This switches hostapd variant used for SAE and OWE from hostapd-openssl
to hostapd-wolfssl.
The bug shich one broke the wolfssl implementation was resolved upstream
with commit 631c437a91c2 ("hostapd: backport wolfssl bignum fixes").
This particular commit also got backported to OpenWrt 19.07.
This summaries giving an overview of a scripts function and a short summary
how it's doing this. Only the scripts are covered, that are used by the
Freifunk-Berlin firmwarebuiler too.
[Matthias Schiffer: slightly reworded some descriptions]
This allows for multiple mesh legs out of one box. Useful for offloaders
and networks using vlan for separate mesh transport.
Custom mesh interfaces in a VXLAN domain are otherwise firewalled.
This fixes#1479
This adds support for the beacon interval to be set on a per-band base.
This has the potential to reduce the amount of airtime used up for
sending beacon frames.
Separate wireless-related helper methods from the util module to a
new wireless module. This keeps them separated, as the amount of
wireless helpers increased in the past, justifying a separate module.
xt_CT was added to kmod-ipt-conntrack a while back. Update our
GLUON_SPECIALIZE_KERNEL rules accordingly.
When building xt_CT into the kernel, one of the symbols IP_NF_RAW and
IP6_NF_RAW must be enabled as well, even though there is no runtime
dependency when building as modules. The kernel grows by less than 1KB
even when both IP_NF_RAW and NETFILTER_XT_TARGET_CT are enabled, making
this change a (very slight) net win in both flash and RAM usage.
In OpenWrt 19.07, the block size was increased to 1024KiB for "tiny"
devices by default to save flash. Unfortunately, this also significantly
increases the cache memory required by squashfs.
In my test, the increased block size reduced the image size by ~64KiB,
but increased the RAM usage by ~2.6MiB. As most tiny devices have only
32MiB of RAM, this is not a reasonable tradeoff.
The ar71xx-generic target already defines an even lower block size of
64KiB.
As x86-generic is compiled to pentium4 (and newer) there is a need for
a subtarget for older devices. The x86-legacy subtarget is set to
compile to pentium (and newer) and should support even very old devics.
x86-legacy includes the packages from x86.inc to only maintain one
package list. The three excludes are because the packages do not exist
for x86-legacy.
The OpenWrt feeds.conf.defaults contains some feeds that are commented out
and not active. Such feeds will be returned by the default_feeds.sh script
anyway and causing pseudo feeds. Limit the script to only return active
feeds, by filtering out lines starting with '#'.
This usually only applies to the OpenWrt master branch.
Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
change as per NeoRider
As a partial fix to #496, do not touch the MAC address of the WAN
interface when using VXLANs (as only the MAC address of the VXLAN
interface matters to batman-adv).
This reverts commit 2a8943e516.
.SILENT gets passed down to OpenWrt make as -s through MAKEFLAGS. This
hides certain messages from the build log with V=s.
On PoE-powered devices, we usually want to use WAN for the setup mode.
As all outdoor devices are PoE-powered, we can reuse this function. This
switches the setup mode interface for new installations / after config
reset on a few devices that were missing in this list before.
The 'preserve' flag can be used to mark a peer so it is not removed or
modified on upgrades. In addition, groups containing preserved peers are
not removed.
Fixes: #557
a8c92e9eda opkg: Fix PKG_MIRROR_HASH
844b892a74 ath10k-firmware: fix mirror hash
7e9d84ee4a opkg: update to latest Git HEAD
81f3f6540e wireguard: bump to 1.0.20200506
b956f6bd13 wireguard: bump to 20191226
c61fbdd087 odhcpd: fix PKG_SOURCE_DATE
5e8b50da15 odhcpd: fix lan host reachibility due to identical RIO and PIO prefixes (FS#3056)
ac5d5d8d09 ustream-ssl: update to 19.07 Git HEAD
a6caa8fad1 uhttpd: update to 19.07 Git HEAD
3b9e4d6d4c fstools: update to the latest version
af5ada457 wifidog-ng: remove incorrect PKG_BUILD_DIR override
b8ce0e959 ddns-scripts: Increment PKG_RELEASE and internal version number
9437c31c8 ddns-scripts: cloudflare.com-v4: Fix grep patterns.
b7958778a ddns-scripts: cloudflare.com-v4: Fix success check for new response format JSON response now has spaces between parameters. Accept this new format and the old one.
98f12a896 ddns-scripts: fix logging bug
a6a2c8d13 ddns-scripts: use HTTP for IPv6 dyndns URL
d040b2471 ddns-scripts: remove HTTPS from dyndns URL
ab7dfd76b ddns-scripts: use new DDNS URL for dyndns.org
c2943b13f ddns-scripts: update ddnss.de response
4d050bac7 ddns-scripts: Use https for domains.google.com
4938c148c nextdns: Update to version 1.5.7
501c782f7 youtube-dl: update to version 2020.5.3
f79cb0907 gerbera: add
2ce218bdc vpn-policy-routing: support phys-dev policies
9eb229c09 vpn-policy-routing: bugfix: remove non-ASCII from log; update README
0ae7e11d7 vpnbypass: bugfix: remove non-ASCII from system log; update README
1d5350fb4 openconnect: updated to 8.09
b10a73c9a ocserv: updated to 1.0.1
04af75b94 youtube-dl: update to version 2020.3.24
e92ac8abe travelmate: fix captive portal detection
c0f906273 bash: Import upstream patches
The netdev() lookup is confusing to use: whenever a interface does not
exist during boot (for example VLAN) or when the address is overridden
from board.json (which is not obvious at all), it will yield either no
address, or a different address than expected.
To avoid this confusion, using board.json-based interface() is
preferable. This converts all uses of netdev() to the corresponding
lan/wan lookups, except for the final fallback for eth0.
- Replace misnamed, closure-returning sysfs() to a reusable read() function
- Rename eth() to netdev(), pass full interface name
- Rename board() to interface()
- Split reuable get_netdev_addr() out of netdev()