Commit graph

10572 commits

Author SHA1 Message Date
Jonas Gorski
5caa23551e ds-lite: fix resolve retry for fqdn peeraddrs
If the first resolveip call will fail, peeraddr will be now empty, and
the subsequent resolveip call will try to resolve an empty string.

Fix this by storing the result in a temporary variable.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 45712
2015-05-22 10:24:30 +00:00
Jonas Gorski
072937888e mac80211: make it work with 3.18.12+
3.18.12 backported 61ada528dea028331e99e8ceaed87c683ad25de2 ("sched/wait:
Provide infrastructure to deal with nested blocking") from 3.19, causing
the following error on load:

[   13.588000] compat: exports duplicate symbol woken_wake_function (owned by kernel)

Fix this by guarding it with a check for 3.18.11 or earlier instead of
3.19.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 45710
2015-05-21 19:32:16 +00:00
Steven Barth
8304c0c04d odhcpd: fix DHCPv6 downstream PD
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45707
2015-05-21 15:07:54 +00:00
Jonas Gorski
d0af85c9a5 base-files: fix default pre-/postrm for packages with a dot
Instead of stripping everything after the first dot, strip everything
after the last dot.
This fixes pre-/postrm actions for packages with a dot in their name,
like libusb-1.0.

Fixes #19668.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 45702
2015-05-19 09:13:17 +00:00
Steven Barth
241dbffcf9 netifd: improve IPv6 onlink-route handling
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45701
2015-05-19 09:01:34 +00:00
Steven Barth
08f057c703 ipv6: remove now unneeded source-dest-routing workarounds
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45700
2015-05-19 07:53:08 +00:00
Jo-Philipp Wich
62b1ce098a rpcd: unload package after uci reverts
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45695
2015-05-17 12:16:27 +00:00
Steven Barth
51d97db185 dnsmasq: bump to dnsmasq2.73rc8 Important.
Bump dnsmasq to v2.73rc8

Important - fixes remotely exploitable buffer overflow introduced in all v2.73 test/release candidates.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>

SVN-Revision: 45693
2015-05-17 08:06:45 +00:00
Steven Barth
1ffe824e81 map: set ealen to psidlen for lw4over6
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45689
2015-05-16 10:12:15 +00:00
Steven Barth
356a9f0280 odhcp6c: fix parsing of LW4over6 parameters
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45688
2015-05-16 07:29:42 +00:00
Steven Barth
a11d2f1cb2 odhcpd: ignore /64 on interface when doing PD
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45679
2015-05-13 12:31:06 +00:00
Steven Barth
e9999a7168 odhcpd: remove invalid call to free()
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45675
2015-05-11 19:49:03 +00:00
Felix Fietkau
53a5647414 ppp: remove the persist option, netifd handles reconnects
Significantly reduces reconnect delay

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45654
2015-05-09 21:14:46 +00:00
Felix Fietkau
29f8f90de4 mac80211: apply mesh parameters after starting authsae/wpa_supplicant (#16697)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45651
2015-05-09 08:58:12 +00:00
Felix Fietkau
3f4011ad36 mt76: include generated mac80211 config file and add an appropriate define for mesh support (fixes #19474)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45649
2015-05-08 21:46:42 +00:00
Felix Fietkau
c43444aa1b usign: update to the latest version, use libubox base64 code
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45642
2015-05-08 12:37:26 +00:00
Felix Fietkau
e79506709f libubox: update to the latest version, adds a base64 implementation
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45641
2015-05-08 12:35:41 +00:00
Felix Fietkau
bf84a53f9b netifd-dhcp: supply parameters to user-script
hand over parameters to user-script e.g. $1=deconfig

Signed-off-by: Leon George <leon@georgemail.de>
Signed-off-by: Christian Mehlis <christian@m3hlis.de>

SVN-Revision: 45626
2015-05-08 10:44:19 +00:00
Felix Fietkau
9bb7046a19 trace-cmd: update to 2.4.2
fixes compile error:
(observed w. target arm64, all kernel build opts enabled)
error: call to '__open_missing_mode' declared with attribute
error: open with O_CREAT in second argument needs 3 arguments

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>

SVN-Revision: 45625
2015-05-08 10:44:08 +00:00
Felix Fietkau
af9672cfde ustream-ssl: correct year in PKG_VERSION string
ustream-ssl: correct the year in the PKG_VERSION string, as both r45157 and
r45441 left the old year 2014 there. For a casual user it may seem that the
current code is from April 2014, although
a4ca61527236e89eb9efb782fd9bfd04796144e3 is from April 2015.

http://nbd.name/gitweb.cgi?p=ustream-ssl.git;a=commit;h=a4ca61527236e89eb9efb782fd9bfd04796144e3
https://dev.openwrt.org/changeset/45441/
https://dev.openwrt.org/changeset/45157/

signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 45623
2015-05-08 10:43:48 +00:00
Felix Fietkau
06556a8e6b hostapd: fix remote denial of service vulnerability in WMM action frame parsing
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45619
2015-05-06 09:45:39 +00:00
Felix Fietkau
1f689613b6 iptables: disable unused xml support to save some space
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45617
2015-05-06 00:59:41 +00:00
Felix Fietkau
a503023ec2 hostapd: enable 802.11w only for the full variants
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45616
2015-05-06 00:59:36 +00:00
Felix Fietkau
102522e0cd uboot-envtools: disable AES support, reduces code size
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45615
2015-05-06 00:59:28 +00:00
Steven Barth
d534883a52 firewall: Allow IGMP and MLD input on WAN
The WAN port should at least respond to IGMP and MLD queries as
otherwise a snooping bridge/switch might drop traffic.

RFC4890 recommends to leave IGMP and MLD unfiltered as they are always
link-scoped anyways.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>

SVN-Revision: 45613
2015-05-05 13:22:41 +00:00
Steven Barth
336fc7a702 netsupport: l2tp-ip: only depend on IPv6 if IPv6 support is enabled
Before r45593 kmod-l2tp-ip did not depend on kmod-ipv6.
With r45593 support for L2TP IPv6 encapsulation was added and
included in the kmod-l2tp-ip package. This change also
added the dependency to kmod-ipv6 to kmod-l2tp-ip, regardless
of whether the user chose to generally include IPv6 support
or not.
Change this so L2TP over IPv6 and the resulting dependency
to kmod-ipv6 is only included in kmod-l2tp-ip if IPv6 support
is enabled.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 45612
2015-05-05 13:22:33 +00:00
Jo-Philipp Wich
2a196a68cd procd: fix uid/gid changing for service instances
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45611
2015-05-05 11:00:53 +00:00
Felix Fietkau
334ad1d49f polarssl: include PKG_RELEASE in ABI_VERSION
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45610
2015-05-05 10:14:04 +00:00
Felix Fietkau
632ba15a56 curl: replace polarssl run-time version check with a compile-time one
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45609
2015-05-05 10:12:49 +00:00
Felix Fietkau
5533a67e3a openvpn: replace polarssl run-time version check with a compile-time one
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45608
2015-05-05 10:09:16 +00:00
Felix Fietkau
34cacae2b9 polarssl: disable runtime version checks to save some space
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45607
2015-05-05 10:00:49 +00:00
Felix Fietkau
434bf8a90b polarssl: disable an unused random number generator
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45606
2015-05-05 10:00:36 +00:00
Jo-Philipp Wich
a28deda590 openvpn: disable CBC record splitting in PolarSSL/mbedTLS (#19101)
OpenVPN assumes that its control channel messages are sent and received
unfragmented, this assumption is broken when CBC record splitting is
enabled in mbedTLS.

The record splitting is intended as countermeasure against BEAST attacks
which do not apply to OpenVPN, therefore we simply disable it until
upstream OpenVPN gains the ability to process fragmented control
messages.

Disabling the splitting also works around a (not remotely triggerable)
segmentation fault in mbedTLS.

References:

 * https://dev.openwrt.org/ticket/19101
 * https://community.openvpn.net/openvpn/ticket/524
 * https://github.com/ARMmbed/mbedtls/pull/185

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45602
2015-05-04 08:49:21 +00:00
Felix Fietkau
2659762e62 base-files: fix logic error in led default handling (patch from #19593)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45600
2015-05-03 18:04:27 +00:00
Steven Barth
4d9694981b nettle: bump to 3.1.1
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45595
2015-05-03 11:19:42 +00:00
Steven Barth
a132313238 dhcp: add option specifying overriding custom-routes
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45594
2015-05-02 07:44:55 +00:00
Steven Barth
498e3a7fd4 netsupport: package L2TPv3 over IPv6 as well
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45593
2015-05-02 07:44:47 +00:00
Steven Barth
58f7d9676b map: shorten autogenerated sub-interface names to account for limits
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45590
2015-04-30 12:43:46 +00:00
Steven Barth
fc84123c2f dnsmasq: bump to 2.73rc7
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45587
2015-04-29 07:19:24 +00:00
Steven Barth
4fb99ec22f odhcpd: Remove prefix class config option as not supported anymore by odhcpd
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 45586
2015-04-28 14:58:54 +00:00
Steven Barth
64aa0929b9 odhcp6c: Fix white space errors
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 45585
2015-04-28 14:57:52 +00:00
Rafał Miłecki
63bb07b28c Revert "nvram: increase NVRAM size to 64 KiB"
This reverts commit ff84c27a281bc19df19bc62ee8688cca5586f6e3.
This tool has really broken size handling (many values hardcoded), it
crashes right now in case of NVRAM not filling whole MTD partition.

Conflicts:
	package/utils/nvram/src/nvram.h

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45579
2015-04-24 15:38:38 +00:00
Rafał Miłecki
97a0e165a6 nvram: fix regression in finding NVRAM beginning
The loop was giving up too early as it never expected NVRAM smaller
than 0x10000.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45578
2015-04-24 14:28:57 +00:00
Rafał Miłecki
84a3e668fc mac80211: backport brcmfmac to support multiple devices NVRAM
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45577
2015-04-24 10:53:11 +00:00
Rafał Miłecki
c1a7e13587 mac80211: update brcmfmac to the wireless-drivers-next-for-davem-2015-04-09
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45576
2015-04-24 10:45:33 +00:00
Steven Barth
62e7f07615 dnsmasq: bump to 2.73rc6
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45572
2015-04-23 13:05:15 +00:00
Felix Fietkau
4d58f0f4d9 Revert "ncurses: cleanup InstallDev"
This reverts r43204. The symlinks are faulty, as they point to a
temporary staging dir

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45569
2015-04-23 11:06:15 +00:00
Felix Fietkau
eba659cbba hostapd: backport fix for CVE-2015-1863, refresh patches
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45567
2015-04-23 08:01:51 +00:00
Rafał Miłecki
7e3272f422 nvram: increase NVRAM size to 64 KiB
For years Broadcom devices use 64 KiB NVRAM partition size and some of
them indeed have it filled in more than 50%. This change allows handling
whole NVRAM e.g. on Netgear WNDR4500 and Netgear R8000.

The same fix was applied to kernel in upstream commit 6ab7c29.

Reported-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45566
2015-04-22 19:07:24 +00:00
Rafał Miłecki
3931288caa nvram: refuse to open NVRAM for writing if it's too big to be handled
Otherwise writing anything will result in loosing data.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45565
2015-04-22 19:07:19 +00:00