aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services
Commit message (Collapse)AuthorAgeFilesLines
* odhcpd: update to git HEAD versionHans Dedecker2017-02-011-3/+3
| | | | | | e447ff9 router: fix compile issue on 64 bit systems Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: update to git HEAD versionHans Dedecker2017-02-011-3/+3
| | | | | | | | | | | | 237f1f4 router: convert syslog lifetime traces into LOG_INFO prio da660c7 treewide: rework prio of syslog messages 0485580 ndp: code cleanup c5040fe router: add syslog debug tracing for trouble shooting df023ad treewide: use RELAYD_MAX_ADDRS as address array size c8ac572 ndp: don't scan netlink attributes in case of netlink route event Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* openvpn: ssl-enabled variants also provide a virtual openvpn-crypto packageSven Roederer2017-02-011-1/+5
| | | | | | | | | | When relying on x.509 certs for auth and / or encryption of traffic you can't use package openvpn-nossl. Just have your package depend on openvpn-crypto to have SSL-encryption and X.509-support enabled in OpenVPN. If encryption / X.509 is not a must, use virtual packge openvpn, which is provided by all OpenVPN-variants. Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
* hostapd: default to wps_independent 1Steven Honson2017-02-011-1/+2
| | | | Signed-off-by: Steven Honson <steven@honson.id.au>
* hostapd: expose wps_independent and ap_setup_locked as uci optionsSteven Honson2017-02-011-3/+5
| | | | | | | ap_setup_locked is named wps_ap_setup_locked in uci for consistency with other wps related uci options. Signed-off-by: Steven Honson <steven@honson.id.au>
* mdns: update to the latest versionFelix Fietkau2017-01-311-3/+3
| | | | | | | - fixes unaligned acccesses, causing DNS parsing issues on ARMv5 - fixes service timeout handling Signed-off-by: Felix Fietkau <nbd@nbd.name>
* openvpn: add support for various new 2.4 configuration optionsMagnus Kroken2017-01-281-24/+19
| | | | | | | Updates to openvpn.init were included in early OpenVPN 2.4 patch series, but got lost along the way and were never merged. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* hostapd: fix stray "out of range" shell errors in hostapd.shJo-Philipp Wich2017-01-232-3/+3
| | | | | | | | | | | | The hostapd_append_wpa_key_mgmt() procedure uses the possibly uninitialized $ieee80211r and $ieee80211w variables in a numerical comparisation, leading to stray "netifd: radio0 (0000): sh: out of range" errors in logread when WPA-PSK security is enabled. Ensure that those variables are substituted with a default value in order to avoid emitting this (harmless) shell error. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* openvpn: let all openvpn variants provide a virtual openvpn packageJo-Philipp Wich2017-01-211-1/+2
| | | | | | | | | | Add PROVIDES:=openvpn to the default recipe in order to let all build variants provide a virtual openvpn package. The advantage of this approach is that downstream packages can depend on just "openvpn" without having to require a specific flavor. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* hostapd: fix passing jobserver to hostapd/supplicant build processesFelix Fietkau2017-01-151-3/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: backport a few upstream fixesFelix Fietkau2017-01-155-4/+163
| | | | | | | | Fixes reassoc issues with WDS mode Fixes reassoc issues in AP mode Fixes IBSS reauthentication issues Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dnsmasq: use ubus signalling in ntp hotplug scriptKevin Darbyshire-Bryant2017-01-131-3/+3
| | | | | | | Use ubus process signalling instead of 'kill pidof dnsmasq' for SIGHUP signalling to dnsmasq when ntp says time is valid. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* odhcpd: take over maintainershipHans Dedecker2017-01-121-1/+1
| | | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> Acked-by: Jo-Philipp Wich <jo@mein.io>
* Revert "dnsmasq: change 'add_local_hostname' to use dnsmasq '--interface-name'"Hans Dedecker2017-01-122-31/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This causes problem when a FQDN is configured in /etc/config/system. The domain name will appear twice in reverse DNS. Next to that, there seems to be a bug in dnsmasq. From the manual page: --interface-name=<name>,<interface>[/4|/6] Return a DNS record associating the name with the primary address on the given interface. This flag specifies an A or AAAA record for the given name in the same way as an /etc/hosts line, except that the address is not constant, but taken from the given interface. The interface may be followed by "/4" or "/6" to specify that only IPv4 or IPv6 addresses of the interface should be used. If the interface is down, not configured or non-existent, an empty record is returned. The matching PTR record is also created, mapping the interface address to the name. More than one name may be associated with an interface address by repeating the flag; in that case the first instance is used for the reverse address-to-name mapping. It does not just create an A/AAAA record for the primary address, it creates one for all addresses. And what is worse, it seems to actually resolve to the non-primary address first. This is quite annoying when you use floating IP addresses (e.g. VRRP), because when the floating IP is on the other device, SSH failes due to incorrect entry in the known hosts file. I know that this is not a common setup, but it would be nice if there was an option to restore the previous behaviour, rather than just forcing this new feature on everybody. Reported-by: Stijn Tintel <stijn@linux-ipv6.be> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* wpa_supplicant: Fix mesh encryption configSujith Manoharan2017-01-111-1/+4
| | | | | | | | | | | | | | | wpa_supplicant allows only SAE as the key management type for mesh mode. The recent key_mgmt rework unconditionally added WPA-PSK - this breaks interface bringup and wpa_s throws this error message: Line 10: key_mgmt for mesh network should be open or SAE Line 10: failed to parse network block. Failed to read or parse configuration '/var/run/wpa_supplicant-wlan0.conf Fix this by making sure that only SAE is used for mesh. Signed-off-by: Sujith Manoharan <m.sujith@gmail.com>
* lldpd: take over maintainershipStijn Tintel2017-01-101-1/+1
| | | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: Jo-Philipp Wich <jo@mein.io>
* lldpd: add Net-SNMP AgentX supportStijn Tintel2017-01-104-2/+15
| | | | | | | Enabling this makes it possible to query LLDP neighbors via SNMP. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: Jo-Philipp Wich <jo@mein.io>
* odhcpd: bump to git HEADHans Dedecker2017-01-071-3/+3
| | | | | | | | | | ef3c563 dhcpv6-ia: filter out prefixes having invalid length 16cd87e dhcpv6-ia: fix dereference after freeing assignment d6b0c99 dhcpv6-ia: log only IPv6 addresses which are effectively assigned to a DHCPv6 client 08a9367 config: respect ignore uci option Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dnsmasq: change 'add_local_hostname' to use dnsmasq '--interface-name'Eric Luehrsen2017-01-052-23/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | 'add_local_hostname' previous implementation may drop some addresses. Soft addition of IP6 addresses may not cause a reload or restart event. dnsmasq '--interface-name' robustly applies DNS to all addresses per interface (except fe80::/10). Change UCI 'add_local_hostname' to expand during each interface assignement during add_dhcp(). Assign '<iface>.<host>.<domain>' as true name (reflexive A, AAAA, and PTR). Assign '<host>.<domain>' and '<host>' as convinience aliases (no PTR, not technically CNAME). This is accomplished with the '--interface-name' order, first is PTR. We could also assign each <ip4/6>.<iface>.<host>.<domain> to the respective dual stack on the interface. That seemed excessive so it was skipped (/4 or /6 suffix to the interface). Add UCI 'add_wan_hostname' similar to 'add_local_hostname' function for external WAN. WAN IP4 are less often named by the ISP and rarely WAN IP6 due to complexity. For logs, LuCI connection graph, and other uses assigning a WAN name is desired. 'add_local_hostname' only applies with DHCP and 'add_wam_hostname' only applies without DHCP. Common residential users will want to set both options TRUE. Businesses will probably have global DNS, static IP, and 'add_wan_hostname' FALSE. Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
* dnsmasq: clean up white space in dnsmasq.initEric Luehrsen2017-01-051-16/+16
| | | | Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
* build: use mkhash to replace various quirky md5sum/openssl callsFelix Fietkau2017-01-051-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dnsmasq: add DHCP Unique Identifier for DHCPv6Arjen de Korte2017-01-031-1/+2
| | | | | | | Add DHCPv6 matching by DHCP Unique Identifier (RFC-3315) in addition to existing MAC-address (RFC-6939). The latter is not widely supported yet. Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
* odhcpd: bump to git HEAD versionHans Dedecker2017-01-031-3/+3
| | | | | | | | | | | | | | | | | | | | | | 091d8a9 dhcpv6-ia: fix static assignment check 11ce6b5 dhcpv6-ia: coding style fixes 561890e dhcpv6-ia: update valid_until only for non static DHCPv6 leases 0b45fce dhcpv4: coding style fixes 95b76c2 README: Add host leasetime uci parameter 541219e dhcpv6-ia: fix invalid IPv6/hostname entries in statefile 13937ab dhcpv6-ia: fix delete logic of an assignment in reconf_timer 60c3969 dhcpv6-ia : code style fixes bf4ebc0 config: use free_lease to delete a lease c24782a config: coding style fixes 0572d1a config: Create statefile dir ec833f4 dhcpv6-ia: use free_dhcpv6_assignment where needed 1d55edb dhcpv6-ia: make free_dhcpv6_assignment static f01e538 dhcpv4: make dhcpv4_msg_to_string static 700f5ab dhcpv4: fix DHCPv4 hostname handling 4c89614 Limit lifetime of non-static leases in case of release and decline Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: enable SHA256-based algorithmsStijn Tintel2017-01-031-2/+2
| | | | | | | | | | | Enable support for stronger SHA256-based algorithms in hostapd and wpa_supplicant when using WPA-EAP or WPA-PSK with 802.11w enabled. We cannot unconditionally enable it, as it requires hostapd to be compiled with 802.11w support, which is disabled in the -mini variants. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Tested-by: Sebastian Kemper <sebastian_ml@gmx.net>
* hostapd: add function to handle wpa_key_mgmtStijn Tintel2017-01-031-9/+10
| | | | | | | | Now that wpa_key_mgmt handling for hostapd and wpa_supplicant are consistent, we can move parts of it to a dedicated function. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Tested-by: Sebastian Kemper <sebastian_ml@gmx.net>
* wpa_supplicant: rework wpa_key_mgmt handlingStijn Tintel2017-01-031-8/+9
| | | | | | | | Rework wpa_key_mgmt handling for wpa_supplicant to be consistent with how it is done for hostapd. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Tested-by: Sebastian Kemper <sebastian_ml@gmx.net>
* openvpn: update to 2.4.0Magnus Kroken2016-12-301-2/+2
| | | | Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* relayd: fix expiry time handlingFelix Fietkau2016-12-271-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* relayd: fix reload / interface restart issuesFelix Fietkau2016-12-273-4/+2
| | | | | | | - replace the hotplug script with an interface trigger - add netdev params to procd to trigger restart Signed-off-by: Felix Fietkau <nbd@nbd.name>
* odhcpd: bump to git HEADStijn Tintel2016-12-271-3/+3
| | | | | | | 8dc2a59 Revert "Respect interface "ignore" settings as documented." 93ab25b router: skip parse_routes when ra_default > 1 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* odhcpd: Use procd_send_signal in reload_serviceHans Dedecker2016-12-261-1/+1
| | | | | | | Replace killall HUP by procd_send_signal in reload_service to trigger an odhcpd config reload Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dnsmasq: add log facility optiondibdot2016-12-231-0/+1
| | | | | | add possibility to set the facility to which dnsmasq will send syslog entries, i.e. set it to '/dev/null' to mute dnsmasq output at all. Signed-off-by: Dirk Brenken dev@brenken.org
* uhttpd: drop uhttpd-mod-tls, it has been useless for yearsFelix Fietkau2016-12-221-39/+0
| | | | | | | | | Before the rewrite, uhttpd-mod-tls used to contain a tls plugin. Afterwards it was left in for compatibility reasons, but given how much has changed, and that we're about to change the default SSL implementation again, it's better to just drop this now Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: clean up and unify PKG_VERSION for git based downloadsFelix Fietkau2016-12-229-47/+27
| | | | | | Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE Signed-off-by: Felix Fietkau <nbd@nbd.name>
* openvpn: use conditional dependencies to avoid pulling in unused ssl librariesFelix Fietkau2016-12-221-2/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* openvpn: reduce binary size using --gc-sections on linkingFelix Fietkau2016-12-221-0/+3
| | | | | | Saves around 9kb gzipped on MIPS Signed-off-by: Felix Fietkau <nbd@nbd.name>
* openvpn: fix disabling DES support in mbedtlsFelix Fietkau2016-12-221-0/+81
| | | | | Signed-off-by: Felix Fietkau <nbd@nbd.name> Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* openvpn: update to 2.4_rc2Magnus Kroken2016-12-2211-75/+103
| | | | | | | | | | | | | | | | | OpenVPN 2.4 builds with mbedTLS 2.x, rename openvpn-polarssl variant to openvpn-mbedtls. Some feature highlights: * Data channel cipher negotiation * AEAD cipher support for data channel encryption (currently only * AES-GCM) * ECDH key exchange for control channel * LZ4 compression support See https://github.com/OpenVPN/openvpn/blob/master/Changes.rst for additional change notes. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* odhcpd: Use procd_send_signal in odhcpd-update fileHans Dedecker2016-12-211-5/+3
| | | | | | | | Let dnsmasq reread the leasefile by using procd_send_signal which triggers procd to send SIGHUP kill signal by default if signal is not specified Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: update to version 2016-12-19Koen Vandeputte2016-12-205-16/+16
| | | | | | | | | | | | | | Update to latest upstream HEAD: - Refreshed all - Fixes 2 regressions: --> PeerKey: Fix STK 4-way handshake regression --> PeerKey: Fix EAPOL-Key processing Compile tested Full & Mini configs Run-tested Mini config Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* hostapd: Add ability to specify that that wireless driver supports 802.11acAlexis Green2016-12-202-1/+11
| | | | | Signed-off-by: Alexis Green <agreen@cococorp.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [make more generic]
* hostapd: update to version 2016-12-15Koen Vandeputte2016-12-2020-169/+110
| | | | | | | | | | | | | Update to latest upstream HEAD: - Refreshed all - Delete patches and parts which made it upstream Compile tested Full & Mini configs Run-tested Mini config Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [another update, remove broken patch]
* hostapd: remove never-used Package/<name>/DescriptionYousong Zhou2016-12-201-21/+1
| | | | | | | | The build system only accepts Package/<name>/description and since the typoed version virtually has the same content as the TITLE field, remove them altogether Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* mdns: bump to latest git HEADJohn Crispin2016-12-201-2/+2
| | | | | | | | be8ae8d cmake: Search for libjson-c 1fa9077 Fix IPv6 read 846369c Revert "mdnsd: interface: enable looped back messages" Signed-off-by: John Crispin <john@phrozen.org>
* odhcpd: Bump to git HEAD version (various fixes)Hans Dedecker2016-12-171-3/+3
| | | | | | | | | e055530 Don't print non bound assignments in the state file 3af23ad config: Fix RA interface config being overwritten 41b5268 dhcpv6-ia : Fix static DHCPv6 assignments becoming non static be6c515 dhcpv6-ia: Fix assignment of static DHCPv6 leases 374dc3f cmake: Find libubox/uloop.h 01c919c odhcpd: Display infinite valid lifetime as -1
* treewide: clean up download hashesFelix Fietkau2016-12-1616-16/+16
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dnsmasq: fix service reloadJohn Crispin2016-12-161-2/+1
| | | | | | | | | | | The SIGHUP also got sent to the reload script making it bail out with an error Revert "dnsmasq: reload config if host name is modified" This reverts commit 854459a2f923376e0e509ebc0fb8ff90e9f13c02. Reported-by: Hans Dedecker <dedeckeh@gmail.com> Signed-off-by: John Crispin <john@phrozen.org>
* odhcpd: update sha256sumHauke Mehrtens2016-12-141-1/+1
| | | | | | | The sha256sum was not updated in the last commit. Fixes: a7c231027 [odhcpd: Fix dnsmasq re-reading hostfile] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ppp: use --gc-sections to save a tiny bit of spaceFelix Fietkau2016-12-141-0/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dropbear: clean up default PATH handling in makefileDario Ernst2016-12-142-14/+2
| | | | | | | | Harmonise handling of DEFAULT_PATH by removing the patch introducing #ifndef guards around the path, and only using one means to set the path in the makefile. Signed-off-by: Dario Ernst <Dario.Ernst@riverbed.com>