OpenVPN assumes that its control channel messages are sent and received
unfragmented, this assumption is broken when CBC record splitting is
enabled in mbedTLS.
The record splitting is intended as countermeasure against BEAST attacks
which do not apply to OpenVPN, therefore we simply disable it until
upstream OpenVPN gains the ability to process fragmented control
messages.
Disabling the splitting also works around a (not remotely triggerable)
segmentation fault in mbedTLS.
References:
* https://dev.openwrt.org/ticket/19101
* https://community.openvpn.net/openvpn/ticket/524
* https://github.com/ARMmbed/mbedtls/pull/185
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 45602
This also changes the MAC address to one of the adresses actually used by the
stock firmware on one of the ethernet interfaces.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 45599
INET_LRO deprecated and there are exactly two drivers using it, neither
being included in any of the targets enabling INET_LRO. At the same time
both drivers needing it select it.
So just disable it for everyone.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 45584
This was a remnant of an old version.
Reported-by: Álvaro Fernández Rojas <noltari@gmail.com>
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 45583
This reverts commit ff84c27a281bc19df19bc62ee8688cca5586f6e3.
This tool has really broken size handling (many values hardcoded), it
crashes right now in case of NVRAM not filling whole MTD partition.
Conflicts:
package/utils/nvram/src/nvram.h
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45579
I still need to test following patch before backporting:
bgmac: leave interrupts disabled as long as there is work to do
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45571
This reverts r43204. The symlinks are faulty, as they point to a
temporary staging dir
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 45569
For years Broadcom devices use 64 KiB NVRAM partition size and some of
them indeed have it filled in more than 50%. This change allows handling
whole NVRAM e.g. on Netgear WNDR4500 and Netgear R8000.
The same fix was applied to kernel in upstream commit 6ab7c29.
Reported-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45566
We don't have broadcom-diag for months or years now and the correct
solution is to simply don't have "nvram" partition on WGT634U anyway.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45564
Sytax of /proc/mtd is following:
dev: size erasesize name
which means that sscanf "mtd%d: %08x" reads size, not erasesize.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45563