summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2019-11-29interface: warn if ip6hint is truncatedUwe Kleine-König
When for example a /60 is assigned to a network the last 4 bits of the ip6hint are unused. Emit a warning if any of these unused bits is set as it indicates that someone didn't understand how the hint is used. (As I did earlier today resulting in spending some time understanding the code.) Signed-off-by: Uwe Kleine-König <uwe@kleine-koenig.org> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-11-12wireless: make reconf opt-in and allow serializing configurationJohn Crispin
Add option 'reconf' to make dynamic re-configuration opt-in. Also add option 'serialize' to 'wifi-device' section and if set configure interfaces of wireless devices one-by-one. Both options are disabled by default. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-10-25wireless: add ubus method for reloading configurationJohn Crispin
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-08-05system-linux: fix resource leakHans Dedecker
Fix cb leak in case invalid type is specified in system_if_clear_entries Detected by Coverity in CID1431183 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-07-22system-linux: Coverity fixesHans Dedecker
Fixes CID 1220430, 1432226, 1432807 and 1433508 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-06-14netifd: fix xfrm interface deletion and standardize netlink callAndré Valentin
-xfrm interfaces were deleted before -use standard parameters for xfrm interface created Signed-off-by: André Valentin <avalentin@marcant.net>
2019-06-13interface-ip: fix possible null pointer dereferenceHans Dedecker
Reported by Coverity in CID 1445749 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-06-13system-linux: remove superfluous dev checkHans Dedecker
No need to check if dev is NULL as device is always set when system_neigh is called Fixes issue reported by Coverity in CID 1445818 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-06-08netifd: add xfrm tunnel interface supportAndré Valentin
This adds support for xfrm interfaces. These interfaces can be used since linux 4.19 for IPsec traffic, like VTI interface. XFRM interfaces are less complicated compared to VTI because they need no IP tunnel endpoints.
2019-05-27iprule: fix missing ip rules after a reload (FS#2296)Hans Dedecker
Since commit 5cf79759a24e9bb2a6a3aef7c83d73efb9bf2df3 (iprule: rework interface based rules to handle dynamic interfaces) the rule comparison is broken and doesn't correctly recognize matching rules. This in turn break the reloading as adding the "new" rule fails because it already exists and it then delete the "old" rule. The comparison is broken because it now include fields that are not defining the rule itself, as well as some pointer to malloced strings. To fix this we move back the offending fields in the iprule struct before the 'flags' field and match the malloced strings separately. Signed-off-by: Alban Bedel <albeu@free.fr> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-17interface-ip: use ptp address as well to find local address targetHans Dedecker
In case of tunnel over PPP(such as gretap over l2tp): tunnel interface use PPP's peer address as remote address, netifd script will call proto_add_host_dependency function, then netifd will search which device can reach to the remote address. Before the patch, netifd don't consider the PPP interface can reach to the remote address, so netifd will select default route to remote address, it will lead to remote address unreachable. Based on a patch by xiaofan <xfan1024@live.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-16treewide: pass bool as second argument of blobmsg_check_attrHans Dedecker
blobmsg_check_attr() takes as second argument a bool; fix it where needed Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-08interface-ip: fine tune IPv6 mtu warningHans Dedecker
Failing to set the IPv6 mtu is only a real issue if the mtu to be set is smaller than the current mtu as in that case it would break IPv6 path mtu; adapt the logic to generate the warning accordingly Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-07interface: tidy ipv6 mtu warningKevin Darbyshire-Bryant
Add missing space to change from: netifd: Failed to set IPv6 mtu to 1500on interface 'wg0' to: netifd: Failed to set IPv6 mtu to 1500 on interface 'wg0' Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-04-15system-linux: remove debug tracingHans Dedecker
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-04-15interface: add neighbor config supportmeurisa
The neighbor or neighbor6 network section makes neighbours configurable via UCI or proto shell handlers. It allows to install neighbor proxy entries or static neighbor entries The neighbor or neighbor6 section has the following types: interface : declares the logical OpenWrt interface ipaddr : the ip address of the neighbor mac : the mac address of the neighbor proxy : specifies whether the neighbor ia a proxy entry (can be 1 or 0) router : specifies whether the neighbor is a router (can be 1 or 0) Signed-off-by: Alexander Meuris <meurisalexander@gmail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-04-12interface: fix "if-down" hotplug event handlingMartin Schiller
commit a97297d83e42 ("interface: set interface in TEARDOWN state when checking link state") broke the if-down hotplug event handling, as the iface->state is now IFS_TEARDOWN when calling the mark_interface_down() function from the IFPEV_DOWN event. Fixes: a97297d83e42 ("interface: set interface in TEARDOWN state when checking link state") Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2019-04-01proto-shell: return error in case setup failsHans Dedecker
In case PROTO_CMD_SETUP cannot be handled due to an invalid state; return -1 so the calling functions are aware the PROTO_CMD_SETUP has failed. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-04-01interface: set interface in TEARDOWN state when checking link stateHans dedecker
When launching PROTO_CMD_TEARDOWN in interface_check_state() the interface was set in IFS_DOWN state. In case an interface is now brought into IFS_SETUP state in __interface_set_up() it will launch PROTO_CMD_SETUP trying to bring the proto shell handler in S_SETUP state which will fail as the proto shell handler is still in the S_TEARDOWN state. Fix this by setting the interface in IFS_TEARDOWN state when the PROTO_CMD_TEARDOWN event is launched which will prevent the interface being brought into IFS_SETUP state as long as it's not in the IFS_DOWN state. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-03-21netifd: wireless: Add support for 802.11adRobert Marko
This simple patch adds 802.11ad to hwmode list so that netifd-wireless.sh does not otherwise overwrite it with the default hwmode=g Signed-off-by: Robert Marko <robimarko@gmail.com>
2019-03-21netifd: wireless: Add support for GCMP cipherRobert Marko
This patch will add support for using GCMP as cipher suite. This is not a strong cipher but is only one supported by wil6210 driver in order to have encrypted traffic. Signed-off-by: Robert Marko <robimarko@gmail.com>
2019-03-13interface-ip: fix delegate config update on reload (FS#2087)Hans Dedecker
Update the no_delegation parameter on a config reload; in case prefixes are present update the prefix assignments as well according to the no_delegation status Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-01-31system-linux: handle hotplug event socket ENOBUFS errorsAlin Nastac
Hotplug events are no longer handled after socket RX queue is overrun. The issue has been fixed by: - setting SO_RCVBUF initially to 65535 - doubling SO_RCVBUF value each time RX queue gets overrun Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
2018-12-17proto: fix logic inversion in previous commitKevin Darbyshire-Bryant
Rogue ! effectively disabled the ipv6 multicast check. Fix cd089c52 Why is it always the simple changes that catch you out? Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-12-16proto: Support class-e addressing in netifdDave Taht
Signed-off-by: Dave Taht <dave.taht@gmail.com> Acked-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> Acked-by: Jo-Philipp Wich <jo@mein.io>
2018-12-13system-linux: get rid of SIOCSDEVPRIVATEHans Dedecker
Use sysfs to configure the bridge settings stp/forward_delay/priority ageing_time/hello_time and max_age as the SIOCDEVPRIVATE bridge ioctl has no compat ioctl support which makes it impossible to set the above mentioned bridge paramaters if the kernel is compiled in 64 bit mode and user_space in 32 bit mode. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-11-26interface: fix return code of __interface_add()Hans Dedecker
For dynamic interfaces don't return false if vlist_find returns NULL as the calling function will try to free iface in case of an error which has already been freed in interface_change_config() Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-11-26netifd: fix resource leak on error in netifd_add_dynamic()Hans Dedecker
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-11-26config: fix resource leaks on error in config_parse_interface()Hans Dedecker
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-11-26interface: fix memory leak on error in __interface_add()Hans Dedecker
Detected by Coverity in cid 1441495 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-11-19treewide: switch to C-code style commentsHans Dedecker
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-11-19treewide: make some functions staticHans Dedecker
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-11-16interface: fix removal of dynamic interfacesHans Dedecker
Set config state to remove for dynamic interfaces in the following cases : -interface is set as not available -interface is set as down -interface is set as having no link state This will trigger an interface delete upon the next call of interface_handle_config_change Before this change you could end up with lingering inactive dynamic interfaces in case the aliased interface went down as before a dynamic interface was only removed when set down via ubus Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-11-13interface: rework code to get rid of interface_set_dynamicHans Dedecker
Integrate dynamic interface creation code into interface_alloc and __interface_add so we can get rid of interface_set_dynamic Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-10-17system-linux: enable by default ignore encaplimit for grev6 tunnelsHans Dedecker
Similar as for ip6 tunnels ignore encaplimit by default as not all ISPs support the destination option header containing the tunnel encapsulation limit resulting into broken connectivity Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-10-16system-linux: fix a typo in gre tunnel data parsing logicHans Dedecker
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-10-12wireless: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise)Hauke Mehrtens
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-12wireless: Add Opportunistic Wireless Encryption (OWE)Hauke Mehrtens
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-12wireless: Add Simultaneous Authentication of Equals (SAE)Hauke Mehrtens
This adds PSK3 / SAE support. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-01iprule: coding style fixesHans Dedecker
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-10-01iprule: fix segfault (FS#1875)Hans Dedecker
Fix segfault in generic_interface_cb by checking the IPRULE_OUT/IPRULE_IN flags before doing the strcmp for the possible configured out/in interface(s) of the ip rule. Also don't copy the interface layer3 device as the layer 3 device is not yet known when IFEV_CREATE event is launched. The layer3 device will be known when the IFEV_UP event is processed in rule_out_cb/rule_in_cb. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-09-19scripts: fix previous commitJo-Philipp Wich
Actually change the glob pattern as described in the previous commit. Fixes: 3c8ac1c ("netifd: fix wpa mixed mode matching") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-09-19netifd: fix wpa mixed mode matchingRick Farina (Zero_Chaos)
Change wpa mixed mode matching to not accidently catch wep+mixed. All documented cases have the character between {wpa,psk} and mixed as a '-' but no need to break things which were working, so preserve the * case. Reported-by: "Rick Farina (Zero_Chaos)" <zerochaos@gentoo.org> [Allow "psk-mixed" to be prefixed, to align with the *psk2* and *psk* cases, slightly reword subject and commit message.] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-09-18system-linux: enable by default ignore encaplimit for ip6 tunnelsHans Dedecker
Enable ignore encaplimit by default for ip6 tunnels as not all ISPs support the destination option header containing the tunnel encapsulation limit resulting into broken map/ds-lite connectivity. Setting the ignore encaplimit flag by default is a more sane setting as it avoids user configuation of the encaplimit uci option for ds-lite/map tunnels in case of broken connectivity. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-09-11CMakeList: Check that compiler supports -Wimplicit-fallthroughFlorian Fainelli
This is a GCC >= 7 feature, not all compilers support it. Fixes: 908a9f4f1027 ("CMakeLists.txt: add -Wimplicit-fallthrough to the compiler flags") Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2018-08-20interface: let interface_set_down() return voidHans Dedecker
Let interface_set_down() return void as no usefull error code is returned by __interface_set_down() Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-08-20interface: make __interface_set_down() staticHans Dedecker
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-08-20interface: extend interface error messages in interface_set_up()Hans Dedecker
Don't return an error code in interface_set_up as it's ignored anyway by the calling functions; but rather add more interface error messages so the actual problem is visible for the user by doing ifstatus <interface> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-08-17interface: ensure NO_DEVICE error is always reportedHans Dedecker
Remove interface available checks in the functions interface_start_pending and interface_handle_config_change so the NO_DEVICE error is reported in ifstatus <interface> making it clear to the user the configured device in ifname is not found Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-08-14device: gracefully handle device names exceeding IFNAMESIZHans Dedecker
Instead of truncating the device name when it exceeds IFNAMSIZ length; let device_set_ifname return an error code and do not add the device to the device list. This avoids possible issues with device names becoming identical due the truncation and as a result unexpected behavior. Further let the different device types gracefully handle the error code returned by device_init Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>