Commit graph

36502 commits

Author SHA1 Message Date
Petr Konecny
6797a10fa1 hostapd support for VLANs through a file in addition to Radius.
Signed-off-by: Petr Konecny <pekon@google.com>
2016-10-31 13:24:58 +01:00
Daniel Dickinson
98c86e2970 uhttpd: Add Basic Auth config
We add an 'httpauth' section type that contains the options:

prefix: What virtual or real URL is being protected
username: The username for the Basic Auth dialogue
password: Hashed (crypt()) or plaintext password for the Basic Auth dialogue

httpauth section names are given included as list
items to the instances to which they are to be applied.

Further any existing httpd.conf file (really whatever
is configured in the instance, but default of
/etc/httpd.conf) is appended to the per-instance httpd.conf

Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
2016-10-31 13:22:51 +01:00
Hannu Nyman
671cb35880 musl: fix parsing of quoted time zone names
fix parsing of the < > quoted time zone names. Compare the correct
character instead of repeatedly comparing the first character.

Patch has been submitted to upstream as
http://www.openwall.com/lists/musl/2016/10/24/3

Longer explanation in
http://www.openwall.com/lists/musl/2016/10/19/1

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
[Jo-Philipp Wich: move references into commit message, shorten title prefix]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-31 12:55:27 +01:00
Chris Blake
53b43e65e7 ar71xx: Add net config for MR12 & MR16
Both the MR12 and MR16 are single gigabit ethernet devices, similar to the
MR18. This change gives them the correct network config on a fresh install.

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
[Jo-Philipp Wich: adjust for alphabetical ordering, line wrap commit msg]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-31 12:52:56 +01:00
Christian Mehlis
7cb82d4b70 ar71xx: fix ethernet on wpj344 board
In 814d70b2 the member mac06_exchange_en of struct
ar8327_pad_cfg was changed to mac06_exchange_dis,
but wpj344 was not adopted to stay in sync.

Signed-off-by: Christian Mehlis <christian@m3hlis.de>
Reported-by: Nick Dennis <ndennis@rapiduswireless.com>
2016-10-31 12:52:56 +01:00
Alexandru Ardelean
b7fadb12b7 lldpd: freeze execution of lldpd during reload
During reload, we could send invalid information to the other
side and confuse it.

That's why, during reload we'll pause execution, do the reconfig
and resume + update when reload is done.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-31 12:51:15 +01:00
Alexandru Ardelean
909f063066 lldpd: fix reload function for when interfaces change
The problem is that interfaces are specified at start as
command line arguments, making them unchange-able via reload.

That means, we have to move (since lldpd allows this) the
interfaces-match-pattern option to be in a config file and reload
the configuration.
It's either that, or do a 'restart'.

Since we're generating the lldpd.conf file, we'll have to
move the 'sysconfdir' of lldpd to /tmp, where the files will
get written ; this will prevent any unncessary flash writes.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-31 12:51:15 +01:00
Pavel Kubelun
ccf0648e72 ath10k-firmware: update qca9984 firmware
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
[Jo-Philipp Wich: add mirror sha256 sum]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-31 12:49:57 +01:00
Alexandru Ardelean
00d1e6c75e firmware-utils: fix compilation on MacOS X
Looking into /usr/include/stdlib.h, there's a `devname()` function defined
under some #ifdef's which conflicts with the `static char *devname` definition
in `src/mkwrggimg.c`.

Defining `_ANSI_SOURCE` in the `src/mkwrggimg.c` file, omits that part of the
header.

Another more intrusive approach is to rename `devname` to something like
`g_devname` in `src/mkwrggimg.c`. But I think the `_ANSI_SOURCE` define should
be enough.

Compilation error is:

    src/mkwrggimg.c:64:14: error: redefinition of 'devname' as different kind of symbol
    static char *devname;
                 ^
    /usr/include/stdlib.h:286:7: note: previous definition is here
    char    *devname(dev_t, mode_t);
             ^
    src/mkwrggimg.c:147:12: error: non-object type 'char *(dev_t, mode_t)' (aka 'char *(int, unsigned short)') is not assignable
                            devname = optarg;
                            ~~~~~~~ ^
    src/mkwrggimg.c:192:6: warning: comparison of function 'devname' equal to a null pointer is always false [-Wtautological-pointer-compare]
            if (devname == NULL) {
                ^~~~~~~    ~~~~
    src/mkwrggimg.c:192:6: note: prefix with the address-of operator to silence this warning
            if (devname == NULL) {
                ^
                &
    src/mkwrggimg.c:251:27: warning: incompatible pointer types passing 'char *(dev_t, mode_t)' (aka 'char *(int, unsigned short)') to parameter of type 'const char *' [-Wincompatible-pointer-types]
            strncpy(header->devname, devname, sizeof(header->devname));
                                     ^~~~~~~
    /usr/include/secure/_string.h:119:34: note: expanded from macro 'strncpy'
      __builtin___strncpy_chk (dest, src, len, __darwin_obsz (dest))

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
[Jo-Philipp Wich: slightly reformat commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-31 12:39:09 +01:00
Rafał Miłecki
f20ba0f0d5 brcm47xx: image: use append-rootfs step for per-device rootfs support
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-28 17:03:55 +02:00
Rafał Miłecki
027b2c5b83 brcm47xx: image: make TRX steps work with rootfs passed as $@
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-28 16:46:57 +02:00
Rafał Miłecki
8bd2167236 brcm47xx: image: make linksys-pattern-partition leave specific file
Thanks to leaving .pattern file we can easily insert extra step between
linksys-pattern-partition and trx-v2-with-loader, e.g. rootfs one.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-28 16:41:05 +02:00
Rafał Miłecki
c9fdb23345 apm821xx: fix USB LED trigger for WNDR4700
The old usbdev trigger never supported assigning more than 1 USB port.
This code we got was never working as expected and it was missing 2 more
ports. Switch to usbport to have LED working with all ports.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Tested-by: Christian Lamparter <chunkeey@gmail.com>
2016-10-28 13:27:21 +02:00
John Crispin
1e3c4f763c openvpn: cacert does not exist
cacert is really called ca and already in the script

Signed-off-by: John Crispin <john@phrozen.org>
2016-10-27 19:53:01 +02:00
Jo-Philipp Wich
dc6cc04016 config: ext4: increase x86 rootfs size to 2GB to support online resize2fs
The current default rootfs size of 256MB in conjunction with 4K blocks
produces an ext4 filesystem which lacks the appropriate amount of backup GDT
entries to support online-resizing.

For x86 targets, increase the default rootfs size to 2048MB which allows
online resizing the filesystem to up to 2TB which is the current theoretical
maximum for LEDE, due to missing GPT support on the root block device.

Note that the filesystem artefact will not occupy 2GB on the build system as
the make_ext4fs utility uses sparse files to generate the filesystem images,
so the actual disk usage is much lower. Furthermore the filesystem images
are gzip compressed, shrinking them to only a few megabytes on the download
server.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Michael Heimpold <mhei@heimpold.de>
2016-10-27 19:24:38 +02:00
Jo-Philipp Wich
d1ae4c4958 config: ext4: drop option to set maximum number of inodes
There is very little practical use to limit the number of available inodes on
an ext4 filesystem and the make_ext4fs utility is able to calculate useful
defaults by itself.

Drop the option to make resulting ext4 filesystems more flexible by default.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Michael Heimpold <mhei@heimpold.de>
2016-10-27 19:24:38 +02:00
Jo-Philipp Wich
244955de16 include: image.mk: make ext4 reserved blocks percentage optional
Allow CONFIG_TARGET_EXT4_RESERVED_PCT to be empty as make_ext4fs is usually
able to figure out a suitable default.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Reviewed-by: Michael Heimpold <mhei@heimpold.de>
2016-10-27 19:24:38 +02:00
John Crispin
168adaefc2 linux/modules: drop ledtrig-netfilter
this is a duplicate of kmod-ipt-led

Signed-off-by: John Crispin <john@phrozen.org>
2016-10-27 15:29:36 +02:00
John Crispin
0ec48b883c openvpn: add handling for capath and cafile
Signed-off-by: John Crispin <john@phrozen.org>
2016-10-27 15:19:59 +02:00
Rafał Miłecki
bc6be3e953 brcm47xx: add support for per-device rootfs
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-27 13:25:51 +02:00
Daniel Engberg
dc8605b7f7 package/network/utils/ipset: Update to 6.30
Updates to 6.30

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-27 13:16:50 +02:00
Alberto Bursi
a8b9fbee24 util-linux: disc -> Disc and moved some packages
Capitalized "disc" submenu name as all submenu names are capitalized (apart from "database", but I'll fix that
later).

moved "swap-utils" to Filesystem submenu as it is "formatting" a partition as swap so it looks out of place in Disc.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-27 12:45:05 +02:00
Ben Greear
6408ea0486 ath10k-ct: Add QCA9888/9886 support, fix compat issue.
This should fix problems with latest backports, and also adds
driver support for QCA9888 chipset.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2016-10-27 12:45:05 +02:00
Chris Blake
b745bfa6dc base-files: Ensure reset only works if an overlay exists
Currently the reset script will try to run jffs2reset on boards that are
running a rw rootfs, such as ext4. This will cause jffs2reset to fail
and the board to never reboot while the LED blinks until a manual
reboot.

This commit does two different things:
1. Disables reset on boards that do not have an overlay mount
2. Disables the Blinking LED after 5 seconds if the board does not
support reset

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2016-10-27 12:45:05 +02:00
John Crispin
83ece71d63 netifd: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-10-27 12:45:05 +02:00
Paul Wassi
776aa91b0f uboot-kirkwood: fix default bootcmd for Seagate Dockstar
Fix the default value for the 'bootcmd' environment variable.
Therefore make the default bootcmd work for buildbot's images.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-10-27 12:45:02 +02:00
Paul Wassi
705240eeb5 uboot-kirkwood: bump to upstream 2016.09.01
Bump U-Boot for Kirkwood to upstream 2016.09.01. Local patches
cleaned up and reworked.

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-10-27 12:44:54 +02:00
Koen Vandeputte
d9c3727288 imx6: Add ds1672 RTC to kernel for working hctosys (Gateworks)
Fixes the same hctosys init issue as described in commit
5481ce9a11

The Gateworks Ventana family uses an emulated Dallas 1672
RTC device.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2016-10-27 00:34:01 +02:00
Stijn Tintel
e3875350f3 ar71xx: add support for D-Link DAP-2695 rev. A1
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
2016-10-27 01:50:42 +03:00
Stijn Tintel
6b0d279ca5 ar71xx: build relocate stub for generic and legacy images
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
2016-10-27 01:50:42 +03:00
Stijn Tintel
e19427bd79 ar71xx/base-files: rename 09_fix-trx-header 09_fix-checksum
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
2016-10-27 01:50:42 +03:00
Stijn Tintel
9dfed03c35 mtd: add fixwrgg command
Based on fixseama.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
2016-10-27 01:50:42 +03:00
Stijn Tintel
dec29082e0 mtd: fix endianness detection on musl
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
2016-10-27 01:50:42 +03:00
Stijn Tintel
136319e72d kernel: mtdsplit: add support for WRGG images
Support splitting WRGG images, found in some D-Link devices (e.g.
DAP-2695).

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
2016-10-27 01:50:42 +03:00
Stijn Tintel
55eb6ed061 firmware-utils: mkwrggimg: new tool for D-Link DAP-2695
Based on mkwrgimg.c.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
2016-10-27 01:50:42 +03:00
Hans Dedecker
a35f9bbc43 dnsmasq: Multiple dnsmasq instances support
Adds support in uci for configuring multiple dnsmasq instances via
multiple dnsmasq sections.
The uci sections host, boot, mac, tag, vendorclass, userclass,
circuitid, ... will refer to a dnsmasq instance via the instance
parameter defined in the section; if the instance parameter is
not specified backwards compatibility is preserved.

Start/Stopping a dnsmasq instance can be achieved by passing the
dnsmasq instance name as argument to start/stop via the init script.

Multiple dnsmasq instances is usefull in scenarios where you want to
bind a dnsmasq instance to an interface in order to isolate networks.

This patch is a rework of a multiple dnsmasq instance patch by Daniel Dickinson

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-10-26 17:53:53 +02:00
Jo-Philipp Wich
f2752f4735 grub2: add missing SECTION variable and remove non breaking space
Fix metadata scan failure in the grub2 package by removing an unexpected
invisible space character and by adding back the missing SECTION variable
which was removed with d140648.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-26 17:53:53 +02:00
Hans Dedecker
311682905e ipip: Support fqdn as remote tunnel endpoint
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-10-26 17:53:53 +02:00
Hannu Nyman
9097dc5ad8 uhttpd: create self-signed certificates with unique subjects
Add a partially random O= item to the certificate subject in order
to make the automatically generated certificates' subjects unique.

Firefox has problems when several self-signed certificates
with CA:true attribute and identical subjects have been
seen (and stored) by the browser. Reference to upstream bugs:
https://bugzilla.mozilla.org/show_bug.cgi?id=1147544
https://bugzilla.mozilla.org/show_bug.cgi?id=1056341
https://bugzilla.redhat.com/show_bug.cgi?id=1204670#c34

Certificates created by the OpenSSL one-liner fall into that category.

Avoid identical certificate subjects by including a new 'O=' item
with CommonName + a random part (8 chars). Example:
/CN=LEDE/O=LEDEb986be0b/L=Unknown/ST=Somewhere/C=ZZ

That ensures that the browser properly sees the accumulating
certificates as separate items and does not spend time
trying to form a trust chain from them.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-10-26 15:16:52 +02:00
Hannu Nyman
82132540a3 uhttpd: prefer px5g for certificate creation
Prefer the old default 'px5g' for certificate creation
as Firefox seems to dislike OpenSSL-created certs.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-10-26 15:16:51 +02:00
Baptiste Jonglez
89817614bb netifd: Request DHCP option 121 (classless route) by default
This option, defined by RFC3442, allows a DHCP server to send static
routes to a client.  But the client has to request this option
explicitely.

Static routes are useful when the gateway configured by DHCP cannot be
in the same subnet as the client.  This happens, for instance, when
using DHCP to hand out addresses in /32 subnets.

A new configuration option "classlessroute" is available, allowing
users to disable this feature (the option defaults to true).

Other DHCP clients already request this option by default (dhcpcd, for
instance, and possibly Windows).  If a DHCP server does not support
this option, it will simply ignore it.

Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
2016-10-26 15:16:51 +02:00
Simon Hailes
86c6b07e15 wwan: rename data files
This is to ensure that git can be cloned onto a windows drive without failing.

Signed-off-by: Simon Hailes <btsimonh@googlemail.com>
2016-10-26 15:16:51 +02:00
Simon Hailes
a2361eebfd usbmode: rename data files
This is to ensure that git can be cloned onto a windows drive without failing.

Signed-off-by: Simon Hailes <btsimonh@googlemail.com>
2016-10-26 15:16:51 +02:00
Chuanhong Guo
c5a7e2c2fb ar71xx: Ignore firmware building errors of UBNT and CyberTAN devices
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2016-10-26 14:07:20 +02:00
Alberto Bursi
9275964e1d px5g-standalone: move to Encryption submenu and fix Title
moved px5g-standalone to Encryption submenu of Utilities.
Fixed title by removing the first "standalone" word from title.
The name is now consistent with other px5g packages, it is also shorter and will be shown in make menuconfig.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 14:06:52 +02:00
Alberto Bursi
7fa89d7f3c px5g: move to Encryption submenu
moved px5g to Encryption submenu of Utilities, in an effort to tidy up a bit the Utilities section of make menuconfig.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-26 14:06:48 +02:00
André Valentin
ebd7e565c7 package/uboot-envtools: Add support for ZyXEL NBG6817
Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:47 +02:00
André Valentin
783875f18b package/basefiles: add mkfs.ext4 and losetup binaries to ramfs list
mkfs.ext4 und losetup are needed for sysupgrade support on mmc devices
with automatic rootfs split (loopback device usage).

Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:47 +02:00
André Valentin
1465bebd74 ipq806x/nbg6817: add sysupgrade support
Add new way of flashing to mmc devices based on rootfs split with loop devices.

Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:47 +02:00
André Valentin
d8059e3a30 linux/mtd: add id for mx25u3235f needed by ZyXEL NBG6817
Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:47 +02:00