Compare revisions

58e9eadd · 58e9eadd · 58e9eadd · 58e9eadd · 58e9eadd · 58e9eadd
--- a/package/network/config/firewall/files/firewall.init
+++ b/package/network/config/firewall/files/firewall.init
@@ -15,8 +15,6 @@ validate_firewall_redirect()
 		'dest_ip:cidr' \
 		'dest_port:or(port, portrange)' \
 		'target:or("SNAT", "DNAT")'
-	
-	return $?
 }

 validate_firewall_rule()
@@ -28,8 +26,6 @@ validate_firewall_rule()
 		'src_port:or(port, portrange)' \
 		'dest_port:or(port, portrange)' \
 		'target:string'
-	
-	return $?
 }

 service_triggers() {
@@ -60,6 +56,6 @@ reload_service() {
 boot() {
 	# Be silent on boot, firewall might be started by hotplug already,
 	# so don't complain in syslog.
-	QUIET=1
+	QUIET=-q
 	start
 }
--- a/package/network/config/netifd/Makefile
+++ b/package/network/config/netifd/Makefile
 include $(TOPDIR)/rules.mk

 PKG_NAME:=netifd
-PKG_VERSION:=2014-08-05
+PKG_VERSION:=2014-09-08.1
 PKG_RELEASE=$(PKG_SOURCE_VERSION)

 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=http://git.openwrt.org/project/netifd.git
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=a6f28311d3786cbd5307aee3239032f6db1503f3
+PKG_SOURCE_VERSION:=46c569989f984226916fec28dd8ef152a664043e
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MAINTAINER:=Felix Fietkau <nbd@openwrt.org>
 # PKG_MIRROR_MD5SUM:=

--- a/package/network/config/netifd/files/etc/init.d/network
+++ b/package/network/config/netifd/files/etc/init.d/network
@@ -50,8 +50,6 @@ validate_atm_bridge_section()
 		'atmdev:uinteger:0' \
 		'encaps:or("llc", "vc"):llc' \
 		'payload:or("bridged", "routed"):bridged'
-
-	return $?
 }

 validate_route_section()
@@ -64,8 +62,6 @@ validate_route_section()
 		'metric:uinteger' \
 		'mtu:uinteger' \
 		'table:or(range(0,65535),string)'
-
-	return $?
 }

 validate_route6_section()
@@ -77,8 +73,6 @@ validate_route6_section()
 		'metric:uinteger' \
 		'mtu:uinteger' \
 		'table:or(range(0,65535),string)'
-
-	return $?
 }

 validate_rule_section()
@@ -94,8 +88,6 @@ validate_rule_section()
 		'lookup:or(range(0,65535),string)' \
 		'goto:range(0,65535)' \
 		'action:or("prohibit", "unreachable", "blackhole", "throw")'
-
-	return $?
 }

 validate_rule6_section()
@@ -111,8 +103,6 @@ validate_rule6_section()
 		'lookup:or(range(0,65535),string)' \
 		'goto:range(0,65535)' \
 		'action:or("prohibit", "unreachable", "blackhole", "throw")'
-
-	return $?
 }

 validate_switch_section()
@@ -122,8 +112,6 @@ validate_switch_section()
 		'enable:bool' \
 		'enable_vlan:bool' \
 		'reset:bool'
-
-	return $?
 }

 validate_switch_vlan()
@@ -132,8 +120,6 @@ validate_switch_vlan()
 		'device:string' \
 		'vlan:uinteger' \
 		'ports:list(ports)'
-
-	return $?
 }

 service_triggers()

--- a/package/network/config/netifd/files/lib/netifd/proto/dhcp.sh
+++ b/package/network/config/netifd/files/lib/netifd/proto/dhcp.sh
@@ -39,7 +39,7 @@ proto_dhcp_setup() {
 	[ "$broadcast" = 1 ] && broadcast="-B" || broadcast=
 	[ -n "$clientid" ] && clientid="-x 0x3d:${clientid//:/}" || clientid="-C"
 	[ -n "$iface6rd" ] && proto_export "IFACE6RD=$iface6rd"
-	[ -n "$iface6rd" ] && append dhcpopts "-O 212"
+	[ "$iface6rd" != 0 -a -f /lib/netifd/proto/6rd.sh ] && append dhcpopts "-O 212"
 	[ -n "$zone6rd" ] && proto_export "ZONE6RD=$zone6rd"
 	[ -n "$zone" ] && proto_export "ZONE=$zone"
 	[ "$delegate" = "0" ] && proto_export "IFACE6RD_DELEGATE=0"

--- a/package/network/ipv6/map/Makefile
+++ b/package/network/ipv6/map/Makefile
@@ -8,8 +8,8 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=map
-PKG_VERSION:=1
-PKG_RELEASE:=2
+PKG_VERSION:=2
+PKG_RELEASE:=1

 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk

--- a/package/network/ipv6/map/files/map.sh
+++ b/package/network/ipv6/map/files/map.sh
@@ -122,19 +122,28 @@ proto_map_setup() {
 	[ "$zone" != "-" ] && json_add_string zone "$zone"

 	json_add_array firewall
-	  for portset in $(eval "echo \$RULE_${k}_PORTSETS"); do
-            for proto in icmp tcp udp; do
-	      json_add_object ""
-	        json_add_string type nat
-	        json_add_string target SNAT
-	        json_add_string family inet
-	        json_add_string proto "$proto"
-                json_add_boolean connlimit_ports 1
-                json_add_string snat_ip $(eval "echo \$RULE_${k}_IPV4ADDR")
-                json_add_string snat_port "$portset"
-	      json_close_object
-            done
-	  done
+	  if [ -z "$(eval "echo \$RULE_${k}_PORTSETS")" ]; then
+	    json_add_object ""
+	      json_add_string type nat
+	      json_add_string target SNAT
+	      json_add_string family inet
+	      json_add_string snat_ip $(eval "echo \$RULE_${k}_IPV4ADDR")
+	    json_close_object
+	  else
+	    for portset in $(eval "echo \$RULE_${k}_PORTSETS"); do
+              for proto in icmp tcp udp; do
+	        json_add_object ""
+	          json_add_string type nat
+	          json_add_string target SNAT
+	          json_add_string family inet
+	          json_add_string proto "$proto"
+                  json_add_boolean connlimit_ports 1
+                  json_add_string snat_ip $(eval "echo \$RULE_${k}_IPV4ADDR")
+                  json_add_string snat_port "$portset"
+	        json_close_object
+              done
+	    done
+	  fi
 	  if [ "$type" = "map-t" ]; then
 	  	json_add_object ""
 	  		json_add_string type rule

--- a/package/network/ipv6/map/src/mapcalc.c
+++ b/package/network/ipv6/map/src/mapcalc.c
@@ -343,14 +343,17 @@ int main(int argc, char *argv[])
 		}


-		if (psidlen == 0) {
-			printf("RULE_%d_PORTSETS=0-65535\n", rulecnt);
-		} else if (psid >= 0) {
+		if (psidlen > 0 && psid >= 0) {
 			printf("RULE_%d_PORTSETS='", rulecnt);
 			for (int k = (offset) ? 1 : 0; k < (1 << offset); ++k) {
 				int start = (k << (16 - offset)) | (psid >> offset);
 				int end = start + (1 << (16 - offset - psidlen)) - 1;
-				printf("%d-%d ", start, end);
+
+				if (start == 0)
+					start = 1;
+
+				if (start <= end)
+					printf("%d-%d ", start, end);
 			}
 			printf("'\n");
 		}

--- a/package/network/ipv6/odhcp6c/Makefile
+++ b/package/network/ipv6/odhcp6c/Makefile
 #
-# Copyright (C) 2012 OpenWrt.org
+# Copyright (C) 2012-2014 OpenWrt.org
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -8,14 +8,14 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=odhcp6c
-PKG_VERSION:=2014-07-21
+PKG_VERSION:=2014-10-25
 PKG_RELEASE=$(PKG_SOURCE_VERSION)

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
 PKG_SOURCE_URL:=git://github.com/sbyx/odhcp6c.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=67b311ab81736b35858664219d345844ab08fcc7
+PKG_SOURCE_VERSION:=940e2141ab13727af6323c4d30002f785e466318
 PKG_MAINTAINER:=Steven Barth <steven@midlink.org>

 include $(INCLUDE_DIR)/package.mk
@@ -29,10 +29,6 @@ ifneq ($(CONFIG_PACKAGE_odhcp6c_ext_cer_id),0)
  CMAKE_OPTIONS += -DEXT_CER_ID=$(CONFIG_PACKAGE_odhcp6c_ext_cer_id)
 endif

-ifneq ($(CONFIG_PACKAGE_odhcp6c_ext_s46),0)
-  CMAKE_OPTIONS += -DEXT_S46=$(CONFIG_PACKAGE_odhcp6c_ext_s46)
-endif
-
 define Package/odhcp6c
  SECTION:=net
  CATEGORY:=Network
@@ -50,11 +46,6 @@ define Package/odhcp6c/config
    int "CER-ID Extension ID (0 = disabled)"
    depends on PACKAGE_odhcp6c
    default 0
-
-  config PACKAGE_odhcp6c_ext_s46
-    int "Softwire MAP Extension ID (0 = disabled)"
-    depends on PACKAGE_odhcp6c
-    default 0
 endef

 define Package/odhcp6c/install

--- a/package/network/ipv6/odhcp6c/files/dhcpv6.script
+++ b/package/network/ipv6/odhcp6c/files/dhcpv6.script
@@ -26,6 +26,15 @@ setup_interface () {

 	for prefix in $PREFIXES; do
 		proto_add_ipv6_prefix "$prefix"
+                local entry="${prefix#*/}"
+                entry="${entry#*,}"
+                entry="${entry#*,}"
+                local valid="${entry%%,*}"
+
+		if [ -z "$RA_ADDRESSES" -a -z "$RA_ROUTES" -a \
+				-z "$RA_DNS" -a "$FAKE_ROUTES" = 1 ]; then
+			RA_ROUTES="::/0,$SERVER,$valid,4096"
+		fi
 	done

 	[ -n "$USERPREFIX" ] && proto_add_ipv6_prefix "$USERPREFIX"
@@ -51,6 +60,11 @@ setup_interface () {
 		local valid="${entry%%,*}"

 		proto_add_ipv6_address "$addr" "$mask" "$preferred" "$valid" 1
+
+                if [ -z "$RA_ADDRESSES" -a -z "$RA_ROUTES" -a \
+                                -z "$RA_DNS" -a "$FAKE_ROUTES" = 1 ]; then
+                        RA_ROUTES="::/0,$SERVER,$valid,4096"
+                fi
 	done

 	for entry in $RA_ROUTES; do
@@ -141,9 +155,12 @@ case "$2" in
 		teardown_interface "$1"
 		setup_interface "$1"
 	;;
-	informed|updated|rebound|ra-updated)
+	informed|updated|rebound)
 		setup_interface "$1"
 	;;
+	ra-updated)
+		[ -n "$ADDRESSES$RA_ADDRESSES$PREFIXES$USERPREFIX" ] && setup_interface "$1"
+	;;
 	started|stopped|unbound)
 		teardown_interface "$1"
 	;;

--- a/package/network/ipv6/odhcp6c/files/dhcpv6.sh
+++ b/package/network/ipv6/odhcp6c/files/dhcpv6.sh
@@ -26,14 +26,15 @@ proto_dhcpv6_init_config() {
 	proto_config_add_string "vendorclass"
 	proto_config_add_boolean delegate
 	proto_config_add_int "soltimeout"
+	proto_config_add_boolean fakeroutes
 }

 proto_dhcpv6_setup() {
 	local config="$1"
 	local iface="$2"

-	local reqaddress reqprefix clientid reqopts noslaaconly forceprefix norelease ip6prefix iface_dslite iface_map ifaceid sourcerouting userclass vendorclass delegate zone_dslite zone_map zone soltimeout
-	json_get_vars reqaddress reqprefix clientid reqopts noslaaconly forceprefix norelease ip6prefix iface_dslite iface_map ifaceid sourcerouting userclass vendorclass delegate zone_dslite zone_map zone soltimeout
+	local reqaddress reqprefix clientid reqopts noslaaconly forceprefix norelease ip6prefix iface_dslite iface_map ifaceid sourcerouting userclass vendorclass delegate zone_dslite zone_map zone soltimeout fakeroutes
+	json_get_vars reqaddress reqprefix clientid reqopts noslaaconly forceprefix norelease ip6prefix iface_dslite iface_map ifaceid sourcerouting userclass vendorclass delegate zone_dslite zone_map zone soltimeout fakeroutes


 	# Configure
@@ -72,6 +73,7 @@ proto_dhcpv6_setup() {
 	[ -n "$zone_dslite" ] && proto_export "ZONE_DSLITE=$zone_dslite"
 	[ -n "$zone_map" ] && proto_export "ZONE_MAP=$zone_map"
 	[ -n "$zone" ] && proto_export "ZONE=$zone"
+	[ "$fakeroutes" != "0" ] && proto_export "FAKE_ROUTES=1"

 	proto_export "INTERFACE=$config"
 	proto_run_command "$config" odhcp6c \

--- a/package/network/services/dnsmasq/Makefile
+++ b/package/network/services/dnsmasq/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=dnsmasq
 PKG_VERSION:=2.71
-PKG_RELEASE:=3
+PKG_RELEASE:=4

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq

--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -293,15 +293,22 @@ dhcp_host_add() {
 	config_get ip "$cfg" ip
 	[ -n "$ip" -o -n "$name" ] || return 0

+	config_get_bool dns "$cfg" dns 0
+	[ "$dns" = "1" -a -n "$ip" -a -n "$name" ] && {
+		echo "$ip $name${DOMAIN:+.$DOMAIN}" >> $HOSTFILE
+	}
+
 	config_get mac "$cfg" mac
-	[ -z "$mac" ] && {
+	if [ -n "$mac" ]; then
+		# --dhcp-host=00:20:e0:3b:13:af,192.168.0.199,lap
+		macs=""
+		for m in $mac; do append macs "$m" ","; done
+	else
+		# --dhcp-host=lap,192.168.0.199
 		[ -n "$name" ] || return 0
-		mac="$name"
+		macs="$name"
 		name=""
-	}
-
-	macs=""
-	for m in $mac; do append macs "$m" ","; done
+	fi

 	config_get tag "$cfg" tag

@@ -309,11 +316,6 @@ dhcp_host_add() {
 	[ "$broadcast" = "0" ] && broadcast=

 	xappend "--dhcp-host=$macs${networkid:+,net:$networkid}${broadcast:+,set:needs-broadcast}${tag:+,set:$tag}${ip:+,$ip}${name:+,$name}"
-
-	config_get_bool dns "$cfg" dns 0
-	[ "$dns" = "1" ] && {
-		echo "$ip $name${DOMAIN:+.$DOMAIN}" >> $HOSTFILE
-	}
 }

 dhcp_tag_add() {
@@ -373,6 +375,9 @@ dhcp_add() {
 	config_get net "$cfg" interface
 	[ -n "$net" ] || return 0

+	config_get dhcpv4 "$cfg" dhcpv4
+	[ "$dhcpv4" != "disabled" ] || return 0
+
 	config_get networkid "$cfg" networkid
 	[ -n "$networkid" ] || networkid="$net"

@@ -438,13 +443,10 @@ dhcp_domain_add() {
 	[ -n "$ip" ] || return 0

 	for name in $names; do
-		[ "${name%.*}" == "$name" ] && \
-			name="$name${DOMAIN:+.$DOMAIN}"
-
-		record="${record:+$record/}$name"
+		record="${record:+$record }$name"
 	done

-	xappend "--address=/$record/$ip"
+	echo "$ip $record" >> $HOSTFILE
 }

 dhcp_srv_add() {
@@ -569,7 +571,7 @@ start_service() {
 	local lanaddr
 	[ $ADD_LOCAL_HOSTNAME -eq 1 ] && network_get_ipaddr lanaddr "lan" && {
 		local hostname="$(uci_get system @system[0] hostname OpenWrt)"
-		dhcp_hostrecord_add "" "${hostname%.$DOMAIN}${DOMAIN:+.$DOMAIN ${hostname%.$DOMAIN}}" "$lanaddr"
+		dhcp_domain_add "" "$hostname" "$lanaddr"
 	}

 	echo >> $CONFIGFILE

--- a/package/network/services/dnsmasq/patches/002-fix-race-on-interface-flaps.patch
+++ b/package/network/services/dnsmasq/patches/002-fix-race-on-interface-flaps.patch
+From a0358e5ddbc1ef3dec791f11f95f5dbe56087a5e Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Sat, 7 Jun 2014 13:38:48 +0100
+Subject: [PATCH] Handle async notification of address changes using the event
+ system.
+
+---
+ CHANGELOG     |  4 ++++
+ src/bpf.c     |  6 +++---
+ src/dhcp6.c   | 10 ----------
+ src/dnsmasq.c | 13 +++++++++++--
+ src/dnsmasq.h |  6 ++++--
+ src/netlink.c | 39 ++++++++++-----------------------------
+ src/network.c | 11 +++--------
+ 7 files changed, 35 insertions(+), 54 deletions(-)
+
+--- a/CHANGELOG
+++ b/CHANGELOG
+@@ -15,6 +15,10 @@ version 2.71
+ 	    regression introduced in 2.69. Thanks to James Hunt and
+ 	    the Ubuntu crowd for assistance in fixing this.
+ 
+	    Fix race condition which could lock up dnsmasq when an 
+	    interface goes down and up rapidly. Thanks to Conrad 
+	    Kostecki for helping to chase this down.
+	    
+ 
+ version 2.70
+             Fix crash, introduced in 2.69, on TCP request when dnsmasq
+--- a/src/bpf.c
+++ b/src/bpf.c
+@@ -376,7 +376,7 @@ void route_init(void)
+     die(_("cannot create PF_ROUTE socket: %s"), NULL, EC_BADNET);
+ }
+ 
+-void route_sock(time_t now)
+void route_sock(void)
+ {
+   struct if_msghdr *msg;
+   int rc = recv(daemon->routefd, daemon->packet, daemon->packet_buff_sz, 0);
+@@ -401,7 +401,7 @@ void route_sock(time_t now)
+    else if (msg->ifm_type == RTM_NEWADDR)
+      {
+        del_family = 0;
+-       newaddress(now);
+       send_newaddr();
+      }
+    else if (msg->ifm_type == RTM_DELADDR)
+      {
+@@ -439,7 +439,7 @@ void route_sock(time_t now)
+ 	       of += sizeof(long) - (diff & (sizeof(long) - 1));
+ 	   }
+        
+-       newaddress(now);
+       send_newaddr();
+      }
+ }
+ 
+--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
+@@ -917,10 +917,10 @@ int main (int argc, char **argv)
+ 
+ #if defined(HAVE_LINUX_NETWORK)
+       if (FD_ISSET(daemon->netlinkfd, &rset))
+-	netlink_multicast(now);
+	netlink_multicast();
+ #elif defined(HAVE_BSD_NETWORK)
+       if (FD_ISSET(daemon->routefd, &rset))
+-	route_sock(now);
+	route_sock();
+ #endif
+ 
+       /* Check for changes to resolv files once per second max. */
+@@ -1037,6 +1037,11 @@ void send_alarm(time_t event, time_t now
+     }
+ }
+ 
+void send_newaddr(void)
+{
+  send_event(pipewrite, EVENT_NEWADDR, 0, NULL);
+}
+
+ void send_event(int fd, int event, int data, char *msg)
+ {
+   struct event_desc ev;
+@@ -1230,6 +1235,10 @@ static void async_event(int pipe, time_t
+ 	if (daemon->log_file != NULL)
+ 	  log_reopen(daemon->log_file);
+ 	break;
+
+      case EVENT_NEWADDR:
+	newaddress(now);
+	break;
+ 	
+       case EVENT_TERM:
+ 	/* Knock all our children on the head. */
+--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
+@@ -165,6 +165,7 @@ struct event_desc {
+ #define EVENT_LUA_ERR   19
+ #define EVENT_TFTP_ERR  20
+ #define EVENT_INIT      21
+#define EVENT_NEWADDR   22
+ 
+ /* Exit codes. */
+ #define EC_GOOD        0
+@@ -1289,6 +1290,7 @@ unsigned char *extended_hwaddr(int hwtyp
+ int make_icmp_sock(void);
+ int icmp_ping(struct in_addr addr);
+ #endif
+void send_newaddr(void);
+ void send_alarm(time_t event, time_t now);
+ void send_event(int fd, int event, int data, char *msg);
+ void clear_cache_and_reload(time_t now);
+@@ -1297,7 +1299,7 @@ void poll_resolv(int force, int do_reloa
+ /* netlink.c */
+ #ifdef HAVE_LINUX_NETWORK
+ void netlink_init(void);
+-void netlink_multicast(time_t now);
+void netlink_multicast(void);
+ #endif
+ 
+ /* bpf.c */
+@@ -1306,7 +1308,7 @@ void init_bpf(void);
+ void send_via_bpf(struct dhcp_packet *mess, size_t len,
+ 		  struct in_addr iface_addr, struct ifreq *ifr);
+ void route_init(void);
+-void route_sock(time_t now);
+void route_sock(void);
+ #endif
+ 
+ /* bpf.c or netlink.c */
+--- a/src/netlink.c
+++ b/src/netlink.c
+@@ -38,7 +38,7 @@
+ static struct iovec iov;
+ static u32 netlink_pid;
+ 
+-static int nl_async(struct nlmsghdr *h);
+static void nl_async(struct nlmsghdr *h);
+ 
+ void netlink_init(void)
+ {
+@@ -142,7 +142,7 @@ int iface_enumerate(int family, void *pa
+   struct nlmsghdr *h;
+   ssize_t len;
+   static unsigned int seq = 0;
+-  int callback_ok = 1, newaddr = 0;
+  int callback_ok = 1;
+ 
+   struct {
+     struct nlmsghdr nlh;
+@@ -191,21 +191,10 @@ int iface_enumerate(int family, void *pa
+ 	if (h->nlmsg_seq != seq || h->nlmsg_pid != netlink_pid || h->nlmsg_type == NLMSG_ERROR)
+ 	  {
+ 	    /* May be multicast arriving async */
+-	    if (nl_async(h))
+-	      {
+-		newaddr = 1; 
+-		enumerate_interfaces(1); /* reset */
+-	      }
+	    nl_async(h);
+ 	  }
+ 	else if (h->nlmsg_type == NLMSG_DONE)
+-	  {
+-	    /* handle async new interface address arrivals, these have to be done
+-	       after we complete as we're not re-entrant */
+-	    if (newaddr) 
+-	      newaddress(dnsmasq_time());
+-		
+-	    return callback_ok;
+-	  }
+	  return callback_ok;
+ 	else if (h->nlmsg_type == RTM_NEWADDR && family != AF_UNSPEC && family != AF_LOCAL)
+ 	  {
+ 	    struct ifaddrmsg *ifa = NLMSG_DATA(h);  
+@@ -330,11 +319,11 @@ int iface_enumerate(int family, void *pa
+     }
+ }
+ 
+-void netlink_multicast(time_t now)
+void netlink_multicast(void)
+ {
+   ssize_t len;
+   struct nlmsghdr *h;
+-  int flags, newaddr = 0;
+  int flags;
+   
+   /* don't risk blocking reading netlink messages here. */
+   if ((flags = fcntl(daemon->netlinkfd, F_GETFL)) == -1 ||
+@@ -343,24 +332,19 @@ void netlink_multicast(time_t now)
+   
+   if ((len = netlink_recv()) != -1)
+     for (h = (struct nlmsghdr *)iov.iov_base; NLMSG_OK(h, (size_t)len); h = NLMSG_NEXT(h, len))
+-      if (nl_async(h))
+-	newaddr = 1;
+      nl_async(h);
+   
+   /* restore non-blocking status */
+   fcntl(daemon->netlinkfd, F_SETFL, flags);
+-  
+-  if (newaddr) 
+-    newaddress(now);
+ }
+ 
+-static int nl_async(struct nlmsghdr *h)
+static void nl_async(struct nlmsghdr *h)
+ {
+   if (h->nlmsg_type == NLMSG_ERROR)
+     {
+       struct nlmsgerr *err = NLMSG_DATA(h);
+       if (err->error != 0)
+ 	my_syslog(LOG_ERR, _("netlink returns error: %s"), strerror(-(err->error)));
+-      return 0;
+     }
+   else if (h->nlmsg_pid == 0 && h->nlmsg_type == RTM_NEWROUTE) 
+     {
+@@ -385,18 +369,15 @@ static int nl_async(struct nlmsghdr *h)
+ 	      else if (daemon->rfd_save && daemon->rfd_save->refcount != 0)
+ 		fd = daemon->rfd_save->fd;
+ 	      else
+-		return 0;
+		return;
+ 	      
+ 	      while(sendto(fd, daemon->packet, daemon->packet_len, 0,
+ 			   &daemon->srv_save->addr.sa, sa_len(&daemon->srv_save->addr)) == -1 && retry_send()); 
+ 	    }
+ 	}
+-      return 0;
+     }
+   else if (h->nlmsg_type == RTM_NEWADDR || h->nlmsg_type == RTM_DELADDR) 
+-    return 1; /* clever bind mode - rescan */
+-  
+-  return 0;
+    send_newaddr();
+ }
+ #endif
+ 
+--- a/src/network.c
+++ b/src/network.c
+@@ -551,7 +551,7 @@ static int iface_allowed_v4(struct in_ad
+ int enumerate_interfaces(int reset)
+ {
+   static struct addrlist *spare = NULL;
+-  static int done = 0, active = 0;
+  static int done = 0;
+   struct iface_param param;
+   int errsave, ret = 1;
+   struct addrlist *addr, *tmp;
+@@ -570,14 +570,11 @@ int enumerate_interfaces(int reset)
+       return 1;
+     }
+ 
+-  if (done || active)
+  if (done)
+     return 1;
+ 
+   done = 1;
+ 
+-  /* protect against recusive calls from iface_enumerate(); */
+-  active = 1;
+-
+   if ((param.fd = socket(PF_INET, SOCK_DGRAM, 0)) == -1)
+     return 0;
+  
+@@ -677,10 +674,8 @@ int enumerate_interfaces(int reset)
+     }
+   
+   errno = errsave;
+-  
+   spare = param.spare;
+-  active = 0;
+-  
+    
+   return ret;
+ }
+ 
--- a/package/network/services/dropbear/Makefile
+++ b/package/network/services/dropbear/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=dropbear
 PKG_VERSION:=2014.63
-PKG_RELEASE:=1
+PKG_RELEASE:=2

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:= \
@@ -21,6 +21,7 @@ PKG_LICENSE:=MIT
 PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE

 PKG_BUILD_PARALLEL:=1
+PKG_USE_MIPS16:=0

 PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC


--- a/package/network/services/dropbear/files/dropbear.init
+++ b/package/network/services/dropbear/files/dropbear.init
@@ -47,7 +47,6 @@ validate_section_dropbear()
 		'Port:list(port):22' \
 		'SSHKeepAlive:uinteger:300' \
 		'IdleTimeout:uinteger:0'
-	return $?
 }

 dropbear_instance()

--- a/package/network/services/hostapd/Makefile
+++ b/package/network/services/hostapd/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=hostapd
-PKG_VERSION:=2014-06-03
+PKG_VERSION:=2014-06-03.1
 PKG_RELEASE:=1
 PKG_REV:=84df167554569af8c87f0a8ac1fb508192417d8e


--- a/package/network/services/hostapd/files/hostapd.sh
+++ b/package/network/services/hostapd/files/hostapd.sh
@@ -196,13 +196,13 @@ hostapd_set_bss_options() {
 		config_get device_type "$vif" wps_device_type "6-0050F204-1"
 		config_get device_name "$vif" wps_device_name "OpenWrt AP"
 		config_get manufacturer "$vif" wps_manufacturer "openwrt.org"
-		config_get wps_pin "$vif" wps_pin "12345670"
+		config_get wps_pin "$vif" wps_pin

 		config_get_bool ext_registrar "$vif" ext_registrar 0
 		[ "$ext_registrar" -gt 0 -a -n "$bridge" ] && append "$var" "upnp_iface=$bridge" "$N"

 		append "$var" "eap_server=1" "$N"
-		append "$var" "ap_pin=$wps_pin" "$N"
+		[ -n "$wps_pin" ] && append "$var" "ap_pin=$wps_pin" "$N"
 		append "$var" "wps_state=${wps_not_configured:-2}" "$N"
 		append "$var" "ap_setup_locked=0" "$N"
 		append "$var" "device_type=$device_type" "$N"

--- a/package/network/services/hostapd/files/netifd.sh
+++ b/package/network/services/hostapd/files/netifd.sh
@@ -251,7 +251,7 @@ hostapd_set_bss_options() {
 			}

 			append bss_conf "nas_identifier=$nasid" "$N"
-                        [ -n "$ownip" ] && append bss_conf "own_ip_addr=$ownip" "$N"
+			[ -n "$ownip" ] && append bss_conf "own_ip_addr=$ownip" "$N"
 			append bss_conf "eapol_key_index_workaround=1" "$N"
 			append bss_conf "ieee8021x=1" "$N"
 			append bss_conf "wpa_key_mgmt=WPA-EAP" "$N"
@@ -290,7 +290,6 @@ hostapd_set_bss_options() {
 		set_default wps_device_type "6-0050F204-1"
 		set_default wps_device_name "OpenWrt AP"
 		set_default wps_manufacturer "openwrt.org"
-		set_default wps_pin "12345670"

 		wps_state=2
 		[ -n "$wps_configured" ] && wps_state=1
@@ -298,7 +297,7 @@ hostapd_set_bss_options() {
 		[ "$ext_registrar" -gt 0 -a -n "$network_bridge" ] && append bss_conf "upnp_iface=$network_bridge" "$N"

 		append bss_conf "eap_server=1" "$N"
-		append bss_conf "ap_pin=$wps_pin" "$N"
+		[ -n "$wps_pin" ] && append bss_conf "ap_pin=$wps_pin" "$N"
 		append bss_conf "wps_state=$wps_state" "$N"
 		append bss_conf "ap_setup_locked=0" "$N"
 		append bss_conf "device_type=$wps_device_type" "$N"
@@ -310,7 +309,7 @@ hostapd_set_bss_options() {

 	append bss_conf "ssid=$ssid" "$N"
 	[ -n "$network_bridge" ] && append bss_conf "bridge=$network_bridge" "$N"
-	[ -n "$iapp_interface" ] &&  {
+	[ -n "$iapp_interface" ] && {
 		iapp_interface="$(uci_get_state network "$iapp_interface" ifname "$iapp_interface")"
 		[ -n "$iapp_interface" ] && append bss_conf "iapp_interface=$iapp_interface" "$N"
 	}
@@ -390,7 +389,7 @@ hostapd_set_log_options() {
 	set_default log_iapp   1
 	set_default log_mlme   1

-	local log_mask=$((       \
+	local log_mask=$(( \
 		($log_80211  << 0) | \
 		($log_8021x  << 1) | \
 		($log_radius << 2) | \
@@ -417,7 +416,7 @@ _wpa_supplicant_common() {

 wpa_supplicant_teardown_interface() {
 	_wpa_supplicant_common "$1"
-	rm -rf "$_rpath" "$_config"
+	rm -rf "$_rpath/$1" "$_config"
 }

 wpa_supplicant_prepare_interface() {

--- a/package/network/services/hostapd/patches/001-fix_pmksa_cache.patch
+++ b/package/network/services/hostapd/patches/001-fix_pmksa_cache.patch
+From 9c829900bb01d6fb22e78ba78195c78de39f64b9 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Sat, 04 Oct 2014 19:11:00 +0000
+Subject: Fix authenticator OKC fetch from PMKSA cache to avoid infinite loop
+
+If the first entry in the PMKSA cache did not match the station's MAC
+address, an infinite loop could be reached in pmksa_cache_get_okc() when
+trying to find a PMKSA cache entry for opportunistic key caching cases.
+This would only happen if OKC is enabled (okc=1 included in the
+configuration file).
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+--- a/src/ap/pmksa_cache_auth.c
+++ b/src/ap/pmksa_cache_auth.c
+@@ -394,15 +394,13 @@ struct rsn_pmksa_cache_entry * pmksa_cac
+ 	struct rsn_pmksa_cache_entry *entry;
+ 	u8 new_pmkid[PMKID_LEN];
+ 
+-	entry = pmksa->pmksa;
+-	while (entry) {
+	for (entry = pmksa->pmksa; entry; entry = entry->next) {
+ 		if (os_memcmp(entry->spa, spa, ETH_ALEN) != 0)
+ 			continue;
+ 		rsn_pmkid(entry->pmk, entry->pmk_len, aa, spa, new_pmkid,
+ 			  wpa_key_mgmt_sha256(entry->akmp));
+ 		if (os_memcmp(new_pmkid, pmkid, PMKID_LEN) == 0)
+ 			return entry;
+-		entry = entry->next;
+ 	}
+ 	return NULL;
+ }
--- a/package/network/services/hostapd/patches/002-Add-os_exec-helper-to-run-external-programs.patch
+++ b/package/network/services/hostapd/patches/002-Add-os_exec-helper-to-run-external-programs.patch
+From 89de07a9442072f88d49869d8ecd8d42bae050a0 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@qca.qualcomm.com>
+Date: Mon, 6 Oct 2014 16:27:44 +0300
+Subject: [PATCH 1/3] Add os_exec() helper to run external programs
+
+Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
+---
+ src/utils/os.h       |  9 +++++++++
+ src/utils/os_unix.c  | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++
+ src/utils/os_win32.c |  6 ++++++
+ 3 files changed, 70 insertions(+)
+
+--- a/src/utils/os.h
+++ b/src/utils/os.h
+@@ -584,6 +584,15 @@ static inline void os_remove_in_array(vo
+  */
+ size_t os_strlcpy(char *dest, const char *src, size_t siz);
+ 
+/**
+ * os_exec - Execute an external program
+ * @program: Path to the program
+ * @arg: Command line argument string
+ * @wait_completion: Whether to wait until the program execution completes
+ * Returns: 0 on success, -1 on error
+ */
+int os_exec(const char *program, const char *arg, int wait_completion);
+
+ 
+ #ifdef OS_REJECT_C_LIB_FUNCTIONS
+ #define malloc OS_DO_NOT_USE_malloc
+--- a/src/utils/os_unix.c
+++ b/src/utils/os_unix.c
+@@ -9,6 +9,7 @@
+ #include "includes.h"
+ 
+ #include <time.h>
+#include <sys/wait.h>
+ 
+ #ifdef ANDROID
+ #include <sys/capability.h>
+@@ -540,3 +541,57 @@ char * os_strdup(const char *s)
+ }
+ 
+ #endif /* WPA_TRACE */
+
+
+int os_exec(const char *program, const char *arg, int wait_completion)
+{
+	pid_t pid;
+	int pid_status;
+
+	pid = fork();
+	if (pid < 0) {
+		perror("fork");
+		return -1;
+	}
+
+	if (pid == 0) {
+		/* run the external command in the child process */
+		const int MAX_ARG = 30;
+		char *_program, *_arg, *pos;
+		char *argv[MAX_ARG + 1];
+		int i;
+
+		_program = os_strdup(program);
+		_arg = os_strdup(arg);
+
+		argv[0] = _program;
+
+		i = 1;
+		pos = _arg;
+		while (i < MAX_ARG && pos && *pos) {
+			while (*pos == ' ')
+				pos++;
+			if (*pos == '\0')
+				break;
+			argv[i++] = pos;
+			pos = os_strchr(pos, ' ');
+			if (pos)
+				*pos++ = '\0';
+		}
+		argv[i] = NULL;
+
+		execv(program, argv);
+		perror("execv");
+		os_free(_program);
+		os_free(_arg);
+		exit(0);
+		return -1;
+	}
+
+	if (wait_completion) {
+		/* wait for the child process to complete in the parent */
+		waitpid(pid, &pid_status, 0);
+	}
+
+	return 0;
+}
+--- a/src/utils/os_win32.c
+++ b/src/utils/os_win32.c
+@@ -244,3 +244,9 @@ size_t os_strlcpy(char *dest, const char
+ 
+ 	return s - src - 1;
+ }
+
+
+int os_exec(const char *program, const char *arg, int wait_completion)
+{
+	return -1;
+}
No results found