aboutsummaryrefslogtreecommitdiff
path: root/package/network
Commit message (Collapse)AuthorAge
...
* netifd: update to latest git HEADDaniel Golle2023-09-01
| | | | | | 1a07f1dff32b make_ethtool_modes_h.sh: apply anti-bashism Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* netifd: update to latest git HEADDaniel Golle2023-08-31
| | | | | | | | | | | | | | | f429bd94f99e system-linux: switch to new ETHTOOL_xLINKSETTINGS API Fixes AN announcement for speeds beyond 1 GBit/s. Adds new UCI options for Ethernet devices: - autoneg: switch on or off auto-negotiation - pause: if set to 0, do not announce symmetric flow control capability - asym_pause: if set to 0, do not announce asymmetric flow control capability. - rxpause: if set overrides AN and forces RX pause accordingly - txpause: if set overrides AN and forces TX pause accordingly Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: select libopenssl-legacy for openssl variantsFelix Fietkau2023-08-31
| | | | | | Without it, a lot of authentication modes fail without obvious error messages Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: remove eap-eap192 auth type valueFelix Fietkau2023-08-31
| | | | | | It is no longer used Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: update to the latest versionFelix Fietkau2023-08-31
| | | | | | | | | | | | | | | | | | | db3934d2f740 scripts/netifd-wireless.sh: properly fix WPA3 Enterprise support Support the following values for the different WPA3 Enterprise modes: - wpa3-mixed: WPA3 Enterprise transitional mode This supports EAP with both SHA1 and SHA-256, with optional MFP - wpa3: WPA3 Enterprise only mode This supports only SHA256 with mandatory MFP - wpa3-192: WPA3 Enterprise with mandatory 192 bit support This uses only GCMP-256 ciphers Disable 192 bit support and GCMP-256 ciphers for the regular "wpa3" mode. It seems that even leaving in optional 192 bit support breaks auth on some clients, including iOS devices. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: support eap-eap2 and eap2 auth_type valuesFelix Fietkau2023-08-31
| | | | | | | WPA3 Enterprise-transitional requires optional MFP support and SHA1+SHA256 WPA3 Enterprise-only requires SHA1 support disabled and mandatory MFP. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix FILS key mgmt type for WPA3 Enterprise 192 bitFelix Fietkau2023-08-31
| | | | | | Use the SHA384 variant to account for longer keys with more security Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: remove non-upstream antenna gain configuration patchFelix Fietkau2023-08-30
| | | | | | | | | It seems that this was not functioning properly and was likely completely unused. Keeping this out of tree also introduced some annoying churn when updating, because of the iw nl80211.h sync patch. If this is needed, it will be reintroduced when/if it is added upstream Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix bringing up AP+STA when the new channel is on a DFS channelFelix Fietkau2023-08-24
| | | | | | | If a CAC is needed because the channel is not available yet, a full AP interface restart is needed Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: in AP/STA, shut down AP interfaces when STA enters scanning stateFelix Fietkau2023-08-23
| | | | | | | | When the STA is brought up, it is set to DISABLED before adding the bss to ucode, so the first trigger to disable the AP is missed. Reported-by: Michael-cy Lee (李峻宇) <Michael-cy.Lee@mediatek.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: remove obsolete patchFelix Fietkau2023-08-23
| | | | | | It was only needed when hostapd was being started with one instance per PHY Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: allow reduced neighbor report configurationDavid Bauer2023-08-22
| | | | | | | Reduced neighbor reports can be enabled by setting the "rnr" uci option to 1. Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: revert upstream commit to fix #13156Stijn Tintel2023-08-18
| | | | | | | | | | | | Commit e978072baaca ("Do prune_association only after the STA is authorized") causes issues when an STA roams from one interface to another interface on the same PHY. The mt7915 driver is not able to handle this properly. While the commits fixes a DoS, there are other devices and drivers with the same limitation, so revert to the orginal behavior for now, until we have a better solution in place. Fixes: #13156 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* hostapd: fix bringing up mesh without supplicant when mcast rate is specifiedFelix Fietkau2023-08-17
| | | | | | The iw command expects a specific command line argument Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: update to the latest versionFelix Fietkau2023-08-17
| | | | | | 4711f74479e2 netifd: fix disabling radio via config if reconf is being used Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: do not store data in object prototypeFelix Fietkau2023-08-12
| | | | | | | It cannot be properly cloned, since it is attached to the resource type. Use a separate registry for data. Fixes object confusion issues Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: restart wifi when the bssid of the first interface changesFelix Fietkau2023-08-11
| | | | | | Full restart is necessary, since the bss wdev is not re-created Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: shut down client mode on the same phy while restarting APFelix Fietkau2023-08-11
| | | | | | | An active client mode interface could prevent the AP from claiming its channel and mess up the bringup sequence order Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix center frequency calculation for channel 149 and aboveFelix Fietkau2023-08-11
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: add missing #ifdef for non-802.11ax buildsFelix Fietkau2023-08-11
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: reimplement AP/STA support via ucodeFelix Fietkau2023-08-10
| | | | | | | | | | | Drop obsolete control interface patches. This fixes some corner cases in the previous code where the segment 0 center frequency was not adjusted properly, leading to logspam and non-working AP interfaces. Additionally, shutting down the AP was broken, because the next beacon update would re-enable it, leading to a race condition on assoc. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: remove config_id parameters from hostapd.confFelix Fietkau2023-08-10
| | | | | | They are no longer used Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: add missing ucv_get call in wpa_supplicantFelix Fietkau2023-08-10
| | | | | | Should be harmless, but fix it just in case Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: clone prototypes of ucode bss/interface objectsFelix Fietkau2023-08-10
| | | | | | Fixes an issue where lookup would return different objects than the ones intended Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix typo in ssid variable for non-supplicant mesh interface bringupFelix Fietkau2023-08-09
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: add extra sanity checks for config reloadFelix Fietkau2023-08-08
| | | | | | Avoid getting stuck because of bad configurations Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix bss color CCA issue with multiple wifi interfacesFelix Fietkau2023-08-07
| | | | | | | Fixes this error: hostapd: nl80211: kernel reports: integer out of range Reported-by: Hartmut Birr <e9hack@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix unused device removal on DBDC devicesFelix Fietkau2023-08-03
| | | | | | | Check the phy before removing unrelated netdevs on the same hw device Reported-by: Hartmut Birr <e9hack@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
* xdp-tools: disable stack protector for BPF programsStijn Tintel2023-08-03
| | | | | | | | | | | | | When building xdp-tools with CONFIG_USE_LLVM_HOST=y, on a host that enabled stack protector by default in Clang, compilation fails with the following error: CLANG xdp-dispatcher.o clang-16: error: ignoring '-fstack-protector-strong' option as it is not currently supported for target 'bpfeb' [-Werror,-Woption-ignored] Add -fno-stack-protector to BPF_CFLAGS to fix this. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* hostapd: fix undeclared variable in common.ucFelix Fietkau2023-08-02
| | | | | Fixes: https://github.com/openwrt/openwrt/issues/13210 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: fix mesh supplicant build errorFelix Fietkau2023-08-01
| | | | | | | Include AP ucode source file Fixes: e56c5f7b276a ("hostapd: add ucode support, use ucode for the main ubus object") Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: update to the latest versionFelix Fietkau2023-08-01
| | | | | | | 8c2758b4fbbb wireless: add support for replacing data blobs at runtime 0ff22a6a68ce wireless: enable dynamic reconfiguration by default Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: add ucode support, use ucode for the main ubus objectFelix Fietkau2023-08-01
| | | | | | | | This implements vastly improved dynamic configuration reload support. It can handle configuration changes on individual wifi interfaces, as well as adding/removing interfaces. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: switch to using uloop (integrated with built-in eloop)Felix Fietkau2023-08-01
| | | | | | Preparation for pulling in more code that uses uloop Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: add support for querying assoc/probe IEsFelix Fietkau2023-08-01
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: add experimental radius serverFelix Fietkau2023-08-01
| | | | | | | | This can be used to run a standalone EAP server that can be used from other APs. It uses json as user database format and can automatically handle reload. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dropbear: add ed25519 for failsafe keyEtienne Champetier2023-07-26
| | | | | | | | | | | At least Fedora and RHEL 9 set RSAMinSize=2048, so when trying to use failsafe, we get 'Bad server host key: Invalid key length' To workaround the issue, we can use: ssh -o RSAMinSize=1024 ... Generating 2048 bits RSA is extremely slow, so add ed25519. We keep RSA 1024 to be as compatible as possible. Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
* iproute2: update 6.4Nick Hainke2023-07-19
| | | | | | | Release Notes: https://lore.kernel.org/lkml/20230626093137.2f302acc@hermes.local/t/ Signed-off-by: Nick Hainke <vincent@systemli.org>
* ethtool: update to 6.4Nick Hainke2023-07-19
| | | | | | | | | | | | | | | | | | | | ChangeLog: 125b080 Release version 6.4. 5660918 update UAPI header copies f493e63 netlink: fix duplex setting b3e341c cmis: report LOL / LOS / Tx Fault 045d8db sff-8636: report LOL / LOS / Tx Fault a6505f3 drop checks for macros provided in UAPI header copies 86c0c41 do not check for strtol() function dd8e3ae actually check for C11 compiler 43e4d30 add local copies of macros from autoconf-archive faa4700 drop check for big endian types 31b7b5e Require a compiler with support for C11 features 946d18b update UAPI header copies eebf01f ethtool: Add support for configuring tx-push-buf-len 2782ea8 update UAPI header copies Signed-off-by: Nick Hainke <vincent@systemli.org>
* nftables: update to 1.0.8Nick Hainke2023-07-18
| | | | | | | ChangeLog: https://www.netfilter.org/projects/nftables/files/changes-nftables-1.0.8.txt Signed-off-by: Nick Hainke <vincent@systemli.org>
* hostapd: add fix for dealing with VHT 160 MHz via ext nss bwFelix Fietkau2023-07-14
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: update to 2023-06-22Andre Heider2023-07-07
| | | | | | | | | | | | | | Removed, merged upstream: - 170-wpa_supplicant-fix-compiling-without-IEEE8021X_EAPOL.patch Manually refreshed: - 040-mesh-allow-processing-authentication-frames-in-block.patch - 600-ubus_support.patch - 761-shared_das_port.patch Fixes: #12661 Fixes: 304423a4 ("hostapd: update to 2023-03-29") Signed-off-by: Andre Heider <a.heider@gmail.com>
* netifd: update to the latest versionFelix Fietkau2023-07-03
| | | | | | e94f7a81a039 bridge: fix config reload on 32 bit systems Signed-off-by: Felix Fietkau <nbd@nbd.name>
* iwinfo: update to latest git HEADHauke Mehrtens2023-07-01
| | | | | | | | | | d1f07cf devices: add device id for Atheros AR9287 and AR9380 65ea345 nl80211: constify a few arrays ca79f64 lib: report byte counters as 64 bit values This contains an ABI change, increase the ABI version too. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* netifd: update to the latest versionFelix Fietkau2023-06-29
| | | | | | | | | | 493e1589bc8b bridge: fix coverity false positive report 03a619947717 bridge: add support for configuring extra vlans for the bridge itself 4bea6d21a9ab wireless: fix changing reconf/serialize options in configuration 255b4d5c472e wireless: fix handling config reload with reconf=1 1ab992a74b43 wireless: fix another reconf issue Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uhttpd: update to latest git HEADHauke Mehrtens2023-06-25
| | | | | | 34a8a74 uhttpd/file: fix string out of buffer range on uh_defer_script Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* odhcpd: bump to latest git HEADChristian Marangi2023-06-24
| | | | | | | 5211264 odhcpd: add support for dhcpv6_pd_min_len parameter c6bff6f router: Add PREF64 (RFC 8781) support Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* netifd: update to the latest versionFelix Fietkau2023-06-23
| | | | | | | | 1571e18e4a69 bridge: add support for configuring extra tagged vlans on member devices b719f189f243 bridge: make hotplug-added vlans default to tagged edf3aced9f9a bridge: add support for adding vlan ranges via hotplug Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netifd: update to the latest versionFelix Fietkau2023-06-22
| | | | | | | 077e05f2b129 vlan/vlandev: pass through extra vlan information passed via hotplug 40fad91eb5be wireless: add network_vlan config attribute Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: add UCI option for Multiple BSSIDStijn Tintel2023-06-16
| | | | | | | | | | | | | | | Add an UCI option to enable Multiple BSSID Advertisement. Enabling this will announce all BSSIDS on a phy in a single beacon frame. The interface that is brought up first will be the transmitting profile, all others are non-transmitting profiles and will be advertised in the Multiple BSSID element in Beacon and Probe Response frames of the first interface. This depends on driver and client support. Enabling this will result in all but the first interface not being visible at all for clients that do not support it. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Powered by cgit, Themed by Ted Yin.