odhcpd now sends unsolicited RAs also via unicast to known link-local
neighbors. This is an attempt to work-around common smartphone issues
https://code.google.com/p/android/issues/detail?id=32662
Also NDP-relay should now work more reliably now
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 46357
Added option for old firmware version (10.1 API v2). It seems that recent
firmware versions are constantly crashing (at least on a QCA9880-BR4A-R) and
this provides the option to select an older version instead.
Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>
SVN-Revision: 46340
This updates valgrind to version 3.10.1 and make configure work with
kernel version > 4.0. This patch was taken from upstream valgrind.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46302
The musl build "fix" introduced in r45108 removed all netinet/ether.h
includes, which made the prototypes of ether_aton and ether_ntoa
unavailable. As a result, the compiler assumed they return int instead
of a pointer. This currupted the pointer on 64bit targets, causing ebtables
to segfault in commands containing MAC addresses.
Since r46161 made it possible to include both the kernel and the libc
if_ether.h as long as the libc version is included first, this patch
changes the fix to remove the linux/if_ether.h from the ebtables source
(so the fixed version from the kernel is used) and ensures netinet/ether.h
is included early.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 46292
During certificate verification, OpenSSL (starting from version 1.0.1n and
1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this
logic can mean that an attacker could cause certain checks on untrusted
certificates to be bypassed, such as the CA flag, enabling them to use a valid
leaf certificate to act as a CA and "issue" an invalid certificate.
This issue will impact any application that verifies certificates including
SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46285
Make wpan depend on not kernel 3.18 so it will get activated on all
other kernel versions like 4.0 and 4.1.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46276
Internal GPIO pins are used for PoE passthrough setups in multi-port
routers. This patch implemnets control over this hardware feature for
Ubiquiti Nanostations and TP-Link CPE510.
Signed-off-by: Lars Kruse <lists@sumpfralle.de>
SVN-Revision: 46271
This reverts commit r45579.
With the latest change r46251 ("nvram: fix "Segmentation fault" caused
by setting memory out of buffer") nvram utility shouldn't crash anymore.
It was tested on 3 brcm47xx devices:
1) Unknown with 0x10000 NVRAM size (0x8000 offset)
2) Linksys E1000 V2.1 with 0x10000 (0x8000 offset)
3) Linksys WRT300N V1 with 0x10000 (0x8000 offset)
And 3 bcm53xx devices:
1) Buffalo WZR-600DHP2 with 0x160000 NVRAM size
2) Buffalo WZR-1750DHP with 0x10000 NVRAM size
3) Netgear R6250 V1 with 0x180000 NVRAM size
(all using 0 offset)
This is an important change as it allows reading whole NVRAM. This may
critical when reading some basic configuration (e.g. switch ports).
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46253
Some MTD partitions with NVRAM have content starting in the middle. In
such case offset is set and nvram_header returns pointer to the middle.
It means we have to respect offset when calculating remaining space.
By the way use real MTD partition size (nvram_part_size variable) as we
may want to bump NVRAM_SPACE in the (very near) future.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46251
Ath10k has now a proper method of providing calibration data via
the kernel firmware API. This patch can be dropped as all boards
now use the proper method.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 46245
This changes makes it possible to store custom settings
in individual files inside the directory /etc/sysctl.d/.
Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de>
SVN-Revision: 46239
When enabled the dnsmasq DHCP server allocates the IP addresses sequentially
starting from the lowest available IP address.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 46211
reorder some parts of the patch to remove the declaration-after-
statement warning.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46205
Current firmware should work for station mode as well, and the older
firmware will usually behave worse and become unsupported over time.
Also, the MAC address handling on ar71xx is only implemented on one
firmware version.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 46197
This firmware adds support for management frames over normal
packet transport interface instead of over the WMI management
interface.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 46195
sd_mod depends on scsi_mod, but due to it being an AutoLoad and not
AutoProbe module, it was not loading when installing the package,
causing unknown symbol errors for sd_mod and anything depending on it.
Closes#14927, #18293, #19351.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 46176
We were not copying the additional files needed to get USB to work on
the AT91 platforms, make sure we do this.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
SVN-Revision: 46172
This brings curl to version 7.43.0 and contains fixes for the following
security vulnerabilities:
CVE-2015-3236: lingering HTTP credentials in connection re-use
http://curl.haxx.se/docs/adv_20150617A.html
CVE-2015-3237: SMB send off unrelated memory contents
http://curl.haxx.se/docs/adv_20150617B.html
The 100-check_long_long patch is not needed any more, because the
upstream autoconf script already checks for long long when cyassl is
selected.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46169
This patch introduces a new build error into coova-chilli, but
coova-chilli already fails to build even without it anyway. CyaSSL is
now called wolfSSL, and all the API's have been renamed, and
backward-compatibility headers added.
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46167
The g++-uc wrapper hardcodes $(STAGING_DIR) and $(TOOLCHAIN_DIR) paths which
will not work outside of the original build environment.
Replace the hardcoded staging_dir occurences with paths relative to the
$STAGING_DIR environment variable to make the g++-uc* wrappers usable in an
SDK environment.
Fixes the libdb47 build failure reported at
https://lists.openwrt.org/pipermail/openwrt-devel/2015-April/032455.html
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46162
A long time ago, ath9k had issues during reset where the DMA engine
would stay active and could potentially corrupt memory.
To debug those issues, the driver would print warnings whenever they
occur.
Nowadays, these issues are gone and the primary cause of these messages
is if the MAC is stuck during reset or busy processing a long
transmission. This is fairly harmless, yet these messages continue to
worry users.
To reduce the number of bogus bug reports, turn these messages into
debug messages and count their occurence in the "reset" debugfs file.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 46158
A duplicate include guard prevents inclusion of barrier.h in UML build and this prevents mac80211 from building.
This patch re-enables mac80211 hwsim and renames the include guard.
See https://lists.openwrt.org/pipermail/openwrt-devel/2015-June/033614.html for details.
Signed-off-by: Martin Tippmann <martin.tippmann@gmail.com>
Signed-off-by: Nicolas Thill <nico@openwrt.org>
SVN-Revision: 46133
Avoid redefining `realpath` to fix the following error:
.../include/fortify/stdlib.h:36:13: error: 'realpath' undeclared here (not in a function)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46127
Invert the `__GLIBC__` guards into `!__UCLIBC__` ones to avoid
invalid references to `_llseek` on musl.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46125
- include upstream fixes for musl compatibility
Include <sys/stat.h> for S_I* macros
d34e00b293942b1012ddc49ed3ab379a32337611
Include <linux/ioctl.h> for _IOC_* macros
3460dc486d333231998de0f19918204aacee9ae3
strace 4.8 is broken with musl on some arch
(arm: omap,oxnas according to buildbot)
compile tested only
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 46124
Boot tested: http://pastebin.com/L6aAb9xj
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
[jogo:
update to 4.1 final
add patches added since submission
delete patches applied in later rcs
restore commit messages in 220-gc-sections and 304-mips_disable_fpu
fix 050-backport_netfilter_rtcache to match new API
update inlined dma ops with upstream changes
add missing config symbols
enabled CONFIG_MULTIUSER
update kmod defintions for 4.1
]
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 46112
Without this the condition
if __BYTE_ORDER == __BIG_ENDIAN
was always true.
Thanks Szabolcs.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46105
There are two important patches in this patchset: updating read pointer
quicker & rework of .get_station().
There are few more upstream patches that are p2p-related and weren't
backported in this commit.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46084
So far we got only one generic function accessing this table, but
implementing optimizations will require calculating crc32 in other code
parts as well.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46077
This fixes some build problems with musl. The binary only program
nas.exe wants to link against __assert, which is copied from uClibc.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46021
On bcm53xx we still need usb-ohci to support USB 1.1 devices and it
obviously needs bcma-hcd.ko that will init controller and register
platform device.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45994
This one cannot possibly work, as it depends on cfg80211, which is built
out of tree.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 45985
Besides source.tgz, 001-elfutils-portability.patch (provided by upstream
project) where updated.
Other patches where updated to fix hulk warnings and minor conflicts.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
SVN-Revision: 45984
elfutils is required by perf. So we'll move this package from
packages.git and make it part of the core distribution.
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
SVN-Revision: 45969
bzip2 is required by elfutils, itself required by perf. So we'll move
this package from packages.git and make it part of the core
distribution.
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
SVN-Revision: 45968
argp-standalone is required by elfutils, itself required by perf. So
we'll move this package from packages.git and make it part of the core
distribution.
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
SVN-Revision: 45967
This is for security precautions. As persist_tun and persist_key are
already there, this should not cause compatibility issue.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
SVN-Revision: 45961
- fix iconv detection because it adds host paths
- disable python detection (host python-config is found)
iconv issue is reported by buildbot config.log + replicated locally
see config.log in logs.tar.gz
python issue observed locally on Arch Linux
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 45953
Adds PPP unnumbered support via the parameter unnumbered which points to a logical OpenWRT interface.
The PPP proto shell handler will "borrow" an IP address from the unnumbered interface (if multiple
IP addresses are present the longest prefix different from 32 will be "borrowed") for which a host
interface dependency will be created. Due to the host interface dependency the PPP unnumbered interface
will only "borrow" an IP address from an interface which is up.
The borrowed IP address will be shared as local IP address by the PPP daemon and no other local IP
will be accepted from the peer in the IPCP negotiation.
A typical use case is the usage of a public IP subnet on the Lan interface which will be shared
by the PPP interface as local IP address.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 45948
Commit 31214c38c8dd0f70366b523f9b0335145b9386bd removes IPv6 unneeded source-dest-routing workarounds;
as a result sourcerouting parameter is unused and can be removed.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 45940
Commit 31214c38c8dd0f70366b523f9b0335145b9386bd removes IPv6 unneeded source-dest-routing workarounds;
as a result sourcerouting parameter is unused and can be removed.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 45939
This allows e.g. BCM43602 to work out of box, without dumping a proper
MTD partition to /lib/firmware/ NVRAM file.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45931
They are useless, as the platform already selects the right options for
NAND support. The main reason for removing them is the fact that it
makes kernel configs more annoying to maintain on platforms that provide
NAND drivers but disable them (e.g. ramips)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 45919
Add three download mirrors for 'grub', as the Makefile currently defines only
one download location.
@GNU can not be used, as the most recent version of 'grub' is not available
at the general GNU mirrors, and can only be found at the "gnu-alpha" mirrors.
Signed-off-by: Hannu Nyman <hannu.nyman at iki.fi>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 45909
get_image allows passing 2nd argument that is used in a pipe for
extracting firmware from a non-native format. By accepting such command
in default_do_upgrade we allow platforms to use this helper for vendor
specific images.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45900
trx.c in mtd would not include endian.h, so on systems that do not have
this header implicitly included from the other headers (like musl), both
__BYTE_ORDER and __BIG_ENDIAN would be undefined and thus 0, leading to
it always presuming a big-endian system. this would lead to issues when
running mtd fixtrx on little-endian systems, as it would never recognize
the TRX magic as result of the broken STORE32_LE() macro.
Signed-off-by: Shiz <hi@shiz.me>
Tested-by: Shiz <hi@shiz.me>
SVN-Revision: 45896
These are two new packet schedulers introduced in Linux 3.12 and 3.14
respectively. sch_fq is a perfect fairness queueing scheduler that also
adds pacing on host TCP flows, and sch_pie is an AQM.
Having them available in kmod-sched makes it easier for people to test
these new queueing schemes.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
SVN-Revision: 45885
there is a conceptual design flaw in our interface events. workaround this by
disabling duplicate message supression in procd. we need to fix this properly
for the next release
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 45883
This patch is taken from the gentoo guys who extracted this from a large
upstream commit (with many unrelated changes).
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 45878
this is an ugly hack that will be removed when the netifd maintainers
have time to look at the problem.
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 45876
We just moved the stmmac support in the kernel for ipq806x. Therefore,
nobody needs this driver so we'll just get rid of it.
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
SVN-Revision: 45872
Add dependency of kmod-crypto-ecb to kmod-bluetooth to avoid the kernel warning
"Bluetooth: Unable to create crypto context".
Signed-off-by: Bruno Randolf <br1@einfach.org>
SVN-Revision: 45860
This prevents auto-detection of libxml2 and thus the error:
Package lldpd is missing dependencies for the following libraries:
libxml2.so.2
Preventing a dependency to libxml2 is preferred, since libxml2
would be a out-of-(core-)tree dependency.
Reported-by: Buildbot
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
SVN-Revision: 45859
Before starting hostapd we create interface for it. The problem is we
try to create STA interface just to let hostapd change it to AP later.
It may fail if device doesn't support STA interfaces or if we already
hit a limit. Consider following phy (it's from BCM43602 and brcmfmac):
$ iw phy phy0 info | tail
valid interface combinations:
* #{ IBSS, managed } <= 1, #{ AP } <= 4, #{ P2P-client, P2P-GO } <= 1, #{ P2P-device } <= 1,
total <= 3, #channels <= 1
Trying to setup 2 interfaces: STA + AP results in:
radio0 (1101): command failed: Operation not supported (-95)
radio0 (1101): command failed: Operation not supported (-95)
radio0 (1101): command failed: Operation not supported (-95)
radio0 (1101): command failed: Operation not supported (-95)
radio0 (1101): Configuration file: /var/run/hostapd-phy0.conf
radio0 (1101): Could not read interface wlan0-1 flags: No such device
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45856
nss-gmac has been replaced by its upstream counterpart "stmmac", to
which we added the SoC glue layer required for it to run on IPQ806x.
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
SVN-Revision: 45832
This fixes various problems with parsing platform NVRAM. It's required
to get BCM43602 working in most cases.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45802
This introduces a common macro to assemble the correct url templates to
avoid code duplication and have the feed config handling in a central place.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45799
* Rework hostapd and wpa_supplicant status parsing code
* Add support for querying available HT rates
* Relax definition of restricted channels
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45766
When CONFIG_PER_FEED_REPO_ADD_DISABLED is set, trigger index creation for
any available feed, regardless of whether there where binaries built or not.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45765
Use shared libipt{,4,6}ext.so libraries instead of statically linking
the userspace matches into the fw3 executable.
As a side effect the match initialization is extremely simplified
compared to the weak function pointer juggling performed before.
This also fixes the initialization of the multiport match.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45764
* drop unused lenient restore patch
* instead of statically linking core extensions, build shared libraries
for reuse in fw3
* strip outdated match revisions and aliases to trim down library size
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45758
modules relating to CONFIG_USB_AUDIO
Kernel <2.6.35 is not supported in trunk
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 45734
If the first resolveip call will fail, peeraddr will be now empty, and
the subsequent resolveip call will try to resolve an empty string.
Fix this by storing the result in a temporary variable.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 45712
3.18.12 backported 61ada528dea028331e99e8ceaed87c683ad25de2 ("sched/wait:
Provide infrastructure to deal with nested blocking") from 3.19, causing
the following error on load:
[ 13.588000] compat: exports duplicate symbol woken_wake_function (owned by kernel)
Fix this by guarding it with a check for 3.18.11 or earlier instead of
3.19.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 45710
Instead of stripping everything after the first dot, strip everything
after the last dot.
This fixes pre-/postrm actions for packages with a dot in their name,
like libusb-1.0.
Fixes#19668.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 45702
Bump dnsmasq to v2.73rc8
Important - fixes remotely exploitable buffer overflow introduced in all v2.73 test/release candidates.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
SVN-Revision: 45693
hand over parameters to user-script e.g. $1=deconfig
Signed-off-by: Leon George <leon@georgemail.de>
Signed-off-by: Christian Mehlis <christian@m3hlis.de>
SVN-Revision: 45626
fixes compile error:
(observed w. target arm64, all kernel build opts enabled)
error: call to '__open_missing_mode' declared with attribute
error: open with O_CREAT in second argument needs 3 arguments
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 45625
The WAN port should at least respond to IGMP and MLD queries as
otherwise a snooping bridge/switch might drop traffic.
RFC4890 recommends to leave IGMP and MLD unfiltered as they are always
link-scoped anyways.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
SVN-Revision: 45613
Before r45593 kmod-l2tp-ip did not depend on kmod-ipv6.
With r45593 support for L2TP IPv6 encapsulation was added and
included in the kmod-l2tp-ip package. This change also
added the dependency to kmod-ipv6 to kmod-l2tp-ip, regardless
of whether the user chose to generally include IPv6 support
or not.
Change this so L2TP over IPv6 and the resulting dependency
to kmod-ipv6 is only included in kmod-l2tp-ip if IPv6 support
is enabled.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 45612
OpenVPN assumes that its control channel messages are sent and received
unfragmented, this assumption is broken when CBC record splitting is
enabled in mbedTLS.
The record splitting is intended as countermeasure against BEAST attacks
which do not apply to OpenVPN, therefore we simply disable it until
upstream OpenVPN gains the ability to process fragmented control
messages.
Disabling the splitting also works around a (not remotely triggerable)
segmentation fault in mbedTLS.
References:
* https://dev.openwrt.org/ticket/19101
* https://community.openvpn.net/openvpn/ticket/524
* https://github.com/ARMmbed/mbedtls/pull/185
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45602