reported by reproducible openwrt project[1]:
we package some libtool shell script
- add missing dependencies
- fix paths
- make in InstallDev does not seem to be necessary
tested (cal,dmesg,sfdisk) on x86 qemu VM with allyesconfig
[1]: https://reproducible.debian.net/openwrt/openwrt.html
[Jo-Philipp Wich: fix double slash in sfdisk path, reword commit message]
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Allow path specifications to refer to just '@' or '$' which is useful for
exporting the keys or array indizes of the toplevel object to the shell.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fix a „semantic typo“ introduced in b78aae793e,
where TARGET_INIT_PATH was used instead of CONFIG_TARGET_INIT_PATH.
Signed-off-by: Dario Ernst <Dario.Ernst@riverbed.com>
Generalize the partition discovery in sysupgrade in order to fix sysupgrade
and config backup/recovery on MMC block devices which use a different naming
scheme compared to mtdblock or sd* devices.
The change also adds the find applet to the ramdisk utilities so that upgrade
code can rely on it.
The commit is based on the initial submission by Russell Senior at
http://patchwork.ozlabs.org/patch/625440/ .
Signed-off-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Centralize setting all version information in include/version.mk
* Set RELEASE env variable in include/version.mk instead of toplevel.mk.
Stop exporting the variable.
* Remove hardcoded release name from /etc/banner
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
The busybox ntpd utility currently uses ntp servers specified in uci.
This patch allows the ntpd utility to use NTP servers received via DHCP(v6)
Following uci parameters have been added:
use_dhcp : enables NTP server config via DHCP(v6)
dhcp_interface : use NTP servers received only on the specified DHCP(v6) interfaces; if empty all interfaces are considered
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Instead of making assumptions about the leasefile and resolv file make sure
we use what the user configures, but fall back to defaults if no configuration
is specified
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
Update to dnsmasq2.76. Refresh patches. Add new patch to fix musl
'poll.h' location warning.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Storage of such zones is provided by a nf_ct_ext struct, hence conntrack
memory foot print will not be increased if zones are not used.
Signed-off-by: Alin Năstac <alin.nastac@gmail.com>
According to the author, all SPI related configs are copy & paste
leftovers. Which makes sense since nothing is connected to the SPI bus
on this device.
The NOR SPL isn't required for this board, since the NOR is directly
memory mapped.
Allow to overwrite the env in ram while using brn variant. Do not set
the power GPIO pin twice.
Signed-off-by: Mathias Kresin <dev@kresin.me>
use:
- 00nn for u-boot patches
- 01nn for new boards
While doing the rework, the board definitions for the easy50712 and
easy80920 were moved to distinct board definitions patches.
Signed-off-by: Mathias Kresin <dev@kresin.me>
wolfssl has a fine grained feature and compatibility control
for compiling stunnel, lighthttp or (partly) openssl dropin
ustream-ssl uses features that require normally
HAVE_SNI, HAVE_STUNNEL and the openssl compatibility headers
ar71xx ipkg sizes of wolfssl 3.9.0:
- with stunnel: 144022
- this patch (w.o. stunnel): 131712
- without openssl(extra): 111104
- w.o openssl/sni:108515
- w.o openssl/sni/ecc: 93954
so patch 300 saves around 12k compressed ipkg size
v2: keep & rename patch 300 for clarity, fixes ustream-ssl/cyassl
that broke with v1
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
Typo, missing space before ] in previous commit caused shell syntax
failure and incorrect restoration of time.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
fixes:
CVE-2016-3739: TLS certificate check bypass with mbedTLS/PolarSSL
- remove crypto auth compile fix
curl changelog of 7.46 states its fixed
- fix mbedtls and cyassl usability #19621 :
add path to certificate file (from Mozilla via curl) and
provide this in a new package
tested on ar71xx w. curl/mbedtls/wolfssl
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
conditionally save dnsmasq.time across sysupgrade
dnsmasq uses /etc/dnsmasq.time as record of the last known good
system time to aid its validation of dnssec timestamps. dnsmasq
updates the timestamp on process start/stop once it considers the system
time as valid. The timestamp file should be preserved across system
upgrade but should not be included as part of normal configuration
backups to prevent restores corrupting the current timestamp.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps. By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past. Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.
In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.
Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
conditionally save dnsmasq.time across sysupgrade
dnsmasq uses /etc/dnsmasq.time as record of the last known good
system time to aid its validation of dnssec timestamps. dnsmasq
updates the timestamp on process start/stop once it considers the system
time as valid. The timestamp file should be preserved across system
upgrade but should not be included as part of normal configuration
backups to prevent restores corrupting the current timestamp.
