Commit graph

13308 commits

Author SHA1 Message Date
Jo-Philipp Wich
e66f17ac1e openvpn: update to v2.4.2
Update to version 2.4.2 in order to address two potential Denial-of-Service
vectors in OpenVPN.

CVE-2017-7478 - Don't assert out on receiving too-large control packets
CVE-2017-7479 - Drop packets instead of assert out if packet id rolls over

Ref: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.2
Ref: https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-12 11:54:48 +02:00
Florian Fainelli
c258bc781f toolchain: Package libgomp
Some external toolchains may be configured to enable OpenMP. Provide a
package for these libraries which can be used by other packages.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-05-11 13:42:55 -07:00
Florian Fainelli
83814856fe fritz-tools: Find zlib.h header file
Add the necessary changes to CMakeLists.txt to search zlib.h. Fixes
build issues with external toolchains that don't have STAGING_DIR in the
default search path.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-05-11 13:42:39 -07:00
Valentin Spreckels
6f01abf5de fritz_tffs_read: fix parsing of size argument
The parameter specification missed that -s takes an argument.

Signed-off-by: Valentin Spreckels <Valentin.Spreckels@Informatik.Uni-Oldenburg.DE>
2017-05-11 00:53:05 +02:00
Alexey Brodkin
5dc76a4258 perf: Disable perf for ARC770 only, enable for ARC HS38
Toolchain built for ARCv1 (read for ARC700 cores) by default has
disabled atomic ops (-mno-atomic). When we build Linux kernel for ARC770
which has LL/SC instructions and thus may handle normally atomic ops we
explicitly add "-matomic" in CFLAGS. But since user-space perf utility has
no way to extract CPU config options from Kconfig/defconfig it uses
compiler default settings.

In case of ARCv2 (read ARC HS38) atomics are enabled by default and so
perf builds perfectly fine thus reenabling perf for ARC HS38 (actually
for non-ARC700 targets).

Signed-off-by: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
2017-05-11 00:53:05 +02:00
Arjen de Korte
44da45a881 dnsmasq: don't propagate DUID from one host to another
If no DUID is set for a host, it should be empty, not the last one set for a previous host.

Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
2017-05-11 00:53:05 +02:00
Hans Dedecker
54ea0f45c8 dnsmasq: use append_interface_name when using option --interface-name
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-09 10:01:07 +02:00
Daniel Danzberger
eb99f8912a dnsmasq: add interface-name uci list.
This patch adds the interface-name option for each dhcp config
in /etc/config/dhcp.

With the interface_name option users can define a DNS name for each dhcp section
that will be resolved by dnsmasq with the underlaying interface address.

For example:
config dhcp 'lan'
	option interface 'lan'
	...
	list interface_name 'home.lan'
	...

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
2017-05-09 10:00:49 +02:00
Alberto Bursi
7296767639 dnsmasq: make tftp root if not existing
If there's a TFTP root directory configured, create it with mkdir -p
(which does not throw an error if the folder exists already)
before starting dnsmasq. This is useful for TFTP roots in /tmp, for example.

Originally submitted by nfw user aka Nathaniel Wesley Filardo

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2017-05-04 23:10:09 +02:00
Hans Dedecker
cd5cd7c859 dnsmasq: fix dhcp_option usage warning
Don't display unnecessary dhcp_option usage warning in case
dhcp_option is empty

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-05-04 22:42:49 +02:00
Nick Lowe
ed62d91f4b hostapd: add legacy_rates option to disable 802.11b data rates.
Setting legacy_rates to 0 disables 802.11b data rates.
Setting legacy_rates to 1 enables 802.11b data rates. (Default)

The basic_rate option and supported_rates option are filtered based on this.

The rationale for the change, stronger now than in 2014, can be found in:

https://mentor.ieee.org/802.11/dcn/14/11-14-0099-00-000m-renewing-2-4ghz-band.pptx

The balance of equities between compatibility with b clients and the
detriment to the 2.4 GHz ecosystem as a whole strongly favors disabling b
rates by default.

Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup, defaults change]
2017-05-03 13:58:23 +02:00
Abhilash Tuse
41feba8c4a hostapd: fix reload frequency change patch
When sta is configured, hostapd receives 'stop' and 'update' command from
wpa_supplicant. In the update command, hostapd gets sta parameters with
which it configures ap.

Problem is, with the default wireless configuration:
mode:11g freq:2.4GHz channel:1
If sta is connected to 5GHz network, then ap does not work. Ideally with
340-reload_freq_change.patch hostapd should reload the frequency changes
and start ap in 5GHz, but ap becomes invisible in the network.

This issue can be reproduced with following /etc/config/wireless:
config wifi-device  radio0
        option type     mac80211
        option channel  1
        option hwmode   11g
        option path     'virtual/uccp420/uccwlan'
        option htmode   'none'

config wifi-iface 'ap'
        option device 'radio0'
        option encryption 'none'
        option mode 'ap'
        option network 'ap'
        option ssid 'MyTestNet'
        option encryption none

config wifi-iface 'sta'
       option device radio0
       option network sta
       option mode sta
       option ssid TestNet-5G
       option encryption psk2
       option key 12345

This change updates current_mode structure based on configured hw_mode
received from wpa_supplicant. Also prepare rates table after frequency
selection.

Signed-off-by: Abhilash Tuse <Abhilash.Tuse@imgtec.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup, patch refresh]
2017-05-03 13:58:23 +02:00
Jo-Philipp Wich
65de093c18 base-files: implement ucidef_set_hostname(), ucidef_set_ntpserver()
Commit 2036ae4 (base-files: support hostname and ntp servers through board.d)
was supposed to implement these procedures but lacked the required changes
to uci-defaults.sh.

Add the missing procedures now to fix config generation on targets relying
on hostname or NTP server presetting.

Fixes FS#754.

Reported-by: Cristian Morales Vega <cristian@samknows.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-03 13:47:57 +02:00
Yousong Zhou
0c3fe281e3 opkg: alternatives: use ERROR level for symlink failure
Changes since last version

    04e279e pkg_alternatives: use ERROR level for symlink failure

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-03 17:40:47 +08:00
Yousong Zhou
cf75fb5e14 busybox: alternatives: accomodate CONFIG_BUSYBOX_CUSTOM=y
When busybox customisation is enabled, we should depend on config
symbols CONFIG_BUSYBOX_CONFIG_xxx to form alternatives specs

Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-03 17:40:47 +08:00
Kevin Darbyshire-Bryant
b65c619d02 dnsmasq: bump to 2.77test5
A number of small tweaks & improvements on the way to a final release.
Most notable:

Improve DHCPv4 address-in-use check.
Remove the recently introduced RFC-6842 (Client-ids in DHCP replies)
support as it turns out some clients are getting upset.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-05-02 22:32:14 +02:00
Yousong Zhou
fa3649d97e busybox: add alternatives specs for those also provided by procps-ng
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-03 00:53:44 +08:00
Yousong Zhou
9b4c41524f iproute2: bump PKG_RELEASE
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:45:42 +08:00
Yousong Zhou
cfa5865187 iproute2: add ip-tiny, ip-full as alternatives of /sbin/ip
They will not be in conflict anymore ;)

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:42:36 +08:00
Yousong Zhou
8b1b094fef busybox: add as an alternative of /sbin/ip
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:42:36 +08:00
Yousong Zhou
fc9361e60e opkg: alternatives support
Changes since last version

    546bc72 pkg: alternatives support
    7a96972 libbb: xreadlink: fix memory leak on failure case
    3f13edd pkg_run_script: use pkg->dest in half installed case

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:42:35 +08:00
Yousong Zhou
dac629f710 build: cleanup tmp/ dir of target rootfs
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:10:50 +08:00
Alexey Brodkin
34e8393019 toolchain/arc: update to the most recent release arc-2016.09
arc-2016.09 is the most recent toolchain for ARC cores and
it is based on top of upstream Binutils 2.27 and GCC 6.2.1.

With updated major version of GCC we copied all GCC 6.x patches
for ARC as well as Bintils 2.27 patches.

Note that toochain sports ARCv4 ABI and so must be used
with 4.8+ Linux kernels. Even though it will build v4.4 kernel
perfectly fine on attempt to run user-space apps they won't
work with older kernel. That said previuosly sent RFC patches with
Linux kernel update are required:
 [1] https://patchwork.ozlabs.org/patch/726686/
 [2] https://patchwork.ozlabs.org/patch/726687/

Signed-off-by: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
2017-05-02 15:17:30 +02:00
Felix Fietkau
c13f943d2a perf: disable build for ARC, it is currently broken
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-02 15:17:29 +02:00
Felix Fietkau
5afe9a054c kernel: allow selecting RTC drivers on targets without explicit RTC support
Keep them disabled by default to avoid pulling in extra kernel bloat

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-02 14:33:58 +02:00
Alexander Couzens
21c2e93e67
uboot-omap: rename patch to 101-disable-thumb-omap3.patch
It's disabling thumb for the whole omap3 family.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-30 12:19:07 +02:00
Alexander Couzens
ca8988614c uboot-omap: enable thumb for overo
Even it's unknown if it's booting with thumb, because the lack of hardware.
Enable it for now, so the build succeed, because without thumb it can not fit
into spl.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-30 12:17:30 +02:00
Hans Dedecker
c45ef702ff odhcpd: update to git HEAD version (FS#656,FS#595)
9268ca6 ndp: don't trigger IPv6 ping when neighbor entry is invalid
2b3355f ndp: fix adding proxy neighbor entries
7dff5b4 ndp: fix wrong interface name in syslog message
a54afb5 dhcpv6-ia: Fix segfault when writing DHCPv4 leases in state file
c0e9dbf ubus: don't segfault when there're no leases

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-28 21:59:29 +02:00
Hans Dedecker
9412fc2949 dnsmasq: support dhcp_option config as a list
Configuring dhcp_option as an option does not allow the usage of white
spaces in the option value; fix this by supporting dhcp_option as a list
config while still supporting the option config to maintain backwards
compatibility

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-27 22:04:29 +02:00
Jo-Philipp Wich
76871a8dbb busybox: nslookup_lede: mimic output format of old Busybox applet
When invoking "nslookup_lede" with a domain argument and without explicit
query type, issue both A and AAAA queries and display the resulting IP
addresses in a numbered list style, similar to how the old BusyBox nslookup
used to output the records.

This is required for compatibility with certain scripts.

Ref: https://forum.lede-project.org/t/nslookup-ipv6-in-lede-17-01-1

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-04-27 10:44:28 +02:00
Jo-Philipp Wich
f1e3285461 busybox: nslookup_lede: fix compatibility with v1.25
The ":*" optstring syntax was only recently introduced with BusyBox v1.26,
older versions need a corresponding hint in the "opt_complementary" variable
to denote flag values that should be stored as llist entries.

Add the required opt_complementary entry to fix random SIGBUS, SIGILL or
SIGSEGV related crashes on BusyBox 1.25.x when attempting to use the "-q"
flag of the "nslookup_lede" applet.

Ref: https://forum.lede-project.org/t/nslookup-ipv6-in-lede-17-01-1

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-04-27 10:44:28 +02:00
Hans Dedecker
e5bbead1a8 dropbear: fix procd interface trigger install
Install procd interface triggers only for interfaces which are enabled
so dropbear instances running on (an) enabled interface(s) are not
restarted due to an interface trigger of an interface which is disabled.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-26 21:29:16 +02:00
Daniel Engberg
dca2966b77 busybox: Enable sendfile by default
Enable sendfile system call by default.
http://lists.busybox.net/pipermail/busybox-cvs/2014-November/034831.html

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-04-26 13:40:37 +02:00
Chris Blake
ad0c1d3a31 mac80211: Backport AR934x OTP Patch
Merged upstream in https://patchwork.kernel.org/patch/9572541/, this
patch fixes the OTP offset used by the AR934x and AR955X to properly
enable reading from the OTP.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2017-04-26 10:29:45 +02:00
Felix Fietkau
0b7ed65cec kernel: remove out of tree direct-io disable hack
Direct-IO support has to be enabled for the release build anyway, so
this hack is not worth keeping

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-26 10:27:45 +02:00
Daniel Engberg
980c41f8e0 utils/mdadm: Update to 4.0
Update mdadm to 4.0
Remove 000-compile.patch as it's fixed upstream
Refresh patches
Add mdadm.h-Undefine-dprintf-before-redefining.patch
Source: http://git.openembedded.org/openembedded-core/tree/meta/recipes-extended/mdadm/files
Add RAID 0,1 and 10 as depends to make mdadm usable.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-04-26 10:27:45 +02:00
Hans Dedecker
4b195a611f netifd: return error status in reload_service
Based on a patch by Alexandru Ardelean.
netifd ubus reload call returns the actual reload error status;
return error status as well in reload_service

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-24 18:51:10 +02:00
Hans Dedecker
8e37d5b584 netifd: update to git HEAD version
11cb9cf ubus: add interface method to trigger renew event
4375d1b system-linux: allow "throw" route type
5fbd904 netifd: propagate error code on netifd_reload()
6e0acec interface-ip: fix device name for IPv6 link-local DNS server

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-24 18:50:36 +02:00
Hans Dedecker
6fd6582014 odhcpd: update to git HEAD version
570069d ubus: rework dumping IPv6 and IPv4 leases
4e579c4 dhcpv6-ia: simplify logic to write statefile and dhcpv6 logging

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-04-24 18:50:25 +02:00
Alexander Couzens
23fc55e723 package/uboot-omap: add am335x_boneblack
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-24 18:03:31 +02:00
Alexander Couzens
a5eb9c6370 package/uboot-omap: add default uEnv to boot via mmc card
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-24 18:03:31 +02:00
Alexander Couzens
147e18bdbd package/uboot-omap: re-introduce patches dropped by update to v2017.01
The beagleboard doesn't boot with Thumb enabled, but without Thumb the
SPL (first stage bootloader) is too big to fit into SRAM.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-24 18:03:31 +02:00
Alexander Couzens
e2caa74a2f package/uboot-omap: install image to STAGING_DIR_IMAGE
to use them later by image/Makefile to create full working sdcard images

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-24 18:03:31 +02:00
Alexander Couzens
4ac4148cc4 package/uboot-omap: assign BUILD_DEVICES most boards
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-04-24 18:03:31 +02:00
Daniel Golle
61cfc8075b mac80211: rt2x00: add incomplete support for external PA on MT7620
Do as the vendor driver does -- however, some devices apparently
patched support for external PA into the driver similar to how it was
done on Rt3352, using EEPROM_NIC_CONF1 rather than EEPROM_NIC_CONF2,
hence we check for both fields. Somehow the vendor driver also no
longer offers the option of only one of the TX paths having an external
PA (which was probably to weird to ever be implemented in practise,
though it doesn't seem like a particularly bad idea to me). Do the same
in rt2x00 and enable support for external PA on both TX paths whenever
it is set for TX0 in EEPROM.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-04-24 16:33:51 +02:00
Daniel Golle
3d71d1d9a9 mac80211: rt2x00: reorder patches and prepare for MT7620 external PA
Import change to make external PA capability consistent with the
vendor driver instead of having the logic inverted.
While at it, apply patches in the same order as they got merged
upstream.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-04-24 16:33:34 +02:00
Ansuel Smith
e80a041348 iptables: fix wrong depends for nftables support (FS#707)
The dep for the nftables support was wrong, if someone actually enable
that option gain a compilation error. This fix this problem.

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2017-04-22 21:33:46 +02:00
Jo-Philipp Wich
8ed5c6d3b1 busybox: fix build of nslookup_lede applet without IPv6 (#728)
Protect any IPv6 related with appropriate guards to fix compilation with
disabled IPv6 support in Busybox.

Fixes #728.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-04-21 13:20:24 +02:00
Mathias Kresin
18618695ae ramips: dont replace the board name
Use fixed led names and add each board variant instead of manipulating
the board name.

It makes the ramips board name function less different to the one used
in other targets and allows to merge them with a common function.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-04-21 07:47:59 +02:00
Tomislav Požega
e209988a17 mac80211: rt2800: fix mt7620 E2 channel registers
update RF register 47 and 54 values according to vendor driver

Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: moved changes into a separate patch]
2017-04-18 12:00:51 +02:00