafał Miłecki2015-09-082-1/+38
| | | | | | | | | | | Upstream release 2.73 included CVE-2015-3294 fix, let's backport patch fixing this security issue. This avoids bumping version to 2.73 which introduced many new features. This way we keep dnsmasq safe and don't risk new problems. Signed-off-by: Rafał Miłecki <zajec5@gmail.com> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@46817 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: hostapd: Fix RADIUS connection recovery after initial failure (#18197)Jo-Philipp Wich2015-07-272-2/+43
| | | | | | | | | | | | | | | | If the initial attempt at opening the socket connection to the RADIUS server failed due to missing IP connectivity during startup, e.g., with "connect[radius]: Network is unreachable", hostapd did not try to reconnect when RADIUS messages were sent. Instead, it only reported "No authentication server configured" even if the configuration did have a server entry. Backport of upstream commit 94b39e5927e570e6b0fe41d455dde0a361c71c36 ("RADIUS client: Fix server connection recovery after initial failure") Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@46512 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: fix remote denial of service vulnerability in WMM action frame parsingFelix Fietkau2015-05-062-1/+37
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r45619 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@45620 3c298f89-4303-0410-b956-a3cf2f4a3e73
* samba36: update to 3.6.25, fixes remote code execution bug (CVE-2015-0240)Felix Fietkau2015-02-241-2/+2
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r44515 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44516 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: openvpn: bump PKG_REVISION and copyright yearJo-Philipp Wich2015-01-061-2/+2
| | | | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r43859 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43861 3c298f89-4303-0410-b956-a3cf2f4a3e73
* openvpn: backport an upstream fix for a regression in using --cipher none ↵Felix Fietkau2015-01-041-0/+57
| | | | | | | | | | (fixes #18676) Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r43823 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43824 3c298f89-4303-0410-b956-a3cf2f4a3e73
* openvpn: update to 2.3.6, fixes CVE-2014-8104Felix Fietkau2014-12-012-25/+46
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r43482 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43483 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: uhttpd: fix HTTP incompatibilities in file handlerJo-Philipp Wich2014-10-271-2/+2
| | | | | | | | | | | | | * Fixes sending an extraneous message body for 204 and 304 resoponses which breaks Chrome in keep-alive mode. * Adds mimetypes for JSON and JSONP. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r43078 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43082 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: CVE-2014-3686 fixesSteven Barth2014-10-179-11/+229
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42943 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: merge an upstream patch for pmksa cacheFelix Fietkau2014-10-051-0/+32
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r42762 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42763 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: fix segfault when parsing domain options in UCISteven Barth2014-09-251-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42664 3c298f89-4303-0410-b956-a3cf2f4a3e73
* ppp: update to version 2.4.7John Crispin2014-09-1815-53/+40
| | | | | | | | | | This fixes: CVE-2014-3158 and some other bugs. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Backport of r42525 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42613 3c298f89-4303-0410-b956-a3cf2f4a3e73
* mdns: update to latest git HEADJohn Crispin2014-09-171-2/+2
| | | | | | Signed-off-by: John Crispin <blogic@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42593 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: do not remove foreign wpa_supplicant socketsJohn Crispin2014-09-171-1/+1
| | | | | | | | | | https://dev.openwrt.org/ticket/17886 Signed-off-by: John Crispin <blogic@openwrt.org> Backport of r42586 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42591 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: remove bogus default setting for wps_pin (#17873)Felix Fietkau2014-09-152-4/+3
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r42553 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42554 3c298f89-4303-0410-b956-a3cf2f4a3e73
* dnsmasq: Make the --dhcp-host logic easier to understandJohn Crispin2014-09-011-6/+8
| | | | | | | | | | | | | Use an if/else statement to cover the two different syntaxes. Add comments explaining what the end results should look like. This patch should not change the script's output. Signed-off-by: Kevin Cernekee <cernekee@gmail.com> Backport of r42320 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42390 3c298f89-4303-0410-b956-a3cf2f4a3e73
* dnsmasq: Fix hosts file format when MAC address is not specifiedJohn Crispin2014-09-011-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | An entry like this in /etc/config/dhcp: config 'host' option 'name' 'pc2' option 'ip' '192.168.100.56' option 'dns' '1' results in a /tmp/hosts/dhcp entry that looks like this: 192.168.100.56 .lan Obviously it should say "pc2.lan". This happens because $name is set to "" in order to support the MAC-less syntax: "--dhcp-host=lap,192.168.0.199". Fix this by reordering the operations. Also, refuse to add a DNS entry if the hostname or IP is missing. Fixes #17683 Reported-by: Kostas Papadopoulos <kpapad75@travelguide.gr> Signed-off-by: Kevin Cernekee <cernekee@gmail.com> Backport of r42319 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42389 3c298f89-4303-0410-b956-a3cf2f4a3e73
* dnsmasq: Create rDNS records for LuCI "Hostnames"John Crispin2014-09-011-6/+3
| | | | | | | | | | | | | | | LuCI creates "domain" UCI config sections, which the dnsmasq init file then, currently, translates into "address" config lines. This is not the correct usage of "address" (see r36943), and also causes rDNS records to not be created. This patches dnsmasq.init to utilize the additional hosts file introduced in r40799 for such domain names, resolving both issues. Signed-off-by: Tyler Fenby <tylerf@securecominc.com> Backport of r42318 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42388 3c298f89-4303-0410-b956-a3cf2f4a3e73
* package/*: remove useless explicit set of function returncodeJohn Crispin2014-09-012-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | somebody started to set a function returncode in the validation stuff and everybody copies it, e.g. myfunction() { fire_command return $? } a function automatically returns with the last returncode, so we can safely remove the command 'return $?'. reference: http://tldp.org/LDP/abs/html/exit-status.html "The last command executed in the function or script determines the exit status." Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com> Backport of r42278 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42379 3c298f89-4303-0410-b956-a3cf2f4a3e73
* ppp: enable IPv6CP by defaultJohn Crispin2014-09-012-2/+6
| | | | | | | | Signed-off-by: Steven Barth <steven@midlink.org> Backport of r42158 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42355 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: fix some whitespacesJohn Crispin2014-09-011-3/+3
| | | | | | | | Signed-off-by: Luka Perkov <luka@openwrt.org> Backport of r42111 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42351 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: uhttpd: do not configure TLS parameters if libustream-ssl is not presentJo-Philipp Wich2014-08-252-3/+3
| | | | | | | | | | | | | | A quite frequent problem after sysupgrading from an older, SSL enabled build is that ustream-ssl is not installed so uhttpd fails to come up again due to https listening directives in the preserved configuration. Skip key/cert and ssl listen options when libustream-ssl.so is not present. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r42284 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42286 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: fix static lease behavior with dhcpv4Steven Barth2014-08-241-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42271 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: dropbear: restore performance by disabling mips16Jonas Gorski2014-08-211-1/+2
| | | | | | | | | | | | | | Disable MIPS16 to prevent it negatively affecting performance. Observed was a increase of connection delay from ~6 to ~11 seconds and a reduction of scp speed from 1.1MB/s to 710kB/s on brcm63xx. Fixes #15209. Backport of r42250. Signed-off-by: Jonas Gorski <jogo@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42255 3c298f89-4303-0410-b956-a3cf2f4a3e73
* dnsmasq: fix a race condition possibly leading to lockupSteven Barth2014-08-202-1/+278
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42226 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: bump for bugfixesSteven Barth2014-08-191-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42219 3c298f89-4303-0410-b956-a3cf2f4a3e73
* dnsmasq: respect option dhcpv4 disabled in dhcp-configSteven Barth2014-08-191-0/+3
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42218 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: multiple DHCPv4 improvements (thx Christian Mehlis)Steven Barth2014-08-121-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42154 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: avoid logspam in certain corner casesSteven Barth2014-08-081-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42068 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: write host-entries for all leased IPv6 addressesSteven Barth2014-08-081-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42066 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: update hostfile more oftenSteven Barth2014-08-071-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42043 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: correct incorrect commit-id in last commitSteven Barth2014-08-071-1/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42027 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: skip MSRs in RAs for prefixes with same size as DPSteven Barth2014-08-071-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42025 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: revert bogus version that was added in r41872John Crispin2014-08-031-1/+1
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r41960 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@41982 3c298f89-4303-0410-b956-a3cf2f4a3e73
* igmpproxy: add missing includeJohn Crispin2014-08-031-0/+10
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r41957 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@41979 3c298f89-4303-0410-b956-a3cf2f4a3e73
* ppp: fix a buffer overrun in the ms chap codeJohn Crispin2014-08-031-0/+13
| | | | | | | | | | https://dev.openwrt.org/ticket/17296 Signed-off-by: John Crispin <blogic@openwrt.org> Backport of r41882 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@41966 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: Reintroduce Full Dynamic VLAN supportJohn Crispin2014-08-032-3/+16
| | | | | | | | | | | | This patch brings full dynamic vlan support to netifd that existed in hostapd.sh in Attitude Adjustment. Signed-off-by: Joseph CG Walker <Joe@ChubbyPenguin.net> [jow@openwrt.org: changed commit message, rebased on top of current hostapd.sh] Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r41872 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@41963 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: add more missing ifdefsFelix Fietkau2014-07-281-1/+18
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41863 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: add missing ifdefFelix Fietkau2014-07-281-0/+11
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41855 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: prevent spurious 20/40 mhz channel bandwidth switches if noscan is ↵Felix Fietkau2014-07-251-0/+22
| | | | | | | | enabled Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41828 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: don't lose downstream routes for managed PDSteven Barth2014-07-231-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41816 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: revert NDP relay rewrite (performance issue still fixed)Steven Barth2014-07-221-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41808 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: fix typo in ubus integration (thanks Markus Stenberg)Steven Barth2014-07-211-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41796 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: rewrite NDP proxy featureSteven Barth2014-07-171-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41703 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: add a require_mode option in wifi-device sections to select the ↵Felix Fietkau2014-07-151-1/+7
| | | | | | | | minimum hardware mode that the AP requires from clients Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41665 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcpd: disable packet socket if unneeded to preserve performanceSteven Barth2014-07-141-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41644 3c298f89-4303-0410-b956-a3cf2f4a3e73
* samba36: update to minor version 3.6.24Hauke Mehrtens2014-07-062-3/+3
| | | | | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41525 3c298f89-4303-0410-b956-a3cf2f4a3e73
* samba36: disable acl support to avoid picking up a dependency on libacl (#16988)Felix Fietkau2014-07-041-0/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41509 3c298f89-4303-0410-b956-a3cf2f4a3e73
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-11 07:09:51 +0000