mtk-20170518/package/network/services, branch reboot MTK 20170518 : Mediatek SDK based on OpenWRT Barrier Breaker dnsmasq: run as dedicated UID/GID 2016-04-26T11:44:10+00:00 John Crispin john@openwrt.org 2016-04-26T11:44:10+00:00 3481d0d793b87ed4c0f0fa899497f49060e5511d Running dnsmasq in a dedicated user/group allows matching its outgoing traffic more easily using iptables' owner match. Add UID/GID to the package metadata and append the user/group parameters to the init script. Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 49252 
Running dnsmasq in a dedicated user/group allows matching its outgoing
traffic more easily using iptables' owner match.
Add UID/GID to the package metadata and append the user/group
parameters to the init script.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 49252
dnsmasq: Add enable parameter in the UCI DHCP host section 2016-04-17T12:52:54+00:00 Hauke Mehrtens hauke@hauke-m.de 2016-04-17T12:52:54+00:00 3fabbb814d36ec9cbf484c1b0df82f5a06869aec Parameter allows to enable/disable static leases; by default the value is 1 to keep backwards compatibility Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 49187 
Parameter allows to enable/disable static leases; by default the value is 1
to keep backwards compatibility

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49187
hostapd.sh: Add support for "anonymous_identity" config field 2016-04-17T12:50:55+00:00 Hauke Mehrtens hauke@hauke-m.de 2016-04-17T12:50:55+00:00 3830200d6ad8f0197ca4f8e0a99d3a043214de10 The wpa_supplicant supports an "anonymous_identity" field, which some EAP networks require. From the documentation: anonymous_identity: Anonymous identity string for EAP (to be used as the unencrypted identity with EAP types that support different tunnelled identity, e.g., EAP-TTLS). This change modifies the hostapd.sh script to propagate this field from the UCI config to the wpa_supplicant.conf file. Signed-off-by: Kevin O'Connor <kevin@koconnor.net> Reviewed-by: Manuel Munz <freifunk@somakoma.de> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 49181 
The wpa_supplicant supports an "anonymous_identity" field, which some
EAP networks require.  From the documentation:

anonymous_identity: Anonymous identity string for EAP (to be used as the
    unencrypted identity with EAP types that support different tunnelled
    identity, e.g., EAP-TTLS).

This change modifies the hostapd.sh script to propagate this field
from the UCI config to the wpa_supplicant.conf file.

Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Reviewed-by: Manuel Munz <freifunk@somakoma.de>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49181
samba: fix some security problems 2016-04-16T20:06:34+00:00 Hauke Mehrtens hauke@hauke-m.de 2016-04-16T20:06:34+00:00 1414f1647d435a7eda48d9433a022286a46d9097 This fixes the following security problems: * CVE-2015-7560 * CVE-2015-5370 * CVE-2016-2110 * CVE-2016-2111 * CVE-2016-2112 * CVE-2016-2115 * CVE-2016-2118 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 49175 
This fixes the following security problems:
* CVE-2015-7560
* CVE-2015-5370
* CVE-2016-2110
* CVE-2016-2111
* CVE-2016-2112
* CVE-2016-2115
* CVE-2016-2118

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49175
openvpn: add support for X.509 name options 2016-03-08T18:12:02+00:00 John Crispin john@openwrt.org 2016-03-08T18:12:02+00:00 0ca70716324d88e5e8b956035ee71cc1b32bda8d x509-username-field was added in OpenVPN 2.2, and verify-x509-name was added in 2.3. This fixes ticket #18807. Signed-off-by: Jeffery To <jeffery.to@gmail.com> SVN-Revision: 48969 
x509-username-field was added in OpenVPN 2.2, and verify-x509-name was
added in 2.3. This fixes ticket #18807.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>

SVN-Revision: 48969
dnsmasq: add host-specific lease time option for static hosts 2016-02-26T09:13:03+00:00 John Crispin john@openwrt.org 2016-02-26T09:13:03+00:00 b5bfb3534b693f7781978b369d4f1bb2995bfcd4 Enable setting a host-specific lease time for static hosts. The new option is called "leasetime" and the format is similar as for the default lease time: e.g. 12h, 3d, infinite Default lease time is used for all hosts for which there is no host-specific definition. The option is added to /etc/config/dhcp for the selected hosts: config host option name 'Nexus' option mac 'd8:50:66:55:59:7c' option ip '192.168.1.245' option leasetime '2h' It gets appended to /var/etc/dnsmasq.conf like this: dhcp-host=d8:50:66:55:59:7c,192.168.1.245,Nexus,2h Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> SVN-Revision: 48801 
Enable setting a host-specific lease time for static hosts.
The new option is called "leasetime" and the format is similar
as for the default lease time: e.g. 12h, 3d, infinite

Default lease time is used for all hosts for which there is
no host-specific definition.

The option is added to /etc/config/dhcp for the selected hosts:
  config host
        option name 'Nexus'
        option mac 'd8:50:66:55:59:7c'
        option ip '192.168.1.245'
        option leasetime '2h'

It gets appended to /var/etc/dnsmasq.conf like this:
  dhcp-host=d8:50:66:55:59:7c,192.168.1.245,Nexus,2h

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 48801
dnsmasq: add dhcp relay option 2016-02-26T08:35:48+00:00 John Crispin john@openwrt.org 2016-02-26T08:35:48+00:00 c503984876e223801e7882e8499718f860f574ea Signed-off-by: dbugnar <dnbugnar@ocedo.com> SVN-Revision: 48800 
Signed-off-by: dbugnar <dnbugnar@ocedo.com>

SVN-Revision: 48800
dnsmasq: export tftp root to the procd jail 2016-02-25T09:24:31+00:00 Felix Fietkau nbd@openwrt.org 2016-02-25T09:24:31+00:00 b4a1bd899290bc1279070c6ae643ee9e927ee9e2 Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48761 
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48761
dnsmasq: only enable tftp if the tftp root exists 2016-02-25T09:24:24+00:00 Felix Fietkau nbd@openwrt.org 2016-02-25T09:24:24+00:00 5e84051a0f1126a8e984bccd06bcaf093c7ba539 Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48760 
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48760
lldp: Upgrade to 0.9.0 2016-02-18T08:22:07+00:00 John Crispin john@openwrt.org 2016-02-18T08:22:07+00:00 7a29f7c22d0d13f51411282d7294aec1862e235f Signed-off-by: Ben Kelly <ben@benjii.net> SVN-Revision: 48738 
Signed-off-by: Ben Kelly <ben@benjii.net>

SVN-Revision: 48738