This brings curl to version 7.43.0 and contains fixes for the following
security vulnerabilities:
CVE-2015-3236: lingering HTTP credentials in connection re-use
http://curl.haxx.se/docs/adv_20150617A.html
CVE-2015-3237: SMB send off unrelated memory contents
http://curl.haxx.se/docs/adv_20150617B.html
The 100-check_long_long patch is not needed any more, because the
upstream autoconf script already checks for long long when cyassl is
selected.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 46169
* Rework hostapd and wpa_supplicant status parsing code
* Add support for querying available HT rates
* Relax definition of restricted channels
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45766
* drop unused lenient restore patch
* instead of statically linking core extensions, build shared libraries
for reuse in fw3
* strip outdated match revisions and aliases to trim down library size
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45758
The most significant change from the previous version is the trimming of
the 300-ip_tiny.patch to lib/utils.c where a section previously patched
had vanished. That section of the patch was removed.
Built and lightly tested on ar71xx against uClibc and musl.
Signed-off-by: Russell Senior <russell@personaltelco.net>
SVN-Revision: 45512
it causes problems with newer iptables when ipv6 is disabled as iptc uncoditionally links ip6tc
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 45350
This patch adds the wpan-tools (iwpan) utility to OpenWRT
build system. This utility required to manage IEE-802.15.4
devices.
Signed-off-by: Varka Bhadram <varkab@cdac.in>
SVN-Revision: 45349
Below you'll find a patch to add ipmark module support to ipset.
Changeset 44671 already bumped ipset to version 6.24, but it's still
compiled without ipmark support. This is a requirement for mwan3 v1.6.
Signed-off-by: Jeroen Louwes <jeroen.louwes@gmail.com>
SVN-Revision: 44742
Included you'll find a patch to bump ipset to version 6.24. This
version supports the ip,fwmark set, which is needed for mwan3 1.6.
Signed-off-by: Jeroen Louwes <jeroen.louwes@gmail.com>
SVN-Revision: 44671
The wwan package holds the hotplug script to set mobile broadband
interfaces (un)available. Add it as a dependency to comgt-ncm,
uqmi and umbim.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 44631
Interface should not be set unavailable in all error cases,
returning 1 is enough.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 44630
Adds ncm proto to the list of checked protocols, sets interfaces
unavailable on device removal and removes the unnecessary ifup
command.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 44629
USB modem data files should be a part of the wwan package, which
actually uses them unlike comgt.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 44628
When passing struct termios to ioctl TCGETS and TCSETS should be
used instead of TCGETA and TCSETA, which are meant for the older
struct termio. Should fix https://dev.openwrt.org/ticket/19012
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 44506
remove obsolete configuration settings
--disable-thread
--enable-nonblocking
--without-krb4
remove SSPI support
only supported on windows
correct --with/without-ca-path handling
only supported with OpenSSL and PolarSSL
correct LDAP/LDAPS protocol
add dependency libopenldap
added SCP/SFTP protocol
default "No"
depends on libssh2
added IDN support
default "No"
depends on libidn
added SMB protocol (new in 7.40)
default "No"
require 'cryptographic authentication' and either 'GnuTLS' or 'OpenSSL' selected
added Unix sockets support (new in 7.40)
default "No"
added error verbose messages
default "No"
changes to Makefile
Increase PKG_RELEASE
PKG_CONFIG_DEPENDS and CONFIGURE_ARGS
extended for new functionality
use "autoconf_bool" for all --enable/--disable options
restructure for easier reading
changes to Config.in
extended for new functionality
implement dependencies
restructure and grouping for easier reading
build tested on XUbuntu 14.10 x86 for x86 (generic) and ar71xx (WNDR3800)
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 44243
This patch fixes the NCM protocol by adding the missing ifname
to the netifd script and changing one unintended "send" statement to
"print" in runcommand.gcom. It also cleans up logging and makes the
manufacturer names case-insensitive. Furthermore, comgt-ncm should
not depend on the USB-serial-related kernel modules, as the cdc-wdm
control device works without them. There is also no need to depend on
kmod-huawei-cdc-ncm, since other manufacturers (like Sony-Ericsson
and Samsung) which use other kernel modules should also be supported.
I'd appreciate if someone with Samsung or Sony-Ericsson modems could
test this, I was only able to test it with Huawei E3276, E3372 and
E353.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 44182
* Update to version 7.40.0
* remove non existing config options around enable/disable HTTPS protocoll
* remove --with-ca-path if ssl support disabled
* set proxy support as default like all versions before CC did
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 44176
Some Huawei mobile broadband sticks utilizing the NCM protocol expose
the control channel as a cdc-wdm device node instead of a virtual TTY.
This device node does not support the terminal ioctls. This patch
adds a check whether the provided device is a TTY or not and does not
attempt to use the terminal ioctls if they are not supported.
v2: reduce diffstat by simplifying code a little
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 44054
iproute2 includes "sanitized" linux kernel headers, which work fine for uClibc, however
with musl there is some header conflict, principally some ipv6 structure redefinition. This
patch removes <linux/in6.h> from include/linux/if_bridge.h to solve the problem.
Signed-off-by: Russell Senior <russell@personaltelco.net>
SVN-Revision: 43992
Target pxcab and ps3 were removed from maintaince in r34764 and r34765
respectively.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
SVN-Revision: 43850
Added complementary blobmsg_close_table() before returning from function
on error.
Signed-off-by: Sławomir Demeszko <s.demeszko@wireless-instruments.com>
SVN-Revision: 43477
Update nf_conntrack_rtsp to latest version based on http://mike.it-loops.com/rtsp/ (rtsp-module-3.7-v2.tar.gz).
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
SVN-Revision: 43311
* fixes a bug in multipart sms
* adds a new call to read the sim phone number (partially functioanl)
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 43310
This patch adds the userspace and kernelspace for
- match NETFILTER_XT_MATCH_CLUSTER
This match can be used to deploy gateway and back-end load-sharing clusters.
- target IP_NF_TARGET_CLUSTERIP
This module allows you to configure a simple cluster of nodes
that share a certain IP and MAC address
without an explicit load balancer in front of them.
Connections are statically distributed between the nodes in this cluster.
This is used i.e. by strongswan-ha.
Signed-off-by: Christian Scheele <cs@embedd.com>
SVN-Revision: 43174
Note, that licensing stuff is a nightmare: many packages does not clearly
state their licenses, and often multiple source files are simply copied
together - each with different licensing information in the file headers.
I tried hard to ensure, that the license information extracted into the OpenWRT's
makefiles fit the "spirit" of the packages, e.g. such small packages which
come without a dedicated source archive "inherites" the OpenWRT's own license
in my opinion.
However, I can not garantee that I always picked the correct information
and/or did not miss license information.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
SVN-Revision: 43155
this proto handler will detect which of 3g, qmi, mbim, ncm or directip you need
for a stick and setup uci automagically
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 42837
The AR9580 with the new ID can be found in the EnGenius ESR900 and the
QCA9880 without any subsystem IDs can be found in the EnGenius ESR1750.
Signed-off-by: Forest Crossman <cyrozap@gmail.com>
SVN-Revision: 42793
Instead of connecting once and saving the packet data handle, let the
firmware handle connecting/reconnecting automatically. This is more
reliable and reduces reliance on potentially stale data.
Use the global packet data handle to attempt to disable autoconnect
before restarting the connection. This ensures that the firmware will
take the new APN/auth settings.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 42721
Main changes:
- URL parser: IPv6 zone identifiers are now supported
- cyassl: Use error-ssl.h when available (drop local patch)
- polarssl: support CURLOPT_CAPATH / --capath
- mkhelp: generate code for --disable-manual as well (drop local patch)
Full release notes: http://curl.haxx.se/changes.html
MIPS 34kc binary size:
- 7.36.0 before: 82,539 bytes
- 7.38.0 after: 83,321 bytes
Signed-off-by: Catalin Patulea <cat@vv.carleton.ca>
SVN-Revision: 42517
This is a bug revealed in r41830.
First, the static variable `char nif[IFNAMSIZ]` of nl80211_phy2ifname()
would be zeroed out if the argument is "wlan0" or the like. This will
happen in the following call stack.
nl80211_get_scanlist("radio0", buf, len);
nl80211_phy2ifname("radio0") // return static var nif with content "wlan0"
nl80211_get_scanlist(nif, buf, len); // tail call
nl80211_get_mode(nif);
nl80211_phy2ifname(nif); // zero out nif
Later we try nl80211_ifadd("") which was supposed to create interface
"tmp.", but that won't happen because nl80211_msg() will put an invalid
ifidx 0 to the nlmsg.
Then iwinfo_ifup() and iwinfo_ifdown() would fail and happily
nl80211_get_scanlist() returned 0 and left *len undefined.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
SVN-Revision: 42151
NFLOG and NFQUEUE targets' full support for iptables.
Includes all needed kernel modules (Xtables's and Netlink's)
and userspace libraries.
All added kernel modules can be individually disabled,
all other new libraries get their own individual packages.
Reported-by: Fabian Hugelshofer <hugelshofer2006@gmx.ch>
Reported-by: Rainer Poisel <rainer.poisel@fhstp.ac.at>
Reported-by: Derek LaHousse <dlahouss@mtu.edu>
Signed-off-by: Guillaume Déflache <guillaume.deflache@ibwag.com>
SVN-Revision: 42022
This commit implements a new netfilter match "xt_id" which can be used to
attach unsigned 32bit IDs to iptables rules.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41945
If the iface to scan on already is in ad-hoc, station or monitor mode
then do not spawn a temporary iface.
Also preventively disable IPv6 on temporary ifaces before bringing them
up to avoid potential security issues.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41830
So far iwinfo aborted a wifi scan attempt if the mac of the spawned
interface could not be changed. Change the code to try anyway - this
should fix wifi scanning on RaLink devices.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41826
In case of .11ac device the hwmode was not properly displayed.
This patch fixes it.
Signed-off-by: Marek Kwaczynski <marek.kwaczynski@tieto.com>
Signed-off-by: Bartosz Markowski <bartosz.markowski@tieto.com>
SVN-Revision: 40953
when disabling ipv6, the iptables build breaks without a manul clean or this patch
Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
SVN-Revision: 40916
Many of the 4G/LTE and 3G modems utilize the QMI-protocol to control the
modem. At the moment there is no support for them in OpenWrt. This
patch adds support for them in the form of a netifd script and a
control utility. Tested with Huawei E398 and ZTE MF820D (which requires
a delay of ~30 s before responding to QMI commands). I put myself up as
the maintainer, feel free to change this if you desire.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
SVN-Revision: 40868
This change creates a new ip-full variant for the ip package.
It disables IP_CONFIG_TINY to make some iproute2 features available like xfrm, gretap, ...
Signed-off-by: Thomas Wouters <thomaswouters@gmail.com>
SVN-Revision: 39854
- update iw to 3.14
- remove some patches that are obsolete
- 200-reduce_size.patch has new coalesce removed from Makefile matching prev. ver
- refresh patches
This increases the size of the binary by 6.7%:
87801 4400 320 92521 16969 iw-3.10/iw
93995 4424 324 98743 181b7 iw-3.14/iw
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 39486
The associations list for Broadcom WDS interfaces are duplicate to those
reported by the corresponding AP interface; so there is no need to report
them again.
Signed-off-by: Nathan Hintz <nlhintz@hotmail.com>
SVN-Revision: 38746
Modify the hwmodelist reporting for broadcom devices to include
proper reporting of 802.11n support.
Signed-off-by: Nathan Hintz <nlhintz@hotmail.com>
SVN-Revision: 38745
A similar change was recently merged in iw commit
58b46da26ab9b5ff31c7033e175351eb1301d9af
Signed-off-by: Bruno Randolf <br1@einfach.org>
SVN-Revision: 38449
There are several cases within 'luci' that attempt to access the interface
'type' from within the 'type' specific meta tables; however, 'type' is not
currently available there. Replicate the common metadata in the 'type'
specific meta tables.
Signed-off-by: Nathan Hintz <nlhintz@hotmail.com>
SVN-Revision: 38448
The reap functionality appears to have been accidentally disabled by
commit 74ded7257e5da5e309844d386290f24ae91950a6 to iptables.git, see:
git://git.netfilter.org/iptables.git
and subsequently in iptables 1.4.15 and later. This adds a patch to
restore reap functionality for recent_opts_v1.
Signed-off-by: Russell Senior <russell@personaltelco.net>
SVN-Revision: 37328
wpa_supplicant may send log and event messages intermixed with the
expected scan results. This makes "iwinfo wlan0 scan" and LuCI
"site survey" display nothing when many AP's are around.
Eliminate the CTRL-EVENT-BSS-ADDED events, interspersed log messages,
lines with unexpected format. Increase timeout to handle the max
number of channels (2.4, 3.6, 4.9, 5 GHz). Insure receive buffer is
null-terminated.
Signed-off-by: Jean-Pierre Tosoni <jp.tosoni@acksys.fr>
SVN-Revision: 36888
libiptc.pc depends on libip[4|6]tc.pc, thus all of those need to be
installed.
Should fix collectd build and thus #13146; which should make collectd
appear in snapshots again.
Signed-off-by: Danny Baumann <dannybaumann@web.de>
SVN-Revision: 36509