aboutsummaryrefslogtreecommitdiffstats
path: root/package/utils/busybox
Commit message (Collapse)AuthorAgeFilesLines
* cron: add procd listeners for crontabsPaul Spooren2018-06-181-3/+5
| | | | | | | | Add procd file listeners to check files in `/etc/crontabs/`. Also unified a bit the function style. Signed-off-by: Paul Spooren <mail@aparcar.org>
* busybox: udhcpc: no MSG_DONTROUTE when sending packetAdi Shammout2018-06-072-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts a change made in Sep 2017 [1] which introduced MSG_DONTROUTE flag to prevent udhcpc from reaching out to servers on a different subnet. That change violates RFC2131 by forcing fully configured clients, who got their configurations through an offer relayed by a DHCP relay, from renewing through a unicast request directly to the DHCP server, resulting in the client resorting to boradcasting lease extension requests instead of unicasting them, further breaking RFC2131. The problem with MSG_DONTROUTE appears when talking to a properly configured DHCP server that rejects non-compliant requests. Such server will reject lease extension attempts sent via broadcast rather than unicast, as is the case with Finnish ISPs Telia and DNA as well as Estonian ISP Starman. Once the lease expires without renewal, udhcpc enters init mode, taking down the interfaces with it, and thus causing interruption on every lease expiry. On some ISPs (such as the ones mentioned above) that can be once every 10-20 minutes. The interruptions appear in the logs as such: ---- udhcpc: sending renew to x.x.x.x udhcpc: send: Network unreachable udhcpc: sending renew to 0.0.0.0 udhcpc: sending renew to 0.0.0.0 ... udhcpc: lease lost, entering init state Interface 'wan' has lost the connection Interface 'wan' is now down Network alias 'eth0' link is down udhcpc: sending select for y.y.y.y udhcpc: lease of y.y.y.y obtained, lease time 1200 Network alias 'eth0' link is up Interface 'wan' is now up ---- During lease extension, a fully configured client should be able to reach out to the server from which it recieved the lease for extension, regardless in which network it is; that's up to the gateway to find. [2] This patch ensures that. [1] http://lists.busybox.net/pipermail/busybox-cvs/2017-September/037402.html [2] https://www.netmanias.com/en/post/techdocs/6000/dhcp-network-protocol/ understanding-dhcp-relay-agents Signed-off-by: Adi Shammout <adi.shammout@outlook.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* flock: enable alternatives supportYousong Zhou2018-05-071-1/+2
| | | | | | Fixes FS#1510 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* busybox: order alternatives in alphabetical orderYousong Zhou2018-05-071-4/+4
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* busybox: update to 1.28.3Hannu Nyman2018-04-051-2/+2
| | | | | | | | | Bug fix release. 1.28.3 has fixes for * ash and hush (do not leave stray open file destriptors in children), * cpio (fix for symlink extraction), * grep ("grep -Fw a" was matching "aa"). Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* busybox: update to 1.28.2Hannu Nyman2018-04-0310-594/+578
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update busybox to 1.28.2, refresh patches and default config. * modify 230-add_nslookup_lede.patch as opt_complementary was removed Also move nslookup_longopts variable declaration to be inside the same conditional as the function itself. * modify 250-date-k-flag.patch to match upstream (opt_complementary) * remove 600-cve-2017-16544.patch that is upstreamed Notes about config changes: * Some applet-specific LONG_OPTIONS config options were removed * Config help text indentation changed, caused lots of text formatting changes for convert_menuconfig.pl * convert_defaults.pl moved lots of defaults around, summary of actual changes below New applets/features: --------------------- ARCH HEXEDIT MINIPS NETCAT NUKE RESUME RUN_INIT SETFATTR New options: ------------ FEATURE_CATN FEATURE_CROND_SPECIAL_TIMES FEATURE_LIBBUSYBOX_STATIC FEATURE_SETPRIV_CAPABILITIES FEATURE_SETPRIV_CAPABILITY_NAMES FEATURE_SETPRIV_DUMP FEATURE_SH_READ_FRAC FEATURE_SWAPONOFF_LABEL FEATURE_VOLUMEID_MINIX FEATURE_XARGS_SUPPORT_ARGS_FILE FEATURE_XARGS_SUPPORT_PARALLEL HUSH_GETOPTS HUSH_READONLY HUSH_TIMES Removed: -------- FEATURE_HAVE_RPC MSH Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* busybox: drop providing virtual package ipHans Dedecker2018-03-221-1/+0
| | | | | | | | | | | | | | Drop providing the virtual package ip by busybox which was added in commit 1cec4d4ef0. Letting busybox provide the virtual package ip is not optimal for the following reasons : - Applications depending on ip expect either the ip-full or ip-tiny package to be enabled. - Busybox ip applet cannot be added or removed at runtime Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* busybox: remove i386-specific build flagsMatthias Schiffer2018-03-121-0/+10
| | | | | | | | | | busybox tries to be smart and passes a number of additional flags to the compiler. Unfortunately, the i386-specific flags break ABI compatiblity with libc. Fixes busybox crashes observed on x86-generic with GCC 7. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* build: add hardened builds with PIE (ASLR) supportJulien Dusser2018-01-271-0/+3
| | | | | | | | | | | | | | | | | | Introduce a configuration option to build a "hardened" OpenWrt with ASLR PIE support. Add new option PKG_ASLR_PIE to enable Address Space Layout Randomization (ASLR) by building Position Independent Executables (PIE). This new option protects against "return-to-text" attacks. Busybox need a special care, link is done with ld, not gcc, leading to unknown flags. Set BUSYBOX_DEFAULT_PIE instead and disable PKG_ASLR_PIE. If other failing packages were found, PKG_ASLR_PIE:=0 should be added to their Makefiles. Original Work by: Yongkui Han <yonhan@cisco.com> Signed-off-by: Julien Dusser <julien.dusser@free.fr>
* busybox: clean up patch fuzzKevin Darbyshire-Bryant2018-01-052-8/+3
| | | | | | Refresh patches to tidy up fuzz. No functional changes Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* busybox: enable flock by defaultRoman Yeryomin2018-01-021-1/+1
| | | | | | | This is needed for procd init script protection to work. flock adds 4248 bytes to stripped busybox binary. Signed-off-by: Roman Yeryomin <roman@advem.lv>
* busybox: backport cve-2017-16544 fixJohn Crispin2018-01-021-0/+40
| | | | | | | | | | | | | | | | | In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. Fixes: FS#1181 - CVE-2017-16544: Backport the patch from: https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8 https://nvd.nist.gov/vuln/detail/CVE-2017-16544 Signed-off-by: Derek Werthmuller <thewerthfam@gmail.com> Signed-off-by: John Crispin <john@phrozen.org>
* busybox: add missing TARGET_CPPFLAGS and TARGET_LDFLAGSMatthias Schiffer2017-12-281-2/+3
| | | | | | | | | | | | | Unconditionally pass TARGET_CPPFLAGS (not passed at all before) and TARGET_LDFLAGS (passed only in certain non-default configuration before the Makefile streamlining). Without these flags, hardening options (PKG_FORTIFY_SOURCE and PKG_RELRO) were not actually applied to busybox. The addition of these flags increases the size of the stripped busybox binary by about 6KB (~4KB with fortify headers, ~2KB with "-znow -zrelro") with the default hardening options PKG_FORTIFY_SOURCE_1 and PKG_RELRO_FULL. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* busybox: streamline MakefileMatthias Schiffer2017-12-281-50/+17
| | | | | | | Use default Build/Install steps where possible. No binary change in default configuration, so PKG_RELEASE is not incremented. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* busybox: enable find -newer needed for shorewall firewall, no size increase ↵Lucian Cristian2017-12-142-2/+2
| | | | | | on binary Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
* busybox: fix glibc libresolv dependency for LEDE nslook appletJo-Philipp Wich2017-12-101-1/+1
| | | | | | | Fixes d1ba483472 merge: busybox: update CONFIG_NSLOOKUP in busybox config. Fixes FS#1212. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* merge: busybox: update CONFIG_NSLOOKUP in busybox config and respective patchZoltan HERPAI2017-12-083-16/+16
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* add PKG_CPE_ID ids to package and toolsAlexander Couzens2017-11-171-0/+1
| | | | | | | | | | | CPE ids helps to tracks CVE in packages. https://cpe.mitre.org/specification/ Thanks to swalker for CPE to package mapping and keep tracking CVEs. Acked-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* busybox: provide "ip"Hans Dedecker2017-10-141-0/+1
| | | | | | | Let busybox provide "ip" as it supports the ip applets link, address, route, rule and neighbor Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* busybox: update to 1.27.2Magnus Kroken2017-08-3030-1121/+951
| | | | | | | | | | Refresh patches, delete patches backported from upstream. This fixes ntpd sync issues (ntpd would not sync if the first provided peer address was unreachable). Signed-off-by: Magnus Kroken <mkroken@gmail.com> Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* busybox: move passwd applet to /binDaniel Golle2017-08-301-0/+11
| | | | | | | | | | busybox currently installs passwd into /usr/bin which prevents its 'full' shadow-utils variant from being installed. Move the passwd applet to /bin to avoid that collision. shadow also provides /usr/bin/login which doesn't collide with busybox as the busybox login applet is installed at /bin/login. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* busybox: move traceroute applets to /binDaniel Golle2017-08-302-8/+13
| | | | | | | | | | | busybox currently installs traceroute and traceroute6 into /usr/bin which prevents their 'full' iputils variants from being installed. Move those applets to /bin so they can coexist with their iputils siblings using the same PATH convention already applied for coreutils and other drop-in 'full' versions. Refresh existing patch while at it. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* Revert "busybox: ash/hush fix for read-builtin command"Jo-Philipp Wich2017-08-231-147/+0
| | | | | | | | | | Revert this commit as it introduces a patchfile at a wrong location. Since the patch was never effective, we can assume that this particular commit was not properly tested. This reverts commit dde9da46c1586c0bda54e7fa6de05f0fc76e557a. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* busybox: ash/hush fix for read-builtin commandBastian Bittorf2017-06-241-0/+147
| | | | | | | | | | | this is a cherrypick from busybox-git HEAD: f5470419404d643070db99d058405b714695b817 and can be removed when upgrading to next busybox release. discussion here: http://lists.busybox.net/pipermail/busybox/2017-May/085439.html Signed-off-by: Bastian Bittorf <bb@npl.de>
* busybox: backport 'ip rule suppress_{prefixlength, ifgroup}'Stefan Tomanek2017-06-241-0/+145
| | | | | | | | This is a backport from the busybox repository (192dce4b84fb32346ebc5194de7daa5da3b8d1b4); it enables the use of the suppress_{prefixlength,ifgroup} flags for policy routing rules. Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
* busybox: alternatives: accomodate CONFIG_BUSYBOX_CUSTOM=yYousong Zhou2017-05-031-14/+15
| | | | | | | | When busybox customisation is enabled, we should depend on config symbols CONFIG_BUSYBOX_CONFIG_xxx to form alternatives specs Reported-by: Hannu Nyman <hannu.nyman@iki.fi> Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* busybox: add alternatives specs for those also provided by procps-ngYousong Zhou2017-05-031-2/+14
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* busybox: add as an alternative of /sbin/ipYousong Zhou2017-05-021-1/+2
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* busybox: nslookup_lede: mimic output format of old Busybox appletJo-Philipp Wich2017-04-272-22/+61
| | | | | | | | | | | | | When invoking "nslookup_lede" with a domain argument and without explicit query type, issue both A and AAAA queries and display the resulting IP addresses in a numbered list style, similar to how the old BusyBox nslookup used to output the records. This is required for compatibility with certain scripts. Ref: https://forum.lede-project.org/t/nslookup-ipv6-in-lede-17-01-1 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* busybox: nslookup_lede: fix compatibility with v1.25Jo-Philipp Wich2017-04-272-6/+7
| | | | | | | | | | | | | | The ":*" optstring syntax was only recently introduced with BusyBox v1.26, older versions need a corresponding hint in the "opt_complementary" variable to denote flag values that should be stored as llist entries. Add the required opt_complementary entry to fix random SIGBUS, SIGILL or SIGSEGV related crashes on BusyBox 1.25.x when attempting to use the "-q" flag of the "nslookup_lede" applet. Ref: https://forum.lede-project.org/t/nslookup-ipv6-in-lede-17-01-1 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* busybox: Enable sendfile by defaultDaniel Engberg2017-04-261-1/+1
| | | | | | Enable sendfile system call by default. http://lists.busybox.net/pipermail/busybox-cvs/2014-November/034831.html Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* busybox: fix build of nslookup_lede applet without IPv6 (#728)Jo-Philipp Wich2017-04-211-9/+33
| | | | | | | | | Protect any IPv6 related with appropriate guards to fix compilation with disabled IPv6 support in Busybox. Fixes #728. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* busybox: Move libresolv detection to LEDE MakefileFlorian Fainelli2017-04-122-18/+6
| | | | | | | | | | | Since the LEDE nslookup applet is already specific to LEDE, move the libresolv detection into the busybox Makefile that LEDE uses. This fixes builds with external toolchains that don't automatically search for headers and/or libraries without being told so. Fixes: de5b8e5d2fe1 ("busybox: add musl compatible nslookup replacement") Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* busybox: add musl compatible nslookup replacementJo-Philipp Wich2017-04-103-1/+931
| | | | | | | | Add an alternative nslookup applet implementation which is compatible with musl libc wrt. name server selection and which supports a number of additional features such as query type selection. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* busybox: fix installation of cron and ntpd scripts in the default configFelix Fietkau2017-04-041-2/+2
| | | | | Fixes: 0b24850e9778 ("busybox: don't install NTP scripts if NTP isn't configured") Signed-off-by: Felix Fietkau <nbd@nbd.name>
* busybox: don't install NTP scripts if NTP isn't configuredPhilip Prindeville2017-04-031-0/+4
| | | | | | | | If you're using Chrony or NTPD you don't want the busybox NTP server as well. Make it's installation truly conditional. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [simplify]
* busybox: vi: backporting patches to fix ZZ and :x commandYousong Zhou2017-03-253-1/+154
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* busybox: enable the "ip neigh" command (FS#618)Felix Fietkau2017-03-221-1/+1
| | | | | | | It is useful for creating static ARP entries. Adds about 1.9 KiB after gzip on MIPS. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* sysntpd: restore support for peer-less (standalone) modePiotr Dymacz2017-03-151-1/+1
| | | | | | | | | | | | | | | | | ntpd from Busybox supports peer-less (standalone) mode when it's started with option -l and without any peer provided with option -p. In this mode ntpd uses local time as reference and acts as stratum 1 server. This mode can be used in isolated networks, where Internet access and/or other NTP server/s are not available, but the device has some other way of getting correct time, like e.g. GPS (ugps supports setting local time by default). Support for this mode was incorrectly disabled/removed in: 1527f96ca6e196fa17c96fdb3ae520158fa5943f Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> Acked-by: Jo-Philipp Wich <jo@mein.io>
* busybox: update to 1.26.2Magnus Kroken2017-01-2931-3190/+2440
| | | | | | | | Refresh patches, delete patches that have been applied upstream. Signed-off-by: Magnus Kroken <mkroken@gmail.com> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix defaults]
* busybox: convert netmsg and lock applet to "new style" applet definitionMagnus Kroken2017-01-292-78/+30
| | | | | | | | | | The "new style" busybox applet approach moves all config and build definitions related to an applet to its .c file. This makes the patches easier to maintain, as they only add new files to the busybox build directory, without modifying BusyBox files. Signed-off-by: Magnus Kroken <mkroken@gmail.com> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* build: use mkhash to replace various quirky md5sum/openssl callsFelix Fietkau2017-01-051-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: clean up download hashesFelix Fietkau2016-12-161-1/+1
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* busybox: adjust download mirrorHannu Nyman2016-10-211-2/+2
| | | | | | | | | | * Adjust download locations: - use https as busybox.net permanently redirects http to https - gentoo mirror has neither 1.25.0 nor 1.25.1 available, so drop it in favor of buildroot.net that has 1.25.1 Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* busybox: add upstream patch to fix send_to_fromStijn Tintel2016-10-152-1/+38
| | | | | | | This fixes ntpd when queries are sent to secondary IPv4 IP addresses. See https://bugs.busybox.net/show_bug.cgi?id=9146 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* busybox: update to version 1.25.1Stijn Tintel2016-10-155-80/+5
| | | | | | | | | Dropped upstream patches: 000-busybox-1.25.0-gzip.patch 000-busybox-1.25.0-ip.patch 000-busybox-1.25.0-ntpd.patch Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* busybox: prevent globbing, word splittingJan-Tarek Butt2016-10-151-2/+2
| | | | | | Double quote to prevent globbing and word splitting. Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>
* busybox: v1.25.0 upstream patchesKevin Darbyshire-Bryant2016-09-273-0/+75
| | | | | | Include upstream patches for gzip, ip & ntpd. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* iproute: properly support high routing table IDsJo-Philipp Wich2016-09-273-24/+487
| | | | | | | | | | | | | | | | | | | | | The Linux kernel uses two distinct fields to denote the routing table ID in use by network routes; the 8 bit `rtm_table` member of `struct rtmsg` and the 32 bit `RTA_TABLE` netlink attribute. If a routing table ID is larger than 255, the `RT_TABLE` attribute must be used and the `rtm_table` field has to be set to the special `RT_TABLE_UNSPEC` value. This commit adds a patch which... - switches the *_n2a() and *_a2n() functions of rt_names.c to use dynamically sized, name-sorted arrays instead of fixed arrays limited to 1024 slots in order to support IDs up to 65535 - adds proper handling of high table IDs to iprule.c and iproute.c when adding, removing and dumping ip rules and network routes After this change, the Busybox ip applet fully supports IP rules with high ID numbers, using the same logic as the full iproute2. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* busybox: fix md5sumHauke Mehrtens2016-09-201-1/+1
| | | | | | | The md5sum was not updated in commit 06fa1c46fc3 "busybox: update to version 1.25.0" Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>