On the Turris Omnia 2019, u-boot environment is located at 0xF0000, instead
of 0xC0000. The switch happened with u-boot-omnia package version 2019-04-2
(May 10, 2019).
Check the installed u-boot release, and set the default accordingly.
Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
[bump PKG_RELEASE, use lower case for hex offset]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 04d3b517dc3301e0148a2ce811ffc136568b04bd)
wireguard-tools is trying to import the menuconfig section
from the wireguard package, but since it's not anymore in
the same makefile this seems to fail and wireguard-tools
ends up in "extra packages" category instead with other
odds and ends.
Same for the description, it's trying to import it from the
wireguard package but it fails so it only shows the line
written in this makefile.
remove the broken imports and add manually the entries
and description they were supposed to load
Fixes: ea980fb9c6de ("wireguard: bump to 20191226")
Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
[fix trailing whitespaces, add Fixes]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit a4d52522c7fbc47a04215b8f04a2e1f7cf7aafea)
This PR backports upstream fix for CVE-2020-8037. This fix is only
relevant for tcpdump package, tcpdump-mini is not affeted by this issue.
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 5bb3cc749ee0d08d82acda3c084ff759f3829a91)
This packports two security fixes from master.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f9005d4f80dee3dcc257d4613cbc46668faad094)
Mainline u-boot dynamically passes the mtd partitions via devicetree:
$ cat /proc/mtd
dev: size erasesize name
mtd0: 003f0000 00001000 "firmware"
mtd1: 00010000 00001000 "u-boot-env"
Add support for this setup.
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit 60c9a27cbcc6ba00d75b4b592f507237dbfb460f)
amd64-microcode (3.20191218.1)
* New microcode update packages from AMD upstream:
+ Removed Microcode updates (known to cause issues):
sig 0x00830f10, patch id 0x08301025, 2019-07-11
* README: update for new release
amd64-microcode (3.20191021.1)
* New microcode update packages from AMD upstream:
+ New Microcodes:
sig 0x00830f10, patch id 0x08301025, 2019-07-11
+ Updated Microcodes:
sig 0x00800f12, patch id 0x08001250, 2019-04-16
sig 0x00800f82, patch id 0x0800820d, 2019-04-16
amd64-microcode (3.20181128.1)
* New microcode update packages from AMD upstream:
+ New Microcodes:
sig 0x00800f82, patch id 0x0800820b, 2018-06-20
Signed-off-by: Tan Zien <nabsdh9@gmail.com>
(cherry picked from commit 182c7d955f872cb712f6d16d4b5cc0824bf4cc67)
Boolean attributes were parsed the same way as string attributes,
so a value of { "bool_attr": "true" } would be parsed correctly, but
{ "bool_attr": true } (without quotes) was parsed as false.
Fixes FS#3284
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 7f676b5ed6a2bcd6786a0fcb6a6db3ddfeedf795)
This is a bug-fix release. Patches were refreshed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 475838de1a33d49d1a0b81aad374a8db6dd2b3c8)
Not a large change from last time, but should fix at least one rare wave-2
crash.
Tested on Netgear R7800.
Signed-off-by: Michael Yartys <michael.yartys@gmail.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 91aab77bf1ce91b0e60e720eb147c94a02c1f2fd)
[adapt variables and package names]
[remove changes to non-full htt-mgt variants because we did not backport
a882bfce052e ("ath10k-ct-firmware: add htt-mgt variants")]
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Tested-by: Baptiste Jonglez <git@bitsofnetworks.org> [QCA9886, QCA9887]
No release notes this time.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 06f510df6e2aa0b1e40124bbd758672458d01482)
[adapt variables and package names because we did not backport
2e5e9b459ed5 ("ath10k-ct-firmware: rename ct-htt packages")]
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Release notes for 017:
Wave-1:
* March 19, 2020: Fix problem where power-save was not enabled when going off-channel to scan.
The problem was a boolean logic inversion in the chmgr code, a regression I introduced
a long time ago.
* March 19, 2020: When scanning only on current working channel, do not bother with disable/enable
powersave. This should make an on-channel scan less obtrusive than it was previously.
* March 23, 2020: Fix channel-mgr use-after-free problem that caused crashes in some cases. The crash
was exacerbated by recent power-save changes.
* March 23, 2020: Fix station-mode power-save related crash: backported the fix from 10.2 QCA firmware.
* March 23, 2020: Attempt to better clean up power-save objects and state, especially in station mode.
Release notes for 016:
Wave-1 changes, some debugging code for a crash someone reported, plus:
* February 28, 2020: Fix custom-tx path when sending in 0x0 for rate-code. Have tries == 0 mean
one try but NO-ACK (similar to how wave-2 does it).
wave-2:
* Fixed some long-ago regressions related to powersave and/or multicast. Maybe fix some
additional multicast and/or tx-scheduling bugs.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Acked-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 84f4a783c6987fd9d67c089a76e2f90b7491f446)
This supports better per-chain noise floor reporting, which in turn allows for
better RSSI reporting in the driver.
Wave-2 fixes a long-standing rate-ctrl problem when connected to xbox (and probably other devices).
Wave-2 has fix for crash likely related to rekeying.
Wave-1 has some debugging code added where a user reported a crash.
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [ipq806x+qca9984,ipq4019+qca9986]
Signed-off-by: Michael Yartys <michael.yartys@protonmail.com>
(cherry picked from commit 18622638831707038556b9b8bd5a0b4d4a53ce53)
The release notes since last time for wave-1:
* No changes to wave-1, but I make a version .014 copy anyway to keep
the makefile in sync.
The release notes since last time for wave-2:
* December 16, 2019: Wave-2 has a fix to make setting txpower work
better. Before setting the power was ignored at
least some of the time (it also appeared to work
mostly, so I guess it was being correctly set in
other ways).
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit 65982642668e859540b21c2bd3bf907493df830a)
This fixes the following compile errors after the wolfssl 4.5.0 update:
LD wpa_cli
../src/crypto/tls_wolfssl.c: In function 'tls_match_alt_subject':
../src/crypto/tls_wolfssl.c:610:11: error: 'GEN_EMAIL' undeclared (first use in this function); did you mean 'ENAVAIL'?
type = GEN_EMAIL;
^~~~~~~~~
ENAVAIL
../src/crypto/tls_wolfssl.c:610:11: note: each undeclared identifier is reported only once for each function it appears in
../src/crypto/tls_wolfssl.c:613:11: error: 'GEN_DNS' undeclared (first use in this function)
type = GEN_DNS;
^~~~~~~
../src/crypto/tls_wolfssl.c:616:11: error: 'GEN_URI' undeclared (first use in this function)
type = GEN_URI;
^~~~~~~
../src/crypto/tls_wolfssl.c: In function 'wolfssl_tls_cert_event':
../src/crypto/tls_wolfssl.c:902:20: error: 'GEN_EMAIL' undeclared (first use in this function); did you mean 'ENAVAIL'?
if (gen->type != GEN_EMAIL &&
^~~~~~~~~
ENAVAIL
../src/crypto/tls_wolfssl.c:903:20: error: 'GEN_DNS' undeclared (first use in this function)
gen->type != GEN_DNS &&
^~~~~~~
../src/crypto/tls_wolfssl.c:904:20: error: 'GEN_URI' undeclared (first use in this function)
gen->type != GEN_URI)
^~~~~~~
Makefile:2029: recipe for target '../src/crypto/tls_wolfssl.o' failed
Fixes: 00722a720c77 ("wolfssl: Update to version 4.5.0")
Reported-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit bc19481826e0da9119945eaae4f25736306f023b)
This fixes the following security problems:
* In earlier versions of wolfSSL there exists a potential man in the
middle attack on TLS 1.3 clients.
* Denial of service attack on TLS 1.3 servers from repetitively sending
ChangeCipherSpecs messages. (CVE-2020-12457)
* Potential cache timing attacks on public key operations in builds that
are not using SP (single precision). (CVE-2020-15309)
* When using SGX with EC scalar multiplication the possibility of side-
channel attacks are present.
* Leak of private key in the case that PEM format private keys are
bundled in with PEM certificates into a single file.
* During the handshake, clear application_data messages in epoch 0 are
processed and returned to the application.
Full changelog:
https://www.wolfssl.com/docs/wolfssl-changelog/
Fix a build error on big endian systems by backporting a pull request:
https://github.com/wolfSSL/wolfssl/pull/3255
The size of the ipk increases on mips BE by 1.4%
old:
libwolfssl24_4.4.0-stable-2_mips_24kc.ipk: 386246
new:
libwolfssl24_4.5.0-stable-1_mips_24kc.ipk: 391528
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 00722a720c778e623d6f37af3a3b4e43b29c3fe8)
32-bit x86 fail to compile fast-math feature when compiled with frame
pointer, which uses a register used in a couple of inline asm functions.
Previous versions of wolfssl had this by default. Keeping an extra
register available may increase performance, so it's being restored for
all architectures.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 750d52f6c90e2a144c250779741607f0cb306a94)
This version adds many bugfixes, including a couple of security
vulnerabilities:
- For fast math (enabled by wpa_supplicant option), use a constant time
modular inverse when mapping to affine when operation involves a
private key - keygen, calc shared secret, sign.
- Change constant time and cache resistant ECC mulmod. Ensure points
being operated on change to make constant time.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 3481f6ffc79f46fc7ba86a4cc15ad958e99b5a82)
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues and the most notable of them
are described in more detail in the security advisories.
* Local side channel attack on RSA and static Diffie-Hellman
* Local side channel attack on classical CBC decryption in (D)TLS
* When checking X.509 CRLs, a certificate was only considered as revoked
if its revocationDate was in the past according to the local clock if
available.
Full release announcement:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit 66893063abf56b7d8c21eceed56e5d27859eaaea)
Backport a fix from kernel 5.8.3.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ca5ee6eba34593ec9f8b5b195c94cf6c3f6ff914)
Mbed TLS 2.16.7 is a maintenance release of the Mbed TLS 2.16 branch,
and provides bug fixes and minor enhancements. This release includes
fixes for security issues and the most severe one is described in more
detail in a security advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-07
* Fix a side channel vulnerability in modular exponentiation that could
reveal an RSA private key used in a secure enclave.
* Fix side channel in mbedtls_ecp_check_pub_priv() and
mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a private
key that didn't include the uncompressed public key), as well as
mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with a NULL
f_rng argument. An attacker with access to precise enough timing and
memory access information (typically an untrusted operating system
attacking a secure enclave) could fully recover the ECC private key.
* Fix issue in Lucky 13 counter-measure that could make it ineffective when
hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT
macros).
Due to Mbed TLS moving from ARMmbed to the Trusted Firmware project, some
changes to the download URLs are required. For the time being, the
ARMmbed/mbedtls Github repository is the canonical source for Mbed TLS.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
[Use https://codeload.github.com and new tar.gz file]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 201d6776a0b5858b8ce43a2392c9fe48aa1c4dd7)
This problem has been fixed in upstream commit
6b6a3d9339f1c08efaa18a7fb7357e20b48bdc95. This patch now (harmlessly)
adds the same definition a second time.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
[bump PKG_RELEASE]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 4165232c45df224f32a94f43b9938d13d643b2a8)
This fixes the following compile error seen on the mpc85xx target:
CC [M] /linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.o
In file included from /builder/shared-workdir/build/staging_dir/toolchain-powerpc_8540_gcc-8.4.0_musl/include/stddef.h:17,
from /linux-mpc85xx_p2020/backports-5.7-rc3-1/include/uapi/linux/wireless.h:77,
from /linux-mpc85xx_p2020/backports-5.7-rc3-1/include/linux/wireless.h:13,
from /linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.c:89:
/builder/shared-workdir/build/staging_dir/toolchain-powerpc_8540_gcc-8.4.0_musl/include/bits/alltypes.h:106:15: error: conflicting types for 'ptrdiff_t'
typedef _Addr ptrdiff_t;
^~~~~~~~~
In file included from /linux-mpc85xx_p2020/backports-5.7-rc3-1/backport-include/linux/types.h:4,
from ./include/linux/list.h:5,
from /linux-mpc85xx_p2020/backports-5.7-rc3-1/backport-include/linux/list.h:3,
from ./include/linux/module.h:9,
from /linux-mpc85xx_p2020/backports-5.7-rc3-1/backport-include/linux/module.h:3,
from /linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.c:79:
./include/linux/types.h:65:28: note: previous declaration of 'ptrdiff_t' was here
typedef __kernel_ptrdiff_t ptrdiff_t;
^~~~~~~~~
scripts/Makefile.build:265: recipe for target '/linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.o' failed
Fixes: d6b158b869 ("mac80211: Update to 4.19.137-1")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 04b1a11f5ca72a741493addca1b1ae093f37934f)
This adds support for ZyXEL NBG6616 uboot-env access
Signed-off-by: Christoph Krapp <achterin@googlemail.com>
[add "ar71xx" to commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit eb95ca3b5c8b33e3212896f906922eba5f72abb3)
Add package which provides size optimized wpad with support for just
WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[adapt to recent changes, add dependency for WPA_WOLFSSL config]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit c487cf8e94cbdf582dfc3c2bdaab913a146a2100)
The current selection of DRIVER_MAKEOPTS and TARGET_LDFLAGS is
exceptionally hard to read. This tries to make things a little
easier by inverting the hierarchy of the conditions, so SSL_VARIANT
is checked first and LOCAL_VARIANT is checked second.
This exploits the fact that some of the previous conditions were
unnecessary, e.g. there is no hostapd-mesh*, so we don't need
to exclude this combination.
It also should make it a little easier to see which options are
actually switched by SSL_VARIANT and which by LOCAL_VARIANT.
The patch is supposed to be cosmetic. However, the improvement
for readers and the maintained consistency with master qualify
this for backporting.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit c4dd7fc23bfcf3b3f1a838668bb070edc9db5d4b)
For a few packages, the current TITLE is too long, so it is not
displayed at all when running make menuconfig. Despite, there is
no indication of OpenSSL vs. wolfSSL in the titles.
Thus, this patch adjusts titles to be generally shorter, and adds
the SSL variant to it.
While at it, make things easier by creating a shared definition for
eapol-test like it's done already for all the other flavors.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 917980fd8a6589d6911797211f1871016f527f8c)
Affected versions: curl 7.62.0 to and including 7.70.0
https://curl.haxx.se/docs/CVE-2020-8169.html
Run tested on Omnia with OpenWrt 19.07
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Bumping package version has been overlooked in a previous commit.
While at it, use PKG_RELEASE instead of PKG_VERSION, as the latter
is meant for upstream version number only.
(The effective version string for the package would be "3" in both
cases, so there is no harm done for version comparison.)
Fixes: 0453c3866feb ("vxlan: fix udp checksum control")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit b29d620ed2521fe6fda40ddafe6cb0f1d70e4503)
So far, passing "rxcsum" and "txcsum" had no effect.
Fixes: 95ab18e012 ("vxlan: add options to enable and disable UDP
checksums")
Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
[add Fixes:]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 0453c3866feb701160bbab4ecf9762c5a3038503)
This bump fixes breakage introduced by kernel commit 8ab8786f78c3fc930f9abf6d6d85e95567de4e1f,
which is part of the 4.14.181 kernel bump, and backported ip6_dst_lookup_flow to 4.14.
This breaks the older WireGuard version currently in 19.07.
For reference, the compilation error is the one below:
build_dir/target-x86_64_musl/linux-x86_64/wireguard-linux-compat-1.0.20200506/src/compat/compat.h:104:42: error: 'const struct ipv6_stub' has no member named 'ipv6_dst_lookup'; did you mean 'ipv6_dst_lookup_flow'?
#define ipv6_dst_lookup_flow(a, b, c, d) ipv6_dst_lookup(a, b, &dst, c) + (void *)0 ?: dst
Changelogs below taken from the official release announcements.
== Changes since v1.0.20200506 ==
This release aligns with the changes I sent to DaveM for 5.7-rc7 and were
pushed to net.git about 45 minutes ago.
* qemu: use newer iproute2 for gcc-10
* qemu: add -fcommon for compiling ping with gcc-10
These enable the test suite to compile with gcc-10.
* noise: read preshared key while taking lock
Matt noticed a benign data race when porting the Linux code to OpenBSD.
* queueing: preserve flow hash across packet scrubbing
* noise: separate receive counter from send counter
WireGuard now works with fq_codel, cake, and other qdiscs that make use of
skb->hash. This should significantly improve latency spikes related to
buffer bloat. Here's a before and after graph from some data Toke measured:
https://data.zx2c4.com/removal-of-buffer-bloat-in-wireguard.png
* compat: support RHEL 8 as 8.2, drop 8.1 support
* compat: support CentOS 8 explicitly
* compat: RHEL7 backported the skb hash renamings
The usual RHEL churn.
* compat: backport renamed/missing skb hash members
The new support for fq_codel and friends meant more backporting work.
* compat: ip6_dst_lookup_flow was backported to 4.14, 4.9, and 4.4
== Changes since v1.0.20200611 ==
* qemu: always use cbuild gcc rather than system gcc
* qemu: remove -Werror in order to build ancient kernels better
* qemu: patch kernels that rely on ancient make
* qemu: force 2MB pages for binutils 2.31
* qemu: use cbuild gcc for avx512 exclusion
* qemu: add extra fill in idt handler for newer binutils
* qemu: support fetching kernels for arbitrary URLs
* qemu: patch in UTS_UBUNTU_RELEASE_ABI for Ubuntu detection
* qemu: work around broken centos8 kernel
* qemu: mark per_cpu_load_addr as static for gcc-10
Our qemu test suite can now handle more kernels and more compilers. Scroll
down to the bottom of https://www.wireguard.com/build-status/ to see the
expanded array of kernels we now test against, including some distro kernels.
* compat: widen breadth of integer constants
* compat: widen breadth of memzero_explicit backport
* compat: backport skb_scrub_packet to 3.11
* compat: widen breadth of prandom_u32_max backport
* compat: narrow the breadth of iptunnel_xmit backport
* compat: backport iptunnel_xmit to 3.11
With the expanded qemu test suite, it was possible to expand our list of
mainline kernels, so the backport compat layer is now more precise.
* compat: ubuntu appears to have backported ipv6_dst_lookup_flow
* compat: bionic-hwe-5.0/disco kernel backported skb_reset_redirect and ipv6 flow
Ubuntu kernels changed recently, so this ensures we can compile with the
latest Ubuntu releases.
* compat: remove stale suse support
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
(cherry picked from commit 1fd1f5e8cff18f97675ce303b05d411136b99fb0)
mac80211_get_addr is called from mac80211_generate_mac, where the local variable
initialisation id="${macidx:-0}" suggests that macidx is not always defined.
Probably, idx was supposed to be used instead of $(($macidx + 1)).
Fixes: 4d99db168c ("mac80211: try to get interface addresses from wiphy sysfs 'addresses' if no mask is set")
Signed-off-by: Leon M. George <leon@georgemail.eu>
(cherry picked from commit 8f95220bcb554b1b668114e5264ebce4028c5f93)
The original text was copy/pasted from some other package.
Adjust the package title and description to match the description
on the publishers page.
Signed-off-by: Catalin Patulea <catalinp@google.com>
[slightly adjust content and commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 492a6594b97e765a2a93fadbe23534ae94f710fa)
urandom-seed has a separate Makefile, we can safely remove the definition here.
Fixes: 27bfde9c9f78 ("base-files: move urandom seed bits into separate package")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 46a6586c83e029446ea35b02a328e5f7935d4a9f)
51e16eb uclient-fetch: add option to read POST data from file
99aebe3 uclient: Add string error function
Fixes: 0c910d8459 ("uclient: Update to version 2020-06-17")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This reverts commit 0c910d8459.
We cannot use uclient Git HEAD as-is on 19.07 due to an older
version of the ustream-ssl API.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
fef6d3d uclient: Add string error function
af585db uclient-fetch: support specifying advertised TLS ciphers
c660986 uclient-fetch: add option to read POST data from file
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry-squashed from commits 05145ffbefc71a94c1692dfb8ac440bc67974ded
98017228ddd5ce41a63da20b78f5d2e30c87c494
dd166960f48580bf6d4a8dde071b96832bfd9e1f
8e98613f4da82628cdb490c8202b56dc989e088b)
Also ensure that the error message is actually printed to stderr and that
the rule generation is aborted if an interface cannot be resolved.
Ref: https://github.com/openwrt/luci/issues/3975
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 559b3384666bbc6e4e9e6d86cf54bd88d30b341f)
Add a local hack to prevent the Broadcom WPA authenticator process from
inheriting the lock descriptor 1000 used to prevent concurrent executions
of the init script.
Without this fix, repeated invocations of /etc/init.d/network, e.g. for
obtaining the enabled state, would hang forever.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit a03d6d2fab13c478a0f6cfc3082bec141f2adcf1)
Klaus Kudielka
