Signed-off-by: John Crispin <blogic@openwrt.org>
Backport of r47203
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47227 3c298f89-4303-0410-b956-a3cf2f4a3e73
This fixes CVE-2015-5291 and some other smaller security issues.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47202 3c298f89-4303-0410-b956-a3cf2f4a3e73
Backport from trunk to CC15.05 the --size option to optionally show also
the *.ipk size in the opkg package listing.
* Default behaviour is to list the available packages as earlier:
"name - version - description"
* with "--size" the output of is "name - version - size - description".
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47196 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r47187
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47188 3c298f89-4303-0410-b956-a3cf2f4a3e73
The two commits
5162e3b0ee7bd1d0fd6e75e1ca7993a1834b5291
"allow request handlers to disable chunked reponses"
and
618493e378e2239f0d30902e47adfa134e649fdc
"file: disable chunked encoding for file responses"
broke the chunked transfer encoding handling for proc responses in keep-alive
connections that followed a file response with http status 204 or 304.
The effect of this bug is that cgi responses following a 204 or 304 one where
sent neither in chunked encoding nor with a content-length header, causing
browsers to stall until the keep alive timeout was reached.
Fix the logic flaw by inverting the chunk prevention flag in the client state
and by testing the chunked encoding preconditions every time instead of
once upon client (re-)initialization.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r47161
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47162 3c298f89-4303-0410-b956-a3cf2f4a3e73
One second is not enough for some devices to ackowledge null data frame
which is sent at the end of ap_max_inactivity interval. In particular,
this causes severe Wi-Fi instability with Apple iPhone which may take
up to 3 seconds to respond.
Signed-off-by: Dmitry Ivanov <dima@ubnt.com>
Backport of r47149
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47150 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r47142
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47144 3c298f89-4303-0410-b956-a3cf2f4a3e73
Provides ubus calls for sysupgrade and password changing.
Signed-off-by: John Crispin <blogic@openwrt.org>
Backport of r47075
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47085 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r46738
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47084 3c298f89-4303-0410-b956-a3cf2f4a3e73
jffs2reset was following symlinks making it delete mounts for example.
Signed-off-by: John Crispin <blogic@openwrt.org>
Backport of r46960
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47083 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: John Crispin <blogic@openwrt.org>
Backport of r46935
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47082 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: John Crispin <blogic@openwrt.org>
Backport of r46470
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47071 3c298f89-4303-0410-b956-a3cf2f4a3e73
When using FullMAC drivers (e.g. brcmfmac) we don't get mgmt frames so
check for banned client in probe request handler won't ever be used.
Since cfg80211 provides us info about STA associating let's put a check
there.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Backport of r47064
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47065 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r47055
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47060 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r47053
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47054 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r47042
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47044 3c298f89-4303-0410-b956-a3cf2f4a3e73
Even though there are not many users left within the OpenWrt tree it seems
this function broke during the kernel 3.18 transition.
Fix it by providing a workdir as required by overlayfs.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
Backport of r47015
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47016 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: John Crispin <blogic@openwrt.org>
Backport of r46962
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46996 3c298f89-4303-0410-b956-a3cf2f4a3e73
Our ruleset requires kernel support for conntrack state matching, therfore
depend on the require kmod. Fixes#20542.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r46990
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46991 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r46900
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46901 3c298f89-4303-0410-b956-a3cf2f4a3e73
Split the opkg.conf into three files, to make it easier to support custom
feeds and configs:
* /etc/opkg.conf -> base opkg configuration
* /etc/opkg/distfeeds.conf -> default Openwrt package feeds
* /etc/opkg/customfeeds.conf -> custom package feeds
Of these three, only the base opkg.conf and the customfeeds.conf is marked
as to be kept, so that the distfeeds.conf from the image is always used.
To ease migration, a script is added that moves any feeds from /etc/opkg.conf
to /etc/opkg/customfeeds.conf on first boot.
Also ensure that any keys used for verification are also kept in upgrade.
Backport of r46491.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46848 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r46807
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46808 3c298f89-4303-0410-b956-a3cf2f4a3e73
backport of r46737
Add CONFIG_IEEE80211W variable to DRIVER_MAKEOPTS so that 802.11w
support is properly compiled in full variant.
This fixes#20179
Signed-off-by: Janusz Dziemidowicz <rraptorr@nails.eu.org>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46751 3c298f89-4303-0410-b956-a3cf2f4a3e73
backport of r46749
Without this patch adding the wifi device to the bridge may fail
because the bridge is not already configured when the wifi device gets
configured. This patch makes broadcom-wl wait till the bridge is ready.
This fixes#17262
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46750 3c298f89-4303-0410-b956-a3cf2f4a3e73
This also adds one patchset of pending changes that fix support for
multiple interfaces. It was somehow broken.
Driver couldn't correctly match firmware and system interfaces resulting
in not working APs and WARNINGs.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46736 3c298f89-4303-0410-b956-a3cf2f4a3e73
This prepares some place for backporting extra patches.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46735 3c298f89-4303-0410-b956-a3cf2f4a3e73
The ipw2x00 drivers assume that the system they are running is little
endian, and access everything in native byte order. When run on a big
endian system, everything breaks apart.
Since fixing this is non trivial on a first glance, disable them for
big endian targets.
Backport of r46708.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46710 3c298f89-4303-0410-b956-a3cf2f4a3e73
The u-boot boot counter was never reset after a successful boot,
which sometimes could make some variables become out of sync.
This patch adds support for the boot counter and enables
auto_recovery unconditionally.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46691 3c298f89-4303-0410-b956-a3cf2f4a3e73
backport of r46688
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46689 3c298f89-4303-0410-b956-a3cf2f4a3e73
Backport of r46612.
fix generating syscall-names.h
Sometimes the syscall number is not defined with a number but with an
offset to an other syscall and then make_syscall_h.sh created some
broken header file.
For example the bit/syscall.h from musl for i386 has this:
#define __NR_timer_create 259
#define __NR_timer_settime (__NR_timer_create+1)
With this patch the resulting array looks like this:
[259] = "timer_create",
[(__NR_timer_create+1)] = "timer_settime",
This closes#20195.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46679 3c298f89-4303-0410-b956-a3cf2f4a3e73
fixes 2 bugs
* typo
* use %04d rather than %d when printing the position
Signed-off-by: John Crispin <blogic@openwrt.org>
Backport of r46666
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46675 3c298f89-4303-0410-b956-a3cf2f4a3e73
It was missed in the r46471.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Backport of r46582
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46583 3c298f89-4303-0410-b956-a3cf2f4a3e73
this is required by the new button timeout feature
Signed-off-by: John Crispin <blogic@openwrt.org>
Backport of r46471
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46581 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
In 15.05-rc2 we got support for "set-interval" and "clear-interval"
which got dropped with the update of procd done in r46257. This new
"button" action provides similar functionality so it makes sense to
backport it to 15.05.
Backport of r46578
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46579 3c298f89-4303-0410-b956-a3cf2f4a3e73
The name of the module was wrong before.
This should fix#20283.
backport of r46574.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46577 3c298f89-4303-0410-b956-a3cf2f4a3e73
found with strace, not sure we got all of them though
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Backport of r46467
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46511 3c298f89-4303-0410-b956-a3cf2f4a3e73
We need a+x rights on the path to the root of the jails
so we can use users other than root (like nobody)
This partly fixes jailed dnsmasq
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Backport of r46466
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46510 3c298f89-4303-0410-b956-a3cf2f4a3e73
