The stdout output of gluon-web scripts is directly sent to uhttpd,
becoming a part of the HTML output or even replacing HTTP status or
headers. The output of gluon-reconfigure is not supposed to end up
there.
While we're at it, also add an exec to avoid an unnecessary shell
process.
The OpenLayers JS/CSS download URL is dead. Update it to make the map
work again:
- Update from OpenLayers 5.2.0 to 5.3.0
- Switch from the obsolete rawgit.com URL to jsdelivr.net (rawgit.com
was only redirecting to jsdelivr.net for the last few years anyways)
- Set a fixed commit in the URL, so the URL doesn't become outdated again
THe "null" and "null@l2tp" methods are considered equivalent and always
added and removed together when the method list is "configurable".
"null@l2tp" is added before "null", so it is preferred when the peer
supports both.
As gluon-web uses standard multipart/form-data requests, browsers don't
enforce any cross-origin restrictions. To prevent malicious injection of
POST requests into the config mode, match the Origin header against the
Host header of the request.
Actually raise an error and turn it into an HTTP 400 return code when
something goes wrong, rather than ignoring the error.
We also improve the conditions under which errors are thrown before
pump() is called: We don't need to check for the multipart/form-data
content-type twice, and a POST without this content-type is now always
an error.
Swap the interfaces so than the PoE input port LAN0 is used for WAN and
config mode, and LAN1 becomes LAN.
To this end, the code previously used for ar71xx and removed in
commit 9fdc57c175 ("treewide: drop ar71xx platform specific code") is
reintroduced.
Fixes#2384
There wasn't really a reason to have a separate script to set a single
value.
In addition, the old script was using the identifier 'c' instead of
'uci' for the UCI cursor. Following the convention of the other scripts
is helpful so it is easy to grep for all uses of a certain config file/
option.
This copies the code from web-admin and uses it to create a neat
cli-accessible summary about a node
This could also be extended or possibly have all the data the status
page has
Co-Authored-By: Matthias Schiffer <mschiffer@universe-factory.net>
Declare the clock variable as extern in the header file.
Fixes compilation of gluon-ebtables-limit-arp with OpenWrt master:
multiple definition of `clock'; /gluon/openwrt/tmp/ccuynR0G.o:(.bss+0x230): first defined here
Signed-off-by: David Bauer <mail@david-bauer.net>
The 'hwmode' setting has been replaced with 'band' in OpenWrt to add
support for newer bands outside of 2.4G and 5G. Adjust Gluon accordingly.
[Matthias Schiffer: rebased, extended commit message]
In meshes without VPN or supernodes, it may be desirable to connect a
router providing IPv4 addresses directly to a regular Gluon node. For
this to work, it was necessary to remove the gluon-ebtables-filter-ra-dhcp
package from the node, so the autoupdater also needed to be disabled.
To avoid this, make gluon-ebtables-filter-ra-dhcp disable the DHCPv4
filter rules when gw_mode is set to 'server'.
No solution is provided for RA/DHCPv6, but this seems less pressing for
local meshes, as nodes can already provide working IPv6 connectivity
by themselves through gluon-radvd.
The network.wireless status ubus call only returns the configured
channel from UCI, breaking the status page in outdoor mode, where the
configuration contains 'auto' instead of a number.
Fixes: 0d3fa6b59b ("gluon-status-page: use ubus to get radio channels")
Closes#2336
In js `return` does behave like `continue` in a forEach() iteration.
The fixed function was intended to return nothing on error and does so
now, instead of a shorter (useless) array like before.
Calling functions like recv() with a NULL buffer is not explicitly
allowed by the POSIX standard, so it must be avoided to be portable
across different libc implementations. Allocate an initial buffer before
handling requests, and also pass this buffer to the peek recv() call.
Fixes: 531937cf6f ("gluon-neighbour-info: fix broken output with large results")
This removes PKG_VERSION and PKG_RELEASE from most Makefiles, as the
value was never useful for Gluon packages; instead, PKG_VERSION is set
to 1 in gluon.mk.
It also removes two other weird definitions:
- gluon-iptables-clamp-mss-to-pmtu replicating the old PKG_VERSION logic
from gluon-core, but without the fixed PKG_BUILD_DIR to prevent
unnessary rebuilds
- gluon-hoodselector set GLUON_VERSION=3
Calling git describe directly breaks isolation between the build system
and packages. Replace this with proper .config variables, like we
already do for GLUON_RELEASE.
Also replace the PKG_VERSION hack with a static '1', as we do for other
packages - while having those version numbers in opkg was cute, it was
also entirely useless. Having a fixed PKG_VERSION allows us to remove
the PKG_BUILD_DIR override as well.
Currently a buffer with a fixed size of 8192 bytes is used. However the
result can potentially be larger, which leads to a truncated JSON
output on stdout. UDP packets, without compression and with IP
fragmentation, can be up to 64KiB large.
Instead of using a fixed size buffer on the stack ask the kernel first
about the size of the UDP data and allocate a buffer of appropriate size
on the heap before receiving the UDP data.
The issue was observed with a custom respondd provider.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
