openwrt/svn-archive/archive.git
8 years agoBB: openssl: update to 1.0.2f (fixes CVE-2016-0701, CVE-2015-3197) barrier_breaker
Jo-Philipp Wich [Fri, 29 Jan 2016 13:25:24 +0000 (13:25 +0000)]
BB: openssl: update to 1.0.2f (fixes CVE-2016-0701, CVE-2015-3197)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r48531.

SVN-Revision: 48549

8 years agoBB: samba36: add three CVE patches from 2015-12-16
Jo-Philipp Wich [Mon, 11 Jan 2016 11:57:36 +0000 (11:57 +0000)]
BB: samba36: add three CVE patches from 2015-12-16

This is a patch for CVE-2015-5252, CVE-2015-5296 and CVE-2015-5299. A
patchset for these vulnerabilities was published on 16th December 2015.

Signed-off-by: Jan Čermák <jan.cermak@nic.cz>
Backport of r48133

SVN-Revision: 48199

8 years agoBB: build: add a variable pointing to the main openwrt git repositories (useful if...
Jo-Philipp Wich [Mon, 11 Jan 2016 08:44:07 +0000 (08:44 +0000)]
BB: build: add a variable pointing to the main openwrt git repositories (useful if we want to support using a mirror later)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r48117

SVN-Revision: 48198

9 years agoBB: scripts/feeds: add support for optionally using a full clone of git repositories
Jo-Philipp Wich [Mon, 7 Dec 2015 16:30:59 +0000 (16:30 +0000)]
BB: scripts/feeds: add support for optionally using a full clone of git repositories

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r45668

SVN-Revision: 47805

9 years agoBB: openssl: update to v1.0.2e (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195)
Jo-Philipp Wich [Mon, 7 Dec 2015 16:05:54 +0000 (16:05 +0000)]
BB: openssl: update to v1.0.2e (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195)

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r47726.

SVN-Revision: 47804

9 years agohostapd: check for banned client on association event
Rafał Miłecki [Mon, 28 Sep 2015 12:46:58 +0000 (12:46 +0000)]
hostapd: check for banned client on association event

When using FullMAC drivers (e.g. brcmfmac) we don't get mgmt frames so
check for banned client in probe request handler won't ever be used.
Since cfg80211 provides us info about STA associating let's put a check
there.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Backport of r47064

SVN-Revision: 47068

9 years agodnsmasq: backport CVE-2015-3294 security fix
Rafał Miłecki [Tue, 8 Sep 2015 11:03:39 +0000 (11:03 +0000)]
dnsmasq: backport CVE-2015-3294 security fix

Upstream release 2.73 included CVE-2015-3294 fix, let's backport patch
fixing this security issue.
This avoids bumping version to 2.73 which introduced many new features.
This way we keep dnsmasq safe and don't risk new problems.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46817

9 years agoBB: sdk: provide explicit CONFIG_MODULES kconfig symbol
Jo-Philipp Wich [Mon, 27 Jul 2015 23:50:05 +0000 (23:50 +0000)]
BB: sdk: provide explicit CONFIG_MODULES kconfig symbol

Extend the SDK Config.in file to explicitely declare a MODULES symbol with
the "option modules" flag set in order to prevent a kconfig segmentation fault
whenever a "depends m" dependency is encountered.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r46514

SVN-Revision: 46516

9 years agoBB: hostapd: Fix RADIUS connection recovery after initial failure (#18197)
Jo-Philipp Wich [Mon, 27 Jul 2015 13:29:08 +0000 (13:29 +0000)]
BB: hostapd: Fix RADIUS connection recovery after initial failure (#18197)

If the initial attempt at opening the socket connection to the RADIUS
server failed due to missing IP connectivity during startup, e.g., with
"connect[radius]: Network is unreachable", hostapd did not try to
reconnect when RADIUS messages were sent. Instead, it only reported "No
authentication server configured" even if the configuration did have a
server entry.

Backport of upstream commit 94b39e5927e570e6b0fe41d455dde0a361c71c36
("RADIUS client: Fix server connection recovery after initial failure")

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46512

9 years agoBB: openssl: update to v1.0.2d (CVE-2015-1793)
Jo-Philipp Wich [Thu, 9 Jul 2015 13:15:32 +0000 (13:15 +0000)]
BB: openssl: update to v1.0.2d (CVE-2015-1793)

During certificate verification, OpenSSL (starting from version 1.0.1n and
1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this
logic can mean that an attacker could cause certain checks on untrusted
certificates to be bypassed, such as the CA flag, enabling them to use a valid
leaf certificate to act as a CA and "issue" an invalid certificate.

This issue will impact any application that verifies certificates including
SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r46285

SVN-Revision: 46287

9 years agoBB: kernel: kmod-scsi-core: fix load on install
Jonas Gorski [Sat, 4 Jul 2015 12:56:21 +0000 (12:56 +0000)]
BB: kernel: kmod-scsi-core: fix load on install

sd_mod depends on scsi_mod, but due to it being an AutoLoad and not
AutoProbe module, it was not loading when installing the package,
causing unknown symbol errors for sd_mod and anything depending on it.

Closes #14927, #18293, #19351.

Backport of r46176.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 46178

9 years agoBB: uclibc++: make g++-uc* wrappers relocatable
Jo-Philipp Wich [Fri, 3 Jul 2015 13:49:24 +0000 (13:49 +0000)]
BB: uclibc++: make g++-uc* wrappers relocatable

The g++-uc wrapper hardcodes $(STAGING_DIR) and $(TOOLCHAIN_DIR) paths which
will not work outside of the original build environment.

Replace the hardcoded staging_dir occurences with paths relative to the
$STAGING_DIR environment variable to make the g++-uc* wrappers usable in an
SDK environment.

Fixes the libdb47 build failure reported at
  https://lists.openwrt.org/pipermail/openwrt-devel/2015-April/032455.html

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r46162

SVN-Revision: 46164

9 years agoopenssl: bump to 1.0.2c
Steven Barth [Fri, 12 Jun 2015 20:59:57 +0000 (20:59 +0000)]
openssl: bump to 1.0.2c

fixes CVE-2015-4000 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792 CVE-2015-1791

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 45951

9 years agohostapd: fix remote denial of service vulnerability in WMM action frame parsing
Felix Fietkau [Wed, 6 May 2015 09:47:05 +0000 (09:47 +0000)]
hostapd: fix remote denial of service vulnerability in WMM action frame parsing

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r45619

SVN-Revision: 45620

9 years agoBB: openssl: update to v1.0.2a (14 CVEs)
Jo-Philipp Wich [Mon, 23 Mar 2015 14:08:16 +0000 (14:08 +0000)]
BB: openssl: update to v1.0.2a (14 CVEs)

Fixes CVE-2015-0204, CVE-2015-0207, CVE-2015-0208, CVE-2015-0209,
CVE-2015-0285, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289,
CVE-2015-0290, CVE-2015-0291, CVE-2015-0292, CVE-2015-0293, CVE-2015-1787.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 44952

9 years agokernel: remove the netfilter optimization that skips the filter table, it has caused...
Felix Fietkau [Tue, 17 Mar 2015 17:15:15 +0000 (17:15 +0000)]
kernel: remove the netfilter optimization that skips the filter table, it has caused too many issues

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r44873

SVN-Revision: 44874

9 years agoath9k: fix a beacon enable handling bug
Felix Fietkau [Thu, 12 Mar 2015 16:32:07 +0000 (16:32 +0000)]
ath9k: fix a beacon enable handling bug

Backport of r44696

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 44697

9 years agoar71xx: Fix LED polarity for the TP-LINK TL-MR13U.
John Crispin [Tue, 10 Mar 2015 13:26:19 +0000 (13:26 +0000)]
ar71xx: Fix LED polarity for the TP-LINK TL-MR13U.

Please also backport to Barrier Breaker (this same patch applies there too).

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
SVN-Revision: 44645

9 years agoBackport: ar71xx: Fix board detection for the TP-LINK TL-MR13U.
John Crispin [Tue, 10 Mar 2015 13:26:15 +0000 (13:26 +0000)]
Backport: ar71xx: Fix board detection for the TP-LINK TL-MR13U.

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
SVN-Revision: 44644

9 years agoBB: ubox: fix segmentation fault in insmod
Jo-Philipp Wich [Thu, 26 Feb 2015 21:29:57 +0000 (21:29 +0000)]
BB: ubox: fix segmentation fault in insmod

Fix segfault in kmodloader insmod mode due to uninitialized module
directory list.

Apply the required fix as patch for now since we don't have the
ulog infrastructure in BB (yet) required for the git head of ubox.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 44550

9 years agoBB: fstools: fix build with enabled ubifs extroot support
Jo-Philipp Wich [Wed, 25 Feb 2015 18:55:39 +0000 (18:55 +0000)]
BB: fstools: fix build with enabled ubifs extroot support

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r44538

SVN-Revision: 44539

9 years agoBB: fstools: cumulative backport
Jo-Philipp Wich [Wed, 25 Feb 2015 17:43:00 +0000 (17:43 +0000)]
BB: fstools: cumulative backport

- Adds support for /dev/vd* virtual io
- Adds support for overlayfs v23
- Fixes overlayfs mount on 3.18
- Make the block tool ignore case when comparing uuid strings
- Fixes sysupgrade on linux 3.18
- Support extroot/ubi
- Allows using UBIFS volume as overlay and adds support for Btrfs
- Fix exit code of uci-defaults script
- Support external overlays on non-MTD systems again
- Account for new directory structure of overlayfs partitions (additional upper/ component)
- Support executing block from either overlay or rom
- Support loading fstab from either overlay or rom
- Log extroot failures to dmesg

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r42812, r42890, r43090, r43368, r43480, r43485, r43717, r43868, r44180, r44535

SVN-Revision: 44537

9 years agoBB: ubox: kmodloader: support loading kmods from multiple directories
Jo-Philipp Wich [Wed, 25 Feb 2015 17:42:49 +0000 (17:42 +0000)]
BB: ubox: kmodloader: support loading kmods from multiple directories

This is required during early boot in the extroot setup phase to support
loading kmods from the overlay that depend on kmods on the rom partition.

The subsequent mount_root updates will use the LD_LIBRARY_PATH env
variable to pass kmod directories to kmodloader.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r42813, r44533

SVN-Revision: 44536

9 years agosamba36: update to 3.6.25, fixes remote code execution bug (CVE-2015-0240)
Felix Fietkau [Tue, 24 Feb 2015 07:24:29 +0000 (07:24 +0000)]
samba36: update to 3.6.25, fixes remote code execution bug (CVE-2015-0240)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r44515

SVN-Revision: 44516

9 years agoBB: build: improve feed handling for opkg.conf
Jo-Philipp Wich [Fri, 13 Feb 2015 11:59:16 +0000 (11:59 +0000)]
BB: build: improve feed handling for opkg.conf

 - Consider not installed feeds as well
 - Add option to decide whether to comment disabled feeds

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r42931

SVN-Revision: 44441

9 years agoBB:ramips:Kingston MLW221 cleanup
John Crispin [Wed, 11 Feb 2015 05:55:18 +0000 (05:55 +0000)]
BB:ramips:Kingston MLW221 cleanup

MLW221 dts use tabs NOT spaces.
Cleanup uci-defaults and diag.sh

Signed-off-by: L. D. Pinney <ldpinney@gmail.com>
SVN-Revision: 44382

9 years agoopenssl: fix upstream regression for non-ec builds
Steven Barth [Mon, 9 Feb 2015 15:28:09 +0000 (15:28 +0000)]
openssl: fix upstream regression for non-ec builds

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 44365

9 years agoopenssl: bump to 1.0.2
Steven Barth [Mon, 9 Feb 2015 12:13:06 +0000 (12:13 +0000)]
openssl: bump to 1.0.2

Fixes CVE-2014-3513, CVE-2014-3567, CVE-2014-3568, CVE-2014-3566

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 44347

9 years agokernel: add support for NFSv4
John Crispin [Wed, 28 Jan 2015 12:01:51 +0000 (12:01 +0000)]
kernel: add support for NFSv4

To: openwrt-devel@lists.openwrt.org

This work is based on Daniel Colascione's submission to the OpenWrt
devel mailing list on January 15th, 2014. I modified his patch so that
it applied to the current OpenWrt Barrier Breaker tree.

Signed-off-by: W. Michael Petullo <mike@flyn.org>
SVN-Revision: 44162

9 years agoca-certificates: update to 20141019
John Crispin [Wed, 28 Jan 2015 12:01:44 +0000 (12:01 +0000)]
ca-certificates: update to 20141019

update to version 20141019 and
create symbolic link for certificate hashes during installation

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 44161

9 years agoBB : ramips : Backport for Kingston MLWG2
John Crispin [Wed, 28 Jan 2015 10:37:51 +0000 (10:37 +0000)]
BB : ramips : Backport for Kingston MLWG2

Backport r43990 to Barrier Breaker.

http://wiki.openwrt.org/toh/kingston/mlwg2

Signed-off-by: L. D. Pinney <ldpinney@gmail.com>
 target/linux/ramips/base-files/etc/diag.sh                 |   3 +++
 target/linux/ramips/base-files/etc/uci-defaults/01_leds    |   4 +++
 target/linux/ramips/base-files/etc/uci-defaults/02_network |   4 +++
 target/linux/ramips/base-files/lib/ramips.sh               |   3 +++
 target/linux/ramips/base-files/lib/upgrade/platform.sh     |   1 +
 target/linux/ramips/dts/MLWG2.dts                          | 118 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 target/linux/ramips/image/Makefile                         |   2 ++
 7 files changed, 135 insertions(+)

SVN-Revision: 44160

9 years agoBB: fix subject in generated certificates
Jo-Philipp Wich [Sun, 25 Jan 2015 23:56:05 +0000 (23:56 +0000)]
BB: fix subject in generated certificates

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r44149

SVN-Revision: 44152

9 years agoBB: px5g: generate unique serial numbers
Jo-Philipp Wich [Sun, 25 Jan 2015 23:56:02 +0000 (23:56 +0000)]
BB: px5g: generate unique serial numbers

Generate a random serial from /dev/urandom when creating selfsigned certs.
Fixes "sec_error_reused_issuer_and_serial" with Firefox.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r43168

SVN-Revision: 44151

9 years agoBB: gmp: use http instead of ftp download (#18805)
Jo-Philipp Wich [Sat, 24 Jan 2015 13:08:49 +0000 (13:08 +0000)]
BB: gmp: use http instead of ftp download (#18805)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r44082

SVN-Revision: 44095

9 years agoar71xx: backport restart fix from r43777 (fixes #17839)
Felix Fietkau [Tue, 20 Jan 2015 16:41:46 +0000 (16:41 +0000)]
ar71xx: backport restart fix from r43777 (fixes #17839)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 44065

9 years agoar71xx: add support for TL-WA701ND v2
John Crispin [Tue, 20 Jan 2015 15:49:04 +0000 (15:49 +0000)]
ar71xx: add support for TL-WA701ND v2

Signed-off-by: Luigi Tarenga <luigi.tarenga@gmail.com>
SVN-Revision: 44064

9 years agoBB: polarssl: update to v1.3.9 and patch CVE-2015-1182
Jo-Philipp Wich [Tue, 20 Jan 2015 13:02:38 +0000 (13:02 +0000)]
BB: polarssl: update to v1.3.9 and patch CVE-2015-1182

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 44061

9 years agokernel: bridge: multicast: backport a few more fixes for 3.10
Felix Fietkau [Mon, 19 Jan 2015 01:13:25 +0000 (01:13 +0000)]
kernel: bridge: multicast: backport a few more fixes for 3.10

The following patches unfortunately didn't hit the kernel stable
branches yet, therefore cherrypicking them for OpenWRT here:

* bridge: fix netfilter/NF_BR_LOCAL_OUT for own, locally generated queries
* bridge: multicast: enable snooping on general queries only
* bridge: multicast: add sanity check for general query destination

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
Backport of r43841

SVN-Revision: 44049

9 years agomap: backport fixes from trunk
Steven Barth [Tue, 13 Jan 2015 19:02:32 +0000 (19:02 +0000)]
map: backport fixes from trunk

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 43962

9 years agoBB: openssl: update to v1.0.1k (8 CVEs)
Jo-Philipp Wich [Fri, 9 Jan 2015 00:10:55 +0000 (00:10 +0000)]
BB: openssl: update to v1.0.1k (8 CVEs)

Fixes CVE-2014-3571, CVE-2015-0206, CVE-2014-3569, CVE-2014-3572,
CVE-2015-0204, CVE-2015-0205, CVE-2014-8275 and CVE-2014-3570.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 43889

9 years agoar71xx: Fix LED definitions for the DRAGINO2 board
Felix Fietkau [Wed, 7 Jan 2015 16:47:38 +0000 (16:47 +0000)]
ar71xx: Fix LED definitions for the DRAGINO2 board

This patch fixes LED definitions for the DRAGINO2 board.

1. It renames the Router/USB led to System, as it is now marked "SYS" on the board.
2. It gives control of the LAN and WAN leds and some other GPIOs to Linux.
3. It fixes the active_low property for the LAN and WAN leds.
4. It sets up WLAN, LAN and WAN leds in the UCI defaults.
5. It allows usage of the System led by the diag.sh script, so it will be used to indicate boot and failsafe status.

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
Backport of r42897

SVN-Revision: 43867

9 years agoBB: qos-scripts: bump PKG_REVISION and copyright year
Jo-Philipp Wich [Tue, 6 Jan 2015 12:43:49 +0000 (12:43 +0000)]
BB: qos-scripts: bump PKG_REVISION and copyright year

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r43860

SVN-Revision: 43862

9 years agoBB: openvpn: bump PKG_REVISION and copyright year
Jo-Philipp Wich [Tue, 6 Jan 2015 12:43:44 +0000 (12:43 +0000)]
BB: openvpn: bump PKG_REVISION and copyright year

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r43859

SVN-Revision: 43861

9 years agoopenvpn: backport an upstream fix for a regression in using --cipher none (fixes...
Felix Fietkau [Sun, 4 Jan 2015 12:03:51 +0000 (12:03 +0000)]
openvpn: backport an upstream fix for a regression in using --cipher none (fixes #18676)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43823

SVN-Revision: 43824

9 years agomac80211: fix HT mode selection for ad-hoc
Felix Fietkau [Mon, 22 Dec 2014 21:46:52 +0000 (21:46 +0000)]
mac80211: fix HT mode selection for ad-hoc

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43769

SVN-Revision: 43770

9 years agoubi-utils: add mirror md5sum
Felix Fietkau [Mon, 22 Dec 2014 17:43:21 +0000 (17:43 +0000)]
ubi-utils: add mirror md5sum

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43761

SVN-Revision: 43764

9 years agotools/mtd-utils: add mirror md5sum
Felix Fietkau [Mon, 22 Dec 2014 17:43:14 +0000 (17:43 +0000)]
tools/mtd-utils: add mirror md5sum

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43760

SVN-Revision: 43763

10 years agokernel: disable multicast-to-unicast translation for ipv6 neighbor solicitation ...
Felix Fietkau [Wed, 17 Dec 2014 12:29:04 +0000 (12:29 +0000)]
kernel: disable multicast-to-unicast translation for ipv6 neighbor solicitation (#17625)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43736

SVN-Revision: 43737

10 years agobuild: ensure tools are built before building the toolchain
Felix Fietkau [Sat, 13 Dec 2014 12:01:19 +0000 (12:01 +0000)]
build: ensure tools are built before building the toolchain

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43693

SVN-Revision: 43694

10 years agompc85xx: add missing devicetree ranges property for ethernet devices
Felix Fietkau [Sat, 13 Dec 2014 11:44:04 +0000 (11:44 +0000)]
mpc85xx: add missing devicetree ranges property for ethernet devices

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43624

SVN-Revision: 43683

10 years agouClibc: fix ptrace header files for powerpc
Felix Fietkau [Thu, 11 Dec 2014 14:39:40 +0000 (14:39 +0000)]
uClibc: fix ptrace header files for powerpc

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43617

SVN-Revision: 43618

10 years agotelephony: update feed url
Steven Barth [Thu, 11 Dec 2014 10:32:52 +0000 (10:32 +0000)]
telephony: update feed url

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 43615

10 years agouclient: update to the latest version, fixes HTTP digest auth processing
Felix Fietkau [Wed, 10 Dec 2014 16:04:08 +0000 (16:04 +0000)]
uclient: update to the latest version, fixes HTTP digest auth processing

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43600

SVN-Revision: 43601

10 years agoodhcp6c: correctly handle renew-replies with short lease times
Steven Barth [Wed, 10 Dec 2014 10:42:41 +0000 (10:42 +0000)]
odhcp6c: correctly handle renew-replies with short lease times

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 43593

10 years agoqos-scripts: fix insmod commands
Felix Fietkau [Mon, 8 Dec 2014 12:06:02 +0000 (12:06 +0000)]
qos-scripts: fix insmod commands

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43562

SVN-Revision: 43566

10 years agoopenvpn: update to 2.3.6, fixes CVE-2014-8104
Felix Fietkau [Mon, 1 Dec 2014 19:50:45 +0000 (19:50 +0000)]
openvpn: update to 2.3.6, fixes CVE-2014-8104

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43482

SVN-Revision: 43483

10 years agoath9k: fix hardware tx queue allocation order
Felix Fietkau [Sun, 30 Nov 2014 19:45:37 +0000 (19:45 +0000)]
ath9k: fix hardware tx queue allocation order

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43438

SVN-Revision: 43439

10 years agoodhcp6c: backport from trunk to fix busyloop
Steven Barth [Fri, 28 Nov 2014 00:42:24 +0000 (00:42 +0000)]
odhcp6c: backport from trunk to fix busyloop

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 43416

10 years agoBB: brcm63xx: uci-defaults: network: move DSL-274x1 F1 to right section
Jonas Gorski [Tue, 25 Nov 2014 19:09:55 +0000 (19:09 +0000)]
BB: brcm63xx: uci-defaults: network: move DSL-274x1 F1 to right section

The cpu port is at 8, not 5.

Fixes #18406.

Backport of r43379.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 43380

10 years agoralink: disable the ICPlus phy driver
John Crispin [Wed, 19 Nov 2014 14:36:43 +0000 (14:36 +0000)]
ralink: disable the ICPlus phy driver

Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 43321

10 years agoralink: backport the pcie reset fix for mt7620a
John Crispin [Wed, 19 Nov 2014 10:59:12 +0000 (10:59 +0000)]
ralink: backport the pcie reset fix for mt7620a

Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 43313

10 years agoralink: backport the ethernet driver from trunk
John Crispin [Wed, 19 Nov 2014 10:59:10 +0000 (10:59 +0000)]
ralink: backport the ethernet driver from trunk

Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 43312

10 years agolantiq: vgv7519: set some defaults for leds
John Crispin [Mon, 17 Nov 2014 08:31:14 +0000 (08:31 +0000)]
lantiq: vgv7519: set some defaults for leds

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43286

10 years agolantiq: set default led configuration from /sys entry later, after per board settings
John Crispin [Mon, 17 Nov 2014 08:31:06 +0000 (08:31 +0000)]
lantiq: set default led configuration from /sys entry later, after per board settings

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43285

10 years agolantiq: Concatenate multiple flash chips for lantiq-flash (fixed regression)
John Crispin [Mon, 17 Nov 2014 08:31:03 +0000 (08:31 +0000)]
lantiq: Concatenate multiple flash chips for lantiq-flash (fixed regression)

Signed-off-by: Maikel Bloemendal <openwrt@maikelenyvonne.nl>
Tested-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43284

10 years agoRevert "ath9k: fix crashes when using shared IRQs"
Felix Fietkau [Sat, 15 Nov 2014 21:17:21 +0000 (21:17 +0000)]
Revert "ath9k: fix crashes when using shared IRQs"

This backport seems to be incomplete and causing some IRQ related
issues.

This reverts commit r43240

SVN-Revision: 43276

10 years agoath9k: fix crashes when using shared IRQs
Felix Fietkau [Thu, 13 Nov 2014 18:26:27 +0000 (18:26 +0000)]
ath9k: fix crashes when using shared IRQs

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43239

SVN-Revision: 43240

10 years agokernel: ssb: add PCI ID 0x4351
Rafał Miłecki [Sat, 8 Nov 2014 21:00:20 +0000 (21:00 +0000)]
kernel: ssb: add PCI ID 0x4351

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Backport of r43221

SVN-Revision: 43222

10 years agonetifd: fix default ORO for 6rd
Steven Barth [Sat, 8 Nov 2014 12:27:41 +0000 (12:27 +0000)]
netifd: fix default ORO for 6rd

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 43215

10 years agomac80211: merge a few pending upstream fixes
Felix Fietkau [Fri, 7 Nov 2014 11:17:41 +0000 (11:17 +0000)]
mac80211: merge a few pending upstream fixes

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43208

SVN-Revision: 43209

10 years agoBB: lantiq: vr9: vgv7519: load vmmc and tapi module into firmware image
John Crispin [Mon, 3 Nov 2014 08:33:07 +0000 (08:33 +0000)]
BB: lantiq: vr9: vgv7519: load vmmc and tapi module into firmware image

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43166

10 years agoBB: lantiq: vr9: add vpe/watchdog modules to kernel
John Crispin [Mon, 3 Nov 2014 08:33:04 +0000 (08:33 +0000)]
BB: lantiq: vr9: add vpe/watchdog modules to kernel

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43165

10 years agoBB: lantiq: vr9: vgv7519: modify dts to pass cmdline to support vmmc/fxs/vpe
John Crispin [Mon, 3 Nov 2014 08:33:00 +0000 (08:33 +0000)]
BB: lantiq: vr9: vgv7519: modify dts to pass cmdline to support vmmc/fxs/vpe

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43164

10 years agoBB: lantiq: vr9: - modify dts to support vmmc
John Crispin [Mon, 3 Nov 2014 08:32:58 +0000 (08:32 +0000)]
BB: lantiq: vr9: - modify dts to support vmmc

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43163

10 years agoBB: lantiq: exportt ltq_soc_type
John Crispin [Mon, 3 Nov 2014 08:32:55 +0000 (08:32 +0000)]
BB: lantiq: exportt ltq_soc_type

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43162

10 years agoBB: lantiq: vr9: - fix vmmc build
John Crispin [Mon, 3 Nov 2014 08:32:50 +0000 (08:32 +0000)]
BB: lantiq: vr9: - fix vmmc build

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43161

10 years agoBB: lantiq: vr9: - fix tapi build
John Crispin [Mon, 3 Nov 2014 08:32:46 +0000 (08:32 +0000)]
BB: lantiq: vr9: - fix tapi build

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43160

10 years agoBB: lantiq:
John Crispin [Mon, 3 Nov 2014 08:32:38 +0000 (08:32 +0000)]
BB: lantiq:

MIPS: Fix rtlx build error.

      CC      arch/mips/kernel/rtlx.o
    /home/ralf/src/linux/upstream-sfr/arch/mips/kernel/rtlx.c: In function ‘file_write’:
    /home/ralf/src/linux/upstream-sfr/arch/mips/kernel/rtlx.c:439:23: error: unused variable ‘rt’ [-Werror=unused-variable]
    /home/ralf/src/linux/upstream-sfr/arch/mips/kernel/rtlx.c: In function ‘rtlx_module_init’:
    /home/ralf/src/linux/upstream-sfr/arch/mips/kernel/rtlx.c:523:3: error: implicit declaration of function ‘set_vi_handler’ [-Werror=implicit-function-declaration]
    cc1: all warnings being treated as errors

    Caused by 496ad9aa8ef448058e36ca7a787c61f2e63f0f54 [new helper:
    file_inode(file)].

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43159

10 years agoBB: lantiq: falcon/vr9 - add support for vpe1
John Crispin [Mon, 3 Nov 2014 08:32:34 +0000 (08:32 +0000)]
BB: lantiq: falcon/vr9 - add support for vpe1

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43158

10 years agoBB: lantiq: falcon/vr9 - vpe softdog
John Crispin [Mon, 3 Nov 2014 08:32:32 +0000 (08:32 +0000)]
BB: lantiq: falcon/vr9 - vpe softdog

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43157

10 years agoBB: lantiq: ltq-vmmc add support for ar9-vr9
John Crispin [Mon, 3 Nov 2014 08:32:30 +0000 (08:32 +0000)]
BB: lantiq: ltq-vmmc add support for ar9-vr9

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43156

10 years agoBB: feeds: use https for LuCI github feed, like all others
Jo-Philipp Wich [Sat, 1 Nov 2014 10:09:51 +0000 (10:09 +0000)]
BB: feeds: use https for LuCI github feed, like all others

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 43142

10 years agoBB: feeds: switch to LuCI github repo
Jo-Philipp Wich [Sat, 1 Nov 2014 09:44:56 +0000 (09:44 +0000)]
BB: feeds: switch to LuCI github repo

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 43141

10 years agotarget/imagebuilder: remove obsolete !TARGET_ROOTFS_INITRAMFS dependency
Felix Fietkau [Fri, 31 Oct 2014 12:59:42 +0000 (12:59 +0000)]
target/imagebuilder: remove obsolete !TARGET_ROOTFS_INITRAMFS dependency

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43128

SVN-Revision: 43129

10 years agolantiq: vgv7519: fix profile, this board have a rt2800-pci board
John Crispin [Thu, 30 Oct 2014 08:13:05 +0000 (08:13 +0000)]
lantiq: vgv7519: fix profile, this board have a rt2800-pci board

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43116

10 years agolantiq: vgv7519: fix board_config on dts, read mac address and set it
John Crispin [Wed, 29 Oct 2014 20:51:43 +0000 (20:51 +0000)]
lantiq: vgv7519: fix board_config on dts, read mac address and set it

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43110

10 years agoBB: busybox: make high ASCII chars printable (#7993)
Jo-Philipp Wich [Mon, 27 Oct 2014 11:22:41 +0000 (11:22 +0000)]
BB: busybox: make high ASCII chars printable (#7993)

Currently busybox utils like "ls" fail to display filenames containing UTF-8
characters, replacing any special characters with "?".

Change libbb's printable_string() function to allow high ASCII characters so
that unicode filenames are displayed correctls.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r43084

SVN-Revision: 43085

10 years agoBB: px5g-standalone: use /dev/urandom to initialize serial (#18232)
Jo-Philipp Wich [Mon, 27 Oct 2014 11:09:37 +0000 (11:09 +0000)]
BB: px5g-standalone: use /dev/urandom to initialize serial (#18232)

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r43080

SVN-Revision: 43083

10 years agoBB: uhttpd: fix HTTP incompatibilities in file handler
Jo-Philipp Wich [Mon, 27 Oct 2014 11:09:09 +0000 (11:09 +0000)]
BB: uhttpd: fix HTTP incompatibilities in file handler

 * Fixes sending an extraneous message body for 204 and 304 resoponses which
   breaks Chrome in keep-alive mode.

 * Adds mimetypes for JSON and JSONP.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r43078

SVN-Revision: 43082

10 years agomac80211: fix key flush handling in AP+STA
Felix Fietkau [Mon, 27 Oct 2014 11:07:45 +0000 (11:07 +0000)]
mac80211: fix key flush handling in AP+STA

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43079

SVN-Revision: 43081

10 years agompc85xx: fix WAN/LAN-MAC for TP-LINK TL-WDR4900 v1
John Crispin [Sun, 26 Oct 2014 20:33:34 +0000 (20:33 +0000)]
mpc85xx: fix WAN/LAN-MAC for TP-LINK TL-WDR4900 v1

This works around a bootloader issue where every device
has the same lan/wan-mac 00:04:9f:ef:01:01 - with this patch
we read the macs from config-partition during initial network
setup. We have 9 valid macs stored in the partition, the
1st two are used for the radios, 3 and 4 are now used for WAN/LAN.

on an already setup / running device we can get the real macs with
. /lib/functions.sh
. /lib/functions/system.sh
echo "LAN = $(mtd_get_mac_binary config 338)"
echo "WAN = $(mtd_get_mac_binary config 344)"

see:
https://dev.openwrt.org/ticket/14714

from the ticket / user klondike:
U-Boot passed this commit https://gitorious.org/0xlab-kernel/u-boot/commit/ecd1a09b81f2ed6e6ba7bd1d0bfb0cc3d0ea2ad0
http://u-boot.10912.n7.nabble.com/U-Boot-PATCH-mpc83xx-remove-hardcoded-network-addresses-from-config-files-td44372.html
I suppose to prevent this particular issue, but the WDR4900 may be using an old bootloader still affected.
                                                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

I have been checking the contents of the dtb on the flash, this particular bit is quite revealing:

ethernet@b0000 {
                        #address-cells = <0x1>;
                        #size-cells = <0x1>;
                        device_type = "network";
                        model = "eTSEC";
                        compatible = "fsl,etsec2";
                        fsl,num_rx_queues = <0x8>;
                        fsl,num_tx_queues = <0x8>;
                        local-mac-address = [00 00 00 00 00 00];
                                             ^^^^^^^^^^^^^^^^^

                        interrupt-parent = <0x2>;
                        phy-handle = <0x3>;
                        phy-connection-type = "rgmii-id";
                        ptimer-handle = <0x4>;

                        queue-group@0 {
                                #address-cells = <0x1>;
                                #size-cells = <0x1>;
                                reg = <0xb0000 0x1000>;
                                rx-bit-map = <0xff>;
                                tx-bit-map = <0xff>;
                                interrupts = <0x1d 0x2 0x1e 0x2 0x22 0x2>;
                        };
                };

I also have been checking the live device map to find this:

root@GHS-AP3:~# hexdump -C /proc/device-tree/soc@ffe00000/ethernet@b0000/local-mac-address
00000000  00 04 9f ef 01 01                                 |......|
00000006
root@GHS-AP3:~# hexdump -C /proc/device-tree/soc@ffe00000/ethernet@b1000/local-mac-address
*
root@GHS-AP3:~# hexdump -C /proc/device-tree/soc@ffe00000/ethernet@b2000/local-mac-address
*

My conclussion is that U-Boot most likely finds the device and (as no valid MAC-address is provided)
falls back to the default MAC provided by the old code, the kernel then receives thee modified
device map from U-Boot and assumes this is the correct MAC for the device despite it obviously isn't.

This can be seen at
target/linux/mpc85xx/patches-3.10/140-powerpc-85xx-tl-wdr4900-v1-support.patch

The enetaddr is filled up by using the device tree data by the process_boot_dtb
function and used by the platform_fixups function to set the eth0 address
(by calling dt_fixup_mac_address_by_alias("ethernet0", enetaddr); ).
But instead we should be used the device address which to my understanding is
provided in the mtd.

Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
Backport of r43074

SVN-Revision: 43077

10 years agoBB: vgv7519: support more recent board release with vrx288 v1.2
John Crispin [Sun, 26 Oct 2014 17:59:55 +0000 (17:59 +0000)]
BB: vgv7519: support more recent board release with vrx288 v1.2

The existance of this new board has been confirmed and tested by the guy on this commit

https://github.com/openwrt-vgv7519/uboot-bin/commit/76fdd8e638f81e324ffe77856481bd147398f6e8

SVN-Revision: 43075

10 years agokernel: makefiles: make use of new var KERNEL_PATCHVER
Rafał Miłecki [Sun, 26 Oct 2014 13:27:27 +0000 (13:27 +0000)]
kernel: makefiles: make use of new var KERNEL_PATCHVER

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Inspired by r43047

SVN-Revision: 43067

10 years agokernel: allow targets to specify KERNEL_PATCHVER instead of LINUX_VERSION
Rafał Miłecki [Sun, 26 Oct 2014 13:26:59 +0000 (13:26 +0000)]
kernel: allow targets to specify KERNEL_PATCHVER instead of LINUX_VERSION

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Backport of r43043

SVN-Revision: 43066

10 years agofindutils: add dependency on bison
Felix Fietkau [Sun, 26 Oct 2014 11:27:15 +0000 (11:27 +0000)]
findutils: add dependency on bison

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43064

SVN-Revision: 43065

10 years agobase-files: add /etc/shadow to list of essential files to keep in sysupgrade (bug...
Felix Fietkau [Sat, 25 Oct 2014 17:23:14 +0000 (17:23 +0000)]
base-files: add /etc/shadow to list of essential files to keep in sysupgrade (bug 18206)

Based on bug #18206 sysupgrade can lead to loss of password information in
certain situations. Most likely all users who will upgrade from versions
r43017-43040, will lose their current passwords. :-(
https://dev.openwrt.org/ticket/18206

Currently /etc/shadow is defined as a conffile in base-files:
https://dev.openwrt.org/browser/trunk/package/base-files/Makefile#L37

But it is not defined in the default list of essential files to keep in
sysupgrade:
https://dev.openwrt.org/browser/trunk/package/base-files/files/lib/upgrade/keep.d/base-files-essential

If exporting conffiles info fails, /etc/shadow can get lost.

Shadow passwords are now the default, so saying that preserving /etc/passwd
is essential while /etc/shadow is not, makes no sense.

The attached patch adds /etc/shadow to the list of essential files.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Backport of r43061

SVN-Revision: 43062

10 years agoodhcp6c: avoid some unnecessary big mallocs
Steven Barth [Sat, 25 Oct 2014 10:39:31 +0000 (10:39 +0000)]
odhcp6c: avoid some unnecessary big mallocs

SVN-Revision: 43057

10 years agoath9k: fix regulatory notifier calls with CONFIG_ATH_USER_REGD=y (#18211)
Felix Fietkau [Sat, 25 Oct 2014 09:31:04 +0000 (09:31 +0000)]
ath9k: fix regulatory notifier calls with CONFIG_ATH_USER_REGD=y (#18211)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 43055

10 years agomac80211: refresh patches
Felix Fietkau [Sat, 25 Oct 2014 09:31:01 +0000 (09:31 +0000)]
mac80211: refresh patches

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 43054

10 years agoath9k: backport tx power reporting fix
Felix Fietkau [Sat, 25 Oct 2014 09:30:59 +0000 (09:30 +0000)]
ath9k: backport tx power reporting fix

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 43053