Commit graph

11913 commits

Author SHA1 Message Date
Rafał Miłecki
1050a609cf nvram: install init.d quirks script on brcm47xx only
It contains some quirks for old MIPS devices.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-05-20 22:33:15 +02:00
Felix Fietkau
0d476971f2 kernel: define CONFIG_CPU_THERMAL in kmod-thermal
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-20 14:38:09 +02:00
Felix Fietkau
c115058669 libubox: update to the latest version
adds a SIGCHLD handling fix and jshn performance improvements

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-20 14:37:52 +02:00
Kevin Darbyshire-Bryant
8d105653b1 base-files: sysfixtime typo in exclude dnsmasq.time
Typo, missing space before ] in previous commit caused shell syntax
failure and incorrect restoration of time.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-05-19 18:14:28 +02:00
Felix Fietkau
24270e9493 mac80211: fix unaligned accesses in the tx path
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-19 17:55:54 +02:00
Felix Fietkau
1d0d5ddb07 curl: remove axtls config option, the library does not exist in our tree
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-19 16:56:34 +02:00
Dirk Neukirchen
6aebc6b16b curl: update to 7.49
fixes:
 CVE-2016-3739: TLS certificate check bypass with mbedTLS/PolarSSL

- remove crypto auth compile fix
curl changelog of 7.46 states its fixed

- fix mbedtls and cyassl usability #19621 :
add path to certificate file (from Mozilla via curl) and
provide this in a new package

tested on ar71xx w. curl/mbedtls/wolfssl

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-05-19 16:56:34 +02:00
Dirk Neukirchen
f2220bc1fe perf: disable libcrypto dependency
upstream change: 8ee4646038e47d065d35703e3e343136c4cd42aa
fixes dependency w. Kernel 4.6

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-05-19 14:12:11 +02:00
Kevin Darbyshire-Bryant
7938e8d60a dnsmasq: sysupgrade hook to conditionally preserve dnsmasq.time
conditionally save dnsmasq.time across sysupgrade
dnsmasq uses /etc/dnsmasq.time as record of the last known good
system time to aid its validation of dnssec timestamps.  dnsmasq
updates the timestamp on process start/stop once it considers the system
time as valid. The timestamp file should be preserved across system
upgrade but should not be included as part of normal configuration
backups to prevent restores corrupting the current timestamp.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-05-19 10:28:18 +02:00
Kevin Darbyshire-Bryant
2b1556d3e0 base-files: sysfixtime exclude dnsmasq.time
dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps.  By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past.  Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.

In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.

Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-05-19 10:28:18 +02:00
Jo-Philipp Wich
85a59127a7 Revert "dnsmasq: sysupgrade hook to conditionally preserve dnsmasq.time"
This reverts commit d830cb0882.

Reverting this commit due to a missing Signed-off-by.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-19 10:28:17 +02:00
Jo-Philipp Wich
21f460e0c1 Revert "base-files: sysfixtime exclude dnsmasq.time"
This reverts commit 382779e009.

Reverting this commit due to a missing Signed-off-by.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-19 10:28:11 +02:00
Kevin Darbyshire-Bryant
d830cb0882 dnsmasq: sysupgrade hook to conditionally preserve dnsmasq.time
conditionally save dnsmasq.time across sysupgrade
dnsmasq uses /etc/dnsmasq.time as record of the last known good
system time to aid its validation of dnssec timestamps.  dnsmasq
updates the timestamp on process start/stop once it considers the system
time as valid. The timestamp file should be preserved across system
upgrade but should not be included as part of normal configuration
backups to prevent restores corrupting the current timestamp.
2016-05-18 22:17:33 +02:00
Kevin Darbyshire-Bryant
382779e009 base-files: sysfixtime exclude dnsmasq.time
dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps.  By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past.  Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.

In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.

Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.
2016-05-18 22:17:33 +02:00
Daniel Dickinson
3e08637e87 mdadm: Fix missing conffile and add initscript
Start arrays on boot, stop them on shutdown, and enable
monitoring to syslog.

Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
2016-05-18 22:17:28 +02:00
Daniel Dickinson
3015af9647 ca-certificates: Add certificate bundle package
Some SSL applications requires a certificates bundle rather
than a directory containing certificates.  For thos applications
we build the ca-bundle package

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-05-18 22:17:28 +02:00
Daniel Dickinson
83049ed944 kernel: Build it87 hardware monitor module
Add packaging of it87 hardware monitor kernel module.  It is
a common thermal and voltage monitor that is in many x86
(at least) devices, and is just another i2c hwmon module.

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-05-18 22:17:28 +02:00
Helmut Schaa
21b04c623e ath9k: Fix TX99 support
The patch 300-ath9k-force-rx_clear-when-disabling-rx.patch broke TX99 support
in ath9k. Fix the patch by only applying rx_clear if TX99 mode is not used.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
2016-05-18 15:00:02 +02:00
Helmut Schaa
262cec2fb8 mac80211: Allow selection of TX99 support in ath9k
Add a new config option to enable TX99 support in ath9k.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
2016-05-18 14:59:41 +02:00
Daniel Golle
055d8d9c61 oxnas: move target-specific modules into target's modules.mk
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-05-17 17:26:05 +02:00
Daniel Golle
449aba4fe8 modules: hwmon: package driver for INA209 power monitor
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-05-16 18:00:34 +02:00
Daniel Golle
910d9ba454 modules: hwmon: package driver for LTC4151 current sensor
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-05-16 18:00:34 +02:00
Jo-Philipp Wich
23a1fa07db libusb: disable parallel building
The libusb package is not parallel build save, a make -j16 reliably breaks it.
Forcibly disable parallel building.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-16 17:17:12 +02:00
Felix Fietkau
34b05087f7 mac80211: fix a module build/dependency issue that was breaking lib80211
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-16 10:52:24 +02:00
John Crispin
474d62e31d fstools: update to latest git HEAD
the recent fixes to make mount_root work during failsafe caused lots of
unwanted side effects. use the new preinit sentinel file to detect if
we are in preinit. this will also work if logged in via ssh.

Signed-off-by: John Crispin <john@phrozen.org>
2016-05-15 16:32:02 +02:00
John Crispin
94cc41632e procd: update to latest git HEAD
make procd create a sentinel file during preinit

Signed-off-by: John Crispin <john@phrozen.org>
2016-05-15 16:31:18 +02:00
Felix Fietkau
e30608b736 iw: refresh patches
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-15 20:55:39 +02:00
Felix Fietkau
df93d53a4b mac80211: update to wireless-testing 2016-05-12
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-15 20:55:39 +02:00
Vittorio G (VittGam)
d742e1b513 base-files: Enhancements to /etc/profile
- Update the terminal window title with the current directory and hostname, if using an xterm-compatible terminal emulator.
- Add ll, an useful alias to ls.

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
2016-05-14 16:53:10 +02:00
Syrone Wong
b4c286fa89 nettle: update to 3.2
Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
2016-05-13 17:03:54 +02:00
Kevin Darbyshire-Bryant
b40c22630f e2fsprogs: update to 1.42.13
Update e2fsprogs to v1.42.13 from 1.42.12

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-05-13 17:03:53 +02:00
David Thornley
da0226fa7e lua: Fixed broken __lt/__le operators caused by lnum patch.
This was found while investigating why luarocks does not work. It was
traced to a quite old lnum patch for 5.1.3. I compared against the
latest 5.1.4 patch - https://github.com/LuaDist/lualnum and discovered
the lessthan/lessequal evaluation was not falling through to the
call_orderTM (tag methods).

I have tested LuCI (simple tests) and used the following lua code to
validate the patch (both host and target patches supplied): -

> local my_mt = {
> __eq = function(v1, v2)
> print("__eq")
> return false
> end,
> __lt = function(v1, v2)
> print("__lt")
> return false
> end,
> __le = function(v1, v2)
> print("__le")
> return false
> end
> }
>
> function get_my(vstring)
> local my = {}
> my.string = vstring;
> setmetatable(my, my_mt);
> return my;
> end
>
> local a = get_my("1.0")
> local b = get_my("1.0")
>
> local eq_works = a == b;
> local lt_works = a < b;
> local gt_works = a > b;
>
> local lte_works = a <= b;
> local gte_works = a >= b;

Without the patch the following error will be presented: -

“attempt to compare two table values”

Signed-off-by: David Thornley <david.thornley@touchstargroup.com>
2016-05-13 17:03:53 +02:00
Jo-Philipp Wich
1c61b21489 dropbear: update to 2016.73
Update the dropbear package to version 2016.73, refresh patches.
The measured .ipk sizes on an x86_64 build are:

  94588	dropbear_2015.71-3_x86_64.ipk
  95316	dropbear_2016.73-1_x86_64.ipk

This is an increase of roughly 700 bytes after compression.

Tested-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-13 10:23:52 +02:00
Felix Fietkau
98010ab489 kernel: remove ocf support, cryptodev-linux should be used instead
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-12 19:35:32 +02:00
Felix Fietkau
3d6d5ccf59 openssl: replace ocf-crypto-headers with a header file from cryptodev-linux
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-12 19:35:32 +02:00
Bert Vermeulen
34b6c8b075 iperf: Drop single-threaded variant
Signed-off-by: Bert Vermeulen <bert@biot.com>
2016-05-12 03:29:36 +02:00
Bert Vermeulen
b4a23f83f9 iperf: Upgrade to version 2.0.8
The original iperf package is unmaintained. This switches to the "iperf2"
project on sourceforge, a fork that started where the previous iperf left
off.

Version 2.0.8 fixes the issue that patch 002 handled, so that can be dropped.

Due to a faulty check in configure.ac, this version needs _GNU_SOURCE
defined to build properly against musl. Various other obsolete build
options were also removed.

Signed-off-by: Bert Vermeulen <bert@biot.com>
2016-05-12 03:29:36 +02:00
John Crispin
b8ab6af1a9 global: change my email address
Signed-off-by: John Crispin <john@phrozen.org>
2016-05-12 03:29:36 +02:00
Andrew Yong
374cae9e6f ramips: add initial support for SamKnows SK-WB8
Signed-off-by: Andrew Yong <me@ndoo.sg>
2016-05-12 03:29:35 +02:00
Hans Dedecker
861266c9ec dropbear: Add --disable-utmpx again
The option --disable-utmpx was deleted by accident in commit 7545c1d;
add it again to the CONFIGURE_ARGS list

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-05-12 03:29:35 +02:00
John Crispin
6a5471231b libusb: remove stale patch
this patch fixes a bug when using uclibc on MIPS. The bug does not exist when
using musl, so drop the fix.

Signed-off-by: John Crispin <john@phrozen.org>
2016-05-12 03:29:35 +02:00
Felix Fietkau
42d2eb7628 build: remove leftover dependenices on TARGET_rdc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-12 17:43:48 +02:00
Felix Fietkau
018807ded3 x86/xen_domu: enable xen drivers in the kernel config instead of packaging them as modules
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-12 17:35:46 +02:00
Felix Fietkau
7d7fb75df5 x86: remove the kvm_guest subtarget
32-bit only hardware that supports kvm is very rare.
It's not worth keeping a separate subtarget for this.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-12 17:00:53 +02:00
Felix Fietkau
46b79085b6 busybox: fix issues with the ip command on mips64
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-12 16:05:23 +02:00
John Crispin
26898d2a7f fstools: update to latest git revision
This fixes mount_root in failsafe and reverts a ext4 overlay patch.

Signed-off-by: John Crispin <john@phrozen.org>
2016-05-11 23:36:18 +02:00
Felix Fietkau
15f88192bf ncurses: add a compatibility symlink for packages searching for ncursesw/ncurses.h
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-11 19:10:22 +02:00
Vittorio Gambaletta (VittGam)
40f933d7ff base-files: Fix config_generate when there are no switch VLANs or ports configured in board.json.
The json_select call fails when there are no roles or ports objects in board.json. "json_select .." must not be executed after failing.

This fixes for example LEDs not being set up in /etc/config/system.

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
2016-05-11 17:06:54 +02:00
Hans Dedecker
f9a3123bbf netifd: Remove hardcoded DHCP release option
Remove the udhcpc -R release option as sending a DHCP release
is configurable via the uci option release.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-05-11 16:46:17 +02:00
Felix Fietkau
ef6d6661e2 ncurses: install a dummy libtinfo.a for packages that try to link it
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-11 11:39:34 +02:00
Felix Fietkau
cf3da7d204 Revert "ncurses: package the tinfo library separately"
This reverts commit 975f7160dd.
2016-05-11 11:38:55 +02:00
Rafał Miłecki
b9afc86b5c mtd: imagetag: fix compilation with changed mtd_fixtrx call
Function mtd_fixtrx was changed during trx improvements.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-05-11 01:57:59 +02:00
Felix Fietkau
86777a40e9 gettext-full: avoid spurious dependencies on ncurses
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-10 16:01:38 +02:00
Felix Fietkau
975f7160dd ncurses: package the tinfo library separately
Some packages expect it that way

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-10 16:00:36 +02:00
Bert Vermeulen
fda951c443 iftop: Update to latest version, and drop patch
The patch made sure the ncursesw library was not selected to save space,
but that library doesn't exist in this distribution at all.

Signed-off-by: Bert Vermeulen <bert@biot.com>
2016-05-10 14:06:50 +02:00
Felix Fietkau
b01f296f4f ncurses: provide libncurses compatibility symlinks in libncursesw
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-10 14:06:50 +02:00
John Crispin
a4571b7631 ubox: make logging code honour the hostname properly
Signed-off-by: John Crispin <john@phrozen.org>
2016-05-10 10:43:17 +02:00
blogic
cbdfae5c04 ubox: turn logd into a separate package
Currently system log is always included as a part of ubox.
Add logd as a seperate package and add it to default packages list.

Signed-off-by: Andrej Vlasic <andrej.vlasic@sartura.hr>

SVN-Revision: 49285
2016-05-10 10:43:12 +02:00
Felix Fietkau
dd16b7748d ncurses: install pkg-config files to fix util-linux build breakage
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-10 10:12:01 +02:00
Rafał Miłecki
df8ca9a5c4 mtd: add -c option for specifying amount of data to be used for checksum
So far fixtrx was calculating checksum over amount of data matching
partition erase size. It was mostly a workaround of checksum problem
after changing anything in initial TRX content (e.g. formatting JFFS2).
Its main purpose was to make bootloader accept modified TRX. This didn't
provide much protection of flash data against corruption.

This new option lets caller request calculating checksum over a bigger
amount of data. It may be used e.g. to include whole kernel data for
checksum and hopefully make bootloader go info failsafe mode if
something goes wrong.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-05-09 20:10:58 +02:00
Rafał Miłecki
2dd125048d mtd: trx: use separated buffer for TRX header
We plan to adjust usage of the main buffer to allow reading custom
amount of data for CRC32. This means we need another buffer that will be
always block aligned.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-05-09 20:10:58 +02:00
rmilecki
6de401b1f8 mtd: seama: exit with error if Seama header wasn't found
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-05-09 18:53:22 +02:00
rmilecki
06a3241c27 mtd: seama: fix image data handling
1) Put sanity checks in one place
2) Respect provided offset
3) Read only as much data as needed for MD5 calculation

Thanks to the last change this is a great speedup and memory saver. On
devices with NAND flash we were allocating & reading about 128 MiB while
something about 8 MiB is enough.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-05-09 18:53:18 +02:00
rmilecki
30edc32888 mtd: seama: move buf allocation to the MD5 function
This buf is only used in this function now, so lets move it there.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-05-09 18:53:14 +02:00
rmilecki
1d628f0cbe mtd: seama: update MD5 using header in the first block buffer
This will allow separating first block buffer from a buffer used for MD5
calculation.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-05-09 18:53:13 +02:00
rmilecki
bcccb03200 mtd: seama: add md5 to header struct
This allows us to drop some extra offset calculations and simplifies
code a bit.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-05-09 18:53:11 +02:00
rmilecki
8632d89fa0 mtd: check for Seama magic early when fixing MD5
This avoid long (and unneeded) process of reading all data in case of
running on MTD not containig Seama entity.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-05-09 18:53:09 +02:00
rmilecki
320641585b mtd: add missing breaks in a switch
On platforms supporting both: TRX and Seama calling "fixtrx" was
resulting in trying to fix Seama as well.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-05-09 18:53:06 +02:00
rmilecki
8a60a41951 mtd: use tabs for indents
This makes code style consistent across the whole file.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-05-09 18:53:02 +02:00
Felix Fietkau
5071fb27b9 ncurses: remove libncurses, provide it via libncursesw
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-09 14:49:33 +02:00
Felix Fietkau
5b64e3532a mt76: update to the latest version
Fixes a tx locking error and adds a pci id

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-05 19:43:23 +01:00
Felix Fietkau
6259583ef3 mt76: fix rebuild on CONFIG_PACKAGE_MAC80211_MESH changes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-05 19:43:23 +01:00
Daniel Golle
9b9c78e071 base-files: evaluate uci-defaults on run-time installations
Packages may install scripts into /etc/uci-defaults to be executed once
after installation, usually at the first boot of the target. This works
fine if the package was installed to the rootfs during build or using
the ImageBuilder.
If the package is installed using opkg during run-time uci-defaults
were applied only after a reboot of the device. Avoid the need to
reboot by evaluting the package's uci-defaults in default-postinst.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-05-04 14:24:37 +01:00
Michal Hrusecky
f6adbdf3cd openssl: Update to version 1.0.2h
Bump to the latest version, fixes several security issues:
 * CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176
More details at https://www.openssl.org/news/openssl-1.0.2-notes.html

Signed-off-by: Michal Hrusecky <Michal.Hrusecky@nic.cz>
2016-05-04 13:00:31 +01:00
Jo-Philipp Wich
4076d863bd firewall3: fix mark rules for local traffic, fix race condition
Update to latest HEAD in order to fix MARK rule generation for local traffic,
also fix a possible race condition during firewall start.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-02 18:46:30 +01:00
Gergely Kiss
a2b555189b libiconv: add all ASCII aliases
This patch adds missing ASCII aliases to the libiconv stub in order to avoid conversion errors like https://github.com/openwrt/packages/issues/2373

Signed-off-by: Gergely Kiss <mail.gery@gmail.com>
2016-05-02 18:35:35 +01:00
Hans Dedecker
6a06cd8331 xtables-addons: Avoid redefinition of SHRT_MAX in lua packet script
Patch Lua packet script defines SHRT_MAX which is already defined in <linux/kernel.h> and
is included indirectly by lauxlib.h. Fix the redefintion as it leads to compile failure
on systems which treat macro redefinition as an error

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-05-02 18:28:01 +01:00
Jo-Philipp Wich
a6f76bffd8 signing: remove unatteded build key and use current keyring instead
Remove the public unatteded buildkey from the opkg package to avoid
having hardcoded keys in tree. Use the external keyring package instead
which can be easily updated by users.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-30 20:39:23 +02:00
John Crispin
33de8c77e2 fstools: fix snapshot support
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:46 +02:00
John Crispin
0fae7270cf fstools: update to latest git HEAD
fixes snapshot support

Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:34 +02:00
John Crispin
4a8e960c62 base-files: fix group/user settings after sysupgrade
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:34 +02:00
John Crispin
ed07ef1601 base-files: split user/group addition code into a function
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:34 +02:00
John Crispin
c9e3cd798d fstools: update to latest git HEAD
this adds the remount command to the block tool

Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:34 +02:00
John Crispin
d72e538e89 base-files: add new public key used by unattended builds
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:34 +02:00
John Crispin
a13f47760c base-files: add a conditional dependency to lede-keyring
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:34 +02:00
John Crispin
d2e4caf343 lede-keyring: add the developer public keyring
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:34 +02:00
Hans Dedecker
ec9f6fe04d ppp: Add ppp-mod-passwordfd subpackage to ppp
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-04-28 13:50:41 +02:00
Hans Dedecker
ce9e5e16ff dnsmasq: Add conntrack support in the full variant
Conntrack support reads the connection track mark associated with
incoming DNS queries and sets the same mark value on the upstream
forwarded DNS query. This can be usefull to track traffic generated
by dnsmasq to associate it with the clients who generate the queries,
usefull for bandwidth accouting and firewall.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-04-28 13:50:20 +02:00
Hans Dedecker
16122117a5 dropbear: Add procd interface triggers when interface config is specified
A dropbear instance having an interface config won't start if the interface is down as no
IP address is available.
Adding interface triggers for each configured interface executing the dropbear reload script
will start the dropbear instance when the interface is up.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-04-28 13:49:37 +02:00
Hans Dedecker
b3f6c4b3ac iproute2: Add package for nstat utility
Add support for the command line utility nstat displaying network statistics

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-04-28 13:49:17 +02:00
Hans Dedecker
7545c1d96b dropbear: Make utmp and putuline support configurable via seperate config options
Utmp support tracks who is currenlty logged in by logging info to the file /var/run/utmp (supported by busybox)
Putuline support will use the utmp structure to write to the utmp file

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-04-28 13:47:48 +02:00
Hans Dedecker
a83f049b5b netifd: Add configurable DHCP release behavior
Make sending a DHCP release configurable when the client exits allowing to clean up
IP/mac state info in intermediate devices.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-04-28 13:44:47 +02:00
Hans Dedecker
312cb987f9 xtables-addons: Fix Lua packet script implementation
lua_packet_segment parameter start has type char pointer; in function lua_tg
it's assigned an uint16 value generating compiler warnings obviously indicating
posssible seg fault problems. Fix the issue by using the correct skb functions
so the parameter points to the position inside the sk_buff

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Stijn Cleynhens <stijn.cleynhens@gmail.com>
2016-04-28 11:45:43 +02:00
Jo-Philipp Wich
07bdd30906 package: remove duplicate lines from otrx and nvram makefiles
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-26 23:28:17 +02:00
Jo-Philipp Wich
b04a25491f package: flag further target specific packages as nonshared
Add nonshared flag to package depending on specific targets or subtargets as
there's no guarantee otherwise that they'll be available in the shared repo.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-26 23:26:43 +02:00
Jo-Philipp Wich
69ccef03f9 package: mark nvram and otrx nonshared as they're target specific
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-26 23:09:12 +02:00
Álvaro Fernández Rojas
0ab31bfced brcm2708-gpu-fw: update to latest version
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-04-24 13:00:11 +02:00
Jo-Philipp Wich
4c60a6f803 opkg: fix use-after-free with duplicate packages on the command line
When the same package file is specified multiple times on the opkg install
command line, the name pointer on the argv array becomes stale after the
package structures have been merged, leading to invalid memory accesses
upon install.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-23 14:03:50 +02:00
Jo-Philipp Wich
9531e0fce5 package: fix toolchain ipk flags
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-22 12:20:47 +02:00
Jo-Philipp Wich
37de17c379 linux: kmod-e100: use preconverted firmware files
Instead of converting the firmware files ourselves, use the files
generated during the normal kernel build process. This fixes packaging
kmod-e100 in the SDK environment.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-21 16:39:59 +02:00
John Crispin
528ffec3cd base-files: remove ununsed login.sh
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-19 20:42:34 +02:00
John Crispin
b4e33a1c08 base-files: Allow to disable failsafe mode
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
2016-04-19 10:07:35 +02:00
John Crispin
dc92917409 image / basefiles: make console password configurable
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-18 21:53:07 +02:00
John Crispin
5e85ae9e4c base-files: fix error message during boot
preinit spews out this message

"cat: can't open '/proc/device-tree/model': No such file or directory"

Signed-off-by: John Crispin <john@phrozen.org>
2016-04-11 11:58:57 +02:00
Álvaro Fernández Rojas
9dee77795d brcm2708-gpu-fw: improve package version and release
Use git revision as package release and date for package version.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-04-16 11:27:56 +02:00
Álvaro Fernández Rojas
2cd1f5a0db brcmfmac43430-firmware: improve package version and release
Use git revision as package release and date for package version.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-04-16 11:25:56 +02:00
Jo-Philipp Wich
abc828b085 openssl: fix wrong build target strings
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-15 07:40:31 +02:00
Jo-Philipp Wich
addfc0efdd uclibc++: add hack to fix failing patch
One of the patched files, include/unwind-cxx.h, contains windows newlines
which lead to the following failure:

  Applying ./patches/006-eabi_fix.patch using plaintext:
  patching file include/typeinfo
  patching file include/unwind-cxx.h
  Hunk #1 FAILED at 173 (different line endings).
  Hunk #2 FAILED at 181 (different line endings).

Add a fixup command to the prepare phase which normalizes the line endings
before applying source patches.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-14 18:27:12 +02:00
Jo-Philipp Wich
9e04019024 package: flag essential components as nonshared
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-06 22:38:47 +02:00
Jo-Philipp Wich
32a0b8c104 include/version.mk: rework repository url handling
- Add %A placeholder for substituting the package architecture
- Change %U placeholder to refer to the toplevel repository URL
- Construct package feed URLs relative to the toplevel one to match new layout

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-13 00:31:15 +02:00
Jo-Philipp Wich
5170393f8c include: choose package output directory based on repository info
Use the new repository metadata field to choose the output directory of the
final package archives.

Non-sharable packages will be placed in the per-target package directory
while the rest will be placed in a per-repository sub directory within the
$OUTPUT_DIR/packages/$CPU_TYPE/ prefix.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-06 21:55:44 +02:00
Álvaro Fernández Rojas
59e0e88c22 brcm2708-gpu-fw: update to latest version
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-04-07 21:25:01 +02:00
Álvaro Fernández Rojas
f233664faa brcm2708-gpu-fw: update to latest version
This update also adds individual download of firmware files instead of fetching
every file on the repository (10-MiB vs 100+MiB).
Also copy Linux license from kernel directory instead of using the rpi-firmware
one.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-04-01 13:37:33 +02:00
Álvaro Fernández Rojas
8d5160bf5d brcmfmac43430-firmware: use @GITHUB download alias
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-04-03 22:05:55 +02:00
Jo-Philipp Wich
5a7c064bdb busybox: fix setting the kernel timezone
The settimeofday() syscall wrapper provided by musl filters out the timezone
argument, breaking the ability to set the kernel timezone through the function.

Adjust busybox patch to issue the syscall directly in order to circumvent the
problem.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-03-31 15:26:42 +02:00
Hans Dedecker
81a5f1ac9e netifd: Send DHCP release when client exits
Let DHCP client send a release when it exists so the DHCP server is
informed the IP address is released and allowing to clean up IP/mac
state info in intermediate devices.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-03-31 12:18:29 +02:00
Jo-Philipp Wich
3df4eaf22b uci: commit through symlinks
Update to latest HEAD in order to not clobber symlinks in /etc/config on
uci commit.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-03-31 02:09:53 +02:00
Jo-Philipp Wich
564330e013 netifd: fix default ip rules
Update to latest HEAD in order to remove the faulty "prelocal" ip rule leading
to unexpected policy rule precedence.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-03-31 00:05:02 +02:00
John Crispin
fa69553900 branding: add LEDE branding
Signed-off-by: John Crispin <blogic@openwrt.org>
2016-03-24 22:40:13 +01:00
John Crispin
be1985471e zynq: Add Zybo device support
Signed-off-by: Jason Wu <jason.wu.misc@gmail.com>

SVN-Revision: 49257
2016-04-26 11:44:29 +00:00
John Crispin
869d3adc37 Zynq: Add Zedboard device support
Tested-by: Joe Zhang <jz21082@gmail.com>
Signed-off-by: Jason Wu <jason.wu.misc@gmail.com>

SVN-Revision: 49256
2016-04-26 11:44:26 +00:00
John Crispin
3481d0d793 dnsmasq: run as dedicated UID/GID
Running dnsmasq in a dedicated user/group allows matching its outgoing
traffic more easily using iptables' owner match.
Add UID/GID to the package metadata and append the user/group
parameters to the init script.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 49252
2016-04-26 11:44:10 +00:00
John Crispin
1a1bb3aaff mac80211: ath9k: add GPIO support for AR9280 chip
Enable access to GPIO on Atheros wireless chip AR9280.
Support for 9280 is added to existing 9285/9287 subsystem
because these 3 chips differ only in number of GPIO pins.

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>

SVN-Revision: 49251
2016-04-26 11:44:07 +00:00
John Crispin
7a7e27c6d0 usbutils: Update USB IDs list and drop gzip compression
Change mirror to Github (Gentoo repo) and drop the gzip compression.
Worst case there's about 4kbyte increase in size but most images ends up
beign somewhere between 4-100kbyte smaller due to the lzma compression.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>

SVN-Revision: 49246
2016-04-26 11:43:49 +00:00
John Crispin
152da8b240 lantiq: uboot-envtools on BTHOMEHUBV3A
Generate fw_env.config for BTHOMEHUBV3A.

Signed-off-by: Ben Mulvihill <ben.mulvihill@gmail.com>

SVN-Revision: 49236
2016-04-26 11:43:11 +00:00
Jo-Philipp Wich
80c1cfeddc fstools: respect mount flags for /overlay mounts
Respect user configured mount flags such as "ro" or "sync" when processing
external overlay mount points.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

SVN-Revision: 49223
2016-04-25 15:54:35 +00:00
Rafał Miłecki
f4edfc69a3 mac80211: add brcmfmac regression ("NULL pointer dereference") fix
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 49222
2016-04-25 15:32:20 +00:00
John Crispin
79c67071c6 xtables-addons: build: fix configure compatiblity with POSIX shells
Fixes build with /bin/sh pointing to certain versions of dash (for example
on Void Linux).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>

SVN-Revision: 49218
2016-04-21 19:47:26 +00:00
Hauke Mehrtens
a16ae0b6df curl: remove file accidentally committed in r49197
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49199
2016-04-19 20:18:50 +00:00
Hauke Mehrtens
012da658a4 oxnas: add support for Akitio MyCloud mini
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 49197
2016-04-19 20:12:41 +00:00
Hauke Mehrtens
fc7368fd82 curl: fix deprecated 'depends' syntax
This was introduced in r49183

Reported-by: swalker
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49192
2016-04-17 15:35:18 +00:00
Hauke Mehrtens
91a508d5bf util-linux: update to version 2.28
The following patches were merged upstream:
* 0001-switch_root-improve-statfs-f_type-portability.patch
* 0002-lib-colors-use-static-buffers-when-parse-scheme.patch
* 002-mkostemp.patch

The following patch is not needed any more because all libc
implementations support alloc in sscanf:
* 001-no-printf-alloc.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49191
2016-04-17 15:16:12 +00:00
Hauke Mehrtens
b030bb606f busybox: update to 1.24.2
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
[remove Kconfig changes]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49189
2016-04-17 12:53:31 +00:00
Hauke Mehrtens
be252b5795 libnl-tiny: backport 'gnet_stats_rate_est64' support
This has been added to the kernel uapi for a while, and makes
sense to have it here too.
At the moment we're using it for query-ing qdisc via netlink
using libnl-tiny.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49188
2016-04-17 12:53:11 +00:00
Hauke Mehrtens
3fabbb814d dnsmasq: Add enable parameter in the UCI DHCP host section
Parameter allows to enable/disable static leases; by default the value is 1
to keep backwards compatibility

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49187
2016-04-17 12:52:54 +00:00
Hauke Mehrtens
ba97a03d7d curl: add flags to allow gc-sections to strip out unused code
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49184
2016-04-17 12:51:57 +00:00
Hauke Mehrtens
a4d646cf15 curl: add config option for NTLM support
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49183
2016-04-17 12:51:41 +00:00
Hauke Mehrtens
a2b15e6c1d curl: upstep to latest version 7.48.0
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49182
2016-04-17 12:51:19 +00:00
Hauke Mehrtens
3830200d6a hostapd.sh: Add support for "anonymous_identity" config field
The wpa_supplicant supports an "anonymous_identity" field, which some
EAP networks require.  From the documentation:

anonymous_identity: Anonymous identity string for EAP (to be used as the
    unencrypted identity with EAP types that support different tunnelled
    identity, e.g., EAP-TTLS).

This change modifies the hostapd.sh script to propagate this field
from the UCI config to the wpa_supplicant.conf file.

Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Reviewed-by: Manuel Munz <freifunk@somakoma.de>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49181
2016-04-17 12:50:55 +00:00
Hauke Mehrtens
ca77367dae package: remove .git files from images
If you have your ./files/ directory stored in a git repository,
the .git will be included into images using precious space.
This patch removes .git directories before packing images.

Signed-off-by: Joerg Jungermann <jj@borkum.net>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49180
2016-04-17 12:50:30 +00:00
Hauke Mehrtens
ea6d36111b base-files: allow to set arbitrary ip address and netmask
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49179
2016-04-17 12:49:54 +00:00
Hauke Mehrtens
1414f1647d samba: fix some security problems
This fixes the following security problems:
* CVE-2015-7560
* CVE-2015-5370
* CVE-2016-2110
* CVE-2016-2111
* CVE-2016-2112
* CVE-2016-2115
* CVE-2016-2118

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49175
2016-04-16 20:06:34 +00:00
Rafał Miłecki
894aed060e mac80211: update brcmfmac including missing boardrev workaround
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 49174
2016-04-16 08:48:43 +00:00
Luka Perkov
d79e931ad0 rpcd: update to latest version
Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 49162
2016-04-13 07:33:24 +00:00
John Crispin
eeaf5035df uboot-envtools: add OpenMesh OM5P-ACv2 support
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>

SVN-Revision: 49153
2016-04-09 10:26:28 +00:00
John Crispin
ddf5e96319 om-watchdog: add OpenMesh OM5P-ACv2 support
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>

SVN-Revision: 49152
2016-04-09 10:26:25 +00:00
John Crispin
2b541ce3f9 uboot-envtools: add OpenMesh OM5P-AC support
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>

SVN-Revision: 49146
2016-04-09 10:26:04 +00:00
John Crispin
0d69dbee5e om-watchdog: add OpenMesh OM5P-AC support
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>

SVN-Revision: 49145
2016-04-09 10:26:01 +00:00
John Crispin
7f25cb45db brcmfmac43430-firmware: switch to @GITHUB download alias
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>

SVN-Revision: 49139
2016-04-09 10:25:38 +00:00
John Crispin
0ffa58009a ramips: Fixes for LinkIt 7688
Misc fixes for LinkIt 7688 board:

- Copy the right wireless firmware for the mt7688
- Add back '0065-mt7688-fixes.patch', left out after the move to Linux 4.4.
- Remove SPI_DEV from linux config which otherwise causes a massive warning
- Add wmac to LINKIT7688.dts so wireless works

Signed-off-by: Adam Kent <adam@semicircular.net>

SVN-Revision: 49130
2016-04-09 10:24:58 +00:00