Hi,
> -Original Message-
> From: openwrt-devel [mailto:openwrt-devel-boun...@lists.openwrt.org]
> On Behalf Of Daniel González Cabanelas
> Sent: Donnerstag, 27. August 2020 22:21
> To: openwrt-devel@lists.openwrt.org
> Subject: [PATCH 1/2] mvebu: backport linkstation-poweroff upstream
To allow HTTPS usage on a router it requires both certificates
(ca-bundle) and a fitting libustream library (libustream-wolfssl)
By adding both, uclient-fetch and wget can connect to encrypted HTTP.
This allows opkg to update package lists in a more secure fashion.
Suggested-by: Petr Štetiar
The variable VERSION_REPO is used by opkg to download package(list)s.
Now that the default installation support encrypted HTTP opkg should
make use of it.
Suggested-by: Petr Štetiar
Suggested-by: Baptiste Jonglez
Signed-off-by: Paul Spooren
---
include/version.mk | 2 +-
The line of default packages became very long and it is easier to read
one package per line, therefore split it by newlines and sort it
alphabetically.
Signed-off-by: Paul Spooren
---
include/target.mk | 35 ---
1 file changed, 32 insertions(+), 3 deletions(-)
Backport the Linkstation poweroff driver from the kernel upstream (commit
a7f79f99541ef)
This driver is required by the Buffalo LinkStation LS421DE for a correct
power off operation. It also allows to use the WoL feature.
Signed-off-by: Daniel González Cabanelas
---
Compile the Linkstation poweroff module for the Buffalo LS421DE.
Without this driver the device remains forever halted if a power off
command is executed.
The driver will also allow to use the WoL feature, which wasn't availabe
in the stock firmware.
Signed-off-by: Daniel González Cabanelas
---
From: Rafał Miłecki
This commit adds "rc" ubus object with methods "list" and "exec" for
listing and calling init.d script appropriately. It's useful for all
kind of UIs (e.g. LuCI) and custom apps.
Example:
root@OpenWrt:~# ubus call rc list
{
"blockd": {
"enabled":
On 25-08-20, Paul Spooren wrote:
> From: Petr Štetiar
>
> As there is now wolfSSL included by default due to SAE/WPA3 we can
> finally switch to TLS/SSL in other parts as well.
The commit message needs improvement, especially "treewide: switch to
HTTPS by default". What is switched to HTTPS
On 8/27/20 9:25 AM, Andre Heider wrote:
> Hi,
>
> On 26/08/2020 00:19, Hauke Mehrtens wrote:
>> This fixes the following security problems:
>> * In earlier versions of wolfSSL there exists a potential man in the
>> middle attack on TLS 1.3 clients.
>> * Denial of service attack on TLS 1.3
Without an absolute path to staging_dir/host/bin/sstrip the Makefile
tries to run a host installed version of sstrip, which is likely not
available.
Signed-off-by: Paul Spooren
---
target/imagebuilder/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
The SOURCE_DATE_EPOCH is used to unify the mtime within created images,
make it the same as the build system used during creation of the IB.
The LINUX_VERMAGIC is used to create a reproducible IMG_PART_SIGNATURE,
therefore make it available to the IB as well.
Signed-off-by: Paul Spooren
---
This follow the SDK naming schema is and is more clear as no package is
build.
Signed-off-by: Paul Spooren
---
target/imagebuilder/Makefile | 66 ++--
1 file changed, 33 insertions(+), 33 deletions(-)
diff --git a/target/imagebuilder/Makefile
Hi,
On 26/08/2020 00:19, Hauke Mehrtens wrote:
This fixes the following security problems:
* In earlier versions of wolfSSL there exists a potential man in the
middle attack on TLS 1.3 clients.
* Denial of service attack on TLS 1.3 servers from repetitively sending
ChangeCipherSpecs
13 matches
Mail list logo
