Compare commits

...

62 Commits

Author SHA1 Message Date
Matthias Schiffer
b7ab3d2067
Merge pull request from GHSA-xqhj-fmc7-f8mv
ecdsautils: verify: fix signature verification (CVE-2022-24884)
2022-05-05 18:02:38 +02:00
Matthias Schiffer
3085e02e89
ecdsautils: verify: fix signature verification (CVE-2022-24884)
A vulnerability was found in ecdsautils which allows forgery of ECDSA
signatures. An adversary exploiting this vulnerability can create an update
manifest accepted by the autoupdater, which can be used to distribute
malicious firmware updates by spoofing a Gluon node's connection to the
update server.
2022-05-03 18:00:32 +02:00
Andreas Ziegler
28e43ce40a
docs, README: Gluon v2020.1.4 2020-08-31 01:19:32 +02:00
Andreas Ziegler
1d5b6f0404
docs: add v2020.1.4 release notes 2020-08-31 01:19:26 +02:00
Linus Lüssing
86831203ca modules: update OpenWrt routing
This adds an important bugfix for BATMAN V users
("batman-adv: Fix own OGM check in aggregated OGMs").

b77498bd56 Merge pull request #603 from ecsv/batadv-for-19.07
6dea537c07 batman-adv: Merge bugfixes from 2020.3
0e5c75f536 Merge pull request #601 from bluewavenet/openwrt-19.07
ad8f02a4aa opennds: Backport v5.2.0
017d89d569 batctl: Enable build of mcast_flags subcommand

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2020-08-29 22:33:02 +02:00
Matthias Schiffer
9bd5ae5455 ar71xx-generic: add manifest_aliases for new CPE210 v3 minor revisions 2020-08-16 17:05:27 +02:00
Matthias Schiffer
08717766a6 ar71xx-generic: move CPE/WBS 210/220/510/520 minor versions to manifest_aliases
Only include the major version in the base image name or aliases.
2020-08-16 17:05:24 +02:00
Martin Weinelt
d984f2785e
Merge pull request #2097 from freifunk-gluon/v2020.1.x-bump
[2020.1.x] modules: bump OpenWrt and packages
2020-08-15 20:11:31 +02:00
Andreas Ziegler
bcf6777655 modules: update OpenWrt
5af8da3787 ramips: fix Xiaomi MiWiFi Mini switch definition
e754e0a143 busybox: delete redundant patch
72878e3244 mac80211: Fix build on mpc85xx target
cdd9f19819 x86: Add CONFIG_EFI_CUSTOM_SSDT_OVERLAYS
b3b7665e62 ar71xx: fix ZyXEL NBG6616 wifi switch
4af7873412 tools/cmake: fix typo in parallel make patch
d6b158b869 mac80211: Update to 4.19.137-1
148d59c67e kernel: update kernel 4.14 to version 4.14.193
7db09853a8 scripts: Add Buildbot dump-target-info.pl script
e52f7cfc1d uboot-envtools: ar71xx: add ZyXEL NBG6616 uboot env support
8ad674e90b ar71xx: change u-boot-env to read-write for ZyXEL NBG6616
dedf089bb7 hostapd: add wpad-basic-wolfssl variant
2788db3d38 hostapd: reorganize config selection hierarchy for WPA3
d40ce8b32d ramips: correct WizFi630S pin mappings
d1985a1be6 ramips: enable flashing WizFi630S via OEM firmware
4212b6a01e ramips: remove doublet entry in WizFi630S dts file
a81c459d99 ramips: disable unused phy ports of WizFi630S
9d2dea8302 mvebu: fix LAN/WAN port assignment on ClearFog Base/Pro
de1693e56f ar71xx: restore support for boot console with arbitrary baud rates
1b3aca9142 ath79: restore support for boot console with arbitrary baud rates
f6acabcbdc ar71xx: enable ethernet LED of Arduino Yun
f17174e843 ar71xx: fix sysupgrade for Arduino Yun
f3c0eab9c7 Revert "ar71xx: fix Arduino Yun enabling of level shifters outputs"
2f756b39ed ramips: add kmod-usb-dwc2 to ZyXEL Keenetic image
06c6a3dd70 ramips: remove patches for USB-dwc2
2020-08-15 15:45:22 +02:00
Andreas Ziegler
f516ced49d modules: update OpenWrt packages
59d39c09d openvswitch: backport patch to fix build against kernel 4.14.193
03e8f0e0c adblock: refresh blocklist sources
bef08d8f7 rtl_433: update to 20.02
c34df4543 nano: update to 5.1
4a2d5aed7 nano: update to 5.0
490dfa34a irqbalance: update to 1.7.0
58e39c4b2 mosquitto: update to 1.6.11
2666e3b77 Merge pull request #13092 from jefferyto/golang-1.13.15-openwrt-19.07
6970bc743 golang: Update to 1.13.15
f91521f75 nlbwmon: add hotplug script to reload after interface ifup
b6185d402 nlbwmon: add conffiles
e6cad65f0 Merge pull request #13054 from micmac1/apa2446-19.07
92aff96a2 Merge pull request #13056 from odmdas/odmdas-freeradius3-Makefile-19.07
3fb559e8b freeradius3: add missing conffiles to Makefile
f5a57e42c apache: security bump to 2.4.46
61f3bd507 apache/apr/apr-util: remove maintainer
234fe24e4 apache: revisit suEXEC setup
d5096a76f apache: create log directory o=
30e81c3db Merge pull request #13046 from EricLuehrsen/unbound_20200806_1907
47288133f unbound: update to 1.11.0
d00237135 unbound: improve startup and dhcp script robustness
f73ed87a1 unbound: add dns assistants on local host
d4be5de1c tor-hs: add new package
c856721aa libzdb: fix headers path
650da029b libs: libzdb: bump to version 3.2.1
43db5293c libzdb: update to 3.2
7c5fe897f v4l-utils: bring back getsubopt patch
e9a4d689f libv4l: update to 1.20.0
59f45c6cc libv4l: update to 1.16.8
01ae3c69b libv4l: fix compilation under kernel 4.14
896359e4c libv4l: fix compilation with newer musl
e0deb2c5f libv4l: Update to 1.16.6. Fix missing includes patch
d9e221d6c libv4l: Add missing INTL dependency
cd2de9dc5 net/pagekitec: Update to v0.91.200718
2020-08-15 15:45:15 +02:00
Martin Weinelt
655da5ffdd
modules: update routing
4c05fe9 batman-adv: Merge bugfixes from 2020.2
822b55f batctl: Merge bugfixes from 2020.2
3f85711 nodogsplash: update to 4.0.3

(cherry picked from commit 23c7003ed4)
2020-08-14 21:22:25 +02:00
Martin Weinelt
1f5525076b
modules: update OpenWrt packages
cd2de9dc5 net/pagekitec: Update to v0.91.200718
d7b38d736 simple-adblock: README and config update
0d8f39a36 tor: fix init scripts
a21ffc8eb tor: update init script
30f5119a4 netatalk: fix compile error in mac os
8658203e6 gerbera: fix conffiles
83e58b67d youtube-dl: update to version 2020.7.28
98480822e youtube-dl: update to version 2020.6.16.1
f384d8d78 youtube-dl: update to version 2020.6.6
65d98a79f youtube-dl: update to version 2020.5.29
010b5e6fb youtube-dl: update to version 2020.5.8
b32500958 mwan3: update version to 2.8.12
5f934c667 mwan3: unify variable check
138d02cfc mwan3: remove lock file entirely
520eeb080 mwan3: revert: also cleanup lock on mwan3 stop
294e7503b mwan3: fix race condition on mwan3 restart
e8e290e0f gerbera: enable matroska and ffmpeg
f73b1da1a libmatroska: update to 1.6.0
16d65196a libmatroska: add
18b9aeb4c libebml: update to 1.4.0
39abfa8d7 libebml: add
5bfc1c9cf mwan3: update version to 2.8.11
e02cac815 mwan3: add online and uptime to detail output
538d2fd7c mwan3: add workaround for procd change
b340df682 mwan3: also cleanup lock on mwan3 stop
b5ed0033c mwan3: fix rtmon routing table function generation
2c89e14c3 mwan3: fix IPv6 routing add handling
447d51edb mwan3: fix idx calculation
37e2f8820 mwan3: version bump
b9e346125 mwan3: cleanup duplicate ipv4 and ipv6 logic
db46d3ab0 mwan3: don't send iptable setup failures to /dev/null
383555d07 mwan3: add default rule for ipv6 in example config
dc25b38f1 mwan3: don't try to use ipv6 if not installed
ec45ff805 mwan3: be more efficient with sleep after killing trackers
d6b051b8c mwan3: don't add single ipv4 to connected list if already covered by a cidr
f834ba0fc mwan3: update version to 2.8.9
2f2044ecb mwan3: cleanup function mwan3_create_iface_route
db3c8326f mwan3: fix shellcheck warning SC2086
7d0f2cdb6 mwan3: fix shellcheck warning SC2166
c0b111fea mwan3: remove unused variable complained by shellcheck
3443eb3c7 mwan3: fix shellcheck warning SC2039
be8f287aa mwan3: move redirect error output to trash
08111b9c7 nextdns: Update to version 1.7.1
3272114cc mc: update to 4.8.25
a2b02f67d netdata: update to version 1.23.2
80a38c595 admin/netdata: Update to 1.22.1
76b143e00 netdata: update to version 1.20.0
f29fdc7c2 liblz4: fix previous patch
b40a139fb meson: allow compilation in a subdirectory
9d03a1ea5 liblz4: add patch removing distutils requirement
5f22b6c38 liblz4: convert to meson
345cb18d4 tor: update to version 0.4.2.8 (security fix)
da4a05296 mocp: disable ffmpeg
9b0e858c0 mpd: update to 0.21.25
7b269ec49 dovecot: remove incorrect PKG_BUILD_DEPENDS
14c248274 faad2: update to 2.9.2
f593c37cd xz: update to 5.2.5
97842ae44 zstd: fix compilation without host distutils
00f29de5f zstd: update to 1.4.5
1dc0c3b79 zstd: remove lto and as-needed flags
01abd5d37 zstd: convert to meson
6ae076fd1 aria2: Build with MIPS16
2cdf132b9 aria2: Update to 1.35.0
5200d6449 libvorbis: update to 1.3.7
e798f539c msmtp: update to version 1.8.11
780c45377 msmtp: update to version 1.8.10
0821c5001 squid: update to version 4.12
5658fd93f squid: fix 'localhet' typo in squid.conf
3b285bfaa quasselc: fix compilation with newer glib2
2c6155c9c gkrellmd: update to 2.3.11
fa49751a8 sumo: Update to 1.3.1
ddb0af406 python3: Backport security fixes
1a527963c golang: Update to 1.13.14
54b76dfd7 haveged: update to 1.9.13
984a32fff libvorbisidec: update to version 20180319
fb687b542 dnscrypt-proxy2: update to version 2.0.44
5ed85c038 openvswitch: bump to version 2.11.3
6a0eeda77 getdns: fix compilation without deprecated OpenSSL APIs
805c1344e getdns: properly remove libbsd support
cc0eb59f4 ntpd: update to version 4.2.8p15 (security fix)
fe32da084 python3-maxminddb: Fix build when using newer setuptools
4b0c1f871 python3: Use default _PYTHON_HOST_PLATFORM
86d2bfe02 mwan3: Fix mwan3 start not doing anything Due to a missing config load function call, mwan3 start runs ifup for an empty list of interfaces, thus not calling ifup at all.
b74d5e9c1 mwan3: update version to 2.8.7
4f394c259 mwan3: set status to unknown in rpcd if status file not found
f7749c663 mwan3: switch to procd init script
0498a2b35 mwan3: address reviewer comments on 5147dfc7
cc1bb3e8b mwan3: Use /128 for ipv6 if no other source address was found
74b6f1084 mwan3: Allow user to specify rules based on source interface
c14e74a5a mwan3: Do not mangle outgoing ipv6 pings
465baa46c mwan3: version bump to 2.8.6
19bebd3d8 mwan3: force busybox ping
ffce45e36 mwan3: don't add ipv6 link local address to routing tables
a3c399d01 mwan3: reduce calls to `ip route list'
4af28cc68 mwan3: Update Makefile
0693f0c9e mwan3: Don't use /128 address for ping source
7434c91c5 stubby: add build dependency on check package
140e2ea19 stubby: update to version 0.3.0
048a39258 getdns: update to version 1.6.0
0c03b71b8 samba4: update to 4.11.11
28b5a2b04 mc: fix mouse handling
9b3ce06b9 travis: improve build config
2461e7978 travis: Use Ubuntu 20.04 LTS - Focal Fossa
d7bec1b0f travis: Use Ubuntu (Bionic Beaver) 18.04 LTS
a80754337 travis: use mpc85xx-p2020 sdk instead of ar71xx
2a9998771 travis: Download SDK from OpenWrt instead of LEDE
b80db2c80 bind: add nslookup alternative to busybox nslookup
3c3a1f761 bind: update to version 9.16.3
177623c5f bind: update to version (security fix)
b73f479ea bind9: update to 9.16.1
d78bdbd8a python3: Update to 3.7.8, refresh/rework patches
c7495a200 syslog-ng: detect disabled IPv6 on loopback and fallback to IPv4
cd080dded miniupnpd: added libcap dependency
b418029e4 miniupnpd: update to 2.1.20200510
231e47185 miniupnpd: suppress grep and uci errors
5cb388497 miniupnpd: improve hotplug & interface handling
f49c2c71c stubby: fix handling of tls_port config option
f51ec94f8 acme: Bump release version
f7e03d127 acme: Handle ecc cert correctly
0e5b27324 acme: Handle log message correctly
4344723f8 https-dns-proxy: re-add conffiles and add description to Makefile
2c4644bf9 https-dns-proxy: bugfix: remove eDNS support
8044a7014 nextdns: Update to version 1.7.0
e1b8d033e irqbalance: fix socket directory and create it
4a129a996 treewide: add conffiles
ca6751a7d irqbalance: fix compilation for USE_GLIBC and BUILD_NLS cases
9bdd0f113 haveged: update to 1.9.12
45e78b34a Revert "ksmbd: update to 3.2.0, ksmbd-tools: update to 3.2.6"
1b1c2c598 haproxy: Update HAProxy to v2.0.15
fd3648a7b transmission: add access to web interface files to procd jail
054b87df4 transmission: add a disabled notification
8cb936731 transmission: update to 3.0
de86c989a upmpdcli: update to 0.4.6
9e108dcc7 upmpdcli: Update to 1.4.2
c82f63114 haveged: update to 1.9.11
445c3d8f8 perl: fix build failure in GCC10
456fc88c4 libtirpc: update to 1.2.6
b61848fd0 wsdd2: update to git 2020-05-06
de09918ac simple-adblock: racially-neutral names
5fcf2cb09 unbound: make option interface_auto default on
950646f6c unbound: bump PKG_RELEASE
ba19244b8 unbound: suggest matched domain option for dnsmasq link
72b0ea4b5 samba4: update to 4.11.9
d88405ba8 ksmbd: update to 3.2.0, ksmbd-tools: update to 3.2.6
1a0db6a21 softethervpn5: update to 5.01.9674
91be27471 rpcsvc-proto: update to 1.4.1
c0dce1d3a adblock: update 4.0.6
0ff5cb54e mpd: update to 0.21.24
982e7e2fa adblock: update 4.0.5-5
e2bd118b3 less: update ALTERNATIVES
53fc73b57 simple-adblock: remove obsolete dshield.org links from config
a93ea48b2 golang: Update to 1.13.12
49685b6be collectd: sqm_collect: tidy interval string handling
9a38e786f collectd: sqm_collectd: improve error handling
f89580290 collectd: Improve sqm_collectd error reporting
8dcc144b9 collectd: sqm_collectd improve interface name filter
18128f79d collectd: bump PKG_RELEASE
7ceb83acf collectd: SQM collect data from some qdiscs
9f20fbba5 collectd: add syslog json plugin
fdf5d41b5 rrdtool1: modify logarithmic scale labelling
e667100a9 knot: update to version 2.9.5
aef8cb50f knot: disable libcap-ng
550fa7c28 knot: update to version 2.9.3
1fe19e712 linuxptp: fix build failure
267b49087 sslh: use tls option instead of deprecated ssl
37f5ae61b gnutls: updated to 3.6.14
3efdcd808 mpd: enable id3tag for all builds
f0fd4c151 nextdns: Update to version 1.6.4
18efcda21 simple-adblock: bugfix: proper error reporting on failed downloads; lists update script

(cherry picked from commit 4cb7dbb926)
2020-08-14 21:22:22 +02:00
David Bauer
9003006053 modules: bump OpenWrt
86727bd158 hostapd: improve TITLE for packages
bf58bfb90e mediatek: mt7623: fix sysupgrade from vendor OpenWrt on UniElec U7623
2147c33e40 mediatek: mt7623: add explicit console= to U7623 kernel
8fbe450e40 curl: patch CVE-2020-8169
7d6e504dbe make_ext4fs: Update to version 2020-01-05
a225164bb5 make-ext4fs: update to HEAD of 2017-05-29 - eebda1
afaa978b74 firewall: backport patch for mss clamping in both directions
a2c9fc9ff0 ath79: correctly define WiFi switch for TL-WR841ND v8
7022f1eb13 bcm47xx: fix switch setup for Linksys WRT610N v2
fba22d89a9 tplink-safeloader: expand support list for TP-Link CPE210 v3
a785aed70e lantiq/xrx200: make WLAN button responsive on Fritzbox 7360 & 7362
4a9d6320af lantiq/xrx200: fix WLAN button actions for Fritzbox 3370
284cd7d18e lantiq/xrx200: make WLAN button responsive on Fritzbox 3370
2ca5a386ee vxlan: bump and change to PKG_RELEASE
e894e1b2f0 vxlan: fix udp checksum control
8c19171255 ipq40xx: fix ethernet vlan double tagging
b9a89bf7b5 build,json: fix compatibility with Python 3.5
9c0ad7f1d5 build: fix compatibility with python 3.6
78f57fbce6 build,json: fix build failure in case no data is found
270711b8ed build,json: store arch_packages in profiles.json
e3618eb2cc build: store default/device packages in JSON
3dbd74d032 imagebuilder: Remove json_info_files/ before build
8ea6be1510 kirkwood: support for button in Pogoplug V4
de75d6ecfa lantiq: dts: Move the &usb_vbus nodes out of &gpio
2d14da2c7d ar71xx: Fix mikrotik NAND compile problem
673e7944bb ar71xx: Fix mikrotik NAND compile problem
73e0ea1ea9 armvirt,x86: fix build breakage of crypto ccp module
d46650de7c nghttp2: bump to 1.41.0
9cad70044f kernel: fix nand_release() usage.
820f4654c6 wireguard: bump to 1.0.20200611
f4985a22ca kernel: Update kernel 4.14 to version 4.14.187
73fecd36bf mac80211: fix use of local variable
938839a565 scripts: JSON merge don't crash if no JSON found
3572711e3c build: refactor JSON info files to `profiles.json`
b7bac0737e build: image: fix build breakage of some images
8a0362c699 build: create JSON files containing image info
8293c8ed46 ath79: do not build TP-Link tiny images by default
670eeb7888 mediatek: fix IPv4-only corner case and commit in 99-net-ps
9c58f5d4ff bcm63xx: DGND3700v1: fix port order
ebefdf61ed ramips: increase SPI frequency for ELECOM WRC-GST devices
6b042217d7 mvebu: fix default EU regdomain for Linksys WRT AC devices
a2c556aa8f libnetfilter-queue: fix package title and description
8adbe26f6e base-files: remove urandom-seed definition
b40e6bc55f ath79: drop and consolidate redundant chosen/bootargs
153392e209 ath79: add support for TP-Link TL-WA801ND v3/v4
6520659870 uclient: update to 19.07 Git HEAD
b547542297 Revert "uclient: Update to version 2020-06-17"
0c910d8459 uclient: Update to version 2020-06-17
18cf2383b6 bcm63xx: a226m-fwb: fix linux partition offset

(cherry picked from commit bf36c5b2d3)
2020-08-05 21:18:08 +02:00
David Bauer
5ad4ebda36
modules: update OpenWrt
b515edb775 ipq40xx: essedma: Disable TCP segmentation offload for IPv6
f7f15f8033 ath79: wndr3700 series: fix wifi range & throughput
1f5cbd6be7 ca-certificates: update to version 20200601
fa72f2646a oxnas: build with 8021Q VLAN support
e752fc1ff9 ath79: add support for TP-Link TL-WR802N V1 and V2
6488d2f7cc ath79: update WA/XC devices UBNT_VERSION to 8.5.3
fb79e5d9fe ipq806x: EA8500 fix boot partition detection
e36bdd5dc5 ath79: fix LEDs for GL.inet GL-AR150
21454a772b ar71xx: fix reset key for TP-Link TL-WR802N V1/V2
a32b0ec4cf generic: fix flow table hw offload

Closes #2055

(cherry picked from commit 2be6fe32e6)
2020-08-05 21:17:58 +02:00
David Bauer
3d1decc6fe modules: bump OpenWrt packages
e76090945 unbound: expose interface-auto to UCI
0d9483608 Merge pull request #12382 from neheb/gst-p
1d9283083 gst1-plugins-bad: don't add webp support
3f922137d Merge pull request #12383 from neheb/pige
92778390b gst1-libav: update to 1.16.2
216f42ee8 gst1-plugins-ugly: update to 1.16.2
c20a65698 gst1-plugins-bad: update to 1.16.2
eeb2c01d9 gst1-plugins-good: update to 1.16.2
83df5f091 gst1-plugins-base: update to 1.16.2
eee7ce2b4 gstreamer1: update to 1.16.2
3025f6c32 pigeonhole: Update to 0.5.9
114823c7c pigeonhole: reflect license of LGPL-2.1-or-later
59ca87226 pigeonhole: update to 0.5.8
41cb01203 gst1-libav: update to 1.16.1
c187321ac gst1-plugins-ugly: update to 1.16.1
16b7bb066 gst1-plugins-bad: Make HLS crypto explicit
c83524006 gst1-plugins-bad: update to 1.16.1
a0bf86150 gst1-plugins-good: update to 1.16.1
990a21184 gst1-plugins-base: update to 1.16.1
ca4a06a25 gstreamer1: update to 1.16.1
235891593 net/mosquitto: bump to 1.6.10
620838fc9 ola: fix compilation with GCC4
142fd306e dovecot: update to version 2.3.10.1 (security fix)
c09244b01 adblock: update 4.0.5-4
45313e42f adblock: update 4.0.5-3
6e27e5196 Merge pull request #12348 from adrianschmutzler/fixmake
a9b5867e2 Merge pull request #12294 from neheb/keab
d85c355aa treewide: use relative include paths for python Makefiles
07d541c14 Merge pull request #12339 from ja-pa/transmission-fix-19.07
615d909a2 transmission: init script check syscall list for seccomp
d5062122e Merge pull request #12292 from neheb/spoof
4ceab639b Merge pull request #12269 from neheb/gerb56
9aa0d8cf7 Merge pull request #12330 from rs/nextdns-1.6.3-openwrt-19.07
6e6e5fa2a nextdns: Update to version 1.6.3
b43a7d4b1 Merge pull request #12326 from rs/nextdns-1.6.0-openwrt-19.07
474296dcb nextdns: Update to version 1.6.0
5507a02e2 Merge pull request #12313 from aleksander0m/aleksander/mm-mtu-19.07
ede1a8221 modemmanager: set interface MTU based on bearer settings
c6eea20bc giflib: remove host build
b4cf130cb libtasn1: fix host build under old GCC
5a1699aeb kea: do not build static host binaries
bb42a250b kea: Update kea to the latest stable verion (1.6.2).
1d30a273e kea: Remove openssl host dependency
f22e122e6 kea: update package to 1.6.0 Update kea to the latest stable verion (1.6.0).
6f19b894d kea: remove dependency and reduce file size Remove boost-python3 dependency and reduce file size of the compiled kea-libs
87f4d6ba2 kea: fix kea-admin dependency Fix kea-admin dependency where if procps-ng-ps wasn't available busybox would output an error casuse it does't support showing a processe's PID
1360d1f88 kea: fix and improve makefile Fix an issue where the Makefile wouldn't allow kea to show up in the menuconfig Also added some description to the packages
07538f535 kea: remove python3 dependency of kea-admin
efde7c454 kea: Fix compilation without deprecated OpenSSL APIs
09ea6f032 kea: Don't install to STAGING_DIR_HOST
fb58e3b8c spoofer: remove host build + cleanups
deccad892 spoofer: Update to 1.4.5
15257f5b6 adblock: limit domain name length
246fc735b nano: update to 4.9.3
673e76b1c Merge pull request #12275 from micmac1/mar19run
39db22ec9 mariadb: use default umask for rundir
8362f46fe gerbera: backport init and config changes from master
225eeb9a6 gerbera: add taglib support
074444794 libupnp: enable reuseaddr
51efb1723 taglib: update to 1.12-beta-1
778f14f51 taglib: fix taglib-config paths
e74a456c0 taglib: add
c8d2ed2cb adblock: release 4.0.5
a41e068db sslh: update to 1.20
23251b93a Merge pull request #12247 from jefferyto/python-setuptools-site-patch-openwrt-19.07
32fb2ba0d python-setuptools: Fix error when installing from source
6dac29693 python3-setuptools: Fix error when installing from source
49ac1e8b7 bind: update to version 9.14.12
99998e218 syslog-ng: update to version 3.27.1
64ebad3fd syslog-ng: restore service "reload" to actually working
0e80f0486 syslog-ng: including user settings after system settings
98d4126c4 qemu: ignore configure option --disable-ipv6
50148ea08 openvswitch: fix file generation in /etc/modules.d
676e6ddd6 Merge pull request #12216 from BKPepe/19.07-unbound
149a08477 Merge pull request #12231 from jefferyto/python-openssl-ca-certs-openwrt-19.07
c06212082 python-openssl: Add dependency on ca-certs
c32e08f30 python3-openssl: Add dependency on ca-certs
828ba37e0 unbound: update to version 1.10.1
2ccdae9a4 Merge pull request #12206 from micmac1/mar-1907-10413
115f7eeb0 mariadb: install config files readable for all
4f0d10835 mariadb: move mysql_upgrade to the client package
9dda3cc87 mariadb: bump to 10.2.32
5e9f5cd76 Merge pull request #12187 from jefferyto/golang-1.13.11-default-platform-options-openwrt-19.07
d3762591d golang: Set/reset default platform options for target Go compiler
f52fbe1d4 golang: Update to 1.13.11
2e6bd4cb8 php7: update to version 7.2.31
191aac174 Merge pull request #12171 from rs/nextdns-1.5.8-openwrt-19.07
07164dec7 nextdns: Update to version 1.5.8
504a5f1b8 Merge pull request #12169 from jefferyto/arm-aarch64-vfp-neon-openwrt-19.07
a12555cc0 treewide: Enable VFP/NEON optimizations for aarch64
595342148 treewide: Update ARM NEON/VFP detection
5f5d63e79 Merge pull request #12158 from Robby-/openwrt-19.07-eaptlstmpdir
0feb9ad31 freeradius3: Fix to init script.
d8b9b0c92 Merge pull request #12141 from EricLuehrsen/unbound_1907_1100
8668e83d5 unbound: update to 1.10.0
2e01dd838 miniupnpd: make hotplug work again
468f6fa13 Merge pull request #12127 from aleksander0m/aleksander/mm-qmi-19.07
1c8e2e0c2 modemmanager: release 1.12.10
cea4fbe30 modemmanager: fix compilation under uClibc-ng
86fedfd52 libqmi: update version to 1.24.12

(cherry picked from commit ea12efd127)
2020-08-05 21:15:10 +02:00
Matthias Schiffer
3ef69c96cf
gluon-mesh-batman-adv: do not delete bat0 during hardif teardown (#2057)
With very bad timing, it is possible that the teardown script of a
gluon_mesh interface runs when bat0 was just created, but primary0 is not
yet added to it. Although there is no hardif to remove in this case,
bat0 will still be deleted, because there is no hardif in bat0.

Disable the interface removal logic by passing `-M` to `batctl interface`.

(cherry picked from commit 92647cd47a)
2020-06-13 18:45:24 +02:00
Matthias Schiffer
e1e7ce3fe6
gluon-config-mode-outdoor: enable 5GHz mesh interfaces when disabling outdoor mode
There is no setting to explicitly enable mesh interfaces in the config
wizard, so we need to enable mesh interfaces by default when the outdoor
mode is disabled (unless site.conf dictates otherwise).

The simplest way to achieve this is to delete the 5GHz mesh interface
sections when outdoor mode is disabled: 200-wireless would delete and
recreate them a moment later anyways, but by deleting them earlier we
ensure that the disabled status is initialized from site.conf again.

(cherry picked from commit 17bc622892)
2020-06-12 22:15:51 +02:00
Matthias Schiffer
eacf5b9e4c
gluon-web-wifi-config: default to enabled 5GHz mesh interfaces when disabling outdoor mode
When disabling outdoor mode, 5GHz mesh interfaces should be enabled by
default again (unless disabled in site.conf).

(cherry picked from commit d2052431dd)
2020-06-12 22:15:49 +02:00
Matthias Schiffer
bf27a736df
gluon-core: fix handling of 'disabled' site.conf attributes for mesh interfaces
Because is_disabled() was always returning true or false, the
first_non_nil() would never actually check the default setting from
site.conf. This was broken since v2017.1.

Fixes: 6cf03bab37 ("treewide: replace normal uses of luci.model.uci with simple-uci to reduce LuCI dependencies")
(cherry picked from commit 3c2593b684)
2020-06-12 22:15:12 +02:00
Matthias Schiffer
e285ccd2e9
gluon-core: create disabled mesh interface sections in outdoor mode
The interfaces should always exist and just be disabled when outdoor
mode is enabled. Not creating them at all leads to an issue in the
advanced wifi settings where an additional reload of the page is
necessary after enabling or disabling the ourdoor mode to make the mesh
VIF options appear or disappear.

(cherry picked from commit b15b008e69)
2020-06-07 10:59:57 +02:00
Matthias Schiffer
fc4bc6fd53
gluon-web-wifi-config: make mesh VIF options depend on outdoor=false
Instead of relying on the existence of interface sections only (which is
still used for the case of interface types that are not configured at
all in the site config), add a proper dependency.

This fixes section visiblity with enabled outdoor mode after the following
fix, and gives the user immediate feedback (allowing to disable outdoor
mode and enable meshing in a single step).

(cherry picked from commit d012d7d32f)
2020-06-07 10:59:31 +02:00
Matthias Schiffer
5a17b81999
gluon-config-mode-outdoor, gluon-web-wifi-config: commit network config
200-wireless will add or remove the mesh network sections of
/etc/config/network. Commit this file, so the modified setting doesn't
get lost on reboot.

Fixes: #2048
(cherry picked from commit 600ab99f80)
2020-06-07 10:57:29 +02:00
Matthias Schiffer
a346b8f8f8
docs: releases: remove "v" prefix from page titles
None of the other release pages have a "v" before the version number.
2020-06-03 21:42:53 +02:00
David Bauer
792a93b4dd docs, README: Gluon v2020.1.3
Signed-off-by: David Bauer <mail@david-bauer.net>
2020-06-03 17:01:16 +02:00
David Bauer
5a7ac058eb docs: add v2020.1.3 release notes
Signed-off-by: David Bauer <mail@david-bauer.net>
2020-06-03 17:01:16 +02:00
David Bauer
c4033f4ede modules: update OpenWrt
9cafcbe0bd ar71xx: correct button type for TL-MR3020 mode slider
2bd1cf92e9 ar71xx: fix splitting firmware partition for TL-WR902AC v1
c963e4267b qos-scripts: fix interface resolving
31de4a40e7 broadcom-wl: don't inherit lock descriptor in nas process

(cherry picked from commit 54dcf935d5)
2020-05-31 16:21:45 +02:00
Matthias Schiffer
1b459dc5cd
Merge pull request #2039 from blocktrron/v2020.1-gha
Enable GitHub actions
2020-05-29 23:47:22 +02:00
David Bauer
7c27701a3b github: add GitHub actions
This commit backports the GitHub actions configuration
from mater to the v2019.1.x branch.

This way, this branch will get build-tested.
2020-05-28 21:52:09 +02:00
Matthias Schiffer
3e66935ab9 build: introduce GLUON_AUTOREMOVE flag
(cherry picked from commit ab6596115a)
2020-05-28 21:52:09 +02:00
Matthias Schiffer
f55c965cad gluon-core: build in xt_CT with GLUON_SPECIALIZE_KERNEL
xt_CT was added to kmod-ipt-conntrack a while back. Update our
GLUON_SPECIALIZE_KERNEL rules accordingly.

When building xt_CT into the kernel, one of the symbols IP_NF_RAW and
IP6_NF_RAW must be enabled as well, even though there is no runtime
dependency when building as modules. The kernel grows by less than 1KB
even when both IP_NF_RAW and NETFILTER_XT_TARGET_CT are enabled, making
this change a (very slight) net win in both flash and RAM usage.

(cherry picked from commit fcc6877c8b)
2020-05-28 21:48:27 +02:00
Matthias Schiffer
9d996c495a generic: reduce squashfs block size to 256KiB
In OpenWrt 19.07, the block size was increased to 1024KiB for "tiny"
devices by default to save flash. Unfortunately, this also significantly
increases the cache memory required by squashfs.

In my test, the increased block size reduced the image size by ~64KiB,
but increased the RAM usage by ~2.6MiB. As most tiny devices have only
32MiB of RAM, this is not a reasonable tradeoff.

The ar71xx-generic target already defines an even lower block size of
64KiB.

(cherry picked from commit 7e8af99cf5)
2020-05-28 21:48:18 +02:00
Matthias Schiffer
58fc1aae63 generic: remove kmod-ipt-offload
This is unused by Gluon.

(cherry picked from commit 1cb97ad63e)
2020-05-28 21:48:11 +02:00
David Bauer
2381290a74
modules: update OpenWrt
83b714a27f musl: fix locking synchronization bug
f99b1d1d92 rpcd: update to latest openwrt-19.07 Git HEAD
92bd395b04 Revert "rpcd: update to latest Git HEAD"
adf5d753ef rpcd: update to latest Git HEAD
9b48375c7e libubox: update to the latest version
a4e8eca03e libubox: update to the latest master
498f1f4f5d ramips: gsw_mt7621: disable PORT 5 MAC RX/TX flow control by default
d8d1956a80 hostapd: backport wolfssl bignum fixes
ab7e9754df ucert: update to latest git HEAD
bc0c2db2a3 brcm47xx: disable Netgear WNR2000 v2 by default
059db419d7 squashfs: Fix compile with GCC 10
97b522a1f9 usign: update to latest git HEAD
942262f9c8 usign: update to latest Git HEAD
6a89098935 ath79: add support for TP-Link TL-WA901ND v4 and v5
a6f70f2e97 ath79: add support for TP-Link TL-WA701ND/730RE/801ND/901ND v1
8c6c488e9e ath79: add support for TP-Link TL-WR940N v6
36d4140517 ath79: add support for TP-Link TL-WA830RE v1
7187826b8b ath79: reorganize DTSI for ar7240 TP-Link devices
d4092eac1f ath79: migrate TP-Link TL-MR3420v2 to ath79
24cfd961d9 ath79: add support for TP9343-based TP-Link TL-WR94x devices
7de43d66ff generic: platform/mikrotik: disambiguate SPDX-License-Identifier
84154574c8 ramips: drop non-existant ralink,port-map for Ravpower WD03
af667c73c5 bcm63xx: mask interrupts on init
d1ce73677c bcm63xx: periph_intc: report effective affinity
1d40c8a9f2 bcm63xx: ext_intc: fix warning
65f2fae911 bcm63xx: periph_intc: fix warning
b2c9f82eb4 bcm63xx: redboot: fix warning
a2a3ac9f51 bcm63xx: bcm6362: fix pinctrl bug
6c96ecf3b4 bcm63xx: refresh kernel config
c3e3802a8e OpenWrt v19.07.3: revert to branch defaults
f3f38f40da OpenWrt v19.07.3: adjust config defaults
85e04e9f46 generic: platform/mikrotik: fix LZOR support
4cd9ae41c5 libjson-c: backport security fixes
6ffd4d8a4d ar71xx: remove hard-coded folder name from Mikrotik RB upgrade
d2ee15ef76 fstools: blockd: fix segfault triggered by non-autofs mounts
4cd44e5dc7 ar71xx: mikrotik: mach-rbspi.c remove wlan id
3fecb06fb1 ar71xx: mikrotik: bypass id check in __rb_get_wlan_data()
b36aa168d8 ar71xx: mikrotik: ath10k: use new sysfs driver
fa2369e59b generic: platform/mikrotik: support LZOR encoding
612b64e6c4 ar71xx: enable mikrotik platform driver
511859de9b generic: mikrotik platform build bits
ddae86cc69 generic: routerboot sysfs platform driver
2efcfb1d1a kernel: bump 4.14 to 4.14.180
ecea10f2b9 ath79: dts: add missing 'serial0' alias for TP-Link TL-MR3040v2

(cherry picked from commit c3be82f6c8)
2020-05-27 22:55:06 +02:00
Martin Weinelt
9a6d26df99
modules: update OpenWrt
a8c92e9eda opkg: Fix PKG_MIRROR_HASH
844b892a74 ath10k-firmware: fix mirror hash
7e9d84ee4a opkg: update to latest Git HEAD
81f3f6540e wireguard: bump to 1.0.20200506
b956f6bd13 wireguard: bump to 20191226
c61fbdd087 odhcpd: fix PKG_SOURCE_DATE
5e8b50da15 odhcpd: fix lan host reachibility due to identical RIO and PIO prefixes (FS#3056)
ac5d5d8d09 ustream-ssl: update to 19.07 Git HEAD
a6caa8fad1 uhttpd: update to 19.07 Git HEAD
3b9e4d6d4c fstools: update to the latest version

(cherry picked from commit 64725858b4)
2020-05-27 22:53:47 +02:00
Martin Weinelt
8b7446a54f
modules: update packages
af5ada457 wifidog-ng: remove incorrect PKG_BUILD_DIR override
b8ce0e959 ddns-scripts: Increment PKG_RELEASE and internal version number
9437c31c8 ddns-scripts: cloudflare.com-v4: Fix grep patterns.
b7958778a ddns-scripts: cloudflare.com-v4: Fix success check for new response format JSON response now has spaces between parameters. Accept this new format and the old one.
98f12a896 ddns-scripts: fix logging bug
a6a2c8d13 ddns-scripts: use HTTP for IPv6 dyndns URL
d040b2471 ddns-scripts: remove HTTPS from dyndns URL
ab7dfd76b ddns-scripts: use new DDNS URL for dyndns.org
c2943b13f ddns-scripts: update ddnss.de response
4d050bac7 ddns-scripts: Use https for domains.google.com
4938c148c nextdns: Update to version 1.5.7
501c782f7 youtube-dl: update to version 2020.5.3
f79cb0907 gerbera: add
2ce218bdc vpn-policy-routing: support phys-dev policies
9eb229c09 vpn-policy-routing: bugfix: remove non-ASCII from log; update README
0ae7e11d7 vpnbypass: bugfix: remove non-ASCII from system log; update README
1d5350fb4 openconnect: updated to 8.09
b10a73c9a ocserv: updated to 1.0.1
04af75b94 youtube-dl: update to version 2020.3.24
e92ac8abe travelmate: fix captive portal detection
c0f906273 bash: Import upstream patches

(cherry picked from commit 77482a27b3)
2020-05-27 22:53:46 +02:00
David Bauer
9d015a55de
modules: bump OpenWrt
d9244a1b5b generic: ar8216: fix unknown packet flooding for ar8229/ar8236
429e4490c4 libpcap: fix library packaging issues
e678cb1595 kernel: bump 4.14 to 4.14.179
8fa4ed9ef7 fstools: update to the latest version
5c6dfb5bc0 fstools: update to the latest version
607809dcdc mac80211: Update to version 4.19.120
96d280cc37 scripts/download: add sources CDN as first mirror
55ccb04046 upgs: Remove extra _DEFAULT_SOURCE definition
ee480c50c1 dante: Fix compile with glibc
5f0e25d966 perf: build with NO_LIBCAP=1
005adba939 mac80211: ath10k: increase rx buffer size to 2048
0974d59b5f kernel: backport fix for non-regular inodes on f2fs
f40947a8c0 ath79: indicate boot/failsafe/upgrade for NanoBeam/Nanostation AC
65cf72d5d2 ath79: add SUPPORTED_DEVICES based on ar71xx for some devices
f9ef0c5705 kernel: bump 4.14 to 4.14.178
2df0ea042d wpad-wolfssl: fix crypto_bignum_sub()
ec6cb33452 mac80211: backport fix for an no-ack tx status issue
f141cdd200 hostapd: unconditionally enable ap/mesh for wpa-cli
54b6683390 wireless-regdb: backport three upstream fixes
55591e63bc curl: backport fix for CVE-2019-15601
35ea808b97 uboot-kirkwood: fix ethernet and usb

Compile-tested: all targets
(cherry picked from commit 2e3a4a5179)
2020-05-27 22:53:34 +02:00
Martin Weinelt
7f3a30423b docs, README: Gluon v2020.1.2 2020-05-02 15:41:26 +02:00
Martin Weinelt
4bfcd6ae61 docs: add v2020.1.2 release notes 2020-05-02 15:41:26 +02:00
Matthias Schiffer
08d860a2e2 generic: disable urngd by default
We already recommend the use of haveged, making urngd redundant. To avoid
incompatible site changes in v2020.1.x, disabled urngd for now.
2020-05-01 16:26:53 +02:00
Martin Weinelt
50fe6a962a
patches: reorder OpenWrt 2020-04-30 02:44:37 +02:00
Martin Weinelt
07a8aea93f modules: update OpenWrt
5feb0df9bb ramips: remove memory node for ZBT MT7621 devices
b80a98ae7f ramips: remove unnecessary DEVICE_PACKAGES for Belkin F7C027
bfe652c5bd oxnas: move service file to correct place
5b4e4a38d8 relayd: bump to version 2020-04-25
4e5a29827f umdns: update to version 2020-04-25
c2efc973d5 dnsmasq: fix dnssec+ntp chicken-and-egg workaround (FS#2574)
6c020577ae libpcap: fix build breakage with very high number of simultaneous jobs
efe837de84 openssl: bump to 1.1.1g
1df49d98e7 relayd: bump to version 2020-04-20
b71c7c261b umdns: update to version 2020-04-20
b6d8119c53 umdns: update to the version 2020-04-05
ef3df27507 umdns: suppress address-of-packed-member warning
55312cc202 binutils: add ALTERNATIVES for strings (FS#3001)
3b6f079d8d mbedtls: update to 2.16.6
67ed408af2 mvebu: cortexa9: correct cpu subtype
dee8fcfe9f tegra: correct cpu subtype
d8e0b015e8 mvebu: backport ClearFog SPI enablement

Compile-tested: ipq40xx, ath79
(cherry picked from commit 2d2cf07e48)
2020-04-30 02:42:57 +02:00
Martin Weinelt
303e473690 modules: update packages
f5cb61cee Merge pull request #11992 from Robby-/openwrt-19.07-freeradius3_update_3_0_21
37812cd96 Merge pull request #11994 from jefferyto/python-2.7.18-openwrt-19.07
caecc597f expat: Update to version 2.2.9
e34d0baee python: Update to 2.7.18, refresh patches
28faf9676 freeradius3: Update to 3.0.21
cb10971c1 freeradius3: Updated patches/004-fix-target-python-header-detection.patch to remove the rlm_python3 specific changes as it is no longer needed to compile and updated the Makefile to reflect this due to the following change/commit in freeradius: 307678b268
4c9d29093 freeradius3: Refreshed patches/002-disable-session-cache-CVE-2017-9148.patch in preparation for the 3.0.21 update.
fe6f04346 freeradius3: Fix the ordering in the Makefile.
0d795d202 mwan3: fix whitespace issue
b7959a8d3 mwan3: Ping IPv6 hosts using address not interface
2ac0a05d6 mwan3: change license to SPDX compatible identifier
928ac2a20 mwan3: update version to 2.8.2
1ea75a8fa mwan3: add httping_ssl option
c2cd3f099 mwan3: fix variable naming
5bf733c2d Merge pull request #11986 from jefferyto/python-target-build-tools-openwrt-19.07
c1394a6a7 python: Fix host build tool names recorded in target files
3d2dc6920 python3: Fix host build tool names recorded in target files
99abc1bd8 Merge pull request #11976 from br101/pingcheck-update
aa353e13d pingcheck: Update and add script directories
411633e52 mpd: update to 0.21.23
63a7426cd Merge branch 'BKPepe-19.07-php7' into openwrt-19.07 (fixes #11923)
d2a02ee24 Merge branch '19.07-php7' of https://github.com/BKPepe/packages into a local branch for conflict resolving.
f2143f6eb php7: fix dependencies for mysqlnd (fixes #11113)
6d9bfa5a8 Merge pull request #11948 from dvtirol/rlm_rest-19.07
742944560 freeradius3: Support building freeradius3-mod-rest
f3bf2e9dd Merge pull request #11946 from jefferyto/python-pip-pep517-pyc-fix-openwrt-19.07
cbb850712 python-pip: Fix error when installing packages that require compilation
5b6607557 python3-pip: Fix error when installing packages that require compilation
ad75f6901 travelmate: refine logical interface selection
eccacec55 less: add ALTERNATIVES
3ab2a1c51 Merge pull request #11938 from aleksander0m/aleksander/modem-updates-19.07
8b46bb9df modemmanager: release 1.12.8
9c337b7ba modemmanager: release 1.12.6
2c1fbf5ec libqmi: update version to 1.24.10
a6f66a078 libqmi: update to version 1.24.8
920c43946 libqmi: bump libqmi version
1b0b8ffa7 Merge pull request #11928 from jefferyto/golang-1.13.10-openwrt-19.07
a15e7212d travelmate: release 1.5.4
f6bb9f3c2 golang: Update to 1.13.10
6e5ca4ddf Merge pull request #11925 from stangri/19.07-simple-adblock
c725bb1b4 simple-adblock: bugfix: start downloads on cold boot
09738290a php7: update to version 7.2.30
059e949ee Merge pull request #11882 from yousong/wget1907
fb64ef9d3 acme: depends on wget-ssl
ba4c4e681 wget: make the ssl variant provides wget-ssl
406b052f7 wget: do not provide itself
ea5c497c2 adblock: filter spurious line endings in sources
b7e94479a git: update to version 2.26.1
5b38ccf0d git: update to version 2.25.1
cc818e580 git: update to version 2.25.0
04d228f9e libupnp: remove patch that should not be there
3f931a4fd minidlna: fix patches from last backport
4dc6dfa77 libxslt: update to 1.1.34
3385d1fd9 libyaml-cpp: Update to 0.63
20d95578e wavemon: update to 0.9.1
83ff6c38f miniupnpd: fix sh syntax error
1fe1c80d6 miniupnpd: convert to procd
c02c42849 miniupnpd: update to 2.1.20191006
66363912d minidlna: update to latest master
a3480774a liblz4: Update to 1.9.2
2caba1671 liblz4: Remove deprecated utime function
a38f59d39 measurement-kit: update to version 0.10.11
856124364 websocketpp: Fix compile with Boost 1.70+
7bfe30462 faad2: update to 2.9.1
f91af9d77 mpc: update to 0.33
c80bc7765 mpc: update to v0.32 and build with meson
a39c4e8e0 libupnpp: link against libm under glibc
b3a09f039 libupnpp: update to 0.17.2
fc2203bb7 libupnpp: Update to 0.17.1
175b26d8b u2pnpd: update to 0.5
caf43f42a libupnp: update to 1.8.7
696d9bdf2 adblock: fix gawk incompatibility
b32a40afe Merge pull request #11843 from neheb/py3
45ca5d87d ruby: update to 2.6.6
84f6fab44 mac-telnet: fix mirror hash
2633415b2 mac-telnet: install uci as config file
4418e49a4 mac-telnet: mark uci as conffile
d12b47361 transmission: add init file STOP directive
54372522f transmission: add syscalls to seccomp filter
10b93cd53 transmission: add service triggers and bump PKG_RELEASE
0ba4820b8 transmission: update config options
125f6ff9e meson: use python3
803c5ef05 libid3tag: add pkg-config file
e91c9b8b1 adblock: fix another reporting bug
67be4858c meson: update to version 0.54.0
7a2b9425d ninja: updated to 1.10.0
66f418654 libmpdclient: update to 2.18
ccd2d7754 libmpdclient: build with meson
2a5a89bcc mpd: update to 0.21.22
5f7f5a205 mpd: allow AAC decoding with mini variant
eda73f927 mpd: link against libpthread under glibc
10ddb2178 mpd: update to 0.21.20
debe4d4d9 mpd: fix ffmpeg AIFF and AMR support
ab7ae0a65 mpd: replace mpg123 with libmad
8346ace9a mpd: fix compilation with uClibc-ng
b061fc6be mpd: update to 0.21.19
82ae5f3bc mpd: update to v0.21.16 and build with meson
fc2a591b5 treewide: Use default PKG_BUILD_DIR when possible
3c59551d8 nsd: Update to 4.2.1
048937c40 xmlrpc-c: Update to 1.51.03
59d23790e libuwsc: update to 3.3.2
2ec415e68 monit: update to the latest release
9eca2ae77 monit: enable / fix IPv6 detection during build
4e3d6eca2 nlbwmon: update to latest Git HEAD
31412a2b4 adblock: update 4.0.4
2944d7142 Merge pull request #11820 from stangri/19.07-https-dns-proxy
210b760d3 https-dns-proxy: bugfix: memory leak
4542b5219 nlbwmon: update to latest Git HEAD
559ff1828 nlbwmon: bump to latest git
45bb9056a nlbwmon: add procd reload trigger for nlbwmon config

(cherry picked from commit 34626bce67)
2020-04-30 02:42:52 +02:00
Martin Weinelt
60f81d7bd5 modules: update routing
9b42e24 Merge pull request #563 from ecsv/batadv-for-19.07
5dd2f44 batman-adv: Merge bugfixes from 2020.1
8b25c90 batctl: Merge bugfixes from 2020.1
094e9b0 batctl: Fix upstream reference in backported patch
20b98f0 Merge pull request #560 from fblaese/babeld
bd25cae babeld: Update to version 1.9.2
9f21b21 Merge pull request #558 from BKPepe/bird2-19.07-bump
dc81e50 bird2: fix service restart and reload (#546)
6e51cca bird2: Update to v2.0.7 (#516)
3a80085 bird2: Update to version 2.0.6
38f2ed9 bird2: Bump to v2.0.5

(cherry picked from commit a070e68849)
2020-04-30 02:42:47 +02:00
Matthias Schiffer
4d5c0d1958 kernel: backport slub prefetch fix from v4.19
This patch fixes a regression introduced in kernel v4.14. While the
commit message only mentions a performance penalty, the issue is
suspected to be the cause of spurious data bus errors on MIPS CPUs
(ar71xx target).

Fixes: #1982
(cherry picked from commit 35e8b53385)
2020-04-29 13:16:42 +02:00
Jan Alexander
fe69fa515c docs: add Aruba AP-303 and Instant On AP11 to supported devices list
(cherry picked from commit 079275ebf2)
2020-04-29 13:16:37 +02:00
David Bauer
81d6b9c1d1 lantiq-xway: remove support for AVM FRITZ!Box 7320 7330 7330SL
This device has broken Ethernet on both ports.

Remove support for those devices. for now, as there was no feedback from
the original author.

Closes #1943

(cherry picked from commit 5231fb0178)
2020-04-29 13:16:06 +02:00
Sven Eckelmann
54cb06ad77 mac80211: ath10k: increase rx buffer size to 2048
Before, only frames with a maximum size of 1528 bytes could be
transmitted between two 802.11s nodes.

For batman-adv for instance, which adds its own header to each frame,
we typically need an MTU of at least 1532 bytes to be able to transmit
without fragmentation.

This patch now increases the maxmimum frame size from 1528 to 1656
bytes.

Tested with two ath10k devices in 802.11s mode, as well as with
batman-adv on top of 802.11s with forwarding disabled.

Fix originally found and developed by Ben Greear.

(cherry picked from commit 8bc602b021)
2020-04-29 13:14:57 +02:00
David Bauer
9f29aa7d05 modules: update OpenWrt
0232f57e1a kernel: bump 4.14 to 4.14.176
286c407c3d ath79: add SUPPORTED_DEVICES for TP-Link TL-WA901ND v2
02c6deab8c mbedtls: update to version 2.16.5
01b624e28e Revert "ramips: disable ZyXel Keenetic by default"
14c8ea0245 ramips: use full 8MB flash on ZyXEL Keenetic

(cherry picked from commit 6042f5256a)
2020-04-29 13:13:32 +02:00
Martin Weinelt
3751a61384 modules update packages
619961596 mosh: use mips16 and remove configure patch
376d0b76f mosh: Fix compilation with libcxx
913f95a4b mosh: Add protobuf host build dependency
d0bf13630 mosh: add package
9e581d578 Merge pull request #11800 from dibdot/adblock-19.07
5e69c9961 adblock: release 4.0.3
f207f2bf3 Merge pull request #11802 from stangri/19.07-simple-adblock
af1e0a533 simple-adblock: bugfixes: remove escape chars from log, restore from cache on boot
b7f2b61da nano: update to 4.9.2
c5a7fba5c graphicsmagic: update to version 1.3.35 (security fix)
574a5af56 Merge pull request #11772 from micmac1/19.07-apache-2443
fa572d135 meson: update to 0.53.2
75c1baa9f meson: update to 0.53.1
c7e1a3453 meson: fix building host binaries with ccache
eeeadde02 python-requests: update to version 2.23.0
ca555a054 dnscrypt-proxy2: update to version 2.0.42
8a4d0b206 apache: security bump to 2.4.43
626bda56d nano: update to 4.9.1
a10dd9369 Merge pull request #11755 from gladiac1337/haproxy-2.0.14-openwrt-19.07
7e48c36cc haproxy: Update HAProxy to v2.0.14
c8eb843fb Merge pull request #11729 from stangri/19.07-vpn-policy-routing
153892633 vpn-policy-routing: separation between auto/all proto; compatibility with mwan3; README update
92a4c6933 gnutls: updated to 3.6.13
0d9a89370 Merge pull request #11699 from stangri/19.07-simple-adblock
9923323db simple-adblock: support multiple dnsmasq instances; rework communication between principal package and luci app
7fba38e3f avahi: update to 0.8
0da04e56d avahi: convert to procd
97a0abf46 avahi: Fix pkgconfig files to be cross compile friendly
ca7da040e flac: Update to 1.33
4bd47a5eb msmtp: remove myself as maintainer
7ccf6f235 msmtp: Update to 1.8.7
efab88dc3 msmtp: Update to 1.8.6
97fcfe955 mpg123: Update to 1.25.13
2dbdb7de3 screen: update to 4.8.0
c133dc75d screen: Update to 4.7.0
a677166dd zstd: Fix compilation with uClibc-ng
6c5b9424e zstd: Update to 1.4.4
18efffaf9 nano: update to 4.9
c983b0844 tor: update to version 0.4.2.7 (security fix)
fb0996711 collectd: disable onewire plugin, BROKEN since 2009
afccb8069 collectd: disable dpdk_telemetry module
45dfd3b51 collectd: update to 5.11.0
9ba7b1799 acme: Backport two bug fixes from master
40c5dd0ba openvswitch: depend on IPV6 for intree kmods
ec0a9d4d0 openvswitch: rework skipping intree kmod build for unsupported kernels
d8c836f6a fish: update to 3.1.0
aae54e90c fish: Fix compilation with libcxx
2ea76a676 fish: Convert to CMake
33eda8575 syncthing: configuration cleanup & hardening
e4c685e5b syncthing: bump to 1.4.0
b8dafa475 syncthing: fixup version detection
f7308a55f strongswan: add conffiles for swanctl util
ba76d4274 strongswan: quote 'comment' parameter in Config.in
1cd3f5fdc net/pagekitec: support status reporting json file
1688807f1 net/pagekitec: Update to newest version
407438796 Merge pull request #11647 from jefferyto/byobu-5.133-openwrt-19.07
97e68c1cb Merge pull request #11646 from jefferyto/python-pyasn1-modules-0.2.8-openwrt-19.07
3c6d37bfa Merge pull request #11645 from jefferyto/python-idna-2.9-openwrt-19.07
72ccf6726 Merge pull request #11644 from jefferyto/python-pycparser-2.20-openwrt-19.07
2c8681870 Merge pull request #11643 from jefferyto/python-enum34-1.1.10-openwrt-19.07
897b76d32 Merge pull request #11641 from jefferyto/python-zope-interface-4.7.2-openwrt-19.07
72731c08c Merge pull request #11639 from jefferyto/python-twisted-security-fix-openwrt-19.07
7fa240521 Merge pull request #11636 from jefferyto/golang-1.13.9-openwrt-19.07
34a77ee37 byobu: Update to 5.133
db63e1208 python-pyasn1-modules: Update to 0.2.8
4da9026f2 python-idna: Update to 2.9
a6b32c675 python-pycparser: Update to 2.20
364c24dd2 python-enum34: Update to 1.1.10, refresh patch
da05e0829 python-enum34: Update to 1.1.9, refresh patch
4e5642de1 python-zope-interface: Update to 4.7.2, refresh patch
261d6cbaa python-twisted: Fix several request smuggling attacks
0b654d52e golang: Update to 1.13.9
8677a0e3e libredblack: pass CFLAGS properly
ad782ffff Merge pull request #11615 from stangri/19.07-https-dns-proxy
fc16e964c Merge pull request #11617 from nxhack/19_07_icu_66_1
6abb6bb2a https-dns-proxy: support for dnsmasq noresolv option
2509b0e89 icu: update to 66.1
df7e27dfe youtube-dl: update to version 2020.3.8
0b8102940 haveged: move init script from 13 to 01
2085b990f libarchive: update to 3.4.2
8bd2d5e53 Merge pull request #11566 from BKPepe/python3-update-19.07
f043afe46 openvswitch: fix PIE build against 4.14 kernel
5827a1ed2 x264: add CONFIGURE_VARS and MAKE_FLAGS when NASM is not selected
5746e4a2b nfs-kernel-server: Fix compile with uClibc-ng
17924b128 xtables-addons: disable ASLR PIE
fd4da9667 python3: update to version 3.7.7
3b9648db3 django: bump to version 1.11.29
55176058f Merge pull request #11540 from neheb/softee
dc524aa2a softethervpn: disable PIC
381153d59 softethervpn: Fix openssl header patch
aba0dd872 softethervpn: Add missing OpenSSL header
f09028fcd softethervpn: Update to rtm version 4.29-9680
b546ff127 stubby: fix init script
c5219c8af stubby: makefile and init script cleanup
9b64ae0ba btrfs-progs: fix check for btrfs in btrfs scan
2f5fce820 syslog-ng: update to version 3.26.1
79186664e Merge pull request #11526 from wvdakker/openwrt-19.07
43c5aba9e Merge pull request #11524 from micmac1/1907arc_aio2
62d9ba9a0 Shorewall6: Bump to 5.2.3.7.
e14ee2480 Shorewall: Bump to 5.2.3.7.
84cca11fa Shorewall6-lite: Bump to 5.2.3.7.
803ab2f44 Shorewall-lite: Bump to 5.2.3.7.
7b67a0b91 Shorewall-core: Bump to 5.2.3.7.
c84786237 mariadb: add dependency on libaio for arc as well
b2f00d8b7 youtube-dl: update to version 2020.3.6
c4795d941 youtube-dl: update to version 2020.3.1
c81415a80 Merge pull request #11501 from Bloup1net/phantap19.07
408f666e6 libuv: update to 1.34.2
b97f33e02 cgi-io: fix compilation against uClibc
68aa303ef cgi-io: use O_TMPFILE for uploads and attempt to directly link target file
7f00eebab cgi-io: use dynamic memory for post decoding, support proc files
ce9229d2e Merge pull request #11500 from fantom-x/irqbalance-backport
bbc1b3025 irqbalance: support reload_config & start later
cdd892c9b irqbalance: add support of interval and banirq
cceb2c3ad irqbalance: upgrade to 1.6.0
801a908a1 phantap: add to 19.07
ca93667c8 Merge pull request #11482 from BKPepe/libaio_update
61b732e62 libaio: Update to 0.3.112
abdbeb350 mosquitto: bump to 1.6.9
a7d3b91ce syncthing: enable via config, lower priority, cleanup
0b9578a1d Merge pull request #11472 from fantom-x/syncthing-19.07
653014528 syncthing: bump to 1.3.4
56af7bcf1 syncthing: add package

(cherry picked from commit 46cd214bb8)
2020-04-13 15:34:21 +02:00
Martin Weinelt
352293b148 modules: update OpenWrt
5b9b833f8c bcm53xx: add support for Luxul FullMAC WiFi devices
ab3549a870 bcm53xx: refactor board.d code in 02_network
35413b047c bcm53xx: sysupgrade: optimize building UBI image
55c29c398c busybox: enable truncate on bcm53xx target
a89731ad7a bcm53xx: fix ASUS firmwares to use vendor format
36373c5ddb openssl: bump to 1.1.1f
470f7c046c ath79: add support for TP-Link TL-WDR4310 v1
96ee7c8bfd libpcap: Update shared-lib patch from Debian to fix linking problems
96092a8eea mkrasimage: fix segmentation fault
bf5ea2a8dc rpcd: fix respawn settings
83381ce95d readline: needs host depend on ncurses to build
45b586c4a6 tools: squashfskit4: fix build with GCC10
79b60d878d squashfskit4/Makefile: introduce PKG_RELEASE=1
a08394b3c6 build: prereq: tidy gcc version checks
66cbfeeaae build: add GCC 10 version detection
eea3a9625c openssl: revert EOF detection change in 1.1.1
c6c3f6bb0a mac80211: Update to version 4.19.112
794fd4c6cf procd: turn error into debug message for missing ujail binary
f5b3cd1539 ar71xx: Fix gigabit switch support for Mikrotik RB951G-2HnD
bdbda30384 ath79: add support for TP-Link TL-WA860RE v1
2e6bfab8c5 ath79: add support for TP-Link TL-WA850RE v1
dba6f418fa mac80211: fix brcmfmac monitor interface crash
27e77922a1 ar71xx: use status led for GL.iNet GL-AR750S

(cherry picked from commit d333bffb67)
2020-04-13 15:34:17 +02:00
Kasalehlia
02e213a718 gluon-web-model: update inputs on form reset
Register to 'reset' event on form element and make call to 'update' function
delayed in 'data-update' handler to allow the form values to update beforehand.

When using a form's 'reset' button, form field visibility was not updated.
This could lead to situations where a checkbox had to be toggled again
twice to display the detail text inputs. (Example taken from private
wifi package)

(cherry picked from commit bf090a8a83)
2020-04-13 15:33:57 +02:00
Martin Weinelt
f7d0db69f9 gluon-respondd: allow queries from extra_prefix6
Fixes #1959

(cherry picked from commit 3fb4cdad13)
2020-04-13 15:33:49 +02:00
David Bauer
45b277bbd7 modules: update OpenWrt
81264ebb51 brcm2708: fix build failure

Compile-tested: brcm2708
(cherry picked from commit 17db337d95)
2020-04-13 15:33:44 +02:00
Martin Weinelt
8d405dce69 modules: update OpenWrt
39405644d5 dnsmasq: add 'scriptarp' option
d5b1f4430f openssl: update to 1.1.1e
798ff37aaa openssl: add configuration example for afalg-sync
168acbb36d oxnas: yet another irqchip related patch
cf4520d15e oxnas: backport another fix for irqchip
456e1c60d6 ath79: add support for TP-Link WDR3500 v1
e7fae8fc97 ath79: add support for TP-Link Archer C60 v3
2bd9d2e08b oxnas: backport patch fixing hang after reboot
74a8e36975 layerscape: add kmod-i2c-mux to DEVICE_PACKAGES for traverse-ls1043
7ae345ecb7 ath79: add support for TP-Link TL-WR740N v5
76c1c1daea ar71xx: fix port order on TP-Link Archer C60 v1/v2
f1a3a6b79c ath79: fix port order on TP-Link Archer C60 v1/v2
e4107e30a7 ar71xx: remove wrong MAC address adjustment for Archer C60 v2
83f1015a6c ar71xx: fix swapped LAN/WAN MAC address for Archer C60 v1/v2
9f024d3587 ath79: fix swapped LAN/WAN MAC address for Archer C60 v1/v2
b32129d30b rssileds: add dependencies based on LDFLAGS
9da31d0fb4 mt76: update to the latest version
68351990dc ar71xx/ath79: ew-dorin, fix the trigger level for WPS button
6e4453aecc kernel: backport out-of-memory fix for non-Ethernet devices
06f5a8d3e9 kernel: bump 4.14 to 4.14.172
e7f1313bbb rpcd: add respawn param
f6f0cd54a2 rpcd: update to latest Git HEAD

Compile-tested: ipq40xx-generic, ramips-mt7621
(cherry picked from commit 9fb4be6104)
2020-04-13 15:33:38 +02:00
Martin Weinelt
536cb00330 modules: update packages
99efce0cd pagekite: add simple websockets and update syntax
42c7a7adb pagekite: avoid redundant information in syslog
13e8c6ffe pagekite: bump to v0.91.200218
c3ff03a34 ocserv: updated to 0.12.6
8b1101bbd gnutls: updated to 3.6.12
95c72d8ab php7: update to 7.2.28
61970ece5 xl2tpd: fix building failure caused by pfc
7fe207375 xl2tpd: bump to version 1.3.15
e9ea875a1 zip: remove package
11b2c1ea1 nnn: update to version 3.0
47dc62ba2 nnn: update to version 2.9
201ec1470 youtube-dl: update to version 2020.2.16
7153a1f7f youtube-dl: update to version 2020.1.24
3a4d88f5d youtube-dl: update to version 2020.1.15
2c0a307ee acme: update to 2.8.5
e29cc586f Merge pull request #11381 from wvdakker/openwrt-19.07
1c7b7cfdf Shorewall6: Bump to version 5.2.3.6
481e63feb Shorewall: Bump to version 5.2.3.6
4f0e5c49d Shorewall6-lite: Bump to version 5.2.3.6
7c8f5fd70 Shorewall-lite: Bump to version 5.2.3.6
1fbf3e179 Shorewall-core: Bump to version 5.2.3.6
3cf36f145 Merge pull request #11375 from jefferyto/golang-1.13.8-openwrt-19.07
12b84e6ac golang: Update to 1.13.8
156dd4ad0 Merge pull request #11360 from gladiac1337/haproxy-2.0.13-openwrt-19.07
2f5b20987 haproxy: Update HAProxy to v2.0.13
bd24f9bb3 ffmpeg: disable x86 asm for old CPU types
dbef69927 ffmpeg: update to 3.4.7
c53055aa1 ffmpeg: Fix fdkaac patches
9d6855be1 ffmpeg: Fix pkgconfig files to be more cross compile friendly
1e97faf11 zabbix: remove configure patch
2058e86fa zabbix: Fix compilation with uClibc-ng
403c98169 Merge pull request #11356 from neheb/boostkkk
2b15682da sshpass: add new package
76947a8be boost: reintroduce uClibc-ng patch
78d7c8aef knot: Do not try to build under ARC
b4febf32c liburcu: Don't build under ARC, not even InstallDev
fc5935729 perl: define $sysroot for extensions
5c856ff55 perl: Don't build InstallDev under ARC
c7e1106d1 nss: Fix compilation with uClibc-ng
bdca0e7bf measurement-kit: Fix compilation with uClibc-ng
8e746461f measurement-kit: update to version 0.10.9
659b1b807 boost: Fix embarassing ARC typo
8640d243e Merge pull request #11296 from Andy2244/samba4-update-4.11.6-(19.07)
a0c00a213 Merge pull request #11297 from Andy2244/ksmbd-update-3.1.3-(19.07)
f5be481a4 ksmbd: update to 3.1.3, ksmbd-tools: update to 3.2.1, add smb1 support, add avahi support package
1a503986f samba4: update to 4.11.6, add new UCI option
490685093 dnsdist: fix compilation on PIE ARM64
f815a7416 Merge pull request #11281 from micmac1/apache-19.07-up
9be5706a7 Merge pull request #11245 from Robby-/openwrt-19.07-rlmpython_and_fixproxycfgconflict
9e551f1b3 apache: add postinstall script
019b8fd05 subversion: fix build failure
8b238c840 subversion: add libsqlite3 depend
623ae4614 apache: bump to 2.4.41 & sync with master
4cba41ac1 apr-util: sync with master
391f5f087 apr: bump to 1.7.0 & sync with master
04da60f17 nano: update to 4.8
3cf0c61f2 php7: update to 7.2.27
c417bddda freeradius3: Enable the rlm_python and rlm_python3 modules.
4d16e3ae3 freeradius3: Fix proxy.conf file conflict.
da2071507 syslog-ng: listen not globally but just locally
268ea7a78 python-importlib-metadata: add new package
90e596693 shadow: update to 4.8.1
433264290 Merge pull request #11213 from adde88/openwrt-19.07
f8999d963 Merge pull request #11229 from jefferyto/golang-env-fixes-openwrt-19.07
1d7cda2ed golang: Improve build isolation from user environment
6ac743909 Merge pull request #11226 from micmac1/sqlite3-19.07
0263d2273 sqlite3: update to version 3.31.1
f828174de hcxtools: update to 5.3.0 + changes to Makefile to include latest binaries being compiled
afb4bb4c2 dnscrypt-proxy2: update to version 2.0.39
ba9262f04 dnscrypt-proxy2: update to version 2.0.36
3c95786ac Merge pull request #11219 from jefferyto/golang-1.13.7-openwrt-19.07
9a792f41c golang: Update to 1.13.7, add PKG_CPE_ID to Makefile
98499ee44 Merge pull request #11214 from Andy2244/wsdd2-fix_typos-(19.07)
24c1ebc2b Merge pull request #11216 from dibdot/19.07-2
8dffab34b adblock: update 3.8.15
00a1294d0 wsdd2: fix typos
da3df8f6c hcxdumptool: update to 6.0.1
e73b2a0a0 Merge pull request #11203 from micmac1/19.07-xml2
0eb7b3e4e libxml2: install xml2-config with host triplet
6e5977094 libxml2/host: revert xml2-config prefix fix
752070f84 nextdns: Update to version 1.4.23
266917ae5 Merge pull request #11197 from Ansuel/backport
2c4e6a539 uwsgi: backport master changes to 19.07
8b5c2901c nginx: backport master changes to 19.07
f7b3d0062 Merge pull request #11184 from micmac1/19.07-maria-10.2.31
cff7a04a6 Merge pull request #11176 from jefferyto/python-fix-float-byte-order-openwrt-19.07
265e444d3 mariadb: security bump to 10.2.31
36a1c0c5a python-certify: bump to 2019.11.28
ad50eb7c0 python3: Fix float byte order detection
a76dd0635 python: Fix float byte order detection
30d0c2ee0 python: Replace utime with utimes
1ec76dd7c libxslt/host: depend on libxml2/host
4689c0998 libxslt: patch security issues
db7c84f67 libxslt: add host build
4d2cbcadc Merge pull request #11149 from nickberry17/add_mm_to_19
cac10393e modemmanager: add ModemManager to packages
c9cf3c277 libqmi: add libqmi to packages
5f27a4701 libmbim: add libmbim to packages
cd81e4f06 Merge pull request #11143 from Andy2244/smbd-rename_ksmbd-update-3.1.1-(19.07)
f5f35a72a Merge pull request #11144 from Andy2244/wsdd2-rename_ksmbd-(19.07)
e6c686454 glib2: fix mips16 build, add size reducing static link, fpic CFLAGS
ef940752d glib2: Disable Werror
fd5a51ac0 wsdd2: update for renamed smbd->ksmbd
82b463b19 smbd: update to 3.1.1, rename to "ksmbd", "ksmbd-tools"
1e43dc8f8 Merge pull request #11123 from stangri/19.07-https-dns-proxy
045e54e6b Merge pull request #11129 from Robby-/openwrt-19.07-freeradius3_update_3_0_20
885c9ed6c Merge pull request #11126 from micmac1/19.07-tiff
b3c1a67ff freeradius3: Update to 3.0.20
eee4d0830 tiff: update version to 4.1.0
a9fd019a3 https-dns-proxy: fix deleting server items, configurable dnsmasq settings change
eab36f8a6 avrdude: Fix GPIO path building
9cb0c7f4a Merge pull request #10990 from BKPepe/django-19.07
5afe3fd1d Merge pull request #11078 from ddast/radicale_add_urllib_dep
ea93089af radicale-py3: Add python3-urllib dependency
72af40f2b nut: fix other/otherflag custom variables in nut-server.init
e1aa905ab nut: update OpenSSL 1.1.0 patch
154da8aa0 nut: fix CGI setup
7b07ac9e3 Merge pull request #11063 from EricLuehrsen/openwrt-19.07-unbound
bc4f3c11c unbound: improve dependencies for okpg
895200940 Merge pull request #11061 from cotequeiroz/afalg_1.1.0-19.07
1410d6b73 afalg_engine: bump to v1.1.0
162974f80 btrfs-progs: update to version 5.4.1
072fcb5ce libseccomp: add seccomp-syscalls.h to InstallDev
3ab34b50d Merge pull request #11051 from wvdakker/openwrt-19.07
5022caf86 Shorewall6-lite: Bump to 5.2.3.5
0b890cf4b Shorewall6: Bump to 5.2.3.5
1201cdcd5 Shorewall: Bump to 5.2.3.5
4cb0ff831 Shorewall-lite: Bump to 5.2.3.5
c2a5aa1a5 Shorewall-core: Bump to 5.2.3.5
8ba3c7b19 afalg_engine: fix ENGINES location, zero-copy
776216a65 afalg_engine: add new package
995226d95 strongswan: bump to 5.8.2
243673b2d strongswan: allow to specify per-connection reqid with UCI
3880d65a0 strongswan: bump to 5.8.1
ba43556ae libarchive: update to version 3.4.1 (security fix)
ff87e8dbf oniguruma: bump to version 6.9.4
3030d0fc1 vpn-policy-routing: bugfix: remove conflict with vpnbypass
d0bdd3252 Merge pull request #11021 from jefferyto/golang-updates-openwrt-19.07
2dbc88762 golang: Update to 1.13.6
fdd202bd1 golang: Fix selection of GOARM value
6a64b7aff libseccomp: update to version 2.4.2
a50eeb01f django: update to version 1.11.27
8f3dcbcee unbound: fix TLS forwards with optional suffix
ffdbf4e7c measurement-kit: update to version 0.10.8
8f037084b measurement-kit: update package
8f2eb8f2d measurement-kit: update to version 0.10.6
3dfabe79f smbd: Update to 3.0.2
670f336d7 transmission: Sync with master
e847333d1 python,python3: split python[3]-pkg-resources from setuptools
1f293771c openvswitch: bump PKG_RELEASE
dc097661c openvswitch: backport patch to fix compilation
74e160df2 openvswitch: fix building failure caused by dst_ops api change
a4a54d0f3 openvswitch: bump to version 2.11.1
d974cd367 Merge pull request #10920 from Rixerx/openwrt-19.07
26c23f3b9 Merge pull request #10881 from mstorchak/stubby-19.07
9adadfd8e sqlite3: bump to version 3.30.1
3bfc11ea2 sqlite3: bump to 3.29.0
e2bca1026 nginx: update to 1.16.1
74e9ca74f tor: add respawn to init script
b85cbaf7e tor: update to version 0.4.2.5
2da2cf43b youtube-dl: update to version 2020.1.1
9ec865253 Merge pull request #10940 from Andy2244/samba-4.11.4-(19.07)
7472cc742 Merge pull request #10938 from Andy2244/smbd-rename-3.0.1-(19.07)
396c5fc9b Merge pull request #10939 from Andy2244/wsdd2-init-update-(19.07)
bff320497 Merge pull request #10937 from Andy2244/libtirpc-1.2.5-(19.07)
85066d81d samba4: update to 4.11.4 (python3 version), add rpcsvc-proto, add libasn1 host build
28e84aacf wsdd2: update to git (2019-12-15), bind to 'lan' only, update init for smbd
8bc58d175 smbd: rename from cifsd, update to 3.0.1
71d639a45 libtirpc: update to 1.2.5
3a82973ae zabbix: update to 4.0.16
34938d03f Merge pull request #10903 from stangri/19.07-vpn-policy-routing
a015cc1bd youtube-dl: update to version 2019.12.25
86b48645f vpn-policy-routing: initial release
d22c35e58 nano: update to 4.7
10a7a8763 Merge pull request #10897 from jefferyto/golang-format-ldflags-openwrt-19.07
fc313e772 golang: Format TARGET_LDFLAGS for gcc
8df00a88e Merge pull request #10892 from cshoredaniel/pr-19.07-radicale2-doc-passlib-bcrypt
3b5c73f85 Merge pull request #10893 from cshoredaniel/pr-19.07-update-passlib-1-7-2
64d4fc6e6 radicale2: Document suggested use of passlib and bcrypt
9f39817c7 Merge pull request #10888 from mwarning/zerotier
479b45b8a zerotier: update to 1.4.6
f0c5a95a4 zerotier: make sure the /var/lib exists
38a3ed1c7 zerotier: change license to BSL 1.1
e42648f3c zerotier: update to release 1.4.4
70f4c1d19 zerotier: udpate to 1.4.2
61291196d zerotier: fix linking to libnatpmp and build with uclibc
1961985f8 zerotier: update to zerotier 1.4.0
7b5cc70fa zerotier: keep configuration file on update
bcdb9d00a passlib: Update passlib to 1.7.2
ed6e1024b stubby: switch to ca-bundle in 19.07
73a965aea Merge pull request #10875 from jefferyto/golang-ldflags-fix-openwrt-19.07
db9a8a1e7 golang: Fix ldflags when GO_PKG_LDFLAGS is set
a25849997 Merge pull request #10865 from nxhack/libuv_1_32_0
a23285c00 libuv: update to 1.32.0
b710855ef Merge pull request #10762 from leonghui/wiki-link-update-19.07
07cda0edc Merge pull request #10862 from gladiac1337/haproxy-2.0.12-openwrt-19.07
02985327b haproxy: Update HAProxy to v2.0.12
ef82bba48 unbound: update to 1.9.6
c9cb6a0b1 dnscrypt-proxy2: Update to version 2.0.34
b8bd94ef8 mtr: update to 0.93
5fe674a86 knot: update to version 2.9.2
20d3d99a5 meson: Update to version 0.52.1
c1b410d7a lmdb: use toolchain AR for compilation
38c0db06b shadow: change default encryption method from DES to SHA512
4a8f7d124 netdata: Update to version 1.19.0
39dce33ac syslog-ng: Update to version 3.25.1
cbb329ac7 btrfs-progs: Update to version 5.4
94c4f61b5 Merge pull request #10856 from BKPepe/python3-19.07
198d01f78 Merge pull request #10852 from gekmihesg/19.07-restic-rest-server
0f18984d4 Merge pull request #10853 from gekmihesg/19.07-restic
c5d6ffaf1 python3: Updated to version 3.7.6
34b31493e restic: add package
a018b5149 restic-rest-server: add package
9fffb2b68 icu: Backport C++11 math patch
fff198e7f Merge pull request #10753 from stangri/19.07-https-dns-proxy
e3de8dd08 Merge pull request #10822 from cshoredaniel/pr-19.07-remove-msmtp-scripts
90ef9c18c git: update to version 2.24.1 (security fix)
dc2c25ccf git: Update to version 2.24.0
96c667a12 nspr: update to 4.24
ad246b363 nspr: update to 4.23
8f48dc334 nspr: update to 4.22
78e241c54 nss: update to 3.48
7e51bdee0 nss: update to 3.47.1 and fix xscale
da51495aa nss: update to 3.47
5b1beec9d nss: update to 3.46.1
d4d798baa nss: update to 3.46
0b2a73d15 nss: Replace usleep with nanosleep
666cce12c nss: update to 3.45
01b9bf1a1 nss: update to 3.44.1
ceeac3b37 vpnc-script: bumped release version
13de8da3b php7: update to 7.2.26
b46f4ecd3 vpnc-script: enable reconnect
f57ca519a cgi-io: close pipe descriptors early
9e434da4e cgi-io: implement exec action
59ca5bda3 msmtp-scripts: Remove as abandoning upstream; msmtp-queue works
a84d8ddce https-dns-proxy: switch to https-dns-proxy package name
80c42c968 Merge pull request #10809 from etactica/mb-1907
7ebd7011c libmodbus: update to 3.1.6
a70432b78 tor: update to 0.4.1.6
9147f9d72 tor: update to version 0.4.1.5
2c434727b Merge pull request #10801 from gladiac1337/haproxy-2.0.11-openwrt-19.07
90180becf haproxy: Update HAProxy to v2.0.11
18e9050e3 treewide: update wiki links
10d2e63dd Merge pull request #10776 from rs/nextdns-1.3.1_19.07
d40052862 nextdns: update to version 1.3.1
b4f3e5085 collectd: add vmem uci config
3a65e659d adblock: bugfix 3.8.14
111e84674 net/pagekitec: Update to 20191211 version
a82cbd584 adblock: bugfix 3.8.13
c61579b56 meson: add new package
fd5ef39e8 ninja: add new package
c1dd9499b golang: Update to 1.13.5
e67c39546 transmission: bump PKG_RELEASE
8acf58bf6 geth: Update to 1.9.9
54cbc535d geth: Update to 1.9.6
710c325be nnn: Update to version 2.8.1
b88b43dd1 python-more-itertools: add new package
bc30298f5 motion: fix streaming
77d230b52 motion: add basic procd init script
b1b53e61c motion: Update to 4.2.2
350716771 Merge pull request #10682 from hnyman/collectd-backport
2591e8220 mosquitto: bump to version 1.6.8
12be725fa Merge pull request #10697 from jefferyto/byobu-1.130-openwrt-19.07
1781209be gnutls: fixed pkg-hash to the right one
1c28d8cc2 openconnect: updated to 8.05
b551c5329 gnutls: updated to 3.6.11
6aebfb2df byobu: Update to 5.130
879a1e25b byobu: Update to 5.129
0116633d0 nano: update to 4.6
3dd9ef2f1 banip: update 0.3.11
a9b5f0657 collectd: update to 5.10.0
e33b3f8ca collectd: adjust reaction to ntp time at boot time
a681b766e collectd: update to 5.9.2
bbf35c736 collectd: bump PKG_PACKAGE version
e7ed36702 collectd: add reload and service trigger
ac29330c5 collectd: add logfile plugin definitions
5dd077e95 collectd: add iptables uci config
6884430d4 collectd: add network uci config
df7d418c9 collectd: add curl uci config
53e546854 collectd: add apcups uci config
eb6798351 collectd: add new memory config values
0f9ae62e2 collectd: add new cpu config values
4d54186f1 collectd: use uname to get default Hostname
2bd0a56f0 collectd: log stderr output
c4083af7b collectd: enable threshold plugin
1920eb60f collectd: move jshn.sh include to remove warning
00803ffc9 collectd: enable cpufreq module for ipq40xx and brcm2708_bcm2709
e6ced2769 Merge pull request #10676 from gladiac1337/haproxy-2.0.10-openwrt-19.07
5dd5b3365 haproxy: Update HAProxy to v2.0.10
a79d6df67 transmission: sync with master branch
7c1c00735 Merge pull request #10646 from Andy2244/softethervpn5-9672_19.07
a881ab43c softethervpn5: update to 5.01.9672

Build-tested: x86-64, ipq40xx
(cherry picked from commit 027aa49d91)
2020-04-13 15:33:29 +02:00
Martin Weinelt
567a7497ec modules: update routing
b8fd8c8 Merge pull request #554 from ecsv/batadv-for-19.07
18a724e batman-adv: Merge bugfixes from 2020.0
efa6e54 luci-app-bmx6: bugfix querying bmx6-info (p2)
f1b0476 luci-app-bmx6: bugfix format to query bmx6-info
839ea37 quagga: update to version 1.1.1 (#541)
c82ce8d Merge pull request #536 from ecsv/batadv-for-19.07
242185e batman-adv: Merge bugfixes from 2019.5
2020-03-22 10:09:15 +01:00
Martin Weinelt
7669aea60e docs: v2020.1: add Edgerouter X NAND driver problem to known issues
Resolves #1937

(cherry picked from commit bf04107048)
2020-03-19 23:32:06 +01:00
Ralf Jung
c4d38a2ea9 gluon-mesh-vpn-tunneldigger: only search for exactly the tunneldigger binary in watchdog (#1953)
(cherry picked from commit 68d970e91b)
2020-03-08 13:43:13 +01:00
David Bauer
447595f0bb docs, README: Gluon v2020.1.1 2020-03-07 19:48:12 +01:00
David Bauer
1566324fd3 docs: add v2020.1.1 release notes 2020-03-07 19:48:12 +01:00
Martin Weinelt
c219d3c1dc docs: v2020.1: append missing known issues
(cherry picked from commit 9e4eb18290)
2020-03-07 19:25:15 +01:00
David Bauer
653730a5e7 modules: update OpenWrt
1713707673 ar71xx: add missing LED migration for Archer C7
ef391799e3 ar71xx: correct AVM FRITZ Repeater 450E WPS button flag
c56ed72d2b OpenWrt v19.07.2: revert to branch defaults
33732f4a9c OpenWrt v19.07.2: adjust config defaults
65030d81f3 libubox: update to latest Git HEAD
b33cfb7eb2 ath79: add missing reset-gpios for NanoStation Loco M (XW)
4edadfb997 ath79: add support for Ubiquiti NanoStation Loco M (XW)
cf118077cd ppp: backport security fixes
0e9e5b1553 Revert "ppp: backport security fixes"
9e2a1af62f uhttpd: update to latest Git HEAD
af79c3bccc kernel: bump 4.14 to 4.14.171
bc0ca20ca9 ipq806x: fix bug in L2 cache scaling
191822b59f ipq806x: add missing core1 voltage tolerance
d0c8875faf ath79: ar934x: use reset for usb-phy-analog
c9b6bb43ce ath79: phy-ar7200-usb: adapt old behavior of arch/mips/ath79/dev-usb.c
b2660e67f0 Revert "ath79: add support for Ubiquiti NanoStation Loco M (XW)"
21bf718b8c ath79: add support for Ubiquiti NanoStation Loco M (XW)
2d3a93335a ramips: append tail to WF2881 initramfs image
8fa6107aee ath79: add support for Ubiquiti Picostation M (XM)
6a950afde1 ath79: add support for Ubiquiti Nanostation Loco M (XM)
7cbd39421e ath79: add gpio4 pinmux on TL-WR841N/ND v8, WR842N v2, MR3420 v2
085f38351f ath79: enable forceless sysupgrade from ar71xx on fritz300e
6b7eeb74db ppp: backport security fixes
95d5cbdec3 ath79: add wmac migration for all ar93xx/qca95xx SoCs
2d21357b65 ath79: ar93xx/qca95xx: move gmac/wmac/pcie node out of apb bus
b6c01fec92 hostapd: remove erroneous $(space) redefinition
5000fc53a1 ath79: fix DTS node names for Ubiquiti XW partitions
a0ca72d9ab uboot-envtools: ath79: add Netgear WNDR3700v2
53cd2299ee ath79: WNDR3700 v1/v2: make u-boot env partition writable
cff3795450 bcm53xx: build images for Luxul ABR-4500 and XBR-4500 routers
cf2b042855 firmware-utils: add lxlfw tool for generating Luxul firmwares
887eb669f9 mac80211: brcm: backport remaining 5.6 kernel patches
d91b52b1a2 kernel: add missing symbol
2a844349fa kernel: add support for GD25D05 SPI NOR
eca8a2ee0d kernel: bump 4.14 to 4.14.169
3d1c84d424 ramips: reenable image creation for the D-Link DIR-645
2020-03-02 20:48:35 +01:00
32 changed files with 1086 additions and 35 deletions

498
.github/workflows/build-gluon.yml vendored Normal file
View File

@ -0,0 +1,498 @@
# Update this file after adding/removing/renaming a target by running
# `make list-targets BROKEN=1 | ./contrib/actions/generate-actions.py > ./.github/workflows/build-gluon.yml`
name: Build Gluon
on:
push:
branches:
- master
- next
- v20*
pull_request:
types: [opened, synchronize, reopened]
jobs:
ar71xx-generic:
name: ar71xx-generic
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh ar71xx-generic
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: ar71xx-generic_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: ar71xx-generic_output
path: output
ar71xx-tiny:
name: ar71xx-tiny
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh ar71xx-tiny
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: ar71xx-tiny_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: ar71xx-tiny_output
path: output
ar71xx-nand:
name: ar71xx-nand
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh ar71xx-nand
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: ar71xx-nand_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: ar71xx-nand_output
path: output
ath79-generic:
name: ath79-generic
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh ath79-generic
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: ath79-generic_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: ath79-generic_output
path: output
brcm2708-bcm2708:
name: brcm2708-bcm2708
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh brcm2708-bcm2708
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: brcm2708-bcm2708_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: brcm2708-bcm2708_output
path: output
brcm2708-bcm2709:
name: brcm2708-bcm2709
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh brcm2708-bcm2709
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: brcm2708-bcm2709_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: brcm2708-bcm2709_output
path: output
ipq40xx-generic:
name: ipq40xx-generic
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh ipq40xx-generic
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: ipq40xx-generic_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: ipq40xx-generic_output
path: output
ipq806x-generic:
name: ipq806x-generic
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh ipq806x-generic
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: ipq806x-generic_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: ipq806x-generic_output
path: output
lantiq-xrx200:
name: lantiq-xrx200
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh lantiq-xrx200
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: lantiq-xrx200_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: lantiq-xrx200_output
path: output
lantiq-xway:
name: lantiq-xway
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh lantiq-xway
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: lantiq-xway_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: lantiq-xway_output
path: output
mpc85xx-generic:
name: mpc85xx-generic
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh mpc85xx-generic
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: mpc85xx-generic_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: mpc85xx-generic_output
path: output
mpc85xx-p1020:
name: mpc85xx-p1020
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh mpc85xx-p1020
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: mpc85xx-p1020_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: mpc85xx-p1020_output
path: output
ramips-mt7620:
name: ramips-mt7620
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh ramips-mt7620
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: ramips-mt7620_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: ramips-mt7620_output
path: output
ramips-mt7621:
name: ramips-mt7621
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh ramips-mt7621
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: ramips-mt7621_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: ramips-mt7621_output
path: output
ramips-mt76x8:
name: ramips-mt76x8
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh ramips-mt76x8
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: ramips-mt76x8_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: ramips-mt76x8_output
path: output
ramips-rt305x:
name: ramips-rt305x
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh ramips-rt305x
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: ramips-rt305x_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: ramips-rt305x_output
path: output
sunxi-cortexa7:
name: sunxi-cortexa7
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh sunxi-cortexa7
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: sunxi-cortexa7_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: sunxi-cortexa7_output
path: output
x86-generic:
name: x86-generic
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh x86-generic
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: x86-generic_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: x86-generic_output
path: output
x86-geode:
name: x86-geode
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh x86-geode
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: x86-geode_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: x86-geode_output
path: output
x86-64:
name: x86-64
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh x86-64
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: x86-64_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: x86-64_output
path: output
ar71xx-mikrotik:
name: ar71xx-mikrotik
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh ar71xx-mikrotik
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: ar71xx-mikrotik_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: ar71xx-mikrotik_output
path: output
brcm2708-bcm2710:
name: brcm2708-bcm2710
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh brcm2708-bcm2710
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: brcm2708-bcm2710_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: brcm2708-bcm2710_output
path: output
mvebu-cortexa9:
name: mvebu-cortexa9
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh mvebu-cortexa9
- name: Archive build logs
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v1
with:
name: mvebu-cortexa9_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: mvebu-cortexa9_output
path: output

View File

@ -40,10 +40,11 @@ $(eval $(call mkabspath,GLUON_TARGETSDIR))
$(eval $(call mkabspath,GLUON_PATCHESDIR))
GLUON_MULTIDOMAIN ?= 0
GLUON_AUTOREMOVE ?= 0
GLUON_DEBUG ?= 0
export GLUON_RELEASE GLUON_REGION GLUON_MULTIDOMAIN GLUON_DEBUG GLUON_DEPRECATED GLUON_DEVICES \
GLUON_TARGETSDIR GLUON_PATCHESDIR GLUON_TMPDIR GLUON_IMAGEDIR GLUON_PACKAGEDIR
GLUON_TARGETSDIR GLUON_PATCHESDIR GLUON_TMPDIR GLUON_IMAGEDIR GLUON_PACKAGEDIR GLUON_AUTOREMOVE
show-release:
@echo '$(GLUON_RELEASE)'

View File

@ -21,7 +21,7 @@ the future development of Gluon.
Please refrain from using the `master` branch for anything else but development purposes!
Use the most recent release instead. You can list all releases by running `git tag`
and switch to one by running `git checkout v2020.1 && make update`.
and switch to one by running `git checkout v2020.1.4 && make update`.
If you're using the autoupdater, do not autoupdate nodes with anything but releases.
If you upgrade using random master commits the nodes *will break* eventually.

View File

@ -0,0 +1,49 @@
#!/usr/bin/env python3
import sys
ACTIONS_HEAD = """
# Update this file after adding/removing/renaming a target by running
# `make list-targets BROKEN=1 | ./contrib/actions/generate-actions.py > ./.github/workflows/build-gluon.yml`
name: Build Gluon
on:
push:
branches:
- master
- next
- v20*
pull_request:
types: [opened, synchronize, reopened]
jobs:
"""
ACTIONS_TARGET="""
{target_name}:
name: {target_name}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Install Dependencies
run: sudo contrib/actions/install-dependencies.sh
- name: Build
run: contrib/actions/run-build.sh {target_name}
- name: Archive build logs
if: ${{{{ !cancelled() }}}}
uses: actions/upload-artifact@v1
with:
name: {target_name}_logs
path: openwrt/logs
- name: Archive build output
uses: actions/upload-artifact@v1
with:
name: {target_name}_output
path: output
"""
output = ACTIONS_HEAD
for target in sys.stdin:
output += ACTIONS_TARGET.format(target_name=target.strip())
print(output)

View File

@ -0,0 +1,10 @@
#!/bin/sh
set -e
cp contrib/actions/sources.list /etc/apt/sources.list
rm -rf /etc/apt/sources.list.d
apt update
apt install git subversion build-essential python gawk unzip libncurses5-dev zlib1g-dev libssl-dev wget time
apt clean
rm -rf /var/lib/apt/lists/*

13
contrib/actions/run-build.sh Executable file
View File

@ -0,0 +1,13 @@
#!/bin/sh
set -e
export BROKEN=1
export GLUON_AUTOREMOVE=1
export GLUON_DEPRECATED=1
export GLUON_SITEDIR="contrib/ci/minimal-site"
export GLUON_TARGET=$1
export BUILD_LOG=1
make update
make -j2 V=s

View File

@ -0,0 +1,2 @@
deb http://mirror.netcologne.de/ubuntu/ bionic main restricted
deb http://mirror.netcologne.de/ubuntu/ bionic-updates main restricted

View File

@ -24,7 +24,7 @@ copyright = '2015-2020, Project Gluon'
author = 'Project Gluon'
# The short X.Y version
version = '2020.1+'
version = '2020.1.4'
# The full version, including alpha/beta/rc tags
release = version

View File

@ -74,6 +74,10 @@ Several Freifunk communities in Germany use Gluon as the foundation of their Fre
:caption: Releases
:maxdepth: 1
releases/v2020.1.4
releases/v2020.1.3
releases/v2020.1.2
releases/v2020.1.1
releases/v2020.1
releases/v2019.1.2
releases/v2019.1.1

View File

@ -0,0 +1,59 @@
Gluon 2020.1.1
==============
This is the first service release for the Gluon 2020.1.x line, fixing regressions reported by
the community.
Bugfixes
--------
- Fixed non-working LEDs on TP-Link Archer C5 v1 and Archer C7 v2 after an upgrade to Gluon 2020.1.
- Fixed an issue which leads to AVM FRITZ!WLAN Repeater 450E devices being stuck in failsafe mode
ater an upgrade to Gluon 2020.1.
Other changes
-------------
- Linux kernel has been updated to 4.14.171
Known issues
------------
- Out of memory situations with high client count on ath9k.
(`#1768 <https://github.com/freifunk-gluon/gluon/issues/1768>`_)
- The integration of the BATMAN_V routing algorithm is incomplete.
- | Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
| Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
| metric.
- | Throughput values are not correctly acquired for different interface types.
| (`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
| This affects virtual interface types like bridges and VXLAN.
- Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
- The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is
disallowed).
- Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
- Frequent reboots due to out-of-memory or high load due to memory pressure on weak hardware especially in larger
meshes (`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)
Optimizations in Gluon 2018.1 have significantly improved memory usage.
There are still known bugs leading to unreasonably high load that we hope to
solve in future releases.
- High chance of ending in a soft-bricked state for Ubiquiti EdgeRouter-X. Workaround is to
repeat initial installation using the serial console. (`#1937 <https://github.com/freifunk-gluon/gluon/issues/1937>`_)

View File

@ -0,0 +1,82 @@
Gluon 2020.1.2
==============
Removed hardware support
------------------------
lantiq-xway
~~~~~~~~~~~
- AVM FRITZ!Box 7320 [#switchports_not_working]_
- AVM FRITZ!Box 7330 [#switchports_not_working]_
- AVM FRITZ!Box 7330 SL [#switchports_not_working]_
.. [#switchports_not_working]
The switchports on these devices are not working properly (`#1943 <https://github.com/freifunk-gluon/gluon/issues/1943>`_)
Bugfixes
--------
- Fixes a bug in the tunneldigger watchdog where the watchdog would incorrectly find itself while looking up the running tunneldigger process. It then went on and assumed a PID mismatch between the tunneldigger service and its PID file and therefore caused an unnecessary restart of the tunnel. (`#1952 <https://github.com/freifunk-gluon/gluon/issues/1952>`_)
- Fixes an oversight in the firewalling of the respondd service where queries from prefix listed in ``extra_prefixes6`` would be dropped. (`#1941 <https://github.com/freifunk-gluon/gluon/issues/1941>`_)
- Fixes a bug in ``gluon-web`` where forms would not correctly update their field visibility on reset. This affected, for example, the private wifi page in the config mode. (`#1970 <https://github.com/freifunk-gluon/gluon/pull/1970>`_)
- Fixes RX buffer sizing in the ath10k driver to allow for frames larger than 1528 Bytes. (`#1992 <https://github.com/freifunk-gluon/gluon/pull/1992>`_)
- Fixes a regression in the v4.14 kernel where spurious data bus errors on ar71xx devices would cause a reboot. (`#1994 <https://github.com/freifunk-gluon/gluon/pull/1994>`_)
Other changes
-------------
- Linux kernel has been updated to 4.14.176
Internals
---------
- OpenWrt 19.07 introduced the urgnd entropy daemon that serves the same function as the haveged service, which we have been recommending. To not have two redundant entropy daemons in this release we remove urngd in favor of haveged in the v2020.1 release series.
Known issues
------------
- High chance of ending in a soft-bricked state for Ubiquiti EdgeRouter-X. Workaround is to
repeat initial installation using the serial console. (`#1937 <https://github.com/freifunk-gluon/gluon/issues/1937>`_)
- Out of memory situations with high client count on ath9k.
(`#1768 <https://github.com/freifunk-gluon/gluon/issues/1768>`_)
- The integration of the BATMAN_V routing algorithm is incomplete.
- | Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
| Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
| metric.
- | Throughput values are not correctly acquired for different interface types.
| (`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
| This affects virtual interface types like bridges and VXLAN.
- Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
- The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is
disallowed).
- Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
- Frequent reboots due to out-of-memory or high load due to memory pressure on weak hardware especially in larger
meshes (`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)
Optimizations in Gluon 2018.1 have significantly improved memory usage.
There are still known bugs leading to unreasonably high load that we hope to
solve in future releases.

View File

@ -0,0 +1,55 @@
Gluon 2020.1.3
==============
Bugfixes
--------
- Fixes a bug in musl which can lead to spurious crashes in fastd and other programs, which alternate between single-
and multi-threaded operation. (`#2029 <https://github.com/freifunk-gluon/gluon/issues/2029>`_)
- Fixes a regression which led to around 2.5 MiB higher memory usage for ar71xx-tiny and ramips-rt305x targets.
While this decreases the memory usage, the image will become around 64KiB larger. (`#2032 <https://github.com/freifunk-gluon/gluon/issues/2032>`_)
- Fixes a bug which can cause the TP-Link TL-MR3020 v1 to become stuck in failsafe mode.
Other changes
-------------
- Linux kernel has been updated to 4.14.180
Known issues
------------
- High chance of ending in a soft-bricked state for Ubiquiti EdgeRouter-X. Workaround is to
repeat initial installation using the serial console. (`#1937 <https://github.com/freifunk-gluon/gluon/issues/1937>`_)
- Out of memory situations with high client count on ath9k.
(`#1768 <https://github.com/freifunk-gluon/gluon/issues/1768>`_)
- The integration of the BATMAN_V routing algorithm is incomplete.
- | Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
| Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
| metric.
- | Throughput values are not correctly acquired for different interface types.
| (`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
| This affects virtual interface types like bridges and VXLAN.
- Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
- The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is
disallowed).
- Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

View File

@ -0,0 +1,47 @@
Gluon 2020.1.4
==============
Added hardware support
----------------------
- Added support for TP-Link CPE210 3.20 (`#2080 <https://github.com/freifunk-gluon/gluon/issues/2080>`_)
Bugfixes
--------
- Fixed a rare race-condition during mesh interface teardown (`#2057 <https://github.com/freifunk-gluon/gluon/pull/2057>`_)
- Fixed handling of mesh interfaces together with outdoor mode, site.conf defaults and config mode (`#2049 <https://github.com/freifunk-gluon/gluon/pull/2049>`_) (`#2054 <https://github.com/freifunk-gluon/gluon/pull/2054>`_)
Other changes
-------------
- Linux kernel has been updated to 4.14.193
- Backports of batman-adv bugfixes
Known issues
------------
* Upgrading EdgeRouter-X from versions before v2020.1.x may lead to a soft-bricked state due to bad blocks on the
NAND flash which the NAND driver before this release does not handle well.
(`#1937 <https://github.com/freifunk-gluon/gluon/issues/1937>`_)
* The integration of the BATMAN_V routing algorithm is incomplete.
- Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
metric.
- Throughput values are not correctly acquired for different interface types.
(`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is
disallowed).

View File

@ -189,3 +189,50 @@ still builds and warnings are highlighted, and that Gluon still
compiles, by testing a build on the ``x86_64`` target. We expect this to
significantly improve the feedback cycle and quality of contributions.
Known issues
************
* Upgrading EdgeRouter-X from versions before v2020.1.x may lead to a soft-bricked state due to bad blocks on the
NAND flash which the NAND driver before this release does not handle well.
(`#1937 <https://github.com/freifunk-gluon/gluon/issues/1937>`_)
* LEDs on TP-Link Archer C5 v1 and Archer C7 v2 are not working after Upgrade to v2020.1
(`#1941 <https://github.com/freifunk-gluon/gluon/issues/1941>`_)
* AVM FRITZ!WLAN Repeater 450E is stuck in failsafe mode. (`#1940 <https://github.com/freifunk-gluon/gluon/issues/1940>`_)
* Out of memory situations with high client count on ath9k.
(`#1768 <https://github.com/freifunk-gluon/gluon/issues/1768>`_)
* The integration of the BATMAN_V routing algorithm is incomplete.
- | Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
| Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
| metric.
- | Throughput values are not correctly acquired for different interface types.
| (`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
| This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is
disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
* Frequent reboots due to out-of-memory or high load due to memory pressure on weak hardware especially in larger
meshes (`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)
Optimizations in Gluon 2018.1 have significantly improved memory usage.
There are still known bugs leading to unreasonably high load that we hope to
solve in future releases.

View File

@ -1,4 +1,4 @@
-- This is an example site configuration for Gluon v2020.1
-- This is an example site configuration for Gluon v2020.1.4
--
-- Take a look at the documentation located at
-- https://gluon.readthedocs.io/ for details.

View File

@ -8,7 +8,7 @@ Gluon's releases are managed using `Git tags`_. If you are just getting
started with Gluon we recommend to use the latest stable release of Gluon.
Take a look at the `list of gluon releases`_ and notice the latest release,
e.g. *v2020.1*. Always get Gluon using git and don't try to download it
e.g. *v2020.1.4*. Always get Gluon using git and don't try to download it
as a Zip archive as the archive will be missing version information.
Please keep in mind that there is no "default Gluon" build; a site configuration
@ -44,7 +44,7 @@ Building the images
-------------------
To build Gluon, first check out the repository. Replace *RELEASE* with the
version you'd like to checkout, e.g. *v2020.1*.
version you'd like to checkout, e.g. *v2020.1.4*.
::
@ -208,6 +208,12 @@ GLUON_TARGET
Special variables
.................
GLUON_AUTOREMOVE
Setting ``GLUON_AUTOREMOVE=1`` enables the ``CONFIG_AUTOREMOVE`` OpenWrt setting, which will delete package build
directories after a package build has finished to save space. This is mostly useful for CI builds from scratch. Do
not set this flag during development (or generally, when you want you reuse your build tree for subsequent builds),
as it significantly increases incremental build times.
GLUON_DEBUG
Setting ``GLUON_DEBUG=1`` will provide firmware images including debugging symbols usable with GDB or
similar tools. Requires a device or target with at least 16 MB of flash space, e.g. `x86-64`. Unset by default.

View File

@ -218,6 +218,11 @@ brcm2708-bcm2709
ipq40xx-generic
---------------
* Aruba
- AP-303
- Instant On AP11
* AVM
- FRITZ!Box 4040 [#avmflash]_
@ -265,9 +270,6 @@ lantiq-xway
* AVM
- FRITZ!Box 7312 [#avmflash]_
- FRITZ!Box 7320 [#avmflash]_ [#lan_as_wan]_
- FRITZ!Box 7330 [#avmflash]_ [#lan_as_wan]_
- FRITZ!Box 7330 SL [#avmflash]_ [#lan_as_wan]_
mpc85xx-generic
---------------

View File

@ -2,15 +2,15 @@ GLUON_FEEDS='packages routing gluon'
OPENWRT_REPO=https://git.openwrt.org/openwrt/openwrt.git
OPENWRT_BRANCH=openwrt-19.07
OPENWRT_COMMIT=aed6632d31ff5d29045dc904dedc840d902aad97
OPENWRT_COMMIT=5af8da37870dc05dbe2e57e04be714b80f4aa21d
PACKAGES_PACKAGES_REPO=https://github.com/openwrt/packages.git
PACKAGES_PACKAGES_BRANCH=openwrt-19.07
PACKAGES_PACKAGES_COMMIT=03b412db2e3f9b42c4a55e13ce0c6de3c757895b
PACKAGES_PACKAGES_COMMIT=59d39c09d84fb08675cc58d4ec32837e9163b017
PACKAGES_ROUTING_REPO=https://github.com/openwrt-routing/packages.git
PACKAGES_ROUTING_BRANCH=openwrt-19.07
PACKAGES_ROUTING_COMMIT=8d5ee29f088e9dfaa49dc74573edb1919f14dbf4
PACKAGES_ROUTING_COMMIT=b77498bd56d5e45ab4577a1f4ad6ffc55b4a86b7
PACKAGES_GLUON_REPO=https://github.com/freifunk-gluon/packages.git
PACKAGES_GLUON_COMMIT=12e41d0ff07ec54bbd67a31ab50d12ca04f2238c

View File

@ -21,9 +21,27 @@ return function(form, uci)
if data ~= outdoor_mode then
uci:set('gluon', 'wireless', 'outdoor', data)
uci:save('gluon')
if data == false then
local mesh_ifaces_5ghz = {}
uci:foreach('wireless', 'wifi-device', function(config)
if config.hwmode ~= '11a' and config.hwmode ~= '11na' then
return
end
local radio_name = config['.name']
local mesh_iface = 'mesh_' .. radio_name
table.insert(mesh_ifaces_5ghz, mesh_iface)
end)
for _, mesh_iface in ipairs(mesh_ifaces_5ghz) do
uci:delete('wireless', mesh_iface)
end
uci:save('wireless')
end
os.execute('/lib/gluon/upgrade/200-wireless')
end
end
return {'gluon', 'wireless'}
return {'gluon', 'network', 'wireless'}
end

View File

@ -279,6 +279,16 @@ config KERNEL_NETFILTER_XT_MATCH_CONNTRACK
select KERNEL_NETFILTER_XTABLES
select KERNEL_NF_CONNTRACK
config KERNEL_IP_NF_RAW
bool
select KERNEL_IP_NF_IPTABLES
config KERNEL_NETFILTER_XT_TARGET_CT
bool
select KERNEL_NETFILTER_XTABLES
select KERNEL_NF_CONNTRACK
select KERNEL_IP_NF_RAW
# kmod-ipt-nat
@ -344,6 +354,7 @@ config GLUON_SPECIALIZE_KERNEL
select KERNEL_NETFILTER_XT_TARGET_TCPMSS
select KERNEL_NETFILTER_XT_MATCH_STATE
select KERNEL_NETFILTER_XT_MATCH_CONNTRACK
select KERNEL_NETFILTER_XT_TARGET_CT
select KERNEL_IP_NF_NAT
select KERNEL_IP_NF_TARGET_MASQUERADE
select KERNEL_IP_NF_TARGET_REDIRECT

View File

@ -84,7 +84,7 @@ local function is_disabled(name)
if uci:get('wireless', name) then
return uci:get_bool('wireless', name, 'disabled')
else
return false
return nil
end
end
@ -161,12 +161,13 @@ local function fixup_wan(radio, index)
uci:set('wireless', name, 'macaddr', macaddr)
end
local function configure_mesh_wireless(radio, index, config)
local function configure_mesh_wireless(radio, index, config, disabled)
local radio_name = radio['.name']
local suffix = radio_name:match('^radio(%d+)$')
configure_mesh(config.mesh(), radio, index, suffix,
first_non_nil(
disabled,
is_disabled('mesh_' .. radio_name),
config.mesh.disabled(false)
)
@ -213,7 +214,7 @@ util.foreach_radio(uci, function(radio, index, config)
util.add_to_set(hostapd_options, 'country3=0x4f')
uci:set_list('wireless', radio_name, 'hostapd_options', hostapd_options)
uci:delete('wireless', 'mesh_' .. radio_name)
configure_mesh_wireless(radio, index, config, true)
else
uci:delete('wireless', radio_name, 'channels')

View File

@ -1,5 +1,5 @@
#!/bin/sh
lock /var/lock/gluon_bat0.lock
batctl interface del "$IFNAME" 2>/dev/null
batctl interface -M del "$IFNAME" 2>/dev/null
lock -u /var/lock/gluon_bat0.lock

View File

@ -33,7 +33,7 @@ local function has_mesh_vpn_neighbours()
end
if uci:get_bool('tunneldigger', 'mesh_vpn', 'enabled') then
if io.popen('pgrep tunneldigger'):read('*l') ~= read_pid_file() then
if io.popen('pgrep -x /usr/bin/tunneldigger'):read('*l') ~= read_pid_file() then
os.execute('logger -t tunneldigger-watchdog "Process-Pid does not match with pid-File."')
restart_tunneldigger()
return

View File

@ -25,6 +25,7 @@ uci:section('firewall', 'rule', 'client_respondd', {
target = 'ACCEPT',
})
-- Allow respondd-access from within the mesh
uci:section('firewall', 'rule', 'mesh_respondd_ll', {
name = 'mesh_respondd_ll',
src = 'mesh',
@ -43,4 +44,19 @@ uci:section('firewall', 'rule', 'mesh_respondd_siteprefix', {
target = 'ACCEPT',
})
uci:delete_all('firewall', 'rule', function(rule)
return rule['.name']:find('^mesh_respondd_extraprefix')
end)
for idx, prefix in ipairs(site.extra_prefixes6({})) do
uci:section('firewall', 'rule', 'mesh_respondd_extraprefix' .. idx, {
name = 'mesh_respondd_extraprefix' .. idx,
src = 'mesh',
src_ip = prefix,
dest_port = '1001',
proto = 'udp',
target = 'ACCEPT',
})
end
uci:save('firewall')

View File

@ -1,4 +1,4 @@
<form method="post" enctype="multipart/form-data" action="<%|url(request)%>">
<form method="post" enctype="multipart/form-data" action="<%|url(request)%>" data-update="reset">
<input type="hidden" name="token" value="<%=token%>" />
<input type="hidden" name="<%=id%>" value="1" />

File diff suppressed because one or more lines are too long

View File

@ -517,7 +517,7 @@
for (var i = 0, node; (node = nodes[i]) !== undefined; i++) {
var events = node.getAttribute('data-update').split(' ');
for (var j = 0, event; (event = events[j]) !== undefined; j++) {
bind(node, event, update);
bind(node, event, function () {setTimeout(update, 0);});
}
}

View File

@ -1,5 +1,6 @@
local iwinfo = require 'iwinfo'
local uci = require("simple-uci").cursor()
local site = require 'gluon.site'
local util = require 'gluon.util'
@ -47,13 +48,18 @@ f:section(Section, nil, translate(
))
local mesh_vifs_5ghz = {}
uci:foreach('wireless', 'wifi-device', function(config)
local radio = config['.name']
local is_5ghz = false
local title
if config.hwmode == '11g' or config.hwmode == '11ng' then
title = translate("2.4GHz WLAN")
elseif config.hwmode == '11a' or config.hwmode == '11na' then
is_5ghz = true
title = translate("5GHz WLAN")
else
return
@ -72,10 +78,16 @@ uci:foreach('wireless', 'wifi-device', function(config)
function o:write(data)
uci:set('wireless', t .. '_' .. radio, 'disabled', not data)
end
return o
end
vif_option('client', translate('Enable client network (access point)'))
vif_option('mesh', translate("Enable mesh network (802.11s)"))
local mesh_vif = vif_option('mesh', translate("Enable mesh network (802.11s)"))
if is_5ghz then
table.insert(mesh_vifs_5ghz, mesh_vif)
end
local phy = util.find_phy(config)
if not phy then
@ -119,6 +131,13 @@ if has_5ghz_radio() then
local outdoor = r:option(Flag, 'outdoor', translate("Node will be installed outdoors"))
outdoor.default = uci:get_bool('gluon', 'wireless', 'outdoor')
for _, mesh_vif in ipairs(mesh_vifs_5ghz) do
mesh_vif:depends(outdoor, false)
if outdoor.default then
mesh_vif.default = not site.wifi5.mesh.disabled(false)
end
end
function outdoor:write(data)
uci:set('gluon', 'wireless', 'outdoor', data)
end
@ -157,6 +176,7 @@ end
function f:write()
uci:commit('gluon')
os.execute('/lib/gluon/upgrade/200-wireless')
uci:commit('network')
uci:commit('wireless')
end

View File

@ -0,0 +1,73 @@
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Wed, 27 Apr 2022 19:01:39 +0200
Subject: ecdsautils: verify: fix signature verification (CVE-2022-24884)
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
diff --git a/utils/ecdsautils/Makefile b/utils/ecdsautils/Makefile
index 7f1c76f0301f56b0a88c1f6a1a0147397fde25c7..5ba893be69d40279cd6f5c9e544e941d0011f451 100644
--- a/utils/ecdsautils/Makefile
+++ b/utils/ecdsautils/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=ecdsautils
PKG_VERSION:=0.3.2.20160630
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_REV:=07538893fb6c2a9539678c45f9dbbf1e4f222b46
PKG_MAINTAINER:=Matthias Schiffer <mschiffer@universe-factory.net>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
diff --git a/utils/ecdsautils/patches/0001-verify-fix-signature-verification-CVE-2022-24884.patch b/utils/ecdsautils/patches/0001-verify-fix-signature-verification-CVE-2022-24884.patch
new file mode 100644
index 0000000000000000000000000000000000000000..34d80cc201c0e87ca654c3def4fbbbddf622b0ba
--- /dev/null
+++ b/utils/ecdsautils/patches/0001-verify-fix-signature-verification-CVE-2022-24884.patch
@@ -0,0 +1,48 @@
+From 1d4b091abdf15ad7b2312535b5b95ad70f6dbd08 Mon Sep 17 00:00:00 2001
+Message-Id: <1d4b091abdf15ad7b2312535b5b95ad70f6dbd08.1651078760.git.mschiffer@universe-factory.net>
+From: Matthias Schiffer <mschiffer@universe-factory.net>
+Date: Wed, 20 Apr 2022 22:04:07 +0200
+Subject: [PATCH] verify: fix signature verification (CVE-2022-24884)
+
+Verify that r and s are non-zero. Without these checks, an all-zero
+signature is always considered valid.
+
+While it would be nicer to error out in ecdsa_verify_prepare_legacy()
+already, that would require users of libecdsautil to check a return value
+of the prepare step. To be safe, implement the fix in an API/ABI-compatible
+way that doesn't need changes to the users.
+---
+ src/lib/ecdsa.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/src/lib/ecdsa.c b/src/lib/ecdsa.c
+index 8cd7722be8cd..a661b56bd7c8 100644
+--- a/src/lib/ecdsa.c
++++ b/src/lib/ecdsa.c
+@@ -135,6 +135,12 @@ regenerate:
+ void ecdsa_verify_prepare_legacy(ecdsa_verify_context_t *ctx, const ecc_int256_t *hash, const ecdsa_signature_t *signature) {
+ ecc_int256_t w, u1, tmp;
+
++ if (ecc_25519_gf_is_zero(&signature->s) || ecc_25519_gf_is_zero(&signature->r)) {
++ // Signature is invalid, mark by setting ctx->r to an invalid value
++ memset(&ctx->r, 0, sizeof(ctx->r));
++ return;
++ }
++
+ ctx->r = signature->r;
+
+ ecc_25519_gf_recip(&w, &signature->s);
+@@ -149,6 +155,10 @@ bool ecdsa_verify_legacy(const ecdsa_verify_context_t *ctx, const ecc_25519_work
+ ecc_25519_work_t s2, work;
+ ecc_int256_t w, tmp;
+
++ // Signature was detected as invalid in prepare step
++ if (ecc_25519_gf_is_zero(&ctx->r))
++ return false;
++
+ ecc_25519_scalarmult(&s2, &ctx->u2, pubkey);
+ ecc_25519_add(&work, &ctx->s1, &s2);
+ ecc_25519_store_xy_legacy(&w, NULL, &work);
+--
+2.36.0
+

View File

@ -248,18 +248,50 @@ if (env.GLUON_REGION or '') ~= '' then
tplink_region_suffix = '-' .. env.GLUON_REGION
end
device('tp-link-cpe210-v1.0', 'cpe210-220-v1', {
aliases = {'tp-link-cpe210-v1.1', 'tp-link-cpe220-v1.1'},
device('tp-link-cpe210-v1', 'cpe210-220-v1', {
aliases = {
'tp-link-cpe220-v1',
},
manifest_aliases = {
'tp-link-cpe210-v1.0',
'tp-link-cpe210-v1.1',
'tp-link-cpe220-v1.1',
},
})
device('tp-link-cpe210-v2.0', 'cpe210-v2')
device('tp-link-cpe210-v3.0', 'cpe210-v3')
device('tp-link-cpe510-v1.0', 'cpe510-520-v1', {
aliases = {'tp-link-cpe510-v1.1', 'tp-link-cpe520-v1.1'},
device('tp-link-cpe210-v2', 'cpe210-v2', {
manifest_aliases = {
'tp-link-cpe210-v2.0',
},
})
device('tp-link-cpe210-v3', 'cpe210-v3', {
manifest_aliases = {
'tp-link-cpe210-v3.0',
'tp-link-cpe210-v3.1',
'tp-link-cpe210-v3.20',
},
})
device('tp-link-wbs210-v1.20', 'wbs210-v1')
device('tp-link-wbs510-v1.20', 'wbs510-v1')
device('tp-link-cpe510-v1', 'cpe510-520-v1', {
aliases = {
'tp-link-cpe520-v1',
},
manifest_aliases = {
'tp-link-cpe510-v1.0',
'tp-link-cpe510-v1.1',
'tp-link-cpe520-v1.1',
},
})
device('tp-link-wbs210-v1', 'wbs210-v1', {
manifest_aliases = {
'tp-link-wbs210-v1.20',
},
})
device('tp-link-wbs510-v1', 'wbs510-v1', {
manifest_aliases = {
'tp-link-wbs510-v1.20',
},
})
device('tp-link-tl-wr710n-v1', 'tl-wr710n-v1', {
packages = { 'zram-swap' },

View File

@ -31,6 +31,7 @@ end
config '# CONFIG_TARGET_ROOTFS_INITRAMFS is not set'
config 'CONFIG_DEVEL=y'
config 'CONFIG_ALL_NONSHARED=y'
config '# CONFIG_PACKAGE_usbip is not set' -- fails to build
@ -41,6 +42,8 @@ config '# CONFIG_BUSYBOX_CONFIG_FEATURE_PREFER_IPV4_ADDRESS is not set'
config 'CONFIG_PACKAGE_ATH_DEBUG=y'
try_config 'CONFIG_TARGET_SQUASHFS_BLOCK_SIZE=256'
config '# CONFIG_KERNEL_IP_MROUTE is not set'
config '# CONFIG_KERNEL_IPV6_MROUTE is not set'
@ -51,6 +54,10 @@ if envtrue.GLUON_MULTIDOMAIN then
config 'CONFIG_GLUON_MULTIDOMAIN=y'
end
if envtrue.GLUON_AUTOREMOVE then
config 'CONFIG_AUTOREMOVE=y'
end
if envtrue.GLUON_DEBUG then
config 'CONFIG_DEBUG=y'
config 'CONFIG_NO_STRIP=y'
@ -62,9 +69,11 @@ end
packages {
'-kmod-ipt-offload',
'-odhcpd-ipv6only',
'-ppp',
'-ppp-mod-pppoe',
'-urngd',
'-wpad-mini',
'-wpad-basic',
'gluon-core',

View File

@ -2,7 +2,3 @@ device('avm-fritz-box-7312', 'avm_fritz7312', {
factory = false,
})
device('avm-fritz-box-7320', 'avm_fritz7320', {
factory = false,
aliases = {'avm-fritz-box-7330', 'avm-fritz-box-7330-sl'},
})