aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* fstools: update to the latest versionFelix Fietkau2017-05-221-3/+3
| | | | | | | | | 88d48d5 libfstools: silence mkfs.{ext4,f2fs} a19f2b3 build: disable the format-truncation warning error to fix gcc 7 build errors 633a8d0 libfstools: fix multiple volume_identify usages with the same volume c43ae11 fstools: use -Wno-format-truncation instead of -Wno-error=format-truncation Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libunwind: update to 1.2Yousong Zhou2017-05-223-19/+58
| | | | | | | | | | | Addresses CVE-2015-3239: Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes. Upstream stable-v1.2 fixed the missing unwind_i.h issue but no new tarball is released yet Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* dropbear: bump to 2017.75Kevin Darbyshire-Bryant2017-05-212-17/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - Security: Fix double-free in server TCP listener cleanup A double-free in the server could be triggered by an authenticated user if dropbear is running with -a (Allow connections to forwarded ports from any host) This could potentially allow arbitrary code execution as root by an authenticated user. Affects versions 2013.56 to 2016.74. Thanks to Mark Shepard for reporting the crash. CVE-2017-9078 https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c - Security: Fix information disclosure with ~/.ssh/authorized_keys symlink. Dropbear parsed authorized_keys as root, even if it were a symlink. The fix is to switch to user permissions when opening authorized_keys A user could symlink their ~/.ssh/authorized_keys to a root-owned file they couldn't normally read. If they managed to get that file to contain valid authorized_keys with command= options it might be possible to read other contents of that file. This information disclosure is to an already authenticated user. Thanks to Jann Horn of Google Project Zero for reporting this. CVE-2017-9079 https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123 Refresh patches, rework 100-pubkey_path.patch to work with new authorized_keys validation. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* mac80211: add support for rtl8821ae pcie adapterHans Ulli Kroll2017-05-211-2/+22
| | | | | | | | | Add support for Realtek RTL8821AE/RTL8812AE PCIe adapter. This device supports 802.11ac and bluetooth testet on PC Engines APU with AP and STA mode Signed-off-by: Hans Ulli Kroll <ulli.kroll@googlemail.com>
* linux-firmware: add firmware for rtl8821ae supportHans Ulli Kroll2017-05-211-0/+8
| | | | | | Add needed firmware to support rtl8821ae pcie adapter Signed-off-by: Hans Ulli Kroll <ulli.kroll@googlemail.com>
* base-files: fix default procd reloadAlexandru Ardelean2017-05-201-1/+1
| | | | | | | | | | | | | | | | | | Bug introduced with 6713694. I did not count on procd handling reload as mentioned in this doc: https://wiki.openwrt.org/inbox/procd-init-scripts ``` procd_set_param file /var/etc/your_service.conf # /etc/init.d/your_service reload will restart the daemon if these files have changed procd_set_param netdev dev # likewise, except if dev's ifindex changes. procd_set_param data name=value ... # likewise, except if this data changes. ``` The service would be restarted regardless of any of those params. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* f2fs-tools: Switch to gz tarballDaniel Engberg2017-05-181-3/+3
| | | | | | At some point kernel.org decided to drop xz generated tarballs, switch to gz which they still provide. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mac80211: rt2x00: remove unneccessary codeDaniel Golle2017-05-181-0/+134
| | | | | | | | Use chanreg and dccal helpers to reduce the size of ePA code. Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org> [daniel@makrotopia.org: fixed white-space so patch applies]
* lldpd: drop specific respawn params [use system-wide]Alexandru Ardelean2017-05-181-3/+0
| | | | | | | I think I added these respawn params [a while back], when I did the conversion to procd init script format. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* elfutils: bump to 0.169Luiz Angelo Daros de Luca2017-05-186-241/+271
| | | | | | | | Removed patches (now upstream): - 004-maybe-uninitialized.patch - 007-fix_TEMP_FAILURE_RETRY.patch Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* ath10k-ct-firmware: Add support for QCA9886/QCA9888 firmware.Ben Greear2017-05-181-0/+36
| | | | | | | | | This firmware shoul have the same general feature set as the rest of the 10.4 CT firmware (9984, 9980, etc). Build-tested only in LEDE, but firmware has been tested with ath10k-ct driver on other OSs, so likely works just fine. Signed-off-by: Ben Greear <greearb@candelatech.com>
* ath10k-ct-firmware: Update to latest.Ben Greear2017-05-181-8/+8
| | | | | | | | | | | The 988x and 9887 firmwares include a bugfix for a case where blockack did not work sometimes, and many fixes for compiler warnings detected by newer gcc compilers. The 9980 and 9984 firmware includes a large backport of upstream QCA firmware changes to bring it up to date. Signed-off-by: Ben Greear <greearb@candelatech.com>
* ath10k-ct: Update to latest ath10k-ct driver.Ben Greear2017-05-181-3/+3
| | | | | | | | | | | | | Supports disabling firmware hex logging that many found too verbose. Increase BMI timer so system works more often with 9888 Compex NIC (and maybe others). Allow configuring a specific board-file per NIC using fwcfg file. Maybe fix a scan-busy problem when using CT firmware. Signed-off-by: Ben Greear <greearb@candelatech.com>
* devel/trace-cmd: Update to 2.6.1Daniel Engberg2017-05-181-7/+4
| | | | | | | Update trace-cmd to version 2.6.1 Switch to tarball download Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* comgt-3g: enable modem before to setpinGiuseppe Lippolis2017-05-182-1/+2
| | | | | | some modems needs to be enabled with CFUN=1 before to set the pin Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
* kernel: add hwmon for W83627EHF and familyPhilip Prindeville2017-05-171-0/+17
| | | | | | | | Remove support for NCT6775/6 from W83627EHF driver so the NCT6775 driver will still be used for those chips. Signed-off-by: Daniel Golle <daniel@makrotopia.org> Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* dnsmasq: add IPv6 nameserver configuration in server modeArjen de Korte2017-05-162-1/+11
| | | | | | | | | | | When in ra server mode, configure nameservers passed in router announcements from the dns value (which is already used by odhcpd). This also fixes FS#677 by using the global IPv6 address of the router instead of the link local address (if no nameservers are configured). Signed-off-by: Arjen de Korte <build+lede@de-korte.org> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* libs/libnftnl: Update to 1.0.7Daniel Engberg2017-05-161-3/+3
| | | | | | Update libnftnl to 1.0.7 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* network/utils/curl: Update to 7.54.0Daniel Engberg2017-05-163-16/+16
| | | | | | | Update curl to 7.54.0 Update and fresh patches Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* devel/strace: Update to 4.16Daniel Engberg2017-05-162-3/+3
| | | | | | | Update strace to 4.16 Refresh patch Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* network/utils/ipset: Update to 6.32Daniel Engberg2017-05-161-2/+2
| | | | | | Update ipset to 6.32 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* uhttpd: Enable integrated Lua by defaultAnsuel Smith2017-05-162-4/+17
| | | | | | We enabled lua interpreter by default as it doesn't make any problem in the uhttpd config file and we modify the index page to use it. Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* kernel: add Digi Edgeport USB serial driver packageBjørn Mork2017-05-161-0/+39
| | | | Signed-off-by: Bjørn Mork <bjorn@mork.no>
* uboot-envtools: add support for 8devices RambutanMantas Pucka2017-05-151-0/+4
| | | | Signed-off-by: Mantas Pucka <mantas@8devices.com>
* om-watchdog: add support for Teltonika RUT5xx (ramips)Steffen Weinreich2017-05-152-1/+10
| | | | | | | | | | | Add rut5xx GPIO PIN selection to om-package startup script. Testet on a RUT500 device, the timeout value of the hardware watchdog is about 280 sec. Signed-off-by: Steffen Weinreich <steve@weinreich.org> [split into two commits, bump PKG_RELEASE] Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* om-watchdog: cosmetic code style fixesPiotr Dymacz2017-05-151-31/+31
| | | | Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* om-watchdog: cleanup MakefilePiotr Dymacz2017-05-151-8/+0
| | | | | | Drop redundant Build/Prepare, empty lines and duplicated Build/Compile. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* odhcpd: update to git HEAD versionHans Dedecker2017-05-151-3/+3
| | | | | | | | | | | | | | | | | | 93abe6f config: fix invalid hoplimit in RA message 2ae08d1 config: fix invalid retranstime in RA message 0005cb4 config: fix invalid reachabletime in RA message 5683dd2 config: limit ra_mtu to 65535 f8d40a5 router: fix interface mtu read error f8f4b87 config: limit ra_retranstime to 60000 a2d8bf6 dhcpv4: display two hex digits per octet in syslog a9e9bc4 config: make RA retransTime configurable via uci 2cb6b48 config: make RA reachableTime configurable via uci e4504db config: make RA curHopLimit configurable via uci 9dd5316 config: make RA mtu configurable via UCI 29cb2ff config: fix dhcpv4 server being started 0ef74ec ndp.c: add switch/case fallthrough comments Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* base-files: add led functions to uci-defaults.shAlberto Bursi2017-05-141-0/+8
| | | | | | | | | | | | | uci_set_leds_ataport() allows to set a led to show activity on a specific (s)ata port, which is needed for devices that have a Sata led for each sata port. The led trigger is from the 834-ledtrig-libata.patch LEDE kernel patch. uci_set_leds_usbhost() allows to set a led to show total usb activity. Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it> [Jo-Philipp Wich: use a single underscore to denote private functions] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: cleanup led functions in uci-defaults.shAlberto Bursi2017-05-141-145/+91
| | | | | | | | | | create a function with code common to all led functions, create another function with code common to functions setting a simple led trigger, restore alphabetical order in function names. Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it> [Jo-Philipp Wich: use a single underscore to denote private functions] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mac80211: gracefully handle preexisting VIFJo-Philipp Wich2017-05-141-0/+6
| | | | | | | | | | | | | | | | | | | | Gracefully handle cases where the to-be-created wireless interface already exists on the system which might commonly happen with non-multi-SSID capable wireless drivers. This fixes commit 8301e613655c2d95fa5430a1a57d92d966fdc70b which caused previously ignored "Too many open files in system (-23)" errors to fail the wireless setup procedure. With the updated approach we'll still try recreating the vif after one second if the first attempt to do so failed with ENFILE but we will now consider the operation successfull if a second attempt still yields ENFILE with the requested ifname already existing on the system. Fixes FS#664, FS#704. Suggested-by: Vittorio Gambaletta <openwrt@vittgam.net> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mvebu: add ClearFog Base supportMarko Ratkaj2017-05-141-1/+1
| | | | | | | | | | Add support for SolidRun ClearFog Base board. The base model is a smaller version of ClearFog Pro without the DSA switch, replacing it with a second copper gigabit port, and only one PCIe socket. Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
* mvebu: ClearFog renamed upstream to ClearFog ProMarko Ratkaj2017-05-141-1/+1
| | | | | | The conventional model is now known as the "Clearfog Pro" Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
* mac80211, hostapd: always explicitly set beacon intervalMatthias Schiffer2017-05-134-9/+10
| | | | | | | | | | | | | | | | One of the latest mac80211 updates added sanity checks, requiring the beacon intervals of all VIFs of the same radio to match. This often broke AP+11s setups, as these modes use different default intervals, at least in some configurations (observed on ath9k). Instead of relying on driver or hostapd defaults, change the scripts to always explicitly set the beacon interval, defaulting to 100. This also applies the beacon interval to 11s interfaces, which had been forgotten before. VIF-specific beacon_int setting is removed from hostapd.sh. Fixes FS#619. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* hostapd: remove unused variable declarations in hostapd.shMatthias Schiffer2017-05-131-1/+0
| | | | | | | None of the variables in this "local" declaration are actually set in wpa_supplicant_add_network(). Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* dnsmasq: bump to 2.77rc3Kevin Darbyshire-Bryant2017-05-122-10/+10
| | | | | | Fix [FS#766] Intermittent SIGSEGV crash of dnsmasq-full Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* openvpn: update to v2.4.2Jo-Philipp Wich2017-05-121-2/+2
| | | | | | | | | | | | | Update to version 2.4.2 in order to address two potential Denial-of-Service vectors in OpenVPN. CVE-2017-7478 - Don't assert out on receiving too-large control packets CVE-2017-7479 - Drop packets instead of assert out if packet id rolls over Ref: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.2 Ref: https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* toolchain: Package libgompFlorian Fainelli2017-05-111-0/+35
| | | | | | | Some external toolchains may be configured to enable OpenMP. Provide a package for these libraries which can be used by other packages. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* fritz-tools: Find zlib.h header fileFlorian Fainelli2017-05-111-0/+3
| | | | | | | | Add the necessary changes to CMakeLists.txt to search zlib.h. Fixes build issues with external toolchains that don't have STAGING_DIR in the default search path. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* fritz_tffs_read: fix parsing of size argumentValentin Spreckels2017-05-111-1/+1
| | | | | | The parameter specification missed that -s takes an argument. Signed-off-by: Valentin Spreckels <Valentin.Spreckels@Informatik.Uni-Oldenburg.DE>
* perf: Disable perf for ARC770 only, enable for ARC HS38Alexey Brodkin2017-05-111-1/+1
| | | | | | | | | | | | | | | Toolchain built for ARCv1 (read for ARC700 cores) by default has disabled atomic ops (-mno-atomic). When we build Linux kernel for ARC770 which has LL/SC instructions and thus may handle normally atomic ops we explicitly add "-matomic" in CFLAGS. But since user-space perf utility has no way to extract CPU config options from Kconfig/defconfig it uses compiler default settings. In case of ARCv2 (read ARC HS38) atomics are enabled by default and so perf builds perfectly fine thus reenabling perf for ARC HS38 (actually for non-ARC700 targets). Signed-off-by: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
* dnsmasq: don't propagate DUID from one host to anotherArjen de Korte2017-05-111-1/+1
| | | | | | If no DUID is set for a host, it should be empty, not the last one set for a previous host. Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
* dnsmasq: use append_interface_name when using option --interface-nameHans Dedecker2017-05-092-4/+4
| | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dnsmasq: add interface-name uci list.Daniel Danzberger2017-05-092-1/+7
| | | | | | | | | | | | | | | | | | This patch adds the interface-name option for each dhcp config in /etc/config/dhcp. With the interface_name option users can define a DNS name for each dhcp section that will be resolved by dnsmasq with the underlaying interface address. For example: config dhcp 'lan' option interface 'lan' ... list interface_name 'home.lan' ... Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* dnsmasq: make tftp root if not existingAlberto Bursi2017-05-041-1/+1
| | | | | | | | | | If there's a TFTP root directory configured, create it with mkdir -p (which does not throw an error if the folder exists already) before starting dnsmasq. This is useful for TFTP roots in /tmp, for example. Originally submitted by nfw user aka Nathaniel Wesley Filardo Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
* dnsmasq: fix dhcp_option usage warningHans Dedecker2017-05-041-1/+2
| | | | | | | Don't display unnecessary dhcp_option usage warning in case dhcp_option is empty Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: add legacy_rates option to disable 802.11b data rates.Nick Lowe2017-05-031-8/+20
| | | | | | | | | | | | | | | | | | Setting legacy_rates to 0 disables 802.11b data rates. Setting legacy_rates to 1 enables 802.11b data rates. (Default) The basic_rate option and supported_rates option are filtered based on this. The rationale for the change, stronger now than in 2014, can be found in: https://mentor.ieee.org/802.11/dcn/14/11-14-0099-00-000m-renewing-2-4ghz-band.pptx The balance of equities between compatibility with b clients and the detriment to the 2.4 GHz ecosystem as a whole strongly favors disabling b rates by default. Signed-off-by: Nick Lowe <nick.lowe@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup, defaults change]
* hostapd: fix reload frequency change patchAbhilash Tuse2017-05-032-7/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When sta is configured, hostapd receives 'stop' and 'update' command from wpa_supplicant. In the update command, hostapd gets sta parameters with which it configures ap. Problem is, with the default wireless configuration: mode:11g freq:2.4GHz channel:1 If sta is connected to 5GHz network, then ap does not work. Ideally with 340-reload_freq_change.patch hostapd should reload the frequency changes and start ap in 5GHz, but ap becomes invisible in the network. This issue can be reproduced with following /etc/config/wireless: config wifi-device radio0 option type mac80211 option channel 1 option hwmode 11g option path 'virtual/uccp420/uccwlan' option htmode 'none' config wifi-iface 'ap' option device 'radio0' option encryption 'none' option mode 'ap' option network 'ap' option ssid 'MyTestNet' option encryption none config wifi-iface 'sta' option device radio0 option network sta option mode sta option ssid TestNet-5G option encryption psk2 option key 12345 This change updates current_mode structure based on configured hw_mode received from wpa_supplicant. Also prepare rates table after frequency selection. Signed-off-by: Abhilash Tuse <Abhilash.Tuse@imgtec.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup, patch refresh]
* base-files: implement ucidef_set_hostname(), ucidef_set_ntpserver()Jo-Philipp Wich2017-05-031-0/+20
| | | | | | | | | | | | | | Commit 2036ae4 (base-files: support hostname and ntp servers through board.d) was supposed to implement these procedures but lacked the required changes to uci-defaults.sh. Add the missing procedures now to fix config generation on targets relying on hostname or NTP server presetting. Fixes FS#754. Reported-by: Cristian Morales Vega <cristian@samknows.com> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* opkg: alternatives: use ERROR level for symlink failureYousong Zhou2017-05-031-3/+3
| | | | | | | | Changes since last version 04e279e pkg_alternatives: use ERROR level for symlink failure Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>