librecmc/librecmc.git
3 years agowireguard: version bump to 0.0.20171017 v1.4.1
Jason A. Donenfeld [Tue, 17 Oct 2017 17:34:20 +0000 (19:34 +0200)]
wireguard: version bump to 0.0.20171017

This is a simple version bump. Changes:

  * noise: handshake constants can be read-only after init
  * noise: no need to take the RCU lock if we're not dereferencing
  * send: improve dead packet control flow
  * receive: improve control flow
  * socket: eliminate dead code
  * device: our use of queues means this check is worthless
  * device: no need to take lock for integer comparison
  * blake2s: modernize API and have faster _final
  * compat: support READ_ONCE
  * compat: just make ro_after_init read_mostly

  Assorted cleanups to the module, including nice things like marking our
  precomputations as const.

  * Makefile: even prettier output
  * Makefile: do not clean before cloc
  * selftest: better test index for rate limiter
  * netns: disable accept_dad for all interfaces

  Fixes in our testing and build infrastructure. Now works on the 4.14 rc
  series.

  * qemu: add build-only target
  * qemu: work on ubuntu toolchain
  * qemu: add more debugging options to main makefile
  * qemu: simplify shutdown
  * qemu: open /dev/console if we're started early
  * qemu: phase out bitbanging
  * qemu: always create directory before untarring
  * qemu: newer packages
  * qemu: put hvc directive into configuration

  This is the beginning of working out a cross building test suite, so we do
  several tricks to be less platform independent.

  * tools: encoding: be more paranoid
  * tools: retry resolution except when fatal
  * tools: don't insist on having a private key
  * tools: add pass example to wg-quick man page
  * tools: style
  * tools: newline after warning
  * tools: account for padding being in zero attribute

  Several important tools fixes, one of which suppresses a needless warning.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
(cherry picked from commit f6c4a9c045797d9be12310eebc6341050fd260ce)

3 years agowireguard: add wireguard to base packages
Jason A. Donenfeld [Fri, 13 Oct 2017 15:05:18 +0000 (17:05 +0200)]
wireguard: add wireguard to base packages

Move wireguard from openwrt/packages to base a package.

This follows the pattern of kmod-cake and openvpn. Cake is a fast-moving
experimental kernel module that many find essential and useful. The
other is a VPN client. Both are inside of core. When you combine the two
characteristics, you get WireGuard. Generally speaking, because of the
extremely lightweight nature and "stateless" configuration of WireGuard,
many view it as a core and essential utility, initiated at boot time
and immediately configured by netifd, much like the use of things like
GRE tunnels.

WireGuard has a backwards and forwards compatible Netlink API, which
means the userspace tools should work with both newer and older kernels
as things change. There should be no versioning requirements, therefore,
between kernel bumps and userspace package bumps.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 699c6fcc314225f79156a26db418e15bbc6bf10f)

3 years agohostapd: add wpa_disable_eapol_key_retries option
Stijn Tintel [Tue, 17 Oct 2017 13:35:03 +0000 (16:35 +0300)]
hostapd: add wpa_disable_eapol_key_retries option

Commit b6c3931ad6554357a108127797c8d7097a93f18f introduced an AP-side
workaround for key reinstallation attacks. This option can be used to
mitigate KRACK on the station side, in case those stations cannot be
updated. Since many devices are out there will not receive an update
anytime soon (if at all), it makes sense to include this workaround.

Unfortunately this can cause interoperability issues and reduced
robustness of key negotiation, so disable the workaround by default, and
add an option to allow the user to enable it if he deems necessary.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit c5f97c9372da3229350184fb263c97d9ea8944c5)

3 years agohostapd: backport extra changes related to KRACK
Stijn Tintel [Tue, 17 Oct 2017 14:54:59 +0000 (17:54 +0300)]
hostapd: backport extra changes related to KRACK

While these changes are not included in the advisory, upstream
encourages users to merge them.
See http://lists.infradead.org/pipermail/hostap/2017-October/037989.html

Added 013-Add-hostapd-options-wpa_group_update_count-and-wpa_p.patch so
that 016-Optional-AP-side-workaround-for-key-reinstallation-a.patch
applies without having to rework it.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
3 years agomac80211: backport kernel fix for CVE-2017-13080 v1.4.1a-final
Stijn Tintel [Mon, 16 Oct 2017 22:49:58 +0000 (01:49 +0300)]
mac80211: backport kernel fix for CVE-2017-13080

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 2f701194c29da50bfda968a83c6609843f74a7f4)

3 years agoFixes:
RISCi_ATOM [Mon, 16 Oct 2017 13:47:20 +0000 (09:47 -0400)]
Fixes:
- CERT case ID: VU#228519
- CVE-2017-13077
- CVE-2017-13078
- CVE-2017-13079
- CVE-2017-13080
- CVE-2017-13081
- CVE-2017-13082
- CVE-2017-13086
- CVE-2017-13087
- CVE-2017-13088

For more information see:
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt

Pulled from upstream

3 years agoramips: restore support for the GnuBee Personal Cloud One v1.4.1-final
L. D. Pinney [Sat, 7 Oct 2017 11:06:10 +0000 (19:06 +0800)]
ramips: restore support for the GnuBee Personal Cloud One

Restore support for the GnuBee Personal Cloud One.

Signed-off-by: L. D. Pinney <ldpinney@gmail.com>
3 years agoFix repository default link origin/v1.4.1
NYNEX [Thu, 5 Oct 2017 18:43:04 +0000 (14:43 -0400)]
Fix repository default link

3 years agoFix TPE-R1100 bug
RISCi_ATOM [Thu, 5 Oct 2017 17:31:51 +0000 (13:31 -0400)]
Fix TPE-R1100 bug

3 years agoAdd updated curl patches and ap121f reference board
RISCi_ATOM [Thu, 5 Oct 2017 14:18:53 +0000 (10:18 -0400)]
Add updated curl patches and ap121f reference board

3 years agoFresh pull from upstream lede-17.01 branch to fix several outstanding
RISCi_ATOM [Thu, 5 Oct 2017 14:12:49 +0000 (10:12 -0400)]
Fresh pull from upstream lede-17.01 branch to fix several outstanding
bugs. Some support may have regressed as a result.

3 years agoBump dnsmasq version to v2.78 to fix several CVEs Fixes CVE-2017-14491, CVE-2017...
RISCi_ATOM [Mon, 2 Oct 2017 17:22:32 +0000 (13:22 -0400)]
Bump dnsmasq version to v2.78 to fix several CVEs Fixes CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, 2017-CVE-14495, 2017-CVE-14496

3 years agoUpdate luci
NYNEX [Sat, 30 Sep 2017 13:00:42 +0000 (09:00 -0400)]
Update luci

3 years agoBump OpenVPN version to 2.4.4 (pulled from upstream)
RISCi_ATOM [Fri, 29 Sep 2017 19:47:05 +0000 (15:47 -0400)]
Bump OpenVPN version to 2.4.4 (pulled from upstream)

3 years agoMerge remote-tracking branch 'personal/v1.4.1' into v1.4.1
RISCi_ATOM [Wed, 27 Sep 2017 15:59:09 +0000 (11:59 -0400)]
Merge remote-tracking branch 'personal/v1.4.1' into v1.4.1

3 years agorefresh ramips patches from upstream for new kernel 15/head
RISCi_ATOM [Thu, 14 Sep 2017 02:21:24 +0000 (22:21 -0400)]
refresh ramips patches from upstream for new kernel

3 years agoBump version to v1.4.1
RISCi_ATOM [Wed, 13 Sep 2017 21:59:23 +0000 (17:59 -0400)]
Bump version to v1.4.1

3 years agoAdd updtream support for GL USB150 (needs a lot of work). Might revert back to ver...
RISCi_ATOM [Wed, 13 Sep 2017 21:58:42 +0000 (17:58 -0400)]
Add updtream support for GL USB150 (needs a lot of work). Might revert back to ver. in libreCMC master

3 years agoupdate opkg
RISCi_ATOM [Wed, 13 Sep 2017 17:10:04 +0000 (13:10 -0400)]
update opkg

3 years agov1.4.1 refesh based upon upstrea 17.01 branch
RISCi_ATOM [Wed, 13 Sep 2017 08:33:52 +0000 (04:33 -0400)]
v1.4.1 refesh based upon upstrea 17.01 branch

3 years agoMerge branch 'master' of RISCI_ATOM/libreCMC into master
libreCMC [Sat, 19 Aug 2017 05:20:34 +0000 (01:20 -0400)]
Merge branch 'master' of RISCI_ATOM/libreCMC into master

3 years agoUpdate toolchain/gdb to 7.12.1 13/head
RISCi_ATOM [Sat, 19 Aug 2017 05:18:25 +0000 (01:18 -0400)]
Update toolchain/gdb to 7.12.1

3 years agoMerge branch 'master' of ldpinney/GnuBee-libreCMC into master
libreCMC [Sat, 19 Aug 2017 04:58:53 +0000 (00:58 -0400)]
Merge branch 'master' of ldpinney/GnuBee-libreCMC into master

3 years agoautomake: Perl-5.22-and-later.patch 12/head
L. D. Pinney [Fri, 18 Aug 2017 02:31:52 +0000 (10:31 +0800)]
automake: Perl-5.22-and-later.patch

Import patch from upstream to fix build issues with Perl 5.22 and later.

Signed-off-by: L. D. Pinney <ldpinney@gmail.com>
3 years agoMerge branch 'master' of ldpinney/GnuBee-libreCMC into master
RISCI_ATOM [Tue, 8 Aug 2017 11:41:32 +0000 (07:41 -0400)]
Merge branch 'master' of ldpinney/GnuBee-libreCMC into master

3 years agoMerge branch 'master' of RISCI_ATOM/libreCMC into master
RISCI_ATOM [Tue, 8 Aug 2017 00:25:36 +0000 (20:25 -0400)]
Merge branch 'master' of RISCI_ATOM/libreCMC into master

3 years agoAdd basic support for the GL-USB150 microuter 10/head
RISCi_ATOM [Tue, 8 Aug 2017 00:22:37 +0000 (20:22 -0400)]
Add basic support for the GL-USB150 microuter

3 years agoramips: Update GB-PC1 device tree source file 11/head
L. D. Pinney [Mon, 7 Aug 2017 03:34:10 +0000 (11:34 +0800)]
ramips: Update GB-PC1 device tree source file

Signed-off-by: L. D. Pinney <ldpinney@gmail.com>
3 years agoMerge branch 'master' of ldpinney/GnuBee-libreCMC into master
libreCMC [Mon, 31 Jul 2017 23:13:23 +0000 (19:13 -0400)]
Merge branch 'master' of ldpinney/GnuBee-libreCMC into master

3 years agoramips: GnuBee Personal Cloud One updates. 9/head
L. D. Pinney [Sat, 22 Jul 2017 08:04:12 +0000 (16:04 +0800)]
ramips: GnuBee Personal Cloud One updates.

    The GnuBee Personal Cloud One crowdfunded on https://www.crowdsupply.com
    It is a low-cost, low-power, network-attached storage device.

    Specifications:
    - SoC: MediaTek MT7621AT
    - RAM: DDR3 512 MB
    - Flash: 32 MB
    - Six SATA ports for 2.5" Drives
    - One USB 3.0
    - Two USB 2.0
    - One micro SDcard
    - Gigabit Ethernet: 1 x WAN and 1 x LAN
    - UART 3.5mm Audio Jack or 3 pins on PCB - 57600 8N1
    - Four GPIOs available on a pin header

    Flash instructions:
    The GnuBee Personal Cloud One ships with libreCMC installed.
    One can upgrade using the webinterface or sysupgrade.

    Das U-Boot has multiple options for recovery or updates including :
    - USB
    - http
    - tftp

Signed-off-by: L. D. Pinney
3 years agoRemove http mirrors and --no-check-certificate / --insecure flags from scripts/downlo...
RISCi_ATOM [Sat, 15 Jul 2017 15:09:05 +0000 (11:09 -0400)]
Remove http mirrors and --no-check-certificate / --insecure flags from scripts/download.pl

3 years agoAdd libreCMC keyring
RISCi_ATOM [Wed, 5 Jul 2017 16:50:03 +0000 (12:50 -0400)]
Add libreCMC keyring

3 years agoChange repository links to reflect different versions of libreCMC {,core,legacy}
RISCi_ATOM [Fri, 30 Jun 2017 21:22:17 +0000 (17:22 -0400)]
Change repository links to reflect different versions of libreCMC {,core,legacy}

3 years agoBump OpenSSL to 1.0.2l
RISCi_ATOM [Tue, 27 Jun 2017 02:19:59 +0000 (22:19 -0400)]
Bump OpenSSL to 1.0.2l

3 years agoBump'ed openvpn to 2.4.3 to fix various sec. issues
RISCi_ATOM [Wed, 21 Jun 2017 17:46:47 +0000 (13:46 -0400)]
Bump'ed openvpn to 2.4.3 to fix various sec. issues

3 years agoFix u-boot in tools/mkimage
RISCi_ATOM [Mon, 29 May 2017 18:34:06 +0000 (14:34 -0400)]
Fix u-boot in tools/mkimage

3 years agoEnable wifi by default w/ default password
RISCi_ATOM [Mon, 29 May 2017 07:38:46 +0000 (03:38 -0400)]
Enable wifi by default w/ default password

3 years agoChange libreCMC status from RC* to release
RISCi_ATOM [Mon, 29 May 2017 07:29:39 +0000 (03:29 -0400)]
Change libreCMC status from RC* to release

3 years agoRemove upstrem references for pulling sources from download.pl
RISCi_ATOM [Wed, 24 May 2017 16:32:55 +0000 (12:32 -0400)]
Remove upstrem references for pulling sources from download.pl

3 years agoFix Ben Nanonote support
RISCi_ATOM [Wed, 24 May 2017 16:26:59 +0000 (12:26 -0400)]
Fix Ben Nanonote support

3 years agosamba: fix CVE-2017-7494 (Pulled from upstream)
RISCi_ATOM [Wed, 24 May 2017 14:45:32 +0000 (10:45 -0400)]
samba: fix CVE-2017-7494 (Pulled from upstream)

3 years agoUpdate OpenVPN from upstream
RISCi_ATOM [Sat, 20 May 2017 22:11:05 +0000 (18:11 -0400)]
Update OpenVPN from upstream

3 years agoAdd v1.4 package feed v1.4-stage
RISCi_ATOM [Fri, 12 May 2017 19:49:07 +0000 (15:49 -0400)]
Add v1.4 package feed

3 years agoRemove FTP mirrors from libreCMC core (Makefiles and download.pl)
RISCi_ATOM [Wed, 26 Apr 2017 11:17:39 +0000 (07:17 -0400)]
Remove FTP mirrors from libreCMC core (Makefiles and download.pl)

4 years agoFix branding on imagebuilder in target/imagebuilder/Config.in
RISCi_ATOM [Fri, 14 Apr 2017 19:51:43 +0000 (15:51 -0400)]
Fix branding on imagebuilder in target/imagebuilder/Config.in

4 years agoAdd support for the GnuBee Personal Cloud One from master
RISCi_ATOM [Fri, 14 Apr 2017 16:23:13 +0000 (12:23 -0400)]
Add support for the GnuBee Personal Cloud One from master

4 years agoRemove kmod-r8169 from x86 target default selection
RISCi_ATOM [Thu, 13 Apr 2017 18:17:40 +0000 (14:17 -0400)]
Remove kmod-r8169 from x86 target default selection

4 years agoChange version to reflect RC1 status v1.4-core-RC1
RISCi_ATOM [Wed, 29 Mar 2017 15:57:26 +0000 (11:57 -0400)]
Change version to reflect RC1 status

4 years agoAdd partial support for tpe-r1100
RISCi_ATOM [Wed, 29 Mar 2017 15:11:45 +0000 (11:11 -0400)]
Add partial support for tpe-r1100

4 years agoRemoved targets with dependencies on ath10k (support was was stripped before committi...
RISCi_ATOM [Tue, 28 Mar 2017 08:38:34 +0000 (04:38 -0400)]
Removed targets with dependencies on ath10k (support was was stripped before committing upstream pull)

4 years agoUpdate commit commit hash in scripts/getver.sh
RISCi_ATOM [Thu, 23 Mar 2017 22:07:42 +0000 (18:07 -0400)]
Update commit commit hash in scripts/getver.sh

4 years agoFresh pull from upstream 17.01 branch
RISCi_ATOM [Thu, 23 Mar 2017 22:03:15 +0000 (18:03 -0400)]
Fresh pull from upstream 17.01 branch

4 years agoupdate .gitignore
RISCi_ATOM [Thu, 23 Mar 2017 22:02:30 +0000 (18:02 -0400)]
update .gitignore

4 years agoRevert "Second attempt at pull from upstream package/{luci,system,utils}"
RISCi_ATOM [Thu, 23 Mar 2017 17:47:12 +0000 (13:47 -0400)]
Revert "Second attempt at pull from upstream package/{luci,system,utils}"

This reverts commit 7872e94f9e17b314d88efa980d7c86632187633a.

4 years agoSecond attempt at pull from upstream package/{luci,system,utils}
RISCi_ATOM [Thu, 23 Mar 2017 17:10:04 +0000 (13:10 -0400)]
Second attempt at pull from upstream package/{luci,system,utils}

4 years agoRevert "Pull package/{luci,system,network} from upstream"
RISCi_ATOM [Thu, 23 Mar 2017 17:00:46 +0000 (13:00 -0400)]
Revert "Pull package/{luci,system,network} from upstream"

This reverts commit e836e894693e13d83e3078feab6787e194a260fa.

4 years agoPull package/{luci,system,network} from upstream
RISCi_ATOM [Thu, 23 Mar 2017 16:09:30 +0000 (12:09 -0400)]
Pull package/{luci,system,network} from upstream

4 years agoFix branding in base-files/image-config.in
RISCi_ATOM [Thu, 23 Mar 2017 16:01:02 +0000 (12:01 -0400)]
Fix branding in base-files/image-config.in

4 years agoadd libreCMC src repository to scripts/download.pl
RISCi_ATOM [Mon, 13 Mar 2017 05:10:50 +0000 (01:10 -0400)]
add libreCMC src repository to scripts/download.pl

4 years agochanged kernel sha256 hash. Upstream broke kernel
RISCi_ATOM [Mon, 13 Mar 2017 05:06:48 +0000 (01:06 -0400)]
changed kernel sha256 hash. Upstream broke kernel

4 years agoResolve issue #2 https://gogs.librecmc.org/libreCMC/libreCMC/issues/2
RISCi_ATOM [Sun, 26 Feb 2017 05:45:25 +0000 (00:45 -0500)]
Resolve issue #2 https://gogs.librecmc.org/libreCMC/libreCMC/issues/2

4 years agoMerge branch 'v1.4-stage' of ldpinney/GnuBee-libreCMC into v1.4-stage
RISCI_ATOM [Sun, 26 Feb 2017 02:49:41 +0000 (21:49 -0500)]
Merge branch 'v1.4-stage' of ldpinney/GnuBee-libreCMC into v1.4-stage

4 years agoMerge remote-tracking branch 'upstream/v1.4-stage' into v1.4-stage 3/head
L. D. Pinney [Sat, 25 Feb 2017 04:01:44 +0000 (22:01 -0600)]
Merge remote-tracking branch 'upstream/v1.4-stage' into v1.4-stage

4 years agoRemoved u-boot omap and fixed luci-ssl collection
RISCi_ATOM [Mon, 20 Feb 2017 04:31:04 +0000 (23:31 -0500)]
Removed u-boot omap and fixed luci-ssl collection

4 years agoAdd support for the GnuBee Personal Cloud One
L. D. Pinney [Tue, 7 Feb 2017 11:30:34 +0000 (05:30 -0600)]
Add support for the GnuBee Personal Cloud One

4 years agoRevert "Add support for the GnuBee Personal Cloud One"
L. D. Pinney [Tue, 7 Feb 2017 11:25:12 +0000 (05:25 -0600)]
Revert "Add support for the GnuBee Personal Cloud One"

This reverts commit c6b3499a021c04e9ed7be3cf88e87a016903d66d.

4 years agoAdd support for the GnuBee Personal Cloud One
black [Tue, 7 Feb 2017 11:06:28 +0000 (05:06 -0600)]
Add support for the GnuBee Personal Cloud One

4 years agoadded support for omap (BeagleBone Black)
RISCi_ATOM [Mon, 16 Jan 2017 11:57:19 +0000 (06:57 -0500)]
added support for omap (BeagleBone Black)

4 years agoFixed 3.18.43 kernel hash; uboot-xburst name, removed x86 nic dep. ; fixed up missing...
RISCi_ATOM [Sat, 14 Jan 2017 14:54:46 +0000 (09:54 -0500)]
Fixed 3.18.43 kernel hash; uboot-xburst name, removed x86 nic dep. ; fixed up missing rt2800-soc deps.

4 years agoFix git commit hash in scripts/getver.sh
RISCi_ATOM [Fri, 13 Jan 2017 11:54:44 +0000 (06:54 -0500)]
Fix git commit hash in scripts/getver.sh

4 years agoFresh pull from upstream
RISCi_ATOM [Fri, 13 Jan 2017 10:17:15 +0000 (05:17 -0500)]
Fresh pull from upstream

4 years agoFixed x86 GRUB config label
RISCi_ATOM [Wed, 11 Jan 2017 16:57:13 +0000 (11:57 -0500)]
Fixed x86 GRUB config label

4 years agoAdded libreCMC package feed.
RISCi_ATOM [Sat, 17 Dec 2016 22:42:23 +0000 (17:42 -0500)]
Added libreCMC package feed.

4 years agoAdd luci to packages/ instead of using a feed
RISCi_ATOM [Sat, 17 Dec 2016 16:46:59 +0000 (11:46 -0500)]
Add luci to packages/ instead of using a feed

4 years agosp
RISCi_ATOM [Sat, 17 Dec 2016 05:19:15 +0000 (00:19 -0500)]
sp

4 years agoFixed string in uboot-ar71xx/Makefile
RISCi_ATOM [Sat, 17 Dec 2016 05:05:00 +0000 (00:05 -0500)]
Fixed string in uboot-ar71xx/Makefile

4 years agoFixed missing \ from package/boot/uboot-ar71xx/Makefile
RISCi_ATOM [Sat, 17 Dec 2016 04:25:50 +0000 (23:25 -0500)]
Fixed missing \ from package/boot/uboot-ar71xx/Makefile

4 years agoTemp. scripts/getver.sh fix (update git SHA1)
RISCi_ATOM [Sat, 17 Dec 2016 04:20:56 +0000 (23:20 -0500)]
Temp. scripts/getver.sh fix (update git SHA1)

4 years agoFirst git repo commit for the libreCMC project
RISCi_ATOM [Sat, 17 Dec 2016 04:14:08 +0000 (23:14 -0500)]
First git repo commit for the libreCMC project