Commit graph

11411 commits

Author SHA1 Message Date
Felix Fietkau
99856ebf5c 6in4: use uclient-fetch instead of wget/curl
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48391
2016-01-20 10:15:29 +00:00
Felix Fietkau
8353ed85f2 uclient: update to the latest version, adds an auth reconnect handling fix and a small uclient-fetch command line fix
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48390
2016-01-20 10:15:25 +00:00
Felix Fietkau
5cafb9240e qos-scripts: Fix classification of ingress traffic
Set the save-mark mask for the qos_${cg} chain to 0xff instead of
0xf0.  With the old value, the nibble that was saved would be
masked during the restore, preventing ingress traffic from being
classified.  Thanks to nbd for recommending the fix.

Signed-off-by: Michael Marley <michael@michaelmarley.com>

SVN-Revision: 48388
2016-01-19 23:56:34 +00:00
Felix Fietkau
e771a31b39 opkg: depend on uclient-fetch, disable busybox wget
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48386
2016-01-19 23:35:04 +00:00
Felix Fietkau
208b96cacd uhttpd: fix typo in default config for px5g
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48385
2016-01-19 23:27:14 +00:00
Jo-Philipp Wich
939b944c6e Revert "6in4: Corrected tunnelbroker tunnel update URL"
The auth change appears to break the endpoint update for most users and with
my local tests the old update url works just fine.

This reverts commit 99c03a88cb6fed0519efdfaac305794653a12542.

SVN-Revision: 48384
2016-01-19 23:25:38 +00:00
Felix Fietkau
f6e4badfe4 toolchain: Add glibc 2.22
Signed-off-by: Michael Marley <michael@michaelmarley.com>

SVN-Revision: 48383
2016-01-19 22:58:51 +00:00
Felix Fietkau
54baefc480 ustream-ssl: update to the latest version, fixes connection with servers requiring DHE
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48380
2016-01-19 22:41:36 +00:00
Felix Fietkau
23541c6f6f uclient: install a symlink from uclient-fetch to wget into /bin
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48379
2016-01-19 22:41:31 +00:00
Felix Fietkau
977948b15c uclient: update to the latest version, fixes a cosmetic progress bar issue
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48378
2016-01-19 22:41:18 +00:00
Zoltan Herpai
76b903a415 packages: bump uboot-mxs to 2016.01, refresh patches
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>

SVN-Revision: 48374
2016-01-19 21:50:11 +00:00
Felix Fietkau
20ba5a01cf kernel: modularize dma shared buffer code to eliminate kernel bloat
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48371
2016-01-19 21:09:11 +00:00
John Crispin
ff7f5eb13d procd: emit events for sound subsystem
Useful e.g. for plugable USB-soundcards.
With this change an event/hotplug-call looks like:

ACTION: add DEVNAME: snd/timer DEVPATH: /devices/virtual/sound/timer SUBSYSTEM: sound
ACTION: add DEVNAME:  DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0 SUBSYSTEM: sound
ACTION: add DEVNAME: snd/controlC0 DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0/controlC0 SUBSYSTEM: sound
ACTION: add DEVNAME: snd/pcmC0D0p DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0/pcmC0D0p SUBSYSTEM: sound
ACTION: add DEVNAME: snd/pcmC0D0c DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0/pcmC0D0c SUBSYSTEM: sound
ACTION: add DEVNAME: dsp DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0/dsp SUBSYSTEM: sound
ACTION: add DEVNAME: audio DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0/audio SUBSYSTEM: sound
ACTION: add DEVNAME: mixer DEVPATH: /devices/platform/ehci-platform/usb1/1-1/1-1:1.0/sound/card0/mixer SUBSYSTEM: sound

This fixes #21466.

Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>

SVN-Revision: 48366
2016-01-19 15:31:35 +00:00
Felix Fietkau
e34acd64f5 kernel: disable AFS support by default
This pulls in CONFIG_KEYS, which bloats up the kernel size and is thus
very undesirable. It also currently exposes the kernel to a local root
vulnerability

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48364
2016-01-19 15:14:51 +00:00
Felix Fietkau
d33c0dd6d0 kernel/modules: add kmod-crypto-hw-ccp
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 48347
2016-01-19 10:06:43 +00:00
Felix Fietkau
faad8b68a4 wpa_supplicant: add support for EAP-TLS phase2
Introduce config options client_cert2, priv_key2 and priv_key2_pwd
used for EAP-TLS phase2 authentication in WPA-EAP client mode.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 48345
2016-01-19 10:06:29 +00:00
Felix Fietkau
3b15eb0ade hostap/wpa_supplicant: enable EAP-FAST in -full builds
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 48344
2016-01-19 10:06:23 +00:00
Felix Fietkau
808a605453 uhttpd: add option for mbedtls
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 48343
2016-01-19 10:06:18 +00:00
Felix Fietkau
cd5d3f9240 kernel/modules: add missing symbol for crypto-rng
Since CRYPTO_DRBG_MENU was added in r48277, CRYPTO_DRBG_HMAC is missing.
It does not appear in kernel_menuconfig and defaults to yes, so enable
it in crypto-rng as well and add dependencies to HMAC and SHA256.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 48341
2016-01-18 23:35:12 +00:00
Felix Fietkau
f6e38ec125 br2684ctl: resolve a boot time race condition with nas0 bringup by using explicit notification when init is done
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48321
2016-01-18 15:35:30 +00:00
Felix Fietkau
262f054c6e br2684ctl: add support for notifying nas* bringup via a script
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48320
2016-01-18 15:35:24 +00:00
Felix Fietkau
614ebec4d2 firewall: add CONFIG_IPV6 to PKG_CONFIG_DEPENDS to fix a rebuild error
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48315
2016-01-18 13:21:37 +00:00
Felix Fietkau
3c8827fa7f iptables: fix rebuild errors on configuration changes
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48314
2016-01-18 13:21:32 +00:00
Felix Fietkau
8de052800a openssl: remove the separate configuration menu, use the implicit one (via MENU:=1)
Fixes warning on selecting OPENSSL_ENGINE_CRYPTO if openssl is not selected

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48312
2016-01-18 12:42:08 +00:00
Felix Fietkau
e4cf25cfab wpa_supplicant: improve generating phase2 config line for WPA-EAP
WPA-EAP supports several phase2 (=inner) authentication methods when
using EAP-TTLS, EAP-PEAP or EAP-FAST (the latter is added as a first
step towards the UCI model supporting EAP-FAST by this commit)
The value of the auth config variable was previously expected to be
directly parseable as the content of the 'phase2' option of
wpa_supplicant.
This exposed wpa_supplicant's internals, leaving it to view-level to
set the value properly. Unfortunately, this is currently not the case,
as LuCI currently allows values like 'PAP', 'CHAP', 'MSCHAPV2'.
Users thus probably diverged and set auth to values like
'auth=MSCHAPV2' as a work-around.
This behaviour isn't explicitely documented anywhere and is not quite
intuitive...

The phase2-string is now generated according to $eap_type and $auth,
following the scheme also found in hostap's test-cases:
http://w1.fi/cgit/hostap/tree/tests/hwsim/test_ap_eap.py
The old behaviour is also still supported for the sake of not breaking
existing, working configurations.

Examples:
  eap_type   auth
  'ttls'     'EAP-MSCHAPV2'     -> phase2="autheap=MSCHAPV2"
  'ttls'     'MSCHAPV2'         -> phase2="auth=MSCHAPV2"
  'peap'     'EAP-GTC'          -> phase2="auth=GTC"

Deprecated syntax supported for compatibility:
  'ttls'     'autheap=MSCHAPV2' -> phase2="autheap=MSCHAPV2"

I will suggest a patch to LuCI adding EAP-MSCHAPV2, EAP-GTC, ... to
the list of Authentication methods available.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 48309
2016-01-18 11:40:44 +00:00
Felix Fietkau
fc8a7051cd lantiq: ltq-deu: Remove the "DEU test manager"
Remove the "DEU test manager" code which has not been used for more than
two years (as the kernel module is not installed anymore since r38731).
This fixes compilation on kernel 4.3, which removes
aead_request_set_assoc (and newer kernels).

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>

SVN-Revision: 48308
2016-01-18 11:40:40 +00:00
Felix Fietkau
e0bfd25295 busybox: fix broken IPv6 address displaying in ifconfig
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48306
2016-01-18 11:11:26 +00:00
Jo-Philipp Wich
1bd8400752 package/libs/libiconv: function names
Currently libiconv-stub and libiconv-full use different names
for functions iconv, iconv_open, and iconv_close.

This may lead to failures when building modules, e.g. with
apr-util when NLS is not activated.

The two modules libiconv-stub and libiconv-full should be
interchangeable, so we need the same function names.

cf.
http://git.savannah.gnu.org/cgit/libiconv.git/tree/include/iconv.h.in

After applying this patch execute

	make distclean

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

SVN-Revision: 48301
2016-01-18 09:23:17 +00:00
Felix Fietkau
495935a3b8 iproute2: remove odd conffiles generation
This was generating a conffiles list that included the binary
and CONTROL/ files.

Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>

SVN-Revision: 48296
2016-01-17 20:41:09 +00:00
Felix Fietkau
95699dd312 lantiq: ltq-deu: Make the DEU driver compatible with linux 4.2 and newer
Upstream linux 4.2 commit 84be456f883c4685680fba8e5154b5f72e92957e
"remove <asm/scatterlist.h>" requires us to include linux/scatterlist.h
instead. This also works with older kernels (at least 4.1, thanks to
Hauke Mehrtens for testing).

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>

SVN-Revision: 48282
2016-01-17 19:23:14 +00:00
Jo-Philipp Wich
740a2ee163 base-files: Fix sysupgrade overlay saving
A previous change to sysupgrade moved the overlay files into upper/
The -c switch generates a list of files to backup, but the sed
calls did not take this into consideration.

Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>

SVN-Revision: 48281
2016-01-17 18:24:30 +00:00
Jo-Philipp Wich
5cf88bb032 netifd: fix PKG_VERSION (#21630)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48280
2016-01-17 17:15:01 +00:00
Felix Fietkau
c3b01ead44 uclient: update to the latest version, adds many fixes/features
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48278
2016-01-17 12:41:06 +00:00
Felix Fietkau
33d1b2e0f5 kernel: add missing kernel config symbol for crypto-rng (fixes #21596)
Signed-off-by: Lucian Cristian <luci@createc.ro>

SVN-Revision: 48277
2016-01-17 11:17:06 +00:00
Felix Fietkau
e2e8cb8347 network: add virtual tunnel interface (VTI) support
This adds support for configuring VTI interfaces within /etc/config/network.
VTI interfaces are used to create IPsec tunnel interfaces. These interfaces
may be used for routing and other purposes.

Example config:
config interface 'vti1'
	option proto 'vti'
	option mtu '1500'
	option tunlink 'wan'
	option peeraddr '192.168.5.16'
	option zone 'VPN'
	option ikey 2
	option okey 2

config interface 'vti1_static'
	option proto 'static'
	option ifname '@vti1'
	option ipaddr '192.168.7.2/24'

The options ikey and okey correspond to the fwmark value of a ipsec policy.
The may be null if you do not want fwmarks.
Also peeraddr may be 0.0.0 if you want all ESP packets go through the
interface.
Example strongswan config:
conn vti
	left=%any
	leftcert=peer2.test.der
	leftid=@peer2.test
	right=192.168.5.16
	rightid=@peer3.test
	leftsubnet=0.0.0.0/0
	rightsubnet=0.0.0.0/0
	mark=2
	auto=route

Signed-off-by: André Valentin <avalentin@marcant.net>

SVN-Revision: 48274
2016-01-17 11:06:02 +00:00
Felix Fietkau
eb1ac66ce7 netifd: update to the latest version, adds VTI support and a policy routing fix
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48273
2016-01-17 11:05:53 +00:00
Felix Fietkau
0200735bda kernel: add usb-net-sr9700 package
Add support for
CoreChip-sz SR9700 based USB 1.1 10/100 ethernet devices

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

SVN-Revision: 48272
2016-01-17 11:03:41 +00:00
Felix Fietkau
20a67881f4 ca-certificates: update to version 20160104
- update to latest version 20160104
- remove cpu dependency (PKGARCH:=all)
- set myself as package maintainer

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>

SVN-Revision: 48271
2016-01-17 11:03:36 +00:00
Felix Fietkau
b075688953 ustream-ssl: fix copy&paste mistake in mbedtls variant title
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48258
2016-01-16 09:14:03 +00:00
Felix Fietkau
b0b0c319f9 polarssl: update to 1.3.16, fixes intermediate certificate validation
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48257
2016-01-16 00:20:05 +00:00
Felix Fietkau
d9494cdf6d ustream-ssl: update to the latest version, adds mbedtls variant
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48256
2016-01-16 00:20:01 +00:00
Felix Fietkau
5bd5c3282b libubox: update to the latest version, adds lua/ustream fixes and extends usock
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48255
2016-01-16 00:19:54 +00:00
Felix Fietkau
6665bbb1a0 mbedtls: update to version 2.2.1
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48254
2016-01-16 00:19:47 +00:00
Zoltan Herpai
39f385d0d6 packages: bump uboot-sunxi to 2016.01
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>

SVN-Revision: 48252
2016-01-15 20:27:32 +00:00
Felix Fietkau
b2e374346b mwlwifi: fix build with latest mac80211
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48251
2016-01-15 16:58:00 +00:00
Felix Fietkau
ba8a603a49 mt76: update to the latest version, fixes build with latest mac80211
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48250
2016-01-15 16:53:44 +00:00
Felix Fietkau
82c5e2c497 mac80211: update to wireless-testing 2016-01-10
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48247
2016-01-15 15:03:48 +00:00
Felix Fietkau
56f6d35716 dnsmasq: Add option --min-port
By default dnsmasq uses random ports for outbound dns queries;
when the minport UCI option is specified the ports used will
always be larger than the specified value.
This is usefull for systems behind firewalls.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 48244
2016-01-15 11:24:15 +00:00
Felix Fietkau
64c23711ea dropbear: update version to 2015.71
Update dropbear to version 2015.71, released on 3 Dec 2015.
Refresh patches.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 48243
2016-01-15 11:24:09 +00:00
Felix Fietkau
708bbe9382 kernel: add missing kmod-video-videobuf2's object file in 4.4
CONFIG_VIDEOBUF2_CORE produces two object files in Linux >= 4.4.
Conditionally add the new file to FILES of kmod-video-videobuf2.

Signed-off-by: Jan Čermák <jan.cermak@nic.cz>

SVN-Revision: 48242
2016-01-15 10:49:21 +00:00