uspot: allow adding IPs to the walled-garden

Fixes: WIFI-12032
Signed-off-by: John Crispin <john@phrozen.org>

feeds/ucentral/spotfilter/src/interface.c

@@ -7,6 +7,7 @@
 #include <sys/ioctl.h>
 #include <netinet/ether.h>
 #include <net/if.h>
+#include <arpa/inet.h>
 
 #include <libubox/avl-cmp.h>
 
@@ -14,6 +15,18 @@
 
 AVL_TREE(interfaces, avl_strcmp, false, NULL);
 
+enum {
+	WL_ATTR_CLASS,
+	WL_ATTR_HOSTS,
+	WL_ATTR_ADDRS,
+	__WL_ATTR_MAX
+};
+static const struct blobmsg_policy wl_policy[__WL_ATTR_MAX] = {
+	[WL_ATTR_CLASS] = { "class", BLOBMSG_TYPE_INT32 },
+	[WL_ATTR_HOSTS] = { "hosts", BLOBMSG_TYPE_ARRAY },
+	[WL_ATTR_ADDRS] = { "address", BLOBMSG_TYPE_ARRAY },
+};
+
 void interface_free(struct interface *iface)
 {
 	struct client *cl, *tmp;
@@ -169,22 +182,16 @@ invalid:
 static bool
 __interface_check_whitelist(struct blob_attr *attr)
 {
-	enum {
-		WL_ATTR_CLASS,
-		WL_ATTR_HOSTS,
-		__WL_ATTR_MAX
-	};
-	static const struct blobmsg_policy policy[__WL_ATTR_MAX] = {
-		[WL_ATTR_CLASS] = { "class", BLOBMSG_TYPE_INT32 },
-		[WL_ATTR_HOSTS] = { "hosts", BLOBMSG_TYPE_ARRAY },
-	};
 	struct blob_attr *tb[__WL_ATTR_MAX];
 
-	blobmsg_parse(policy, __WL_ATTR_MAX, tb, blobmsg_data(attr), blobmsg_len(attr));
+	blobmsg_parse(wl_policy, __WL_ATTR_MAX, tb, blobmsg_data(attr), blobmsg_len(attr));
 
-	if (!tb[WL_ATTR_CLASS] || !tb[WL_ATTR_HOSTS])
+	if (!tb[WL_ATTR_CLASS])
 		return false;
 
+	if (!tb[WL_ATTR_HOSTS])
+		return true;
+
 	return blobmsg_check_array(tb[WL_ATTR_HOSTS], BLOBMSG_TYPE_STRING) >= 0;
 }
 
@@ -205,6 +212,50 @@ interface_check_whitelist(struct blob_attr *attr)
 	return true;
 }
 
+static void
+interface_whitelist_set(struct interface *iface, bool add)
+{
+	struct blob_attr *tb[__WL_ATTR_MAX];
+	struct blob_attr *attr, *cur;
+	unsigned int class = 0;
+	int rem, rem2;
+
+	if (!iface->whitelist)
+		return;
+
+	blobmsg_for_each_attr(attr, iface->whitelist, rem) {
+		blobmsg_parse(wl_policy, __WL_ATTR_MAX, tb, blobmsg_data(attr), blobmsg_len(attr));
+
+		if (!tb[WL_ATTR_ADDRS])
+			continue;
+
+		if (add) {
+			if (!tb[WL_ATTR_CLASS])
+				continue;
+
+			class = blobmsg_get_u32(tb[WL_ATTR_CLASS]);
+			if (class >= SPOTFILTER_NUM_CLASS)
+				continue;
+		}
+
+		blobmsg_for_each_attr(cur, tb[WL_ATTR_ADDRS], rem2) {
+			const char *addrstr = blobmsg_get_string(cur);
+			bool ipv6 = strchr(addrstr, ':');
+			union {
+				struct in_addr in;
+				struct in6_addr in6;
+			} addr = {};
+			uint8_t val = class;
+
+			if (inet_pton(ipv6 ? AF_INET6 : AF_INET, addrstr, &addr) != 1)
+				continue;
+
+			spotfilter_bpf_set_whitelist(iface, &addr, ipv6, add ? &val : NULL);
+		}
+	}
+}
+
+
 static void
 interface_set_config(struct interface *iface, bool iface_init)
 {
@@ -237,6 +288,8 @@ interface_set_config(struct interface *iface, bool iface_init)
 	blobmsg_parse(policy, __CONFIG_ATTR_MAX, tb,
 		      blobmsg_data(iface->config), blobmsg_len(iface->config));
 
+	interface_whitelist_set(iface, false);
+
 	if ((cur = tb[CONFIG_ATTR_DEFAULT_CLASS]) != NULL &&
 	    blobmsg_get_u32(cur) < SPOTFILTER_NUM_CLASS)
 		iface->default_class = blobmsg_get_u32(cur);
@@ -298,6 +351,8 @@ interface_set_config(struct interface *iface, bool iface_init)
 		memset(&iface->cdata[i], 0, sizeof(iface->cdata[i]));
 		spotfilter_bpf_update_class(iface, i);
 	}
+
+	interface_whitelist_set(iface, true);
 }
 
 void interface_check_devices(void)

feeds/ucentral/ucentral-schema/Makefile

@@ -4,10 +4,10 @@ PKG_NAME:=ucentral-schema
 PKG_RELEASE:=1
 
 PKG_SOURCE_URL=https://github.com/Telecominfraproject/wlan-ucentral-schema.git
-PKG_MIRROR_HASH:=bdb662ee4a4e6ac3bb00c14c9ebcc9a7ab9e7153a8ff3dad8f44edd6f1806f86
+PKG_MIRROR_HASH:=75b74836c8b3897996d9dde6b84c3e95392f24358bec279455477ca4614bbb7b
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_DATE:=2022-05-29
-PKG_SOURCE_VERSION:=bb84cc80cc4d63fe3f1e8669086544ea8fb98b37
+PKG_SOURCE_VERSION:=f2dd1c63ca8792ebecd370115be58378cd66b551
 
 PKG_MAINTAINER:=John Crispin <john@phrozen.org>
 PKG_LICENSE:=BSD-3-Clause