aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* base-files: wifi: swap the order of some ubus callsBob Cantor2021-06-281-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | "/sbin/wifi up" makes three ubus calls: 1. ubus call network reload 2. ubus call network.wireless down 3. ubus call network.wireless up The first and third ubus calls call drv_mac80211_setup, while the second ubus call triggers wireless_device_setup_cancel, so the call sequence becomes, 1. drv_mac80211_setup 2. wireless_device_setup_cancel 3. drv_mac80211_setup This commit swaps the order of the first two ubus calls, 1. ubus call network.wireless down 2. ubus call network reload 3. ubus call network.wireless up Consequently drv_mac80211_setup is only called once, and two related bugs (#FS3784 and #FS3902) are no longer triggered by /sbin/wifi. branches affected: trunk, 21.02 Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
* mac80211: print an error if wifi teardown failsBob Cantor2021-06-281-0/+4
| | | | | | | | | drv_mac80211_teardown fails silently if the device to be torn down is not defined. This commit prints an error message. branches affected: trunk, 21.02 Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
* mac80211: always call wireless_set_data (FS#3784)Bob Cantor2021-06-281-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When wifi is turned off, drv_mac80211_teardown sometimes fails (silently) because the device to be torn down is not defined. This situation arises if drv_mac80211_setup was called twice when wifi was turned on. This commit ensures that the device to be torn down is always defined in drv_mac80211_teardown. Steps to reproduce: 1) Use /sbin/wifi to turn on wifi. uci set wireless.@wifi-iface[0].disabled=0 uci set wireless.@wifi-device[0].disabled=0 uci commit wifi 2) Use /sbin/wifi to turn off wifi. uci set wireless.@wifi-device[0].disabled=1 uci commit wifi 3) Observe that wifi is still up. branches affected: trunk, 21.02 Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
* mac80211: fix no_reload logic (FS#3902)Bob Cantor2021-06-281-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If drv_mac80211_setup is called twice with the same wifi configuration, then the second call returns early with error HOSTAPD_START_FAILED. (wifi works nevertheless, despite the fact that setup is incomplete. But "ubus call network.wireless status" erroneously reports that radio0 is down.) The relevant part of drv_mac80211_setup is, if [ "$no_reload" != "0" ]; then add_ap=1 ubus wait_for hostapd local hostapd_res="$(ubus call hostapd config_add "{\"iface\":\"$primary_ap\", \"config\":\"${hostapd_conf_file}\"}")" ret="$?" [ "$ret" != 0 -o -z "$hostapd_res" ] && { wireless_setup_failed HOSTAPD_START_FAILED return } wireless_add_process "$(jsonfilter -s "$hostapd_res" -l 1 -e @.pid)" "/usr/sbin/hostapd" 1 1 fi This commit sets no_reload = 0 during the second call of drv_mac80211_setup. It is perhaps worth providing a way to reproduce the situation where drv_mac80211_setup is called twice. When /sbin/wifi is used to turn on wifi, uci set wireless.@wifi-iface[0].disabled=0 uci set wireless.@wifi-device[0].disabled=0 uci commit wifi /sbin/wifi makes the following ubus calls, ubus call network reload ubus call network.wireless down ubus call network.wireless up The first and third ubus calls both call drv_mac80211_setup, while the second ubus call triggers wireless_device_setup_cancel. So the call sequence becomes, drv_mac80211_setup wireless_device_setup_cancel drv_mac80211_setup In contrast, when LuCI is used to turn on wifi only a single call is made to drv_mac80211_setup. branches affected: trunk, 21.02 Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
* iwinfo: update to the latest versionFelix Fietkau2021-06-281-3/+3
| | | | | | c9b1672f5a83 nl80211: fix path compatibility issue Signed-off-by: Felix Fietkau <nbd@nbd.name>
* zram-swap: clean up the log messagesRui Salvaterra2021-06-271-8/+8
| | | | | | | | Remove redundant tags and name things more consistently. Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com> [removed superflous dash] Signed-off-by: Paul Spooren <mail@aparcar.org>
* zram-swap: set the zram swap priority to 100 by defaultRui Salvaterra2021-06-271-2/+5
| | | | | | | New swap devices are added in decreasing priority order, starting at -1. Make sure the zram swap device has the highest priority, by default. Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* busybox: sysntpd: add trigger to reload serverAlexey Dobrovolsky2021-06-271-2/+22
| | | | | | | | | | | | sysntpd server becomes unavailable if the index of the bound interface changes. So let's add an interface trigger to reload sysntpd. This patch also adds the ability for the sysntpd script to handle uci interface name from configuration. Fixes: 4da60500ebd2 ("busybox: sysntpd: option to bind server to iface") Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com> Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
* dante: move to packages.gitPaul Spooren2021-06-263-207/+0
| | | | | | | Rather than maintaining it in core, move it to packages.git where it's maintained by a community. Signed-off-by: Paul Spooren <mail@aparcar.org>
* Revert "dnsmasq: Update to version 2.86test3"Kevin Darbyshire-Bryant2021-06-262-5/+5
| | | | | | | | This reverts commit 3628870015ef46eacf2c936f36e3c1ed3b4c9855. dnsmasq v2.86test3 has some issues with ubus, so is being reverted. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* Revert "dnsmasq: add config option for connmark DNS filtering"Kevin Darbyshire-Bryant2021-06-261-12/+0
| | | | | | | | | This reverts commit dea4bae7c2b963af02e1e3e3bdb5cd656a5ea3d3. dnsmasq v2.86test3 has some issues with ubus and needs reverting, hence this needs reverting. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* dnsmasq: add config option for connmark DNS filteringEtan Kissling2021-06-261-0/+12
| | | | | | | | This adds uci support to configure connmark based DNS filtering. Signed-off-by: Etan Kissling <etan_kissling@apple.com> (See https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2021q2/015151.html) Signed-off-by: Etan Kissling <etan.kissling@gmail.com>
* dnsmasq: Update to version 2.86test3Etan Kissling2021-06-262-5/+5
| | | | | | | | | | | | | | Need this version to add config option for connmark DNS filtering. Summary of upstream CHANGELOG: * Handle DHCPREBIND requests in the DHCPv6 server code. * Fix bug which caused dnsmasq to lose track of processes forked. * Major rewrite of the DNS server and domain handling code. * Revise resource handling for number of concurrent DNS queries. * Improve efficiency of DNSSEC. * Connection track mark based DNS query filtering. Signed-off-by: Etan Kissling <etan.kissling@gmail.com>
* base-files: fix /tmp/TZ when zoneinfo not installedPaul Spooren2021-06-241-7/+4
| | | | | | | | | | | | The zoneinfo packages are not installed per default so neither /tmp/localtime nor /tmp/TZ is generated. This patch mostly reverts the previous fix and instead incooperates a solution suggested by Jo. Fixes "base-files: fix zoneinfo support " 8af62ed Signed-off-by: Paul Spooren <mail@aparcar.org>
* zram-swap: robustify mkswap/swapon/swapoff invocationRui Salvaterra2021-06-242-36/+13
| | | | | | | | | | | Instead of assuming /sbin contains the correct BusyBox symlinks, directly invoke the busybox executable. The required utilities are guaranteed to be present, since the zram-swap package selects them. Additionally, don't assume busybox resides in /bin, rely on PATH to find it. While at it, update the copyright year, use SPDX and switch to AUTORELEASE. Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* hostapd: add support for providing vendor specific IE elementsFelix Fietkau2021-06-241-1/+4
| | | | | | They can be added as hex digit strings via the 'vendor_elements' option Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: add default_disabled option to the supplicantRaphaël Mélotte2021-06-231-2/+8
| | | | | | | | | | | | | | | | | | | | | | | With the default configuration we generate, the supplicant starts scanning and tries to connect to any open network when the interface is enabled. In some cases it can be desirable to prevent the supplicant from scanning by itself. For example, if on the same radio an AP is configured and an unconfigured STA is added (to be configured with WPS), the AP might not be able to beacon until the STA stops scanning. In such a case, the STA configuration can still be required to set specific settings (e.g. multi_ap_backhaul_sta) so it can't be set to "disabled" in uci (because that would prevent the supplicant from being run at all). The alternative is to add the "disabled" parameter to the default network block in the supplicant configuration. This patch adds a "default_disabled" setting in UCI which, when set, adds the "disabled" parameter to the supplicant default network block. Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
* base-files: fix zoneinfo supportRosen Penev2021-06-231-7/+9
| | | | | | | | | | | | | | | | The system init script currently sets /tmp/localinfo when zoneinfo is populated. However, zoneinfo has spaces in it whereas the actual files have _ instead of spaces. This made the if condition never return true. Example failure when removing the if condition: /tmp/localtime -> /usr/share/zoneinfo/America/Los Angeles This file does not exist. America/Los_Angeles does. Ran through shfmt -w -ci -bn -sr -s Signed-off-by: Rosen Penev <rosenp@gmail.com>
* base-files: bring up vlan interface tooLuiz Angelo Daros de Luca2021-06-221-0/+3
| | | | | | | Vlan subinterface was never brought up when using vlan-based preinit network. Tested forcing ifname="" before preinit_ip() on a Tp-Link Archer C5v4. Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* base-files: failsafe: Remove the VLAN modifier from interface nameHauke Mehrtens2021-06-221-0/+2
| | | | | | | Some interfaces have a VLAN modifier like :t in lan1:t, this modifier should be removed from the interface before calling preinit_ip_config(). Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* base-files: failsafe: Fix IP configurationHauke Mehrtens2021-06-221-3/+9
| | | | | | | | | | | | | Adapt the preinit_config_board() to the board.json network changes. It now looks for the device and the ports variables to configure the LAN network. This works with swconfig configurations. Fixes: FS#3866 Fixes: d42640e389a8 ("base-files: use "ports" array in board.json network for bridges") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Reviewed-by: Rafał Miłecki <rafal@milecki.pl>
* kernel: crypto: limit crypto-hw-hifn-795x to devices with pci supportAleksander Jan Bajkowski2021-06-221-1/+1
| | | | | | | CONFIG_CRYPTO_DEV_HIFN_795X depends on PCI. This driver only makes sense on devices with pci support. Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
* hostapd: make wnm_sleep_mode_no_keys configurableTimo Sigurdsson2021-06-221-3/+7
| | | | | | | | | | | | In the aftermath of the KRACK attacks, hostapd gained an AP-side workaround against WNM-Sleep Mode GTK/IGTK reinstallation attacks. WNM Sleep Mode is not enabled by default on OpenWrt, but it is configurable through the option wnm_sleep_mode. Thus, make the AP-side workaround configurable as well by exposing the option wnm_sleep_mode_no_keys. If you use the option wpa_disable_eapol_key_retries and have wnm_sleep_mode enabled, you might consider using this workaround. Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
* base-files: fix enabled for services with only STOPKarel Kočí2021-06-221-1/+6
| | | | | | | | | | | | | | | There are services that have only STOP value set. They are executed only on shutdown and it is common to use them for system cleanup. There is one such service shipped directly with base-files, it is 'umount'. Those work the same way as those with START but enabled does not report them as enabled although it should have as they can be enabled and disabled as any other service. This also changes check from check for executable to check for symbolic link. The implementation depends on those being links to service file and it is much cleaner and direct to check for them being links. Signed-off-by: Karel Kočí <karel.koci@nic.cz>
* bcm63xx-cfe: update to the latest masterRafał Miłecki2021-06-221-4/+4
| | | | | | e5050f3 linksys: ea9500-v2: add cferam file Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* hostapd: fix handling of the channel utilization optionsTimo Sigurdsson2021-06-211-0/+2
| | | | | | | | | | | | Commit 0a7657c ("hostapd: add channel utilization as config option") added the two new uci options bss_load_update_period and chan_util_avg_period. However, the corresponding "config_add_int" calls for these options weren't added, so attempting to actually use these options and change their values is bound to fail - they always stay at their defaults. Add the missing code to actually make these options work. Fixes: 0a7657c ("hostapd: add channel utilization as config option") Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
* hostapd: make country3 option configurableTimo Sigurdsson2021-06-211-2/+3
| | | | | | | | | The country3 option in hostapd.conf allows the third octet of the country string to be set. It can be used e.g. to indicate indoor or outdoor use (see hostapd.conf for further details). Make this option configurable but optional in OpenWrt. Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
* ustream-ssl: variants conflict with each otherKarel Kočí2021-06-211-1/+3
| | | | | | | | This adds conflicts between variants of libustream pacakge. They provide the same file and thus it should not be possible to install them side by side. Signed-off-by: Karel Kočí <karel.koci@nic.cz>
* grub2: update to 2.06Dirk Neukirchen2021-06-213-59/+19
| | | | | | | | | | | | | | | -300-CVE-2015-8370.patch is upstreamed with different code (upstream id: 451d80e52d851432e109771bb8febafca7a5f1f2) - fixup OpenWrts setup_root patch compile tested: x86_64,i386 runtime tested: VM x86_64,VM i386 - booted fine - grub-editenv worked Signed-off-by: Dirk Neukirchen <plntyk.lede@plntyk.name>
* kernel/modules: make sure igb loads at bootChris Blake2021-06-211-1/+1
| | | | | | | | | | Without loading the igb at boot, the recovery wouldn't have network available. All network drivers should be loaded before etc/board.d/02_network is called. Note that other network drivers already have this set, such as tg3. Fixes: 7e0e5110bc90 ("kernel: add igb kernel module") Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
* uci: add uci_revert functionFlorian Eckert2021-06-212-1/+9
| | | | | | Add missing uci_revert shell function wrapper. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* ath10k-ct: fix typo in MakefileMichael Yartys2021-06-211-1/+1
| | | | | | Add forgotten colon to Makefile. Signed-off-by: Michael Yartys <michael.yartys@protonmail.com>
* qos-scripts: add ifbN device before setting the link upPerry Melange2021-06-212-2/+3
| | | | | | | | | | | | commit 50413e1ec83dedaea44558d5f37af5454156a46a replaced ifconfig with ip. In order to set a link state to up, the interface needs to be added first. Fixes: FS#3754 Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com> [Add Fixes tag] Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* hostapd: add support for setting sae_pweMichael Yartys2021-06-201-1/+3
| | | | | | | | | | | | | Make it possible to specify the SAE mechanism for PWE derivation. The following values are possible: 0 = hunting-and-pecking loop only 1 = hash-to-element only 2 = both hunting-and-pecking loop and hash-to-element enabled hostapd currently defaults to hunting-and-pecking loop only. Signed-off-by: Michael Yartys <michael.yartys@protonmail.com>
* base-files: redirect kill ouptut for ash, telnetd and dropbearFlorian Eckert2021-06-201-3/+3
| | | | | | | | | | | If one of the programmes is not running, then we see the following output in the logs. `killall: telnetd: no process killed` To ensure that the log is clean, redirect the output to /dev/null Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* base-files: remove unused vn and _vn functionFlorian Eckert2021-06-201-8/+0
| | | | | | | The remaining vn calls have been ported to v. Therefore, these functions are no longer needed and will be removed. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* base-files: change logging for upgrade on stage2Florian Eckert2021-06-201-4/+2
| | | | | | | Remove vn call in favour of v call. This commit serves as preparation for removing the vn function call. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* base-files: add syslog logging for v functionFlorian Eckert2021-06-202-1/+2
| | | | | | | | The logging output should not only be displayed in the calling shell session but also in the syslog. A sysupgrade and a configuration import, export can thus be traced in the syslog. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* base-files: upgrade: use zcat command provided by busyboxChuck Fan2021-06-201-1/+1
| | | | | | | | | | | Calling `switch_to_ramfs()` will not copy the gzip executable (/bin/gzip) to ramfs, but `/bin/zcat` will call `/bin/gzip` when package gzip is installed, instead of the busybox-supplied zcat. This will cause `zcat` to fail to find `gzip`, then cause the sysupgrade to fail. Adding the `busybox` prefix here will solve the problem. Signed-off-by: Chuck Fan <fanck0605@qq.com>
* busybox: disable bzip2Sergey Ponomarev2021-06-203-4/+3
| | | | | | | | | | bzip2 adds about 8kb of size. For tiny builds it's often disabled. It's not directly used by stock OpenWrt programs. Kernel images compressed with bzip2 are also not fully supported. Signed-off-by: Sergey Ponomarev <stokito@gmail.com> [fix \ indention] Signed-off-by: Paul Spooren <mail@aparcar.org>
* hostapd: stop advertising 11w featureDobroslaw Kijowski2021-06-202-6/+2
| | | | | | | | | | | | | This is a follow up of 1a9b896d ("treewide: nuke DRIVER_11W_SUPPORT"). LuCI commit ab010406 ("luci-mod-network: skip check for 802.11w feature") skips check of the 11w feature [1]. Now advertising it in hostapd is superfluous so stop doing it. [1]: https://github.com/openwrt/luci/pull/4689 Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com> [remove outdated PKG_RELEASE bump and update to SPDX] Signed-off-by: Paul Spooren <mail@aparcar.org>
* uhttpd: make organization (O=) of the cert configurable via uciMartin Schiller2021-06-202-3/+4
| | | | | | | | Make the organization (O=) of the cert configurable via uci. If not configured, use a combination of "OpenWrt" and an unique id like it was done before. Signed-off-by: Martin Schiller <ms@dev.tdt.de>
* grub2: pass compilation parameters more accurately李国2021-06-201-3/+5
| | | | | | | | | In order for the grub2 boot-related code to compile normally, we have made many adjustments to the compilation parameters. These adjustments are not necessary for tools-related code. We apply these parameter adjustments only to the boot-related code. Signed-off-by: 李国 <uxgood.org@gmail.com>
* grub2: make grub2 tools built in a separate variant李国2021-06-201-2/+6
| | | | | | | | | grub2 boot-related code and tools-related code may require different compilation parameters. We split them into different variants for compilation, so that we can accurately pass the required parameters and avoid causing problems. Signed-off-by: 李国 <uxgood.org@gmail.com>
* grub2: make grub2-bios-setup as a separate package李国2021-06-201-8/+23
| | | | | | | | | | The grub2 and grub2-efi packages should only contain boot-related code. grub-bios-setup is the same as grub-editenv, they are both grub2 tools and should be placed in a separate package. Signed-off-by: 李国 <uxgood.org@gmail.com> [use AUTORELEASE and update to SPDX] Signed-off-by: Paul Spooren <mail@aparcar.org>
* treewide: remove PKG_INSTALL from CMake packagesRosen Penev2021-06-193-5/+0
| | | | | | | | | | | | It's already default with cmake.mk Found with: git grep PKG_INSTALL\: | cut -d ':' -f 1 | sort -u > ins git grep cmake.mk | cut -d ':' -f 1 > cmake comm -1 -2 ins cmake Signed-off-by: Rosen Penev <rosenp@gmail.com>
* treewide: remove BUILD_PARALLEL from CMake packagesRosen Penev2021-06-1910-15/+0
| | | | | | | | | | | | | It's already default. The only exception is mt76 which has Ninja disabled. Found with: git grep BUILD_PARALLEL | cut -d ':' -f 1 | sort -u > par git grep cmake.mk | cut -d ':' -f 1 > cmake comm -1 -2 par cmake Signed-off-by: Rosen Penev <rosenp@gmail.com>
* mac80211: fix an issue with wds links on 802.11ax devicesFelix Fietkau2021-06-191-0/+51
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: remove extra patch accidentally added during rebaseFelix Fietkau2021-06-181-888/+0
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: remove patches stripping down crypto supportFelix Fietkau2021-06-1812-978/+895
| | | | | | | | Use of WPA3 and things like FILS is getting much more common, and platforms that can't affort the extra kilobytes for this code are fading away. Let's not hold back modern authentication methods any longer Signed-off-by: Felix Fietkau <nbd@nbd.name>