From 0825cb93c558493c1579e62acd96e77fd6347a4e Mon Sep 17 00:00:00 2001 From: John Crispin Date: Thu, 24 Jun 2021 08:34:23 +0200 Subject: [PATCH] ucentral: development update * update netifd * update dynamic vlan * improve maverick * update schema * fix ath11k STA mode Signed-off-by: John Crispin --- .../0037-netifd-update-to-latest-HEAD.patch | 8 +- .../0039-hostapd-upsate-to-latest-HEAD.patch | 5 +- feeds/tip/maverick/files/etc/init.d/maverick | 1 + feeds/ucentral/dynamic-vlan/Makefile | 2 +- feeds/ucentral/ucentral-schema/Makefile | 2 +- .../files/etc/ucentral/examples/big.json | 48 +++- .../ucentral/examples/crypto-enterprise.json | 207 ++++++++++++++++++ .../etc/ucentral/examples/crypto-psk.json | 141 ++++++++++++ feeds/wifi-ax/hostapd/Makefile | 3 +- .../wifi-ax/hostapd/src/wpa_supplicant/ubus.c | 4 + ...x-add-the-Qualcomm-AX-target-support.patch | 15 -- 11 files changed, 410 insertions(+), 26 deletions(-) create mode 100644 feeds/ucentral/ucentral-schema/files/etc/ucentral/examples/crypto-enterprise.json create mode 100644 feeds/ucentral/ucentral-schema/files/etc/ucentral/examples/crypto-psk.json diff --git a/backports/0037-netifd-update-to-latest-HEAD.patch b/backports/0037-netifd-update-to-latest-HEAD.patch index fbd3eee83..4848db8c4 100644 --- a/backports/0037-netifd-update-to-latest-HEAD.patch +++ b/backports/0037-netifd-update-to-latest-HEAD.patch @@ -1,7 +1,7 @@ -From b51a2eaf8cc8c6dd268d24dad207854bc7f8e435 Mon Sep 17 00:00:00 2001 +From 5105966a941c5bfcffee7c9c142557024391b077 Mon Sep 17 00:00:00 2001 From: John Crispin Date: Thu, 27 May 2021 13:24:47 +0200 -Subject: [PATCH 01/31] netifd: update to latest HEAD +Subject: [PATCH 01/37] netifd: update to latest HEAD Signed-off-by: John Crispin --- @@ -14,7 +14,7 @@ Signed-off-by: John Crispin create mode 100644 package/network/config/netifd/patches/002-fix-dhcp-issue.patch diff --git a/package/network/config/netifd/Makefile b/package/network/config/netifd/Makefile -index 7061456b08..cce2529ac8 100644 +index 7061456b08..75ecff7793 100644 --- a/package/network/config/netifd/Makefile +++ b/package/network/config/netifd/Makefile @@ -5,9 +5,9 @@ PKG_RELEASE:=1 @@ -25,7 +25,7 @@ index 7061456b08..cce2529ac8 100644 -PKG_SOURCE_VERSION:=c00c8335d6188daa326ecfe5a62da15a9b9987e1 -PKG_MIRROR_HASH:=c740e51e0cec13eec336ba1c7a643db3b64a9a2235f8c1b73a566cb89e841190 +PKG_SOURCE_DATE:=2021-05-26 -+PKG_SOURCE_VERSION:=f037b082923abc2dad0d14c8401ebe0afd816b5c ++PKG_SOURCE_VERSION:=4e92ea74273f7d569f2be67066f9ebd33cf2ecad +PKG_MIRROR_HASH:= PKG_MAINTAINER:=Felix Fietkau diff --git a/backports/0039-hostapd-upsate-to-latest-HEAD.patch b/backports/0039-hostapd-upsate-to-latest-HEAD.patch index 8ca2ddf47..11f1d0ace 100644 --- a/backports/0039-hostapd-upsate-to-latest-HEAD.patch +++ b/backports/0039-hostapd-upsate-to-latest-HEAD.patch @@ -1,7 +1,7 @@ -From 770af9a64d6b759ef1a96b089877bfbb7b410f4c Mon Sep 17 00:00:00 2001 +From 0c477e5d60ab6c19df882f010a58d911d77ae657 Mon Sep 17 00:00:00 2001 From: John Crispin Date: Thu, 27 May 2021 13:25:19 +0200 -Subject: [PATCH 03/31] hostapd: upsate to latest HEAD +Subject: [PATCH 01/34] hostapd: upsate to latest HEAD Signed-off-by: John Crispin --- @@ -4973,4 +4973,3 @@ index e16017394f..acdac74360 100644 { -- 2.25.1 - diff --git a/feeds/tip/maverick/files/etc/init.d/maverick b/feeds/tip/maverick/files/etc/init.d/maverick index 18fa6fbe2..74bd525f5 100755 --- a/feeds/tip/maverick/files/etc/init.d/maverick +++ b/feeds/tip/maverick/files/etc/init.d/maverick @@ -6,6 +6,7 @@ USE_PROCD=1 PROG=/usr/sbin/maverick start_service() { + [ -f /etc/ucentral/ucentral.active ] && return 0 procd_open_instance procd_set_param command "$PROG" procd_close_instance diff --git a/feeds/ucentral/dynamic-vlan/Makefile b/feeds/ucentral/dynamic-vlan/Makefile index c34773529..ec6f1634c 100644 --- a/feeds/ucentral/dynamic-vlan/Makefile +++ b/feeds/ucentral/dynamic-vlan/Makefile @@ -6,7 +6,7 @@ PKG_RELEASE:=1 PKG_SOURCE_URL=https://github.com/blogic/dynamic-vlan.git PKG_SOURCE_PROTO:=git PKG_SOURCE_DATE:=2021-06-04 -PKG_SOURCE_VERSION:=87dbb04fd0c44ac3d6bc851610ba37eebbb7a3c3 +PKG_SOURCE_VERSION:=55d78d3e7215b601084980d922349bcfdcf9cf20 PKG_MAINTAINER:=John Crispin PKG_LICENSE:=BSD-3-Clause diff --git a/feeds/ucentral/ucentral-schema/Makefile b/feeds/ucentral/ucentral-schema/Makefile index 03cc045d6..93af2bdb1 100644 --- a/feeds/ucentral/ucentral-schema/Makefile +++ b/feeds/ucentral/ucentral-schema/Makefile @@ -6,7 +6,7 @@ PKG_RELEASE:=1 PKG_SOURCE_URL=https://github.com/blogic/ucentral-schema.git PKG_SOURCE_PROTO:=git PKG_SOURCE_DATE:=2021-02-15 -PKG_SOURCE_VERSION:=a0fa46cbeae4847aeeea32c4829c9f95d6b6ad74 +PKG_SOURCE_VERSION:=d40781dbab7a1574d03061e2cae5ba92cdba1c55 PKG_MAINTAINER:=John Crispin PKG_LICENSE:=BSD-3-Clause diff --git a/feeds/ucentral/ucentral-schema/files/etc/ucentral/examples/big.json b/feeds/ucentral/ucentral-schema/files/etc/ucentral/examples/big.json index a4bb663f1..34ce03b68 100644 --- a/feeds/ucentral/ucentral-schema/files/etc/ucentral/examples/big.json +++ b/feeds/ucentral/ucentral-schema/files/etc/ucentral/examples/big.json @@ -89,7 +89,7 @@ }, "ssids": [ { - "name": "uCentral.200", + "name": "uCentral.100", "wifi-bands": [ "2G" ], @@ -152,6 +152,52 @@ } } ] + }, + { + "name": "LAN100", + "role": "downstream", + "services": [ "http", "lldp", "ssh" ], + "ethernet": [ + { + "select-ports": [ + "LAN*" + ] + } + ], + "vlan": { + "id": 100 + }, + "ipv4": { + "addressing": "static", + "subnet": "192.168.12.1/24", + "dhcp": { + "lease-first": 10, + "lease-count": 100, + "lease-time": "6h" + } + }, + "ssids": [ + { + "name": "uCentral-NAT100", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "psk2", + "key": "OpenWifi", + "ieee80211w": "optional" + }, + "roaming": { + "message-exchange": "ds", + "generate-psk": true + }, + "rate-limit": { + "ingress-rate": 10, + "egress-rate": 10 + } + } + ] } ], "services": { diff --git a/feeds/ucentral/ucentral-schema/files/etc/ucentral/examples/crypto-enterprise.json b/feeds/ucentral/ucentral-schema/files/etc/ucentral/examples/crypto-enterprise.json new file mode 100644 index 000000000..2f9570f57 --- /dev/null +++ b/feeds/ucentral/ucentral-schema/files/etc/ucentral/examples/crypto-enterprise.json @@ -0,0 +1,207 @@ +{ + "uuid": 2, + "radios": [ + { + "band": "2G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80, + "channel": 32 + } + ], + + "interfaces": [ + { + "name": "WAN", + "role": "upstream", + "services": [ "lldp" ], + "ethernet": [ + { + "select-ports": [ + "WAN*" + ] + } + ], + "ipv4": { + "addressing": "dynamic" + }, + "ssids": [ + { + "name": "OpenWifi-wpa", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "wpa", + "ieee80211w": "optional" + }, + "certificates": { + "ca-certificate": "/etc/ucentral/cas.pem", + "certificate": "/etc/ucentral/cert.pem", + "private-key": "/etc/ucentral/key.pem" + }, + "radius": { + "local": { + "server-identity": "uCentral-EAP", + "users": [ + { + "user-name": "john", + "password": "aaaaaaaa" + } + ] + } + } + }, + { + "name": "OpenWifi-wpa2", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "wpa2", + "ieee80211w": "optional" + }, + "certificates": { + "ca-certificate": "/etc/ucentral/cas.pem", + "certificate": "/etc/ucentral/cert.pem", + "private-key": "/etc/ucentral/key.pem" + }, + "radius": { + "local": { + "server-identity": "uCentral-EAP", + "users": [ + { + "user-name": "john", + "password": "aaaaaaaa" + } + ] + } + } + }, + { + "name": "OpenWifi-wpa-mixed", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "wpa-mixed", + "ieee80211w": "optional" + }, + "certificates": { + "ca-certificate": "/etc/ucentral/cas.pem", + "certificate": "/etc/ucentral/cert.pem", + "private-key": "/etc/ucentral/key.pem" + }, + "radius": { + "local": { + "server-identity": "uCentral-EAP", + "users": [ + { + "user-name": "john", + "password": "aaaaaaaa" + } + ] + } + } + }, + { + "name": "OpenWifi-wpa3", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "wpa3", + "ieee80211w": "optional" + }, + "certificates": { + "ca-certificate": "/etc/ucentral/cas.pem", + "certificate": "/etc/ucentral/cert.pem", + "private-key": "/etc/ucentral/key.pem" + }, + "radius": { + "local": { + "server-identity": "uCentral-EAP", + "users": [ + { + "user-name": "john", + "password": "aaaaaaaa" + } + ] + } + } + }, + { + "name": "OpenWifi", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "wpa3-mixed", + "ieee80211w": "optional" + }, + "certificates": { + "ca-certificate": "/etc/ucentral/cas.pem", + "certificate": "/etc/ucentral/cert.pem", + "private-key": "/etc/ucentral/key.pem" + }, + "radius": { + "local": { + "server-identity": "uCentral-EAP", + "users": [ + { + "user-name": "john", + "password": "aaaaaaaa" + } + ] + } + } + } + + ] + }, + { + "name": "LAN", + "role": "downstream", + "services": [ "ssh", "lldp" ], + "ethernet": [ + { + "select-ports": [ + "LAN*" + ] + } + ], + "ipv4": { + "addressing": "static", + "subnet": "192.168.1.1/24", + "dhcp": { + "lease-first": 10, + "lease-count": 100, + "lease-time": "6h" + } + } + } + ], + "metrics": { + "statistics": { + "interval": 120, + "types": [ "ssids", "lldp", "clients" ] + }, + "health": { + "interval": 120 + } + }, + "services": { + "lldp": { + "describe": "uCentral", + "location": "universe" + }, + "ssh": { + "port": 22 + } + } +} diff --git a/feeds/ucentral/ucentral-schema/files/etc/ucentral/examples/crypto-psk.json b/feeds/ucentral/ucentral-schema/files/etc/ucentral/examples/crypto-psk.json new file mode 100644 index 000000000..7d89ee214 --- /dev/null +++ b/feeds/ucentral/ucentral-schema/files/etc/ucentral/examples/crypto-psk.json @@ -0,0 +1,141 @@ +{ + "uuid": 2, + "radios": [ + { + "band": "2G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80, + "channel": 32 + } + ], + + "interfaces": [ + { + "name": "WAN", + "role": "upstream", + "services": [ "lldp" ], + "ethernet": [ + { + "select-ports": [ + "WAN*" + ] + } + ], + "ipv4": { + "addressing": "dynamic" + }, + "ssids": [ + { + "name": "OpenWifi-none", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "none" + } + }, + { + "name": "OpenWifi-psk", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "psk", + "key": "OpenWifi", + "ieee80211w": "optional" + } + }, + { + "name": "OpenWifi-psk2", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "psk2", + "key": "OpenWifi", + "ieee80211w": "optional" + } + }, + { + "name": "OpenWifi-psk-mixed", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "psk-mixed", + "key": "OpenWifi", + "ieee80211w": "optional" + } + }, + { + "name": "OpenWifi-sae", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "sae", + "key": "OpenWifi", + "ieee80211w": "optional" + } + }, + { + "name": "OpenWifi-sae-mixed", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "sae-mixed", + "key": "OpenWifi", + "ieee80211w": "optional" + } + } + ] + }, + { + "name": "LAN", + "role": "downstream", + "services": [ "ssh", "lldp" ], + "ethernet": [ + { + "select-ports": [ + "LAN*" + ] + } + ], + "ipv4": { + "addressing": "static", + "subnet": "192.168.1.1/24", + "dhcp": { + "lease-first": 10, + "lease-count": 100, + "lease-time": "6h" + } + } + } + ], + "metrics": { + "statistics": { + "interval": 120, + "types": [ "ssids", "lldp", "clients" ] + }, + "health": { + "interval": 120 + } + }, + "services": { + "lldp": { + "describe": "uCentral", + "location": "universe" + }, + "ssh": { + "port": 22 + } + } +} diff --git a/feeds/wifi-ax/hostapd/Makefile b/feeds/wifi-ax/hostapd/Makefile index d36c149c9..1eee6925b 100644 --- a/feeds/wifi-ax/hostapd/Makefile +++ b/feeds/wifi-ax/hostapd/Makefile @@ -111,9 +111,10 @@ ifeq ($(LOCAL_VARIANT),full) endif ifneq ($(LOCAL_TYPE),hostapd) + DRIVER_MAKEOPTS += CONFIG_HS20=y CONFIG_INTERWORKING=y ifeq ($(LOCAL_VARIANT),mesh) ifeq ($(SSL_VARIANT),openssl) - DRIVER_MAKEOPTS += CONFIG_TLS=openssl CONFIG_AP=y CONFIG_SAE=y CONFIG_MESH=y + DRIVER_MAKEOPTS += CONFIG_TLS=openssl CONFIG_SAE=y CONFIG_OWE=y CONFIG_SUITEB192=y CONFIG_AP=y CONFIG_MESH=y TARGET_LDFLAGS += -lcrypto -lssl endif ifeq ($(SSL_VARIANT),wolfssl) diff --git a/feeds/wifi-ax/hostapd/src/wpa_supplicant/ubus.c b/feeds/wifi-ax/hostapd/src/wpa_supplicant/ubus.c index 4bb92a7b6..16a68c507 100644 --- a/feeds/wifi-ax/hostapd/src/wpa_supplicant/ubus.c +++ b/feeds/wifi-ax/hostapd/src/wpa_supplicant/ubus.c @@ -264,6 +264,10 @@ wpas_config_add(struct ubus_context *ctx, struct ubus_object *obj, if (!wpa_supplicant_add_iface(global, iface, NULL)) return UBUS_STATUS_INVALID_ARGUMENT; + blob_buf_init(&b, 0); + blobmsg_add_u32(&b, "pid", getpid()); + ubus_send_reply(ctx, req, b.head); + return UBUS_STATUS_OK; } diff --git a/patches/0017-ipq807x-add-the-Qualcomm-AX-target-support.patch b/patches/0017-ipq807x-add-the-Qualcomm-AX-target-support.patch index 7466e7890..1bf1ab111 100644 --- a/patches/0017-ipq807x-add-the-Qualcomm-AX-target-support.patch +++ b/patches/0017-ipq807x-add-the-Qualcomm-AX-target-support.patch @@ -186,21 +186,6 @@ index 0000000000..6c429f1852 +config_foreach ubootenv_add_app_config ubootenv + +exit 0 -diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh -index 399352aa89..03f073d223 100644 ---- a/package/network/services/hostapd/files/hostapd.sh -+++ b/package/network/services/hostapd/files/hostapd.sh -@@ -364,8 +364,8 @@ hostapd_set_vlan_file() { - local ifname="$1" - local vlan="$2" - json_get_vars name vid -- echo "${vid} ${ifname}-${name}" >> /var/run/hostapd-${ifname}.vlan -- wireless_add_vlan "${vlan}" "${ifname}-${name}" -+ echo "${vid} ${ifname}.${name}" >> /var/run/hostapd-${ifname}.vlan -+ wireless_add_vlan "${vlan}" "${ifname}.${name}" - } - - hostapd_set_vlan() { diff --git a/target/linux/ipq40xx/base-files/etc/hotplug.d/firmware/11-ath10k-caldata b/target/linux/ipq40xx/base-files/etc/hotplug.d/firmware/11-ath10k-caldata index c4d9dd78e3..6670d310db 100644 --- a/target/linux/ipq40xx/base-files/etc/hotplug.d/firmware/11-ath10k-caldata