1. 21 Jun, 2019 5 commits
    • Jo-Philipp Wich's avatar
      OpenWrt v18.06.3: adjust config defaults · 4382d4ce
      Jo-Philipp Wich authored
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
    • Karel Kočí's avatar
      fstools: block-mount: fix restart of fstab service · 97ae9e0c
      Karel Kočí authored
      Restarting service causes file-systems to be unmounted without being
      mounted back. When this service was obsoleted it should have been
      implemented in a way that all actions are ignored. Up to this commit
      default handler was called when restart was requested. This default
      handler just simply calls stop and start. That means that stop called
      unmount but start just printed that this service is obsoleted.
      This instead implements restart that just prints same message like start
      does. It just calls start in reality. This makes restart unavailable for
      Signed-off-by: default avatarKarel Kočí <karel.koci@nic.cz>
      (cherry picked from commit 3ead9e7b)
    • Petr Štetiar's avatar
      fstools: update to the latest master branch · 25fc20db
      Petr Štetiar authored
      ff1ded6 libfstools: Fix overflow of F2FS_MINSIZE constant
      bc2c876 libfstools: Print error in case of loop blkdev failure
      Signed-off-by: default avatarPetr Štetiar <ynezz@true.cz>
      (cherry picked from commit 1e55171a)
    • Matthias Badaire's avatar
      fstools: media change detection (eg:sdcard) using kernel polling · fc39d5fc
      Matthias Badaire authored
      Linux kernel has a polling mechanism that can be activated by changing
      the parameter /sys/module/block/parameters/events_dfl_poll_msecs which
      is deactivated by default or the /sys/block/[device]/events_poll_msecs
      for one device.
      This patch set the events_poll_msecs when a disk is inserted.
      Once the media disk change event is sent by the kernel then we force a
      re-read of the devices using /sbin/block info.
      With this patch, insertion and ejection of sd card will automatically
      generate partition devices in /dev.
      Signed-off-by: default avatarMatthias Badaire <mbadaire@gmail.com>
      [rewrap commit message, fix bashisms, fix non-matching condition,
       bump pkg release]
      Signed-off-by: default avatarJo-Philipp Wich <jo@mein.io>
      (cherry picked from commit cf8483cb)
    • Hauke Mehrtens's avatar
      hostapd: fix multiple security problems · b463a138
      Hauke Mehrtens authored
      This fixes the following security problems:
      * CVE-2019-9494:  cache attack against SAE
      * CVE-2019-9495:  cache attack against EAP-pwd
      * CVE-2019-9496:  SAE confirm missing state validation in hostapd/AP
      * CVE-2019-9497:  EAP-pwd server not checking for reflection attack)
      * CVE-2019-9498:  EAP-pwd server missing commit validation for scalar/element
      * CVE-2019-9499:  EAP-pwd peer missing commit validation for scalar/element
      * CVE-2019-11555: EAP-pwd message reassembly issue with unexpected fragment
      Most of these problems are not relevant for normal users, SAE is only
      used in ieee80211s mesh mode and EAP-pwd is normally not activated.
      Signed-off-by: default avatarHauke Mehrtens <hauke@hauke-m.de>
  2. 20 Jun, 2019 4 commits
  3. 18 Jun, 2019 5 commits
  4. 17 Jun, 2019 1 commit
  5. 16 Jun, 2019 1 commit
  6. 15 Jun, 2019 2 commits
  7. 12 Jun, 2019 2 commits
  8. 07 Jun, 2019 1 commit
    • Chen Minqiang's avatar
      kernel: re-add bridge allow reception on disabled port · 5dbac474
      Chen Minqiang authored
      The "bridge allow reception on disabled port" implementation
      was broken after these commits:
      b765f4be ("kernel: bump 4.14 to 4.14.114")
      456f486b ("kernel: bump 4.9 to 4.9.171")
      This leads to issues when for example WDS is used, tied to a bridge:
      [ 96.503771] wlan1: send auth to d4:5f:25:eb:09:82 (try 1/3)
      [ 96.517956] wlan1: authenticated
      [ 96.526209] wlan1: associate with d4:5f:25:eb:09:82 (try 1/3)
      [ 97.086156] wlan1: associate with d4:5f:25:eb:09:82 (try 2/3)
      [ 97.200919] wlan1: RX AssocResp from d4:5f:25:eb:09:82 (capab=0x11 status=0 aid=1)
      [ 97.208706] wlan1: associated
      [ 101.312913] wlan1: deauthenticated from d4:5f:25:eb:09:82 (Reason: 2=PREV_AUTH_NOT_VALID)
      It seems upstream introduced a new patch, [1]
      so we have to reimplement these patches properly:
      [1] https://lkml.org/lkml/2019/4/24/1228
      Fixes: b765f4be ("kernel: bump 4.14 to 4.14.114")
      Fixes: 456f486b
       ("kernel: bump 4.9 to 4.9.171")
      Signed-off-by: default avatarChen Minqiang <ptpt52@gmail.com>
      [updated commit message and title]
      Signed-off-by: default avatarKoen Vandeputte <koen.vandeputte@ncentric.com>
  9. 06 Jun, 2019 1 commit
  10. 03 Jun, 2019 4 commits
  11. 01 Jun, 2019 2 commits
  12. 30 May, 2019 3 commits
  13. 28 May, 2019 2 commits
  14. 23 May, 2019 3 commits
  15. 21 May, 2019 4 commits