[OpenWrt-Devel] OpenWrt at Netdev conference
Just reading the LWN coverage. Thanks to Felix for representing the needs of small devices. https://lwn.net/Articles/676806/ ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] ddns-scripts "sleep 10" before updating?
On Fri, Jan 16, 2015 at 4:36 AM, Christian Schoenebeck wrote: > Did you really ever run into problems because of 10 seconds delay after an > outage of thousands of seconds ? No, but I don't want to wait until I have a problem. ddns-scripts should do the best it can to update the record quickly. > What do your ddns provider think about multiple updates per minute, if the > connection toggle due to errors on your wan connection. Most providers start > blocking for hours after to many updates. First you said the sleep was because netifd runs the script too early. That turned out to be false. Now you're saying it's to be nice to the ddns provider - I don't think it's a problem and sleep is the wrong way to solve it anyway. As John Crispin recently said in a different patch review, "using magic delays is a no go": https://lists.openwrt.org/pipermail/openwrt-devel/2015-January/030561.html That is exactly what this sleep 10 is - some arbitrary value that doesn't seem to have a specific purpose, added to fix one minority edge case - or maybe no one remembers why it was added. > For the moment please comment out the 4 lines starting at line 219 of > dynamic_dns_updater.sh No. I do not maintain one router, I maintain several of them. I will not go around editing dynamic_dns_updater.sh on them all, and have to do this again every time I flash a new version. I do not want to maintain a diff compared to openwrt master either, because that will just give merge headaches in the future. Please, what is the reason sleep 10 is still there? Was it because of the early netifd call - then let's just remove it. If it is only to fix the satellite user case, then maybe that use should be the one to modify dynamic_dns_updater.sh on their router. But right now, for the majority of cases, it adds a 10 second delay for no reason. I don't think this is right. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] ddns-scripts "sleep 10" before updating?
On Thu, Jan 15, 2015 at 3:28 PM, Christian Schoenebeck wrote: > I did a lot of testing with a user using satellite Internet connection. > He quickly gets his IP from the modem but he needs to use a global dns server > to verify his registered ip via tcp > because the modem buffers all udp dns requests not looking for any timeouts. > For him it takes same seconds until the connection was established to the web > after getting his ip from the modem. Let me see if I understand.. so after his interface comes up, dynamic_dns_updater was getting stuck on "get_registered_ip" because the connection to the web is not yet up? Perhaps this could be handled by a timeout on the host/nslookup command? I also think this is an edge case - in most cases, you can call get_registered_ip immediately and it will work. > The "5 minutes" I tested the easy way. > On my ubuntu box I ran nslookup for my own ddns-address against Google's > public dns in an endless loop. > Then I send out a new ip to my ddns provider via ddns-scripts and wait. > The longest time it takes to have a stable answer from nslookup was 4 minutes > 10 seconds. > Plus reserve = 5 minutes. Also the reason why check_interval minimum is set > to 5 minutes = 300 seconds > in line 176 of dynamic_dns_updater.sh. I understand that the latency through Google public dns is 5 minutes, but not everyone uses Google public dns, and your test is not representative of queries for cache-cold records. I tried adding a new record to my domain to see what happens on a query that is not already in the cache. This is the same case as updating an existing DDNS entry that hasn't been accessed in a long time. The record was immediately (<15 seconds, while I typed the commands) available in my DNS provider's server, my ISP's server, and 8.8.8.8. The intermediate servers didn't even know if the record exists, so they had to contact the authoritative server. Probably if I update the IP now, it will take a long time to propagate, but this is not a common case for me. What I want is that if I get a new IP/router crashes/power outage, for my IP to be updated in the authoritative DNS server as soon as possible. It is rare that I access my DDNS just before this (crash/power outage/etc.) happens, so the record will not be cached, so if I access it now, I will see the fresh IP in any DNS server. In this case the "sleep 10" is the limiting factor. I think probably this is the case for most DDNS users - they probably access their records very rarely, so they are not cached, so "sleep 10" is the biggest factor to how quickly their new address is visible. But I can't speak definitively about any but my case. Perhaps the sleep could be a configuration option which defaults to 0. Specific users can set it if they need it. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] ddns-scripts "sleep 10" before updating?
On Tue, Jan 13, 2015 at 8:56 AM, Christian Schoenebeck wrote: > from my point of view 10 seconds to wait before sending an update to the ddns > provider is not a big deal because it takes up to 5 minutes until "nslookup > [yourhost] 8.8.8.8" gives you back a static answer after a change. > So Google's mameserver need up to 5 Minutes to sync themselves. How did you conclude about the 5 minutes? Technically caching DNS servers should respect the TTL of the original record. RFC 1035 even allows zero TTL to prevent caching. I agree that some servers may actually impose a minimum TTL, but ddns-scripts should not make any assumptions about this. In my case, I have DDNS records which are rarely accessed (are not likely to be cached by intermediate DNS servers). When a client makes a DNS request for my DDNS name, it will be forwarded the entire way to the authoritative DNS server. So the openwrt update latency dominates the delay, not TTL expiration, so it's useful for me to update ASAP after the interfaces gets an address. Are you still planning on running some tests on your side? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] ddns-scripts 2.0.1-1 breaks freedns.afraid.org?
I've opened a pull request for this (and other misc fixes): https://github.com/openwrt/packages/pull/779 On Tue, Jan 13, 2015 at 9:14 AM, Christian Schoenebeck wrote: > I put it on the TODO list. > Thanks for feedback > Christian > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] ddns-scripts "sleep 10" before updating?
Hi Christian, curious about something else.. In dynamic_dns_updater.sh there's a "sleep 10": # we need time here because hotplug.d is fired by netifd # but IP addresses are not set by DHCP/DHCPv6 etc. write_log 7 "Waiting 10 seconds for interfaces to fully come up" sleep 10 & PID_SLEEP=$! wait $PID_SLEEP # enable trap-handler PID_SLEEP=0 https://github.com/openwrt/packages/blob/master/net/ddns-scripts/files/usr/lib/ddns/dynamic_dns_updater.sh#L218 But on my system (trunk r43888) it seems when ifup event comes, address is already set: Tue Jan 13 00:46:59 2015 kern.info kernel: [ 2621.36] eth1: link up (1000Mbps/Full duplex) Tue Jan 13 00:46:59 2015 daemon.notice netifd: Network device 'eth1' link is up Tue Jan 13 00:46:59 2015 daemon.notice netifd: Interface 'wan' has link connectivity Tue Jan 13 00:46:59 2015 daemon.notice netifd: Interface 'wan' is setting up now Tue Jan 13 00:46:59 2015 daemon.notice netifd: wan (9426): udhcpc (v1.22.1) started Tue Jan 13 00:46:59 2015 daemon.notice netifd: wan (9426): Sending discover... Tue Jan 13 00:46:59 2015 daemon.notice netifd: wan (9426): Sending select for 198.48.205.121... Tue Jan 13 00:46:59 2015 daemon.notice netifd: wan (9426): Lease of 198.48.205.121 obtained, lease time 69146 Tue Jan 13 00:46:59 2015 daemon.notice netifd: Interface 'wan6' is setting up now Tue Jan 13 00:46:59 2015 daemon.notice netifd: Interface 'wan' is now up Tue Jan 13 00:47:00 2015 user.notice root: hotplug iface: DEVICE=eth1 ACTION=ifup Tue Jan 13 00:47:00 2015 user.notice root: 3: eth1: mtu 1500 qdisc tbf state UP group default qlen 1000 Tue Jan 13 00:47:00 2015 user.notice root: link/ether 10:6f:3f:e7:00:b6 brd ff:ff:ff:ff:ff:ff Tue Jan 13 00:47:00 2015 user.notice root: inet 198.48.205.121/27 brd 198.48.205.127 scope global eth1 Tue Jan 13 00:47:00 2015 user.notice root:valid_lft forever preferred_lft forever Tue Jan 13 00:47:00 2015 user.notice root: inet6 fe80::126f:3fff:fee7:b6/64 scope link Tue Jan 13 00:47:00 2015 user.notice root:valid_lft forever preferred_lft forever I added those last few lines using a debug script in /etc/hotplug.d/iface to see what the state of the interface was. It would be cool not to sleep I think, so the update happens as soon as the interface gets an address. Looking at netifd/DESIGN it says: Interfaces -- [...] state: IFS_SETUP: The interface is currently being configured by the protocol handler IFS_UP: The interface is fully configured and the scripts in /etc/hotplug.d/iface are called only for IFS_UP, so I think this behaviour is reliable. In what case did you see the need for a "sleep 10"? Catalin ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] ddns-scripts 2.0.1-1 breaks freedns.afraid.org?
Hi Christian, I use ddns-scripts with freedns.afraid.org. Here is the service line for it: #freedns.afraid.org is weird, you just need an update code, for which we use the password variable "freedns.afraid.org" "http://freedns.afraid.org/dynamic/update.php?[PASSWORD]&address=[IP]"; So I was leaving the "username" option empty and setting password to the "update code". This worked fine. But since 07d3672d, ddns-scripts now checks that $password is set and fails like this: Tue Jan 13 00:17:30 2015 user.warn ddns-scripts[3685]: myddns: Service section not correctly configured! - TERMINATE Due to this line I think: https://github.com/openwrt/packages/blob/master/net/ddns-scripts/files/usr/lib/ddns/dynamic_dns_updater.sh#L161 What do you think? Should the check be relaxed? I can work around it by setting 'username' to an ignored value.. but that seems ugly. Catalin ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Missing 'noexecstack' in uClibc MIPS builds
On Wed, Oct 1, 2014 at 6:42 PM, Andrew McDonnell wrote: > It seems that OpenWRT sets the relevant flag to require uClibc to build with > NOEXECSTACK set. This is good. (For one introduction to NOEXECSTACK, see > http://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart ) Does anything actually enforce NX on MIPS? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] sysupgrade: preserve symlinks in backups
From: Catalin Patulea Signed-off-by: Catalin Patulea --- package/base-files/files/sbin/sysupgrade | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package/base-files/files/sbin/sysupgrade b/package/base-files/files/sbin/sysupgrade index 1ec02c7..6e63783 100755 --- a/package/base-files/files/sbin/sysupgrade +++ b/package/base-files/files/sbin/sysupgrade @@ -102,14 +102,14 @@ add_uci_conffiles() { local file="$1" ( find $(sed -ne '/^[[:space:]]*$/d; /^#/d; p' \ /etc/sysupgrade.conf /lib/upgrade/keep.d/* 2>/dev/null) \ - -type f 2>/dev/null; + -type f -o -type l 2>/dev/null; opkg list-changed-conffiles ) | sort -u > "$file" return 0 } add_overlayfiles() { local file="$1" - find /overlay/etc/ -type f | sed \ + find /overlay/etc/ -type f -o -type l | sed \ -e 's,^/overlay/,/,' \ -e '\,/META_[a-zA-Z0-9]*$,d' \ -e '\,/functions.sh$,d' \ -- 1.8.5.2 (Apple Git-48) ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 4/4] Make curl use the system certificates
On Thu, Sep 25, 2014 at 6:53 AM, Felix Fietkau wrote: >> Ups, no! >> I wanted Christian Schoenebeck confirmation first. But I was supposed >> to do a second version of this patch. >> That option only works when curl uses OpenSSL. Since now it uses >> PolarSSL by default it will break most builds. >> The option should go inside "$(if $(CONFIG_LIBCURL_OPENSSL)..." > Fixed in r42662 curl will support --with-ca-path with PolarSSL in the next release. Incomplete patch on my part and this fix got submitted after the 7.38.0 window: https://github.com/bagder/curl/commit/4da70dea283ebffa6127b664c040e51393107554 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] netifd: GRE Tos support
On Sun, Sep 28, 2014 at 3:34 PM, Hans Dedecker wrote: > diff --git a/system-linux.c b/system-linux.c > index c4d89be..7f14ca9 100644 > --- a/system-linux.c > +++ b/system-linux.c > @@ -1703,6 +1705,29 @@ static int system_add_gre_tunnel(const char *name, > const char *kind, > > nla_put_u8(nlm, IFLA_GRE_TTL, ttl); > > + if ((cur = tb[TUNNEL_ATTR_TOS])) { > + char *str = blobmsg_get_string(cur); > + if (strcmp(str, "inherit")) { > + unsigned uval; > + char *e; > + > + uval = strtoul(str, &e, 16); > + if (!e || e == str || *e || uval > 255) { Under what conditions is e set to NULL? I can't find anything about that case in strtoul(3) GNU 2011-09-15. > diff --git a/system.h b/system.h > index e3187fb..b1215d1 100644 > --- a/system.h > +++ b/system.h > @@ -28,6 +28,7 @@ enum tunnel_param { > TUNNEL_ATTR_MTU, > TUNNEL_ATTR_DF, > TUNNEL_ATTR_TTL, > + TUNNEL_ATTR_TOS, > TUNNEL_ATTR_6RD_PREFIX, > TUNNEL_ATTR_6RD_RELAY_PREFIX, > TUNNEL_ATTR_LINK, Any binary compatibility issues here? Do the numerical values of TUNNEL_ATTR_x leak out of the netifd binary at any point (perhaps via ubus)? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] [package] dropbear: enable sha2-based hmac by default.
What's the motivation for this change? On Thu, Sep 25, 2014 at 11:43 AM, Alive wrote: > X-Patchwork-Id: 6322 > Message-Id: > > Is there any chance for my proposed patch to be committed? > http://patchwork.openwrt.org/patch/6322/ > > Here is a brief comparison about binary and package size increase. > Tested on AR9330, mips, TL MR3220v2 > > Before applying sha2-hmac patch > root@OpenWrt:~# du -sh $(which dropbear) > 161.5K /usr/sbin/dropbear > > After applying sha2-hmac patch > root@OpenWrt:~# du -sh $(which dropbear) > 165.5K /usr/sbin/dropbear > > It's about 4K binary size increase. > > debug information > ssh root@OpenWrt -o MACs=hmac-sha2-512,hmac-sha2-256 -v > ... > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: server->client aes128-ctr hmac-sha2-512 none > debug1: kex: client->server aes128-ctr hmac-sha2-512 none > ... > > Package size compared to downloaded trunk > 84829 Sep 25 02:43 dropbear_2014.65-2_ar71xx.ipk > 81896 Sep 25 02:13 dropbear_2014.65-2_ar71xx.ipk > It's about 3K package size increase. > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] curl: 7.36.0 -> 7.38.0
Thanks for the commit. On Sat, Sep 13, 2014 at 1:59 AM, Catalin Patulea wrote: > Main changes: > - URL parser: IPv6 zone identifiers are now supported > - cyassl: Use error-ssl.h when available (drop local patch) > - polarssl: support CURLOPT_CAPATH / --capath > - mkhelp: generate code for --disable-manual as well (drop local patch) > > Full release notes: http://curl.haxx.se/changes.html > > MIPS 34kc binary size: > - 7.36.0 before: 82,539 bytes > - 7.38.0 after: 83,321 bytes > > Signed-off-by: Catalin Patulea > --- > package/network/utils/curl/Makefile|4 +- > ...001-cyassl-Use-error-ssl.h-when-available.patch | 45 > > .../utils/curl/patches/100-check_long_long.patch |2 +- > .../utils/curl/patches/200-no_docs_tests.patch |8 ++-- > .../network/utils/curl/patches/400-hugehelp.patch | 13 -- > 5 files changed, 7 insertions(+), 65 deletions(-) > delete mode 100644 > package/network/utils/curl/patches/001-cyassl-Use-error-ssl.h-when-available.patch > delete mode 100644 package/network/utils/curl/patches/400-hugehelp.patch > > diff --git a/package/network/utils/curl/Makefile > b/package/network/utils/curl/Makefile > index d1a8fc5..0bb8323 100644 > --- a/package/network/utils/curl/Makefile > +++ b/package/network/utils/curl/Makefile > @@ -8,7 +8,7 @@ > include $(TOPDIR)/rules.mk > > PKG_NAME:=curl > -PKG_VERSION:=7.36.0 > +PKG_VERSION:=7.38.0 > PKG_RELEASE:=1 > > PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 > @@ -18,7 +18,7 @@ PKG_SOURCE_URL:=http://curl.haxx.se/download/ \ > ftp://ftp.planetmirror.com/pub/curl/ \ > http://www.mirrormonster.com/curl/download/ \ > http://curl.mirrors.cyberservers.net/download/ > -PKG_MD5SUM:=e6d1f9d1b59da5062109ffe14e0569a4 > +PKG_MD5SUM:=af6b3c299bd891f43cb5f76c4091b7b4 > > PKG_LICENSE:=MIT > PKG_LICENSE_FILES:=COPYING > diff --git > a/package/network/utils/curl/patches/001-cyassl-Use-error-ssl.h-when-available.patch > > b/package/network/utils/curl/patches/001-cyassl-Use-error-ssl.h-when-available.patch > deleted file mode 100644 > index d7190af..000 > --- > a/package/network/utils/curl/patches/001-cyassl-Use-error-ssl.h-when-available.patch > +++ /dev/null > @@ -1,45 +0,0 @@ > -From 0204e17bc656e6c59b4010283e67f9251eb12c41 Mon Sep 17 00:00:00 2001 > -From: Dan Fandrich > -Date: Wed, 23 Apr 2014 11:01:30 +0200 > -Subject: [PATCH] cyassl: Use error-ssl.h when available > - > -Versions since at least 2.9.4 renamed error.h to error-ssl.h, so use > -whichever one is available. > > - configure.ac |3 +++ > - lib/vtls/cyassl.c |9 +++-- > - 2 files changed, 10 insertions(+), 2 deletions(-) > - > a/configure.ac > -+++ b/configure.ac > -@@ -2003,6 +2003,9 @@ if test "$curl_ssl_msg" = "$init_ssl_msg > - dnl cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined! > - AC_CHECK_SIZEOF(long long) > - > -+ dnl Versions since at least 2.9.4 renamed error.h to error-ssl.h > -+ AC_CHECK_HEADERS(cyassl/error-ssl.h) > -+ > - LIBS="-lcyassl -lm $LIBS" > - > - if test -n "$cyassllib"; then > a/lib/vtls/cyassl.c > -+++ b/lib/vtls/cyassl.c > -@@ -47,11 +47,16 @@ > - #define _MPRINTF_REPLACE /* use our functions only */ > - #include > - #include "curl_memory.h" > --/* The last #include file should be: */ > --#include "memdebug.h" > -+ > - #include > -+#ifdef HAVE_CYASSL_ERROR_SSL_H > -+#include > -+#else > - #include > -+#endif > - > -+/* The last #include file should be: */ > -+#include "memdebug.h" > - > - static Curl_recv cyassl_recv; > - static Curl_send cyassl_send; > diff --git a/package/network/utils/curl/patches/100-check_long_long.patch > b/package/network/utils/curl/patches/100-check_long_long.patch > index 7e014cd..05fb1bf 100644 > --- a/package/network/utils/curl/patches/100-check_long_long.patch > +++ b/package/network/utils/curl/patches/100-check_long_long.patch > @@ -1,6 +1,6 @@ > --- a/configure.ac > +++ b/configure.ac > -@@ -2904,6 +2904,7 @@ CURL_VERIFY_RUNTIMELIBS > +@@ -2877,6 +2877,7 @@ CURL_VERIFY_RUNTIMELIBS > > AC_CHECK_SIZEOF(size_t) > AC_CHECK_SIZEOF(long) > diff --git a/package/network/utils/curl/patches/200-no_docs_tests.patch > b/package/network/utils/curl/patches/200-no_docs_tests.patch > index 2287215..42619a3 100644 > --- a/package/network/utils/curl/patches/200-no_docs_tests.patch > +++ b/package/network/utils/curl/patches/200-no_docs_tests.patch > @@ -1,6 +1,6 @@ > --- a/Makefile.am > +++ b/Makefile.am > -@@ -66,7 +66,7 @@ CLEANFILES = $(VC6
[OpenWrt-Devel] [PATCH] curl: 7.36.0 -> 7.38.0
Main changes: - URL parser: IPv6 zone identifiers are now supported - cyassl: Use error-ssl.h when available (drop local patch) - polarssl: support CURLOPT_CAPATH / --capath - mkhelp: generate code for --disable-manual as well (drop local patch) Full release notes: http://curl.haxx.se/changes.html MIPS 34kc binary size: - 7.36.0 before: 82,539 bytes - 7.38.0 after: 83,321 bytes Signed-off-by: Catalin Patulea --- package/network/utils/curl/Makefile|4 +- ...001-cyassl-Use-error-ssl.h-when-available.patch | 45 .../utils/curl/patches/100-check_long_long.patch |2 +- .../utils/curl/patches/200-no_docs_tests.patch |8 ++-- .../network/utils/curl/patches/400-hugehelp.patch | 13 -- 5 files changed, 7 insertions(+), 65 deletions(-) delete mode 100644 package/network/utils/curl/patches/001-cyassl-Use-error-ssl.h-when-available.patch delete mode 100644 package/network/utils/curl/patches/400-hugehelp.patch diff --git a/package/network/utils/curl/Makefile b/package/network/utils/curl/Makefile index d1a8fc5..0bb8323 100644 --- a/package/network/utils/curl/Makefile +++ b/package/network/utils/curl/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=curl -PKG_VERSION:=7.36.0 +PKG_VERSION:=7.38.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 @@ -18,7 +18,7 @@ PKG_SOURCE_URL:=http://curl.haxx.se/download/ \ ftp://ftp.planetmirror.com/pub/curl/ \ http://www.mirrormonster.com/curl/download/ \ http://curl.mirrors.cyberservers.net/download/ -PKG_MD5SUM:=e6d1f9d1b59da5062109ffe14e0569a4 +PKG_MD5SUM:=af6b3c299bd891f43cb5f76c4091b7b4 PKG_LICENSE:=MIT PKG_LICENSE_FILES:=COPYING diff --git a/package/network/utils/curl/patches/001-cyassl-Use-error-ssl.h-when-available.patch b/package/network/utils/curl/patches/001-cyassl-Use-error-ssl.h-when-available.patch deleted file mode 100644 index d7190af..000 --- a/package/network/utils/curl/patches/001-cyassl-Use-error-ssl.h-when-available.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 0204e17bc656e6c59b4010283e67f9251eb12c41 Mon Sep 17 00:00:00 2001 -From: Dan Fandrich -Date: Wed, 23 Apr 2014 11:01:30 +0200 -Subject: [PATCH] cyassl: Use error-ssl.h when available - -Versions since at least 2.9.4 renamed error.h to error-ssl.h, so use -whichever one is available. - configure.ac |3 +++ - lib/vtls/cyassl.c |9 +++-- - 2 files changed, 10 insertions(+), 2 deletions(-) - a/configure.ac -+++ b/configure.ac -@@ -2003,6 +2003,9 @@ if test "$curl_ssl_msg" = "$init_ssl_msg - dnl cyassl/ctaocrypt/types.h needs SIZEOF_LONG_LONG defined! - AC_CHECK_SIZEOF(long long) - -+ dnl Versions since at least 2.9.4 renamed error.h to error-ssl.h -+ AC_CHECK_HEADERS(cyassl/error-ssl.h) -+ - LIBS="-lcyassl -lm $LIBS" - - if test -n "$cyassllib"; then a/lib/vtls/cyassl.c -+++ b/lib/vtls/cyassl.c -@@ -47,11 +47,16 @@ - #define _MPRINTF_REPLACE /* use our functions only */ - #include - #include "curl_memory.h" --/* The last #include file should be: */ --#include "memdebug.h" -+ - #include -+#ifdef HAVE_CYASSL_ERROR_SSL_H -+#include -+#else - #include -+#endif - -+/* The last #include file should be: */ -+#include "memdebug.h" - - static Curl_recv cyassl_recv; - static Curl_send cyassl_send; diff --git a/package/network/utils/curl/patches/100-check_long_long.patch b/package/network/utils/curl/patches/100-check_long_long.patch index 7e014cd..05fb1bf 100644 --- a/package/network/utils/curl/patches/100-check_long_long.patch +++ b/package/network/utils/curl/patches/100-check_long_long.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -2904,6 +2904,7 @@ CURL_VERIFY_RUNTIMELIBS +@@ -2877,6 +2877,7 @@ CURL_VERIFY_RUNTIMELIBS AC_CHECK_SIZEOF(size_t) AC_CHECK_SIZEOF(long) diff --git a/package/network/utils/curl/patches/200-no_docs_tests.patch b/package/network/utils/curl/patches/200-no_docs_tests.patch index 2287215..42619a3 100644 --- a/package/network/utils/curl/patches/200-no_docs_tests.patch +++ b/package/network/utils/curl/patches/200-no_docs_tests.patch @@ -1,6 +1,6 @@ --- a/Makefile.am +++ b/Makefile.am -@@ -66,7 +66,7 @@ CLEANFILES = $(VC6LIBDSP) $(VC8LIBPRJ) +@@ -128,7 +128,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) bin_SCRIPTS = curl-config SUBDIRS = lib src include @@ -11,12 +11,12 @@ pkgconfig_DATA = libcurl.pc --- a/Makefile.in +++ b/Makefile.in -@@ -506,7 +506,7 @@ EXTRA_DIST = CHANGES COPYING maketgz Mak - CLEANFILES = $(VC6LIBDSP) $(VC8LIBPRJ) +@@ -574,7 +574,7 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) + bin_SCRIPTS = curl-config SUBDIRS = lib src include -DIST_SUBDIRS = $(SUBDIRS) tests packages docs +DIST_SUBDIRS = $(SUBDIRS) packages pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = libcurl.pc - VSOURCES = vtls/openssl.c vtls/gtls.c vtls/vtls.c vtls/nss.c vtls/qssl.c
Re: [OpenWrt-Devel] WRT54GS v1.0 GPIO definitions in r41004
On Fri, Jun 20, 2014 at 3:20 PM, Catalin Patulea wrote: >> Hauke: it seems nvram may be wrong there. According to the Catalin, >> reset button uses GPIO 6. On the other hand it seems adm6996.c never >> really uses "eerc". > I modified adm6996.c to allow GPIO export and started controlling > gpio6 manually, toggling every 1 second. I used a voltmeter to look at > the ADM6996 RC (reset) pin - it was *not* toggling. So I also think > NVRAM is wrong. Actually, I re-read my notes, and I have a more detailed mapping: gpio2 = EECS = ADM6996 pin 80 gpio3 = EESK = pin 81 gpio4 = EDO = pin 84 gpio5 = EDI = pin 79 All of the above are connected through a cluster of resistors (RP3). I could not find a GPIO that controls RC (ADM6996 pin 112), but there is a long trace leading somewhere else, and a pulldown resistor (RG11). ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] WRT54GS v1.0 GPIO definitions in r41004
On Fri, Jun 20, 2014 at 6:20 AM, Rafał Miłecki wrote: >> Your nvram has following entries: >> gpio6=adm_rc >> gpio5=adm_eedi >> gpio3=adm_eesk >> gpio2=adm_eecs > > Hauke: it seems nvram may be wrong there. According to the Catalin, > reset button uses GPIO 6. On the other hand it seems adm6996.c never > really uses "eerc". I modified adm6996.c to allow GPIO export and started controlling gpio6 manually, toggling every 1 second. I used a voltmeter to look at the ADM6996 RC (reset) pin - it was *not* toggling. So I also think NVRAM is wrong. I tried to look for other GPIOs that control adm6996 RC but I couldn't find one. Indeed eerc is unused in adm6996, but it would be nice to find a signal to perform a hardware reset. I think it's still possible there is some connection between gpio6 and RC but the circuit may be more complicated. For example the POWER LED is controlled somehow by both gpio0 and wifi state. Maybe there is some multiplexing happening on gpio6 too, perhaps controlled by some other signal? I'm not sure if this is likely, I don't have much experience with what is typical for these boards. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] WRT54GS v1.0 GPIO definitions in r41004
Also seems package/broadcom-diag/src/diag.c's legacy detection default WRT54G layout is correct for my board. But I guess nowadays diag.c uses board.c information first. On Thu, Jun 5, 2014 at 6:38 PM, Catalin Patulea wrote: > On Jun 5, 2014 4:13 PM, "Rafał Miłecki" wrote: >> See attached file (I've just added your case to it). 0x0101/42/0x10 >> seems correct for WRT54GS V1.0 (I found it in 2 other places too). As >> you noticed, it's also the same for WRT54G V2. > Thanks for this. Do you know if the GPIO layout is the same for WRT54GS V1.0 > and WRT54G V2? > >> It seems we need to split this set of WRT54G* a bit. > I suspect that you are implying that the GPIO layouts are *not* the same and > we will need to split by boardflags, is that correct? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] WRT54GS v1.0 GPIO definitions in r41004
On Jun 5, 2014 4:13 PM, "Rafał Miłecki" wrote: > See attached file (I've just added your case to it). 0x0101/42/0x10 > seems correct for WRT54GS V1.0 (I found it in 2 other places too). As > you noticed, it's also the same for WRT54G V2. Thanks for this. Do you know if the GPIO layout is the same for WRT54GS V1.0 and WRT54G V2? > It seems we need to split this set of WRT54G* a bit. I suspect that you are implying that the GPIO layouts are *not* the same and we will need to split by boardflags, is that correct? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] WRT54GS v1.0 GPIO definitions in r41004
Here is dmesg also: http://pastebin.com/ZHXdd3PK Note: [ 12.58] gpio-keys gpio-keys.0: unable to claim gpio 6, err=-16 [ 12.66] gpio-keys: probe of gpio-keys.0 failed with error -16 [ 12.90] leds-gpio: probe of leds-gpio failed with error -16 I also have trouble with sysupgrade. I can load a new firmware image using TFTP to the bootloader, but if I try a OpenWrt->OpenWrt upgrade using sysupgrade, the system never reboots and gets stuck in the bootloader when I powercycle. I can then flash the same image using TFTP and it works (so I think the image is OK, but some issue with sysupgrade). On Thu, Jun 5, 2014 at 1:12 PM, Catalin Patulea wrote: > Hi, > > I've got a WRT54GS v1.0 and trying to run r41004 on it. I'm having > trouble with assignment of GPIOs. > > The model number on the case, serial no, MAC and FCC ID all match a > WRT54GS v1.0 according to: > https://wikidevi.com/wiki/Linksys_WRT54GS_v1.0 > > But my nvram has these board parameters: > boardtype=0x0101 > boardnum=42 > boardrev=0x10 > (full nvram dump: http://pastebin.com/FVkddFSi) > > which in arch/mips/bcm47xx/board.c gets mapped to: > {{BCM47XX_BOARD_LINKSYS_WRT54G, "Linksys WRT54G/GS/GL"}, "0x0101", > "42", "0x10"}, > > with these LED definitions: > bcm47xx_leds_linksys_wrt54gsv1[] __initconst = { > BCM47XX_GPIO_LED(0, "unk", "dmz", 1, LEDS_GPIO_DEFSTATE_OFF), > BCM47XX_GPIO_LED(1, "unk", "power", 0, LEDS_GPIO_DEFSTATE_ON), > BCM47XX_GPIO_LED(5, "white", "wps", 1, LEDS_GPIO_DEFSTATE_OFF), > BCM47XX_GPIO_LED(7, "orange", "wps", 1, LEDS_GPIO_DEFSTATE_OFF), > }; > > I have DMZ and power LEDs, but they're on different GPIOs, and I don't > have a WPS LED (front panel looks like this: > http://www.rootdir.de/linksys_wrt54gs/wrt54gs_rev1.1_5.jpg). > > I did some experimentation and this is my GPIO layout: > GPIOs 0-15, ssb_chipco_gpio: > gpio-0 (sysfs ) out hi WLAN LED active high > gpio-1 (sysfs ) out lo PWR LED 0=blink 1=on > gpio-2 (adm_eecs) in lo > gpio-3 (adm_eesk) in lo > gpio-4 (sysfs ) in hi > gpio-5 (adm_eedi) in lo > gpio-6 (adm_eerc) in hi RESET BTN active low > gpio-7 (sysfs ) in hi DMZ LED active low > gpio-8 (sysfs ) in lo > gpio-9 (sysfs ) in lo > gpio-10 (sysfs ) in lo > gpio-11 (sysfs ) in lo > gpio-12 (sysfs ) in lo > gpio-13 (sysfs ) in lo > gpio-14 (sysfs ) in lo > gpio-15 (sysfs ) in lo > > which most closely matches WRTSL54GS (except no WPS LED). > > The ADM pins also might be wrong (despite definitions in the nvram > that point to those pins). My switch gets detected but when I do > "swconfig switch0 show" my system reboots. > > It feels like I have a WRT54GS v1.0 hardware with WRT54G NVRAM. Does > anyone have a WRT54GS v1.0 nvram dump to compare? WRTSL54GS dump would > also be nice. > > Catalin ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] WRT54GS v1.0 GPIO definitions in r41004
Hi, I've got a WRT54GS v1.0 and trying to run r41004 on it. I'm having trouble with assignment of GPIOs. The model number on the case, serial no, MAC and FCC ID all match a WRT54GS v1.0 according to: https://wikidevi.com/wiki/Linksys_WRT54GS_v1.0 But my nvram has these board parameters: boardtype=0x0101 boardnum=42 boardrev=0x10 (full nvram dump: http://pastebin.com/FVkddFSi) which in arch/mips/bcm47xx/board.c gets mapped to: {{BCM47XX_BOARD_LINKSYS_WRT54G, "Linksys WRT54G/GS/GL"}, "0x0101", "42", "0x10"}, with these LED definitions: bcm47xx_leds_linksys_wrt54gsv1[] __initconst = { BCM47XX_GPIO_LED(0, "unk", "dmz", 1, LEDS_GPIO_DEFSTATE_OFF), BCM47XX_GPIO_LED(1, "unk", "power", 0, LEDS_GPIO_DEFSTATE_ON), BCM47XX_GPIO_LED(5, "white", "wps", 1, LEDS_GPIO_DEFSTATE_OFF), BCM47XX_GPIO_LED(7, "orange", "wps", 1, LEDS_GPIO_DEFSTATE_OFF), }; I have DMZ and power LEDs, but they're on different GPIOs, and I don't have a WPS LED (front panel looks like this: http://www.rootdir.de/linksys_wrt54gs/wrt54gs_rev1.1_5.jpg). I did some experimentation and this is my GPIO layout: GPIOs 0-15, ssb_chipco_gpio: gpio-0 (sysfs ) out hi WLAN LED active high gpio-1 (sysfs ) out lo PWR LED 0=blink 1=on gpio-2 (adm_eecs) in lo gpio-3 (adm_eesk) in lo gpio-4 (sysfs ) in hi gpio-5 (adm_eedi) in lo gpio-6 (adm_eerc) in hi RESET BTN active low gpio-7 (sysfs ) in hi DMZ LED active low gpio-8 (sysfs ) in lo gpio-9 (sysfs ) in lo gpio-10 (sysfs ) in lo gpio-11 (sysfs ) in lo gpio-12 (sysfs ) in lo gpio-13 (sysfs ) in lo gpio-14 (sysfs ) in lo gpio-15 (sysfs ) in lo which most closely matches WRTSL54GS (except no WPS LED). The ADM pins also might be wrong (despite definitions in the nvram that point to those pins). My switch gets detected but when I do "swconfig switch0 show" my system reboots. It feels like I have a WRT54GS v1.0 hardware with WRT54G NVRAM. Does anyone have a WRT54GS v1.0 nvram dump to compare? WRTSL54GS dump would also be nice. Catalin ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Bug tracker spamming is getting annoying
I thought this trick was really clever: http://trac.edgewall.org/wiki/SpamFilter#TrapField On Thu, May 8, 2014 at 2:15 PM, Hannu Nyman wrote: > Looks like the spamming via the bug tracker is getting out of hand. Some > ~400 spam bugs today. > > Have devs considered new cures? > > Trac seems to enable ip based throttling (ip_throttle filter) and ip > blacklisting. > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] [packages] mii-tool: update to 2014-02-18
Some notable changes: - #include sockios added upstream, drop patch - GbE support - Fix swapped advertising/link partner features fields - Document -p option - Dump more registers Full changelog: http://sourceforge.net/p/net-tools/code/ci/68a4d784daaf5fb3449808e434e8cbb9625988e6/log/?path=/mii-tool.c Signed-off-by: Catalin Patulea --- This patch is also available in this git tree: https://github.com/cpatulea/openwrt-packages -- net/mii-tool/Makefile | 20 +++- .../patches/001-include_linux_sockios.patch| 12 2 files changed, 15 insertions(+), 17 deletions(-) delete mode 100644 net/mii-tool/patches/001-include_linux_sockios.patch diff --git a/net/mii-tool/Makefile b/net/mii-tool/Makefile index ca63fb3..3e4c395 100644 --- a/net/mii-tool/Makefile +++ b/net/mii-tool/Makefile @@ -8,12 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mii-tool -PKG_VERSION:=1.9.1.1 +PKG_VERSION:=2014-02-18 PKG_RELEASE:=1 -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 -PKG_SOURCE_URL:=http://downloads.openwrt.org/sources -PKG_MD5SUM:=f65dbeb1c2392acffd4c94138b1f2e52 +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=git://git.code.sf.net/p/net-tools/code +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_SOURCE_VERSION:=68a4d784daaf5fb3449808e434e8cbb9625988e6 +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz include $(INCLUDE_DIR)/package.mk @@ -31,7 +33,15 @@ define Package/mii-tool/description optimized for embedded systems and fully automated cross/-sysroot-builds endef -MAKE_FLAGS += CFLAGS="$(TARGET_CFLAGS) -D_GNU_SOURCE -I. -idirafter ./include/" +define Build/Configure + # Failed configure.sh leaves stub config.h around. + rm -f $(PKG_BUILD_DIR)/config.h + (cd $(PKG_BUILD_DIR) && yes '\n' | ./configure.sh config.in ) +endef + +define Build/Compile + $(call Build/Compile/Default,mii-tool) +endef define Package/mii-tool/install $(INSTALL_DIR) $(1)/usr/sbin diff --git a/net/mii-tool/patches/001-include_linux_sockios.patch b/net/mii-tool/patches/001-include_linux_sockios.patch deleted file mode 100644 index 3f11bf8..000 --- a/net/mii-tool/patches/001-include_linux_sockios.patch +++ /dev/null @@ -1,12 +0,0 @@ -Index: mii-tool-1.9.1.1/mii-tool.c -=== mii-tool-1.9.1.1.orig/mii-tool.c -+++ mii-tool-1.9.1.1/mii-tool.c -@@ -50,6 +50,7 @@ static char version[] = - #include - #include - #endif -+#include - #include "mii.h" - - #define MAX_ETH 8 /* Maximum # of interfaces */ -- 1.7.9.5 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] is anybody working on supporting Linksys WRT1900ac ?
Sorry, my comment was out of line. On Sat, Mar 29, 2014 at 2:49 AM, John Crispin wrote: > > > On 28/03/2014 22:08, Catalin Patulea wrote: >> Maybe that's why core OpenWRT devs haven't been merging patches >> for over a month. > > what a pile if bullshit you are talking ... > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] dropbear: update to 2014.63
Incremental build bugfix: https://github.com/cpatulea/openwrt/commit/0211a7b272fc5fabf9cce87dcaaa4f62892377c9 On Thu, Mar 27, 2014 at 2:15 AM, Catalin Patulea wrote: > I've pushed my dropbear patch to this github tree: > https://github.com/cpatulea/openwrt/tree/next > > If you have any new dropbear updates, feel free to cc me and I will merge. > > On Tue, Mar 25, 2014 at 2:43 PM, Pau wrote: >> Dammit, I've seen this thread after preparing a patch to upgrade >> dropbear to 2014.63 >> >> I don't think it is needed, but just in case I leave it here... >> >> @Felix, it would be nice to have the Catalin or mine applied to trunk. >> The ipv6 link-local bug is very annoying. >> >> Thanks. >> >> From 8d93d9fd4bbd65246eb1602d8a606e48ec921810 Mon Sep 17 00:00:00 2001 >> From: Pau Escrich >> Date: Tue, 25 Mar 2014 14:39:29 -0400 >> Subject: [PATCH] Update dropbear to 2014.63 >> >> Signed-off-by: Pau Escrich >> --- >> package/network/services/dropbear/Makefile | 4 ++-- >> .../dropbear/patches/120-openwrt_options.patch | 21 >> ++--- >> .../dropbear/patches/150-dbconvert_standalone.patch | 5 ++--- >> .../dropbear/patches/200-lcrypt_bsdfix.patch| 19 >> +-- >> 4 files changed, 11 insertions(+), 38 deletions(-) >> >> diff --git a/package/network/services/dropbear/Makefile >> b/package/network/services/dropbear/Makefile >> index 02be761..1340e8d 100644 >> --- a/package/network/services/dropbear/Makefile >> +++ b/package/network/services/dropbear/Makefile >> @@ -8,14 +8,14 @@ >> include $(TOPDIR)/rules.mk >> >> PKG_NAME:=dropbear >> -PKG_VERSION:=2013.59 >> +PKG_VERSION:=2014.63 >> PKG_RELEASE:=1 >> >> PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 >> PKG_SOURCE_URL:= \ >> http://matt.ucc.asn.au/dropbear/releases/ \ >> https://dropbear.nl/mirror/releases/ >> -PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 >> +PKG_MD5SUM:=7066bb9a2da708f3ed06314fdc9c47fd >> >> PKG_LICENSE:=MIT >> PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE >> diff --git >> a/package/network/services/dropbear/patches/120-openwrt_options.patch >> b/package/network/services/dropbear/patches/120-openwrt_options.patch >> index 9300a27..1b5c5cb 100644 >> --- a/package/network/services/dropbear/patches/120-openwrt_options.patch >> +++ b/package/network/services/dropbear/patches/120-openwrt_options.patch >> @@ -1,6 +1,6 @@ >> --- a/options.h >> +++ b/options.h >> -@@ -38,7 +38,7 @@ >> +@@ -41,7 +41,7 @@ >>* Both of these flags can be defined at once, don't compile without >> at least >>* one of them. */ >> #define NON_INETD_MODE >> @@ -9,16 +9,7 @@ >> >> /* Setting this disables the fast exptmod bignum code. It saves ~5kB, >> but is >>* perhaps 20% slower for pubkey operations (it is probably worth >> experimenting >> -@@ -49,7 +49,7 @@ >> - several kB in binary size however will make the symmetrical ciphers >> and hashes >> - slower, perhaps by 50%. Recommended for small systems that aren't doing >> - much traffic. */ >> --/*#define DROPBEAR_SMALL_CODE*/ >> -+#define DROPBEAR_SMALL_CODE >> - >> - /* Enable X11 Forwarding - server only */ >> - #define ENABLE_X11FWD >> -@@ -78,7 +78,7 @@ much traffic. */ >> +@@ -81,7 +81,7 @@ much traffic. */ >> >> /* Enable "Netcat mode" option. This will forward standard input/output >>* to a remote TCP-forwarded connection */ >> @@ -27,7 +18,7 @@ >> >> /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at >> runtime */ >> #define ENABLE_USER_ALGO_LIST >> -@@ -92,8 +92,8 @@ much traffic. */ >> +@@ -95,8 +95,8 @@ much traffic. */ >> #define DROPBEAR_AES256 >> /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ >> /*#define DROPBEAR_BLOWFISH*/ >> @@ -38,7 +29,7 @@ >> >> /* Enable "Counter Mode" for ciphers. This is more secure than normal >>* CBC mode against certain attacks. This adds around 1kB to binary >> -@@ -119,7 +119,7 @@ much traffic. */ >> +@@ -122,7 +122,7 @@ much traffic. */ >>* If you disable MD5, Dropbear will fall back to SHA1 fingerprints, >>* which are not the standard form. */ >> #define DROPBEAR_SHA1_HMAC >> @@ -47,7 +38,7 @@ >> /*#define DROPBEAR_SHA2_256_HMAC*/ >> /*#define DROPBEAR_SHA2_512_HMAC*/ >> #define
Re: [OpenWrt-Devel] logd
Looks ok here: root@mat:~# uname -a Linux mat 3.10.34 #3 Fri Mar 28 23:39:15 EDT 2014 mips GNU/Linux root@mat:~# cat /etc/openwrt_version r40296 root@mat:~# uci show system.@system[-1].log_size system.cfg02e48a.log_size=1024 root@mat:~# logread | wc 6243 49984 1117225 root@mat:~# logread | wc 6243 49984 1117225 root@mat:~# logread | wc 6243 49984 1117225 root@mat:~# logread | wc 6243 49984 1117225 root@mat:~# logread | wc 6243 49984 1117225 This is after stopping 'while :; do logger; done', right? With the loop running, there is some small variance in the number of lines (+/- 40 lines), I'm guessing due to logread catching logd at various stages of garbage collecting old entries in the ring buffer? On Thu, Mar 27, 2014 at 9:46 AM, John Crispin wrote: > Hi, > > r40295 should fix #15357 > > Can someone try to verify that it is indeed fixed now ? > > below are my test results > > John > > > > > root@OpenWrt:/# uci show system.@system[-1].log_size > system.cfg02e48a.log_size=1024 > > root@OpenWrt:/# while true; do logger > foo;done > > root@OpenWrt:/# logread > a > root@OpenWrt:/# ls -la a > -rw-r--r--1 root root 1116960 Mar 27 12:12 a > > root@OpenWrt:/# logread > b > root@OpenWrt:/# ls -la b > -rw-r--r--1 root root 1116960 Mar 27 12:12 b > > root@OpenWrt:/# logread | wc -l > 6240 > root@OpenWrt:/# logread | wc -l > 6240 > root@OpenWrt:/# logread | wc -l > 6240 > root@OpenWrt:/# logread | wc -l > 6240 > root@OpenWrt:/# logread | wc -l > 6240 > root@OpenWrt:/# > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] is anybody working on supporting Linksys WRT1900ac ?
On Fri, Mar 28, 2014 at 4:58 PM, Peter Lawler wrote: > "Hi Pete! We are working with one of the OpenWRT founders and his team. > We'll be sharing more details later... Stay tuned! :)" Maybe that's why core OpenWRT devs haven't been merging patches for over a month. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] Fix regression in busybox sysntpd init when specifying more than one ntp server in the config file.
Dude, *you* committed this fix 10 days ago: http://openwrt.nanobit.org/changeset/39935/trunk/package/utils/busybox/files/sysntpd Why not take a look at patches that have been sitting in queue for over a month instead: http://patchwork.openwrt.org/patch/4931/ or at least this small bug fix: http://patchwork.openwrt.org/patch/4932/ On Thu, Mar 27, 2014 at 4:15 AM, Felix Fietkau wrote: > On 2014-02-28 20:16, Vittorio G (VittGam) wrote: >> Hi, >> >> This patch fixes a regression introduced with r38787. >> >> Before patching: >> /usr/sbin/ntpd -n -l -p server1 server2 server3 server4 >> >> After patching: >> /usr/sbin/ntpd -n -l -p server1 -p server2 -p server3 -p server4 >> >> Signed-off-by: Vittorio Gambaletta > Does not apply (due to line wrapping) > Please resend. > > - Felix > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] Fix regression in busybox sysntpd init when specifying more than one ntp server in the config file.
This was fixed in r39935 I think: http://openwrt.nanobit.org/changeset/39935/trunk/package/utils/busybox/files/sysntpd On Thu, Mar 27, 2014 at 3:46 AM, Weedy wrote: > Please accept this patch. > > On 28 Feb 2014 14:16, "Vittorio G (VittGam)" wrote: >> >> Hi, >> >> This patch fixes a regression introduced with r38787. >> >> Before patching: >> /usr/sbin/ntpd -n -l -p server1 server2 server3 server4 >> >> After patching: >> /usr/sbin/ntpd -n -l -p server1 -p server2 -p server3 -p server4 >> >> Signed-off-by: Vittorio Gambaletta >> --- >> >> --- a/trunk/package/utils/busybox/files/sysntpd 2013-11-28 >> 12:28:40.0 +0100 >> +++ b/trunk/package/utils/busybox/files/sysntpd 2014-02-28 >> 19:51:48.957785869 +0100 >> @@ -24,7 +24,7 @@ >> procd_open_instance >> procd_set_param command "$PROG" -n >> [ "$enable_server" = "1" ] && procd_append_param command -l >> - for peer in "$server"; do >> + for peer in $server; do >> procd_append_param command -p $peer >> done >> procd_set_param respawn >> ___ >> openwrt-devel mailing list >> openwrt-devel@lists.openwrt.org >> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel > > > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel > ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] dropbear: update to 2014.63
is > functionality.*/ > diff --git > a/package/network/services/dropbear/patches/150-dbconvert_standalone.patch > b/package/network/services/dropbear/patches/150-dbconvert_standalone.patch > index 3e0b008..2b5e201 100644 > --- > a/package/network/services/dropbear/patches/150-dbconvert_standalone.patch > +++ > b/package/network/services/dropbear/patches/150-dbconvert_standalone.patch > @@ -9,6 +9,5 @@ > +#define DROPBEAR_CLIENT > +#endif > + > - /** > - * Define compile-time options below - the "#ifndef DROPBEAR_XXX > #endif" > - * parts are to allow for commandline -DDROPBEAR_XXX options etc. > + /* Define compile-time options below - the "#ifndef DROPBEAR_XXX > #endif" > + * parts are to allow for commandline -DDROPBEAR_XXX options etc. */ > diff --git > a/package/network/services/dropbear/patches/200-lcrypt_bsdfix.patch > b/package/network/services/dropbear/patches/200-lcrypt_bsdfix.patch > index a5697e2..c20e444 100644 > --- a/package/network/services/dropbear/patches/200-lcrypt_bsdfix.patch > +++ b/package/network/services/dropbear/patches/200-lcrypt_bsdfix.patch > @@ -1,15 +1,6 @@ > --- a/Makefile.in > +++ b/Makefile.in > -@@ -56,7 +56,7 @@ HEADERS=options.h dbutil.h session.h pac > - loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \ > - listener.h fake-rfc2553.h > - > --dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) @CRYPTLIB@ > -+dropbearobjs=$(COMMONOBJS) $(CLISVROBJS) $(SVROBJS) > - dbclientobjs=$(COMMONOBJS) $(CLISVROBJS) $(CLIOBJS) > - dropbearkeyobjs=$(COMMONOBJS) $(KEYOBJS) > - dropbearconvertobjs=$(COMMONOBJS) $(CONVERTOBJS) > -@@ -78,7 +78,7 @@ STRIP=@STRIP@ > +@@ -83,7 +83,7 @@ STRIP=@STRIP@ > INSTALL=@INSTALL@ > CPPFLAGS=@CPPFLAGS@ > CFLAGS+=-I. -I$(srcdir) $(CPPFLAGS) @CFLAGS@ > @@ -18,12 +9,4 @@ > LDFLAGS=@LDFLAGS@ > > EXEEXT=@EXEEXT@ > -@@ -168,7 +168,7 @@ scp: $(SCPOBJS) $(HEADERS) Makefile > - # multi-binary compilation. > - MULTIOBJS= > - ifeq ($(MULTI),1) > -- MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), > $($(prog)objs))) @CRYPTLIB@ > -+ MULTIOBJS=dbmulti.o $(sort $(foreach prog, $(PROGRAMS), > $($(prog)objs))) > - CFLAGS+=$(addprefix -DDBMULTI_, $(PROGRAMS)) -DDROPBEAR_MULTI > - endif > > -- > 1.8.1.2 > > > On 23/03/14 07:19, Catalin Patulea wrote: >> Hi folks, I'm still interested in getting this merged. If there's >> anything I can do to speed up the process, please let me know. >> >> On Thu, Mar 13, 2014 at 3:55 PM, Gui Iribarren wrote: >>> On 03/13/2014 03:15 AM, Catalin Patulea wrote: >>>> >>>> ping?? >>> >>> >>> +1 >>> 2014.63 also fixes the brown-paper-bag bug that prevented from doing ssh to >>> link-local addresses, since the '%' operator had been (incorrectly) >>> reassigned. >>> >>>> >>>> On Sat, Mar 1, 2014 at 4:05 AM, Catalin Patulea >>>> wrote: >>>>> >>>>> ping >>>>> >>>>> On Mon, Feb 24, 2014 at 1:02 AM, Catalin Patulea >>>>> wrote: >>>>>> >>>>>> Upstream changelog: >>>>>> https://matt.ucc.asn.au/dropbear/CHANGES >>>>>> >>>>>> This adds elliptic curve cryptography (ECC) support as an option, >>>>>> disabled >>>>>> by default. >>>>>> >>>>>> dropbear mips 34kc uClibc binary size: >>>>>> before: 161,672 bytes >>>>>> after, without ECC (default): 164,968 >>>>>> after, with ECC: 198,008 >>>>>> >>>>>> Signed-off-by: Catalin Patulea >>>>>> --- >>>>>> package/network/services/dropbear/Config.in| 27 >>>>>> ++ >>>>>> package/network/services/dropbear/Makefile | 24 >>>>>> ++-- >>>>>> .../dropbear/patches/100-pubkey_path.patch |4 +-- >>>>>> .../dropbear/patches/110-change_user.patch |2 +- >>>>>> .../dropbear/patches/120-openwrt_options.patch | 21 >>>>>> -- >>>>>> .../dropbear/patches/140-disable_assert.patch |2 +- >>>>>> .../patches/150-dbconvert_standalone.patch |6 ++-- >>>>>> .../dropbear/patches/200-lcrypt_bsdfix.patch | 29 >>>>>> ---
Re: [OpenWrt-Devel] [PATCH] dropbear: update to 2014.63
Hi folks, I'm still interested in getting this merged. If there's anything I can do to speed up the process, please let me know. On Thu, Mar 13, 2014 at 3:55 PM, Gui Iribarren wrote: > On 03/13/2014 03:15 AM, Catalin Patulea wrote: >> >> ping?? > > > +1 > 2014.63 also fixes the brown-paper-bag bug that prevented from doing ssh to > link-local addresses, since the '%' operator had been (incorrectly) > reassigned. > >> >> On Sat, Mar 1, 2014 at 4:05 AM, Catalin Patulea >> wrote: >>> >>> ping >>> >>> On Mon, Feb 24, 2014 at 1:02 AM, Catalin Patulea >>> wrote: >>>> >>>> Upstream changelog: >>>> https://matt.ucc.asn.au/dropbear/CHANGES >>>> >>>> This adds elliptic curve cryptography (ECC) support as an option, >>>> disabled >>>> by default. >>>> >>>> dropbear mips 34kc uClibc binary size: >>>> before: 161,672 bytes >>>> after, without ECC (default): 164,968 >>>> after, with ECC: 198,008 >>>> >>>> Signed-off-by: Catalin Patulea >>>> --- >>>> package/network/services/dropbear/Config.in| 27 >>>> ++ >>>> package/network/services/dropbear/Makefile | 24 >>>> ++-- >>>> .../dropbear/patches/100-pubkey_path.patch |4 +-- >>>> .../dropbear/patches/110-change_user.patch |2 +- >>>> .../dropbear/patches/120-openwrt_options.patch | 21 >>>> -- >>>> .../dropbear/patches/140-disable_assert.patch |2 +- >>>> .../patches/150-dbconvert_standalone.patch |6 ++-- >>>> .../dropbear/patches/200-lcrypt_bsdfix.patch | 29 >>>> >>>> .../dropbear/patches/500-set-default-path.patch|2 +- >>>> 9 files changed, 63 insertions(+), 54 deletions(-) >>>> create mode 100644 package/network/services/dropbear/Config.in >>>> delete mode 100644 >>>> package/network/services/dropbear/patches/200-lcrypt_bsdfix.patch >>>> >>>> diff --git a/package/network/services/dropbear/Config.in >>>> b/package/network/services/dropbear/Config.in >>>> new file mode 100644 >>>> index 000..e2a7610 >>>> --- /dev/null >>>> +++ b/package/network/services/dropbear/Config.in >>>> @@ -0,0 +1,27 @@ >>>> +menu "Configuration" >>>> + depends on PACKAGE_dropbear >>>> + >>>> +config DROPBEAR_ECC >>>> + bool "Elliptic curve cryptography (ECC)" >>>> + default n >>>> + help >>>> + Enables elliptic curve cryptography (ECC) support in key >>>> exchange and public key >>>> + authentication. >>>> + >>>> + Key exchange algorithms: >>>> + ecdh-sha2-nistp256 >>>> + ecdh-sha2-nistp384 >>>> + ecdh-sha2-nistp521 >>>> + curve25519-sha...@libssh.org >>>> + >>>> + Public key algorithms: >>>> + ecdsa-sha2-nistp256 >>>> + ecdsa-sha2-nistp384 >>>> + ecdsa-sha2-nistp521 >>>> + >>>> + Does not generate ECC host keys by default (ECC key >>>> exchange will not be used, >>>> + only ECC public key auth). >>>> + >>>> + Increases binary size by about 36 kB (MIPS). >>>> + >>>> +endmenu >>>> diff --git a/package/network/services/dropbear/Makefile >>>> b/package/network/services/dropbear/Makefile >>>> index 02be761..692199e 100644 >>>> --- a/package/network/services/dropbear/Makefile >>>> +++ b/package/network/services/dropbear/Makefile >>>> @@ -8,26 +8,32 @@ >>>> include $(TOPDIR)/rules.mk >>>> >>>> PKG_NAME:=dropbear >>>> -PKG_VERSION:=2013.59 >>>> +PKG_VERSION:=2014.63 >>>> PKG_RELEASE:=1 >>>> >>>> PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 >>>> PKG_SOURCE_URL:= \ >>>> http://matt.ucc.asn.au/dropbear/releases/ \ >>>> https://dropbear.nl/mirror/releases/ >>>> -PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 >>
Re: [OpenWrt-Devel] dev.openwrt.org frequently gives 504 Gateway Time-out or 502 Bad Gateway errors
Jow, can you try breaking it again? On Wed, Mar 19, 2014 at 1:17 PM, Catalin Patulea wrote: > How much traffic does dev.openwrt.org get to /browser/* on average? (I > am not interested in /chrome/* or other handlers for now) > > On Wed, Mar 19, 2014 at 11:23 AM, Jo-Philipp Wich wrote: >> Hi. >> >>> Can you give this mirror a shot? >>> http://openwrt.nanobit.org/browser/trunk >>> >>> It's just the svn repo, and it's not synced on a regular basis, but if >>> it can handle the load, I can see about improving it. >> >> 504 Gateway Time-out >> nginx >> >> This was after holding Ctrl-R for 5 seconds. >> >> ~ Jow >> >> >> ___ >> openwrt-devel mailing list >> openwrt-devel@lists.openwrt.org >> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel >> ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] dev.openwrt.org frequently gives 504 Gateway Time-out or 502 Bad Gateway errors
How much traffic does dev.openwrt.org get to /browser/* on average? (I am not interested in /chrome/* or other handlers for now) On Wed, Mar 19, 2014 at 11:23 AM, Jo-Philipp Wich wrote: > Hi. > >> Can you give this mirror a shot? >> http://openwrt.nanobit.org/browser/trunk >> >> It's just the svn repo, and it's not synced on a regular basis, but if >> it can handle the load, I can see about improving it. > > 504 Gateway Time-out > nginx > > This was after holding Ctrl-R for 5 seconds. > > ~ Jow > > > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel > ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] dev.openwrt.org frequently gives 504 Gateway Time-out or 502 Bad Gateway errors
Can you give this mirror a shot? http://openwrt.nanobit.org/browser/trunk It's just the svn repo, and it's not synced on a regular basis, but if it can handle the load, I can see about improving it. On Sun, Mar 16, 2014 at 12:28 PM, Weedy wrote: > On 16 Mar 2014 06:26, "Hannu Nyman" wrote: >> >> Jo-Philipp Wich wrote on Tue Mar 4 12:26:43 CET 2014: >> >>> I reworked the trac-fcgi launcher now and applied a number of >> >> > threading fixes to it, so far it seems to be way more responsive and >> > both memory consumption and cpu load plummeted to 50MB RAM / 10% CPU >> > per instance. >> > >> > On a first glance the result seems promising and the site is way >> > more responsive now. >> >> Looks like your fix has worked pretty ok. At least for some time. >> >> In the past two days there has been some intermittent sluggishness, and >> today I got again an 504 Gateway Time-out error. So, apparently something >> still needs further fixing. >> >> I wonder if a scheduled service restart would help, in case there is some >> memory leak or something like that, which causes the resource consumption to >> grow gradually. > > Monit? > Sounds like something monit should be watching for. > > > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel > ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] dev.openwrt.org frequently gives 504 Gateway Time-out or 502 Bad Gateway errors
On Sun, Mar 16, 2014 at 6:26 AM, Hannu Nyman wrote: > Looks like your fix has worked pretty ok. At least for some time. > > In the past two days there has been some intermittent sluggishness, and > today I got again an 504 Gateway Time-out error. So, apparently something > still needs further fixing. > > I wonder if a scheduled service restart would help, in case there is some > memory leak or something like that, which causes the resource consumption to > grow gradually. I'm interested in helping debug this. Jow, can you post more detailed info on the nginx and tracd configs? Can you share your modified trac.fcgi? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] dropbear: update to 2014.63
ping?? On Sat, Mar 1, 2014 at 4:05 AM, Catalin Patulea wrote: > ping > > On Mon, Feb 24, 2014 at 1:02 AM, Catalin Patulea wrote: >> Upstream changelog: >> https://matt.ucc.asn.au/dropbear/CHANGES >> >> This adds elliptic curve cryptography (ECC) support as an option, disabled >> by default. >> >> dropbear mips 34kc uClibc binary size: >> before: 161,672 bytes >> after, without ECC (default): 164,968 >> after, with ECC: 198,008 >> >> Signed-off-by: Catalin Patulea >> --- >> package/network/services/dropbear/Config.in| 27 ++ >> package/network/services/dropbear/Makefile | 24 ++-- >> .../dropbear/patches/100-pubkey_path.patch |4 +-- >> .../dropbear/patches/110-change_user.patch |2 +- >> .../dropbear/patches/120-openwrt_options.patch | 21 -- >> .../dropbear/patches/140-disable_assert.patch |2 +- >> .../patches/150-dbconvert_standalone.patch |6 ++-- >> .../dropbear/patches/200-lcrypt_bsdfix.patch | 29 >> >> .../dropbear/patches/500-set-default-path.patch|2 +- >> 9 files changed, 63 insertions(+), 54 deletions(-) >> create mode 100644 package/network/services/dropbear/Config.in >> delete mode 100644 >> package/network/services/dropbear/patches/200-lcrypt_bsdfix.patch >> >> diff --git a/package/network/services/dropbear/Config.in >> b/package/network/services/dropbear/Config.in >> new file mode 100644 >> index 000..e2a7610 >> --- /dev/null >> +++ b/package/network/services/dropbear/Config.in >> @@ -0,0 +1,27 @@ >> +menu "Configuration" >> + depends on PACKAGE_dropbear >> + >> +config DROPBEAR_ECC >> + bool "Elliptic curve cryptography (ECC)" >> + default n >> + help >> + Enables elliptic curve cryptography (ECC) support in key >> exchange and public key >> + authentication. >> + >> + Key exchange algorithms: >> + ecdh-sha2-nistp256 >> + ecdh-sha2-nistp384 >> + ecdh-sha2-nistp521 >> + curve25519-sha...@libssh.org >> + >> + Public key algorithms: >> + ecdsa-sha2-nistp256 >> + ecdsa-sha2-nistp384 >> + ecdsa-sha2-nistp521 >> + >> + Does not generate ECC host keys by default (ECC key exchange >> will not be used, >> + only ECC public key auth). >> + >> + Increases binary size by about 36 kB (MIPS). >> + >> +endmenu >> diff --git a/package/network/services/dropbear/Makefile >> b/package/network/services/dropbear/Makefile >> index 02be761..692199e 100644 >> --- a/package/network/services/dropbear/Makefile >> +++ b/package/network/services/dropbear/Makefile >> @@ -8,26 +8,32 @@ >> include $(TOPDIR)/rules.mk >> >> PKG_NAME:=dropbear >> -PKG_VERSION:=2013.59 >> +PKG_VERSION:=2014.63 >> PKG_RELEASE:=1 >> >> PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 >> PKG_SOURCE_URL:= \ >> http://matt.ucc.asn.au/dropbear/releases/ \ >> https://dropbear.nl/mirror/releases/ >> -PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 >> +PKG_MD5SUM:=7066bb9a2da708f3ed06314fdc9c47fd >> >> PKG_LICENSE:=MIT >> PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE >> >> PKG_BUILD_PARALLEL:=1 >> >> +PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC >> + >> include $(INCLUDE_DIR)/package.mk >> >> define Package/dropbear/Default >>URL:=http://matt.ucc.asn.au/dropbear/ >> endef >> >> +define Package/dropbear/config >> + source "$(SOURCE)/Config.in" >> +endef >> + >> define Package/dropbear >>$(call Package/dropbear/Default) >>SECTION:=net >> @@ -72,6 +78,20 @@ CONFIGURE_ARGS += \ >> TARGET_CFLAGS += -DARGTYPE=3 -ffunction-sections -fdata-sections >> TARGET_LDFLAGS += -Wl,--gc-sections >> >> +define Build/Prepare >> + $(call Build/Prepare/Default) >> + # Enforce that all replacements are made, otherwise options.h has >> changed >> + # format and this logic is broken. >> + for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH DROPBEAR_CURVE25519; do \ >> + awk 'BEGIN { rc = 1 } \ >> + /'OPTION'/ { 0 = "$(if $(CONFIG_DROPBEAR_
[OpenWrt-Devel] Fwd: [PATCH] dropbear: fix parsing of Interface param
On Sat, Mar 1, 2014 at 4:25 AM, Hannu Nyman wrote: > Should that line be instead this way? > > [ -n "${Interface}" ] && network_get_device interface "${Interface}" I think the only place where "interface" is used is on the following line: - append_ports "${interface}" "${Port}" + append_ports "${Interface}" "${Port}" So as long as the append ports uses the same capitalization, it should work. Plus Interface (capital) is declared as a local variable, so that limits the effect of network_get_device (does not set any global variables). And it seemed reasonable to replace the original value of Interface (capital) since it is no longer needed. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] dropbear: update to 2014.63
ping On Mon, Feb 24, 2014 at 1:02 AM, Catalin Patulea wrote: > Upstream changelog: > https://matt.ucc.asn.au/dropbear/CHANGES > > This adds elliptic curve cryptography (ECC) support as an option, disabled > by default. > > dropbear mips 34kc uClibc binary size: > before: 161,672 bytes > after, without ECC (default): 164,968 > after, with ECC: 198,008 > > Signed-off-by: Catalin Patulea > --- > package/network/services/dropbear/Config.in| 27 ++ > package/network/services/dropbear/Makefile | 24 ++-- > .../dropbear/patches/100-pubkey_path.patch |4 +-- > .../dropbear/patches/110-change_user.patch |2 +- > .../dropbear/patches/120-openwrt_options.patch | 21 -- > .../dropbear/patches/140-disable_assert.patch |2 +- > .../patches/150-dbconvert_standalone.patch |6 ++-- > .../dropbear/patches/200-lcrypt_bsdfix.patch | 29 > > .../dropbear/patches/500-set-default-path.patch|2 +- > 9 files changed, 63 insertions(+), 54 deletions(-) > create mode 100644 package/network/services/dropbear/Config.in > delete mode 100644 > package/network/services/dropbear/patches/200-lcrypt_bsdfix.patch > > diff --git a/package/network/services/dropbear/Config.in > b/package/network/services/dropbear/Config.in > new file mode 100644 > index 000..e2a7610 > --- /dev/null > +++ b/package/network/services/dropbear/Config.in > @@ -0,0 +1,27 @@ > +menu "Configuration" > + depends on PACKAGE_dropbear > + > +config DROPBEAR_ECC > + bool "Elliptic curve cryptography (ECC)" > + default n > + help > + Enables elliptic curve cryptography (ECC) support in key > exchange and public key > + authentication. > + > + Key exchange algorithms: > + ecdh-sha2-nistp256 > + ecdh-sha2-nistp384 > + ecdh-sha2-nistp521 > + curve25519-sha...@libssh.org > + > + Public key algorithms: > + ecdsa-sha2-nistp256 > + ecdsa-sha2-nistp384 > + ecdsa-sha2-nistp521 > + > + Does not generate ECC host keys by default (ECC key exchange > will not be used, > + only ECC public key auth). > + > + Increases binary size by about 36 kB (MIPS). > + > +endmenu > diff --git a/package/network/services/dropbear/Makefile > b/package/network/services/dropbear/Makefile > index 02be761..692199e 100644 > --- a/package/network/services/dropbear/Makefile > +++ b/package/network/services/dropbear/Makefile > @@ -8,26 +8,32 @@ > include $(TOPDIR)/rules.mk > > PKG_NAME:=dropbear > -PKG_VERSION:=2013.59 > +PKG_VERSION:=2014.63 > PKG_RELEASE:=1 > > PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 > PKG_SOURCE_URL:= \ > http://matt.ucc.asn.au/dropbear/releases/ \ > https://dropbear.nl/mirror/releases/ > -PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 > +PKG_MD5SUM:=7066bb9a2da708f3ed06314fdc9c47fd > > PKG_LICENSE:=MIT > PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE > > PKG_BUILD_PARALLEL:=1 > > +PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC > + > include $(INCLUDE_DIR)/package.mk > > define Package/dropbear/Default >URL:=http://matt.ucc.asn.au/dropbear/ > endef > > +define Package/dropbear/config > + source "$(SOURCE)/Config.in" > +endef > + > define Package/dropbear >$(call Package/dropbear/Default) >SECTION:=net > @@ -72,6 +78,20 @@ CONFIGURE_ARGS += \ > TARGET_CFLAGS += -DARGTYPE=3 -ffunction-sections -fdata-sections > TARGET_LDFLAGS += -Wl,--gc-sections > > +define Build/Prepare > + $(call Build/Prepare/Default) > + # Enforce that all replacements are made, otherwise options.h has > changed > + # format and this logic is broken. > + for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH DROPBEAR_CURVE25519; do \ > + awk 'BEGIN { rc = 1 } \ > + /'OPTION'/ { 0 = "$(if $(CONFIG_DROPBEAR_ECC),,// > )#define 'OPTION'"; rc = 0 } \ > + { print } \ > + END { exit(rc) }' $(PKG_BUILD_DIR)/options.h \ > + >$(PKG_BUILD_DIR)/options.h.new && \ > + mv $(PKG_BUILD_DIR)/options.h.new $(PKG_BUILD_DIR)/options.h || > exit 1; \ > + done > +endef > + > define Build/Compile > +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ > $(TARGET_CONFIGURE_OPTS) \ > diff --git a/package/network/services
Re: [OpenWrt-Devel] [PATCH] dropbear: fix parsing of Interface param
ping On Mon, Feb 24, 2014 at 1:28 AM, Catalin Patulea wrote: > From: hnyman <> > > Sending this in for hnyman, from issue #15070: > https://dev.openwrt.org/ticket/15070 > > Should fix that issue. > > Signed-off-by: Catalin Patulea > --- > .../network/services/dropbear/files/dropbear.init |4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/package/network/services/dropbear/files/dropbear.init > b/package/network/services/dropbear/files/dropbear.init > index ebef526..93dc3d9 100755 > --- a/package/network/services/dropbear/files/dropbear.init > +++ b/package/network/services/dropbear/files/dropbear.init > @@ -72,8 +72,8 @@ dropbear_instance() > [ -n "${rsakeyfile}" ] && procd_append_param command -r > "${rsakeyfile}" > [ -n "${dsskeyfile}" ] && procd_append_param command -d > "${dsskeyfile}" > [ -n "${BannerFile}" ] && procd_append_param command -b > "${BannerFile}" > - [ -n "${interface}" ] && network_get_device interface "${interface}" > - append_ports "${interface}" "${Port}" > + [ -n "${Interface}" ] && network_get_device Interface "${Interface}" > + append_ports "${Interface}" "${Port}" > procd_close_instance > } > > -- > 1.7.9.5 > ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] dev.openwrt.org frequently gives 504 Gateway Time-out or 502 Bad Gateway errors
I've often seen this too, and it's very difficult to use the site when it's like this. On IRC someone mentioned that trac is crashing. No idea if anyone is looking into fixing this. On Sat, Mar 1, 2014 at 3:41 AM, Hannu Nyman wrote: > It is really annoying that dev.openwrt.org frequently gives "504 Gateway > Time-out" or "502 Bad Gateway" errors. During the last few days it seems > that the bug tracker is unreachable half of the time. > > Typical error is just: > > 502 Bad Gateway > nginx/1.1.19 > > Is there some problem connectivity problem between the front-end and > back-end servers? > Hopefully site admins can fix this. > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] dropbear: fix parsing of Interface param
From: hnyman <> Sending this in for hnyman, from issue #15070: https://dev.openwrt.org/ticket/15070 Should fix that issue. Signed-off-by: Catalin Patulea --- .../network/services/dropbear/files/dropbear.init |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package/network/services/dropbear/files/dropbear.init b/package/network/services/dropbear/files/dropbear.init index ebef526..93dc3d9 100755 --- a/package/network/services/dropbear/files/dropbear.init +++ b/package/network/services/dropbear/files/dropbear.init @@ -72,8 +72,8 @@ dropbear_instance() [ -n "${rsakeyfile}" ] && procd_append_param command -r "${rsakeyfile}" [ -n "${dsskeyfile}" ] && procd_append_param command -d "${dsskeyfile}" [ -n "${BannerFile}" ] && procd_append_param command -b "${BannerFile}" - [ -n "${interface}" ] && network_get_device interface "${interface}" - append_ports "${interface}" "${Port}" + [ -n "${Interface}" ] && network_get_device Interface "${Interface}" + append_ports "${Interface}" "${Port}" procd_close_instance } -- 1.7.9.5 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCHv2] dropbear: update to 2013.62
Hi folks, dropbear 2014.63 is already out. Can someone please review these patches? Here is an updated patch for 2014.63: https://lists.openwrt.org/pipermail/openwrt-devel/2014-February/024058.html http://patchwork.openwrt.org/patch/4931/ On Wed, Feb 19, 2014 at 1:22 AM, Catalin Patulea wrote: > Can I get another round of review on this? > > On Sat, Feb 15, 2014 at 9:08 PM, Catalin Patulea wrote: >> Upstream changelog: >> https://matt.ucc.asn.au/dropbear/CHANGES >> >> This adds elliptic curve cryptography (ECC) support as an option, disabled >> by default. >> >> dropbear mips 34kc uClibc binary size: >> before: 161,672 bytes >> after, without ECC (default): 164,968 >> after, with ECC: 198,008 >> >> Signed-off-by: Catalin Patulea >> --- >> package/network/services/dropbear/Config.in| 27 >> >> package/network/services/dropbear/Makefile | 24 +++-- >> .../dropbear/patches/100-pubkey_path.patch |4 +-- >> .../dropbear/patches/110-change_user.patch |2 +- >> .../dropbear/patches/120-openwrt_options.patch | 21 +-- >> .../dropbear/patches/140-disable_assert.patch |2 +- >> .../patches/150-dbconvert_standalone.patch |6 ++--- >> .../dropbear/patches/200-lcrypt_bsdfix.patch |8 +++--- >> .../dropbear/patches/500-set-default-path.patch|2 +- >> 9 files changed, 67 insertions(+), 29 deletions(-) >> create mode 100644 package/network/services/dropbear/Config.in >> >> diff --git a/package/network/services/dropbear/Config.in >> b/package/network/services/dropbear/Config.in >> new file mode 100644 >> index 000..e2a7610 >> --- /dev/null >> +++ b/package/network/services/dropbear/Config.in >> @@ -0,0 +1,27 @@ >> +menu "Configuration" >> + depends on PACKAGE_dropbear >> + >> +config DROPBEAR_ECC >> + bool "Elliptic curve cryptography (ECC)" >> + default n >> + help >> + Enables elliptic curve cryptography (ECC) support in key >> exchange and public key >> + authentication. >> + >> + Key exchange algorithms: >> + ecdh-sha2-nistp256 >> + ecdh-sha2-nistp384 >> + ecdh-sha2-nistp521 >> + curve25519-sha...@libssh.org >> + >> + Public key algorithms: >> + ecdsa-sha2-nistp256 >> + ecdsa-sha2-nistp384 >> + ecdsa-sha2-nistp521 >> + >> + Does not generate ECC host keys by default (ECC key exchange >> will not be used, >> + only ECC public key auth). >> + >> + Increases binary size by about 36 kB (MIPS). >> + >> +endmenu >> diff --git a/package/network/services/dropbear/Makefile >> b/package/network/services/dropbear/Makefile >> index 02be761..c7d0a96 100644 >> --- a/package/network/services/dropbear/Makefile >> +++ b/package/network/services/dropbear/Makefile >> @@ -8,26 +8,32 @@ >> include $(TOPDIR)/rules.mk >> >> PKG_NAME:=dropbear >> -PKG_VERSION:=2013.59 >> +PKG_VERSION:=2013.62 >> PKG_RELEASE:=1 >> >> PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 >> PKG_SOURCE_URL:= \ >> http://matt.ucc.asn.au/dropbear/releases/ \ >> https://dropbear.nl/mirror/releases/ >> -PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 >> +PKG_MD5SUM:=ca2c7932a1399cf361f795aaa3843998 >> >> PKG_LICENSE:=MIT >> PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE >> >> PKG_BUILD_PARALLEL:=1 >> >> +PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC >> + >> include $(INCLUDE_DIR)/package.mk >> >> define Package/dropbear/Default >>URL:=http://matt.ucc.asn.au/dropbear/ >> endef >> >> +define Package/dropbear/config >> + source "$(SOURCE)/Config.in" >> +endef >> + >> define Package/dropbear >>$(call Package/dropbear/Default) >>SECTION:=net >> @@ -72,6 +78,20 @@ CONFIGURE_ARGS += \ >> TARGET_CFLAGS += -DARGTYPE=3 -ffunction-sections -fdata-sections >> TARGET_LDFLAGS += -Wl,--gc-sections >> >> +define Build/Prepare >> + $(call Build/Prepare/Default) >> + # Enforce that all replacements are made, otherwise options.h has >> changed >> + # format and this logic is broken. >> + for OPTION in DROPBEAR_ECDSA DROPBEAR_
[OpenWrt-Devel] [PATCH] dropbear: update to 2014.63
Upstream changelog: https://matt.ucc.asn.au/dropbear/CHANGES This adds elliptic curve cryptography (ECC) support as an option, disabled by default. dropbear mips 34kc uClibc binary size: before: 161,672 bytes after, without ECC (default): 164,968 after, with ECC: 198,008 Signed-off-by: Catalin Patulea --- package/network/services/dropbear/Config.in| 27 ++ package/network/services/dropbear/Makefile | 24 ++-- .../dropbear/patches/100-pubkey_path.patch |4 +-- .../dropbear/patches/110-change_user.patch |2 +- .../dropbear/patches/120-openwrt_options.patch | 21 -- .../dropbear/patches/140-disable_assert.patch |2 +- .../patches/150-dbconvert_standalone.patch |6 ++-- .../dropbear/patches/200-lcrypt_bsdfix.patch | 29 .../dropbear/patches/500-set-default-path.patch|2 +- 9 files changed, 63 insertions(+), 54 deletions(-) create mode 100644 package/network/services/dropbear/Config.in delete mode 100644 package/network/services/dropbear/patches/200-lcrypt_bsdfix.patch diff --git a/package/network/services/dropbear/Config.in b/package/network/services/dropbear/Config.in new file mode 100644 index 000..e2a7610 --- /dev/null +++ b/package/network/services/dropbear/Config.in @@ -0,0 +1,27 @@ +menu "Configuration" + depends on PACKAGE_dropbear + +config DROPBEAR_ECC + bool "Elliptic curve cryptography (ECC)" + default n + help + Enables elliptic curve cryptography (ECC) support in key exchange and public key + authentication. + + Key exchange algorithms: + ecdh-sha2-nistp256 + ecdh-sha2-nistp384 + ecdh-sha2-nistp521 + curve25519-sha...@libssh.org + + Public key algorithms: + ecdsa-sha2-nistp256 + ecdsa-sha2-nistp384 + ecdsa-sha2-nistp521 + + Does not generate ECC host keys by default (ECC key exchange will not be used, + only ECC public key auth). + + Increases binary size by about 36 kB (MIPS). + +endmenu diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index 02be761..692199e 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -8,26 +8,32 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear -PKG_VERSION:=2013.59 +PKG_VERSION:=2014.63 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:= \ http://matt.ucc.asn.au/dropbear/releases/ \ https://dropbear.nl/mirror/releases/ -PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 +PKG_MD5SUM:=7066bb9a2da708f3ed06314fdc9c47fd PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE PKG_BUILD_PARALLEL:=1 +PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC + include $(INCLUDE_DIR)/package.mk define Package/dropbear/Default URL:=http://matt.ucc.asn.au/dropbear/ endef +define Package/dropbear/config + source "$(SOURCE)/Config.in" +endef + define Package/dropbear $(call Package/dropbear/Default) SECTION:=net @@ -72,6 +78,20 @@ CONFIGURE_ARGS += \ TARGET_CFLAGS += -DARGTYPE=3 -ffunction-sections -fdata-sections TARGET_LDFLAGS += -Wl,--gc-sections +define Build/Prepare + $(call Build/Prepare/Default) + # Enforce that all replacements are made, otherwise options.h has changed + # format and this logic is broken. + for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH DROPBEAR_CURVE25519; do \ + awk 'BEGIN { rc = 1 } \ + /'OPTION'/ { 0 = "$(if $(CONFIG_DROPBEAR_ECC),,// )#define 'OPTION'"; rc = 0 } \ + { print } \ + END { exit(rc) }' $(PKG_BUILD_DIR)/options.h \ + >$(PKG_BUILD_DIR)/options.h.new && \ + mv $(PKG_BUILD_DIR)/options.h.new $(PKG_BUILD_DIR)/options.h || exit 1; \ + done +endef + define Build/Compile +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ $(TARGET_CONFIGURE_OPTS) \ diff --git a/package/network/services/dropbear/patches/100-pubkey_path.patch b/package/network/services/dropbear/patches/100-pubkey_path.patch index c1802f5..456874b 100644 --- a/package/network/services/dropbear/patches/100-pubkey_path.patch +++ b/package/network/services/dropbear/patches/100-pubkey_path.patch @@ -1,6 +1,6 @@ --- a/svr-authpubkey.c +++ b/svr-authpubkey.c -@@ -209,17 +209,21 @@ static int checkpubkey(unsigned char* al +@@ -208,17 +208,21 @@ static int checkpubkey(unsigned char* al goto out; } @@ -33,7 +33,7 @@ if (authfile == NULL) { goto out; } -@@ -372,26 +376,35 @@ static int checkpubkeyperms() { +@@ -371,26 +375,35 @@ static int checkpu
Re: [OpenWrt-Devel] [PATCHv2] dropbear: update to 2013.62
Can I get another round of review on this? On Sat, Feb 15, 2014 at 9:08 PM, Catalin Patulea wrote: > Upstream changelog: > https://matt.ucc.asn.au/dropbear/CHANGES > > This adds elliptic curve cryptography (ECC) support as an option, disabled > by default. > > dropbear mips 34kc uClibc binary size: > before: 161,672 bytes > after, without ECC (default): 164,968 > after, with ECC: 198,008 > > Signed-off-by: Catalin Patulea > --- > package/network/services/dropbear/Config.in| 27 > > package/network/services/dropbear/Makefile | 24 +++-- > .../dropbear/patches/100-pubkey_path.patch |4 +-- > .../dropbear/patches/110-change_user.patch |2 +- > .../dropbear/patches/120-openwrt_options.patch | 21 +-- > .../dropbear/patches/140-disable_assert.patch |2 +- > .../patches/150-dbconvert_standalone.patch |6 ++--- > .../dropbear/patches/200-lcrypt_bsdfix.patch |8 +++--- > .../dropbear/patches/500-set-default-path.patch|2 +- > 9 files changed, 67 insertions(+), 29 deletions(-) > create mode 100644 package/network/services/dropbear/Config.in > > diff --git a/package/network/services/dropbear/Config.in > b/package/network/services/dropbear/Config.in > new file mode 100644 > index 000..e2a7610 > --- /dev/null > +++ b/package/network/services/dropbear/Config.in > @@ -0,0 +1,27 @@ > +menu "Configuration" > + depends on PACKAGE_dropbear > + > +config DROPBEAR_ECC > + bool "Elliptic curve cryptography (ECC)" > + default n > + help > + Enables elliptic curve cryptography (ECC) support in key > exchange and public key > + authentication. > + > + Key exchange algorithms: > + ecdh-sha2-nistp256 > + ecdh-sha2-nistp384 > + ecdh-sha2-nistp521 > + curve25519-sha...@libssh.org > + > + Public key algorithms: > + ecdsa-sha2-nistp256 > + ecdsa-sha2-nistp384 > + ecdsa-sha2-nistp521 > + > + Does not generate ECC host keys by default (ECC key exchange > will not be used, > + only ECC public key auth). > + > + Increases binary size by about 36 kB (MIPS). > + > +endmenu > diff --git a/package/network/services/dropbear/Makefile > b/package/network/services/dropbear/Makefile > index 02be761..c7d0a96 100644 > --- a/package/network/services/dropbear/Makefile > +++ b/package/network/services/dropbear/Makefile > @@ -8,26 +8,32 @@ > include $(TOPDIR)/rules.mk > > PKG_NAME:=dropbear > -PKG_VERSION:=2013.59 > +PKG_VERSION:=2013.62 > PKG_RELEASE:=1 > > PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 > PKG_SOURCE_URL:= \ > http://matt.ucc.asn.au/dropbear/releases/ \ > https://dropbear.nl/mirror/releases/ > -PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 > +PKG_MD5SUM:=ca2c7932a1399cf361f795aaa3843998 > > PKG_LICENSE:=MIT > PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE > > PKG_BUILD_PARALLEL:=1 > > +PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC > + > include $(INCLUDE_DIR)/package.mk > > define Package/dropbear/Default >URL:=http://matt.ucc.asn.au/dropbear/ > endef > > +define Package/dropbear/config > + source "$(SOURCE)/Config.in" > +endef > + > define Package/dropbear >$(call Package/dropbear/Default) >SECTION:=net > @@ -72,6 +78,20 @@ CONFIGURE_ARGS += \ > TARGET_CFLAGS += -DARGTYPE=3 -ffunction-sections -fdata-sections > TARGET_LDFLAGS += -Wl,--gc-sections > > +define Build/Prepare > + $(call Build/Prepare/Default) > + # Enforce that all replacements are made, otherwise options.h has > changed > + # format and this logic is broken. > + for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH DROPBEAR_CURVE25519; do \ > + awk 'BEGIN { rc = 1 } \ > + /'OPTION'/ { 0 = "$(if $(CONFIG_DROPBEAR_ECC),,// > )#define 'OPTION'"; rc = 0 } \ > + { print } \ > + END { exit(rc) }' $(PKG_BUILD_DIR)/options.h \ > + >$(PKG_BUILD_DIR)/options.h.new && \ > + mv $(PKG_BUILD_DIR)/options.h.new $(PKG_BUILD_DIR)/options.h || > exit 1; \ > + done > +endef > + > define Build/Compile > +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ > $(TARGET_CONFIGURE_OPTS) \ > diff --git a/package/network/services/dropbear/patches/100-pubkey_path.patch > b/pac
[OpenWrt-Devel] [PATCHv2] dropbear: update to 2013.62
Upstream changelog: https://matt.ucc.asn.au/dropbear/CHANGES This adds elliptic curve cryptography (ECC) support as an option, disabled by default. dropbear mips 34kc uClibc binary size: before: 161,672 bytes after, without ECC (default): 164,968 after, with ECC: 198,008 Signed-off-by: Catalin Patulea --- package/network/services/dropbear/Config.in| 27 package/network/services/dropbear/Makefile | 24 +++-- .../dropbear/patches/100-pubkey_path.patch |4 +-- .../dropbear/patches/110-change_user.patch |2 +- .../dropbear/patches/120-openwrt_options.patch | 21 +-- .../dropbear/patches/140-disable_assert.patch |2 +- .../patches/150-dbconvert_standalone.patch |6 ++--- .../dropbear/patches/200-lcrypt_bsdfix.patch |8 +++--- .../dropbear/patches/500-set-default-path.patch|2 +- 9 files changed, 67 insertions(+), 29 deletions(-) create mode 100644 package/network/services/dropbear/Config.in diff --git a/package/network/services/dropbear/Config.in b/package/network/services/dropbear/Config.in new file mode 100644 index 000..e2a7610 --- /dev/null +++ b/package/network/services/dropbear/Config.in @@ -0,0 +1,27 @@ +menu "Configuration" + depends on PACKAGE_dropbear + +config DROPBEAR_ECC + bool "Elliptic curve cryptography (ECC)" + default n + help + Enables elliptic curve cryptography (ECC) support in key exchange and public key + authentication. + + Key exchange algorithms: + ecdh-sha2-nistp256 + ecdh-sha2-nistp384 + ecdh-sha2-nistp521 + curve25519-sha...@libssh.org + + Public key algorithms: + ecdsa-sha2-nistp256 + ecdsa-sha2-nistp384 + ecdsa-sha2-nistp521 + + Does not generate ECC host keys by default (ECC key exchange will not be used, + only ECC public key auth). + + Increases binary size by about 36 kB (MIPS). + +endmenu diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index 02be761..c7d0a96 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -8,26 +8,32 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear -PKG_VERSION:=2013.59 +PKG_VERSION:=2013.62 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:= \ http://matt.ucc.asn.au/dropbear/releases/ \ https://dropbear.nl/mirror/releases/ -PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 +PKG_MD5SUM:=ca2c7932a1399cf361f795aaa3843998 PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE PKG_BUILD_PARALLEL:=1 +PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC + include $(INCLUDE_DIR)/package.mk define Package/dropbear/Default URL:=http://matt.ucc.asn.au/dropbear/ endef +define Package/dropbear/config + source "$(SOURCE)/Config.in" +endef + define Package/dropbear $(call Package/dropbear/Default) SECTION:=net @@ -72,6 +78,20 @@ CONFIGURE_ARGS += \ TARGET_CFLAGS += -DARGTYPE=3 -ffunction-sections -fdata-sections TARGET_LDFLAGS += -Wl,--gc-sections +define Build/Prepare + $(call Build/Prepare/Default) + # Enforce that all replacements are made, otherwise options.h has changed + # format and this logic is broken. + for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH DROPBEAR_CURVE25519; do \ + awk 'BEGIN { rc = 1 } \ + /'OPTION'/ { 0 = "$(if $(CONFIG_DROPBEAR_ECC),,// )#define 'OPTION'"; rc = 0 } \ + { print } \ + END { exit(rc) }' $(PKG_BUILD_DIR)/options.h \ + >$(PKG_BUILD_DIR)/options.h.new && \ + mv $(PKG_BUILD_DIR)/options.h.new $(PKG_BUILD_DIR)/options.h || exit 1; \ + done +endef + define Build/Compile +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ $(TARGET_CONFIGURE_OPTS) \ diff --git a/package/network/services/dropbear/patches/100-pubkey_path.patch b/package/network/services/dropbear/patches/100-pubkey_path.patch index c1802f5..456874b 100644 --- a/package/network/services/dropbear/patches/100-pubkey_path.patch +++ b/package/network/services/dropbear/patches/100-pubkey_path.patch @@ -1,6 +1,6 @@ --- a/svr-authpubkey.c +++ b/svr-authpubkey.c -@@ -209,17 +209,21 @@ static int checkpubkey(unsigned char* al +@@ -208,17 +208,21 @@ static int checkpubkey(unsigned char* al goto out; } @@ -33,7 +33,7 @@ if (authfile == NULL) { goto out; } -@@ -372,26 +376,35 @@ static int checkpubkeyperms() { +@@ -371,26 +375,35 @@ static int checkpubkeyperms() { goto out; } diff --git a/package/network/services/dr
Re: [OpenWrt-Devel] [PATCH] dropbear: update to 2013.62
Ok. 2013.62 with ECC disabled is 164,968 bytes. Sound reasonable? On Fri, Feb 14, 2014 at 2:08 PM, Daniel Petre wrote: > > On 14 Feb 2014, at 20:38, Catalin Patulea wrote: >> >> Looks like most of the growth is in new ECC support functions, with >> some small growth to existing functions. Curve25519 is the largest >> single contributor at 3 kB. Disabling Curve25519 brings the final >> binary size to 189,900 bytes. >> >> I'm personally very interested in ECC support, I have a hardware >> security key that stores ECDSA key pairs, that I want to use for >> authentication. I'm also interested in keeping as small a diff from >> upstream as possible. :-) >> > > Hi, can't you patch the dropbear Makefile to allow toggle package compile > options for your needed extra functionality? > >> ___ >> openwrt-devel mailing list >> openwrt-devel@lists.openwrt.org >> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] dropbear: update to 2013.62
On Fri, Feb 14, 2014 at 11:11 AM, Felix Fietkau wrote: > The bloat increase seems a bit excessive for a minor update. Any way to > make the new stuff optional (and disabled by default)? Here are the first few lines of a diff of 'nm --size-sort' between 2013.59 and 2013.62. First column is function size. +0bb0 T curve25519_donna 0b38 T sink +0a30 t fproduct +0944 T ltc_ecc_projective_add_point 0734 T refresh_progress_meter -069c T svr_auth_pubkey +06a0 T svr_auth_pubkey +068c t main_noinetd +0680 T recv_msg_kexdh_reply 0670 T cli_getopts -0634 t main_noinetd -05c8 T recv_msg_kexdh_reply -0588 T svr_getopts +063c T ltc_ecc_projective_dbl_point +05ec t fsquare +05c4 T ltc_ecc_mul2add +05a4 T svr_getopts 0580 T scp_main 0580 T mp_div Looks like most of the growth is in new ECC support functions, with some small growth to existing functions. Curve25519 is the largest single contributor at 3 kB. Disabling Curve25519 brings the final binary size to 189,900 bytes. I'm personally very interested in ECC support, I have a hardware security key that stores ECDSA key pairs, that I want to use for authentication. I'm also interested in keeping as small a diff from upstream as possible. :-) What do you think about ECC support in OpenWrt dropbear in the long term? Any ideas for reducing binary size while maintaining ECC support? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] dropbear: update to 2013.62
ping On Sun, Feb 9, 2014 at 4:22 PM, Catalin Patulea wrote: > Upstream changelog: > https://matt.ucc.asn.au/dropbear/CHANGES > > Notably, this adds elliptic curve cryptography (ECC) support. > > dropbear mips 34kc uClibc binary size: > before: 161,672 bytes > after: 198,008 > > Signed-off-by: Catalin Patulea > --- > package/network/services/dropbear/Makefile |4 ++-- > .../dropbear/patches/100-pubkey_path.patch |4 ++-- > .../dropbear/patches/110-change_user.patch |2 +- > .../dropbear/patches/120-openwrt_options.patch | 21 > ++-- > .../dropbear/patches/140-disable_assert.patch |2 +- > .../patches/150-dbconvert_standalone.patch |6 +++--- > .../dropbear/patches/200-lcrypt_bsdfix.patch |8 > .../dropbear/patches/500-set-default-path.patch|2 +- > 8 files changed, 20 insertions(+), 29 deletions(-) > > diff --git a/package/network/services/dropbear/Makefile > b/package/network/services/dropbear/Makefile > index 02be761..b593198 100644 > --- a/package/network/services/dropbear/Makefile > +++ b/package/network/services/dropbear/Makefile > @@ -8,14 +8,14 @@ > include $(TOPDIR)/rules.mk > > PKG_NAME:=dropbear > -PKG_VERSION:=2013.59 > +PKG_VERSION:=2013.62 > PKG_RELEASE:=1 > > PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 > PKG_SOURCE_URL:= \ > http://matt.ucc.asn.au/dropbear/releases/ \ > https://dropbear.nl/mirror/releases/ > -PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 > +PKG_MD5SUM:=ca2c7932a1399cf361f795aaa3843998 > > PKG_LICENSE:=MIT > PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE > diff --git a/package/network/services/dropbear/patches/100-pubkey_path.patch > b/package/network/services/dropbear/patches/100-pubkey_path.patch > index c1802f5..456874b 100644 > --- a/package/network/services/dropbear/patches/100-pubkey_path.patch > +++ b/package/network/services/dropbear/patches/100-pubkey_path.patch > @@ -1,6 +1,6 @@ > --- a/svr-authpubkey.c > +++ b/svr-authpubkey.c > -@@ -209,17 +209,21 @@ static int checkpubkey(unsigned char* al > +@@ -208,17 +208,21 @@ static int checkpubkey(unsigned char* al > goto out; > } > > @@ -33,7 +33,7 @@ > if (authfile == NULL) { > goto out; > } > -@@ -372,26 +376,35 @@ static int checkpubkeyperms() { > +@@ -371,26 +375,35 @@ static int checkpubkeyperms() { > goto out; > } > > diff --git a/package/network/services/dropbear/patches/110-change_user.patch > b/package/network/services/dropbear/patches/110-change_user.patch > index 48228ea..fa608e7 100644 > --- a/package/network/services/dropbear/patches/110-change_user.patch > +++ b/package/network/services/dropbear/patches/110-change_user.patch > @@ -1,6 +1,6 @@ > --- a/svr-chansession.c > +++ b/svr-chansession.c > -@@ -889,12 +889,12 @@ static void execchild(void *user_data) { > +@@ -890,12 +890,12 @@ static void execchild(void *user_data) { > /* We can only change uid/gid as root ... */ > if (getuid() == 0) { > > diff --git > a/package/network/services/dropbear/patches/120-openwrt_options.patch > b/package/network/services/dropbear/patches/120-openwrt_options.patch > index 9300a27..1b5c5cb 100644 > --- a/package/network/services/dropbear/patches/120-openwrt_options.patch > +++ b/package/network/services/dropbear/patches/120-openwrt_options.patch > @@ -1,6 +1,6 @@ > --- a/options.h > +++ b/options.h > -@@ -38,7 +38,7 @@ > +@@ -41,7 +41,7 @@ >* Both of these flags can be defined at once, don't compile without at > least >* one of them. */ > #define NON_INETD_MODE > @@ -9,16 +9,7 @@ > > /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is >* perhaps 20% slower for pubkey operations (it is probably worth > experimenting > -@@ -49,7 +49,7 @@ > - several kB in binary size however will make the symmetrical ciphers and > hashes > - slower, perhaps by 50%. Recommended for small systems that aren't doing > - much traffic. */ > --/*#define DROPBEAR_SMALL_CODE*/ > -+#define DROPBEAR_SMALL_CODE > - > - /* Enable X11 Forwarding - server only */ > - #define ENABLE_X11FWD > -@@ -78,7 +78,7 @@ much traffic. */ > +@@ -81,7 +81,7 @@ much traffic. */ > > /* Enable "Netcat mode" option. This will forward standard input/output >* to a remote TCP-forwarded connection */ > @@ -27,7 +18,7 @@ > > /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime > */ > #define ENABLE_USER_ALGO_LIST > -@@ -92,8 +92,8 @@ much traffic. */ &g
[OpenWrt-Devel] [PATCH] dropbear: update to 2013.62
Upstream changelog: https://matt.ucc.asn.au/dropbear/CHANGES Notably, this adds elliptic curve cryptography (ECC) support. dropbear mips 34kc uClibc binary size: before: 161,672 bytes after: 198,008 Signed-off-by: Catalin Patulea --- package/network/services/dropbear/Makefile |4 ++-- .../dropbear/patches/100-pubkey_path.patch |4 ++-- .../dropbear/patches/110-change_user.patch |2 +- .../dropbear/patches/120-openwrt_options.patch | 21 ++-- .../dropbear/patches/140-disable_assert.patch |2 +- .../patches/150-dbconvert_standalone.patch |6 +++--- .../dropbear/patches/200-lcrypt_bsdfix.patch |8 .../dropbear/patches/500-set-default-path.patch|2 +- 8 files changed, 20 insertions(+), 29 deletions(-) diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index 02be761..b593198 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear -PKG_VERSION:=2013.59 +PKG_VERSION:=2013.62 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:= \ http://matt.ucc.asn.au/dropbear/releases/ \ https://dropbear.nl/mirror/releases/ -PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 +PKG_MD5SUM:=ca2c7932a1399cf361f795aaa3843998 PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE diff --git a/package/network/services/dropbear/patches/100-pubkey_path.patch b/package/network/services/dropbear/patches/100-pubkey_path.patch index c1802f5..456874b 100644 --- a/package/network/services/dropbear/patches/100-pubkey_path.patch +++ b/package/network/services/dropbear/patches/100-pubkey_path.patch @@ -1,6 +1,6 @@ --- a/svr-authpubkey.c +++ b/svr-authpubkey.c -@@ -209,17 +209,21 @@ static int checkpubkey(unsigned char* al +@@ -208,17 +208,21 @@ static int checkpubkey(unsigned char* al goto out; } @@ -33,7 +33,7 @@ if (authfile == NULL) { goto out; } -@@ -372,26 +376,35 @@ static int checkpubkeyperms() { +@@ -371,26 +375,35 @@ static int checkpubkeyperms() { goto out; } diff --git a/package/network/services/dropbear/patches/110-change_user.patch b/package/network/services/dropbear/patches/110-change_user.patch index 48228ea..fa608e7 100644 --- a/package/network/services/dropbear/patches/110-change_user.patch +++ b/package/network/services/dropbear/patches/110-change_user.patch @@ -1,6 +1,6 @@ --- a/svr-chansession.c +++ b/svr-chansession.c -@@ -889,12 +889,12 @@ static void execchild(void *user_data) { +@@ -890,12 +890,12 @@ static void execchild(void *user_data) { /* We can only change uid/gid as root ... */ if (getuid() == 0) { diff --git a/package/network/services/dropbear/patches/120-openwrt_options.patch b/package/network/services/dropbear/patches/120-openwrt_options.patch index 9300a27..1b5c5cb 100644 --- a/package/network/services/dropbear/patches/120-openwrt_options.patch +++ b/package/network/services/dropbear/patches/120-openwrt_options.patch @@ -1,6 +1,6 @@ --- a/options.h +++ b/options.h -@@ -38,7 +38,7 @@ +@@ -41,7 +41,7 @@ * Both of these flags can be defined at once, don't compile without at least * one of them. */ #define NON_INETD_MODE @@ -9,16 +9,7 @@ /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is * perhaps 20% slower for pubkey operations (it is probably worth experimenting -@@ -49,7 +49,7 @@ - several kB in binary size however will make the symmetrical ciphers and hashes - slower, perhaps by 50%. Recommended for small systems that aren't doing - much traffic. */ --/*#define DROPBEAR_SMALL_CODE*/ -+#define DROPBEAR_SMALL_CODE - - /* Enable X11 Forwarding - server only */ - #define ENABLE_X11FWD -@@ -78,7 +78,7 @@ much traffic. */ +@@ -81,7 +81,7 @@ much traffic. */ /* Enable "Netcat mode" option. This will forward standard input/output * to a remote TCP-forwarded connection */ @@ -27,7 +18,7 @@ /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */ #define ENABLE_USER_ALGO_LIST -@@ -92,8 +92,8 @@ much traffic. */ +@@ -95,8 +95,8 @@ much traffic. */ #define DROPBEAR_AES256 /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ /*#define DROPBEAR_BLOWFISH*/ @@ -38,7 +29,7 @@ /* Enable "Counter Mode" for ciphers. This is more secure than normal * CBC mode against certain attacks. This adds around 1kB to binary -@@ -119,7 +119,7 @@ much traffic. */ +@@ -122,7 +122,7 @@ much traffic. */ * If you disable MD5, Dropbear will fall back to SHA1 fingerprints, * which are not the standard form. */ #define DROPBEAR_SHA1_HMAC @@ -47,7 +38,7 @@ /*#define DROPBEAR_SHA2_256_HMAC*/ /*#define DROPBEAR_SHA2
Re: [OpenWrt-Devel] [PATCH v3] Add sysfixtime init script, replacement of luci_fixtime
On Jan 3, 2014 1:29 PM, "Etienne CHAMPETIER" wrote: > > Simply scan for the most recent file in /etc and set > system time to this file modification time if it's in the future > It allow some time dependent program to work immediatly > without waiting for ntpd to sync > Thanks to Bastian Bittorf for the (so) simple idea > > Signed-off-by: Etienne CHAMPETIER > --- > package/base-files/files/etc/init.d/sysfixtime | 13 + > 1 file changed, 13 insertions(+) > create mode 100755 package/base-files/files/etc/init.d/sysfixtime > > diff --git a/package/base-files/files/etc/init.d/sysfixtime b/package/base-files/files/etc/init.d/sysfixtime > new file mode 100755 > index 000..2e8d4ab > --- /dev/null > +++ b/package/base-files/files/etc/init.d/sysfixtime > @@ -0,0 +1,13 @@ > +#!/bin/sh /etc/rc.common > +# Copyright (C) 2013-2014 OpenWrt.org > + > +START=00 > + > +boot() { > + CURTIME=`date +%s` > + MAXTIME=`find /etc -type f -exec date +%s -r {} \; | sort | tail -n1` Also 'sort -r | head -n1' would save a small amount of work. > + [[ $CURTIME -lt $MAXTIME ]] && \ > + date -s @$MAXTIME && \ > + /usr/bin/logger -t sysfixtime -p daemon.notice "Time fixed" > +} > + > -- > 1.8.4.2 > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH v3] Add sysfixtime init script, replacement of luci_fixtime
On Jan 3, 2014 1:29 PM, "Etienne CHAMPETIER" wrote: > > Simply scan for the most recent file in /etc and set > system time to this file modification time if it's in the future > It allow some time dependent program to work immediatly > without waiting for ntpd to sync > Thanks to Bastian Bittorf for the (so) simple idea > > Signed-off-by: Etienne CHAMPETIER > --- > package/base-files/files/etc/init.d/sysfixtime | 13 + > 1 file changed, 13 insertions(+) > create mode 100755 package/base-files/files/etc/init.d/sysfixtime > > diff --git a/package/base-files/files/etc/init.d/sysfixtime b/package/base-files/files/etc/init.d/sysfixtime > new file mode 100755 > index 000..2e8d4ab > --- /dev/null > +++ b/package/base-files/files/etc/init.d/sysfixtime > @@ -0,0 +1,13 @@ > +#!/bin/sh /etc/rc.common > +# Copyright (C) 2013-2014 OpenWrt.org > + > +START=00 > + > +boot() { > + CURTIME=`date +%s` > + MAXTIME=`find /etc -type f -exec date +%s -r {} \; | sort | tail -n1` > + [[ $CURTIME -lt $MAXTIME ]] && \ Strictly speaking, should probably be 'sort -n'. > + date -s @$MAXTIME && \ > + /usr/bin/logger -t sysfixtime -p daemon.notice "Time fixed" > +} > + > -- > 1.8.4.2 > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] hostapd: fix mixed wep/wpa with netifd
Signed-off-by: Catalin Patulea --- One more fix. Tested by Manp on this thread: https://forum.openwrt.org/viewtopic.php?pid=220700#p220700 package/network/services/hostapd/files/netifd.sh |1 + 1 file changed, 1 insertion(+) diff --git a/package/network/services/hostapd/files/netifd.sh b/package/network/services/hostapd/files/netifd.sh index 1589bc1..b3ca866 100644 --- a/package/network/services/hostapd/files/netifd.sh +++ b/package/network/services/hostapd/files/netifd.sh @@ -233,6 +233,7 @@ hostapd_set_bss_options() { ;; wep) local wep_keyidx=0 + json_get_vars key hostapd_append_wep_key bss_conf append bss_conf "wep_default_key=$wep_keyidx" "$N" [ -n "$wep_rekey" ] && append bss_conf "wep_rekey_period=$wep_rekey" "$N" -- 1.7.9.5 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCHv2] hostapd: fix wep with netifd
On Sun, Dec 22, 2013 at 1:45 PM, Hannu Nyman wrote: > But he ran into an error with mixed WEP/WPA environment, where any WEP > interface needed to be in the config file before any WPA interface. > Otherwise the radio did not come up. So, there is probably something > additional to be fixed with WEP. I have only tested this on a radio0-WEP, radio1-WEP configuration. Unfortunately I cannot change the configuration of my router right now as it's in active use. > Discussion at: https://forum.openwrt.org/viewtopic.php?pid=220628#p220628 I will reply there. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCHv2] hostapd: fix wep with netifd
Signed-off-by: Catalin Patulea --- Changes since v1: - Fix argument to hostapd_append_wep_key. package/network/services/hostapd/files/netifd.sh |8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/package/network/services/hostapd/files/netifd.sh b/package/network/services/hostapd/files/netifd.sh index 8380357..1589bc1 100644 --- a/package/network/services/hostapd/files/netifd.sh +++ b/package/network/services/hostapd/files/netifd.sh @@ -18,12 +18,12 @@ hostapd_append_wep_key() { zidx=$(($idx - 1)) json_get_var ckey "key${idx}" [ -n "$ckey" ] && \ - append network_data "wep_key${zidx}=$(prepare_key_wep "$ckey")" "$N$T" + append $var "wep_key${zidx}=$(prepare_key_wep "$ckey")" "$N$T" done wep_keyidx=$((key - 1)) ;; *) - append network_data "wep_key0=$(prepare_key_wep "$key")" "$N$T" + append $var "wep_key0=$(prepare_key_wep "$key")" "$N$T" ;; esac } @@ -233,8 +233,8 @@ hostapd_set_bss_options() { ;; wep) local wep_keyidx=0 - hostapd_append_wep_key network_data - append bss_conf "wep_default_key=$wep_key" "$N" + hostapd_append_wep_key bss_conf + append bss_conf "wep_default_key=$wep_keyidx" "$N" [ -n "$wep_rekey" ] && append bss_conf "wep_rekey_period=$wep_rekey" "$N" ;; esac -- 1.7.9.5 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] hostapd: fix wep with netifd
Signed-off-by: Catalin Patulea --- package/network/services/hostapd/files/netifd.sh |6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package/network/services/hostapd/files/netifd.sh b/package/network/services/hostapd/files/netifd.sh index 8380357..c5943b1 100644 --- a/package/network/services/hostapd/files/netifd.sh +++ b/package/network/services/hostapd/files/netifd.sh @@ -18,12 +18,12 @@ hostapd_append_wep_key() { zidx=$(($idx - 1)) json_get_var ckey "key${idx}" [ -n "$ckey" ] && \ - append network_data "wep_key${zidx}=$(prepare_key_wep "$ckey")" "$N$T" + append $var "wep_key${zidx}=$(prepare_key_wep "$ckey")" "$N$T" done wep_keyidx=$((key - 1)) ;; *) - append network_data "wep_key0=$(prepare_key_wep "$key")" "$N$T" + append $var "wep_key0=$(prepare_key_wep "$key")" "$N$T" ;; esac } @@ -234,7 +234,7 @@ hostapd_set_bss_options() { wep) local wep_keyidx=0 hostapd_append_wep_key network_data - append bss_conf "wep_default_key=$wep_key" "$N" + append bss_conf "wep_default_key=$wep_keyidx" "$N" [ -n "$wep_rekey" ] && append bss_conf "wep_rekey_period=$wep_rekey" "$N" ;; esac -- 1.7.9.5 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] [packages] ddns-scripts: cleanup
Signed-off-by: Catalin Patulea --- .../files/usr/lib/ddns/dynamic_dns_functions.sh| 89 +++- .../files/usr/lib/ddns/dynamic_dns_updater.sh | 113 ++--- 2 files changed, 71 insertions(+), 131 deletions(-) diff --git a/net/ddns-scripts/files/usr/lib/ddns/dynamic_dns_functions.sh b/net/ddns-scripts/files/usr/lib/ddns/dynamic_dns_functions.sh index a596932..4d1998f 100644 --- a/net/ddns-scripts/files/usr/lib/ddns/dynamic_dns_functions.sh +++ b/net/ddns-scripts/files/usr/lib/ddns/dynamic_dns_functions.sh @@ -16,8 +16,8 @@ #also, sets all_option_variables to a list of the variable names load_all_config_options() { - pkg_name="$1" - section_id="$2" + local pkg_name="$1" + local section_id="$2" ALL_OPTION_VARIABLES="" # this callback loads all the variables @@ -30,33 +30,32 @@ load_all_config_options() # and $2 is the name of the section config_cb() { - if [ ."$2" = ."$section_id" ]; then + if [ "$2" = "$section_id" ]; then option_cb() { - ALL_OPTION_VARIABLES="$ALL_OPTION_VARIABLES $1" + local var="$1" + config_get "$var" "$section_id" "$var" + ALL_OPTION_VARIABLES="$ALL_OPTION_VARIABLES $var" } else - option_cb() { return 0; } + option_cb() {} fi } config_load "$pkg_name" - for var in $ALL_OPTION_VARIABLES - do - config_get "$var" "$section_id" "$var" - done + reset_cb } get_current_ip() { - #if ip source is not defined, assume we want to get ip from wan - if [ "$ip_source" != "interface" ] && [ "$ip_source" != "web" ] && [ "$ip_source" != "script" ] - then - ip_source="network" - fi + #if ip source is not defined, assume we want to get ip from wan + case "$ip_source" in + interface|web|script) ;; + *) ip_source="network";; + esac if [ "$ip_source" = "network" ] then @@ -66,35 +65,26 @@ get_current_ip() fi fi - current_ip=''; - if [ "$ip_source" = "network" ] - then - network_get_ipaddr current_ip "$ip_network" || return - elif [ "$ip_source" = "interface" ] - then - current_ip=$(ifconfig $ip_interface | grep -o 'inet addr:[0-9.]*' | grep -o "$ip_regex") - elif [ "$ip_source" = "script" ] - then - # get ip from script - current_ip=$($ip_script) - else - # get ip from web - # we check each url in order in ip_url variable, and if no ips are found we use dyndns ip checker - # ip is set to FIRST expression in page that matches the ip_regex regular expression - for addr in $ip_url - do - if [ -z "$current_ip" ] - then - current_ip=$(echo $( wget -O - $addr 2>/dev/null) | grep -o "$ip_regex") - fi - done - - #here we hard-code the dyndns checkip url in case no url was specified - if [ -z "$current_ip" ] - then - current_ip=$(echo $( wget -O - http://checkip.dyndns.org 2>/dev/null) | grep -o "$ip_regex") - fi - fi + local current_ip='' + case "$ip_source" in + network) network_get_ipaddr current_ip "$ip_network" || return ;; + interface) current_ip=$(ifconfig $ip_interface | awk -F: '/inet addr/ { split($2, _, " "); print _[1] }') ;; + script) current_ip=$($ip_script) ;; + *) + # get ip from web + # we check each url in order in ip_url variable, and if no ips are found we use dyndns ip checker + # ip is set to FIRST expression in page that matches the ip_regex regular expression + #here we hard-code the dyndns checkip url in case no url was specified + for addr in $ip_url http://checkip.dyndns.org + do + current_ip
[OpenWrt-Devel] kernel vermagic and modules
I noticed that the kernel package has a vermagic as the last component of the version. Module packages depend on the specific version of kernel package, such that if you change the kernel config, you cannot install (opkg rejects) module packages built with the new config, on a system with the old kernel package. I suspect this is to prevent binary incompatibility which could crash the system at the kernel level. This makes sense. But you also cannot build and install new kernel modules after the first kernel build (which is part of the main purpose of modules). For instance I did not build kmod-nfnetlink and kmod-nfnetlink-queue at first, but now I wish to install them (some usermode package depends on them). In reality the module files are perfectly compatible because I have not changed any other kernel options beside enabling those two modules. The vermagic is computed like this [1]: $(SH_FUNC) grep '=[ym]' $(LINUX_DIR)/.config | LC_ALL=C sort | md5s > $(LINUX_DIR)/.vermagic So if I enable or disable any kernel built-in function (the "y" part), this breaks compatibility with new modules. Ok, this makes sense. But also if I disable or enable any modules ("m" part), this breaks compatibility. Does this make sense? If I disable or enable a module, any new modules should still be compatible with the kernel core, right? The Linux module system already has mechanims to prevent insertion of incompatible modules into a running system. On my desktop, I see this: $ modinfo video [...] vermagic: 3.8.0-33-generic SMP mod_unload modversions The kernel blocks inserting a module where this vermagic doesn't match [2]. (this is a different concept from OpenWrt's vermagic) There is simply the set of symbols exported from the kernel - if a module needs a symbol that is not available, it will not load. But this is a pretty weak mechanisms as it does not detect other ABI changes (struct layouts etc). There is CONFIG_MODVERSIONS, which fingerprints ABI of each symbol using CRC(full prototype) [3]. I am not familiar with the implementation, but the documentation suggests it might be useful. This is enabled on my desktop and appears to be a mature feature. I'm not sure if this needs arch-level support - hopefully not and it's just a matter of setting CONFIG_MODVERSIONS=y. Could OpenWrt rely a bit more on the kernel's protections, to give more flexibility in enabling modules after the first build? I can spend some time on patches for this, but I wanted to open the discussion first to understand the problem more broadly. Catalin [1] https://dev.openwrt.org/browser/trunk/include/kernel-defaults.mk#L108 [2] http://lxr.linux.no/linux+v3.12.1/kernel/module.c#L2719 [3] http://lxr.linux.no/linux+v3.12.1/Documentation/kbuild/modules.txt#L426 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] ag71xx: fix ag71xx_probe error path
Signed-off-by: Catalin Patulea --- .../net/ethernet/atheros/ag71xx/ag71xx_main.c |4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/target/linux/ar71xx/files/drivers/net/ethernet/atheros/ag71xx/ag71xx_main.c b/target/linux/ar71xx/files/drivers/net/ethernet/atheros/ag71xx/ag71xx_main.c index f4d6735..0c2163f 100644 --- a/target/linux/ar71xx/files/drivers/net/ethernet/atheros/ag71xx/ag71xx_main.c +++ b/target/linux/ar71xx/files/drivers/net/ethernet/atheros/ag71xx/ag71xx_main.c @@ -1197,7 +1197,7 @@ static int ag71xx_probe(struct platform_device *pdev) err = register_netdev(dev); if (err) { dev_err(&pdev->dev, "unable to register net device\n"); - goto err_phy_disconnect; + goto err_debugfs_exit; } pr_info("%s: Atheros AG71xx at 0x%08lx, irq %d, mode:%s\n", @@ -1206,6 +1206,8 @@ static int ag71xx_probe(struct platform_device *pdev) return 0; +err_debugfs_exit: + ag71xx_debugfs_exit(ag); err_phy_disconnect: ag71xx_phy_disconnect(ag); err_free_desc: -- 1.7.9.5 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] ag71xx: fix a race involving netdev registration
On Sun, Nov 3, 2013 at 3:16 AM, Catalin Patulea wrote: > In particular, phy_connect before register_netdev. This is because > register_netdev runs the netdev notifiers, which can race with the rest of > the initialization in ag71xx_probe. Here's someone who demonstrated that this race condition exists by modifying e1000: http://stackoverflow.com/questions/17899396/concurrency-in-the-linux-network-drivers-probe-vs-ndo-open-ndo-start-xmit (question part #1 and the EDIT) The same thing applies to ag71xx - we must prevent ag71xx_open from being called before ag71xx_probe completes. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] ag71xx: fix a race involving netdev registration
In particular, phy_connect before register_netdev. This is because register_netdev runs the netdev notifiers, which can race with the rest of the initialization in ag71xx_probe. In my case this manifested in two ways: 1) If ag71xx is compiled as a module and inserted after netifd has started, netifd is notified by register_netdev before the call to ag71xx_phy_connect. netifd tries to bring the interface up, which calls ag71xx_open, which in turn enters ag71xx_phy_start. This keys off ag->phy_dev (which is still NULL) and thinks this is a fixed-link board, and enters ag71xx_link_adjust. This looks at ag->speed which is not yet initialized and hits the BUG() in the switch (ag->speed) in ag71xx_link_adjust. This is the wrong code path for ag71xx_phy_start - my board has PHYs that need to be brought up with phy_start. Doing ag71xx_phy_connect before register_netdev ensures that ag->phy_dev is non-NULL before ag71xx_phy_start is ever called. 2) When ag71xx is built into the kernel, and netconsole is enabled, there is a gap in the initial burst of replayed printks right after the netdev comes up. My assumption is that netconsole is also triggered by a netdev notifier, and part of this printk burst happens before the call into ag71xx_phy_connect, so part of the burst is lost while the PHY comes up. This patch fixes the gap - all the printks before eth0 comes up are bursted in full when netconsole initializes. ag71xx_phy_connect_xxx no longer runs with a registered netdev, so the logging has been adjusted accordingly to avoid "unregistered net_device" or "eth%d" messages in dmesg. Signed-off-by: Catalin Patulea --- .../net/ethernet/atheros/ag71xx/ag71xx_main.c | 24 +--- .../net/ethernet/atheros/ag71xx/ag71xx_phy.c | 20 2 files changed, 21 insertions(+), 23 deletions(-) diff --git a/target/linux/ar71xx/files/drivers/net/ethernet/atheros/ag71xx/ag71xx_main.c b/target/linux/ar71xx/files/drivers/net/ethernet/atheros/ag71xx/ag71xx_main.c index fc6be0e..f4d6735 100644 --- a/target/linux/ar71xx/files/drivers/net/ethernet/atheros/ag71xx/ag71xx_main.c +++ b/target/linux/ar71xx/files/drivers/net/ethernet/atheros/ag71xx/ag71xx_main.c @@ -1178,16 +1178,6 @@ static int ag71xx_probe(struct platform_device *pdev) netif_napi_add(dev, &ag->napi, ag71xx_poll, AG71XX_NAPI_WEIGHT); - err = register_netdev(dev); - if (err) { - dev_err(&pdev->dev, "unable to register net device\n"); - goto err_free_desc; - } - - pr_info("%s: Atheros AG71xx at 0x%08lx, irq %d, mode:%s\n", - dev->name, dev->base_addr, dev->irq, - ag71xx_get_phy_if_mode_name(pdata->phy_if_mode)); - ag71xx_dump_regs(ag); ag71xx_hw_init(ag); @@ -1196,7 +1186,7 @@ static int ag71xx_probe(struct platform_device *pdev) err = ag71xx_phy_connect(ag); if (err) - goto err_unregister_netdev; + goto err_free_desc; err = ag71xx_debugfs_init(ag); if (err) @@ -1204,12 +1194,20 @@ static int ag71xx_probe(struct platform_device *pdev) platform_set_drvdata(pdev, dev); + err = register_netdev(dev); + if (err) { + dev_err(&pdev->dev, "unable to register net device\n"); + goto err_phy_disconnect; + } + + pr_info("%s: Atheros AG71xx at 0x%08lx, irq %d, mode:%s\n", + dev->name, dev->base_addr, dev->irq, + ag71xx_get_phy_if_mode_name(pdata->phy_if_mode)); + return 0; err_phy_disconnect: ag71xx_phy_disconnect(ag); -err_unregister_netdev: - unregister_netdev(dev); err_free_desc: dma_free_coherent(NULL, sizeof(struct ag71xx_desc), ag->stop_desc, ag->stop_desc_dma); diff --git a/target/linux/ar71xx/files/drivers/net/ethernet/atheros/ag71xx/ag71xx_phy.c b/target/linux/ar71xx/files/drivers/net/ethernet/atheros/ag71xx/ag71xx_phy.c index f3791e2..9de77e9 100644 --- a/target/linux/ar71xx/files/drivers/net/ethernet/atheros/ag71xx/ag71xx_phy.c +++ b/target/linux/ar71xx/files/drivers/net/ethernet/atheros/ag71xx/ag71xx_phy.c @@ -76,7 +76,7 @@ void ag71xx_phy_stop(struct ag71xx *ag) static int ag71xx_phy_connect_fixed(struct ag71xx *ag) { - struct net_device *dev = ag->dev; + struct device *dev = &ag->pdev->dev; struct ag71xx_platform_data *pdata = ag71xx_get_pdata(ag); int ret = 0; @@ -87,12 +87,12 @@ static int ag71xx_phy_connect_fixed(struct ag71xx *ag) case SPEED_1000: break; default: - netdev_err(dev, "invalid speed specified\n"); + dev_err(dev, "invalid speed specified\n"); ret = -EINVAL;
[OpenWrt-Devel] [PATCH] dropbear: add dropbear.nl mirror, provided by dropbear maintainer
Signed-off-by: Catalin Patulea --- package/network/services/dropbear/Makefile |3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index f025c4d..02be761 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -13,7 +13,8 @@ PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:= \ - http://matt.ucc.asn.au/dropbear/releases/ + http://matt.ucc.asn.au/dropbear/releases/ \ + https://dropbear.nl/mirror/releases/ PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 PKG_LICENSE:=MIT -- 1.7.9.5 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCHv2] dropbear: update to 2013.59 (released 4 october 2013)
- drop mirror www.mirrors.wiretapped.net (not working anymore) - drop patch 300-ipv6_addr_port_split.patch, included upstream - refresh patches - various upstream changes: http://matt.ucc.asn.au/dropbear/CHANGES Signed-off-by: Catalin Patulea --- New in v2: - go back to PKG_MD5SUM, that's the only valid one package/network/services/dropbear/Makefile |9 - .../dropbear/patches/110-change_user.patch |2 +- .../dropbear/patches/120-openwrt_options.patch | 21 .../patches/130-ssh_ignore_o_and_x_args.patch |6 +++--- .../dropbear/patches/140-disable_assert.patch |5 +++-- .../dropbear/patches/200-lcrypt_bsdfix.patch |4 ++-- .../patches/300-ipv6_addr_port_split.patch | 11 -- .../dropbear/patches/500-set-default-path.patch|2 +- 8 files changed, 22 insertions(+), 38 deletions(-) delete mode 100644 package/network/services/dropbear/patches/300-ipv6_addr_port_split.patch diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index b7708b1..f025c4d 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -8,14 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear -PKG_VERSION:=2012.55 -PKG_RELEASE:=2 +PKG_VERSION:=2013.59 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:= \ - http://matt.ucc.asn.au/dropbear/releases/ \ - http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/ -PKG_MD5SUM:=8c784baec3054cdb1bb4bfa792c87812 + http://matt.ucc.asn.au/dropbear/releases/ +PKG_MD5SUM:=6c1e6c2c297f4034488ffc95e8b7e6e9 PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE diff --git a/package/network/services/dropbear/patches/110-change_user.patch b/package/network/services/dropbear/patches/110-change_user.patch index a354eda..48228ea 100644 --- a/package/network/services/dropbear/patches/110-change_user.patch +++ b/package/network/services/dropbear/patches/110-change_user.patch @@ -1,6 +1,6 @@ --- a/svr-chansession.c +++ b/svr-chansession.c -@@ -891,12 +891,12 @@ static void execchild(void *user_data) { +@@ -889,12 +889,12 @@ static void execchild(void *user_data) { /* We can only change uid/gid as root ... */ if (getuid() == 0) { diff --git a/package/network/services/dropbear/patches/120-openwrt_options.patch b/package/network/services/dropbear/patches/120-openwrt_options.patch index 977f631..9300a27 100644 --- a/package/network/services/dropbear/patches/120-openwrt_options.patch +++ b/package/network/services/dropbear/patches/120-openwrt_options.patch @@ -25,9 +25,9 @@ -#define ENABLE_CLI_NETCAT +/*#define ENABLE_CLI_NETCAT*/ - /* Encryption - at least one required. - * Protocol RFC requires 3DES and recommends AES128 for interoperability. -@@ -89,8 +89,8 @@ much traffic. */ + /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */ + #define ENABLE_USER_ALGO_LIST +@@ -92,8 +92,8 @@ much traffic. */ #define DROPBEAR_AES256 /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ /*#define DROPBEAR_BLOWFISH*/ @@ -38,21 +38,16 @@ /* Enable "Counter Mode" for ciphers. This is more secure than normal * CBC mode against certain attacks. This adds around 1kB to binary -@@ -110,7 +110,7 @@ much traffic. */ +@@ -119,7 +119,7 @@ much traffic. */ * If you disable MD5, Dropbear will fall back to SHA1 fingerprints, * which are not the standard form. */ #define DROPBEAR_SHA1_HMAC -#define DROPBEAR_SHA1_96_HMAC +/*#define DROPBEAR_SHA1_96_HMAC*/ + /*#define DROPBEAR_SHA2_256_HMAC*/ + /*#define DROPBEAR_SHA2_512_HMAC*/ #define DROPBEAR_MD5_HMAC - - /* Hostkey/public key algorithms - at least one required, these are used -@@ -144,11 +144,11 @@ much traffic. */ - #endif - - /* Whether to do reverse DNS lookups. */ --#define DO_HOST_LOOKUP -+/*#define DO_HOST_LOOKUP*/ +@@ -157,7 +157,7 @@ much traffic. */ /* Whether to print the message of the day (MOTD). This doesn't add much code * size */ @@ -61,7 +56,7 @@ /* The MOTD file path */ #ifndef MOTD_FILENAME -@@ -192,7 +192,7 @@ much traffic. */ +@@ -195,7 +195,7 @@ much traffic. */ * note that it will be provided for all "hidden" client-interactive * style prompts - if you want something more sophisticated, use * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/ diff --git a/package/network/services/dropbear/patches/130-ssh_ignore_o_and_x_args.patch b/package/network/services/dropbear/patches/130-ssh_ignore_o_and_x_args.patch index 93647a9..6de652b 100644 --- a/package/network/services/dropbear/patches/130-ssh_ignore_o_and_x_args.patch +++ b/package/network/services/dropbear/patches/130-ssh_ignore_o_and_x_args.patch @@ -1,6 +1,6 @@ --- a/cli-runopts.c +++ b/cli-runopts
[OpenWrt-Devel] [PATCH] dropbear: update to 2013.59 (released 4 october 2013)
- drop mirror www.mirrors.wiretapped.net (not working anymore) - drop patch 300-ipv6_addr_port_split.patch, included upstream - refresh patches - various upstream changes: http://matt.ucc.asn.au/dropbear/CHANGES Signed-off-by: Catalin Patulea --- package/network/services/dropbear/Makefile |9 - .../dropbear/patches/110-change_user.patch |2 +- .../dropbear/patches/120-openwrt_options.patch | 21 .../patches/130-ssh_ignore_o_and_x_args.patch |6 +++--- .../dropbear/patches/140-disable_assert.patch |5 +++-- .../dropbear/patches/200-lcrypt_bsdfix.patch |4 ++-- .../patches/300-ipv6_addr_port_split.patch | 11 -- .../dropbear/patches/500-set-default-path.patch|2 +- 8 files changed, 22 insertions(+), 38 deletions(-) delete mode 100644 package/network/services/dropbear/patches/300-ipv6_addr_port_split.patch diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index b7708b1..2fd12b7 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -8,14 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear -PKG_VERSION:=2012.55 -PKG_RELEASE:=2 +PKG_VERSION:=2013.59 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:= \ - http://matt.ucc.asn.au/dropbear/releases/ \ - http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/ -PKG_MD5SUM:=8c784baec3054cdb1bb4bfa792c87812 + http://matt.ucc.asn.au/dropbear/releases/ +PKG_SHA1SUM:=86849db6a4cf9dd99c97329ca6446d91f2143f75 PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE diff --git a/package/network/services/dropbear/patches/110-change_user.patch b/package/network/services/dropbear/patches/110-change_user.patch index a354eda..48228ea 100644 --- a/package/network/services/dropbear/patches/110-change_user.patch +++ b/package/network/services/dropbear/patches/110-change_user.patch @@ -1,6 +1,6 @@ --- a/svr-chansession.c +++ b/svr-chansession.c -@@ -891,12 +891,12 @@ static void execchild(void *user_data) { +@@ -889,12 +889,12 @@ static void execchild(void *user_data) { /* We can only change uid/gid as root ... */ if (getuid() == 0) { diff --git a/package/network/services/dropbear/patches/120-openwrt_options.patch b/package/network/services/dropbear/patches/120-openwrt_options.patch index 977f631..9300a27 100644 --- a/package/network/services/dropbear/patches/120-openwrt_options.patch +++ b/package/network/services/dropbear/patches/120-openwrt_options.patch @@ -25,9 +25,9 @@ -#define ENABLE_CLI_NETCAT +/*#define ENABLE_CLI_NETCAT*/ - /* Encryption - at least one required. - * Protocol RFC requires 3DES and recommends AES128 for interoperability. -@@ -89,8 +89,8 @@ much traffic. */ + /* Whether to support "-c" and "-m" flags to choose ciphers/MACs at runtime */ + #define ENABLE_USER_ALGO_LIST +@@ -92,8 +92,8 @@ much traffic. */ #define DROPBEAR_AES256 /* Compiling in Blowfish will add ~6kB to runtime heap memory usage */ /*#define DROPBEAR_BLOWFISH*/ @@ -38,21 +38,16 @@ /* Enable "Counter Mode" for ciphers. This is more secure than normal * CBC mode against certain attacks. This adds around 1kB to binary -@@ -110,7 +110,7 @@ much traffic. */ +@@ -119,7 +119,7 @@ much traffic. */ * If you disable MD5, Dropbear will fall back to SHA1 fingerprints, * which are not the standard form. */ #define DROPBEAR_SHA1_HMAC -#define DROPBEAR_SHA1_96_HMAC +/*#define DROPBEAR_SHA1_96_HMAC*/ + /*#define DROPBEAR_SHA2_256_HMAC*/ + /*#define DROPBEAR_SHA2_512_HMAC*/ #define DROPBEAR_MD5_HMAC - - /* Hostkey/public key algorithms - at least one required, these are used -@@ -144,11 +144,11 @@ much traffic. */ - #endif - - /* Whether to do reverse DNS lookups. */ --#define DO_HOST_LOOKUP -+/*#define DO_HOST_LOOKUP*/ +@@ -157,7 +157,7 @@ much traffic. */ /* Whether to print the message of the day (MOTD). This doesn't add much code * size */ @@ -61,7 +56,7 @@ /* The MOTD file path */ #ifndef MOTD_FILENAME -@@ -192,7 +192,7 @@ much traffic. */ +@@ -195,7 +195,7 @@ much traffic. */ * note that it will be provided for all "hidden" client-interactive * style prompts - if you want something more sophisticated, use * SSH_ASKPASS instead. Comment out this var to remove this functionality.*/ diff --git a/package/network/services/dropbear/patches/130-ssh_ignore_o_and_x_args.patch b/package/network/services/dropbear/patches/130-ssh_ignore_o_and_x_args.patch index 93647a9..6de652b 100644 --- a/package/network/services/dropbear/patches/130-ssh_ignore_o_and_x_args.patch +++ b/package/network/services/dropbear/patches/130-ssh_ignore_o_and_x_args.patch @@ -1,6 +1,6 @@ --- a/cli-runopts.c +++ b/cli-runopts.c -@@ -287,6 +287,10 @@ void cli_getopts(int argc, char ** arg
Re: [OpenWrt-Devel] opkg development and OpenWRT
Huh! For some reason I thought opkg was specific to, and maintained by, OpenWrt, so I suppose this is really good news! Is there an opkg mailing list that interested parties could subscribe to? Or some other medium by which you will make announcements? On Thu, Oct 3, 2013 at 9:11 AM, Paul Barker wrote: > Hi all, > > Hope this isn't irrelevant/unwanted/wrong mailing list - let me know if it > is... > > I'm the new maintainer of opkg. We're currently reviving the project > after a couple of years of very low activity. Just wanted to let you > know that we've put out an 0.2.0 release which you may wish to upgrade > to. I wouldn't normally cross-announce this but as it's the first > release since 2010 it might otherwise go unnoticed. > > I also see that you have a bunch of patches for opkg (under > https://dev.openwrt.org/browser/trunk/package/system/opkg/patches). > I'd be happy to consider patches for inclusion in the next opkg > release if you'd like to get them into the mainline. I can also let > you know which ones will likely break in upcoming releases (eg. > "070-use_gzipped_pkg_list.patch" - the gz_open function is going to be > removed fairly soon). > > The discussion group and issue tracker can be found through > https://code.google.com/p/opkg/ - would be good to get bug reports, > feature requests and patches off OpenWRT so that we can improve opkg > for everyone. > > Many thanks, > > -- > Paul Barker > > Email: p...@paulbarker.me.uk > http://www.paulbarker.me.uk > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] ath79: switch to async_schedule for mtdconcat
schedule_work doesn't enforce that the work be done before prepare_namespace tries to find a rootfs. If device probing is fast enough, we can panic with "VFS: Unable to mount root fs" before the mtdconcat comes up. prepare_namespace calls wait_for_device_probe first, which waits for all async calls in the default domain (eg. scheduled with async_schedule) to finish. The last catch is that plain mtd_device_register tries to load partition parsing modules and module loading is prohibited in async calls. The fix is to prevent mtd_device_register from trying any partition parsers by calling mtd_device_parse_register directly and passing an empty parser list. Signed-off-by: Catalin Patulea --- .../ar71xx/files/arch/mips/ath79/dev-m25p80.c | 17 - 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/target/linux/ar71xx/files/arch/mips/ath79/dev-m25p80.c b/target/linux/ar71xx/files/arch/mips/ath79/dev-m25p80.c index 9323b31..8cdb2f6 100644 --- a/target/linux/ar71xx/files/arch/mips/ath79/dev-m25p80.c +++ b/target/linux/ar71xx/files/arch/mips/ath79/dev-m25p80.c @@ -6,6 +6,7 @@ * by the Free Software Foundation. */ +#include #include #include #include @@ -59,15 +60,20 @@ void __init ath79_register_m25p80(struct flash_platform_data *pdata) static struct flash_platform_data *multi_pdata; static struct mtd_info *concat_devs[2] = { NULL, NULL }; -static struct work_struct mtd_concat_work; -static void mtd_concat_add_work(struct work_struct *work) +static void mtd_concat_add_async(void *unused_data, +async_cookie_t unused_cookie) { + /* don't try to load partition parser modules, module loading is +* disallowed in async */ + const char *types[] = {NULL}; + struct mtd_info *mtd; mtd = mtd_concat_create(concat_devs, ARRAY_SIZE(concat_devs), "flash"); - mtd_device_register(mtd, multi_pdata->parts, multi_pdata->nr_parts); + mtd_device_parse_register(mtd, types, NULL, multi_pdata->parts, + multi_pdata->nr_parts); } static void mtd_concat_add(struct mtd_info *mtd) @@ -88,8 +94,9 @@ static void mtd_concat_add(struct mtd_info *mtd) return; registered = true; - INIT_WORK(&mtd_concat_work, mtd_concat_add_work); - schedule_work(&mtd_concat_work); + + /* make sure we complete before prepare_namespace looks for rootfs */ + async_schedule(&mtd_concat_add_async, NULL); } static void mtd_concat_remove(struct mtd_info *mtd) -- 1.7.9.5 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] image: mode fixup: fix ssh host key filename wildcard
You use openssh on openwrt? On Mon, Sep 23, 2013 at 3:07 AM, Bastian Bittorf wrote: > * Catalin Patulea [23.09.2013 09:06]: >> I guess this was ssh_host* for historical reasons (or maybe for OpenSSH), but >> dropbear is the more common sshd. This makes preconfigured images (with files >> in files/ have the right modes on the ssh host keys). > > please simply do both variants? bye, bastian > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] image: mode fixup: fix ssh host key filename wildcard
I guess this was ssh_host* for historical reasons (or maybe for OpenSSH), but dropbear is the more common sshd. This makes preconfigured images (with files in files/ have the right modes on the ssh host keys). Signed-off-by: Catalin Patulea --- include/image.mk |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/image.mk b/include/image.mk index 09eda73..62bd423 100644 --- a/include/image.mk +++ b/include/image.mk @@ -154,7 +154,7 @@ endif define Image/mkfs/prepare/default # Use symbolic permissions to avoid clobbering SUID/SGID/sticky bits - - $(FIND) $(TARGET_DIR) -type f -not -perm +0100 -not -name 'ssh_host*' -not -name 'shadow' -print0 | $(XARGS) -0 chmod u+rw,g+r,o+r + - $(FIND) $(TARGET_DIR) -type f -not -perm +0100 -not -name 'dropbear_*_host_key' -not -name 'shadow' -print0 | $(XARGS) -0 chmod u+rw,g+r,o+r - $(FIND) $(TARGET_DIR) -type f -perm +0100 -print0 | $(XARGS) -0 chmod u+rwx,g+rx,o+rx - $(FIND) $(TARGET_DIR) -type d -print0 | $(XARGS) -0 chmod u+rwx,g+rx,o+rx $(INSTALL_DIR) $(TARGET_DIR)/tmp -- 1.7.9.5 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] base-files: make sysupgrade -l reflect the value of -c
Signed-off-by: Catalin Patulea --- package/base-files/files/sbin/sysupgrade |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package/base-files/files/sbin/sysupgrade b/package/base-files/files/sbin/sysupgrade index eb5ab03..ddb7a83 100755 --- a/package/base-files/files/sbin/sysupgrade +++ b/package/base-files/files/sbin/sysupgrade @@ -143,7 +143,7 @@ do_save_conffiles() { } if [ $CONF_BACKUP_LIST -eq 1 ]; then - add_uci_conffiles "$CONFFILES" + run_hooks "$CONFFILES" $sysupgrade_init_conffiles cat "$CONFFILES" rm -f "$CONFFILES" exit 0 -- 1.7.9.5 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Update minidlna to version 1.1.0
On Thu, Jul 18, 2013 at 5:24 AM, alpha sparc wrote: > define Package/minidlna/conffiles > +/etc/config/minidlna > /etc/minidlna.conf /etc/minidlna.conf is never used.. no reason to keep it in conffiles, right? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCHv2] minidlna: update to 1.1.0
Cezary, could you post your full minidlna package for comparison? I could not find it in your packages repo on github. On Tue, Jul 23, 2013 at 12:31 AM, Cezary Jackiewicz wrote: > Dnia 2013-07-22, o godz. 21:52:42 > Catalin Patulea napisał(a): > >> Based on original patch from alpha sparc . >> >> - upstream renamed binary to minidlnad and moved to sbin >> - drop patches (merged upstream) >> - fix passing configure params >> - need to pass pidfile path explicitly now > > Kernel.mk is also not necessary 1.1.0 > > -- > Pozdrawiam, > Cezary Jackiewicz > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCHv2] minidlna: update to 1.1.0
Based on original patch from alpha sparc . - upstream renamed binary to minidlnad and moved to sbin - drop patches (merged upstream) - fix passing configure params - need to pass pidfile path explicitly now Signed-off-by: Catalin Patulea --- multimedia/minidlna/Makefile | 30 +++ multimedia/minidlna/files/minidlna.init|4 +- .../minidlna/patches/010-genconfig-checks.patch| 92 .../minidlna/patches/020-makefile-tweaks.patch | 48 -- .../minidlna/patches/030-missing-include.patch | 10 --- ...-1.0.25-fix-libavformat-api-feature-check.patch | 11 --- 6 files changed, 17 insertions(+), 178 deletions(-) delete mode 100644 multimedia/minidlna/patches/010-genconfig-checks.patch delete mode 100644 multimedia/minidlna/patches/020-makefile-tweaks.patch delete mode 100644 multimedia/minidlna/patches/030-missing-include.patch delete mode 100644 multimedia/minidlna/patches/040-minidlna-1.0.25-fix-libavformat-api-feature-check.patch 0001-minidlna-update-to-1.1.0.patch Description: Binary data ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Update minidlna to version 1.1.0
I would love to, but I don't have commit access. I guess we'll have to wait for someone who does to notice. On Jul 20, 2013 6:58 PM, "alpha sparc" wrote: > Feel free to check all of them in as a new Patch =) > ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Enable POSIX Threads and Disable Debug in wget
ar71xx binary size profile: 472,738 bytes baseline 452,623 (-4.2%) --disable-debug 452,623 --disable-debug --enable-threads=posix BTW, any reason not to use busybox wget (BUSYBOX_CONFIG_WGET)? On Fri, Jul 19, 2013 at 7:44 PM, Catalin Patulea wrote: > Indeed, --disable-debug alone shaves 5% off ar71xx ipkg size: > 176,652 bytes before > 167,026 bytes with --disable-debug > > But I'm not sure about --enable-threads=posix. By default my > config.log shows "Thread model: posix". Looking at lib/glthread/lock.c > it's not immediately obvious to me which code is active under what > conditions. > > My ipkg seems to *grow* when adding threads=posix: > 167,055 --disable-debug --enable-threads=posix > > but this must mean my test is inconclusive. What led you to pass > --enable-threads=posix? > > On Thu, Jul 18, 2013 at 4:13 PM, alpha sparc wrote: >> This patch enables POSIX threading in wget and disables debug hence >> making a smaller binary. >> Tested and working. >> >> >> Index : feeds/packages/net/wget/Makefile >> === >> --- feeds/packages/net/wget/Makefile(revision 37381) >> +++ feeds/packages/net/wget/Makefile(working copy) >> @@ -1,5 +1,5 @@ >> # >> -# Copyright (C) 2007-2011 OpenWrt.org >> +# Copyright (C) 2007-2013 OpenWrt.org >> # >> # This is free software, licensed under the GNU General Public License v2. >> # See /LICENSE for more information. >> @@ -63,7 +63,9 @@ endef >> >> CONFIGURE_ARGS+= \ >> --disable-rpath \ >> - --disable-iri >> + --disable-iri \ >> + --disable-debug \ >> + --enable-threads=posix \ >> >> CONFIGURE_VARS += \ >> ac_cv_header_uuid_uuid_h=no >> ___ >> openwrt-devel mailing list >> openwrt-devel@lists.openwrt.org >> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Enable POSIX Threads and Disable Debug in wget
Indeed, --disable-debug alone shaves 5% off ar71xx ipkg size: 176,652 bytes before 167,026 bytes with --disable-debug But I'm not sure about --enable-threads=posix. By default my config.log shows "Thread model: posix". Looking at lib/glthread/lock.c it's not immediately obvious to me which code is active under what conditions. My ipkg seems to *grow* when adding threads=posix: 167,055 --disable-debug --enable-threads=posix but this must mean my test is inconclusive. What led you to pass --enable-threads=posix? On Thu, Jul 18, 2013 at 4:13 PM, alpha sparc wrote: > This patch enables POSIX threading in wget and disables debug hence > making a smaller binary. > Tested and working. > > > Index : feeds/packages/net/wget/Makefile > === > --- feeds/packages/net/wget/Makefile(revision 37381) > +++ feeds/packages/net/wget/Makefile(working copy) > @@ -1,5 +1,5 @@ > # > -# Copyright (C) 2007-2011 OpenWrt.org > +# Copyright (C) 2007-2013 OpenWrt.org > # > # This is free software, licensed under the GNU General Public License v2. > # See /LICENSE for more information. > @@ -63,7 +63,9 @@ endef > > CONFIGURE_ARGS+= \ > --disable-rpath \ > - --disable-iri > + --disable-iri \ > + --disable-debug \ > + --enable-threads=posix \ > > CONFIGURE_VARS += \ > ac_cv_header_uuid_uuid_h=no > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Update minidlna to version 1.1.0
The problem with 'minidlna stop' was that the default pidfile path silently changed upstream. Upstream also moved their binary from /usr/bin to /usr/sbin. Your original patch, along with fixes to 'minidlna stop' and moving the binary to sbin, are posted here (last 3 commits): https://github.com/cpatulea/openwrt-packages/commits/master On Thu, Jul 18, 2013 at 12:31 PM, alpha sparc wrote: > I forgot to add that upstream has changed the Makefile procedure and > all the patches have been fixed upstream so they can be deleted > > On Thu, Jul 18, 2013 at 5:24 PM, alpha sparc wrote: >> This patch updates the minidlna package in OpenWRT to 1.1.0. >> The upstream developers renamed the binary of minidlna to minidlnad so >> we have to make the changes accordingly to luci-minidlna. >> All the path to /usr/bin/minidlna should be renamed to /usr/bin/minidlnad. >> However during testing I found that "/etc/init.d/minidlna stop" does >> not kill the service can someone test the patch and help me resolve >> the issue? >> >> Index: feeds/packages/multimedia/minidlna/Makefile >> === >> --- feeds/packages/multimedia/minidlna/Makefile (revision 37381) >> +++ feeds/packages/multimedia/minidlna/Makefile (working copy) >> @@ -8,12 +8,12 @@ >> include $(TOPDIR)/rules.mk >> >> PKG_NAME:=minidlna >> -PKG_VERSION:=1.0.25 >> +PKG_VERSION:=1.1.0 >> PKG_RELEASE:=1 >> >> -PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION)_src.tar.gz >> +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz >> PKG_SOURCE_URL:=@SF/minidlna >> -PKG_MD5SUM:=d966256baf2f9b068b9de871ab5dade5 >> +PKG_MD5SUM:=26484a84af3fceafdee26595aae097f7 >> >> PKG_BUILD_PARALLEL:=0 >> PKG_BUILD_DEPENDS:=util-linux >> @@ -38,6 +38,7 @@ define Package/minidlna/description >> endef >> >> define Package/minidlna/conffiles >> +/etc/config/minidlna >> /etc/minidlna.conf >> endef >> >> @@ -64,20 +65,19 @@ MAKE_FLAGS +=\ >> LDFLAGS="$(TARGET_LDFLAGS)" \ >> ICONV_LIBS="-liconv $(if $(INTL_FULL),-lintl)" \ >> >> -MAKE_VARS +=\ >> - PREFIX="$(STAGING_DIR)/usr" \ >> - ICONV_PREFIX="$(ICONV_PREFIX)" \ >> - INTL_PREFIX="$(INTL_PREFIX)" \ >> - OS_NAME="OpenWrt Linux" \ >> - OS_VERSION="$(LINUX_VERSION)" \ >> - OS_URL="http://openwrt.org/"; \ >> - DB_PATH="/var/run/minidlna" \ >> - LOG_PATH="/var/log" \ >> - >> +CONFIGURE_ARGS += \ >> + --program-prefix="$(STAGING_DIR)/usr" \ >> + --with-libiconv-prefix="$(ICONV_PREFIX)" \ >> + --with-libintl-prefix="$(INTL_PREFIX)" \ >> + --with-os-name="OpenWrt Linux" \ >> + --with-os-version="$(LINUX_VERSION)" \ >> + --with-os-url="http://openwrt.org/"; \ >> + --with-db-path="/var/run/minidlna" \ >> + --with-log-path="/var/log" \ >> >> define Package/minidlna/install >> $(INSTALL_DIR) $(1)/usr/bin >> - $(INSTALL_BIN) $(PKG_BUILD_DIR)/minidlna $(1)/usr/bin/ >> + $(INSTALL_BIN) $(PKG_BUILD_DIR)/minidlnad $(1)/usr/bin/ >> $(INSTALL_DIR) $(1)/etc/init.d >> $(INSTALL_BIN) ./files/minidlna.init $(1)/etc/init.d/minidlna >> $(INSTALL_DIR) $(1)/etc/config >> Index: feeds/packages/multimedia/minidlna/Makefile >> === >> --- feeds/packages/multimedia/minidlna/files/minidlna.init (revision >> 37381) >> +++ feeds/packages/multimedia/minidlna/files/minidlna.init (working >> copy) >> @@ -88,9 +88,9 @@ start() { >> >> mkdir -m 0755 -p $db_dir >> mkdir -m 0755 -p $log_dir >> - service_start /usr/bin/minidlna -f "$MINIDLNA_CONFIG_FILE" >> + service_start /usr/bin/minidlnad -f "$MINIDLNA_CONFIG_FILE" >> } >> >> stop() { >> - service_stop /usr/bin/minidlna >> + service_stop /usr/bin/minidlnad >> } > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] uhttpd with lua handler segfault
One more patch that I forgot - env.CONTENT_LENGTH is a string, so it needs a 'tonumber'. On Sun, Mar 17, 2013 at 4:28 PM, Catalin Patulea wrote: > For openwrt-devel: this is related to a segfault, then a lua > assertion, in luci-sgi-uhttpd when it is enabled. > > Here are some patches that helped with this. > > - Respect EXTRA_CFLAGS and EXTRA_LDFLAGS in lua and luci packages. > This came in handy to quickly rebuild with debug symbols without > changing config etc. (make package/lua/compile EXTRA_CFLAGS='-ggdb'). > I didn't need EXTRA_LDFLAGS but I added for completeness. > 0001-lua-respect-EXTRA_CFLAGS-and-EXTRA_LDFLAGS.patch - patch against > openwrt trunk > luci-respect-extra-flags.patch - patch against > svn.luci.subsignal.org/luci/trunk/contrib/package/luci > > - Pass -llua when building libuci, nixio and the luci template parser > module. This is the actual segfault fix. It was doing a call to NULL, > probably because dl wasn't resolving liblua symbols like > luaL_newmetatable. > 0002-uci-add-patch-to-pass-llua-when-building-libuci.so.patch > luci-pass-llua.patch > > The above add patches to each openwrt package, but I could reformat > them to patch the upstream repos if the maintainers are interested > (jow, nbd?). > > And finally, fix uhttpd.lua to not send firstline: > luci-uhttpd-nofirstline.patch > > Again, this is a patch against the package, but I can resend as an > upstream patch. > > With these, 'uhttpd -L /usr/lib/lua/luci/sgi/uhttpd.lua' works and > serves luci in-process. > > On Sun, Mar 17, 2013 at 3:59 PM, Catalin Patulea wrote: >> Hmm, looks like uhttpd.lua needs to be updated with some changes in >> uhttpd2 - the handler should no longer send the firstline of the >> response (HTTP/1.0 200 OK). >> >> I guess luci-sgi-uhttpd is not really used very much - I thought it >> would be very attractive on embedded systems to avoid fork'ing for >> each HTTP request. Can anyone comment on why the default is >> luci-sgi-cgi? >> >> On Sun, Mar 17, 2013 at 3:33 PM, Catalin Patulea wrote: >>> Well, I fixed the segfaults by adding -llua to a bunch of libraries, >>> but now I get a lua exception in browser: >>> >>> Content-Type: text/plain >>> Cache-Control: no-cache >>> Expires: 0 >>> >>> /usr/lib/lua/luci/sgi/uhttpd.lua:48: attempt to compare number with string >>> stack traceback: >>> /usr/lib/lua/luci/sgi/uhttpd.lua:48: in function 'src' >>> /usr/lib/lua/luci/ltn12.lua:368: in function 'step' >>> /usr/lib/lua/luci/http/protocol.lua:657: in function 'parse_message_body' >>> /usr/lib/lua/luci/http.lua:116: in function '_parse_input' >>> /usr/lib/lua/luci/http.lua:60: in function >>> (tail call): ? >>> /usr/lib/lua/luci/dispatcher.lua:148: in function 'authen' >>> /usr/lib/lua/luci/dispatcher.lua:370: in function 'dispatch' >>> /usr/lib/lua/luci/dispatcher.lua:195: in function >>> >>> >>> On Sun, Mar 17, 2013 at 2:14 PM, Catalin Patulea >>> wrote: >>>> I think this might be a missing dependency from nixio.so on liblua.so. >>>> >>>> uhttpd_lua.so does depend on it: >>>> $ mips-openwrt-linux-objdump -x uhttpd_lua.so | grep NEEDED >>>> NEEDED libcrypt.so.0 >>>> NEEDED liblua.so.5.1.5 >>>> NEEDED libm.so.0 >>>> NEEDED libdl.so.0 >>>> NEEDED libgcc_s.so.1 >>>> NEEDED libc.so.0 >>>> >>>> But nixio.so doesn't, so I think luaX symbols don't get resolved by dl: >>>> $ mips-openwrt-linux-objdump -x nixio.so | grep NEEDED >>>> NEEDED libcrypt.so.0 >>>> NEEDED libgcc_s.so.1 >>>> NEEDED libc.so.0 >>>> >>>> On Sun, Mar 17, 2013 at 1:34 PM, Catalin Patulea >>>> wrote: >>>>> Got nixio.so rebuilt with symbols, segfault is in >>>>> luci/libs/nixio/src/nixio.c: >>>>> >>>>> /* entry point */ >>>>> NIXIO_API int luaopen_nixio(lua_State *L) { >>>>> /* create metatable */ >>>>> luaL_newmetatable(L, NIXIO_META); // XXX segfault here >>>>> >>>>> >>>>> On Sun, Mar 17, 2013 at 1:12 PM, Catalin Patulea >>>>> wrote: >>>>>> I'm running r35995 and seeing uhttpd segfault at startup when the
Re: [OpenWrt-Devel] uhttpd with lua handler segfault
For openwrt-devel: this is related to a segfault, then a lua assertion, in luci-sgi-uhttpd when it is enabled. Here are some patches that helped with this. - Respect EXTRA_CFLAGS and EXTRA_LDFLAGS in lua and luci packages. This came in handy to quickly rebuild with debug symbols without changing config etc. (make package/lua/compile EXTRA_CFLAGS='-ggdb'). I didn't need EXTRA_LDFLAGS but I added for completeness. 0001-lua-respect-EXTRA_CFLAGS-and-EXTRA_LDFLAGS.patch - patch against openwrt trunk luci-respect-extra-flags.patch - patch against svn.luci.subsignal.org/luci/trunk/contrib/package/luci - Pass -llua when building libuci, nixio and the luci template parser module. This is the actual segfault fix. It was doing a call to NULL, probably because dl wasn't resolving liblua symbols like luaL_newmetatable. 0002-uci-add-patch-to-pass-llua-when-building-libuci.so.patch luci-pass-llua.patch The above add patches to each openwrt package, but I could reformat them to patch the upstream repos if the maintainers are interested (jow, nbd?). And finally, fix uhttpd.lua to not send firstline: luci-uhttpd-nofirstline.patch Again, this is a patch against the package, but I can resend as an upstream patch. With these, 'uhttpd -L /usr/lib/lua/luci/sgi/uhttpd.lua' works and serves luci in-process. On Sun, Mar 17, 2013 at 3:59 PM, Catalin Patulea wrote: > Hmm, looks like uhttpd.lua needs to be updated with some changes in > uhttpd2 - the handler should no longer send the firstline of the > response (HTTP/1.0 200 OK). > > I guess luci-sgi-uhttpd is not really used very much - I thought it > would be very attractive on embedded systems to avoid fork'ing for > each HTTP request. Can anyone comment on why the default is > luci-sgi-cgi? > > On Sun, Mar 17, 2013 at 3:33 PM, Catalin Patulea wrote: >> Well, I fixed the segfaults by adding -llua to a bunch of libraries, >> but now I get a lua exception in browser: >> >> Content-Type: text/plain >> Cache-Control: no-cache >> Expires: 0 >> >> /usr/lib/lua/luci/sgi/uhttpd.lua:48: attempt to compare number with string >> stack traceback: >> /usr/lib/lua/luci/sgi/uhttpd.lua:48: in function 'src' >> /usr/lib/lua/luci/ltn12.lua:368: in function 'step' >> /usr/lib/lua/luci/http/protocol.lua:657: in function 'parse_message_body' >> /usr/lib/lua/luci/http.lua:116: in function '_parse_input' >> /usr/lib/lua/luci/http.lua:60: in function >> (tail call): ? >> /usr/lib/lua/luci/dispatcher.lua:148: in function 'authen' >> /usr/lib/lua/luci/dispatcher.lua:370: in function 'dispatch' >> /usr/lib/lua/luci/dispatcher.lua:195: in function >> >> >> On Sun, Mar 17, 2013 at 2:14 PM, Catalin Patulea wrote: >>> I think this might be a missing dependency from nixio.so on liblua.so. >>> >>> uhttpd_lua.so does depend on it: >>> $ mips-openwrt-linux-objdump -x uhttpd_lua.so | grep NEEDED >>> NEEDED libcrypt.so.0 >>> NEEDED liblua.so.5.1.5 >>> NEEDED libm.so.0 >>> NEEDED libdl.so.0 >>> NEEDED libgcc_s.so.1 >>> NEEDED libc.so.0 >>> >>> But nixio.so doesn't, so I think luaX symbols don't get resolved by dl: >>> $ mips-openwrt-linux-objdump -x nixio.so | grep NEEDED >>> NEEDED libcrypt.so.0 >>> NEEDED libgcc_s.so.1 >>> NEEDED libc.so.0 >>> >>> On Sun, Mar 17, 2013 at 1:34 PM, Catalin Patulea >>> wrote: >>>> Got nixio.so rebuilt with symbols, segfault is in >>>> luci/libs/nixio/src/nixio.c: >>>> >>>> /* entry point */ >>>> NIXIO_API int luaopen_nixio(lua_State *L) { >>>> /* create metatable */ >>>> luaL_newmetatable(L, NIXIO_META); // XXX segfault here >>>> >>>> >>>> On Sun, Mar 17, 2013 at 1:12 PM, Catalin Patulea >>>> wrote: >>>>> I'm running r35995 and seeing uhttpd segfault at startup when the Lua >>>>> handler is enabled: >>>>> >>>>> # /usr/sbin/uhttpd -f -h /www -r gate -l / >>>>> luci -L /usr/lib/lua/luci/sgi/uhttpd.lua -t 60 -T 30 -A 1 -n 3 -p >>>>> 0.0.0.0:80 >>>>> Segmentation fault >>>>> >>>>> I ran it under gdbserver, here's a backtrace: >>>>> (gdb) bt >>>>> #0 0x in ?? () >>>>> #1 0x77e6c18c in luaopen_nixio () from >>>>> staging_dir/target-mips_r2_uClibc-0.9.33.2/roo
[OpenWrt-Devel] [PATCH] samba: don't start nmbd if 'disable netbios = yes'.
nmbd is not needed when name resolution is handled externally eg. by DNS. 'disable netbios' is supported by eg. Debian to disable nmbd in init scripts: http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/raring/samba/raring/view/head:/debian/samba.nmbd.upstart#L14 Signed-off-by: Catalin Patulea --- package/network/services/samba36/files/samba.init |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package/network/services/samba36/files/samba.init b/package/network/services/samba36/files/samba.init index 61398d8..2aefb3c 100755 --- a/package/network/services/samba36/files/samba.init +++ b/package/network/services/samba36/files/samba.init @@ -88,7 +88,7 @@ start() { config_foreach smb_header samba config_foreach smb_add_share sambashare service_start /usr/sbin/smbd -D - service_start /usr/sbin/nmbd -D + egrep -q 'disable.+netbios.*=.*(true|yes|1)' /var/etc/smb.conf || service_start /usr/sbin/nmbd -D } stop() { -- 1.7.9.5 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] BCM Tag Problem: Re: [OpenWrt-Commits] r34230 - in trunk/target/linux: brcm63xx/patches-3.6 generic/patches-3.6
Hi, thanks for noticing this. I should probably get on openwrt-commits. Kaloz, the original discussion is here: https://lists.openwrt.org/pipermail/openwrt-devel/2012-October/017178.html On Sun, Nov 18, 2012 at 6:25 PM, Daniel Dickinson < dan...@cshore.neomailbox.net> wrote: > I think Kaloz missed the discussion of why this > was in generic not brcm63xx. > > Regards, > > Daniel > > On 18/11/2012 4:22 AM, openwrt-comm...@openwrt.org wrote: > > Author: kaloz > > Date: 2012-11-18 10:22:38 +0100 (Sun, 18 Nov 2012) > > New Revision: 34230 > > > > Added: > >trunk/target/linux/brcm63xx/patches-3.6/260-move_bcm963xx_tag.patch > > Removed: > >trunk/target/linux/generic/patches-3.6/260-move_bcm963xx_tag.patch > > Log: > > target specific patches have nothing to do in generic.. > > > > Copied: > trunk/target/linux/brcm63xx/patches-3.6/260-move_bcm963xx_tag.patch (from > rev 34224, > trunk/target/linux/generic/patches-3.6/260-move_bcm963xx_tag.patch) > > === > > --- trunk/target/linux/brcm63xx/patches-3.6/260-move_bcm963xx_tag.patch > (rev 0) > > +++ trunk/target/linux/brcm63xx/patches-3.6/260-move_bcm963xx_tag.patch > 2012-11-18 09:22:38 UTC (rev 34230) > > @@ -0,0 +1,219 @@ > > +--- a/arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h > > /dev/null > > +@@ -1,96 +0,0 @@ > > +-#ifndef __BCM963XX_TAG_H > > +-#define __BCM963XX_TAG_H > > +- > > +-#define TAGVER_LEN 4 /* Length of Tag Version */ > > +-#define TAGLAYOUT_LEN 4 /* Length of > FlashLayoutVer */ > > +-#define SIG1_LEN20 /* Company Signature 1 Length */ > > +-#define SIG2_LEN14 /* Company Signature 2 Length */ > > +-#define BOARDID_LEN 16 /* Length of BoardId */ > > +-#define ENDIANFLAG_LEN 2 /* Endian Flag Length */ > > +-#define CHIPID_LEN 6 /* Chip Id Length */ > > +-#define IMAGE_LEN 10 /* Length of Length Field */ > > +-#define ADDRESS_LEN 12 /* Length of Address field */ > > +-#define DUALFLAG_LEN2 /* Dual Image flag Length > */ > > +-#define INACTIVEFLAG_LEN2 /* Inactie Flag Length */ > > +-#define RSASIG_LEN 20 /* Length of RSA Signature in tag > */ > > +-#define TAGINFO1_LEN30 /* Length of vendor > information field1 in tag */ > > +-#define FLASHLAYOUTVER_LEN 4 /* Length of Flash Layout Version > String tag */ > > +-#define TAGINFO2_LEN16 /* Length of vendor > information field2 in tag */ > > +-#define ALTTAGINFO_LEN 54 /* Alternate length for > vendor information; Pirelli */ > > +- > > +-#define NUM_PIRELLI 2 > > +-#define IMAGETAG_CRC_START 0x > > +- > > +-#define PIRELLI_BOARDS { \ > > +-"AGPF-S0", \ > > +-"DWV-S0", \ > > +-} > > +- > > +-/* > > +- * The broadcom firmware assumes the rootfs starts the image, > > +- * therefore uses the rootfs start (flash_image_address) > > +- * to determine where to flash the image. Since we have the kernel > first > > +- * we have to give it the kernel address, but the crc uses the length > > +- * associated with this address (root_length), which is added to the > kernel > > +- * length (kernel_length) to determine the length of image to flash > and thus > > +- * needs to be rootfs + deadcode (jffs2 EOF marker) > > +-*/ > > +- > > +-struct bcm_tag { > > +-/* 0-3: Version of the image tag */ > > +-char tag_version[TAGVER_LEN]; > > +-/* 4-23: Company Line 1 */ > > +-char sig_1[SIG1_LEN]; > > +-/* 24-37: Company Line 2 */ > > +-char sig_2[SIG2_LEN]; > > +-/* 38-43: Chip this image is for */ > > +-char chip_id[CHIPID_LEN]; > > +-/* 44-59: Board name */ > > +-char board_id[BOARDID_LEN]; > > +-/* 60-61: Map endianness -- 1 BE 0 LE */ > > +-char big_endian[ENDIANFLAG_LEN]; > > +-/* 62-71: Total length of image */ > > +-char total_length[IMAGE_LEN]; > > +-/* 72-83: Address in memory of CFE */ > > +-char cfe__address[ADDRESS_LEN]; > > +-/* 84-93: Size of CFE */ > > +-char cfe_length[IMAGE_LEN]; > > +-/* 94-105: Address in memory of image start > > +- * (kernel for OpenWRT, rootfs for stock firmware) > > +- */ > > +-char flash_image_start[ADDRESS_LEN]; > > +-/* 106-115: Size of rootfs */ > > +-char root_length[IMAGE_LEN]; > > +-/* 116-127: Address in memory of kernel */ > > +-char kernel_address[ADDRESS_LEN]; > > +-/* 128-137: Size of kernel */ > > +-char kernel_length[IMAGE_LEN]; > > +-/* 138-139: Unused at the moment */ > > +-char dual_image[DUALFLAG_LEN]; > > +-/* 140-141: Unused at the moment */ > > +-char inactive_flag[INACTIVEFLAG_LEN]; > > +-/* 142-161: RSA Signature (not used; some vendors may use this) */ > > +-char rsa_signature[RSASIG_LEN]; > > +-/* 162-191: Compilation and related
Re: [OpenWrt-Devel] [PATCHv2] [brcm36xx] export bcm963xx_tag.h to userspace so that mtd can use it without warning
What was the problem? I didn't have any issues with target/linux/{clean,prepare}. Where should I submit upstream? Is there a brcm or mtd specific mailing list? On Nov 6, 2012 10:25 AM, "Jonas Gorski" wrote: > On 6 November 2012 06:23, Catalin Patulea wrote: > > > > Signed-off-by: Catalin Patulea > > --- > > Give this a try please? > > Still fails while applying patches/building. But since bcm63xx is > currently broken because of mtd, I fixed it up and ported it to 3.6; > committed in r34103. Please still submit this upstream. > > Regards > Jonas > ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCHv2] [brcm36xx] export bcm963xx_tag.h to userspace so that mtd can use it without warning
Signed-off-by: Catalin Patulea --- Give this a try please? package/mtd/Makefile |2 +- package/mtd/src/imagetag.c |2 +- .../405-bcm963xx_real_rootfs_length.patch |4 +- ...30-MTD-bcm63xxpart-use-nvram-for-PSI-size.patch |2 +- .../patches-3.3/115-move_bcm963xx_tag.patch| 220 5 files changed, 225 insertions(+), 5 deletions(-) create mode 100644 target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch diff --git a/package/mtd/Makefile b/package/mtd/Makefile index f429128..9304c78 100644 --- a/package/mtd/Makefile +++ b/package/mtd/Makefile @@ -38,7 +38,7 @@ endef target=$(firstword $(subst -, ,$(BOARD))) MAKE_FLAGS += TARGET="$(target)" -TARGET_CFLAGS := $(TARGET_CFLAGS) -Dtarget_$(target)=1 -Wall +TARGET_CFLAGS += -Dtarget_$(target)=1 -Wall ifdef CONFIG_MTD_REDBOOT_PARTS MAKE_FLAGS += FIS_SUPPORT=1 diff --git a/package/mtd/src/imagetag.c b/package/mtd/src/imagetag.c index 9f5c193..a53c17a 100644 --- a/package/mtd/src/imagetag.c +++ b/package/mtd/src/imagetag.c @@ -32,7 +32,7 @@ #include #include -#include <../arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h> +#include #include "mtd.h" #include "crc32.h" diff --git a/target/linux/brcm63xx/patches-3.3/405-bcm963xx_real_rootfs_length.patch b/target/linux/brcm63xx/patches-3.3/405-bcm963xx_real_rootfs_length.patch index 856b9e2..f0e6c4c 100644 --- a/target/linux/brcm63xx/patches-3.3/405-bcm963xx_real_rootfs_length.patch +++ b/target/linux/brcm63xx/patches-3.3/405-bcm963xx_real_rootfs_length.patch @@ -1,5 +1,5 @@ a/arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h -+++ b/arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h +--- a/include/linux/bcm963xx_tag.h b/include/linux/bcm963xx_tag.h @@ -85,8 +85,10 @@ struct bcm_tag { __u32 rootfs_crc; /* 224-227: CRC32 of kernel partition */ diff --git a/target/linux/brcm63xx/patches-3.3/430-MTD-bcm63xxpart-use-nvram-for-PSI-size.patch b/target/linux/brcm63xx/patches-3.3/430-MTD-bcm63xxpart-use-nvram-for-PSI-size.patch index 5ca6f47..fd1bfc4 100644 --- a/target/linux/brcm63xx/patches-3.3/430-MTD-bcm63xxpart-use-nvram-for-PSI-size.patch +++ b/target/linux/brcm63xx/patches-3.3/430-MTD-bcm63xxpart-use-nvram-for-PSI-size.patch @@ -14,7 +14,7 @@ Subject: [PATCH 62/79] MTD: bcm63xxpart: use nvram for PSI size #include +#include - #include + #include #include @@ -90,7 +91,8 @@ static int bcm63xx_parse_cfe_partitions( diff --git a/target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch b/target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch new file mode 100644 index 000..da27fb6 --- /dev/null +++ b/target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch @@ -0,0 +1,220 @@ +--- a/arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h b/arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h +@@ -1,96 +1 @@ +-#ifndef __BCM963XX_TAG_H +-#define __BCM963XX_TAG_H +- +-#define TAGVER_LEN4 /* Length of Tag Version */ +-#define TAGLAYOUT_LEN 4 /* Length of FlashLayoutVer */ +-#define SIG1_LEN 20 /* Company Signature 1 Length */ +-#define SIG2_LEN 14 /* Company Signature 2 Length */ +-#define BOARDID_LEN 16 /* Length of BoardId */ +-#define ENDIANFLAG_LEN2 /* Endian Flag Length */ +-#define CHIPID_LEN6 /* Chip Id Length */ +-#define IMAGE_LEN 10 /* Length of Length Field */ +-#define ADDRESS_LEN 12 /* Length of Address field */ +-#define DUALFLAG_LEN 2 /* Dual Image flag Length */ +-#define INACTIVEFLAG_LEN 2 /* Inactie Flag Length */ +-#define RSASIG_LEN20 /* Length of RSA Signature in tag */ +-#define TAGINFO1_LEN 30 /* Length of vendor information field1 in tag */ +-#define FLASHLAYOUTVER_LEN4 /* Length of Flash Layout Version String tag */ +-#define TAGINFO2_LEN 16 /* Length of vendor information field2 in tag */ +-#define ALTTAGINFO_LEN54 /* Alternate length for vendor information; Pirelli */ +- +-#define NUM_PIRELLI 2 +-#define IMAGETAG_CRC_START0x +- +-#define PIRELLI_BOARDS { \ +- "AGPF-S0", \ +- "DWV-S0", \ +-} +- +-/* +- * The broadcom firmware assumes the rootfs starts the image, +- * therefore uses the rootfs start (flash_image_address) +- * to determine where to flash the image. Since we have the kernel first +- * we have to give it the kernel address, but the crc uses the length +- * associated with this address (root_length), which is added to the kernel +- * length (kernel_length) to determine the length of image to flash and thus +- * needs to be rootfs + deadcode (jffs2 EOF marker) +-*/ +- +-struct bcm_tag { +- /* 0-3: Version of the image tag */ +- char
[OpenWrt-Devel] [PATCH] [brcm36xx] export bcm963xx_tag.h to userspace so that mtd can use it without warning
Signed-off-by: Catalin Patulea --- Applies on r34076 (fcc9eda), also tested with 'make package/mtd/compile' and 'make target/linux/{clean,prepare}'. package/mtd/Makefile |2 +- package/mtd/src/imagetag.c |2 +- .../patches-3.3/115-move_bcm963xx_tag.patch| 220 3 files changed, 222 insertions(+), 2 deletions(-) create mode 100644 target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch diff --git a/package/mtd/Makefile b/package/mtd/Makefile index f429128..9304c78 100644 --- a/package/mtd/Makefile +++ b/package/mtd/Makefile @@ -38,7 +38,7 @@ endef target=$(firstword $(subst -, ,$(BOARD))) MAKE_FLAGS += TARGET="$(target)" -TARGET_CFLAGS := $(TARGET_CFLAGS) -Dtarget_$(target)=1 -Wall +TARGET_CFLAGS += -Dtarget_$(target)=1 -Wall ifdef CONFIG_MTD_REDBOOT_PARTS MAKE_FLAGS += FIS_SUPPORT=1 diff --git a/package/mtd/src/imagetag.c b/package/mtd/src/imagetag.c index 9f5c193..a53c17a 100644 --- a/package/mtd/src/imagetag.c +++ b/package/mtd/src/imagetag.c @@ -32,7 +32,7 @@ #include #include -#include <../arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h> +#include #include "mtd.h" #include "crc32.h" diff --git a/target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch b/target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch new file mode 100644 index 000..da27fb6 --- /dev/null +++ b/target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch @@ -0,0 +1,220 @@ +--- a/arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h b/arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h +@@ -1,96 +1 @@ +-#ifndef __BCM963XX_TAG_H +-#define __BCM963XX_TAG_H +- +-#define TAGVER_LEN4 /* Length of Tag Version */ +-#define TAGLAYOUT_LEN 4 /* Length of FlashLayoutVer */ +-#define SIG1_LEN 20 /* Company Signature 1 Length */ +-#define SIG2_LEN 14 /* Company Signature 2 Length */ +-#define BOARDID_LEN 16 /* Length of BoardId */ +-#define ENDIANFLAG_LEN2 /* Endian Flag Length */ +-#define CHIPID_LEN6 /* Chip Id Length */ +-#define IMAGE_LEN 10 /* Length of Length Field */ +-#define ADDRESS_LEN 12 /* Length of Address field */ +-#define DUALFLAG_LEN 2 /* Dual Image flag Length */ +-#define INACTIVEFLAG_LEN 2 /* Inactie Flag Length */ +-#define RSASIG_LEN20 /* Length of RSA Signature in tag */ +-#define TAGINFO1_LEN 30 /* Length of vendor information field1 in tag */ +-#define FLASHLAYOUTVER_LEN4 /* Length of Flash Layout Version String tag */ +-#define TAGINFO2_LEN 16 /* Length of vendor information field2 in tag */ +-#define ALTTAGINFO_LEN54 /* Alternate length for vendor information; Pirelli */ +- +-#define NUM_PIRELLI 2 +-#define IMAGETAG_CRC_START0x +- +-#define PIRELLI_BOARDS { \ +- "AGPF-S0", \ +- "DWV-S0", \ +-} +- +-/* +- * The broadcom firmware assumes the rootfs starts the image, +- * therefore uses the rootfs start (flash_image_address) +- * to determine where to flash the image. Since we have the kernel first +- * we have to give it the kernel address, but the crc uses the length +- * associated with this address (root_length), which is added to the kernel +- * length (kernel_length) to determine the length of image to flash and thus +- * needs to be rootfs + deadcode (jffs2 EOF marker) +-*/ +- +-struct bcm_tag { +- /* 0-3: Version of the image tag */ +- char tag_version[TAGVER_LEN]; +- /* 4-23: Company Line 1 */ +- char sig_1[SIG1_LEN]; +- /* 24-37: Company Line 2 */ +- char sig_2[SIG2_LEN]; +- /* 38-43: Chip this image is for */ +- char chip_id[CHIPID_LEN]; +- /* 44-59: Board name */ +- char board_id[BOARDID_LEN]; +- /* 60-61: Map endianness -- 1 BE 0 LE */ +- char big_endian[ENDIANFLAG_LEN]; +- /* 62-71: Total length of image */ +- char total_length[IMAGE_LEN]; +- /* 72-83: Address in memory of CFE */ +- char cfe__address[ADDRESS_LEN]; +- /* 84-93: Size of CFE */ +- char cfe_length[IMAGE_LEN]; +- /* 94-105: Address in memory of image start +- * (kernel for OpenWRT, rootfs for stock firmware) +- */ +- char flash_image_start[ADDRESS_LEN]; +- /* 106-115: Size of rootfs */ +- char root_length[IMAGE_LEN]; +- /* 116-127: Address in memory of kernel */ +- char kernel_address[ADDRESS_LEN]; +- /* 128-137: Size of kernel */ +- char kernel_length[IMAGE_LEN]; +- /* 138-139: Unused at the moment */ +- char dual_image[DUALFLAG_LEN]; +- /* 140-141: Unused at the moment */ +- char inactive_flag[INACTIVEFLAG_LEN]; +- /* 142-161: RSA Signature (not used; some vendors may use this
Re: [OpenWrt-Devel] [PATCH] [brcm36xx] export bcm963xx_tag.h to userspace so that mtd can use it without warning
On Thu, Nov 1, 2012 at 8:25 AM, Jonas Gorski wrote: > Also I'm not sure the location is correct - maybe it should rather be > linux/mtd/bcm963xx_tag.h or mtd/bcm963xx_tag.h something like that - > linux/ is just so ... generic. Hmm, maybe.. but I don't see any clear precedent for linux/mtd, and myloader.h was in linux/mtd so I figured better to keep all instances in one place. If at some point there is a clear reason to move to linux/mtd, they can all be moved at once. What do you think? > Also, can you please submit this upstream, too? I think the idea is > good, it's just some details that need to be fixed. Sounds good, will do. I'll wait until we iron out the kinks here though? > Oh, and don't forget that there is a linux-3.6 also in trunk. Same - I'll get the patch cleaned up for the current linux, then I will port to linux-3.6. I guess 3.6 introduces UAPI, so that might be a different beast entirely. Patch refresh for master to follow shortly. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] [brcm36xx] export bcm963xx_tag.h to userspace so that mtd can use it without warning
Ping? On Fri, Oct 26, 2012 at 12:13 AM, Catalin Patulea wrote: > > Signed-off-by: Catalin Patulea > --- > Unlikely myloader.h, bcm963xx_tag.h was already in the kernel tree, so to move > it, I didn't want to have the patch remove it and to add it through files - so > the patch does both. It should be easier to update if bcm963xx_tag.h changes > upstream. > > The patch is in linux/generic because if it were in brcm63xx, then > non-brcm63xx > builds would still emit the warning. > > You have to run 'make toolchain/kernel-headers/{clean,install}' after applying > this so the toolchain refreshes exported headers from the kernel and places > them somewhere in the include path. > > Build tested on malta_be and brcm63xx. > > package/mtd/Makefile |2 +- > package/mtd/src/imagetag.c |2 +- > .../patches-3.3/115-move_bcm963xx_tag.patch| 220 > > 3 files changed, 222 insertions(+), 2 deletions(-) > create mode 100644 > target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch > > diff --git a/package/mtd/Makefile b/package/mtd/Makefile > index c6b94ff..9304c78 100644 > --- a/package/mtd/Makefile > +++ b/package/mtd/Makefile > @@ -38,7 +38,7 @@ endef > target=$(firstword $(subst -, ,$(BOARD))) > > MAKE_FLAGS += TARGET="$(target)" > -TARGET_CFLAGS := -I$(LINUX_DIR)/include $(TARGET_CFLAGS) > -Dtarget_$(target)=1 -Wall > +TARGET_CFLAGS += -Dtarget_$(target)=1 -Wall > > ifdef CONFIG_MTD_REDBOOT_PARTS >MAKE_FLAGS += FIS_SUPPORT=1 > diff --git a/package/mtd/src/imagetag.c b/package/mtd/src/imagetag.c > index 9f5c193..a53c17a 100644 > --- a/package/mtd/src/imagetag.c > +++ b/package/mtd/src/imagetag.c > @@ -32,7 +32,7 @@ > > #include > #include > -#include <../arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h> > +#include > > #include "mtd.h" > #include "crc32.h" > diff --git a/target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch > b/target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch > new file mode 100644 > index 000..da27fb6 > --- /dev/null > +++ b/target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch > @@ -0,0 +1,220 @@ > +--- a/arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h > b/arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h > +@@ -1,96 +1 @@ > +-#ifndef __BCM963XX_TAG_H > +-#define __BCM963XX_TAG_H > +- > +-#define TAGVER_LEN4 /* Length of Tag Version */ > +-#define TAGLAYOUT_LEN 4 /* Length of FlashLayoutVer */ > +-#define SIG1_LEN 20 /* Company Signature 1 Length */ > +-#define SIG2_LEN 14 /* Company Signature 2 Length */ > +-#define BOARDID_LEN 16 /* Length of BoardId */ > +-#define ENDIANFLAG_LEN2 /* Endian Flag Length */ > +-#define CHIPID_LEN6 /* Chip Id Length */ > +-#define IMAGE_LEN 10 /* Length of Length Field */ > +-#define ADDRESS_LEN 12 /* Length of Address field */ > +-#define DUALFLAG_LEN 2 /* Dual Image flag Length */ > +-#define INACTIVEFLAG_LEN 2 /* Inactie Flag Length */ > +-#define RSASIG_LEN20 /* Length of RSA Signature in tag */ > +-#define TAGINFO1_LEN 30 /* Length of vendor information > field1 in tag */ > +-#define FLASHLAYOUTVER_LEN4 /* Length of Flash Layout Version > String tag */ > +-#define TAGINFO2_LEN 16 /* Length of vendor information > field2 in tag */ > +-#define ALTTAGINFO_LEN54 /* Alternate length for > vendor information; Pirelli */ > +- > +-#define NUM_PIRELLI 2 > +-#define IMAGETAG_CRC_START0x > +- > +-#define PIRELLI_BOARDS { \ > +- "AGPF-S0", \ > +- "DWV-S0", \ > +-} > +- > +-/* > +- * The broadcom firmware assumes the rootfs starts the image, > +- * therefore uses the rootfs start (flash_image_address) > +- * to determine where to flash the image. Since we have the kernel first > +- * we have to give it the kernel address, but the crc uses the length > +- * associated with this address (root_length), which is added to the kernel > +- * length (kernel_length) to determine the length of image to flash and thus > +- * needs to be rootfs + deadcode (jffs2 EOF marker) > +-*/ > +- > +-struct bcm_tag { > +- /* 0-3: Version of the image tag */ > +- char tag_version[TAGVER_LEN]; > +- /* 4-23: Company Line 1 */ > +- char sig_1[SIG1_LEN]; > +- /* 24-37: Company Line 2 */ > +- char sig_2[SIG2_LEN]; > +-
Re: [OpenWrt-Devel] [PATCH] packages: update dropbear
On Mon, Oct 29, 2012 at 5:30 AM, Roman Yeryomin wrote: > Bump dropbear version. > 400-CVE-2012-0920.patch is now in upstream. Beat you to it ;-) And with more Makefile cleanup goodness: https://lists.openwrt.org/pipermail/openwrt-devel/2012-October/017128.html ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] [brcm36xx] export bcm963xx_tag.h to userspace so that mtd can use it without warning
Signed-off-by: Catalin Patulea --- Unlikely myloader.h, bcm963xx_tag.h was already in the kernel tree, so to move it, I didn't want to have the patch remove it and to add it through files - so the patch does both. It should be easier to update if bcm963xx_tag.h changes upstream. The patch is in linux/generic because if it were in brcm63xx, then non-brcm63xx builds would still emit the warning. You have to run 'make toolchain/kernel-headers/{clean,install}' after applying this so the toolchain refreshes exported headers from the kernel and places them somewhere in the include path. Build tested on malta_be and brcm63xx. package/mtd/Makefile |2 +- package/mtd/src/imagetag.c |2 +- .../patches-3.3/115-move_bcm963xx_tag.patch| 220 3 files changed, 222 insertions(+), 2 deletions(-) create mode 100644 target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch diff --git a/package/mtd/Makefile b/package/mtd/Makefile index c6b94ff..9304c78 100644 --- a/package/mtd/Makefile +++ b/package/mtd/Makefile @@ -38,7 +38,7 @@ endef target=$(firstword $(subst -, ,$(BOARD))) MAKE_FLAGS += TARGET="$(target)" -TARGET_CFLAGS := -I$(LINUX_DIR)/include $(TARGET_CFLAGS) -Dtarget_$(target)=1 -Wall +TARGET_CFLAGS += -Dtarget_$(target)=1 -Wall ifdef CONFIG_MTD_REDBOOT_PARTS MAKE_FLAGS += FIS_SUPPORT=1 diff --git a/package/mtd/src/imagetag.c b/package/mtd/src/imagetag.c index 9f5c193..a53c17a 100644 --- a/package/mtd/src/imagetag.c +++ b/package/mtd/src/imagetag.c @@ -32,7 +32,7 @@ #include #include -#include <../arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h> +#include #include "mtd.h" #include "crc32.h" diff --git a/target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch b/target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch new file mode 100644 index 000..da27fb6 --- /dev/null +++ b/target/linux/generic/patches-3.3/115-move_bcm963xx_tag.patch @@ -0,0 +1,220 @@ +--- a/arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h b/arch/mips/include/asm/mach-bcm63xx/bcm963xx_tag.h +@@ -1,96 +1 @@ +-#ifndef __BCM963XX_TAG_H +-#define __BCM963XX_TAG_H +- +-#define TAGVER_LEN4 /* Length of Tag Version */ +-#define TAGLAYOUT_LEN 4 /* Length of FlashLayoutVer */ +-#define SIG1_LEN 20 /* Company Signature 1 Length */ +-#define SIG2_LEN 14 /* Company Signature 2 Length */ +-#define BOARDID_LEN 16 /* Length of BoardId */ +-#define ENDIANFLAG_LEN2 /* Endian Flag Length */ +-#define CHIPID_LEN6 /* Chip Id Length */ +-#define IMAGE_LEN 10 /* Length of Length Field */ +-#define ADDRESS_LEN 12 /* Length of Address field */ +-#define DUALFLAG_LEN 2 /* Dual Image flag Length */ +-#define INACTIVEFLAG_LEN 2 /* Inactie Flag Length */ +-#define RSASIG_LEN20 /* Length of RSA Signature in tag */ +-#define TAGINFO1_LEN 30 /* Length of vendor information field1 in tag */ +-#define FLASHLAYOUTVER_LEN4 /* Length of Flash Layout Version String tag */ +-#define TAGINFO2_LEN 16 /* Length of vendor information field2 in tag */ +-#define ALTTAGINFO_LEN54 /* Alternate length for vendor information; Pirelli */ +- +-#define NUM_PIRELLI 2 +-#define IMAGETAG_CRC_START0x +- +-#define PIRELLI_BOARDS { \ +- "AGPF-S0", \ +- "DWV-S0", \ +-} +- +-/* +- * The broadcom firmware assumes the rootfs starts the image, +- * therefore uses the rootfs start (flash_image_address) +- * to determine where to flash the image. Since we have the kernel first +- * we have to give it the kernel address, but the crc uses the length +- * associated with this address (root_length), which is added to the kernel +- * length (kernel_length) to determine the length of image to flash and thus +- * needs to be rootfs + deadcode (jffs2 EOF marker) +-*/ +- +-struct bcm_tag { +- /* 0-3: Version of the image tag */ +- char tag_version[TAGVER_LEN]; +- /* 4-23: Company Line 1 */ +- char sig_1[SIG1_LEN]; +- /* 24-37: Company Line 2 */ +- char sig_2[SIG2_LEN]; +- /* 38-43: Chip this image is for */ +- char chip_id[CHIPID_LEN]; +- /* 44-59: Board name */ +- char board_id[BOARDID_LEN]; +- /* 60-61: Map endianness -- 1 BE 0 LE */ +- char big_endian[ENDIANFLAG_LEN]; +- /* 62-71: Total length of image */ +- char total_length[IMAGE_LEN]; +- /* 72-83: Address in memory of CFE */ +- char cfe__address[ADDRESS_LEN]; +- /* 84-93: Size of CFE */ +- char cfe_length[IMAGE_LEN]; +- /* 94-105: Address in memory of image start +- * (kernel for OpenWRT, rootfs for stock firmware) +- */ +- char flash_image
Re: [OpenWrt-Devel] mtd: #warning "Attempt to use kernel headers from user space" [was: base-files: preinit scripts issue and mtd-utils package]
On Thu, Oct 25, 2012 at 5:02 AM, Florian Fainelli wrote: > Sure, something along those lines I suppose: > - get rid of the explicit including path of $(LINUX_DIR)/include > - use Kbuild to export bcm963xx_tag.h > > The latter does not seem too easy to do considering where the bcm963xx_tag.h > header file is being located, but we could probably move it somewhere else and > use Kbuild to export this file to user-space. Yeah, I suspected the same initially. I found myloader to be a useful example: https://dev.openwrt.org/browser/trunk/target/linux/generic/files/include/linux/myloader.h https://dev.openwrt.org/browser/trunk/target/linux/generic/files/drivers/mtd/myloader.c They don't export this header to userspace (this is just one line in Kbuild), but it's a fairly arch-specific partition table layout and yet it lives in . ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] mtd: #warning "Attempt to use kernel headers from user space" [was: base-files: preinit scripts issue and mtd-utils package]
On Tue, Oct 23, 2012 at 10:10 PM, Catalin Patulea wrote: > Have you had luck with your patch on a recent-ish trunk? Ah, my build problem was related to an attempt to build kernel 3.4, which left some 3.4 installed in the toolchain. The mtd package was additionally including files from the kernel tree explicitly, which was 3.3 since I had reverted back from 3.4. Some definitions got moved around so this resulted in a double-definition of kernel_fsid. The mtd build still emits this warning though: /home/catalinp/src/openwrt/build_dir/linux-malta_be/linux-3.3.8/include/linux/types.h:13:2: warning: #warning "Attempt to use kernel headers from user space, see http://kernelnewbies.org/KernelHeaders"; I think I know how to fix the warning - but if I send a patch out, are there any devs willing to review? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] base-files: preinit scripts issue and mtd-utils package
On Mon, Oct 22, 2012 at 11:51 AM, Roman Yeryomin wrote: > https://lists.openwrt.org/pipermail/openwrt-devel/2011-September/012184.html Right, that's basically the same modification I was trying too.. except it doesn't compile: $ make package/mtd/compile V=s [...] ccache_cc [...] -c -o mtd.o mtd.c In file included from /home/catalinp/src/openwrt/build_dir/linux-ar71xx_generic/linux-3.3.8/include/mtd/mtd-abi.h:23:0, from /home/catalinp/src/openwrt/build_dir/linux-ar71xx_generic/linux-3.3.8/include/mtd/mtd-user.h:26, from mtd.c:44: /home/catalinp/src/openwrt/build_dir/linux-ar71xx_generic/linux-3.3.8/include/linux/types.h:13:2: warning: #warning "Attempt to use kernel headers from user space, see http://kernelnewbies.org/KernelHeaders"; [-Wcpp] In file included from /home/catalinp/src/openwrt/staging_dir/toolchain-mips_r2_gcc-4.6-linaro_uClibc-0.9.33.2/lib/gcc/mips-openwrt-linux-uclibc/4.6.3/../../../../mips-openwrt-linux-uclibc/sys-include/asm/posix_types.h:35:0, from /home/catalinp/src/openwrt/build_dir/linux-ar71xx_generic/linux-3.3.8/include/linux/posix_types.h:47, from /home/catalinp/src/openwrt/build_dir/linux-ar71xx_generic/linux-3.3.8/include/linux/types.h:17, from /home/catalinp/src/openwrt/build_dir/linux-ar71xx_generic/linux-3.3.8/include/mtd/mtd-abi.h:23, from /home/catalinp/src/openwrt/build_dir/linux-ar71xx_generic/linux-3.3.8/include/mtd/mtd-user.h:26, from mtd.c:44: /home/catalinp/src/openwrt/build_dir/linux-ar71xx_generic/linux-3.3.8/include/asm-generic/posix_types.h:91:3: error: conflicting types for '__kernel_fsid_t' /home/catalinp/src/openwrt/staging_dir/toolchain-mips_r2_gcc-4.6-linaro_uClibc-0.9.33.2/lib/gcc/mips-openwrt-linux-uclibc/4.6.3/../../../../mips-openwrt-linux-uclibc/sys-include/asm/posix_types.h:31:3: note: previous declaration of '__kernel_fsid_t' was here mtd.c: In function 'mtd_write': mtd.c:495:1: warning: label 'done' defined but not used [-Wunused-label] make[3]: *** [mtd.o] Error 1 Have you had luck with your patch on a recent-ish trunk? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] base-files: preinit scripts issue and mtd-utils package
On Sun, Oct 21, 2012 at 2:26 PM, Catalin Patulea wrote: > Hope this helps :) If anyone knows some of the philosophy behind this, > I would be happy to hack away at some patches, but as it stands, I > don't have much to go on. An interesting example is myloader.h. It lives in (platform-independent) linux-X/include/linux/myloader.h and is used in (platform-dependent) drivers/mtd/myloader.c as "". It's not currently exported to userland, but I suspect a "header-y += myloader.h" in include/linux/Kbuild could accomplish that. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] base-files: preinit scripts issue and mtd-utils package
On Sun, Oct 21, 2012 at 9:24 AM, Petr Štetiar wrote: > Ok, sorry. I've meant "mtd" package, but wrote "mtd-utils". Anyway, the > conditions metioned in my previous email still apply. Without that "mtd" > package it's not possible to use jffs2 /overlay. I noticed that many of the system scripts use mtd, so to reflect this in the package metadata I tried to make mtd a dependency of base-files. This would mean that if you select base-files, you also get mtd, achieving the same effect as making mtd mandatory. Unfortunately, that broke the build, because mtd.c includes headers directly from the kernel tree instead of sticking to the exported headers only. I suspect this was introduced by this change: commit 6b08cfb731a86c548c93ae426a668f6336f4be17 Author: jogo Date: Mon Oct 8 09:59:47 2012 + package: mtd: use in-kernel bcm63xx image tag header Use the image tag header from the kernel instead of an external header file. openwrt exports kernel headers into build_dir/linux-X/linux-X.Y.Z/user_headers, but the bcm63xx header (bcm963xx_tag.h) is not present there. I don't know what the criteria for exporting a header is. Could be one of several things: 1) bcm963xx_tag.h might be missing something in the source code to get it exported. 2) mach (arch/X/include/asm/mach-X/*.h) headers, which is where bcm963xx_tag.h lives, might be treated specially. After all, the kernel probably doesn't want to expose a machine-dependent interface to userspace. 3) Some other reason I haven't considered because I have no real clue how any of this works. I also don't know why the dependency of base-files on mtd surfaced this problem. It must have changed the build order for some packages. I don't think just reverting the change is the right move either - we probably *do* want to share this header to avoid duplication. There must exist device interfaces that are conditioned on a specific machine, maybe this header just needs to be moved to a platform-independent include dir? Hope this helps :) If anyone knows some of the philosophy behind this, I would be happy to hack away at some patches, but as it stands, I don't have much to go on. Catalin ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] dropbear: update to 2012.55 and refresh patches
Upstream has a few code cleanups, more eagerly burns sensitive memory and includes the fix for CVE-2012-0920. Full changelog: https://matt.ucc.asn.au/dropbear/CHANGES Local changes: - Removed PKG_MULTI which is no longer in options.h (even before 2011.54) - Merged DO_HOST_LOOKUP into 120-openwrt_options.patch - Removed LD from make opts (now included in TARGET_CONFIGURE_OPTS) - Removed 400-CVE-2012-0920.patch which is included in 2012.55 Signed-off-by: Catalin Patulea --- package/network/services/dropbear/Makefile | 12 +-- .../dropbear/patches/110-change_user.patch |2 +- .../dropbear/patches/120-openwrt_options.patch |7 ++- .../dropbear/patches/140-disable_assert.patch |2 +- .../dropbear/patches/400-CVE-2012-0920.patch | 91 5 files changed, 10 insertions(+), 104 deletions(-) delete mode 100644 package/network/services/dropbear/patches/400-CVE-2012-0920.patch diff --git a/package/network/services/dropbear/Makefile b/package/network/services/dropbear/Makefile index cd5b368..b7708b1 100644 --- a/package/network/services/dropbear/Makefile +++ b/package/network/services/dropbear/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dropbear -PKG_VERSION:=2011.54 +PKG_VERSION:=2012.55 PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:= \ http://matt.ucc.asn.au/dropbear/releases/ \ http://www.mirrors.wiretapped.net/security/cryptography/apps/ssh/dropbear/ -PKG_MD5SUM:=c627ffe09570fad7aa94d8eac2b9320c +PKG_MD5SUM:=8c784baec3054cdb1bb4bfa792c87812 PKG_LICENSE:=MIT PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE @@ -72,21 +72,13 @@ CONFIGURE_ARGS += \ TARGET_CFLAGS += -DARGTYPE=3 -ffunction-sections -fdata-sections TARGET_LDFLAGS += -Wl,--gc-sections -define Build/Configure - $(SED) 's,^/\* #define PKG_MULTI.*,#define PKG_MULTI,g' $(PKG_BUILD_DIR)/options.h - $(SED) 's,^#define DO_HOST_LOOKUP,/* & */,g' $(PKG_BUILD_DIR)/options.h - $(call Build/Configure/Default) -endef - define Build/Compile +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ $(TARGET_CONFIGURE_OPTS) \ - LD="$(TARGET_CC)" \ PROGRAMS="dropbear dbclient dropbearkey scp" \ MULTI=1 SCPPROGRESS=1 +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ $(TARGET_CONFIGURE_OPTS) \ - LD="$(TARGET_CC)" \ PROGRAMS="dropbearconvert" endef diff --git a/package/network/services/dropbear/patches/110-change_user.patch b/package/network/services/dropbear/patches/110-change_user.patch index 55747bc..a354eda 100644 --- a/package/network/services/dropbear/patches/110-change_user.patch +++ b/package/network/services/dropbear/patches/110-change_user.patch @@ -1,6 +1,6 @@ --- a/svr-chansession.c +++ b/svr-chansession.c -@@ -884,12 +884,12 @@ static void execchild(void *user_data) { +@@ -891,12 +891,12 @@ static void execchild(void *user_data) { /* We can only change uid/gid as root ... */ if (getuid() == 0) { diff --git a/package/network/services/dropbear/patches/120-openwrt_options.patch b/package/network/services/dropbear/patches/120-openwrt_options.patch index 42204aa..977f631 100644 --- a/package/network/services/dropbear/patches/120-openwrt_options.patch +++ b/package/network/services/dropbear/patches/120-openwrt_options.patch @@ -47,7 +47,12 @@ #define DROPBEAR_MD5_HMAC /* Hostkey/public key algorithms - at least one required, these are used -@@ -148,7 +148,7 @@ much traffic. */ +@@ -144,11 +144,11 @@ much traffic. */ + #endif + + /* Whether to do reverse DNS lookups. */ +-#define DO_HOST_LOOKUP ++/*#define DO_HOST_LOOKUP*/ /* Whether to print the message of the day (MOTD). This doesn't add much code * size */ diff --git a/package/network/services/dropbear/patches/140-disable_assert.patch b/package/network/services/dropbear/patches/140-disable_assert.patch index e993763..e00184a 100644 --- a/package/network/services/dropbear/patches/140-disable_assert.patch +++ b/package/network/services/dropbear/patches/140-disable_assert.patch @@ -1,6 +1,6 @@ --- a/dbutil.h +++ b/dbutil.h -@@ -94,6 +94,10 @@ int m_str_to_uint(const char* str, unsig +@@ -93,6 +93,10 @@ int m_str_to_uint(const char* str, unsig #define DEF_MP_INT(X) mp_int X = {0, 0, 0, NULL} /* Dropbear assertion */ diff --git a/package/network/services/dropbear/patches/400-CVE-2012-0920.patch b/package/network/services/dropbear/patches/400-CVE-2012-0920.patch deleted file mode 100644 index 164909f..000 --- a/package/network/services/dropbear/patches/400-CVE-2012-0920.patch +++ /dev/null @@ -1,91 +0,0 @@ - -# HG changeset patch -# User Matt Johnston -# Date 1322947885 -28800 -# Node ID 818108bf7749bfecd4715a30e2583aac9dbe25e8 -# Parent 5e8d84f3ee7256d054ecf7e9f248765ccaa7f24f -- Fix use-after-free if
[OpenWrt-Devel] NLS configuration
Hi, I was wondering if anyone has some insight on the usage of --enable-nls and --disable-nls configure flags in OpenWrt. One of these flags is picked and passed to ./configure by default depending on CONFIG_ENABLE_LOCALE (unless the package overrides), but there's lots of packages that don't support either of these flags. Thanks, Catalin ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] [packages] cmus: fix build when sys/soundcard.h is missing on host.
--- I think upstream was trying to separate the "check for include file in system include dir" vs "check for include file in any dependent library's include paths". Ideally their configure script could be instructed to use something other than "/" as its idea of the root for system include dirs, but that would require passing an extra arg to configure, and seemed messy. This (using the "check in any -I dirs") seems like a reasonable compromise, as it piggybacks on paths that are already being passed in. .../patches/020-check_header_sys_soundcard.patch | 20 1 files changed, 20 insertions(+), 0 deletions(-) create mode 100644 sound/cmus/patches/020-check_header_sys_soundcard.patch diff --git a/sound/cmus/patches/020-check_header_sys_soundcard.patch b/sound/cmus/patches/020-check_header_sys_soundcard.patch new file mode 100644 index 000..c17d6ea --- /dev/null +++ b/sound/cmus/patches/020-check_header_sys_soundcard.patch @@ -0,0 +1,20 @@ +--- a/configure b/configure +@@ -244,16 +244,10 @@ check_oss() + ;; + esac + +- OSS_CFLAGS="" +- OSS_LIBS="" +- msg_checking "for header " +- if test -f /usr/include/sys/soundcard.h ++ if check_header sys/soundcard.h + then +- msg_result "yes" + makefile_vars OSS_CFLAGS OSS_LIBS + return 0 +- else +- msg_result "no" + fi + return 1 + } -- 1.7.7.3 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH v2] [RFC] Add Kernel 3.4 to AR71xx platform.
On Fri, Sep 28, 2012 at 8:04 AM, Oliver wrote: > did you clobber? you need to "make target/linux/clean" This was my mistake. Works on my WNDR3700v2: # uname -a Linux gate 3.4.11 #1 Fri Sep 28 22:34:20 EDT 2012 mips GNU/Linux ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH v2] [RFC] Add Kernel 3.4 to AR71xx platform.
On Thu, Sep 27, 2012 at 3:13 PM, Oliver wrote: > The attached patch should correctly apply and build successfully - discard the > previous patch and apply this in its place. Sorry, still doesn't apply for me on r33576: Applying patch generic/501-yaffs_cvs_2009_04_24.patch patching file fs/yaffs2/Kconfig patching file fs/yaffs2/Makefile patching file fs/yaffs2/devextras.h Hunk #1 FAILED at 14. 1 out of 4 hunks FAILED -- rejects in file fs/yaffs2/devextras.h patching file fs/yaffs2/moduleconfig.h patching file fs/yaffs2/yaffs_checkptrw.c Hunk #12 FAILED at 281. 1 out of 14 hunks FAILED -- rejects in file fs/yaffs2/yaffs_checkptrw.c patching file fs/yaffs2/yaffs_checkptrw.h patching file fs/yaffs2/yaffs_ecc.c Hunk #10 succeeded at 323 with fuzz 2. [...] Patch generic/501-yaffs_cvs_2009_04_24.patch does not apply (enforce with -f) ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] [RFC] Add Kernel 3.4 to AR71xx platform.
On Thu, Sep 27, 2012 at 12:32 PM, Oliver wrote: > I have achieved a successful compile but will not be able to test this out for > several days, so if anyone with a spare device lying around is able to try it > now, please do. 501-yaffs_cvs_2009_04_24 won't apply: Applying patch generic/501-yaffs_cvs_2009_04_24.patch patching file fs/yaffs2/Kconfig patching file fs/yaffs2/Makefile patching file fs/yaffs2/devextras.h Hunk #1 FAILED at 14. 1 out of 4 hunks FAILED -- rejects in file fs/yaffs2/devextras.h patching file fs/yaffs2/moduleconfig.h patching file fs/yaffs2/yaffs_checkptrw.c Hunk #12 FAILED at 281. 1 out of 14 hunks FAILED -- rejects in file fs/yaffs2/yaffs_checkptrw.c patching file fs/yaffs2/yaffs_checkptrw.h patching file fs/yaffs2/yaffs_ecc.c Hunk #10 succeeded at 323 with fuzz 2. patching file fs/yaffs2/yaffs_ecc.h patching file fs/yaffs2/yaffs_fs.c Hunk #29 FAILED at 730. 1 out of 88 hunks FAILED -- rejects in file fs/yaffs2/yaffs_fs.c patching file fs/yaffs2/yaffs_getblockinfo.h patching file fs/yaffs2/yaffs_guts.c Hunk #14 FAILED at 543. [...] I can't hack on a fix right away.. maybe you can take a look. Do you have a git tree I could pull from later? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH v2] Use asm SHA1, SHA256, AES on MIPS.
On a lightly loaded 24Kc, as measured by 'openssl speed sha1', shows between 27% and 120% speedup depending on block size. SHA1 is notably used in Transmission for piece verification. --- Build tested on ARM Realview and x86 (alix2). package/openssl/Makefile |9 ++- .../openssl/patches/110-optimize-for-size.patch| 10 ++- package/openssl/patches/210-fix_aes_fips.patch | 64 3 files changed, 77 insertions(+), 6 deletions(-) create mode 100644 package/openssl/patches/210-fix_aes_fips.patch diff --git a/package/openssl/Makefile b/package/openssl/Makefile index d95783a..9161ecd 100644 --- a/package/openssl/Makefile +++ b/package/openssl/Makefile @@ -88,8 +88,13 @@ endif ifeq ($(CONFIG_x86_64),y) OPENSSL_TARGET:=linux-x86_64 else - OPENSSL_TARGET:=linux-openwrt - OPENSSL_OPTIONS+=no-perlasm no-sse2 + OPENSSL_OPTIONS+=no-sse2 + ifeq ($(CONFIG_mips),y) +OPENSSL_TARGET:=linux-mips-openwrt + else +OPENSSL_TARGET:=linux-generic-openwrt +OPENSSL_OPTIONS+=no-perlasm + endif endif define Build/Configure diff --git a/package/openssl/patches/110-optimize-for-size.patch b/package/openssl/patches/110-optimize-for-size.patch index c0160a3..f301017 100644 --- a/package/openssl/patches/110-optimize-for-size.patch +++ b/package/openssl/patches/110-optimize-for-size.patch @@ -1,11 +1,13 @@ --- a/Configure +++ b/Configure -@@ -400,6 +400,8 @@ my %table=( - "linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +@@ -401,6 +401,10 @@ my %table=( "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", -+# OpenWrt targets -+"linux-openwrt","gcc:-DTERMIO \$(OPENWRT_OPTIMIZATION_FLAGS) -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++# OpenWrt targets ++"linux-mips-openwrt","gcc:-DTERMIO \$(OPENWRT_OPTIMIZATION_FLAGS) -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-generic-openwrt","gcc:-DTERMIO \$(OPENWRT_OPTIMIZATION_FLAGS) -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++ # Android: linux-* but without -DTERMIO and pointers to headers and libs. "android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/package/openssl/patches/210-fix_aes_fips.patch b/package/openssl/patches/210-fix_aes_fips.patch new file mode 100644 index 000..bbfc63a --- /dev/null +++ b/package/openssl/patches/210-fix_aes_fips.patch @@ -0,0 +1,64 @@ +--- a/crypto/aes/asm/aes-mips.pl b/crypto/aes/asm/aes-mips.pl +@@ -1036,9 +1036,9 @@ _mips_AES_set_encrypt_key: + nop + .end _mips_AES_set_encrypt_key + +-.globlAES_set_encrypt_key +-.ent AES_set_encrypt_key +-AES_set_encrypt_key: ++.globlprivate_AES_set_encrypt_key ++.ent private_AES_set_encrypt_key ++private_AES_set_encrypt_key: + .frame $sp,$FRAMESIZE,$ra + .mask $SAVED_REGS_MASK,-$SZREG + .setnoreorder +@@ -1060,7 +1060,7 @@ $code.=<<___ if ($flavour =~ /nubi/i); # + ___ + $code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification + .cplocal$Tbl +- .cpsetup$pf,$zero,AES_set_encrypt_key ++ .cpsetup$pf,$zero,private_AES_set_encrypt_key + ___ + $code.=<<___; + .setreorder +@@ -1083,7 +1083,7 @@ ___ + $code.=<<___; + jr $ra + $PTR_ADD $sp,$FRAMESIZE +-.end AES_set_encrypt_key ++.end private_AES_set_encrypt_key + ___ + + my ($head,$tail)=($inp,$bits); +@@ -1091,9 +1091,9 @@ my ($tp1,$tp2,$tp4,$tp8,$tp9,$tpb,$tpd,$ + my ($m,$x80808080,$x7f7f7f7f,$x1b1b1b1b)=($at,$t0,$t1,$t2); + $code.=<<___; + .align5 +-.globlAES_set_decrypt_key +-.ent AES_set_decrypt_key +-AES_set_decrypt_key: ++.globlprivate_AES_set_decrypt_key ++
Re: [OpenWrt-Devel] [PATCH] Use asm SHA1, SHA256, AES on MIPS.
On Sun, Sep 23, 2012 at 6:24 AM, Felix Fietkau wrote: > Please make sure that your patch leaves non-mips targets alone. Ok, I'm working on a way that splits the openssl targets into linux-mips-openwrt and linux-generic-openwrt. Do you have any idea where the 'FIPS' modifications to openssl come from? (the fix needed in 210-fix_aes_fips.patch) They're not in the source code repo, but they are in the released tarball for 1.0.1c. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] Use asm SHA1, SHA256, AES on MIPS.
On a lightly loaded 24Kc, as measured by 'openssl speed sha1', shows between 27% and 120% speedup depending on block size. SHA1 is notably used in Transmission for piece verification. >>> no-perlasm <<< The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes sha1 1421.10k 4019.38k 8498.85k11452.85k13073.53k >>> mips32_asm <<< The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes sha1 1814.05k 6046.81k14637.55k23456.13k28825.77k relative: 27% 50% 72% 104% 120% --- I haven't tested this too thoroughly, so at this point I'm just looking for people willing to try this out and for feedback in general. If it doesn't cause too much grief, I can clean it up to a point where it's merge-able. package/openssl/Makefile |2 +- .../openssl/patches/110-optimize-for-size.patch|2 +- package/openssl/patches/210-fix_aes_fips.patch | 64 3 files changed, 66 insertions(+), 2 deletions(-) create mode 100644 package/openssl/patches/210-fix_aes_fips.patch diff --git a/package/openssl/Makefile b/package/openssl/Makefile index d95783a..4dfcdf6 100644 --- a/package/openssl/Makefile +++ b/package/openssl/Makefile @@ -89,7 +89,7 @@ ifeq ($(CONFIG_x86_64),y) OPENSSL_TARGET:=linux-x86_64 else OPENSSL_TARGET:=linux-openwrt - OPENSSL_OPTIONS+=no-perlasm no-sse2 + OPENSSL_OPTIONS+=no-sse2 endif define Build/Configure diff --git a/package/openssl/patches/110-optimize-for-size.patch b/package/openssl/patches/110-optimize-for-size.patch index c0160a3..8895f4f 100644 --- a/package/openssl/patches/110-optimize-for-size.patch +++ b/package/openssl/patches/110-optimize-for-size.patch @@ -5,7 +5,7 @@ "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", +# OpenWrt targets -+"linux-openwrt","gcc:-DTERMIO \$(OPENWRT_OPTIMIZATION_FLAGS) -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-openwrt","gcc:-DTERMIO \$(OPENWRT_OPTIMIZATION_FLAGS) -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # Android: linux-* but without -DTERMIO and pointers to headers and libs. "android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/package/openssl/patches/210-fix_aes_fips.patch b/package/openssl/patches/210-fix_aes_fips.patch new file mode 100644 index 000..bbfc63a --- /dev/null +++ b/package/openssl/patches/210-fix_aes_fips.patch @@ -0,0 +1,64 @@ +--- a/crypto/aes/asm/aes-mips.pl b/crypto/aes/asm/aes-mips.pl +@@ -1036,9 +1036,9 @@ _mips_AES_set_encrypt_key: + nop + .end _mips_AES_set_encrypt_key + +-.globlAES_set_encrypt_key +-.ent AES_set_encrypt_key +-AES_set_encrypt_key: ++.globlprivate_AES_set_encrypt_key ++.ent private_AES_set_encrypt_key ++private_AES_set_encrypt_key: + .frame $sp,$FRAMESIZE,$ra + .mask $SAVED_REGS_MASK,-$SZREG + .setnoreorder +@@ -1060,7 +1060,7 @@ $code.=<<___ if ($flavour =~ /nubi/i); # + ___ + $code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification + .cplocal$Tbl +- .cpsetup$pf,$zero,AES_set_encrypt_key ++ .cpsetup$pf,$zero,private_AES_set_encrypt_key + ___ + $code.=<<___; + .setreorder +@@ -1083,7 +1083,7 @@ ___ + $code.=<<___; + jr $ra + $PTR_ADD $sp,$FRAMESIZE +-.end AES_set_encrypt_key ++.end private_AES_set_encrypt_key + ___ + + my ($head,$tail)=($inp,$bits); +@@ -1091,9 +1091,9 @@ my ($tp1,$tp2,$tp4,$tp8,$tp9,$tpb,$tpd,$ + my ($m,$x80808080,$x7f7f7f7f,$x1b1b1b1b)=($at,$t0,$t1,$t2); + $code.=<<___; + .align5 +-.globlAES_set_decrypt_key +-.ent AES_set_decrypt_key +-AES_set_decrypt_key: ++.globlprivate_AES_set_decrypt_key ++.ent private_AES_set_decrypt_key ++private_AES_set_decrypt_key: + .frame $sp,$FRAMESIZE,$ra + .mask $SAVED_REGS_MASK,-$SZREG + .setnoreorder +@@ -1115,7 +1115,7 @@ $code.=<<___ if ($flavour =~ /nubi/i); # + ___ + $code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification + .cplocal$Tbl +- .cpsetup$pf,$zero,AES_set_