[PATCH v3] treewide: switch to HTTPS by default
Paul Spooren
mail at aparcar.org
Tue Aug 25 18:37:44 EDT 2020
From: Petr Štetiar <ynezz at true.cz>
As there is now wolfSSL included by default due to SAE/WPA3 we can
finally switch to TLS/SSL in other parts as well.
Tested-by: Paul Spooren <mail at aparcar.org>
Signed-off-by: Petr Štetiar <ynezz at true.cz>
[rebased, separate packages by newline and sort]
Signed-off-by: Paul Spooren <mail at aparcar.org>
---
changed in v2:
* replaced ca-certificates with ca-bundle package
changed in v3:
* removed README patch due to README.md introduction
* split packages by newlines rahter than spaces and sort to improve
readability
Partly fixes 20.x release goal: Improve security of ImageBuilder
https://openwrt.org/docs/guide-developer/releases/goals/20.xx
include/target.mk | 34 +++++++++++++++++++++++++++++++---
include/version.mk | 2 +-
2 files changed, 32 insertions(+), 4 deletions(-)
diff --git a/include/target.mk b/include/target.mk
index 6ed6565bda..aa405c3427 100644
--- a/include/target.mk
+++ b/include/target.mk
@@ -13,13 +13,41 @@ __target_inc=1
DEVICE_TYPE?=router
# Default packages - the really basic set
-DEFAULT_PACKAGES:=base-files libc libgcc busybox dropbear mtd uci opkg netifd fstools uclient-fetch logd urandom-seed urngd
+DEFAULT_PACKAGES:=\
+ base-files \
+ busybox \
+ ca-bundle \
+ dropbear \
+ fstools \
+ libc \
+ libgcc \
+ logd \
+ mtd \
+ netifd \
+ opkg \
+ uci \
+ uclient-fetch \
+ urandom-seed \
+ urngd
# For the basic set
DEFAULT_PACKAGES.basic:=
# For nas targets
-DEFAULT_PACKAGES.nas:=block-mount fdisk lsblk mdadm
+DEFAULT_PACKAGES.nas:=\
+ block-mount \
+ fdisk \
+ lsblk \
+ mdadm
# For router targets
-DEFAULT_PACKAGES.router:=dnsmasq iptables ip6tables ppp ppp-mod-pppoe firewall odhcpd-ipv6only odhcp6c kmod-ipt-offload
+DEFAULT_PACKAGES.router:=\
+ dnsmasq \
+ firewall \
+ ip6tables \
+ iptables \
+ kmod-ipt-offload \
+ odhcp6c \
+ odhcpd-ipv6only \
+ ppp \
+ ppp-mod-pppoe
ifneq ($(DUMP),)
all: dumpinfo
diff --git a/include/version.mk b/include/version.mk
index 7d3c1ad640..b7f42e13bb 100644
--- a/include/version.mk
+++ b/include/version.mk
@@ -32,7 +32,7 @@ VERSION_CODE:=$(call qstrip,$(CONFIG_VERSION_CODE))
VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),$(REVISION))
VERSION_REPO:=$(call qstrip,$(CONFIG_VERSION_REPO))
-VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),http://downloads.openwrt.org/snapshots)
+VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),https://downloads.openwrt.org/snapshots)
VERSION_DIST:=$(call qstrip,$(CONFIG_VERSION_DIST))
VERSION_DIST:=$(if $(VERSION_DIST),$(VERSION_DIST),OpenWrt)
--
2.25.1
More information about the openwrt-devel
mailing list