aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* odhcpd: update to latest git HEADHans Dedecker2020-10-311-3/+3
| | | | | | | | | 5700919 dhcpv6: add explicit dhcpv4o6 server address e4f4e62 dhcpv6: add DHCPv4-over-DHCPv6 support aff290b dhcpv6: check message type 2677fa1 router: fix advertisement interval option Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: enable OWE for the basic-{openssl, wolfssl} variantsRui Salvaterra2020-10-311-0/+6
| | | | | | | Opportunistic Wireless Encryption is needed to create/access encrypted networks which don't require authentication. Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* libselinux: remove dependency on musl-fts for non-musl buildsDaniel Golle2020-10-311-3/+6
| | | | | | Suggested-by: Curtis Deptuck <curtdept@users.noreply.github.com> Tested-by: Curtis Deptuck <curtdept@users.noreply.github.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: remove obsolete kernel version switches for 4.19Adrian Schmutzler2020-10-3012-77/+19
| | | | | | | This removes switches dependent on kernel version 4.19 as well as several packages/modules selected only for that version. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* Revert "kmod-nft-reject: Fix for "nft_reject_ipv4.ko missing" warning"Daniel Golle2020-10-301-3/+0
| | | | | | | | | This reverts commit 7f94e2afcf090f751c9f7f7ea46e8ef8d93ee84b. Package kmod-nft-core is missing dependencies for the following libraries: nft_reject.ko Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kmod-nft-reject: Fix for "nft_reject_ipv4.ko missing" warningPhilip Prindeville2020-10-301-0/+3
| | | | | | | | | | Seeing the following: ERROR: module '/home/philipp/lede/build_dir/target-x86_64_musl/linux-x86_64/linux-5.4.33/net/ipv4/netfilter/nft_reject_ipv4.ko' is missing. modules/netfilter.mk:1068: recipe for target '/home/philipp/lede/bin/targets/x86/64/packages/kmod-nft-core_5.4.33-1_x86_64.ipk' failed make[3]: *** [/home/philipp/lede/bin/targets/x86/64/packages/kmod-nft-core_5.4.33-1_x86_64.ipk] Error 1 Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* hostapd: remove hostapd-hs20 variantDaniel Golle2020-10-301-18/+0
| | | | | | | | Hotspot 2.0 AP features have been made available in the -full variants of hostapd and wpad. Hence we no longer need a seperate package for that. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: add {hostapd,wpad}-basic-openssl variantsRui Salvaterra2020-10-302-0/+28
| | | | | | | | | Add OpenSSL-linked basic variants (which provides WPA-PSK only, 802.11r and 802.11w) of both hostapd and wpad. For people who don't need the full hostapd but are stuck with libopenssl for other reasons, this saves space by avoiding the need of an additional library (or a larger hostapd with built-in crypto). Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* opkg: bump to git HEADDaniel Golle2020-10-301-3/+3
| | | | | | 8769c75 pkg_hash: don't suggest incompatible packages Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: wpas: add missing config symbolsDavid Bauer2020-10-282-3/+3
| | | | | | | | | | | | | | | This adds missing config symbols for interworking as well as Hotspot 2.0 to the wpa_supplicant-full configuration. These symbols were added to the hostapd-full configuration prior to this commit. Without adding them to the wpa_supplicant configuration, building of wpad-full fails. Thanks to Rene for reaching out on IRC. Fixes: commit be9694aaa297 ("hostapd: add UCI support for Hotspot 2.0") Fixes: commit 838b412cb527 ("hostapd: add interworking support") Signed-off-by: David Bauer <mail@david-bauer.net>
* dnsmasq: install /etc/hotplug.d/ntp/25-dnsmasqsec world-readableDaniel Golle2020-10-281-2/+2
| | | | | | | | /etc/hotplug.d/ntp/25-dnsmasqsec is being sourced by /sbin/hotplug-call running as ntpd user. For that to work the file needs to be readable by that user. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mac80211: Fix wpa_supplicant config removal ubus callSven Eckelmann2020-10-282-2/+2
| | | | | | | | | | | | | | | If mac80211_setup_supplicant() is called with enabled=0 then it should just destroy the interface and remove the configuration from wpa_supplicant. But the ubus method call always returned Command failed: Method not found because the actual name of the method is "config_remove". Fixes: b5516603dd90 ("mac80211: more wifi reconf related fixes") Signed-off-by: Sven Eckelmann <sven@narfation.org> [bump PKG_RELEASE] Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: bump PKG_RELEASEDavid Bauer2020-10-281-1/+1
| | | | Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: add interworking supportDavid Bauer2020-10-282-1/+79
| | | | | | | | | | | | | | | | | | | | | | | | This adds configuration options to enable interworking for hostapd. All options require iw_enabled to be set to 1 for a given VAP. All IEEE802.11u related settings are supported with exception of the venue information which will be added as separate UCI sections at a later point. The options use the same name as the ones from the hostapd.conf file with a "iw_" prefix added. All UCI configuration options are passed without further modifications to hostapd with exceptions of the following options, whose elements can be provided using UCI lis elements: - iw_roaming_consortium - iw_anqp_elem - iw_nai_realm - iw_domain_name - iw_anqp_3gpp_cell_net Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: add FTM responder supportDavid Bauer2020-10-281-0/+13
| | | | | | | | | | | | | | | This adds support for enabling the FTM responder flag for the APs extended capabilities. On supported hardware, enabling the ftm_responder config key for a given AP will enable the FTM responder bit. FTM support itself is unconditionally implemented in the devices firmware (ath10k 2nd generation with 3.2.1.1 firmware). There's currently no softmac implementation. Also allow to configure LCI and civic location information which can be transmitted to a FTM initiator. Signed-off-by: David Bauer <mail@david-bauer.net>
* mac80211: pass phy name to hostapd_set_bss_optionsDavid Bauer2020-10-281-1/+1
| | | | | | | | | | | | hostapd_set_bss_options expects the PHY as second and the VIF as third argument. However, only the VIF was passed as second argument without a third argument at all. This was never a problem, as both PHY and VIF were never accessed. However, with FTM support the PHY is needed to determine the HW support when configuring the BSS. Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: remove ieee80211v optionDavid Bauer2020-10-281-14/+6
| | | | | | | | | | | | | Remove the ieee80211v option. It previously was required to be enabled in order to use time_advertisement, time_zone, wnm_sleep_mode and bss_transition, however it didn't enable any of these options by default. Remove it, as configuring these options independently is enough. This change does not influence the behavior of any already configured setting. Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: make rrm report independent of ieee80211k settingDavid Bauer2020-10-281-5/+4
| | | | | | | | Allow to configure both RRM beacon as well as neighbor reports independently and only enable them by default in case the ieee80211k config option is set. Signed-off-by: David Bauer <mail@david-bauer.net>
* uci: fix package mirror hashPetr Štetiar2020-10-271-1/+1
| | | | | | | | I've forget to update PKG_MIRROR_HASH in my previous package version bump. Fixes: 095cc2b7454a ("uci: update to version 2020-10-06") Signed-off-by: Petr Štetiar <ynezz@true.cz>
* umdns: update to version 2020-10-26Petr Štetiar2020-10-271-3/+3
| | | | | | | | | | | | | | | 59e4fc98162d cache: cache_answer: fix off by one 4cece9cc7db4 cache: cache_record_find: fix buffer overflow be687257ee0b cmake: tests: provide umdns-san binary bf01f2dd0089 tests: add dns_handle_packet_file tool 134afc728846 tests: add libFuzzer based fuzzing de08a2c71ca8 cmake: create static library cdc18fbb3ea8 interface: fix possible null pointer dereference 1fa034c65cb6 interface: fix value stored to 'fd' is never read 3a67ebe3fc66 Add initial GitLab CI support 50caea125517 cmake: fix include dirs and libs lookup Signed-off-by: Petr Štetiar <ynezz@true.cz>
* uci: update to version 2020-10-06Petr Štetiar2020-10-271-2/+2
| | | | | | | | | | | | | | | | 52bbc99f69ea Replace malloc() + memset() with calloc() 3fbd6c923434 ucimap: Check return of malloc() eae126f66663 file: Check buffer size after strtok() 7f574273180a file: use size_t for position and pointer 19770b6949b9 file: use dynamic memory allocation for tempfile name aa46546794ac file: uci_file_commit: fix memory leak 671c7554bfde uci: silence UBSAN error by using offsetof macro from compiler ea5bbd57d0e1 tests: cram: add uci import testing on fuzzer corpus 31f78bfbf75f cmake: add uci-san cli built with clang sanitizers a3e650911f5e file: uci_parse_package: fix heap use after free 9bd361ca3236 tests: add libFuzzer based fuzzing Signed-off-by: Petr Štetiar <ynezz@true.cz>
* dnsmasq: include IPv6 local nameserver entryJoel Johnson2020-10-261-0/+1
| | | | | | | | | For IPv6 native connections when using IPv6 DNS lookups, there is no valid default resolver if ignoring WAN DHCP provided nameservers. This uses a runtime check to determine if IPv6 is supported on the host. Signed-off-by: Joel Johnson <mrjoel@lixil.net>
* layerscape: update tfa to LSDK-20.04-update-290520Biwen Li2020-10-261-4/+4
| | | | | | | | | Update tfa to LSDK-20.04-update-290520. Signed-off-by: Biwen Li <biwen.li@nxp.com> Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com> [fix PKG_RELEASE bump] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* layerscape: update u-boot to LSDK-20.04-update-290520Biwen Li2020-10-261-4/+4
| | | | | | | | | Update u-boot to LSDK-20.04-update-290520. Signed-off-by: Biwen Li <biwen.li@nxp.com> Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com> [fix PKG_RELEASE bump] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* layerscape: update ls-rcw to LSDK-20.04-update-290520Biwen Li2020-10-261-4/+4
| | | | | | | | | Update ls-rcw to LSDK-20.04-update-290520. Signed-off-by: Biwen Li <biwen.li@nxp.com> Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com> [rebase, fix PKG_RELEASE change] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* layerscape: Change to combined rootfs on sd imagesPawel Dembicki2020-10-266-17/+17
| | | | | | | | | | | | | | | | | | At this moment layerscape images are ext4 only. It causes problem with save changes durring sysupgrade and make "firstboot" and failsafe mode useless. This patch changes sd-card images to squashfs + f2fs combined images. To make place, for saving config, kernel space ar now ext4 partition with fit kernel. This method of image generation is similar to rest of OpenWrt sd-card targets. Reviewed-by: Yangbo Lu <yangbo.lu@nxp.com> Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com> [reword README, reword DEVICE_COMPAT_MESSAGE, keep original indent] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* layerscape: add dtb to sysupgradePawel Dembicki2020-10-267-7/+7
| | | | | | | | | | | | | | | | | | | At this moment sysupgrade replaces only kernel and rootfs. This patch add dtb part to sysupgrade images to avoid situation when old dtb make system broken. Is possible to sysupgrade older images for NOR devices: 1. Firmware partition in bootargs need to be updated to: "49m@0xf00000(firmware)". Env should be saved after changes. 2. After step one, "sysupgrade -F" will work. Run tested: LS1046A-RDB Reviewed-by: Yangbo Lu <yangbo.lu@nxp.com> Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com> [bump PKG_RELEASE for uboot-layerscape] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ubus: bump to git HEADDaniel Golle2020-10-251-3/+3
| | | | | | ad0cd11 ubusd_acl: add support for wildcard in methods Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* busybox: make username consistentDaniel Golle2020-10-253-4/+4
| | | | | | | | | ntpd in packages feed had already a user 'ntp' with UID 123 declared. Rename the username of busybox-ntpd to be 'ntp' instead of 'ntpd' so it doesn't clash. Reported-by: Etienne Champetier <champetier.etienne@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* dnsmasq: adapt to non-root ntpdDaniel Golle2020-10-252-1/+10
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* busybox: allow ntpd to run as non-root ntpd userDaniel Golle2020-10-254-1/+45
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: ujail fixesDaniel Golle2020-10-251-3/+3
| | | | | | | ec461ff jail: mount more stuff read-only 33b799b ujail: elf: work around GCC bug on MIPS64 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ubox: run logd non-root as user logdDaniel Golle2020-10-251-4/+5
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* netifd: bump to version 2020-10-22Yousong Zhou2020-10-241-3/+3
| | | | | | | | | | | | | | | Changelog follows ced0d535 build: find and use libnl header dirs 5722218e proto: rework parse_addr to return struct device_addr 3d7bf604 device_addr: record address index as in the blob 24ce1eab interface: proto_ip: order by address index first This bump mainly affects order of interface addresses in ubus output. At the moment dnsmasq uses first address of an interface for setting dhcp-range option in its config Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* rpcd: adapt defaults for changed ubus.sock pathDaniel Golle2020-10-223-2/+10
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uhttpd: adapt defaults for changes ubus.sock pathDaniel Golle2020-10-223-2/+7
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: merge /etc/passwd et al at sysupgrade config restoreDaniel Golle2020-10-222-1/+17
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: jail: clean up capability handling and non-root ubusdDaniel Golle2020-10-211-3/+3
| | | | | | | | | | | | | | | Unify capability handling to only use OCI spec parsers even for ujail slim containers which previously supposedly used their own format. 80c9516 cgroups: restrict allowed keys in 'unified' section 5ade567 cgroups: memory controller fixes 3121467 early: run ubusd non-root as user ubus, group ubus 12a5b97 jail: adapt to new ubus socket path 788d144 instance: actually wire up capabilities filename ebc5a7f jail: nuke old capabilities code in favour of reusing OCI code 6c5233a jail: capabilities: apply in two phases Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ubus: prepare to run ubusd as non-root userDaniel Golle2020-10-211-3/+4
| | | | | | | Move /var/run/ubus.sock to /var/run/ubus/ubus.sock in preparation for having ubusd run as non-root user. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* target: include selinux-variants if CONFIG_SELINUX is setDaniel Golle2020-10-211-1/+1
| | | | | | | | Rather than unconditionally adding busybox and procd to the set of default packages, add busybox-selinux and procd-selinux in case CONFIG_SELINUX is set. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mac80211: rt2x00: save survey for every channel visitedMarkov Mikhail2020-10-211-0/+183
| | | | | | | | | | | | | | | rt2800 olny gives you survey for current channel. Survey-based ACS algorithms are failing to perform their job when working with rt2800. Make rt2800 save survey for every channel visited and be able to give away that information. There is a bug registred https://dev.archive.openwrt.org/ticket/19081 and this patch solves the issue. Signed-off-by: Markov Mikhail <markov.mikhail@itmh.ru>
* sunxi: Adapt U-Boot config to board renameHauke Mehrtens2020-10-181-1/+1
| | | | | | | | The board was renamed without changing the BUILD_DEVICES in the U-Boot Makefile, this broken the build. Fixes: 0830ae3a2fdf ("sunxi: Correct manufacturer name to Sinovoip") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* sunxi: add support for FriendlyARM NanoPi R1Jayantajit Gogoi2020-10-182-0/+205
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Specification: - CPU: Allwinner H3, Quad-core Cortex-A7 Up to 1.2GHz - DDR3 RAM: 512MB/1GB - Network: 10/100/1000M Ethernet x 1, 10/100M Ethernet x 1 - WiFi: 802.11b/g/n, with SMA antenna interface - USB Host: Type-A x2 - MicroSD Slot x 1 - MicroUSB: for OTG and power input - Debug Serial Port: 3Pin 2.54mm pitch pin-header - LED: nanopi:red:status nanopi:green:wan nanopi:green:lan - KEY: reset - Power Supply: DC 5V/2A Installation: - Write the image to SD Card with dd - Boot NanoPi from the SD Card Signed-off-by: Jayantajit Gogoi <jayanta.gogoi525@gmail.com>
* base-files: remove block2mtd checks from sysupgradeFelix Fietkau2020-10-171-4/+0
| | | | | | This hasn't been used in a long time Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: fix memory leak on filtered powersave framesFelix Fietkau2020-10-171-0/+55
| | | | | | | | | | After the status rework, ieee80211_tx_status_ext is leaking un-acknowledged packets for stations in powersave mode. To fix this, move the code handling those packets from __ieee80211_tx_status into ieee80211_tx_status_ext Reported-by: Tobias Waldvogel <tobias.waldvogel@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
* selinux-policy: update to git tag v0.3Daniel Golle2020-10-161-3/+3
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fstools: update to git HEADDaniel Golle2020-10-161-3/+3
| | | | | | | | | | | 8e0f29a mount: remove support for legacy overlayfs before v2.3 0f8a443 mount: fix log format string and indentation 46a56d3 overlay: use precompiler macros for reoccuring path names f25ab8a mount: apply SELinux labels before overlayfs mount Total ipk size change (ipq40xx): +120b Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* policycoreutils: 'restorecon' is a 'setfiles' appletDaniel Golle2020-10-161-7/+2
| | | | | | | | Instead of duplicating the '/sbin/setfiles' binary, have '/sbin/restorecon' as yet another alias for '/sbin/policycoreutils-setfiles'. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: ubus: add handler for wps_status and guard WPS callsDaniel Golle2020-10-163-1/+57
| | | | | | | | | Expose WPS ubus API only if compiled with WPS support and add new handler for wps_status call. Also add '-v wps' option to check whether WPS support is present in hostapd. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* build: always build package/kernel/linuxFelix Fietkau2020-10-151-0/+1
| | | | | | | | | | build: always build package/kernel/linux If no in-tree module packages are selected, the build system does not process package/kernel/linux. This package is required for building the virtual 'kernel' package, which is specified as a dependency for all kernel packages. Signed-off-by: Felix Fietkau <nbd@nbd.name>