Simon Wunderlich [Sat, 6 Apr 2024 08:39:41 +0000 (10:39 +0200)]
Merge pull request #1057 from ecsv/batadv-for-22.03
openwrt-22.03: batman-adv: Avoid infinite loop trying to resize local TT
Sven Eckelmann [Fri, 5 Apr 2024 19:55:06 +0000 (21:55 +0200)]
batman-adv: Avoid infinite loop trying to resize local TT
If the MTU of one of an attached interface becomes too small to transmit
the local translation table then it must be resized to fit inside all
fragments (when enabled) or a single packet.
But if the MTU becomes too low to transmit even the header + the VLAN
specific part then the resizing of the local TT will never succeed. This
can for example happen when the usable space is 110 bytes and 11 VLANs are
on top of batman-adv. In this case, at least 116 byte would be needed.
There will just be an endless spam of
batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (110)
in the log but the function will never finish. Problem here is that the
timeout will be halved all the time and will then stagnate at 0 and
therefore never be able to reduce the table even more.
There are other scenarios possible with a similar result. The number of
BATADV_TT_CLIENT_NOPURGE entries in the local TT can for example be too
high to fit inside a packet. Such a scenario can therefore happen also with
only a single VLAN + 7 non-purgable addresses - requiring at least 120
bytes.
While this should be handled proactively when:
* interface with too low MTU is added
* VLAN is added
* non-purgeable local mac is added
* MTU of an attached interface is reduced
* fragmentation setting gets disabled (which most likely requires dropping
attached interfaces)
not all of these scenarios can be prevented because batman-adv is only
consuming events without the the possibility to prevent these actions
(non-purgable MAC address added, MTU of an attached interface is reduced).
It is therefore necessary to also make sure that the code is able to handle
also the situations when there were already incompatible system
configuration are present.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Simon Wunderlich [Mon, 5 Feb 2024 09:54:16 +0000 (10:54 +0100)]
Merge pull request #1047 from ecsv/batadv-for-22.03
openwrt-22.03: batman-adv: Provide teardown hook for batadv_vlan proto
Sven Eckelmann [Mon, 5 Feb 2024 07:52:23 +0000 (08:52 +0100)]
batman-adv: Provide teardown hook for batadv_vlan proto
The batadv_vlan proto doesn't need to do anything when it gets teared down.
But the scripts are still trying to call the teardown function of this
proto. This results in warnings like:
daemon.notice netifd: batmesh1 (18940): ./batadv_vlan.sh: eval: line 37: proto_batadv_vlan_teardown: not found
Just providing a stub function avoids this log spam.
Fixes: #1044
Reported-by: Rani Hod <rani.hod@gmail.com>
Fixes: f5205d7d2434 ("batman-adv: upgrade package to latest release 2014.2.0")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Simon Wunderlich [Sun, 4 Feb 2024 10:52:39 +0000 (11:52 +0100)]
Merge pull request #1042 from ecsv/batadv-for-22.03
openwrt-22.03: batctl: Merge bugfixes from 2024.0
Sven Eckelmann [Fri, 2 Feb 2024 21:59:34 +0000 (22:59 +0100)]
batctl: Merge bugfixes from 2024.0
* tcpdump: Fix missing sanity check for batman-adv header
* tcpdump: Add missing throughput header length check
* tcpdump: Fix IPv4 header length check
* tcpdump: Add missing ICMPv6 Neighbor Advert length check
* tcpdump: Add missing ICMPv6 Neighbor Solicit length check
* tcpdump: Fix ICMPv4 inner IPv4 header length check
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 3 Feb 2024 07:56:13 +0000 (08:56 +0100)]
treewide: remove AUTORELEASE
Automatically compute and substitute current values for all
$(AUTORELEASE) instances as this feature is deprecated and shouldn't be
used. Since commit
2584b0cecae ("CI: deprecate $(AUTORELEASE) via
comments"), this is even announced by the CI
The following temporary change was made to the core:
diff --git a/rules.mk b/rules.mk
index
57d7995d4fa8..
f16367de87a8 100644
--- a/rules.mk
+++ b/rules.mk
@@ -429,7 +429,7 @@ endef
abi_version_str = $(subst -,,$(subst _,,$(subst .,,$(1))))
COMMITCOUNT = $(if $(DUMP),0,$(call commitcount))
-AUTORELEASE = $(if $(DUMP),0,$(call commitcount,1))
+AUTORELEASE = $(if $(DUMP),0,$(shell sed -i "s/\$$(AUTORELEASE)/$(call commitcount,1)/" $(CURDIR)/Makefile))
all:
FORCE: ;
And this command used to fix affected packages:
./scripts/feeds install -a routing
for i in $(cd feeds/routing; git grep -l 'PKG_RELEASE:=.*AUTORELEASE' | \
sed 's^.*/\([^/]*\)/Makefile^\1^';);
do
make package/${i%/Makefile}/download
done
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Moritz Warning [Tue, 10 Oct 2023 18:51:00 +0000 (20:51 +0200)]
nodogsplash: explicit file copy
Signed-off-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit
2a725e7cbec6645f55d6104dee17b673b142cba8)
Moritz Warning [Mon, 9 Oct 2023 22:35:21 +0000 (00:35 +0200)]
nodogsplash: update to version 5.0.2
Fix a buffer overflow in case the
query string is too long.
Signed-off-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit
fe1c67fb3d83089210d5b45bc35eb7d7393aeb1f)
Josef Schlehofer [Thu, 28 Sep 2023 07:31:02 +0000 (09:31 +0200)]
bmx6: drop package
This package is no longer maintained by us or by upstream developers.
The last version in the GitHub repository is from 2020 with no activity so far.
We are using version 0.1-alpha.
Because LuCI app is vulnerable to several CVEs and DependencyBot still
sends emails about it, let's drop it.
If anyone wants, they can use bmx7.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
9fb9d9343ea27d6dbb5008ece10c0c843dd2c781)
Josef Schlehofer [Thu, 28 Sep 2023 07:34:27 +0000 (09:34 +0200)]
luci-app-bmx6: drop this because of security vulnerabilities
DependencyBot, which are using is sending us emails about these CVEs:
CVE-2012-6708
CVE-2020-23064
CVE-2019-11358
This was reported to maintainer in April 2023, but no one stepped it to fix that,
so let's drop this.
Replacement could be luci-app-bmx7.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
c2124dd2ad542f526ee84e1984f03dd2f5b34dfe)
Rob White [Mon, 28 Aug 2023 15:19:06 +0000 (16:19 +0100)]
opennds: update to version 10.1.3
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03
Description:
opennds (10.1.3)
Security Advisory. This version contains fixes for multiple potential security vulnerabilities
Credit - Stanislav Dashevskyi - standash.github.io [standash]
It also contains some minor bug fixes
* Fix - Buffer overflow causing segfault - CVE-2023-41101 [bluewavenet]
* Fix - Memory leaks due to passing allocated buffer into safe_asprintf() - CVE-2023-41102 [bluewavenet]
* Fix - Remove deprecated preauth option [bluewavenet]
* Fix - missing free in show_preauth_page if MHD does not respond [bluewavenet]
* Fix - more safe_asprintf memory leaks [bluewavenet]
* Fix - missing free for mark_auth [bluewavenet]
* Fix - memory leak after starting authmon daemon [bluewavenet]
* Fix - memory leak in encode_and_redirect_to_splashpage [bluewavenet]
* Fix - Community themespec, voucher css and logo image [bluewavenet]
* Fix - ThemeSpec, path to logo in page footer [bluewavenet]
* Fix - ensure gatewayurl is urldecoded to fix broken css and images in themespec [bluewavenet]
* Add - set default fas remote fqdn to disabled [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
88c98c910acccab694b3afb6d36d70ca429118a6)
Jeffery To [Fri, 2 Jun 2023 14:04:38 +0000 (22:04 +0800)]
CI: Sort build architectures in alphabetical order
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
06b7d9b665d6299571a305b49e1bc159290d16cd)
Christian Marangi [Fri, 26 May 2023 12:43:12 +0000 (14:43 +0200)]
CI: add concurrency rules to skip redundant build
Add concurrency rules to skip redundant build to skip extra build test
on force push on pull request.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
5aa683be13c9b1f4a2bdb09ec0481b7cd546dd77)
Jeffery To [Wed, 10 May 2023 06:10:37 +0000 (14:10 +0800)]
CI: Do package run-tests only if target packages were built
Currently, the package run-test phase will fail for PRs that only
add/update host-only packages, as no target packages (*.ipk) are built.
This checks if any target packages are built before attempting the
run-tests.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
299ee2b1cfd20a7c9d31e8024b4333e8da035af3)
Jeffery To [Wed, 10 May 2023 05:51:59 +0000 (13:51 +0800)]
CI: Run "apt-get update" before installing signify-openbsd
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
89cf0d561977c028b45e5ab6db1b34dab27b9a11)
Van Waholtz [Mon, 1 May 2023 11:04:24 +0000 (19:04 +0800)]
CI: Enable runtime_test for mips_24kc
Signed-off-by: Van Waholtz <brvphoenix@gmail.com>
(cherry picked from commit
28d204148a7cad8f1ee903bf6af4dae234b28119)
Gerard Ryan [Sat, 29 Apr 2023 06:25:49 +0000 (16:25 +1000)]
cache-domains: added pre-test.sh CI step
Some packages variants have conflicting dependencies with the
base packages and the CI test will fail to install before anything
can be done by the packages to setup the system for install.
This change adds a pre-test.sh that runs before the install so things
like the default libustream variant can be swapped out as shown in the
updated cache-domains.
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
(cherry picked from commit
61997c86b01c83320a2cbb1b490941a8af741253)
Jeffery To [Wed, 22 Mar 2023 07:46:13 +0000 (15:46 +0800)]
CI: Add local feed for CI-built packages
To test each package, the CI-built target package (ipk) file is
installed, but currently the target package's dependencies are installed
from the standard opkg feeds.
There are cases when the CI-built target packages should be
installed/tested together:
* If a pull request contains several new packages that depend on each
other, the test step will fail as the new dependencies cannot be found
in the current packages feed.
* If a pull request upgrades a source package that builds several target
packages that depend on each other, the test step may fail due to the
version/ABI mismatch between a newer target package and the older
dependencies installed from the packages feed.
This sets up a local feed for the CI-built packages so that dependencies
are also installed from the same set of packages.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
f818fe716ea126dd8240c9600f92e5b412d59060)
Jeffery To [Tue, 21 Mar 2023 06:41:48 +0000 (14:41 +0800)]
CI: Add --autoremove, ignore removal errors
836b4e1c734f9705bfd8db0da0c04214c2647932 added
--force-removal-of-dependent-packages but it does not do what the commit
message says it does.
When package A depends on package B (package B is a dependency of
package A; package A is a dependent of package B), trying to remove
package B while package A is installed will result in an error. Adding
--force-removal-of-dependent-packages in this case will cause the
removal of package B and package A (package B's dependent).
But in the case of the CI testing step, it is package A that is being
installed and removed. Removing package A with
--force-removal-of-dependent-packages will not cause package B (package
A's dependency) to be removed.
This adds --autoremove to actually remove the package's dependencies.
This also ignores any errors returned by opkg remove as --autoremove can
sometimes falsely return an error[1].
[1]: https://github.com/openwrt/openwrt/issues/12241
Fixes: 836b4e1c734f ("github-ci: add --force-removal-of-dependent-packages")
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
53a53b8ee38d79083ff59e656798948f9b0a7e68)
Tianling Shen [Thu, 9 Mar 2023 06:17:35 +0000 (14:17 +0800)]
CI: update build architectures
Removed arc_archs - archs38 was marked as source-only [1].
Renamed powerpc_8540 to powerpc_8548 [2].
1. https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=
c01641bcc7236d2e2de3ea65444b0cf2898df351
2. https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=
2cad88b99fdae9766de84e6c1cb56f111eb53748
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
7928f7d3990c7bae097224d90c28590a45405686)
Paul Spooren [Thu, 1 Dec 2022 20:02:10 +0000 (21:02 +0100)]
ci: only comment AUTORELEASE deprecation if exists
If it doesn't exists, don't confuse the contributors.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
b3b01af314ec675b0b2ee0497a7b9c90d2e9e631)
Paul Spooren [Wed, 16 Nov 2022 18:06:20 +0000 (19:06 +0100)]
CI: deprecate $(AUTORELEASE) via comments
Autorelease causes some issues like heavy bandwidth usage as well as
non-deterministic package releases whenever someone doesn't use the full
git log.
With this comment all modified packages are checked and if they use
the autorelease feature, kindly comment to the user to change that.
Signed-off-by: Paul Spooren <paul.spooren@rhebo.com>
[ move check to separate workflow to handle ci limitation ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
c993ee8a893c04baef602574ca9353ce4c72e11e)
Josef Schlehofer [Fri, 3 Mar 2023 10:04:50 +0000 (11:04 +0100)]
ci: change default packages
Since this file was taken from packages repository, it tries to compile
packages from that repository as fallback if changes are not detected.
Let's change these packages to some, which are present in this
repository, so they will be compiled as test.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
c9a8f2d03226191111b95890302cb7e1ff18c11e)
Alois Klink [Wed, 23 Nov 2022 18:37:01 +0000 (18:37 +0000)]
github-ci: error on any shell errors
Enable `errexit` and `nounset` [POSIX shell options][1]
in `.github/workflows/entrypoint.sh` so that the script fails
if any command within the script fails.
[1]: https://pubs.opengroup.org/onlinepubs/
9699919799//utilities/V3_chap02.html#set
Reported-by: Marius Dinu <m95d+git@psihoexpert.ro>
Fixes: https://github.com/openwrt/packages/issues/19953
Signed-off-by: Alois Klink <alois@aloisklink.com>
(cherry picked from commit
03ca0722f73c8121521ff59ca9a4ad6358b6a262)
Christian Marangi [Tue, 25 Oct 2022 09:03:01 +0000 (11:03 +0200)]
ci: update github actions to v3
Update checkout and upload-artifact action to v3 to mute nodejs
deprecation warning.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
52570d4242822e3db678f5484c2ca3e72f485d52)
(cherry picked from commit
5d87b956975034d74a40385646a7d358722c0eb3)
Jeffery To [Tue, 31 May 2022 07:02:04 +0000 (15:02 +0800)]
ci: Use openwrt/gh-action-sdk@v5
The previous build errors with v5 have been fixed. This version builds
packages as a normal user instead of as root.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
e2d72c57756751230d61bd7a738a35dad912e644)
Simon Wunderlich [Wed, 23 Aug 2023 06:47:03 +0000 (08:47 +0200)]
Merge pull request #1017 from ecsv/batadv-for-22.03
openwrt-22.03: batman-adv: Fix lock assert after fragmentation change
Sven Eckelmann [Tue, 22 Aug 2023 16:26:35 +0000 (18:26 +0200)]
batman-adv: Fix lock assert after fragmentation change
The automatic recalculation of the maximum allowed MTU is usually triggered
by code sections which are already rtnl lock protected by callers outside
of batman-adv. But when the fragmentation setting is changed via
batman-adv's own batadv genl family, then the rtnl lock is not yet taken.
But dev_set_mtu requires that the caller holds the rtnl lock because it
uses netdevice notifiers. And this code will then fail the check for this
lock:
RTNL: assertion failed at net/core/dev.c (1953)
Fixes: 12577be7ed67 ("batman-adv: Merge bugfixes from 2023.2")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Simon Wunderlich [Fri, 18 Aug 2023 15:40:12 +0000 (17:40 +0200)]
Merge pull request #1014 from ecsv/batadv-for-22.03
openwrt-22.03: batman-adv: Merge bugfixes from 2023.2
Sven Eckelmann [Fri, 18 Aug 2023 13:52:18 +0000 (15:52 +0200)]
batman-adv: Merge bugfixes from 2023.2
* Broken sync while rescheduling delayed work
* compat: Use native kstrtox.h for 5.10.185
* Do not get eth header before batadv_check_management_packet
* Trigger events for auto adjusted MTU
* Don't increase MTU when set by user
* Fix TT global entry leak when client roamed back
* Fix batadv_v_ogm_aggr_send memory leak
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Rob White [Sun, 6 Aug 2023 09:09:06 +0000 (10:09 +0100)]
mesh11sd: update to version 2.0.0
Maintainer: Rob White rob@blue-wave.net
Compile tested: All
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64, on 21.02, 22.03 and snapshot.
Description:
mesh11sd (2.0.0)
This release contains new functionality.
Autonomous portal mode is introduced. This simplifies the rollout of meshnodes allowing a common configuration to be used on all nodes.
Remote administration is introduced, allowing files to be copied and terminal sessions to be opened on established meshnodes, identifying remote nodes by mac address.
* Add - Update config file [bluewavenet]
* Add - implementation of remote copy [bluewavenet]
* Add - implementation of remote connect [bluewavenet]
* Add - Autonomous portal mode [bluewavenet]
-- Rob White dot@blue-wave.net Mon, 31 Jul 2023 16:59:52 +0000
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
5beb3be9b86ddd1e859dd9ad38d1fb9a1a32dc65)
Moritz Warning [Thu, 27 Jul 2023 19:03:57 +0000 (21:03 +0200)]
nodogsplash: remove opennds from conflicts
OpenNDS lists nodogsplash a conflict as well.
This causes a circular reference that is not allowed.
Signed-off-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit
967dde509b90c2166773ec672b2e8e8b81b6288a)
Moritz Warning [Sat, 22 Jul 2023 17:12:29 +0000 (19:12 +0200)]
nodogsplash: update to 5.0.1
Signed-off-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit
91e07907fafa7ca442c3710799352782f4f0201a)
Rob White [Sat, 29 Jul 2023 18:26:10 +0000 (19:26 +0100)]
opennds: Release v10.1.2
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03
Description:
opennds (10.1.2)
Security Advisory. This version contains fixes for multiple potential security vulnerabilities
Credit - Stanislav Dashevskyi - standash.github.io [standash]
It also contains some minor bug fixes
* Fix - Generate unique sha256 faskey if not set in config - CVE-2023-38324 [bluewavenet]
* Fix - NULL pointer dereference if user_agent is NULL - CVE-2023-38320, CVE-2023-38322 [bluewavenet]
* Fix - NULL pointer dereference if authdir is called with an incomplete or missing query string - CVE-2023-38313, CVE-2023-38314, CVE-2023-38315 [bluewavenet]
* Fix - remove deprecated and non-functioning unescape callback - CVE-2023-38316 [bluewavenet]
* Fix - prevent potential recursive dependency and detect if conflicting package is installed [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
3eb9aa30566eb34608e6aacc55157dad46550a6a)
Rob White [Fri, 14 Jul 2023 20:32:34 +0000 (21:32 +0100)]
opennds: Release v10.1.1
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03
opennds (10.1.1)
* This version contains some minor bug fixes and documentation updates
* Fix - send only contents of buffer, not entire buffer when serving page511 [bluewavenet]
* Fix - Set fas_remotefqdn to gw_fqdn when overriding FAS settings [bluewavenet]
* Fix - use absolute path for css and images in ThemeSpec [bluewavenet]
* Fix - revert to old option names without underscores [bluewavenet]
* Fix - FAS URL when fas_remotefqdn is not set [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
26f5f0f812c73a3d26f9643fbd3da7f56f5e9a8a)
Rob White [Mon, 19 Jun 2023 08:11:43 +0000 (09:11 +0100)]
opennds: Release v10.1.0
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03
opennds (10.1.0)
This version is a major upgrade including full migration to nftables
and native uci configuration support even for generic Linux distributions.
It also includes a significant refactoring of inbuilt memory management,
improving long term reliability, fixing several memory leaks, buffer overflows and several edge case crashes.
* Add - support for included custom binauth script [bluewavenet]
* Add - emit a useful stderr message if auth_restore fails [bluewavenet]
* Add - procd respawn threshold, respawn timeout and respawn retry parameters [bluewavenet]
* Add - user friendly commandline message if already running [bluewavenet]
* Fix - Enabling of Data volume quotas [bluewavenet]
* Fix - use get_list_from_config instead of get_option_from_config [bluewavenet]
* Fix - compiler warning - unused variable [bluewavenet]
* Fix - remove redundant function call ipsetconf [bluewavenet]
* Fix - walledgarden for both nftset and ipset on OpenWrt [bluewavenet]
* Add - more meaningful output if attempt is made to restart when already running [bluewavenet]
* Fix - resolve gatewayfqdn after startup [bluewavenet]
* Fix - Choose forground or background running according to commandline arguments [bluewavenet]
* Fix - remove superfluous debug message [bluewavenet]
* Fix - replace sleep with procd_set_param term_timeout [bluewavenet]
* Fix - make option enabled default to enabled [bluewavenet]
* Fix - report authmon pid instead of opennds pid from authmon [bluewavenet]
* Fix - ensure correct pid obtained for opennds [bluewavenet]
* Add - StartLimitIntervalSec and StartLimitBurst to systemd service script [bluewavenet]
* Fix - refactor remote downloads [bluewavenet]
* Fix - suppress error message on ipset test failure [bluewavenet]
* Fix - send non-syslog debug information to stdout by default [bluewavenet]
* Add - C function to check heartbeat watchdog [bluewavenet]
* Fix - Update generic Linux makefile [bluewavenet]
* Fix - remove redundant ruleset struct definition [bluewavenet]
* Fix - potential buffer overflow issue during config stage [bluewavenet]
* Fix - remove unnecessary calls to free() in page 404 processing [bluewavenet]
* Fix - remove redundant code from fw_iptables [bluewavenet]
* Add - updates to binauth_log script [bluewavenet]
* Add - updates for service startup, systemd and procd [bluewavenet]
* Add - refactoring of commandline processing [bluewavenet]
* Fix - remove debugging message [bluewavenet]
* Fix - typo in client ruleset [bluewavenet]
* Add - Refactor to use uci config directly even for Generic Linux [bluewavenet]
* Add - Parsing for multi item lists with spaces in items [bluewavenet]
* Add - use common library call get_option_fom_config [bluewavenet]
* Add - support for direct use of uci format config file - string and integer parameters [bluewavenet]
* Fix - Remove deprecated syslog_facility config setting [bluewavenet]
* Add - thread busy message to ndsctl [bluewavenet]
* Add - refactor configure_log_location [bluewavenet]
* Fix - suppress LOG_NOTICE message when getting mac of interface [bluewavenet]
* Fix - ndsctl error message [bluewavenet]
* Fix - get_client_interface for levels 2 and 3 [bluewavenet]
* Add - use common library write_log function [bluewavenet]
* Add - Refactor memory management [bluewavenet]
* Fix - fix and refactor upload rate limiting rules [bluewavenet]
* Fix - Change a debug message from err to info [bluewavenet]
* Add - refine common buffer sizes [bluewavenet]
* Add - use initialised heap memory for redirect_to_splashpage [bluewavenet]
* Add - user message to themespec [bluewavenet]
* Add - auth_restore support ie reauth clients after a restart by default. [bluewavenet]
* Add - Library call to preemptively re-auth clients after a restart or crash [bluewavenet]
* Add - BinAuth, write an authenticated clients list [bluewavenet]
* Add - library call "check_heartbeat" [bluewavenet]
* Fix - Tidy up redundant code [bluewavenet]
* Fix - change warning message to debug message when iw not installed [bluewavenet]
* Add - library call to log to syslog [bluewavenet]
* Fix - use initialised heap memory for client list entries [bluewavenet]
* Fix - ignore legacy ipset firewall rule [bluewavenet]
* Fix - refactor memory management for MHD calls - use heap memory for buffers etc [bluewavenet]
* Fix - missing free causing memory leak [bluewavenet]
* Fix - predefine and initialise buffer for send_redirect_temp [bluewavenet]
* Add - support protocol "all" in firewall ruleset [bluewavenet]
* Add - pre-allocation of initialised buffers [bluewavenet]
* Fix - prevent buffer overrun on removing client [bluewavenet]
* Add - update MHD connection timeout and connection limit [bluewavenet]
* Add - chain ndsDLR for dynamic client download rate limiting rules [bluewavenet]
* Add - Use Internal Polling Thread / Thread Per Connection in MHD [bluewavenet]
* Add - some new default values [bluewavenet]
* Fix - remove some redundant code and fix some compiler warnings [bluewavenet]
* Fix - remove redundant library command string [bluewavenet]
* Fix - Tidy up redundant iptables code [bluewavenet]
* Add - convert trusted client support to nftables [bluewavenet]
* Add - refer to nftables [bluewavenet]
* Add - move code for generating authentication mark string to initial setup [bluewavenet]
* Add - full nftset support with ipset import where required [bluewavenet]
* Add - nftset support library calls [bluewavenet]
* Add - ipset_to_nftset library call [bluewavenet]
* Add - support for nftables version of append_ruleset and nftables_compile [bluewavenet]
* Fix - buffer overflow in page_511 generation [bluewavenet]
* Add - more nftables migration including rate quotas [bluewavenet]
* Fix - change GatewayInterface to lower case [bluewavenet]
* Add - upload and download limiting client flags for future use [bluewavenet]
* add - lib calls "pad_string" and "replace_client_rule" [bluewavenet]
* Add - further nftables migration [bluewavenet]
* Fix - correctly parse options from legacy conf file [bluewavenet]
* Fix - some compiler warnings and set min iptables version [bluewavenet]
* Add - Generic Linux configure walledgarden [bluewavenet]
* Add - Implementation of nftsets for walledgarden [bluewavenet]
* Add - migration to nftables, next phase. [bluewavenet]
* Add - library function delete_client_rule [bluewavenet]
* Fix - remove duplicate definition [bluewavenet]
* Add - First stage migration to nftables [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
7b1911020b335492ecfd02f39fb0a4f1911b23db)
Bradford Zhang [Thu, 29 Jun 2023 16:03:37 +0000 (00:03 +0800)]
bird2: bump to version 2.13.1
Signed-off-by: Bradford Zhang <zyc@zyc.name>
(cherry picked from commit
d98b9b50521cbef56a92821ba67ae1cef2b2e6d5)
Bradford Zhang [Sat, 13 May 2023 13:55:27 +0000 (21:55 +0800)]
bird2: bump to version 2.13
Signed-off-by: Bradford Zhang <zyc@zyc.name>
(cherry picked from commit
6410411b123d57a07546c0cb056dca86e94e10dc)
Josef Schlehofer [Thu, 9 Mar 2023 08:20:19 +0000 (09:20 +0100)]
Merge pull request #957 from rogerpueyo/openwrt-22.03-backport-bird1-fixes
Backport bird1-openwrt fixes to 22.03
Roger Pueyo Centelles [Sun, 26 Feb 2023 16:18:19 +0000 (17:18 +0100)]
bird1: fix "Form token mismatch" errors in luci-app-bird1-ipv{4,6}
The "Filters", "Functions" and "Status" sections of the web interfaces
for both Bird4 and Bird6 threw the following error upon performing any
action:
Form token mismatch
The submitted security token is invalid or already expired!
Changing their entry types from "cbi" to "form" fixes them.
Fixes #922.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit
c37fbab8f5e3af0843cf1bef5aa199a0c0db245b)
Roger Pueyo Centelles [Sun, 26 Feb 2023 16:02:08 +0000 (17:02 +0100)]
bird1: rename get_bool() to get_a_bool() in bird{4,6}-lib.sh
This patch renames the get_bool() function, implemented in the
bird4-lib.sh and bird6-lib.sh files (respectively, for the IPv4 and
the IPv6 versions of the package), as well as all the calls to it.
This way, we avoid a function name collision with the one provided by
file /lib/functions.sh, which is slightly different and caused an
out-of-memory error when parsing the bird4/bird6 UCI config files.
Fixes #920.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit
d32f93e0499164ac171228bbb6e8a5b17b8785fe)
Roger Pueyo Centelles [Fri, 3 Mar 2023 09:13:32 +0000 (10:13 +0100)]
bird1-openwrt: fix Makefile issues
This commit replaces the deprecated licensing text with an SPDX license
identifier, and removes tab indentations in the conffiles sections.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit
6697ca291f97438e937897d73acc46a29d7dc9f4)
Roger Pueyo Centelles [Tue, 13 Dec 2022 15:53:04 +0000 (16:53 +0100)]
bird1-openwrt: use a single Makefile for IPv4 and IPv6 packages
Having two Makefile files, respectively in the bird1-openwrt-ipv4 and
bird1-ipv6-openwrt folders, made the CI tests fail at the time of
building the packages, due to a compilation error. This patch merges
both Makefile files into a single one. As a result, package compilation
succeeds during the CI tests.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit
914c27aeb66b21c7510e376625e9ec386a56ee35)
Bradford Zhang [Tue, 21 Feb 2023 04:53:55 +0000 (12:53 +0800)]
bird2: bump to version 2.0.12
Signed-off-by: Bradford Zhang <zyc@zyc.name>
(cherry picked from commit
7d6f3c049226cae454b0a0f45c16dd170f5006e9)
Nick Hainke [Fri, 10 Feb 2023 07:18:13 +0000 (08:18 +0100)]
babeld: remove AUTORELEASE
AUTOREMOVE is now deprecated.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
20e1b16a97ff7d152ea5f9ce34faf7503aba8e4a)
Nick Hainke [Tue, 7 Feb 2023 15:18:17 +0000 (16:18 +0100)]
babeld: update to 1.12.2
Release announcement:
https://alioth-lists.debian.net/pipermail/babel-users/2023-February/004038.html
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
bb65c3a18d509874b6b4c6bbb1ad779ae667c0ed)
Rob White [Mon, 23 Jan 2023 16:45:31 +0000 (16:45 +0000)]
opennds: Release v9.10.0
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 22.03
opennds (9.10.0)
* This version adds new functionality, and fixes some issues
* Fix - unable to read client upload traffic volume on some versions of iptables-nft (generic Linux) [bluewavenet]
* Fix - compatibility with bash shell on generic Linux [bluewavenet]
* Fix - compiler warning, unused variable [bluewavenet]
* Fix - silently continue if fw4 table is not found [bluewavenet]
* Add - Start daemon earlier on boot [bluewavenet]
* Fix - compatibility with legacy iptables packages [bluewavenet]
* Add - call to delete nft chains [bluewavenet]
* Fix - stop using legacy INPUT and FORWARD chains [bluewavenet]
* Add - watchdog restart if openNDS nftables ruleset is missing [bluewavenet]
* Add - automated rule setting/deleting for users_to_router [bluewavenet]
* Add - Change fwhook to add users to router rule to fw4 on OpenWrt [bluewavenet]
* Add - Set allow or passthrough mode for users_to_router rules [bluewavenet]
* Fix - set fwhook default to disabled to prevent restart on hotplug event [bluewavenet]
* Fix - fas-aes-https description comments [bluewavenet]
* Fix - icon overspill on splash pages [bluewavenet]
* Fix - missing config option in community script [bluewavenet]
* Fix - urlencode handling of "$" character and add htmlentity encode/decode library call [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
18168b34682cd7cd159c151c248350bc6f5649ff)
Bradford Zhang [Wed, 21 Dec 2022 09:07:37 +0000 (17:07 +0800)]
bird2: bump to version 2.0.11
Signed-off-by: Bradford Zhang <zyc@zyc.name>
Rob White [Sat, 19 Nov 2022 08:25:39 +0000 (08:25 +0000)]
opennds: Release v9.9.1
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 22.03
opennds (9.9.1)
* This version fixes some issues
* Fix - minimalise deprecated legacy .conf file
* Fix - Prevent rate limit refresh if rate limit is set to 0 [bluewavenet]
* Fix - Mute some unneccessary debug messages [bluewavenet]
* Fix - do not write unconfigured (null) parameters to client id file (cidfile) [bluewavenet]
* Fix - Prevent error "Command process exited due to signal 13" when executing an external script [bluewavenet]
* Fix - use WTERMSIG() return code for _execute_ret when execute fails [bluewavenet]
* Fix - use correct response type for error 503 [bluewavenet]
* Update Makefile description [bluewavenet]
* Add - Community Local FAS install script [bluewavenet]
* Update - Mention TCP port 80 requires AutonomousWG [afriza]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
6c31b5bd1c5c27deff7bcb9393abd15f741606e8)
Simon Wunderlich [Fri, 11 Nov 2022 15:48:38 +0000 (16:48 +0100)]
Merge pull request #918 from ecsv/batadv-for-22.03
openwrt-22.03: batman-adv: Merge bugfixes from 2022.3
Sven Eckelmann [Thu, 10 Nov 2022 20:31:49 +0000 (21:31 +0100)]
batman-adv: Merge bugfixes from 2022.3
* Fix hang up with small MTU hard-interface
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Simon Wunderlich [Mon, 24 Oct 2022 08:44:32 +0000 (10:44 +0200)]
Merge pull request #913 from ecsv/batadv-for-22.03
openwrt-22.03: alfred/batman-adv: Rebuild on CONFIG*_ALFRED_*/CONFIG_BATMAN_ADV_ changes
Sven Eckelmann [Sun, 23 Oct 2022 07:56:15 +0000 (09:56 +0200)]
alfred: Rebuild on CONFIG*_ALFRED_* changes
The buildsystem doesn't know that the Package/*/config kconfig symbols are
related to the alfred package build. It is necessary to explicitly define it
via PKG_CONFIG_DEPENDS.
Fixes: f76074d42429 ("alfred: add alfred 2013.3.0 to feed")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sun, 23 Oct 2022 07:56:15 +0000 (09:56 +0200)]
batman-adv: Rebuild on CONFIG_BATMAN_ADV_* changes
The buildsystem doesn't know that the KernelPackage/*/config kconfig
symbols are related to the batman-adv package build. It is necessary to
explicitly define it via PKG_CONFIG_DEPENDS.
Fixes: 522ce8dfdb7f ("batman-adv: rename folder name to match project & package name")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Rob White [Sun, 9 Oct 2022 12:32:45 +0000 (13:32 +0100)]
opennds: Release v9.9.0
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 22.03
opennds (9.9.0)
* This version adds new functionality, and fixes some issues
* Add - Community ThemeSpec to support legacy splash.html [bluewavenet]
* Fix - ensure nat_traversal_poll_interval defaults to 10 seconds [bluewavenet]
* Add - process send_to_fas_deauthed and send_to_fas_custom in fas-aes-https [bluewavenet]
* Add - support for send_to_fas_deauthed library call in binauth_log.sh [bluewavenet]
* Add - heartbeat file containing timestamp [bluewavenet]
* Add - send_to_fas_deauthed and send_to_fas_custom library calls [bluewavenet]
* Add - Save authmon daemon startup arguments for libopennds [bluewavenet]
* Fix - potential divide by zero errors [bluewavenet]
* Add - option nat_traversal_poll_interval [bluewavenet]
* Add - Library calls for urlencode and urldecode[bluewavenet]
* Fix - Don't download remotes if ThemeSpec not configured [bluewavenet]
* Add - Error report in syslog if dhcp database is not found [bluewavenet]
* Add - library calls, deauth and daemon_deauth [bluewavenet]
* Fix - change WTERMSIG log from WARNING to NOTICE [bluewavenet]
* Add - Set minimum bucket size to 5 regardless of configured bucket ratio [bluewavenet]
* Fix - safe_vasprint return value [bluewavenet]
* Add - test if safe_calloc failed and serve error 503 [bluewavenet]
* Add - use calloc instead of malloc[bluewavenet]
* fix - safe functions to return error rather than exit [bluewavenet]
* Add - b64decode custom string received by binauth script [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
6cccf1fd651db1826f41044102531596ad73dfbe)
Rob White [Mon, 8 Aug 2022 13:18:26 +0000 (14:18 +0100)]
mesh11sd: Release v1.2.0
Maintainer: Rob White rob@blue-wave.net
Compile tested: All
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64, on 21.02, 22.03 and snapshot.
Description:
* This version adds new functionality.
* Update README.md
* Add - Traffic volume, Peers and stations to status output [bluewavenet]
* Add - limit up-checks to mesh interfaces only [bluewavenet]
-- Rob White <dot@blue-wave.net> Mon, 08 Aug 2022 13:40:31 +0000
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
290ed82bd8b8b2d4153721aa073456d5089da73b)
Rob White [Sun, 7 Aug 2022 20:01:50 +0000 (21:01 +0100)]
opennds: Release v9.8.0
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 22.03
* This version adds new functionality, and fixes some issues
* Fix - suppress stderr in client_params in generic linux [bluewavenet]
* Fix - client_params on generic linux, remote logo not supported yet [bluewavenet]
* Fix - compiler warning [bluewavenet]
* Fix - set voucher script as executable [bluewavenet]
* Update OpenWrt Makefile [bluewavenet]
* Add - format footer in Themespec scripts [bluewavenet]
* Update footer on all scripts [bluewavenet]
* Update - Community Voucher Themespec [bluewavenet]
* Add - Check on startup for Y2.038K bug (32 bit time) [bluewavenet]
* Fix - Remove deprecated Debian specific files [bluewavenet]
* Add - More css updates [bluewavenet]
* Add - user friendly RFC8910 page511 text and remove refresh button [bluewavenet]
* Fix - MHD becomes unresponsive serving page 511 for rfc8910 clients [bluewavenet]
* Add - extra startup settings - ignore_sigpipe and write nds info [bluewavenet]
* Add - set MHD connection limit to 100, set MHD listen backlog size to 128, set MHD_HTTP_HEADER_CONNECTION "close" [bluewavenet]
* Fix - Add missing LOG_CRIT in debug [bluewavenet]
* Add - some useful diagnostic output in authmon [bluewavenet]
* Fix - Move testing to community [bluewavenet]
* Fix - Community - Use tmpfs by default for vouchers.txt file [bluewavenet]
* Add - README with use instructions and notice about flash wearout [fservida]
* Fix - Refactor folder structure for community themespec [fservida]
* Add - Create vouchers.txt [fservida]
* Add - Create theme_voucher.sh [fservida]
* Update - README.md [bluewavenet]
* Add - image download info message [bluewavenet]
* Add - css updates [dianariyanto]
* Add - allow downloaded remotes refresh for all modes [bluewavenet]
* Add - download_resources.sh to installed files [bluewavenet]
* Add - support for download of custom images and files in the status.client page [bluewavenet]
* Remove - Debian man page support [bluewavenet]
* Fix - Add missing mkdir command in Makefile [dzatoah]
* Fix - typos in src/{conf, main}.c [dzatoah]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
b6f063dcca270f6c75287d1ffcbf148aba9427d2)
Toke Høiland-Jørgensen [Wed, 29 Jun 2022 13:11:08 +0000 (15:11 +0200)]
Merge pull request #896 from mbargo23/bird22.03
bird2: bump to version 2.0.10
Jan Betik [Tue, 28 Jun 2022 14:42:52 +0000 (16:42 +0200)]
bird2: bump to version 2.0.10
Signed-off-by: Jan Betik <jan.betik@nic.cz>
(cherry picked from commit
1fa9fa339cc99ffd3020dae91c57bfb5d3217745)
Nick Hainke [Wed, 22 Jun 2022 12:12:28 +0000 (14:12 +0200)]
olsrd: replace patch for storms with real patch
Fixes: bb5bbc6afd8c ("olsrd: import patch to prevent olsr storms")
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
cfd82729a9932d98bacf77a8dbb6410b40516457)
William Fleurant [Mon, 20 Jun 2022 19:31:44 +0000 (21:31 +0200)]
cjdns: support the supernodes feature (#884)
Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit
d705f7989080f38feba4329e5f24d2c85f99a902)
Signed-off-by: Nick Hainke <vincent@systemli.org>
William Fleurant [Sat, 18 Jun 2022 17:01:00 +0000 (19:01 +0200)]
cjdns: bump v21.1 and patch find-python (#883)
* cjdns: bump source from v21 to v21.1
* cjdns: bump release with patch to prefer python2
* cjdns: refresh patches and remove patch musl
Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit
217330bb5e7c17cc2e9f116f8a853f2e5fb86697)
Signed-off-by: Nick Hainke <vincent@systemli.org>
Nick Hainke [Fri, 10 Jun 2022 06:46:28 +0000 (08:46 +0200)]
naywatch: add log when naywatch activates
Naywatch now prints
naywatch: Naywatch Activated!
when becoming active.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
09d5ceb9230b907029a3e09858ef181ff85e3913)
Rob White [Fri, 20 May 2022 20:12:30 +0000 (21:12 +0100)]
mesh11sd: Release v1.1.1
Maintainer: Rob White rob@blue-wave.net
Compile tested: All
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64, on 21.02.2 and snapshot.
Description:
* This version adds new functionality, and fixed some issues
* Fix - repeated syslog messages - output only on mode change [bluewavenet]
* Add - service status to json output [bluewavenet]
* Add - support for multiple mesh interfaces [bluewavenet]
* Fix - duplicate ifname if more than one mesh interface [bluewavenet]
* Add - compatibility with iw < v5.16-1 [bluewavenet]
* Add - search and delete phantom meshnodes [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
1cd90655dabb22d74d010b589d884a9c0c3d7c8b)
Nick Hainke [Thu, 19 May 2022 04:23:09 +0000 (06:23 +0200)]
babeld: rewrite description
Babel is now a IETF standard. Update the package description.
Fixes: #867
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
983096d30858276ea81156b898b67e72566a6696)
Nick Hainke [Wed, 18 May 2022 14:54:25 +0000 (16:54 +0200)]
babled: update to 1.12.1
Changelog:
916d3d9 Update CHANGES for babeld-1.12.1
3d8aec4 Schedule an interface check after adding an interface.
f13602b Split last PC into unicast and multicast values
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
9028f67afd88bbd46edde265bfc77e705406cbc4)
Simon Wunderlich [Sun, 8 May 2022 13:00:14 +0000 (15:00 +0200)]
Merge pull request #858 from ecsv/batadv-for-22.03
openwrt-22.03: batman-adv: Merge bugfixes from 2022.0
Nick Hainke [Sun, 8 May 2022 10:05:32 +0000 (12:05 +0200)]
babeld: update to 1.12
Changelog:
5 May 2022: babeld-1.12
* Implement v4-via-v6 routing (RFC 9229), which allows a router with
IPv4 addresses only to route IPv4. Thanks to Théophile Bastian.
* Enable extended Netlink acks when available.
Thanks to Toke Høyland-Jørgensen.
* Fix restoring of interface configuration to avoid unbounded memory
consumption. Thanks to andrew-hoff.
* Fix handling of deny filters in the install chain.
Refreshed patches:
- 600-add-ubus.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
b35766330b89aa14ff6415eaac2a4dcec2adfab4)
Sven Eckelmann [Fri, 6 May 2022 20:26:35 +0000 (22:26 +0200)]
alfred: Merge bugfixes from 2022.1
* Ensure processed change_iface packet is 0-terminated
* Ensure processed change_bat_iface packet is 0-terminated
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Fri, 6 May 2022 20:26:35 +0000 (22:26 +0200)]
batctl: Merge bugfixes from 2022.1
* ping: Skip sleep after last packet
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Fri, 6 May 2022 20:26:35 +0000 (22:26 +0200)]
batman-adv: Merge bugfixes from 2022.1
* Request iflink once in batadv-on-batadv check
* Request iflink once in batadv_get_real_netdevice
* Don't expect inter-netns unique iflink indices
* Don't skb_split skbuffs with frag_list
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Simon Wunderlich [Mon, 18 Apr 2022 11:59:49 +0000 (13:59 +0200)]
Merge pull request #854 from ecsv/batadv-for-22.03
openwrt-22.03: batman-adv: compat: Add atomic mc_forwarding support for stable kernels
Sven Eckelmann [Sun, 17 Apr 2022 11:25:16 +0000 (13:25 +0200)]
batman-adv: compat: Add atomic mc_forwarding support for stable kernels
Eric Dumazet changed the mc_forwarding in commit
145c7a793838 ("ipv6: make
mc_forwarding atomic") the type of mc_forwarding from __s32 to an atomic_t.
This patch was then ported to various stable kernels.
This code change caused a FTBFS when in batman-adv when
CONFIG_BATMAN_ADV_MCAST was activated. To work around this problem, provide
a version for kernels with __s32 mc_forwarding and a version for kernel
with atomic_t mc_forwarding.
Fixes: #850
Reported-by: Huangbin Zhan <zhanhb88@gmail.com>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Jo-Philipp Wich [Tue, 12 Apr 2022 21:59:16 +0000 (23:59 +0200)]
opennds: remove iptables-legacy CONFLICTS
The opennds software interfaces with netfilter using `iptables` commands,
it does not rely on a specific implementation of the iptables frontend.
Furthermore, the semantically wrong conflict with iptables-legacy
introcduces recursive dependencies in the build system, even for people
not using opendns.
Remove the explicit conflict marker for iptables-legacy.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
8574cb411a1437ad09f047c0e683a126d8ccdd95)
Rob White [Tue, 22 Mar 2022 20:12:40 +0000 (20:12 +0000)]
mesh11sd: [New Package] Release v1.0.0
Maintainer: Rob White rob@blue-wave.net
Compile tested: All
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64, on 21.02.2
Description:
Mesh11sd is a dynamic parameter configuration daemon for 802.11s mesh networks.
It was originally designed to leverage 802.11s mesh networking at Captive Portal venues.
This is the open source version and it enables easy and automated mesh network operation with multiple mesh nodes.
It allows all mesh parameters supported by the wireless driver to be set in the uci config file.
Settings take effect immediately without having to restart the wireless network.
Default settings give rapid and reliable layer 2 mesh convergence.
Without mesh11sd, many mesh parameters cannot be set in the uci wireless config file as the mesh interface must be up before the parameters can be set.
Some of those that are supported, would fail to be implemented when the network is (re)started resulting in errors or dropped nodes.
The mesh11sd daemon dynamically checks configured parameters and sets them as required.
This version does not require a Captive Portal to be running.
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
b4ab8968946dd3210fb84a812a7f46d0fbc03899)
Rob White [Sat, 19 Mar 2022 17:42:49 +0000 (17:42 +0000)]
opennds: Release v9.7.0
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64, on snapshot
* This version adds new functionality, and fixes some issues
* Fix - syntax error (missing comma) in awk command in bash on generic Linux [bluewavenet]
* Add - option to append serial number suffix to gatewayname [bluewavenet]
* Add - block use of ip aliases on gateway interface [doctor-ox] [bluewavenet]
* Fix - ndsctl json syntax error [bluewavenet]
* Add - check for null variables in key value pairs in MHD callbacks [bluewavenet]
* Fix - changed some notice messages into debug messages [bluewavenet]
* Fix - possible return of incorrect pid [doctor-ox] [bluewavenet]
* Fix - possible abiguities resulting in failure to parse parameters correctly [bluewavenet]
* Fix - Remove deprecated get_client_token.sh [bluewavenet]
* Fix - Prevent possible malformed mac address returned from dhcpcheck() [doctor-ox] [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit
d078190b846d518f4a98e976a01525caf7edc6bb)
Nick Hainke [Fri, 1 Apr 2022 08:16:56 +0000 (10:16 +0200)]
naywatch: fix reboot_now
Naywatch should first try to reboot normally, and if that does not work
do a hard reboot. However, the hard reboot was never called.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
65f747a8bcf19e0271e6bbe04c2432f9a93cc406)
Nick Hainke [Wed, 30 Mar 2022 17:30:17 +0000 (19:30 +0200)]
babeld: bump to version 1.11
30 March 2022: babeld-1.11
* Implemented MAC authentication (RFC 8967). Thanks to Clara Dô,
Weronika Kołodziejak and Antonin Décimo.
* Changed the interface of the add_filter function in order to simplify
integration in OpenWRT. Thanks to Nick Hainke.
Detailed List:
7c053fe Export add_filters and simplify interface.
91c44f8 Rename blake2s to blake2s128.
dda8d63 Update CHANGES.
43a0066 Allow Blake2s keys up to 32 bytes.
375ea5f Rename interface option hmac to key.
1b9abc4 Replace hmac-verify with accept-bad-signatures.
3777eb4 Ignore .gitmodules when releasing an archive.
3551b45 Simplify and fix preparse phase.
ba8f116 Add rate limitations for challenges.
6d44238 Show PC number.
ceda3a0 Expire Index and challenge timer.
d66a4d2 Ignore a Challenge Request received on multicast.
024c17a Fix confusion between INDEX_LEN and NONCE_LEN when sending PC TLV.
ceb021f Fix double-free in error path.
1e08aed Change no_hmac_verify to hmac-verify.
c7ad387 Use 'hmac-sha256' and not 'sha256'.
5a15957 Fix nodes incorrectly rejecting packets.
af02039 Append a PC message if Babel-MAC is enabled.
46fc7da Follow the spec closely for the preparse phase.
87f39d0 Rename MAC functions and constants to match the spec.
02b14e3 Helpful error messages in key configuration.
d763f3e Error if configured key can't be found.
3cb0ab7 Use RFC3542 for IPv6 on macOS.
69df1cb Use _GNU_SOURCE instead of __USE_GNU.
ef3a113 Don't copy nonce, suppress VLA.
c243769 Move key validation in parse_key.
b06b2fc Constify source argument of fromhex.
9529941 Use AUTH_TYPE_NONE consistently.
d922b64 Document the HMAC options in manual page.
0c4afc2 Only allow keys configured on a given interface.
7de6715 Create neighbour after checking HMAC.
ecd1f42 Fix typo in compare_hmac.
9a5de34 Fix HMAC-SHA-256 computation.
f1051fd Fix constants to be consistent with SHA-256.
9688b68 Fix memory leaks in error-handling paths in configuration parser.
4d8a831 Fix some more (read-only) buffer overflows.
ebda926 Fix potential memory leaks.
d53fec0 Use AUTH_TYPE_* consistently.
a1afd51 Add no_hmac_verify flag.
b4e28f2 Fix ordering of fields in pseudo-header.
c8ace8b Use IANA-assigned TLV numbers.
739f76a Implement HMAC authentication.
e3adf47 Compile with SHA-256 and Blake2s.
ca0a512 Add SHA-2 and Blake2 submodules.
756783e Untabify
Remove upstreamed patches:
- 000-export-add-filters-and-simplify-interface.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
dbff012a2ff5b8a75f3f5e9d3ccd72ee5c91b575)
Petr Štetiar [Thu, 24 Mar 2022 08:17:27 +0000 (09:17 +0100)]
ci: use openwrt/gh-action-sdk@v4
In order to use feeds from GH mirror for GH actions, thus saving a lot
of resources being wasted. While at it fix whitespace issue.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[applied to routing feed]
[whitespace issue not existing in routing feed]
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
5702d2e40bff2fa45b4f628c4c7a9acdcf6d1e31)
Paul Spooren [Sat, 9 Oct 2021 19:34:37 +0000 (09:34 -1000)]
CI: update SDK action to v3
No also check mirror hashes and badly formated init files
Signed-off-by: Paul Spooren <mail@aparcar.org>
[applied to routing feed]
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
2134c56d12ced1c5b191b35e18f8330384860f15)
Nick Hainke [Sun, 27 Mar 2022 22:04:19 +0000 (00:04 +0200)]
babeld: add add_filter function
You can define filter functions in babeld by:
in if eth0 metric 128
This commit adds the ubus equivalent to dynamically add filter on
runtime:
ubus call babeld add_filter '{"ifname":"eth0", "type":"input",
"metric":128}'
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
a618159d33e02e9a295388e605447993eca11e52)
Nick Hainke [Fri, 25 Mar 2022 18:26:06 +0000 (19:26 +0100)]
olsrd: set lqm via ipc
You can now give a lqm when adding an interface:
ubus call olsrd add_interface '{"ifname":"wg_51821", "lqm":"0.5"}'
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
e3c68429239f77c895b32502e2609df8b72c6caa)
Nick Hainke [Fri, 18 Mar 2022 12:41:55 +0000 (13:41 +0100)]
olsrd: update to 2022-03-18
fcb30aa4da73 unix: fix meshing with wireguard/point-to-point interfaces
Remove upstreamed patch:
- 101-unix-fix-meshing-with-wireguard-point-to-point-interfaces.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
Etienne Champetier [Mon, 14 Mar 2022 04:51:20 +0000 (00:51 -0400)]
olsrd: fix recursive dependency
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Josef Schlehofer [Fri, 25 Feb 2022 23:44:56 +0000 (00:44 +0100)]
vis: update it, refactor Makefile and refresh patch due to fuzz
- Switch to AUTORELEASE in PKG_RELEASE
This avoids cases when someone forgets to bump PKG_RELEASE
- Fixed SPDX License Identifier
- Changed package versioning
Before: vis_1440-2_arm_cortex-a9_vfpv3-d16.ipk
After: vis_2013-04-07-
7710cce4-1_arm_cortex-a9_vfpv3-d16.ipk
- Drop not necessary rows
(Some of them were overwritting defaults and it is not necessary)
Downloaded tarball is ~2kB smaller
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Nick Hainke [Sun, 27 Feb 2022 20:51:41 +0000 (21:51 +0100)]
olsrd: add iptables as dependency
The upcoming OpenWrt version (currently in the master branch) ships
firewall4 by default [1], which uses nftables instead of iptables.
Users might choose to use a compatible layer [2] with iptables-nft,
decide which iptables they want to use, and make appropriate changes
related to fw3/f4[3].
This package requires to use iptables (no matter which variant) for
smart-gw-rules.
[1] https://github.com/openwrt/openwrt/commit/
08d9f6e3020b4a149b2007b6ed7d684c49af9bbf
[2] https://www.redhat.com/en/blog/using-iptables-nft-hybrid-linux-firewall
[3] https://github.com/openwrt/openwrt/commit/
795e7155cbe3e78669f6821bf7aecb7c4e1e1afb
Signed-off-by: Nick Hainke <vincent@systemli.org>
Josef Schlehofer [Sat, 26 Feb 2022 15:45:22 +0000 (16:45 +0100)]
minimalist-pcproxy: fix post install script
Fixes:
Configuring minimalist-pcproxy.
sh: 1: unknown operand
Reported-by: Daniel Golle <daniel@makrotopia.org>
Suggested-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sun, 27 Feb 2022 12:48:32 +0000 (13:48 +0100)]
mrd6: remove it
According to the author [1]:
1. It is no longer supported and maintained.
2. It is no longer necessary as since 2005 the native multicast
forwarding support was added to the Linux Kernel
As alternative pimbd could be used.
[1] https://github.com/hugosantos/mrd6/commit/
c805eb33255dbc0b6647d463c6c67d1c9d3105a0
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sat, 26 Feb 2022 12:52:57 +0000 (13:52 +0100)]
minimalist-pcproxy: Makefile cleanup
- Fixed LICENSE
Software is licensed under MIT
- Added PKG_LICENSE_FILES
- The was wrong date in PKG_VERSION
The latest commit is 2014-12-12.
- Changed package versioning
Before: minimalist-pcproxy_2015-01-12-
2d6d1b0b0a3b79a9b4a9b0a7606a84600a967bcb-2_arm_cortex-a9_vfpv3-d16.ipk
After: minimalist-pcproxy_2014-12-12-
2d6d1b0b-1_arm_cortex-a9_vfpv3-d16.ipk
Also the downloaded tarball is smaller by 0,4 kB
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sat, 26 Feb 2022 12:35:26 +0000 (13:35 +0100)]
nodogsplash: fix SPDX License Identifier and reordering
- Add PKG_LICENSE_FILES
- Use two spaces instead of tabs
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sat, 26 Feb 2022 10:34:53 +0000 (11:34 +0100)]
prince: Makefile refactoring
- Use AUTORELEASE in PKG_RELEASE
- Use tarball instead of checkouting git
- Use two spaces instead of indentation
- In install section reorder it (first folder, then files and so on)
- Added LICENSE file
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sat, 26 Feb 2022 10:43:24 +0000 (11:43 +0100)]
quagga: reorder things in Makefile
- Fix SPDX License Identifier
- Use HTTPS in URL
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sat, 26 Feb 2022 13:00:35 +0000 (14:00 +0100)]
mcproxy: Makefile cleanup
- Switched to AUTORELEASE
- Fixed SPDX License Identifier and added PKG_LICENSE_FILES
- Use HTTPS for project website
- Changed versioning
Before: mcproxy_2017-08-24-
93b5ace42268160ebbfff4c61818fb15fa2d9b99-3_arm_cortex-a9_vfpv3-d16.ipk
After: mcproxy_2017-08-24-
93b5ace4-1_arm_cortex-a9_vfpv3-d16.ipk
Downloaded tarball is smaller by 0,2 MB
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sat, 26 Feb 2022 12:41:29 +0000 (13:41 +0100)]
mrd6: Makefle reordering
- Switch to AUTORELEASE
- Changed package versioning:
Before: mrd6_2013-11-30-
c805eb33255dbc0b6647d463c6c67d1c9d3105a0-3_arm_cortex-a9_vfpv3-d16.ipk
After: mrd6_2013-11-30-
c805eb33-1_arm_cortex-a9_vfpv3-d16.ipk
- Remove defaults, which are already defaults
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sat, 26 Feb 2022 10:57:26 +0000 (11:57 +0100)]
pimbd: Makefile refactor
- Switch to AUTORELEASE
- There was no need to overwrite defaults, downloaded tarball is ~4 kB
smaller
Also change the package versioning
Before: pimbd_2018-06-19-
dbf4e5913b06e3160f506df15e6a047a403a5f21-2_arm_cortex-a9_vfpv3-d16.ipk
After: pimbd_2018-06-19-
dbf4e591-1_arm_cortex-a9_vfpv3-d16.ipk
- Add PKG_LICENSE_FILES
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sat, 26 Feb 2022 11:28:09 +0000 (12:28 +0100)]
opennds: Makefile refactoring
- Reorder things
- Fixed SPDX License Identifier
- Added PKG_LICENSE_FILES
- Use two spaces instead of tab
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Fri, 25 Feb 2022 04:22:41 +0000 (05:22 +0100)]
oonf-dlep-radio: refactor define Package/oonf-dlep-radio
- Why there was oonf-git? WTF?
- Use two spaces instead of tabs
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Fri, 25 Feb 2022 04:07:37 +0000 (05:07 +0100)]
oonf-dlep-radio: refactor Makefile (package versioning, downloading)
- By this change, we are using downloading .tar.xz (which is default in OpenWrt)
Reference: OpenWrt base repository include/download.mk
Downloaded tarball size is ~60 kB smaller.
- Removed "v" in package naming.
Before: oonf-dlep-radio_v0.15.1_arm_cortex-a9_vfpv3-d16.ipk
After: oonf-dlep-radio_0.15.1_arm_cortex-a9_vfpv3-d16.ipk
Removed stuff, which is no longer needed like PKG_REV.
- Switch to AUTORELEASE in PKG_RELEASE
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Fri, 25 Feb 2022 16:56:25 +0000 (17:56 +0100)]
bmx6: update to
65cb0d542f16a4b4689f5ad2542c9f24215a6616
Makefile polishing:
- Fixed SPDX License Identifier
- Use AUTORELEASE in PKG_RELEASE
This helps in cases when the PKG_RELEASE is forgotten
- Remove no longer used things like PKG_REV, etc.
Downloaded tarball is now ~80 kB smaller as we use .tar.xz
instead of .tar.gz
- Use https for their website
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>