Commit Graph

3765 Commits

Author SHA1 Message Date
aiyion.prime
a683486514 fixup! gluon-status-page: add mesh protocol to status-page 2021-05-06 19:03:06 +02:00
David Bauer
545713ac9f
Merge pull request #2213 from freifunk-gluon/modules-openwrt
modules: update OpenWrt
2021-05-06 17:14:50 +02:00
aiyion.prime
77a6b9a947 gluon-status-page: add mesh protocol to status-page 2021-05-06 16:37:32 +02:00
Martin Weinelt
47a2f03660
modules: update OpenWrt
1b5a45a4a7 mac80211: Update to backports version 4.19.189-1
a883e3af38 dropbear: Fix CVE-2020-36254
2021-05-06 01:51:12 +02:00
lemoer
bbecd44be1 gluon-core: extend gluon_wired proto for l3 devices
This is a preparation to use the gluon_wired.sh proto on top of
layer 3 tunnel interfaces.
2021-05-06 00:43:01 +02:00
lemoer
c14b4c0b4b gluon-core: add vxlan option to gluon_wired proto
Before this commit the decision whether a vxlan layer will be
introduced between the lower interface before the interface is
added to batman was inside the proto. Now the decision is moved
to the user of the proto.
2021-05-06 00:43:01 +02:00
David Bauer
9e09d08cf6
Merge pull request #2177 from blocktrron/pr-wan-radio-ifname
gluon-web-private-wifi: define ifname for WAN radio
2021-05-03 17:39:31 +02:00
David Bauer
589dff7c14 modules: update OpenWrt
08ef2073d4 ramips: backport unlocked mdiobus accessors
2021-05-03 00:44:56 +02:00
David Bauer
e729b81312 gluon-private-wifi: add package
Add a package for handling upgrade-scripts speific for the WAN radio
operation.

This way, the config mode interface can be removed seperately from the
core functionality to perform tasks on system upgrade. This can be
useful when the setup-mode is removed entirely for space preservation.
2021-05-02 23:25:32 +02:00
David Bauer
5f08b47659 modules: update OpenWrt
7198ae4cf3 openvpn: update to 2.4.11
a8beddcd34 openvpn: update to 2.4.9
f82ddf9024 openvpn: update to 2.4.8
718e97c5c8 ramips: mt7530 swconfig: fix race condition in register access
8788e86245 ppp/pppoe-discovery: fix -W option
4398a35067 kernel: bump 4.14 to 4.14.231
906f560e79 kernel: bump 4.14 to 4.14.230
2021-05-02 20:59:45 +02:00
Martin Weinelt
46d2008eef
Merge pull request #2210 from blocktrron/mesh-sae-unused-params
mesh-wireless-sae: drop unused function parameters
2021-05-02 13:58:58 +02:00
David Bauer
a922944fee mesh-wireless-sae: drop unused function parameters
Drop these unused parameters in the function description, as only the
first parameter is referenced within the function block.
2021-05-02 02:20:00 +02:00
Linus Lüssing
98f3f63842 gluon-ebtables-filter-multicast: relax IPv6 multicast firewall rules
Allow the transmission of IPv6 multicast packets as long as they are not
flooded through the whole mesh.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2021-05-01 22:36:14 +02:00
Linus Lüssing
cb505a354a batman-adv: Introduce no noflood mark
This mark prevents a multicast packet being flooded through the whole
mesh. The advantage of marking certain multicast packets via e.g.
ebtables instead of dropping is then the following:

This allows an administrator to let specific multicast packets pass as
long as they are forwarded to a limited number of nodes only and are
therefore creating no burdon to unrelated nodes.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2021-05-01 22:33:59 +02:00
David Bauer
f4adb66772 gluon-web-private-wifi: define ifname for WAN radio
Set the ifname for the WAN radio (Private WLAN) to wanX, X being the
radio index.

All other radios created by Gluon already have their ifname defined
following this pattern.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-05-01 20:57:15 +02:00
Martin Weinelt
a63be6928c
Merge pull request #2208 from blocktrron/actions-next-subbranch
actions: build gluon for next sub-branches
2021-05-01 13:54:59 +02:00
David Bauer
53b647f748 actions: build gluon for next sub-branches
Currently we do not perform CI firmware builds on the next-2102 branch.

Build Gluon for all branches starting with "next" to increase the
coverage of our build tests.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-05-01 13:35:36 +02:00
Martin Weinelt
069c8b2035
Merge pull request #2207 from blocktrron/web-admin-flashsize
web-admin: fix firmware partition name
2021-05-01 12:27:26 +02:00
David Bauer
d0551c2dcd web-admin: fix firmware partition name
The rudimentary flash size determination function expects the partition
for the devices firmware to be called "linux" while it is (since quite
some time) "firmware".

Fix this error to display available flash size as well as more useful
error message in case the uploaded firmware image exceeds the flash
space.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-05-01 03:15:51 +02:00
David Bauer
4cd644a7a8
Merge pull request #2206 from T-X/pr-batman-adv-enable-mcast-optimizations
gluon-mesh-batman-adv: reenable batman-adv multicast optimizations
2021-04-29 01:07:52 +02:00
Linus Lüssing
288daf5a47 gluon-mesh-batman-adv: reenable batman-adv multicast optimizations
With batman-adv 2020.4 and the according backports to batman-adv v2019.2
several more bugs were found and fixed regarding the batman-adv
multicast optimizations feature.

Also a "wakeup-call" feature was added to the Linux bridge IGMP/MLD
snooping code in Gluon to work around issues with Android devices.

With batman-adv now at v2019.2, multicast-to-multi-unicasts conversion
is supported, too. Which means that even if there are a few outdated nodes
these and all other recipients will be served multicast packets via unicast,
too, as long as the sum of receiving nodes does not exceed the multicast
fanout setting (default: 16). If is exceeded, then batman-adv will revert
back to broadcast flooding automatically.

Long story short, with all these extra measures in place, let's reenable
the batman-adv multicast optimizations to reduce the layer 2 overhead
and in preparation for multicast applications in the future.

The default is enabled for this feature anyway, so removing the
"batctl multicast_mode 0" overwrite is sufficient.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2021-04-29 00:40:39 +02:00
Martin Weinelt
7904e0315f
modules: update OpenWrt
cc0b70467d mac80211: backport upstream fixes
2c46ba4356 kernel: backport fix for flexcan bug
7f3ec4ce39 kernel: bump 4.14 to 4.14.229
273ded68b8 kernel: bump 4.14 to 4.14.228
c43c434b58 kernel: bump 4.14 to 4.14.227
2021-04-28 01:14:56 +02:00
Martin Weinelt
3b9aebf13b .editorconfig: bunch of additions
Formats:
- Restructured Text
- JSON
- MarkDown

Specific Files:
- .ecrc
- CMakeLists.txt

Ignore:
- /patches/ directory, we will not be editing foreign patches for their
  indentation
2021-04-28 01:01:35 +02:00
David Bauer
24a21336d8
Merge pull request #2128 from tokudan/master-autoupdater-doc
autoupdater: document behaviour if manifest DATE is in the future
2021-04-28 00:57:17 +02:00
Daniel Frank
be9d2cd201
docs: autoupdater: document manifest header
Explains the behaviour when DATE is either in the future or in the past
and hints at how the firmware rollout can be controlled using the
PRIORITY variable.

Co-Authored-By: Martin Weinelt <martin@darmstadt.freifunk.net>
2021-04-28 00:54:21 +02:00
David Bauer
3f267d637e
Merge pull request #1986 from 2tata/archer-d50
targets/ath79-generic: add archer-D50 v1
2021-04-28 00:31:06 +02:00
Jan-Tarek Butt
9826a12b38 ath79-generic: add Archer D50 v1
Signed-off-by: Jan-Tarek Butt <tarek@ring0.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
2021-04-28 00:30:25 +02:00
David Bauer
5f3bb758b3
Merge pull request #2154 from yanosz/patch-1
Mention names of opkg-keys in doc
2021-04-28 00:20:02 +02:00
yanosz
96dfbc46c0
docs: Document location and handling of opkg keypair
Co-Authored-By: Martin Weinelt <martin@darmstadt.freifunk.net>
2021-04-28 00:18:31 +02:00
David Bauer
490c522351
Merge pull request #2200 from AiyionPrime/status_page_role
gluon-status-page: add role to status-page
2021-04-28 00:11:26 +02:00
David Bauer
0ce961eb8c
Merge pull request #2201 from AiyionPrime/status_page_wifi_channel
gluon-status-page: add channels to status-page
2021-04-28 00:10:46 +02:00
aiyion.prime
e6bdbe811a gluon-status-page: use sitetranslation for role 2021-04-23 15:57:37 +02:00
aiyion.prime
f14707cfa2 gluon-status-page: use mac80211 identifier (phy) 2021-04-22 22:43:48 +02:00
aiyion.prime
dc400c9220 gluon-status-page: reformat spaces 2021-04-22 21:43:55 +02:00
aiyion.prime
344d3ab686 gluon-status-page: add channels to status-page 2021-04-22 21:43:55 +02:00
David Bauer
b72588a014 modules: update Gluon packages 2021-04-22 20:25:23 +02:00
Martin Weinelt
a2be901803
docs: Add v2020.2.3 release notes 2021-04-14 02:10:15 +02:00
aiyion.prime
b6ec181c80 gluon-status-page: add role to status-page 2021-04-12 12:08:04 +02:00
Martin Weinelt
e713f9658f
Merge pull request #2197 from txt-file/patch-2
contrib/Dockerfile: use apt-get instead of apt
2021-04-07 19:10:31 +02:00
Martin Weinelt
503059ba29
Merge pull request #2196 from AiyionPrime/fix_tq_width_firefox_dejavu_sans
statuspage: fix tq width
2021-04-07 18:52:38 +02:00
Vieno Hakkerinen
09d6f70b07
contrib/Dockerfile: use apt-get instead of apt
* apt is meant for user interactive usage. apt does not guarantee a stable CLI.
* set DEBIAN_FRONTEND=noninteractive to tell apt-get that no user interaction is wanted
2021-04-07 18:01:56 +02:00
aiyion.prime
5e2525f573 statuspage: fix tq width
overflow for 'DejaVu Sans'.
2021-04-07 13:02:33 +02:00
Martin Weinelt
2e6752074f
Merge pull request #2192 from txt-file/patch-1
contrib/actions: use apt-get instead of apt
2021-04-05 22:55:18 +02:00
Vieno Hakkerinen
ca7a8ff528
contrib/actions: use apt-get instead of apt
apt does not have a stable CLI interface. Don't use it in scripts.
2021-04-05 21:33:04 +02:00
Martin Weinelt
34e8aed9f8
Merge pull request #2191 from freifunk-gluon/ci-relax-runner-pin 2021-04-05 19:43:31 +02:00
Martin Weinelt
394bc8e6bd
contrib/actions: drop custom sources.list 2021-04-05 04:11:29 +02:00
Martin Weinelt
e6b996f0e1 Revert "actions: pin Ubuntu version"
This reverts commit d9621048ed.
2021-04-05 04:09:42 +02:00
Martin Weinelt
272e30fda6
modules: update packages
fdd4afe6a adblock: fix init status command
5a8a7aeab libreswan: update cu 3.32
7af60cc3e libftdi1: Improve build binary reproducibility
aa3e95ac6 https-dns-proxy: bugfix: correct PROCD firewall object
abb3c7ede mariadb: update to version 10.2.37
cb6509e88 gnutls: patch security issue
41388ed8a php: add fix for updated ICU 68+
353063521 https-dns-proxy: support for additional Force DNS ports
44b301125 bind: update to version 9.16.13
612fbeb58 nnn: update to version 3.4
1952a1c2a python-aiohttp: backport fix for CVE-2021-21330
13ab7af3f icu: update to 68.2
2120a3cf5 icu: update to 68.1
10712797f icu: fix compilation under CentOS 7
79ddd0328 icu: update to 67.1
227597c97 haproxy: Update HAProxy to v2.0.21
a8a405928 tmate: add new package
01ab015a9 msgpack-c: add new package
97beb7d36 minidlna: update to 1.3.0
0494d8706 tor: update to version 0.4.4.8
40d56e46b mwan3: remove mwan3 ubus call on mwan3 iface hotplug ACTION
b66d262d7 net/mosquitto: bump to 1.6.14
e573dac5f CI: backport GitHub action CI
81fa8cf89 nextdns: Update to version 1.11.0
af02206e2 vpn-policy-routing: better processing of custom user files
5c58de5e6 libpam: update to 1.5.1
86a70892d libpam: update to 1.5.0
ef17e4a30 libpam: update to 1.4.0
85d122fdc nano: update to 5.6.1
a6a27c904 ninja: update to 1.10.2
b4adde587 ninja: fix typo
7fd680224 ninja: use for CMake
1299b07ee ninja: update to 1.10.1
86bb11e97 vpn-policy-routing: update to 0.3.2-18
2faeeb18e python-maho-mqtt: bump to versio 1.5.1
5c95dda73 unbound: update to 1.13.1
3abe9d0ae vpn-policy-routing: bugfix: netflix user file missing redirect
904d911c5 vpn-policy-routing: update user netflix file
2666b3d00 nano: update to version 5.6
7d26130b3 vpn-policy-routing: custom user scripts improvements
7d9d8616c libedit: update to version 20210216-3.1
ca01f389d libedit: update to version 20193112-3.1
855023214 adblock: update blocklist sources
39f3941cd knot: update to version 3.0.4
1662ca26b knot: update to 3.0.3
9389a5dd1 knot: disable embedded xdp
7619ff0df knot: update to 3.0.2
5ddcc2e05 knot: disable libnghttp2 autodetection
fb103be86 knot: update to version 3.0.1
523011bf4 screen: backport fix for CVE-2021-26937
8e1b62d4b openvswitch: update to version 2.11.6 (security fix)
5e24f6db6 vpn-policy-routing: update to version 0.3
0d0e4b96b netdata: update to version 1.29.2
2980cb8db netdata: update to version 1.29.1
f05ba1bbc python3: Update to 3.7.10, refresh patches
7be89f1f3 zerotier: bump to 1.6.4
fcf72948a bind: bump to 9.16.12
feb1a188e ksmbd: remove kmod-crypto-arc4 dependency
2f7026e65 htop: update to 3.0.5-1
ad186135a python-paho-mqtt: Update to version 1.5.0
3f0dbcdae isc-dhcp: seeing crashes when attempting to update dynamic dns
95fa96bda ttyd: force enable authentication for login
1a4184c07 https-dns-proxy: support for force DNS/DNS hijacking
b1fec2b7b mosquitto: bump to 1.6.13
5954e5695 getdns: disable static linking of getdns utilities
db69f0b57 zerotier: update to 1.6.3
1cec6bcfa getdns: Fix TLS V1.3 Ciphersuites option in Stubby
d7b42dcaa getdns: fix compilation without deprecated OpenSSL APIs
798c3ba3f keepalived: fix config typo
d41a0b75a keepalived: add script security param to fix warning
dbc66a08f ksmbd: update to 3.3.4
86c880712 ksmbd-tools: update to 3.3.4
dee2e818b keepalived: set default run directory for pid file on build
cf7969564 simple-adblock: remove dependency on jsonfilter & old code
bee91a9d8 sudo: backport patches for CVE-2021-3156
46d327a59 samba4: fix for #13758
e8d15424b nextdns: Update to version 1.10.1
11e9a2e17 php7: Fix prepare target incorrectly referencing 'configure.in' instead of 'configure.ac'
aae5144e7 msmtp: update to version 1.8.14
8e54decfa youtube-dl: update to version 2021.1.16
3b582ebd3 youtube-dl: update to version 2020.12.7
46253b17d https-dns-proxy: bugfix: high CPU utilization
cc38c62ad openwisp-config: update to version 0.5.0
50725c4c8 Revert "libzip: update to 1.7.3"
d8f0ebaa3 libzip: update to 1.7.3
9a0a7f928 libzip: update to 1.7.1 (closes #12512)
5fc922043 libzip: update to 1.6.1
9174036e4 libzip: update to 1.6.0
92f095b21 libzip: fix musl-fts failure
a0d9d76b2 libzip: add package
93d3bfd08 nano: update to 5.5
1224d6c21 idevicerestore: update to 1.0.0
9cfae98a7 idevicerestore: update to 2020-04-20
23f85f8fa idevicerestore: update to 2020-02-17
cb2d40346 idevicerestore: Update to 2019-12-26
202469750 idevicerestore: Add package
646461e2b libirecovery: update to official tarball
4f3b1aa38 libirecovery: fix version
e871dcf6b libirecovery: Update to 1.0.0
4175b8074 libirecovery: Add package
7707d2d78 haproxy: Update HAProxy to v2.0.20
8cc7aef3c nextdns: Update to version 1.9.6
67a324b5e syslog-ng: update to version 3.30.1
9e29bd4de https-dns-proxy: update to 2020-11-25: add HTTP auth and DSCP codepoint support
6d2ea90c3 haveged: update to 1.9.14
64b8dade4 usbmuxd: update to 1.1.1
42f227066 usbmuxd: enable systemd support
13485a4e5 usbmuxd: Update to 2020-01-20
c5aae4a76 usbmuxd: Update to latest master
0d0820d43 usbmuxd: Update to latest git version
46ecb7d58 imobiledevice: backport iOS 14 backup patch.
c71f4a82e libimobiledevice: update to 1.3.0
2ca8db427 libimobiledevice: update to 2020-02-19
2e2775dbc libimobiledevice: Update to 2020-01-20
cbda7d908 libimobiledevice: Update to latest master
f988eff7a libimobiledevice: Update to 2019-11-29
b856f627b libusbmuxd: update to 2.0.2
d59f1c90d libusbmuxd: Several fixes
a17c2aec3 libusbmuxd: Update to 2.0.1
5fc564827 libplist: add missing pkgconfig files in libplist 2.2
7660f6fa2 libplist: update to 2.2.0
8c28123e7 libplist: Several fixes
a60434422 libplist: Update to 2.1.0
3645d2876 libplist: Switch to normal releases
cafbae712 php7: drop patch for openssl deprecated API (fixes #14357)
4d1e525fc netdata: update to version 1.28.0
0563feebc adblock: backport fixes
40c1005f2 htop: update to 3.0.4-1
6bd3f5c37 mwan3: use ping -I for ipv6 after tunnel kernel fix
2a7bbad22 noddos: remove
182264c5b ulogd: Add back autoreconf
6106d1f28 ulogd2: Build IPFIX module
c8730e951 ulogd2: Backport upstream patches
5845691cb net: ulogd2: add myself as maintainer
df1c29679 nut: fix _ handling
e04535e99 qemu: bump PKG_RELEASE
3eb2e140e simple-adblock: config update
dc529c8cd wsdd2: update to git 2020-11-19
adb214338 samba4: update to 4.11.17
304888a37 htop: update to 3.0.3-1
0266f31c9 htop: update to 3.0.2-1
391267fc9 qemu: add patch for qga guest-shutdown command
4626c3bd6 utils/lcd4linux: fix package source
dc015ffe2 simple-adblock: bugfix - config update
9ca6bdaa0 https-dns-proxy: update binary to 2020-08-21
13d999882 zerotier: add patch to avoid including sys/auxv.h
061f81ff6 miniupnpd: Don't override ipv6_listening_ip
2021-04-05 02:49:29 +02:00
Martin Weinelt
87209b9f41
modules: update OpenWrt
81266d9001 openssl: bump to 1.1.1k
6165bb0d60 openssl: sync package download URLs with master
c336db7a78 mbedtls: update to 2.16.10
616fff2a94 mwlwifi: add PKG_FLAGS:=nonshared
dce6b118eb scripts: bundle-libraries.sh: fix broken SDK compiler
afdd5dcd0d build: reduce number of files passed to ipk-remove
1fcd833c9a build: call ipkg-remove using xargs if #args>=512
33df82be36 build: package-ipkg: avoid calling wildcard twice
3402334413 kernel: bump 4.14 to 4.14.224
55e9d87754 kernel: bump 4.14 to 4.14.223
c64742a96e wolfssl: bump to v4.7.0-stable
4b19b2db78 hostapd: P2P: Fix a corner case in peer addition based on PD Request
0a08a9a2b4 build: fix checks for GCC11
a5672f6b96 Revert "base-files: source functions.sh in /lib/functions/system.sh"
b4a4d04b91 kernel: bump 4.14 to 4.14.222
86aeac4fc9 base-files: source functions.sh in /lib/functions/system.sh
e9c0c5021c hostapd: backport ignoring 4addr mode enabling error
a36d2ee310 ramips: remove factory image for TP-Link Archer C20 v1

Fixes: CVE-2021-3450, CVE-2021-3449, CVE-2021-3336, CVE-2021-27803
2021-04-05 02:47:25 +02:00
J. Burfeind
2c0f8292c6
gluon-neighbour-info: end before timeout (#2185)
End the process after one result in case -l is not given
and destination address is unicast.
Reduces singleshot execution time from timeout seconds to around 150ms.

resolves #2184
2021-03-15 17:52:34 +01:00