39c5635714 scripts: download.pl: retry download using filename

b77fabe01 Merge pull request #13911 from ja-pa/libexif-sec-19.07
e74565a0b libexif: update to 0.6.22
68eb1943c mwan3: add missing dependency
b038148cc mwan3: Remove fork/exec for head
c5d61945f haproxy: Update HAProxy to v2.0.19
5b3870890 php7: update to 7.2.34
2bd627ec7 Merge pull request #13828 from jgora/jgora
d1d53a3ac xtables-addons: Support IPTV Timeshift
05efc24fd youtube-dl: update to version 2020.11.1.1
5db211c62 youtube-dl: update to version 2020.9.20
7b1ac9283 youtube-dl: update to version 2020.9.14
3a61338ab bind: update to version 9.16.8
2331de4ec libftdi1: disable building documentation
73c7bcb63 libftdi1: Fix pkgconfig paths properly
82208ceca libftdi1: Apply pkgconfig fixes to libftdipp1 as well
58b6d0ee5 libftdi1: Partially add back InstallDev
55e7acc25 libftdi1: Remove faulty change from last patch
45e7e13dc libftdi1: Don't build examples
089699b1e tinyproxy: convert to procd
39ce33461 tinyproxy: update to 1.10.0
b07f752e7 nextdns: Update to version 1.8.8
99e77a716 openconnect: allow specify --protocol from config
37303e1f0 adblock: update 4.0.7-2
5dbbb7ebf adblock: update 4.0.7
0c9206469 zoneinfo: Updated to the latest release
a9162448c zoneinfo: Updated to the latest release
abcbc5e1c zoneinfo: Updated to the latest release.

2a8279c161 layerscape: Fix check after kernel update
ac5297340e kernel: bump 4.14 to 4.14.206
589c3cf4e0 ath79: remove wmac mtd-mac-address for UniFi AC family
2a3dbded93 feeds: add freifunk feed
ad3c2b9736 ath79: use correct firmware name for UniFi AP
84ae238324 ramips: fix logic level for DIR-645 buttons
c25e3275ac ath79: fix LED labels for PowerCloud CAP324
78c4c04dd7 uci: Backport security fixes
3af9c5fefd uboot-envtools: mvebu: fix config for mainline u-boot
7fbee0c7b2 mvebu: Add bootscript for espressobin to support mainline firmware
14903d9d8c kernel: bump 4.14 to 4.14.202
03a029745f firmware: intel-microcode: update to 20200616
95d60bf881 firmware: amd64-microcode: update to 20191218
dda5e3db19 firewall: options: fix parsing of boolean attributes
7dd822983b kernel: bump 4.14 to 4.14.201
aee081e62e oxnas: fix qc_prep return in sata driver after kernel 4.14.200
6696fddfd9 mac80211: do not allow bigger VHT MPDUs than the hardware supports
9c718b5478 kernel: bump 4.14 to 4.14.200
b21bea7b1b ath79: ar8216: make switch register access atomic
891022918d scripts: getver.sh: fix version based on stable branch
8076fb59ab openssl: bump to 1.1.1h
f4286d7bc2 ath79: fix rssi-low LED for My Net Range Extender
d82e6a2f10 kernel: Update to version 4.14.199
86b44028e2 comgt: fix hotplug event handling
34a9652904 Revert "ramips: ethernet: fix to interrupt handling"

Build-tested: x86-64, ath79-generic, ipq40xx-generic

Merge v2020.2 tag into master

docs: reference weather radar map for europe for outdoor_chanlist

Gluon v2020.2

The map is generated from EUMETNET data, it's source code can be
found at https://gitlab.com/aaaaalbert/wxr-channel-map.

CPU: 750 MHz QCA9563
Flash: 8 MB
RAM: 64 MB
Radio 1: Qualcomm Atheros QCA9563 (b/g/n)
Radio 2: Qualcomm Atheros QCA9887 (a/n/ac)

Use a manifest alias for the autoupdater image string of the Netgear
EX3700 / EX3800. This way, no unnecessary symlink is created and the
autoupdater functionality is preserved.

02b4dbf (HEAD -> openwrt-19.07, origin/openwrt-19.07) Merge pull request #620 from ecsv/batadv-for-19.07
59e8d5f batctl: Merge bugfixes from 2020.4
6859689 batman-adv: Merge bugfixes from 2020.4

Compile-tested: x86-64
Run-tested: x86-64 (QEMU)

github: add workflow for checking patch status

Add a workflow to verify all patches to OpenWrt and the packages feeds
are refreshed. If they are not, the workflow fails.

Gluon v2020.2.x uses fastd v19, so we keep that in a separate patch. The
fastd memory leak fix from v18 is not removed in this patch anymore, as
the fix is needed for v19 as well.

The v20 and v21 patches are squashed into one, as they aren't backports
anymore after the rebase onto current openwrt-19.07.

fastd: update to v21

a2673dc53 fastd: fix buffer leak when receiving invalid packets
51bf00834 logrotate: update to version 3.17.0
8715cef64 logrotate: update to 3.16.0
acb77d5be python3: Update to 3.7.9, refresh/remove backported patches
4af889f20 travelmate: bugfix single radio mode
cb3bab180 netdata: update to version 1.26.0
70bb0b4c8 bind: update to version 9.16.7
d05698fae freeradius3: move "release_" from PKG_VERSION
93360e625 freeradius3: add meta-package for default modules
2f7338b62 python-urllib3: update to version 1.25.10 (security fix)
50a67ed74 nextdns: Update to version 1.8.6
b48575ef4 chrony: update to 3.5.1
35e6986a0 nextdns: mark /etc/config/nextdns as configuration file
418e3b294 simple-adblock: config update file fix
9ac587ca8 libuv: update to 1.40.0
613d21085 nano: update to 5.3
992746571 btrfs-progs: update to version 5.7
cedba1ca2 btrfs-progs: update to version 5.6
25b2751f8 python-pytz: update to 2019.03
f3b424139 adblock: refresh blocklist sources
ec628b10d syslog-ng: bump version in config file
d0a74afad syslog-ng: tweak shell code of network_localhost little bit
f705a5a93 python-sentry-sdk: Update to version 0.12.3
2976a5a0e haproxy: Update HAProxy to v2.0.18
eec7bd646 tor: update to version 0.4.4.5
91af4cf72 mariadb: Update to the latest version from 10.2 branch
9461ae47a Werkzeug: Update to version 0.16.0
f9d9ae8c8 Flask: update to version 1.1.2
4a833e3a8 Flask: Update to version 1.1.1
a4534f160 gstreamer1: enable build options necessary for most applications
8a71cdd6a python-ifaddr: update to version 0.1.7
05ea7dfc6 nextdns: Update to version 1.8.5
9069ad925 ipmitool: fix CVE-2020-5208
826fc8921 nextdns: Update to version 1.8.4
ac7f78285 openconnect: updated to 8.10 to address CVE-2020-12823
3f0e26637 python-zeroconf: update to version 0.28.0
fe7ceaa65 python-zeroconf: update to version 0.24.4
49459505e mwan3: fix typo in mwan3_set_sticky_iptables
cae961784 ocserv: include ocserv-worker
2af61c9a4 vpnbypass: README update, code cleanup
b00feac4b ocserv: updated to 1.1.1
c614914da miniupnpd: add miniupnpd ipv6_disable option, #11971 close
70e57317b simple-adblock: add config auto-update feature
94866d76a collectd: update to 5.12.0
b60fa2de9 collectd: update PKG_RELEASE
aeefbbe34 collectd: remove quotation on interval this is an number
b0ad32a3e collectd: move include line
fbe7abcd5 collectd: update PKG_RELEASE
f53b79ced collectd: fix ubi data source type
67a403bfe collectd: add ubi uci and plugin info
37335cf65 collectd: enable ubi plugin

Some newer MT7628 based routers (notably the TP-Link Archer C50 v4) are
shipped with a chip-id of 0x7600 in the on-flash EEPROM. Add this as a
possible valid ID.

This fixes unstable WiFi on some units of the TP-Link Archer C50 v4.

build: improve refreshing patches

kernel: bridge: Implement MLD Querier wake-up calls / Android bug workaround

Implement a configurable MLD Querier wake-up calls "feature" which
works around a widely spread Android bug in connection with IGMP/MLD
snooping.

Currently there are mobile devices (e.g. Android) which are not able
to receive and respond to MLD Queries reliably because the Wifi driver
filters a lot of ICMPv6 when the device is asleep - including
MLD. This in turn breaks IPv6 communication when MLD Snooping is
enabled. However there is one ICMPv6 type which is allowed to pass and
which can be used to wake up the mobile device: ICMPv6 Echo Requests.

If this bridge is the selected MLD Querier then setting
"multicast_wakeupcall" to a number n greater than 0 will send n
ICMPv6 Echo Requests to each host behind this port to wake
them up with each MLD Query. Upon receiving a matching ICMPv6 Echo
Reply an MLD Query with a unicast ethernet destination will be sent
to the specific host(s).

Link: https://issuetracker.google.com/issues/149630944
Link: https://github.com/freifunk-gluon/gluon/issues/1832



Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>

* ar71xx-generic: only create manifest alias for Rocket M5

This follow up the discussion done in #2070 by not  creating a symlink
for the Rocket M5. Images for the Rocket M2 can still be flashed on a
Rocket M5.

This change will prevent the Rocket M5 from appearing in Firmware
selectors. Existing devices will still receive updates, as the device
name is still referenced for the device name expected by the M5.

Closes #2070

* docs: remove Rocket M5 from supported devices

Fixes #2113

Specifications:
* SoC: MT7620A
* RAM: 64 MB DDR
* Flash: 8MB NOR SPI flash
* WiFi: MT7612E (5Ghz) and builtin MT7620A (2.4GHz)
* LAN: 1x100M

The -factory images can be flashed from the device's web
interface or via nmrpflash.

Both devices differ by a additional power outlet for the EX3800.
This patch has been tested on a EX3800 device.

03425a0d2 zmq: fix compilation when libbsd is present
8bb1d13a9 pigeonhole: update to 0.5.11
86da3bbeb zmq: update to version 4.3.3 (security fix)
e72b47469 zmq: fix the installed files
48339ba10 zmq: fix pkgconfig file
ef30f8bf8 zmq: update to 4.3.2
a7d129fc2 zmq: switch to building with CMake
a4cbd04df libxml2: patch security issues
207660987 net/u2pnpd: convert init to procd
2d410422c freeradius3: fix hostname invocation in radtest
066ac0392 freeradius3: enable radtest utility
338fa663c samba4: update to 4.11.12
399e1a0bf youtube-dl: update to version 2020.9.6
7825df65f msmtp: update to version 1.8.12
eb8130508 dovecot: disable zstd
538647a26 syslog-ng: update to version 3.29.1
473ca554f php7: update to 7.2.33
62171036b nextdns: Update to version 1.8.3
953de3ca8 gnutls: update to version 3.6.15 (security fix)
d515d9c35 dovecot: update to version 2.3.11.3 (security fix)
a2634c264 nextdns: Update to version 1.8.2
1cf41a88c python-rsa: downgrade to version 4.5 for python2
54847cc7c unbound: improve odhcpd rapid update robustness
d17720f04 htop: update to 3.0.1-1
d953d80bf htop: update to 3.0.0-1
af4cd94a2 htop: fix compilation with GCC10
7af8eaad1 python-rsa: update to version 4.6 (security fix)
8b0457c55 knot: update to version 2.9.6
f2edf8c53 git: update to version 2.26.2 (security fix)
99d0878d0 python,python3: Use locked for host pip
791e0bc76 nano: update to 5.2
3c6b45ab3 clamav: update to version 0.102.4 (security fix)
0202fdc27 clamav: update to version 0.102.3 (security fix)
c5c0e2e33 clamav: update to 0.102.2
9700cea70 bind: New upstream version 9.16.6
256a631d9 bind: update to 9.16.4
ac79fde24 simple-adblock: bugfix: update config; use command -v
4e1bfa748 nspr: update to version 4.27
120ff2c63 nspr: nspr add -flto to compile
847ed6e0f nspr: fix compilation with newer musl
2f58b610d nspr: update to 4.25
fab10b8df nss: update to version 3.55 (security fix)
7c3b05d33 nss: update to 3.53
46d315d31 nss: fix build for mips64 disable arm32_neon on unsupported target
638b1642e nss: revert -flto change it seems that it can lead to segfault in libfreebl3.so
be95fcb78 nss: add -flto and makefile cleanup
f0e6ceff3 nss: update to 3.52
e5d732722 nss: update to 3.51.1
e713f74b7 nss: update to 3.51
d2efcd926 nss: update to 3.50
6a3d05272 nss: update to 3.49.2
5e371c2d5 libffi: fix build failure on powerpc platforms
0413252f3 libffi: update to 3.3
70faa62f3 libffi: do not build in a special directory
9ec9bea25 net/mosquitto: Update to 1.6.12
2f7867074 python3: fix rebasing error
769d51fa9 python: fix host compilation with clang
37857a3f2 python3: fix host compilation with clang
b28c614d3 lvm2: fix CE in mac

The performance benefit the cache brought was due to a broken sources
CDN mirror handling in OpenWrt.

The cache brings no measurable performance benefit. Disable it to slim
down the pipeline steps.

* gluon-core: remove obsolete file 100-core-reset-sysctl

* gluon-core: remove obsolete cleanup line

* gluon-client-bridge: remove obsolete cleanup line

This renames the local_client zone to loc_client, as local_clint exceeds
the maximum zone length allowed for firewall3, which is 11 bytes.

This worked previously due to firewall3 using unsafe string operations.
Now creation of the chain fails (latest OpenWrt master).

29b4104d69 OpenWrt v19.07.4: revert to branch defaults
d5810aa613 OpenWrt v19.07.4: adjust config defaults
ce6496d796 ath10k-ct-firmware: update firmware images
b72077150d ath10k-ct-firmware: update firmware images
ddc2af4505 ath10k-firmware: move CT firmwares to new package
a43a39f531 ath10k-firmware: update ath10k-ct firmware images
4b8a5bdc83 ath10k-firmware: update ath10k-ct firmware
e4b47e12cb ath10k-firmware: update Candela Tech firmware images
7ac454014a ramips: ethernet: fix to interrupt handling
f5afa593e7 hostapd: Fix compile errors after wolfssl update
403039c562 wolfssl: Update to version 4.5.0
dc61110adc wolfssl: use -fomit-frame-pointer to fix asm error
ad38a2ae61 wolfssl: update to 4.4.0-stable
0d35fcbff0 mbedtls: update to 2.16.8

2d7ea69dd3 mac80211: Fix potential endless loop
5a1e4a7fdb oxnas: reduce size of ATA DMA descriptor space
19b8696dd7 mbedtls: update to 2.16.7
a2a75c21bd kernel: Update kernel 4.14 to version 4.14.195
8b0278a17e ath79: add support for TP-Link TL-WR710N v2.1
33973a90dc tools/tplink-safeloader: use soft_ver 1.9.1 for archer c6 v2
fce5101469 tplink-safeloader: update soft_ver for TP-Link Archer C6 v2 (EU)
350883bb90 Revert "scripts/download: add sources CDN as first mirror"
d8ecaef409 generic: platform/mikrotik: fix incorrect test
008db6b970 ath79: enable gpio on ar933x by default
3df63fba70 ath79: fix syntax error in ar7240_tplink_tl-wa.dtsi
be09fdbf36 ath79: ar724x: make sure builtin-switch is enabled in DT
5d3e5d6ccc ath79: WNR612v2: improve device support
fba9a88821 ath79: add LAN LEDs control bits for AR724x GPIO function pinmux

Fix two feature handling bugs

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>