qca-wifi-7: hostapd.sh: add missed functionality from ipq807x_v5.4

The main reason was adding missed functionality for Radius
configuration which caused rejecting WiFi clients on
authentication level.

Still some changes not included:
* AFC,
* hs20_release,
* multiple_bssid,
* he_co_locate

Fixes: WIFI-14459

Signed-off-by: Marek Kwaczynski <marek@shasta.cloud>

feeds/qca-wifi-7/hostapd/files/hostapd.sh

@@ -126,12 +126,15 @@ hostapd_common_add_device_config() {
 	config_add_int maxassoc
 	config_add_int reg_power_type
 	config_add_boolean stationary_ap
+	config_add_boolean maxassoc_ignore_probe
 
 	config_add_string acs_chan_bias
+	config_add_boolean acs_exclude_dfs
 	config_add_array hostapd_options
 
 	config_add_int airtime_mode
 	config_add_int mbssid
+	config_add_boolean rnr_beacon ema
 
 	hostapd_add_log_config
 }
@@ -142,10 +145,11 @@ hostapd_prepare_device_config() {
 
 	local base_cfg=
 
-	json_get_vars country country3 country_ie beacon_int:100 doth require_mode legacy_rates \
+	json_get_vars country country3 country_ie beacon_int:100 dtim_period:2 doth require_mode legacy_rates \
 		acs_chan_bias local_pwr_constraint spectrum_mgmt_required airtime_mode cell_density \
 		rts_threshold beacon_rate rssi_reject_assoc_rssi rssi_ignore_probe_request maxassoc \
-		mbssid:0 band reg_power_type stationary_ap
+		rnr_beacon mbssid:0 band reg_power_type stationary_ap acs_exclude_dfs\
+		maxassoc_ignore_probe band
 
 	hostapd_set_log_options base_cfg
 
@@ -155,6 +159,9 @@ hostapd_prepare_device_config() {
 	set_default legacy_rates 0
 	set_default airtime_mode 0
 	set_default cell_density 0
+	set_default rnr_beacon 0
+	set_default ema 0
+	set_default acs_exclude_dfs 0
 
 	[ -n "$country" ] && {
 		append base_cfg "country_code=$country" "$N"
@@ -244,8 +251,14 @@ hostapd_prepare_device_config() {
 	[ -n "$brlist" ] && append base_cfg "basic_rates=$brlist" "$N"
 	append base_cfg "beacon_int=$beacon_int" "$N"
 	[ -n "$rts_threshold" ] && append base_cfg "rts_threshold=$rts_threshold" "$N"
+	append base_cfg "dtim_period=$dtim_period" "$N"
 	[ "$airtime_mode" -gt 0 ] && append base_cfg "airtime_mode=$airtime_mode" "$N"
 	[ -n "$maxassoc" ] && append base_cfg "iface_max_num_sta=$maxassoc" "$N"
+	[ "$maxassoc_ignore_probe" -gt 0 ] && append base_cfg "no_probe_resp_if_max_sta=1" "$N"
+	[ "$rnr_beacon" -gt 0 ] && append base_cfg "rnr_beacon=$rnr_beacon" "$N"
+	[ "$ema" -gt 0 ] && append base_cfg "ema=$ema" "$N"
+	[ "$acs_exclude_dfs" -gt 0 ] && append base_cfg "acs_exclude_dfs=$acs_exclude_dfs" "$N"
+
 	[ "$mbssid" -gt 0 ] && [ "$mbssid" -le 2 ] && append base_cfg "mbssid=$mbssid" "$N"
 
 	[ "$band" = "6g" ] && {
@@ -287,15 +300,24 @@ hostapd_common_add_bss_config() {
 	config_add_int ieee80211w
 	config_add_int eapol_version
 
-	config_add_array auth_server acct_server
-	config_add_string 'server:host'
+	config_add_string 'auth_server:host' 'server:host'
 	config_add_string auth_secret key
 	config_add_int 'auth_port:port' 'port:port'
 
+	config_add_string acct_server
 	config_add_string acct_secret
 	config_add_int acct_port
+
+	config_add_string acct_server_secondary
+	config_add_string acct_secret_secondary
+	config_add_int acct_port_secondary
+
 	config_add_int acct_interval
 
+	config_add_string auth_server_secondary
+	config_add_string auth_secret_secondary
+	config_add_int auth_port_secondary
+
 	config_add_int bss_load_update_period chan_util_avg_period
 
 	config_add_string dae_client
@@ -339,8 +361,8 @@ hostapd_common_add_bss_config() {
 	config_add_string lci civic
 
 	config_add_boolean ieee80211r pmk_r1_push ft_psk_generate_local ft_over_ds
-	config_add_int r0_key_lifetime reassociation_deadline
-	config_add_string mobility_domain r1_key_holder
+	config_add_int r0_key_lifetime reassociation_deadline ft_l2_refresh
+	config_add_string mobility_domain r1_key_holder ft_key
 	config_add_array r0kh r1kh
 
 	config_add_int ieee80211w_max_timeout ieee80211w_retry_timeout
@@ -391,14 +413,18 @@ hostapd_common_add_bss_config() {
 	config_add_array radius_auth_req_attr
 	config_add_array radius_acct_req_attr
 
-	config_add_int eap_server radius_server_auth_port
-	config_add_string eap_user_file ca_cert server_cert private_key private_key_passwd server_id radius_server_clients
+	config_add_int eap_server
+	config_add_string eap_user_file ca_cert server_cert private_key private_key_passwd server_id
 
 	config_add_boolean fils
 	config_add_string fils_dhcp
 
+	config_add_boolean ratelimit
 	config_add_int ocv
 
+	config_add_string uci_section
+	config_add_boolean dynamic_probe_resp
+
 	config_add_boolean apup
 	config_add_string apup_peer_ifname_prefix
 }
@@ -433,6 +459,7 @@ hostapd_set_psk() {
 	local ifname="$1"
 
 	rm -f /var/run/hostapd-${ifname}.psk
+	touch /var/run/hostapd-${ifname}.psk
 	for_each_station hostapd_set_psk_file ${ifname}
 }
 
@@ -549,18 +576,83 @@ append_airtime_sta_weight() {
 	[ -n "$1" ] && append bss_conf "airtime_sta_weight=$1" "$N"
 }
 
-append_auth_server() {
-	[ -n "$1" ] || return
-	append bss_conf "auth_server_addr=$1" "$N"
-	append bss_conf "auth_server_port=$auth_port" "$N"
-	[ -n "$auth_secret" ] && append bss_conf "auth_server_shared_secret=$auth_secret" "$N"
-}
+append_radius_server() {
 
-append_acct_server() {
-	[ -n "$1" ] || return
-	append bss_conf "acct_server_addr=$1" "$N"
-	append bss_conf "acct_server_port=$acct_port" "$N"
-	[ -n "$acct_secret" ] && append bss_conf "acct_server_shared_secret=$acct_secret" "$N"
+	json_get_vars \
+		auth_server auth_secret auth_port \
+		auth_server_secondary auth_secret_secondary auth_port_secondary \
+		dae_client dae_secret dae_port \
+		dynamic_ownip ownip radius_client_addr \
+		eap_reauth_period request_cui \
+		erp_domain mobility_domain \
+		fils_realm fils_dhcp
+
+	set_default dynamic_ownip 1
+
+	# legacy compatibility
+	[ -n "$auth_server" ] || json_get_var auth_server server
+	[ -n "$auth_port" ] || json_get_var auth_port port
+	[ -n "$auth_secret" ] || json_get_var auth_secret key
+
+	[ "$fils" -gt 0 ] && {
+		set_default erp_domain "$mobility_domain"
+		set_default erp_domain "$(echo "$ssid" | md5sum | head -c 8)"
+		set_default fils_realm "$erp_domain"
+
+		append bss_conf "erp_send_reauth_start=1" "$N"
+		append bss_conf "erp_domain=$erp_domain" "$N"
+		append bss_conf "fils_realm=$fils_realm" "$N"
+		append bss_conf "fils_cache_id=$(echo "$fils_realm" | md5sum | head -c 4)" "$N"
+
+		[ "$fils_dhcp" = "*" ] && {
+			json_get_values network network
+			fils_dhcp=
+			for net in $network; do
+				fils_dhcp="$(ifstatus "$net" | jsonfilter -e '@.data.dhcpserver')"
+				[ -n "$fils_dhcp" ] && break
+			done
+
+			[ -z "$fils_dhcp" -a -n "$network_bridge" -a -n "$network_ifname" ] && \
+				fils_dhcp="$(udhcpc -B -n -q -s /lib/netifd/dhcp-get-server.sh -t 1 -i "$network_ifname" 2>/dev/null)"
+		}
+		[ -n "$fils_dhcp" ] && append bss_conf "dhcp_server=$fils_dhcp" "$N"
+	}
+
+	set_default auth_port 1812
+	set_default auth_port_secondary 1812
+	set_default dae_port 3799
+	set_default request_cui 0
+
+	[ "$eap_server" -eq 0  -a -n "$auth_server" ] && {
+		append bss_conf "auth_server_addr=$auth_server" "$N"
+		append bss_conf "auth_server_port=$auth_port" "$N"
+		append bss_conf "auth_server_shared_secret=$auth_secret" "$N"
+	}
+
+	[ -n "$auth_server_secondary" ] && {
+		append bss_conf "auth_server_addr=$auth_server_secondary" "$N"
+		append bss_conf "auth_server_port=$auth_port_secondary" "$N"
+		[ -n "$auth_secret_secondary" ] && \
+			append bss_conf "auth_server_shared_secret=$auth_secret_secondary" "$N"
+	}
+
+	[ "$request_cui" -gt 0 ] && append bss_conf "radius_request_cui=$request_cui" "$N"
+	[ -n "$eap_reauth_period" ] && append bss_conf "eap_reauth_period=$eap_reauth_period" "$N"
+
+	[ -n "$dae_client" -a -n "$dae_secret" ] && {
+		append bss_conf "radius_das_port=$dae_port" "$N"
+		append bss_conf "radius_das_client=$dae_client $dae_secret" "$N"
+	}
+	json_for_each_item append_radius_auth_req_attr radius_auth_req_attr
+
+	if [ -n "$ownip" ]; then
+		append bss_conf "own_ip_addr=$ownip" "$N"
+	elif [ "$dynamic_ownip" -gt 0 ]; then
+		append bss_conf "dynamic_own_ip_addr=$dynamic_ownip" "$N"
+	fi
+
+	[ -n "$radius_client_addr" ] && append bss_conf "radius_client_addr=$radius_client_addr" "$N"
+	[ "$macfilter" = radius ] && append bss_conf "macaddr_acl=2" "$N"
 }
 
 hostapd_set_bss_options() {
@@ -570,7 +662,7 @@ hostapd_set_bss_options() {
 
 	wireless_vif_parse_encryption
 
-	local bss_conf bss_md5sum ft_key
+	local bss_conf bss_md5sum
 	local wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey wpa_key_mgmt
 
 	json_get_vars \
@@ -581,13 +673,14 @@ hostapd_set_bss_options() {
 		wps_independent wps_device_type wps_device_name wps_manufacturer wps_pin \
 		macfilter ssid utf8_ssid wmm uapsd hidden short_preamble rsn_preauth \
 		iapp_interface eapol_version dynamic_vlan ieee80211w nasid \
-		acct_secret acct_port acct_interval \
+		acct_server acct_secret acct_port acct_interval \
+		acct_server_secondary acct_secret_secondary acct_port_secondary \
 		bss_load_update_period chan_util_avg_period sae_require_mfp sae_pwe \
 		multi_ap multi_ap_backhaul_ssid multi_ap_backhaul_key skip_inactivity_poll \
 		ppsk airtime_bss_weight airtime_bss_limit airtime_sta_weight \
 		multicast_to_unicast_all proxy_arp per_sta_vif \
 		eap_server eap_user_file ca_cert server_cert private_key private_key_passwd server_id radius_server_clients radius_server_auth_port \
-		vendor_elements fils ocv apup multi_psk
+		vendor_elements fils ocv apup uci_section dynamic_probe_resp multi_psk
 
 	set_default fils 0
 	set_default isolate 0
@@ -604,6 +697,7 @@ hostapd_set_bss_options() {
 	set_default tdls_prohibit 0
 	set_default eapol_version $((wpa & 1))
 	set_default acct_port 1813
+	set_default acct_port_secondary 1813
 	set_default bss_load_update_period 60
 	set_default chan_util_avg_period 600
 	set_default utf8_ssid 1
@@ -612,6 +706,7 @@ hostapd_set_bss_options() {
 	set_default airtime_bss_weight 0
 	set_default airtime_bss_limit 0
 	set_default eap_server 0
+	set_default dynamic_probe_resp 0
 	set_default apup 0
 
 	/usr/sbin/hostapd -vfils || fils=0
@@ -638,6 +733,7 @@ hostapd_set_bss_options() {
 	append bss_conf "preamble=$short_preamble" "$N"
 	append bss_conf "wmm_enabled=$wmm" "$N"
 	append bss_conf "ignore_broadcast_ssid=$hidden" "$N"
+	append bss_conf "dynamic_probe_resp=$dynamic_probe_resp" "$N"
 	append bss_conf "uapsd_advertisement_enabled=$uapsd" "$N"
 	append bss_conf "utf8_ssid=$utf8_ssid" "$N"
 	append bss_conf "multi_ap=$multi_ap" "$N"
@@ -654,10 +750,22 @@ hostapd_set_bss_options() {
 
 	[ -n "$nasid" ] && append bss_conf "nas_identifier=$nasid" "$N"
 
-	[ -n "$acct_interval" ] && \
-		append bss_conf "radius_acct_interim_interval=$acct_interval" "$N"
-	json_for_each_item append_acct_server acct_server
-	json_for_each_item append_radius_acct_req_attr radius_acct_req_attr
+	[ -n "$acct_server" ] && {
+		append bss_conf "acct_server_addr=$acct_server" "$N"
+		append bss_conf "acct_server_port=$acct_port" "$N"
+		[ -n "$acct_secret" ] && \
+			append bss_conf "acct_server_shared_secret=$acct_secret" "$N"
+		[ -n "$acct_interval" ] && \
+			append bss_conf "radius_acct_interim_interval=$acct_interval" "$N"
+		json_for_each_item append_radius_acct_req_attr radius_acct_req_attr
+	}
+
+	[ -n "$acct_server_secondary" ] && {
+		append bss_conf "acct_server_addr=$acct_server_secondary" "$N"
+		append bss_conf "acct_server_port=$acct_port_secondary" "$N"
+		[ -n "$acct_secret_secondary" ] && \
+			append bss_conf "acct_server_shared_secret=$acct_secret_secondary" "$N"
+	}
 
 	[ -n "$ocv" ] && append bss_conf "ocv=$ocv" "$N"
 
@@ -690,6 +798,8 @@ hostapd_set_bss_options() {
 			# Here we make the assumption that if we're in open mode
 			# with WPS enabled, we got to be in unconfigured state.
 			wps_not_configured=1
+			vlan_possible=1
+			append_radius_server
 		;;
 		psk|sae|psk-sae)
 			json_get_vars key wpa_psk_file
@@ -714,74 +824,15 @@ hostapd_set_bss_options() {
 			}
 			[ "$eapol_version" -ge "1" -a "$eapol_version" -le "2" ] && append bss_conf "eapol_version=$eapol_version" "$N"
 
+			append_radius_server
 			set_default dynamic_vlan 0
 			vlan_possible=1
 			wps_possible=1
 		;;
-		eap|eap2|eap-eap2|eap192)
-			json_get_vars \
-				auth_server auth_secret auth_port \
-				dae_client dae_secret dae_port \
-				dynamic_ownip ownip radius_client_addr \
-				eap_reauth_period request_cui \
-				erp_domain mobility_domain \
-				fils_realm fils_dhcp
-
+		eap|eap192|eap-eap2|eap2)
+			append_radius_server
 			# radius can provide VLAN ID for clients
 			vlan_possible=1
-
-			set_default dynamic_ownip 1
-
-			# legacy compatibility
-			[ -n "$auth_server" ] || json_get_var auth_server server
-			[ -n "$auth_port" ] || json_get_var auth_port port
-			[ -n "$auth_secret" ] || json_get_var auth_secret key
-
-			[ "$fils" -gt 0 ] && {
-				set_default erp_domain "$mobility_domain"
-				set_default erp_domain "$(echo "$ssid" | md5sum | head -c 8)"
-				set_default fils_realm "$erp_domain"
-
-				append bss_conf "erp_send_reauth_start=1" "$N"
-				append bss_conf "erp_domain=$erp_domain" "$N"
-				append bss_conf "fils_realm=$fils_realm" "$N"
-				append bss_conf "fils_cache_id=$(echo "$fils_realm" | md5sum | head -c 4)" "$N"
-
-				[ "$fils_dhcp" = "*" ] && {
-					json_get_values network network
-					fils_dhcp=
-					for net in $network; do
-						fils_dhcp="$(ifstatus "$net" | jsonfilter -e '@.data.dhcpserver')"
-						[ -n "$fils_dhcp" ] && break
-					done
-
-					[ -z "$fils_dhcp" -a -n "$network_bridge" -a -n "$network_ifname" ] && \
-						fils_dhcp="$(udhcpc -B -n -q -s /lib/netifd/dhcp-get-server.sh -t 1 -i "$network_ifname" 2>/dev/null)"
-				}
-				[ -n "$fils_dhcp" ] && append bss_conf "dhcp_server=$fils_dhcp" "$N"
-			}
-
-			set_default auth_port 1812
-			set_default dae_port 3799
-			set_default request_cui 0
-
-			[ "$eap_server" -eq 0 ] && json_for_each_item append_auth_server auth_server
-			[ "$request_cui" -gt 0 ] && append bss_conf "radius_request_cui=$request_cui" "$N"
-			[ -n "$eap_reauth_period" ] && append bss_conf "eap_reauth_period=$eap_reauth_period" "$N"
-
-			[ -n "$dae_client" -a -n "$dae_secret" ] && {
-				append bss_conf "radius_das_port=$dae_port" "$N"
-				append bss_conf "radius_das_client=$dae_client $dae_secret" "$N"
-			}
-			json_for_each_item append_radius_auth_req_attr radius_auth_req_attr
-
-			if [ -n "$ownip" ]; then
-				append bss_conf "own_ip_addr=$ownip" "$N"
-			elif [ "$dynamic_ownip" -gt 0 ]; then
-				append bss_conf "dynamic_own_ip_addr=$dynamic_ownip" "$N"
-			fi
-
-			[ -n "$radius_client_addr" ] && append bss_conf "radius_client_addr=$radius_client_addr" "$N"
 			append bss_conf "eapol_key_index_workaround=1" "$N"
 			append bss_conf "ieee8021x=1" "$N"
 
@@ -798,6 +849,7 @@ hostapd_set_bss_options() {
 			append bss_conf "wpa_psk_radius=3" "$N"
 			append_radius_server
 			vlan_possible=1
+		;;
 	esac
 
 	case "$auth_type" in
@@ -921,45 +973,42 @@ hostapd_set_bss_options() {
 		}
 	fi
 
-	json_get_vars ieee80211r
-	set_default ieee80211r 0
 	if [ "$wpa" -ge "1" ]; then
-		if [ "$fils" -gt 0 ]; then
-			json_get_vars fils_realm
-			set_default fils_realm "$(echo "$ssid" | md5sum | head -c 8)"
-		fi
+		json_get_vars ieee80211r
+		set_default ieee80211r 0
 
-		append bss_conf "wpa_disable_eapol_key_retries=$wpa_disable_eapol_key_retries" "$N"
-
-		hostapd_append_wpa_key_mgmt
-		[ -n "$wpa_key_mgmt" ] && append bss_conf "wpa_key_mgmt=$wpa_key_mgmt" "$N"
-	fi
-
-	if [ "$wpa" -ge "2" ]; then
 		if [ "$ieee80211r" -gt "0" ]; then
-			json_get_vars mobility_domain ft_psk_generate_local ft_over_ds reassociation_deadline
+			json_get_vars mobility_domain ft_psk_generate_local ft_over_ds reassociation_deadline ft_l2_refresh
 
 			set_default mobility_domain "$(echo "$ssid" | md5sum | head -c 4)"
-			set_default ft_over_ds 0
+			set_default ft_over_ds 1
+			set_default ft_l2_refresh 30
 			set_default reassociation_deadline 1000
+			skip_kh_setup=0
 
 			case "$auth_type" in
-				psk)
+				psk|psk-sae)
 					set_default ft_psk_generate_local 1
+					skip_kh_setup="$ft_psk_generate_local"
 				;;
 				*)
 					set_default ft_psk_generate_local 0
 				;;
 			esac
 
+			case "$auth_type" in
+				*sae*) skip_kh_setup=0;;
+			esac
+
 			[ -n "$network_ifname" ] && append bss_conf "ft_iface=$network_ifname" "$N"
 			append bss_conf "mobility_domain=$mobility_domain" "$N"
 			append bss_conf "ft_psk_generate_local=$ft_psk_generate_local" "$N"
 			append bss_conf "ft_over_ds=$ft_over_ds" "$N"
 			append bss_conf "reassociation_deadline=$reassociation_deadline" "$N"
+			[ -n "$ft_l2_refresh" ] && append bss_conf "ft_l2_refresh=$ft_l2_refresh" "$N"
 
-			if [ "$ft_psk_generate_local" -eq "0" ]; then
-				json_get_vars r0_key_lifetime r1_key_holder pmk_r1_push
+			if [ "$skip_kh_setup" -eq "0" ]; then
+				json_get_vars r0_key_lifetime r1_key_holder pmk_r1_push ft_key
 				json_get_values r0kh r0kh
 				json_get_values r1kh r1kh
 
@@ -971,12 +1020,15 @@ hostapd_set_bss_options() {
 						wireless_setup_vif_failed FT_KEY_CANT_BE_DERIVED
 						return 1
 					fi
-					ft_key=`echo -n "$mobility_domain/${auth_secret:-${key}}" | md5sum | awk '{print $1}'`
+					[ -z "$ft_key" ] && {
+						key=`echo -n "$mobility_domain/$auth_secret" | md5sum | awk '{print $1}'`
 
-					set_default r0kh "ff:ff:ff:ff:ff:ff,*,$ft_key"
-					set_default r1kh "00:00:00:00:00:00,00:00:00:00:00:00,$ft_key"
+						set_default r0kh "ff:ff:ff:ff:ff:ff,*,$key"
+						set_default r1kh "00:00:00:00:00:00,00:00:00:00:00:00,$key"
+					}
 				}
 
+				[ -n "$ft_key" ] && append bss_conf "ft_key=$ft_key" "$N"
 				[ -n "$r1_key_holder" ] && append bss_conf "r1_key_holder=$r1_key_holder" "$N"
 				append bss_conf "r0_key_lifetime=$r0_key_lifetime" "$N"
 				append bss_conf "pmk_r1_push=$pmk_r1_push" "$N"
@@ -989,7 +1041,18 @@ hostapd_set_bss_options() {
 				done
 			fi
 		fi
+		if [ "$fils" -gt 0 ]; then
+			json_get_vars fils_realm
+			set_default fils_realm "$(echo "$ssid" | md5sum | head -c 8)"
+		fi
 
+		append bss_conf "wpa_disable_eapol_key_retries=$wpa_disable_eapol_key_retries" "$N"
+
+		hostapd_append_wpa_key_mgmt
+		[ -n "$wpa_key_mgmt" ] && append bss_conf "wpa_key_mgmt=$wpa_key_mgmt" "$N"
+	fi
+
+	if [ "$wpa" -ge "2" ]; then
 		if [ -n "$network_bridge" -a "$rsn_preauth" = 1 ]; then
 			set_default auth_cache 1
 			append bss_conf "rsn_preauth=1" "$N"
@@ -1189,6 +1252,8 @@ hostapd_set_bss_options() {
 		append bss_conf "per_sta_vif=$per_sta_vif" "$N"
 	fi
 
+	[ -n "$uci_section" ] && append bss_conf "uci_section=$uci_section" "$N"
+
 	if [ "$apup" -gt 0 ]; then
 		append bss_conf "apup=$apup" "$N"
 

feeds/ucentral/ucentral-tools/Makefile

@@ -3,6 +3,12 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=ucentral-tools
 PKG_RELEASE:=1
 
+PKG_SOURCE_URL=https://github.com/blogic/ucentral-tools.git
+PKG_MIRROR_HASH:=9ae6a0cd431595871c233550427c4043c2ba7ddb3c5d87e46ab74a03b2b5a947
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_DATE:=2021-01-28
+PKG_SOURCE_VERSION:=b013fc636e48d407870a46aaa68a09ed74de8d6f
+
 PKG_MAINTAINER:=John Crispin <john@phrozen.org>
 PKG_LICENSE:=BSD-3-Clause
 

feeds/ucentral/ucentral-tools/src/CMakeLists.txt

@@ -1,36 +0,0 @@
-cmake_minimum_required(VERSION 2.6)
-
-PROJECT(openwifi-tools C)
-INCLUDE(GNUInstallDirs)
-ADD_DEFINITIONS(-Os -ggdb -Wall -Werror --std=gnu99 -Wmissing-declarations)
-
-SET(CMAKE_SHARED_LIBRARY_LINK_C_FLAGS "")
-
-ADD_EXECUTABLE(firstcontact firstcontact.c)
-TARGET_LINK_LIBRARIES(firstcontact curl crypto ssl ubox)
-INSTALL(TARGETS firstcontact
-	RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR}
-)
-
-ADD_EXECUTABLE(dhcpdiscover dhcpdiscover.c)
-INSTALL(TARGETS dhcpdiscover
-	RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR}
-)
-
-ADD_EXECUTABLE(dnsprobe dnsprobe.c)
-TARGET_LINK_LIBRARIES(dnsprobe ubox resolv)
-INSTALL(TARGETS dnsprobe
-	RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR}
-)
-
-ADD_EXECUTABLE(radiusprobe radiusprobe.c)
-TARGET_LINK_LIBRARIES(radiusprobe radcli)
-INSTALL(TARGETS radiusprobe
-	RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR}
-)
-
-ADD_EXECUTABLE(ip-collide ip-collide.c)
-TARGET_LINK_LIBRARIES(ip-collide ubox)
-INSTALL(TARGETS ip-collide
-	RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR}
-)

feeds/ucentral/ucentral-tools/src/dnsprobe.c

@@ -1,690 +0,0 @@
-/*
- * nslookup_lede - musl compatible replacement for busybox nslookup
- *
- * Copyright (C) 2017 Jo-Philipp Wich <jo@mein.io>
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-//config:config NSLOOKUP_OPENWRT
-//config:	bool "nslookup_openwrt"
-//config:	depends on !NSLOOKUP
-//config:	default y
-//config:	help
-//config:	  nslookup is a tool to query Internet name servers (LEDE flavor).
-//config:
-//config:config FEATURE_NSLOOKUP_OPENWRT_LONG_OPTIONS
-//config:       bool "Enable long options"
-//config:       default y
-//config:       depends on NSLOOKUP_OPENWRT && LONG_OPTS
-//config:       help
-//config:         Support long options for the nslookup applet.
-
-//applet:IF_NSLOOKUP_OPENWRT(APPLET(nslookup, BB_DIR_USR_BIN, BB_SUID_DROP))
-
-//kbuild:lib-$(CONFIG_NSLOOKUP_OPENWRT) += nslookup_lede.o
-
-//usage:#define nslookup_lede_trivial_usage
-//usage:       "[HOST] [SERVER]"
-//usage:#define nslookup_lede_full_usage "\n\n"
-//usage:       "Query the nameserver for the IP address of the given HOST\n"
-//usage:       "optionally using a specified DNS server"
-//usage:
-//usage:#define nslookup_lede_example_usage
-//usage:       "$ nslookup localhost\n"
-//usage:       "Server:     default\n"
-//usage:       "Address:    default\n"
-//usage:       "\n"
-//usage:       "Name:       debian\n"
-//usage:       "Address:    127.0.0.1\n"
-
-#include <stdio.h>
-#include <resolv.h>
-#include <string.h>
-#include <errno.h>
-#include <time.h>
-#include <poll.h>
-#include <unistd.h>
-#include <stdlib.h>
-#include <sys/socket.h>
-#include <arpa/inet.h>
-#include <net/if.h>
-#include <netdb.h>
-
-#include <libubox/ulog.h>
-
-#define ENABLE_FEATURE_IPV6	1
-
-typedef struct len_and_sockaddr {
-	socklen_t len;
-	union {
-		struct sockaddr sa;
-		struct sockaddr_in sin;
-#if ENABLE_FEATURE_IPV6
-		struct sockaddr_in6 sin6;
-#endif
-	} u;
-} len_and_sockaddr;
-
-struct ns {
-	const char *name;
-	len_and_sockaddr addr;
-	int failures;
-	int replies;
-};
-
-struct query {
-	const char *name;
-	size_t qlen, rlen;
-	unsigned char query[512], reply[512];
-	unsigned long latency;
-	int rcode, n_ns;
-};
-
-static const char *rcodes[] = {
-	"NOERROR",
-	"FORMERR",
-	"SERVFAIL",
-	"NXDOMAIN",
-	"NOTIMP",
-	"REFUSED",
-	"YXDOMAIN",
-	"YXRRSET",
-	"NXRRSET",
-	"NOTAUTH",
-	"NOTZONE",
-	"RESERVED11",
-	"RESERVED12",
-	"RESERVED13",
-	"RESERVED14",
-	"RESERVED15",
-	"BADVERS"
-};
-
-static unsigned int default_port = 53;
-static unsigned int default_retry = 1;
-static unsigned int default_timeout = 2;
-
-
-static int parse_reply(const unsigned char *msg, size_t len, int *bb_style_counter)
-{
-	ns_msg handle;
-	ns_rr rr;
-	int i, n, rdlen;
-	const char *format = NULL;
-	char astr[INET6_ADDRSTRLEN], dname[MAXDNAME];
-	const unsigned char *cp;
-
-	if (ns_initparse(msg, len, &handle) != 0) {
-		//fprintf(stderr, "Unable to parse reply: %s\n", strerror(errno));
-		return -1;
-	}
-
-	for (i = 0; i < ns_msg_count(handle, ns_s_an); i++) {
-		if (ns_parserr(&handle, ns_s_an, i, &rr) != 0) {
-			//fprintf(stderr, "Unable to parse resource record: %s\n", strerror(errno));
-			return -1;
-		}
-
-		rdlen = ns_rr_rdlen(rr);
-
-		switch (ns_rr_type(rr))
-		{
-		case ns_t_a:
-			if (rdlen != 4) {
-				//fprintf(stderr, "Unexpected A record length\n");
-				return -1;
-			}
-			inet_ntop(AF_INET, ns_rr_rdata(rr), astr, sizeof(astr));
-			printf("Name:\t%s\nAddress: %s\n", ns_rr_name(rr), astr);
-			break;
-
-#if ENABLE_FEATURE_IPV6
-		case ns_t_aaaa:
-			if (rdlen != 16) {
-				//fprintf(stderr, "Unexpected AAAA record length\n");
-				return -1;
-			}
-			inet_ntop(AF_INET6, ns_rr_rdata(rr), astr, sizeof(astr));
-			printf("%s\thas AAAA address %s\n", ns_rr_name(rr), astr);
-			break;
-#endif
-
-		case ns_t_ns:
-			if (!format)
-				format = "%s\tnameserver = %s\n";
-			/* fall through */
-
-		case ns_t_cname:
-			if (!format)
-				format = "%s\tcanonical name = %s\n";
-			/* fall through */
-
-		case ns_t_ptr:
-			if (!format)
-				format = "%s\tname = %s\n";
-			if (ns_name_uncompress(ns_msg_base(handle), ns_msg_end(handle),
-				ns_rr_rdata(rr), dname, sizeof(dname)) < 0) {
-				//fprintf(stderr, "Unable to uncompress domain: %s\n", strerror(errno));
-				return -1;
-			}
-			printf(format, ns_rr_name(rr), dname);
-			break;
-
-		case ns_t_mx:
-			if (rdlen < 2) {
-				fprintf(stderr, "MX record too short\n");
-				return -1;
-			}
-			n = ns_get16(ns_rr_rdata(rr));
-			if (ns_name_uncompress(ns_msg_base(handle), ns_msg_end(handle),
-				ns_rr_rdata(rr) + 2, dname, sizeof(dname)) < 0) {
-				//fprintf(stderr, "Cannot uncompress MX domain: %s\n", strerror(errno));
-				return -1;
-			}
-			printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, dname);
-			break;
-
-		case ns_t_txt:
-			if (rdlen < 1) {
-				//fprintf(stderr, "TXT record too short\n");
-				return -1;
-			}
-			n = *(unsigned char *)ns_rr_rdata(rr);
-			if (n > 0) {
-				memset(dname, 0, sizeof(dname));
-				memcpy(dname, ns_rr_rdata(rr) + 1, n);
-				printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), dname);
-			}
-			break;
-
-		case ns_t_soa:
-			if (rdlen < 20) {
-				//fprintf(stderr, "SOA record too short\n");
-				return -1;
-			}
-
-			printf("%s\n", ns_rr_name(rr));
-
-			cp = ns_rr_rdata(rr);
-			n = ns_name_uncompress(ns_msg_base(handle), ns_msg_end(handle),
-			                       cp, dname, sizeof(dname));
-
-			if (n < 0) {
-				//fprintf(stderr, "Unable to uncompress domain: %s\n", strerror(errno));
-				return -1;
-			}
-
-			printf("\torigin = %s\n", dname);
-			cp += n;
-
-			n = ns_name_uncompress(ns_msg_base(handle), ns_msg_end(handle),
-			                       cp, dname, sizeof(dname));
-
-			if (n < 0) {
-				//fprintf(stderr, "Unable to uncompress domain: %s\n", strerror(errno));
-				return -1;
-			}
-
-			printf("\tmail addr = %s\n", dname);
-			cp += n;
-
-			printf("\tserial = %lu\n", ns_get32(cp));
-			cp += 4;
-
-			printf("\trefresh = %lu\n", ns_get32(cp));
-			cp += 4;
-
-			printf("\tretry = %lu\n", ns_get32(cp));
-			cp += 4;
-
-			printf("\texpire = %lu\n", ns_get32(cp));
-			cp += 4;
-
-			printf("\tminimum = %lu\n", ns_get32(cp));
-			break;
-
-		default:
-			break;
-		}
-	}
-
-	return i;
-}
-
-static int parse_nsaddr(const char *addrstr, len_and_sockaddr *lsa)
-{
-	char *eptr, *hash, ifname[IFNAMSIZ];
-	unsigned int port = default_port;
-	unsigned int scope = 0;
-
-	hash = strchr(addrstr, '#');
-
-	if (hash) {
-		*hash++ = '\0';
-		port = strtoul(hash, &eptr, 10);
-
-		if (eptr == hash || *eptr != '\0' || port > 65535) {
-			errno = EINVAL;
-			return -1;
-		}
-	}
-
-	hash = strchr(addrstr, '%');
-
-	if (hash) {
-		for (eptr = ++hash; *eptr != '\0' && *eptr != '#'; eptr++) {
-			if ((eptr - hash) >= IFNAMSIZ) {
-				errno = ENODEV;
-				return -1;
-			}
-
-			ifname[eptr - hash] = *eptr;
-		}
-
-		ifname[eptr - hash] = '\0';
-		scope = if_nametoindex(ifname);
-
-		if (scope == 0) {
-			errno = ENODEV;
-			return -1;
-		}
-	}
-
-#if ENABLE_FEATURE_IPV6
-	if (inet_pton(AF_INET6, addrstr, &lsa->u.sin6.sin6_addr)) {
-		lsa->u.sin6.sin6_family = AF_INET6;
-		lsa->u.sin6.sin6_port = htons(port);
-		lsa->u.sin6.sin6_scope_id = scope;
-		lsa->len = sizeof(lsa->u.sin6);
-		return 0;
-	}
-#endif
-
-	if (!scope && inet_pton(AF_INET, addrstr, &lsa->u.sin.sin_addr)) {
-		lsa->u.sin.sin_family = AF_INET;
-		lsa->u.sin.sin_port = htons(port);
-		lsa->len = sizeof(lsa->u.sin);
-		return 0;
-	}
-
-	errno = EINVAL;
-	return -1;
-}
-
-static unsigned long mtime(void)
-{
-	struct timespec ts;
-	clock_gettime(CLOCK_REALTIME, &ts);
-	return (unsigned long)ts.tv_sec * 1000 + ts.tv_nsec / 1000000;
-}
-
-#if ENABLE_FEATURE_IPV6
-static void to_v4_mapped(len_and_sockaddr *a)
-{
-	if (a->u.sa.sa_family != AF_INET)
-		return;
-
-	memcpy(a->u.sin6.sin6_addr.s6_addr + 12,
-	       &a->u.sin.sin_addr, 4);
-
-	memcpy(a->u.sin6.sin6_addr.s6_addr,
-	       "\0\0\0\0\0\0\0\0\0\0\xff\xff", 12);
-
-	a->u.sin6.sin6_family = AF_INET6;
-	a->u.sin6.sin6_flowinfo = 0;
-	a->u.sin6.sin6_scope_id = 0;
-	a->len = sizeof(a->u.sin6);
-}
-#endif
-
-
-/*
- * Function logic borrowed & modified from musl libc, res_msend.c
- */
-
-static int send_queries(struct ns *ns, int n_ns, struct query *queries, int n_queries)
-{
-	int fd;
-	int timeout = default_timeout * 1000, retry_interval, servfail_retry = 0;
-	len_and_sockaddr from = { };
-#if ENABLE_FEATURE_IPV6
-	int one = 1;
-#endif
-	int recvlen = 0;
-	int n_replies = 0;
-	struct pollfd pfd;
-	unsigned long t0, t1, t2;
-	int nn, qn, next_query = 0;
-
-	from.u.sa.sa_family = AF_INET;
-	from.len = sizeof(from.u.sin);
-
-#if ENABLE_FEATURE_IPV6
-	for (nn = 0; nn < n_ns; nn++) {
-		if (ns[nn].addr.u.sa.sa_family == AF_INET6) {
-			from.u.sa.sa_family = AF_INET6;
-			from.len = sizeof(from.u.sin6);
-			break;
-		}
-	}
-#endif
-
-	/* Get local address and open/bind a socket */
-	fd = socket(from.u.sa.sa_family, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
-
-#if ENABLE_FEATURE_IPV6
-	/* Handle case where system lacks IPv6 support */
-	if (fd < 0 && from.u.sa.sa_family == AF_INET6 && errno == EAFNOSUPPORT) {
-		fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
-		from.u.sa.sa_family = AF_INET;
-	}
-#endif
-
-	if (fd < 0)
-		return -1;
-
-	if (bind(fd, &from.u.sa, from.len) < 0) {
-		close(fd);
-		return -1;
-	}
-
-#if ENABLE_FEATURE_IPV6
-	/* Convert any IPv4 addresses in a mixed environment to v4-mapped */
-	if (from.u.sa.sa_family == AF_INET6) {
-		setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one));
-
-		for (nn = 0; nn < n_ns; nn++)
-			to_v4_mapped(&ns[nn].addr);
-	}
-#endif
-
-	pfd.fd = fd;
-	pfd.events = POLLIN;
-	retry_interval = timeout / default_retry;
-	t0 = t2 = mtime();
-	t1 = t2 - retry_interval;
-
-	for (; t2 - t0 < timeout; t2 = mtime()) {
-		if (t2 - t1 >= retry_interval) {
-			for (qn = 0; qn < n_queries; qn++) {
-				if (queries[qn].rlen)
-					continue;
-
-				for (nn = 0; nn < n_ns; nn++) {
-					sendto(fd, queries[qn].query, queries[qn].qlen,
-					       MSG_NOSIGNAL, &ns[nn].addr.u.sa, ns[nn].addr.len);
-				}
-			}
-
-			t1 = t2;
-			servfail_retry = 2 * n_queries;
-		}
-
-		/* Wait for a response, or until time to retry */
-		if (poll(&pfd, 1, t1+retry_interval-t2) <= 0)
-			continue;
-
-		while (1) {
-			recvlen = recvfrom(fd, queries[next_query].reply,
-			                   sizeof(queries[next_query].reply), 0,
-			                   &from.u.sa, &from.len);
-
-			/* read error */
-			if (recvlen < 0)
-				break;
-
-			/* Ignore non-identifiable packets */
-			if (recvlen < 4)
-				continue;
-
-			/* Ignore replies from addresses we didn't send to */
-			for (nn = 0; nn < n_ns; nn++)
-				if (memcmp(&from.u.sa, &ns[nn].addr.u.sa, from.len) == 0)
-					break;
-
-			if (nn >= n_ns)
-				continue;
-
-			/* Find which query this answer goes with, if any */
-			for (qn = next_query; qn < n_queries; qn++)
-				if (!memcmp(queries[next_query].reply, queries[qn].query, 2))
-					break;
-
-			if (qn >= n_queries || queries[qn].rlen)
-				continue;
-
-			queries[qn].rcode = queries[next_query].reply[3] & 15;
-			queries[qn].latency = mtime() - t0;
-			queries[qn].n_ns = nn;
-
-			ns[nn].replies++;
-
-			/* Only accept positive or negative responses;
-			 * retry immediately on server failure, and ignore
-			 * all other codes such as refusal. */
-			switch (queries[qn].rcode) {
-			case 0:
-			case 3:
-				break;
-
-			case 2:
-				if (servfail_retry && servfail_retry--) {
-					ns[nn].failures++;
-					sendto(fd, queries[qn].query, queries[qn].qlen,
-					       MSG_NOSIGNAL, &ns[nn].addr.u.sa, ns[nn].addr.len);
-				}
-				/* fall through */
-
-			default:
-				continue;
-			}
-
-			/* Store answer */
-			n_replies++;
-
-			queries[qn].rlen = recvlen;
-
-			if (qn == next_query) {
-				while (next_query < n_queries) {
-					if (!queries[next_query].rlen)
-						break;
-
-					next_query++;
-				}
-			}
-			else {
-				memcpy(queries[qn].reply, queries[next_query].reply, recvlen);
-			}
-
-			if (next_query >= n_queries)
-				return n_replies;
-		}
-	}
-
-	return n_replies;
-}
-
-static struct ns *add_ns(struct ns **ns, int *n_ns, const char *addr)
-{
-	char portstr[sizeof("65535")], *p;
-	len_and_sockaddr a = { };
-	struct ns *tmp;
-	struct addrinfo *ai, *aip, hints = {
-		.ai_flags = AI_NUMERICSERV,
-		.ai_socktype = SOCK_DGRAM
-	};
-
-	if (parse_nsaddr(addr, &a)) {
-		/* Maybe we got a domain name, attempt to resolve it using the standard
-		 * resolver routines */
-
-		p = strchr(addr, '#');
-		snprintf(portstr, sizeof(portstr), "%hu",
-		         (unsigned short)(p ? strtoul(p, NULL, 10) : default_port));
-
-		if (!getaddrinfo(addr, portstr, &hints, &ai)) {
-			for (aip = ai; aip; aip = aip->ai_next) {
-				if (aip->ai_addr->sa_family != AF_INET &&
-				    aip->ai_addr->sa_family != AF_INET6)
-					continue;
-
-#if ! ENABLE_FEATURE_IPV6
-				if (aip->ai_addr->sa_family != AF_INET)
-					continue;
-#endif
-
-				tmp = realloc(*ns, sizeof(**ns) * (*n_ns + 1));
-
-				if (!tmp)
-					return NULL;
-
-				*ns = tmp;
-
-				(*ns)[*n_ns].name = addr;
-				(*ns)[*n_ns].replies = 0;
-				(*ns)[*n_ns].failures = 0;
-				(*ns)[*n_ns].addr.len = aip->ai_addrlen;
-
-				memcpy(&(*ns)[*n_ns].addr.u.sa, aip->ai_addr, aip->ai_addrlen);
-
-				(*n_ns)++;
-			}
-
-			freeaddrinfo(ai);
-
-			return &(*ns)[*n_ns];
-		}
-
-		return NULL;
-	}
-
-	tmp = realloc(*ns, sizeof(**ns) * (*n_ns + 1));
-
-	if (!tmp)
-		return NULL;
-
-	*ns = tmp;
-
-	(*ns)[*n_ns].addr = a;
-	(*ns)[*n_ns].name = addr;
-	(*ns)[*n_ns].replies = 0;
-	(*ns)[*n_ns].failures = 0;
-
-	return &(*ns)[(*n_ns)++];
-}
-
-static struct query *add_query(struct query **queries, int *n_queries,
-                               int type, const char *dname)
-{
-	struct query *tmp;
-	ssize_t qlen;
-
-	tmp = realloc(*queries, sizeof(**queries) * (*n_queries + 1));
-
-	if (!tmp)
-		return NULL;
-
-	memset(&tmp[*n_queries], 0, sizeof(*tmp));
-
-	qlen = res_mkquery(QUERY, dname, C_IN, type, NULL, 0, NULL,
-	                   tmp[*n_queries].query, sizeof(tmp[*n_queries].query));
-
-	tmp[*n_queries].qlen = qlen;
-	tmp[*n_queries].name = dname;
-	*queries = tmp;
-
-	return &tmp[(*n_queries)++];
-}
-
-int main(int argc, char **argv)
-{
-	int rc = 1;
-	struct ns *ns = NULL;
-	struct query *queries = NULL;
-	int n_ns = 0, n_queries = 0;
-	int c = 0;
-
-	char *url = "telecominfraproject.com";
-	char *server = "127.0.0.1";
-	int v6 = 0;
-
-	while (1) {
-		int option = getopt(argc, argv, "u:s:i:6");
-
-		if (option == -1)
-			break;
-
-		switch (option) {
-		case '6':
-			v6 = 1;
-			break;
-		case 'u':
-			url = optarg;
-			break;
-		case 's':
-			server = optarg;
-			break;
-		default:
-		case 'h':
-			printf("Usage: dnsprobe OPTIONS\n"
-			       "  -6 - use ipv6\n"
-			       "  -u <url>\n"
-			       "  -s <server>\n");
-			return -1;
-		}
-	}
-
-	ulog_open(ULOG_SYSLOG | ULOG_STDIO, LOG_DAEMON, "dnsprobe");
-
-	ULOG_INFO("attempting to probe dns - %s %s %s\n",
-		url, server, v6 ? "ipv6" : "");
-
-
-	add_query(&queries, &n_queries, v6 ? T_AAAA : T_A, url);
-
-	add_ns(&ns, &n_ns, server);
-
-	rc = send_queries(&ns[0], 1, queries, n_queries);
-	if (rc <= 0) {
-		fprintf(stderr, "Failed to send queries: %s\n", strerror(errno));
-		rc = -1;
-		goto out;
-	}
-
-	if (queries[0].rcode != 0) {
-		printf("** server can't find %s: %s\n", queries[0].name,
-		rcodes[queries[0].rcode]);
-		goto out;
-	}
-
-	if (queries[0].rlen) {
-		c = parse_reply(queries[0].reply, queries[0].rlen, NULL);
-	}
-
-	if (c == 0)
-		printf("*** Can't find %s: No answer\n", queries[0].name);
-	else if (c < 0)
-		printf("*** Can't find %s: Parse error\n", queries[0].name);
-	else
-		rc = 0;
-
-out:
-	if (n_ns)
-		free(ns);
-
-	if (n_queries)
-		free(queries);
-
-	return rc;
-}

feeds/ucentral/ucentral-tools/src/firstcontact.c

@@ -1,100 +0,0 @@
-#define _GNU_SOURCE
-#include <stdio.h>
-#include <getopt.h>
-
-#include <curl/curl.h>
-
-#include <libubox/ulog.h>
-
-static const char *file_cert = "/etc/open-wifi/client.pem";
-static const char *file_key  = "/etc/open-wifi/client_dec.key";
-static const char *file_json = "/etc/open-wifi/redirector.json";
-static const char *file_dbg  = "/tmp/firstcontact.hdr";
-
-int main(int argc, char **argv)
-{
-	FILE *fp_json;
-	FILE *fp_dbg;
-	CURLcode res;
-	CURL *curl;
-	char *devid = NULL;
-	char *url;
-
-	while (1) {
-		int option = getopt(argc, argv, "k:c:o:hi:");
-
-		if (option == -1)
-			break;
-
-		switch (option) {
-		case 'k':
-			file_key = optarg;
-			break;
-		case 'c':
-			file_cert = optarg;
-			break;
-		case 'o':
-			file_json = optarg;
-			break;
-		case 'i':
-			devid = optarg;
-			break;
-		default:
-		case 'h':
-			printf("Usage: firstcontact OPTIONS\n"
-			       "  -k <keyfile>\n"
-			       "  -c <certfile>\n"
-			       "  -o <outfile>\n"
-			       "  -i <devid>\n");
-			return -1;
-		}
-	}
-
-	if (!devid) {
-		fprintf(stderr, "missing devid\n");
-		return -1;
-	}
-
-	ulog_open(ULOG_SYSLOG | ULOG_STDIO, LOG_DAEMON, "firstcontact");
-	ULOG_INFO("attempting first contact\n");
-
-	fp_dbg = fopen(file_dbg, "wb");
-	fp_json = fopen(file_json, "wb");
-	if (!fp_json) {
-		ULOG_ERR("failed to create %s\n", file_json);
-		return -1;
-	}
-
-	curl_global_init(CURL_GLOBAL_DEFAULT);
-	curl = curl_easy_init();
-	if (!curl) {
-		ULOG_ERR("curl_easy_init failed\n");
-		return -1;
-	}
-
-	if (asprintf(&url, "https://clientauth.demo.one.digicert.com/iot/api/v2/device/%s", devid) < 0) {
-		ULOG_ERR("failed to assemble url\n");
-		return -1;
-	}
-
-	curl_easy_setopt(curl, CURLOPT_URL, url);
-	curl_easy_setopt(curl, CURLOPT_WRITEDATA, fp_json);
-	curl_easy_setopt(curl, CURLOPT_HEADERDATA, fp_dbg);
-	curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM");
-	curl_easy_setopt(curl, CURLOPT_SSLCERT, file_cert);
-	curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM");
-	curl_easy_setopt(curl, CURLOPT_SSLKEY, file_key);
-	curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L);
-
-	res = curl_easy_perform(curl);
-	if (res != CURLE_OK)
-		ULOG_ERR("curl_easy_perform() failed: %s\n", curl_easy_strerror(res));
-	else
-		ULOG_INFO("downloaded first contact data\n");
-	curl_easy_cleanup(curl);
-	curl_global_cleanup();
-
-	ulog_close();
-
-	return (res != CURLE_OK);
-}

feeds/ucentral/ucentral-tools/src/ip-collide.c

@@ -1,86 +0,0 @@
-#include <arpa/inet.h>
-#include <net/if.h>
-
-#include <libubox/list.h>
-#include <libubox/ulog.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-struct route {
-	struct list_head list;
-	char devname[64];
-	uint32_t domain;
-	uint32_t mask;
-};
-
-static struct list_head routes = LIST_HEAD_INIT(routes);
-
-static int parse_routes(void)
-{
-	FILE *fp = fopen("/proc/net/route", "r");
-	int flgs, ref, use, metric, mtu, win, ir;
-	struct route *route;
-	unsigned long g;
-	int r;
-
-	r = fscanf(fp, "%*[^\n]\n");
-	if (r < 0) {
-		fprintf(stderr, "failed to parse routes\n");
-		return -1;
-	}
-	while (1) {
-		route = malloc(sizeof(*route));
-		if (!route)
-			break;
-		memset(route, 0, sizeof(*route));
-		r = fscanf(fp, "%63s%x%lx%X%d%d%d%x%d%d%d\n",
-			route->devname, &route->domain, &g, &flgs, &ref, &use, &metric, &route->mask,
-			&mtu, &win, &ir);
-		if (r != 11 && (r < 0) && feof(fp))
-			break;
-		list_add(&route->list, &routes);
-		printf("1 %s %x %x\n", route->devname, ntohl(route->domain), ntohl(route->mask));
-	}
-
-	fclose(fp);
-
-	return 0;
-}
-
-static int find_collisions(void)
-{
-	struct route *route;
-
-	list_for_each_entry(route, &routes, list) {
-		struct route *compare;
-
-		if (!route->domain || !route->mask)
-			continue;
-		list_for_each_entry(compare, &routes, list) {
-			if (!compare->domain || !compare->mask)
-				continue;
-			if (compare == route)
-				continue;
-			if (((route->domain & route->mask) == (compare->domain & route->mask)) ||
-			    ((route->domain & compare->mask) == (compare->domain & compare->mask))) {
-				ULOG_ERR("collision detected\n");
-				return 1;
-			}
-		}
-	}
-	ULOG_INFO("no collision detected\n");
-	return 0;
-}
-
-int main(int argc, char **argv)
-{
-	ulog_open(ULOG_SYSLOG | ULOG_STDIO, LOG_DAEMON, "ip-collide");
-
-	parse_routes();
-	if (!list_empty(&routes))
-		return find_collisions();
-
-	return 0;
-}

feeds/ucentral/ucentral-tools/src/radiusprobe.c

@@ -1,47 +0,0 @@
-#include <stdio.h>
-#include <string.h>
-#include <radcli/radcli.h>
-
-int
-main(int argc, char **argv)
-{
-	int result;
-	char username[128];
-	char passwd[AUTH_PASS_LEN + 1];
-	VALUE_PAIR *send, *received;
-	uint32_t service;
-	rc_handle *rh;
-
-	/* Not needed if you already used openlog() */
-	rc_openlog("radiusprobe");
-
-	if ((rh = rc_read_config("/tmp/radius.conf")) == NULL)
-		return ERROR_RC;
-
-	strcpy(username, "healthcheck");
-	strcpy(passwd, "uCentral");
-
-	send = NULL;
-
-	if (rc_avpair_add(rh, &send, PW_USER_NAME, username, -1, 0) == NULL)
-		return ERROR_RC;
-
-	if (rc_avpair_add(rh, &send, PW_USER_PASSWORD, passwd, -1, 0) == NULL)
-		return ERROR_RC;
-
-	service = PW_AUTHENTICATE_ONLY;
-	if (rc_avpair_add(rh, &send, PW_SERVICE_TYPE, &service, -1, 0) == NULL)
-		return ERROR_RC;
-
-	result = rc_auth(rh, 0, send, &received, NULL);
-
-	if (result == OK_RC || result == REJECT_RC) {
-		fprintf(stderr, "RADIUS server OK\n");
-		result = 0;
-	} else {
-		fprintf(stderr, "RADIUS server failure\n");
-		result = -1;
-	}
-
-	return result;
-}