aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services
Commit message (Collapse)AuthorAgeFilesLines
* ppp: remove the persist option, netifd handles reconnectsFelix Fietkau2015-05-091-1/+1
| | | | | | | | Significantly reduces reconnect delay Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45654
* hostapd: fix remote denial of service vulnerability in WMM action frame parsingFelix Fietkau2015-05-061-0/+36
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45619
* hostapd: enable 802.11w only for the full variantsFelix Fietkau2015-05-061-1/+4
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45616
* openvpn: replace polarssl run-time version check with a compile-time oneFelix Fietkau2015-05-051-0/+11
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45608
* openvpn: disable CBC record splitting in PolarSSL/mbedTLS (#19101)Jo-Philipp Wich2015-05-042-1/+17
| | | | | | | | | | | | | | | | | | | | | | | | OpenVPN assumes that its control channel messages are sent and received unfragmented, this assumption is broken when CBC record splitting is enabled in mbedTLS. The record splitting is intended as countermeasure against BEAST attacks which do not apply to OpenVPN, therefore we simply disable it until upstream OpenVPN gains the ability to process fragmented control messages. Disabling the splitting also works around a (not remotely triggerable) segmentation fault in mbedTLS. References: * https://dev.openwrt.org/ticket/19101 * https://community.openvpn.net/openvpn/ticket/524 * https://github.com/ARMmbed/mbedtls/pull/185 Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 45602
* dnsmasq: bump to 2.73rc7Steven Barth2015-04-291-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45587
* odhcpd: Remove prefix class config option as not supported anymore by odhcpdSteven Barth2015-04-281-8/+0
| | | | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> SVN-Revision: 45586
* dnsmasq: bump to 2.73rc6Steven Barth2015-04-234-161/+5
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45572
* hostapd: backport fix for CVE-2015-1863, refresh patchesFelix Fietkau2015-04-235-5/+42
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45567
* hostapd: mark wpa-supplicant & wpad-mesh as broken on umlNicolas Thill2015-04-221-2/+2
| | | | | | Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 45561
* odhcpd: minor fixesSteven Barth2015-04-211-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45539
* hostapd/netifd: encrypted mesh with wpa_supplicantFelix Fietkau2015-04-201-18/+29
| | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 45519
* dropbear: update to 2015.67Steven Barth2015-04-187-414/+16
| | | | | | | | | | | fixes dbclient login into OpenSSH 6.8p1 error: "Bad hostkey signature" reported on irc, replicated with Arch Linux Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de> SVN-Revision: 45493
* hostapd: Fix wps button hotplug script to handle multiple radiosJohn Crispin2015-04-181-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hostapd's control file location was changed in 2013, and that has apparently broken the wps button hotplug script in cases where there are multiple radios and wps is possibly configured also for the second radio. The current wps button hotplug script always handles only the first radio. https://dev.openwrt.org/browser/trunk/package/network/services/hostapd/files/wps-hotplug.sh The reason is that the button hotplug script seeks directories like /var/run/hostapd*, as the hostapd-phy0.conf files were earlier in per-interface subdirectories. Currently the *.conf files are directly in /var/run and the control sockets are in /var/run/hostapd, but there is no subdirectory for each radio. root@OpenWrt:/# ls /var/run/hostapd* /var/run/hostapd-phy0.conf /var/run/hostapd-phy1.conf /var/run/hostapd: wlan0 wlan1 The hotplug script was attempted to be fixed after the hostapd change by r38986 in Dec2013, but that change only unbroke the script for the first radio, but left it broken for multiple radios. https://dev.openwrt.org/changeset/38986/ The script fails to find subdirectories with [ -d "$dir" ], and passes just the only found directory /var/run/hostapd, leading into activating only the first radio, as hostapd_cli defaults to first socket found inthe passed directory: root@OpenWrt:/# hostapd_cli -? ... usage: hostapd_cli [-p<path>] [-i<ifname>] [-hvB] [-a<path>] \ [-G<ping interval>] [command..] ... -p<path> path to find control sockets (default: /var/run/hostapd) ... -i<ifname> Interface to listen on (default: first interface found in the socket path) Below is a run with the default script and with my proposed solution. Default script (with logging added): ================================== root@OpenWrt:/# cat /etc/rc.button/wps #!/bin/sh if [ "$ACTION" = "pressed" -a "$BUTTON" = "wps" ]; then for dir in /var/run/hostapd*; do [ -d "$dir" ] || continue logger "WPS activated for: $dir" hostapd_cli -p "$dir" wps_pbc done fi >>>> WPS BUTTON PRESSED <<<<< root@OpenWrt:/# hostapd_cli -p /var/run/hostapd -i wlan0 wps_get_status PBC Status: Active Last WPS result: None root@OpenWrt:/# hostapd_cli -p /var/run/hostapd -i wlan1 wps_get_status PBC Status: Timed-out Last WPS result: None root@OpenWrt:/# logread | grep WPS Tue Apr 14 18:38:50 2015 user.notice root: WPS activated for: /var/run/hostapd wlan0 got WPS activated, while wlan1 remained inactive. I have modified the script to search for sockets instead of directories and to use the "-i" option with hostapd_cli, and now the script properly activates wps for both radios. As "-i" needs the interface name instead of the full path, the script first changes dir to /var/run/hostapd to get simply the interface names. Modified script (with logging): =============================== root@OpenWrt:/# cat /etc/rc.button/wps #!/bin/sh if [ "$ACTION" = "pressed" -a "$BUTTON" = "wps" ]; then cd /var/run/hostapd for dir in *; do [ -S "$socket" ] || continue logger "WPS activated for: $socket" hostapd_cli -i "$socket" wps_pbc done fi >>>> WPS BUTTON PRESSED <<<<< root@OpenWrt:/# hostapd_cli -p /var/run/hostapd -i wlan0 wps_get_status PBC Status: Active Last WPS result: None root@OpenWrt:/# hostapd_cli -p /var/run/hostapd -i wlan1 wps_get_status PBC Status: Active Last WPS result: None root@OpenWrt:/# logread | grep WPS Tue Apr 14 18:53:06 2015 user.notice root: WPS activated for: wlan0 Tue Apr 14 18:53:06 2015 user.notice root: WPS activated for: wlan1 Both radios got their WPS activated properly. I am not sure if my solution is optimal, but it seems to work. WPS button is maybe not that often used functionality, but it might be fixed in any case. Routers with multiple radios are common now, so the bug is maybe more prominent than earlier. The modified script has been in a slightly different format in my community build since r42420 in September 2014. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> SVN-Revision: 45492
* network: also shorten virtual interface names of ppp and 3g/4g connectionsSteven Barth2015-04-171-1/+1
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45479
* odhcpd: fix accidental logic inversionSteven Barth2015-04-141-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45435
* odhcpd: avoid illegal memory access in some corner casesSteven Barth2015-04-141-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45428
* dnsmasq: fix dnssec timestamp logic, backport crashfixSteven Barth2015-04-134-6/+174
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45410
* netifd: fix ieee80211r 'sh: bad number' in mac80211 setup (bug #19345)Felix Fietkau2015-04-111-0/+1
| | | | | | | | | | | | | | | | | | | Two errors "netifd: radio0: sh: bad number" have recently surfaced in system log in trunk when wifi interfaces come up. I tracked the errors to checking numerical values of some config options without ensuring that the option has any value. The errors I see have apparently been introduced by r45051 (ieee80211r in hostapd) and r45326 (start_disabled in mac80211). My patches fix two instances of "bad number", but there may be a third one, as the original report in bug 19345 pre-dates r45326 and already has two "bad number" errors for radio0. https://dev.openwrt.org/ticket/19345 Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> SVN-Revision: 45380
* odhcpd: send current hop-limit by default in RAsSteven Barth2015-04-101-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45359
* dnsmasq: bump to 2.73rc4Steven Barth2015-04-107-351/+49
| | | | | | | | | Fix crash caused by malformed DNS requests Improved DNSSEC handling Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45354
* hostapd: remove unused asprintf parameterJohn Crispin2015-04-101-1/+1
| | | | | | | | | | r45270 removed ieee80211n=%d from the format string but didn't remove the parameter itself. Though this probably doesn't cause any harm, it's quite confusing and unneeded. Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 45351
* ppp: Detailed last error supportJohn Crispin2015-04-091-4/+47
| | | | | | | | | | | | Enables last error support for the PPP protocol handlers. In generic teardown the PPP daemon exit code is translated into a self explaining error string which is set as interface error by proto_notify_error in case of failure. Signed-off-by: Johan Peeters <johan.peeters111@gmail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> SVN-Revision: 45333
* dnsmasq: Add option '--servers-file'John Crispin2015-04-091-0/+1
| | | | | | | | The option '--servers-file' is available since dnsmasq v2.69. Signed-off-by: Lars Kruse <lists@sumpfralle.de> SVN-Revision: 45332
* hostapd: add update_beacon to ubus bindingJohn Crispin2015-04-091-3/+20
| | | | | | Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 45325
* odhcpd: fix infinite lifetime handling in dhcpv6Steven Barth2015-04-061-2/+2
| | | | | | | | thanks to Arjen de Korte Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45279
* hostapd: when running AP+STA, preserve the AP 802.11n-enabled settingFelix Fietkau2015-04-041-1/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45270
* ppp: Fix missing arg argument when using option flag OPT_A2STRVALJohn Crispin2015-04-031-0/+11
| | | | | | | | | The arg argument is missing to the printer call in the print_option utility when the option flag OPT_A2STRVAL is set. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> SVN-Revision: 45264
* ppp: Fix seg fault when using pppol2tpJohn Crispin2015-04-031-0/+13
| | | | | | | | | | | PPPD crashes (SEGV) when the dump or dryrun options are specified and an option is internally defined as "o_special" with an option flag of "OPT_A2STRVAL". As the option value is not saved when the parameter is processed, a reference to the option will result into a crash (e.g. when printing). Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> SVN-Revision: 45263
* samba36: add smb.conf.template to conffilesJohn Crispin2015-04-031-1/+2
| | | | | | | | | User might have modified/extended template direct or by LuCI application. So do not overwrite on update/upgrade. Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com> SVN-Revision: 45258
* mdns: add conffiles sectionNicolas Thill2015-04-021-0/+4
| | | | | | Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 45241
* samba: use INSTALL_CONF for the uci fileJohn Crispin2015-04-011-1/+1
| | | | | | | | sorry about the broken commit earlier Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 45226
* samba36: fix typo in package/samba36-server/installNicolas Thill2015-04-011-1/+1
| | | | | | Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 45225
* samba: don't overwrite config fileJohn Crispin2015-04-011-2/+6
| | | | | | | | fixes #19087 Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 45220
* dnsmasq: backport --tftp-no-fail to ignore missing tftp rootJohn Crispin2015-04-012-0/+194
| | | | | | | | | | | This patch backports the option --tftp-no-fail to dnsmasq and prevents the service from aborting if the specified TFTP root directory is not available; this might be the case if TFTP files are located on external media that might occasionally not be present at startup. Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de> SVN-Revision: 45213
* odhcpd: compile fixesSteven Barth2015-03-311-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45192
* uhttpd: properly handle return codesJohn Crispin2015-03-301-2/+2
| | | | | | Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 45153
* odhcpd: fix default dhcpv6 behavior for non-/64Steven Barth2015-03-301-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45148
* odhcpd: fix musl build, change default DHCPv6 behaviorSteven Barth2015-03-301-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 45147
* ead: clean up, fix musl buildFelix Fietkau2015-03-294-167/+46
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45110
* authsae: remove bogus #includeFelix Fietkau2015-03-291-0/+10
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45107
* hostapd: fix compile errors with nl80211 disabled (#19325)Felix Fietkau2015-03-274-5/+6
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45063
* hostapd: fix a compiler warning in ap+station patchFelix Fietkau2015-03-271-2/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45062
* hostapd: disable the bridge packet receive workaround, it is unnecessary on ↵Felix Fietkau2015-03-271-0/+12
| | | | | | | | openwrt and could potentially harm performance Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45060
* dnsmasq: we dont want to run in debug modeJohn Crispin2015-03-271-1/+1
| | | | | | | | a left over from the dnsmasq jail testing Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 45058
* hostapd: add 802.11r supportFelix Fietkau2015-03-262-1/+65
| | | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> SVN-Revision: 45051
* hostapd: allow multiple key management algorithmsFelix Fietkau2015-03-262-4/+8
| | | | | | | | | To enable 802.11r, wpa_key_mgmt should contain FT-EAP or FT-PSK. Allow multiple key management algorithms to make this possible. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> SVN-Revision: 45050
* hostapd: append nasid to config for all WPA typesFelix Fietkau2015-03-262-4/+12
| | | | | | | | | | The 802.11r implementation in hostapd uses nas_identifier as PMK-R0 Key Holder identifier. As 802.11r can also be used with WPA Personal, nasid should be appended to the hostapd config for all WPA types. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> SVN-Revision: 45049
* hostapd: add dependency to hostapd-commonFelix Fietkau2015-03-261-3/+3
| | | | | | | | | 'hostapd-common' is needed by all of the variants for wifi to function correctly (a number of the target profiles simply select 'wpad-mini'). Signed-off-by: Nathan Hintz <nlhintz@hotmail.com> SVN-Revision: 45048
* hostapd: package wpad-mesh and wpa_supplicant-mesh variantsFelix Fietkau2015-03-263-11/+453
| | | | | | | | | | These new variants include support for mesh mode and SAE crypto. They always depend on openssl as EC operations are not provided by the internal crypto implementation. Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 45047
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 10:12:57 +0000