As a partial fix to #496, do not touch the MAC address of the WAN
interface when using VXLANs (as only the MAC address of the VXLAN
interface matters to batman-adv).
On PoE-powered devices, we usually want to use WAN for the setup mode.
As all outdoor devices are PoE-powered, we can reuse this function. This
switches the setup mode interface for new installations / after config
reset on a few devices that were missing in this list before.
The 'preserve' flag can be used to mark a peer so it is not removed or
modified on upgrades. In addition, groups containing preserved peers are
not removed.
Fixes: #557
gsub() returns the number of matches as its second return value. This
was unintendedly passed through by the util functions trim() and
node_id(). It can be presumed that this had no effect in practice, but
it can lead to surprising output when passing values to print() for
debugging.
Allows reconfigurtion of remote syslog from within site.conf.
Conflicts with the gluon-web-logging package as user made changes
will be overwritten, because this package will reconfigure the syslog
destination on every upgrade.
Resolves#1845
Use the value of the `name` site.conf field as label (it was
accidentally unused before).
Our site.conf currently doesn't define a specific order for the branch
entries. To avoid changing branch orders, sort entries by this label.
Fixes: #1961
Register to 'reset' event on form element and make call to 'update' function
delayed in 'data-update' handler to allow the form values to update beforehand.
When using a form's 'reset' button, form field visibility was not updated.
This could lead to situations where a checkbox had to be toggled again
twice to display the detail text inputs. (Example taken from private
wifi package)
This adds a helper method, which determines if the current platform
supports WPA3 or not.
WPA3 is supported if
- the device is not in the featureset category "tiny"
- the WiFi driver supports 802.11w management frame protection
The gluon-wireless-encryption package selects a WPA3 supporting
hostapd package as a dependency and stores the information, which
encryption method is supported to the device.
This package adds support for SAE on 802.11s mesh connections.
Enabling this package will require all 802.11s mesh connections
to be encrypted using the SAE key agreement scheme. The security
of SAE relies upon the authentication through a shared secret.
In the context of public mesh networks a shared secret is an
obvious oxymoron. Still this functionality provides an improvement
over unencrypted mesh connections in that it protects against a
passive attacker who did not observe the key agreement. In addition
Management Frame Protection (802.11w) gets automatically enabled on
mesh interfaces to prevent protocol-level deauthentication attacks.
If `wifi.mesh.sae` is enabled a shared secret will automatically be
derived from the `prefix6` variable. This is as secure as it gets
for a public mesh network.
For *private* mesh networks `wifi.mesh.sae_passphrase` should be
set to your shared secret.
Fixes#1636
Remove a lot of redundant code by switching to a match table listing
the targets and boards for each candidate for the primary MAC interface.
In addition, we add some flexiblity by allow to switch out the sysfs file
data source for the MAC address.