From: Baptiste Jonglez
This is necessary with firewall4 to avoid a hard-to-diagnose race
condition during boot, causing DNAT rules not to be taken into account
correctly.
The root cause is that, during boot, the ruleset is mostly empty, and
interface-related rules (including DNAT rules
On 16-10-22, Christian Marangi wrote:
> On Sun, Oct 16, 2022 at 02:07:05PM +0200, Baptiste Jonglez wrote:
> > - either buildbot can run latent workers with a different Docker image
> > depending on the build
>
> IMHO, this would be the safest and better solution to the prob
Hi,
On 05-10-22, Thibaut wrote:
> Hi,
>
> Following an earlier conversation on IRC with Petr, I’m willing to work on
> refactoring our buildbot setup as follows:
>
> - single master for each stage (images and packages)
> - latent workers attached to either master, thus able to build
>
On 08-09-22, Michael Richardson wrote:
>
> >>>>> Baptiste Jonglez writes:
> > - there have been various bug reports [1, 2, 3] in 19.07 and 21.02
> > where ULA addresses basically break global IPv6 connectivity. These
> > bugs have not b
Hi,
On 08-09-22, Michael Richardson wrote:
>
> >>>>> Baptiste Jonglez writes:
> > ULA IPv6 prefixes (Unique Local Addresses, RFC 4193) are not routable
> > on the Internet. As such, they have very limited use, and enabling
> > them by defa
From: Baptiste Jonglez
ULA IPv6 prefixes (Unique Local Addresses, RFC 4193) are not routable on
the Internet. As such, they have very limited use, and enabling them by
default causes more problems than it solves:
- if an OpenWrt device already has external IPv6 connectivity with
globally
On 08-03-21, Alexey Dobrovolsky wrote:
> NTPD in busybox has option -I to bind server to IFACE.
> However, capabilities of the busybox are limited, the -I option cannot be
> repeated and only one interface can be effectively specified in it.
> This option is currently not configurable via UCI.
>
On 06-06-21, Alexey Dobrovolsky wrote:
> sysntpd server becomes unavailable if the index of the bound
> interface changes. So let's add an interface trigger to reload sysntpd.
>
> This patch also adds the ability for the sysntpd script to handle
> uci interface name from configuration.
>
>
Hi,
On 20-06-21, Shane Synan wrote:
> In the time since submitting this, I've continued testing this
> change on my ZyXEL NBG6817. I'm reasonably confident this fixes my
> issue (11/11 successes), and if there's any further testing that
> would help, let me know!
Thanks for the patch and
Hi,
On 03-06-21, Andre Heider wrote:
> This is required by some APIs, e.g. matrix's media upload [0].
>
> [0]
> https://matrix.org/docs/spec/client_server/latest#post-matrix-media-r0-upload
> @@ -484,6 +485,7 @@ static int usage(const char *progname)
> " --user-agent | -U
Hi,
On 17-05-21, Paul Spooren wrote:
> Hello,
>
> after some back and forth I'd like to request some more opinions on what
> kind of Docker containers to offer containing the OpenWrt rootfs. This is
> not about the SDK or ImageBuilder Docker containers.
>
> tl;dr:
>
> Should we ship `slim`
Hi,
There have been reports of 5.4 kernel crash on ipq806x related to cpufreq:
https://bugs.openwrt.org/index.php?do=details_id=3099
As far as I can tell, you changed the cpufreq driver recently (more
recently than the bug reports):
6e411b8416388 ("ipq806x: backport cpufreq changes to
Merged, thanks for the fix!
On 11-03-21, Youfu Zhang wrote:
> or uclient-fetch will stall until timeout for 2XX (except 204) response
> with content-length of 0
>
> Signed-off-by: Youfu Zhang
> ---
> uclient-http.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git
On 10-05-21, Florian Eckert wrote:
>
>
> On 2021-05-08 12:33, Baptiste Jonglez wrote:
> > Applied, thanks.
> >
> > Does this need to be backported to 21.02 or even 19.07?
>
> yes that would not be bad at least for openwrt-21.02
> On openwrt-19.07 ther
Hi,
On 20-04-21, Bas Mevissen via openwrt-devel wrote:
> Date: Tue, 20 Apr 2021 01:08:19 +0200
> From: Bas Mevissen
> To: openwrt-devel@lists.openwrt.org
> Cc: Bas Mevissen
> Subject: [PATCH] Extend checks on build prerequisites for building OpenWRT
> core
Merged and backported to 21.02 and
Applied, thanks.
Does this need to be backported to 21.02 or even 19.07?
Baptiste
On 20-04-21, thomas.rich...@kontron.com wrote:
> From: Thomas Richard
>
> With some debug in qmi.sh using following patch, some errors are visible
> in the registration step
> @@ -29,6 +29,7 @@
On 07-05-21, Sven Roederer wrote:
> Baptiste,
>
> Am Freitag, 7. Mai 2021, 14:12:21 CEST schrieb Baptiste Jonglez:
> >
> > Since these settings are hidden under "Advanced configuration options (for
> > developers)", I don't think it's really necessa
On 06-05-21, Sven Roederer wrote:
> Baptiste,
>
> Am Donnerstag, 6. Mai 2021, 13:13:46 CEST schrieb Baptiste Jonglez:
> > >
> > > + $(SED) 's/^CONFIG_BINARY_FOLDER=.*/# CONFIG_BINARY_FOLDER was reset by
> > > Imagebuilder/' $(PKG_BUILD_DIR)/.config + $(S
Hi,
On 26-04-21, Sven Roederer wrote:
> Using these config-options to customize the folders used at build-time
> makes these folder settings appear in generated archive. This causes the
> imagebuilder to be not portable, as it's going to use the build-time folders
> on the new systems. Errors
Hi,
On 26-04-21, Sven Roederer wrote:
> Using these config-options to customize the folders used at build-time makes
> these
> folder settings appear in generated archive. This causes the SDK to be not
> portable, as it's going to use the build-time folders on the new systems.
> The errors vary
Hi,
On 02-05-21, Hauke Mehrtens wrote:
> When a package is not installed because it has unresolved dependencies
> normally we get only an error message like this:
> * pkg_hash_fetch_best_installation_candidate: Packages for ltq-vdsl-app
> found, but incompatible with the architectures
From: Baptiste Jonglez
The routerbootparts driver dynamically discovers the location of MikroTik
partitions, but it cannot determine their size (except by extending them
up to the start of the next discovered partition).
The hard_config partition has a default size of 0x1000 in the driver
Hi,
On 02-05-21, fabian.bauma...@mailbox.org wrote:
> That's my first contribution for OpenWRT, if something's not right, please
> let me know.
The patch is a good start (comments below), thanks a lot for your first
contribution!
There are a few formal issues with your patch. See
Hi Thibault,
I was debugging why OpenWrt could not find the radio calibration data on
one of my hAP-ac2 devices: the /sys/firmware/mikrotik/hard_config/wlan_data/
directory is created but stays empty.
It turns out that the compressed data does not fit in a single block
(i.e. 4 KB), and the
On 21-04-21, Perry wrote:
> Now that openwrt-21.02-rc1 is tagged, would it be possible to have an
> "openwrt-21.02" section for the Reported Version on bugs.openwrt.org?
> While at it, why is it still possible to file bug reports for lede-17.01?
Good catch, thanks. I have just added
From: Baptiste Jonglez
Some steps are informative or optional (haltOnFailure=False), so it makes
no sense to mark the whole build as failed if such a step fails.
Depending on the case, we either mark the build as "warning"
(warnOnFailure=True) or as successful (warnOnFailure=False).
From: Baptiste Jonglez
When the dl/ directory is shared with several workers, there can be
temporary "*.hash" and "*.dl" files being created by other workers.
These files should be excluded from the sourceupload step, otherwise it
can cause a failure when rsync trie
From: Baptiste Jonglez
When the dl/ directory is shared with several workers, there can be
temporary "*.hash" and "*.dl" files being created by other workers.
These files should be excluded from the sourceupload step, otherwise it
can cause a failure when rsync trie
Hi,
The OpenWrt community is proud to announce the seventh service release of
OpenWrt 19.07. It fixes security issues, improves device support, and
brings a few bug fixes.
The main changes from OpenWrt 19.07.6 are:
Security fixes
==
* Security Advisory 2021-02-02-1 - netifd and
On 08-02-21, Etan Kissling (IC) wrote:
> I have posted a few backports to 19.07 from master a few weeks back, with
> these subjects:
>
> 1. [PATCH 19.07] mbedtls: add config option to compile with hkdf
> 2. [PATCH 19.07] hostapd: add multicast_to_unicast and per_sta_vif
> 3. [PATCH 19.07]
On 07-02-21, Jaap Buurman wrote:
> Are we sure disabling TSO is the actual fix though? There are a few
> reasons I am doubting that assessment:
>
> 1. Here is a user that is reporting he has always been running with
> TSO disabled, yet he does experience the bug:
>
On 05-02-21, Jaap Buurman wrote:
> > Hi,
> >
> > We are planning a new 19.07 release in about a week (probably next
> > week-end).
> >
> > If you are aware of changes that need to be integrated, now is the time to
> > do it or mention it here!
> >
> > I plan to test & integrate a workaround for
Hi,
We are planning a new 19.07 release in about a week (probably next week-end).
If you are aware of changes that need to be integrated, now is the time to
do it or mention it here!
I plan to test & integrate a workaround for this ramips stability issue:
Hi,
I've just pushed this to my (brand new) staging tree:
https://git.openwrt.org/?p=openwrt/staging/zorun.git;a=shortlog;h=refs/heads/openwrt-19.07
If there are no objections, I will merge that in a couple of days.
Baptiste
On 24-01-21, Baptiste Jonglez wrote:
> Hi,
>
> I w
Hi,
I would like to backport the opkg fix for
https://bugs.openwrt.org/index.php?do=details_id=2690
to 19.07.
The opkg package in 19.07 is a bit old, it's using:
f2166a8 libopkg: implement lightweight package listing logic
Since there were several other changes in opkg master, I would create
Hi,
On 31-12-20, Hauke Mehrtens wrote:
> > I looked into performance problems of LuCI when using https some time ago.
> >
> > The slow part was the handshake, the normal stream cipher is relatively
> > fast, even very slow devices should be able to do multiple MB/s.
> >
> > On the server side
From: Baptiste Jonglez
Missing ones were: --no-proxy, --quiet, --continue / -c
Also improved readability of several options.
Signed-off-by: Baptiste Jonglez
---
uclient-fetch.c | 13 -
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/uclient-fetch.c b/uclient-fetch.c
Following the discussion in
http://lists.openwrt.org/pipermail/openwrt-devel/2020-November/032297.html
There are basically two options to implement persistent connections in opkg:
1) keep calling "wget", but pass the list of all packages to download at
once. On the host, wget already
Hi,
On 29-12-20, Paul Spooren wrote:
> Multiple prereq checks are only required within the build system but not
> for the ImageBuilder. These checks are excluded by using ifndef IB.
>
> This commit merges the three ifndef IB blocks together.
To clarify, this is only cosmetic, right?
I just saw
Hi,
OpenWrt 19.07 on mt7621 can sometimes crash under load. It does not
trigger often so it might go unnoticed, but there are multiple reports of
this issue and I also experienced it on a device.
Here is an example crash log:
https://bugs.openwrt.org/index.php?getfile=1116
Somebody managed
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://openwrt.org/advisory/2020-12-09-1
DESCRIPTION
A flaw has been found in the ICMP rate limiting algorithm of the Linux
kernel.
This flaw allows an off-path attacker to quickly determine open ephemeral
ports that are used by applications making outbound connections.
This can be exploited
On 04-12-20, Philip Prindeville wrote:
> But I’m trying:
>
> config rule
> option src '192.168.3.6'
> option lookup 200
>
> Per the cheatsheet and it’s resulting in:
>
> root@OpenWrt2:~# ip rule ls
> 0:from all lookup local
> 1:from all lookup 200
> 32766:from all
Hi,
On 06-12-20, Sven Roederer wrote:
> Currently 8MB flash / 32MB RAM devices are fully supported in OpenWrt, as they
> work quite well for basic usage (including full LuCI).
> On some projects with advanced features (e.g. Freifunk) the lack of RAM turns
> them into unstable devices. Mostly
On 05-12-20, Alexander 'lynxis' Couzens wrote:
> Hi,
>
> I'm wondering is dnsmasq also vulnerable as forwarder? Or
> only as recursive resolver?
Yes, as forwarder. I don't think dnsmasq implements a real recursive
resolver.
> Did someone tested it? Is there a public poc?
I tested the basic
Hi,
On 25-11-20, Petr Štetiar wrote:
> Paul Spooren [2020-11-24 22:29:00]:
>
> Hi,
>
> > Using HTTPS for opkg dramatically slows down download of packages and reload
> > of indexes.
>
> do you've such dramatic numbers handy?
For the imagebuilder, it increases the *total* build time (not just
Hi,
On 20-11-20, Adrian Schmutzler wrote:
> > -Original Message-
> > From: openwrt-devel [mailto:openwrt-devel-boun...@lists.openwrt.org]
> > On Behalf Of Baptiste Jonglez
> > Sent: Freitag, 20. November 2020 11:21
> > To: openwrt-devel@lists.openwrt.org;
From: Baptiste Jonglez
This change has been causing several issues on ipq40xx devices, including:
- VLAN tagging no longer works correctly:
https://bugs.openwrt.org/index.php?do=details_id=3239
- poor performance with tagged VLANs:
https://bugs.openwrt.org/index.php?do=details_id=3457
See
Hi,
Any news on this patch series? It should definitely be considered
before the 20.XX branching because it fixes FS#2690 (bug related to
imagebuilder), and I would like to backport it to 19.07 at some point.
Thanks,
Baptiste
On 25-08-20, Baptiste Jonglez wrote:
> From: Baptiste Jong
From: Baptiste Jonglez
This change has been causing several issues on ipq40xx devices, including:
- VLAN tagging no longer works correctly:
https://bugs.openwrt.org/index.php?do=details_id=3239
- poor performance with tagged VLANs:
https://bugs.openwrt.org/index.php?do=details_id=3457
See
On 15-11-20, Baptiste Jonglez wrote:
> There are two solutions to fix/workaround the problem:
>
> 1) randomize ICMP rate limiting (done in upstream kernel, there are
>already OpenWrt patches to update it)
I just checked, here are stable kernel versions containing the fix
Hi,
There is a new generic cache poisoning attack for DNS: https://www.saddns.net/
It's a bit tricky, but the general idea is that an attacker can guess
the ephemeral port used by a DNS resolver make a DNS query (that's
dnsmasq in our case). The attacker then "just" has to guess the
transaction
On 11-11-20, Hauke Mehrtens wrote:
> Hi,
>
> Currently 18.06 looks good for me and I would really like to do the final
> release and call it then officially end of life.
>
> I would wait for the build bot results and then do it at the weekend.
Yes, I fully agree, it's ready.
Looking at
Hi,
All versions of the firmware are mirrored here http://sources.openwrt.org/
It's just that the build system somehow fails to fallback to this
mirror like it does for regular downloads (in other words: it's a bug)
Ben, could you re-upload all versions so that older builds can still work?
Hi,
Thanks a lot for fixing this!
Can you backport it to openwrt-19.07? ath79 is also affected there.
Regards,
Baptiste
On 21-09-20, Chuanhong Guo wrote:
> reg accesses on integrated ar8229 sometimes fails. As a result, phy read
> got incorrect port status and wan link goes down and up
ever stored with the new
"LZOR" encoding scheme found on some ath10k devices.
Signed-off-by: Thibaut VARÈNE
(cherry picked from commit 1c6990fe6d198718850b6a37998416cac69f6f53)
[keep publishing ath10k caldata in sysfs: it's the way it's done on 18.06]
Signed-off-by: Baptiste Jonglez
Tested-b
Hi,
FYI, there have been several regressions reported in 19.07.4:
https://openwrt.org/releases/19.07/notes-19.07.4#regressions
The third one (instability/reboot on ramips) might be a kernel issue,
devices from different ramips subtargets are affected.
Other than that, feedback has been
e
current situation is acceptable for a stable release, if only to avoid
high load on the download server.
Baptiste
> Suggested-by: Petr Štetiar
> Suggested-by: Baptiste Jonglez
> Signed-off-by: Paul Spooren
> ---
> include/version.mk | 2 +-
> package/base-fi
Hi,
Thanks for the patch, it looks good but comments below:
On 25-08-20, Paul Spooren wrote:
> The ImageBuilder downloads pre-built packages and adds them to images.
> This process uses `opkg` which has the capability to verify package list
> signatures, as enabled per default on running OpenWrt
.
Thanks,
Baptiste
On 25-08-20, Baptiste Jonglez wrote:
> From: Baptiste Jonglez
>
> The motivation of this patch series is to fix FS#2690. Because packages
> are continuously rebuilt, the ImageBuilder ends up with old packages in
> its cache, and fails because checksums don't mat
ation,
unconditionally enable sha256 support")
Signed-off-by: Alexander Ryzhov
[Add commit description]
Signed-off-by: Baptiste Jonglez
---
libopkg/file_util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libopkg/file_util.c b/libopkg/file_util.c
index 3a1761e..8e69
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
The OpenWrt community is proud to announce the newest service release in
the 19.07 stable series: OpenWrt 19.07.4. It focuses on stability and
device support.
Selected highlights of this service release are:
* fix regression in libubox
Hi,
Images for 19.07.4 have been built. Thomas, could you update the ToH
accordingly? When the download page is also updated, I will announce it,
probably tomorrow.
18.06.9 will follow soon.
Thanks,
Baptiste
On 30-07-20, Baptiste Jonglez wrote:
> Hi,
>
> New point releases
Tested-by: Baptiste Jonglez [QCA9886, QCA9887]
On 03-09-20, Baptiste Jonglez wrote:
> From: Michael Yartys
>
> Not a large change from last time, but should fix at least one rare wave-2
> crash.
>
> Tested on Netgear R7800.
>
> Signed-off-by: Michael Yartys
> Sign
r the DMA burst size has a
> different meaning and instruction depending on the generation.
Do you have more details, references? A commit?
> Cheers,
>
> Nick
>
> On Sun, Aug 30, 2020 at 1:45 PM Baptiste Jonglez
> wrote:
> >
> > On 29-08-20, Baptiste Jonglez w
Hi,
On 03-09-20, Adrian Schmutzler wrote:
> > > These HTT firmwares are not used in default openwrt images, but they
> > > could be used downstream: it does not seem wise to distribute a
> > > different firmware variant under the same package name.
> >
> > Those compiled out features are not
From: Álvaro Fernández Rojas
Signed-off-by: Álvaro Fernández Rojas
(cherry picked from commit 658e68f85c2645e0132edc6b30a9c76cc17292de)
---
package/firmware/ath10k-ct-firmware/Makefile | 524 +++
package/firmware/ath10k-firmware/Makefile| 446
2 files
From: Baptiste Jonglez
When building from a local branch based off the "openwrt-18.06" branch,
version computation is wrong, for instance:
r6907+1154-7e15e21766
The number of local commits (1154 in this case) is wrong because it is
computed against master. As a result, it wron
From: Baptiste Jonglez
When building from a local branch based off the "openwrt-19.07" branch,
version computation is wrong, for instance:
r10194+1004-c53f62b111
The number of local commits (1004 in this case) is wrong because it is
computed against master. As a result, it wron
kages")]
Signed-off-by: Baptiste Jonglez
---
package/firmware/ath10k-ct-firmware/Makefile | 50 ++--
1 file changed, 25 insertions(+), 25 deletions(-)
diff --git a/package/firmware/ath10k-ct-firmware/Makefile
b/package/firmware/ath10k-ct-firmware/Makefile
index 79bdeeec4f..6fe8ea6
From: Álvaro Fernández Rojas
Release notes for 017:
Wave-1:
* March 19, 2020: Fix problem where power-save was not enabled when going
off-channel to scan.
The problem was a boolean logic inversion in the chmgr
code, a regression I introduced
a
and package names]
[remove changes to non-full htt-mgt variants because we did not backport
a882bfce052e ("ath10k-ct-firmware: add htt-mgt variants")]
Signed-off-by: Baptiste Jonglez
---
package/firmware/ath10k-ct-firmware/Makefile | 42 ++--
1 file changed, 21 insertions(+), 21
From: Baptiste Jonglez
This backports all recent ath10k-ct firmware bumps from master, and also
backports moving these firmwares to a new package. Opkg package names remain
unchanged.
v2: don't backport the following changes:
2e5e9b459ed5 ("ath10k-ct-firmware: rename ct-htt pac
From: Michael Yartys
This supports better per-chain noise floor reporting, which in turn allows for
better RSSI reporting in the driver.
Wave-2 fixes a long-standing rate-ctrl problem when connected to xbox (and
probably other devices).
Wave-2 has fix for crash likely related to rekeying.
From: Stefan Lippers-Hollmann
The release notes since last time for wave-1:
* No changes to wave-1, but I make a version .014 copy anyway to keep
the makefile in sync.
The release notes since last time for wave-2:
* December 16, 2019: Wave-2 has a fix to make setting txpower work
t
firmware variant under the same package name.
I will send a v2 fixing this.
On 25-08-20, Baptiste Jonglez wrote:
> From: Álvaro Fernández Rojas
>
> For wave-2, there is now a new variant: htt-mgt-community (vs the old
> full-htt-mgt-community).
>
> The non-full one (hence fort
Sorry, forgot to reply:
On 31-08-20, Daniel Golle wrote:
> On Wed, Aug 26, 2020 at 11:57:55AM -1000, Paul Spooren wrote:
> >
> > On 26.08.20 09:17, Baptiste Jonglez wrote:
> > > On 25-08-20, Paul Spooren wrote:
> > > > The key folder is used by `opk
On 29-08-20, Baptiste Jonglez wrote:
> On 28-08-20, Hauke Mehrtens wrote:
> > Hi,
> >
> > I would like to do a 19.07.4 and a 18.06.9 release on Sunday or
> > beginning of next week.
>
> Cool, looks good to me.
>
> > Is there something missin
On 29-08-20, Hauke Mehrtens wrote:
> On 8/29/20 2:02 PM, Baptiste Jonglez wrote:
> > On 28-08-20, Hauke Mehrtens wrote:
> >> This backports some fixes from kernel 5.6 and 4.14.175.
> >
> > Thanks, I will give this a try.
> >
> > It's missing two fixe
On 28-08-20, Hauke Mehrtens wrote:
> This backports some fixes from kernel 5.6 and 4.14.175.
Thanks, I will give this a try.
It's missing two fixes though:
5981fe5b0529 ("mac80211: fix misplaced while instead of if")
a0761a301746 ("mac80211: drop data frames without key on encrypted links")
On 28-08-20, Hauke Mehrtens wrote:
> Hi,
>
> I would like to do a 19.07.4 and a 18.06.9 release on Sunday or
> beginning of next week.
Cool, looks good to me.
> Is there something missing in the current branches which should get into
> this release?
There's the ath10k-ct-firmware bump for
Hi,
Cross-posting to openwrt-devel because we are backporting the necessary fixes.
On 12-08-20, Jouni Malinen wrote:
> On Wed, Aug 12, 2020 at 11:17:47AM +0200, Toke H?iland-J?rgensen wrote:
> > Pali Roh?r writes:
> > > Could somebody react and provide some details when fixes would be
> > >
Thanks :)
Acked-by: Baptiste Jonglez
On 27-08-20, Paul Spooren wrote:
> The variable VERSION_REPO is used by opkg to download package(list)s.
> Now that the default installation support encrypted HTTP opkg should
> make use of it.
>
> Suggested-by: Petr Štetiar
> Sugg
On 25-08-20, Paul Spooren wrote:
> From: Petr Štetiar
>
> As there is now wolfSSL included by default due to SAE/WPA3 we can
> finally switch to TLS/SSL in other parts as well.
The commit message needs improvement, especially "treewide: switch to
HTTPS by default". What is switched to HTTPS
On 25-08-20, Paul Spooren wrote:
> The key folder is used by `opkg` and `usign` to store and retrieve
> trusted public keys. Using `opkg-key` outside a running device is
> unfeasible as the key folder is hard coded to `/etc/opkg/keys`.
>
> This commit adds a variable OPKG_KEYS which defaults to
On 25-08-20, Paul Spooren wrote:
> On 24.08.20 05:07, Baptiste Jonglez wrote:
> > From: Baptiste Jonglez
> >
> > Currently, package index signatures are only checked when opkg runs on the
> > OpenWrt device. The verification script is hard-coded to a path in
>
From: Álvaro Fernández Rojas
Signed-off-by: Álvaro Fernández Rojas
(cherry picked from commit 658e68f85c2645e0132edc6b30a9c76cc17292de)
---
package/firmware/ath10k-ct-firmware/Makefile | 524 +++
package/firmware/ath10k-firmware/Makefile| 446
2 files
From: Álvaro Fernández Rojas
Signed-off-by: Álvaro Fernández Rojas
(cherry picked from commit 2e5e9b459ed53b42f8938294a98e2546be976c85)
---
package/firmware/ath10k-ct-firmware/Makefile | 130 +--
target/linux/ath79/image/generic.mk | 2 +-
2 files changed, 66
Fernández Rojas
(cherry picked from commit 91aab77bf1ce91b0e60e720eb147c94a02c1f2fd)
Tested-by: Baptiste Jonglez [Archer C6 v2:
qca9888-ct]
---
package/firmware/ath10k-ct-firmware/Makefile | 60 ++--
1 file changed, 30 insertions(+), 30 deletions(-)
diff --git a/package/firmware
From: Álvaro Fernández Rojas
For wave-2, there is now a new variant: htt-mgt-community (vs the old
full-htt-mgt-community).
The non-full one (hence forth 'diet') compiles out a lot of firmware features
that ath10k does not use. This saves a lot of resources and lets one
configure more
From: Álvaro Fernández Rojas
Release notes for 017:
Wave-1:
* March 19, 2020: Fix problem where power-save was not enabled when going
off-channel to scan.
The problem was a boolean logic inversion in the chmgr
code, a regression I introduced
a
From: Álvaro Fernández Rojas
No release notes this time.
Signed-off-by: Álvaro Fernández Rojas
(cherry picked from commit 06f510df6e2aa0b1e40124bbd758672458d01482)
---
package/firmware/ath10k-ct-firmware/Makefile | 52 ++--
1 file changed, 26 insertions(+), 26 deletions(-)
From: Michael Yartys
This supports better per-chain noise floor reporting, which in turn allows for
better RSSI reporting in the driver.
Wave-2 fixes a long-standing rate-ctrl problem when connected to xbox (and
probably other devices).
Wave-2 has fix for crash likely related to rekeying.
From: Stefan Lippers-Hollmann
The release notes since last time for wave-1:
* No changes to wave-1, but I make a version .014 copy anyway to keep
the makefile in sync.
The release notes since last time for wave-2:
* December 16, 2019: Wave-2 has a fix to make setting txpower work
Hi,
Detailed information about the kr00k vulnerabilities is hard to find.
Here is a WIP recap about it and whether/how OpenWrt is vulnerable.
It's missing lots of information, please contribute if you have any.
I will summarize the results in a wiki page afterwards.
Kr00k v1 (CVE-2019-15126)
From: Baptiste Jonglez
Before using a package from the cache, verify its size and checksum
against a package index, and delete the package from the cache if they
don't match. The install process will then proceed to download the
"fixed" package as usual.
This allows to cope w
From: Baptiste Jonglez
The motivation of this patch series is to fix FS#2690. Because packages
are continuously rebuilt, the ImageBuilder ends up with old packages in
its cache, and fails because checksums don't match with the new package
index from the download server.
The approach to solve
From: Baptiste Jonglez
A long time ago, the name of cached files was derived from the source URL.
This was changed in 2011 with d46db43e21 ("Don't include the source URI in
the cached filename.")
Some compatibility code was left behind: even today, we are still trying
to read fr
From: Baptiste Jonglez
The function now always returns an error if size/checksum don't match: we
let the caller decide what to do with the result.
In addition, most of the logging is also moved to the caller. We just
keep logging for unexpected errors and a bit of debug at loglevel INFO
From: Baptiste Jonglez
If we want to access files in the cache from multiple functions, it is
necessary to have a single source of truth regarding the naming of files
in the cache.
Signed-off-by: Baptiste Jonglez
---
libopkg/opkg_download.c | 17 -
1 file changed, 12
1 - 100 of 204 matches
Mail list logo