- 29 8月, 2023 1 次提交
-
-
由 Rob White 提交于
Maintainer: Rob White rob@blue-wave.net Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64 Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03 Description: opennds (10.1.3) Security Advisory. This version contains fixes for multiple potential security vulnerabilities Credit - Stanislav Dashevskyi - standash.github.io [standash] It also contains some minor bug fixes * Fix - Buffer overflow causing segfault - CVE-2023-41101 [bluewavenet] * Fix - Memory leaks due to passing allocated buffer into safe_asprintf() - CVE-2023-41102 [bluewavenet] * Fix - Remove deprecated preauth option [bluewavenet] * Fix - missing free in show_preauth_page if MHD does not respond [bluewavenet] * Fix - more safe_asprintf memory leaks [bluewavenet] * Fix - missing free for mark_auth [bluewavenet] * Fix - memory leak after starting authmon daemon [bluewavenet] * Fix - memory leak in encode_and_redirect_to_splashpage [bluewavenet] * Fix - Community themespec, voucher css and logo image [bluewavenet] * Fix - ThemeSpec, path to logo in page footer [bluewavenet] * Fix - ensure gatewayurl is urldecoded to fix broken css and images in themespec [bluewavenet] * Add - set default fas remote fqdn to disabled [bluewavenet] Signed-off-by: NRob White <rob@blue-wave.net>
-
- 23 8月, 2023 2 次提交
-
-
由 Simon Wunderlich 提交于
batman-adv: Fix lock assert after fragmentation change
-
由 Sven Eckelmann 提交于
The automatic recalculation of the maximum allowed MTU is usually triggered by code sections which are already rtnl lock protected by callers outside of batman-adv. But when the fragmentation setting is changed via batman-adv's own batadv genl family, then the rtnl lock is not yet taken. But dev_set_mtu requires that the caller holds the rtnl lock because it uses netdevice notifiers. And this code will then fail the check for this lock: RTNL: assertion failed at net/core/dev.c (1953) Fixes: e7ee4c55 ("batman-adv: update to version 2023.2") Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
- 18 8月, 2023 4 次提交
-
-
由 Simon Wunderlich 提交于
batman-adv: update packages to version 2023.2
-
由 Sven Eckelmann 提交于
* receive data with valid source on unix sock without active interface Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Sven Eckelmann 提交于
* (no changes) Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Sven Eckelmann 提交于
* support latest kernels (4.14 - 6.5) * bugs squashed: - avoid potential invalid memory access when processing ELP/OGM2 packets - drop pending DAT worker when interface shuts down - inform network stack about automatically adjusted MTUs - keep user defined MTU limit when MTU is recalculated - fix packet memory leak when sending OGM2 via inactive interfaces - fix TT memory leak for roamed back clients Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
- 06 8月, 2023 1 次提交
-
-
由 Rob White 提交于
Maintainer: Rob White rob@blue-wave.net Compile tested: All Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64, on 21.02, 22.03 and snapshot. Description: mesh11sd (2.0.0) This release contains new functionality. Autonomous portal mode is introduced. This simplifies the rollout of meshnodes allowing a common configuration to be used on all nodes. Remote administration is introduced, allowing files to be copied and terminal sessions to be opened on established meshnodes, identifying remote nodes by mac address. * Add - Update config file [bluewavenet] * Add - implementation of remote copy [bluewavenet] * Add - implementation of remote connect [bluewavenet] * Add - Autonomous portal mode [bluewavenet] -- Rob White dot@blue-wave.net Mon, 31 Jul 2023 16:59:52 +0000 Signed-off-by: NRob White <rob@blue-wave.net>
-
- 31 7月, 2023 2 次提交
-
-
由 Rob White 提交于
Reinstate CONFLICTS:=nodogsplash Signed-off-by: NRob White <rob@blue-wave.net>
-
由 Rob White 提交于
Maintainer: Rob White rob@blue-wave.net Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64 Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03 Description: opennds (10.1.2) Security Advisory. This version contains fixes for multiple potential security vulnerabilities Credit - Stanislav Dashevskyi - standash.github.io [standash] It also contains some minor bug fixes * Fix - Generate unique sha256 faskey if not set in config - CVE-2023-38324 [bluewavenet] * Fix - NULL pointer dereference if user_agent is NULL - CVE-2023-38320, CVE-2023-38322 [bluewavenet] * Fix - NULL pointer dereference if authdir is called with an incomplete or missing query string - CVE-2023-38313, CVE-2023-38314, CVE-2023-38315 [bluewavenet] * Fix - remove deprecated and non-functioning unescape callback - CVE-2023-38316 [bluewavenet] * Fix - prevent potential recursive dependency and detect if conflicting package is installed [bluewavenet] Signed-off-by: NRob White <rob@blue-wave.net>
-
- 30 7月, 2023 1 次提交
-
-
由 Moritz Warning 提交于
OpenNDS lists nodogsplash a conflict as well. This causes a circular reference that is not allowed. Signed-off-by: NMoritz Warning <moritzwarning@web.de>
-
- 29 7月, 2023 1 次提交
-
-
由 Nick Hainke 提交于
Announcement: https://alioth-lists.debian.net/pipermail/babel-users/2023-July/004125.html Remove upstreamed patch: - 100-local-make-local_kind-function-accessible.patch Refresh patch: - 600-add-ubus.patch Signed-off-by: NNick Hainke <vincent@systemli.org>
-
- 24 7月, 2023 1 次提交
-
-
由 Moritz Warning 提交于
Signed-off-by: NMoritz Warning <moritzwarning@web.de>
-
- 23 7月, 2023 1 次提交
-
-
由 Marek Küthe 提交于
Closes https://github.com/openwrt/routing/issues/994Signed-off-by: NMarek Küthe <m.k@mk16.de>
-
- 22 7月, 2023 1 次提交
-
-
由 Josef Schlehofer 提交于
bird1: Remove, as EOL has been reached
-
- 21 7月, 2023 1 次提交
- 19 7月, 2023 1 次提交
-
-
由 Nick Hainke 提交于
Announcement: https://alioth-lists.debian.net/pipermail/babel-users/2023-July/004100.html Babeld removed diversity routing [0], so we need to adjust ubus bindings. Further. we need to add a patch that makes local_kind accessible again: "100-local-make-local_kind-function-accessible.patch" Refresh patches: - 600-add-ubus.patch [0] - https://github.com/jech/babeld/commit/a0816083356e5d33fb71e0e30d92aa3bf335d7eaSigned-off-by: NNick Hainke <vincent@systemli.org>
-
- 15 7月, 2023 1 次提交
-
-
由 Rob White 提交于
Maintainer: Rob White rob@blue-wave.net Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64 Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03 opennds (10.1.1) * This version contains some minor bug fixes and documentation updates * Fix - send only contents of buffer, not entire buffer when serving page511 [bluewavenet] * Fix - Set fas_remotefqdn to gw_fqdn when overriding FAS settings [bluewavenet] * Fix - use absolute path for css and images in ThemeSpec [bluewavenet] * Fix - revert to old option names without underscores [bluewavenet] * Fix - FAS URL when fas_remotefqdn is not set [bluewavenet] Signed-off-by: NRob White <rob@blue-wave.net>
-
- 30 6月, 2023 1 次提交
-
-
由 Bradford Zhang 提交于
Signed-off-by: NBradford Zhang <zyc@zyc.name>
-
- 26 6月, 2023 13 次提交
-
-
由 Tianling Shen 提交于
- armvirt target has been renamed to armsr (Arm SystemReady) [1]. - armsr-armv8 has been switched to aarch64_generic architecture [2]. 1. https://github.com/openwrt/openwrt/commit/40b02a230167626def69389452f19b7109aaeac1 2. https://github.com/openwrt/openwrt/commit/e0f06ddc23b2503a1791ae7e97b02e2647e8a70dSigned-off-by: NTianling Shen <cnsztl@immortalwrt.org>
-
由 Jeffery To 提交于
Signed-off-by: NJeffery To <jeffery.to@gmail.com>
-
由 Jeffery To 提交于
Signed-off-by: NJeffery To <jeffery.to@gmail.com>
-
由 Christian Marangi 提交于
Add concurrency rules to skip redundant build to skip extra build test on force push on pull request. Signed-off-by: NChristian Marangi <ansuelsmth@gmail.com>
-
由 Jeffery To 提交于
Currently, the package run-test phase will fail for PRs that only add/update host-only packages, as no target packages (*.ipk) are built. This checks if any target packages are built before attempting the run-tests. Signed-off-by: NJeffery To <jeffery.to@gmail.com>
-
由 Jeffery To 提交于
Signed-off-by: NJeffery To <jeffery.to@gmail.com>
-
由 Van Waholtz 提交于
Signed-off-by: NVan Waholtz <brvphoenix@gmail.com>
-
由 Gerard Ryan 提交于
Some packages variants have conflicting dependencies with the base packages and the CI test will fail to install before anything can be done by the packages to setup the system for install. This change adds a pre-test.sh that runs before the install so things like the default libustream variant can be swapped out as shown in the updated cache-domains. Signed-off-by: NGerard Ryan <G.M0N3Y.2503@gmail.com>
-
由 Jeffery To 提交于
To test each package, the CI-built target package (ipk) file is installed, but currently the target package's dependencies are installed from the standard opkg feeds. There are cases when the CI-built target packages should be installed/tested together: * If a pull request contains several new packages that depend on each other, the test step will fail as the new dependencies cannot be found in the current packages feed. * If a pull request upgrades a source package that builds several target packages that depend on each other, the test step may fail due to the version/ABI mismatch between a newer target package and the older dependencies installed from the packages feed. This sets up a local feed for the CI-built packages so that dependencies are also installed from the same set of packages. Signed-off-by: NJeffery To <jeffery.to@gmail.com>
-
由 Jeffery To 提交于
836b4e1c734f9705bfd8db0da0c04214c2647932 added --force-removal-of-dependent-packages but it does not do what the commit message says it does. When package A depends on package B (package B is a dependency of package A; package A is a dependent of package B), trying to remove package B while package A is installed will result in an error. Adding --force-removal-of-dependent-packages in this case will cause the removal of package B and package A (package B's dependent). But in the case of the CI testing step, it is package A that is being installed and removed. Removing package A with --force-removal-of-dependent-packages will not cause package B (package A's dependency) to be removed. This adds --autoremove to actually remove the package's dependencies. This also ignores any errors returned by opkg remove as --autoremove can sometimes falsely return an error[1]. [1]: https://github.com/openwrt/openwrt/issues/12241 Fixes: 836b4e1c734f ("github-ci: add --force-removal-of-dependent-packages") Signed-off-by: NJeffery To <jeffery.to@gmail.com>
-
由 Tianling Shen 提交于
Removed arc_archs - archs38 was marked as source-only [1]. Renamed powerpc_8540 to powerpc_8548 [2]. 1. https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=c01641bcc7236d2e2de3ea65444b0cf2898df351 2. https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=2cad88b99fdae9766de84e6c1cb56f111eb53748Signed-off-by: NTianling Shen <cnsztl@immortalwrt.org>
-
由 Paul Spooren 提交于
If it doesn't exists, don't confuse the contributors. Signed-off-by: NPaul Spooren <mail@aparcar.org>
-
由 Paul Spooren 提交于
Autorelease causes some issues like heavy bandwidth usage as well as non-deterministic package releases whenever someone doesn't use the full git log. With this comment all modified packages are checked and if they use the autorelease feature, kindly comment to the user to change that. Signed-off-by: NPaul Spooren <paul.spooren@rhebo.com> [ move check to separate workflow to handle ci limitation ] Signed-off-by: NChristian Marangi <ansuelsmth@gmail.com>
-
- 23 6月, 2023 1 次提交
-
-
由 Rob White 提交于
Maintainer: Rob White rob@blue-wave.net Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64 Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03 opennds (10.1.0) This version is a major upgrade including full migration to nftables and native uci configuration support even for generic Linux distributions. It also includes a significant refactoring of inbuilt memory management, improving long term reliability, fixing several memory leaks, buffer overflows and several edge case crashes. * Add - support for included custom binauth script [bluewavenet] * Add - emit a useful stderr message if auth_restore fails [bluewavenet] * Add - procd respawn threshold, respawn timeout and respawn retry parameters [bluewavenet] * Add - user friendly commandline message if already running [bluewavenet] * Fix - Enabling of Data volume quotas [bluewavenet] * Fix - use get_list_from_config instead of get_option_from_config [bluewavenet] * Fix - compiler warning - unused variable [bluewavenet] * Fix - remove redundant function call ipsetconf [bluewavenet] * Fix - walledgarden for both nftset and ipset on OpenWrt [bluewavenet] * Add - more meaningful output if attempt is made to restart when already running [bluewavenet] * Fix - resolve gatewayfqdn after startup [bluewavenet] * Fix - Choose forground or background running according to commandline arguments [bluewavenet] * Fix - remove superfluous debug message [bluewavenet] * Fix - replace sleep with procd_set_param term_timeout [bluewavenet] * Fix - make option enabled default to enabled [bluewavenet] * Fix - report authmon pid instead of opennds pid from authmon [bluewavenet] * Fix - ensure correct pid obtained for opennds [bluewavenet] * Add - StartLimitIntervalSec and StartLimitBurst to systemd service script [bluewavenet] * Fix - refactor remote downloads [bluewavenet] * Fix - suppress error message on ipset test failure [bluewavenet] * Fix - send non-syslog debug information to stdout by default [bluewavenet] * Add - C function to check heartbeat watchdog [bluewavenet] * Fix - Update generic Linux makefile [bluewavenet] * Fix - remove redundant ruleset struct definition [bluewavenet] * Fix - potential buffer overflow issue during config stage [bluewavenet] * Fix - remove unnecessary calls to free() in page 404 processing [bluewavenet] * Fix - remove redundant code from fw_iptables [bluewavenet] * Add - updates to binauth_log script [bluewavenet] * Add - updates for service startup, systemd and procd [bluewavenet] * Add - refactoring of commandline processing [bluewavenet] * Fix - remove debugging message [bluewavenet] * Fix - typo in client ruleset [bluewavenet] * Add - Refactor to use uci config directly even for Generic Linux [bluewavenet] * Add - Parsing for multi item lists with spaces in items [bluewavenet] * Add - use common library call get_option_fom_config [bluewavenet] * Add - support for direct use of uci format config file - string and integer parameters [bluewavenet] * Fix - Remove deprecated syslog_facility config setting [bluewavenet] * Add - thread busy message to ndsctl [bluewavenet] * Add - refactor configure_log_location [bluewavenet] * Fix - suppress LOG_NOTICE message when getting mac of interface [bluewavenet] * Fix - ndsctl error message [bluewavenet] * Fix - get_client_interface for levels 2 and 3 [bluewavenet] * Add - use common library write_log function [bluewavenet] * Add - Refactor memory management [bluewavenet] * Fix - fix and refactor upload rate limiting rules [bluewavenet] * Fix - Change a debug message from err to info [bluewavenet] * Add - refine common buffer sizes [bluewavenet] * Add - use initialised heap memory for redirect_to_splashpage [bluewavenet] * Add - user message to themespec [bluewavenet] * Add - auth_restore support ie reauth clients after a restart by default. [bluewavenet] * Add - Library call to preemptively re-auth clients after a restart or crash [bluewavenet] * Add - BinAuth, write an authenticated clients list [bluewavenet] * Add - library call "check_heartbeat" [bluewavenet] * Fix - Tidy up redundant code [bluewavenet] * Fix - change warning message to debug message when iw not installed [bluewavenet] * Add - library call to log to syslog [bluewavenet] * Fix - use initialised heap memory for client list entries [bluewavenet] * Fix - ignore legacy ipset firewall rule [bluewavenet] * Fix - refactor memory management for MHD calls - use heap memory for buffers etc [bluewavenet] * Fix - missing free causing memory leak [bluewavenet] * Fix - predefine and initialise buffer for send_redirect_temp [bluewavenet] * Add - support protocol "all" in firewall ruleset [bluewavenet] * Add - pre-allocation of initialised buffers [bluewavenet] * Fix - prevent buffer overrun on removing client [bluewavenet] * Add - update MHD connection timeout and connection limit [bluewavenet] * Add - chain ndsDLR for dynamic client download rate limiting rules [bluewavenet] * Add - Use Internal Polling Thread / Thread Per Connection in MHD [bluewavenet] * Add - some new default values [bluewavenet] * Fix - remove some redundant code and fix some compiler warnings [bluewavenet] * Fix - remove redundant library command string [bluewavenet] * Fix - Tidy up redundant iptables code [bluewavenet] * Add - convert trusted client support to nftables [bluewavenet] * Add - refer to nftables [bluewavenet] * Add - move code for generating authentication mark string to initial setup [bluewavenet] * Add - full nftset support with ipset import where required [bluewavenet] * Add - nftset support library calls [bluewavenet] * Add - ipset_to_nftset library call [bluewavenet] * Add - support for nftables version of append_ruleset and nftables_compile [bluewavenet] * Fix - buffer overflow in page_511 generation [bluewavenet] * Add - more nftables migration including rate quotas [bluewavenet] * Fix - change GatewayInterface to lower case [bluewavenet] * Add - upload and download limiting client flags for future use [bluewavenet] * add - lib calls "pad_string" and "replace_client_rule" [bluewavenet] * Add - further nftables migration [bluewavenet] * Fix - correctly parse options from legacy conf file [bluewavenet] * Fix - some compiler warnings and set min iptables version [bluewavenet] * Add - Generic Linux configure walledgarden [bluewavenet] * Add - Implementation of nftsets for walledgarden [bluewavenet] * Add - migration to nftables, next phase. [bluewavenet] * Add - library function delete_client_rule [bluewavenet] * Fix - remove duplicate definition [bluewavenet] * Add - First stage migration to nftables [bluewavenet] Signed-off-by: NRob White <rob@blue-wave.net>
-
- 13 6月, 2023 1 次提交
-
-
由 Nick Hainke 提交于
Update to latest version. Remove upstreamed patch: - 100-rename-avl-to-olsrd_avl.patch Signed-off-by: NNick Hainke <vincent@systemli.org>
-
- 11 6月, 2023 2 次提交
-
-
由 Patrick Grimm 提交于
Maintainer: patrick@lunatiki.de @stargieg Compile tested: mips_24kc, arm_cortex-a9_vfpv3-d16, i386_pentium4, x86_64, i386_pentium-mmx, mipsel_24kc Run tested: Firefox, Safari Description: add html table for all LAN prefixes instead of a list with the one/first prefix Signed-off-by: NPatrick Grimm <patrick@lunatiki.de>
-
由 Maciej Krüger 提交于
Signed-off-by: NMaciej Krüger <mkg20001@gmail.com>
-
- 28 5月, 2023 1 次提交
-
-
由 Simon Wunderlich 提交于
batman-adv: update packages to version 2023.1
-
- 27 5月, 2023 3 次提交
-
-
由 Sven Eckelmann 提交于
OpenWrt master is no longer providing any kernels older than 5.15. Just drop the compat-hacks/patches for older kernels to make it easier to maintain the package. Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Sven Eckelmann 提交于
* (no changes) Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Sven Eckelmann 提交于
* Synchronize with kernel headers Signed-off-by: NSven Eckelmann <sven@narfation.org>
-