In collaboration with @dangowrt the server makes use of `ucert`. Active
workers sign created firmware and clients check if the signature is
valid. Certs of *hacked* or inactive workers can be revoked. Private CA
key is **not** stored on the upgrade server.
Only for devices already supporting ucert via firmware metadata.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Drop pre-ucert signature verification.
HTTPS is optional now as integrity can also be provided using ucert.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This version contains NVME fixes.
Edited the patches to modify the package Makefile directly so as to reduce
hacks in the OpenWrt Makefile.
Added LTO support to lower filesize by ~4KB.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Add new package,
open-vm-tools is Open Virtual Machine Tools for VMware guest OS
tested: OpenWrt master and 18.06.2 (x86_64) on ESXi 6.5, 6.7
Signed-off-by: Yuhei OKAWA <tochiro.srchack@gmail.com>
This program has been created to aid open source spectrum analyzer
development for Qualcomm/Atheros AR92xx and AR93xx based chipsets.
Find more information about the package here:
https://github.com/simonwunderlich/FFT_eval
This package is used in LibreMesh, however our CI doesn't support
multiple architecures as all LibreMesh code is lua. Adding this package
to the official repos allows us to offer it in our tool chain.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Remove LTO. It causes an increase in size.
Remove fsck.btrfs. It's just a script that says to run btrfs check.
Replace INSTALL_BIN with CP to avoid copying what should be a symlink.
Install libbtrfsutil. This is needed by a few of the tools.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
By default the database of the known drives is compiled into smartctl and smartd.
These tools also support loading external database from /usr/share/smartmontools/drivedb.h.
This changeset splits moves the database to a separate package
which allows to save some flash space and RAM for those for whom
generic S.M.A.R.T. attributes are enough.
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
Move non-essential utilities which depend on glib2, ncurses and readline
to a separate package in order to reduce the footprint on devices with
limited storage.
Signed-off-by: Jeremy Begg <JBegg@suntrix.com.au>
Added -Wl,--gc-sections for smaller size.
Removed TARGET_CFLAGS as there is no difference in size.
Added PKG_BUILD_PARALLEL for faster compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This replaces the use of uci_validate_section() with
uci_load_validate(), which removes the need to declare local variables
for every config option.
This also fixes some space-indented lines to use tabs.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
simple package to manipulate gpio pins via the web interface. This was
tested on a UBNT EdgePing R6 turining on and off the 4 PoE ports
(496-500).
Signed-off-by: Paul Spooren <mail@aparcar.org>
This replaces the use of uci_validate_section() with
uci_load_validate(), which removes the need to declare local variables
for every config option.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This replaces the use of uci_validate_section() with
uci_load_validate(), which removes the need to declare local variables
for every config option.
This also adds a service_triggers() function.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The shared library does not depend on libatomic nor libstdcpp anymore.
This is very good news for the users of said lib.
This commit updates the depends accordingly.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This replaces the use of uci_validate_section() with
uci_load_validate(), which removes the need to declare local variables
for every config option.
This also adds a service_triggers() function.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This replaces the use of uci_validate_section() with
uci_load_validate(), which removes the need to declare local variables
for every config option.
This also adds a service_triggers() function and removes some
unnecessary curly brackets.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
While researching CircleCI build failures, I came across a linking error
relating to liblzma, where ld instructs to recompile with fPIC.
Unfortunately, this increases filesize. Added some configure flags to try
to mitigate is somewhat.
Removed maintainer as he is no longer active.
Added PKG_CPE_ID for proper CVE tracking.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
OpenSSL is only used for hashing while being a huge dependency (689.4KB
for mips_24kc.
Cryptsetup also supports and recommends argon2 for hashing, which is not
provided by OpenSSL.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Add several configure arguments to speed up build time.
Switch from using libgcrypt to using the kernel directly.
This has a number of benefits including smaller size and faster speed. It
also allows selection of desired crypto primatives instead of having all
of them.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Otherwise one gets a failure if the libraries (e.g. Python
header file) exist in the build system. Worse in some cases
is host headers being found if one doesn't specifically
disable a library search in autotools. It is especially
important that Python is disabled by default.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
50-client.cnf is used by the client library, so it should be installed
with the library. This commit moves the configuration file to the
correct package and updates its depend (50-client.cnf is sourced by
my.cnf from mariadb-common).
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
The libelf1 source package has been renamed to libelf in OpenWrt base,
adjust the dependency in "at" accordingly.
There are no functional changes and no changes in the resulting binary.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The libelf1 source package has been renamed to libelf in OpenWrt base,
adjust the dependency in avrdude accordingly.
There are no functional changes and no changes in the resulting binary.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>