Commit Graph

3273 Commits

Author SHA1 Message Date
Nick Hainke
5beea4c3fd owipcalc: use v6 in cidr_parse6 function
The cidr_parse6 function parses a string to an ipv6-address.
The cidr struct contains a union called buf for the ipv4 and ipv6
address. Since it is a char pointer and the struct is initialized with
the maximum size (so ipv6 string) it does not make any difference.
However, we should access the buffer using the v6 name, since it could
be confusing otherwise.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2021-01-15 17:40:27 +01:00
Leon M. George
fa02225ee6 hostapd: fix key_mgmt typo
The key_mgmt variable was mistyped when checking against "WPS", so
the if clause was never entered.

Fixes: f5753aae23 ("hostapd: add support for WPS pushbutton station")

Signed-off-by: Leon M. George <leon@georgemail.eu>
[add commit message, bump PKG_RELEASE]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-01-14 03:54:06 +01:00
Leon M. George
f72ce73e36 hostapd: remove trailing whitespaces
Signed-off-by: Leon M. George <leon@georgemail.eu>
2021-01-14 03:50:38 +01:00
Leon M. George
4bde00c2a3 hostapd: remove unused variable
'base' was never used.

Fixes: 498d84fc4e ("netifd: add wireless configuration support
and port mac80211 to the new framework")

Signed-off-by: Leon M. George <leon@georgemail.eu>
2021-01-14 03:48:41 +01:00
Leon M. George
3497b30b9c hostapd: remove unused variable
'enc_str' was never used.

Fixes: 498d84fc4e ("netifd: add wireless configuration support
and port mac80211 to the new framework")

Signed-off-by: Leon M. George <leon@georgemail.eu>
2021-01-14 03:45:17 +01:00
Daniel Golle
1f78538387 hostapd: run as user 'network' if procd-ujail is installed
Granting capabilities CAP_NET_ADMIN and CAP_NET_RAW allows running
hostapd and wpa_supplicant without root priviledges.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-01-14 00:52:50 +00:00
Daniel Golle
1e2d162092 hostapd: improve error handling when adding supplicant config
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-01-14 00:52:49 +00:00
Etan Kissling
7babb978ad hostapd: add multicast_to_unicast and per_sta_vif
This allows configuration of multicast_to_unicast and per_sta_vif options.
- multicast_to_unicast requests multicast-to-unicast conversion.
- per_sta_vif assigns each station its own AP_VLAN interface.

Signed-off-by: Etan Kissling <etan_kissling@apple.com>
2021-01-14 00:52:49 +00:00
David Bauer
04f4ea5916 iw: enable HE PHY information for iw-tiny
Currently PHY information obtained from "iw phy" lacks information about
a PHYs HE capabilities when using the by default installed iw-tiny.

As there are already 802.11ax supported devices, enabled printing this
information for the by-default installed iw variant.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-01-14 01:03:34 +01:00
Daniel Golle
2d305ff13a hostapd: return PID on config_add call
To simplify the way netifd acquires the PIDs of wpa_supplicant and
hostapd let the config_add method of both of them return the PID of the
called process. Use the returned PID instead of querying procd when
adding wpa_supplicant configuration.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-01-10 19:15:51 +00:00
Curtis Deptuck
2e590a6364 iptables: update to 1.8.6
Update iptables to 1.8.6

ChangeLog:
https://netfilter.org/projects/iptables/files/changes-iptables-1.8.6.txt

Refresh patch:
101-remove-check-already.patch

Signed-off-by: Curtis Deptuck <curtdept@me.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [refresh patches]
2021-01-09 10:24:04 +01:00
Jo-Philipp Wich
6e4ce14047 iwinfo: improve ABI version handling and bump to git HEAD
- Encode ABI version in compiled shared object file
 - Only ship versioned shared library

 a17f561 iwinfo: detect QCA IPQ4019 WiSoC from FDT
 ea28dfb iwinfo: export ht and vht operation in scan results
 4e22953 iwinfo: export center_chan info for local wifi
 74d13fb cli: account for additional digit for frequencies above 10GHz
 8bfd8d8 iwinfo: add support for GCMP cipher
 618c1e8 iwinfo: add hardware description for QCA MIPS WiSoCs
 0702f32 iwinfo: improve center channel handling
 51c1336 iwinfo: set center chan unsupported for not-nl80211 driver
 23d2722 build: add ability to specify shared object version

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-01-07 00:21:23 +00:00
Jo-Philipp Wich
c63bcb53e9 Revert "iwinfo: update to git HEAD"
This reverts commit f1620630e9.

This update introduces potentially remote exploitable buffer overreads
in IE parsing logic.

It also breaks the ABI without introdcing SOVERSION library versioning.

Furthermore, HT information is incorrectly added for non-HT BSSes.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-01-06 13:46:12 +01:00
Daniel Golle
f1620630e9 iwinfo: update to git HEAD
a17f561 iwinfo: detect QCA IPQ4019 WiSoC from FDT
 ea28dfb iwinfo: export ht and vht operation in scan results
 4e22953 iwinfo: export center_chan info for local wifi
 74d13fb cli: account for additional digit for frequencies above 10GHz
 8bfd8d8 iwinfo: add support for GCMP cipher

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-01-05 22:57:20 +00:00
Robert Marko
f246dfde33 hostapd: wpa_supplicant: Enable proper GCMP cipher support
This patch enables hostapd.sh to properly configure wpa_supplicant
for when GCMP is used as cipher in station mode.
Without this wpa_supplicant will be unable to connect to AP.
This is needed for wil6210 as it does not support CCMP.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2021-01-05 02:16:24 +00:00
Daniel Golle
b31ca88de9 netifd: update to git HEAD
0c83439 netifd: wireless: default to GCMP WPA cipher on 802.11ad

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-01-05 02:16:24 +00:00
Nick Hainke
6773bee107 odhcpd: bump to latest version
3bda900 odhcpd: add option for setting preferred lifetime

Signed-off-by: Nick Hainke <vincent@systemli.org>
2021-01-04 08:01:16 +01:00
Florian Beverborg
22e568d0fe hostapd: add support for custom per-BSS options
This adds an option "hostapd_bss_options" that does the same as
"hostapd_options" but on a per-BSS level, instead of a per-device level.

This can be used, for example, to configure different per-devce sae_passwords
per BSS or to augment some of the existing per-BSS options.

Signed-off-by: Florian Beverborg <flo@beverb.org>
[remove whitespace errors, bump release]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-01-03 12:31:42 -10:00
Hauke Mehrtens
7aa8c00e4b ppp: Remove already applied patch
This patch was already applied upstream and not needed here.

Fixes: 06403981e1 ("ppp: update to version 2.4.7.git-2019-05-06")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-01-01 19:55:59 +01:00
Russell Senior
c22b689cf8 iproute2: update to 5.10.0
c8faeca5 (ss: mptcp: fix add_addr_accepted stat print, 2020-11-18)
0d78e8ea (tc: pedit: fix memory leak in print_pedit, 2020-12-11)
ec1346ac (devlink: fix memory leak in cmd_dev_flash(), 2020-12-11)
309e6027 (man: tc-flower: fix manpage, 2020-12-11)
376367d9 (uapi: merge in change to bpf.h, 2020-12-14)
2e80ae89 (Merge branch 'gcc-10' into main, 2020-12-03)
755b1c58 (tc/mqprio: json-ify output, 2020-12-02)
975c4944 (ip/netns: use flock when setting up /run/netns, 2020-11-27)
fb054cb3 (uapi: update devlink.h, 2020-11-29)
c95d63e4 (uapi: update devlink.h, 2020-11-29)
cae2e929 (f_u32: fix compiler gcc-10 compiler warning, 2020-11-29)
c0149839 (misc: fix compiler warning in ifstat and nstat, 2020-11-29)
2319db90 (tc: fix compiler warnings in ip6 pedit, 2020-11-29)
5bdc4e91 (bridge: fix string length warning, 2020-11-29)
f8176999 (devlink: fix uninitialized warning, 2020-11-29)
7a49ff9d (bridge: report correct version, 2020-11-15)
8682f588 (tc-mpls: fix manpage example and help message string, 2020-11-02)
7c7a0fe0 (tc-vlan: fix help and error message strings, 2020-11-02)
72f88bd4 (uapi: update kernel headers from 5.10-rc2, 2020-11-08)
b90c39be (rdma: fix spelling error in comment, 2020-11-08)
c8424b73 (man: fix spelling errors, 2020-11-08)
cbf64817 (tc/m_gate: fix spelling errors, 2020-11-08)
14b189f0 (uapi: updates from 5.10-rc1, 2020-11-03)
9fc5bf73 (libnetlink: define __aligned conditionally, 2020-10-26)
eb12cc9a (Merge branch 'main' into next, 2020-10-25)
f1298d76 (m_mpls: test the 'mac_push' action after 'modify', 2020-10-22)
2b7a7684 (Merge branch 'tipc-encryption' into next, 2020-10-20)
2bf1ba5a (tipc: add option to set rekeying for encryption, 2020-10-16)
5fb36818 (tipc: add option to set master key for encryption, 2020-10-16)
b4edd6a8 (Merge branch 'tc-mpls-l2-vpn' into next Guillaume Nault  says:, 2020-10-20)
02a261b5 (m_mpls: add mac_push action, 2020-10-19)
d61167dd (m_vlan: add pop_eth and push_eth actions, 2020-10-19)
3342688a (devlink: display elapsed time during flash update, 2020-10-14)
cb7ce51c (v5.9.0, 2020-10-15)
b5a583fb (Merge branch 'main' into next Signed-off-by: David Ahern <dsahern@gmail.com>, 2020-10-11)
78120128 (genl: ctrl: print op -> policy idx mapping, 2020-10-03)
91c54917 (Merge branch 'bridge-igmpv3-mldv2' into next Nikolay Aleksandrov  says:, 2020-10-11)
86588450 (bridge: mdb: print protocol when available, 2020-10-08)
2de81d1e (bridge: mdb: print source list when available, 2020-10-08)
1d28c480 (bridge: mdb: print filter mode when available, 2020-10-08)
e331677e (bridge: mdb: show igmpv3/mldv2 flags, 2020-10-08)
f94e8b07 (bridge: mdb: print fast_leave flag, 2020-10-08)
547b3197 (bridge: mdb: add support for source address, 2020-10-08)
f905191a (Update kernel headers, 2020-10-11)
4322b13c (ip xfrm: support setting XFRMA_SET_MARK_MASK attribute in states, 2020-10-02)
8dc1db80 (devlink: Add health reporter test command support, 2020-10-01)
01216471 (devlink: support setting the overwrite mask attribute, 2020-09-30)
34be2d26 (Update kernel headers, 2020-10-07)
d2be31d9 (ss: add support for xdp statistics, 2020-09-24)
f481515c (Update kernel headers, 2020-09-29)
b8663da0 (ip: promote missed packets to the -s row, 2020-09-16)
cec67df9 (Merge branch 'devlink-controller-external-info' into next Parav Pandit  says:, 2020-09-22)
748cbad3 (devlink: Show controller number of a devlink port, 2020-09-18)
8fadd011 (devlink: Show external port attribute, 2020-09-18)
454429e8 (Update kernel headers, 2020-09-22)
ad34d5fa (iproute2: ss: add support to expose various inet sockopts, 2020-08-19)
c8eb4b52 (Update kernel headers, 2020-09-08)
abee772f (tipc: support 128bit node identity for peer removing, 2020-08-27)
6fd53b2a (iplink: add support for protodown reason, 2020-08-28)
af27494d (ip xfrm: support printing XFRMA_SET_MARK_MASK attribute in states, 2020-08-28)
275eed9b (Merge branch 'main' into next, 2020-09-01)
cc889b82 (genl: ctrl: support dumping netlink policy, 2020-08-24)
d5acae24 (libnetlink: add nl_print_policy() helper, 2020-08-24)
784fa9f6 (libnetlink: add rtattr_for_each_nested() iteration macro, 2020-08-24)

OpenWrt patches unchanged.
Successfully built for ramips/mt7621 and x86/geode with:

CONFIG_PACKAGE_devlink=m
CONFIG_PACKAGE_genl=m
CONFIG_PACKAGE_ip-bridge=m
CONFIG_PACKAGE_ip-full=m
CONFIG_PACKAGE_ip-tiny=m
CONFIG_PACKAGE_nstat=m
CONFIG_PACKAGE_rdma=m
CONFIG_PACKAGE_ss=m
CONFIG_PACKAGE_tc=m

Minimally run-tested ip-tiny on ramips/mt7621 (ubnt-erx).

Signed-off-by: Russell Senior <russell@personaltelco.net>
2021-01-01 13:22:58 +01:00
Felix Fietkau
e1851720f1 hostapd: do not restart hostapd instance on wireless restarts
Add the flag that prevents netifd from killing hostapd/wpa_supplicant

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-12-31 14:26:00 +01:00
Felix Fietkau
a7ff013eb6 netifd: update to the latest version
39fb8c3edc74 wireless: add support for not killing processes on teardown

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-12-31 14:25:59 +01:00
Johannes Kimmel
3f5619f259 vxlan: allow for dynamic source ip selection (FS#3426)
By setting 'auto', the zero address or the empty string as source
address (option ipaddr, option ip6addr), vxlan will choose one
dynamically. This helps in setups where a wan ip or prefix changes.

This corresponse to setting up an vxlan tunnel with:

proto vxlan6:
    # ip link add vx0 type vxlan id ID local :: ...
proto vxlan:
    # ip link add vx0 type vxlan id ID local 0.0.0.0 ...

While it is possible to not specify a source ip at all, the kernel will
default to setting up a ipv4 tunnel. The kernel will take any hint from
source and peer ips to figure out, what tunnel type to use. To make sure
we setup an ipv6 tunnel for proto vxlan6, this workaround is needed.

This will not change the behaviour of currently working configurations.
However this will allow former broken configurations, namely those not
specifying both a source address and tunnel interface, to setup a
tunnel interface. Previously those configurations weren't reporting an
error and were stueck in a setup loop like in Bug FS#3426.

This change lifts the currently very strict behaviour and should fix the
following bug:

Fixes: FS#3426
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3426

Signed-off-by: Johannes Kimmel <fff@bareminimum.eu>
2020-12-31 11:53:21 +01:00
Hans Dedecker
23fec971ca odhcp6c: update to git HEAD
eac1961 dhcpv6: fix displaying IA info
0475e18 dhcpv6: display status code as a string

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2020-12-30 20:20:06 +01:00
Hans Dedecker
19d7e73ecc ethtool: update to version 5.10
The ipkg sizes changes as follows for mips 24kc :
	5.9  : ethtool_5.9-1_mips_24kc.ipk 35246
	5.10 : ethtool_5.10-1_mips_24kc.ipk 35385

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2020-12-26 20:39:25 +01:00
Hans Dedecker
bc99b56d7e odhcpd: update to latest git HEAD
b75bcad dhcpv6-ia: remove assignment equal to 0 checks
d1ae052 dhcpv6-ia: fix logic to include IA_PD prefix with lifetimes set to 0
9d5e379 dhcpv6-ia: fix prefix delegation behavior

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2020-12-24 17:23:41 +01:00
Dobroslaw Kijowski
1a9b896d8b treewide: nuke DRIVER_11W_SUPPORT
As of hostapd upstream commit 7d2ed8ba "Remove CONFIG_IEEE80211W build parameter"
https://w1.fi/cgit/hostap/commit?id=7d2ed8bae86a31dd2df45c24b3f7281d55315482
802.11w feature is always enabled in the build time.

It doesn't make sense to opt-in 802.11w per driver as hostapd will always
be compiled with this feature enabled.

As suggested by Hauke Mehrtens, for now keep 11w enabled in build_features.h
for compatibility reasons. This option will be dropped when LuCI is adjusted.

Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
2020-12-23 16:36:08 +01:00
Felix Fietkau
3d8d2c3a80 netifd: update to the latest version
88c6003e2b4f netifd: fix a typo in vlandev hotplug support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-12-23 11:22:23 +01:00
John Crispin
ceb612e463 hostapd: pass respawn settings when registering the service
When hostapd gets restarted to often/quickly will cause procd to not restart it
anymore. it will think that hapd is in a crash loop.

Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [adjust respawn time]
2020-12-22 19:30:26 +01:00
Nick Lowe
cb41bc5088 hostapd: Use EAPOLv1 (802.1X-2001) if WPA enabled
Currently, EAPOLv2 (802.1X-2004) is used by default for legacy clients that
are not WPA2 (RSN) capable. These legacy clients are often intolerant to this
EAPOL version and fail to connect.

hostapd.conf upstream documents for eapol_version the following and that this
is a known compatibility issue with version 2:

// IEEE 802.1X/EAPOL version
// hostapd is implemented based on IEEE Std 802.1X-2004 which defines EAPOL
// version 2. However, there are many client implementations that do not handle
// the new version number correctly (they seem to drop the frames completely).
// In order to make hostapd interoperate with these clients, the version number
// can be set to the older version (1) with this configuration value.
// Note: When using MACsec, eapol_version shall be set to 3, which is
// defined in IEEE Std 802.1X-2010.
//eapol_version=2

For the wpa parameter, hostapd.conf upstream documents that this is a bitfield,
configured as follows:

// Enable WPA. Setting this variable configures the AP to require WPA (either
// WPA-PSK or WPA-RADIUS/EAP based on other configuration). For WPA-PSK, either
// wpa_psk or wpa_passphrase must be set and wpa_key_mgmt must include WPA-PSK.
// Instead of wpa_psk / wpa_passphrase, wpa_psk_radius might suffice.
// For WPA-RADIUS/EAP, ieee8021x must be set (but without dynamic WEP keys),
// RADIUS authentication server must be configured, and WPA-EAP must be included
// in wpa_key_mgmt.
// This field is a bit field that can be used to enable WPA (IEEE 802.11i/D3.0)
// and/or WPA2 (full IEEE 802.11i/RSN):
// bit0 = WPA
// bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)
// Note that WPA3 is also configured with bit1 since it uses RSN just like WPA2.
// In other words, for WPA3, wpa=2 is used the configuration (and
// wpa_key_mgmt=SAE for WPA3-Personal instead of wpa_key_mgmt=WPA-PSK).
//wpa=2

For client compatibility therefore:

EAPOLv1 (802.1X-2001) should be used by default where WPA is enabled.
EAPOLv2 (802.1X-2004) should be used by default where WPA is disabled.

To fix this, we can therefore change in the script:

set_default eapol_version 0

To the following:

set_default eapol_version $((wpa & 1))

This therefore:
1) Sets eapol_version to 1 where WPA has been enabled via wpa bit0 being set.
2) Sets eapol_version to 0 where WPA has been disabled via wpa bit0 being unset.

For usual configurations that only have WPA2 enabled, EAPOLv2 is then used.

Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
2020-12-22 19:11:50 +01:00
Rosen Penev
6a1ad19cd3 tcpdump: fix pcap-config issues
The patch removes a libpcap check to avoid a problem with libpcap. Fix
libpcap instead.

Modernize Makefile:

Use a normal autoconf bool instead of checking for CONFIG_IPV6.

Remove old configure and MAKE_FLAGS hacks. Removing them results in
compilation continuing to work without a problem.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-12-22 18:59:10 +01:00
Nadim Atiya
1302bee12a hostapd: parse skip_inactivity_poll option
hostapd.sh does not parse skip_inactivity_poll boolean from
/etc/config/wireless despite being mentioned in the documentation [1].
This change fixes this, and by default sets its value to 0 [1].

[1] https://openwrt.org/docs/guide-user/network/wifi/basic

Signed-off-by: Nadim Atiya <nadim.atiya@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[fix and reformat commit message, make patch apply]
2020-12-22 15:23:35 +00:00
Petr Štetiar
0cf3c5dd72 uhttpd: don't redirect to HTTPS by default
So we can ship px5g-wolfssl by default in the release image, but still
make the HTTPS for LuCI optional. This small change with addition of
`CONFIG_PACKAGE_px5g-wolfssl=y` into the buildbot's seed config for the
next release should provide optional HTTPS in the next release.

Disabling the current default automatic uhttpd's redirect to HTTPS
should make the HTTPS optional. That's it, user would either need to
switch to HTTPS by manually switching to https:// protocol in the URL or
by issuing the following commands to make the HTTPS automatic redirect
permanent:

 $ uci set uhttpd.main.redirect_https=1
 $ uci commit uhttpd
 $ service uhttpd reload

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-12-20 10:36:51 +01:00
Nick Hainke
05a1b11c71 netifd: update to latest version
458b1a7e9473 netifd: add segment routing support

Signed-off-by: Nick Hainke <vincent@systemli.org>
2020-12-14 20:25:21 +01:00
Daniel Golle
b2d48c1dfe odhcpd: remove local mkdir_p implementation
Replace local mkdir_p implementation in favour of using mkdir_p now
added to libubox.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-12-13 00:13:18 +00:00
Philip Prindeville
5d2b577a53 xfrm: support 'multicast' attribute on interfaces
You shouldn't need the overhead of GRE just to add multicast
capability on a point-to-point interface (for instance, you might
want to run mDNS over IPsec transport connections, and Avahi
requires IFF_MULTICAST be set on interfaces, even point-to-point
ones).

Borrowed heavily from:

    b3c9321b9e gre: Support multicast configurable gre interfaces

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2020-12-11 20:53:36 +01:00
Konstantin Demin
52aa2017d3 dropbear: bump package version
Bump package version after previous changes.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-12-11 13:48:24 +01:00
Konstantin Demin
228298290e dropbear: add ssh-askpass support in configuration
binary size cost is much less than 1k.

tested on ath79/generic:
  bin: 215128 -> 215132 (+4b)
  ipk: 111183 -> 111494 (+311b)

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2020-12-11 13:48:24 +01:00
Konstantin Demin
e1bd9645b6 dropbear: roll up recipes into mapping lists
this commit removes manual recipes for options and introduces mapping lists:
- DB_OPT_COMMON holds option mappings which are common for all builds;
- DB_OPT_CONFIG holds option mappings which are depend on config settings.

DB_OPT_COMMON is space-separated list of 'words', each of them is in format:
  'header_option|value'

'header_option' is added with value 'value' to 'localoptions.h'.

if 'header_option' is preceded by two exclamation marks ('!!')
then option is not added to 'localoptions.h' but replaced in 'sysoptions.h'.

in short:
   option|value - add option to localoptions.h
 !!option|value - replace option in sysoptions.h

DB_OPT_CONFIG is space-separated list of 'words', each of them is in format:
  'header_option|config_variable|value_enabled|value_disabled'

'header_option' is handled likewise in DB_OPT_COMMON.

if 'config_variable' is enabled (technically: not disabled)
then 'header_option' is set to 'value_enabled' and 'value_disabled' otherwise.

in short:
   option|config|enabled|disabled = add option to localoptions.h
 !!option|config|enabled|disabled = replace option in sysoptions.h

   option := (config) ? enabled : disabled

If you're not sure that option's value doesn't have '|' within - add your recipe
manually right after '$(Build/Configure/dropbear_headers)' and write some words
about your decision.

PS about two exclamation marks:
early idea was to use one exclamation mark to denote such header options
but then i thought single exclamation mark may be overlooked by mistake.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2020-12-11 13:48:24 +01:00
Konstantin Demin
79d5c24724 dropbear: rework recipes that configure build
- add two helper functions to avoid mistakes with
  choice of correct header file to work with
- update rules accordingly

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2020-12-11 13:48:24 +01:00
Konstantin Demin
42eff7c7e6 dropbear: reorder options in Configure recipe
put static options at first place, then place configurable options.
also put DROPBEAR_ECC right before DROPBEAR_ECC_FULL to ease maintainance.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2020-12-11 13:48:24 +01:00
Konstantin Demin
7e122c353a dropbear: enable back DROPBEAR_USE_PASSWORD_ENV
this option was disabled in 2011 and these long nine years showed us that change was definitely wrong.

binary size cost is much less than 1k.

tested on ath79/generic:
  bin: 215128 -> 215128 (no change)
  ipk: 111108 -> 111183 (+75b)

Fixes: 3c801b3dc0 ("tune some more options by default to decrease size")
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2020-12-11 13:48:24 +01:00
Paul Spooren
e7e16667ff iftop: remove package
The package has no reason to be in openwrt.git. Move it to packages.git.

Signed-off-by: Paul Spooren <mail@aparcar.org>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2020-12-09 23:24:22 -10:00
Hans Dedecker
dd3464023f odhcp6c: update to latest git HEAD
0ffa3a3 dhcpv6: harden reconfigure logic
3999b6d dhcpv6: rework DHCPv6 message to string implementation

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2020-12-09 22:33:34 +01:00
Jo-Philipp Wich
dd5b3b58d8 lldpd: fix autoreconf failure
The lldpd sources ship a modified local AX_LIB_READLINE M4 macro which
conflicts with the official macro shipped by autoconf-archive.

Due to the official macro having the same name and a higher serial
number, autoconf will prefer including that one instead of the local
copy, preventing the substitution of @READLINE_LIBS@ in Makefile.in
templates, ultimately leading to the following build failure when
linking lldpcli:

    ...-gcc: error: READLINE_LIBS@: No such file or directory

Avoid this problem by renaming the locally shipped macro to not clash
with the official implementation anymore.

Ref: https://github.com/lldpd/lldpd/pull/423
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-12-09 12:36:40 +01:00
Nick Lowe
ce5bcff304 hostapd: Disable 802.11b data rates by default
Set legacy_rates to 0 by default to disable 802.11b data rates by default.

The time has long come where 802.11b DSSS/CCK data rates should be disabled
by default in OpenWRT. Users in need of 802.11b client support can reasonably
enable these where they are needed.

The balance of equities has significantly, and for a long time, tipped
such that dropping backwards compatibility by default with 802.11b
devices is appropriate, proportionate and justified. By doing so,
management and control traffic is moved by default to a 20
MHz wide 6 Mb/s OFDM data rate instead of a 22 MHz wide 1 Mb/s DSSS data
rate. This is significantly more airtime efficient.

Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
2020-12-06 08:51:32 -10:00
Rosen Penev
28a9ac74cc openvpn: remove
This will be moved to packages.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Paul Spooren <mail@aparcar.org>
2020-12-05 10:09:01 -10:00
Rosen Penev
57a8028949 openvpn-easy-rsa: remove
This will be moved to packages.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-12-05 10:08:49 -10:00
Hans Dedecker
13734075d2 odhcp6c: update to git HEAD
faed29a dhcpv6: only refresh timers when reconfigure is valid
9c50975 dhcpv6: fix printing identity association id
a7b2221 dhcpv6: avoid sending continuous renew/rebind messages
d7afa2b dhcpv6: add extra syslog info traces
f5728e4 odhcp6c_find_entry: exclude priority from the list of fields that must match

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2020-12-05 20:48:50 +01:00
Felix Fietkau
36db12b883 netifd: update to the latest version
d6bd1047d004 vlandev: dump vlan id in device status
e0c838bd06a6 vlandev: support bridge-vlan aliases in the vid config parameter
574dc4a17105 system-dummy: print configured mac address
14f0e8ff928f system-linux: simplify mask check in system_if_apply_settings
524310276f20 system-linux: move device settings handling to device.c
42c48866f1c1 config: parse default mac address from board.json

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-12-02 12:08:52 +01:00