Commit graph

32588 commits

Author SHA1 Message Date
Felix Fietkau
9abc02479e hostapd: Add eapol_version config option
Add eapol_version to the openwrt wireless config ssid section.
Only eapol_version=1 and 2 will get passed to hostapd, the default
in hostapd is 2.

This is only useful for really old client devices that don't
accept eapol_version=2.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>

SVN-Revision: 46861
2015-09-11 16:33:54 +00:00
Felix Fietkau
beabe8af46 openvpn: remove __DATE__ from options output
reported by:
https://reproducible.debian.net/openwrt/dbd/ar71xx/base/openvpn-nossl_2.3.7-1_ar71xx.ipk.html

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>

SVN-Revision: 46860
2015-09-11 16:33:39 +00:00
Felix Fietkau
4baec2468a include/image.mk: make tar reproducible
several packages reported different file order between builds
make binutils, kmod-sched reproducible

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>

SVN-Revision: 46859
2015-09-11 16:33:26 +00:00
Felix Fietkau
e6fb730daa yaffs2: remove __TIME__ __DATE__ macros
prevent compiler errors with gcc 4.9
increase reproducibility

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>

SVN-Revision: 46858
2015-09-11 16:33:12 +00:00
Felix Fietkau
d9857f5468 ramips: Enable RTC support for PBR-M1
The PBR-M1 and other upcoming MT7621 boards have RTC chips on them. The
PBR-M1 also selects the kmod-rtc-pcf8563 by default. But the module itself
will not be build because CONFIG_RTC_CLASS is currently not enabled for its
kernel.

Enabling this option should fix the problem of the missing rtc device on
these boards.

Signed-off-by: Sven Eckelmann <sven@open-mesh.com>

SVN-Revision: 46857
2015-09-11 16:32:58 +00:00
Felix Fietkau
bc4f2c5ce4 ar71xx: fix ar724x clock calculation
According to the AR7242 datasheet section 2.8, AR724X CPUs use a 40MHz
input clock as the REF_CLK instead of 5MHz.

The correct CPU PLL calculation procedure is as follows:
CPU_PLL = (DIV * REF_CLK) / REF_DIV / 2.

This patch is compatible with the current calculation procedure with default
DIV and REF_DIV values.

Test on both AR7240, AR7241 and AR7242.

Signed-off-by: Weijie Gao <hackpascal@gmail.com>

SVN-Revision: 46856
2015-09-11 16:32:45 +00:00
Felix Fietkau
b7933a47bb brcm2708-gpu-fw: update to latest version
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>

SVN-Revision: 46855
2015-09-11 16:32:28 +00:00
Felix Fietkau
b1be597a7a brcm2708: add kmod-sound-soc-raspidac3
This adds support for RaspiDAC Rev.3x

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>

SVN-Revision: 46854
2015-09-11 16:32:15 +00:00
Felix Fietkau
0b5d87fd30 brcm2708: update 4.1 patches
As usual, this patches were taken (and rebased) from
https://github.com/raspberrypi/linux/commits/rpi-4.1.y

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>

SVN-Revision: 46853
2015-09-11 16:32:00 +00:00
Felix Fietkau
2ce833060a target: ar71xx: add support for COMFAST CF-E316N v2 board
This adds full support (sans sysupgrading from vendor firmware) for the COMFAST
CF-E316N v2 (aka CF-E316V2, CF-E316N-V2 and CF-E316Nv2.0, no FCC ID) by
Shenzhen Four Seas Global Link Network Technology Co., Ltd (this company is
actively refusing to provide GPL'd sources for the OpenWrt version they ship
with the device, damn them).

Signed-off-by: Paul Fertser <fercerpav@gmail.com>

SVN-Revision: 46852
2015-09-11 16:31:35 +00:00
Felix Fietkau
3adce75a67 hostapd: work around unconditional libopenssl build dependency
As the OpenWrt build system only resolves build dependencies per directory,
all hostapd variants were causing libopenssl to be downloaded and built,
not only wpad-mesh. Fix this by applying the same workaround as in
ustream-ssl.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>

SVN-Revision: 46851
2015-09-11 16:31:18 +00:00
Felix Fietkau
3d6a411f14 opkg: work around unconditional libopenssl build dependency
As the OpenWrt build system only resolves build dependencies per directory,
all opkg variants were causing libopenssl to be downloaded and built,
not only opkg-smime. Fix this by applying the same workaround as in
ustream-ssl.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>

SVN-Revision: 46850
2015-09-11 16:31:01 +00:00
Rafał Miłecki
56c926223e base-files: change banner to Designated Driver release
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 46846
2015-09-11 08:56:37 +00:00
Steven Barth
60a96cfdb7 comgt-ncm: Add possibility to choose PDP context type
By setting the option pdptype to IP, IPV6 or IPV4V6 the user can
choose the context type between IPv4, IPv6 and dual stack,
respectively. The default setting is dual stack, except if option
ipv6=0 is specified, in which case IPv4 context is the default.
This allows for an out-of-the-box IPv6 support with modems
utilizing NCM-like protocols.

While we are at it, also add commands for Sierra DirectIP modems
(currently untested), which will allow us to drop the separate
comgt-directip package (once tested and verified working).

Signed-off-by: Matti Laakso <malaakso@elisanet.fi>

SVN-Revision: 46844
2015-09-11 06:46:42 +00:00
Steven Barth
8f24ee6382 uqmi: Add proper IPv6 support
Use the new --ip-family option to start both IPv4 and IPv6 sessions
by default. Autoconnect can't be used when starting two sessions,
so revert back to using the client IDs and packet data handles for
handling the network connection.

Some modem firmwares do not implement a RA server, therefore by
default use outband IP configuration and static addressing. Some
other firmwares report bogus IP configuration with the WDS get
current settings command. In this case inband configuration with
DHCP/RA can be optionally enabled by setting option dhcp to 1.

Per 3GPP standard a /64 prefix is served to all clients, which is
extended to LAN as specified in RFC 7278.

v2: Restrict the IPv6 gateway route source address
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>

SVN-Revision: 46843
2015-09-11 06:46:40 +00:00
Steven Barth
eb866e413f firewall: Remove src_port from firewall.config to receive dhcpv6 replies
Seems like my second try was again whitespace broken. Sorry for the noise.

Remove src_port from firewall.config to receive dhcpv6 replies. Fixes #20295.

Signed-off-by: Anselm Eberhardt <a.eberhardt@cygnusnetworks.de>

SVN-Revision: 46842
2015-09-11 06:46:35 +00:00
Felix Fietkau
7e57d753a1 netifd: update to the latest version, fixes a WDS STA mode regression caused by multicast-to-unicast handling (#20466)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46841
2015-09-10 21:00:19 +00:00
Felix Fietkau
add0c00c96 imagebuilder: run build prereq checks before building image to set up host commands properly
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46840
2015-09-10 11:06:42 +00:00
Jonas Gorski
82fb27917b ipq806x: fix uninitialized variable usage in cpufreq-krait
In krait_cpufreq_probe, both freq and max_cpu_freq are never
initialized, so the max_cpu_freq will have a random value at the end.
Fix this by properly initializing max_cpu_freq to 0 and storing the clk
frequency in freq as well, to make it similar to how it's calculated in
krait_set_target.

Fixes the following warnings:

In file included from include/linux/clk.h:16:0,
                 from drivers/cpufreq/cpufreq-krait.c:13:
drivers/cpufreq/cpufreq-krait.c: In function 'krait_cpufreq_probe':
include/linux/kernel.h:714:24: warning: 'freq' may be used uninitialized in this function [-Wmaybe-uninitialized]
  _max1 > _max2 ? _max1 : _max2; })
                        ^
drivers/cpufreq/cpufreq-krait.c:217:25: note: 'freq' was declared here
  unsigned long freq_Hz, freq, max_cpu_freq;
                         ^
In file included from include/linux/clk.h:16:0,
                 from drivers/cpufreq/cpufreq-krait.c:13:
include/linux/kernel.h:714:24: warning: 'max_cpu_freq' may be used uninitialized in this function [-Wmaybe-uninitialized]
  _max1 > _max2 ? _max1 : _max2; })
                        ^
drivers/cpufreq/cpufreq-krait.c:217:31: note: 'max_cpu_freq' was declared here
  unsigned long freq_Hz, freq, max_cpu_freq;

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 46839
2015-09-10 10:09:42 +00:00
Jonas Gorski
bebff6364d ipq806x: modules: fix typo in usb-dwc3-qcom dependencies
The phy driver has its qcom-dwc3 order switched in contrast to the usb
controller driver.

Signed-off-by: Kaspar Schleiser <kaspar@schleiser.de>
Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 46838
2015-09-10 10:09:36 +00:00
Jonas Gorski
a752ff1f8e ipq806x: fix R7500 kernel generation
Obviously the dummy rootfs must be after the kernel (uImage), not
included in it.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 46837
2015-09-10 10:09:26 +00:00
Felix Fietkau
3670f4128d busybox: lock: implement -n "Fail rather than wait"
lock -n is similiar to flock -n. If the lock was already taken,
fail with exit code = 1 and write error message to stderr.

example:
if ! lock -n /tmp/foo ; then
	echo lock exits.
else
	echo lock was free. But is locked now.
fi
> lock was free. But is locked now.
> lock exists.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>

SVN-Revision: 46836
2015-09-09 20:36:10 +00:00
Felix Fietkau
5fcafa319d generic: Fix per interface nf_call_iptables setting
commit r30917 ("kernel: bypass all netfilter hooks if the sysctls for that
functionality have been disabled - eliminates the overhead of enabling
CONFIG_BRIDGE_NETFILTER in the kernel config") introduced an optimization
which should reduce/eliminate the overhead for traffic send over bridges on
kernels compiled with CONFIG_BRIDGE_NETFILTER=y. But this optimization
breaks the nf_call_iptables per bridge setting which is more fine grained
than the global sysctl net.bridge.bridge-nf-call-iptables setting.

A test reflecting a real world setup was created to identify if this really
eliminates the overhead and if per-bridge nf_call_iptables could be used in
some setups to increase the throughput. A Qualcomm Atheros QCA9558 based
system with one ethernet and an ath9k wifi 3x3 in HT40 mode was used.
Cables from the AP to the wifi station were used to reduce interference
problems during the tests.

The wlan interface was put in one bridge interface called br-wlan. This
bridge usually contains some more wlan interfaces. The eth0 was put in a
second bridge called br-lan. This usually contains some other privileged
wlan or mesh interfaces. Routing was added between br-lan and br-wlan.

Three kernels were tested:

 * (default) OpenWrt kernel for this device
 * (brfilter-global) OpenWrt kernel with CONFIG_BRIDGE_NETFILTER=y
 * (brfilter-local)  OpenWrt kernel with CONFIG_BRIDGE_NETFILTER=y and
    without 644-bridge_optimize_netfilter_hooks.patch

The changes to the the netfilter settings of the bridge were done via:

 * (brfilter-global) /sbin/sysctl -w net.bridge.bridge-nf-call-iptables=1
 * (brfilter-lobal) echo 1 > /sys/class/net/br-lan/bridge/nf_call_iptables
   and/or echo 1 > /sys/class/net/br-wan/bridge/nf_call_iptables

A station connected to the wlan0 (AP) interface was used to send traffic to
a PC connected via ethernet. iperf with 3 concurrent transmissions was used
to generate the traffic.

| kernel          | br-nf-* global | nf-call* iface | download | upload   |
|-----------------|----------------|----------------|----------|----------|
| default         | 0              | -              |      209 |      268 |
| brfilter-global | 0              | -              |      185 |      243 |
| brfilter-local  | 0              | -              |      187 |      243 |
| brfilter-local  | 0              | br-lan         |      157 |      226 |
| brfilter-local  | 0              | br-lan br-wlan |      139 |      161 |
| brfilter-global | 1              | -              |      136 |      162 |

Download/upload results in Mibit/s

It can be seen that the patch doesn't eliminate the overhead. It can also
be seen that the throughput of brfilter-global and brfilter-local with
disabled filtering is the roughly the same. Also the throughput for
brfilter-global and brfilter-local for enabled filtering on all bridges is
roughly the same.

But also the brfilter-local throughput is higher when only br-lan requires
the filtering. This setting would not be possible with
644-bridge_optimize_netfilter_hooks.patch applied and thus can only be
compared with brfilter-global and filtering enabled for all interfaces.

Signed-off-by: Sven Eckelmann <sven@open-mesh.com>

SVN-Revision: 46835
2015-09-09 18:40:15 +00:00
Steven Barth
0c8f0186d5 linux: make IPv6 builtin if selected (saves >30KB)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46834
2015-09-09 12:20:36 +00:00
Steven Barth
1fb987e3b8 busybox: fix ip applet and netlink behavior
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46833
2015-09-09 10:38:16 +00:00
Steven Barth
e07959cade package: replace ifconfig-usage with ip
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46832
2015-09-08 17:44:24 +00:00
Steven Barth
579fe7f52a iproute2: improve ip-full coexistence, remove rt_table
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46831
2015-09-08 17:44:17 +00:00
Steven Barth
00045fe9d0 base-files: add /etc/iproute2/rt_tables, replace ifconfig-usage
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46830
2015-09-08 17:44:13 +00:00
Steven Barth
899a23227e busybox: improve applets & deprecate ifconfig, route
added: ip addr, ip route, ip link, traceroute6
removed: hostid, devmem, vconfig, arping
deprecated (to be removed): ifconfig, route

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46829
2015-09-08 17:44:10 +00:00
Rafał Miłecki
f0c747dee5 kernel: describe bridge patch "multicast to unicast"
It was initially added in r41367 by nbd.

SVN-Revision: 46828
2015-09-08 16:43:32 +00:00
Rafał Miłecki
b8c9d6b296 kernel: describe bridge patch "optimize netfilter hooks"
It was initially added in r30917 by nbd.

SVN-Revision: 46827
2015-09-08 16:43:21 +00:00
Rafał Miłecki
255d7ad8ba kernel: describe bridge patch "remove IPv6 depependency of bridge in 2.6.38+"
It was initially added in r27237 by jow as patch from Jonas.

SVN-Revision: 46826
2015-09-08 16:43:10 +00:00
Rafał Miłecki
f8a689d276 kernel: describe bridge patch "port isolate"
It was initially added in r25762 by nbd.

SVN-Revision: 46825
2015-09-08 16:43:04 +00:00
Rafał Miłecki
e77fae4cba kernel: describe bridge patch "always accept EAP"
It was initially added in r26015 by nbd.

SVN-Revision: 46824
2015-09-08 16:42:58 +00:00
Rafał Miłecki
c64214d465 kernel: describe bridge patch "no EAP forward"
It was initially added in r25095 by nbd.

SVN-Revision: 46823
2015-09-08 16:42:50 +00:00
Felix Fietkau
75744d133d kernel: restore 640-bridge_no_eap_forward.patch to its original form
It was corrupted in r38528. The most obvious symptom is repeated messages like this:

Tue Sep  8 08:25:18 2015 kern.warn kernel: [77141.972226] br-lan: received packet on wlan0 with own address as source address

Signed-off-by: Dmitry Ivanov <dima@ubnt.com>

SVN-Revision: 46821
2015-09-08 14:29:55 +00:00
Felix Fietkau
e29efa2fb7 kernel: remove packaging of kmod-crypto-core and kmod-crypto-arc4
Everything except for blkcipher was already built-in, so make blkcipher
built-in as well.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46820
2015-09-08 12:31:04 +00:00
Steven Barth
1b91cd2663 map: be less restrictive when matching lw4over6 prefixes
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46819
2015-09-08 12:13:29 +00:00
Felix Fietkau
48fe93ea6b iw: reduce size even more (~12k after gzip)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46818
2015-09-08 11:48:48 +00:00
Felix Fietkau
9365745f8e musl: add a hack to remove unused crypt() algorithms, saves ~14k after lzma
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46816
2015-09-08 10:57:11 +00:00
Steven Barth
8a7a939470 dropbear: remove generation and configuration of DSS keys
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46815
2015-09-08 08:59:40 +00:00
Felix Fietkau
a4cf4c35af dropbear: disable 3des, cbc mode, dss support, saves about 5k gzipped
While technically required by the RFC, they are usually completely
unused (DSA), or have security issues (3DES, CBC)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46814
2015-09-08 08:55:10 +00:00
Felix Fietkau
b13d8e55a7 argp-standalone: fix build error with gcc 5.2 (#20460)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46813
2015-09-08 07:10:07 +00:00
Rafał Miłecki
bda4c3d5e5 brcm47xx: apply serial flash size trick to Netgear WNR1000 V3
It also uses different block size just like WGR614 V10.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 46810
2015-09-08 05:24:57 +00:00
Steven Barth
d196b1fc2e Disable telnet in favor of passwordless SSH
This enables passworldless login for root via SSH whenever no root
password is set (e.g. after reset, flashing without keeping config
or in failsafe) and removes telnet support alltogether.

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46809
2015-09-07 19:29:25 +00:00
Felix Fietkau
b850e1e59f uhttpd: update to the latest version, fixes deferred cgi script processing (#20458)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46807
2015-09-07 19:18:58 +00:00
Rafał Miłecki
d2a9c35af0 brcm47xx: fix reading WGT634U CFE variables with 4.1
This ports fix from r46584 to the 4.1.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 46806
2015-09-07 16:43:29 +00:00
Rafał Miłecki
da2178eb7e brcm47xx: add Netgear WNR1000 V3 support in the Linux arch code
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 46805
2015-09-07 16:29:21 +00:00
Steven Barth
7af30b4cef map: ignore insignificant PSID bits
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46804
2015-09-07 16:21:15 +00:00
Steven Barth
8ac42ac28b odhcpd: fix parsing of host entries without duid
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46803
2015-09-07 13:31:36 +00:00