aboutsummaryrefslogtreecommitdiffstats
path: root/package/network
Commit message (Collapse)AuthorAgeFilesLines
* odhcp6c: add option "keep_ra_dnslifetime"Hans Dedecker2017-01-092-5/+8
| | | | | | | | | | Add option keep_ra_dnslifetime which will preserve the received lifetime for RDNSS and DNSSL RA records and not overwrite it by the RA router lifetime as specified in RFC6106. This allows to accept RDNNS records from RAs that don't announce a default route by setting router lifetime to 0 in the RAs. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcpd: bump to git HEADHans Dedecker2017-01-071-3/+3
| | | | | | | | | | ef3c563 dhcpv6-ia: filter out prefixes having invalid length 16cd87e dhcpv6-ia: fix dereference after freeing assignment d6b0c99 dhcpv6-ia: log only IPv6 addresses which are effectively assigned to a DHCPv6 client 08a9367 config: respect ignore uci option Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dnsmasq: change 'add_local_hostname' to use dnsmasq '--interface-name'Eric Luehrsen2017-01-052-23/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | 'add_local_hostname' previous implementation may drop some addresses. Soft addition of IP6 addresses may not cause a reload or restart event. dnsmasq '--interface-name' robustly applies DNS to all addresses per interface (except fe80::/10). Change UCI 'add_local_hostname' to expand during each interface assignement during add_dhcp(). Assign '<iface>.<host>.<domain>' as true name (reflexive A, AAAA, and PTR). Assign '<host>.<domain>' and '<host>' as convinience aliases (no PTR, not technically CNAME). This is accomplished with the '--interface-name' order, first is PTR. We could also assign each <ip4/6>.<iface>.<host>.<domain> to the respective dual stack on the interface. That seemed excessive so it was skipped (/4 or /6 suffix to the interface). Add UCI 'add_wan_hostname' similar to 'add_local_hostname' function for external WAN. WAN IP4 are less often named by the ISP and rarely WAN IP6 due to complexity. For logs, LuCI connection graph, and other uses assigning a WAN name is desired. 'add_local_hostname' only applies with DHCP and 'add_wam_hostname' only applies without DHCP. Common residential users will want to set both options TRUE. Businesses will probably have global DNS, static IP, and 'add_wan_hostname' FALSE. Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
* dnsmasq: clean up white space in dnsmasq.initEric Luehrsen2017-01-051-16/+16
| | | | Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
* build: use mkhash to replace various quirky md5sum/openssl callsFelix Fietkau2017-01-052-2/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dnsmasq: add DHCP Unique Identifier for DHCPv6Arjen de Korte2017-01-031-1/+2
| | | | | | | Add DHCPv6 matching by DHCP Unique Identifier (RFC-3315) in addition to existing MAC-address (RFC-6939). The latter is not widely supported yet. Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
* odhcpd: bump to git HEAD versionHans Dedecker2017-01-031-3/+3
| | | | | | | | | | | | | | | | | | | | | | 091d8a9 dhcpv6-ia: fix static assignment check 11ce6b5 dhcpv6-ia: coding style fixes 561890e dhcpv6-ia: update valid_until only for non static DHCPv6 leases 0b45fce dhcpv4: coding style fixes 95b76c2 README: Add host leasetime uci parameter 541219e dhcpv6-ia: fix invalid IPv6/hostname entries in statefile 13937ab dhcpv6-ia: fix delete logic of an assignment in reconf_timer 60c3969 dhcpv6-ia : code style fixes bf4ebc0 config: use free_lease to delete a lease c24782a config: coding style fixes 0572d1a config: Create statefile dir ec833f4 dhcpv6-ia: use free_dhcpv6_assignment where needed 1d55edb dhcpv6-ia: make free_dhcpv6_assignment static f01e538 dhcpv4: make dhcpv4_msg_to_string static 700f5ab dhcpv4: fix DHCPv4 hostname handling 4c89614 Limit lifetime of non-static leases in case of release and decline Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcp6c: bump to git HEAD versionHans Dedecker2017-01-031-5/+5
| | | | | | | | | 5d6fec3 Merge pull request #50 from sartura/libubox_md5_reuse 33a2ba1 odhcp6c: reuse md5 from libubox Switch PKG_SOURCE_URL to git.lede-project.org/project/odhcp6c.git Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: enable SHA256-based algorithmsStijn Tintel2017-01-031-2/+2
| | | | | | | | | | | Enable support for stronger SHA256-based algorithms in hostapd and wpa_supplicant when using WPA-EAP or WPA-PSK with 802.11w enabled. We cannot unconditionally enable it, as it requires hostapd to be compiled with 802.11w support, which is disabled in the -mini variants. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Tested-by: Sebastian Kemper <sebastian_ml@gmx.net>
* hostapd: add function to handle wpa_key_mgmtStijn Tintel2017-01-031-9/+10
| | | | | | | | Now that wpa_key_mgmt handling for hostapd and wpa_supplicant are consistent, we can move parts of it to a dedicated function. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Tested-by: Sebastian Kemper <sebastian_ml@gmx.net>
* wpa_supplicant: rework wpa_key_mgmt handlingStijn Tintel2017-01-031-8/+9
| | | | | | | | Rework wpa_key_mgmt handling for wpa_supplicant to be consistent with how it is done for hostapd. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Tested-by: Sebastian Kemper <sebastian_ml@gmx.net>
* gre: add different per-protocol prefixes to GRE-TAP IPv4/6 tunnel interfaces.Roger Pueyo Centelles2017-01-032-7/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit modifies the /lib/netifd/proto/gre.sh script so that, when GRE-TAP tunnels are created, either IPv4 or IPv6, the prefix before the chosen interface name contains the "tap" substring, to differentiate them from non-TAP GRE tunnels. Right now, both GRE and GRE-TAP tunnel (either IPv4 or IPv6) interfaces defined in /etc/config/network are named equally ("gre-"+$ifname or "grev6"+$ifname) upon creation. For instance, the following tunnels: config interface 'tuna' option peeraddr '172.30.22.1' option proto 'gre' config interface 'tunb' option peeraddr '192.168.233.4' option proto 'gretap' config interface 'tunc' option peer6addr 'fdc5:7c9e:e93d:45af::1' option proto 'grev6' config interface 'tund' option peer6addr 'fdc0:6071:1348:31ff::2' option proto 'grev6tap' are named, respectively, "gre-tuna", "gre-tunb", "grev6-tunc" and "grev6-tund". The current change makes that each GRE tunnel interface of the four different types available (gre, gretap, grev6 and grev6tap) gets a different prefix. Therefore, the abovementioned tunnels will be named, respectively: "gre4-tuna", "gre4t-tunb", "gre6-tunc" and "gre6t-tund". This is coherent with other types of virtual interfaces (i.e. PPP, PPPoE, PPPoA) where the whole protocol name is used. For instance, a PPPoA interface named "p1" and a PPPoE interface named "p2" will respectively appear as "pppoa-p1" and "pppoe-p2", not as "ppp-p1" and "ppp-p2"). Since Linux interfaces names are limited to 15 characters, these prefixes leave, for the worst case (TAP tunnels), 9 characters for the actual name. Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
* curl: Remove PolarSSL and adjust default to mbedTLSRosen Penev2017-01-034-30/+14
| | | | | | | luci-ssl has already made the switch since mainline support for PolarSSL is almost over (2016). Signed-off-by: Rosen Penev <rosenp@gmail.com>
* curl: update to version 7.52.1Hauke Mehrtens2017-01-022-4/+4
| | | | | | | | | | | This fixes the folowing security problems: CVE-2016-9586: printf floating point buffer overflow CVE-2016-9952: Win CE schannel cert wildcard matches too much CVE-2016-9953: Win CE schannel cert name out of buffer read CVE-2016-9594: unititialized random Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* openvpn: update to 2.4.0Magnus Kroken2016-12-301-2/+2
| | | | Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* relayd: fix expiry time handlingFelix Fietkau2016-12-271-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* relayd: fix reload / interface restart issuesFelix Fietkau2016-12-273-4/+2
| | | | | | | - replace the hotplug script with an interface trigger - add netdev params to procd to trigger restart Signed-off-by: Felix Fietkau <nbd@nbd.name>
* odhcpd: bump to git HEADStijn Tintel2016-12-271-3/+3
| | | | | | | 8dc2a59 Revert "Respect interface "ignore" settings as documented." 93ab25b router: skip parse_routes when ra_default > 1 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* odhcpd: Use procd_send_signal in reload_serviceHans Dedecker2016-12-261-1/+1
| | | | | | | Replace killall HUP by procd_send_signal in reload_service to trigger an odhcpd config reload Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* netifd: Upstep to git HEAD versionHans Dedecker2016-12-251-3/+3
| | | | | | | | | 64a655d proto: allow configuring deprecated static IPv6 addresses c99182e remove obsolete /opt/local prefix on Mac OS X 0249d5f system-linux: Don't set gre tunnel ttl by default to 64 (#FS312) edc15ca ubus: Display the IPv6 prefix assigned address Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* gre: Remove ttl default value assignment (FS#312)Hans Dedecker2016-12-252-2/+2
| | | | | | | Don't assign a default ttl of 64 for gre tunnels as netifd takes care of the default ttl assignment Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* dnsmasq: add log facility optiondibdot2016-12-231-0/+1
| | | | | | add possibility to set the facility to which dnsmasq will send syslog entries, i.e. set it to '/dev/null' to mute dnsmasq output at all. Signed-off-by: Dirk Brenken dev@brenken.org
* uhttpd: drop uhttpd-mod-tls, it has been useless for yearsFelix Fietkau2016-12-221-39/+0
| | | | | | | | | Before the rewrite, uhttpd-mod-tls used to contain a tls plugin. Afterwards it was left in for compatibility reasons, but given how much has changed, and that we're about to change the default SSL implementation again, it's better to just drop this now Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: clean up and unify PKG_VERSION for git based downloadsFelix Fietkau2016-12-2217-83/+47
| | | | | | Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE Signed-off-by: Felix Fietkau <nbd@nbd.name>
* openvpn: use conditional dependencies to avoid pulling in unused ssl librariesFelix Fietkau2016-12-221-2/+2
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* openvpn: reduce binary size using --gc-sections on linkingFelix Fietkau2016-12-221-0/+3
| | | | | | Saves around 9kb gzipped on MIPS Signed-off-by: Felix Fietkau <nbd@nbd.name>
* openvpn: fix disabling DES support in mbedtlsFelix Fietkau2016-12-221-0/+81
| | | | | Signed-off-by: Felix Fietkau <nbd@nbd.name> Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* openvpn: update to 2.4_rc2Magnus Kroken2016-12-2211-75/+103
| | | | | | | | | | | | | | | | | OpenVPN 2.4 builds with mbedTLS 2.x, rename openvpn-polarssl variant to openvpn-mbedtls. Some feature highlights: * Data channel cipher negotiation * AEAD cipher support for data channel encryption (currently only * AES-GCM) * ECDH key exchange for control channel * LZ4 compression support See https://github.com/OpenVPN/openvpn/blob/master/Changes.rst for additional change notes. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* vti: add empty install rules for vtiv4 & vtiv6Alexandru Ardelean2016-12-221-0/+8
| | | | | | Same as for grev4 & grev6 Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* gre: add empty install rules for grev4 & grev6Alexandru Ardelean2016-12-221-0/+8
| | | | | | | | | | | | | | | Build seems to fail with: ``` Collected errors: * satisfy_dependencies_for: Cannot satisfy the following dependencies for X: * grev4 * * opkg_install_cmd: Cannot install package X ``` After adding an empty install rule, the failure goes away. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* uqmi: add plmn set functionality for netifd proto handlerFlorian Eckert2016-12-221-2/+22
| | | | | | | uqmi has the possibility to allow the modem to start a regsitration process only to this specified plmn Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
* comgt-ncm: fix typo Fix typo in ncm.sh. Resolves:Cezary Jackiewicz2016-12-221-1/+1
| | | | | | Wed Dec 21 09:55:54 2016 daemon.notice netifd: wan (4455): ./ncm.sh: eval: line 1: =IP: not found Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
* odhcpd: Use procd_send_signal in odhcpd-update fileHans Dedecker2016-12-211-5/+3
| | | | | | | | Let dnsmasq reread the leasefile by using procd_send_signal which triggers procd to send SIGHUP kill signal by default if signal is not specified Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: update to version 2016-12-19Koen Vandeputte2016-12-205-16/+16
| | | | | | | | | | | | | | Update to latest upstream HEAD: - Refreshed all - Fixes 2 regressions: --> PeerKey: Fix STK 4-way handshake regression --> PeerKey: Fix EAPOL-Key processing Compile tested Full & Mini configs Run-tested Mini config Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* hostapd: Add ability to specify that that wireless driver supports 802.11acAlexis Green2016-12-202-1/+11
| | | | | Signed-off-by: Alexis Green <agreen@cococorp.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [make more generic]
* hostapd: update to version 2016-12-15Koen Vandeputte2016-12-2020-169/+110
| | | | | | | | | | | | | Update to latest upstream HEAD: - Refreshed all - Delete patches and parts which made it upstream Compile tested Full & Mini configs Run-tested Mini config Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [another update, remove broken patch]
* iproute2: tc - update cake supportKevin Darbyshire-Bryant2016-12-202-11/+13
| | | | | | | | | | Update tc to track upstream cake changes: diffserv3 - a simple 3 tin classifier Also make diffserv3 and triple-isolate default Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* uqmi: Prevent 'POLICY MISMATH' error.Nickolay Ledovskikh2016-12-201-0/+1
| | | | | | | Add uqmi 'sync' command call to release stalled cid when preparing to setup new connection. As a result it prevents 'POLICY MISMATCH' errors. Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
* uqmi: bump to latest git HEADJohn Crispin2016-12-201-2/+2
| | | | | | | 8ceeab6 uqmi: Change returned value to QMI_CMD_REQUEST for 'sync' command. 1dc7be1 uqmi: Add sync command to release all cids. Signed-off-by: John Crispin <john@phrozen.org>
* uqmi: add support of using device symlinks.Nickolay Ledovskikh2016-12-201-0/+2
| | | | | | | It's useful when using multiple usb devices that should be bound to certain usb ports. Symlinks are created by hotplug handlers. Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
* comgt: add support of using device symlinks.Nickolay Ledovskikh2016-12-203-0/+5
| | | | | | | It's useful when using multiple usb devices that should be bound to certain usb ports. Symlinks are created by hotplug handlers. Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
* hostapd: remove never-used Package/<name>/DescriptionYousong Zhou2016-12-201-21/+1
| | | | | | | | The build system only accepts Package/<name>/description and since the typoed version virtually has the same content as the TITLE field, remove them altogether Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* mdns: bump to latest git HEADJohn Crispin2016-12-201-2/+2
| | | | | | | | be8ae8d cmake: Search for libjson-c 1fa9077 Fix IPv6 read 846369c Revert "mdnsd: interface: enable looped back messages" Signed-off-by: John Crispin <john@phrozen.org>
* odhcpd: Bump to git HEAD version (various fixes)Hans Dedecker2016-12-171-3/+3
| | | | | | | | | e055530 Don't print non bound assignments in the state file 3af23ad config: Fix RA interface config being overwritten 41b5268 dhcpv6-ia : Fix static DHCPv6 assignments becoming non static be6c515 dhcpv6-ia: Fix assignment of static DHCPv6 leases 374dc3f cmake: Find libubox/uloop.h 01c919c odhcpd: Display infinite valid lifetime as -1
* treewide: clean up download hashesFelix Fietkau2016-12-1646-46/+46
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* odhcp6c: Pass parameters to user dhcpv6 scriptHans Dedecker2016-12-162-3/+3
| | | | | | Pass all the parameters like device, dhcpv6 state to user script Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* map: Have cmake find libubus.hFlorian Fainelli2016-12-161-0/+3
| | | | | | Update CMakeList.txt to look for libubus.h since we depend on it. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* dnsmasq: fix service reloadJohn Crispin2016-12-161-2/+1
| | | | | | | | | | | The SIGHUP also got sent to the reload script making it bail out with an error Revert "dnsmasq: reload config if host name is modified" This reverts commit 854459a2f923376e0e509ebc0fb8ff90e9f13c02. Reported-by: Hans Dedecker <dedeckeh@gmail.com> Signed-off-by: John Crispin <john@phrozen.org>
* odhcpd: update sha256sumHauke Mehrtens2016-12-141-1/+1
| | | | | | | The sha256sum was not updated in the last commit. Fixes: a7c231027 [odhcpd: Fix dnsmasq re-reading hostfile] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* swconfig: replace the shared library with a static oneFelix Fietkau2016-12-142-5/+5
| | | | | | Reduces binary size Signed-off-by: Felix Fietkau <nbd@nbd.name>