Commit graph

608 commits

Author SHA1 Message Date
Hauke Mehrtens
c481774298 curl: update to version 7.53.1
This fixes the following security problem:
* CVE-2017-2629 SSL_VERIFYSTATUS ignored

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-03-13 21:03:07 +01:00
Felix Fietkau
055e9dfb58 xtables-addons: fix build error on ARC
The kernel unconditionally pulls in a header file that defines
'current', which conflicts with the lua extension code.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-12 15:06:50 +01:00
Florian Fainelli
30159b3886 rssileds: Fix build with external toolchains
Pass down TARGET_CPPFLAGS for path to header files, and append the
libraries we depend on in TARGET_LDFLAGS. Put TARGET_LDFLAGS at the end
of the command line as is required by modern GCC/binutils.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-03-01 17:19:52 -08:00
Hsing-Wang Liao
a29163faab wireless-tools: Change download url to github
Signed-off-by: Hsing-Wang Liao <kuoruan@gmail.com>
2017-02-28 20:22:10 +01:00
Kevin Darbyshire-Bryant
c8ac9c09f9 iftop: bump to latest upstream
Drops a LEDE carried patch now upstream.
Convert to autotools.
A number of nits fixed upstream (dns & short packet handling most
notable)

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-02-26 08:41:08 +01:00
Felix Fietkau
3e41afda56 iw: sync nl80211.h with mac80211 package
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-24 12:17:45 +01:00
Ansuel Smith
d1a75c5161 ebtables: update to last commit
Refreshed patches

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2017-02-15 11:28:57 +01:00
Felix Fietkau
c22255e50e tcpdump: fix tcpdump-mini build on glibc 2.25
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-11 18:07:24 +01:00
Daniel Engberg
2faa1edd91 iperf3: Update to 3.1.6
Update to 3.1.6

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-02-09 12:26:36 +01:00
Hauke Mehrtens
985c90d102 tcpdump: update to version 4.9.0
This fixes the following 41 security problems:
 + CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
 + CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
 + CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
 + CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
 + CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
 + CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
 + CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
 + CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
 + CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
 + CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
 + CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
 + CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
 + CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
 + CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
 + CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
 + CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
 + CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
 + CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
 + CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
 + CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
 + CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
 + CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
 + CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
 + CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
 + CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
 + CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
 + CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
 + CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
      buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
      lightweight resolver protocol, PIM).
 + CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
 + CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
 + CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
 + CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
 + CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
 + CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
 + CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
 + CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
      OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
      print-ether.c:ether_print().
 + CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
 + CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
 + CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
 + CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
 + CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().

The size of the package is only incread very little:
new size:
306430 tcpdump_4.9.0-1_mips_24kc.ipk
130324 tcpdump-mini_4.9.0-1_mips_24kc.ipk

old size:
302782 tcpdump_4.8.1-1_mips_24kc.ipk
129033 tcpdump-mini_4.8.1-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-02-06 22:33:58 +01:00
Felix Fietkau
a112786acb xtables-addons: update to version 2.12
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-01 17:49:53 +01:00
Kevin Darbyshire-Bryant
bdd1fad9e3 iproute2: cake: update cake support
Updated cake's tc patch to match the official cake repository
formatting.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-01-30 16:30:41 +01:00
Kevin Darbyshire-Bryant
a40f3f90d6 iproute2: cake: add 'mpu' minimum packet length support
Add 'mpu' minimum length packet size parameter for scheduling/bandwidth
accounting.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-01-26 15:46:01 +01:00
Stijn Segers
b65572fee9 curl: fix HTTPS network timeouts with OpenSSL
Backport an upstream change to fix HTTPS timeouts with OpenSSL.
Upstream curl bug #1174.

Signed-off-by: Stijn Segers <francesco.borromini@inventati.org>
[Jo-Philipp Wich: reword commit message, rename patch to 001-*]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-16 19:39:42 +01:00
Felix Fietkau
f44663c673 uqmi: mark as nonshared because of the usb dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:09 +01:00
Felix Fietkau
185b06f04a umbim: mark as nonshared because of the usb dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:08 +01:00
Felix Fietkau
1ca31b0931 comgt: mark as nonshared because of the usb dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 12:08:08 +01:00
Felix Fietkau
1ad30be982 Revert the recent dependency and metadata scanning rework
This reverts the following commits:
fbe522d120
278ad007ee
863888e44f
96daf6352f
cfd83555fc

This seems to trigger some mconf bugs when built with all feeds
packages, so I will try to find a less intrusive solution before the
release.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 19:48:09 +01:00
Felix Fietkau
fbe522d120 comgt: allow build without USB_SUPPORT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 18:24:40 +01:00
Felix Fietkau
278ad007ee umbim: allow build without USB_SUPPORT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 18:24:40 +01:00
Felix Fietkau
863888e44f uqmi: allow build without USB_SUPPORT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 18:24:40 +01:00
Stijn Tintel
c687a70fdf iwinfo: drop references to madwifi
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2017-01-10 13:01:26 +01:00
Felix Fietkau
84bd74057f build: use mkhash to replace various quirky md5sum/openssl calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-05 11:09:12 +01:00
Rosen Penev
558680012d curl: Remove PolarSSL and adjust default to mbedTLS
luci-ssl has already made the switch since mainline support for PolarSSL is
almost over (2016).

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-01-03 14:26:41 +01:00
Hauke Mehrtens
1436e15488 curl: update to version 7.52.1
This fixes the folowing security problems:

CVE-2016-9586: printf floating point buffer overflow
CVE-2016-9952: Win CE schannel cert wildcard matches too much
CVE-2016-9953: Win CE schannel cert name out of buffer read
CVE-2016-9594: unititialized random

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-01-02 13:07:10 +01:00
Felix Fietkau
c7c1cf5618 treewide: clean up and unify PKG_VERSION for git based downloads
Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-22 16:42:21 +01:00
Florian Eckert
6c82f8a483 uqmi: add plmn set functionality for netifd proto handler
uqmi has the possibility to allow the modem to start a regsitration
process only to this specified plmn

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-12-22 15:03:58 +01:00
Cezary Jackiewicz
83eca5d8b7 comgt-ncm: fix typo Fix typo in ncm.sh. Resolves:
Wed Dec 21 09:55:54 2016 daemon.notice netifd: wan (4455): ./ncm.sh: eval: line 1: =IP: not found

Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
2016-12-22 15:02:35 +01:00
Kevin Darbyshire-Bryant
197b11f325 iproute2: tc - update cake support
Update tc to track upstream cake changes:

diffserv3 - a simple 3 tin classifier

Also make diffserv3 and triple-isolate default

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-20 09:35:36 +01:00
Nickolay Ledovskikh
600d648a0d uqmi: Prevent 'POLICY MISMATH' error.
Add uqmi 'sync' command call to release stalled cid when preparing to
setup new connection. As a result it prevents 'POLICY MISMATCH' errors.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:36 +01:00
John Crispin
4146047eaf uqmi: bump to latest git HEAD
8ceeab6 uqmi: Change returned value to QMI_CMD_REQUEST for 'sync' command.
1dc7be1 uqmi: Add sync command to release all cids.

Signed-off-by: John Crispin <john@phrozen.org>
2016-12-20 09:35:35 +01:00
Nickolay Ledovskikh
6439e39677 uqmi: add support of using device symlinks.
It's useful when using multiple usb devices that should be bound to
certain usb ports. Symlinks are created by hotplug handlers.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:35 +01:00
Nickolay Ledovskikh
13ab314b0b comgt: add support of using device symlinks.
It's useful when using multiple usb devices that should be bound to
certain usb ports. Symlinks are created by hotplug handlers.

Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
2016-12-20 09:35:35 +01:00
Felix Fietkau
720b99215d treewide: clean up download hashes
Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-16 22:39:22 +01:00
Matti Laakso
5bd3b9dfc0 comgt-ncm: Add support for specifying profile index
Add support for specifying a call profile index instead of APN. A
specific index different from 1 must be used for some service
provider and modem combinations.

In addition, change the manufacturer detection to use the standard
AT+CGMI command, which produces more predictable output than ATI,
remove the redundant ipv6 option, since it is less ambiguous to
directly specify the PDP context type with mobile connections, and
fix missing device during teardown when using ncm through the wwan
proto.

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
2016-12-14 10:37:01 +01:00
Matti Laakso
2e2748b053 uqmi: Add support for specifying profile index
Update uqmi to latest version, which brings about support for
specifying a call profile index instead of APN. A specific index
different from 1 must be used for some service provider and modem
combinations.

Also change option dhcp to dhcpv6, since IPv4 now always uses DHCP,
replace option ipv6 with pdptype, which is less ambiguous, and
make autoconnect optional and default it to off for IPv6 due to it
not working with statically configured IPv6.

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
2016-12-14 10:37:01 +01:00
Jo-Philipp Wich
e2f8d200f5 netfilter: drop proprietary xt_id match
The xt_id match was used by the firewall3 package to track its own rules but
the approach has been changed to use xt_comment instead now, so we can drop
this nonstandard extension.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-12-14 01:05:06 +01:00
Kevin Darbyshire-Bryant
88f8c8d7eb iproute2: support latest cake & restore DSCP washing
Support new packet overhead passing paradigm in cake qdisc, also restore
DSCP wash/nowash keywords.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-12-12 16:42:06 +01:00
Felix Fietkau
b9ddf3098b tcpdump: reduce size of -mini by removing more infrequently used protocols
This removes:
- BGP
- CDP
- SCTP

MIPS binary .ipk size is reduced from ~150k to ~130k

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-12 10:22:20 +01:00
p-wassi
a4a00d794f net/utils/tcpdump: update to 4.8.1
Update tcpdump to upstream release 4.8.1

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
2016-12-12 10:22:19 +01:00
Hauke Mehrtens
4e07167eff curl: update to version 7.51.0
This fixes the following security problems:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-12-03 16:38:44 +01:00
Felix Fietkau
4d448cf720 xtables-addons: add CONFIG_NF_CONNTRACK_MARK=y to all kmod-* packages
Not all kmod packages depends on kmod-ipt-compat-xtables, but this
kernel config option is required for building the whole package

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-01 14:24:03 +01:00
Rafał Miłecki
e8fe83e1be iw: drop TX power patch that is part of upstream version now
Applying it again was resulting in duplicated TX info like:
Interface wlan0
        ifindex 6
        wdev 0x1
        addr 00:23:6a:a3:7d:00
        ssid LEDE2
        type AP
        wiphy 0
        channel 11 (2462 MHz), width: 20 MHz, center1: 2462 MHz
        txpower 31.00 dBm
        txpower 31.00 dBm

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-29 08:39:57 +01:00
Julian Kornberger
04a76da1ae ipset: Add InstallDev to provide libipset as library 2016-11-26 22:39:27 +01:00
Ralph Sennhauser
32cfd3bd50 arptables: bump to 2015-05-20
This fixes building with musl and drops the dependency on the OpenWrt
kernel-header patches:

  270-uapi-kernel.h-glibc-specific-inclusion-of-sysinfo.h.patch
  271-uapi-libc-compat.h-do-not-rely-on-__GLIBC__.patch
  272-uapi-if_ether.h-prevent-redefinition-of-struct-ethhd.patch

Use the new upstream location at netfilter.org and use a define instead
of a patch to "optimize".

See also: https://git.netfilter.org/arptables/log/

Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
[Jo-Philipp Wich: add mirror SHA256 sum]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-14 13:14:30 +01:00
Jo-Philipp Wich
dc7c9f590a conntrack-tools: update to v1.4.4
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-14 13:03:53 +01:00
Rafał Miłecki
fc93494066 iw: fix build error caused by redeclaration of NL80211_ATTR_PAD
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Fixes: 7aff00ab19 ("iw: update to version 4.9")
2016-11-12 16:30:06 +01:00
Rafał Miłecki
7aff00ab19 iw: update to version 4.9
This adds support for "channels" command which displays more details
about channels. It includes e.g. info about available widths.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-12 16:09:19 +01:00
Rafał Miłecki
7305b55588 iw: update to version 4.7
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-11-12 16:04:16 +01:00
Christian Lamparter
9c91335dc7 iperf3: update to version 3.1.4
"This release fixes a few minor bugs, including a
(non-security-impacting) buffer overflow fix ported
from upstream cjson."
<http://software.es.net/iperf/news.html#iperf-3-1-4-released>

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-08 11:17:11 +01:00
Alberto Bursi
e4fef72244 comgt: move to WWAN submenu, fixed link
moving comgt and its modules to WWAN submenu to join uqmi as both are tools for WWAN modems.

I replaced the link with comgt's ubuntu manpage because the old link isn't working anymore.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Alberto Bursi
9abdeee0b7 uqmi: moved to WWAN submenu
Moving uqmi to WWAN submenu

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-08 11:17:10 +01:00
Cezary Jackiewicz
862e7fb7b3 gcom: Fix 'mode' option for ncm
For Huawei devices like E3372 proper command for set lte mode is:

AT^SYSCFGEX="03",3fffffff,2,4,7fffffffffffffff,,

Eval is required for proper quotation.

Without this fix:

Fri Nov  4 19:07:49 2016 daemon.notice netifd: Interface 'wan' is setting up now
Fri Nov  4 19:07:52 2016 daemon.notice netifd: wan (2060): sending -> AT
Fri Nov  4 19:07:52 2016 daemon.notice netifd: wan (2060): sending -> ATZ
Fri Nov  4 19:07:53 2016 daemon.notice netifd: wan (2060): sending -> ATQ0
Fri Nov  4 19:07:53 2016 daemon.notice netifd: wan (2060): sending -> ATV1
Fri Nov  4 19:07:54 2016 daemon.notice netifd: wan (2060): sending -> ATE1
Fri Nov  4 19:07:55 2016 daemon.notice netifd: wan (2060): sending -> ATS0=0
Fri Nov  4 19:07:55 2016 daemon.notice netifd: wan (2060): sending -> AT+CGDCONT=1,"IP","internet"
Fri Nov  4 19:07:57 2016 daemon.notice netifd: wan (2060): sending -> AT^SYSCFGEX=\"03\",3fffffff,2,4,7fffffffffffffff,,
Fri Nov  4 19:07:58 2016 daemon.notice netifd: wan (2060): Error running AT-command
Fri Nov  4 19:07:58 2016 daemon.notice netifd: wan (2060): Failed to set operating mode
Fri Nov  4 19:07:58 2016 daemon.notice netifd: wan (2092): Stopping network
...

With this fix:

Fri Nov  4 19:10:59 2016 daemon.notice netifd: Interface 'wan' is setting up now
Fri Nov  4 19:11:01 2016 daemon.notice netifd: wan (2539): sending -> AT
Fri Nov  4 19:11:01 2016 daemon.notice netifd: wan (2539): sending -> ATZ
Fri Nov  4 19:11:02 2016 daemon.notice netifd: wan (2539): sending -> ATQ0
Fri Nov  4 19:11:03 2016 daemon.notice netifd: wan (2539): sending -> ATV1
Fri Nov  4 19:11:03 2016 daemon.notice netifd: wan (2539): sending -> ATE1
Fri Nov  4 19:11:04 2016 daemon.notice netifd: wan (2539): sending -> ATS0=0
Fri Nov  4 19:11:05 2016 daemon.notice netifd: wan (2539): sending -> AT+CGDCONT=1,"IP","internet"
Fri Nov  4 19:11:06 2016 daemon.notice netifd: wan (2539): sending -> AT^SYSCFGEX="03",3fffffff,2,4,7fffffffffffffff,,
Fri Nov  4 19:11:07 2016 daemon.notice netifd: wan (2539): sending -> AT^NDISDUP=1,1,"internet"
Fri Nov  4 19:11:08 2016 daemon.notice netifd: wan (2539): Connected, starting DHCP on wwan0
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan' is now up
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Network device 'wwan0' link is up
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Network alias 'wwan0' link is up
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' is enabled
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' has link connectivity
Fri Nov  4 19:11:08 2016 daemon.notice netifd: Interface 'wan_4' is setting up now
...

Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
2016-11-08 05:49:58 +01:00
Jo-Philipp Wich
eb10b13f16 iproute2: rename ip to ip-tiny and let both ip-tiny and ip-full provide "ip"
Rename the "ip" package declaration to "ip-tiny" and let both "ip-tiny" and
"ip-full" provide the virtual "ip" package. This allows users to freely choose
the "ip" command variant while other packages can continue to depend on "ip"
without needing to enforce a specific variant.

Note that this commit does not add busybox as "ip" provider due to
the following reasons:

 - The builtin Busybox ip applet cannot be added or removed at runtime
 - Both "ip-tiny" and "ip-full" are able to install without file clashes even
   if the busybox applet is enabled
 - The system is preferring full "ip-tiny" and "ip-full" at runtime, even
   if Busybox ip is still present.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-02 02:33:30 +01:00
Daniel Engberg
dc8605b7f7 package/network/utils/ipset: Update to 6.30
Updates to 6.30

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-27 13:16:50 +02:00
Simon Hailes
86c6b07e15 wwan: rename data files
This is to ensure that git can be cloned onto a windows drive without failing.

Signed-off-by: Simon Hailes <btsimonh@googlemail.com>
2016-10-26 15:16:51 +02:00
Marcin Jurkowski
85fbffd74b qmi: add metric, defaultroute and peerdns options for qmi protocol
Adds generic network options for qmi protocol dynamic interfaces
as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

IPv6-related code taken from Bruno's patch https://patchwork.ozlabs.org/patch/584816.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
Signed-off-by: Bruno Randolf <br1@einfach.org>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
35129469ca mbim: add metric, defaultroute and peerdns options for mbim protocol
Adds generic network options for mbim protocol dynamic interfaces
as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
72eb2b8e22 comgt: add metric, defaultroute and peerdns options for directip protocol
Adds generic network options for directip protocol dynamic interfaces
as suggested by Felix in
https://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2016-10-26 12:37:46 +02:00
Marcin Jurkowski
c560d25d19 comgt: add metric, defaultroute and peerdns options for ncm protocol
Adds generic network options for ncm protocol dynamic interfaces
as suggested by Felix in
http://lists.openwrt.org/pipermail/openwrt-devel/2016-February/039794.html.

This depends on netifd patch https://patchwork.ozlabs.org/patch/686820/.

Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
2016-10-26 12:37:46 +02:00
Felix Fietkau
be7f2abb60 iperf: used an updated renamed tarball instead of main upstream URL
iperf upstream added some bugfixes to the already released 2.0.9 version
without changing the filename. This conflicts with old mirrored files
and the hash that we previously used.
To avoid conflict, use a renamed tarball from mirror2.openwrt.org
containing the new upstream changes

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-17 11:16:31 +02:00
Alexandru Ardelean
a24442c4f3 network/utils/maccalc: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
0af93f8f30 network/utils/rssileds: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
808a618bc4 network/utils/resolveip: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
964f8bc4e5 network/utils/owipcalc: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Alexandru Ardelean
3f8598feaf network/utils/iwcap: drop Build/Prepare rule in favor of default one
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2016-10-15 11:36:52 +02:00
Daniel Engberg
3a136f5c56 packages/network/utils/wpan-tools: Update to 0.7
* Updates to 0.7
* Switches tarball to xz

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:50 +02:00
Daniel Engberg
87002c0646 package/network/utils/ipset: Update to 6.29
Updates to 6.29

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-15 11:36:50 +02:00
Felix Fietkau
db47363ff7 uqmi: re-enable autoconnect which was dropped without explanation
Fixes a regression in commit 8f24ee6382:
"uqmi: Add proper IPv6 support"

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-12 11:58:59 +02:00
Felix Fietkau
3b9b963e6e uqmi: always use DHCP for IPv4
Commit 8f24ee6382 ("uqmi: Add proper IPv6 support") changed the code
to fetch the IPv4 address via QMI by default instead of using DHCP to
make it consistent with the IPv6 codepath.
This breaks on at least some Sierra Wireless cards, where data exchanges
fail to work until the host has fetched a DHCP lease.
Leave v6 as it is, but always use DHCP for v4.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-10-12 11:58:57 +02:00
Daniel Engberg
9edfe7dd13 source: Switch to xz for packages and tools where possible
* Change git packages to xz
* Update mirror checksums in packages where they are used
* Change a few source tarballs to xz if available upstream
* Remove unused lines in packages we're touching, requested by jow- and blogic
* We're relying more on xz-utils so add official mirror as primary source, master site as secondary.
* Add SHA256 checksums to multiple git tarball packages

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-10-06 12:16:56 +02:00
Kevin Darbyshire-Bryant
4ef1144958 iproute2: tc cake qdisc add nat, docsis & ptm modes
Add cake nat de-masquerading mode: nat, nonat.
Also docsis & ptm overhead related keywords: nat, nonat,
ptm, docsis-downstream-ip, docsis-downstream, docsis-upstream-ip
& docsis-upstream.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-10-04 11:50:48 +02:00
Kevin Darbyshire-Bryant
34c2726ca7 iproute2: fix no fortify build failure
Fix rt_names build failure when FORTIFY_SOURCE disabled.
Include limits.h which otherwise gets automatically included
by fortify headers.

Solves FS #194

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-09-30 10:15:28 +02:00
Jo-Philipp Wich
875cddd94c iwinfo: fix WPA cipher reporting
Within the Lua binding, use the same logic as the command line interface for
reporting the used WPA ciphers. Instead of printing the intersection of
pairwise and group ciphers, report both group and pairwise ciphers.

This fixes a case where a connection which uses CCMP for pairwise and TKIP
as groupwise cipher is getting reported as using the NONE cipher.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-27 16:23:48 +02:00
Hauke Mehrtens
df9efc9497 curl: update to version 7.50.3
This fixes the following security problems:
7.50.1:
 CVE-2016-5419 TLS session resumption client cert bypass
 CVE-2016-5420 Re-using connections with wrong client cert
 CVE-2016-5421 use of connection struct after free
7.50.2:
 CVE-2016-7141 Incorrect reuse of client certificates
7.50.3:
 CVE-2016-7167 curl escape and unescape integer overflows

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-24 13:48:05 +02:00
Florian Fainelli
559f55dffc iwinfo: Bump to 2016-07-29
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-09-19 15:30:32 +02:00
Felix Fietkau
8e0cb8f582 ebtables: fix build with glibc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-30 12:12:34 +02:00
Felix Fietkau
18c7d1c626 dante: remove -D_GNU_SOURCE to fix build errors with current glibc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-30 12:12:34 +02:00
Felix Fietkau
98206cb9c6 iperf: add -lm to fix build with newer glibc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-30 10:51:21 +02:00
Felix Fietkau
b0dcb6bfed iperf: drop PKG_BUILD_DIR override
No longer necessary since the removal of build variants

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-30 10:51:21 +02:00
Jo-Philipp Wich
885910225d iwinfo: mark as nonshared
The iwinfo library might get compiled with different backends, depending on
the driver selection of the current target, so mark it as nonshared to avoid
broken libiwinfo support on other targets with same cpu architecture but
different wireless driver types.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-08-25 16:51:57 +02:00
Felix Fietkau
2b0a1292f8 uqmi: update to the latest version, adds QMI-in-MBIM support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-24 15:16:01 +02:00
Felix Fietkau
56cf1adc50 kernel: remove esfq qdisc
It has been obsolete for years now

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 18:27:54 +02:00
Florian Eckert
109c55aea1 uqmi: add metric option to interface config
It is now possible to add an metric option for the qmi proto in dhcp mode.

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-07-26 08:39:36 +02:00
Florian Eckert
15867deac8 uqmi: fix option ipv6
If option ist not set then ipv6 is still enabled on this Interface.
Check if variable is zero will fix this issue.

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-07-26 08:39:36 +02:00
Hauke Mehrtens
bafeb90745 iperf3: update to version 3.1.3
old size:
iperf3_3.0.11-1_mips_34kc_dsp.ipk       30147

new size:
iperf3_3.1.3-1_mips_34kc_dsp.ipk        33640

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-24 15:05:50 +02:00
Hauke Mehrtens
9cbb51ff8c iperf: update to version 2.0.9
old size:
iperf_2.0.8-1_mips_34kc_dsp.ipk 27911

new size:
iperf_2.0.9-1_mips_34kc_dsp.ipk 28681

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-24 15:05:33 +02:00
Hauke Mehrtens
7d38128f6a curl: update to version 7.50.0
Changelog: https://curl.haxx.se/changes.html

old sizes:
libcurl_7.49.0-1_mips_34kc_dsp.ipk      97569
curl_7.49.0-1_mips_34kc_dsp.ipk         37925

new sizes:
libcurl_7.50.0-1_mips_34kc_dsp.ipk      97578
curl_7.50.0-1_mips_34kc_dsp.ipk         38017

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-07-24 15:04:13 +02:00
Kevin Darbyshire-Bryant
3dded42f05 iftop: fix mac address display
iftop would display portions of mac address with large ffffff prefixes.
Make if_hw_addr type consistent.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-07-11 14:19:47 +02:00
John Crispin
d643ee0260 umbim: update to latest git HEAD
Signed-off-by: John Crispin <john@phrozen.org>
2016-07-05 22:59:13 +02:00
Jo-Philipp Wich
dd9afb8207 iwinfo: fix nl80211 phy lookup without platform prefix
Commit d9b20a6f35 (SVN r48426) changed the
mac80211 phy lookup logic to strip the platform/ directory component from
the phy path specification.

Fix iwinfo to follow that logic by trying to lookup phys both with and
without "platform/" prefix.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-07-04 16:26:38 +02:00
Kevin Darbyshire-Bryant
6d7f54ccdb iproute2: cake AQM prepare tc for COBALT algorithm
Cake AQM is experimenting with a codel/blue hybrid AQM COBALT instead
of just using codel alone. This patch updates tc to cope with some new
stats produced by COBALT.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-06-30 00:43:03 +02:00
Jo-Philipp Wich
cb7aa4b1fe ebtables: fix segmentation fault due to uninitialized extension data
The ebtables code relies on the `-nostartfiles` linker argument to execute the
extension modules' `_init()` functions automatically which is not working
reliably across all supported targets and gcc versions.

Running an ebtables executable linked this way just crashes with a segmentation
fault at runtime on program startup, e.g. on ARM architectures.

In order to fix the issue ...
 - remove the use of the -nostartfiles linker flag
 - rename the init procedures to a generic name without implicit semantics
 - explicitely annotate those init procedures as constructors

The patch has been taken from the Alpine Linux distribution at
http://git.alpinelinux.org/cgit/aports/tree/main/ebtables/fix-extension-init.patch

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-24 15:59:36 +02:00
John Crispin
62dc9831d3 package/*: update git urls for project repos
Signed-off-by: John Crispin <john@phrozen.org>
2016-06-13 22:51:41 +02:00
Felix Fietkau
a88fc0db9d xtables-addons: add missing dependency
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-09 15:53:43 +02:00
Dirk Neukirchen
652ac2c6fd xtables-addons: update to 2.11
- fix compilation w. Kernel 4.6 due to
hash->shash crypto API
- remove a patch integrated upstream

- remove unrecognized configure option
removed upstream in 2010
commit 40d0345f1ed02de183b13a6ce38847bc1f4ac48e

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-06-07 23:03:11 +02:00
Jo-Philipp Wich
24a7ccb056 treewide: replace jow@openwrt.org with jo@mein.io
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-07 11:42:52 +02:00
Felix Fietkau
7eeb254cc4 treewide: replace nbd@openwrt.org with nbd@nbd.name
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-07 08:58:42 +02:00
Hannu Nyman
23147dd43a iproute2: Add support for cake qdisc
Add cake support to 'tc' in iproute2
  - Use a patch to modify tc instead of adding a new tc-adv package.
    Patch creates q_cake.c that matches commit 3314230bc4
  - Do not include the other things from tc-adv (cake0, cake2, pie etc.).

V2 - KDB Small update to base on latest cake tc changes (wash option
deprecated)
V3 - KDB Move kmod-sched-cake package to kernel as is kernel related
v4 - KDB Split into individual patches, tc & kmod

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Acked-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-06-06 14:58:11 +02:00
Daniel Engberg
32ae0da2b7 iproute2: Use URL alias
Remove hardcoded URLs and use alias instead.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-05-24 19:42:49 +02:00
Daniel Engberg
6e7403e1e6 iw: Use URL alias
Remove hardcoded URL and use alias instead.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2016-05-24 19:41:52 +02:00
Felix Fietkau
1d0d5ddb07 curl: remove axtls config option, the library does not exist in our tree
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-19 16:56:34 +02:00
Dirk Neukirchen
6aebc6b16b curl: update to 7.49
fixes:
 CVE-2016-3739: TLS certificate check bypass with mbedTLS/PolarSSL

- remove crypto auth compile fix
curl changelog of 7.46 states its fixed

- fix mbedtls and cyassl usability #19621 :
add path to certificate file (from Mozilla via curl) and
provide this in a new package

tested on ar71xx w. curl/mbedtls/wolfssl

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-05-19 16:56:34 +02:00
Felix Fietkau
e30608b736 iw: refresh patches
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-15 20:55:39 +02:00
Felix Fietkau
df93d53a4b mac80211: update to wireless-testing 2016-05-12
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-15 20:55:39 +02:00
Bert Vermeulen
34b6c8b075 iperf: Drop single-threaded variant
Signed-off-by: Bert Vermeulen <bert@biot.com>
2016-05-12 03:29:36 +02:00
Bert Vermeulen
b4a23f83f9 iperf: Upgrade to version 2.0.8
The original iperf package is unmaintained. This switches to the "iperf2"
project on sourceforge, a fork that started where the previous iperf left
off.

Version 2.0.8 fixes the issue that patch 002 handled, so that can be dropped.

Due to a faulty check in configure.ac, this version needs _GNU_SOURCE
defined to build properly against musl. Various other obsolete build
options were also removed.

Signed-off-by: Bert Vermeulen <bert@biot.com>
2016-05-12 03:29:36 +02:00
John Crispin
b8ab6af1a9 global: change my email address
Signed-off-by: John Crispin <john@phrozen.org>
2016-05-12 03:29:36 +02:00
Bert Vermeulen
fda951c443 iftop: Update to latest version, and drop patch
The patch made sure the ncursesw library was not selected to save space,
but that library doesn't exist in this distribution at all.

Signed-off-by: Bert Vermeulen <bert@biot.com>
2016-05-10 14:06:50 +02:00
Hans Dedecker
6a06cd8331 xtables-addons: Avoid redefinition of SHRT_MAX in lua packet script
Patch Lua packet script defines SHRT_MAX which is already defined in <linux/kernel.h> and
is included indirectly by lauxlib.h. Fix the redefintion as it leads to compile failure
on systems which treat macro redefinition as an error

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-05-02 18:28:01 +01:00
Hans Dedecker
b3f6c4b3ac iproute2: Add package for nstat utility
Add support for the command line utility nstat displaying network statistics

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-04-28 13:49:17 +02:00
Hans Dedecker
312cb987f9 xtables-addons: Fix Lua packet script implementation
lua_packet_segment parameter start has type char pointer; in function lua_tg
it's assigned an uint16 value generating compiler warnings obviously indicating
posssible seg fault problems. Fix the issue by using the correct skb functions
so the parameter points to the position inside the sk_buff

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Stijn Cleynhens <stijn.cleynhens@gmail.com>
2016-04-28 11:45:43 +02:00
John Crispin
fa69553900 branding: add LEDE branding
Signed-off-by: John Crispin <blogic@openwrt.org>
2016-03-24 22:40:13 +01:00
John Crispin
79c67071c6 xtables-addons: build: fix configure compatiblity with POSIX shells
Fixes build with /bin/sh pointing to certain versions of dash (for example
on Void Linux).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>

SVN-Revision: 49218
2016-04-21 19:47:26 +00:00
Hauke Mehrtens
a16ae0b6df curl: remove file accidentally committed in r49197
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49199
2016-04-19 20:18:50 +00:00
Hauke Mehrtens
012da658a4 oxnas: add support for Akitio MyCloud mini
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 49197
2016-04-19 20:12:41 +00:00
Hauke Mehrtens
fc7368fd82 curl: fix deprecated 'depends' syntax
This was introduced in r49183

Reported-by: swalker
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49192
2016-04-17 15:35:18 +00:00
Hauke Mehrtens
ba97a03d7d curl: add flags to allow gc-sections to strip out unused code
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49184
2016-04-17 12:51:57 +00:00
Hauke Mehrtens
a4d646cf15 curl: add config option for NTLM support
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49183
2016-04-17 12:51:41 +00:00
Hauke Mehrtens
a2b15e6c1d curl: upstep to latest version 7.48.0
Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49182
2016-04-17 12:51:19 +00:00
Hauke Mehrtens
9c394f4cbe linux-atm: activate format security checks
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 48786
2016-02-25 22:00:34 +00:00
Felix Fietkau
3f1c0c8ef7 iptables: using external kernel tree should not alter patch behaviour.
iptables is the only exception in the package tree, causing patch
behaviour to be inconsistent on this package.

Signed-off-by: Rick van der Zwet <rick.vanderzwet@anywi.com>

SVN-Revision: 48643
2016-02-07 13:29:27 +00:00
Hauke Mehrtens
3a2e25bc77 curl: add support for mbedtls
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 48615
2016-02-01 22:37:41 +00:00
Hauke Mehrtens
969ec949a8 curl: update curl to version 7.47.0
This fixes the following security problems:

CVE-2016-0754: remote file name path traversal in curl tool for Windows
http://curl.haxx.se/docs/adv_20160127A.html

CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use
http://curl.haxx.se/docs/adv_20160127B.html

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 48614
2016-02-01 22:37:05 +00:00
Felix Fietkau
29044db278 iproute2: refresh patches
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48613
2016-02-01 18:04:00 +00:00
Felix Fietkau
6af8f1429d iproute2: Update to version 4.4
Update iproute2 to latest version 4.4 with full MPLS support.

Signed-off-by: André Valentin <avalentin@marcant.net>

SVN-Revision: 48612
2016-02-01 18:03:54 +00:00
Jo-Philipp Wich
0ae15ad439 iwinfo: add support for VHT rates to Lua binding
Update to Git HEAD in order to include VHT rate support in the Lua binding.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48488
2016-01-25 15:04:29 +00:00
Jo-Philipp Wich
94d665239e iwinfo: add support for VHT rates
Update to upstream Git HEAD to include VHT rate support and a number of
coverity scan fixes.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48487
2016-01-25 14:31:32 +00:00
Jo-Philipp Wich
eda1ea9eaa iptables: improve iptables listing output of xt_id match
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48478
2016-01-24 18:01:40 +00:00
Felix Fietkau
98a9177342 linux-atm: add missing br2684ctl patch chunk
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48458
2016-01-23 15:24:19 +00:00
Felix Fietkau
f6e38ec125 br2684ctl: resolve a boot time race condition with nas0 bringup by using explicit notification when init is done
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48321
2016-01-18 15:35:30 +00:00
Felix Fietkau
262f054c6e br2684ctl: add support for notifying nas* bringup via a script
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48320
2016-01-18 15:35:24 +00:00
Felix Fietkau
3c8827fa7f iptables: fix rebuild errors on configuration changes
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48314
2016-01-18 13:21:32 +00:00
Felix Fietkau
495935a3b8 iproute2: remove odd conffiles generation
This was generating a conffiles list that included the binary
and CONTROL/ files.

Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>

SVN-Revision: 48296
2016-01-17 20:41:09 +00:00
Felix Fietkau
286e0917f3 uqmi: move to git.openwrt.org
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48124
2016-01-04 15:12:33 +00:00
Felix Fietkau
9cd6162b63 packages: use OPENWRT_GIT to point at the main openwrt git repo
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48118
2016-01-04 15:11:49 +00:00
Felix Fietkau
8e9eed3442 iproute2: update to 4.3.0
iproute2-4.0 had connmark support added by nbd.  This does not work
with 4.x kernels.  iproute2-4.3 is the latest version and has his
changes mainlined.  This patch updates the package to iproute2-4.3
and fixes the patches so that it compiles.  This should resolve
ticket #21374.

Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>

SVN-Revision: 48098
2016-01-03 20:56:45 +00:00
Nicolas Thill
98f27a223d dante: fix MD5SUM
MD5SUM is wrong, it was not updated during last update to v1.4.1.

Thanks to Daniel Dickinson <openwrt@daniel.thecshore.com> for reporting it.

Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 48017
2015-12-31 09:20:59 +00:00
John Crispin
a418d03d6d dante: update to 1.4.1
- 1.4.x has IPv6 support

- set C std explicitly due to gcc 5 changes/old code style of dante
- disable pam via configure vars since detection of without pam option
  is broken (-lpam gets linked in if available)
- remove and refresh patches

only compile tested

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>

SVN-Revision: 47926
2015-12-17 09:29:54 +00:00
Felix Fietkau
510f5a7209 linux-atm: add wrapper for br2684ctl to defer nasX device bringup
Fixes a race condition on netifd device bringup.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47891
2015-12-14 11:02:12 +00:00
Felix Fietkau
f2b0ae8698 br2684ctl: add atm-bridge disabled option
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47830
2015-12-10 14:40:55 +00:00
Felix Fietkau
47ecb5dfd2 br2684ctl: fix config reload trigger
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47829
2015-12-10 14:40:19 +00:00
Felix Fietkau
cbb1227c4c iw: add VHT80 support for 802.11s
Support next to the non-HT/HT channel widths like HT20 or NOHT also VHT80
channels during the mesh join

    iw dev mesh0 mesh join "meshnet" freq 5180 80MHz

Signed-off-by: Sven Eckelmann <sven@open-mesh.com>

SVN-Revision: 47782
2015-12-05 09:52:18 +00:00
Felix Fietkau
5425d27339 iw: add VHT80 support for IBSS
Signed-off-by: Sven Eckelmann <sven@open-mesh.com>

SVN-Revision: 47780
2015-12-05 09:52:02 +00:00
Felix Fietkau
9dd65e5493 iw: display interface TX power if available
Signed-off-by: Sven Eckelmann <sven@open-mesh.com>

SVN-Revision: 47779
2015-12-05 09:51:53 +00:00
Felix Fietkau
c9cb3f4d1c iw: sync nl80211.h with compat-wireless 2015-10-26
Fix the id of NL80211_ATTR_WIPHY_ANTENNA_GAIN for antenna_gain command when
using compat-wireless 2015-10-26.

Signed-off-by: Sven Eckelmann <sven@open-mesh.com>

SVN-Revision: 47778
2015-12-05 09:51:48 +00:00
Felix Fietkau
a86a5699d9 iw: update to version 4.3
Signed-off-by: Sven Eckelmann <sven@open-mesh.com>

SVN-Revision: 47777
2015-12-05 09:51:39 +00:00
Felix Fietkau
1d1265b40b br2684ctl: convert init script to procd, add hotplug/reload support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47765
2015-12-04 17:44:00 +00:00
Jonas Gorski
9c0ca6082d xtables-addons: update to 2.10
Fixes compilation with linux 4.4.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 47699
2015-12-02 22:19:11 +00:00
Hauke Mehrtens
e5ef5d7be4 iperf: activate format-security checks
This patch was taken from debian.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 47586
2015-11-22 14:18:40 +00:00
John Crispin
deff5fb6c8 conntrack-tools: create /etc/conntrackd directory
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 47571
2015-11-21 21:26:20 +00:00
John Crispin
b143506b17 conntrack-tools: use INSTALL_DIR once
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 47570
2015-11-21 21:26:12 +00:00
Felix Fietkau
970a393fd4 conntrack-tools: preserve /etc/conntrackd during upgrade
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 47480
2015-11-15 21:34:15 +00:00
Felix Fietkau
124b8c653f xtables-addons: update to 2.9
Fixes compilation with Linux 4.3. Runtime tested on Ubiquiti EdgeRouter
Lite with Linux 3.18, 4.1 and 4.3.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 47470
2015-11-15 21:33:07 +00:00
Felix Fietkau
4eb55d71de conntrack-tools: split into conntrack/conntrackd
as conntrack and conntrackd are completely independent programs,
serving a different purpose.

Also split by other distributions, as Debian and Ubuntu.

Signed-off-by: Ulrich Weber <uw@ocedo.com>

SVN-Revision: 47424
2015-11-08 20:39:49 +00:00
Felix Fietkau
1361a863df conntrack-tools: upgrade to 1.4.3
Signed-off-by: Ulrich Weber <uw@ocedo.com>

SVN-Revision: 47423
2015-11-08 20:39:44 +00:00
Felix Fietkau
17ce564107 conntrack-tools: remove default config file
default configuration will fill up disk by
writing /var/log/conntrackd-stats.log

Introduced due init script auto start.

Signed-off-by: Ulrich Weber <uw@ocedo.com>

SVN-Revision: 47422
2015-11-08 20:39:37 +00:00
Felix Fietkau
8ca8fd757a iproute2: always use -DHAVE_SETNS, since the old uclibc is gone now
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47358
2015-11-02 18:12:23 +00:00
Felix Fietkau
6de8a82f85 iproute2: fix compile with uClibc-ng
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 47291
2015-10-30 15:20:41 +00:00
Luka Perkov
75078acd93 cosmetic: remove trailing whitespaces
Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 47197
2015-10-15 22:12:13 +00:00
Luka Perkov
d57bba8560 iperf3: update URL
Update iperf3 to point to the correct project website. Prior URL was the
old iperf2 website.

Signed-off-by: Karl Palsson <karlp@remake.is>

SVN-Revision: 47184
2015-10-11 22:41:30 +00:00
Jo-Philipp Wich
cd8a615d4f iwinfo: nl80211: add support for reading TX power from netlink
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 47108
2015-10-05 09:10:17 +00:00
Steven Barth
79494ae8e8 iproute2: adapt coexistence layer to new unified path
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 47081
2015-10-02 08:24:35 +00:00
Steven Barth
836d462b10 package: Remove dependencies to kmod-ipv6
Since r46834, IPv6 support is builtin if selected. Therefor, dependencies
on kmod-ipv6 can no longer be fulfilled, since it is not a module anymore.

Signed-off-by: Arjen de Korte <arjen+openwrt@de-korte.org>

SVN-Revision: 47022
2015-09-21 21:15:41 +00:00
Felix Fietkau
d4760cd9b4 uqmi: Add qmi.sh executable bit and fix option dhcp
Using protocol qmi does not work since qmi.sh is not executable.
Setting option dhcp explicitely to 0 actually enables it.
This patch fixes both problems.

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>

SVN-Revision: 47014
2015-09-21 17:40:59 +00:00
Felix Fietkau
c2babe7cb2 iw: restore limited event monitor functionality (#20546)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47006
2015-09-18 13:40:03 +00:00
Steven Barth
3c335bb439 ppp: use more reliable way to set script environment
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46942
2015-09-15 14:52:47 +00:00
Hauke Mehrtens
1d05e2962f wpan-tools: bump to wpan-tools-0.5
Signed-off-by: Varka Bhadram <varkabhadram@gmail.com>

SVN-Revision: 46888
2015-09-11 20:52:35 +00:00
Steven Barth
60a96cfdb7 comgt-ncm: Add possibility to choose PDP context type
By setting the option pdptype to IP, IPV6 or IPV4V6 the user can
choose the context type between IPv4, IPv6 and dual stack,
respectively. The default setting is dual stack, except if option
ipv6=0 is specified, in which case IPv4 context is the default.
This allows for an out-of-the-box IPv6 support with modems
utilizing NCM-like protocols.

While we are at it, also add commands for Sierra DirectIP modems
(currently untested), which will allow us to drop the separate
comgt-directip package (once tested and verified working).

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>

SVN-Revision: 46844
2015-09-11 06:46:42 +00:00
Steven Barth
8f24ee6382 uqmi: Add proper IPv6 support
Use the new --ip-family option to start both IPv4 and IPv6 sessions
by default. Autoconnect can't be used when starting two sessions,
so revert back to using the client IDs and packet data handles for
handling the network connection.

Some modem firmwares do not implement a RA server, therefore by
default use outband IP configuration and static addressing. Some
other firmwares report bogus IP configuration with the WDS get
current settings command. In this case inband configuration with
DHCP/RA can be optionally enabled by setting option dhcp to 1.

Per 3GPP standard a /64 prefix is served to all clients, which is
extended to LAN as specified in RFC 7278.

v2: Restrict the IPv6 gateway route source address
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>

SVN-Revision: 46843
2015-09-11 06:46:40 +00:00
Steven Barth
579fe7f52a iproute2: improve ip-full coexistence, remove rt_table
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46831
2015-09-08 17:44:17 +00:00
Felix Fietkau
48fe93ea6b iw: reduce size even more (~12k after gzip)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46818
2015-09-08 11:48:48 +00:00
Steven Barth
f96bf30dc6 comgt/umbim/uqmi: enable RFC 7278 for 3g/4g by default
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46780
2015-09-03 15:53:40 +00:00
John Crispin
eb42485093 iwinfo: update to latest git HEAD
adds extra station info reporting

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 46669
2015-08-17 11:25:51 +00:00
Felix Fietkau
29de31f8ba iw: update to version 4.1
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46534
2015-07-31 19:49:22 +00:00
Jonas Gorski
46a69e96a4 xtables-addons: update to 2.7 to fix compilation with 4.1
Also drop the configure (not .ac) patch part as autoreconf will
overwrite it anyway with a newly generated version.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>
Acked-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 46385
2015-07-15 14:41:45 +00:00
Felix Fietkau
1c8148a858 ebtables: fix miscompilation on 64bit targets
The musl build "fix" introduced in r45108 removed all netinet/ether.h
includes, which made the prototypes of ether_aton and ether_ntoa
unavailable. As a result, the compiler assumed they return int instead
of a pointer. This currupted the pointer on 64bit targets, causing ebtables
to segfault in commands containing MAC addresses.

Since r46161 made it possible to include both the kernel and the libc
if_ether.h as long as the libc version is included first, this patch
changes the fix to remove the linux/if_ether.h from the ebtables source
(so the fixed version from the kernel is used) and ensures netinet/ether.h
is included early.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>

SVN-Revision: 46292
2015-07-10 11:36:49 +00:00
John Crispin
657300d418 comgt: make ncm proto work via wwan proto
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 46272
2015-07-08 14:26:04 +00:00
Hauke Mehrtens
97b14fd700 curl: update curl to version 7.43.0
This brings curl to version 7.43.0 and contains fixes for the following
security vulnerabilities:

CVE-2015-3236: lingering HTTP credentials in connection re-use
http://curl.haxx.se/docs/adv_20150617A.html

CVE-2015-3237: SMB send off unrelated memory contents
http://curl.haxx.se/docs/adv_20150617B.html

The 100-check_long_long patch is not needed any more, because the
upstream autoconf script already checks for long long when cyassl is
selected.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46169
2015-07-03 23:21:01 +00:00
Jonas Gorski
518ab154e0 xtables-addons: disable for kernel 4.1 for now
Netfilter APIs have changed, so the code requuires updates to compile
successfully.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 46111
2015-06-22 12:27:38 +00:00
Steven Barth
539d02eb0b iproute2: honor LDFLAGS
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46064
2015-06-19 13:30:18 +00:00
Steven Barth
3cb3da9556 linux-atm: add PKG_FIXUP
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46037
2015-06-18 11:10:46 +00:00
Jo-Philipp Wich
570790173d iwinfo: fix segfault in mtd parsing code (#19768)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45863
2015-06-01 04:31:45 +00:00
Jo-Philipp Wich
5e5c0edd7e iwinfo: fix hostapd status query (#19662)
* Rework hostapd and wpa_supplicant status parsing code
 * Add support for querying available HT rates
 * Relax definition of restricted channels

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45766
2015-05-26 11:50:04 +00:00
Jo-Philipp Wich
1c00b6bc7f iptables: reduce binary size
* drop unused lenient restore patch
 * instead of statically linking core extensions, build shared libraries
   for reuse in fw3
 * strip outdated match revisions and aliases to trim down library size

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45758
2015-05-26 09:16:50 +00:00
John Crispin
841b50a665 comgt: the package contained too many files
fixes #19698

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45741
2015-05-23 15:29:46 +00:00
John Crispin
a2d0d58a8e conntrack-tools: add init script for conntrackd
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 45737
2015-05-23 15:28:56 +00:00
Felix Fietkau
1f689613b6 iptables: disable unused xml support to save some space
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45617
2015-05-06 00:59:41 +00:00
Felix Fietkau
632ba15a56 curl: replace polarssl run-time version check with a compile-time one
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45609
2015-05-05 10:12:49 +00:00
John Crispin
f03226afe7 uqmi: auto retry when bringup fails
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45556
2015-04-21 13:18:46 +00:00
John Crispin
acf74d9b6a umbim: auto retry when bringup fails
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45555
2015-04-21 13:18:40 +00:00
Steven Barth
9715e1d520 nftables: bump version
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45513
2015-04-20 06:30:34 +00:00
Steven Barth
38519cad0b iproute2: update to v4.0.0
The most significant change from the previous version is the trimming of
the 300-ip_tiny.patch to lib/utils.c where a section previously patched
had vanished.  That section of the patch was removed.

Built and lightly tested on ar71xx against uClibc and musl.

Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 45512
2015-04-20 06:26:09 +00:00
Felix Fietkau
563c26a34f iptables: remove obsolete files
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45494
2015-04-18 17:59:31 +00:00
Felix Fietkau
6057a09ae6 iptables: remove layer7 leftovers (#19506)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45481
2015-04-17 18:52:24 +00:00
Steven Barth
0d1b5a1fd2 network: also shorten virtual interface names of ppp and 3g/4g connections
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45479
2015-04-17 14:47:12 +00:00
Felix Fietkau
4e4060138a iptables: remove layer7 support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45424
2015-04-13 22:23:19 +00:00
John Crispin
7872f4e1dc iptables: revert r40916
it causes problems with newer iptables when ipv6 is disabled as iptc uncoditionally links ip6tc

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45350
2015-04-10 08:31:06 +00:00
John Crispin
e7559353db wpan-tools: adds wpan-tools utility
This patch adds the wpan-tools (iwpan) utility to OpenWRT
build system. This utility required to manage IEE-802.15.4
devices.

Signed-off-by: Varka Bhadram <varkab@cdac.in>

SVN-Revision: 45349
2015-04-10 08:30:11 +00:00
John Crispin
3c9dcadcf5 umbim: update to latest git HEAD
merge patches from Bjørn Mork

http://patchwork.ozlabs.org/patch/459277/

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45327
2015-04-09 10:32:01 +00:00