From 5c72b5097594bf56e155f3d1ea136912dfba2353 Mon Sep 17 00:00:00 2001 From: John Crispin Date: Tue, 18 May 2021 10:49:53 +0200 Subject: [PATCH] ucentral: development update * yet another huge data model 2 update Signed-off-by: John Crispin --- .github/workflows/build-dev.yml | 4 +- .../{wired-802.1x => ieee8021x}/Makefile | 14 +- .../ieee8021x/files/etc/config/ieee8021x | 6 + .../ieee8021x/files/etc/init.d/ieee8021x | 24 + .../files/etc/ucentral/big.json | 189 +++++++ .../files/etc/ucentral/default.json | 88 ++++ .../files/etc/ucentral/gre.json | 89 ++++ .../files/etc/ucentral/ieee8021x.json | 44 ++ .../files/etc/ucentral/metrics.json | 3 + .../files/etc/ucentral/multi-psk.json | 95 ++++ .../files/etc/ucentral/wds-ap.yml | 88 ++++ .../files/etc/ucentral/wds-repeater.yml | 88 ++++ feeds/ucentral/ucentral-event/Makefile | 5 +- feeds/ucentral/ucentral-event/files/event | 24 +- .../ucentral-event/files/ucentral-event | 2 +- feeds/ucentral/ucentral-schema/Makefile | 2 +- .../wired-802.1x/files/etc/config/wired1x | 3 - .../files/etc/init.d/wired-802.1x | 17 - patches/0019-lldp-add-TIP-tweaks.patch | 29 +- ...netifd-libubox-update-to-latest-HEAD.patch | 476 ++++++++++++++++++ profiles/ucentral-ap.yml | 2 +- profiles/ucentral-switch.yml | 2 +- 22 files changed, 1252 insertions(+), 42 deletions(-) rename feeds/ucentral/{wired-802.1x => ieee8021x}/Makefile (55%) create mode 100644 feeds/ucentral/ieee8021x/files/etc/config/ieee8021x create mode 100755 feeds/ucentral/ieee8021x/files/etc/init.d/ieee8021x create mode 100644 feeds/ucentral/ucentral-defaults/files/etc/ucentral/big.json create mode 100644 feeds/ucentral/ucentral-defaults/files/etc/ucentral/default.json create mode 100644 feeds/ucentral/ucentral-defaults/files/etc/ucentral/gre.json create mode 100644 feeds/ucentral/ucentral-defaults/files/etc/ucentral/ieee8021x.json create mode 100644 feeds/ucentral/ucentral-defaults/files/etc/ucentral/multi-psk.json create mode 100644 feeds/ucentral/ucentral-defaults/files/etc/ucentral/wds-ap.yml create mode 100644 feeds/ucentral/ucentral-defaults/files/etc/ucentral/wds-repeater.yml delete mode 100644 feeds/ucentral/wired-802.1x/files/etc/config/wired1x delete mode 100755 feeds/ucentral/wired-802.1x/files/etc/init.d/wired-802.1x create mode 100644 patches/0024-netifd-libubox-update-to-latest-HEAD.patch diff --git a/.github/workflows/build-dev.yml b/.github/workflows/build-dev.yml index b969fbbc4..cc12480c5 100644 --- a/.github/workflows/build-dev.yml +++ b/.github/workflows/build-dev.yml @@ -10,7 +10,7 @@ jobs: strategy: fail-fast: false matrix: - target: ['cig_wf188', 'cig_wf194c', 'cig_wf160d', 'edgecore_eap101', 'edgecore_eap102', 'edgecore_ecs4100-12ph', 'edgecore_ecw5211', 'linksys_e8450-ubi', 'linksys_ea8300', 'tplink_cpe210_v3', 'tplink_cpe510_v3', 'tplink_eap225_outdoor_v1', 'tplink_ex227', 'tplink_ex447', 'zyxel_gs1900-10hp'] + target: ['cig_wf188', 'cig_wf194c', 'cig_wf160d', 'edgecore_eap101', 'edgecore_eap102', 'edgecore_ecs4100-12ph', 'edgecore_ecw5211', 'linksys_e8450-ubi', 'linksys_ea8300', 'tplink_cpe210_v3', 'tplink_cpe510_v3', 'tplink_eap225_outdoor_v1', 'tplink_ex227', 'tplink_ex447' ] steps: - uses: actions/checkout@v2 @@ -38,6 +38,6 @@ jobs: curl -u $GH_BUILD_USERNAME:$GH_BUILD_PASSWORD -T "$TAR_NAME" "https://tip.jfrog.io/artifactory/tip-wlan-ap-firmware/uCentral/$LOWERCASE_TARGET/"$TAR_NAME"" IMG_NAME="$(date +%Y%m%d)-$LOWERCASE_TARGET-$BRANCH-$HASH-upgrade.bin"; TIP_VERSION="$(grep DISTRIB_TIP= openwrt/tmp/openwrt_release | cut -d\' -f2)" - echo -e "{\n\t\"image\":\""${IMG_NAME}"\",\n\t\"revision\": \""${TIP_VERSION}"\",\n\t\"timestamp\":\""$(date +%s)"\",\n\n\t\"compatible\": \""${LOWERCASE_TARGET}"\"\n}" > latest-upgrade.json + echo -e "{\n\t\"image\":\""${IMG_NAME}"\",\n\t\"revision\": \""${TIP_VERSION}"\",\n\t\"timestamp\":\""$(date +%s)"\",\n\t\"compatible\": \""${LOWERCASE_TARGET}"\"\n}" > latest-upgrade.json [ -f openwrt/tmp/image-file ] && curl -u $GH_BUILD_USERNAME:$GH_BUILD_PASSWORD -T "openwrt/$(cat openwrt/tmp/image-file)" "https://tip.jfrog.io/artifactory/tip-wlan-ap-firmware/uCentral/$LOWERCASE_TARGET/"$IMG_NAME"" [ -f openwrt/tmp/image-file ] && curl -u $GH_BUILD_USERNAME:$GH_BUILD_PASSWORD -T "latest-upgrade.json" "https://tip.jfrog.io/artifactory/tip-wlan-ap-firmware/uCentral/$LOWERCASE_TARGET/latest-upgrade.json" diff --git a/feeds/ucentral/wired-802.1x/Makefile b/feeds/ucentral/ieee8021x/Makefile similarity index 55% rename from feeds/ucentral/wired-802.1x/Makefile rename to feeds/ucentral/ieee8021x/Makefile index 35dbc0d88..80c1f6504 100644 --- a/feeds/ucentral/wired-802.1x/Makefile +++ b/feeds/ucentral/ieee8021x/Makefile @@ -1,30 +1,30 @@ include $(TOPDIR)/rules.mk -PKG_NAME:=wired-802.1x +PKG_NAME:=ieee8021x PKG_RELEASE:=1 PKG_LICENSE:=GPL-2.0 PKG_MAINTAINER:=John Crispin -PKG_SOURCE_URL=https://github.com/blogic/wired-802.1x.git +PKG_SOURCE_URL=https://github.com/blogic/ieee8021x.git PKG_SOURCE_PROTO:=git PKG_SOURCE_DATE:=2021-04-12 -PKG_SOURCE_VERSION:=2f394a8416d8bed2298efe9737b86bcebe69744f +PKG_SOURCE_VERSION:=53caaa84e483cfe0fb63c024347ce71df0c707a4 include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/cmake.mk -define Package/wired-802.1x +define Package/ieee8021x SECTION:=net CATEGORY:=Network TITLE:=Wired 802.1x DEPENDS:=+libubox +libubus +libuci endef -define Package/wired-802.1x/install +define Package/ieee8021x/install $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/wired-802.1x $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/ieee8021x $(1)/usr/sbin/ $(CP) ./files/* $(1) endef -$(eval $(call BuildPackage,wired-802.1x)) +$(eval $(call BuildPackage,ieee8021x)) diff --git a/feeds/ucentral/ieee8021x/files/etc/config/ieee8021x b/feeds/ucentral/ieee8021x/files/etc/config/ieee8021x new file mode 100644 index 000000000..73d2213cd --- /dev/null +++ b/feeds/ucentral/ieee8021x/files/etc/config/ieee8021x @@ -0,0 +1,6 @@ +#config network +# option network 'lan' +# list ports 'lan1' +# list ports 'lan2' +# list ports 'lan3' +# list ports 'lan4' diff --git a/feeds/ucentral/ieee8021x/files/etc/init.d/ieee8021x b/feeds/ucentral/ieee8021x/files/etc/init.d/ieee8021x new file mode 100755 index 000000000..684792495 --- /dev/null +++ b/feeds/ucentral/ieee8021x/files/etc/init.d/ieee8021x @@ -0,0 +1,24 @@ +#!/bin/sh /etc/rc.common + +START=80 +USE_PROCD=1 +PROG=/usr/sbin/ieee8021x + +reload_service() { + restart +} + +service_triggers() { + procd_add_reload_trigger ieee8021x +} + +start_service() { + procd_open_instance + procd_set_param command "$PROG" + procd_set_param respawn + procd_close_instance + + # add a dummy user DB until we have EAP-TLS support + echo "\"bob\" MD5 \"hello\"" > /tmp/run/hostapd-ieee8021x.eap_user + echo "\"bob\" MD5 \"hello\" [2]" >> /tmp/run/hostapd-ieee8021x.eap_user +} diff --git a/feeds/ucentral/ucentral-defaults/files/etc/ucentral/big.json b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/big.json new file mode 100644 index 000000000..84f210e6c --- /dev/null +++ b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/big.json @@ -0,0 +1,189 @@ +{ + "uuid": 1, + "radios": [ + { + "band": "6G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + }, + { + "band": "5G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + }, + { + "band": "2G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + } + ], + + "interfaces": [ + { + "name": "WAN", + "role": "upstream", + "ethernet": [ + { + "select-ports": [ + "WAN*" + ] + } + ], + "ipv4": { + "addressing": "dynamic" + }, + "tunnel": { + "proto": "mesh" + }, + "services": [ "lldp" ], + "ssids": [ + { + "name": "uCentral-Mesh", + "wifi-bands": [ + "5G" + ], + "bss-mode": "mesh", + "encryption": { + "proto": "psk2", + "key": "aaaaaaaa", + "ieee80211w": "optional" + } + }, + { + "name": "uCentral", + "wifi-bands": [ + "5G", + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "psk2", + "key": "OpenWifi", + "ieee80211w": "optional" + }, + "roaming": { + "message-exchange": "ds", + "generate-psk": true + } + } + ] + }, + { + "name": "WAN100", + "role": "upstream", + "vlan": { + "id": 100 + }, + "ethernet": [ + { + "select-ports": [ + "WAN*" + ] + } + ], + "ipv4": { + "addressing": "dynamic" + }, + "ssids": [ + { + "name": "uCentral.200", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "psk2", + "key": "OpenWifi", + "ieee80211w": "optional" + }, + "roaming": { + "message-exchange": "ds", + "generate-psk": true + }, + "rate-limit": { + "ingress-rate": 10, + "egress-rate": 10 + } + } + ] + }, + { + "name": "LAN", + "role": "downstream", + "services": [ "http", "lldp" ], + "ethernet": [ + { + "select-ports": [ + "LAN*" + ] + } + ], + "ipv4": { + "addressing": "static", + "subnet": "192.168.10.1/24", + "dhcp": { + "lease-first": 10, + "lease-count": 100, + "lease-time": "6h" + } + }, + "ssids": [ + { + "name": "uCentral-NAT", + "wifi-bands": [ + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "psk2", + "key": "OpenWifi", + "ieee80211w": "optional" + }, + "roaming": { + "message-exchange": "ds", + "generate-psk": true + }, + "rate-limit": { + "ingress-rate": 10, + "egress-rate": 10 + } + } + ] + } + ], + "services": { + "lldp": { + "describe": "uCentral", + "location": "universe" + }, + "http": { + "http-port": 80 + }, + "ntp": { + "servers": [ + "0.openwrt.pool.ntp.org", + "1.openwrt.pool.ntp.org" + ], + "local-server": true + }, + "rtty": { + "host": "websocket.usync.org", + "token": "7049cb6b7949ba06c6b356d76f0f6275" + } + }, + "metrics": { + "statistics": { + "interval": 120, + "types": [ "ssids", "lldp", "clients" ] + }, + "health": { + "interval": 120 + }, + "wifi-frames": { + "filters": [ "probe", "auth" ] + } + } +} diff --git a/feeds/ucentral/ucentral-defaults/files/etc/ucentral/default.json b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/default.json new file mode 100644 index 000000000..46b35ad23 --- /dev/null +++ b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/default.json @@ -0,0 +1,88 @@ +{ + "uuid": 1, + "radios": [ + { + "band": "6G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + }, + { + "band": "5G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + }, + { + "band": "2G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + } + ], + + "interfaces": [ + { + "name": "WAN", + "role": "upstream", + "ethernet": [ + { + "select-ports": [ + "WAN*" + ] + } + ], + "ipv4": { + "addressing": "dynamic" + }, + "ssids": [ + { + "name": "OpenWifi", + "wifi-bands": [ + "5G", + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "psk2", + "key": "OpenWifi", + "ieee80211w": "optional" + }, + "roaming": { + "message-exchange": "ds", + "generate-psk": true + } + } + ] + }, + { + "name": "LAN", + "role": "downstream", + "ethernet": [ + { + "select-ports": [ + "LAN*" + ] + } + ], + "ipv4": { + "addressing": "static", + "subnet": "192.168.1.1/24", + "dhcp": { + "lease-first": 10, + "lease-count": 100, + "lease-time": "6h" + } + } + } + ], + "metrics": { + "statistics": { + "interval": 120, + "types": [ "ssids", "lldp", "clients" ] + }, + "health": { + "interval": 120 + } + } +} diff --git a/feeds/ucentral/ucentral-defaults/files/etc/ucentral/gre.json b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/gre.json new file mode 100644 index 000000000..d0afb8a22 --- /dev/null +++ b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/gre.json @@ -0,0 +1,89 @@ +{ + "uuid": 1, + "radios": [ + { + "band": "6G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + }, + { + "band": "5G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + }, + { + "band": "2G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + } + ], + + "interfaces": [ + { + "name": "WAN", + "role": "upstream", + "ethernet": [ + { + "select-ports": [ + "WAN*" + ] + } + ], + "ipv4": { + "addressing": "dynamic" + } + }, + { + "name": "GRE", + "role": "upstream", + "vlan": { + "id": 50 + }, + "tunnel": { + "proto": "gre", + "peer-address": "50.210.104.108" + } + }, + { + "name": "LAN", + "role": "downstream", + "ethernet": [ + { + "select-ports": [ + "LAN*" + ] + } + ], + "ipv4": { + "addressing": "static", + "subnet": "192.168.1.1/24", + "dhcp": { + "lease-first": 10, + "lease-count": 100, + "lease-time": "6h" + } + }, + "ssids": [ + { + "name": "Maverick", + "wifi-bands": [ + "5G", + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "none", + "ieee80211w": "optional" + }, + "roaming": { + "message-exchange": "ds", + "generate-psk": true + } + } + ] + } + ] +} diff --git a/feeds/ucentral/ucentral-defaults/files/etc/ucentral/ieee8021x.json b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/ieee8021x.json new file mode 100644 index 000000000..26b237db4 --- /dev/null +++ b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/ieee8021x.json @@ -0,0 +1,44 @@ +{ + "uuid": 1, + "interfaces": [ + { + "name": "WAN", + "role": "upstream", + "ethernet": [ + { + "select-ports": [ + "WAN*" + ] + } + ], + "ipv4": { + "addressing": "dynamic" + } + }, + { + "name": "LAN", + "role": "downstream", + "services": [ "ieee8021x" ], + "ethernet": [ + { + "select-ports": [ + "LAN*" + ] + } + ], + "ipv4": { + "addressing": "static", + "subnet": "192.168.1.1/24", + "dhcp": { + "lease-first": 10, + "lease-count": 100, + "lease-time": "6h" + } + } + } + ], + "services": { + "ieee8021x": { + } + } +} diff --git a/feeds/ucentral/ucentral-defaults/files/etc/ucentral/metrics.json b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/metrics.json index 315547310..bbafcdd8a 100644 --- a/feeds/ucentral/ucentral-defaults/files/etc/ucentral/metrics.json +++ b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/metrics.json @@ -43,6 +43,9 @@ }, "health": { "interval": 120 + }, + "wifi-frames": { + "filters": [ "probe", "auth" ] } } } diff --git a/feeds/ucentral/ucentral-defaults/files/etc/ucentral/multi-psk.json b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/multi-psk.json new file mode 100644 index 000000000..86d0a53c1 --- /dev/null +++ b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/multi-psk.json @@ -0,0 +1,95 @@ +{ + "uuid": 1, + "radios": [ + { + "band": "6G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + }, + { + "band": "5G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + }, + { + "band": "2G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + } + ], + + "interfaces": [ + { + "name": "WAN", + "role": "upstream", + "ethernet": [ + { + "select-ports": [ + "WAN*" + ] + } + ], + "ipv4": { + "addressing": "dynamic" + } + }, + { + "name": "LAN", + "role": "downstream", + "services": [ "http" ], + "ethernet": [ + { + "select-ports": [ + "LAN*" + ] + } + ], + "ipv4": { + "addressing": "static", + "subnet": "192.168.1.1/24", + "dhcp": { + "lease-first": 10, + "lease-count": 100, + "lease-time": "6h" + } + }, + "ssids": [ + { + "name": "Maverick", + "wifi-bands": [ + "5G", + "2G" + ], + "bss-mode": "ap", + "encryption": { + "proto": "psk2", + "ieee80211w": "optional", + "key": "OpenWifi" + }, + "multi-psk": [ + { + "key": "aaaaaaaa", + "vlan-id": 123, + "mac": "00:11:22:33:44:55" + }, + { + "key": "bbbbbbbb" + } + ], + "roaming": { + "message-exchange": "ds", + "generate-psk": true + } + } + ] + } + ], + "services": { + "http": { + "http-port": 80 + } + } +} diff --git a/feeds/ucentral/ucentral-defaults/files/etc/ucentral/wds-ap.yml b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/wds-ap.yml new file mode 100644 index 000000000..8fb8828ca --- /dev/null +++ b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/wds-ap.yml @@ -0,0 +1,88 @@ +{ + "uuid": 1, + "radios": [ + { + "band": "6G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + }, + { + "band": "5G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + }, + { + "band": "2G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + } + ], + + "interfaces": [ + { + "name": "WAN", + "role": "upstream", + "ethernet": [ + { + "select-ports": [ + "WAN*" + ] + } + ], + "ipv4": { + "addressing": "dynamic" + }, + "ssids": [ + { + "name": "OpenWifi-WDS", + "wifi-bands": [ + "5G", + "2G" + ], + "bss-mode": "wds-ap", + "encryption": { + "proto": "psk2", + "key": "OpenWifi", + "ieee80211w": "optional" + }, + "roaming": { + "message-exchange": "ds", + "generate-psk": true + } + } + ] + }, + { + "name": "LAN", + "role": "downstream", + "ethernet": [ + { + "select-ports": [ + "LAN*" + ] + } + ], + "ipv4": { + "addressing": "static", + "subnet": "192.168.1.1/24", + "dhcp": { + "lease-first": 10, + "lease-count": 100, + "lease-time": "6h" + } + } + } + ], + "metrics": { + "statistics": { + "interval": 120, + "types": [ "ssids", "lldp", "clients" ] + }, + "health": { + "interval": 120 + } + } +} diff --git a/feeds/ucentral/ucentral-defaults/files/etc/ucentral/wds-repeater.yml b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/wds-repeater.yml new file mode 100644 index 000000000..248ba36d7 --- /dev/null +++ b/feeds/ucentral/ucentral-defaults/files/etc/ucentral/wds-repeater.yml @@ -0,0 +1,88 @@ +{ + "uuid": 1, + "radios": [ + { + "band": "6G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + }, + { + "band": "5G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + }, + { + "band": "2G", + "country": "CA", + "channel-mode": "HE", + "channel-width": 80 + } + ], + + "interfaces": [ + { + "name": "WAN", + "role": "upstream", + "ethernet": [ + { + "select-ports": [ + "WAN*" + ] + } + ], + "ipv4": { + "addressing": "dynamic" + }, + "ssids": [ + { + "name": "OpenWifi-WDS", + "wifi-bands": [ + "5G", + "2G" + ], + "bss-mode": "wds-repeater", + "encryption": { + "proto": "psk2", + "key": "OpenWifi", + "ieee80211w": "optional" + }, + "roaming": { + "message-exchange": "ds", + "generate-psk": true + } + } + ] + }, + { + "name": "LAN", + "role": "downstream", + "ethernet": [ + { + "select-ports": [ + "LAN*" + ] + } + ], + "ipv4": { + "addressing": "static", + "subnet": "192.168.1.1/24", + "dhcp": { + "lease-first": 10, + "lease-count": 100, + "lease-time": "6h" + } + } + } + ], + "metrics": { + "statistics": { + "interval": 120, + "types": [ "ssids", "lldp", "clients" ] + }, + "health": { + "interval": 120 + } + } +} diff --git a/feeds/ucentral/ucentral-event/Makefile b/feeds/ucentral/ucentral-event/Makefile index d6bdfe4da..8121d22d8 100644 --- a/feeds/ucentral/ucentral-event/Makefile +++ b/feeds/ucentral/ucentral-event/Makefile @@ -6,7 +6,7 @@ PKG_RELEASE:=1 PKG_SOURCE_URL=https://github.com/blogic/ucentral-event.git PKG_SOURCE_PROTO:=git PKG_SOURCE_DATE:=2021-04-13 -PKG_SOURCE_VERSION:=58112ec4963d51232177df6aee5be7260dd8d8e5 +PKG_SOURCE_VERSION:=f3a32527c89cdcbecf7d8b7c0ab59677401a74d2 PKG_MAINTAINER:=John Crispin PKG_LICENSE:=BSD-3-Clause @@ -26,9 +26,10 @@ TARGET_CFLAGS += \ -I$(STAGING_DIR)/usr/include/libnl-tiny define Package/ucentral-event/install - $(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/init.d + $(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/init.d $(1)/etc/config $(INSTALL_BIN) $(PKG_BUILD_DIR)/ucentral-event $(1)/usr/sbin/ $(INSTALL_BIN) ./files/ucentral-event $(1)/etc/init.d/ + $(INSTALL_DATA) ./files/event $(1)/etc/config/ endef $(eval $(call BuildPackage,ucentral-event)) diff --git a/feeds/ucentral/ucentral-event/files/event b/feeds/ucentral/ucentral-event/files/event index 488e64e35..d593ea696 100644 --- a/feeds/ucentral/ucentral-event/files/event +++ b/feeds/ucentral/ucentral-event/files/event @@ -1,2 +1,22 @@ -config event dhcp - option type dhcp +#config event wifi +# option type 'wifi' +# list filter 'probe' +# list filter 'auth' +# list filter 'assoc' +# list filter 'disassoc' +# list filter 'deauth' +# list filter 'local-deauth' +# list filter 'inactive-deauth' +# list filter 'key-mismatch' +# list filter 'beacon-report' +# list filter 'radar-detected' + +#config event dhcp +# option type 'dhcp' +# list filter 'ack' +# list filter 'discover' +# list filter 'offer' +# list filter 'request' +# list filter 'solicit' +# list filter 'reply' +# list filter 'renew' diff --git a/feeds/ucentral/ucentral-event/files/ucentral-event b/feeds/ucentral/ucentral-event/files/ucentral-event index b96dbec31..25e9de0a9 100644 --- a/feeds/ucentral/ucentral-event/files/ucentral-event +++ b/feeds/ucentral/ucentral-event/files/ucentral-event @@ -6,7 +6,7 @@ USE_PROCD=1 PROG=/usr/sbin/ucentral-event service_triggers() { - procd_add_reload_trigger ucentral + procd_add_reload_trigger event } start_service() { diff --git a/feeds/ucentral/ucentral-schema/Makefile b/feeds/ucentral/ucentral-schema/Makefile index cec0fe59d..63dd17cfb 100644 --- a/feeds/ucentral/ucentral-schema/Makefile +++ b/feeds/ucentral/ucentral-schema/Makefile @@ -6,7 +6,7 @@ PKG_RELEASE:=1 PKG_SOURCE_URL=https://github.com/blogic/ucentral-schema.git PKG_SOURCE_PROTO:=git PKG_SOURCE_DATE:=2021-02-15 -PKG_SOURCE_VERSION:=c64a0eee031d24a458b2b6b112a3711b2634feac +PKG_SOURCE_VERSION:=cac24ac6cb8b3779cf605b89cdcaca00ab1d7052 PKG_MAINTAINER:=John Crispin PKG_LICENSE:=BSD-3-Clause diff --git a/feeds/ucentral/wired-802.1x/files/etc/config/wired1x b/feeds/ucentral/wired-802.1x/files/etc/config/wired1x deleted file mode 100644 index 66d644a7b..000000000 --- a/feeds/ucentral/wired-802.1x/files/etc/config/wired1x +++ /dev/null @@ -1,3 +0,0 @@ -config network - #option ports 'lan1 lan2 lan3' - #option network lan diff --git a/feeds/ucentral/wired-802.1x/files/etc/init.d/wired-802.1x b/feeds/ucentral/wired-802.1x/files/etc/init.d/wired-802.1x deleted file mode 100755 index 8afa4518d..000000000 --- a/feeds/ucentral/wired-802.1x/files/etc/init.d/wired-802.1x +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh /etc/rc.common - -START=80 - -USE_PROCD=1 -PROG=/usr/sbin/wired-802.1x - -service_triggers() { - procd_add_reload_trigger wired1x -} - -start_service() { - procd_open_instance - procd_set_param command "$PROG" - procd_set_param respawn - procd_close_instance -} diff --git a/patches/0019-lldp-add-TIP-tweaks.patch b/patches/0019-lldp-add-TIP-tweaks.patch index 1c3bf62b2..58c2652ac 100644 --- a/patches/0019-lldp-add-TIP-tweaks.patch +++ b/patches/0019-lldp-add-TIP-tweaks.patch @@ -1,13 +1,13 @@ -From 4b8fbdd73b3da67eeffd9612642218a1b9dc417d Mon Sep 17 00:00:00 2001 +From a5af4baec7cbe2a6ffe845d71fc15af00e022321 Mon Sep 17 00:00:00 2001 From: John Crispin Date: Fri, 4 Dec 2020 16:29:35 +0100 -Subject: [PATCH 01/18] lldp: add TIP tweaks +Subject: [PATCH 01/19] lldp: add TIP tweaks Signed-off-by: John Crispin --- .../network/services/lldpd/files/lldpd.config | 16 ---------------- - package/network/services/lldpd/files/lldpd.init | 6 +++++- - 2 files changed, 5 insertions(+), 17 deletions(-) + package/network/services/lldpd/files/lldpd.init | 11 ++++++++++- + 2 files changed, 10 insertions(+), 17 deletions(-) diff --git a/package/network/services/lldpd/files/lldpd.config b/package/network/services/lldpd/files/lldpd.config index 5e7c51ba7e..b37dda87bf 100644 @@ -35,7 +35,7 @@ index 5e7c51ba7e..b37dda87bf 100644 - list interface "loopback" - list interface "lan" diff --git a/package/network/services/lldpd/files/lldpd.init b/package/network/services/lldpd/files/lldpd.init -index 7a5b25e016..4f613ec664 100644 +index 7a5b25e016..8d855a1856 100644 --- a/package/network/services/lldpd/files/lldpd.init +++ b/package/network/services/lldpd/files/lldpd.init @@ -10,6 +10,10 @@ LLDPSOCKET=/var/run/lldpd.socket @@ -58,6 +58,25 @@ index 7a5b25e016..4f613ec664 100644 append ifnames "${ifname:-$iface}" "," fi done +@@ -58,6 +62,7 @@ write_lldpd_conf() + + start_service() { + ++ local enable + local enable_cdp + local enable_fdp + local enable_sonmp +@@ -68,6 +73,10 @@ start_service() { + local agentxsocket + + config_load 'lldpd' ++ config_get_bool enable 'config' 'enable' 0 ++ ++ [ "$enable" -eq 1 ] || return ++ + config_get_bool enable_cdp 'config' 'enable_cdp' 0 + config_get_bool enable_fdp 'config' 'enable_fdp' 0 + config_get_bool enable_sonmp 'config' 'enable_sonmp' 0 -- 2.25.1 diff --git a/patches/0024-netifd-libubox-update-to-latest-HEAD.patch b/patches/0024-netifd-libubox-update-to-latest-HEAD.patch new file mode 100644 index 000000000..8f0cb379c --- /dev/null +++ b/patches/0024-netifd-libubox-update-to-latest-HEAD.patch @@ -0,0 +1,476 @@ +From 5171503cfa4387370fd4c33bbcf0d8c4b6ec86e4 Mon Sep 17 00:00:00 2001 +From: John Crispin +Date: Tue, 18 May 2021 10:46:43 +0200 +Subject: [PATCH] netifd/libubox: update to latest HEAD + +* required for wired ieee8021x + +Signed-off-by: John Crispin +--- + package/libs/libubox/Makefile | 4 +- + package/network/config/netifd/Makefile | 4 +- + .../config/netifd/patches/100-8021x.patch | 421 ++++++++++++++++++ + 3 files changed, 425 insertions(+), 4 deletions(-) + create mode 100644 package/network/config/netifd/patches/100-8021x.patch + +diff --git a/package/libs/libubox/Makefile b/package/libs/libubox/Makefile +index 4d582eacfd..8644764d59 100644 +--- a/package/libs/libubox/Makefile ++++ b/package/libs/libubox/Makefile +@@ -5,9 +5,9 @@ PKG_RELEASE=1 + + PKG_SOURCE_PROTO:=git + PKG_SOURCE_URL=$(PROJECT_GIT)/project/libubox.git +-PKG_MIRROR_HASH:=97dc4eba01cf2c5d6a6d0db3747e0cdc0d95cb87e51b3115272e7d3e69a8b255 ++#PKG_MIRROR_HASH:=97dc4eba01cf2c5d6a6d0db3747e0cdc0d95cb87e51b3115272e7d3e69a8b255 + PKG_SOURCE_DATE:=2020-12-12 +-PKG_SOURCE_VERSION:=357877693ca363b12e6e7e14d345639b2440cd07 ++PKG_SOURCE_VERSION:=b14c4688612c05c78ce984d7bde633bce8703b1e + PKG_ABI_VERSION:=$(call abi_version_str,$(PKG_SOURCE_DATE)) + CMAKE_INSTALL:=1 + +diff --git a/package/network/config/netifd/Makefile b/package/network/config/netifd/Makefile +index 7061456b08..03e3c3ca2a 100644 +--- a/package/network/config/netifd/Makefile ++++ b/package/network/config/netifd/Makefile +@@ -6,8 +6,8 @@ PKG_RELEASE:=1 + PKG_SOURCE_PROTO:=git + PKG_SOURCE_URL=$(PROJECT_GIT)/project/netifd.git + PKG_SOURCE_DATE:=2021-01-09 +-PKG_SOURCE_VERSION:=c00c8335d6188daa326ecfe5a62da15a9b9987e1 +-PKG_MIRROR_HASH:=c740e51e0cec13eec336ba1c7a643db3b64a9a2235f8c1b73a566cb89e841190 ++PKG_SOURCE_VERSION:=3052f2f67686f3d540d4d941e4664730de530741 ++#PKG_MIRROR_HASH:=c740e51e0cec13eec336ba1c7a643db3b64a9a2235f8c1b73a566cb89e841190 + PKG_MAINTAINER:=Felix Fietkau + + PKG_LICENSE:=GPL-2.0 +diff --git a/package/network/config/netifd/patches/100-8021x.patch b/package/network/config/netifd/patches/100-8021x.patch +new file mode 100644 +index 0000000000..eb8eaaa6fb +--- /dev/null ++++ b/package/network/config/netifd/patches/100-8021x.patch +@@ -0,0 +1,421 @@ ++Return-path: ++X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on ds12 ++X-Spam-Level: ++X-Spam-Status: No, score=-8.0 required=5.0 tests=BAYES_00,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2 ++Envelope-to: john@phrozen.org ++Delivery-date: Mon, 17 May 2021 11:23:58 +0200 ++Received: from p54ae9ff2.dip0.t-ipconnect.de ([84.174.159.242] helo=localhost.localdomain) ++ by ds12 with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) ++ (Exim 4.89) ++ (envelope-from ) ++ id 1liZTi-0007JJ-8s ++ for john@phrozen.org; Mon, 17 May 2021 11:23:58 +0200 ++From: Felix Fietkau ++To: john@phrozen.org ++Subject: [PATCH netifd] device: add support for configuring devices with external auth handler ++Date: Mon, 17 May 2021 11:23:56 +0200 ++Message-Id: <20210517092356.85402-1-nbd@nbd.name> ++X-Mailer: git-send-email 2.30.1 ++MIME-Version: 1.0 ++Content-Transfer-Encoding: 8bit ++ ++This can be used to support 802.1x on wired devices. ++In order to use this, the device section for each port needing authentication ++needs to contain the option auth 1 ++When set, this option prevents devices from being added to bridges or configured ++with IP settings by default, until the set_state ubus call on network.device ++sets "auth_status" to true for the device. ++ ++Signed-off-by: Felix Fietkau ++--- ++ bridge.c | 58 +++++++++++++++++++++++++++++++++++++---------------- ++ device.c | 34 +++++++++++++++++++++++++++++++ ++ device.h | 17 +++++++++++++++- ++ interface.c | 21 ++++++++++++++----- ++ ubus.c | 6 ++++++ ++ 5 files changed, 113 insertions(+), 23 deletions(-) ++ ++diff --git a/bridge.c b/bridge.c ++index 099dfe4d24ef..397ac979daaf 100644 ++--- a/bridge.c +++++ b/bridge.c ++@@ -122,6 +122,7 @@ struct bridge_member { ++ struct device_user dev; ++ uint16_t pvid; ++ bool present; +++ bool active; ++ char name[]; ++ }; ++ ++@@ -299,19 +300,21 @@ bridge_set_vlan_state(struct bridge_state *bst, struct bridge_vlan *vlan, bool a ++ } ++ ++ static int ++-bridge_disable_member(struct bridge_member *bm) +++bridge_disable_member(struct bridge_member *bm, bool keep_dev) ++ { ++ struct bridge_state *bst = bm->bst; ++ struct bridge_vlan *vlan; ++ ++- if (!bm->present) +++ if (!bm->present || !bm->active) ++ return 0; ++ +++ bm->active = false; ++ vlist_for_each_element(&bst->dev.vlans, vlan, node) ++ bridge_set_member_vlan(bm, vlan, false); ++ ++ system_bridge_delif(&bst->dev, bm->dev.dev); ++- device_release(&bm->dev); +++ if (!keep_dev) +++ device_release(&bm->dev); ++ ++ device_broadcast_event(&bst->dev, DEV_EVENT_TOPO_CHANGE); ++ ++@@ -356,6 +359,7 @@ bridge_enable_member(struct bridge_member *bm) ++ { ++ struct bridge_state *bst = bm->bst; ++ struct bridge_vlan *vlan; +++ struct device *dev; ++ int ret; ++ ++ if (!bm->present) ++@@ -375,12 +379,20 @@ bridge_enable_member(struct bridge_member *bm) ++ if (ret < 0) ++ goto error; ++ +++ dev = bm->dev.dev; +++ if (dev->settings.auth && !dev->auth_status) +++ return -1; +++ +++ if (bm->active) +++ return 0; +++ ++ ret = system_bridge_addif(&bst->dev, bm->dev.dev); ++ if (ret < 0) { ++ D(DEVICE, "Bridge device %s could not be added\n", bm->dev.dev->ifname); ++ goto error; ++ } ++ +++ bm->active = true; ++ if (bst->has_vlans) { ++ /* delete default VLAN 1 */ ++ system_bridge_vlan(bm->dev.dev->ifname, 1, false, 0); ++@@ -412,7 +424,7 @@ bridge_remove_member(struct bridge_member *bm) ++ return; ++ ++ if (bst->dev.active) ++- bridge_disable_member(bm); +++ bridge_disable_member(bm, false); ++ ++ bm->present = false; ++ bm->bst->n_present--; ++@@ -481,10 +493,11 @@ bridge_check_retry(struct bridge_state *bst) ++ } ++ ++ static void ++-bridge_member_cb(struct device_user *dev, enum device_event ev) +++bridge_member_cb(struct device_user *dep, enum device_event ev) ++ { ++- struct bridge_member *bm = container_of(dev, struct bridge_member, dev); +++ struct bridge_member *bm = container_of(dep, struct bridge_member, dev); ++ struct bridge_state *bst = bm->bst; +++ struct device *dev = dep->dev; ++ ++ switch (ev) { ++ case DEV_EVENT_ADD: ++@@ -495,19 +508,30 @@ bridge_member_cb(struct device_user *dev, enum device_event ev) ++ ++ if (bst->n_present == 1) ++ device_set_present(&bst->dev, true); ++- if (bst->dev.active && !bridge_enable_member(bm)) { ++- /* ++- * Adding a bridge member can overwrite the bridge mtu ++- * in the kernel, apply the bridge settings in case the ++- * bridge mtu is set ++- */ ++- system_if_apply_settings(&bst->dev, &bst->dev.settings, ++- DEV_OPT_MTU | DEV_OPT_MTU6); ++- } +++ fallthrough; +++ case DEV_EVENT_AUTH_UP: +++ if (!bst->dev.active) +++ break; +++ +++ if (bridge_enable_member(bm)) +++ break; +++ +++ /* +++ * Adding a bridge member can overwrite the bridge mtu +++ * in the kernel, apply the bridge settings in case the +++ * bridge mtu is set +++ */ +++ system_if_apply_settings(&bst->dev, &bst->dev.settings, +++ DEV_OPT_MTU | DEV_OPT_MTU6); +++ break; +++ case DEV_EVENT_LINK_DOWN: +++ if (!dev->settings.auth) +++ break; ++ +++ bridge_disable_member(bm, true); ++ break; ++ case DEV_EVENT_REMOVE: ++- if (dev->hotplug) { +++ if (dep->hotplug) { ++ vlist_delete(&bst->members, &bm->node); ++ return; ++ } ++@@ -529,7 +553,7 @@ bridge_set_down(struct bridge_state *bst) ++ bst->set_state(&bst->dev, false); ++ ++ vlist_for_each_element(&bst->members, bm, node) ++- bridge_disable_member(bm); +++ bridge_disable_member(bm, false); ++ ++ bridge_disable_interface(bst); ++ ++diff --git a/device.c b/device.c ++index 7f011b615fbf..26254cc2eb90 100644 ++--- a/device.c +++++ b/device.c ++@@ -59,6 +59,7 @@ static const struct blobmsg_policy dev_attrs[__DEV_ATTR_MAX] = { ++ [DEV_ATTR_DROP_GRATUITOUS_ARP] = { .name = "drop_gratuitous_arp", .type = BLOBMSG_TYPE_BOOL }, ++ [DEV_ATTR_DROP_UNSOLICITED_NA] = { .name = "drop_unsolicited_na", .type = BLOBMSG_TYPE_BOOL }, ++ [DEV_ATTR_ARP_ACCEPT] = { .name = "arp_accept", .type = BLOBMSG_TYPE_BOOL }, +++ [DEV_ATTR_AUTH] = { .name = "auth", .type = BLOBMSG_TYPE_BOOL }, ++ }; ++ ++ const struct uci_blob_param_list device_attr_list = { ++@@ -270,6 +271,7 @@ device_merge_settings(struct device *dev, struct device_settings *n) ++ s->drop_unsolicited_na : os->drop_unsolicited_na; ++ n->arp_accept = s->flags & DEV_OPT_ARP_ACCEPT ? ++ s->arp_accept : os->arp_accept; +++ n->auth = s->flags & DEV_OPT_AUTH ? s->auth : os->auth; ++ n->flags = s->flags | os->flags | os->valid_flags; ++ } ++ ++@@ -439,6 +441,11 @@ device_init_settings(struct device *dev, struct blob_attr **tb) ++ s->flags |= DEV_OPT_ARP_ACCEPT; ++ } ++ +++ if ((cur = tb[DEV_ATTR_AUTH])) { +++ s->auth = blobmsg_get_bool(cur); +++ s->flags |= DEV_OPT_AUTH; +++ } +++ ++ device_set_disabled(dev, disabled); ++ } ++ ++@@ -716,6 +723,28 @@ device_refresh_present(struct device *dev) ++ __device_set_present(dev, state); ++ } ++ +++void +++device_set_auth_status(struct device *dev, bool value) +++{ +++ if (dev->auth_status == value) +++ return; +++ +++ dev->auth_status = value; +++ if (!dev->present) +++ return; +++ +++ if (dev->auth_status) { +++ device_broadcast_event(dev, DEV_EVENT_AUTH_UP); +++ return; +++ } +++ +++ device_broadcast_event(dev, DEV_EVENT_LINK_DOWN); +++ if (!dev->link_active) +++ return; +++ +++ device_broadcast_event(dev, DEV_EVENT_LINK_UP); +++} +++ ++ void device_set_present(struct device *dev, bool state) ++ { ++ if (dev->sys_present == state) ++@@ -734,6 +763,8 @@ void device_set_link(struct device *dev, bool state) ++ netifd_log_message(L_NOTICE, "%s '%s' link is %s\n", dev->type->name, dev->ifname, state ? "up" : "down" ); ++ ++ dev->link_active = state; +++ if (!state) +++ dev->auth_status = false; ++ device_broadcast_event(dev, state ? DEV_EVENT_LINK_UP : DEV_EVENT_LINK_DOWN); ++ } ++ ++@@ -1091,6 +1122,7 @@ device_dump_status(struct blob_buf *b, struct device *dev) ++ ++ blobmsg_add_u8(b, "up", !!dev->active); ++ blobmsg_add_u8(b, "carrier", !!dev->link_active); +++ blobmsg_add_u8(b, "auth_status", !!dev->auth_status); ++ ++ if (dev->type->dump_info) ++ dev->type->dump_info(dev, b); ++@@ -1157,6 +1189,8 @@ device_dump_status(struct blob_buf *b, struct device *dev) ++ blobmsg_add_u8(b, "drop_unsolicited_na", st.drop_unsolicited_na); ++ if (st.flags & DEV_OPT_ARP_ACCEPT) ++ blobmsg_add_u8(b, "arp_accept", st.arp_accept); +++ if (st.flags & DEV_OPT_AUTH) +++ blobmsg_add_u8(b, "auth", st.auth); ++ } ++ ++ s = blobmsg_open_table(b, "statistics"); ++diff --git a/device.h b/device.h ++index f6eaf275e18c..ed07791ba458 100644 ++--- a/device.h +++++ b/device.h ++@@ -59,6 +59,7 @@ enum { ++ DEV_ATTR_DROP_GRATUITOUS_ARP, ++ DEV_ATTR_DROP_UNSOLICITED_NA, ++ DEV_ATTR_ARP_ACCEPT, +++ DEV_ATTR_AUTH, ++ __DEV_ATTR_MAX, ++ }; ++ ++@@ -100,7 +101,7 @@ enum { ++ DEV_OPT_MLDVERSION = (1 << 8), ++ DEV_OPT_NEIGHREACHABLETIME = (1 << 9), ++ DEV_OPT_DEFAULT_MACADDR = (1 << 10), ++- /* 1 bit hole */ +++ DEV_OPT_AUTH = (1 << 11), ++ DEV_OPT_MTU6 = (1 << 12), ++ DEV_OPT_DADTRANSMITS = (1 << 13), ++ DEV_OPT_MULTICAST_TO_UNICAST = (1 << 14), ++@@ -134,6 +135,7 @@ enum device_event { ++ DEV_EVENT_UP, ++ DEV_EVENT_DOWN, ++ +++ DEV_EVENT_AUTH_UP, ++ DEV_EVENT_LINK_UP, ++ DEV_EVENT_LINK_DOWN, ++ ++@@ -192,6 +194,7 @@ struct device_settings { ++ bool drop_gratuitous_arp; ++ bool drop_unsolicited_na; ++ bool arp_accept; +++ bool auth; ++ }; ++ ++ /* ++@@ -220,6 +223,7 @@ struct device { ++ int active; ++ /* DEV_EVENT_LINK_UP */ ++ bool link_active; +++ bool auth_status; ++ ++ bool external; ++ bool disabled; ++@@ -324,6 +328,8 @@ struct device *get_vlan_device_chain(const char *ifname, bool create); ++ void alias_notify_device(const char *name, struct device *dev); ++ struct device *device_alias_get(const char *name); ++ +++void device_set_auth_status(struct device *dev, bool value); +++ ++ static inline void ++ device_set_deferred(struct device *dev, bool value) ++ { ++@@ -338,6 +344,15 @@ device_set_disabled(struct device *dev, bool value) ++ device_refresh_present(dev); ++ } ++ +++static inline bool +++device_link_active(struct device *dev) +++{ +++ if (dev->settings.auth && !dev->auth_status) +++ return false; +++ +++ return dev->link_active; +++} +++ ++ bool device_check_ip6segmentrouting(void); ++ ++ #endif ++diff --git a/interface.c b/interface.c ++index 2a8f604207c3..a91246a1ae03 100644 ++--- a/interface.c +++++ b/interface.c ++@@ -99,6 +99,17 @@ interface_error_flush(struct interface *iface) ++ } ++ } ++ +++static bool +++interface_force_link(struct interface *iface) +++{ +++ struct device *dev = iface->main_dev.dev; +++ +++ if (dev && dev->settings.auth) +++ return false; +++ +++ return iface->force_link; +++} +++ ++ static void ++ interface_clear_errors(struct interface *iface) ++ { ++@@ -344,7 +355,7 @@ __interface_set_up(struct interface *iface) ++ static void ++ interface_check_state(struct interface *iface) ++ { ++- bool link_state = iface->link_state || iface->force_link; +++ bool link_state = iface->link_state || interface_force_link(iface); ++ ++ switch (iface->state) { ++ case IFS_UP: ++@@ -390,7 +401,8 @@ interface_set_link_state(struct interface *iface, bool new_state) ++ iface->link_state = new_state; ++ interface_check_state(iface); ++ ++- if (new_state && iface->force_link && iface->state == IFS_UP && !iface->link_up_event) { +++ if (new_state && interface_force_link(iface) && +++ iface->state == IFS_UP && !iface->link_up_event) { ++ interface_event(iface, IFEV_LINK_UP); ++ iface->link_up_event = true; ++ } ++@@ -424,11 +436,10 @@ interface_main_dev_cb(struct device_user *dep, enum device_event ev) ++ case DEV_EVENT_DOWN: ++ interface_set_enabled(iface, false); ++ break; +++ case DEV_EVENT_AUTH_UP: ++ case DEV_EVENT_LINK_UP: ++- interface_set_link_state(iface, true); ++- break; ++ case DEV_EVENT_LINK_DOWN: ++- interface_set_link_state(iface, false); +++ interface_set_link_state(iface, device_link_active(dep->dev)); ++ break; ++ case DEV_EVENT_TOPO_CHANGE: ++ interface_proto_event(iface->proto, PROTO_CMD_RENEW, false); ++diff --git a/ubus.c b/ubus.c ++index 9098c662cc41..be150626bc02 100644 ++--- a/ubus.c +++++ b/ubus.c ++@@ -298,12 +298,14 @@ error: ++ enum { ++ DEV_STATE_NAME, ++ DEV_STATE_DEFER, +++ DEV_STATE_AUTH_STATUS, ++ __DEV_STATE_MAX, ++ }; ++ ++ static const struct blobmsg_policy dev_state_policy[__DEV_STATE_MAX] = { ++ [DEV_STATE_NAME] = { .name = "name", .type = BLOBMSG_TYPE_STRING }, ++ [DEV_STATE_DEFER] = { .name = "defer", .type = BLOBMSG_TYPE_BOOL }, +++ [DEV_STATE_AUTH_STATUS] = { .name = "auth_status", .type = BLOBMSG_TYPE_BOOL }, ++ }; ++ ++ static int ++@@ -329,6 +331,10 @@ netifd_handle_set_state(struct ubus_context *ctx, struct ubus_object *obj, ++ if (cur) ++ device_set_deferred(dev, !!blobmsg_get_u8(cur)); ++ +++ cur = tb[DEV_STATE_AUTH_STATUS]; +++ if (cur) +++ device_set_auth_status(dev, !!blobmsg_get_u8(cur)); +++ ++ return 0; ++ } ++ ++-- ++2.30.1 ++ +-- +2.25.1 + diff --git a/profiles/ucentral-ap.yml b/profiles/ucentral-ap.yml index c0ff3a7fc..539bbaca7 100644 --- a/profiles/ucentral-ap.yml +++ b/profiles/ucentral-ap.yml @@ -17,6 +17,7 @@ packages: - curl - dnsmasq-full - gre + - ieee8021x - igmpproxy - ip-bridge - lldpd @@ -41,7 +42,6 @@ packages: - udevmand - umdns - vxlan - - wired-802.1x - wpad-mesh-openssl diffconfig: | CONFIG_OPENSSL_ENGINE=y diff --git a/profiles/ucentral-switch.yml b/profiles/ucentral-switch.yml index 58a9f4fe5..970ca1a4c 100644 --- a/profiles/ucentral-switch.yml +++ b/profiles/ucentral-switch.yml @@ -8,9 +8,9 @@ include: - webui packages: - - libmosquitto-ssl - lldpd - curl + - ieee8021x - ip-bridge - ucentral-client - ucentral-schema