An opensource OpenWrt variant for mainland China users.
82686f6b00
This fixes 4 security vulnerabilities/bugs: - CVE-2021-2839 - SSLv2 vulnerability. Openssl 1.1.1 does not support SSLv2, but the affected functions still exist. Considered just a bug. - CVE-2021-2840 - calls EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. - CVE-2021-2841 - The X509_issuer_and_serial_hash() function attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it was failing to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. - Fixed SRP_Calc_client_key so that it runs in constant time. This could be exploited in a side channel attack to recover the password. The 3 CVEs above are currently awaiting analysis. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> |
||
|---|---|---|
| config | ||
| include | ||
| LICENSES | ||
| package | ||
| scripts | ||
| target | ||
| toolchain | ||
| tools | ||
| .gitattributes | ||
| .gitignore | ||
| BSDmakefile | ||
| Config.in | ||
| CONTRIBUTED.md | ||
| COPYING | ||
| feeds.conf.default | ||
| Makefile | ||
| README.md | ||
| rules.mk | ||
PROJECT IMMORTALWRT
The Core Source Code of ImmortalWrt
Welcome to our Telegram Group: @ctcgfw_openwrt_discuss.
How to make it
Minimum requirements
Linux with case sensitive
2G DDR2 RAM
2 CPU Cores (AMD64, 1.4Ghz)
25G disk space left
Has access to both ChinaNet & Internet
Install the necessary packages (for Ubuntu user)
sudo apt-get update -y
sudo apt-get full-upgrade -y
sudo apt-get install -y build-essential asciidoc binutils bzip2 gawk gettext git libncurses5-dev libz-dev patch unzip zlib1g-dev lib32gcc1 libc6-dev-i386 subversion flex uglifyjs git-core gcc-multilib g++-multilib p7zip p7zip-full msmtp libssl-dev texinfo libreadline-dev libglib2.0-dev xmlto qemu-utils upx libelf-dev autoconf automake libtool autopoint ccache curl wget vim nano python python3 python-pip python3-pip python-ply python3-ply haveged lrzsz device-tree-compiler scons antlr3 gperf intltool rsync
For mainland China & Ubuntu(16.04+) user, you may run the following command to setup quickly:
sudo bash -c "bash <(curl -s https://build-scripts.project-openwrt.eu.org/init_build_environment.sh)"
Clone the source
git clone -b openwrt-18.06 --single-branch https://github.com/immortalwrt/immortalwrt && cd immortalwrt
./scripts/feeds update -a && ./scripts/feeds install -a
For developer, you may use openwrt-18.06-dev branch instead of openwrt-18.06.
Configure your firmware
make menuconfig
Make it
make -j$(nproc) V=s
Tips
You'd better not use root to make it, or you may be not able to use.
Default login address: 192.168.1.1, username is root and password is password.