The auth change appears to break the endpoint update for most users and with
my local tests the old update url works just fine.
This reverts commit 99c03a88cb6fed0519efdfaac305794653a12542.
SVN-Revision: 48384
Changed the tunnel update URL into format tunnelbrokers
example has, that made it work again. Current method gives "Username/Password
Authentication Failed." when I tried the wget line manually and logread
eventually says also "6in4: update failed". With corrected URL it works fine:
"good 111.222.333.444" or "nochg 111.222.333.444" and logread concurs with
success, and tunnel actually updates.
Tested-by: Vaasa Hacklab <info@vaasa.hacklab.fi>
Signed-off-by: Sami Olmari <sami@olmari.fi>
SVN-Revision: 48006
Since r46834, IPv6 support is builtin if selected. Therefor, dependencies
on kmod-ipv6 can no longer be fulfilled, since it is not a module anymore.
Signed-off-by: Arjen de Korte <arjen+openwrt@de-korte.org>
SVN-Revision: 47022
Better synchronize RA & DHCPv6 events
Accumulate some events to avoid flooding
Restart softwires for address and prefix changes
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 46518
Commit 31214c38c8dd0f70366b523f9b0335145b9386bd removes IPv6 unneeded source-dest-routing workarounds;
as a result sourcerouting parameter is unused and can be removed.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 45940
Commit 31214c38c8dd0f70366b523f9b0335145b9386bd removes IPv6 unneeded source-dest-routing workarounds;
as a result sourcerouting parameter is unused and can be removed.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 45939
If the first resolveip call will fail, peeraddr will be now empty, and
the subsequent resolveip call will try to resolve an empty string.
Fix this by storing the result in a temporary variable.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 45712
The recent rework of the 6in4 endpoint update broke the retry mechanism.
Rework the timeout handling and make the update status more verbose.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 44327
Busybox ash does not implement /dev/stdout, therfore any wget output
is written into a file /dev/stdout instead of onto the standard output.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 44301
Thanks to Dave Taht for debugging and thanks to Comcast for
shipping strangely behaving software so I can fix some corner cases.
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 43415
b52053b 6in4: https support for he.net tunnel api
introduced HTTPS support using wget.
The busybox version of wget, however, doesn't support the -V option,
thus poluting logfiles with a full invalid-parameter-output.
Redirect stderr to fix that.
As libcurl and curl support selecting the SSL library of your choice,
also add support for curl which is more commonly used on OpenWrt than
"real" wget which needs libopenssl.
Also make sure to respect SSL_CERT_DIR and increase timeouts.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 43228
Note, that licensing stuff is a nightmare: many packages does not clearly
state their licenses, and often multiple source files are simply copied
together - each with different licensing information in the file headers.
I tried hard to ensure, that the license information extracted into the OpenWRT's
makefiles fit the "spirit" of the packages, e.g. such small packages which
come without a dedicated source archive "inherites" the OpenWRT's own license
in my opinion.
However, I can not garantee that I always picked the correct information
and/or did not miss license information.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
SVN-Revision: 43155
HE.net tunnel update API requests are now made via https if an
SSL-capable wget is installed. Certificate validation is
conditionally enabled if the CA certs are available.
Signed-off-by: Andrew Skalski <askalski@gmail.com>
SVN-Revision: 43124
Some ISP seem to only do stateful DHCPv6 and not sending RAs.
This is technically broken because plain DHCPv6 doesn't carry routes.
We work around here by faking a default route to the DHCPv6 server
if we do not receive a useful RA from the ISP.
This workaround can be turned off with: option fakeroutes 0
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 42803
Tos support is added as a string parameter which can have the following values :
-inherit (outer header inherits the tos value of the inner header)
-hex value
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 42749
Tos support is added as a string parameter which can have the following values :
-inherit (outer header inherits the tos value of the inner header)
-hex value
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 42748
Tos support is added as a string parameter which can have the following values :
-inherit (outer header inherits the tos value of the inner header)
-hex value
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 42747
The preferred he.net /nic/update endpoint expects the password or updatekey in
plain text and not as md5 sum, therfore remove the hashing operation from the
script.
This effectively renders the "updatekey" option redundant but we keep it around
for backwards compatibility. Both "option password" and "option updatekey" will
have end up in the "&password=" parameter of the update url and are passed through
unmodified.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41358
Gives the user the control to select the correct WAN IPv4 address to be used by the 6rd tunnel when mutiple WAN interfaces are configured
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 40566
* Reduce RA/DHCPv6 spam filter to 30s by default and make it configurable
* Don't set nd_ra_{reachable,retransmit] to 0 when received in RAs
SVN-Revision: 39775
Latest changes broke source-restriction of on-link routes. Restoring
old-behaviour but adding correct source-restrictions which prevents
the offlink handler to remove the on-link route.
SVN-Revision: 39454
* Fixed broken stateless-mode (fixes#14863)
* Support for multiple IAIDs, improved server compatibility,
improved NTP/SNTP support and other fixes (thanks to T-Labs)
SVN-Revision: 39433
Make the IPv4 "do not fragment" bit a configurable variable for the 6rd
tunnel interface as the bit should not be set in the encapsulating IPv4
header according to RFC3056.
On top the config variable allows to enable/disable path mtu discovery
for tunnel interfaces.
Config variable can be passed to netifd as tunnel config support is
already present for the "do not fragment" bit.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 39370
The correct bits are now cleared in the IPv6 address as the shift
value to the correct byte in the IPv6 address was wrong. Depending
on the stack values this could result in a hanging 6rdcalc program
due to an endless loop.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 38818
* Various RFC compliance fixes (thanks to Hans Dedecker)
* Fix RA spam filter logic causing ipv6 connection issues
* Fix parameters -F and -P being order dependent
SVN-Revision: 38577
* Make SOL_MAX_RT configurable and default back to 120s
* Prefer servers with bigger prefixes (allows to use Comcast /60)
* Don't hang indefinitely if DHCPv6 REQUEST is not answered
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 38393
AVR32 misses a bunch of updated syscalls, including timerfd_create()
which is used by 6relayd. Since that requires Linux/libc changes, just
prevent building it for now.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
SVN-Revision: 37040