From f26171c1d4b3b7c5e8eea07c835fb4b0cf65bef5 Mon Sep 17 00:00:00 2001 From: John Crispin Date: Tue, 13 Jul 2021 08:57:06 +0200 Subject: [PATCH] ucentral: development update * update netifd to latest HEAD * fix mikrotik support * enable getty * update ucentral-wifi * make firewall provide ssh on wan during early firstboot Signed-off-by: John Crispin --- .github/workflows/build-dev.yml | 2 +- .../0037-netifd-update-to-latest-HEAD.patch | 8 +-- backports/0041-ar71xx-hacks.patch | 39 +++++++++++++++ feeds/ucentral/ucentral-wifi/Makefile | 2 +- ...03-pending-scripts-add-gen_config.py.patch | 15 +++--- ...e-ssh-on-wan-during-early-boot-stage.patch | 26 ++++++++++ ...0040-busybox-enable-GETTY-by-default.patch | 26 ++++++++++ profiles/mikrotik_nand-large.yml | 2 +- profiles/ucentral-ap-mikrotik.yml | 50 +++++++++++++++++++ 9 files changed, 157 insertions(+), 13 deletions(-) create mode 100644 backports/0041-ar71xx-hacks.patch create mode 100644 patches/0039-firewall-enable-ssh-on-wan-during-early-boot-stage.patch create mode 100644 patches/0040-busybox-enable-GETTY-by-default.patch create mode 100644 profiles/ucentral-ap-mikrotik.yml diff --git a/.github/workflows/build-dev.yml b/.github/workflows/build-dev.yml index 395bcecd7..c86a168a0 100644 --- a/.github/workflows/build-dev.yml +++ b/.github/workflows/build-dev.yml @@ -10,7 +10,7 @@ jobs: strategy: fail-fast: false matrix: - target: ['cig_wf188', 'cig_wf194c', 'cig_wf160d', 'edgecore_eap101', 'edgecore_eap102', 'edgecore_ecs4100-12ph', 'edgecore_ecw5211', 'edgecore_ecw5410', 'edgecore_oap100', 'indio_um-305ac', 'linksys_e8450-ubi', 'linksys_ea8300', 'tplink_cpe210_v3', 'tplink_cpe510_v3', 'tplink_eap225_outdoor_v1', 'tplink_ec420', 'tplink_ex227', 'tplink_ex228', 'tplink_ex447' ] + target: ['cig_wf188', 'cig_wf194c', 'cig_wf160d', 'edgecore_eap101', 'edgecore_eap102', 'edgecore_ecs4100-12ph', 'edgecore_ecw5211', 'edgecore_ecw5410', 'edgecore_oap100', 'edgecore_spw2ac1200', 'indio_um-305ac', 'linksys_e8450-ubi', 'linksys_ea8300', 'mikrotik_nand-large', 'tplink_cpe210_v3', 'tplink_cpe510_v3', 'tplink_eap225_outdoor_v1', 'tplink_ec420', 'tplink_ex227', 'tplink_ex228', 'tplink_ex447' ] steps: - uses: actions/checkout@v2 diff --git a/backports/0037-netifd-update-to-latest-HEAD.patch b/backports/0037-netifd-update-to-latest-HEAD.patch index 4848db8c4..1dda113bf 100644 --- a/backports/0037-netifd-update-to-latest-HEAD.patch +++ b/backports/0037-netifd-update-to-latest-HEAD.patch @@ -1,7 +1,7 @@ -From 5105966a941c5bfcffee7c9c142557024391b077 Mon Sep 17 00:00:00 2001 +From ddaf9ee904b614f79c87f6d67d6c7b09c5d46eca Mon Sep 17 00:00:00 2001 From: John Crispin Date: Thu, 27 May 2021 13:24:47 +0200 -Subject: [PATCH 01/37] netifd: update to latest HEAD +Subject: [PATCH 01/44] netifd: update to latest HEAD Signed-off-by: John Crispin --- @@ -14,7 +14,7 @@ Signed-off-by: John Crispin create mode 100644 package/network/config/netifd/patches/002-fix-dhcp-issue.patch diff --git a/package/network/config/netifd/Makefile b/package/network/config/netifd/Makefile -index 7061456b08..75ecff7793 100644 +index 7061456b08..5717a400be 100644 --- a/package/network/config/netifd/Makefile +++ b/package/network/config/netifd/Makefile @@ -5,9 +5,9 @@ PKG_RELEASE:=1 @@ -25,7 +25,7 @@ index 7061456b08..75ecff7793 100644 -PKG_SOURCE_VERSION:=c00c8335d6188daa326ecfe5a62da15a9b9987e1 -PKG_MIRROR_HASH:=c740e51e0cec13eec336ba1c7a643db3b64a9a2235f8c1b73a566cb89e841190 +PKG_SOURCE_DATE:=2021-05-26 -+PKG_SOURCE_VERSION:=4e92ea74273f7d569f2be67066f9ebd33cf2ecad ++PKG_SOURCE_VERSION:=1f283c654aeb1f8983e0a81b7a81cc4784fffe3f +PKG_MIRROR_HASH:= PKG_MAINTAINER:=Felix Fietkau diff --git a/backports/0041-ar71xx-hacks.patch b/backports/0041-ar71xx-hacks.patch new file mode 100644 index 000000000..8fb07c145 --- /dev/null +++ b/backports/0041-ar71xx-hacks.patch @@ -0,0 +1,39 @@ +From 26aedfa7e2aa5ab583c68638539d5fc173af173f Mon Sep 17 00:00:00 2001 +From: John Crispin +Date: Mon, 12 Jul 2021 13:09:25 +0200 +Subject: [PATCH 36/37] ar71xx: hacks + +Signed-off-by: John Crispin +--- + package/kernel/linux/modules/crypto.mk | 2 +- + package/kernel/mac80211/ath.mk | 1 + + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/package/kernel/linux/modules/crypto.mk b/package/kernel/linux/modules/crypto.mk +index c277c6b8ec..9bee6fd8a9 100644 +--- a/package/kernel/linux/modules/crypto.mk ++++ b/package/kernel/linux/modules/crypto.mk +@@ -885,7 +885,7 @@ define KernelPackage/crypto-sha256 + CONFIG_CRYPTO_SHA256_SSSE3 + FILES:= \ + $(LINUX_DIR)/crypto/sha256_generic.ko \ +- $(LINUX_DIR)/lib/crypto/libsha256.ko ++ $(LINUX_DIR)/lib/crypto/libsha256.ko@ge4.15 + AUTOLOAD:=$(call AutoLoad,09,sha256_generic) + $(call AddDepends/crypto) + endef +diff --git a/package/kernel/mac80211/ath.mk b/package/kernel/mac80211/ath.mk +index ba03ae11a6..ad2860a98e 100644 +--- a/package/kernel/mac80211/ath.mk ++++ b/package/kernel/mac80211/ath.mk +@@ -43,6 +43,7 @@ config-$(call config_package,ath9k) += ATH9K + config-$(call config_package,ath9k-common) += ATH9K_COMMON + config-$(call config_package,owl-loader) += ATH9K_PCI_NO_EEPROM + config-$(CONFIG_TARGET_ath79) += ATH9K_AHB ++config-$(CONFIG_TARGET_ar71xx) += ATH9K_AHB + config-$(CONFIG_TARGET_ipq40xx) += ATH10K_AHB + config-$(CONFIG_PCI) += ATH9K_PCI + config-$(CONFIG_ATH_USER_REGD) += ATH_USER_REGD ATH_REG_DYNAMIC_USER_REG_HINTS +-- +2.25.1 + diff --git a/feeds/ucentral/ucentral-wifi/Makefile b/feeds/ucentral/ucentral-wifi/Makefile index ccb4ee55c..1df5c67cf 100644 --- a/feeds/ucentral/ucentral-wifi/Makefile +++ b/feeds/ucentral/ucentral-wifi/Makefile @@ -6,7 +6,7 @@ PKG_RELEASE:=1 PKG_SOURCE_URL=https://github.com/blogic/ucentral-wifi.git PKG_SOURCE_PROTO:=git PKG_SOURCE_DATE:=2021-04-13 -PKG_SOURCE_VERSION:=b17d2ca01663bbae82e4c05a845b7c9b0a4d23e3 +PKG_SOURCE_VERSION:=17c442426a864144e17ef82120ed8cef8e7e7272 #PKG_MIRROR_HASH:=a8000b3cf43ce9ebfa7305661475fec98ec1dba2dc7b062028c2e17d7c2ec50b PKG_MAINTAINER:=John Crispin diff --git a/patches/0003-pending-scripts-add-gen_config.py.patch b/patches/0003-pending-scripts-add-gen_config.py.patch index c074ed801..8e3f7ac98 100644 --- a/patches/0003-pending-scripts-add-gen_config.py.patch +++ b/patches/0003-pending-scripts-add-gen_config.py.patch @@ -1,22 +1,22 @@ -From 585f94ec3a6ec51348b72c99740c41c635e30876 Mon Sep 17 00:00:00 2001 +From f9d39a389ef2a3bbf326580a0769519c1f3bad5f Mon Sep 17 00:00:00 2001 From: John Crispin Date: Fri, 19 Jun 2020 10:45:22 +0200 -Subject: [PATCH 01/35] pending: scripts: add gen_config.py +Subject: [PATCH 01/37] pending: scripts: add gen_config.py This script is used to setup the tree based on the profiles/. Signed-off-by: John Crispin --- - scripts/gen_config.py | 196 ++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 196 insertions(+) + scripts/gen_config.py | 199 ++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 199 insertions(+) create mode 100755 scripts/gen_config.py diff --git a/scripts/gen_config.py b/scripts/gen_config.py new file mode 100755 -index 0000000000..260abeef8f +index 0000000000..a36f244e56 --- /dev/null +++ b/scripts/gen_config.py -@@ -0,0 +1,196 @@ +@@ -0,0 +1,199 @@ +#!/usr/bin/env python3 + +from os import getenv @@ -201,6 +201,9 @@ index 0000000000..260abeef8f + else: + profile = merge_profiles(sys.argv[1:]) + ++ if run(["rm", "-rf", "feeds/", "package/feeds"]).returncode: ++ die("Failed to delete old feeds") ++ + print("Using the following profiles:") + for d in profile.get("description"): + print(f" - {d}") diff --git a/patches/0039-firewall-enable-ssh-on-wan-during-early-boot-stage.patch b/patches/0039-firewall-enable-ssh-on-wan-during-early-boot-stage.patch new file mode 100644 index 000000000..001b109ba --- /dev/null +++ b/patches/0039-firewall-enable-ssh-on-wan-during-early-boot-stage.patch @@ -0,0 +1,26 @@ +From 1147a7312c432eebe0de619463fae582051e2e97 Mon Sep 17 00:00:00 2001 +From: John Crispin +Date: Mon, 12 Jul 2021 13:10:48 +0200 +Subject: [PATCH 37/37] firewall: enable ssh on wan during early boot stage + +Signed-off-by: John Crispin +--- + package/network/config/firewall/files/firewall.config | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/package/network/config/firewall/files/firewall.config b/package/network/config/firewall/files/firewall.config +index 5e22f984ce..31b6065e86 100644 +--- a/package/network/config/firewall/files/firewall.config ++++ b/package/network/config/firewall/files/firewall.config +@@ -17,7 +17,7 @@ config zone + option name wan + list network 'wan' + list network 'wan6' +- option input REJECT ++ option input ACCEPT + option output ACCEPT + option forward REJECT + option masq 1 +-- +2.25.1 + diff --git a/patches/0040-busybox-enable-GETTY-by-default.patch b/patches/0040-busybox-enable-GETTY-by-default.patch new file mode 100644 index 000000000..69b122b17 --- /dev/null +++ b/patches/0040-busybox-enable-GETTY-by-default.patch @@ -0,0 +1,26 @@ +From 8d9502c42360f3e0131448baaa1ab794be2ef1cf Mon Sep 17 00:00:00 2001 +From: John Crispin +Date: Tue, 13 Jul 2021 08:54:42 +0200 +Subject: [PATCH 44/44] busybox: enable GETTY by default + +Signed-off-by: John Crispin +--- + package/utils/busybox/Config-defaults.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/package/utils/busybox/Config-defaults.in b/package/utils/busybox/Config-defaults.in +index 2389bbb8e0..a083af1863 100644 +--- a/package/utils/busybox/Config-defaults.in ++++ b/package/utils/busybox/Config-defaults.in +@@ -1342,7 +1342,7 @@ config BUSYBOX_DEFAULT_FEATURE_DEL_USER_FROM_GROUP + default n + config BUSYBOX_DEFAULT_GETTY + bool +- default n ++ default y + config BUSYBOX_DEFAULT_LOGIN + bool + default y +-- +2.25.1 + diff --git a/profiles/mikrotik_nand-large.yml b/profiles/mikrotik_nand-large.yml index a4977da65..bc96cba1f 100644 --- a/profiles/mikrotik_nand-large.yml +++ b/profiles/mikrotik_nand-large.yml @@ -5,4 +5,4 @@ subtarget: mikrotik description: Build image for the Mikrotik RouterBoards image: bin/targets/ar71xx/mikrotik/openwrt-ar71xx-mikrotik-nand-large-squashfs-sysupgrade.bin include: - - ucentral-ap-light + - ucentral-ap-mikrotik diff --git a/profiles/ucentral-ap-mikrotik.yml b/profiles/ucentral-ap-mikrotik.yml new file mode 100644 index 000000000..8a5c8034d --- /dev/null +++ b/profiles/ucentral-ap-mikrotik.yml @@ -0,0 +1,50 @@ +--- +description: Add the ucentral dependencies +feeds: + - name: ucentral + path: ../../feeds/ucentral + - name: tip + path: ../../feeds/tip + +include: + - webui + +packages: + - firstcontact + - curl + - ip-bridge + - maverick + - ratelimit + - rtty-openssl + - sqm-scripts + - tip-defaults + - ucentral-client + - ucentral-event + - ucentral-schema + - ucentral-wifi + - ucentral-tools + - ucode + - udhcpsnoop + - uledd + - usteer + - udevmand + - wpad-mesh-openssl +diffconfig: | + CONFIG_OPENSSL_ENGINE=y + CONFIG_OPENSSL_PREFER_CHACHA_OVER_GCM=y + CONFIG_OPENSSL_WITH_ASM=y + CONFIG_OPENSSL_WITH_CHACHA_POLY1305=y + CONFIG_OPENSSL_WITH_CMS=y + CONFIG_OPENSSL_WITH_DEPRECATED=y + CONFIG_OPENSSL_WITH_ERROR_MESSAGES=y + CONFIG_OPENSSL_WITH_PSK=y + CONFIG_OPENSSL_WITH_SRP=y + CONFIG_OPENSSL_WITH_TLS13=y + # CONFIG_PACKAGE_wpad is not set + # CONFIG_PACKAGE_wpad-basic-wolfssl is not set + # CONFIG_PACKAGE_dnsmasq is not set + CONFIG_IMAGEOPT=y + CONFIG_PREINITOPT=y + CONFIG_TARGET_PREINIT_SUPPRESS_STDERR=y + CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE=y + # CONFIG_BATMAN_ADV_BATMAN_V is not set