It is used for both 802.11r and WPA enterprise.
Setting it when not needed is harmless
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit c2fde432b3de2d0e153e436f1b7e3f64542e5edc)
Some servers use the NAS-IP-Address attribute as a destination address
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 2fb38b77a23735fe55324f51437a1f83d853bafa)
eee80211_frequency_to_channel() isn't used anymore, which is a leftover from:
2a31e9ca97 "hostapd: add op-class to get_status output"
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit 3bc060440ab6f797f7cde804639f8e211ea0cf82)
dtim_period is a bss property, not a device one.
It is already handled properly in mac80211.sh
Fixes: 30c64825c7ed ("hostapd: add dtim_period, local_pwr_constraint, spectrum_mgmt_required")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit ddf736e543d4a214f563dc008b6fb5ee5e0d1b66)
Add the measurement report value to the beacon reports send via ubus. It
is possible to derive from the measurement report if a station refused to
do a beacon report and why. It is important to know why a station refuses
to do a beacon-report. In particular, we should not request a beacon
report from a station again that refused a beacon-report before.
The rejection reasons can be found by looking at the bits defined by:
- MEASUREMENT_REPORT_MODE_ACCEPT
- MEASUREMENT_REPORT_MODE_REJECT_LATE
- MEASUREMENT_REPORT_MODE_REJECT_INCAPABLE
- MEASUREMENT_REPORT_MODE_REJECT_REFUSED
Suggested-by: Ian Clowes <clowes_ian@hotmail.com>
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit e5cab973a4b5ad1a10787b2312129b346f3a581a)
This backports a commit from upstream dnsmasq to fix CVE-2022-0934.
CVE-2022-0934 description:
A single-byte, non-arbitrary write/use-after-free flaw was found in
dnsmasq. This flaw allows an attacker who sends a crafted packet
processed by dnsmasq, potentially causing a denial of service.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 002a99eccd75fb653163bae0a1132bd4f494e7ad)
The isdn4linux drivers and subsystem was removed in kernel 5.3, remove
the kernel package also from OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit db55dea5fc047190af188f07018e99b0c7a4bdde)
The w1_ds2760.ko driver was merged into the ds2760_battery.ko driver.
The driver was removed and this package was never build any more.
This happened with kernel 4.19.
Remove this unused package.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 5808973d141f488e06efe4749dbf651565fd5510)
The rtc-pt7c4338.ko was never upstream under this name, the driver was
removed from OpenWrt some years ago, remove the kmod-rtc-pt7c4338
package too.
Fixes: 74d00a8c3849 ("kernel: split patches folder up into backport, pending and hack folders")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 5ccf4dcf8864c1d940b65067d8c6f7c4e5858ae2)
9217ab4 ustream-openssl: Disable renegotiation in TLSv1.2 and earlier
2ce1d48 ci: fix building with i.MX6 SDK
584f1f6 ustream-openssl: wolfSSL: provide detailed information in debug builds
aa8c48e cmake: add a possibility to set library version
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 69f0c29b8b3339ef93c04f6c7f92481e8e223e2f)
Add NVRAM quirks script for the bcm53xx target. Split NVRAM quirks for the
bcm47xx and bcm53xx targets. Move clear partialboot NVRAM quirk for Linksys
EA9500 here. Add set wireless LED behaviour quirk for Asus RT-AC88U.
Use boot() instead of start() as nvram commands are meant to be executed
only once, at boot.
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
(cherry picked from commit f4e219fd5e6cfa33d234dad134fb105cc1620f54)
Use the kernel's built-in formula for computing this value.
The value applied by OpenWRT's sysctl configuration file does not scale
with the available memory, under-using hardware capabilities.
Also, that formula also influences net.netfilter.nf_conntrack_buckets,
which should improve conntrack performance in average (fewer connections
per hashtable bucket).
Backport upstream commit for its effect on the number of connections per
hashtable bucket.
Apply a hack patch to set the RAM size divisor to a more reasonable value (2048,
down from 16384) for our use case, a typical router handling several thousands
of connections.
Signed-off-by: Vincent Pelletier <plr.vincent@gmail.com>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit 15fbb916669dcdfcc706e9e75263ab63f9f27c00)
The removed patches were applied upstream.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 077622a198039f9f3d907b5cf4d77a52d7592c49)
Some patches are already upstreamed.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit b2272c6194666a299210a0ee1bf307c83abc278b)
procd complain for an unused verbose variable causing compilation error.
Fix this by setting the variable static following upstream procd
changes.
This is a variant of 0ee73b2c86a853ae3274c7080e2dcd36b81aa1fa that
introduced major change and fixed the verbose variable to static.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
4bf2607362fc wifi: mt76: fix dbdc number of spatial streams limit
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 9179f484bfcb37e1c59e736b2a64c9583eb00356)
This helps choosing the right NTFS driver from two available options.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b066ad7d9aa5221bfd334a3017abe9bcd171b33f)
It allows prepopulating /etc/config/network interface-s with predefined
metric. It may be useful for devices with multiple WAN ports.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 7f443d2d9aa1170d6b68f0dc6d5b5552882ee327)
Changes between 1.1.1r and 1.1.1s [1 Nov 2022]
*) Fixed a regression introduced in 1.1.1r version not refreshing the
certificate data to be signed before signing the certificate.
[Gibeom Gwon]
Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
*) Fixed the linux-mips64 Configure target which was missing the
SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
platform.
[Adam Joseph]
*) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
causing incorrect results in some cases as a result.
[Paul Dale]
*) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
report correct results in some cases
[Matt Caswell]
*) Fixed a regression introduced in 1.1.1o for re-signing certificates with
different key sizes
[Todd Short]
*) Added the loongarch64 target
[Shi Pujin]
*) Fixed a DRBG seed propagation thread safety issue
[Bernd Edlinger]
*) Fixed a memory leak in tls13_generate_secret
[Bernd Edlinger]
*) Fixed reported performance degradation on aarch64. Restored the
implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
32-bit lane assignment in CTR mode") for 64bit targets only, since it is
reportedly 2-17% slower and the silicon errata only affects 32bit targets.
The new algorithm is still used for 32 bit targets.
[Bernd Edlinger]
*) Added a missing header for memcmp that caused compilation failure on some
platforms
[Gregor Jasny]
Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit a0814f04ed955eb10b25df0ce6666ed91f11ca1b)
