librecmc/librecmc.git
5 years agobase-files: add network_get_uptime() to /lib/functions/network.sh
Florian Eckert [Fri, 28 Jun 2019 10:59:19 +0000 (12:59 +0200)]
base-files: add network_get_uptime() to /lib/functions/network.sh

Add missing ubus api call for uptime value.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 9e780ed5f7b834e06ec5c82323731917aef4ee53)

5 years agobuild: warn when packages have no associated install section
Jonas Gorski [Sat, 22 Jun 2019 12:02:27 +0000 (14:02 +0200)]
build: warn when packages have no associated install section

Declaring a package without the appropriate install section is an easy
mistake to make, especially when renaming packages. Since this is also
easy to detect, warn about it when it happens.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
No-objections-at-all-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 5ede3fcdf74dcc1b1b4c9415152b2e8b26a45ead)

5 years agoustream-ssl: update to 2019-06-24
Eneas U de Queiroz [Mon, 24 Jun 2019 19:24:00 +0000 (16:24 -0300)]
ustream-ssl: update to 2019-06-24

This adds chacha20-poly1305 support to the mbedtls variant.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 82a8ddd603707a130acf5ec1f54d9093d46acad4)

5 years agorssileds: change rssileds.init STOP index
Joseph Tingiris [Sun, 13 Jan 2019 21:43:50 +0000 (16:43 -0500)]
rssileds: change rssileds.init STOP index

This patch is in a series to allow additional STOP indexes after
umount, so that other block devices may stop cleanly.

rssileds.init is now STOP=89

Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com>
(cherry picked from commit 8a5a01a67769f3822e365342d706b3cb57ef97f3)

5 years agokexec-tools: change kdump.init STOP index
Joseph Tingiris [Sun, 13 Jan 2019 21:43:49 +0000 (16:43 -0500)]
kexec-tools: change kdump.init STOP index

This patch is in a series to allow additional STOP indexes after umount,
so that other block devices may stop cleanly.

kdumpinit is now STOP=90

Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com>
(cherry picked from commit 5883b5a1f888c7f18da75eb4a1df9003a8bcc9f2)

5 years agobase-files: change boot & umount STOP indexes
Joseph Tingiris [Sun, 13 Jan 2019 21:43:48 +0000 (16:43 -0500)]
base-files: change boot & umount STOP indexes

This patch is in a series to allow additional STOP indexes after umount,
so that other block devices may stop cleanly.

boot is now STOP=90
umount is now STOP=90

After this patch series, the resulting STOP indexes in the 80s & 90s
will be:

STOP=85 odhcpd.init
STOP=89 conntrackd.init
STOP=89 log.init
STOP=89 rssileds.init
STOP=90 boot
STOP=90 kdump.init
STOP=90 network
STOP=90 sysfixtime
STOP=90 umount
STOP=98 mdadm.init (note: will be addressed in a separate patch)

Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[PKG_RELEASE is now 200]

(cherry picked from commit 04811007e53c5a5bdddbd0a00b330e12a5dbd045)

5 years agombedtls: Update to version 2.16.2
Josef Schlehofer [Tue, 18 Jun 2019 22:31:03 +0000 (00:31 +0200)]
mbedtls: Update to version 2.16.2

Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
(cherry picked from commit a2f54f6d5d98211e9c58420eed8c67f4fca83665)

5 years agopackage/network: add PKGARCH:=all to non-binary packages
Deng Qingfang [Fri, 21 Jun 2019 03:10:36 +0000 (11:10 +0800)]
package/network: add PKGARCH:=all to non-binary packages

Packages such as xfrm contain only script files, add PKGARCH:=all

Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 6762e72524075c37928ad4ae9a979257759b2703)

5 years agonghttp2: deduplicate files in staging_dir
Eneas U de Queiroz [Sat, 22 Jun 2019 08:17:21 +0000 (10:17 +0200)]
nghttp2: deduplicate files in staging_dir

'38b22b1e: deduplicate files in libnghttp2' missed duplicates in
staging_dir by Build/InstallDev.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry picked from commit ee1a78331462d0c2394c0e6805e4d12fbfa4882d)

5 years agotools/bison: Update to 3.4.1
Daniel Engberg [Sat, 15 Jun 2019 02:26:56 +0000 (02:26 +0000)]
tools/bison: Update to 3.4.1

Update bison to 3.4.1
Remove 010-intl-stub-compat.patch

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit 9fc03832bc46b13b377cbe2f6d1acca45f1ad002)

5 years agorpcd: add direct dependency on libjson-c
Jo-Philipp Wich [Fri, 21 Jun 2019 15:41:28 +0000 (17:41 +0200)]
rpcd: add direct dependency on libjson-c

The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefor add all libraries linked by rpcd
as direct dependencies to the corresponding binary package definition.

This ensures that rpcd is automatically rebuilt and relinked if any
of these libraries has its ABI_VERSION updated in the future.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit eaad2211dbfb9fdf0815c8d19423069ec099bad2)

5 years agometadata: handle ABI version rebuild tracking for transient dependencies
Jo-Philipp Wich [Thu, 20 Jun 2019 19:02:06 +0000 (21:02 +0200)]
metadata: handle ABI version rebuild tracking for transient dependencies

Extend the packageauxvars database to keep a list of possible package
dependencies for each provider, then utilize this information in buildroot
to resolve the ABI version dependencies of dependent packages up to five
levels deep.

This should properly trigger rebuilds for packages indirectly depending
on other packages whose ABI_VERSION changed.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 27a4a71c240875e3fff868f26f723178bf94eb86)

5 years agobase-files: apply new sysctl.conf at postinst
Yousong Zhou [Thu, 20 Jun 2019 10:29:53 +0000 (10:29 +0000)]
base-files: apply new sysctl.conf at postinst

This is mainly for kmod-br-netfilter.  To turn off
bridge-netfilter-call-xxx immediately after installation

While at it

 - Define filelist="/usr/lib/opkg/info/${pkgname}.list"
 - Reuse "[ -z "$root" ]"
 - Grep with "-m1"

Fixes FS#2300

Reported-by: Marco Sartorius <tidbits@ormoorgmen.info>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 3dc4f59eabaed5135cd4eed8d1846248d5f1b37c)

5 years agohostapd: remove stale WPA_SUPPLICANT_NO_TIMESTAMP_CHECK option
Christian Lamparter [Tue, 11 Dec 2018 17:40:04 +0000 (18:40 +0100)]
hostapd: remove stale WPA_SUPPLICANT_NO_TIMESTAMP_CHECK option

Support to disable the timestamp check for certificates in
wpa_supplicant (Useful for devices without RTC that cannot
reliably get the real date/time) has been accepted in the
upstream hostapd. It's implemented in wpa_supplicant as a
per-AP flag tls_disable_time_checks=[0|1].

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 99bf9a1ac2b754e708ec845059689b293d1abab0)

5 years agoscripts/config: fix *c_shipped build depency tracking
Jonas Gorski [Thu, 20 Jun 2019 15:02:30 +0000 (17:02 +0200)]
scripts/config: fix *c_shipped build depency tracking

The Makefile was missing dependencies on *c_shipped, so changes never
triggered a rebuild. Add these as optional dependencies so their absence
isn't treated as an error.

In addition, fix a typo preventing the zconf.lex.o from being removed on
clean.

Fixes: 9d5510a500a1 ("build: add new menuconfig code based on linux 3.9")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 0096a1cf0015e483b99e51c74f2f0bbae7247342)

5 years agometadata: ensure one dependency provider to be y if a package is y
Jonas Gorski [Sat, 15 Jun 2019 13:04:53 +0000 (15:04 +0200)]
metadata: ensure one dependency provider to be y if a package is y

When there are multiple packages providing a meta-package, it is
possible to to create a config where a package is selected as =y, but
all of its dependency providers are just selected as =m. This is due to
the selection statement being just

  config PACKAGE_foo
    select PACKAGE_bar if !PACKAGE_baz

which is already fulfilled by PACKAGE_bar=m. Fix this by properly
comparing the selection states:

  config PACKAGE_foo
    select PACKAGE_bar if PACKAGE_baz<PACKAGE_foo

Also invert the select conditions to improve readability.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
[slightly reword commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 1fd50531cac9c41334d8f57e2dbc1f50c3572445)

5 years agotreewide: fix syntax errors exposed after kconfig update
Jo-Philipp Wich [Sat, 15 Jun 2019 12:57:14 +0000 (14:57 +0200)]
treewide: fix syntax errors exposed after kconfig update

After commit e82a4d9cfb ("config: regenerate *_shipped sources") the mconf
parser became more strict as a side effect and started to spew a series of
warnings when evaluating our generated kconfig sources:

  tmp/.config-package.in:705:warning: ignoring unsupported character '@'

The root cause of these warnings is a wrong use of the @SYMBOL dependency
syntax in various Makefile. Fix the corresponding Makefiles by turning
`@SYM||@SYM2` expressions into the proper `@(SYM||SYM2)` form.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 74739c4228f3bd0aa757165c67c53016c3deb544)

5 years agoconfig: fix relational operators for bool and tristate symbols
Nicolas Pitre [Sat, 15 Jun 2019 15:07:08 +0000 (17:07 +0200)]
config: fix relational operators for bool and tristate symbols

Since commit 31847b67bec0 ("kconfig: allow use of relations other than
(in)equality") it is possible to use relational operators in Kconfig
statements. However, those operators give unexpected results when
applied to bool/tristate values:

(n < y) = y (correct)
(m < y) = y (correct)
(n < m) = n (wrong)

This happens because relational operators process bool and tristate
symbols as strings and m sorts before n. It makes little sense to do a
lexicographical compare on bool and tristate values though.

Documentation/kbuild/kconfig-language.txt states that expression can have
a value of 'n', 'm' or 'y' (or 0, 1, 2 respectively for calculations).
Let's make it so for relational comparisons with bool/tristate
expressions as well and document them. If at least one symbol is an
actual string then the lexicographical compare works just as before.

Signed-off-by: Nicolas Pitre <nico@linaro.org>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Tested-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
[rebased against OpenWrt kconfig, slightly reword commit message]
(backported from upstream 9059a3493efea6492451430c7e2fa0af799a2abb)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 75dcaf3d23301da35eb4a6d0efc5ba5a0ed09850)

5 years agoconfig: regenerate *_shipped sources
Jonas Gorski [Sat, 15 Jun 2019 12:54:07 +0000 (14:54 +0200)]
config: regenerate *_shipped sources

The pregenerated `zconf.hash.c` and `zconf.lex.c` files have not been
kept in sync with their respective `*.y` and `*.l` sources in the past
causing our kconfig implementation to not recognize important kconfig
grammer elements such as relational `<`, `<=`, `>` and `>=` operators.

Fixes: 2d7e602381f3 ("scripts/config: sync with latest linux upstream")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
[reword commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 972123f1e056e6d443be1e4a11db09b5d2ef53da)

5 years agoprocd: add direct dependencies on libblobmsg-json and libjson-c
Jo-Philipp Wich [Thu, 20 Jun 2019 10:54:02 +0000 (12:54 +0200)]
procd: add direct dependencies on libblobmsg-json and libjson-c

The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefor add all libraries linked by procd
as direct dependencies to the corresponding binary package definition.

This ensures that procd is automatically rebuilt and relinked
if any of these libraries has its ABI_VERSION updated in the
future.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 66838cd8513e50d82996425434efcb260d893180)

5 years agourngd: move project to git.openwrt.org
Petr Štetiar [Mon, 17 Jun 2019 13:25:40 +0000 (15:25 +0200)]
urngd: move project to git.openwrt.org

Let's move project to a proper place.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit bec8fb1ee7188bfe7eff0f39e060039623e2575e)

5 years agonghttp2: bump to 1.39.1
Hans Dedecker [Sun, 16 Jun 2019 19:27:04 +0000 (21:27 +0200)]
nghttp2: bump to 1.39.1

7ffc239b Bump up version number to 1.39.1
bc886a0e Fix FPE with default backend
a3a14a9c Fix log-level is not set with cmd-line or configuration file
acfb3607 Update manual pages
bdfd14c2 Bump up version number to 1.39.0, LT revision to 31:4:17
cddc09fe Update AUTHORS
3c3b6ae8 Add missing colon
2f83aa9e Fix multi-line text travis issue
fc591d0c Run nghttpx integration test with cmake build
9a17c3ef travis: use multi-line text
b7220f07 cmake: Remove SPDY related files
a1556fd1 Merge pull request #1356 from nghttp2/fix-log-level-on-reload
77f1c872 nghttpx: Fix unchanged log level on configuration reload
49ce44e1 Merge pull request #1352 from nghttp2/travis-osx
f54b3ffc Fix libxml2 CFLAGS output
b0f5e5cc Implement daemon() using fork() for OSX
8d6ecd66 Enable osx build on travis
f82fb521 Update doc
2e1975dd clang-format-8
97ce392b Merge pull request #1347 from nghttp2/nghttpx-ignore-cl-te-on-upgrade
afefbda5 Ignore content-length in 200 response to CONNECT request
4fca2502 nghttpx: Ignore Content-Length and Transfer-Encoding in 1xx or 200 to CONNECT
6975c336 Update llhttp to 1.1.3
0288093c Fix llhttp_get_error_pos usage
a3a03481 Merge pull request #1340 from nghttp2/nghttpx-llhttp
c64d2573 Replace http-parser with llhttp
f028cc43 clang-format
302e3746 Merge pull request #1337 from nghttp2/upgrade-mruby
3cdbc5f5 Merge pull request #1335 from adamgolebiowski/boost-1.70
a6925186 Fix mruby build error
45d63d20 Upgrade mruby to 2.0.1
cbba1ebf asio: support boost-1.70
e86d1378 Bump up version number to 1.39.0-DEV
4a9d2005 Update manual pages

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 865e25e049f6d5a6488c5e83a7d89d0dc896c876)

5 years agourngd: Fix more wrong type in format string
Hauke Mehrtens [Sun, 16 Jun 2019 16:59:04 +0000 (18:59 +0200)]
urngd: Fix more wrong type in format string

Also the other type is worng and causes compile problems on ARM64
platforms.

Fixes: 9b53201d9c53 ("urngd: Fix wrong type in format string")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 1ae1276eab1903d194c1a0f8037e7f44304568b1)

5 years agolibubox: update to latest git HEAD
Hauke Mehrtens [Sun, 16 Jun 2019 14:36:13 +0000 (16:36 +0200)]
libubox: update to latest git HEAD

9dd2dcf libubox: add format string checking to ulog()
ecf5617 ustream: Add format string checks to ustream_(v)printf()

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit fc454ca15305e332a35c9bc1e60dde18f69ac210)

5 years agourngd: Fix wrong type in format string
Hauke Mehrtens [Sun, 16 Jun 2019 14:38:56 +0000 (16:38 +0200)]
urngd: Fix wrong type in format string

GCC 9.1 complains about this wrong type used in the format string, fix
this to make the compiler happy.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9b53201d9c53cd7021455ac9748b3dba744b468b)

5 years agoubox: bump to git HEAD
Hauke Mehrtens [Sun, 16 Jun 2019 13:48:44 +0000 (15:48 +0200)]
ubox: bump to git HEAD

4df34a4 kmodloader: Increase path array size to make it always fit

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 22d3d91c774f085fbbe607b96c39398c73f7151c)

5 years agonetifd: xfrm fixes
Hans Dedecker [Sat, 15 Jun 2019 19:25:03 +0000 (21:25 +0200)]
netifd: xfrm fixes

9932ed0 netifd: fix xfrm interface deletion and standardize netlink call

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 1fd900ddc2d10cde8e86d8059bfd112f3d0aae65)

5 years agonetwork/config/xfrm: add host-dependency for xfrm interface parent
André Valentin [Fri, 14 Jun 2019 11:09:47 +0000 (13:09 +0200)]
network/config/xfrm: add host-dependency for xfrm interface parent

Add proto_add_host_dependency to add a dependency to the tunlink interface

Signed-off-by: André Valentin <avalentin@marcant.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(cherry picked from commit f6dab9804413139c3bd2647a81652d04baa1e59d)

5 years agonetifd: update to latest git HEAD
Hans Dedecker [Thu, 13 Jun 2019 20:16:06 +0000 (22:16 +0200)]
netifd: update to latest git HEAD

42a3878 interface-ip: fix possible null pointer dereference
c1964d8 system-linux: remove superfluous dev check

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 55fcc77072c9ca0baee8e79c00d2342be26fce47)

5 years agof2fs-tools: fixup SPDX license
Paul Spooren [Wed, 12 Jun 2019 21:38:20 +0000 (23:38 +0200)]
f2fs-tools: fixup SPDX license

The f2fs-tools have a wrong PKG_LICENSE with is not SPDX compatible.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 35a70d626239424fb47e4cc50b565da7622eb2a6)

5 years agonghttp2: deduplicate files in libnghttp2
Konstantin Demin [Wed, 12 Jun 2019 09:10:09 +0000 (12:10 +0300)]
nghttp2: deduplicate files in libnghttp2

libnghttp2 accidentally ships library twice:

$ tar -Oxzf libnghttp2-14_1.38.0-1_mips_24kc.ipk ./data.tar.gz | tar -tzvf -
drwxr-xr-x root/root         0 2019-06-07 23:14 ./
drwxr-xr-x root/root         0 2019-06-07 23:14 ./usr/
drwxr-xr-x root/root         0 2019-06-07 23:14 ./usr/lib/
-rw-r--r-- root/root    144412 2019-06-07 23:14 ./usr/lib/libnghttp2.so.14
-rw-r--r-- root/root    144412 2019-06-07 23:14 ./usr/lib/libnghttp2.so.14.17.3

after fix, there's library and symlink (as designed):

$ tar -Oxzf libnghttp2-14_1.38.0-2_mips_24kc.ipk ./data.tar.gz | tar -tzvf -
drwxr-xr-x root/root         0 2019-06-07 23:14 ./
drwxr-xr-x root/root         0 2019-06-07 23:14 ./usr/
drwxr-xr-x root/root         0 2019-06-07 23:14 ./usr/lib/
lrwxrwxrwx root/root         0 2019-06-07 23:14 ./usr/lib/libnghttp2.so.14 -> libnghttp2.so.14.17.3
-rw-r--r-- root/root    144412 2019-06-07 23:14 ./usr/lib/libnghttp2.so.14.17.3

Binary package size reduced accordingly: 134621 -> 66593.

Compile/run-tested: ar71xx/generic.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(cherry picked from commit 38b22b1e7022d6b386ce25f39d05cc33fc659240)

5 years agoodhcpd: various fixes
Hans Dedecker [Tue, 3 Sep 2019 19:51:50 +0000 (21:51 +0200)]
odhcpd: various fixes

8f1347b odhcpd: router: Fix out of scope memory access
d37736e dhcpv6-ia: free assignment when validity timer expires

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
5 years agoAdd libreCMC Keyring v1.5.0-rc1
RISCi_ATOM [Tue, 10 Sep 2019 15:38:25 +0000 (11:38 -0400)]
Add libreCMC Keyring

5 years agoAdd core additional core pkgs feed/master commit : f564008b9d6b458d2e5291414ef4ac05cc...
RISCi_ATOM [Mon, 9 Sep 2019 14:21:36 +0000 (10:21 -0400)]
Add core additional core pkgs feed/master commit : f564008b9d6b458d2e5291414ef4ac05cc2d4ce2

5 years agoAdd mbedtls and ca-bundle as default pkgs to provide ssl support for pkg repo.
RISCi_ATOM [Mon, 9 Sep 2019 14:17:43 +0000 (10:17 -0400)]
Add mbedtls and ca-bundle as default pkgs to provide ssl support for pkg repo.

5 years agoAdd luci, based upon commit : ae8ddb0ca6dfe98cb842fe2c01b36c4df55a0894
RISCi_ATOM [Mon, 9 Sep 2019 14:14:25 +0000 (10:14 -0400)]
Add luci, based upon commit : ae8ddb0ca6dfe98cb842fe2c01b36c4df55a0894

5 years agoUpdate libreCMC version to v1.5.0-rc1
RISCi_ATOM [Sun, 8 Sep 2019 23:04:15 +0000 (19:04 -0400)]
Update libreCMC version to v1.5.0-rc1

5 years agoAdd nat64 back
RISCi_ATOM [Sun, 8 Sep 2019 17:14:22 +0000 (13:14 -0400)]
Add nat64 back

The deblobbing script removed it by accident.

5 years agoTmp. remove pkg feeds
RISCi_ATOM [Sat, 7 Sep 2019 18:13:44 +0000 (14:13 -0400)]
Tmp. remove pkg feeds

5 years agoUpdate gitignore
RISCi_ATOM [Sat, 7 Sep 2019 18:13:12 +0000 (14:13 -0400)]
Update gitignore

5 years agoFix kernel version
RISCi_ATOM [Sun, 1 Sep 2019 03:38:46 +0000 (23:38 -0400)]
Fix kernel version

5 years agoAdd correct kernel hash and add KERNEL_LIBRE to download.pl
RISCi_ATOM [Sun, 1 Sep 2019 03:31:24 +0000 (23:31 -0400)]
Add correct kernel hash and add KERNEL_LIBRE to download.pl

5 years agoRemove upstream src. mirror
RISCi_ATOM [Sun, 1 Sep 2019 03:01:28 +0000 (23:01 -0400)]
Remove upstream src. mirror

5 years agoUpstream refresh for v1.5.0-rc1 : Upstream 19.07 : 4fb6b8c553f692eeb5bcb203e0f8ee8df0...
RISCi_ATOM [Sun, 1 Sep 2019 02:56:01 +0000 (22:56 -0400)]
Upstream refresh for v1.5.0-rc1 : Upstream 19.07 : 4fb6b8c553f692eeb5bcb203e0f8ee8df099e77e

5 years agoAdd luci mirror repository v1.5.0-20190402_alpha
RISCi_ATOM [Tue, 2 Apr 2019 17:12:45 +0000 (13:12 -0400)]
Add luci mirror repository

5 years agoChange repo URL to reflect beta status
RISCi_ATOM [Mon, 1 Apr 2019 19:51:08 +0000 (15:51 -0400)]
Change repo URL to reflect beta status

5 years agoFix scripts/getver.sh git hash
RISCi_ATOM [Thu, 14 Mar 2019 15:50:24 +0000 (11:50 -0400)]
Fix scripts/getver.sh git hash

5 years agoForgot to remove wrt350nv2-builder since we don't support orion targets
RISCi_ATOM [Thu, 14 Mar 2019 15:48:45 +0000 (11:48 -0400)]
Forgot to remove wrt350nv2-builder since we don't support orion targets

5 years agoRebase from upstream commit : 3bb9dcf44627ffdd313fe92c563ae454b6ff8aa6
RISCi_ATOM [Thu, 14 Mar 2019 15:44:53 +0000 (11:44 -0400)]
Rebase from upstream commit : 3bb9dcf44627ffdd313fe92c563ae454b6ff8aa6

5 years agoFix broken repository link in target/makeccs
RISCi_ATOM [Tue, 12 Feb 2019 14:39:28 +0000 (09:39 -0500)]
Fix broken repository link in target/makeccs

5 years agoForgot to update scripts/getver.sh git check-in hash.
RISCi_ATOM [Tue, 12 Feb 2019 11:09:21 +0000 (06:09 -0500)]
Forgot to update scripts/getver.sh git check-in hash.

5 years agoRebased from upstream / out of band repository.
RISCi_ATOM [Tue, 12 Feb 2019 11:07:41 +0000 (06:07 -0500)]
Rebased from upstream / out of band repository.

6 years agoBump version to v1.5 and start work on adding 4.19 kernel suppot
RISCi_ATOM [Tue, 23 Oct 2018 18:10:16 +0000 (14:10 -0400)]
Bump version to v1.5 and start work on adding 4.19 kernel suppot

6 years agoAdd sha256sums/signatures link to supported / popular router pages
RISCi_ATOM [Thu, 18 Oct 2018 16:17:57 +0000 (12:17 -0400)]
Add sha256sums/signatures link to supported / popular router pages

6 years agoFix formatting in image list?
RISCi_ATOM [Thu, 18 Oct 2018 16:04:01 +0000 (12:04 -0400)]
Fix formatting in image list?

6 years agoAdd link to current libreCMC images on popular / supported router pages
RISCi_ATOM [Thu, 18 Oct 2018 16:00:37 +0000 (12:00 -0400)]
Add link to current libreCMC images on popular / supported router pages

6 years agoChange wording to make it clear that Main images work on targets with 8M of flash
RISCi_ATOM [Thu, 18 Oct 2018 01:36:48 +0000 (21:36 -0400)]
Change wording to make it clear that Main images work on targets with 8M of flash

6 years agoAdd missing word
RISCi_ATOM [Thu, 18 Oct 2018 01:32:07 +0000 (21:32 -0400)]
Add missing word

6 years agoremove a word.
RISCi_ATOM [Thu, 18 Oct 2018 01:28:04 +0000 (21:28 -0400)]
remove a word.

6 years agoMerge branch 'v1.4' of https://gogs.librecmc.org/librecmc/librecmc into v1.4
RISCi_ATOM [Thu, 18 Oct 2018 01:19:04 +0000 (21:19 -0400)]
Merge branch 'v1.4' of https://gogs.librecmc.org/librecmc/librecmc into v1.4

6 years agoAdd image flavor description
RISCi_ATOM [Thu, 18 Oct 2018 01:18:50 +0000 (21:18 -0400)]
Add image flavor description

6 years agoFix issue link
RISCI_ATOM [Thu, 18 Oct 2018 01:11:56 +0000 (21:11 -0400)]
Fix issue link

6 years agoBump Wireguard to 0.0.20181006 v1.4.5
RISCi_ATOM [Tue, 9 Oct 2018 05:36:27 +0000 (01:36 -0400)]
Bump Wireguard to 0.0.20181006

6 years agoUpdate status of TL-WR1043N v5, still has not been tested!
RISCi_ATOM [Wed, 3 Oct 2018 19:57:18 +0000 (15:57 -0400)]
Update status of TL-WR1043N v5, still has not been tested!

6 years agoFix TL-WR1043N v5 image generation
RISCi_ATOM [Wed, 3 Oct 2018 01:59:51 +0000 (21:59 -0400)]
Fix TL-WR1043N v5 image generation

6 years agoBump bzip2 and curl
RISCi_ATOM [Mon, 1 Oct 2018 19:52:08 +0000 (15:52 -0400)]
Bump bzip2 and curl

6 years agoBump mbedtls to 2.12.0
RISCi_ATOM [Mon, 1 Oct 2018 19:32:47 +0000 (15:32 -0400)]
Bump mbedtls to 2.12.0

6 years agoBump firewall version
RISCi_ATOM [Mon, 1 Oct 2018 18:20:47 +0000 (14:20 -0400)]
Bump firewall version

6 years agobump tor to 0.3.4.8
RISCi_ATOM [Mon, 1 Oct 2018 15:40:58 +0000 (11:40 -0400)]
bump tor to 0.3.4.8

6 years agoBump wireguard to 0.0.20180925
RISCi_ATOM [Mon, 1 Oct 2018 14:47:20 +0000 (10:47 -0400)]
Bump wireguard to 0.0.20180925

6 years agoBump kernel to 4.4.159
RISCi_ATOM [Mon, 1 Oct 2018 13:58:55 +0000 (09:58 -0400)]
Bump kernel to 4.4.159
 - Removed ar71xx/203-MIPS-ath79-fix-restart.patch : upstreamed
 - Removed generic/051-000{1,2,5}-ovl-*.patch : Upstreamed, excluding is_merge rename

6 years agoPull in updated {bison,m4,e2fsprogs,findutils} to fix build issues with newer glibc.
RISCi_ATOM [Sun, 30 Sep 2018 19:56:11 +0000 (15:56 -0400)]
Pull in updated {bison,m4,e2fsprogs,findutils} to fix build issues with newer glibc.

6 years agoTP-Link TL-WR1043N v5 appears to be identical to the TL-WR1043ND v4,
RISCi_ATOM [Sun, 30 Sep 2018 19:52:14 +0000 (15:52 -0400)]
TP-Link TL-WR1043N v5 appears to be identical to the TL-WR1043ND v4,
except that the USB port has been removed and there is no longer a
removable antenna option.

The software is more in line with the Archer series in that it uses a
nested bootloader scheme.

Specifications:

 - QCA9563 at 775 MHz
 - 64 MB RAM
 - 16 MB flash
 - 3 (non-detachable) Antennas / 450 Mbit
 - 1x/4x WAN/LAN Gbps Ethernet (QCA8337)
 - reset and Wi-Fi buttons

Based upon upstream commit : 673793d753717dc49e5a6f9b1bba52658cae63fc

Note: This commit has not been tested on actual hardware!!!

6 years agoFix redundant TARGET_CFLAGS in hnsd Makefile
RISCi_ATOM [Thu, 6 Sep 2018 08:50:06 +0000 (04:50 -0400)]
Fix redundant TARGET_CFLAGS in hnsd Makefile

6 years agoMove libexpat, unbound into core and introduce hnsd
RISCi_ATOM [Thu, 6 Sep 2018 08:34:11 +0000 (04:34 -0400)]
Move libexpat, unbound into core and introduce hnsd

hnsd is the Handshake SPV name resolver daemon for the Handshake
network. see https://handshake.org and https://github.com/handshake-org/hnsd

Currently, hnsd needs some more work.

6 years agoMerge branch 'v1.4' of https://gogs.librecmc.org/librecmc/librecmc into v1.4
RISCi_ATOM [Thu, 6 Sep 2018 08:30:39 +0000 (04:30 -0400)]
Merge branch 'v1.4' of https://gogs.librecmc.org/librecmc/librecmc into v1.4

6 years agoupdate x86 kernel config to reflect last kernel bump
RISCi_ATOM [Thu, 6 Sep 2018 08:30:21 +0000 (04:30 -0400)]
update x86 kernel config to reflect last kernel bump

6 years agowireguard: bump to 0.0.20180904
RISCi_ATOM [Wed, 5 Sep 2018 08:29:03 +0000 (04:29 -0400)]
wireguard: bump to 0.0.20180904

* Kconfig: use new-style help marker
* global: run through clang-format
* uapi: reformat
* global: satisfy check_patch.pl errors
* global: prefer sizeof(*pointer) when possible
* global: always find OOM unlikely

Tons of style cleanups.

* crypto: use unaligned helpers

We now avoid unaligned accesses for generic users of the crypto API.

* crypto: import zinc

More style cleanups and a rearrangement of the crypto routines to fit how this
is going to work upstream. This required some fairly big changes to our build
system, so there may be some build errors we'll have to address in subsequent
snapshots.

* compat: rng_is_initialized made it into 4.19

We therefore don't need it in the compat layer anymore.

* curve25519-hacl64: use formally verified C for comparisons

The previous code had been proved in Z3, but this new code from upstream
KreMLin is directly generated from the F*, which is preferable. The
assembly generated is identical.

* curve25519-x86_64: let the compiler decide when/how to load constants

Small performance boost.

* curve25519-arm: reformat
* curve25519-arm: cleanups from lkml
* curve25519-arm: add spaces after commas
* curve25519-arm: use ordinary prolog and epilogue
* curve25519-arm: do not waste 32 bytes of stack
* curve25519-arm: prefix immediates with #

This incorporates ASM nits from upstream review.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Pulled from upstream commit : 4ccbe7de6cb20766fd309bc3824c7591e33b0b96

6 years agoMerge branch 'v1.4' of https://gogs.librecmc.org/librecmc/librecmc into v1.4
RISCi_ATOM [Tue, 4 Sep 2018 18:22:53 +0000 (14:22 -0400)]
Merge branch 'v1.4' of https://gogs.librecmc.org/librecmc/librecmc into v1.4

6 years agoUpdate dropbear
RISCi_ATOM [Tue, 4 Sep 2018 13:20:06 +0000 (09:20 -0400)]
Update dropbear

6 years agoUpdate dropbear
NYNEX [Tue, 4 Sep 2018 13:20:06 +0000 (09:20 -0400)]
Update dropbear

6 years agoBump kernel to 4.4.153 and fix generic/051-0005-ovl-proper-cleanup-of-workdir.patch
RISCi_ATOM [Thu, 30 Aug 2018 13:03:03 +0000 (09:03 -0400)]
Bump kernel to 4.4.153 and fix generic/051-0005-ovl-proper-cleanup-of-workdir.patch

6 years agoMerge branch 'v1.5' into v1.4
RISCi_ATOM [Sun, 26 Aug 2018 23:51:30 +0000 (19:51 -0400)]
Merge branch 'v1.5' into v1.4

6 years agoBump libreCMC version #
RISCi_ATOM [Thu, 23 Aug 2018 10:43:13 +0000 (06:43 -0400)]
Bump libreCMC version #

6 years agoThis commit adds support for the GL-AR750 (2.4G radio only)
RISCi_ATOM [Thu, 23 Aug 2018 09:32:40 +0000 (05:32 -0400)]
This commit adds support for the GL-AR750 (2.4G radio only)

While this router does have an 802.11ac chipset (QCA9887) which
requires non-free firmware (loadable firmware blobs), the main raido in the SoC
can still be used and does not require non-free firmware / blobs since it
is an ath9k chipset...

As it stands, it is not possible to use the 802.11ac radio due to lack of
drivers, the firmware loading mech. has been removed (linux-libre kernel)
and libreCMC does not include or pull needed firmware. The libreCMC project is
not endorsing the usage of the non-free chpset and the barriers are sufficient
that no one can use libreCMC with the non-free components.

TLDR; It is not possible to use the non-free chipset with libreCMC but the device
can still be used as a wireless router without non-free blobs.

Specification:

- 650/597/216 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 16 MB of FLASH (SPI NOR)
- 3x 10/100 Mbps Ethernet
- 2T2R 2.4 GHz (QCA9531)
- 1T1R 5 GHz (QCA9887)
- 1x USB 2.0 (power controlled by GPIO)
- 1x microSD (GL857L)
- 3x LED (all driven by GPIO)
- 1x button (reset)
- 1x 2-pos switch
- header for optional PoE module
- 1x micro USB for main power input
- UART + I2C header on PCB

Based upon upstream commit : 2e5252d346e2ec832a203af778b5c1d949f0ae5f

6 years agoBump hostapd package revision
RISCi_ATOM [Mon, 20 Aug 2018 18:31:49 +0000 (14:31 -0400)]
Bump hostapd package revision

6 years agowpa_supplicant: fix CVE-2018-14526
RISCi_ATOM [Mon, 20 Aug 2018 16:32:33 +0000 (12:32 -0400)]
wpa_supplicant: fix CVE-2018-14526

Unauthenticated EAPOL-Key decryption in wpa_supplicant

Published: August 8, 2018
Identifiers:
- CVE-2018-14526
Latest version available from: https://w1.fi/security/2018-1/

Vulnerability

A vulnerability was found in how wpa_supplicant processes EAPOL-Key
frames. It is possible for an attacker to modify the frame in a way that
makes wpa_supplicant decrypt the Key Data field without requiring a
valid MIC value in the frame, i.e., without the frame being
authenticated. This has a potential issue in the case where WPA2/RSN
style of EAPOL-Key construction is used with TKIP negotiated as the
pairwise cipher. It should be noted that WPA2 is not supposed to be used
with TKIP as the pairwise cipher. Instead, CCMP is expected to be used
and with that pairwise cipher, this vulnerability is not applicable in
practice.

When TKIP is negotiated as the pairwise cipher, the EAPOL-Key Key Data
field is encrypted using RC4. This vulnerability allows unauthenticated
EAPOL-Key frames to be processed and due to the RC4 design, this makes
it possible for an attacker to modify the plaintext version of the Key
Data field with bitwise XOR operations without knowing the contents.
This can be used to cause a denial of service attack by modifying
GTK/IGTK on the station (without the attacker learning any of the keys)
which would prevent the station from accepting received group-addressed
frames. Furthermore, this might be abused by making wpa_supplicant act
as a decryption oracle to try to recover some of the Key Data payload
(GTK/IGTK) to get knowledge of the group encryption keys.

Full recovery of the group encryption keys requires multiple attempts
(128 connection attempts per octet) and each attempt results in
disconnection due to a failure to complete the 4-way handshake. These
failures can result in the AP/network getting disabled temporarily or
even permanently (requiring user action to re-enable) which may make it
impractical to perform the attack to recover the keys before the AP has
already changes the group keys. By default, wpa_supplicant is enforcing
at minimum a ten second wait time between each failed connection
attempt, i.e., over 20 minutes waiting to recover each octet while
hostapd AP implementation uses 10 minute default for GTK rekeying when
using TKIP. With such timing behavior, practical attack would need large
number of impacted stations to be trying to connect to the same AP to be
able to recover sufficient information from the GTK to be able to
determine the key before it gets changed.

Vulnerable versions/configurations

All wpa_supplicant versions.

Acknowledgments

Thanks to Mathy Vanhoef of the imec-DistriNet research group of KU
Leuven for discovering and reporting this issue.

Possible mitigation steps

- Remove TKIP as an allowed pairwise cipher in RSN/WPA2 networks. This
can be done also on the AP side.

- Merge the following commits to wpa_supplicant and rebuild:

WPA: Ignore unauthenticated encrypted EAPOL-Key data

This patch is available from https://w1.fi/security/2018-1/

- Update to wpa_supplicant v2.7 or newer, once available

Pulled from upstream commit : b3983323a1f25c936ddfcc129c454b282e90eeed

6 years agoupdate cjdns
RISCi_ATOM [Mon, 20 Aug 2018 03:33:50 +0000 (23:33 -0400)]
update cjdns

6 years agoBump kernel to 4.4.150
RISCi_ATOM [Sun, 19 Aug 2018 20:31:13 +0000 (16:31 -0400)]
Bump kernel to 4.4.150

6 years ago openssl: update to version 1.0.2p
RISCi_ATOM [Thu, 16 Aug 2018 05:27:14 +0000 (01:27 -0400)]
openssl: update to version 1.0.2p

    This fixes the following security problems:
     * CVE-2018-0732: Client DoS due to large DH parameter
     * CVE-2018-0737: Cache timing vulnerability in RSA Key Generation

Cherry pick'ed from upstream commit : e11df1eac62f23263e90c54d87bc69a7021e72b7

6 years agoBump kernel to 4.4.146
RISCi_ATOM [Tue, 7 Aug 2018 16:51:30 +0000 (12:51 -0400)]
Bump kernel to 4.4.146

6 years agowireguard: bump to 0.0.20180802
RISCi_ATOM [Mon, 6 Aug 2018 17:17:42 +0000 (13:17 -0400)]
wireguard: bump to 0.0.20180802

Changelog taken from the version announcement
>
> == Changes ==
>
>   * chacha20poly1305: selftest: split up test vector constants
>
>   The test vectors are encoded as long strings -- really long strings -- and
>   apparently RFC821 doesn't like lines longer than 998.
>   https://cr.yp.to/smtp/message.html
>
>   * queueing: keep reference to peer after setting atomic state bit
>
>   This fixes a regression introduced when preparing the LKML submission.
>
>   * allowedips: prevent double read in kref
>   * allowedips: avoid window of disappeared peer
>   * hashtables: document immediate zeroing semantics
>   * peer: ensure resources are freed when creation fails
>   * queueing: document double-adding and reference conditions
>   * queueing: ensure strictly ordered loads and stores
>   * cookie: returned keypair might disappear if rcu lock not held
>   * noise: free peer references on failure
>   * peer: ensure destruction doesn't race
>
>   Various fixes, as well as lots of code comment documentation, for a
>   small variety of the less obvious aspects of object lifecycles,
>   focused on correctness.
>
>   * allowedips: free root inside of RCU callback
>   * allowedips: use different macro names so as to avoid confusion
>
>   These incorporate two suggestions from LKML.
>
> This snapshot contains commits from: Jason A. Donenfeld and Jann Horn.

Taken from upstream commit : 68e2ebe64a0f27eb25c0e56ef1125ce1318e2279

6 years agoBump kernel up to 4.4.145 and fix usb.ids hash
RISCi_ATOM [Wed, 1 Aug 2018 19:39:41 +0000 (15:39 -0400)]
Bump kernel up to 4.4.145 and fix usb.ids hash

6 years agoRevert kernel (vanilla) commit b699d0035836f6712917a41e7ae58d84359b8ff9 : see vanilla...
RISCi_ATOM [Wed, 25 Jul 2018 19:26:20 +0000 (15:26 -0400)]
Revert kernel (vanilla) commit b699d0035836f6712917a41e7ae58d84359b8ff9 : see vanilla kernel commit f4eb17e1efe538d4da7d574bedb00a8dafcc26b7

6 years agoUpdate odhcpd to fix verbose logging bug v1.4.4
RISCi_ATOM [Sun, 1 Jul 2018 03:51:10 +0000 (23:51 -0400)]
Update odhcpd to fix verbose logging bug

6 years agoUpdate OpenVPN, ustream-ssl, add wolfssl and remove cyassl
RISCi_ATOM [Fri, 29 Jun 2018 18:49:08 +0000 (14:49 -0400)]
Update OpenVPN, ustream-ssl, add wolfssl and remove cyassl

6 years agoUpdate rpcd
RISCi_ATOM [Thu, 28 Jun 2018 21:03:41 +0000 (17:03 -0400)]
Update rpcd

6 years agoBump kernel to 4.4.138
RISCi_ATOM [Thu, 28 Jun 2018 20:04:31 +0000 (16:04 -0400)]
Bump kernel to 4.4.138

6 years agoUpdate tor and add tinc to core
RISCi_ATOM [Thu, 28 Jun 2018 18:06:04 +0000 (14:06 -0400)]
Update tor and add tinc to core

6 years agoBump wireguard version to 20180625
RISCi_ATOM [Thu, 28 Jun 2018 17:10:39 +0000 (13:10 -0400)]
Bump wireguard version to 20180625