Commit Graph

4608 Commits

Author SHA1 Message Date
David Bauer
65e5aeed2c modules: bump OpenWrt packages
a2673dc53 fastd: fix buffer leak when receiving invalid packets
51bf00834 logrotate: update to version 3.17.0
8715cef64 logrotate: update to 3.16.0
acb77d5be python3: Update to 3.7.9, refresh/remove backported patches
4af889f20 travelmate: bugfix single radio mode
cb3bab180 netdata: update to version 1.26.0
70bb0b4c8 bind: update to version 9.16.7
d05698fae freeradius3: move "release_" from PKG_VERSION
93360e625 freeradius3: add meta-package for default modules
2f7338b62 python-urllib3: update to version 1.25.10 (security fix)
50a67ed74 nextdns: Update to version 1.8.6
b48575ef4 chrony: update to 3.5.1
35e6986a0 nextdns: mark /etc/config/nextdns as configuration file
418e3b294 simple-adblock: config update file fix
9ac587ca8 libuv: update to 1.40.0
613d21085 nano: update to 5.3
992746571 btrfs-progs: update to version 5.7
cedba1ca2 btrfs-progs: update to version 5.6
25b2751f8 python-pytz: update to 2019.03
f3b424139 adblock: refresh blocklist sources
ec628b10d syslog-ng: bump version in config file
d0a74afad syslog-ng: tweak shell code of network_localhost little bit
f705a5a93 python-sentry-sdk: Update to version 0.12.3
2976a5a0e haproxy: Update HAProxy to v2.0.18
eec7bd646 tor: update to version 0.4.4.5
91af4cf72 mariadb: Update to the latest version from 10.2 branch
9461ae47a Werkzeug: Update to version 0.16.0
f9d9ae8c8 Flask: update to version 1.1.2
4a833e3a8 Flask: Update to version 1.1.1
a4534f160 gstreamer1: enable build options necessary for most applications
8a71cdd6a python-ifaddr: update to version 0.1.7
05ea7dfc6 nextdns: Update to version 1.8.5
9069ad925 ipmitool: fix CVE-2020-5208
826fc8921 nextdns: Update to version 1.8.4
ac7f78285 openconnect: updated to 8.10 to address CVE-2020-12823
3f0e26637 python-zeroconf: update to version 0.28.0
fe7ceaa65 python-zeroconf: update to version 0.24.4
49459505e mwan3: fix typo in mwan3_set_sticky_iptables
cae961784 ocserv: include ocserv-worker
2af61c9a4 vpnbypass: README update, code cleanup
b00feac4b ocserv: updated to 1.1.1
c614914da miniupnpd: add miniupnpd ipv6_disable option, #11971 close
70e57317b simple-adblock: add config auto-update feature
94866d76a collectd: update to 5.12.0
b60fa2de9 collectd: update PKG_RELEASE
aeefbbe34 collectd: remove quotation on interval this is an number
b0ad32a3e collectd: move include line
fbe7abcd5 collectd: update PKG_RELEASE
f53b79ced collectd: fix ubi data source type
67a403bfe collectd: add ubi uci and plugin info
37335cf65 collectd: enable ubi plugin
2020-10-19 22:51:56 +02:00
David Bauer
88ec9cbedf
mt76: mt7603: add additional EEPROM chip ID (#2133)
Some newer MT7628 based routers (notably the TP-Link Archer C50 v4) are
shipped with a chip-id of 0x7600 in the on-flash EEPROM. Add this as a
possible valid ID.

This fixes unstable WiFi on some units of the TP-Link Archer C50 v4.
2020-10-17 13:58:45 +02:00
David Bauer
b6096523c9
Merge pull request #2131 from blocktrron/refresh-patches
build: improve refreshing patches
2020-10-16 17:14:00 +02:00
David Bauer
84b0a381dc scripts: display commit title when updating patches 2020-10-11 01:59:55 +02:00
David Bauer
7c0408d96d build: add refresh-patches step 2020-10-11 01:40:45 +02:00
Matthias Schiffer
463c1f49c8
fastd: update to v20 2020-10-10 19:14:12 +02:00
Martin Weinelt
bdadb77a3c
Merge pull request #2076 from T-X/bridge-mcast-wakeupcall
kernel: bridge: Implement MLD Querier wake-up calls / Android bug workaround
2020-10-08 23:57:20 +02:00
Linus Lüssing
b2add48d2a kernel: bridge: Implement MLD Querier wake-up calls / Android bug workaround
Implement a configurable MLD Querier wake-up calls "feature" which
works around a widely spread Android bug in connection with IGMP/MLD
snooping.

Currently there are mobile devices (e.g. Android) which are not able
to receive and respond to MLD Queries reliably because the Wifi driver
filters a lot of ICMPv6 when the device is asleep - including
MLD. This in turn breaks IPv6 communication when MLD Snooping is
enabled. However there is one ICMPv6 type which is allowed to pass and
which can be used to wake up the mobile device: ICMPv6 Echo Requests.

If this bridge is the selected MLD Querier then setting
"multicast_wakeupcall" to a number n greater than 0 will send n
ICMPv6 Echo Requests to each host behind this port to wake
them up with each MLD Query. Upon receiving a matching ICMPv6 Echo
Reply an MLD Query with a unicast ethernet destination will be sent
to the specific host(s).

Link: https://issuetracker.google.com/issues/149630944
Link: https://github.com/freifunk-gluon/gluon/issues/1832

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2020-10-08 20:06:24 +02:00
David Bauer
e5b89b5511
ipq40xx-generic: add support for AVM FRITZBox 7530 (#2125) 2020-10-06 23:37:41 +02:00
David Bauer
177ff68ccf
ar71xx-generic: only create manifest alias for Rocket M5 (#2127)
* ar71xx-generic: only create manifest alias for Rocket M5

This follow up the discussion done in #2070 by not  creating a symlink
for the Rocket M5. Images for the Rocket M2 can still be flashed on a
Rocket M5.

This change will prevent the Rocket M5 from appearing in Firmware
selectors. Existing devices will still receive updates, as the device
name is still referenced for the device name expected by the M5.

Closes #2070

* docs: remove Rocket M5 from supported devices
2020-10-06 19:16:56 +02:00
Steffen Förster
9d83d2396f
docs: Add Netgear EX3700 and EX3800 (#2126)
Fixes #2113
2020-10-06 15:35:43 +02:00
Steffen Förster
954f31a761 ramips-mt7620: add support for Netgear EX3700/EX3800
Specifications:
* SoC: MT7620A
* RAM: 64 MB DDR
* Flash: 8MB NOR SPI flash
* WiFi: MT7612E (5Ghz) and builtin MT7620A (2.4GHz)
* LAN: 1x100M

The -factory images can be flashed from the device's web
interface or via nmrpflash.

Both devices differ by a additional power outlet for the EX3800.
This patch has been tested on a EX3800 device.
2020-10-06 00:04:22 +02:00
David Bauer
73640292e5
modules: bump packages feed (#2121)
03425a0d2 zmq: fix compilation when libbsd is present
8bb1d13a9 pigeonhole: update to 0.5.11
86da3bbeb zmq: update to version 4.3.3 (security fix)
e72b47469 zmq: fix the installed files
48339ba10 zmq: fix pkgconfig file
ef30f8bf8 zmq: update to 4.3.2
a7d129fc2 zmq: switch to building with CMake
a4cbd04df libxml2: patch security issues
207660987 net/u2pnpd: convert init to procd
2d410422c freeradius3: fix hostname invocation in radtest
066ac0392 freeradius3: enable radtest utility
338fa663c samba4: update to 4.11.12
399e1a0bf youtube-dl: update to version 2020.9.6
7825df65f msmtp: update to version 1.8.12
eb8130508 dovecot: disable zstd
538647a26 syslog-ng: update to version 3.29.1
473ca554f php7: update to 7.2.33
62171036b nextdns: Update to version 1.8.3
953de3ca8 gnutls: update to version 3.6.15 (security fix)
d515d9c35 dovecot: update to version 2.3.11.3 (security fix)
a2634c264 nextdns: Update to version 1.8.2
1cf41a88c python-rsa: downgrade to version 4.5 for python2
54847cc7c unbound: improve odhcpd rapid update robustness
d17720f04 htop: update to 3.0.1-1
d953d80bf htop: update to 3.0.0-1
af4cd94a2 htop: fix compilation with GCC10
7af8eaad1 python-rsa: update to version 4.6 (security fix)
8b0457c55 knot: update to version 2.9.6
f2edf8c53 git: update to version 2.26.2 (security fix)
99d0878d0 python,python3: Use locked for host pip
791e0bc76 nano: update to 5.2
3c6b45ab3 clamav: update to version 0.102.4 (security fix)
0202fdc27 clamav: update to version 0.102.3 (security fix)
c5c0e2e33 clamav: update to 0.102.2
9700cea70 bind: New upstream version 9.16.6
256a631d9 bind: update to 9.16.4
ac79fde24 simple-adblock: bugfix: update config; use command -v
4e1bfa748 nspr: update to version 4.27
120ff2c63 nspr: nspr add -flto to compile
847ed6e0f nspr: fix compilation with newer musl
2f58b610d nspr: update to 4.25
fab10b8df nss: update to version 3.55 (security fix)
7c3b05d33 nss: update to 3.53
46d315d31 nss: fix build for mips64 disable arm32_neon on unsupported target
638b1642e nss: revert -flto change it seems that it can lead to segfault in libfreebl3.so
be95fcb78 nss: add -flto and makefile cleanup
f0e6ceff3 nss: update to 3.52
e5d732722 nss: update to 3.51.1
e713f74b7 nss: update to 3.51
d2efcd926 nss: update to 3.50
6a3d05272 nss: update to 3.49.2
5e371c2d5 libffi: fix build failure on powerpc platforms
0413252f3 libffi: update to 3.3
70faa62f3 libffi: do not build in a special directory
9ec9bea25 net/mosquitto: Update to 1.6.12
2f7867074 python3: fix rebasing error
769d51fa9 python: fix host compilation with clang
37857a3f2 python3: fix host compilation with clang
b28c614d3 lvm2: fix CE in mac
2020-09-18 13:50:25 +02:00
David Bauer
0b1ee0cf69
github: remove GitHub actions cache (#2120)
The performance benefit the cache brought was due to a broken sources
CDN mirror handling in OpenWrt.

The cache brings no measurable performance benefit. Disable it to slim
down the pipeline steps.
2020-09-18 13:50:02 +02:00
Andreas Ziegler
ab2f82ca73
clean up old cleanup code lines (#2119)
* gluon-core: remove obsolete file 100-core-reset-sysctl

* gluon-core: remove obsolete cleanup line

* gluon-client-bridge: remove obsolete cleanup line
2020-09-17 18:19:59 +02:00
David Bauer
5b068d7c47
treewide: rename local_client zone (#2115)
This renames the local_client zone to loc_client, as local_clint exceeds
the maximum zone length allowed for firewall3, which is 11 bytes.

This worked previously due to firewall3 using unsafe string operations.
Now creation of the chain fails (latest OpenWrt master).
2020-09-13 05:24:33 +02:00
David Bauer
21d1870ac5 modules: update OpenWrt
29b4104d69 OpenWrt v19.07.4: revert to branch defaults
d5810aa613 OpenWrt v19.07.4: adjust config defaults
ce6496d796 ath10k-ct-firmware: update firmware images
b72077150d ath10k-ct-firmware: update firmware images
ddc2af4505 ath10k-firmware: move CT firmwares to new package
a43a39f531 ath10k-firmware: update ath10k-ct firmware images
4b8a5bdc83 ath10k-firmware: update ath10k-ct firmware
e4b47e12cb ath10k-firmware: update Candela Tech firmware images
7ac454014a ramips: ethernet: fix to interrupt handling
f5afa593e7 hostapd: Fix compile errors after wolfssl update
403039c562 wolfssl: Update to version 4.5.0
dc61110adc wolfssl: use -fomit-frame-pointer to fix asm error
ad38a2ae61 wolfssl: update to 4.4.0-stable
0d35fcbff0 mbedtls: update to 2.16.8
2020-09-10 16:55:51 +02:00
Andreas Ziegler
f139cbf0b1
docs, README: Gluon v2020.2.1 2020-09-03 00:33:37 +02:00
Andreas Ziegler
1ac36fcff7 docs: add v2020.2.1 release notes 2020-09-03 00:31:52 +02:00
Andreas Ziegler
6f511a9442
docs: add v2020.1.4 release notes 2020-09-01 02:48:02 +02:00
David Bauer
b5c88e4134 modules: update OpenWrt
2d7ea69dd3 mac80211: Fix potential endless loop
5a1e4a7fdb oxnas: reduce size of ATA DMA descriptor space
19b8696dd7 mbedtls: update to 2.16.7
a2a75c21bd kernel: Update kernel 4.14 to version 4.14.195
8b0278a17e ath79: add support for TP-Link TL-WR710N v2.1
33973a90dc tools/tplink-safeloader: use soft_ver 1.9.1 for archer c6 v2
fce5101469 tplink-safeloader: update soft_ver for TP-Link Archer C6 v2 (EU)
350883bb90 Revert "scripts/download: add sources CDN as first mirror"
d8ecaef409 generic: platform/mikrotik: fix incorrect test
008db6b970 ath79: enable gpio on ar933x by default
3df63fba70 ath79: fix syntax error in ar7240_tplink_tl-wa.dtsi
be09fdbf36 ath79: ar724x: make sure builtin-switch is enabled in DT
5d3e5d6ccc ath79: WNR612v2: improve device support
fba9a88821 ath79: add LAN LEDs control bits for AR724x GPIO function pinmux
2020-08-31 22:42:37 +02:00
Andreas Ziegler
37a40cbca2
Merge pull request #2111 from freifunk-gluon/features-fix
Fix two feature handling bugs
2020-08-30 17:20:51 +02:00
T-X
9215d28972
ar71xx-generic: Add support for GL-iNet Microuter (GL-USB150) (#2112)
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2020-08-30 00:48:37 +02:00
Linus Lüssing
90b4863b2c modules: update OpenWrt routing
This adds an important bugfix for BATMAN V users
("batman-adv: Fix own OGM check in aggregated OGMs").

b77498bd56 Merge pull request #603 from ecsv/batadv-for-19.07
6dea537c07 batman-adv: Merge bugfixes from 2020.3
0e5c75f536 Merge pull request #601 from bluewavenet/openwrt-19.07
ad8f02a4aa opennds: Backport v5.2.0
017d89d569 batctl: Enable build of mcast_flags subcommand

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2020-08-29 21:34:27 +02:00
T-X
d73c6b2bcf
gluon-ebtables-filter-multicast: allow respondd queries (#2103)
This allows running a respondd querier and map server behind a Gluon
node.

For instance at Freifunk Lübeck we now moved the map server
behind a Gluon VM and removed batman-adv and fastd from the
map server VM to reduce the maintenance work.

Increased multicast overhead should be minimal / non existent, as it is
unlikely to accidentally have respondd queriers running behind a Gluon
node.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2020-08-29 09:52:55 +02:00
Andreas Ziegler
53a6720af2
docs: fixes for v2020.2 release notes (#2108) 2020-08-29 00:14:31 +02:00
Matthias Schiffer
a9c2db939a features: handle all feature files in a single pass of feature_lib.get_packages()
All defined features need to be known at the same time, otherwise handling
a feed-provided feature definition file would add gluon-web-advanced etc.
to the package list when the corresponding feature flags appear in
GLUON_FEATURES.

Fixes: ee5ec5afe5 ("build: rewrite features.sh in Lua")
2020-08-28 22:27:38 +02:00
Matthias Schiffer
13b743d51e features: fix handling of logical expressions
The rewrite of the feature handling introduced multiple major bugs. One
of them was caused by the way Lua's logical operators work:

An expression of the form

    _'autoupdater' and _'web-advanced'

would return 'web-advanced' rather than the boolean true when _ returned
both strings unchanged (because the features are enabled).

As entries with more than a single feature name in their expressions did
not set no_default, Gluon would then attempt to add gluon-web-advanced to
the package selection, as web-advanced is a "pure" feature.

To fix this, and get rid of the annoying nodefault, separate handling of
"pure" feature and handling of logical expressions into two separate
functions, called feature() and when(). To simplify the feature
definitions, the package list is now passed directly to these functions
rather than in a table with a single field 'packages'.

Fixes: ee5ec5afe5 ("build: rewrite features.sh in Lua")
2020-08-28 22:27:38 +02:00
Matthias Schiffer
097efa9d2d
scripts: feature_lib.lua: improve error handling for invalid feature files
Print a proper error message, rather than just

    openwrt/staging_dir/hostpkg/bin/lua: scripts/feature_lib.lua:48: bad
    argument #1 to 'setfenv' (integer expected, got nil)
2020-08-28 20:41:54 +02:00
Martin Weinelt
b1294472c6
Merge pull request #2065 from freifunk-gluon/early-reconfigure
Domain switch during reboot/gluon-reload
2020-08-22 19:50:55 +02:00
Martin Weinelt
e9462b5b82
Merge pull request #2101 from 2tata/tata_200-wireless
gluon-core: 200-wireless simplify if conditions
2020-08-22 19:42:45 +02:00
Jan-Tarek Butt
94f5bd23b9 gluon-core: 200-wireless simplify if conditions
Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>
2020-08-19 17:16:22 +02:00
David Bauer
04b87dc1ca
Merge pull request #2100 from freifunk-gluon/lint-action
actions: add linter actions for lua and shell script
2020-08-16 15:08:32 +02:00
Martin Weinelt
7ca9d331e4
editorconfig: indent yaml with two spaces 2020-08-16 13:23:58 +02:00
Martin Weinelt
fabc9c1c0f
actions: add linter actions for lua and shell script 2020-08-16 13:23:58 +02:00
Martin Weinelt
78f4d0a348
Merge pull request #2099 from mweinelt/sae-wolfssl
gluon-mesh-wireless-sae: switch to wpa-supplicant-mesh-wolfssl
2020-08-16 01:50:58 +02:00
Martin Weinelt
e9e22f60e7
Merge pull request #2042 from blocktrron/wpa3-wolfssl
gluon-wireless-encryption-wpa3: switch to hostapd-wolfssl
2020-08-16 01:50:44 +02:00
Martin Weinelt
882595cc21
gluon-mesh-wireless-sae: switch to wpa-supplicant-mesh-wolfssl 2020-08-16 01:14:22 +02:00
Andreas Ziegler
a9e9d4050f
Merge pull request #2096 from freifunk-gluon/cpe210-versions
New CPE210/... v3 versions strings
2020-08-15 23:04:55 +02:00
Matthias Schiffer
ea2b811a37
build: check for unsynced feeds before build (#2092)
Forgetting to `make update` or leaving uncommitted changes in the
repositories managed by Gluon is a recurring cause of confusion, even
for experienced developers. Let's print an obvious warning message in
this case.
2020-08-15 22:39:17 +02:00
Martin Weinelt
71046d4a9b
Merge pull request #2071 from freifunk-gluon/gluon-branch
Replace GLUON_BRANCH with GLUON_AUTOUPDATER_BRANCH and GLUON_AUTOUPDATER_ENABLED
2020-08-15 16:41:53 +02:00
Matthias Schiffer
b12acc5b03
docs: update autoupdater documentation 2020-08-15 16:37:45 +02:00
Matthias Schiffer
e6d3d1584c
build: deprecate GLUON_BRANCH Make variable
GLUON_AUTOUPDATER_BRANCH and GLUON_AUTOUPDATER_ENABLED should be set
separately now.
2020-08-15 16:36:27 +02:00
Matthias Schiffer
d82ffb4f81
gluon-autoupdater: make site.conf branch setting optional
Default to the alphabetically smallest branch if none is set in
site.conf.

Also prevent enabling the autoupdater when no branches exist.
2020-08-15 16:36:27 +02:00
Matthias Schiffer
ee53357580
gluon-autoupdater: split CONFIG_GLUON_BRANCH into two separate options
The new options are CONFIG_GLUON_AUTOUPDATER_BRANCH and
CONFIG_GLUON_AUTOUPDATER_ENABLED and allow to control the default branch
and default enable status separately.

The `or ''` fallback in targets/generic is removed, as GLUON_ENV will
set all variables in GLUON_VARS, making previously non-existing
variables exist with an empty value.
2020-08-15 16:36:27 +02:00
Matthias Schiffer
26f02a4eb3
gluon-site: print better error message for domain code conflicts (#2098)
We already have a proper message when the creation of an alias fails
because of a name conflict. Also add a message when the primary filename
of a domain config is already occupied by another domain's alias.

Also add an 'Error:' prefix to the existing message to easier to see.
2020-08-15 16:11:49 +02:00
Matthias Schiffer
49e8d95bb4
ar71xx-generic: add manifest_aliases for new CPE210 v3 minor revisions 2020-08-15 15:40:18 +02:00
Matthias Schiffer
bcc8eb5232
ar71xx-generic: move CPE/WBS 210/220/510/520 minor versions to manifest_aliases
Only include the major version in the base image name or aliases.
2020-08-15 15:25:23 +02:00
Matthias Schiffer
bd0133ad37
scripts/target_lib.lua: print a meaningful error message for missing site_code (#2094)
site_code is evaluated early during config generation, so a site.conf
without site_code would hit this assertion that just printed 'Assertion
failed'. Add a proper error message to tell users what went wrong.

The inner assert() is removed, as it should never be hit (as site.conf
syntax will have already been validated when this script runs), and it
doesn't add anything (even without the assert, the attempt to index a
nil value would throw an error).
2020-08-15 13:59:54 +02:00
Matthias Schiffer
b66dcd0477
Merge pull request #2093 from freifunk-gluon/master-bump
modules: bump OpenWrt and packages
2020-08-15 10:50:47 +02:00