scottk/wlan-ap
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-ap.git synced 2025-10-29 17:42:41 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity
2,023 Commits 173 Branches 113 Tags
c4b3eeed811aede31f62609161eb3b5afca55f5f
Commit Graph

127 Commits

Author SHA1 Message Date
John Crispin
c4b3eeed81 est_client: switch to production environment 
Signed-off-by: John Crispin <john@phrozen.org>
 2025-08-11 06:36:22 +02:00
Marek Kwaczynski
b982f3f4c2 cloud_discovery: Track and persist discovery method 
Adds support for recording the method used to discover the cloud
controller (e.g. DHCP, FLASH, OpenLAN).
The selected method  records the current date and time along
with the discovery method into "/etc/ucentral/discovery.state.json".
The date is stored in epoch format.

Fixed: WIFI-14966

Signed-off-by: Marek Kwaczynski <marek@shasta.cloud>
 2025-08-11 05:41:36 +02:00
John Crispin
6ba26cba2b est_client: add a function to validate that the CN is correct 
cloud_discovery will not start if the CN does not match the devices serial.
an error will be written to syslog

---
Wed Aug  6 14:23:23 2025 user.notice root: ERROR
Wed Aug  6 14:23:23 2025 user.notice root: ERROR
Wed Aug  6 14:23:23 2025 user.notice root: ERROR
Wed Aug  6 14:23:23 2025 user.notice root: The certificate used has a CN that does not match the serial of the device
Wed Aug  6 14:23:23 2025 user.notice root: ERROR
Wed Aug  6 14:23:23 2025 user.notice root: ERROR
Wed Aug  6 14:23:23 2025 user.notice root: ERROR
---

Signed-off-by: John Crispin <john@phrozen.org>
 2025-08-06 16:23:57 +02:00
John Crispin
b5b276bfcc est_client: check if a cert is present inside the fwtool helper 
This was causing devices without a birt cert being present from doing a
sysupgrade.

Signed-off-by: John Crispin <john@phrozen.org>
 2025-08-06 11:03:59 +02:00
jackcybertan
b036ba37e3 certificates: Store-PKI2.0-key-for-RAP6x-production 
Fixes: WIFI-14951
Signed-off-by: jackcybertan <jack.tsai@cybertan.com.tw>
 2025-08-04 08:39:53 +02:00
John Crispin
8c11eb23a3 mt7621: add insta1/2 partitions for yuncore ax820 
Signed-off-by: John Crispin <john@phrozen.org>
 2025-08-04 08:35:42 +02:00
John Crispin
d1e4c48617 cloud_discovery: add automatic reenrolment of operational certificates 
The daemon will check the vailidity of the operational certificate once and hour.
If the certificate is valid for less than three days, a reenrollment is attempted.
Once the reenroll happened the connection to the cloud controller will be restarted.

Fixes: WIFI-14900
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-31 09:48:10 +02:00
jackcybertan
d85dc2a819 certificates: Enhance PKI enrollment on squashfs (SonicFi RAP6* series) 
The updated flow:
- Mount /dev/mtdblock* (the certificates partition) to /mnt
- Copy its contents to /certificates
- Unmount /mnt
- Extract the PKI 2.0 certificates into /certificates

Fixes: WIFI-14904
Signed-off-by: jackcybertan <jack.tsai@cybertan.com.tw>
 2025-07-30 09:04:52 +02:00
John Crispin
ebdc88ee1f certificates: improvements 
* make the code more generic
* add udaya a2 support

Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-28 09:50:22 +02:00
Tanya Singh
5306f7db27 cloud_discovery: Add 'sync' after file generation in Cloud discovery process 
Fixes: WIFI-14906
Signed-off-by: Tanya Singh <tanya_singh@accton.com>
 2025-07-27 17:40:03 +02:00
John Crispin
89a1be09d9 est_client: set 10s as the max timeout when calling the EST server 
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-21 11:35:47 +02:00
John Crispin
66df8d3946 est_client: properly populate the re-enrolled certificate 
Fixes: WIFI-14864
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-17 14:40:01 +02:00
John Crispin
20de4fe438 est_client: allow overriding CERT_PREFIX via an env variable 
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-17 09:50:45 +02:00
John Crispin
f56fb3c0d3 est_client: allow setting the EST_SERVER via an env variable 
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-17 09:50:45 +02:00
John Crispin
5aca134364 est_client: reduce number of flash writes 
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-17 09:50:45 +02:00
John Crispin
89ac58b48f add incremental interval backoff 
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-17 09:50:45 +02:00
wingate5678
6c4ca10e74 certificates: change Sonicfi RAP7 series certicate type from squashfs to ext4 
Fixes: WIFI-14834
Signed-off-by: wingate5678 <wingate.chi@cybertan.com.tw>
 2025-07-16 17:00:53 +02:00
John Crispin
a607aac99a cloud_discovery: set production timeouts 
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-11 11:08:42 +02:00
John Crispin
f2b69ce972 est_client: fix reenroll call 
the wrong certificate was being used

Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-08 09:41:12 +02:00
John Crispin
842b21fb5e certificates: add an explicit uci commit call 
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-08 09:40:06 +02:00
Jesse Wu
919fe12372 ipq807x: add EMPLUS WAP380C support 
Fixes: WIFI-14791
Signed-off-by: Jesse Wu <Jesse.Wu@emplustech.com>
 2025-07-08 08:13:39 +02:00
cpchangemplu
f1fc99ccbe ipq50xx: Add back emplus,wap385c 
Signed-off-by: cpchangemplu <cp.chang@emplustech.com>
 2025-07-03 14:26:46 +02:00
John Crispin
5f8c4d31cc cloud_discovery: use the correct certificte for CDS 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
aa78f40843 certificates: add support for tar file based certificate storage 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
721fb4cc4d est_client: fixup typo 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
f75a36f89f est_client: prevent downgrades to FW not supporting EST 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
a375b9f774 est_client: add reenroll support 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
16d029f10f cloud_discovery: split EST code out into its own tool 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
bb45e09e8b cloud_discovery: place intermediate files into the /tmp folder 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
2798088cec cloud_discovery: rtrim() the extracted subject 
this removes trailing \n\n characters

Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
470703a490 luci-mod-ucentral: update certupdate for insta birth certificates 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
c56d60b2d3 certificates: do not check for cas.pem when mounting certs 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
1178c3b6f1 certificates: set new certs inside UCI 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
0db44ca55b cloud_discovery: add insta EST support 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
ae5015424b cloud_discovery: add initial ubus status call 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
32c7a7ff1d cloud_discovery: add support for hostname_validation 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
39e601cbd4 luci-mod-ucentral: remove digicert specific files 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
ce9c896371 cloud_discovery: depend on the certificates package 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
0008cb20dd cloud_discovery: add option 138 support 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
67dd4bfca7 cloud_discovery: remove pki2 env lookup 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
John Crispin
88fb4cafbc firstcontact: remove now unused digicert client 
Fixes: WIFI-14694
Signed-off-by: John Crispin <john@phrozen.org>
 2025-07-01 07:18:54 +02:00
Jesse Wu
1f7d8a7bb7 ipq50xx: add EMPLUS WAP385C support 
Signed-off-by: Jesse Wu <Jesse.Wu@emplustech.com>
 2025-06-18 07:01:49 +02:00
Jesse Wu
dc41a0fd0c ipq60xx: Support EMPLUS WAP386V2 model 
Device specifications:
======================

SoC: Qualcomm IPQ6018
RAM: 1 x 1G DDR4 RAM
Flash: NAND 128MB
Radio: 2T2R@2.4GHz, 2T2R@5GHz
Ethernet: 1 x 1GbE PHY
Reset Button: 1
Power Source: AC, Standard PoE 802.3af/at
LED Indicator: 4 x Single-color LED indicator (GPIO Control)

Signed-off-by: Jesse Wu <Jesse.Wu@emplustech.com>
 2025-06-10 10:46:38 +02:00
Justin.Guo
a9f47c9e1e qca-wifi-7: CIG WiFi7 WF-672A bring up 
* bring up wf672a
* add drivers lsm303agr rtl8221d ilps22qs
* add cig-wifi-mode-sw for switching radio to 2 bands or 3 bands

Fixes: WIFI-14509
Signed-off-by: Justin.Guo <guoxijun@actiontec.com>
 2025-05-26 16:23:17 +02:00
Ken
942d7c15b4 ipq807x: WF188n/WF196 lost the certificates files after upgrade 
Fixes: WIFI-14623
Signed-off-by: Ken <xshi@actiontec.com>
 2025-05-26 16:23:17 +02:00
800246@emplustech.com
89b6ebd518 mediatek: Add EMPLUS WAP588M model 
Specifications:
SoC: MediaTek MT7981B
RF Chipset: MT7976C @2.4GHz 2T2R
MT7976C @5ghz 2T2R
RAM: 512MB DDR4 RAM
Flash: SPI-NAND 128 MiB
Ethernet: 2 x 1GbE PHY
Reset Button: 1
Power on/off switch dip: 1
Power Source: Standard PoE 802.3af/at
LED Indicator: 5x Single-color LED indicator (GPIO Control)

Signed-off-by: 800246@emplustech.com <cp.chang@emplustech.com>
 2025-05-12 10:45:38 +02:00
Ken
e0d61cb0fb qca-wifi-7: WF189/W/H Add 189H support 
Fixes: WIFI-14524
Signed-off-by: Ken Shi <xshi@actiontec.com>
 2025-04-17 13:31:56 +02:00
John Crispin
c83ac67492 cloud_discovery: make use of the new TIP cloud discovery server 
Signed-off-by: John Crispin <john@phrozen.org>
 2025-04-10 08:30:15 +02:00
Tanya Singh
7eae0397f1 WIFI-14500: Fixes for Edgecore OAP103 1. Support bluetooth 2. Allow certificate loading on dual boot 3. Support RRM with Channel Utilization 4. Remove EAP102 from supported devices 
Signed-off-by: Tanya Singh <tanya_singh@accton.com>
 2025-03-26 14:56:31 +01:00
steven.lin
195fc01d06 mediatek: Add SENAO IAP2300M model 
Signed-off-by: steven.lin <steven.lin@senao.com>
 2025-03-24 07:29:55 +01:00