Introduce config options client_cert2, priv_key2 and priv_key2_pwd
used for EAP-TLS phase2 authentication in WPA-EAP client mode.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 48345
Since CRYPTO_DRBG_MENU was added in r48277, CRYPTO_DRBG_HMAC is missing.
It does not appear in kernel_menuconfig and defaults to yes, so enable
it in crypto-rng as well and add dependencies to HMAC and SHA256.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
SVN-Revision: 48341
This adds basic support for TP-Link VR200v.
Currently the following parts are not working: FXO, Voice, DECT, WIFI (both)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48328
Most of currently mentioned CFLAGS in arc770/Makefile
are not really required because:
[1] "-Os -pipe" are set by default in include/target.mk
[2] "-fno-caller-saves" gets enabled via menuconfig
as an extra compiler flag for developers
So the only one that makes sense is "-matomic" and
that one is really essential. Without it many software
packges won't build complainin on unresolved atomic ops.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Felix Fietkau <nbd@openwrt.org>
Cc: Jo-Philipp Wich <jow@openwrt.org>
Cc: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 48326
While bumping kernel version kernel command line was
unintentionally modified in attempt to make it closer
to upstream version.
In case of AXS that has not only serial port but HDMI/USB
both capable of being debug console we have 2 entries in
kernel's command line:
------------------->8-----------------
console=tty0 console=ttyS3,115200n8
------------------->8-----------------
But as it turned out OpenWRT uses procd as init instead of
Busybox. And in its turn procd gets the first "console"
entry from kernel command line (/proc/cmdline) and uses it
if default inittab is used:
------------------->8-----------------
...
::askconsole:/bin/ash --login
------------------->8-----------------
So what we got is non-functional serial console.
That change removes "console=tty0" which brings serial
console back to life.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Felix Fietkau <nbd@openwrt.org>
Cc: Jo-Philipp Wich <jow@openwrt.org>
Cc: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 48325
WPA-EAP supports several phase2 (=inner) authentication methods when
using EAP-TTLS, EAP-PEAP or EAP-FAST (the latter is added as a first
step towards the UCI model supporting EAP-FAST by this commit)
The value of the auth config variable was previously expected to be
directly parseable as the content of the 'phase2' option of
wpa_supplicant.
This exposed wpa_supplicant's internals, leaving it to view-level to
set the value properly. Unfortunately, this is currently not the case,
as LuCI currently allows values like 'PAP', 'CHAP', 'MSCHAPV2'.
Users thus probably diverged and set auth to values like
'auth=MSCHAPV2' as a work-around.
This behaviour isn't explicitely documented anywhere and is not quite
intuitive...
The phase2-string is now generated according to $eap_type and $auth,
following the scheme also found in hostap's test-cases:
http://w1.fi/cgit/hostap/tree/tests/hwsim/test_ap_eap.py
The old behaviour is also still supported for the sake of not breaking
existing, working configurations.
Examples:
eap_type auth
'ttls' 'EAP-MSCHAPV2' -> phase2="autheap=MSCHAPV2"
'ttls' 'MSCHAPV2' -> phase2="auth=MSCHAPV2"
'peap' 'EAP-GTC' -> phase2="auth=GTC"
Deprecated syntax supported for compatibility:
'ttls' 'autheap=MSCHAPV2' -> phase2="autheap=MSCHAPV2"
I will suggest a patch to LuCI adding EAP-MSCHAPV2, EAP-GTC, ... to
the list of Authentication methods available.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 48309
Remove the "DEU test manager" code which has not been used for more than
two years (as the kernel module is not installed anymore since r38731).
This fixes compilation on kernel 4.3, which removes
aead_request_set_assoc (and newer kernels).
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
SVN-Revision: 48308
The following patches were dropped because they are already applied
upstream:
- 0038-MIPS-lantiq-fpi-on-ar9.patch
- 0039-MIPS-lantiq-initialize-usb-on-boot.patch
- 0042-USB-DWC2-big-endian-support.patch
- 0043-gpio-stp-xway-fix-phy-mask.patch
All other patches were simply refreshed, except the following:
- 0001-MIPS-lantiq-add-pcie-driver.patch
Changes to arch/mips/lantiq/xway/sysctrl.c (these changes disabled
some PMU gates for the vrx200 / VR9 SoCs) were removed since the
upstream kernel disables unused PMU gates automatically (since
95135bfa7ead1becc2879230f72583dde2b71a0c
"MIPS: Lantiq: Deactivate most of the devices by default").
- 0025-NET-MIPS-lantiq-adds-xrx200-net.patch
Since OpenWrt commit 55ba20afcc2fe785146316e5be2c2473cb329885 drivers
should use of_get_mac_address(). of_get_mac_address_mtd is not
available for drivers anymore since it's called automatically within
of_get_mac_address().
- 0028-NET-lantiq-various-etop-fixes.patch
Same changes as in 0025-NET-MIPS-lantiq-adds-xrx200-net.patch
While refreshing the kernel configuration SPI support had to be moved to
config-4.4 because otherwise M25P80 was disabled.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
SVN-Revision: 48307
AP148 uses lowercase name as boardname, so we need to use this in
platform.sh as well.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 48304
Overwriting static strings is never a good idea, especially expecting
identical strings to be stored in different memory locations.
This caused the lookups to always return the second chip's name. Fix
this by just initializing the lookup with the right values, so we
don't need to modify the strings at all.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 48303
BCM531x5 has two pontential cpu ports, and header mode can be enabled
independently on both.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 48302
Currently libiconv-stub and libiconv-full use different names
for functions iconv, iconv_open, and iconv_close.
This may lead to failures when building modules, e.g. with
apr-util when NLS is not activated.
The two modules libiconv-stub and libiconv-full should be
interchangeable, so we need the same function names.
cf.
http://git.savannah.gnu.org/cgit/libiconv.git/tree/include/iconv.h.in
After applying this patch execute
make distclean
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
SVN-Revision: 48301
