Commit Graph

1422 Commits (091284ff0b9749023fe2005e3af93e3a7719156f)

Author SHA1 Message Date
Steven Barth 63ef3540d1 odhcpd: unsolicited unicast RAs + fix NDP-relay
odhcpd now sends unsolicited RAs also via unicast to known link-local
neighbors. This is an attempt to work-around common smartphone issues
https://code.google.com/p/android/issues/detail?id=32662

Also NDP-relay should now work more reliably now

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46357
2015-07-14 09:12:29 +00:00
Steven Barth a06c1c810e odhcp6c: fix some more compatibility issues
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46335
2015-07-13 21:51:38 +00:00
Steven Barth fab6209f71 odhcp6c: work-around more ISP DHCPv6-PD issues
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46317
2015-07-13 14:17:38 +00:00
Felix Fietkau 1c8148a858 ebtables: fix miscompilation on 64bit targets
The musl build "fix" introduced in r45108 removed all netinet/ether.h
includes, which made the prototypes of ether_aton and ether_ntoa
unavailable. As a result, the compiler assumed they return int instead
of a pointer. This currupted the pointer on 64bit targets, causing ebtables
to segfault in commands containing MAC addresses.

Since r46161 made it possible to include both the kernel and the libc
if_ether.h as long as the libc version is included first, this patch
changes the fix to remove the linux/if_ether.h from the ebtables source
(so the fixed version from the kernel is used) and ensures netinet/ether.h
is included early.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>

SVN-Revision: 46292
2015-07-10 11:36:49 +00:00
Felix Fietkau 7a04fd0e3a swconfig: swlib.c: Fix another memleak
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>

SVN-Revision: 46275
2015-07-08 15:59:38 +00:00
John Crispin 657300d418 comgt: make ncm proto work via wwan proto
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 46272
2015-07-08 14:26:04 +00:00
John Crispin 5da98f3478 swconfig: swlib.c: free name and description of attributes
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

SVN-Revision: 46232
2015-07-07 13:46:16 +00:00
John Crispin 294907aa3a swconfig: swlib.c: free portmaps in swlib_free()
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

SVN-Revision: 46231
2015-07-07 13:46:05 +00:00
John Crispin 2b9bdf4d6f swconfig: swlib.c: remove const qualifier for val.s since this is supposed to be free'd
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

SVN-Revision: 46230
2015-07-07 13:45:56 +00:00
John Crispin 08d4d4921d swconfig: swlib.c: free device name and alias
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

SVN-Revision: 46229
2015-07-07 13:45:44 +00:00
Steven Barth 59f5eefe8c dnsmasq: Add sequential_ip UCI parameter
When enabled the dnsmasq DHCP server allocates the IP addresses sequentially
starting from the lowest available IP address.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 46211
2015-07-07 08:13:22 +00:00
Steven Barth c5c819c494 dnsmasq: enable extra tracing by default when UCI parameter logqueries is set
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 46210
2015-07-07 08:13:16 +00:00
Hauke Mehrtens 97b14fd700 curl: update curl to version 7.43.0
This brings curl to version 7.43.0 and contains fixes for the following
security vulnerabilities:

CVE-2015-3236: lingering HTTP credentials in connection re-use
http://curl.haxx.se/docs/adv_20150617A.html

CVE-2015-3237: SMB send off unrelated memory contents
http://curl.haxx.se/docs/adv_20150617B.html

The 100-check_long_long patch is not needed any more, because the
upstream autoconf script already checks for long long when cyassl is
selected.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46169
2015-07-03 23:21:01 +00:00
Felix Fietkau a9c39a27b5 mdns: fix ubus wait_for command
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46156
2015-07-02 11:26:12 +00:00
Steven Barth a742fcaf3b netifd: add mtu6 option to override IPv6 MTU
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46135
2015-06-29 06:47:19 +00:00
Jonas Gorski 518ab154e0 xtables-addons: disable for kernel 4.1 for now
Netfilter APIs have changed, so the code requuires updates to compile
successfully.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 46111
2015-06-22 12:27:38 +00:00
Steven Barth 23633249c8 ppp: honor LDFLAGS
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46068
2015-06-19 17:07:11 +00:00
Steven Barth 539d02eb0b iproute2: honor LDFLAGS
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46064
2015-06-19 13:30:18 +00:00
Steven Barth 3cb3da9556 linux-atm: add PKG_FIXUP
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46037
2015-06-18 11:10:46 +00:00
Felix Fietkau 63cb31d9ec openvpn: bump to 2.3.7.
Two patches are dropped as they were already applied upstream.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 46027
2015-06-18 06:41:49 +00:00
Matteo Croce 1090df82be ltq-vdsl-app: build fix for MUSL
SVN-Revision: 46006
2015-06-16 21:43:26 +00:00
Steven Barth 54bbebc633 Update dnsmasq to v2.73.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>

SVN-Revision: 45988
2015-06-15 08:10:59 +00:00
Felix Fietkau 7afbd4fc36 openvpn: bump PKG_RELEASE.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 45962
2015-06-14 17:41:54 +00:00
Felix Fietkau 2c9fbdf0bc openvpn: let instances drop to nobody in default config.
This is for security precautions.  As persist_tun and persist_key are
already there, this should not cause compatibility issue.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 45961
2015-06-14 17:41:43 +00:00
Felix Fietkau 3f726e7b2e openvpn: fix handling option auth_retry.
As reported in ticket #19104, auth_retry takes a <type> argument with 3
choices: none, nointeract, interact.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 45960
2015-06-14 17:41:38 +00:00
Felix Fietkau 32055c0833 samba36: remove host build paths
- fix iconv detection because it adds host paths
- disable python detection (host python-config is found)

iconv issue is reported by buildbot config.log + replicated locally
see config.log in logs.tar.gz
python issue observed locally on Arch Linux

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>

SVN-Revision: 45953
2015-06-14 17:40:52 +00:00
Steven Barth cd89dbd91d ppp: bump PKG_RELEASE
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45949
2015-06-12 07:38:00 +00:00
Steven Barth 48a95eff38 ppp : Unnumbered support
Adds PPP unnumbered support via the parameter unnumbered which points to a logical OpenWRT interface.
The PPP proto shell handler will "borrow" an IP address from the unnumbered interface (if multiple
IP addresses are present the longest prefix different from 32 will be "borrowed") for which a host
interface dependency will be created. Due to the host interface dependency the PPP unnumbered interface
will only "borrow" an IP address from an interface which is up.
The borrowed IP address will be shared as local IP address by the PPP daemon and no other local IP
will be accepted from the peer in the IPCP negotiation.

A typical use case is the usage of a public IP subnet on the Lan interface which will be shared
by the PPP interface as local IP address.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 45948
2015-06-12 07:37:53 +00:00
Steven Barth 4734c4459b odhcp6c: work around RIOs matching PIOs as sent by some apple routers
Thanks to Mikael Abrahamsson for reporting.

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45941
2015-06-10 15:54:24 +00:00
Steven Barth 908b9065bb 6to4: Remove sourcerouting parameter registration
Commit 31214c38c8dd0f70366b523f9b0335145b9386bd removes IPv6 unneeded source-dest-routing workarounds;
as a result sourcerouting parameter is unused and can be removed.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 45940
2015-06-10 11:50:13 +00:00
Steven Barth 66f9d344b1 6rd: Remove sourcerouting parameter registration
Commit 31214c38c8dd0f70366b523f9b0335145b9386bd removes IPv6 unneeded source-dest-routing workarounds;
as a result sourcerouting parameter is unused and can be removed.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 45939
2015-06-10 11:50:09 +00:00
Steven Barth e23052ab74 map: add sleep work-around for lw4o6 race-condition
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45936
2015-06-09 21:18:55 +00:00
Steven Barth 2fed0fffe1 odhcp6c: fix handling of custom DHCPv6 options
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45935
2015-06-09 20:28:35 +00:00
Steven Barth ebfe8d8b08 netifd: bump to latest, various fixes
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45926
2015-06-08 11:04:10 +00:00
Steven Barth 73fb57ada4 dnsmasq: bump to 2.73rc9
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45924
2015-06-08 04:48:16 +00:00
Steven Barth c6a6f75436 dnsmasq: fix config file typo
s/loclal/local/

Signed-off-by: Jonathan McCrohan <jmccrohan@gmail.com>

SVN-Revision: 45923
2015-06-08 04:48:08 +00:00
Felix Fietkau ecaacad14d hostapd: move ht_coex variable to mac80211.sh, guarded by 802.11n support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45917
2015-06-06 23:09:43 +00:00
Hauke Mehrtens 5621a56d25 ppp: fix download URL
The file is not available at the older path any more.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 45910
2015-06-06 13:50:00 +00:00
John Crispin 281cb95a9d lldpd: add option to disable custom TLVs
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

SVN-Revision: 45884
2015-06-03 13:59:14 +00:00
Felix Fietkau 91467cec6f hostapd: add a new option to control HT coexistance separate from noscan
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45873
2015-06-02 08:39:19 +00:00
Steven Barth 09ad0ae4bd odhcp6c: silence fw3 warnings
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45867
2015-06-01 08:31:13 +00:00
Jo-Philipp Wich 570790173d iwinfo: fix segfault in mtd parsing code (#19768)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45863
2015-06-01 04:31:45 +00:00
John Crispin 2bc9e8e50c lldpd: disable xml explicitly
This prevents auto-detection of libxml2 and thus the error:
Package lldpd is missing dependencies for the following libraries:
libxml2.so.2

Preventing a dependency to libxml2 is preferred, since libxml2
would be a out-of-(core-)tree dependency.

Reported-by: Buildbot
Signed-off-by: Michael Heimpold <mhei@heimpold.de>

SVN-Revision: 45859
2015-05-31 17:46:09 +00:00
Jo-Philipp Wich 531a7e469a uhttpd: use 307 for HTTPS redirections to retain request method
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45853
2015-05-30 21:14:33 +00:00
Jo-Philipp Wich 4f58248a7d uhttpd: add support for enforcing https
Also set HTTPS environment variable for CGI programs on SSL connections.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45852
2015-05-30 20:55:14 +00:00
Jo-Philipp Wich be16b184e2 uhttpd: inhibit chunked transfer encoding for static file responses
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45850
2015-05-30 14:05:40 +00:00
Jo-Philipp Wich 8df45565e9 lldpd: update to v0.7.15 and add support for parsing /etc/openwrt_release
Also drop superseded patches.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45810
2015-05-28 16:19:38 +00:00
Steven Barth a28470a3cc map: add support for lw4o6 address matching, minor optimizations
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45770
2015-05-26 14:36:20 +00:00
Steven Barth e6f9641df1 netifd: fix and optimize ipv6 onlink-route handling
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45768
2015-05-26 12:48:12 +00:00
Jo-Philipp Wich 5e5c0edd7e iwinfo: fix hostapd status query (#19662)
* Rework hostapd and wpa_supplicant status parsing code
 * Add support for querying available HT rates
 * Relax definition of restricted channels

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45766
2015-05-26 11:50:04 +00:00
Jo-Philipp Wich 35497a0400 firewall: link iptables extensions dynamically
Use shared libipt{,4,6}ext.so libraries instead of statically linking
the userspace matches into the fw3 executable.

As a side effect the match initialization is extremely simplified
compared to the weak function pointer juggling performed before.

This also fixes the initialization of the multiport match.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45764
2015-05-26 11:11:48 +00:00
Jo-Philipp Wich 1c00b6bc7f iptables: reduce binary size
* drop unused lenient restore patch
 * instead of statically linking core extensions, build shared libraries
   for reuse in fw3
 * strip outdated match revisions and aliases to trim down library size

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45758
2015-05-26 09:16:50 +00:00
Felix Fietkau 27aada7658 ppp: do not warn if connect() before close() on pppoe terminate fails (fixes #19651)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45755
2015-05-26 07:02:49 +00:00
Felix Fietkau 4eeeb91661 netifd: bump to current HEAD
This introduces a new config parameter "no-proto-task" useful for
xl2tpd.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 45748
2015-05-25 21:15:31 +00:00
John Crispin 841b50a665 comgt: the package contained too many files
fixes #19698

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45741
2015-05-23 15:29:46 +00:00
John Crispin a2d0d58a8e conntrack-tools: add init script for conntrackd
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 45737
2015-05-23 15:28:56 +00:00
Jonas Gorski 5caa23551e ds-lite: fix resolve retry for fqdn peeraddrs
If the first resolveip call will fail, peeraddr will be now empty, and
the subsequent resolveip call will try to resolve an empty string.

Fix this by storing the result in a temporary variable.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 45712
2015-05-22 10:24:30 +00:00
Steven Barth 8304c0c04d odhcpd: fix DHCPv6 downstream PD
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45707
2015-05-21 15:07:54 +00:00
Steven Barth 241dbffcf9 netifd: improve IPv6 onlink-route handling
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45701
2015-05-19 09:01:34 +00:00
Steven Barth 08f057c703 ipv6: remove now unneeded source-dest-routing workarounds
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45700
2015-05-19 07:53:08 +00:00
Steven Barth 51d97db185 dnsmasq: bump to dnsmasq2.73rc8 Important.
Bump dnsmasq to v2.73rc8

Important - fixes remotely exploitable buffer overflow introduced in all v2.73 test/release candidates.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>

SVN-Revision: 45693
2015-05-17 08:06:45 +00:00
Steven Barth 1ffe824e81 map: set ealen to psidlen for lw4over6
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45689
2015-05-16 10:12:15 +00:00
Steven Barth 356a9f0280 odhcp6c: fix parsing of LW4over6 parameters
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45688
2015-05-16 07:29:42 +00:00
Steven Barth a11d2f1cb2 odhcpd: ignore /64 on interface when doing PD
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45679
2015-05-13 12:31:06 +00:00
Steven Barth e9999a7168 odhcpd: remove invalid call to free()
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45675
2015-05-11 19:49:03 +00:00
Felix Fietkau 53a5647414 ppp: remove the persist option, netifd handles reconnects
Significantly reduces reconnect delay

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45654
2015-05-09 21:14:46 +00:00
Felix Fietkau bf84a53f9b netifd-dhcp: supply parameters to user-script
hand over parameters to user-script e.g. $1=deconfig

Signed-off-by: Leon George <leon@georgemail.de>
Signed-off-by: Christian Mehlis <christian@m3hlis.de>

SVN-Revision: 45626
2015-05-08 10:44:19 +00:00
Felix Fietkau 06556a8e6b hostapd: fix remote denial of service vulnerability in WMM action frame parsing
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45619
2015-05-06 09:45:39 +00:00
Felix Fietkau 1f689613b6 iptables: disable unused xml support to save some space
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45617
2015-05-06 00:59:41 +00:00
Felix Fietkau a503023ec2 hostapd: enable 802.11w only for the full variants
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45616
2015-05-06 00:59:36 +00:00
Steven Barth d534883a52 firewall: Allow IGMP and MLD input on WAN
The WAN port should at least respond to IGMP and MLD queries as
otherwise a snooping bridge/switch might drop traffic.

RFC4890 recommends to leave IGMP and MLD unfiltered as they are always
link-scoped anyways.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>

SVN-Revision: 45613
2015-05-05 13:22:41 +00:00
Felix Fietkau 632ba15a56 curl: replace polarssl run-time version check with a compile-time one
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45609
2015-05-05 10:12:49 +00:00
Felix Fietkau 5533a67e3a openvpn: replace polarssl run-time version check with a compile-time one
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45608
2015-05-05 10:09:16 +00:00
Jo-Philipp Wich a28deda590 openvpn: disable CBC record splitting in PolarSSL/mbedTLS (#19101)
OpenVPN assumes that its control channel messages are sent and received
unfragmented, this assumption is broken when CBC record splitting is
enabled in mbedTLS.

The record splitting is intended as countermeasure against BEAST attacks
which do not apply to OpenVPN, therefore we simply disable it until
upstream OpenVPN gains the ability to process fragmented control
messages.

Disabling the splitting also works around a (not remotely triggerable)
segmentation fault in mbedTLS.

References:

 * https://dev.openwrt.org/ticket/19101
 * https://community.openvpn.net/openvpn/ticket/524
 * https://github.com/ARMmbed/mbedtls/pull/185

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 45602
2015-05-04 08:49:21 +00:00
Steven Barth a132313238 dhcp: add option specifying overriding custom-routes
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45594
2015-05-02 07:44:55 +00:00
Steven Barth 58f7d9676b map: shorten autogenerated sub-interface names to account for limits
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45590
2015-04-30 12:43:46 +00:00
Steven Barth fc84123c2f dnsmasq: bump to 2.73rc7
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45587
2015-04-29 07:19:24 +00:00
Steven Barth 4fb99ec22f odhcpd: Remove prefix class config option as not supported anymore by odhcpd
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 45586
2015-04-28 14:58:54 +00:00
Steven Barth 64aa0929b9 odhcp6c: Fix white space errors
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 45585
2015-04-28 14:57:52 +00:00
Steven Barth 62e7f07615 dnsmasq: bump to 2.73rc6
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45572
2015-04-23 13:05:15 +00:00
Felix Fietkau eba659cbba hostapd: backport fix for CVE-2015-1863, refresh patches
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45567
2015-04-23 08:01:51 +00:00
Nicolas Thill 05d28c47e8 hostapd: mark wpa-supplicant & wpad-mesh as broken on uml
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 45561
2015-04-22 15:36:00 +00:00
John Crispin f03226afe7 uqmi: auto retry when bringup fails
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45556
2015-04-21 13:18:46 +00:00
John Crispin acf74d9b6a umbim: auto retry when bringup fails
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45555
2015-04-21 13:18:40 +00:00
Felix Fietkau fe14e2a674 netifd: update to the latest version, fixes retry when proto handlers exit without changing the state
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45550
2015-04-21 12:11:07 +00:00
Steven Barth c6cd1f1632 odhcpd: minor fixes
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45539
2015-04-21 07:45:49 +00:00
Felix Fietkau ce0eddc2fb hostapd/netifd: encrypted mesh with wpa_supplicant
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 45519
2015-04-20 15:00:07 +00:00
Steven Barth 42c75c690e odhcp6c: fix SOL_MAX_RT to match RFC 3315
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45514
2015-04-20 09:17:13 +00:00
Steven Barth 9715e1d520 nftables: bump version
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45513
2015-04-20 06:30:34 +00:00
Steven Barth 38519cad0b iproute2: update to v4.0.0
The most significant change from the previous version is the trimming of
the 300-ip_tiny.patch to lib/utils.c where a section previously patched
had vanished.  That section of the patch was removed.

Built and lightly tested on ar71xx against uClibc and musl.

Signed-off-by: Russell Senior <russell@personaltelco.net>

SVN-Revision: 45512
2015-04-20 06:26:09 +00:00
Felix Fietkau a285a0a034 netifd: update to the latest version, fixes more interface device config handling issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45503
2015-04-19 09:50:49 +00:00
Felix Fietkau 6293aae9d3 netifd: update to the latest version, fixes more device config handling issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45497
2015-04-18 21:35:16 +00:00
Felix Fietkau 563c26a34f iptables: remove obsolete files
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45494
2015-04-18 17:59:31 +00:00
Steven Barth af4d04ed36 dropbear: update to 2015.67
fixes dbclient login into OpenSSH 6.8p1
error: "Bad hostkey signature"

reported on irc, replicated with Arch Linux

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>

SVN-Revision: 45493
2015-04-18 11:25:01 +00:00
John Crispin 125b2ced63 hostapd: Fix wps button hotplug script to handle multiple radios
Hostapd's control file location was changed in 2013, and that has apparently
broken the wps button hotplug script in cases where there are multiple radios
and wps is possibly configured also for the second radio. The current wps
button hotplug script always handles only the first radio.

https://dev.openwrt.org/browser/trunk/package/network/services/hostapd/files/wps-hotplug.sh

The reason is that the button hotplug script seeks directories like
/var/run/hostapd*, as the hostapd-phy0.conf files were earlier in
per-interface subdirectories.

Currently the *.conf files are directly in /var/run and the control sockets
are in /var/run/hostapd, but there is no subdirectory for each radio.

root@OpenWrt:/# ls /var/run/hostapd*
/var/run/hostapd-phy0.conf  /var/run/hostapd-phy1.conf

/var/run/hostapd:
wlan0  wlan1

The hotplug script was attempted to be fixed after the hostapd change by
r38986 in Dec2013, but that change only unbroke the script for the first
radio, but left it broken for multiple radios.
https://dev.openwrt.org/changeset/38986/

The script fails to find subdirectories with [ -d "$dir" ], and passes just
the only found directory /var/run/hostapd, leading into activating only the
first radio, as hostapd_cli defaults to first socket found inthe passed
directory:
root@OpenWrt:/# hostapd_cli -?
...
usage: hostapd_cli [-p<path>] [-i<ifname>] [-hvB] [-a<path>] \
                    [-G<ping interval>] [command..]
...
    -p<path>     path to find control sockets (default: /var/run/hostapd)
...
    -i<ifname>   Interface to listen on (default: first interface found in the
                 socket path)

Below is a run with the default script and with my proposed solution.

Default script (with logging added):
==================================
root@OpenWrt:/# cat /etc/rc.button/wps
#!/bin/sh

if [ "$ACTION" = "pressed" -a "$BUTTON" = "wps" ]; then
         for dir in /var/run/hostapd*; do
                 [ -d "$dir" ] || continue
                 logger "WPS activated for: $dir"
                 hostapd_cli -p "$dir" wps_pbc
         done
fi

 >>>> WPS BUTTON PRESSED <<<<<

root@OpenWrt:/# hostapd_cli -p /var/run/hostapd -i wlan0 wps_get_status
PBC Status: Active
Last WPS result: None
root@OpenWrt:/# hostapd_cli -p /var/run/hostapd -i wlan1 wps_get_status
PBC Status: Timed-out
Last WPS result: None
root@OpenWrt:/# logread | grep WPS
Tue Apr 14 18:38:50 2015 user.notice root: WPS activated for: /var/run/hostapd

wlan0 got WPS activated, while wlan1 remained inactive.

I have modified the script to search for sockets instead of directories and
to use the "-i" option with hostapd_cli, and now the script properly
activates wps for both radios. As "-i" needs the interface name instead of
the full path, the script first changes dir to /var/run/hostapd to get simply
the interface names.

Modified script (with logging):
===============================
root@OpenWrt:/# cat /etc/rc.button/wps
#!/bin/sh

if [ "$ACTION" = "pressed" -a "$BUTTON" = "wps" ]; then
         cd /var/run/hostapd
         for dir in *; do
                 [ -S "$socket" ] || continue
                 logger "WPS activated for: $socket"
                 hostapd_cli -i "$socket" wps_pbc
         done
fi

 >>>> WPS BUTTON PRESSED <<<<<

root@OpenWrt:/# hostapd_cli -p /var/run/hostapd -i wlan0 wps_get_status
PBC Status: Active
Last WPS result: None
root@OpenWrt:/# hostapd_cli -p /var/run/hostapd -i wlan1 wps_get_status
PBC Status: Active
Last WPS result: None
root@OpenWrt:/# logread | grep WPS
Tue Apr 14 18:53:06 2015 user.notice root: WPS activated for: wlan0
Tue Apr 14 18:53:06 2015 user.notice root: WPS activated for: wlan1

Both radios got their WPS activated properly.

I am not sure if my solution is optimal, but it seems to work. WPS button is
maybe not that often used functionality, but it might be fixed in any case.
Routers with multiple radios are common now, so the bug is maybe more
prominent than earlier.

The modified script has been in a slightly different format in my community
build since r42420 in September 2014.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 45492
2015-04-18 10:19:37 +00:00
Felix Fietkau bdd241ee29 netifd: update to the latest version, fixes issues in handling device config from interfaces
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45483
2015-04-17 19:28:10 +00:00
Felix Fietkau c909a0354a qos-scripts: drop obsolete depdendency on iptabes-mod-filter (#19506)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45482
2015-04-17 18:52:28 +00:00
Felix Fietkau 6057a09ae6 iptables: remove layer7 leftovers (#19506)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45481
2015-04-17 18:52:24 +00:00
Steven Barth 0d1b5a1fd2 network: also shorten virtual interface names of ppp and 3g/4g connections
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45479
2015-04-17 14:47:12 +00:00
Steven Barth 6b062ad848 network: shorten names of generated interfaces
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45476
2015-04-17 13:10:19 +00:00
Steven Barth f1119373f2 odhcp6c: silence "bad number" warnings
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45449
2015-04-15 14:04:17 +00:00
Steven Barth 2eefcd1048 odhcp6c: avoid saving empty RA search domains
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45448
2015-04-15 12:57:41 +00:00
Steven Barth 6fad3d5524 odhcpd: fix accidental logic inversion
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45435
2015-04-14 14:21:52 +00:00
Steven Barth 56573fdb0d odhcp6c: fix some issue discovered by scan-build
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45429
2015-04-14 08:33:37 +00:00
Steven Barth 7e5bf40cac odhcpd: avoid illegal memory access in some corner cases
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45428
2015-04-14 08:31:53 +00:00
Felix Fietkau bdb6c313de qos-scripts: remove layer7 support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45425
2015-04-13 22:23:26 +00:00
Felix Fietkau 4e4060138a iptables: remove layer7 support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45424
2015-04-13 22:23:19 +00:00
Steven Barth 3633523ba6 dnsmasq: fix dnssec timestamp logic, backport crashfix
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45410
2015-04-13 07:49:29 +00:00
Felix Fietkau e8a45bfc15 netifd: fix ieee80211r 'sh: bad number' in mac80211 setup (bug #19345)
Two errors "netifd: radio0: sh: bad number" have recently surfaced in system
log in trunk when wifi interfaces come up. I tracked the errors to checking
numerical values of some config options without ensuring that the option has
any value.

The errors I see have apparently been introduced by r45051 (ieee80211r in
hostapd) and r45326 (start_disabled in mac80211). My patches fix two
instances of "bad number", but there may be a third one, as the original
report in bug 19345 pre-dates r45326 and already has two "bad number" errors
for radio0.

https://dev.openwrt.org/ticket/19345

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 45380
2015-04-11 10:52:01 +00:00
Steven Barth f9b0423836 odhcpd: send current hop-limit by default in RAs
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45359
2015-04-10 11:52:42 +00:00
Steven Barth 0dbbbda4bf odhcp6c: move IPv6 /proc config to userspace and sanitize
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45358
2015-04-10 11:33:15 +00:00
Steven Barth 747c33859b dnsmasq: bump to 2.73rc4
Fix crash caused by malformed DNS requests
Improved DNSSEC handling

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45354
2015-04-10 10:19:17 +00:00
John Crispin 2b95d21fdb hostapd: remove unused asprintf parameter
r45270 removed ieee80211n=%d from the format string but didn't remove
the parameter itself. Though this probably doesn't cause any harm, it's
quite confusing and unneeded.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 45351
2015-04-10 08:31:26 +00:00
John Crispin 7872f4e1dc iptables: revert r40916
it causes problems with newer iptables when ipv6 is disabled as iptc uncoditionally links ip6tc

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45350
2015-04-10 08:31:06 +00:00
John Crispin e7559353db wpan-tools: adds wpan-tools utility
This patch adds the wpan-tools (iwpan) utility to OpenWRT
build system. This utility required to manage IEE-802.15.4
devices.

Signed-off-by: Varka Bhadram <varkab@cdac.in>

SVN-Revision: 45349
2015-04-10 08:30:11 +00:00
John Crispin dcdd5c1ecb netifd: Interface last error support
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45334
2015-04-09 10:33:05 +00:00
John Crispin 4b0211b547 ppp: Detailed last error support
Enables last error support for the PPP protocol handlers.
In generic teardown the PPP daemon exit code is translated into
a self explaining error string which is set as interface error
by proto_notify_error in case of failure.

Signed-off-by: Johan Peeters <johan.peeters111@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 45333
2015-04-09 10:32:54 +00:00
John Crispin 88fa9a8422 dnsmasq: Add option '--servers-file'
The option '--servers-file' is available since dnsmasq v2.69.

Signed-off-by: Lars Kruse <lists@sumpfralle.de>

SVN-Revision: 45332
2015-04-09 10:32:46 +00:00
John Crispin 3c9dcadcf5 umbim: update to latest git HEAD
merge patches from Bjørn Mork

http://patchwork.ozlabs.org/patch/459277/

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45327
2015-04-09 10:32:01 +00:00
John Crispin ff211def3e hostapd: add update_beacon to ubus binding
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45325
2015-04-09 10:31:45 +00:00
Steven Barth 4b1257137c odhcp6c: add 464xlat integration, fix dslite integration
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45323
2015-04-09 08:17:32 +00:00
Steven Barth d5a477cc38 ds-lite: add support for fqdn peeraddrs
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45322
2015-04-09 08:17:23 +00:00
Steven Barth 6f5bbfa181 odhcpd: fix infinite lifetime handling in dhcpv6
thanks to Arjen de Korte

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45279
2015-04-06 10:50:54 +00:00
Felix Fietkau fe8d9f59da hostapd: when running AP+STA, preserve the AP 802.11n-enabled setting
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45270
2015-04-04 17:51:46 +00:00
John Crispin 16d291e2c9 ppp: Fix missing arg argument when using option flag OPT_A2STRVAL
The arg argument is missing to the printer call in the print_option
utility when the option flag OPT_A2STRVAL is set.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 45264
2015-04-03 19:06:56 +00:00
John Crispin 9ccfbb841c ppp: Fix seg fault when using pppol2tp
PPPD crashes (SEGV) when the dump or dryrun options are specified and an option
is internally defined as "o_special" with an option flag of "OPT_A2STRVAL".
As the option value is not saved when the parameter is processed, a reference
to the option will result into a crash (e.g. when printing).

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 45263
2015-04-03 19:06:45 +00:00
John Crispin 4bb94e5b2d samba36: add smb.conf.template to conffiles
User might have modified/extended template direct or by LuCI application.
So do not overwrite on update/upgrade.

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>

SVN-Revision: 45258
2015-04-03 19:06:06 +00:00
Nicolas Thill fe46689f10 packages: use $(LN) macro, make symlinks relative
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 45250
2015-04-03 00:07:43 +00:00
Nicolas Thill d1070a6330 mdns: add conffiles section
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 45241
2015-04-02 14:53:07 +00:00
John Crispin 546ba7a39f samba: use INSTALL_CONF for the uci file
sorry about the broken commit earlier

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45226
2015-04-01 16:12:43 +00:00
Nicolas Thill b7130aff21 samba36: fix typo in package/samba36-server/install
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 45225
2015-04-01 15:59:14 +00:00
John Crispin 26a27231e6 samba: don't overwrite config file
fixes #19087

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45220
2015-04-01 13:39:23 +00:00
John Crispin 8acbb5783d dnsmasq: backport --tftp-no-fail to ignore missing tftp root
This patch backports the option --tftp-no-fail to dnsmasq and prevents the
service from aborting if the specified TFTP root directory is not available;
this might be the case if TFTP files are located on external media that might
occasionally not be present at startup.

Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de>

SVN-Revision: 45213
2015-04-01 08:33:10 +00:00
Steven Barth 78552c24ba odhcpd: compile fixes
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45192
2015-03-31 17:30:56 +00:00
Steven Barth 4f00a51723 odhcp6c: some more code compliance
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45191
2015-03-31 17:30:47 +00:00
Steven Barth 4a1f19e15d netifd: revert policy routing (broke some custom user rules)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45185
2015-03-31 13:14:40 +00:00
Steven Barth edf9b7a2a5 netifd: add metric argument for ipv4 proto routes
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45182
2015-03-31 11:36:20 +00:00
Steven Barth 23db1800f8 nftables: bump to 2015-03-24
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45158
2015-03-30 17:04:14 +00:00
John Crispin 6aff392bff uhttpd: properly handle return codes
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45153
2015-03-30 12:35:13 +00:00
Steven Barth 24be294d8e odhcpd: fix default dhcpv6 behavior for non-/64
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45148
2015-03-30 08:53:22 +00:00
Steven Barth 0a0dec1c4a odhcpd: fix musl build, change default DHCPv6 behavior
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45147
2015-03-30 08:49:47 +00:00
Steven Barth bbe5dc48a2 odhcp6c: musl fixes (thanks Felix)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45146
2015-03-30 08:49:20 +00:00
Felix Fietkau 4a7f1bb54c iputils: fix musl compile errors
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45111
2015-03-29 04:30:12 +00:00
Felix Fietkau e0e8900edd ead: clean up, fix musl build
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45110
2015-03-29 04:30:05 +00:00
Felix Fietkau 86841522d5 arptables: fix musl build issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45109
2015-03-29 04:29:56 +00:00
Felix Fietkau 55aa123732 ebtables: fix musl build issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45108
2015-03-29 04:29:44 +00:00
Felix Fietkau 9f8be0befc authsae: remove bogus #include
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45107
2015-03-29 04:29:26 +00:00
Felix Fietkau e0f421dcab iperf3: use -D_GNU_SOURCE to fix build error on musl
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45103
2015-03-29 04:26:57 +00:00
Felix Fietkau f93a316430 conntrack-tools: add a build dependency on librpc (fixes #19342)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45099
2015-03-29 01:44:14 +00:00
Felix Fietkau efebc77f94 conntrack-tools: add more missing include statements
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45096
2015-03-28 18:26:24 +00:00