Commit Graph

3935 Commits

Author SHA1 Message Date
Martin Weinelt
f6faa50ad5
Merge pull request #2337 from freifunk-gluon/makefile-fixes 2021-12-19 14:11:21 +01:00
Martin Weinelt
f7c04b571c
Merge pull request #2342 from freifunk-gluon/ci-fixes 2021-12-19 14:08:04 +01:00
Matthias Schiffer
d8aca7f211
workflows: build-gluon: avoid failure when no path filter matches
The CI should be successful when there is nothing to check. Add if
condition as proposed in [1].

[1] https://github.com/dorny/paths-filter/issues/66#issuecomment-778267385
2021-12-18 23:51:17 +01:00
Matthias Schiffer
83808221d7
workflows: build-gluon: remove obsolete comment
build-gluon.yml is not generated anymore.
2021-12-18 23:47:41 +01:00
Martin Weinelt
4d22ab188e
Merge pull request #2341 from freifunk-gluon/dependabot/pip/docs/sphinx-rtd-theme-1.0.0 2021-12-18 16:13:05 +01:00
Martin Weinelt
1f1dccf13f
Merge pull request #2340 from freifunk-gluon/dependabot/github_actions/actions/upload-artifact-2.3.1 2021-12-18 16:00:36 +01:00
dependabot[bot]
131baaa555
build(deps): bump sphinx-rtd-theme from 0.5.2 to 1.0.0 in /docs
Bumps [sphinx-rtd-theme](https://github.com/readthedocs/sphinx_rtd_theme) from 0.5.2 to 1.0.0.
- [Release notes](https://github.com/readthedocs/sphinx_rtd_theme/releases)
- [Changelog](https://github.com/readthedocs/sphinx_rtd_theme/blob/master/docs/changelog.rst)
- [Commits](https://github.com/readthedocs/sphinx_rtd_theme/compare/0.5.2...1.0.0)

---
updated-dependencies:
- dependency-name: sphinx-rtd-theme
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-18 14:41:58 +00:00
dependabot[bot]
18cddd2046
build(deps): bump actions/upload-artifact from 1 to 2.3.1
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 1 to 2.3.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v1...v2.3.1)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-18 14:41:54 +00:00
Felix
ae911a1331
Add dependabot.yml config (#2335) 2021-12-18 15:41:33 +01:00
Matthias Schiffer
b40b1c82e0
Merge pull request #2312 from freifunk-gluon/gluon-web-wifi-cleanup
Hide WLAN config on devices without WLAN + related cleanup
2021-12-16 20:03:27 +01:00
Matthias Schiffer
1013dcb148
gluon-ebtables-filter-ra-dhcp: disable DHCPv4 filter when gw_mode == 'server' (#2324)
In meshes without VPN or supernodes, it may be desirable to connect a
router providing IPv4 addresses directly to a regular Gluon node. For
this to work, it was necessary to remove the gluon-ebtables-filter-ra-dhcp
package from the node, so the autoupdater also needed to be disabled.

To avoid this, make gluon-ebtables-filter-ra-dhcp disable the DHCPv4
filter rules when gw_mode is set to 'server'.

No solution is provided for RA/DHCPv6, but this seems less pressing for
local meshes, as nodes can already provide working IPv6 connectivity
by themselves through gluon-radvd.
2021-12-16 20:01:57 +01:00
Matthias Schiffer
286d07b35f
Makefile: error earlier when site.mk is missing
The site.mk target was only evaluated after the whole makefile was
parsed. This caused the GLUON_DEPRECATED error to be emitted first
(hiding the more helpful message that no site config was found) on Gluon
2021.1.x, where GLUON_DEPRECATED is used in a toplevel if in targets.mk.

By moving the check from recipe context to the toplevel, we ensure that
it is evaluated during parsing.
2021-12-15 20:59:26 +01:00
Matthias Schiffer
caa09e2fae
Makefile: remove duplicate GLUON_RELEASE entry from GLUON_VARS 2021-12-15 20:48:53 +01:00
David Bauer
e153ba6bd7 modules: update routing
6d10a01 batman-adv: Merge bugfixes from 2021.4
3336ecd naywatch: warn user
9e7698f babeld: remove unnecessray blob_buf_init calls
c524118 babeld: free blob-buffers that are on stack
1fcda9d olsrd: wait for wireless to initialize before starting
2021-11-23 22:31:31 +01:00
David Bauer
1ed8a6c4fc modules: update packages
b320cc083 docker: Update to 20.10.11
307236dca dockerd: Update to 20.10.11
b35eba3c9 containerd: Update to 1.4.12
b74f8b68c conntrack-tools: import patch to fix cache
47ce72c8b conntrack-tools: add a patch to fix endianness issue
41b3505f7 php8: update to 8.0.13
2381ced33 php7: update to 7.4.26
495c76cd5 rosy-file-server: drop this package
e112fc953 nextdns: Update to version 1.37.4
8d99ece4b golang: Update to 1.17.3
c0ceaca00 auc: remove superfluous variables
34e512ac2 auc: use /json/v1/
a95f71a73 auc: fix some minor issues
15beed2b4 rclone: Update to 1.57.0
966e3cc09 yq: Update to 4.14.2
2c6faddd3 exim: update to version 4.95
4f84a8631 exim: some clean ups
72288cc39 exim: add default config and init script, enable lmtp
783ee334f exim: update to version 4.94.2
cead8569e exim: fix compilation without deprecated OpenSSL APIs
b30fc0a67 gpgme: update to version 1.16.0
c55523b8c podman: update to 3.4.1
23415c437 podman: fix broken conffiles
4ccf03482 podman: update to 3.3.1
37df6c3ca podman: change permissions on /usr/share/containers/seccomp.json
ea7b959fd podman: update to 3.2.0
16a3da37a podman: change permissions on /etc/containers
a129759f0 podman: bumb version to 3.1.2
405bc67f8 podman: update to 3.1.1
961551a85 podman: Add selinux variant and several improvements
cb1d97d52 podman: add 'crun' to containers.conf
90e58bdb9 podman: update to version 3.0.1
2b7349773 conmon: update to 2.0.30
6e74b5d7b conmon: update to 2.0.29
18cc7640b conmon: fix segfault, correct a typo and update description
78a629de7 conmon: update to version 2.0.27
e4d64cc27 conmon: update to 2.0.26
da757a11e cni-plugins: update to version 1.0.1
95c604415 cni-plugins: update to version 1.0.0
89574510e cni-plugins: depend on kmod-veth
3a8dac1bc cni-plugins: update to version 0.9.1
2a684bdfa cni: update to version 1.0.1
e1489cd0f cni: update to 0.8.1
2d027dc82 libinput: update to version 1.19.2
0972feac5 libinput: update to version 1.19.1
975bb6f48 libinput: package libinput cli applets and quriks
cd42b74ac libinput: update to version 1.18.0
4042c299b libinput: update to version 1.17.1
2e5a72bf5 libevdev: update to version 1.12.0
d337bce97 libextractor: update to version 1.11
fd4648a61 pyodbc: update to version 4.0.32
aac8be18a pyodbc: update hash
fe1b4a705 pyodbc: update to version 4.0.31
c4c8aeef2 Werkzeug: update to version 2.0.2
0eb4b34fe Jinja2: update to version 3.0.3
1c0dba883 click: update to version 8.0.3
738e354e2 perl-mail-spamassassin: update to version 3.4.6
68e5146b1 perl-mail-spamassassin: fix compilation without deprecated OpenSSL APIs
7882b7a01 perl-net-dns: update to version 1.32
de68cf3c4 perl-net-dns: update to version 1.30
8dbccb11e opentracker: update to git HEAD of 2021-08-23
10a19bf58 opentracker: update to git HEAD
1bab442de opentracker: update to git HEAD
9fde4ba67 libksba: update to version 1.6.0
132280158 libksba: update to version 1.5.1
821bcc603 libassuan: update to version 2.5.5
2260a2227 libgpg-error: patch to fix cross-compile
8c8e57488 libgpg-error: update to 1.42
a7a051959 i2c-tools: update to version 4.3
698f54b32 hiredis: update to version 1.0.2
543c0969d hiredis: fix compilation with macOS
2fb629239 gawk: update to version 5.1.1
dc8398b66 ccid: update to version 1.4.36
7ee645cba ccid: fix compilation under macOS
920608fdc ccid: update to version 1.4.35
c0d45ae37 ccid: update to version 1.4.34
4c9cb7aa5 cryptsetup: update to version 2.4.1
d6474f836 cryptsetup: update to version 2.3.6
c840b702b cryptsetup: update to version 2.3.5
010ac6555 opensc: update to version 0.22.0
45388a559 opensc: update to version 0.21.0
4f879fe49 pcsc-lite: update to version 1.9.4
98bd76585 pcsc-lite: update to version 1.9.1
717f494ca postgresql: update to version 13.5
3b0f19d6d lvm2: update to version 2.03.14
bc5bb1254 lvm2: update to version 2.03.13
3bbdaa49e lvm2: add hotplug script to scan and enable PVs on hotplug
633e6a303 lvm2: update to version 2.03.12
99dcad1ae lvm2: don't use `-normal` suffix for non-SELinux variants
ec01d0c39 libudev-zero: update to version 1.0.0
beffb3c3f libudev-zero: update to version 0.5.2
3d417377b libudev-zero: update to version 0.4.8
6918a2c9a php8: Clean up and update distributed php.ini for php 8.0.12
44838c21e cyrus-sasl: patch CVE-2019-19906
ad1c43328 dockerd: Update to 20.10.10
786d3c7d7 docker: Update to 20.10.10
895dac37b containerd: Update to 1.4.11
2c928a098 runc: Update to 1.0.2
7e45ad87f php7: Clean up and update distributed php.ini for php 7.4.25
309c5d62a nano: enable showing line numbers with M-N (Alt-n)
50fdbd3a7 nano: enable line numbers (from cmdline)
07b7e67e6 mosquitto: bump to 2.0.13
8c504b293 php7-pecl-redis: update to 5.3.4
ab0bcf1ea php7-pecl-imagick: update to 3.5.1
1ded6ea24 php7-pecl-http: update to version 3.2.4
37941038a xray-core: remove dead jail files
4df93ea61 afuse: Add new package
6eecc3bd4 php7: Support for icu 70.1
f173d1d1d php8: Support for icu 70.1
f2300cd65 tvheadend: add patch to update hdhomerun
3aa30ceee rclone-ng: initial package
33b852064 rclone-webui-react: initial package
698699409 rclone: add test script
139dcb277 rclone: fix logic err in service file
ebabd2430 rclone: initial package
3ff099e0d yq: Update to 4.14.1
fdda9ff98 mariadb: Update to version 10.4.21
6b2535230 lighttpd: update to lighttpd 1.4.61 release hash
a740068f0 lighttpd: update to lighttpd 1.4.60 release hash
6d753e569 bind: Bump to 9.17.19
74081b945 nginx: fix compilation with BUILD_NLS
f57e56fd4 generate-ipv6-address: fix PIC compilation
7f10cee8c php7: update to 7.4.25
a446dba54 php8: update to 8.0.12
b6d2c8f69 dawn: set symm_enc default to 0
733126fc8 mariadb: update to 10.4.18
18a48195c python-websockets: new package
bf3fc8365 atlas-probe: allow parallel build
11f686bc3 atlas-probe: Fix compilation with gcc11
9d02dfdbb knot-resolver: update to 5.4.2
55ba91017 git: update to version 2.33.1
5a96548c2 msmtp: update to version 1.8.17
e6cea0eb5 syslog-ng: update to version 3.34.1
08107fbc5 dnscrypt-proxy2: update to version 2.1.1
63a261a34 checksec: update to version 2.5.0
e0a2da463 miniflux: new package
bc785e584 redis: update to version 6.2.6
edadea28c redis: update to version 6.2.5
86ce4cee0 redis: update to version 6.2.4
0412c3f0e redis: update to version 6.2.3
f5464f16d redis: update to version 6.2.2
cdd2b4668 redis: update to version 6.2.1
a92f8ea07 redis: update to version 6.2.0
14a3dfd30 knot: update to version 3.1.3
5fccb6fd7 dawn: update to 2021-10-26
e2d1c8a0d dawn: respawn dawn in case of crash
44629438d dawn: update to 2021-10-13
4855c37bd dawn: update to 2021-08-05
ded142471 docker: update to 20.10.9
4ae2fa2df dockerd: update to 20.10.9
a8b45f6f6 yq: Update to 4.13.5
97cd95d09 nextdns: Update to version 1.37.3
26e9cbc4c ksmbd-tools: update to 3.4.2
6bc415fce ksmbd-tools: update to 3.4.1
6657d5f61 ksmbd: use hostname only as name
8677e7efa ksmbd-tools: update to 3.4.0
35fefa105 django: bump to version 3.2.8
4d0867210 vpn-policy-routing: bugfixes: killall and tmpfs params
c8c12fdad node: bump to 14.18.1 / October 12th 2021 Security Releases
33c4ad121 vpn-policy-routing: revert to 0.3.4-8
a1556162a msgpack-c: Update to 4.0.0
b0efc1697 msgpack-c: don't check for GTest
5195be18a nnn: update to 4.2
70ddf0543 fakepop: fix compilation with PKG_ASLR
9b2e060e5 lxc: update to 4.0.10
b7bec631e simple-adblock: update to 1.8.8-1
3faeb8b09 curl: update to 7.79.1
e4dec5bea knot: update to 3.1.2
a597e12e2 crowdsec-firewall-bouncer: initial package v0.0.15
738fda6b6 crowdsec: initial package v1.2.0
b92db741e yq: Update to 4.13.4
b1bd6ec8f https-dns-proxy: update to 2021-09-27
ac6566a7d tor: update to 0.4.5.10
db856b617 acme: update to 3.0.1
70a8a309a golang: Update to 1.17.2
f41827d27 perl: perlmod.mk: use flock when hostpkg/perl used
58181f8fe ttyd: fix ssl ca option init
0139e44ff python-pytz: bump to version 2021.3
e155b3d29 nano: update to 5.9
39a116f58 smcroute: update to version 2.5.3
d09b92396 autossh: fix procd env issue
da5684671 autossh: fix compilation without ssh installed
3741e45ea php8: update to 8.0.11
b188ecff2 php8: fix module loading with glibc (refs #16642)
934de93ad php8: update to 8.0.10
998d21563 php7: update to 7.4.24
49ffbab9c php7: fix module loading with glibc (refs #16642)
dc5faddac travelmate: support meta-refresh with single-quote
c98f06003 cache-domains: Fixed remote script usage change * Removed all unnecessary files after configuration * Reduced code duplication * Changed to symlinking config instead of copying
1f3f63f5d haveged: update to 1.9.15
670fe1ea1 yq: Update to 4.13.3
2021-11-23 22:31:31 +01:00
David Bauer
66d818fe83 modules: update openwrt
dec9e83956 hostapd: fix goto loop for ubus assoc handler
c254d83ea8 hostapd: enable ht40 in wpa_supplicant when using wider HE modes
0243f09465 hostapd: add support for providing vendor specific IE elements
28b30ae10b hostapd: add eap_server support
21eb0a5aa3 hostapd: add default values for r0kh/r1kh
32b047e22e hostapd: add support for configuring the beacon rate
1f5155d005 hostapd: add support for configuring rts threshold
75f72696b5 hostapd: fix use after free bugs
0b75372275 hostapd: add wmm qos map set by default
6ac1b9188a hostapd: support qos_map_set without CONFIG_INTERWORKING
5a8988baa9 hostapd: refresh patches
9b660c63ad hostapd: fix a race condition on adding AP mode wds sta interfaces
d9373c5922 hostapd: fix max_oper_chwidth setting for HE
4a53adbd43 hostapd: let netifd set bridge port attributes for snooping
345f8fc7f3 hostapd: respect fixed channel BW in HE20 mode
23909a85de hostapd: make proxyarp work with libnl-tiny
aada4d0e78 hostapd: fix a segfault on sta disconnect with proxy arp enabled
c75d176882 hostapd: make the snooping interface (for proxyarp) configurable
93dc8760b0 hostapd: configure inter-AP communication interface for 802.11r
ce7a170414 hostapd: add additional radius options
7d1c464a23 hostapd: add extra options for hotspot 2.0 / interworking
e480a0986e hostapd: fix civic location option
46aa34ee0f hostapd: enable airtime policy for the -basic variants
62fa301cce hostapd: add patch for disabling automatic bridging of vlan interfaces
2982f1ec0a mt76: update to the latest version
ee5b593435 mac80211: fix crash in drivers relying on mac80211 retransmitting packets for powersave clients
fb98c8a610 mac80211: backport a few trivial patches
2007d4e208 mac80211: backport AP mode TWT support
c5ef1cee8a mac80211: backport support for BSS color changes
bb5da058db mac80211: add missing change for encap offload on devices with sw rate control
52300733cd mac80211: backport SAR power limit support
68886f3018 mac80211: merge the virtual time based airtime scheduler
c20f4e24bd mac80211: set beamformer/beamformee number of antennas in VHT caps
91ba22e3a4 mac80211: fix IBSS/adhoc mode for brcmfmac
27e4c5cf47 mac80211: allow retry of wifi setup if an iw interface add command fails
4a70b93f2d mac80211: fix HT40 mode for 6G band
cdb867b73a mac80211: fix processing HE capabilities (FS#3871)
7b7b494d56 mac80211: fix typo
8e3b3fa577 mac80211: do not enable VHT in the default config on 2.4 GHz
4edda0c544 mac80211: fix detecting VHT capabilities when generating the default config
8133d59da9 mac80211: add more HE capabilities
42d542e04f mac80211: fix center freq selection for 6 GHz
b535ec25eb mac80211: set hostapd op_class for 6 GHz
7a2405efc6 mac80211: rework default config script
d0b33833ae mac80211: make use of the new 'band' option
be55e7d5dd netifd: update to the master branch
aae63bb9a9 iw: enable print wpa ie for scan
df363764b7 netifd: fix deletion of ip tunnels (FS#4058)
c744798cad uboot-lantiq: danube: fix hanging lzma kernel uncompression
4b0f87729c wireless-regdb: update to version 2021.08.28
0b7311300b kernel: bump 5.4 to 5.4.158
2f04012b20 base-files: chmod 1777 /var/lock
6ec5dbd2a1 libpcap: add rpcapd as package
6fe4b7aa2b gpio-button-hotplug: convert to gpio descriptor (gpiod_) API
4607f55439 bcm4908: fix calculation of new cferam index
b4c40a7efc ramips: minew g1-c: Allow dynamic RAM sizes
f441be3921 iproute2: m_xt.so depends on dynsyms.list
a77ea2f05f OpenWrt v21.02.1: revert to branch defaults
b4d7885af7 OpenWrt v21.02.1: adjust config defaults
88151b8303 ipq40xx: ar40xx: reset port status register
23778f067a wolfssl: fix compile when enable-devcrypto is set
3f8adcb215 wolfssl: remove --enable-sha512 configure switch
249478ec48 wolfssl: always build with --enable-reproducible-build
23cd9fafa8 ath79: mikrotik: use 64 KiB SPI NOR erase sectors
16414718f9 wolfssl: update to 4.8.1-stable
5a02760c8f wolfssl: fix build with GCC 10 on 32 x86 targets
24b23ed96a layerscape: Add missing config option
7bf7f78891 layerscape: Fix build in dtb
2274e4c1fc ncurses: add tmux terminfo
eb5c2fed51 ncurses: add screen-256color terminfo
df9ca41322 ncurses: split long line of supported terminfo
f509ff77d4 glibc: update to latest 2.33 HEAD (bug 28213)
a13efd2253 tools/isl: update the download URL
284f8a64b7 ath10k-ct: update to version from 2021-09-22
aa2d61eced tools/m4: update to 1.4.19
b4ed8a9275 kernel: bump 5.4 to 5.4.154
43a5bebda1 wolfssl: bump PKG_RELEASE
4b212b1306 wolfssl: build with WOLFSSL_ALT_CERT_CHAINS
c43a5921fa mvebu: add support for iEi Puzzle-M901/Puzzle-M902
bb1eb5e8e6 mvebu: backport CN9130 dts necessary files changes to 5.4
f1f304940b build: prereq detect Python 3.10 for `python3` binary
e7c5e08db0 kernel: ar8216: add get_features method
9b258f220f prereq-build: recognize Python 3.10
913403b587 build: fix `which` detection on Fedora & MacOS
e604873e8a uhttpd: make organization (O=) of the cert configurable via uci
76d90a5eaf uboot-lantiq: fix sha1.h header clash when system libmd installed
8cc7ac54b6 kernel: bump 5.4 to 5.4.150
2021-11-23 22:31:31 +01:00
Matthias Schiffer
e26b508b72
Merge pull request #2330 from AiyionPrime/status-page-cleanup
Status page cleanup
2021-11-12 19:13:40 +01:00
aiyion.prime
1944ea0e01 gluon-status-page: fix lastImage in Signal() 2021-11-12 12:23:37 +01:00
aiyion.prime
8c85be2125 gluon-status-page: fix address_to_groups()
In js `return` does behave like `continue` in a forEach() iteration.
The fixed function was intended to return nothing on error and does so
now, instead of a shorter (useless) array like before.
2021-11-12 12:19:47 +01:00
David Bauer
102a4b9350
ath79-generic: add support for Enterasys WS-AP3705i (#2332) 2021-11-01 00:38:36 +01:00
David Bauer
7b2ab5e6c6 modules: update Gluon packages
52d7ac4 respondd-module-airtime: move const specifier to the right location
8067032 respondd-module-airtime: remove incorrect fprintf argument
1412236 respondd-module-airtime: remove PHY ID again
1dd5cd1 respondd-module-airtime: improve error handling
b4858b1 net/wgpeerselector: keep same datatype on ubus status (#250)

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-10-25 00:15:08 +02:00
Matthias Schiffer
51a1708453
gluon-neighbour-info: avoid recv() with NULL buffer (#2323)
Calling functions like recv() with a NULL buffer is not explicitly
allowed by the POSIX standard, so it must be avoided to be portable
across different libc implementations. Allocate an initial buffer before
handling requests, and also pass this buffer to the peek recv() call.

Fixes: 531937cf6f ("gluon-neighbour-info: fix broken output with large results")
2021-10-16 14:01:34 +02:00
Matthias Schiffer
f910cab618
Merge pull request #2316 from freifunk-gluon/gluon-version
Clean up Gluon version number handling, allow .scmversion override
2021-10-09 13:14:50 +02:00
Matthias Schiffer
f419db58a2 Set PKG_VERSION in gluon.mk
This removes PKG_VERSION and PKG_RELEASE from most Makefiles, as the
value was never useful for Gluon packages; instead, PKG_VERSION is set
to 1 in gluon.mk.

It also removes two other weird definitions:

- gluon-iptables-clamp-mss-to-pmtu replicating the old PKG_VERSION logic
  from gluon-core, but without the fixed PKG_BUILD_DIR to prevent
  unnessary rebuilds
- gluon-hoodselector set GLUON_VERSION=3
2021-10-07 23:42:38 +02:00
Matthias Schiffer
1c89f616a9 build: add support for .scmversion files for GLUON_VERSION and GLUON_SITE_VERSION
Sometimes it is useful to override the default version detection, for
example when local patches are applied to a repo. Allow providing a
version number using a file called .scmversion, which is the same that
the Linux kernel and U-Boot use.
2021-10-07 23:42:38 +02:00
Matthias Schiffer
b5db6435e5
build: pass GLUON_VERSION and GLUON_SITE_VERSION to build
A helper script is introduced to get the version from `git describe`.
2021-10-05 21:48:07 +02:00
Matthias Schiffer
a6187cce70
gluon-core, gluon-site: get version numbers from .config
Calling git describe directly breaks isolation between the build system
and packages. Replace this with proper .config variables, like we
already do for GLUON_RELEASE.

Also replace the PKG_VERSION hack with a static '1', as we do for other
packages - while having those version numbers in opkg was cute, it was
also entirely useless. Having a fixed PKG_VERSION allows us to remove
the PKG_BUILD_DIR override as well.
2021-10-05 21:48:07 +02:00
T-X
531937cf6f
gluon-neighbour-info: fix broken output with large results (#2322)
Currently a buffer with a fixed size of 8192 bytes is used. However the
result can potentially be larger, which leads to a truncated JSON
output on stdout. UDP packets, without compression and with IP
fragmentation, can be up to 64KiB large.

Instead of using a fixed size buffer on the stack ask the kernel first
about the size of the UDP data and allocate a buffer of appropriate size
on the heap before receiving the UDP data.

The issue was observed with a custom respondd provider.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2021-10-04 21:23:29 +02:00
Martin Weinelt
c5f5fc5624
Merge pull request #2321 from freifunk-gluon/master-updates 2021-10-03 01:20:17 +02:00
Martin Weinelt
1419c463ed modules: update routing
d8b4457 naywatch: fix procd handling
c30b5d5 opennds: Release v9.4.0 (for 21.02)
2021-10-02 17:01:08 +02:00
Martin Weinelt
0049b2b53c modules: update packages
7fcb8024d openpyxl: bump to version 3.0.9
c0b23efab [openwrt-21.02] delve: Update to 1.7.2
365b62f4f zerotier: update to 1.6.6
172ebab28 xray-core: Update to 1.4.5
5d3faa6a4 yq: Update to 4.13.2
713051525 attendedsysupgrade-common: use sysupgrade.openwrt.org
ecf1e6575 libmbim: bump to 1.24.8
54a095164 modemmanager: bump to 1.16.6
dab28002f libqmi: bump to 1.28.8
602dbc60f libqmi: bump to 1.28.6
d8f33f73e lxc: remove legacy cgroups from common.conf
67e9ed1d5 syncthing: update to 1.18.2
2021-10-02 17:01:06 +02:00
Martin Weinelt
f57f72fabc modules: update openwrt
1c95d78f08 ipq-wifi: Work around Plasma Cloud PA1200 5GHz crash
22db28683c ipq-wifi: Update Plasma Cloud PA1200 BDFs to firmware 3.5.12
2021-10-02 17:00:54 +02:00
David Bauer
4684f42173 modules: update openwrt
3a051a234a hostapd: fix segfault when deinit mesh ifaces
5c904bcb37 rockchip: fix broken squashfs sysupgrade
bf30ad1408 apm821xx: MBL: band-aid MBL DUO
65835e0d5f mac80211: Update to backports-5.10.68
7f7bf36ec5 ramips: add support for minew g1-c

Closes #2318 #2319

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-09-24 12:47:13 +02:00
Matthias Schiffer
160ad7eea1
Merge pull request #2313 from lemoer/pr_x86_dont_build_ext4_images
x86: don't build ext4 images
2021-09-20 17:42:00 +02:00
lemoer
53434127d6 x86: don't build ext4 images
Since we're discarding the ext4 images anyways, we now stop building 
them as well and save a few seconds of build time.
2021-09-19 21:24:17 +02:00
lemoer
27cd003d1b actions: rebuild targets if includes change 2021-09-19 21:24:17 +02:00
David Bauer
98664fdcb4 modules: update packages
2cd1fa16b python-astral: update to version 2.2
e1c24c07f fail2ban: patch CVE-2021-32749
6979ce4a6 php7: fix config file upgrade issue (fixes #14623)
2929694f8 php7: update to 7.4.23
54d1c110b yq: Update to 4.13.0
fd21207cf travelmate: update to 2.0.7-2
2bb2a48d1 openpyxl: bump to version 3.0.8
50351667a adguardhome: bump to 0.106.3
a98adbc47 adguardhome: bump to 0.106.2
8236e0441 adguardhome: bump to 0.106.1
b5ad600a7 adguardhome: bump to 0.106.0
be38dc31e adguardhome: bump to 0.105.2
b1b8128e4 adguardhome: bump to 0.105.1
8a06dc026 autoconf: fix shebang
8638a565c parted: add new package
3fdaf7d8d golang: Update to 1.17.1
929b57d85 banip: update 0.7.10-3
af46ac4bf travelmate: update to 2.0.7
40b7ea606 ntfs-3g: patch CVE-2019-9755
e72cc2b0a python3: bump version to 3.9.7
cd82a36ba fail2ban: fix hotplug when disabled
a5109ac20 django: bump to version 3.2.7
98708c83e fail2ban: fix package for fail2ban v0.11.2
f056f252c fail2ban: initial package of fail2ban version 0.11.2 python3-pyinotify: initial package version 0.9.6 of pyinotify for python3
89bdb70f1 nextdns: Update to version 1.37.2
58b23e9bc unbound: backport fix for permission denied error
60a7fc782 unbound: update to 1.3.2
b81785de9 unbound: fix build on non-linux systems
8ca8872b3 cgi-io: update to latest Git HEAD
4ba1aac1f haproxy: Update HAProxy to v2.2.17
178b9484d wsdd2: update to git (2021-08-09), switch to Netgear repo
593931084 samba: update to 4.14.7
ca591b551 tor: update to version 0.4.5.8
a5206895e nextdns: Update to version 1.37.1
642d2b0a5 xray-core: Update to 1.4.3
6071edf17 banip: update 0.7.10-2
9cf487461 nextdns: Update to version 1.37.0
dd093d410 pillow: bump to version 8.2.0
7022e9913 acme: Fix uhttpd restart to load new certificates
6256cf49d python-certifi: update to version 2021.5.30
59dab31e0 squashfs-tools: bump to version 4.5
73364d0c4 hplip: add a patch to respect CFLAGS
6b1133720 collectd: sensors plugin - depend on lm-sensors
090623ac1 mwan3: Use shebang in /etc/mwan3.user
119a05ffd perlbase-data: Add dependency on perlbase-scalar
502ca434c lttng-tools: fix linking with full language support enabled
73bd199ab stoken: fix compilation with BUILD_NLS
7674639c5 augeas: fix compilation with BUILD_NLS
9d4046157 treewide: Remove GO_PKG_LDFLAGS for stripping binaries
0b8baefec openvpn: add OpenVPN option push-peer-info
82dc4c08b python-cryptography: Update to 3.4.8
65057dcbb tailscale: update to version 1.12.3
f818f4a0d tailscale: update to version 1.12.1
13faefa9b tailscale: update to version 1.8.7
a1b8c64c2 tailscale: update to version 1.8.1
d721fea58 libssh: update to 0.9.6
2021-09-19 20:09:55 +02:00
David Bauer
7da50e3582 modules: update openwrt
a44fd27070 ipq40xx: Fix board-2.bin package name for Plasma Cloud PA2200
f6cce83358 ipq40xx: Fix board-2.bin package name for Plasma Cloud PA1200
5eb6d7a358 ipq40xx: Select correct board-2.bin for EnGenius EMR3500
15780763c4 ipq40xx: Select correct board-2.bin for EnGenius EMD1
c37a9e506c kernel: backport switchdev fix for bridge in bridge configurations
a300e3c890 kernel: Add missing kernel config options
f11cdd3006 build: Replace KERNEL_LOCKUP_DETECTOR with KERNEL_SOFTLOCKUP_DETECTOR
0e29e05dee kirkwood: increase kernel partition of Linksyses
601864c09e mvebu: limit mvneta tx queue workaround to 32 bit SoC
6f8143fa4a OpenWrt v21.02.0: revert to branch defaults
b2ae423314 OpenWrt v21.02.0: adjust config defaults
2021-09-19 20:09:45 +02:00
lemoer
3f7c0b3ae8
gluon-mesh-vpn-wireguard: add package (#2168)
The address of the vpn interface is calculated in the style of
modified EUI-64, based on a virtual mac address. This virtual mac
address consists of 0x00 as first byte and the other five bytes
are taken from the first bytes of md5sum(base64 encoded public key).

The algorithm was taken by the ffmuc, with a slight difference. ffmuc
calculated the result of md5sum(base64 encoded public key + '\n')
which was interpreted as accidential fault and therefore dropped.

Example:
- Public-Key: "gP3VJnTTvnQut+z4O+m0N9RgMyXbgyUbUkF3E3TKX2w="
- Address: "fe80::02ca:b8ff:fedc:2eb3"

The following interfaces are used for wireguard:
- wg_mesh  -> wireguard interface
- mesh-vpn -> vxlan iface on top of wg_mesh

If you use this new feature, make sure the NTP servers in your site
config are publicly reachable. This is necessary, since wireguard
requires correct time before the vpn connection is established.
Therefore gluon performs ntp time synchronisation via WAN before it
establishes the vpn connection. Therefore the NTP servers have to
be publicly reachable (and not only via mesh).
2021-09-15 01:25:59 +02:00
David Bauer
bc43067ddd modules: update Gluon packages 2021-09-15 01:07:19 +02:00
Manu.WTF
1eeca33c8d
ramips-mt7621: add support for Ubiquiti UniFi 6 Lite (#2310)
Hardware
--------
MediaTek MT7621AT
256M DDR3
32M SPI-NOR
MediaTek MT7603 2T2R 802.11n 2.4GHz
MediaTek MT7915 2T2R 802.11ax 5GHz

Not Working
-----------
 - Bluetooth (connected to UART3)

UART
----

UART is located in the lower left corner of the board. Pinout is

0 - 3V3 (don't connect)
1 - RX
2 - TX
3 - GND

Console is 115200 8N1.

Boot
----

1. Connect to the serial console and connect power.

2. Double-press ESC when prompted

3. Set the fdt address

   $ fdt addr $(fdtcontroladdr)

4. Remove the signature node from the control FDT

   $ fdt rm /signature

5. Transfer and boot the OpenWrt initramfs image to the device.
   Make sure to name the file C0A80114.img and have it reachable at
   192.168.1.1/24

   $ tftpboot; bootm

Installation
------------

1. Connect to the booted device at 192.168.1.20 using username/password
   "ubnt".

2. Update the bootloader environment.

   $ fw_setenv devmode TRUE
   $ fw_setenv boot_openwrt "fdt addr \$(fdtcontroladdr);
     fdt rm /signature; bootubnt"
   $ fw_setenv bootcmd "run boot_openwrt"

3. Transfer the OpenWrt sysupgrade image to the device using SCP.

4. Check the mtd partition number for bs / kernel0 / kernel1

   $ cat /proc/mtd

5. Set the bootselect flag to boot from kernel0

   $ dd if=/dev/zero bs=1 count=1 of=/dev/mtdblock4

6. Write the OpenWrt sysupgrade image to both kernel0 as well as kernel1

   $ dd if=openwrt.bin of=/dev/mtdblock6
   $ dd if=openwrt.bin of=/dev/mtdblock7

7. Reboot the device. It should boot into OpenWrt.
2021-09-15 00:44:34 +02:00
Matthias Schiffer
a40a89d906
gluon-web-wifi-config, gluon-web-private-wifi: hide pages on devices without WLAN
Fixes: #2311
2021-09-13 18:10:49 +02:00
Matthias Schiffer
5f1f960753
gluon-core: introduce device_uses_wlan() helper 2021-09-13 17:47:04 +02:00
Matthias Schiffer
ed7134fae6
gluon-web-wifi-config: reuse device_uses_11a() instead of reimplementing it less efficiently 2021-09-13 17:43:16 +02:00
Matthias Schiffer
7a2cd66cb9
gluon-core: move a few WLAN-specific functions from gluon.platform to gluon.wireless
Avoid requiring gluon.wireless from gluon.platform, and requiring
gluon.platform from various other scripts.
2021-09-13 17:41:15 +02:00
lemoer
077439de46
treewide: remove duplicate i18n translations (#2309)
Before this commit, some *.po files contained the same translation
twice within the same file. While this did not led to errors in
gluon yet, it is still invalid. This commit fixes that and removes
the duplicates.
2021-09-11 22:47:11 +02:00
Martin Weinelt
664afaa0bd
Merge pull request #2272 from freifunk-gluon/ci/owe
contrib/ci/minimal-site: build with owe and wpa3 support
2021-09-06 02:38:11 +02:00
Martin Weinelt
b4677b8b88 contrib/ci/minimal-site: build with owe and wpa3 support 2021-09-06 02:37:45 +02:00
Martin Weinelt
0851b3d7a9
Merge pull request #2307 from freifunk-gluon/prefix-check
treewide: clean up site checks for prefix[46] and extra_prefixes6
2021-09-06 02:33:54 +02:00
Matthias Schiffer
1ae7046958
treewide: clean up site checks for prefix[46] and extra_prefixes6
- Move site check for prefix4 and extra_prefixes6 to gluon-core, so the
  rules don't need to be duplicated in several packages. This also fixes
  gluon-respondd not checking extra_prefixes6 at all when
  gluon-ebtables-source-filter is not installed as well.
- A redundant check for prefix6 is removed from gluon-l3roamd (this was
  already checked by gluon-core)
- A separate check for prefix4 remains in gluon-client-bridge, as the
  setting in mandatory there
2021-09-04 21:17:29 +02:00