From 7a37a1eaed9832dbffe1c0998c7457300b191dad Mon Sep 17 00:00:00 2001 From: Eric Sauvageau Date: Tue, 13 Jul 2021 11:06:42 -0400 Subject: [PATCH 01/10] libovpn: add log message when creating RPDB rule for OVPN_RGW_ALL mode --- release/src/router/libovpn/openvpn_control.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/release/src/router/libovpn/openvpn_control.c b/release/src/router/libovpn/openvpn_control.c index c82f95f1ad5..59c66b36e98 100644 --- a/release/src/router/libovpn/openvpn_control.c +++ b/release/src/router/libovpn/openvpn_control.c @@ -573,6 +573,8 @@ void ovpn_set_routing_rules(int unit) { if (state == OVPN_STS_RUNNING || state == OVPN_STS_INIT) { snprintf(buffer, sizeof (buffer), "/usr/sbin/ip rule add table ovpnc%d priority %d", unit, 10000 + unit); system(buffer); + if (verb >= 3) + logmessage("openvpn-routing","Routing all traffic through ovpnc%d", unit); } break; From 2c88c8ee59dee0cd38bb6234e490c9a6c120b5a9 Mon Sep 17 00:00:00 2001 From: Eric Sauvageau Date: Wed, 14 Jul 2021 23:22:48 -0400 Subject: [PATCH 02/10] rc: remove code handling cleanup of old 1.xxx TrendMicro signatures --- release/src/router/rc/format.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/release/src/router/rc/format.c b/release/src/router/rc/format.c index 3c2dfdfc4d2..790a2300020 100644 --- a/release/src/router/rc/format.c +++ b/release/src/router/rc/format.c @@ -651,12 +651,5 @@ void adjust_jffs_content(void) system("/bin/mv -f /jffs/ssl/* /jffs/.cert/"); /* */ rmdir("/jffs/ssl"); } - -/* Remove legacy 1.xxx Trend Micro signatures if present */ -#ifdef RTCONFIG_BWDPI - if (f_exists("/jffs/signature/rule.trf") && - f_size("/jffs/signature/rule.trf") < 50000) - unlink("/jffs/signature/rule.trf"); -#endif } From 8a80d88fa1dee5fc33020d5a2befc170f7e1e812 Mon Sep 17 00:00:00 2001 From: Eric Sauvageau Date: Wed, 14 Jul 2021 23:39:34 -0400 Subject: [PATCH 03/10] Bump revision to beta 3 --- release/src-rt/version.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release/src-rt/version.conf b/release/src-rt/version.conf index 936976937cb..c692ae4b64a 100644 --- a/release/src-rt/version.conf +++ b/release/src-rt/version.conf @@ -1,5 +1,5 @@ KERNEL_VER=3.0 FS_VER=0.4 SERIALNO=386.3 -EXTENDNO=beta2 +EXTENDNO=beta3 RCNO=0 From c157287738e9cda78bb4d97c24e43919b2ad3a9f Mon Sep 17 00:00:00 2001 From: Eric Sauvageau Date: Wed, 14 Jul 2021 23:53:24 -0400 Subject: [PATCH 04/10] libovpn: only enforce DNS exclusive for a client if the rule has no remote IP specified --- release/src/router/libovpn/openvpn_control.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release/src/router/libovpn/openvpn_control.c b/release/src/router/libovpn/openvpn_control.c index 59c66b36e98..db9ec469145 100644 --- a/release/src/router/libovpn/openvpn_control.c +++ b/release/src/router/libovpn/openvpn_control.c @@ -701,7 +701,7 @@ void ovpn_set_exclusive_dns(int unit) { if (atoi(&enable[0]) == 0) continue; - if (*src) { + if (*src && !*dst) { strlcpy(buffer, src, sizeof(buffer)); if ((netptr = strchr(buffer, '/'))) { From dbfafff8250f9c2578f7681a6dfc3dd906928a8e Mon Sep 17 00:00:00 2001 From: Eric Sauvageau Date: Thu, 15 Jul 2021 23:23:40 -0400 Subject: [PATCH 05/10] openvpn: only set error state in nvram on fatal config errors Non-fatal errors caused for example by VPN servers blindly pushing Win32-only parameters (like register-dns) will no longer put the client into an error state. --- release/src/router/openvpn/src/openvpn/error.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/release/src/router/openvpn/src/openvpn/error.c b/release/src/router/openvpn/src/openvpn/error.c index 184f13c3ae6..9a8210cba0d 100644 --- a/release/src/router/openvpn/src/openvpn/error.c +++ b/release/src/router/openvpn/src/openvpn/error.c @@ -275,7 +275,10 @@ x_msg_va(const unsigned int flags, const char *format, va_list arglist) if (flags & M_OPTERR) { openvpn_snprintf(m2, ERR_BUF_SIZE, "Options error: %s", m1); - update_nvram_status(EVENT_CONF_ERROR); + if (flags & M_FATAL) + { + update_nvram_status(EVENT_CONF_ERROR); + } SWAP; } From 352ab973d5acbf8a13c2f821c9bd4b0a015d1589 Mon Sep 17 00:00:00 2001 From: Eric Sauvageau Date: Fri, 16 Jul 2021 00:20:47 -0400 Subject: [PATCH 06/10] inadyn: handle Freedns authentication errors as such; improve error logging Authentication errors when fetching keys were reported as generic errors, which means they would not properly terminate as a fatal error. Also, log errors with LOG_ERR instead of LOG_DEBUG or LOG_INFO, so they can be more easily seen by the user. --- release/src/router/inadyn/plugins/freedns.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/release/src/router/inadyn/plugins/freedns.c b/release/src/router/inadyn/plugins/freedns.c index c8f8eef9f1a..a8a988e7fb9 100644 --- a/release/src/router/inadyn/plugins/freedns.c +++ b/release/src/router/inadyn/plugins/freedns.c @@ -88,7 +88,7 @@ static char *fetch_keys(ddns_t *ctx, ddns_info_t *info) trans.max_rsp_len = ctx->work_buflen - 1; /* Save place for a \0 at the end */ rc = http_transaction(&client, &trans); - logit(LOG_DEBUG, "=> %s", trans.rsp_body); + logit((strstr(trans.rsp_body, "ERROR:") ? LOG_ERR : LOG_DEBUG), "=> %s", trans.rsp_body); http_exit(&client); http_destruct(&client, 1); @@ -110,10 +110,14 @@ static int setup(ddns_t *ctx, ddns_info_t *info, ddns_alias_t *alias) tmp = buf = fetch_keys(ctx, info); if (!buf) { - logit(LOG_INFO, "Cannot find you FreeDNS account API keys"); + logit(LOG_ERR, "Cannot find you FreeDNS account API keys"); return RC_ERROR; } + if (strstr(buf, "Could not authenticate")) { + return RC_DDNS_RSP_AUTH_FAIL; + } + for (line = strsep(&tmp, "\n"); line; line = strsep(&tmp, "\n")) { int num; From b450eefd91df0bdfdfa85ec3703263cc76231530 Mon Sep 17 00:00:00 2001 From: Eric Sauvageau Date: Sun, 18 Jul 2021 19:13:36 -0400 Subject: [PATCH 07/10] Updated documentation --- Changelog-NG.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Changelog-NG.txt b/Changelog-NG.txt index 791e9356854..795ba9fd242 100644 --- a/Changelog-NG.txt +++ b/Changelog-NG.txt @@ -64,6 +64,8 @@ Asuswrt-Merlin 386/NG Changelog failure - FIXED: profile.add getting used even if JFFS scripting was disabled (dave14305) + - FIXED: Freedns authentication errors would not + properly be reported as errors. 386.2_6 (6-June-2021) From 34134a3367b7d04a2204b5a7169724fa1bdcc290 Mon Sep 17 00:00:00 2001 From: Joachim Wiberg Date: Tue, 20 Jul 2021 17:12:32 -0400 Subject: [PATCH 08/10] inadyn: freedns: fix memory leak and some grammar in log messages --- release/src/router/inadyn/plugins/freedns.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/release/src/router/inadyn/plugins/freedns.c b/release/src/router/inadyn/plugins/freedns.c index a8a988e7fb9..0d33e4c94df 100644 --- a/release/src/router/inadyn/plugins/freedns.c +++ b/release/src/router/inadyn/plugins/freedns.c @@ -110,11 +110,12 @@ static int setup(ddns_t *ctx, ddns_info_t *info, ddns_alias_t *alias) tmp = buf = fetch_keys(ctx, info); if (!buf) { - logit(LOG_ERR, "Cannot find you FreeDNS account API keys"); + logit(LOG_ERR, "Cannot find your FreeDNS account API keys"); return RC_ERROR; } - if (strstr(buf, "Could not authenticate")) { + if (strstr(buf, "Failed authenticating to fetch API keys")) { + free(buf); return RC_DDNS_RSP_AUTH_FAIL; } From b97c0d7c481156ad6b77fe880476e3dcf074bced Mon Sep 17 00:00:00 2001 From: Eric Sauvageau Date: Fri, 23 Jul 2021 13:33:50 -0400 Subject: [PATCH 09/10] webui: improve QR readability by adding a lighter quiet zone around the QR code --- release/src/router/www/Guest_network.asp | 4 ++-- release/src/router/www/device-map/router.asp | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/release/src/router/www/Guest_network.asp b/release/src/router/www/Guest_network.asp index 079837d4e60..eadca067ff4 100644 --- a/release/src/router/www/Guest_network.asp +++ b/release/src/router/www/Guest_network.asp @@ -411,10 +411,10 @@ function gen_gntable_tr(unit, gn_array, slicesb){ if(captive_portal_used_wl_array["wl" + unit_subunit] == undefined) { htmlcode += ''; - htmlcode += ''; htmlcode += '
Show QR code
'; htmlcode += ''; diff --git a/release/src/router/www/device-map/router.asp b/release/src/router/www/device-map/router.asp index 4e3021d9541..c826f921dfd 100644 --- a/release/src/router/www/device-map/router.asp +++ b/release/src/router/www/device-map/router.asp @@ -362,10 +362,10 @@ function genElement(){ code += ''; } - code += ''; code += ''; code += ''; } From a3ce9d122f6104ed87a3e611f664057e9282b9ac Mon Sep 17 00:00:00 2001 From: Eric Sauvageau Date: Fri, 23 Jul 2021 13:42:35 -0400 Subject: [PATCH 10/10] Bump revision to 386.3 final; updated documentation --- Changelog-NG.txt | 5 +++-- release/src-rt/version.conf | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/Changelog-NG.txt b/Changelog-NG.txt index 795ba9fd242..d456d65e7ad 100644 --- a/Changelog-NG.txt +++ b/Changelog-NG.txt @@ -1,7 +1,7 @@ Asuswrt-Merlin 386/NG Changelog =============================== -386.3 (xx-xxx-xxxx) +386.3 (23-July-2021) - NOTE: First time you boot into this version, you need to either shift-reload the main index page, or clear your browser cache. @@ -42,7 +42,8 @@ Asuswrt-Merlin 386/NG Changelog - CHANGED: Moved OpenVPN Custom settings content to JFFS, and increased max storage length from around 350 chars to 4095 chars. - + - CHANGED: Added support for BCM50991 used for the 2.5G + interface in newer RT-AX86U revisions. - UPDATED: nano to 5.7. - UPDATED: curl to 7.76.1. - UPDATED: dnsmasq to 2.85-openssl. diff --git a/release/src-rt/version.conf b/release/src-rt/version.conf index c692ae4b64a..954ba3eb372 100644 --- a/release/src-rt/version.conf +++ b/release/src-rt/version.conf @@ -1,5 +1,5 @@ KERNEL_VER=3.0 FS_VER=0.4 SERIALNO=386.3 -EXTENDNO=beta3 +EXTENDNO=0 RCNO=0