Utmp support tracks who is currenlty logged in by logging info to the file /var/run/utmp (supported by busybox)
Putuline support will use the utmp structure to write to the utmp file
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
A dropbear instance having an interface config won't start if the interface is down as no
IP address is available.
Adding interface triggers for each configured interface executing the dropbear reload script
will start the dropbear instance when the interface is up.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
While technically required by the RFC, they are usually completely
unused (DSA), or have security issues (3DES, CBC)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
This enables passworldless login for root via SSH whenever no root
password is set (e.g. after reset, flashing without keeping config
or in failsafe) and removes telnet support alltogether.
Signed-off-by: Steven Barth <steven@midlink.org>
This change also reflect relocation of upstream project which has been
moved to OpenWrt GitHub organization.
Signed-off-by: Hrvoje Varga <hrvoje.varga@sartura.hr>
This change also reflect relocation of upstream project which has been
moved to OpenWrt GitHub organization.
Signed-off-by: Hrvoje Varga <hrvoje.varga@sartura.hr>
Without this patch curl does not detect the new cyassl/wolfssl version
and would be build without ssl support instead when cyassl was selected.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@48900 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r46903
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@48878 3c298f89-4303-0410-b956-a3cf2f4a3e73
This fixes the following security problem:
CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use
http://curl.haxx.se/docs/adv_20160127B.html
backport of r48614.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@48872 3c298f89-4303-0410-b956-a3cf2f4a3e73
Better synchronize RA & DHCPv6 events
Accumulate some events to avoid flooding
Restart softwires for address and prefix changes
Signed-off-by: Steven Barth <steven@midlink.org>
Backport of r46518
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@48839 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Steven Barth <steven@midlink.org>
Backport of r46408
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@48837 3c298f89-4303-0410-b956-a3cf2f4a3e73
This is a patch for CVE-2015-5252, CVE-2015-5296 and CVE-2015-5299. A
patchset for these vulnerabilities was published on 16th December 2015.
Signed-off-by: Jan Čermák <jan.cermak@nic.cz>
Backport of r48133
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@48134 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r47419
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47499 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r47292
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47495 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: John Crispin <blogic@openwrt.org>
Backport of r47240
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47241 3c298f89-4303-0410-b956-a3cf2f4a3e73
adds URL alias support
Signed-off-by: John Crispin <blogic@openwrt.org>
BAckport of r47206
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47231 3c298f89-4303-0410-b956-a3cf2f4a3e73
The two commits
5162e3b0ee7bd1d0fd6e75e1ca7993a1834b5291
"allow request handlers to disable chunked reponses"
and
618493e378e2239f0d30902e47adfa134e649fdc
"file: disable chunked encoding for file responses"
broke the chunked transfer encoding handling for proc responses in keep-alive
connections that followed a file response with http status 204 or 304.
The effect of this bug is that cgi responses following a 204 or 304 one where
sent neither in chunked encoding nor with a content-length header, causing
browsers to stall until the keep alive timeout was reached.
Fix the logic flaw by inverting the chunk prevention flag in the client state
and by testing the chunked encoding preconditions every time instead of
once upon client (re-)initialization.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r47161
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47162 3c298f89-4303-0410-b956-a3cf2f4a3e73
One second is not enough for some devices to ackowledge null data frame
which is sent at the end of ap_max_inactivity interval. In particular,
this causes severe Wi-Fi instability with Apple iPhone which may take
up to 3 seconds to respond.
Signed-off-by: Dmitry Ivanov <dima@ubnt.com>
Backport of r47149
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47150 3c298f89-4303-0410-b956-a3cf2f4a3e73
When using FullMAC drivers (e.g. brcmfmac) we don't get mgmt frames so
check for banned client in probe request handler won't ever be used.
Since cfg80211 provides us info about STA associating let's put a check
there.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Backport of r47064
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47065 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r47055
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47060 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r47053
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@47054 3c298f89-4303-0410-b956-a3cf2f4a3e73
Our ruleset requires kernel support for conntrack state matching, therfore
depend on the require kmod. Fixes#20542.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Backport of r46990
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46991 3c298f89-4303-0410-b956-a3cf2f4a3e73
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Backport of r46807
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46808 3c298f89-4303-0410-b956-a3cf2f4a3e73
backport of r46737
Add CONFIG_IEEE80211W variable to DRIVER_MAKEOPTS so that 802.11w
support is properly compiled in full variant.
This fixes#20179
Signed-off-by: Janusz Dziemidowicz <rraptorr@nails.eu.org>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46751 3c298f89-4303-0410-b956-a3cf2f4a3e73
backport of r46688
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46689 3c298f89-4303-0410-b956-a3cf2f4a3e73
this is required by the new button timeout feature
Signed-off-by: John Crispin <blogic@openwrt.org>
Backport of r46471
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46581 3c298f89-4303-0410-b956-a3cf2f4a3e73
found with strace, not sure we got all of them though
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Backport of r46467
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46511 3c298f89-4303-0410-b956-a3cf2f4a3e73
