openwrt 19.07 repo @ a941d39460b67d2d21e86d9c73d3e9b099b2d7fb
"packages" feeds @ 52634db76f0ecaee4a298c19fc4934dd1dc838bc
Build fails due tu unknown linker flag.
Failure:
LD [M]
/mnt/hdd/sdata/myfiles/openwrt/build_dir/target-mipsel_74kc_musl/linux-brcm47xx_mips74k/xtables-addons-2.14/exten
On Mon, 5 Aug 2019 15:48:16 +0200
Adrian Schmutzler wrote:
> This changes the offsets for the MAC address location in
> mtd_get_mac_binary* and mtd_get_mac_text to hexadecimal notation.
Acked-by: Alexander Couzens
pgp6CWMu3x9xI.pgp
Description: OpenPGP digital signature
_
On Mon, 5 Aug 2019 15:48:17 +0200
Adrian Schmutzler wrote:
> This changes size and offset set for WiFi caldata extraction and
> MAC address adjustment to hexadecimal notation.
>
> This will be much clearer for the reader when numbers are big, and
> will also match the style used for mtd-cal-dat
CBC ciphersuites have been under scrutiny because of the many padding
oracle vulnerabilities that keep popping up; it seems that we won't be
able to patch up the inherent wakness of MAC-then-encrypt forever. They
have been blacklisted by HTTP/2, and recently dropped from Mozilla's
Security/Servers
For wolfssl, instead of hard-coding TLS 1.2, use generic method and
disable older protocols, adding the necessary ciphersuites.
Openssl already had TLS 1.3 compatiblity, but its ciphersuite ordering
needs a separate call, so this sets the ciphersuite preference when
using TLS 1.3.
Signed-off-by:
This adds the key_type and ec_curve options to enable the generation of
EC keys during initialization, using openssl or the new options added to
px5g.
Signed-off-by: Eneas U de Queiroz
diff --git a/package/network/services/uhttpd/Makefile
b/package/network/services/uhttpd/Makefile
index 0738ec6
This adds an 'eckey' command to generate an EC key, with an optional
curve name argument, with P-256 as default.
For the 'selfsigned' command, it adds an 'ec' algorithm argument to the
'-newkey' option, and a '-pkeyopt ec_paramgen_curve:' option,
mirroring the way openssl specifies the curve name.
I'm adding support to create EC curves with px5g, and changing uhttpd
to use it, adding two config options: key_type, and ec_curve.
* key_type should be set to either 'ec' or 'rsa'. In practice, it will
silently use 'rsa' unless its value is 'ec'.
* ec_curve takes an elliptic curve name, whic
Signed-off-by: Eneas U de Queiroz
diff --git a/package/libs/openssl/Config.in b/package/libs/openssl/Config.in
index 63493829ba..d1281ec6fa 100644
--- a/package/libs/openssl/Config.in
+++ b/package/libs/openssl/Config.in
@@ -76,7 +76,6 @@ config OPENSSL_WITH_TLS13
bool
default y
CVE-2018-16870: medium-severity, new variant of the Bleichenbacher
attack to perform downgrade attacks against TLS, which may lead to
leakage of sensible data. Backported from 3.15.7.
CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations.
Always build AES-GCM support.
Unnecessary patches were removed.
This includes two vulnerability fixes:
CVE-2018-16870: a new variant of the Bleichenbacher attack to perform
downgrade attacks against TLS, which may lead to leakage of sensible
data.
CVE-2019-13628 (currently assigned-only): potent
wolfssl changed ABI version.
Signed-off-by: Eneas U de Queiroz
diff --git a/package/libs/ustream-ssl/Makefile
b/package/libs/ustream-ssl/Makefile
index 2ea5bf0bd5..c0fd281866 100644
--- a/package/libs/ustream-ssl/Makefile
+++ b/package/libs/ustream-ssl/Makefile
@@ -3,6 +3,15 @@ include $(TOPDIR
wolfssl changed ABI version, so this forces an update to hostapd.
Some build options selected by hostapd are always built now, so they
were removed.
Signed-off-by: Eneas U de Queiroz
diff --git a/package/network/services/hostapd/Config.in
b/package/network/services/hostapd/Config.in
index 222cf
> This recent Pull Request used gpio-keys on ar7100:
> https://github.com/openwrt/openwrt/pull/1359
>
> However, I cannot extract how well this was tested.
I will have a device for testing around the next weekend. I'll report back.
___
openwrt-devel ma
> -Original Message-
> From: Dmitry Tunin [mailto:hanipouspi...@gmail.com]
> Sent: Montag, 5. August 2019 17:55
> To: Adrian Schmutzler
> Cc: OpenWrt Development List
> Subject: Re: [OpenWrt-Devel] [PATCH] ath79: convert devices to interrupt-
> driven gpio-keys
>
> пн, 5 авг. 2019 г. в 1
Applies patch from @mikma [0] to fix Docker shutdown. Added detection to
state.c if running in a containre or not.
Tested with a x86/64 Docker image.
Fixes FS#2425
CC: Mikael Magnusson
CC: Petr Štetiar
[0]:
https://github.com/mikma/lxd-openwrt/blob/master/patches/procd-master/0003-docker-fix
пн, 5 авг. 2019 г. в 16:53, Adrian Schmutzler :
>
> > -Original Message-
> > From: Dmitry Tunin [mailto:hanipouspi...@gmail.com]
> > Sent: Freitag, 2. August 2019 18:51
> > To: Adrian Schmutzler
> > Cc: OpenWrt Development List
> > Subject: Re: [OpenWrt-Devel] [PATCH] ath79: convert devic
Always build AES-GCM support.
Unnecessary patches were removed.
This includes two vulnerability fixes:
CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK
extension parsing.
CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing op
I'm requesting comments about updating this in 18.06.
I'm sending this to 19.07 right away, but it won't be so easy with 18.06
because there is an ABI version change from 3.15.3 (current) to 3.15.7.
Besides CVE-2019-13628, it is vulnerable to CVE-2018-16870: a variant of
the Bleichenbacher attack.
Always build AES-GCM support.
Unnecessary patches were removed.
This includes two vulnerability fixes:
CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK
extension parsing.
CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing op
> -Original Message-
> From: Dmitry Tunin [mailto:hanipouspi...@gmail.com]
> Sent: Freitag, 2. August 2019 18:51
> To: Adrian Schmutzler
> Cc: OpenWrt Development List
> Subject: Re: [OpenWrt-Devel] [PATCH] ath79: convert devices to interrupt-
> driven gpio-keys
>
> пт, 2 авг. 2019 г. в
This changes size and offset set for WiFi caldata extraction and
MAC address adjustment to hexadecimal notation.
This will be much clearer for the reader when numbers are big, and
will also match the style used for mtd-cal-data in DTS files.
Since dd cannot deal with hexadecimal notation, one has
This changes the offsets for the MAC address location in
mtd_get_mac_binary* and mtd_get_mac_text to hexadecimal notation.
This will be much clearer for the reader when numbers are big, and
will also match the style used for mtd-mac-address in DTS files.
(e.g. 0x1006 and 0x5006 are much more usef
[ Upstream commit ba1bc0fcdeaf3bf583c1517bd2e3e29cf223c969 ]
The modification of EXIN register doesn't clean the bitfield before
the writing of a new value. After a few modifications the bitfield would
accumulate only '1's.
Signed-off-by: Petr Cvek
Signed-off-by: Paul Burton
Cc: ha...@hauke-m.d
[ Upstream commit ba1bc0fcdeaf3bf583c1517bd2e3e29cf223c969 ]
The modification of EXIN register doesn't clean the bitfield before
the writing of a new value. After a few modifications the bitfield would
accumulate only '1's.
Signed-off-by: Petr Cvek
Signed-off-by: Paul Burton
Cc: ha...@hauke-m.d
[ Upstream commit ba1bc0fcdeaf3bf583c1517bd2e3e29cf223c969 ]
The modification of EXIN register doesn't clean the bitfield before
the writing of a new value. After a few modifications the bitfield would
accumulate only '1's.
Signed-off-by: Petr Cvek
Signed-off-by: Paul Burton
Cc: ha...@hauke-m.d
[ Upstream commit ba1bc0fcdeaf3bf583c1517bd2e3e29cf223c969 ]
The modification of EXIN register doesn't clean the bitfield before
the writing of a new value. After a few modifications the bitfield would
accumulate only '1's.
Signed-off-by: Petr Cvek
Signed-off-by: Paul Burton
Cc: ha...@hauke-m.d
[ Upstream commit ba1bc0fcdeaf3bf583c1517bd2e3e29cf223c969 ]
The modification of EXIN register doesn't clean the bitfield before
the writing of a new value. After a few modifications the bitfield would
accumulate only '1's.
Signed-off-by: Petr Cvek
Signed-off-by: Paul Burton
Cc: ha...@hauke-m.d
Hi,
On Tue, Jul 23, 2019 at 5:02 AM Rosen Penev wrote:
>
> From: Eneas U de Queiroz
>
> Don't use cpu_to_be32 outside of a function.
>
> Signed-off-by: Eneas U de Queiroz
This patch has already been applied in the past; see
https://git.openwrt.org/?p=project/omcproxy.git;a=commit;h=722151f04348
Just to make this absolutely clear:
kernel v4.19 is currently broken on Linksys WRT1900AC (Mamba)
I'm a bit disappointed that v4.19 was made default for the mvebu target
without any followup or comment on the reported problems. What's the
point of testing and reporting then? The USB3 port has
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.--- Begin Message ---
Hello all
I made a PR more than
As I wrote to Birger, I think the Asus RT-AC85P and the Asus RT-AC65P
boards - despite the Asus specifications and the Wikidevi informations -
are identical.
1. As you can see, the board ha 3 external and 1 internal antenna:
https://drive.google.com/open?id=1cOlX_P2O-UtMcjFVxJT54Sodn8cmxp0_
2. On
32 matches
Mail list logo
