This will prevent `module is already loaded` lines from
appearing in the logs when a PPP connection is reconnecting
Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
Signed-off-by: Manas Sambhus <manas.sambhus+github@gmail.com>
Co-authored-by: Manas Sambhus <manas.sambhus+github@gmail.com>
WPA3 enterprise requires group_mgmt_cipher=BIP-GMAC-256 and if 802.11r is
active also wpa_key_mgmt FT-EAP-SHA384. This commit also requires
corresponding changes in netifd.
Signed-off-by: Joerg Werner <schreibubi@gmail.com>
This package uses BPF to create a fast path which improves bridging performance
by bypassing the bridge layer. It also supports creating tc offload rules for
hardware that supports it.
Hardware offload support can be used with MT7622 + MT7915 once it is merged
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This adds the pending support for the BSS color collision handling.
This way drivers that implement CCA can on the fly change the BSS color
ID once a collision is detected.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Co-authored-by: Robert Marko <robimarko@gmail.com>
* uhttpd: make organization (O=) of the cert configurable via uci
Make the organization (O=) of the cert configurable via uci. If not
configured, use a combination of "OpenWrt" and an unique id like it was
done before.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
* uhttpd: add config option for json_script
Add a config option for json_script instead of unconditionally including
all json files in /etc/uhttpd in every uhttpd instance. This makes it
possible to configure a single instance with an unconditional redirect,
which currently renders all other uhttpd instances unusable.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Felix Fietkau <nbd@nbd.name>
* uhttpd: update to latest Git HEAD
2f8b136 main: fix leaking -p/-s argument values
881fd3b ucode: adjust to latest ucode api
8b2868e file: specify UTF-8 as charset for dirlists, add option to override
3a5bd84 main: add ucode options to help text
16aa142 examples: add ucode handler example
3ceccd0 ucode: add ucode plugin support
f0f1406 examples: add example Lua handler script
9e87095 listen: avoid invalid memory access
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Co-authored-by: Martin Schiller <ms@dev.tdt.de>
Co-authored-by: Stijn Tintel <stijn@linux-ipv6.be>
Co-authored-by: Jo-Philipp Wich <jo@mein.io>
Fix the return value, shell return codes should be 0 to indicate success
(i.e. mount point found), 1 should be failure (i.e. mount point not-found).
Fixes: ac4e8aa ("dnsmasq: fix more dnsmasq jail issues")
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
Co-authored-by: Oldřich Jedlička <oldium.pro@gmail.com>
* dnsmasq: add ubus acl to allow calls to hotplug.tftp object
dnsmasq may call hotplug.dhcp, hotplug.neigh and hotplug.tftp.
Only the first two callees were listed in the ACL, so add missing
hotplug.tftp.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* dnsmasq: fix the dynamic dns object names patch
We can't use booleans, since we're not including stdbool.h. Use integers
instead.
Fixes: 0b79e7c01e ("dnsmasq: generate the dns object name dynamically")
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Co-authored-by: Daniel Golle <daniel@makrotopia.org>
Co-authored-by: Rui Salvaterra <rsalvaterra@gmail.com>
* dnsmasq: add support for monitoring and modifying dns lookup results via ubus
The monitoring functionality will be used for dns rule support in qosify
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dnsmasq: add match_tag for --dhcp-host
A set of tags can be specified for --dhcp-host option to restrict the
assignment to the requests which match all the tags.
Example usage:
config vendorclass
option networkid 'udhcp'
option vendorclass 'udhcp'
config host
option mac '*:*:*:*:*:*'
list match_tag 'switch.10'
list match_tag 'udhcp'
option ip '192.168.25.10'
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Paul Fertser <fercerpav@gmail.com>
Commit a2fcd3900c ("dnsmasq: improve init script") broke the existing
handling for hosts_dir. Remove the redundant mount again to fix it.
Reported-by: Hartmut Birr <e9hack@gmail.com>
Fixes: a2fcd3900c ("dnsmasq: improve init script")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Co-authored-by: Daniel Golle <daniel@makrotopia.org>
Package hostapd-common is a dependency of every other package defined in
hostpad Makefile. It is currently built next to the bottom of that
Makefile's package list.
If you run make back to back, then check-compile will compare the
hostapd-common timestamp to the variant being compiled, to decide if the
varint needs to be rebuilt or not. Since the hostapd-conf package is
built towards the end of the list, it will be newer than most of the
variants, causing unnecessary package rebuilds.
Move it to the top, so that its timestamp will be older than dependent
packages, avoiding unnecessary rebuild of every selected variant.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Co-authored-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* fix restart in LuCI (inherited umask was to restrictive)
* make directory of hosts-file (!= /tmp) accessible in ujail
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Co-authored-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: fix a race condition on adding AP mode wds sta interfaces
Both hostapd and netifd attempt to add a VLAN device to a bridge.
Depending on which one wins the race, bridge vlan settings might be incomplete,
or hostapd might run into an error and refuse to service the client.
Fix this by preventing hostapd from adding interfaces to the bridge and
instead rely entirely on netifd handling this properly
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix up patches after the last commit
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: ubus: fix uninitialized pointer
This fixes passing a bogus non-null pointer to the ubus handler in case
the transition request is rejected.
Signed-off-by: David Bauer <mail@david-bauer.net>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: David Bauer <mail@david-bauer.net>
* hostapd: ubus: add notification for BSS transition response
To allow steering daemons to be aware of the STA-decided transition
target, publish WNM transition responses to ubus. This way, steerings
daemons can learn about STA-chosen targets and send a better selection
of transition candidates.
Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: ubus: add BSS transtiton request method
The existing wnm_disassoc_imminent ubus method only supports issuing a
bss transition request with the disassoc imminent flag set.
For use-cases, where the client is requested to roam to another BSS
without a pending disassoc, this existing method is not suitable.
Add a new bss_transition_request ubus method, which provides a more
universal way to dispatch a transition request. It takes the following
arguments:
Required:
addr: String - MAC-address of the STA to send the request to (colon-seperated)
Optional:
abridged - Bool - Indicates if the abridged flag is set
disassociation_imminent: Bool - Whether or not the disassoc_imminent
flag is set
disassociation_timer: I32 - number of TBTTs after which the client will
be disassociated
validity_period: I32 - number of TBTTs after which the beacon
candidate list (if included) will be invalid
neighbors: blob-array - Array of strings containing neighbor reports as
hex-string
Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: fix goto loop for ubus assoc handler
When a ubus event handler denies a association with a non-zero return
value, the code jumps to preceeding code, creating an endless loop until
the event handler accepts the assc request.
Move the ubus handler further up the code to avoid creating such a loop.
Signed-off-by: David Bauer <mail@david-bauer.net>
Co-authored-by: David Bauer <mail@david-bauer.net>
Bring the usage in line with the dnsmasq man page and the other options
where set: is mandatory.
No functional change.
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
Co-authored-by: Paul Fertser <fercerpav@gmail.com>
* hostapd: let netifd set bridge port attributes for snooping
Avoids race conditions on bridge member add/remove
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix segfault when deinit mesh ifaces
In hostapd_ubus_add_bss(), ubus objects are not registered for mesh
interfaces. This provokes a segfault when accessing the ubus object in
mesh deinit.
This commit adds the same condition to hostapd_ubus_free_bss() for
discarding those mesh interfaces.
Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
* hostapd: refresh patches
Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: fix Proxy-ARP with Hotspot 2.0 disabled
The disable_dgaf config fiels is only available in case Hostapd is
compiled with Hotspot 2.0 support, however Proxy-ARP does not depend on
Hotspot 2.0.
Only add the code related to this config field when Hotspot 2.0 is
enabled to fix compilation with the aformentioned preconditions.
Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: enable proxy-arp support for hostapd-full
The hostapd.sh script already has support for configuring proxy-ARP,
however no built variant has support for it enabled.
Enable proxy-ARP support for hostapd-full builds in order to allow users
to actually use this feature.
Signed-off-by: David Bauer <mail@david-bauer.net>
Co-authored-by: David Bauer <mail@david-bauer.net>
This check was accidentally left in after reworking the code,
causing a segfault
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
When using htmode 'HE20' with a radio mode that uses wpa-supplicant
(like mesh or sta), it will default to 40 MHz bw if disable_ht40 is not
set. This commit fixes this behaviour.
Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
Co-authored-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
* dnsmasq: fix more dnsmasq jail issues
* remove superflus mounts of /dev/null and /dev/urandom
* reset EXTRA_MOUNTS at the beginning of the script
* add mount according to ignore_hosts_dir
* don't add mount for file which is inside a directory already in the
EXTRA_MOUNTS list
Fixes: 59c63224e1 ("dnsmasq: rework jail mounts")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* dnsmasq: reset EXTRA_MOUNT in the right place
EXTRA_MOUNT variable should be reset in dnsmasq_start() rather than
just once at the beginning of the script.
Fixes: ac4e8aa2f8 ("dnsmasq: fix more dnsmasq jail issues")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Co-authored-by: Daniel Golle <daniel@makrotopia.org>
* split into multiple lines to improve readability
* use EXTRA_MOUNT for addnhosts instead of blindly adding /tmp/hosts
* remove no longer needed mount for /sbin/hotplug-call
* add dhcp-script.sh dependencies (jshn, ubus)
Fixes: 3a94c2ca5c ("dnsmasq: add /tmp/hosts/ to jail_mount")
Fixes: aed95c4cb8 ("dnsmasq: switch to ubus-based hotplug call")
Reported-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Co-authored-by: Daniel Golle <daniel@makrotopia.org>
Fixes: 7b46377a0cd9 ("hostapd: make the snooping interface (for proxyarp) configurable")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
* hostapd: make the snooping interface (for proxyarp) configurable
Use the VLAN interface instead of the bridge, to ensure that hostapd receives
untagged DHCP packets
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix a segfault on sta disconnect with proxy arp enabled
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: make proxyarp work with libnl-tiny
Remove a dependency on libnl3-route
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
Programs like the olsr-name-plugin write hostname files to "/tmp/hosts/".
If you don't add this to the jail_mount, dnsmasq can't read it anymore.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Co-authored-by: Nick Hainke <vincent@systemli.org>
This will restart the interface in case the CSA fails and can be used to
force the device on a DFS channel (including full CAC)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
* hostapd: make it possible to update station airtime weights via ubus
This allows dynamic tuning based on other runtime information
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: add support for enabling HE on channel switch
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: initialize ht/vht/he mode on channel switch by default
Use the current mode, but allow overwriting via ubus command parameters
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix uninitialized stack variable on CSA
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
Imports a function from iw to convert frequencies to channel numbers.
Co-authored-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
[fix potential out of bounds read]
Signed-off-by: David Bauer <mail@david-bauer.net>
'--local' is a synonym for '--server' so let's use '--local' in the
resultant config file for uci's 'local' instead of uci's local
parameter being turned into '--server'. Slightly less confusion all
round.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
