summaryrefslogtreecommitdiff
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* mac80211: use upstream patches for rtl8xxxuÁlvaro Fernández Rojas2016-09-29108-455/+488
| | | | | | Also improves rtl8188eu support. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* procd: update to latest git HEADJohn Crispin2016-09-281-2/+2
| | | | | | | | this adds 2 new inittab handlers * askconsolelate * respawnlate Signed-off-by: John Crispin <john@phrozen.org>
* netifd: update to the latest version, adds various fixesFelix Fietkau2016-09-281-2/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ath10k-firmware: move to firmware section in buildrootStijn Segers2016-09-281-4/+16
| | | | | | | This patch moves the ath10k firmware packages to the firmware submenu in the buildroot, where it belongs. Signed-off-by: Stijn Segers <francesco.borromini@inventati.org>
* ath10k-firmware: update the qca988x firmware to 10.2.4.70.54Martin Blumenstingl2016-09-281-13/+5
| | | | | | | | | | | | | | Use firmware version 10.2.4.70.54 from kvalo's git repository. The old version (even though it's version number is greater) is an old version from September 2015. Using only the firmware versions from kvalo's git repo is recommended, because those are tested by QCA's internal QCA. The QCA988X directory received a small reorganization as a "hw2.0" subdirectory was added - this patch also takes care of that as board.bin was moved to that subdirectory. Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
* toolchain: Force installation into /libFlorian Fainelli2016-09-281-24/+16
| | | | | | | | For 64-bit capable systems, a symbolic link is set up for /lib64 to point to /lib, so make sure the installation goes into /lib, irrespective of where the C library files come from in an external toolchain. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* rfkill: add fake rfkill supportJohn Crispin2016-09-271-1/+1
| | | | | | allow building of modules depending on RFKILL even if RFKILL is not enabled. Signed-off-by: John Crispin <john@phrozen.org>
* perf: fix build with musl on PowerPCMatthias Schiffer2016-09-281-0/+8
| | | | Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* kernel: remove echainiv.ko from kmod-crypto-ivMatthias Schiffer2016-09-281-4/+3
| | | | | | | There is a separate package kmod-crypto-echainiv for echainiv.ko. Selecting both packages led to a conflict, so remove the file from kmod-crypto-iv. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* mac80211: backport brcmfmac changes from 2016-09-27Rafał Miłecki2016-09-273-1/+97
| | | | | | | | This fixes bug that could cause WARNING on every add_key/del_key call. It also replaces WARNING with a simple message. They may still occur e.g. on station going out of range and A-MPDU stall in the firmware. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* openssl: update to 1.0.2jMagnus Kroken2016-09-273-49/+2
| | | | | | | | | | | | | | A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a result any attempt to use CRLs in OpenSSL 1.0.2i will crash with a null pointer exception. Patches applied upstream: * 301-fix_no_nextprotoneg_build.patch * 302-Fix_typo_introduced_by_a03f81f4.patch Security advisory: https://www.openssl.org/news/secadv/20160926.txt Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* linux-firmware: Add mirrorsdiizzyy2016-09-271-1/+3
| | | | | | | Adds Google's mirrors as primary source and kernel.org as fallback. Discussed in #lede-dev on Freenode Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* openssl: Make DTLS configurable.Rosen Penev2016-09-272-0/+10
| | | | Signed-off by: Rosen Penev <rosenp@gmail.com>
* openssl: Remove J-PAKE. Nothing uses it.Rosen Penev2016-09-271-1/+2
| | | | Signed-off by: Rosen Penev <rosenp@gmail.com>
* busybox: v1.25.0 upstream patchesKevin Darbyshire-Bryant2016-09-273-0/+75
| | | | | | Include upstream patches for gzip, ip & ntpd. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* libjson-c: Update to 0.12.1Daniel Engberg2016-09-272-26/+5
| | | | | | Updates libjson-c and removes backport patch. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* libunwind: use url aliasdiizzyy2016-09-271-1/+1
| | | | | | Use alias instead of hardcoded URL Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* iwinfo: fix WPA cipher reportingJo-Philipp Wich2016-09-271-2/+2
| | | | | | | | | | | Within the Lua binding, use the same logic as the command line interface for reporting the used WPA ciphers. Instead of printing the intersection of pairwise and group ciphers, report both group and pairwise ciphers. This fixes a case where a connection which uses CCMP for pairwise and TKIP as groupwise cipher is getting reported as using the NONE cipher. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* iproute: properly support high routing table IDsJo-Philipp Wich2016-09-273-24/+487
| | | | | | | | | | | | | | | | | | | | | The Linux kernel uses two distinct fields to denote the routing table ID in use by network routes; the 8 bit `rtm_table` member of `struct rtmsg` and the 32 bit `RTA_TABLE` netlink attribute. If a routing table ID is larger than 255, the `RT_TABLE` attribute must be used and the `rtm_table` field has to be set to the special `RT_TABLE_UNSPEC` value. This commit adds a patch which... - switches the *_n2a() and *_a2n() functions of rt_names.c to use dynamically sized, name-sorted arrays instead of fixed arrays limited to 1024 slots in order to support IDs up to 65535 - adds proper handling of high table IDs to iprule.c and iproute.c when adding, removing and dumping ip rules and network routes After this change, the Busybox ip applet fully supports IP rules with high ID numbers, using the same logic as the full iproute2. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* 6in4: fix invalid local variable declaration (FS#188)Jo-Philipp Wich2016-09-272-3/+3
| | | | | | | | Remove an invalid local variable declaration in the tunnel update subshell invocation. Local declarations outside of function scopes are illegal since the Busybox update to version 1.25.0 . Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mac80211: backport brcmfmac changes from 2016-09-26Rafał Miłecki2016-09-2726-2/+1316
| | | | | | | All these patches are in wireless-drirvers-next. There is support for hidden SSID, few new devices and many fixes. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: make default_prerm work offlineMatthias Schiffer2016-09-261-4/+12
| | | | | | | IPKG_INSTROOT must be respected for offline removal (used for per-device rootfs). Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: fix check for empty password warningMatthias Schiffer2016-09-261-2/+1
| | | | | | | | | | | | | Now that we know that the password is in /etc/shadow and not in /etc/passwd, we can properly fix the logic for the empty password check. Only 'root::' is an empty password, 'root:x:' and 'root:!:' allow no password login at all. This fixes the empty password warning still showing after the root password has been locked using 'passwd -l root' (e.g. to allow public-key auth only). Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* config: enable shadow passwords unconditionallyMatthias Schiffer2016-09-261-1/+0
| | | | | | | | | | | | | Configurations without shadow passwords have been broken since the removal of telnet: as the default entry in /etc/passwd is not empty (but rather unset), there will be no way to log onto such a system by default. As disabling shadow passwords is not useful anyways, remove this configuration option. The config symbol is kept (for a while), as packages from feeds depend on it. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* mac80211: fix crash in mac80211_hwsimFelix Fietkau2016-09-261-0/+11
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uboot-mvebu: reset the 88E1512 PHY to make the wan port workJonas Gorski2016-09-261-0/+32
| | | | | Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> Acked-by: Felix Fietkau <nbd@nbd.name>
* uboot-mvebu: make hidden and be m for clearfog to fix IB failing to add itJonas Gorski2016-09-261-3/+5
| | | | | | | | | | | | | Uboot-mvebu isn't a real package, which will break the image builder when it tries to install it during the packing step. Instead of cleafog selecting it through its default packages, make it default to m if the clearfog profile is selected. This will ensure it is always build, but never added to the rootfs. This fixes creating images for clearfog with IB. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> Acked-by: Felix Fietkau <nbd@nbd.name>
* uboot-mvebu: also install into KDIR to ensure it packaged in IBJonas Gorski2016-09-261-0/+3
| | | | | | | | The clearfog image requires u-boot, so package it into KDIR to make sure it is available in imageBuilder. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> Acked-by: Felix Fietkau <nbd@nbd.name>
* fstools: mark as nonshared and add missing PKG_CONFIG_DEPENDSMatthias Schiffer2016-09-251-0/+3
| | | | | | | The fstools build depends on the CONFIG_NAND_SUPPORT flag, which is target-specific. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* image: fix CONFIG_CLEAN_IPKG with CONFIG_TARGET_PER_DEVICE_ROOTFSMatthias Schiffer2016-09-251-1/+4
| | | | | | | | | | | Running prepare_rootfs on TARGET_DIR deletes the opkg state when CONFIG_CLEAN_IPKG is enabled, making the per-device rootfs package install fail. To avoid this, create a copy of the TARGET_DIR before prepare_rootfs is run and use this as basis for per-device rootfs generation. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* kernel: remove duplicate br-netfilter file and Kconfig symbol from kmod-ebtablesMatthias Schiffer2016-09-241-5/+2
| | | | | | | br_netfilter.ko and the corresponding Kconfig symbol are already provided by kmod-br-netfilter, which is a dependency of kmod-ebtables. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* openssl: backport build fix when hardware support is usedHauke Mehrtens2016-09-242-0/+35
| | | | | | | This fix added to the openssl 1.0.2 branch. In addition add the header for the existing backport. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* treewide: remove bad local shell variable declarationsJo-Philipp Wich2016-09-242-3/+3
| | | | | | | Local variable declarations outside of functions are illegal since the Busybox update to v1.25.0, therfore remove them from the appropriate places. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* curl: update to version 7.50.3Hauke Mehrtens2016-09-242-3/+3
| | | | | | | | | | | | | | This fixes the following security problems: 7.50.1: CVE-2016-5419 TLS session resumption client cert bypass CVE-2016-5420 Re-using connections with wrong client cert CVE-2016-5421 use of connection struct after free 7.50.2: CVE-2016-7141 Incorrect reuse of client certificates 7.50.3: CVE-2016-7167 curl escape and unescape integer overflows Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* openssl: update to 1.0.2iMagnus Kroken2016-09-247-43/+19
| | | | | | | | | | | | | | | Drop 302-fix_no_cmac_build.patch, it has been applied upstream. Security fixes: * (Severity: High) OCSP Status Request extension unbounded memory growth (CVE-2016-6304) * (Severity: Moderate) SSL_peek() hang on empty record (CVE-2016-6305) * 10 Low severity issues Security advisory: https://www.openssl.org/news/secadv/20160922.txt Changelog: https://www.openssl.org/news/cl102.txt Signed-off-by: Magnus Kroken <mkroken@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* linux-firmware: update to current Git headJo-Philipp Wich2016-09-231-3/+3
| | | | | | | | | | | | | | | | | | | Update the linux-firmware package in order to force the buildbots to fetch the proper mirrored version. Currently each builder has its own copy of the linux-firmware checkout staged in its own dl/, since the package was updated before the mirrored copy has been uploaded. The builders then subsequently uploaded their own copy instead, leading to md5sum mismatches since each clone produces different tarballs. By bumping the package to a new version and uploading the mirrored archive with the proper md5sum beforehand, the builders will fetch that instead and not upload their own copies. To properly solve that problem in the future we need to ensure that packed checkouts become reproducable. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* kernel: fix broken dependency of kmod-owl-loader on kmod-ath9kFelix Fietkau2016-09-221-1/+1
| | | | | | | It messes up the build order of package/kernel/linux vs package/kernel/mac80211 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* linux-firmware: update md5sumJo-Philipp Wich2016-09-221-1/+1
| | | | | | | | | | | | Since the md5sum of the mirrored Git clone archive has been set in the Makefile before that particular archive was uploaded to the source mirror, the buildbots uploaded their own, different copy instead invalidating the mirror md5sum for anyone else. In order to fix the mismatch, update the md5sum to reflect the archive being present on the download server. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* busybox: fix md5sumHauke Mehrtens2016-09-201-1/+1
| | | | | | | The md5sum was not updated in commit 06fa1c46fc3 "busybox: update to version 1.25.0" Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ltq-vdsl-app: update to version 4.17.18.6Hauke Mehrtens2016-09-203-28/+5
| | | | Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* ltq-vdsl: update to version 4.17.18.6Hauke Mehrtens2016-09-202-12/+38
| | | | Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* ltq-vdsl-mei: update mei driver to version 1.5.17.6Hauke Mehrtens2016-09-204-51/+87
| | | | Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* dsl-vrx200-firmware-xdsl: update to more recent versionsHauke Mehrtens2016-09-201-7/+7
| | | | | | | | | | The Annex A firmware will be updated to: 05.08.01.08.01.06_05.08.00.0B.01.01_osc The Annex B firmware will be updated to: 05.07.09.09.00.06_05.07.04.04.00.02_osc Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* busybox: update to version 1.25.0Hauke Mehrtens2016-09-2033-570/+482
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The following patches were removed: 010-networking-fix-uninitialized-memory-when-displaying-.patch https://git.busybox.net/busybox/commit/?id=f2c043acfcf9dad9fd3d65821b81f89986bbe54e 030-ip-fix-problem-on-mips64-n64-big-endian-musl-systems.patch https://git.busybox.net/busybox/commit/?id=4ab372d49a6e82b0bf097dedb96d26330c5f2d5f 204-udhcpc_src_ip_rebind.patch https://git.busybox.net/busybox/commit/?id=abe8f7515aded80889d78c2c1c8947997918cf90 230-ntpd_delayed_resolve.patch https://git.busybox.net/busybox/commit/?id=c8641962e4cbde48108ddfc1c105e3320778190d https://git.busybox.net/busybox/commit/?id=e4caf1dd9ce8569371a0eeb77ccf02a572dc0f11 260-arping_missing_includes.patch Not needed any more, still builds with musl for me. Add in 92fd6e6f1a "busybox: fix arping applet building on musl" The Kconfig files were updated with these commands: cd config ../convert_menuconfig.pl .../build_dir/target-*/busybox-1.25.0 cd .. ./convert_defaults.pl < .../build_dir/target-*/busybox-1.25.0/.config > Config-defaults.in Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* base-files: Allow subtargets to define base-files.mkFlorian Fainelli2016-09-191-0/+1
| | | | Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* kernel: owl-loader for delayed Atheros ath9k fixupChristian Lamparter2016-09-191-0/+21
| | | | | | | | | | | | | | | | | | | | | | | | | Some devices (like the Cisco Meraki Z1 Cloud Managed Teleworker Gateway) need to be able to initialize the PCIe wifi device. Normally, this is done during the early stages of booting linux, because the necessary init code is read from the memory mapped SPI and passed to pci_enable_ath9k_fixup. However,this isn't possible for devices which have the init code for the Atheros chip stored on NAND in an UBI volume. Hence, this module can be used to initialze the chip when the user-space is ready to extract the init code. Martin Blumenstingl made a few fixes and added support for lantiq: kernel: owl-loader: add support for OWL emulation PCI devices kernel: owl-loader: don't re-scan the bus when ath9k_pci_fixup failed kernel: owl-loader: use dev_* instead of pr_* logging functions kernel: owl-loader: auto-generate the eeprom filename as fallback kernel: owl-loader: add a debug message when swapping the eeprom data kernel: owl-loader: add missing newlines in log messages kernel: owl-loader: add support for the lantiq platform These patches have been integrated. Thanks! Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
* cyassl: remove duplicate submenu levelJohn Crispin2016-09-191-3/+2
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* cyassl: make CyaSSL/WolfSSL more configurableAndreas Schultz2016-09-192-4/+5
| | | | | | | | The default configuration might not be suitable for every use case. Add options to enable/disable additional options. Signed-off-by: Andreas Schultz <aschultz@tpip.net>
* dnsmasq: Add match section supportHans Dedecker2016-09-191-0/+17
| | | | | | | | | | | | | | | Match sections allow to set a tag specified by the option networkid if the client sends an option and optionally the option value specified by the match option. The force option will convert the dhcp-option to force-dhcp-option if set to 1 in the dnsmasq config if options are specified in the dhcp_option option. config match option networkid tag option match 12,myhost option force 1 list dhcp_option '3,192.168.1.1' Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* iwinfo: Bump to 2016-07-29Florian Fainelli2016-09-191-2/+2
| | | | Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>