Bump to the latest version, fixes several security issues:
* CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176
More details at https://www.openssl.org/news/openssl-1.0.2-notes.html
Signed-off-by: Michal Hrusecky <Michal.Hrusecky@nic.cz>
Update to latest HEAD in order to fix MARK rule generation for local traffic,
also fix a possible race condition during firewall start.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This patch adds missing ASCII aliases to the libiconv stub in order to avoid conversion errors like https://github.com/openwrt/packages/issues/2373
Signed-off-by: Gergely Kiss <mail.gery@gmail.com>
Patch Lua packet script defines SHRT_MAX which is already defined in <linux/kernel.h> and
is included indirectly by lauxlib.h. Fix the redefintion as it leads to compile failure
on systems which treat macro redefinition as an error
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Remove the public unatteded buildkey from the opkg package to avoid
having hardcoded keys in tree. Use the external keyring package instead
which can be easily updated by users.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Currently the build fails with
'arch/mips/vdso/vdso.so.dbg' already contains a '.MIPS.abiflags' section
if the file already exists from a prior build.
Add a makefile rule to force the rebuild of vdso.so.dbg if genvdso has
has been changed to workaround the failure.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Conntrack support reads the connection track mark associated with
incoming DNS queries and sets the same mark value on the upstream
forwarded DNS query. This can be usefull to track traffic generated
by dnsmasq to associate it with the clients who generate the queries,
usefull for bandwidth accouting and firewall.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
A dropbear instance having an interface config won't start if the interface is down as no
IP address is available.
Adding interface triggers for each configured interface executing the dropbear reload script
will start the dropbear instance when the interface is up.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Utmp support tracks who is currenlty logged in by logging info to the file /var/run/utmp (supported by busybox)
Putuline support will use the utmp structure to write to the utmp file
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Make sending a DHCP release configurable when the client exits allowing to clean up
IP/mac state info in intermediate devices.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
For some time now m25p80 supports 32 MiB flashes and we just needed to
patch spi-nor to support JEDEC incompatible w25q128. Also by switching
to m25p80 we gain accelerated SPI flash reads.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 49260
lua_packet_segment parameter start has type char pointer; in function lua_tg
it's assigned an uint16 value generating compiler warnings obviously indicating
posssible seg fault problems. Fix the issue by using the correct skb functions
so the parameter points to the position inside the sk_buff
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Stijn Cleynhens <stijn.cleynhens@gmail.com>
Commit 8c130dd (lantiq: use new image build process for some images) broke
image generation for the xway target since the generated macros reference not
existing WBMRA.dts and WBMRB.dts files leading to the following build error:
mips-openwrt-linux-musl-cpp: error: ../dts/WBMRA.dts: No such file or directory
mips-openwrt-linux-musl-cpp: warning: '-x assembler-with-cpp' after last input file has no effect
mips-openwrt-linux-musl-cpp: fatal error: no input files
Previously both the WBMRA and WBMRB profiles shared a common WBMR DT since
the only difference is the embedded firmware kmod package.
Extend the lantiqImage macro to optionally support specifying a different
DTS file and use this facility to let the both WBMR profiles reference the
correct device tree file.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Add nonshared flag to package depending on specific targets or subtargets as
there's no guarantee otherwise that they'll be available in the shared repo.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This regression was introduced while rebasing LEDE's commits over the latest
OpenWrt repository.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
The kmod-acpi-button functionality is included in the kernel where needed
and the corresponding kmod package has been deleted long ago, therfor drop
the remaining references now.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update to latest make_ext4fs Git HEAD to fix build with recent glibc version
which does not implicitely includes sysmacros.h anymore.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When the same package file is specified multiple times on the opkg install
command line, the name pointer on the argv array becomes stale after the
package structures have been merged, leading to invalid memory accesses
upon install.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The libc and kernel package files moved since the introduction of shared
packages and the changed output directory layout. This causes the generated
ImageBuilder archive to lack the necessary "libc" and "kernel" meta packages,
leading to opkg install errors later on.
Use the FeedPackageDir macro to figure out the proper source directory to use.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Instead of converting the firmware files ourselves, use the files
generated during the normal kernel build process. This fixes packaging
kmod-e100 in the SDK environment.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Bundle all firmware files which have been built along with the kernel to fix
packaging of kmods in the SDK environment that rely on in-tree firmwares,
specifically kmod-e100.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>