dec9e83956 hostapd: fix goto loop for ubus assoc handler
c254d83ea8 hostapd: enable ht40 in wpa_supplicant when using wider HE modes
0243f09465 hostapd: add support for providing vendor specific IE elements
28b30ae10b hostapd: add eap_server support
21eb0a5aa3 hostapd: add default values for r0kh/r1kh
32b047e22e hostapd: add support for configuring the beacon rate
1f5155d005 hostapd: add support for configuring rts threshold
75f72696b5 hostapd: fix use after free bugs
0b75372275 hostapd: add wmm qos map set by default
6ac1b9188a hostapd: support qos_map_set without CONFIG_INTERWORKING
5a8988baa9 hostapd: refresh patches
9b660c63ad hostapd: fix a race condition on adding AP mode wds sta interfaces
d9373c5922 hostapd: fix max_oper_chwidth setting for HE
4a53adbd43 hostapd: let netifd set bridge port attributes for snooping
345f8fc7f3 hostapd: respect fixed channel BW in HE20 mode
23909a85de hostapd: make proxyarp work with libnl-tiny
aada4d0e78 hostapd: fix a segfault on sta disconnect with proxy arp enabled
c75d176882 hostapd: make the snooping interface (for proxyarp) configurable
93dc8760b0 hostapd: configure inter-AP communication interface for 802.11r
ce7a170414 hostapd: add additional radius options
7d1c464a23 hostapd: add extra options for hotspot 2.0 / interworking
e480a0986e hostapd: fix civic location option
46aa34ee0f hostapd: enable airtime policy for the -basic variants
62fa301cce hostapd: add patch for disabling automatic bridging of vlan interfaces
2982f1ec0a mt76: update to the latest version
ee5b593435 mac80211: fix crash in drivers relying on mac80211 retransmitting packets for powersave clients
fb98c8a610 mac80211: backport a few trivial patches
2007d4e208 mac80211: backport AP mode TWT support
c5ef1cee8a mac80211: backport support for BSS color changes
bb5da058db mac80211: add missing change for encap offload on devices with sw rate control
52300733cd mac80211: backport SAR power limit support
68886f3018 mac80211: merge the virtual time based airtime scheduler
c20f4e24bd mac80211: set beamformer/beamformee number of antennas in VHT caps
91ba22e3a4 mac80211: fix IBSS/adhoc mode for brcmfmac
27e4c5cf47 mac80211: allow retry of wifi setup if an iw interface add command fails
4a70b93f2d mac80211: fix HT40 mode for 6G band
cdb867b73a mac80211: fix processing HE capabilities (FS#3871)
7b7b494d56 mac80211: fix typo
8e3b3fa577 mac80211: do not enable VHT in the default config on 2.4 GHz
4edda0c544 mac80211: fix detecting VHT capabilities when generating the default config
8133d59da9 mac80211: add more HE capabilities
42d542e04f mac80211: fix center freq selection for 6 GHz
b535ec25eb mac80211: set hostapd op_class for 6 GHz
7a2405efc6 mac80211: rework default config script
d0b33833ae mac80211: make use of the new 'band' option
be55e7d5dd netifd: update to the master branch
aae63bb9a9 iw: enable print wpa ie for scan
df363764b7 netifd: fix deletion of ip tunnels (FS#4058)
c744798cad uboot-lantiq: danube: fix hanging lzma kernel uncompression
4b0f87729c wireless-regdb: update to version 2021.08.28
0b7311300b kernel: bump 5.4 to 5.4.158
2f04012b20 base-files: chmod 1777 /var/lock
6ec5dbd2a1 libpcap: add rpcapd as package
6fe4b7aa2b gpio-button-hotplug: convert to gpio descriptor (gpiod_) API
4607f55439 bcm4908: fix calculation of new cferam index
b4c40a7efc ramips: minew g1-c: Allow dynamic RAM sizes
f441be3921 iproute2: m_xt.so depends on dynsyms.list
a77ea2f05f OpenWrt v21.02.1: revert to branch defaults
b4d7885af7 OpenWrt v21.02.1: adjust config defaults
88151b8303 ipq40xx: ar40xx: reset port status register
23778f067a wolfssl: fix compile when enable-devcrypto is set
3f8adcb215 wolfssl: remove --enable-sha512 configure switch
249478ec48 wolfssl: always build with --enable-reproducible-build
23cd9fafa8 ath79: mikrotik: use 64 KiB SPI NOR erase sectors
16414718f9 wolfssl: update to 4.8.1-stable
5a02760c8f wolfssl: fix build with GCC 10 on 32 x86 targets
24b23ed96a layerscape: Add missing config option
7bf7f78891 layerscape: Fix build in dtb
2274e4c1fc ncurses: add tmux terminfo
eb5c2fed51 ncurses: add screen-256color terminfo
df9ca41322 ncurses: split long line of supported terminfo
f509ff77d4 glibc: update to latest 2.33 HEAD (bug 28213)
a13efd2253 tools/isl: update the download URL
284f8a64b7 ath10k-ct: update to version from 2021-09-22
aa2d61eced tools/m4: update to 1.4.19
b4ed8a9275 kernel: bump 5.4 to 5.4.154
43a5bebda1 wolfssl: bump PKG_RELEASE
4b212b1306 wolfssl: build with WOLFSSL_ALT_CERT_CHAINS
c43a5921fa mvebu: add support for iEi Puzzle-M901/Puzzle-M902
bb1eb5e8e6 mvebu: backport CN9130 dts necessary files changes to 5.4
f1f304940b build: prereq detect Python 3.10 for `python3` binary
e7c5e08db0 kernel: ar8216: add get_features method
9b258f220f prereq-build: recognize Python 3.10
913403b587 build: fix `which` detection on Fedora & MacOS
e604873e8a uhttpd: make organization (O=) of the cert configurable via uci
76d90a5eaf uboot-lantiq: fix sha1.h header clash when system libmd installed
8cc7ac54b6 kernel: bump 5.4 to 5.4.150
In js `return` does behave like `continue` in a forEach() iteration.
The fixed function was intended to return nothing on error and does so
now, instead of a shorter (useless) array like before.
52d7ac4 respondd-module-airtime: move const specifier to the right location
8067032 respondd-module-airtime: remove incorrect fprintf argument
1412236 respondd-module-airtime: remove PHY ID again
1dd5cd1 respondd-module-airtime: improve error handling
b4858b1 net/wgpeerselector: keep same datatype on ubus status (#250)
Signed-off-by: David Bauer <mail@david-bauer.net>
Calling functions like recv() with a NULL buffer is not explicitly
allowed by the POSIX standard, so it must be avoided to be portable
across different libc implementations. Allocate an initial buffer before
handling requests, and also pass this buffer to the peek recv() call.
Fixes: 531937cf6f ("gluon-neighbour-info: fix broken output with large results")
This removes PKG_VERSION and PKG_RELEASE from most Makefiles, as the
value was never useful for Gluon packages; instead, PKG_VERSION is set
to 1 in gluon.mk.
It also removes two other weird definitions:
- gluon-iptables-clamp-mss-to-pmtu replicating the old PKG_VERSION logic
from gluon-core, but without the fixed PKG_BUILD_DIR to prevent
unnessary rebuilds
- gluon-hoodselector set GLUON_VERSION=3
Sometimes it is useful to override the default version detection, for
example when local patches are applied to a repo. Allow providing a
version number using a file called .scmversion, which is the same that
the Linux kernel and U-Boot use.
Calling git describe directly breaks isolation between the build system
and packages. Replace this with proper .config variables, like we
already do for GLUON_RELEASE.
Also replace the PKG_VERSION hack with a static '1', as we do for other
packages - while having those version numbers in opkg was cute, it was
also entirely useless. Having a fixed PKG_VERSION allows us to remove
the PKG_BUILD_DIR override as well.
Currently a buffer with a fixed size of 8192 bytes is used. However the
result can potentially be larger, which leads to a truncated JSON
output on stdout. UDP packets, without compression and with IP
fragmentation, can be up to 64KiB large.
Instead of using a fixed size buffer on the stack ask the kernel first
about the size of the UDP data and allocate a buffer of appropriate size
on the heap before receiving the UDP data.
The issue was observed with a custom respondd provider.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
7fcb8024d openpyxl: bump to version 3.0.9
c0b23efab [openwrt-21.02] delve: Update to 1.7.2
365b62f4f zerotier: update to 1.6.6
172ebab28 xray-core: Update to 1.4.5
5d3faa6a4 yq: Update to 4.13.2
713051525 attendedsysupgrade-common: use sysupgrade.openwrt.org
ecf1e6575 libmbim: bump to 1.24.8
54a095164 modemmanager: bump to 1.16.6
dab28002f libqmi: bump to 1.28.8
602dbc60f libqmi: bump to 1.28.6
d8f33f73e lxc: remove legacy cgroups from common.conf
67e9ed1d5 syncthing: update to 1.18.2
2cd1fa16b python-astral: update to version 2.2
e1c24c07f fail2ban: patch CVE-2021-32749
6979ce4a6 php7: fix config file upgrade issue (fixes#14623)
2929694f8 php7: update to 7.4.23
54d1c110b yq: Update to 4.13.0
fd21207cf travelmate: update to 2.0.7-2
2bb2a48d1 openpyxl: bump to version 3.0.8
50351667a adguardhome: bump to 0.106.3
a98adbc47 adguardhome: bump to 0.106.2
8236e0441 adguardhome: bump to 0.106.1
b5ad600a7 adguardhome: bump to 0.106.0
be38dc31e adguardhome: bump to 0.105.2
b1b8128e4 adguardhome: bump to 0.105.1
8a06dc026 autoconf: fix shebang
8638a565c parted: add new package
3fdaf7d8d golang: Update to 1.17.1
929b57d85 banip: update 0.7.10-3
af46ac4bf travelmate: update to 2.0.7
40b7ea606 ntfs-3g: patch CVE-2019-9755
e72cc2b0a python3: bump version to 3.9.7
cd82a36ba fail2ban: fix hotplug when disabled
a5109ac20 django: bump to version 3.2.7
98708c83e fail2ban: fix package for fail2ban v0.11.2
f056f252c fail2ban: initial package of fail2ban version 0.11.2 python3-pyinotify: initial package version 0.9.6 of pyinotify for python3
89bdb70f1 nextdns: Update to version 1.37.2
58b23e9bc unbound: backport fix for permission denied error
60a7fc782 unbound: update to 1.3.2
b81785de9 unbound: fix build on non-linux systems
8ca8872b3 cgi-io: update to latest Git HEAD
4ba1aac1f haproxy: Update HAProxy to v2.2.17
178b9484d wsdd2: update to git (2021-08-09), switch to Netgear repo
593931084 samba: update to 4.14.7
ca591b551 tor: update to version 0.4.5.8
a5206895e nextdns: Update to version 1.37.1
642d2b0a5 xray-core: Update to 1.4.3
6071edf17 banip: update 0.7.10-2
9cf487461 nextdns: Update to version 1.37.0
dd093d410 pillow: bump to version 8.2.0
7022e9913 acme: Fix uhttpd restart to load new certificates
6256cf49d python-certifi: update to version 2021.5.30
59dab31e0 squashfs-tools: bump to version 4.5
73364d0c4 hplip: add a patch to respect CFLAGS
6b1133720 collectd: sensors plugin - depend on lm-sensors
090623ac1 mwan3: Use shebang in /etc/mwan3.user
119a05ffd perlbase-data: Add dependency on perlbase-scalar
502ca434c lttng-tools: fix linking with full language support enabled
73bd199ab stoken: fix compilation with BUILD_NLS
7674639c5 augeas: fix compilation with BUILD_NLS
9d4046157 treewide: Remove GO_PKG_LDFLAGS for stripping binaries
0b8baefec openvpn: add OpenVPN option push-peer-info
82dc4c08b python-cryptography: Update to 3.4.8
65057dcbb tailscale: update to version 1.12.3
f818f4a0d tailscale: update to version 1.12.1
13faefa9b tailscale: update to version 1.8.7
a1b8c64c2 tailscale: update to version 1.8.1
d721fea58 libssh: update to 0.9.6
The address of the vpn interface is calculated in the style of
modified EUI-64, based on a virtual mac address. This virtual mac
address consists of 0x00 as first byte and the other five bytes
are taken from the first bytes of md5sum(base64 encoded public key).
The algorithm was taken by the ffmuc, with a slight difference. ffmuc
calculated the result of md5sum(base64 encoded public key + '\n')
which was interpreted as accidential fault and therefore dropped.
Example:
- Public-Key: "gP3VJnTTvnQut+z4O+m0N9RgMyXbgyUbUkF3E3TKX2w="
- Address: "fe80::02ca:b8ff:fedc:2eb3"
The following interfaces are used for wireguard:
- wg_mesh -> wireguard interface
- mesh-vpn -> vxlan iface on top of wg_mesh
If you use this new feature, make sure the NTP servers in your site
config are publicly reachable. This is necessary, since wireguard
requires correct time before the vpn connection is established.
Therefore gluon performs ntp time synchronisation via WAN before it
establishes the vpn connection. Therefore the NTP servers have to
be publicly reachable (and not only via mesh).
Hardware
--------
MediaTek MT7621AT
256M DDR3
32M SPI-NOR
MediaTek MT7603 2T2R 802.11n 2.4GHz
MediaTek MT7915 2T2R 802.11ax 5GHz
Not Working
-----------
- Bluetooth (connected to UART3)
UART
----
UART is located in the lower left corner of the board. Pinout is
0 - 3V3 (don't connect)
1 - RX
2 - TX
3 - GND
Console is 115200 8N1.
Boot
----
1. Connect to the serial console and connect power.
2. Double-press ESC when prompted
3. Set the fdt address
$ fdt addr $(fdtcontroladdr)
4. Remove the signature node from the control FDT
$ fdt rm /signature
5. Transfer and boot the OpenWrt initramfs image to the device.
Make sure to name the file C0A80114.img and have it reachable at
192.168.1.1/24
$ tftpboot; bootm
Installation
------------
1. Connect to the booted device at 192.168.1.20 using username/password
"ubnt".
2. Update the bootloader environment.
$ fw_setenv devmode TRUE
$ fw_setenv boot_openwrt "fdt addr \$(fdtcontroladdr);
fdt rm /signature; bootubnt"
$ fw_setenv bootcmd "run boot_openwrt"
3. Transfer the OpenWrt sysupgrade image to the device using SCP.
4. Check the mtd partition number for bs / kernel0 / kernel1
$ cat /proc/mtd
5. Set the bootselect flag to boot from kernel0
$ dd if=/dev/zero bs=1 count=1 of=/dev/mtdblock4
6. Write the OpenWrt sysupgrade image to both kernel0 as well as kernel1
$ dd if=openwrt.bin of=/dev/mtdblock6
$ dd if=openwrt.bin of=/dev/mtdblock7
7. Reboot the device. It should boot into OpenWrt.
Before this commit, some *.po files contained the same translation
twice within the same file. While this did not led to errors in
gluon yet, it is still invalid. This commit fixes that and removes
the duplicates.
- Move site check for prefix4 and extra_prefixes6 to gluon-core, so the
rules don't need to be duplicated in several packages. This also fixes
gluon-respondd not checking extra_prefixes6 at all when
gluon-ebtables-source-filter is not installed as well.
- A redundant check for prefix6 is removed from gluon-l3roamd (this was
already checked by gluon-core)
- A separate check for prefix4 remains in gluon-client-bridge, as the
setting in mandatory there
* ath79-generic: add support for Onion Omega
support was previously dropped in
commit 45c84a117b ("ar71xx: drop target")
* fixup! ath79-generic: add support for Onion Omega
* fixup! ath79-generic: add support for Onion Omega
- [x] must be flashable from vendor firmware
- [ ] webinterface
- [ ] tftp
- [x] other: Console port available. Manufacturer specific cable required.
Tutorial in OpenWRT commit message https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=c6e972c8772a628a1a2f2e5590d7c6f4acef9ab0
- [x] must support upgrade mechanism
- [x] must have working sysupgrade
- [x] must keep/forget configuration (if applicable)
*think `sysupgrade [-n]` or `firstboot`*
- [x] must have working autoupdate
root@Aruba-AP-303H:~# lua -e 'print(require("platform_info").get_image_name())'
aruba-ap-303h
- [x] reset/wps/phone button must return device into config mode
- [x] primary mac should match address on device label (or packaging) (https://gluon.readthedocs.io/en/latest/dev/hardware.html#notes)
- wired network
- [x] should support all network ports on the device
- [x] must have correct port assignment (WAN/LAN)
- wifi (if applicable)
- [x] association with AP must be possible on all radios
- [x] association with 802.11s mesh must be working on all radios
- [x] ap/mesh mode must work in parallel on all radios
- led mapping
- power/sys led (_critical, because led definitions are setup on firstboot only_)
- [x] lit while the device is on
- [x] should display config mode blink sequence
(https://gluon.readthedocs.io/en/latest/features/configmode.html)
- radio leds
- [x] should map to their respective radio
- [x] should show activity
- switchport leds
- [x] should map to their respective port (or switch, if only one led present)
- [x] should show link state and activity
- outdoor devices only
- [ ] added board name to `is_outdoor_device` function in `package/gluon-core/luasrc/usr/lib/lua/gluon/platform.lua`
- ToDo (upstream):
- enable PoE pass through on interface E3
system.poe_passthrough=gpio_switch
system.poe_passthrough.name='PoE Passthrough'
system.poe_passthrough.gpio_pin='446'
system.poe_passthrough.value='0' (0 is active)
e294a22 batman-adv: Refresh patches with quilt
519ef4a batman-adv: Merge bugfixes from 2021.2
8d93475 olsrd: add filtergw plugin
76a7bc7 olsrd: update to 2021-06-21
3912935 olsrd: use SPDX
69e2fe6 bird2: Fix bus error on OSPF on IPQ806X
fa1791dbc htop: Add HTOP_LMSENSORS config option
19998f14f banip: update 0.7.10
36ffcd66f xray-core: fix build under go 1.17
2b17d1ca9 golang: Update to 1.17
0e3c2d959 gpsd: bump to 3.23
3b73213bf yq: Update to 4.12.1
954eba88a auc: update to version 0.2.4
af4098118 yq: Update to 4.12.0
cec17047d apr: patch CVE-2021-35940
1c982c63a nextdns: Update to version 1.36.0
4adf9a1c1 mosquitto: allow auth options with per listener settings
c4f61bf57 mosquitto: init: support more UCI options
6c9d59571 airos-dfs-reset: add airos-dfs-reset
baceb237a [openwrt-21.02] delve: Update to 1.7.1
0bd7e25f2 phantap: update to latest commit
06011c690 travelmate: update to 2.0.6
3733d0a7d travelmate: update to 2.0.5-3
d89bb6bec https-dns-proxy: patch CMakeList.txt to use OpenWrt CFLAGS
8b5002a6e dnscrypt-proxy2: Upgrade to 2.1.0
ffb8b452a c-ares: update to version 1.17.2
ce0c9af93 mc: add a missing Syntax file
f5669e3a6 mblaze: new package
af616fc58 hwdata: update to version 0.350
0240320e8 tvheadend: update to v4.2.8, remove static ffmpeg
4ddc4a613 tvheadend: fix compilation with GCC 9 and 10
fdee10fde python3-setuptools: add _distutils_hack
affb4038c zabbix: Call killall with the -s
d0444c0f5 git: update to 2.33.0
e583b7e3e mc: update to 2.8.27
542aa086e curl: update to 7.78.0
dd49c191a auc: update to version 0.2.0
395f55203 unixodbc: use 'install' when copying host binaries
b3c416b2d perl: perlmod.mk: use 'install' for host binaries
5665c3bdf stubby: Add multi WAN support for procd trigger
1ca9b3c98 stubby: remove maintainer
39b401638 stubby: remove libidn2 and libunwind dependencies
57eab26bb stubby: bump to 0.4.0
cb7030229 sqm-scripts: bump to v1.5.1
eed183c5f travelmate: update to 2.0.5-2
3eab47600 travelmate: update to 2.0.5
20ff270f2 django: bump to version 3.2.6
b3cfba1de dockerd: Updated to 20.10.8
832671029 docker: Updated to 20.10.8
6fb2beb6a containerd: Updated to 1.4.9 for docker 20.10.8
f815bdd72 runc: Updated to 1.0.1 for docker 20.10.8
10b295626 whois: update to 5.5.9
6f82209e4 whois: update to 5.5.8
eda1e1045 gitlab-runner: update to 14.0.1
aa4171673 clamav: update to 0.103.3
2fc25208a irssi: add test.sh
8de166f42 irssi: update to 1.2.3
e264d6689 atlas-sw-probe: fix copypaste error and clean tmp dir on exit
9cb317541 Flash: update to version 2.0.1
eb5e13d37 Jinja2: update to version 3.0.1
573338fe4 Werkzeug: update to version 2.0.1
d1007d29f MarkupSafe: update to version 2.0.1
9fa4ce04a click: update to version 8.0.1
735f9ed87 itsdangerous: update to version 2.0.1
979464c6a net/snort3: Include default configs and snort2lua
