Re: [OpenWrt-Devel] [PATCH] mac80211: Update ath9k_htc firmware
On Mon, Oct 10, 2011 at 6:54 PM, Hauke Mehrtens ha...@hauke-m.de wrote: could you please try this patch, it just goes to a new version of linux-firmware which should contain the new firmware you need. Indeed the newer linux-firmware tree contains the same fw, however, the firmware was also renamed. So you also need to update KernelPackage/ath9k-htc/install to install htc_9271.fw and htc_7010.fw instead of ar9271.fw and ar7010.fw. Thanks, Helmut ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] openssl 1.0.0e update patch
Hi, this patch updates openssl to 1.0.0e. with kind regards, Peter Wagner diff --git a/package/openssl/Makefile b/package/openssl/Makefile index 26c56a2..e345009 100644 --- a/package/openssl/Makefile +++ b/package/openssl/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssl -PKG_VERSION:=1.0.0d +PKG_VERSION:=1.0.0e PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz @@ -16,7 +16,7 @@ PKG_SOURCE_URL:=http://www.openssl.org/source/ \ ftp://ftp.funet.fi/pub/crypt/cryptography/libs/openssl/source/ \ ftp://ftp.webmonster.de/pub/openssl/source/ \ ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/ -PKG_MD5SUM:=40b6ea380cc8a5bf9734c2f8bf7e701e +PKG_MD5SUM:=7040b89c4c58c7a1016c0dfa6e821c86 PKG_BUILD_DEPENDS:=ocf-crypto-headers PKG_CONFIG_DEPENDS:=CONFIG_OPENSSL_ENGINE ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [RFC] About the libeap variance of hostapd/wpa_supplicant
On 2011-10-11 1:31 PM, 馬克泡 wrote: Hi nbd, I have an idea about add gctwimax (user space gct wimax driver) support into openwrt. However, to compile gctwimax require libusb-1.0, dbus, glib and libeap's support. To compile libeap need to apply this patch to wpa_supplicant 0.7.2/0.7.3. http://git.overlays.gentoo.org/gitweb/?p=dev/alexxy.git;a=blob;f=net-wireless/wpa_supplicant/files/wpa_supplicant-0.7.3-generate-libeap-peer.patch;h=a2bbc5c8448e313f077dc5644dd3cee7f9f2a0aa;hb=3ef87034f66b89c29358ef2984460d1c52dcf319 When I was trying to add a package of libeap through the package/hostapd/Makefile into openwrt. I've encountered a problem that LOCAL_TYPE in Makefile is always match to supplicant, wpad, or hostapd. I just cannot add a new LOCAL_TYPE as libeap even modified Makefile. Could you give me a hint or help on a separated libeap package so that supporting gctwimax is possible. Thanks. LOCAL_TYPE is set based on checks on BUILD_VARIANT. To make sure that a new build variant for libeap shows up, you need to create a libeap package with VARIANT:=libeap, then add an appropriate $(if $(findstring libeap,$(BUILD_TYPE)),libeap) check to the LOCAL_TYPE definition. - Felix ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] libeap: add libeap support from wpa_supplicant with libeap_peer
On 2011-10-11 2:35 PM, macp...@gmail.com wrote: From: macpaulmacp...@clanlab.dyndns.org Add libeap support to wpa_supplicant with patch wpa_supplicant-0.7.3-generate-libeap-peer.patch. Library libeap is importand to support wimax connection manager, user space wimax driver and connection manager is supported by libeap as well. Signed-off-by: macpaulmacp...@clanlab.dyndns.org Please either create a libeap package without all those patches from package/hostapd and with a simple makefile with no build variants, or fold libeap build support into package/hostapd/Makefile. Duplicating almost all of package/hostapd seems counterproductive. - Felix ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] New package PyRRD
ping On 10/10/2011 11:18, Roberto Riggio wrote: This patch is a port of the PyRRD package to openwrt. PyRRD is a wrapper for rrdtool for python. The API is so much better than the python bindings for rrd. Signed-off-by: Roberto Riggio roberto.rig...@create-net.org --- ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel -- Roberto Riggio, Ph.D. CREATE-NET Network Security Solutions for Pervasive Computing Systems (iNSPIRE) Senior Researcher Via alla Cascata 56/D - 38123 Povo Trento (Italy) e-mail: roberto.rig...@create-net.org Tel: (+39) 0461 408400 - interno/extension 708 Fax: (+39) 0461 421157 www.create-net.org/~rriggio The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited according to the Italian Law 196/2003 of the Legislature. If you received this in error, please contact the sender and delete the material from any computer. Le informazioni contenute in questo messaggio di posta elettronica e nei file allegati sono da considerarsi strettamente riservate. Il loro utilizzo e' consentito esclusivamente al destinatario del messaggio, per le finalita' indicate nel messaggio stesso. Qualora riceveste questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla cancellazione del messaggio stesso dal Vostro sistema. Trattenere il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalita' diverse, costituisce comportamento contrario ai principi dettati dal D. Lgs. 196/2003. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH v2] libeap: add libeap support from wpa_supplicant with libeap_peer
Hi Felix 2011/10/12 Macpaul Lin macp...@gmail.com: From: macpaul macp...@clanlab.dyndns.org Add libeap support to wpa_supplicant with patch wpa_supplicant-0.7.3-generate-libeap-peer.patch. Library libeap is important to support wimax connection manager, user space wimax driver and connection manager is supported by libeap as well. Signed-off-by: macpaul macp...@clanlab.dyndns.org Sorry about the mail address clanlab.dyndns.org has problem of receiving mail. Please reply comment to macp...@gmail.com. Thanks! -- Best regards, Macpaul Lin ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] secure_mode config options for radvd [1/2]
All,
Here's an updated version of the radvd.init patch. There's a slight adjustment
here from the original version.
Index: radvd.init
===
--- radvd.init (revision 28379)
+++ radvd.init (working copy)
@@ -407,6 +407,30 @@
return 0
}
+radvd_start_secure() {
+ local cfg=$1
+ local secure
+
+ validate_varname $cfg || return 0
+
+ config_get_bool secure $cfg secure_mode 0
+ [ $secure -ne 1 ] return 0
+
+ config_get RADVD_USERNAME $cfg username
+ if [ -z $RADVD_USERNAME ]; then
+ logger -t radvd startup username required for secure mode,
radvd will run as root
+ return 1
+ fi
+
+ config_get RADVD_GROUP $cfg group
+ if [ -z $RADVD_GROUP ] ; then
+ logger -t radvd startup group required for secure mode,
radvd will run as root
+ return 1
+ fi
+
+ return 0
+}
+
start() {
config_load radvd
@@ -425,7 +449,18 @@
sysctl -w net.ipv6.conf.all.forwarding=1 /dev/null 2 /dev/null
- radvd -C $RADVD_CONFIG_FILE -m stderr_syslog -p /var/run/radvd.pid
+ RADVD_USERNAME=
+ RADVD_GROUP=
+ config_foreach radvd_start_secure radvd
+
+ if [ ! -z $RADVD_USERNAME ] [ ! -z $RADVD_GROUP ]; then
+ mkdir -p /var/run/radvd
+ chown $RADVD_USERNAME:$RADVD_GROUP /var/run/radvd
+ radvd -u $RADVD_USERNAME -C $RADVD_CONFIG_FILE -m
stderr_syslog -p /var/run/radvd/radvd.pid
+ else
+ mkdir -p /var/run/radvd
+ radvd -C $RADVD_CONFIG_FILE -m stderr_syslog -p
/var/run/radvd/radvd.pid
+ fi
}
stop() {
Any thoughts and input are appreciated. I've spent several days testing this
and it seems to work well. It will spawn two processes, as previously mentioned:
root@alix:~# ps | grep radvd
2208 root 564 Sradvd -u nobody -C /var/etc/radvd.conf -m stderr_sysl
2211 nobody 564 Sradvd -u nobody -C /var/etc/radvd.conf -m stderr_sysl
Thanks,
Adam
On Oct 8, 2011, at 2:45 PM, Adam Gensler wrote:
Hmm, it seems the process is dying when the hotplug script is activated. The
HUP signal is terminating it when running with -u. Back the drawing board
here. Sorry for the premature email.
On Oct 8, 2011, at 2:17 PM, Adam Gensler wrote:
All,
This is my first try at a patch and also my first attempt at parsing
/etc/config files in OpenWRT. If I've goofed something up please let me
know. The purpose of this change is to allow users to config radvd to run in
unprivileged mode. Per the radvd man page:
radvd(8) - Linux man page
http://linux.die.net/man/8/radvd
-u username, --username username
If specified, drops root privileges and changes user ID to username and
group ID to the primary group of username. This is recommended for security
reasons. You might also need to use -p to point to a file in a username
-writable directory (e.g. /var/run/radvd/radvd.pid).
This patch can parse three new fields in /etc/config/radvd, under config
radvd, specifically:
option secure_mode 1
option username 'nobody'
option group 'nogroup'
I think the above is fairly self explanatory. When run with the -u option,
radvd spawns two processes, one with root privileges for interface
configuration purposes and another, unprivileged process, for everything
else.
With none of these options configured radvd will operate as it always has.
Any suggestions and / or input would be appreciated. As I said, this is my
first crack at working with OpenWRT so there's a possibility I did something
incorrect.
Thanks in advance,
Adam
radvd.init.patch___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] secure_mode config options for radvd [2/2]
All, Here's the second change for this, this time in the radvd.hotplug script. This needed to be tweaked slightly so it only issued a HUP to the unprivileged process. Index: radvd.hotplug === --- radvd.hotplug (revision 28379) +++ radvd.hotplug (working copy) @@ -1,5 +1,5 @@ #!/bin/sh if [ $ACTION = ifup ]; then - killall -HUP radvd 2/dev/null +start-stop-daemon -q -K -s HUP -p /var/run/radvd/radvd.pid fi Again, any input is appreciated. Thanks, Adam On Oct 8, 2011, at 2:17 PM, Adam Gensler wrote: All, This is my first try at a patch and also my first attempt at parsing /etc/config files in OpenWRT. If I've goofed something up please let me know. The purpose of this change is to allow users to config radvd to run in unprivileged mode. Per the radvd man page: radvd(8) - Linux man page http://linux.die.net/man/8/radvd -u username, --username username If specified, drops root privileges and changes user ID to username and group ID to the primary group of username. This is recommended for security reasons. You might also need to use -p to point to a file in a username -writable directory (e.g. /var/run/radvd/radvd.pid). This patch can parse three new fields in /etc/config/radvd, under config radvd, specifically: option secure_mode1 option username 'nobody' option group 'nogroup' I think the above is fairly self explanatory. When run with the -u option, radvd spawns two processes, one with root privileges for interface configuration purposes and another, unprivileged process, for everything else. With none of these options configured radvd will operate as it always has. Any suggestions and / or input would be appreciated. As I said, this is my first crack at working with OpenWRT so there's a possibility I did something incorrect. Thanks in advance, Adam radvd.init.patch ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
