3 years agoopenvpn: update to v2.4.2
Jo-Philipp Wich [Fri, 12 May 2017 09:48:58 +0000 (11:48 +0200)]
openvpn: update to v2.4.2

Update to version 2.4.2 in order to address two potential Denial-of-Service
vectors in OpenVPN.

CVE-2017-7478 - Don't assert out on receiving too-large control packets
CVE-2017-7479 - Drop packets instead of assert out if packet id rolls over


Signed-off-by: Jo-Philipp Wich <>
3 years agoopenvpn: add myself as maintainer
Felix Fietkau [Mon, 3 Apr 2017 07:00:32 +0000 (09:00 +0200)]
openvpn: add myself as maintainer

Signed-off-by: Felix Fietkau <>
3 years agoOpenVPN: Update to 2.4.1
Daniel Engberg [Mon, 27 Mar 2017 12:51:44 +0000 (14:51 +0200)]
OpenVPN: Update to 2.4.1

Update OpenVPN to 2.4.1
Remove 200-small_build_enable_occ.patch as it's included upstream.
Refresh patches
Add mirror and switch to HTTPS

Signed-off-by: Daniel Engberg <>
3 years agoopenvpn: add extra respawn parameters
Martin Schiller [Thu, 16 Mar 2017 10:25:53 +0000 (11:25 +0100)]
openvpn: add extra respawn parameters

This change protects the openvpn instances to be marked as "in a crash
loop" and thereby the connection retries will run infinitely.

When the remote site of an openvpn connection goes down for some time
(network failure etc.) the openvpn instance in an openwrt/lede device
should not stop retrying to establish the connection.

With the current limit of 5 retries, there is a user interaction
required, which isn't really what you want when the device should
simply do everything to keep the vpn connection up.

Signed-off-by: Martin Schiller <>
3 years agoopenvpn: move list of params and bools to a separate file
Yousong Zhou [Sun, 26 Feb 2017 07:22:04 +0000 (15:22 +0800)]
openvpn: move list of params and bools to a separate file

So that future patches for addition/removal of them can be more

Signed-off-by: Yousong Zhou <>
4 years agoramips: fixup-mac-address: add missing include
Jo-Philipp Wich [Wed, 10 May 2017 22:50:48 +0000 (00:50 +0200)]
ramips: fixup-mac-address: add missing include

Add missing include of in order to import the missing
ramips_board_name() procedure.

Fixes FS#774.

Signed-off-by: Jo-Philipp Wich <>
4 years agodnsmasq: support dhcp_option config as a list
Hans Dedecker [Wed, 26 Apr 2017 20:37:27 +0000 (22:37 +0200)]
dnsmasq: support dhcp_option config as a list

Configuring dhcp_option as an option does not allow the usage of white
spaces in the option value; fix this by supporting dhcp_option as a list
config while still supporting the option config to maintain backwards

Signed-off-by: Jo-Philipp Wich <>
Signed-off-by: Hans Dedecker <>
4 years agobcm53xx: backport DT patches for serial, thermal and MDIO
Rafał Miłecki [Thu, 20 Apr 2017 20:15:09 +0000 (22:15 +0200)]
bcm53xx: backport DT patches for serial, thermal and MDIO

Signed-off-by: Rafał Miłecki <>
4 years agoramips: add factory firmware for Tp-Link C20i/C50
Henryk Heisig [Fri, 5 May 2017 15:07:28 +0000 (17:07 +0200)]
ramips: add factory firmware for Tp-Link C20i/C50

TP-Link firmware doesn't accept sysupgrade.bin with metadata.

Signed-off-by: Henryk Heisig <>
4 years agobrcm63xx: fix invalid Asmax AR 1004g DTS reference
Marcin Jurkowski [Fri, 21 Apr 2017 00:36:18 +0000 (02:36 +0200)]
brcm63xx: fix invalid Asmax AR 1004g DTS reference

Build profile for Asmax AR 1004g refers to an invalid DTS "rg100a". The
correct DTS for this device is "ar1004g".

Signed-off-by: Marcin Jurkowski <>
4 years agolantiq: fix avm fritz box mac addresses
Mathias Kresin [Sun, 26 Mar 2017 08:53:35 +0000 (10:53 +0200)]
lantiq: fix avm fritz box mac addresses

It has been shown that the Fritz boxes have the correct mac address set
in the wireless calibration data/eeeprom. Use this mac address as base
for the ethernet and xdsl interface increment/decrement the address to
match the values stored in the tffs.

Signed-off-by: Mathias Kresin <>
4 years agoramips: enable ramdisk for mt7621
Paul Spooren [Wed, 3 May 2017 22:47:34 +0000 (00:47 +0200)]
ramips: enable ramdisk for mt7621

Fixes #758

Signed-off-by: Paul Spooren <>
4 years agoipq806x: fix EA8500 switch configuration
Jo-Philipp Wich [Wed, 3 May 2017 11:59:55 +0000 (13:59 +0200)]
ipq806x: fix EA8500 switch configuration

Do not assign the CPU port twice, this confuses LuCI and possible other
programs relying on topology information in board.json.


Signed-off-by: Jo-Philipp Wich <>
4 years agobase-files: implement ucidef_set_hostname(), ucidef_set_ntpserver()
Jo-Philipp Wich [Wed, 3 May 2017 11:32:33 +0000 (13:32 +0200)]
base-files: implement ucidef_set_hostname(), ucidef_set_ntpserver()

Commit 2036ae4 (base-files: support hostname and ntp servers through board.d)
was supposed to implement these procedures but lacked the required changes

Add the missing procedures now to fix config generation on targets relying
on hostname or NTP server presetting.

Fixes FS#754.

Reported-by: Cristian Morales Vega <>
Signed-off-by: Jo-Philipp Wich <>
4 years agomac80211: rt2800: fix mt7620 E2 channel registers
Tomislav Požega [Fri, 14 Apr 2017 18:59:47 +0000 (20:59 +0200)]
mac80211: rt2800: fix mt7620 E2 channel registers

update RF register 47 and 54 values according to vendor driver

Signed-off-by: Tomislav Požega <>
Signed-off-by: Daniel Golle <>
[ moved changes into a separate patch]

4 years agomac80211: rt2800: fix mt7620 vco calibration registers
Tomislav Požega [Sun, 16 Apr 2017 12:14:42 +0000 (14:14 +0200)]
mac80211: rt2800: fix mt7620 vco calibration registers

Use register values from init LNA function instead of the ones from
restore LNA function. Apply register values based on rx path

Signed-off-by: Tomislav Požega <>
Signed-off-by: Daniel Golle <>
[ moved changes into a separate patch]

4 years agomac80211: rt2x00: fix MT7620 LNA gain and VCO-after-ALC
Daniel Golle [Mon, 17 Apr 2017 19:38:32 +0000 (21:38 +0200)]
mac80211: rt2x00: fix MT7620 LNA gain and VCO-after-ALC

This should fix issues with bad RX as well as AP not coming up and/or
scanning failing.

Signed-off-by: Daniel Golle <>
4 years agomac80211: rt2x00: import upstream changes and rebase our patches
Daniel Golle [Thu, 30 Mar 2017 16:08:49 +0000 (18:08 +0200)]
mac80211: rt2x00: import upstream changes and rebase our patches

Some of our local patches have been accepted upstream. And there are
some more relevant changes (mostly for rt2800usb). Import them and
rebase our remaining local patches on top.

Signed-off-by: Daniel Golle <>
4 years agort2x00: mt7620: make fixes requested upstream
Daniel Golle [Sat, 11 Mar 2017 13:10:16 +0000 (14:10 +0100)]
rt2x00: mt7620: make fixes requested upstream

Introduce RT6352 instead of matching against RF7620.
Clean up channel setting rfvals.
Port bandwidth filter calibration.

Signed-off-by: Daniel Golle <>
4 years agort2x00: mt7620: yet another beauty session
Daniel Golle [Mon, 13 Feb 2017 05:25:35 +0000 (06:25 +0100)]
rt2x00: mt7620: yet another beauty session

So here is another round of improvements for MT7620 WiFi.

This commit fixes a few significant issues related to TX_PWR_CFG_x and
TX_ALC and also makes the code more readable by adding register
descriptions for things added for MT7620 and use the usual bit-field
access macros and the now defined macros instead of plain bit-ops and
magic numbers.

Properly describe EEPROM_TARGET_POWER at word 0x68 (== byte 0xD0) and
thereby fix internal TXALC which would otherwise just read
out-of-bounds of the EEPROM map.

Split-out tx-power/ALC related stuff into an additional function.
Fix VCO calibration, it was carried out properly in the channel
switching but incomplete in the actual VCO calibration function.
Also there is no need to trigger VCO calibration in channel switching,
the VCO calibration function is already being called at this point.
Remove it from channel switching function to avoid redundant code.

The TX power calibration differs significantly from all other
Mediatek/Ralink chips: They finally allow 0.5dB steps stored as 8-bit
values for (almost) each bitrate -- and promptly ran out of space and
for some reason didn't want to change the EEPROM layout. The hence
opted for a scheme of sharing values for some adjecent bitrates and
a highly over-complicated (or obfuscated?) way to populate the
TX_PWR_CFG_x registers with the values stored in the EEPROM.
The code here now looks much less complicated than what you see in the
vendor's driver, however, it does the exact same thing:
bGpwrdeltaMinus is a constant and always TRUE, hence half of the
code was dead. Gpwrdelta is always 0 (rather than using the value read
from the EEPROM). What remains is some very grotesque effort to avoid
0x20, probably some hardware bug related to some misunderstanding of
what a singed 8-bit value is (imagine: if it was a signed 6-bit value
then someone could believe that 0x20 == 0x0). And then they didn't
clean it up once they later on anandonned that whole story of having a
constant offset for 40 MHz channels and just set the offset to be
constant 0 -- there is no effort for avoiding 0x20 for the 20 MHz
values stored in the EEPROM, hence that's probably just a forbidden
value in the EEPROM specs and won't appear anyway...
Anyway, the whole thing felt like solving some college math test
where in the end everything cancels out and the result equals 0 ;)
To make sure that channel bandwidth power compensation really doesn't
need to be taken care of, output a warning when the corresponding
value stored in the EEPROM is non-zero.

Also there is no apparent reason to refrain from initializing RFCSR
register 13, it doesn't fail what-so-ever.

Signed-off-by: Daniel Golle <>
4 years agomac80211: add rt2x00 debug symbols to PKG_CONFIG_DEPENDS
Jonas Gorski [Wed, 12 Apr 2017 10:44:12 +0000 (12:44 +0200)]
mac80211: add rt2x00 debug symbols to PKG_CONFIG_DEPENDS

Chaning these symbols require a recompilation of the modules, so make the
system aware of it.

Signed-off-by: Jonas Gorski <>
4 years agoath9k: fix power limits on init
Felix Fietkau [Wed, 22 Mar 2017 19:46:14 +0000 (20:46 +0100)]
ath9k: fix power limits on init

The tx power applied by set_txpower is limited by the CTL (conformance
test limit) entries in the EEPROM. These can change based on the user
configured regulatory domain.
Depending on the EEPROM data this can cause the tx power to become too
limited, if the original regdomain CTLs impose lowr limits than the CTLs
of the user configured regdomain.

To fix this issue, set the initial channel limits without any CTL
restrictions and only apply the CTL at run time when setting the channel
and the real tx power.

Signed-off-by: Felix Fietkau <>
4 years agoath: do not apply broken power limits with ATH_USER_REGD
Felix Fietkau [Wed, 22 Mar 2017 19:24:32 +0000 (20:24 +0100)]
ath: do not apply broken power limits with ATH_USER_REGD

If a device uses the default EEPROM code, typically only the main CTLs
are valid, and they do not apply properly when switching to a different
regulatory domain. If the regdomain deviates from the EEPROM one, force
the world roaming regdomain to ensure that power limits are sane

Signed-off-by: Felix Fietkau <>
4 years agoodhcpd: update to version 2017-04-28 (FS#595)
Hans Dedecker [Fri, 28 Apr 2017 19:45:10 +0000 (21:45 +0200)]
odhcpd: update to version 2017-04-28 (FS#595)

9268ca6 ndp: don't trigger IPv6 ping when neighbor entry is invalid
2b3355f ndp: fix adding proxy neighbor entries
7dff5b4 ndp: fix wrong interface name in syslog message
a54afb5 dhcpv6-ia: Fix segfault when writing DHCPv4 leases in state file
c0e9dbf ubus: don't segfault when there're no leases

Signed-off-by: Hans Dedecker <>
4 years agoodhcpd: update to version 2017-04-21
Hans Dedecker [Mon, 24 Apr 2017 16:39:59 +0000 (18:39 +0200)]
odhcpd: update to version 2017-04-21

570069d ubus: rework dumping IPv6 and IPv4 leases
4e579c4 dhcpv6-ia: simplify logic to write statefile and dhcpv6 logging

Signed-off-by: Hans Dedecker <>
4 years agobuild: fix symlinked .config handling
Sergey Ryazanov [Thu, 20 Apr 2017 02:10:45 +0000 (05:10 +0300)]
build: fix symlinked .config handling

When running "make menuconfig" with symlinked .config (e.g. to
env/.config) it renames symlink to .config.old, creates new .config file
and writes updated configuration here.

This breaks the desired workflow when changes in the configuration could
be checked using "scripts/env diff" and commited with
"scripts/env save". Since the env/.config file is not updated.

Fix this issue by exporting KCONFIG_OVERWRITECONFIG=1, which forces
mconf to overwrite the .config content, instead of renaming it and
creating a new file. This variable is set only if .config is a symlink,
otherwise the variable is not exported and the old behaviour is

Signed-off-by: Sergey Ryazanov <>
4 years agoramips: WN3000RPv3: do not setup switch
Thibaut VARENE [Sun, 12 Feb 2017 16:11:08 +0000 (17:11 +0100)]
ramips: WN3000RPv3: do not setup switch

The WN3000RPv3 is a repeater with a single ethernet port. Setting up the
switch, even to disable it, is unnecessary and possibly confusing.

Configure LAN as eth0 instead.

Signed-off-by: Thibaut VARENE <>
4 years agobrcm63xx: Add Observa VH4032N support
Daniel Gonzalez Cabanelas [Sat, 3 Dec 2016 14:51:05 +0000 (15:51 +0100)]
brcm63xx: Add Observa VH4032N support

Add support for the Observa Telecom VH4032N router.

This is another BCM6368 router, 128 MB RAM, 32MB flash and 3 USB
host ports.

The wifi chip is an onboard Broadcom BCM43222.

Signed-off-by: Daniel Gonzalez Cabanelas <>
[jonas.gorski: use gpio-hog instead of abusing ephy-reset]
Signed-off-by: Jonas Gorski <>
4 years agocns3xxx: use proper macro's for ID handling
Koen Vandeputte [Mon, 6 Feb 2017 11:11:39 +0000 (12:11 +0100)]
cns3xxx: use proper macro's for ID handling

Compiled & tested on cns3xxx

Signed-off-by: Koen Vandeputte <>
4 years agoramips: add support for Sanlinking D240
Kristian Evensen [Sat, 4 Feb 2017 20:28:52 +0000 (21:28 +0100)]
ramips: add support for Sanlinking D240

The Sanlinking Technologies D240
( is basically the same
device as the ZBT WE826, so adding support for it in LEDE is straight forward.
The differences is that the D240 has two mini-PCIe slots (instead of one), blue
LEDs and supports PoE.

* CPU: MT7620A
* 1x 10/100Mbps POE (802.3af/802.3at) Ethernet, 4x 10/100Mbps.
* 16 MB Flash.
* 128 MB RAM.
* 1x USB 2.0 port.
* 2x mini-PCIe slots.
* 2x SIM slots.
* 1x 2.4Ghz WIFI.
* 1x button.

Wifi, USB, switch and both mini-PCIe slots are working. I have not been able to
test the SD card reader.

The device comes pre-installed with an older version of OpenWRT, including Luci.
In order to install LEDE, you need to follow the existing procedure for updating
OpenWRT/LEDE using Luci. I.e., you need to access the UI and update the firmware
using the sysupgrade-image. Remember to select that you do not want to keep
existing settings. The default router address is and
username/password admin/root (at least on my devices).

If you brick the device, the procedure for recovery is the same as for the
WE826. Please see the wiki page for that device for instructions.

Signed-off-by: Kristian Evensen <>
4 years agoar71xx: select ATH79_NVRAM only by boards actually use it
Piotr Dymacz [Fri, 27 Jan 2017 14:50:35 +0000 (15:50 +0100)]
ar71xx: select ATH79_NVRAM only by boards actually use it

Signed-off-by: Piotr Dymacz <>
4 years agoramips: fix Sercomm NA930 compatible string
Mathias Kresin [Thu, 2 Feb 2017 21:35:59 +0000 (22:35 +0100)]
ramips: fix Sercomm NA930 compatible string

The Sercomm NA930 is not a mt7620a evaluation board and shouldn't use
the eval board compatible string.

Signed-off-by: Mathias Kresin <>
4 years agoramips: remove Planex CS-QR10 sound device tree node
Mathias Kresin [Thu, 2 Feb 2017 21:34:53 +0000 (22:34 +0100)]
ramips: remove Planex CS-QR10 sound device tree node

The comptible string is neither added by any LEDE patch nor exists in
in the kernel. Drop the sound node which was obviously added
accidentally with 9195d8da ("ramips: DTS rework").

Signed-off-by: Mathias Kresin <>
4 years agoramips: cleanup SPI flash device tree properties usage
Mathias Kresin [Thu, 2 Feb 2017 21:11:23 +0000 (22:11 +0100)]
ramips: cleanup SPI flash device tree properties usage

Use only the jedec,spi-nor compatible string. Everything else either
never worked or is only support to keep compatibility.

Remove the linux,modalias property. It is obsolete since kernel 4.4.

Signed-off-by: Mathias Kresin <>
4 years agoramips: remove DT pcie nodes for GL-MT300A/N
Felix Fietkau [Wed, 1 Feb 2017 12:53:57 +0000 (13:53 +0100)]
ramips: remove DT pcie nodes for GL-MT300A/N

These devices don't have a secondary wifi chip

Signed-off-by: Felix Fietkau <>
4 years agorpcd: Explicitly link with lcrypt
Florian Fainelli [Sun, 1 Jan 2017 00:13:34 +0000 (16:13 -0800)]
rpcd: Explicitly link with lcrypt

Fixes build issues with some toolchains that don't add lcrypt in the default
search paths:

CMakeFiles/rpcd.dir/session.c.o: In function `rpc_login_test_password':
build_dir/target-mipsel-linux-gnu/rpcd-2016-12-03-0577cfc1/session.c:823: undefined reference to `crypt'
collect2: error: ld returned 1 exit status

Signed-off-by: Florian Fainelli <>
4 years agoramips: ZyXEL Keenetic Omni/Omni2: export gpio usb power
Vitaly Chekryzhev [Fri, 20 Jan 2017 13:03:15 +0000 (18:03 +0500)]
ramips: ZyXEL Keenetic Omni/Omni2: export gpio usb power

Export gpio usb to allow power management of USB port.

Signed-off-by: Vitaly Chekryzhev <>
4 years agoramips: ZyXEL Keenetic Viva: align factory images
Vitaly Chekryzhev [Fri, 20 Jan 2017 12:57:11 +0000 (17:57 +0500)]
ramips: ZyXEL Keenetic Viva: align factory images

ZyXEL web-flasher requires squashfs to be aligned to 64kb.

Signed-off-by: Vitaly Chekryzhev <>
4 years agoramips: ZyXEL Keenetic Viva: export gpio usb power
Vitaly Chekryzhev [Tue, 3 Jan 2017 18:18:55 +0000 (23:18 +0500)]
ramips: ZyXEL Keenetic Viva: export gpio usb power

Export gpio usb to allow power management of USB port.

Signed-off-by: Vitaly Chekryzhev <>
4 years agoramips: add ip17xx support to WLI-TX4-AG300N
Yo Abe [Thu, 26 Jan 2017 13:28:09 +0000 (22:28 +0900)]
ramips: add ip17xx support to WLI-TX4-AG300N

ramips/rt288x WLI-TX4-AG300N was missing support for its 100Mbit switch which
should be included by default.

Signed-off-by: Yo Abe <>
[Jo-Philipp Wich: picked from OpenWrt PR#359, rewrap commit msg, fix Sob]
Signed-off-by: Jo-Philipp Wich <>
4 years agoramips: fix EX2700 wireless mac
Joseph C. Lehner [Wed, 25 Jan 2017 16:57:56 +0000 (17:57 +0100)]
ramips: fix EX2700 wireless mac

On some EX2700 devices, the MAC address from the eeprom data differs
from the actual MAC address. Fix that, and cleanup the DTS file
while we're at it.

Signed-off-by: Joseph C. Lehner <>
4 years agoramips: ZyXEL Keenetic series update wan mac
Vitaly Chekryzhev [Thu, 5 Jan 2017 11:25:59 +0000 (16:25 +0500)]
ramips: ZyXEL Keenetic series update wan mac

Signed-off-by: Vitaly Chekryzhev <>
4 years agoramips: ZyXEL Keenetic Omni align factory images
Vitaly Chekryzhev [Thu, 5 Jan 2017 11:23:07 +0000 (16:23 +0500)]
ramips: ZyXEL Keenetic Omni align factory images

ZyXEL web-flasher requires squashfs to be aligned to 64kb.

Signed-off-by: Vitaly Chekryzhev <>
4 years agoramips: correct keenetic-series switch index
Vitaly Chekryzhev [Sun, 1 Jan 2017 21:46:33 +0000 (02:46 +0500)]
ramips: correct keenetic-series switch index

Fix switch name typo

Signed-off-by: Vitaly Chekryzhev <>
4 years agoramips: add support for Netgear WN3000RPv3
Thibaut VARENE [Wed, 18 Jan 2017 10:34:56 +0000 (11:34 +0100)]
ramips: add support for Netgear WN3000RPv3

This patch adds support for the Netgear WN3000RPv3

- SoC: MediaTek MT7620A (580MHz, ramips)
- Storage: 8MB NOR SPI flash
- Wireless: builtin MT7620A, 2x2:2 with u.FL connectors
- Ethernet: 1x100M
- Serial: JP1 header, 57600-8N1
- Stock firmware based on OpenWRT Kamikaze

Like the EX2700, the bootloader expects a secondary image signature,
This is why the same fakeroot image is used for the WN3000

Signed-off-by: Thibaut VARENE <>
4 years agoramips: fix mac address of miwifi-mini
BangLang Huang [Wed, 18 Jan 2017 09:45:48 +0000 (17:45 +0800)]
ramips: fix mac address of miwifi-mini

For the miwifi-mini, the offset of ethernet mac should be 0x28
which you can easyily dump from 'Factory' partition.

Signed-off-by: BangLang Huang <>
4 years agofeeds: add option to force feed update despite modified files
Jo-Philipp Wich [Tue, 14 Feb 2017 17:35:57 +0000 (18:35 +0100)]
feeds: add option to force feed update despite modified files

Implement a new flag "-f" for the feeds update command which causes the
script to fall back to a more agressive git update strategy in case there
are locally modified files in the feeds directory.

Signed-off-by: Jo-Philipp Wich <>
4 years agoramips: Clean duplicated status property for Omega2 WMAC in dtsi
Furong Xu [Tue, 14 Feb 2017 09:25:08 +0000 (17:25 +0800)]
ramips: Clean duplicated status property for Omega2 WMAC in dtsi

At the tail of dtsi, wmac is enabled twice, clean the first one

Signed-off-by: Furong Xu <>
4 years agoramips: fixed sms led polarity into dwr-512 DT
Giuseppe Lippolis [Mon, 13 Feb 2017 10:36:41 +0000 (11:36 +0100)]
ramips: fixed sms led polarity into dwr-512 DT

Signed-off-by: Giuseppe Lippolis <>
4 years agoramips: WN3000RPv3: do not setup switch
Thibaut VARENE [Sun, 12 Feb 2017 16:11:08 +0000 (17:11 +0100)]
ramips: WN3000RPv3: do not setup switch

The WN3000RPv3 is a repeater with a single ethernet port. Setting up the
switch, even to disable it, is unnecessary and possibly confusing.

Configure LAN as eth0 instead.

Signed-off-by: Thibaut VARENE <>
4 years agobusybox: revert accidential version bump
Jo-Philipp Wich [Thu, 27 Apr 2017 13:38:48 +0000 (15:38 +0200)]
busybox: revert accidential version bump

Due to an oversight during patch conflict resolution, the PKG_VERSION got
accidentially bumped instead of the PKG_RELEASE field.

Revert the bad version change as there exists no upstream 1.25.2 version.

Signed-off-by: Jo-Philipp Wich <>
4 years agobusybox: nslookup_lede: mimic output format of old Busybox applet
Jo-Philipp Wich [Tue, 25 Apr 2017 12:21:08 +0000 (14:21 +0200)]
busybox: nslookup_lede: mimic output format of old Busybox applet

When invoking "nslookup_lede" with a domain argument and without explicit
query type, issue both A and AAAA queries and display the resulting IP
addresses in a numbered list style, similar to how the old BusyBox nslookup
used to output the records.

This is required for compatibility with certain scripts.


Signed-off-by: Jo-Philipp Wich <>
4 years agobusybox: nslookup_lede: fix compatibility with v1.25
Jo-Philipp Wich [Tue, 25 Apr 2017 12:03:11 +0000 (14:03 +0200)]
busybox: nslookup_lede: fix compatibility with v1.25

The ":*" optstring syntax was only recently introduced with BusyBox v1.26,
older versions need a corresponding hint in the "opt_complementary" variable
to denote flag values that should be stored as llist entries.

Add the required opt_complementary entry to fix random SIGBUS, SIGILL or
SIGSEGV related crashes on BusyBox 1.25.x when attempting to use the "-q"
flag of the "nslookup_lede" applet.


Signed-off-by: Jo-Philipp Wich <>
4 years agox86: enable 4G high memory support for generic (32bit) subtarget
Jo-Philipp Wich [Thu, 27 Apr 2017 13:26:48 +0000 (15:26 +0200)]
x86: enable 4G high memory support for generic (32bit) subtarget

This is required to fully support a number of 32bit x86 systems equipped
with more than one GB ram, e.g. certain Atom CPU machines.


Signed-off-by: Jo-Philipp Wich <>
4 years agogeneric: keep module aliases inside .modinfo
Yousong Zhou [Wed, 11 Jan 2017 11:57:24 +0000 (19:57 +0800)]
generic: keep module aliases inside .modinfo

It seems module aliases are actually essential info.  E.g. other modules
may call xt_request_find_match(NFPROTO_IPV{4,6}, "hashlimit", 1) and the
kernel will request user mode modprobe helper for ipt_hashlimit and
ip6t_hashlimit respectively which are aliases of xt_hashlimit.ko

Compile-tested for armvirt, there is nearly no size impact.


    -rw-r--r-- 1 yousong yousong     304 Jan 10 17:37 config.seed
    -rw-r--r-- 1 yousong yousong    1634 Jan 11 11:07 lede-armvirt-default.manifest
    -rw-r--r-- 1 yousong yousong 1533647 Jan 11 11:07 lede-armvirt-default-rootfs.tar.gz
    -rw-r--r-- 1 yousong yousong 1802711 Jan 11 11:07 lede-armvirt-root.ext4.gz
    -rw-r--r-- 1 yousong yousong 1544597 Jan 11 11:07 lede-armvirt-rootfs.cpio.gz
    -rw-r--r-- 1 yousong yousong 1174984 Jan 11 11:07 lede-armvirt-root.squashfs.gz
    -rwxr-xr-x 1 yousong yousong 1654712 Jan 11 11:07 lede-armvirt-zImage
    -rwxr-xr-x 1 yousong yousong 2738296 Jan 11 11:07 lede-armvirt-zImage-initramfs
    drwxr-xr-x 2 yousong yousong    4096 Jan 10 17:35 packages
    -rw-r--r-- 1 yousong yousong     739 Jan 10 17:37 sha256sums


    -rw-r--r-- 1 yousong yousong     304 Jan 10 17:37 config.seed
    -rw-r--r-- 1 yousong yousong    1634 Jan 11 11:10 lede-armvirt-default.manifest
    -rw-r--r-- 1 yousong yousong 1533646 Jan 11 11:10 lede-armvirt-default-rootfs.tar.gz
    -rw-r--r-- 1 yousong yousong 1802711 Jan 11 11:10 lede-armvirt-root.ext4.gz
    -rw-r--r-- 1 yousong yousong 1544593 Jan 11 11:10 lede-armvirt-rootfs.cpio.gz
    -rw-r--r-- 1 yousong yousong 1174984 Jan 11 11:10 lede-armvirt-root.squashfs.gz
    -rwxr-xr-x 1 yousong yousong 1654736 Jan 11 11:10 lede-armvirt-zImage
    -rwxr-xr-x 1 yousong yousong 2738144 Jan 11 11:10 lede-armvirt-zImage-initramfs
    drwxr-xr-x 2 yousong yousong    4096 Jan 10 17:35 packages
    -rw-r--r-- 1 yousong yousong     739 Jan 10 17:37 sha256sums

Signed-off-by: Yousong Zhou <>
4 years agoubox: bump to version 2017-03-10
Yousong Zhou [Tue, 25 Apr 2017 12:26:38 +0000 (20:26 +0800)]
ubox: bump to version 2017-03-10

Fixes FS#684 with commit 21a4bd0

Changes since current version.  All changes except the ones prefixed
with asterisks are for bugfixes.  Module aliases awareness is expected
by the kernel to be a basic facility and is required for properly
initializing wireguard.

    16f7e16 syslog: remove unnecessary sizeof struct between messages
    21a4bd0 kmodloader: modprobe: return 0 for loaded modules
    3dc78a4 kmodloader: don't store aliases info in struct module
    c553354 cmake: fix typo
    8973576 kmodloader: fix not being able to find some modules
    fce9382 cmake: Check for getrandom system call
    ac2d43e kmodloader: support '-q' quiet option
   *f8d3d16 ubox: Add an option for more accurate timestamps in log
    14839f0 kmodloader: make insert_module() idempotent
   *6e3c6dc kmodloader: add module alias awareness
    9371411 kmodloader: fix out-of-bound access when parsing .modinfo
    a62c946 kmodloader: modprobe: skip possible command line arguments
   *46a4b5f kmodloader: log to kmsg when loading directories of modules
    eacc426 kmodloader: remove redundant glob wildcard char
    8488bb5 ubox: Initialize conditionally uninitialized variabled
    db070f1 ubox: Fix some memory leaks
    acc48b5 kmodloader: Fix typo in error message

Size comparison on x86_64 host

    function                                             old     new   delta
    main                                                2190    2344    +154
    scan_module_folder                                   665     793    +128
    alloc_module_node                                      -     113    +113
    .rodata                                              946    1036     +90
    alloc_module                                         202     245     +43
    free_modules                                          77     119     +42
    load_modprobe                                        209     237     +28
    scan_loaded_modules                                  241     265     +24
    avl_modcmp                                            45      67     +22
    insert_module                                        204     224     +20
    find_module                                           13      30     +17
    static.optind@@GLIBC_2                                 -       4      +4
    static.load_moddeps                                  118     117      -1
    scan_module_folders                                   55      54      -1
    (add/remove: 2/0 grow/shrink: 10/2 up/down: 685/-2)           Total: 683 bytes

Signed-off-by: Yousong Zhou <>
4 years agokernel: use skb_cow_head() to deal with cloned skbs
Álvaro Fernández Rojas [Sun, 23 Apr 2017 11:55:03 +0000 (13:55 +0200)]
kernel: use skb_cow_head() to deal with cloned skbs

We need to ensure there is enough headroom to push extra header,
but we also need to check if we are allowed to change headers.

skb_cow_head() is the proper helper to deal with this.

Fixes Ethernet<->WiFi bridge for Raspberry Pi and probably other devices.

Signed-off-by: Álvaro Fernández Rojas <>
4 years agoar71xx: fix minor syntax error in /lib/upgrade/
Matthias Schiffer [Sat, 22 Apr 2017 16:56:25 +0000 (18:56 +0200)]
ar71xx: fix minor syntax error in /lib/upgrade/

Fix a '==' that should be a '=' in a test condition. Busybox fortunately
doesn't care.

Signed-off-by: Matthias Schiffer <>
4 years agoramips: update DEVICE_PACKAGES for Ubiquiti EdgeRouter X
Matthias Schiffer [Sat, 22 Apr 2017 16:54:07 +0000 (18:54 +0200)]
ramips: update DEVICE_PACKAGES for Ubiquiti EdgeRouter X

Fixes removal of unneeded kernel modules with per-device rootfs.

Signed-off-by: Matthias Schiffer <>
4 years agoopenssl: Use mkhash for STAMP_CONFIGURED
Florian Fainelli [Wed, 1 Mar 2017 18:48:32 +0000 (10:48 -0800)]
openssl: Use mkhash for STAMP_CONFIGURED

The current way of creating a STAMP_CONFIGURED filename for OpenSSL can
lead to an extremely long filename that makes touch unable to create it,
and fail the build.

Use mkhash to produce a hash against OPENSSL_OPTIONS which creates a
shortert stamp file,

Fixes #572

Signed-off-by: Florian Fainelli <>
4 years agobusybox: fix build of nslookup_lede applet without IPv6 (#728)
Jo-Philipp Wich [Fri, 21 Apr 2017 11:18:16 +0000 (13:18 +0200)]
busybox: fix build of nslookup_lede applet without IPv6 (#728)

Protect any IPv6 related with appropriate guards to fix compilation with
disabled IPv6 support in Busybox.

Fixes #728.

Signed-off-by: Jo-Philipp Wich <>
4 years agobusybox: Move libresolv detection to LEDE Makefile
Florian Fainelli [Wed, 12 Apr 2017 16:02:30 +0000 (09:02 -0700)]
busybox: Move libresolv detection to LEDE Makefile

Since the LEDE nslookup applet is already specific to LEDE, move the
libresolv detection into the busybox Makefile that LEDE uses.

This fixes builds with external toolchains that don't automatically
search for headers and/or libraries without being told so.

Fixes: de5b8e5d2fe1 ("busybox: add musl compatible nslookup replacement")
Signed-off-by: Florian Fainelli <>
4 years agobcm53xx: backport BCM5301X patches
Rafał Miłecki [Sat, 18 Mar 2017 17:31:36 +0000 (18:31 +0100)]
bcm53xx: backport BCM5301X patches

This fixes GIC interrupts (required before switching to 4.9), adds few
new entires & introduces DTS for Archer C5.

Signed-off-by: Rafał Miłecki <>
4 years agobcm53xx: parepare for building more Linksys images
Rafał Miłecki [Sun, 12 Mar 2017 15:24:13 +0000 (16:24 +0100)]
bcm53xx: parepare for building more Linksys images

We still can't enable them by default without proper TRX support.

Signed-off-by: Rafał Miłecki <>
4 years agobcm53xx: prepare for building Archer C5 V2 image
Rafał Miłecki [Sat, 11 Mar 2017 11:33:53 +0000 (12:33 +0100)]
bcm53xx: prepare for building Archer C5 V2 image

Don't enable it yet as kernel needs to be updated first.

Signed-off-by: Rafał Miłecki <>
4 years agoar71xx: add TP-LINK TL-WR841N/ND v12 image
Vittorio Gambaletta [Sun, 26 Mar 2017 07:55:44 +0000 (09:55 +0200)]
ar71xx: add TP-LINK TL-WR841N/ND v12 image

This router has the same hardware as TP-LINK TL-WR841N/ND v11 (same FCC
ID, same TFTP image name...).

If the stock firmware web interface doesn't accept LEDE factory image,
it can be flashed via the U-Boot TFTP recovery mode, by long-pressing
the reset button after power on.

The TFTP image name is wr841nv11_tp_recovery.bin (yes, v11, not v12).

Signed-off-by: Vittorio Gambaletta <>
4 years agoutils/f2fs-tools: Update to 1.8.0
Daniel Engberg [Wed, 15 Mar 2017 16:14:55 +0000 (17:14 +0100)]
utils/f2fs-tools: Update to 1.8.0

Update f2fs-tools to 1.8.0
Refresh patches
Remove selinux patch, use configure argument instead.
Switch to xz tarball
Adjust url to avoid redirects

Signed-off-by: Daniel Engberg <>
4 years agobusybox: add musl compatible nslookup replacement
Jo-Philipp Wich [Tue, 14 Mar 2017 21:38:59 +0000 (22:38 +0100)]
busybox: add musl compatible nslookup replacement

Add an alternative nslookup applet implementation which is compatible with
musl libc wrt. name server selection and which supports a number of additional
features such as query type selection.

Fixes #155, #217

Signed-off-by: Jo-Philipp Wich <>
4 years agokernel: update kernel 4.4 to 4.4.61
Jo-Philipp Wich [Sat, 15 Apr 2017 15:00:49 +0000 (17:00 +0200)]
kernel: update kernel 4.4 to 4.4.61

Signed-off-by: Jo-Philipp Wich <>
4 years agoodhcpd: update to version 2017-03-29 (FS#635)
Hans Dedecker [Sat, 1 Apr 2017 11:56:44 +0000 (13:56 +0200)]
odhcpd: update to version 2017-03-29 (FS#635)

3d9f406 rework IPv6 dns address selection (FS#635)
bc6c3ac ndp: keep an exact copy of IPv6 interface addresses
6eb1e01 ndp: code cleanup
eea7d03 rework IPv6 address dump logic
24d21c7 ndp: add syslog debug tracing

Signed-off-by: Hans Dedecker <>
4 years agoodhcpd: update to version 2017-02-28
Florian Fainelli [Sat, 4 Mar 2017 21:22:50 +0000 (13:22 -0800)]
odhcpd: update to version 2017-02-28

Brings in the following change:

9eac2a896341 dhcpv6-ia: Check lockf return value

Signed-off-by: Florian Fainelli <>
4 years agoodhcpd: update to version 2017-02-21
Hans Dedecker [Thu, 23 Feb 2017 20:56:15 +0000 (21:56 +0100)]
odhcpd: update to version 2017-02-21

1b630f8 router: don't announce prefixes with valid lifetime equal to 0
ba0cac0 router: fix arithmetic exception fault
3495f17 router: allow RA prefix lifetime being set to leasetime value (FS#397)
e437ce9 treewide: simplify dhcp leasetime checking
942fb33 router: support ra_mininterval and ra_lifetime uci parameters (FS#397)
f913337 router.h: fix alignment style
4dc7edb Revert "odhcpd.h: fix alignment style"
62ea54f odhcpd.h: fix alignment style
a898ee5 config: make loglevel configurable via uci (FS#481)
51c756c odhcpd: display correct default log level in usage text
68ee0b5 treewide: define and use macro IN6_IS_ADDR_ULA
fa57225 ndp: deregister netlink event socket for non recoverable errors
ac70d28 odhcpd: fix white space errors

Signed-off-by: Hans Dedecker <>
4 years agoramips: add RP-N53 pcie wireless eeprom
Mathias Kresin [Sun, 9 Apr 2017 07:14:52 +0000 (09:14 +0200)]
ramips: add RP-N53 pcie wireless eeprom

Fix the PCIe 5GHz wireless by using the on flash eeprom/caldata.
Disable the 2.4GHz band as this band has no antennas attached but is
enabled in the eeprom/caldata.

Fixes: FS#691

Signed-off-by: Mathias Kresin <>
4 years agoramips: fix WHR-600D eeprom dt property
Mathias Kresin [Sun, 9 Apr 2017 07:12:55 +0000 (09:12 +0200)]
ramips: fix WHR-600D eeprom dt property

Fix the PCIe 5GHz wireless by using the ralink mtd-eeprom property as
this board have a RT5592 and uses the rt2x00 driver. The mediathek
device tree bindings do not work here.

Fixes: FS#691

Fixes: d8dd207ea6f2 ("ramips: use the ralink,mtd-eeprom device tree property")
Signed-off-by: Mathias Kresin <>
4 years agoutil-linux: re-enable parallel builds
Felix Fietkau [Wed, 22 Mar 2017 12:22:57 +0000 (13:22 +0100)]
util-linux: re-enable parallel builds

The original build error in 'more' seems to be gone

Signed-off-by: Felix Fietkau <>
4 years agoutil-linux: unconditionally enable ncursesw support
Felix Fietkau [Wed, 22 Mar 2017 12:49:05 +0000 (13:49 +0100)]
util-linux: unconditionally enable ncursesw support

The build dependency is unconditional, and some components might fail if
ncurses is not available

Signed-off-by: Felix Fietkau <>
4 years agoutils/util-linux: Update to 2.29.2
Daniel Engberg [Mon, 20 Mar 2017 08:51:26 +0000 (09:51 +0100)]
utils/util-linux: Update to 2.29.2

Update util-linux to 2.29.2
Remote 0001-fix-uClibc-ng-scanf-check.patch as it's been merged upstream.
Refresh patches
Change ncurses to ncursesw to fix compilation and avoid confusion

Signed-off-by: Daniel Engberg <>
Signed-off-by: Felix Fietkau <> [remove faulty dependency changes]
4 years agobuild: fix triggering opkg/host compilation
Jo-Philipp Wich [Thu, 19 Jan 2017 01:41:02 +0000 (02:41 +0100)]
build: fix triggering opkg/host compilation

Commit 131db36 "build: remove separate /install step for host builds" dropped
the package/*/host/install targets in favor to performing the install steps
within the compile target instead.

Adjust package/Makefile accordingly in order to prevent a missing
staging_dir/host/bin/opkg when staging package archives into the rootfs.

Signed-off-by: Jo-Philipp Wich <>
4 years agolibubox: fix host build on macOS
Felix Fietkau [Mon, 20 Feb 2017 11:32:45 +0000 (12:32 +0100)]
libubox: fix host build on macOS

Use the defaults instead of a custom non-portable Host/Install section

Signed-off-by: Felix Fietkau <>
4 years agolibubox: add host build
Jo-Philipp Wich [Fri, 17 Feb 2017 09:49:14 +0000 (10:49 +0100)]
libubox: add host build

Our opkg fork requires libubox to build, so add a host build for it.

Signed-off-by: Jo-Philipp Wich <>
4 years agoopkg: switch to LEDE fork (#120, #551, #571)
Jo-Philipp Wich [Thu, 16 Feb 2017 16:36:47 +0000 (17:36 +0100)]
opkg: switch to LEDE fork (#120, #551, #571)

Cherry-pick the following commits from master to bump opkg in LEDE 17.01:

b65dc04712 opkg: switch to own fork to improve memory usage
55ffc38004 opkg: re-enable usign support
19720a6f03 opkg: fix handling conffiles in status lists
9e4555f58d opkg: fix stray printf() (#551)
ebf846b005 opkg: mark as essential (FS#571)
aedd5d5cb0 opkg: fix several package installation bugs
48ae44d033 opkg: gracefully handle missing $PATH, fix build warnings
1449b52f02 opkg: backport upstream fixes, code cleanups

Signed-off-by: Jo-Philipp Wich <>
4 years agomt76: ensure that the metapackage gets built as .ipk
Felix Fietkau [Wed, 5 Apr 2017 21:38:42 +0000 (23:38 +0200)]
mt76: ensure that the metapackage gets built as .ipk

Fixes errors during the image builder run

Signed-off-by: Felix Fietkau <>
4 years force kernel rebuild on every run
Felix Fietkau [Mon, 13 Mar 2017 09:49:58 +0000 (10:49 +0100)] force kernel rebuild on every run

DTS dependencies are not processed correctly so makes it safer against
poentially stale builds

Signed-off-by: Felix Fietkau <>
4 years agokernel: Fix the incorrect i_nlink count after jffs2's RENAME_EXCHANGE operations.
Jing Qiu [Tue, 14 Mar 2017 07:32:08 +0000 (15:32 +0800)]
kernel: Fix the incorrect i_nlink count after jffs2's RENAME_EXCHANGE operations.

The problem is caused by the incorrect handling of the parent inode's
i_nlink count for the dentry to be RENAME_EXCHANGED. There are 3 cases
to consider. Assume we want to RENAME_EXCHANGE struct dentry *a and
struct dentry *b, and inode_a is pointed to by dentry_a, inode_b is
pointed to by dentry_b:

1. If inode_a is a directory, but inode_b isn't, then we must decrease
   the i_nlink count of old_dir_i, and increase the i_nlink of new_dir_i.
2. If inode_a isn't a directory, but inode_b is a directory, then we
   must increase the i_nlink of old_dir_i, and decrease the i_nlink count
   of new_dir_i.
3. If the types of inode_a and inode_b are the same, we don't change the
   i_nlink for either old_dir_i or new_dir_i.

Signed-off-by: Jing Qiu <>
Signed-off-by: Felix Fietkau <>
4 years agomac80211: backport an upstream fix for queue start/stop handling
Felix Fietkau [Mon, 3 Apr 2017 13:08:28 +0000 (15:08 +0200)]
mac80211: backport an upstream fix for queue start/stop handling

Fixes issues with 802.11s

Signed-off-by: Felix Fietkau <>
4 years agosysntpd: restore support for peer-less (standalone) mode
Piotr Dymacz [Mon, 6 Mar 2017 22:20:37 +0000 (23:20 +0100)]
sysntpd: restore support for peer-less (standalone) mode

ntpd from Busybox supports peer-less (standalone) mode when it's started
with option -l and without any peer provided with option -p. In this
mode ntpd uses local time as reference and acts as stratum 1 server.

This mode can be used in isolated networks, where Internet access and/or
other NTP server/s are not available, but the device has some other way
of getting correct time, like e.g. GPS (ugps supports setting local time
by default).

Support for this mode was incorrectly disabled/removed in:

Signed-off-by: Piotr Dymacz <>
Acked-by: Jo-Philipp Wich <>
4 years agoar71xx: fix Wallys DR344 ethernet MAC addresses offsets
Piotr Dymacz [Sun, 12 Mar 2017 22:50:36 +0000 (23:50 +0100)]
ar71xx: fix Wallys DR344 ethernet MAC addresses offsets

Without this fix, ethernet interfaces on Wallys DR344 use random MAC

Signed-off-by: Piotr Dymacz <>
4 years agougps: fix and improve init script
Piotr Dymacz [Sun, 5 Mar 2017 18:30:44 +0000 (19:30 +0100)]
ugps: fix and improve init script

The ugps tool expects device path in last argument. If it's provided
before other options, they won't be processed at all.

Additionally, make it possible to use absolute path for gps character
device in related uci configuration.

Signed-off-by: Piotr Dymacz <>
4 years agokernel: update kernel 4.4 to 4.4.59
Hauke Mehrtens [Sun, 2 Apr 2017 09:53:42 +0000 (11:53 +0200)]
kernel: update kernel 4.4 to 4.4.59

Signed-off-by: Hauke Mehrtens <>
4 years agoubox: fix sha256 mirror hash
Hauke Mehrtens [Thu, 30 Mar 2017 12:25:39 +0000 (14:25 +0200)]
ubox: fix sha256 mirror hash

Commit 5c20a4fec923c3 ("ubox: turn logd into a separate package") changed
the PKG_SOURCE_DATE which is also included in the tar file. This change
resulted in a new tar with a different hash, but the sha256 hash was not
updated. Fix the sha256 hash value in this commit to match what would be
created from git and what is already on the mirror.

Signed-off-by: Hauke Mehrtens <>
4 years agoodhcpd: fix sha256 sum
Hauke Mehrtens [Thu, 30 Mar 2017 10:25:13 +0000 (12:25 +0200)]
odhcpd: fix sha256 sum

The sha256sum added in commit b8567cb44e9e4f ("odhcpd: update to git HEAD
version (FS#396)") does not match the sha256sum of the file on the mirror or
when I clone it. Update the sha256 sum to the correct value.

Signed-off-by: Hauke Mehrtens <>
4 years agofirewall: document rules for IPSec ESP/ISAKMP with 'name' option
Yousong Zhou [Tue, 28 Mar 2017 09:41:14 +0000 (17:41 +0800)]
firewall: document rules for IPSec ESP/ISAKMP with 'name' option

These are recommended practices by REC-22 and REC-24 of RFC6092:
"Recommended Simple Security Capabilities in Customer Premises Equipment
(CPE) for Providing Residential IPv6 Internet Service"

Fixes FS#640

Signed-off-by: Yousong Zhou <>
4 years agoiw: enable MESH ID in scan output
Matthias Schiffer [Sat, 25 Mar 2017 12:43:29 +0000 (13:43 +0100)]
iw: enable MESH ID in scan output

Make scan output useful for 802.11s meshes. The common print_ssid function
is used, so this doesn't add any additional code.

Based-on-patch-by: Jan-Tarek Butt <>
Signed-off-by: Matthias Schiffer <>
4 years agobusybox: vi: backporting patches to fix ZZ and :x command
Yousong Zhou [Sat, 25 Mar 2017 05:23:06 +0000 (13:23 +0800)]
busybox: vi: backporting patches to fix ZZ and :x command

Signed-off-by: Yousong Zhou <>
4 years agoumdns: update to the version 2017-03-21
Rafał Miłecki [Tue, 21 Mar 2017 21:57:56 +0000 (22:57 +0100)]
umdns: update to the version 2017-03-21

This includes following changes:
480d7bc Fix sending unicast questions on cache expire
a0403cd Keep source sockaddr for every cached DNS record
1478293 Fix code freeing cached non-A(AAA) records too early
9f1cc22 Fix replying to "QU" questions received on unicast interface
943bedb Fix reading port of incoming packets
c725494 Use MCAST_PORT define for port 5353
ce7e9e9 Use one define for DNS-Based Service Discovery service name
e1bacef Drop entries cached for interface we're going to delete
496aeba Fix comment typo in cache_gc_timer
f89986b Fix refreshing cached A(AAA) records that expire

Previous updates made umdns work as expected on startup but there were
still many bugs. They were mostly related to runtime - cache management
and requests + responses. E.g. umdns was never able to send question on
DNS record expire. It was also ignoring all incoming unicast questions.

Since these issues are quite serious it makes sense to backport this
update to the stable branch.

Signed-off-by: Rafał Miłecki <>
4 years agoumdns: update to the version 2017-03-14
Rafał Miłecki [Tue, 14 Mar 2017 10:59:53 +0000 (11:59 +0100)]
umdns: update to the version 2017-03-14

This includes 3 cleanups:
fd5a160 Don't cache hosts as services
80dd246 Refresh DNS records A and AAAA directly
6515101 Access cached records (instead of services) to read list of hosts

Signed-off-by: Rafał Miłecki <>
4 years agoiproute2: fix ip monitor can't work when NET_NS is not enabled
Yousong Zhou [Fri, 17 Mar 2017 09:49:29 +0000 (17:49 +0800)]
iproute2: fix ip monitor can't work when NET_NS is not enabled

The bug appeared in v4.1.0 and was fixed since v4.8.0

Fixes FS#620

Signed-off-by: Yousong Zhou <>
4 years agocurl: fix CVE-2017-2629 SSL_VERIFYSTATUS ignored
Hauke Mehrtens [Mon, 13 Mar 2017 21:51:20 +0000 (22:51 +0100)]
curl: fix CVE-2017-2629 SSL_VERIFYSTATUS ignored

This fixes the following security problem:

Signed-off-by: Hauke Mehrtens <>
4 years agombedtls: update to version 2.4.2
Hauke Mehrtens [Mon, 13 Mar 2017 19:04:32 +0000 (20:04 +0100)]
mbedtls: update to version 2.4.2

This fixes the following security problems:
* CVE-2017-2784: Freeing of memory allocated on stack when validating a public key with a secp224k1 curve
* SLOTH vulnerability
* Denial of Service through Certificate Revocation List

Signed-off-by: Hauke Mehrtens <>
4 years agomac80211: mwifiex-sdio: select DRIVER_11AC_SUPPORT
Álvaro Fernández Rojas [Sat, 11 Mar 2017 18:31:16 +0000 (19:31 +0100)]
mac80211: mwifiex-sdio: select DRIVER_11AC_SUPPORT

Signed-off-by: Álvaro Fernández Rojas <>