* Broken sync while rescheduling delayed work
* compat: Use native kstrtox.h for 5.10.185
* Do not get eth header before batadv_check_management_packet
* Trigger events for auto adjusted MTU
* Don't increase MTU when set by user
* Fix TT global entry leak when client roamed back
* Fix batadv_v_ogm_aggr_send memory leak
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Maintainer: Rob White rob@blue-wave.net
Compile tested: All
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64, on 21.02, 22.03 and snapshot.
Description:
mesh11sd (2.0.0)
This release contains new functionality.
Autonomous portal mode is introduced. This simplifies the rollout of meshnodes allowing a common configuration to be used on all nodes.
Remote administration is introduced, allowing files to be copied and terminal sessions to be opened on established meshnodes, identifying remote nodes by mac address.
* Add - Update config file [bluewavenet]
* Add - implementation of remote copy [bluewavenet]
* Add - implementation of remote connect [bluewavenet]
* Add - Autonomous portal mode [bluewavenet]
-- Rob White dot@blue-wave.net Mon, 31 Jul 2023 16:59:52 +0000
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit 5beb3be9b8)
OpenNDS lists nodogsplash a conflict as well.
This causes a circular reference that is not allowed.
Signed-off-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit 967dde509b)
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03
Description:
opennds (10.1.2)
Security Advisory. This version contains fixes for multiple potential security vulnerabilities
Credit - Stanislav Dashevskyi - standash.github.io [standash]
It also contains some minor bug fixes
* Fix - Generate unique sha256 faskey if not set in config - CVE-2023-38324 [bluewavenet]
* Fix - NULL pointer dereference if user_agent is NULL - CVE-2023-38320, CVE-2023-38322 [bluewavenet]
* Fix - NULL pointer dereference if authdir is called with an incomplete or missing query string - CVE-2023-38313, CVE-2023-38314, CVE-2023-38315 [bluewavenet]
* Fix - remove deprecated and non-functioning unescape callback - CVE-2023-38316 [bluewavenet]
* Fix - prevent potential recursive dependency and detect if conflicting package is installed [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit 3eb9aa3056)
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03
opennds (10.1.1)
* This version contains some minor bug fixes and documentation updates
* Fix - send only contents of buffer, not entire buffer when serving page511 [bluewavenet]
* Fix - Set fas_remotefqdn to gw_fqdn when overriding FAS settings [bluewavenet]
* Fix - use absolute path for css and images in ThemeSpec [bluewavenet]
* Fix - revert to old option names without underscores [bluewavenet]
* Fix - FAS URL when fas_remotefqdn is not set [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit 26f5f0f812)
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03
opennds (10.1.0)
This version is a major upgrade including full migration to nftables
and native uci configuration support even for generic Linux distributions.
It also includes a significant refactoring of inbuilt memory management,
improving long term reliability, fixing several memory leaks, buffer overflows and several edge case crashes.
* Add - support for included custom binauth script [bluewavenet]
* Add - emit a useful stderr message if auth_restore fails [bluewavenet]
* Add - procd respawn threshold, respawn timeout and respawn retry parameters [bluewavenet]
* Add - user friendly commandline message if already running [bluewavenet]
* Fix - Enabling of Data volume quotas [bluewavenet]
* Fix - use get_list_from_config instead of get_option_from_config [bluewavenet]
* Fix - compiler warning - unused variable [bluewavenet]
* Fix - remove redundant function call ipsetconf [bluewavenet]
* Fix - walledgarden for both nftset and ipset on OpenWrt [bluewavenet]
* Add - more meaningful output if attempt is made to restart when already running [bluewavenet]
* Fix - resolve gatewayfqdn after startup [bluewavenet]
* Fix - Choose forground or background running according to commandline arguments [bluewavenet]
* Fix - remove superfluous debug message [bluewavenet]
* Fix - replace sleep with procd_set_param term_timeout [bluewavenet]
* Fix - make option enabled default to enabled [bluewavenet]
* Fix - report authmon pid instead of opennds pid from authmon [bluewavenet]
* Fix - ensure correct pid obtained for opennds [bluewavenet]
* Add - StartLimitIntervalSec and StartLimitBurst to systemd service script [bluewavenet]
* Fix - refactor remote downloads [bluewavenet]
* Fix - suppress error message on ipset test failure [bluewavenet]
* Fix - send non-syslog debug information to stdout by default [bluewavenet]
* Add - C function to check heartbeat watchdog [bluewavenet]
* Fix - Update generic Linux makefile [bluewavenet]
* Fix - remove redundant ruleset struct definition [bluewavenet]
* Fix - potential buffer overflow issue during config stage [bluewavenet]
* Fix - remove unnecessary calls to free() in page 404 processing [bluewavenet]
* Fix - remove redundant code from fw_iptables [bluewavenet]
* Add - updates to binauth_log script [bluewavenet]
* Add - updates for service startup, systemd and procd [bluewavenet]
* Add - refactoring of commandline processing [bluewavenet]
* Fix - remove debugging message [bluewavenet]
* Fix - typo in client ruleset [bluewavenet]
* Add - Refactor to use uci config directly even for Generic Linux [bluewavenet]
* Add - Parsing for multi item lists with spaces in items [bluewavenet]
* Add - use common library call get_option_fom_config [bluewavenet]
* Add - support for direct use of uci format config file - string and integer parameters [bluewavenet]
* Fix - Remove deprecated syslog_facility config setting [bluewavenet]
* Add - thread busy message to ndsctl [bluewavenet]
* Add - refactor configure_log_location [bluewavenet]
* Fix - suppress LOG_NOTICE message when getting mac of interface [bluewavenet]
* Fix - ndsctl error message [bluewavenet]
* Fix - get_client_interface for levels 2 and 3 [bluewavenet]
* Add - use common library write_log function [bluewavenet]
* Add - Refactor memory management [bluewavenet]
* Fix - fix and refactor upload rate limiting rules [bluewavenet]
* Fix - Change a debug message from err to info [bluewavenet]
* Add - refine common buffer sizes [bluewavenet]
* Add - use initialised heap memory for redirect_to_splashpage [bluewavenet]
* Add - user message to themespec [bluewavenet]
* Add - auth_restore support ie reauth clients after a restart by default. [bluewavenet]
* Add - Library call to preemptively re-auth clients after a restart or crash [bluewavenet]
* Add - BinAuth, write an authenticated clients list [bluewavenet]
* Add - library call "check_heartbeat" [bluewavenet]
* Fix - Tidy up redundant code [bluewavenet]
* Fix - change warning message to debug message when iw not installed [bluewavenet]
* Add - library call to log to syslog [bluewavenet]
* Fix - use initialised heap memory for client list entries [bluewavenet]
* Fix - ignore legacy ipset firewall rule [bluewavenet]
* Fix - refactor memory management for MHD calls - use heap memory for buffers etc [bluewavenet]
* Fix - missing free causing memory leak [bluewavenet]
* Fix - predefine and initialise buffer for send_redirect_temp [bluewavenet]
* Add - support protocol "all" in firewall ruleset [bluewavenet]
* Add - pre-allocation of initialised buffers [bluewavenet]
* Fix - prevent buffer overrun on removing client [bluewavenet]
* Add - update MHD connection timeout and connection limit [bluewavenet]
* Add - chain ndsDLR for dynamic client download rate limiting rules [bluewavenet]
* Add - Use Internal Polling Thread / Thread Per Connection in MHD [bluewavenet]
* Add - some new default values [bluewavenet]
* Fix - remove some redundant code and fix some compiler warnings [bluewavenet]
* Fix - remove redundant library command string [bluewavenet]
* Fix - Tidy up redundant iptables code [bluewavenet]
* Add - convert trusted client support to nftables [bluewavenet]
* Add - refer to nftables [bluewavenet]
* Add - move code for generating authentication mark string to initial setup [bluewavenet]
* Add - full nftset support with ipset import where required [bluewavenet]
* Add - nftset support library calls [bluewavenet]
* Add - ipset_to_nftset library call [bluewavenet]
* Add - support for nftables version of append_ruleset and nftables_compile [bluewavenet]
* Fix - buffer overflow in page_511 generation [bluewavenet]
* Add - more nftables migration including rate quotas [bluewavenet]
* Fix - change GatewayInterface to lower case [bluewavenet]
* Add - upload and download limiting client flags for future use [bluewavenet]
* add - lib calls "pad_string" and "replace_client_rule" [bluewavenet]
* Add - further nftables migration [bluewavenet]
* Fix - correctly parse options from legacy conf file [bluewavenet]
* Fix - some compiler warnings and set min iptables version [bluewavenet]
* Add - Generic Linux configure walledgarden [bluewavenet]
* Add - Implementation of nftsets for walledgarden [bluewavenet]
* Add - migration to nftables, next phase. [bluewavenet]
* Add - library function delete_client_rule [bluewavenet]
* Fix - remove duplicate definition [bluewavenet]
* Add - First stage migration to nftables [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit 7b1911020b)
The "Filters", "Functions" and "Status" sections of the web interfaces
for both Bird4 and Bird6 threw the following error upon performing any
action:
Form token mismatch
The submitted security token is invalid or already expired!
Changing their entry types from "cbi" to "form" fixes them.
Fixes#922.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit c37fbab8f5)
This patch renames the get_bool() function, implemented in the
bird4-lib.sh and bird6-lib.sh files (respectively, for the IPv4 and
the IPv6 versions of the package), as well as all the calls to it.
This way, we avoid a function name collision with the one provided by
file /lib/functions.sh, which is slightly different and caused an
out-of-memory error when parsing the bird4/bird6 UCI config files.
Fixes#920.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit d32f93e049)
This commit replaces the deprecated licensing text with an SPDX license
identifier, and removes tab indentations in the conffiles sections.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit 6697ca291f)
Having two Makefile files, respectively in the bird1-openwrt-ipv4 and
bird1-ipv6-openwrt folders, made the CI tests fail at the time of
building the packages, due to a compilation error. This patch merges
both Makefile files into a single one. As a result, package compilation
succeeds during the CI tests.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit 914c27aeb6)
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 22.03
opennds (9.10.0)
* This version adds new functionality, and fixes some issues
* Fix - unable to read client upload traffic volume on some versions of iptables-nft (generic Linux) [bluewavenet]
* Fix - compatibility with bash shell on generic Linux [bluewavenet]
* Fix - compiler warning, unused variable [bluewavenet]
* Fix - silently continue if fw4 table is not found [bluewavenet]
* Add - Start daemon earlier on boot [bluewavenet]
* Fix - compatibility with legacy iptables packages [bluewavenet]
* Add - call to delete nft chains [bluewavenet]
* Fix - stop using legacy INPUT and FORWARD chains [bluewavenet]
* Add - watchdog restart if openNDS nftables ruleset is missing [bluewavenet]
* Add - automated rule setting/deleting for users_to_router [bluewavenet]
* Add - Change fwhook to add users to router rule to fw4 on OpenWrt [bluewavenet]
* Add - Set allow or passthrough mode for users_to_router rules [bluewavenet]
* Fix - set fwhook default to disabled to prevent restart on hotplug event [bluewavenet]
* Fix - fas-aes-https description comments [bluewavenet]
* Fix - icon overspill on splash pages [bluewavenet]
* Fix - missing config option in community script [bluewavenet]
* Fix - urlencode handling of "$" character and add htmlentity encode/decode library call [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit 18168b3468)
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 22.03
opennds (9.9.1)
* This version fixes some issues
* Fix - minimalise deprecated legacy .conf file
* Fix - Prevent rate limit refresh if rate limit is set to 0 [bluewavenet]
* Fix - Mute some unneccessary debug messages [bluewavenet]
* Fix - do not write unconfigured (null) parameters to client id file (cidfile) [bluewavenet]
* Fix - Prevent error "Command process exited due to signal 13" when executing an external script [bluewavenet]
* Fix - use WTERMSIG() return code for _execute_ret when execute fails [bluewavenet]
* Fix - use correct response type for error 503 [bluewavenet]
* Update Makefile description [bluewavenet]
* Add - Community Local FAS install script [bluewavenet]
* Update - Mention TCP port 80 requires AutonomousWG [afriza]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit 6c31b5bd1c)
The buildsystem doesn't know that the Package/*/config kconfig symbols are
related to the alfred package build. It is necessary to explicitly define it
via PKG_CONFIG_DEPENDS.
Fixes: f76074d424 ("alfred: add alfred 2013.3.0 to feed")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The buildsystem doesn't know that the KernelPackage/*/config kconfig
symbols are related to the batman-adv package build. It is necessary to
explicitly define it via PKG_CONFIG_DEPENDS.
Fixes: 522ce8dfdb ("batman-adv: rename folder name to match project & package name")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 22.03
opennds (9.9.0)
* This version adds new functionality, and fixes some issues
* Add - Community ThemeSpec to support legacy splash.html [bluewavenet]
* Fix - ensure nat_traversal_poll_interval defaults to 10 seconds [bluewavenet]
* Add - process send_to_fas_deauthed and send_to_fas_custom in fas-aes-https [bluewavenet]
* Add - support for send_to_fas_deauthed library call in binauth_log.sh [bluewavenet]
* Add - heartbeat file containing timestamp [bluewavenet]
* Add - send_to_fas_deauthed and send_to_fas_custom library calls [bluewavenet]
* Add - Save authmon daemon startup arguments for libopennds [bluewavenet]
* Fix - potential divide by zero errors [bluewavenet]
* Add - option nat_traversal_poll_interval [bluewavenet]
* Add - Library calls for urlencode and urldecode[bluewavenet]
* Fix - Don't download remotes if ThemeSpec not configured [bluewavenet]
* Add - Error report in syslog if dhcp database is not found [bluewavenet]
* Add - library calls, deauth and daemon_deauth [bluewavenet]
* Fix - change WTERMSIG log from WARNING to NOTICE [bluewavenet]
* Add - Set minimum bucket size to 5 regardless of configured bucket ratio [bluewavenet]
* Fix - safe_vasprint return value [bluewavenet]
* Add - test if safe_calloc failed and serve error 503 [bluewavenet]
* Add - use calloc instead of malloc[bluewavenet]
* fix - safe functions to return error rather than exit [bluewavenet]
* Add - b64decode custom string received by binauth script [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit 6cccf1fd65)
Maintainer: Rob White rob@blue-wave.net
Compile tested: All
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64, on 21.02, 22.03 and snapshot.
Description:
* This version adds new functionality.
* Update README.md
* Add - Traffic volume, Peers and stations to status output [bluewavenet]
* Add - limit up-checks to mesh interfaces only [bluewavenet]
-- Rob White <dot@blue-wave.net> Mon, 08 Aug 2022 13:40:31 +0000
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit 290ed82bd8)
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 22.03
* This version adds new functionality, and fixes some issues
* Fix - suppress stderr in client_params in generic linux [bluewavenet]
* Fix - client_params on generic linux, remote logo not supported yet [bluewavenet]
* Fix - compiler warning [bluewavenet]
* Fix - set voucher script as executable [bluewavenet]
* Update OpenWrt Makefile [bluewavenet]
* Add - format footer in Themespec scripts [bluewavenet]
* Update footer on all scripts [bluewavenet]
* Update - Community Voucher Themespec [bluewavenet]
* Add - Check on startup for Y2.038K bug (32 bit time) [bluewavenet]
* Fix - Remove deprecated Debian specific files [bluewavenet]
* Add - More css updates [bluewavenet]
* Add - user friendly RFC8910 page511 text and remove refresh button [bluewavenet]
* Fix - MHD becomes unresponsive serving page 511 for rfc8910 clients [bluewavenet]
* Add - extra startup settings - ignore_sigpipe and write nds info [bluewavenet]
* Add - set MHD connection limit to 100, set MHD listen backlog size to 128, set MHD_HTTP_HEADER_CONNECTION "close" [bluewavenet]
* Fix - Add missing LOG_CRIT in debug [bluewavenet]
* Add - some useful diagnostic output in authmon [bluewavenet]
* Fix - Move testing to community [bluewavenet]
* Fix - Community - Use tmpfs by default for vouchers.txt file [bluewavenet]
* Add - README with use instructions and notice about flash wearout [fservida]
* Fix - Refactor folder structure for community themespec [fservida]
* Add - Create vouchers.txt [fservida]
* Add - Create theme_voucher.sh [fservida]
* Update - README.md [bluewavenet]
* Add - image download info message [bluewavenet]
* Add - css updates [dianariyanto]
* Add - allow downloaded remotes refresh for all modes [bluewavenet]
* Add - download_resources.sh to installed files [bluewavenet]
* Add - support for download of custom images and files in the status.client page [bluewavenet]
* Remove - Debian man page support [bluewavenet]
* Fix - Add missing mkdir command in Makefile [dzatoah]
* Fix - typos in src/{conf, main}.c [dzatoah]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit b6f063dcca)
* cjdns: bump source from v21 to v21.1
* cjdns: bump release with patch to prefer python2
* cjdns: refresh patches and remove patch musl
Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit 217330bb5e)
Signed-off-by: Nick Hainke <vincent@systemli.org>
Naywatch now prints
naywatch: Naywatch Activated!
when becoming active.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 09d5ceb923)
Maintainer: Rob White rob@blue-wave.net
Compile tested: All
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64, on 21.02.2 and snapshot.
Description:
* This version adds new functionality, and fixed some issues
* Fix - repeated syslog messages - output only on mode change [bluewavenet]
* Add - service status to json output [bluewavenet]
* Add - support for multiple mesh interfaces [bluewavenet]
* Fix - duplicate ifname if more than one mesh interface [bluewavenet]
* Add - compatibility with iw < v5.16-1 [bluewavenet]
* Add - search and delete phantom meshnodes [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit 1cd90655da)
Babel is now a IETF standard. Update the package description.
Fixes: #867
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 983096d308)
Changelog:
916d3d9 Update CHANGES for babeld-1.12.1
3d8aec4 Schedule an interface check after adding an interface.
f13602b Split last PC into unicast and multicast values
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 9028f67afd)
Changelog:
5 May 2022: babeld-1.12
* Implement v4-via-v6 routing (RFC 9229), which allows a router with
IPv4 addresses only to route IPv4. Thanks to Théophile Bastian.
* Enable extended Netlink acks when available.
Thanks to Toke Høyland-Jørgensen.
* Fix restoring of interface configuration to avoid unbounded memory
consumption. Thanks to andrew-hoff.
* Fix handling of deny filters in the install chain.
Refreshed patches:
- 600-add-ubus.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit b35766330b)
* Request iflink once in batadv-on-batadv check
* Request iflink once in batadv_get_real_netdevice
* Don't expect inter-netns unique iflink indices
* Don't skb_split skbuffs with frag_list
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Eric Dumazet changed the mc_forwarding in commit 145c7a793838 ("ipv6: make
mc_forwarding atomic") the type of mc_forwarding from __s32 to an atomic_t.
This patch was then ported to various stable kernels.
This code change caused a FTBFS when in batman-adv when
CONFIG_BATMAN_ADV_MCAST was activated. To work around this problem, provide
a version for kernels with __s32 mc_forwarding and a version for kernel
with atomic_t mc_forwarding.
Fixes: #850
Reported-by: Huangbin Zhan <zhanhb88@gmail.com>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The opennds software interfaces with netfilter using `iptables` commands,
it does not rely on a specific implementation of the iptables frontend.
Furthermore, the semantically wrong conflict with iptables-legacy
introcduces recursive dependencies in the build system, even for people
not using opendns.
Remove the explicit conflict marker for iptables-legacy.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 8574cb411a)
Maintainer: Rob White rob@blue-wave.net
Compile tested: All
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64, on 21.02.2
Description:
Mesh11sd is a dynamic parameter configuration daemon for 802.11s mesh networks.
It was originally designed to leverage 802.11s mesh networking at Captive Portal venues.
This is the open source version and it enables easy and automated mesh network operation with multiple mesh nodes.
It allows all mesh parameters supported by the wireless driver to be set in the uci config file.
Settings take effect immediately without having to restart the wireless network.
Default settings give rapid and reliable layer 2 mesh convergence.
Without mesh11sd, many mesh parameters cannot be set in the uci wireless config file as the mesh interface must be up before the parameters can be set.
Some of those that are supported, would fail to be implemented when the network is (re)started resulting in errors or dropped nodes.
The mesh11sd daemon dynamically checks configured parameters and sets them as required.
This version does not require a Captive Portal to be running.
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit b4ab896894)
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64, on snapshot
* This version adds new functionality, and fixes some issues
* Fix - syntax error (missing comma) in awk command in bash on generic Linux [bluewavenet]
* Add - option to append serial number suffix to gatewayname [bluewavenet]
* Add - block use of ip aliases on gateway interface [doctor-ox] [bluewavenet]
* Fix - ndsctl json syntax error [bluewavenet]
* Add - check for null variables in key value pairs in MHD callbacks [bluewavenet]
* Fix - changed some notice messages into debug messages [bluewavenet]
* Fix - possible return of incorrect pid [doctor-ox] [bluewavenet]
* Fix - possible abiguities resulting in failure to parse parameters correctly [bluewavenet]
* Fix - Remove deprecated get_client_token.sh [bluewavenet]
* Fix - Prevent possible malformed mac address returned from dhcpcheck() [doctor-ox] [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit d078190b84)
Naywatch should first try to reboot normally, and if that does not work
do a hard reboot. However, the hard reboot was never called.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 65f747a8bc)
30 March 2022: babeld-1.11
* Implemented MAC authentication (RFC 8967). Thanks to Clara Dô,
Weronika Kołodziejak and Antonin Décimo.
* Changed the interface of the add_filter function in order to simplify
integration in OpenWRT. Thanks to Nick Hainke.
Detailed List:
7c053fe Export add_filters and simplify interface.
91c44f8 Rename blake2s to blake2s128.
dda8d63 Update CHANGES.
43a0066 Allow Blake2s keys up to 32 bytes.
375ea5f Rename interface option hmac to key.
1b9abc4 Replace hmac-verify with accept-bad-signatures.
3777eb4 Ignore .gitmodules when releasing an archive.
3551b45 Simplify and fix preparse phase.
ba8f116 Add rate limitations for challenges.
6d44238 Show PC number.
ceda3a0 Expire Index and challenge timer.
d66a4d2 Ignore a Challenge Request received on multicast.
024c17a Fix confusion between INDEX_LEN and NONCE_LEN when sending PC TLV.
ceb021f Fix double-free in error path.
1e08aed Change no_hmac_verify to hmac-verify.
c7ad387 Use 'hmac-sha256' and not 'sha256'.
5a15957 Fix nodes incorrectly rejecting packets.
af02039 Append a PC message if Babel-MAC is enabled.
46fc7da Follow the spec closely for the preparse phase.
87f39d0 Rename MAC functions and constants to match the spec.
02b14e3 Helpful error messages in key configuration.
d763f3e Error if configured key can't be found.
3cb0ab7 Use RFC3542 for IPv6 on macOS.
69df1cb Use _GNU_SOURCE instead of __USE_GNU.
ef3a113 Don't copy nonce, suppress VLA.
c243769 Move key validation in parse_key.
b06b2fc Constify source argument of fromhex.
9529941 Use AUTH_TYPE_NONE consistently.
d922b64 Document the HMAC options in manual page.
0c4afc2 Only allow keys configured on a given interface.
7de6715 Create neighbour after checking HMAC.
ecd1f42 Fix typo in compare_hmac.
9a5de34 Fix HMAC-SHA-256 computation.
f1051fd Fix constants to be consistent with SHA-256.
9688b68 Fix memory leaks in error-handling paths in configuration parser.
4d8a831 Fix some more (read-only) buffer overflows.
ebda926 Fix potential memory leaks.
d53fec0 Use AUTH_TYPE_* consistently.
a1afd51 Add no_hmac_verify flag.
b4e28f2 Fix ordering of fields in pseudo-header.
c8ace8b Use IANA-assigned TLV numbers.
739f76a Implement HMAC authentication.
e3adf47 Compile with SHA-256 and Blake2s.
ca0a512 Add SHA-2 and Blake2 submodules.
756783e Untabify
Remove upstreamed patches:
- 000-export-add-filters-and-simplify-interface.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit dbff012a2f)
