Alex Lewontin [Fri, 21 Feb 2020 20:58:12 +0000 (15:58 -0500)]
ramips: move Netgear R6120 LED trigger to DTS
This moves the trigger for the Netgear R6120's wlan2g_green LED from
base-files/etc/board.d/01_leds to the device-tree file.
This has been applied to R6120 based on findings for the very similar
Netgear R6080.
Signed-off-by: Alex Lewontin <alex.c.lewontin@gmail.com>
[merge case in 01_leds, slightly adjust commit message/title] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The DTS files in files-4.19 and files-5.4 are exactly identical
except for one file (armada-3720-uDPU.dts), which is only present
for 4.19, as it has been upstreamed before 5.4.
Since there is no point in maintaining all these identical files
twice, this patch moves them to the "files" directory, only keeping
the named exception to files-4.19.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Sven Roederer [Wed, 25 Dec 2019 18:20:10 +0000 (19:20 +0100)]
igmpproxy: remove some bashism
"[[" is a bash extension for test. As the ash-implementation is not
fully compatible we drop its usage.
This follows up 3519bf4976b41c
As a result, we also need to move the and/or out of the test brackets.
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
[squash from two patches, adjust commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Jose Olivera [Mon, 20 May 2019 13:10:56 +0000 (21:10 +0800)]
mvebu: fix default EU regdomain for Linksys WRT AC devices
The mwlwifi driver sets the default country code for EU (fi-
rmware region code 0x30) certified devices to FR (France),
not DE (Germany). Whilst this is a trivial fix, novice users
may not know how mwlwifi negatively reacts to a non-matching
country code and may leave the setting alone. Especially si-
nce it is under the advanced settings section in LuCI.
The mwlwifi driver readme states "Please don't change country
code and let mwlwifi set it for you." However, OpenWrt's current
behaviour does not adhere to this with its default, 'just flashed
from factory' setting for EU devices.
Signed-off-by: Jose Olivera <oliverajeo@gmail.com>
[rebase, extend commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Petr Štetiar [Tue, 23 Jun 2020 07:24:57 +0000 (09:24 +0200)]
armvirt,x86: fix build breakage of crypto ccp module
Upstream in commit f9f8f0c24203 ("crypto: ccp -- don't "select"
CONFIG_DMADEVICES") removed dependency on CONFIG_DMADEVICES symbol which
leads to build breakage of ccp crypto module, so fix this by adding that
symbol back in the kernel config.
where tplink-v1 defines KERNEL_INITRAMFS with tplink-v1-header and it's
then used by all devices inheriting from tplink-safeloader. Fix this by
overriding KERNEL_INITRAMFS to KERNEL variable again.
Konstantin Demin [Sun, 21 Jun 2020 12:36:47 +0000 (15:36 +0300)]
dropbear: bump to 2020.79
- drop patches (applied upstream):
* 010-backport-change-address-logging.patch
* 020-backport-ed25519-support.patch
* 021-backport-chacha20-poly1305-support.patch
- backport patches:
* 010-backport-disable-toom-and-karatsuba.patch:
reduce dropbear binary size (about ~8Kb).
- refresh patches.
- don't bother anymore with following config options
because they are disabled in upstream too:
* DROPBEAR_3DES
* DROPBEAR_ENABLE_CBC_MODE
* DROPBEAR_SHA1_96_HMAC
- explicitly disable DO_MOTD as it was before commit a1099ed:
upstream has (accidentally) switched it to 0 in release 2019.77,
but reverted back in release 2020.79.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Lech Perczak [Sat, 20 Jun 2020 16:16:11 +0000 (18:16 +0200)]
ath79: fix input type for TP-Link TL-WR902AC v1 mode switch
Inputs assigned to "mode select" switch on the side of the device
were missing linux,input-type property.
This would cause them do incorrectly generate EV_KEY events.
Fix this by setting the linux,input-type = <EV_SW> property on them.
Andrew Cameron [Thu, 18 Jun 2020 13:25:43 +0000 (08:25 -0500)]
ath79: add support for TP-Link CPE610 v2
TP-Link CPE610 v2 is an outdoor wireless CPE for 5 GHz with
one Ethernet port based on Atheros AR9344
Specifications:
- 560/450/225 MHz (CPU/DDR/AHB)
- 1x 10/100 Mbps Ethernet
- 64 MB of DDR2 RAM
- 8 MB of SPI-NOR Flash
- 23dBi high-gain directional 2×2 MIMO antenna and a
dedicated metal reflector
- Power, LAN, WLAN5G green LEDs
- 3x green RSSI LEDs
Flashing instructions:
Flash factory image through stock firmware WEB UI
or through TFTP
To get to TFTP recovery just hold reset button while powering on for
around 4-5 seconds and release.
Rename factory image to recovery.bin
Stock TFTP server IP:192.168.0.100
Stock device TFTP adress:192.168.0.254
Signed-off-by: Andrew Cameron <apcameron@softhome.net>
In contrast to the implementation in ar71xx (reset and WiFi button),
the device actually features reset and WPS buttons.
Flashing instructions:
Upload the ...-factory.bin file via OEM web interface.
TFTP Recovery:
1. Set PC to fixed IP address 192.168.0.66
2. Download *-factory.bin image and rename it to
wa801ndv3_tp_recovery.bin
3. Start a tftp server with the image file in its root directory
4. Turn off the router
5. Press and hold Reset button
6. Turn on router with the reset button pressed and wait ~15 seconds
7. Release the reset button and after a short time
the firmware should be transferred from the tftp server
8. Wait ~30 second to complete recovery.
TFTP recovery has only been tested with v3, and the Wiki states
that the procedure won't work for v4, which cannot be verified
or falsified at the moment.
Tested by Tim Ward (see forum):
https://forum.openwrt.org/t/ath79-support-for-tp-link-tl-wa901nd-v3-v4-v5/61246/13
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Fix the switch LAN labels for the DGND3700v1/DGND3800B router,
the order is reversed.
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
[cut out of bigger patch, adjust commit title/message accordingly] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Kuan-Yi Li [Sat, 10 Aug 2019 19:23:28 +0000 (03:23 +0800)]
base-files: gpio switch: add named GPIO support
Previously, gpio_switch only accepts GPIO pin number as input. Once a
GPIO pin is exported and named by device tree, its pin state cannot be
configured and saved across reboots by UCI.
This patch adds support for named GPIO pins. Thus GPIO pin can be
exported by device tree with active high/low correctly configured,
having human-readable name in /sys/class/gpio/ is also now possible.
More importantly, GPIO pins which are referenced by name will be immune
from pin mapping breakage while unintentional pin number changes are
introduced by kernel or driver updates.
Alan Swanson [Sat, 7 Mar 2020 15:42:54 +0000 (15:42 +0000)]
mac80211: ath9k: enable adding wireless noise to kernel entropy pool
This option allows adding the ath9k ADC register output as a source
of randomness into the Linux entropy pool at sufficient quality
random data (at least 10 bits and up to 22 bits of min-entropy for
a 32-bit value).
Fixes FS#1444 Signed-off-by: Alan Swanson <reiver@improbability.net>
Karel Kočí [Tue, 16 Jun 2020 15:07:46 +0000 (17:07 +0200)]
hostapd: fix compilation of wpa_supplicant
Ubus patch as it seems have been broken by some rebase in the past as
the location of line that adds ubus object file was in condition for
CONFIG_MACSEC. That condition was adding object files that are not
touched by ubus patch. This means ubus.o does not have to be included in
that case. When it has to be and when build fails is when CONFIG_AP is
set. All files included in wpa_supplicant that are touched by this patch
are in this condition. This means that this is for sure the original
place for it.
Ian Cooper [Mon, 15 Jun 2020 21:14:04 +0000 (22:14 +0100)]
toolchain: remove gcc libssp and use libc variant
Removes the standalone implementation of stack smashing protection
in gcc's libssp in favour of the native implementation available
in glibc and uclibc. Musl libc already uses its native ssp, so this
patch does not affect musl-based toolchains.
Stack smashing protection configuration options are now uniform
across all supported libc variants.
This also makes kernel-level stack smashing protection available
for x86_64 and i386 builds using non-musl libc.
Rozhuk Ivan [Sat, 24 Aug 2019 16:41:01 +0000 (19:41 +0300)]
comgt-ncm: do not attempt to connect if the control device is invalid
After a hardware reconnect, the control device might be unavailable and
attempting to interact with it will lead to hanging gcom calls, leaving
the protocol setup in an unrecoverable state.
Change the protocol handler to bail out early and notify netifd if the
control device is not defined or if the underlying device node does not
exist.
Also ensure that the "disconnect", "connect" and "setmode" commands are
actually defined before trying to invoke them.
Finally attempt to re-query the device manufacturer if it is unset in
the interface state in order to prevent UNUPPORTED_MODEM errors after
a modem hardware reconnect.
Signed-off-by: Rozhuk Ivan <rozhuk.im@gmail.com>
[reword subject and commit message]
Ref: https://github.com/openwrt/openwrt/pull/2352 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Florian Eckert [Fri, 30 Nov 2018 13:03:50 +0000 (14:03 +0100)]
openvpn: add generic hotplug mechanism
Pass a default --up and --down executable to each started OpenVPN instance
which triggers /etc/hotplug.d/openvpn/ scripts whenever an instance
goes up or down.
User-configured up and down scripts are invoked by the default shipped
01-user hotplug handler to ensure that existing setups continue to work
as before.
As a consequence of this change, the up, down and script_security OpenVPN
options are removed from the option file, since we're always passing them
via the command line, they do not need to get included into the generated
configuration.
CONFIG_HZ_100 is not set to "y" in generic config anymore since 3a761c90afc0 ("treewide: Don't diverge from upstream default HZ
settings on 4.19"), so we don't need to disable it anymore either.
This was the only remaining case in the entire tree.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Petr Štetiar [Wed, 10 Jun 2020 14:01:06 +0000 (16:01 +0200)]
mvebu: fix bootloader kernel commandline mangling
Currently I'm unable to boot initramfs image with `console=ttyS0,115200`
kernel commandline as the kernel commandline mangling resets kernel
commandline if there is no `root=` option provided, efectively clearing
whatever I pass to the kernel, making the `root=` option mandatory.
So if the kernel commandline mangling is not appropriate just leave the
kernel commandline as it is.
bcm63xx: use the generic nand upgrade on Sercomm devices
The Sercomm devices don't need the jffs2 cleanmarkers for the kernel
partition. With the stock firmware they are only added when the
bootloader partition is upgraded.
Furthermore, on the Sercomm H500-s, the specific cfe_jffs2_upgrade_tar
function causes OOB corruption. As a result of this, combined with the
nature of the mtdsplit driver, the upgrade procedure ends in a bricked
device.
Use the generic nand_do_upgrade provided by the OpenWrt common functions.
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
mediatek: fix IPv4-only corner case and commit in 99-net-ps
The uci config section network.globals set up in /bin/config_generate
will only be created if /proc/sys/net/ipv6 exists.
Correspondingly, lacking IPv6 support, the command
uci set network.globals.packet_steering=1
will fail with "uci: Invalid argument" as the network.globals config
has not been set up.
Fix that by adding the setup there as well.
While at it, limit the uci commit to the network config file.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Specifications:
- SoC: Atheros AR9344
- RAM: 64MB
- Storage: 8 MB SPI NOR
- Wireless: 2.4GHz N based built into SoC
- Ethernet: 1x 10/100 Mbps with 24V POE IN, 1x 10/100 Mbps
Installation:
Flash factory image through stock firmware WEB UI
or through TFTP
To get to TFTP recovery just hold reset button while powering on for
around 4-5 seconds and release.
Rename factory image to recovery.bin
Stock TFTP server IP:192.168.0.100
Stock device TFTP adress:192.168.0.254
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Christopher Hill [Tue, 26 May 2020 01:05:00 +0000 (21:05 -0400)]
ath79: add Mikrotik rb4xx series drivers
This adds 3 Mikrotik rb4xx series drivers as follows:
rb4xx-cpld: This is in the mfd subsystem, and is the parent CPLD device
that interfaces between the SoC SPI bus and its two children below.
rb4xx-gpio: This is the GPIO expander.
rb4xx-nand: This is the NAND driver.
The history of this code comes in three phases.
1. The first is a May 2015 attempt to push the equivalient ar71xx rb4xx
drivers upstream. See https://lore.kernel.org/patchwork/patch/940880/.
The Pirelli A226M-FWB has a wrong linux partition offset, caused
by a copy-paste error. As of result of this, OpenWrt is currently
broken in this unit.
Fix it.
While at it, also use generic node names and fix the addresses
there as well.
Fixes: a27d59bb4274 ("brcm63xx: switch to new partition layout
specification")
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
[also fix/update node names, extend commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
ramips: fix IPv4-only corner case in 01_enable_packet_steering
The uci config section network.globals set up in /bin/config_generate
will only be created if /proc/sys/net/ipv6 exists.
Correspondingly, lacking IPv6 support, the command
uci set network.globals.packet_steering=1
will fail with "uci: Invalid argument" as the network.globals config
has not been set up.
Fix that by adding the setup there as well.
Fixes: dfd62e575c6c ("ramips: enable packet steering by default on mt7621") Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
To prevent "wrong" musl packages which have a new version number
but the package still contains an old version, because
PKG_SOURCE_VERSION was unchanged.
Ref: musl ml https://www.openwall.com/lists/musl/2020/05/22/4
Reviewed-by: Petr Štetiar <ynezz@true.cz> Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
hostapd: hostapd_set_psk_file: fix defaut value for mac
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Bringing up of station vlan fails if the optional mac entry isn't set.
The default mac "00:00:00:00:00:00", which should match all stations,
is mistakenly set to the non used variable "isolate". This results in
a wrong formatted .psk file which has to be "vlan_id mac key".
fixes: 5aa2ddd0: hostapd: add support for wifi-station and wifi-vlan sections
Signed-off-by: Johann Neuhauser <johann@it-neuhauser.de>
David Bauer [Sat, 13 Jun 2020 14:57:53 +0000 (16:57 +0200)]
ipq40xx: use zImage for EX6100v2 and EX6150v2
The NETGEAR EX61500v2 and EX6150v2 U-Boot does not support booting LZMA
compressed images. Currently, they are using GZIP compressed kernels,
which results in ledd flash being available to the root and overlay
filesystems.
Using a zImage results in a smaller kernel and therefore increases
available space for rootfs and overlayfs.
In Firmware Upgrade page, upgrade your openwrt-ipq40xx-generic-engenius_emr3500-squashfs-factory.bin directly.
From OpenWrt firmware to EnGenius firmware:
1. Setup a TFTP server on your computer and configure static IP to 192.168.99.8
Put the EnGenius firmware in the TFTP server directory on your computer.
2. Power up EMR3500. Press 4 and then press any key to enter u-boot.
3. Download EnGenius firmware
(IPQ40xx) # tftpboot 0x84000000 openwrt-ipq40xx-emr3500-nor-fw-s.img
4. Flash the firmware
(IPQ40xx) # imgaddr=0x84000000 && source 0x84000000:script
5. Reboot
(IPQ40xx) # reset
Signed-off-by: Yen-Ting-Shen <frank.shen@senao.com>
[squashed update patch, updated to 5.4, dropped BOARD_NAME,
migrated to SOC] Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Sven Eckelmann [Tue, 9 Jun 2020 13:35:04 +0000 (15:35 +0200)]
ipq40xx: essedma: Disable TCP segmentation offload for IPv6
It was noticed that the the whole MAC can hang when transferring data from
one ar40xx port (WAN ports) to the CPU and from the CPU back to another
ar40xx port (LAN ports). The CPU was doing only NATing in that process.
Usually, the problem first starts with a simple data corruption:
$ wget https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-10.4.0-amd64-netinst.iso -O /dev/null
...
Connecting to saimei.ftp.acc.umu.se (saimei.ftp.acc.umu.se)|2001:6b0:19::138|:443... connected.
...
Read error at byte 48807936/352321536 (Decryption has failed.). Retrying.
But after a short while, the whole MAC will stop to react. No traffic can
be transported anymore from the CPU port from/to the AR40xx PHY/switch and
the MAC has to be resetted.
Signed-off-by: Sven Eckelmann <sven@narfation.org> Acked-by: John Crispin <john@phrozen.org>
With several subtargets, the image/Makefile becomes crowded after a
while. Many targets have moved their device definitions to $subtarget.mk
files to have them more organized, let's do this here as well.
Cc: Rafał Miłecki <rafal@milecki.pl> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
J. Scott Heppler [Fri, 12 Jun 2020 16:04:15 +0000 (18:04 +0200)]
ramips: fix port display for TRENDnet TEW-810DR
This updates the display port order for the TEW-810DR to be in line
with the DIR-810L. Both share the same board and pictures on the
vendors' pages indicate the same external numbering scheme as well.
Signed-off-by: J. Scott Heppler <shep971@centurylink.net>
[replace commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Installation via stock firmware:
* Install the factory image via the stock firmware web interface
Installation via bootloader Emergency Web Server:
* Connect your PC to the LAN1(PoE) port
* Configure your PC with IP address 192.168.0.90
* Open a serial console to the Console port (115200,8n1)
* Press "q" within 2s when "press 'q' to stop autoboot" appears
* Open http://192.168.0.50 in a browser
* Upload either the factory or the sysupgrade image
* Once you see "write image into flash...OK,dest addr=0x9f070000" you
can power-cycle the device. Ignore "checksum bad" messages.
Setting the MAC addresses for the ethernet interfaces via
/etc/board.d/02_network adds the following snippets to
/etc/config/network:
config device 'lan_eth0_1_dev'
option name 'eth0.1'
option macaddr 'xx:xx:xx:xx:xx:xx'
config device 'wan_eth1_2_dev'
option name 'eth1.2'
option macaddr 'xx:xx:xx:xx:xx:xx'
This would result in the proper MAC addresses being set for the VLAN
subinterfaces, but the parent interfaces would still have a random MAC
address. Using untagged VLANs could solve this, but would still leave
those extra snippets in /etc/config/network, and then the device VLAN
setup would differ from the one used in ar71xx. Therefore, the MAC
addresses of the ethernet interfaces are being set via preinit instead.
The bdcfg partition contains 4 MAC address labels:
- lanmac
- wanmac
- wlanmac
- wlanmac_a
The first 3 all contain the same MAC address, which is also the one on
the label.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
IPKG_INSTROOT is only set under image builder and we won't be running
this script at build time either, so remove the reference before it gets
cargo-culted into other scripts.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> Acked-by: Hans Dedecker <dedeckeh@gmail.com>
But the driver in U-Boot of RT-N56U GPL tar blocks using RGMII_33V (9)
mode and it seems to be unsupported on RTL8367B, so drop it from
switch-case in rtl8367b_extif_set_mode.
Paul Spooren [Tue, 9 Jun 2020 04:15:05 +0000 (18:15 -1000)]
imagebuilder: Remove json_info_files/ before build
The folder `json_info_files` contains multiple JSON files which describe
created firmware images. The folder is not removed between builds as the
ImageBuilder does not use `image.mk`.
Not removing the JSON files result in a merged `profiles.json` file
containing entries for outdated or non-existing images.
This commit adds the `json_info_files/` cleanup step to the ImageBuilder
Makefile.
Paul Spooren [Wed, 10 Jun 2020 02:24:29 +0000 (22:24 -0400)]
imagebuilder: pass IB=1 on checking requirements
The patch 4a1a58a3 build, imagebuilder: Do not require libncurses-dev
was supposed to remove libncurses as a requirement for the ImageBuilder.
However as the IB=1 is only exported during building, not for checking
requirements, it did never actually work.
Strangely, the owner of a TRENDnet TEW-810DR reports that the
initial port order is correct, while both devices share the
same board and look similar from the outside. Since I cannot
investigate this without having any of the devices, this does
only touch the DIR-810L for now.
While at it, also merge in the case for zbtlink,zbt-we2026, as
the display port specified for WAN there won't have any effect
anyway.
Reported-by: Roger Pueyo Centelles <roger.pueyo@guifi.net> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
ramips: fix WAN LED for D-Link DIR-810L/TRENDnet TEW-810DR
The WAN LED on DIR-810L was actually blinking on LAN1 port
activity. This has already been improved for the TEW-810DR, where
the GPIO has been set up explicitly rather than having it controlled
by the switch.
This patch also applies this setup to the DIR-810L.
In addition, the trigger in 01_leds is set up with
ucidef_set_led_switch for both devices now, so state changes should
be displayed correctly as well.
Reported-by: Roger Pueyo Centelles <roger.pueyo@guifi.net> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> Tested-by: Roger Pueyo Centelles <roger.pueyo@guifi.net> [DIR-810L] Tested-by: J. Scott Heppler <shep971@centurylink.net> [TEW-810DR]
With several subtargets, the image/Makefile becomes crowded after a
while. Many targets have moved their device definitions to $subtarget.mk
files to have them more organized, let's do this here as well.
While at it, also move subtarget-specific build recipes.
Cc: Christian Lamparter <chunkeey@gmail.com> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> Acked-by: Christian Lamparter <chunkeey@gmail.com>
Renaud Lepage [Sun, 10 May 2020 22:10:20 +0000 (15:10 -0700)]
ath79: add support for the Netgear WNDRMAC v1
The Netgear WNDRMAC v1 is a hardware variant of the Netgear WNDR3700 v2
Specifications
==============
* SoC: Atheros AR7161
* RAM: 64mb
* Flash on board: 16mb
* WiFi: Atheros AR9220 (a/n), Atheros AR9223 (b/g/n)
* Ethernet: RealTek RTL8366SR (1xWAN, 4xLAN, Gigabit)
* Power: 12 VDC, 2.5 A
* Full specs on [openwrt.org](https://openwrt.org/toh/hwdata/netgear/netgear_wndrmac_v1)
Flash Instructions
==================
It is possible to use the OEM Upgrade page to install the `factory`
variant of the firmware.
After the initial upgrade, you will need to telnet into the router
(default IP 192.168.1.1) to install anything. You may install LuCI
this way. At this point, you will have a web interface to configure
OpenWRT on the WNDRMAC v1.
Please use the `sysupgrade` variant for subsequent flashes.
Recovery Instructions
=====================
A TFTP-based recovery flash is possible if the need arises. Please refer
to the WNDR3700 page on openwrt.org for details.
Flash Instructions
==================
It is possible to use the OEM Upgrade page to install the `factory`
variant of the firmware.
After the initial upgrade, you will need to telnet into the router
(default IP 192.168.1.1) to install anything. You may install LuCI
this way. At this point, you will have a web interface to configure
OpenWRT on the WNDRMAC v2.
Please use the `sysupgrade` variant for subsequent flashes.
Recovery Instructions
=====================
A TFTP-based recovery flash is possible if the need arises. Please refer
to the WNDR3800 page on openwrt.org for details.
ath79: wndr3700 series: fix wifi range & throughput
This patch adds ar71xx's GPIO setup for the 2.4GHz and 5GHz antennae
demultiplexer:
| 158 /* 2.4 GHz uses the first fixed antenna group (1, 0, 1, 0) */
| 159 ap9x_pci_setup_wmac_gpio(0, (0xf << 6), (0xa << 6));
| 160
| 161 /* 5 GHz uses the second fixed antenna group (0, 1, 1, 0) */
| 162 ap9x_pci_setup_wmac_gpio(1, (0xf << 6), (0x6 << 6));
This should restore the range and throughput of the 2.4GHz radio
on all the derived wndr3700 variants and versions with the AR7161 SoC.
A special case is the 5GHz radio. The original wndr3700(v1) will
benefit from this change. However the wndr3700v2 and later revisions
were unaffected by the missing bits, as there is no demultiplexer
present in the later designs.
This patch uses gpio-hogs within the device-tree for all
wndr3700/wndr3800/wndrmac variants.
Notes:
Based on the PCB pictures, the WNDR3700(v1) really had eight
independent antennae. Four antennae for each radio and all of
those were printed on the circut board.
The WNDR3700v2 and later have just six antennae. Four of those
are printed on the circuit board and serve the 2.4GHz radio.
Whereas the remaining two are special 5GHz Rayspan Patch Antennae
which are directly connected to the 5GHz radio.
Hannu Nyman dug pretty deep and unearthed a treasure of information
regarding the history of how these values came to be in the OpenWrt
archives: <https://dev.archive.openwrt.org/ticket/6533.html>.
Mark Mentovai came across the fixed antenna group when he was looking
into the driver:
Fixes: FS#3088 Reported-by: Luca Bensi Reported-by: Maciej Mazur Reported-by: Hannu Nyman <hannu.nyman@iki.fi> Debugged-by: Hannu Nyman <hannu.nyman@iki.fi> Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This patch updates the ca-certificates and ca-bundle package.
This version changed the files directory again, to work/, so
PKG_BUILD_DIR was brought back.
A list of changes from Debian's change-log entry for 20200601 [0]:
* mozilla/{certdata.txt,nssckbi.h}:
Update Mozilla certificate authority bundle to version 2.40. Closes: #956411, #955038
* mozilla/blacklist.txt
Add distrusted Symantec CA list to blacklist for explicit removal. Closes: #911289
Blacklist expired root certificate, "AddTrust External Root" Closes: #961907
The following certificate authorities were added (+):
+ "Certigna Root CA"
+ "emSign ECC Root CA - C3"
+ "emSign ECC Root CA - G3"
+ "emSign Root CA - C1"
+ "emSign Root CA - G1"
+ "Entrust Root Certification Authority - G4"
+ "GTS Root R1"
+ "GTS Root R2"
+ "GTS Root R3"
+ "GTS Root R4"
+ "Hongkong Post Root CA 3"
+ "UCA Extended Validation Root"
+ "UCA Global G2 Root"
The following certificate authorities were removed (-):
- "AddTrust External Root"
- "Certinomis - Root CA"
- "Certplus Class 2 Primary CA"
- "Deutsche Telekom Root CA 2"
- "GeoTrust Global CA"
- "GeoTrust Primary Certification Authority"
- "GeoTrust Primary Certification Authority - G2"
- "GeoTrust Primary Certification Authority - G3"
- "GeoTrust Universal CA"
- "thawte Primary Root CA"
- "thawte Primary Root CA - G2"
- "thawte Primary Root CA - G3"
- "VeriSign Class 3 Public Primary Certification Authority - G4"
- "VeriSign Class 3 Public Primary Certification Authority - G5"
- "VeriSign Universal Root Certification Authority"
Bump to latest Git and refresh all patches in order to get fix for "UPnP
SUBSCRIBE misbehavior in hostapd WPS AP" (CVE-2020-12695).
General security vulnerability in the way the callback URLs in the UPnP
SUBSCRIBE command are used were reported (VU#339275, CVE-2020-12695).
Some of the described issues may be applicable to the use of UPnP in WPS
AP mode functionality for supporting external registrars.
Ref: https://w1.fi/security/2020-1/ Signed-off-by: Petr Štetiar <ynezz@true.cz>
Perry Melange [Sun, 26 Apr 2020 08:51:33 +0000 (10:51 +0200)]
ramips: erx and erx-sfp: fix missing WAN interface
This partially reverts commit 5acd1ed0be0d ("ramips: mt7621: fix
Ubiquiti ER-X ports names and MAC addresses"), this change was discussed
in https://github.com/openwrt/openwrt/pull/2901#discussion_r407238452
With commit 5acd1ed0be0d ("ramips: mt7621: fix Ubiquiti ER-X ports names
and MAC addresses"), all the ports were put into the LAN bridge, with
the argument that the OEM firmware does not have a WAN port enabled. In
the default OEM setup, all of the ports except eth0 are dead and eth0 is
set to a static IP address without providing DHCP services when
connected. It is only after the wizard has been run that eth0 becomes
the WAN port and all the rest of the ports belong to LAN with DHCP
enabled.
Having all of the ports set to the LAN bridge does not mirror the default
OEM setup. To accomplish that, then only eth0 would be in the LAN bridge.
But this is not the expected behaviour of OpenWrt.
Therefore this proposal to set eth0 to WAN and eth1-N to LAN provides
the expected behaviour expected from OpenWrt, maintains the current
documentation as up-to-date, and does not require the user to manually
detach eth0 from the LAN bridge, create the WAN(6) interface(s), and set
eth0 to the WAN(6) interface(s).
Fixes: 5acd1ed0be0d ("ramips: mt7621: fix Ubiquiti ER-X ports names and MAC addresses") Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com>
[commit subject and description tweaks] Signed-off-by: Petr Štetiar <ynezz@true.cz>
Joseph C. Lehner [Fri, 22 Mar 2019 14:19:54 +0000 (15:19 +0100)]
mkchkimg: use higher version code
This patch changes the version code of the image header
from `1.1.99_0.0.0.0` to `99.99.99_99.99.99.99`. This
is neccessary on some devices where the stock firmware
checks the version field, possibly preventing third-party
firmware from being installed.
Reviewed-by: Thibaut VARÈNE <hacks@slashdirt.org> Signed-off-by: Joseph C. Lehner <joseph.c.lehner@gmail.com>
projects / thirdparty / openwrt.git / log
