Permalink
Commits on Oct 15, 2018
  1. dnsmasq: fix compile issue

    dedeckeh committed Oct 15, 2018
    Fix compile issue in case HAVE_BROKEN_RTC is enabled
    
    Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
  2. ramips: refresh mt7621 kernel config

    nbd168 committed Oct 15, 2018
    Signed-off-by: Felix Fietkau <nbd@nbd.name>
  3. kernel: add CONFIG_CC_OPTIMIZE_FOR_* to the default config

    nbd168 committed Oct 15, 2018
    Avoid repeating them in the target config, they are overwritten by
    top-level menuconfig anyway
    
    Signed-off-by: Felix Fietkau <nbd@nbd.name>
  4. wolfssl: update to version 3.15.3-stable

    dangowrt committed Oct 1, 2018
    Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Commits on Oct 14, 2018
  1. mt76: move mt76x2e firmware to kmod-mt76x2-common and use it for mt76x2u

    nbd168 committed Oct 14, 2018
    USB and PCIe devices can run the same firmware
    
    Signed-off-by: Felix Fietkau <nbd@nbd.name>
  2. tools: patch: Fix build by not modifing Makefile.am

    hauke committed Oct 14, 2018
    A new test case was adding in one of the patches fixing a problem, this
    also included a change in the test/Makefile.am to add this test case.
    The build system detected a change in the Makefile.am and wants to
    regenerate the Makefile.in, but this fails because automake-1.15 is not
    installed yet. As automake depends on patch being build first, make sure
    we do not modify the Makefile.am.
    
    This fixes build problem seen by the build bots.
    
    Fixes: 4797ddd ("patch: apply upstream cve fixes")
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
  3. tools: patch: make patch build depend on automake

    hauke committed Oct 14, 2018
    The Makefile.am changed and now patch wants to use automake to
    regenerate the Makefile.in. Make sure automake was build before we build
    patch.
    
    This fixes build problem seen by the build bots.
    Fixes: 4797ddd ("patch: apply upstream cve fixes")
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
  4. patch: apply upstream cve fixes

    Russell Senior Kevin Darbyshire-Bryant
    Russell Senior authored and Kevin Darbyshire-Bryant committed Oct 14, 2018
    Apply two upstream patches to address two CVEs:
    
     * CVE-2018-1000156
     * CVE-2018-6952
    
    Add PKG_CPE_ID to Makefile.
    
    Build tested on apm821xx and ar71xx.
    
    Signed-off-by: Russell Senior <russell@personaltelco.net>
  5. hostapd: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise)

    hauke committed Oct 9, 2018
    This adds support for the WPA3-Enterprise mode authentication.
    
    The settings for the WPA3-Enterpriese mode are defined in
    WPA3_Specification_v1.0.pdf. This mode also requires ieee80211w and
    guarantees at least 192 bit of security.
    
    This does not increase the ipkg size by a significant size.
    
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
  6. hostapd: Activate Opportunistic Wireless Encryption (OWE)

    hauke committed Oct 4, 2018
    OWE is defined in RFC 8110 and provides encryption and forward security
    for open networks.
    
    This is based on the requirements in the Wifi alliance document
    Opportunistic_Wireless_Encryption_Specification_v1.0_0.pdf
    The wifi alliance requires ieee80211w for the OWE mode.
    This also makes it possible to configure the OWE transission mode which
    allows it operate an open and an OWE BSSID in parallel and the client
    should only show one network.
    
    This increases the ipkg size by 5.800 Bytes.
    Old: 402.541 Bytes
    New: 408.341 Bytes
    
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
  7. hostapd: Activate Simultaneous Authentication of Equals (SAE)

    hauke committed Oct 3, 2018
    This build the full openssl and wolfssl versions with SAE support which
    is the main part of WPA3 PSK.
    
    This needs elliptic curve cryptography which is only provided by these
    two external cryptographic libraries and not by the internal
    implementation.
    
    The WPA3_Specification_v1.0.pdf file says that in SAE only mode
    Protected Management Frames (PMF) is required, in mixed mode with
    WPA2-PSK PMF should be required for clients using SAE, and optional for
    clients using WPA2-PSK. The defaults are set now accordingly.
    
    This increases the ipkg size by 8.515 Bytes.
    Old: 394.026 Bytes
    New: 402.541 Bytes
    
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
  8. hostapd: SAE: Do not ignore option sae_require_mfp

    hauke committed Oct 10, 2018
    This patch was send for integration into the hostapd project.
    
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
  9. hostapd: backport build fix when OWE is activated

    hauke committed Oct 3, 2018
    This backports a compile fix form the hostapd project.
    
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
  10. hostapd: sync config with default configuration

    hauke committed Oct 2, 2018
    This replaces the configuration files with the versions from the hostapd
    project and the adaptions done by OpenWrt.
    
    The resulting binaries should be the same.
    
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
  11. netifd: update to latest git HEAD

    hauke committed Oct 14, 2018
    22476ff wireless: Add Simultaneous Authentication of Equals (SAE)
    c6c3a0d wireless: Add Opportunistic Wireless Encryption (OWE)
    a117e41 wireless: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise)
    
    Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Commits on Oct 12, 2018
  1. uqmi: fix variable initilization for timeout handling

    feckert authored and xback committed Oct 11, 2018
    Also add logging output for SIM initilization.
    
    Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Commits on Oct 11, 2018
  1. mac80211: fix A-MSDU packet handling with TCP retransmission

    nbd168 committed Oct 11, 2018
    Improves local TCP throughput and fixes use-after-free bugs that could lead
    to crashes.
    
    Signed-off-by: Felix Fietkau <nbd@nbd.name>
  2. bcm53xx: add pending pinctrl driver

    Rafał Miłecki
    Rafał Miłecki committed Oct 11, 2018
    It's required to support devices using adjustable SoC pins for some
    specific purpose (e.g. I2C, PWM, UART1).
    
    Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
  3. ath10k-ct: Update to 29-09-2018

    robimarko authored and xback committed Oct 9, 2018
    Update ath10k-ct to be able to drop 210-ath10k-fix-recent-bandwidth-conversion-bug.patch
    as its upstream.
    
    b9989fbd5d6e ath10k-ct: Add upstream patch to fix peer rate reporting.
    ac9224344dbf ath10k-ct: Support sending custom frames with no-ack flag.
    bc938bc2021e ath10k-ct: Support sending pkts with specific rate on 10.4 firmware.
    
    Runtime tested on:
    - GL-iNet GL-B1300
    - Mikrotik RB912 + QCA9882
    
    Signed-off-by: Robert Marko <robimarko@gmail.com>
    [Added list of all changes from previous version + add own test device]
    Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
  4. uqmi: update PKG_RELEASE version

    feckert authored and xback committed Oct 9, 2018
    update PKG_RELEASE
    
    Signed-off-by: Florian Eckert <fe@dev.tdt.de>
  5. uqmi: stop proto handler if verify pin count is not 3

    feckert authored and xback committed Apr 12, 2018
    Check pin count value from pin status and stop verification the pin if
    the value is less then 3. This should prevent the proto-handler to
    lock the SIM. If SIM is locked then the PUK is needed.
    
    Signed-off-by: Florian Eckert <fe@dev.tdt.de>
  6. uqmi: evaluate pin-status output in qmi_setup function

    feckert authored and xback committed Apr 10, 2018
    Load the json output from uqmi --get-pin-status command and evaluate the
    "pin1_status" value.
    
    The following uqmi "pin1_status" values are evaluated:
    
    - disabled
      Do not verify PIN because SIM verification is disabled on this SIM
    
    - blocked
      Stop qmi_setup because SIM is locked and a PUK is required
    
    - not_verified
      SIM is not yet verified. Do a uqmi --verify-pin1 command if a SIM is
      specified
    
    - verified:
      Do not verify the PIN because this was already done before
    
    Signed-off-by: Florian Eckert <fe@dev.tdt.de>
  7. uqmi: do not block proto handler if SIM is uninitialized

    feckert authored and xback committed Apr 10, 2018
    QMI proto setup-handler will wait forever if SIM does not get initialized.
    To fix this stop polling pin status and notify netifd. Netifd will generate
    then a "ifup-failed" ACTION.
    
    Signed-off-by: Florian Eckert <fe@dev.tdt.de>
  8. uqmi: do not block proto handler if modem is unable to registrate

    feckert authored and xback committed Apr 12, 2018
    QMI proto setup-handler will wait forever if it is unable to registrate to
    the mobile network. To fix this stop polling network registration status
    and notify netifd. Netifd will generate then a "ifup-failed" ACTION.
    
    Signed-off-by: Florian Eckert <fe@dev.tdt.de>
  9. uqmi: add timeout option value

    feckert authored and xback committed Apr 12, 2018
    This value will be used for now during following situations:
    * Ask the sim with the uqmi --get-pin-status command.
    * Wait for network registration with the uqmi --get-serving-system command.
    
    This two commands wait forever in a while loop. Add a timeout to stop
    waiting and so inform netifd.
    
    Signed-off-by: Florian Eckert <fe@dev.tdt.de>
  10. uqmi: redirect uqmi commands output to /dev/null

    feckert authored and xback committed Apr 12, 2018
    Move uqmi std and error output on commands without using them to /dev/null.
    This will remove useless outputs in the syslog.
    
    Signed-off-by: Florian Eckert <fe@dev.tdt.de>
  11. uqmi: fix indenting

    feckert authored and xback committed Apr 10, 2018
    fix indenting
    
    Signed-off-by: Florian Eckert <fe@dev.tdt.de>
  12. bcm53xx: replace SPI revert with a fix sent upstream

    Rafał Miłecki
    Rafał Miłecki committed Oct 11, 2018
    Instead of reverting whole commit it's enough to just revert a single
    line change. It seems the real problem with the regressing commit was a
    bump of read chunk size. Switching back to 256 B chunks is enough to fix
    the problem/regression.
    
    Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
  13. procd: update to latest git HEAD

    blogic committed Oct 11, 2018
    94944ab procd: Add cpu string to board detection
    
    Signed-off-by: John Crispin <john@phrozen.org>
  14. package/: fix $(PROJECT_GIT) usage

    blogic committed Oct 11, 2018
    Signed-off-by: John Crispin <john@phrozen.org>
  15. procd: Install hotplug files as 600

    neheb authored and blogic committed Sep 19, 2018
    procd runs as root, so it only makes sense that its files are restricted.
    
    Signed-off-by: Rosen Penev <rosenp@gmail.com>
  16. linux-atm: Install hotplug file as 600

    neheb authored and blogic committed Sep 19, 2018
    The hotplug files is only used by procd, which runs as root.
    
    Signed-off-by: Rosen Penev <rosenp@gmail.com>
  17. comgt: Install hotplug and netifd files as 600

    neheb authored and blogic committed Sep 19, 2018
    procd and netifd both run as root. These files are not used elsewhere.
    
    Signed-off-by: Rosen Penev <rosenp@gmail.com>
  18. samba36: Install several config files as 600

    neheb authored and blogic committed Sep 19, 2018
    Hotplug is managed by procd, which runs as root. The other files are used
    by root as well.
    
    Signed-off-by: Rosen Penev <rosenp@gmail.com>
  19. soloscli: Install hotplug file as 600

    neheb authored and blogic committed Sep 19, 2018
    Hotplug is managed by procd, which runs as root.
    
    Signed-off-by: Rosen Penev <rosenp@gmail.com>