odhcp6c and odhcpd currently generate custom DUIDS on a per-interface basis
using the MAC address of the given interface.
This is contrary to how DUIDs are meant to be used, as the client identifier
will vary from interface to interface, while it is meant to remain stable for a
given host, no matter how the network hardware changes (see RFC8415, §11).
The same problem exists in odhcpd, which also generates server-side DUIDs on a
per-interface basis.
In order to support a stable per-device DUID, generate one on first boot and
store it via uci.
Currently, a DUID-UUID style clientid is generated. This is mostly meant as an
RFC, and we might consider using a different kind of DUID instead (DUID-LLT,
DUID-EN).
One drawback is that this will typically change the DUID used on existing
OpenWrt devices when upgrading to a new release. However, that seems
unavoidable and is a one-time pain in order to have stable DUIDs (and in many
cases, it shouldn't cause any issues).
v2: move the uci cfg generation outside of an IPv6-only block since this
is relevant to the DHCPv4 client as well
Signed-off-by: David Härdeman <david@hardeman.nu>
Link: https://github.com/openwrt/openwrt/pull/20359
Signed-off-by: Robert Marko <robimarko@gmail.com>
Old "interface" sections for bridges were mixing layer 2 and layer 3.
That syntax got deprecated and UCI section "device" is used for bridge
configuration now.
Backward compatibility may be dropped from netifd soon now so migrate
old configs using uci-defaults script.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
netifd supports more accurate "ports" option (instead of "ifname") for
years now. Relevant changes were even backported to OpenWrt 21.02. Add
uci-defaults script that translates config files using deprecated
syntax.
Identical commit f716c30241 ended up reverted back in 2021 by
80be798d4a due to breaking downgrades. With 19.07 support ended it
should no longer be an issue.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
For APK installation we don't have /usr/lib/opkg/info and user fixup are
handled dirrectly. Skip the script in such case.
Also remove this uci-defaults if we have CONFIG_USE_APK enabled.
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Reduce calls and pipes and read from urandom once directly with hexdump
for the necessary 5 bytes of random data to build the 48 bit ULA Prefix.
Fewer calls and forks; finish quicker; less memory used.
Tested on: 23.05.3
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
This reverts commit f716c30241.
Migrating everyone to the new syntax could break downgrades. We may
reintroduce it way later if needed.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
netifd has been recently patched to use more accurate "ports" option
instead of "ifname". This is a simple translation between two UCI
options.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This replaces deprecated backticks by more versatile $(...) syntax.
This does not touch lib/upgrade/nand.sh, as there replacement is
not trivial.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
uci-defaults are sourced and non-executable, so they do not require
a shebang.
While at it, apply consistent naming scheme.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
11_migrate-sysctl has not been updated with new file hashes since 2012.
Let's get rid of it.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
If only a single opkg control file exists (which can happen with
CONFIG_CLEAN_IPKG), grep would not print the file name by default. Instead
of forcing it using -H, we just switch to -l (print only file names) and
get rid of the cut.
Add -s to suppress an error message when no control files exist.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Local variable declarations outside of functions are illegal since the Busybox
update to v1.25.0, therfore remove them from the appropriate places.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
During boot, a not found message is displayed for systems which do
not have uci 'network.globals.ula_prefix' defined in
/etc/config/network. The error message itself is not used and can
be ignored.
Signed-off-by: Michel Stam <m.stam@fugro.nl>
SVN-Revision: 42755
