From d3c98b7ab61a326dc6a7a112db0be3228164f754 Mon Sep 17 00:00:00 2001
From: lemoer <git@irrelefant.net>
Date: Fri, 8 Apr 2016 02:29:08 +0200
Subject: [PATCH] gluon-core: primary_mac is now hashed before the VIF macs are
 generated.

---
 package/gluon-core/Makefile                   |  2 +-
 .../files/lib/gluon/upgrade/010-primary-mac   | 11 +----
 .../files/usr/lib/lua/gluon/util.lua          | 40 +++++++------------
 3 files changed, 18 insertions(+), 35 deletions(-)

diff --git a/package/gluon-core/Makefile b/package/gluon-core/Makefile
index de54283b..725fb737 100644
--- a/package/gluon-core/Makefile
+++ b/package/gluon-core/Makefile
@@ -12,7 +12,7 @@ define Package/gluon-core
   SECTION:=gluon
   CATEGORY:=Gluon
   TITLE:=Base files of Gluon
-  DEPENDS:=+gluon-site +libgluonutil +lua-platform-info +luci-base +luci-lib-jsonc +odhcp6c +firewall
+  DEPENDS:=+gluon-site +libgluonutil +lua-platform-info +lua-hash +luci-base +luci-lib-jsonc +odhcp6c +firewall
 endef
 
 
diff --git a/package/gluon-core/files/lib/gluon/upgrade/010-primary-mac b/package/gluon-core/files/lib/gluon/upgrade/010-primary-mac
index 28a68b57..25c13bac 100755
--- a/package/gluon-core/files/lib/gluon/upgrade/010-primary-mac
+++ b/package/gluon-core/files/lib/gluon/upgrade/010-primary-mac
@@ -10,9 +10,8 @@ end
 
 local platform = require 'gluon.platform'
 
-local sys = require 'luci.sys'
+local fs = require 'nixio.fs'
 local util = require 'luci.util'
-local nixio = require 'nixio'
 
 
 local try_files = {
@@ -33,15 +32,9 @@ end
 
 
 for _, file in ipairs(try_files) do
-  local addr = nixio.fs.readfile(file)
+  local addr = fs.readfile(file)
 
   if addr then
-    if platform.match('ramips', 'rt305x', {'vocore'}) then
-      -- Hash the mac address since we need to iterate in the last bits for
-      -- the VIF. (This chip uses a hardware mac filter)
-      addr = util.hash_mac(addr)
-    end
-
     sysconfig.primary_mac = util.trim(addr)
     break
   end
diff --git a/package/gluon-core/files/usr/lib/lua/gluon/util.lua b/package/gluon-core/files/usr/lib/lua/gluon/util.lua
index 8294b740..2d96d0c1 100644
--- a/package/gluon-core/files/usr/lib/lua/gluon/util.lua
+++ b/package/gluon-core/files/usr/lib/lua/gluon/util.lua
@@ -30,6 +30,7 @@ local ipairs = ipairs
 local table = table
 
 local nixio = require 'nixio'
+local hash = require 'hash'
 local sysconfig = require 'gluon.sysconfig'
 local platform = require 'gluon.platform'
 local site = require 'gluon.site_config'
@@ -82,36 +83,25 @@ end
 -- (4, 0): mesh VPN
 -- (5, n): mesh interface for n'th radio (802.11s)
 function generate_mac(f, i)
-  local m1, m2, m3, m4, m5, m6 = string.match(sysconfig.primary_mac, '(%x%x):(%x%x):(%x%x):(%x%x):(%x%x):(%x%x)')
-  m1 = nixio.bit.bor(tonumber(m1, 16), 0x02)
-  m2 = tonumber(m2, 16)
-  m3 = (tonumber(m3, 16)+i) % 0x100
+  local hashed = string.sub(hash.md5(sysconfig.primary_mac), 0, 12)
+  local m1, m2, m3, m4, m5, m6 = string.match(hashed, '(%x%x)(%x%x)(%x%x)(%x%x)(%x%x)(%x%x)')
+
+  m1 = tonumber(m1, 16)
+  m3 = tonumber(m3, 16)
   m6 = tonumber(m6, 16)
 
-  if platform.match('ramips', 'rt305x', {'vocore'}) then
-    -- We need to iterate in the last byte, since the vocore does
-    -- hardware mac filtering on the wlan interface.
-    m6 = (m6+f) % 0x100
-  else
-    m2 = (m2+f) % 0x100
-  end
+  m1 = nixio.bit.bor(m1, 0x02)  -- set locally administered bit
+  m1 = nixio.bit.band(m1, 0xFE) -- unset the multicast bit
+  m3 = (m3+i) % 0x100           -- add interface identifier
 
-  return string.format('%02x:%02x:%02x:%s:%s:%02x', m1, m2, m3, m4, m5, m6)
-end
-
--- Generates a mac hashed from the original
--- The last three bits will be zeroed, since these bits are
--- iterated on some devices for the VIF.
-function hash_mac(original)
-  local hashed = string.sub(sys.exec('echo -n "' .. original .. '" | sha512sum'),0,12)
-  local m1, m2, m3, m4, m5, m6 = string.match(hashed, '(%x%x)(%x%x)(%x%x)(%x%x)(%x%x)(%x%x)')
-  local m1 = nixio.bit.bor(tonumber(m1, 16), 0x02)
-  local m6 = nixio.bit.band(tonumber(m6, 16), 0xF8) -- zero the last three bits
-  -- It's necessary that the upper bits of the mac do
-  -- not vary on a single interface, since they are using
+  -- It's necessary that the last bits of the mac do
+  -- not vary on a single interface, since some chips are using
   -- a hardware mac filter. (e.g 'ramips-rt305x')
 
-  return string.format('%02x:%s:%s:%s:%s:%02x', m1, m2, m3, m4, m5, m6)
+  m6 = nixio.bit.band(m6, 0xF8) -- zero the last three bits (space needed for counting)
+  m6 = (m6+f) % 0x100           -- add virtual interface id
+
+  return string.format('%02x:%s:%02x:%s:%s:%02x', m1, m2, m3, m4, m5, m6)
 end
 
 -- Iterate over all radios defined in UCI calling