openwrt/svn-archive/archive.git
3 years agoBB: openssl: update to 1.0.2f (fixes CVE-2016-0701, CVE-2015-3197) barrier_breaker
Jo-Philipp Wich [Fri, 29 Jan 2016 13:25:24 +0000 (13:25 +0000)]
BB: openssl: update to 1.0.2f (fixes CVE-2016-0701, CVE-2015-3197)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r48531.

SVN-Revision: 48549

3 years agoBB: samba36: add three CVE patches from 2015-12-16
Jo-Philipp Wich [Mon, 11 Jan 2016 11:57:36 +0000 (11:57 +0000)]
BB: samba36: add three CVE patches from 2015-12-16

This is a patch for CVE-2015-5252, CVE-2015-5296 and CVE-2015-5299. A
patchset for these vulnerabilities was published on 16th December 2015.

Signed-off-by: Jan Čermák <jan.cermak@nic.cz>
Backport of r48133

SVN-Revision: 48199

3 years agoBB: build: add a variable pointing to the main openwrt git repositories (useful if...
Jo-Philipp Wich [Mon, 11 Jan 2016 08:44:07 +0000 (08:44 +0000)]
BB: build: add a variable pointing to the main openwrt git repositories (useful if we want to support using a mirror later)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r48117

SVN-Revision: 48198

3 years agoBB: scripts/feeds: add support for optionally using a full clone of git repositories
Jo-Philipp Wich [Mon, 7 Dec 2015 16:30:59 +0000 (16:30 +0000)]
BB: scripts/feeds: add support for optionally using a full clone of git repositories

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r45668

SVN-Revision: 47805

3 years agoBB: openssl: update to v1.0.2e (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195)
Jo-Philipp Wich [Mon, 7 Dec 2015 16:05:54 +0000 (16:05 +0000)]
BB: openssl: update to v1.0.2e (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195)

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r47726.

SVN-Revision: 47804

3 years agohostapd: check for banned client on association event
Rafał Miłecki [Mon, 28 Sep 2015 12:46:58 +0000 (12:46 +0000)]
hostapd: check for banned client on association event

When using FullMAC drivers (e.g. brcmfmac) we don't get mgmt frames so
check for banned client in probe request handler won't ever be used.
Since cfg80211 provides us info about STA associating let's put a check
there.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Backport of r47064

SVN-Revision: 47068

3 years agodnsmasq: backport CVE-2015-3294 security fix
Rafał Miłecki [Tue, 8 Sep 2015 11:03:39 +0000 (11:03 +0000)]
dnsmasq: backport CVE-2015-3294 security fix

Upstream release 2.73 included CVE-2015-3294 fix, let's backport patch
fixing this security issue.
This avoids bumping version to 2.73 which introduced many new features.
This way we keep dnsmasq safe and don't risk new problems.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46817

3 years agoBB: sdk: provide explicit CONFIG_MODULES kconfig symbol
Jo-Philipp Wich [Mon, 27 Jul 2015 23:50:05 +0000 (23:50 +0000)]
BB: sdk: provide explicit CONFIG_MODULES kconfig symbol

Extend the SDK Config.in file to explicitely declare a MODULES symbol with
the "option modules" flag set in order to prevent a kconfig segmentation fault
whenever a "depends m" dependency is encountered.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r46514

SVN-Revision: 46516

3 years agoBB: hostapd: Fix RADIUS connection recovery after initial failure (#18197)
Jo-Philipp Wich [Mon, 27 Jul 2015 13:29:08 +0000 (13:29 +0000)]
BB: hostapd: Fix RADIUS connection recovery after initial failure (#18197)

If the initial attempt at opening the socket connection to the RADIUS
server failed due to missing IP connectivity during startup, e.g., with
"connect[radius]: Network is unreachable", hostapd did not try to
reconnect when RADIUS messages were sent. Instead, it only reported "No
authentication server configured" even if the configuration did have a
server entry.

Backport of upstream commit 94b39e5927e570e6b0fe41d455dde0a361c71c36
("RADIUS client: Fix server connection recovery after initial failure")

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46512

3 years agoBB: openssl: update to v1.0.2d (CVE-2015-1793)
Jo-Philipp Wich [Thu, 9 Jul 2015 13:15:32 +0000 (13:15 +0000)]
BB: openssl: update to v1.0.2d (CVE-2015-1793)

During certificate verification, OpenSSL (starting from version 1.0.1n and
1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this
logic can mean that an attacker could cause certain checks on untrusted
certificates to be bypassed, such as the CA flag, enabling them to use a valid
leaf certificate to act as a CA and "issue" an invalid certificate.

This issue will impact any application that verifies certificates including
SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r46285

SVN-Revision: 46287

3 years agoBB: kernel: kmod-scsi-core: fix load on install
Jonas Gorski [Sat, 4 Jul 2015 12:56:21 +0000 (12:56 +0000)]
BB: kernel: kmod-scsi-core: fix load on install

sd_mod depends on scsi_mod, but due to it being an AutoLoad and not
AutoProbe module, it was not loading when installing the package,
causing unknown symbol errors for sd_mod and anything depending on it.

Closes #14927, #18293, #19351.

Backport of r46176.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 46178

3 years agoBB: uclibc++: make g++-uc* wrappers relocatable
Jo-Philipp Wich [Fri, 3 Jul 2015 13:49:24 +0000 (13:49 +0000)]
BB: uclibc++: make g++-uc* wrappers relocatable

The g++-uc wrapper hardcodes $(STAGING_DIR) and $(TOOLCHAIN_DIR) paths which
will not work outside of the original build environment.

Replace the hardcoded staging_dir occurences with paths relative to the
$STAGING_DIR environment variable to make the g++-uc* wrappers usable in an
SDK environment.

Fixes the libdb47 build failure reported at
  https://lists.openwrt.org/pipermail/openwrt-devel/2015-April/032455.html

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r46162

SVN-Revision: 46164

3 years agoopenssl: bump to 1.0.2c
Steven Barth [Fri, 12 Jun 2015 20:59:57 +0000 (20:59 +0000)]
openssl: bump to 1.0.2c

fixes CVE-2015-4000 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792 CVE-2015-1791

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 45951

4 years agohostapd: fix remote denial of service vulnerability in WMM action frame parsing
Felix Fietkau [Wed, 6 May 2015 09:47:05 +0000 (09:47 +0000)]
hostapd: fix remote denial of service vulnerability in WMM action frame parsing

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r45619

SVN-Revision: 45620

4 years agoBB: openssl: update to v1.0.2a (14 CVEs)
Jo-Philipp Wich [Mon, 23 Mar 2015 14:08:16 +0000 (14:08 +0000)]
BB: openssl: update to v1.0.2a (14 CVEs)

Fixes CVE-2015-0204, CVE-2015-0207, CVE-2015-0208, CVE-2015-0209,
CVE-2015-0285, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289,
CVE-2015-0290, CVE-2015-0291, CVE-2015-0292, CVE-2015-0293, CVE-2015-1787.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 44952

4 years agokernel: remove the netfilter optimization that skips the filter table, it has caused...
Felix Fietkau [Tue, 17 Mar 2015 17:15:15 +0000 (17:15 +0000)]
kernel: remove the netfilter optimization that skips the filter table, it has caused too many issues

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r44873

SVN-Revision: 44874

4 years agoath9k: fix a beacon enable handling bug
Felix Fietkau [Thu, 12 Mar 2015 16:32:07 +0000 (16:32 +0000)]
ath9k: fix a beacon enable handling bug

Backport of r44696

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 44697

4 years agoar71xx: Fix LED polarity for the TP-LINK TL-MR13U.
John Crispin [Tue, 10 Mar 2015 13:26:19 +0000 (13:26 +0000)]
ar71xx: Fix LED polarity for the TP-LINK TL-MR13U.

Please also backport to Barrier Breaker (this same patch applies there too).

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
SVN-Revision: 44645

4 years agoBackport: ar71xx: Fix board detection for the TP-LINK TL-MR13U.
John Crispin [Tue, 10 Mar 2015 13:26:15 +0000 (13:26 +0000)]
Backport: ar71xx: Fix board detection for the TP-LINK TL-MR13U.

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
SVN-Revision: 44644

4 years agoBB: ubox: fix segmentation fault in insmod
Jo-Philipp Wich [Thu, 26 Feb 2015 21:29:57 +0000 (21:29 +0000)]
BB: ubox: fix segmentation fault in insmod

Fix segfault in kmodloader insmod mode due to uninitialized module
directory list.

Apply the required fix as patch for now since we don't have the
ulog infrastructure in BB (yet) required for the git head of ubox.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 44550

4 years agoBB: fstools: fix build with enabled ubifs extroot support
Jo-Philipp Wich [Wed, 25 Feb 2015 18:55:39 +0000 (18:55 +0000)]
BB: fstools: fix build with enabled ubifs extroot support

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r44538

SVN-Revision: 44539

4 years agoBB: fstools: cumulative backport
Jo-Philipp Wich [Wed, 25 Feb 2015 17:43:00 +0000 (17:43 +0000)]
BB: fstools: cumulative backport

- Adds support for /dev/vd* virtual io
- Adds support for overlayfs v23
- Fixes overlayfs mount on 3.18
- Make the block tool ignore case when comparing uuid strings
- Fixes sysupgrade on linux 3.18
- Support extroot/ubi
- Allows using UBIFS volume as overlay and adds support for Btrfs
- Fix exit code of uci-defaults script
- Support external overlays on non-MTD systems again
- Account for new directory structure of overlayfs partitions (additional upper/ component)
- Support executing block from either overlay or rom
- Support loading fstab from either overlay or rom
- Log extroot failures to dmesg

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r42812, r42890, r43090, r43368, r43480, r43485, r43717, r43868, r44180, r44535

SVN-Revision: 44537

4 years agoBB: ubox: kmodloader: support loading kmods from multiple directories
Jo-Philipp Wich [Wed, 25 Feb 2015 17:42:49 +0000 (17:42 +0000)]
BB: ubox: kmodloader: support loading kmods from multiple directories

This is required during early boot in the extroot setup phase to support
loading kmods from the overlay that depend on kmods on the rom partition.

The subsequent mount_root updates will use the LD_LIBRARY_PATH env
variable to pass kmod directories to kmodloader.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r42813, r44533

SVN-Revision: 44536

4 years agosamba36: update to 3.6.25, fixes remote code execution bug (CVE-2015-0240)
Felix Fietkau [Tue, 24 Feb 2015 07:24:29 +0000 (07:24 +0000)]
samba36: update to 3.6.25, fixes remote code execution bug (CVE-2015-0240)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r44515

SVN-Revision: 44516

4 years agoBB: build: improve feed handling for opkg.conf
Jo-Philipp Wich [Fri, 13 Feb 2015 11:59:16 +0000 (11:59 +0000)]
BB: build: improve feed handling for opkg.conf

 - Consider not installed feeds as well
 - Add option to decide whether to comment disabled feeds

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r42931

SVN-Revision: 44441

4 years agoBB:ramips:Kingston MLW221 cleanup
John Crispin [Wed, 11 Feb 2015 05:55:18 +0000 (05:55 +0000)]
BB:ramips:Kingston MLW221 cleanup

MLW221 dts use tabs NOT spaces.
Cleanup uci-defaults and diag.sh

Signed-off-by: L. D. Pinney <ldpinney@gmail.com>
SVN-Revision: 44382

4 years agoopenssl: fix upstream regression for non-ec builds
Steven Barth [Mon, 9 Feb 2015 15:28:09 +0000 (15:28 +0000)]
openssl: fix upstream regression for non-ec builds

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 44365

4 years agoopenssl: bump to 1.0.2
Steven Barth [Mon, 9 Feb 2015 12:13:06 +0000 (12:13 +0000)]
openssl: bump to 1.0.2

Fixes CVE-2014-3513, CVE-2014-3567, CVE-2014-3568, CVE-2014-3566

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 44347

4 years agokernel: add support for NFSv4
John Crispin [Wed, 28 Jan 2015 12:01:51 +0000 (12:01 +0000)]
kernel: add support for NFSv4

To: openwrt-devel@lists.openwrt.org

This work is based on Daniel Colascione's submission to the OpenWrt
devel mailing list on January 15th, 2014. I modified his patch so that
it applied to the current OpenWrt Barrier Breaker tree.

Signed-off-by: W. Michael Petullo <mike@flyn.org>
SVN-Revision: 44162

4 years agoca-certificates: update to 20141019
John Crispin [Wed, 28 Jan 2015 12:01:44 +0000 (12:01 +0000)]
ca-certificates: update to 20141019

update to version 20141019 and
create symbolic link for certificate hashes during installation

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 44161

4 years agoBB : ramips : Backport for Kingston MLWG2
John Crispin [Wed, 28 Jan 2015 10:37:51 +0000 (10:37 +0000)]
BB : ramips : Backport for Kingston MLWG2

Backport r43990 to Barrier Breaker.

http://wiki.openwrt.org/toh/kingston/mlwg2

Signed-off-by: L. D. Pinney <ldpinney@gmail.com>
 target/linux/ramips/base-files/etc/diag.sh                 |   3 +++
 target/linux/ramips/base-files/etc/uci-defaults/01_leds    |   4 +++
 target/linux/ramips/base-files/etc/uci-defaults/02_network |   4 +++
 target/linux/ramips/base-files/lib/ramips.sh               |   3 +++
 target/linux/ramips/base-files/lib/upgrade/platform.sh     |   1 +
 target/linux/ramips/dts/MLWG2.dts                          | 118 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 target/linux/ramips/image/Makefile                         |   2 ++
 7 files changed, 135 insertions(+)

SVN-Revision: 44160

4 years agoBB: fix subject in generated certificates
Jo-Philipp Wich [Sun, 25 Jan 2015 23:56:05 +0000 (23:56 +0000)]
BB: fix subject in generated certificates

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r44149

SVN-Revision: 44152

4 years agoBB: px5g: generate unique serial numbers
Jo-Philipp Wich [Sun, 25 Jan 2015 23:56:02 +0000 (23:56 +0000)]
BB: px5g: generate unique serial numbers

Generate a random serial from /dev/urandom when creating selfsigned certs.
Fixes "sec_error_reused_issuer_and_serial" with Firefox.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r43168

SVN-Revision: 44151

4 years agoBB: gmp: use http instead of ftp download (#18805)
Jo-Philipp Wich [Sat, 24 Jan 2015 13:08:49 +0000 (13:08 +0000)]
BB: gmp: use http instead of ftp download (#18805)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r44082

SVN-Revision: 44095

4 years agoar71xx: backport restart fix from r43777 (fixes #17839)
Felix Fietkau [Tue, 20 Jan 2015 16:41:46 +0000 (16:41 +0000)]
ar71xx: backport restart fix from r43777 (fixes #17839)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 44065

4 years agoar71xx: add support for TL-WA701ND v2
John Crispin [Tue, 20 Jan 2015 15:49:04 +0000 (15:49 +0000)]
ar71xx: add support for TL-WA701ND v2

Signed-off-by: Luigi Tarenga <luigi.tarenga@gmail.com>
SVN-Revision: 44064

4 years agoBB: polarssl: update to v1.3.9 and patch CVE-2015-1182
Jo-Philipp Wich [Tue, 20 Jan 2015 13:02:38 +0000 (13:02 +0000)]
BB: polarssl: update to v1.3.9 and patch CVE-2015-1182

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 44061

4 years agokernel: bridge: multicast: backport a few more fixes for 3.10
Felix Fietkau [Mon, 19 Jan 2015 01:13:25 +0000 (01:13 +0000)]
kernel: bridge: multicast: backport a few more fixes for 3.10

The following patches unfortunately didn't hit the kernel stable
branches yet, therefore cherrypicking them for OpenWRT here:

* bridge: fix netfilter/NF_BR_LOCAL_OUT for own, locally generated queries
* bridge: multicast: enable snooping on general queries only
* bridge: multicast: add sanity check for general query destination

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
Backport of r43841

SVN-Revision: 44049

4 years agomap: backport fixes from trunk
Steven Barth [Tue, 13 Jan 2015 19:02:32 +0000 (19:02 +0000)]
map: backport fixes from trunk

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 43962

4 years agoBB: openssl: update to v1.0.1k (8 CVEs)
Jo-Philipp Wich [Fri, 9 Jan 2015 00:10:55 +0000 (00:10 +0000)]
BB: openssl: update to v1.0.1k (8 CVEs)

Fixes CVE-2014-3571, CVE-2015-0206, CVE-2014-3569, CVE-2014-3572,
CVE-2015-0204, CVE-2015-0205, CVE-2014-8275 and CVE-2014-3570.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 43889

4 years agoar71xx: Fix LED definitions for the DRAGINO2 board
Felix Fietkau [Wed, 7 Jan 2015 16:47:38 +0000 (16:47 +0000)]
ar71xx: Fix LED definitions for the DRAGINO2 board

This patch fixes LED definitions for the DRAGINO2 board.

1. It renames the Router/USB led to System, as it is now marked "SYS" on the board.
2. It gives control of the LAN and WAN leds and some other GPIOs to Linux.
3. It fixes the active_low property for the LAN and WAN leds.
4. It sets up WLAN, LAN and WAN leds in the UCI defaults.
5. It allows usage of the System led by the diag.sh script, so it will be used to indicate boot and failsafe status.

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
Backport of r42897

SVN-Revision: 43867

4 years agoBB: qos-scripts: bump PKG_REVISION and copyright year
Jo-Philipp Wich [Tue, 6 Jan 2015 12:43:49 +0000 (12:43 +0000)]
BB: qos-scripts: bump PKG_REVISION and copyright year

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r43860

SVN-Revision: 43862

4 years agoBB: openvpn: bump PKG_REVISION and copyright year
Jo-Philipp Wich [Tue, 6 Jan 2015 12:43:44 +0000 (12:43 +0000)]
BB: openvpn: bump PKG_REVISION and copyright year

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r43859

SVN-Revision: 43861

4 years agoopenvpn: backport an upstream fix for a regression in using --cipher none (fixes...
Felix Fietkau [Sun, 4 Jan 2015 12:03:51 +0000 (12:03 +0000)]
openvpn: backport an upstream fix for a regression in using --cipher none (fixes #18676)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43823

SVN-Revision: 43824

4 years agomac80211: fix HT mode selection for ad-hoc
Felix Fietkau [Mon, 22 Dec 2014 21:46:52 +0000 (21:46 +0000)]
mac80211: fix HT mode selection for ad-hoc

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43769

SVN-Revision: 43770

4 years agoubi-utils: add mirror md5sum
Felix Fietkau [Mon, 22 Dec 2014 17:43:21 +0000 (17:43 +0000)]
ubi-utils: add mirror md5sum

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43761

SVN-Revision: 43764

4 years agotools/mtd-utils: add mirror md5sum
Felix Fietkau [Mon, 22 Dec 2014 17:43:14 +0000 (17:43 +0000)]
tools/mtd-utils: add mirror md5sum

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43760

SVN-Revision: 43763

4 years agokernel: disable multicast-to-unicast translation for ipv6 neighbor solicitation ...
Felix Fietkau [Wed, 17 Dec 2014 12:29:04 +0000 (12:29 +0000)]
kernel: disable multicast-to-unicast translation for ipv6 neighbor solicitation (#17625)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43736

SVN-Revision: 43737

4 years agobuild: ensure tools are built before building the toolchain
Felix Fietkau [Sat, 13 Dec 2014 12:01:19 +0000 (12:01 +0000)]
build: ensure tools are built before building the toolchain

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43693

SVN-Revision: 43694

4 years agompc85xx: add missing devicetree ranges property for ethernet devices
Felix Fietkau [Sat, 13 Dec 2014 11:44:04 +0000 (11:44 +0000)]
mpc85xx: add missing devicetree ranges property for ethernet devices

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43624

SVN-Revision: 43683

4 years agouClibc: fix ptrace header files for powerpc
Felix Fietkau [Thu, 11 Dec 2014 14:39:40 +0000 (14:39 +0000)]
uClibc: fix ptrace header files for powerpc

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43617

SVN-Revision: 43618

4 years agotelephony: update feed url
Steven Barth [Thu, 11 Dec 2014 10:32:52 +0000 (10:32 +0000)]
telephony: update feed url

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 43615

4 years agouclient: update to the latest version, fixes HTTP digest auth processing
Felix Fietkau [Wed, 10 Dec 2014 16:04:08 +0000 (16:04 +0000)]
uclient: update to the latest version, fixes HTTP digest auth processing

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43600

SVN-Revision: 43601

4 years agoodhcp6c: correctly handle renew-replies with short lease times
Steven Barth [Wed, 10 Dec 2014 10:42:41 +0000 (10:42 +0000)]
odhcp6c: correctly handle renew-replies with short lease times

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 43593

4 years agoqos-scripts: fix insmod commands
Felix Fietkau [Mon, 8 Dec 2014 12:06:02 +0000 (12:06 +0000)]
qos-scripts: fix insmod commands

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43562

SVN-Revision: 43566

4 years agoopenvpn: update to 2.3.6, fixes CVE-2014-8104
Felix Fietkau [Mon, 1 Dec 2014 19:50:45 +0000 (19:50 +0000)]
openvpn: update to 2.3.6, fixes CVE-2014-8104

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43482

SVN-Revision: 43483

4 years agoath9k: fix hardware tx queue allocation order
Felix Fietkau [Sun, 30 Nov 2014 19:45:37 +0000 (19:45 +0000)]
ath9k: fix hardware tx queue allocation order

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43438

SVN-Revision: 43439

4 years agoodhcp6c: backport from trunk to fix busyloop
Steven Barth [Fri, 28 Nov 2014 00:42:24 +0000 (00:42 +0000)]
odhcp6c: backport from trunk to fix busyloop

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 43416

4 years agoBB: brcm63xx: uci-defaults: network: move DSL-274x1 F1 to right section
Jonas Gorski [Tue, 25 Nov 2014 19:09:55 +0000 (19:09 +0000)]
BB: brcm63xx: uci-defaults: network: move DSL-274x1 F1 to right section

The cpu port is at 8, not 5.

Fixes #18406.

Backport of r43379.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 43380

4 years agoralink: disable the ICPlus phy driver
John Crispin [Wed, 19 Nov 2014 14:36:43 +0000 (14:36 +0000)]
ralink: disable the ICPlus phy driver

Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 43321

4 years agoralink: backport the pcie reset fix for mt7620a
John Crispin [Wed, 19 Nov 2014 10:59:12 +0000 (10:59 +0000)]
ralink: backport the pcie reset fix for mt7620a

Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 43313

4 years agoralink: backport the ethernet driver from trunk
John Crispin [Wed, 19 Nov 2014 10:59:10 +0000 (10:59 +0000)]
ralink: backport the ethernet driver from trunk

Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 43312

4 years agolantiq: vgv7519: set some defaults for leds
John Crispin [Mon, 17 Nov 2014 08:31:14 +0000 (08:31 +0000)]
lantiq: vgv7519: set some defaults for leds

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43286

4 years agolantiq: set default led configuration from /sys entry later, after per board settings
John Crispin [Mon, 17 Nov 2014 08:31:06 +0000 (08:31 +0000)]
lantiq: set default led configuration from /sys entry later, after per board settings

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43285

4 years agolantiq: Concatenate multiple flash chips for lantiq-flash (fixed regression)
John Crispin [Mon, 17 Nov 2014 08:31:03 +0000 (08:31 +0000)]
lantiq: Concatenate multiple flash chips for lantiq-flash (fixed regression)

Signed-off-by: Maikel Bloemendal <openwrt@maikelenyvonne.nl>
Tested-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43284

4 years agoRevert "ath9k: fix crashes when using shared IRQs"
Felix Fietkau [Sat, 15 Nov 2014 21:17:21 +0000 (21:17 +0000)]
Revert "ath9k: fix crashes when using shared IRQs"

This backport seems to be incomplete and causing some IRQ related
issues.

This reverts commit r43240

SVN-Revision: 43276

4 years agoath9k: fix crashes when using shared IRQs
Felix Fietkau [Thu, 13 Nov 2014 18:26:27 +0000 (18:26 +0000)]
ath9k: fix crashes when using shared IRQs

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43239

SVN-Revision: 43240

4 years agokernel: ssb: add PCI ID 0x4351
Rafał Miłecki [Sat, 8 Nov 2014 21:00:20 +0000 (21:00 +0000)]
kernel: ssb: add PCI ID 0x4351

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Backport of r43221

SVN-Revision: 43222

4 years agonetifd: fix default ORO for 6rd
Steven Barth [Sat, 8 Nov 2014 12:27:41 +0000 (12:27 +0000)]
netifd: fix default ORO for 6rd

Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 43215

4 years agomac80211: merge a few pending upstream fixes
Felix Fietkau [Fri, 7 Nov 2014 11:17:41 +0000 (11:17 +0000)]
mac80211: merge a few pending upstream fixes

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43208

SVN-Revision: 43209

4 years agoBB: lantiq: vr9: vgv7519: load vmmc and tapi module into firmware image
John Crispin [Mon, 3 Nov 2014 08:33:07 +0000 (08:33 +0000)]
BB: lantiq: vr9: vgv7519: load vmmc and tapi module into firmware image

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43166

4 years agoBB: lantiq: vr9: add vpe/watchdog modules to kernel
John Crispin [Mon, 3 Nov 2014 08:33:04 +0000 (08:33 +0000)]
BB: lantiq: vr9: add vpe/watchdog modules to kernel

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43165

4 years agoBB: lantiq: vr9: vgv7519: modify dts to pass cmdline to support vmmc/fxs/vpe
John Crispin [Mon, 3 Nov 2014 08:33:00 +0000 (08:33 +0000)]
BB: lantiq: vr9: vgv7519: modify dts to pass cmdline to support vmmc/fxs/vpe

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43164

4 years agoBB: lantiq: vr9: - modify dts to support vmmc
John Crispin [Mon, 3 Nov 2014 08:32:58 +0000 (08:32 +0000)]
BB: lantiq: vr9: - modify dts to support vmmc

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43163

4 years agoBB: lantiq: exportt ltq_soc_type
John Crispin [Mon, 3 Nov 2014 08:32:55 +0000 (08:32 +0000)]
BB: lantiq: exportt ltq_soc_type

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43162

4 years agoBB: lantiq: vr9: - fix vmmc build
John Crispin [Mon, 3 Nov 2014 08:32:50 +0000 (08:32 +0000)]
BB: lantiq: vr9: - fix vmmc build

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43161

4 years agoBB: lantiq: vr9: - fix tapi build
John Crispin [Mon, 3 Nov 2014 08:32:46 +0000 (08:32 +0000)]
BB: lantiq: vr9: - fix tapi build

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43160

4 years agoBB: lantiq:
John Crispin [Mon, 3 Nov 2014 08:32:38 +0000 (08:32 +0000)]
BB: lantiq:

MIPS: Fix rtlx build error.

      CC      arch/mips/kernel/rtlx.o
    /home/ralf/src/linux/upstream-sfr/arch/mips/kernel/rtlx.c: In function ‘file_write’:
    /home/ralf/src/linux/upstream-sfr/arch/mips/kernel/rtlx.c:439:23: error: unused variable ‘rt’ [-Werror=unused-variable]
    /home/ralf/src/linux/upstream-sfr/arch/mips/kernel/rtlx.c: In function ‘rtlx_module_init’:
    /home/ralf/src/linux/upstream-sfr/arch/mips/kernel/rtlx.c:523:3: error: implicit declaration of function ‘set_vi_handler’ [-Werror=implicit-function-declaration]
    cc1: all warnings being treated as errors

    Caused by 496ad9aa8ef448058e36ca7a787c61f2e63f0f54 [new helper:
    file_inode(file)].

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43159

4 years agoBB: lantiq: falcon/vr9 - add support for vpe1
John Crispin [Mon, 3 Nov 2014 08:32:34 +0000 (08:32 +0000)]
BB: lantiq: falcon/vr9 - add support for vpe1

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43158

4 years agoBB: lantiq: falcon/vr9 - vpe softdog
John Crispin [Mon, 3 Nov 2014 08:32:32 +0000 (08:32 +0000)]
BB: lantiq: falcon/vr9 - vpe softdog

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43157

4 years agoBB: lantiq: ltq-vmmc add support for ar9-vr9
John Crispin [Mon, 3 Nov 2014 08:32:30 +0000 (08:32 +0000)]
BB: lantiq: ltq-vmmc add support for ar9-vr9

(required not-distributable firmware blob - dump it by yourself from original firmware)

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43156

4 years agoBB: feeds: use https for LuCI github feed, like all others
Jo-Philipp Wich [Sat, 1 Nov 2014 10:09:51 +0000 (10:09 +0000)]
BB: feeds: use https for LuCI github feed, like all others

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 43142

4 years agoBB: feeds: switch to LuCI github repo
Jo-Philipp Wich [Sat, 1 Nov 2014 09:44:56 +0000 (09:44 +0000)]
BB: feeds: switch to LuCI github repo

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 43141

4 years agotarget/imagebuilder: remove obsolete !TARGET_ROOTFS_INITRAMFS dependency
Felix Fietkau [Fri, 31 Oct 2014 12:59:42 +0000 (12:59 +0000)]
target/imagebuilder: remove obsolete !TARGET_ROOTFS_INITRAMFS dependency

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43128

SVN-Revision: 43129

4 years agolantiq: vgv7519: fix profile, this board have a rt2800-pci board
John Crispin [Thu, 30 Oct 2014 08:13:05 +0000 (08:13 +0000)]
lantiq: vgv7519: fix profile, this board have a rt2800-pci board

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43116

4 years agolantiq: vgv7519: fix board_config on dts, read mac address and set it
John Crispin [Wed, 29 Oct 2014 20:51:43 +0000 (20:51 +0000)]
lantiq: vgv7519: fix board_config on dts, read mac address and set it

Signed-off-by: Eddi De Pieri <eddi@depieri.net>
SVN-Revision: 43110

4 years agoBB: busybox: make high ASCII chars printable (#7993)
Jo-Philipp Wich [Mon, 27 Oct 2014 11:22:41 +0000 (11:22 +0000)]
BB: busybox: make high ASCII chars printable (#7993)

Currently busybox utils like "ls" fail to display filenames containing UTF-8
characters, replacing any special characters with "?".

Change libbb's printable_string() function to allow high ASCII characters so
that unicode filenames are displayed correctls.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r43084

SVN-Revision: 43085

4 years agoBB: px5g-standalone: use /dev/urandom to initialize serial (#18232)
Jo-Philipp Wich [Mon, 27 Oct 2014 11:09:37 +0000 (11:09 +0000)]
BB: px5g-standalone: use /dev/urandom to initialize serial (#18232)

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r43080

SVN-Revision: 43083

4 years agoBB: uhttpd: fix HTTP incompatibilities in file handler
Jo-Philipp Wich [Mon, 27 Oct 2014 11:09:09 +0000 (11:09 +0000)]
BB: uhttpd: fix HTTP incompatibilities in file handler

 * Fixes sending an extraneous message body for 204 and 304 resoponses which
   breaks Chrome in keep-alive mode.

 * Adds mimetypes for JSON and JSONP.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r43078

SVN-Revision: 43082

4 years agomac80211: fix key flush handling in AP+STA
Felix Fietkau [Mon, 27 Oct 2014 11:07:45 +0000 (11:07 +0000)]
mac80211: fix key flush handling in AP+STA

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43079

SVN-Revision: 43081

4 years agompc85xx: fix WAN/LAN-MAC for TP-LINK TL-WDR4900 v1
John Crispin [Sun, 26 Oct 2014 20:33:34 +0000 (20:33 +0000)]
mpc85xx: fix WAN/LAN-MAC for TP-LINK TL-WDR4900 v1

This works around a bootloader issue where every device
has the same lan/wan-mac 00:04:9f:ef:01:01 - with this patch
we read the macs from config-partition during initial network
setup. We have 9 valid macs stored in the partition, the
1st two are used for the radios, 3 and 4 are now used for WAN/LAN.

on an already setup / running device we can get the real macs with
. /lib/functions.sh
. /lib/functions/system.sh
echo "LAN = $(mtd_get_mac_binary config 338)"
echo "WAN = $(mtd_get_mac_binary config 344)"

see:
https://dev.openwrt.org/ticket/14714

from the ticket / user klondike:
U-Boot passed this commit https://gitorious.org/0xlab-kernel/u-boot/commit/ecd1a09b81f2ed6e6ba7bd1d0bfb0cc3d0ea2ad0
http://u-boot.10912.n7.nabble.com/U-Boot-PATCH-mpc83xx-remove-hardcoded-network-addresses-from-config-files-td44372.html
I suppose to prevent this particular issue, but the WDR4900 may be using an old bootloader still affected.
                                                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

I have been checking the contents of the dtb on the flash, this particular bit is quite revealing:

ethernet@b0000 {
                        #address-cells = <0x1>;
                        #size-cells = <0x1>;
                        device_type = "network";
                        model = "eTSEC";
                        compatible = "fsl,etsec2";
                        fsl,num_rx_queues = <0x8>;
                        fsl,num_tx_queues = <0x8>;
                        local-mac-address = [00 00 00 00 00 00];
                                             ^^^^^^^^^^^^^^^^^

                        interrupt-parent = <0x2>;
                        phy-handle = <0x3>;
                        phy-connection-type = "rgmii-id";
                        ptimer-handle = <0x4>;

                        queue-group@0 {
                                #address-cells = <0x1>;
                                #size-cells = <0x1>;
                                reg = <0xb0000 0x1000>;
                                rx-bit-map = <0xff>;
                                tx-bit-map = <0xff>;
                                interrupts = <0x1d 0x2 0x1e 0x2 0x22 0x2>;
                        };
                };

I also have been checking the live device map to find this:

root@GHS-AP3:~# hexdump -C /proc/device-tree/soc@ffe00000/ethernet@b0000/local-mac-address
00000000  00 04 9f ef 01 01                                 |......|
00000006
root@GHS-AP3:~# hexdump -C /proc/device-tree/soc@ffe00000/ethernet@b1000/local-mac-address
*
root@GHS-AP3:~# hexdump -C /proc/device-tree/soc@ffe00000/ethernet@b2000/local-mac-address
*

My conclussion is that U-Boot most likely finds the device and (as no valid MAC-address is provided)
falls back to the default MAC provided by the old code, the kernel then receives thee modified
device map from U-Boot and assumes this is the correct MAC for the device despite it obviously isn't.

This can be seen at
target/linux/mpc85xx/patches-3.10/140-powerpc-85xx-tl-wdr4900-v1-support.patch

The enetaddr is filled up by using the device tree data by the process_boot_dtb
function and used by the platform_fixups function to set the eth0 address
(by calling dt_fixup_mac_address_by_alias("ethernet0", enetaddr); ).
But instead we should be used the device address which to my understanding is
provided in the mtd.

Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
Backport of r43074

SVN-Revision: 43077

4 years agoBB: vgv7519: support more recent board release with vrx288 v1.2
John Crispin [Sun, 26 Oct 2014 17:59:55 +0000 (17:59 +0000)]
BB: vgv7519: support more recent board release with vrx288 v1.2

The existance of this new board has been confirmed and tested by the guy on this commit

https://github.com/openwrt-vgv7519/uboot-bin/commit/76fdd8e638f81e324ffe77856481bd147398f6e8

SVN-Revision: 43075

4 years agokernel: makefiles: make use of new var KERNEL_PATCHVER
Rafał Miłecki [Sun, 26 Oct 2014 13:27:27 +0000 (13:27 +0000)]
kernel: makefiles: make use of new var KERNEL_PATCHVER

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Inspired by r43047

SVN-Revision: 43067

4 years agokernel: allow targets to specify KERNEL_PATCHVER instead of LINUX_VERSION
Rafał Miłecki [Sun, 26 Oct 2014 13:26:59 +0000 (13:26 +0000)]
kernel: allow targets to specify KERNEL_PATCHVER instead of LINUX_VERSION

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Backport of r43043

SVN-Revision: 43066

4 years agofindutils: add dependency on bison
Felix Fietkau [Sun, 26 Oct 2014 11:27:15 +0000 (11:27 +0000)]
findutils: add dependency on bison

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r43064

SVN-Revision: 43065

4 years agobase-files: add /etc/shadow to list of essential files to keep in sysupgrade (bug...
Felix Fietkau [Sat, 25 Oct 2014 17:23:14 +0000 (17:23 +0000)]
base-files: add /etc/shadow to list of essential files to keep in sysupgrade (bug 18206)

Based on bug #18206 sysupgrade can lead to loss of password information in
certain situations. Most likely all users who will upgrade from versions
r43017-43040, will lose their current passwords. :-(
https://dev.openwrt.org/ticket/18206

Currently /etc/shadow is defined as a conffile in base-files:
https://dev.openwrt.org/browser/trunk/package/base-files/Makefile#L37

But it is not defined in the default list of essential files to keep in
sysupgrade:
https://dev.openwrt.org/browser/trunk/package/base-files/files/lib/upgrade/keep.d/base-files-essential

If exporting conffiles info fails, /etc/shadow can get lost.

Shadow passwords are now the default, so saying that preserving /etc/passwd
is essential while /etc/shadow is not, makes no sense.

The attached patch adds /etc/shadow to the list of essential files.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Backport of r43061

SVN-Revision: 43062

4 years agoodhcp6c: avoid some unnecessary big mallocs
Steven Barth [Sat, 25 Oct 2014 10:39:31 +0000 (10:39 +0000)]
odhcp6c: avoid some unnecessary big mallocs

SVN-Revision: 43057

4 years agoath9k: fix regulatory notifier calls with CONFIG_ATH_USER_REGD=y (#18211)
Felix Fietkau [Sat, 25 Oct 2014 09:31:04 +0000 (09:31 +0000)]
ath9k: fix regulatory notifier calls with CONFIG_ATH_USER_REGD=y (#18211)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 43055

4 years agomac80211: refresh patches
Felix Fietkau [Sat, 25 Oct 2014 09:31:01 +0000 (09:31 +0000)]
mac80211: refresh patches

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 43054

4 years agoath9k: backport tx power reporting fix
Felix Fietkau [Sat, 25 Oct 2014 09:30:59 +0000 (09:30 +0000)]
ath9k: backport tx power reporting fix

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 43053