b52053b 6in4: https support for he.net tunnel api
introduced HTTPS support using wget.
The busybox version of wget, however, doesn't support the -V option,
thus poluting logfiles with a full invalid-parameter-output.
Redirect stderr to fix that.
As libcurl and curl support selecting the SSL library of your choice,
also add support for curl which is more commonly used on OpenWrt than
"real" wget which needs libopenssl.
Also make sure to respect SSL_CERT_DIR and increase timeouts.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 43228
setsid is called fixing the pgrp issue
trigger the wdt while modules are being inserted
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 43193
This will ease adding new targets and updating:
* split UBOOTS var into multiple lines
* remove version from TITLE
Signed-off-by: Nicolas Thill <nico@openwrt.org>
SVN-Revision: 43187
This patch adds the userspace and kernelspace for
- match NETFILTER_XT_MATCH_CLUSTER
This match can be used to deploy gateway and back-end load-sharing clusters.
- target IP_NF_TARGET_CLUSTERIP
This module allows you to configure a simple cluster of nodes
that share a certain IP and MAC address
without an explicit load balancer in front of them.
Connections are statically distributed between the nodes in this cluster.
This is used i.e. by strongswan-ha.
Signed-off-by: Christian Scheele <cs@embedd.com>
SVN-Revision: 43174
Generate a random serial from /dev/urandom when creating selfsigned certs.
Fixes "sec_error_reused_issuer_and_serial" with Firefox.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 43168
Note, that licensing stuff is a nightmare: many packages does not clearly
state their licenses, and often multiple source files are simply copied
together - each with different licensing information in the file headers.
I tried hard to ensure, that the license information extracted into the OpenWRT's
makefiles fit the "spirit" of the packages, e.g. such small packages which
come without a dedicated source archive "inherites" the OpenWRT's own license
in my opinion.
However, I can not garantee that I always picked the correct information
and/or did not miss license information.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
SVN-Revision: 43155
Port Debians adaptive LCP echo patch to pppd, make it configurable with UCI
and enable it by default.
When adaptive LCP echo is enabled, LCP echo requests are only sent if the
link is idle, this avoids the common situation where a congested PPP link
(e.g. during torrenting) is falsely detected as disconnected because the
LCP replies are not received in time.
Also bump the copyright year in the Makefile, remove a redundant maintainer
entry and fix the shell processing of the keepalive option when the two-
value syntax is used.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 43143
Only list the kernel versions that do not match so that new kernel
versions will automatically match. This improves support for kernel
3.18.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 43132
This patch added stuff that is already there and if it would be needed
this would result in a compile error.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 43131
More recent kernel versions (>= 3.12) support native VXLAN
support.
The Open VSwitch kernel module tries to build using native VXLAN
support if it detects a kernel version >=3.12.
The build works fine, but during startup the OVS kernel module
does not load.
dmesg output is something like this:
[ 1201.262842] openvswitch: Unknown symbol vxlan_sock_release
[ 1201.262949] openvswitch: Unknown symbol vxlan_xmit_skb
[ 1201.263161] openvswitch: Unknown symbol vxlan_sock_add
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
SVN-Revision: 43126
Using a redirect to a non-empty mtd partition will not erase the
blocks prior to writing to them resulting in broken dsl_fw.
Fix this by piping to mtd write - /dev/mtdX instead.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 43125
HE.net tunnel update API requests are now made via https if an
SSL-capable wget is installed. Certificate validation is
conditionally enabled if the CA certs are available.
Signed-off-by: Andrew Skalski <askalski@gmail.com>
SVN-Revision: 43124