This repository has been archived by the owner on Nov 3, 2022. It is now read-only.
Hotfix/dhcp dns spoofing #65
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Prevent build error from packages depending on it: /home/fast/miska/omnia6-build/staging_dir/toolchain-arm_cortex-a9+vfpv3-d16_gcc-8.4.0_musl_eabi/lib64/gcc/arm-openwrt-linux-muslgnueabi/8.4.0/../../../../arm-openwrt-linux-muslgnueabi/bin/ld: /home/fast/miska/omnia6-build/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/usr/lib/liblogc.so: undefined reference to `msg2syslog_level' /home/fast/miska/omnia6-build/staging_dir/toolchain-arm_cortex-a9+vfpv3-d16_gcc-8.4.0_musl_eabi/lib64/gcc/arm-openwrt-linux-muslgnueabi/8.4.0/../../../../arm-openwrt-linux-muslgnueabi/bin/ld: /home/fast/miska/omnia6-build/staging_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/usr/lib/liblogc.so: undefined reference to `str_empty'
The web page changed (again) and we still do not have a better way to get list of the versions so this just fixes the regexp and keeps it as it is.
* Added & update translations * Added ESLint import plugin to sort imports correctly * Added Python interactive debugging guide * Added webpack-bundle-analyzer * Added new-password autocomplete attribute to password inputs * Added CHANGELOG filled with existed tags & info * Fixed translation messages strings * Fixed uninitialized guideData * Fixed typos and inconsistencies on the Packages page * Fixed grammar and spelling mistakes in many places * Fixed messages.pot template's header comment * Fixed reForis react-styleguidist docs build * Fixed sorting of countries by name * Improved handling of loading translations * Removed hardcoded setuptools version * Removed obsolete auth section from reForis docs * Replaced domain validation with hostname * Refined Makefile * Updated required NodeJS versiont to 14.x * Updated Python image to v3.10.2 * Updated Node.js image to v14 * Updated Foris JS library to v5.3.0 * NPM update several dependencies * NPM audit fix * Other small improvements
Since version 0.3.0, it is required dependency logc-czmq. [1] We need to switch to dist tarball, otherwise there is no configure. Also, we need to avoid using ``PKG_FIXUP:=autoreconf`` for now, since it requires to use fwrecorder, which is development tool and it can not be disabled by using ``CONFIGURE_ARGS``. [1] https://gitlab.nic.cz/turris/sentinel/fwlogs/-/blob/e132a6e4e1c86e4b42d637c7f22ac9b66ec64b2b/CHANGELOG.md#030-2022-03-10 [switch to dist tarball, use autotools.mk] Co-authored-by: Karel Kočí <[email protected]>
Fixed * crash when approvals are enabled without window being configured
Empty folders are removed within the update and there should be at least empty file to prevent that situation.
With recent U-Boot, U-Boot's environment must be accessed through a separate mtd device named "u-boot-env". Signed-off-by: Marek Behún <[email protected]>
We are using Weblate for translations and this system uses and suggests the nb_NO and not just plain nb. The effect is that we have to do move of the translation every time the new translation of nb_NO is created (Weblate then understands it and uses nb). This si not clean at all. Thus this move should make it way more systematic.
It is some time since we updated the list of languages. We want to show only languages that have reasonable activity (that they have reasonable number of translated strings). Our limit here is 10% and inclusion in most of our projects. The following languages were removed because they lack the activity and the percentage of translated strings dropped to single digits: * Danish * Italian * Lithuanian The following languages are added because they have reasonable amount of translations: * Spanish * Swedish * Dutch
The update of the translations and primarily rename of `nb` to `nb_NO`.
There were many changes in Deckard development and even we had incorrect versioning in Turris OS, this fixes it. Add PKG_MIRROR_HASH to prevent rebuilds
Various minor fixes, see: https://gitlab.nic.cz/turris/morce/-/tags/v1.0.2
The usign has to be in build dependencies to actually use it. It is possible that package would use `test.pub` as file name for OPKG due to missing usign.
Fixed:
* wifi: backport fixes for reading HT modes; it is now possible to
save wifi settings on Turris 1.x router or any router with DNXA-H1
wireless card
The patch 101-arm-mvebu-spl-Add-option-to-reset-the-board-on-DDR-t.patch was backported incorrectly: it does not update Kconfig file, which makes the reset on DDR failure not working. Fix the patch with upstream's version and add one dependency patch.
This will resolve the "OUT DB file doesn't exists" error message and thus make MAC vendor lookup working again. Also update the actual manufacturers database. Closes: #835
The config_list_foreach does not read the real value and instead it only works with values set in uci as list. The issue is that OpenWrt uses option for ifnames as well so we have to support that. This is not nice but we simply have to expand the list of those devices to add them to the list.
The type has to be migrated to the device section. This now uses already established code to migrate it instead of just adding it.
The Turris 1.x SD card sometimes gets to read only mode. It is because SD controller is set to that and there is nothing that switches it back. This now adds that to every boot.
Prefer LAN interface IP addresses before WAN IP addresses. This should help with issue that sometimes pops up - after action that is triggered from reForis which requires reboot or restart of some components (e.g. network), browser is redirected to unexpected IP address of router (WAN instead of LAN).
Signed-off-by: Glenn Strauss <[email protected]> (cherry picked from commit 9d7e18fb257914d0c03e0b5e9e4afef49073d375)
fixes LED settings with new sysfs
SDIO WiFi is not supported on Turris OS 6.0 yet, so let's switch SDIO users to a 5.x branch for now.
Fixed * fix redirect to any origin on redirect
Migrating LED names on Turris Omnia routers from old names to new upstream names. Updates both Rainbow and OpenWrt LED config.
color.sh uses bash specific features which can result in an arithmetic error when using sh
Fixed: * Preserve IP address order across all notifications Followup of https://gitlab.nic.cz/turris/os/packages/-/merge_requests/959 Try to finish previous attempt to preserve IP addresses order across all notifications. Also do not create unique set of IPs for every iteration.
Upstream solution in OpenWrt uses http as user and www-data as group, unfortunately, this breaks new Turris OS installations. When I used the upstream solution inside init script to create http user and the group as well, then it does not work for us and we need to release Turris OS 6.0 fast. Fixes: 1. 2022-10-14 16:35:22: (../src/server.c.1410) can't find username http 2. 2022-10-14 16:32:48: (../src/configfile.c.1720) opening errorlog '/var/log/lighttpd/error.log' failed: Permission denied 2022-10-14 16:32:48: (../src/server.c.1584) Opening errorlog failed. Going down. Fixes: 23f5699 ("lighttpd & turris-webapps: prepare to support upstream OpenWrt lighttpd pkg")
Fixes: c7083f7 ("turris1x-uboot: copy existing images from uboot-mpc85xx")
Update copyright
When postinst first runs during the TOS5->6 update, it runs on the old kernel which isn't supported by rainbow which causes an error and warnings.
It is common to include the tagged release changelog inside the message of the version tag[^1] which wasn't reflected in WORKFLOW version tagging description. [^1]: see https://gitlab.nic.cz/turris/os/packages/-/tags
When updating from older kernel, it might well happen, that sysfs files we depend upon are not there. Instead of failing with cryptic error, let's ignore unsuccessful attempts to access those. Proper error handling would be great, but as we want to release TOS 6.0 soon and proper error handling will require more time, let's ignore those errors for now not to scare our users.
Running network migration after updating to Turris OS 6 might break the network as there might be still old daemons managing the network running that are unable to work with new configuration. Safer option might be to do it after reboot, when we are sure, that new configuration is valid.
Quick fix for Remote Access CA & mosquitto permissions issue. This is by no means proper solution, rather quick hack, and we should come up with proper solution later. See turris/foris-controller/foris-controller#211
Under some circumstances, wan ruleset might disappear from firewall. Try restarting the firewall to get it back or in worst case, block all incoming connections. Better safe then sorry.
Fixing commit 3a95469 Rule name was specified lowercase while it should be uppercase.
Under some circumstances, wan ruleset might disappear from firewall. Previous fix prevents anybody from exploiting it but also limits the access to the router. This one tries restarting the router but make sure that Turris 1.X kernel is deployed correctly beforehand.
This is proper release for fix, which is already included as patch, but was somehow forgotten. Followup of https://gitlab.nic.cz/turris/os/packages/-/commit/4f1f08783c8e6435fae7fcc49591574ddf0fcd7f Fixed - init: Fix the condition so router wouldn't end up with tmpfs mounted on top of btrfs in case of failure.
- when a client requests a dhcp lease but does not provide a hostname, then the dhcp-script.sh does not provide a hostname. That results in using the HOSTNAME variable from the environment, containing the hostname of the resolver, finally resulting in an additional A-Record with another IP adress. The router then may become unreachable - Fix is, to read the configured hostname via uci and consider it as an invalid one.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Author: Robert Wappler [email protected]
Date: Sat Oct 22 18:30:20 2022 +0200