diff --git a/Note b/Note new file mode 100644 index 0000000..c8bd7ce --- /dev/null +++ b/Note @@ -0,0 +1,17 @@ + +decompress: +gunzip -k openwrt-sunxi-cortexa53-sun50i-a64-sopine-baseboard-squashfs-sdcard.img.gz + +find the begining of root fs: +fdisk openwrt-sunxi-cortexa53-sun50i-a64-sopine-baseboard-squashfs-sdcard.img | grep Linux + 2: 83 178 3 12 - 211 1 13 [ 45056 - 524288] Linux files* + +dump root fs: +dd if=openwrt-sunxi-cortexa53-sun50i-a64-sopine-baseboard-squashfs-sdcard.img of=openwrt-sunxi-cortexa53-sun50i-a64-sopine-baseboard-root-squashfs.img ibs=512 skip=45056 + +mount root fs: +mount -t squashfs openwrt-sunxi-cortexa53-sun50i-a64-sopine-baseboard-root-squashfs.img /mnt/sunxi + +OR in Macos + +squashfuse openwrt-sunxi-cortexa53-sun50i-a64-sopine-baseboard-root-squashfs.img /mnt/sunxi \ No newline at end of file diff --git a/init.sh b/init.sh index bf6f217..76a328e 100755 --- a/init.sh +++ b/init.sh @@ -10,7 +10,8 @@ echo './proc ./system ./sys ./dev -./data' | xargs -n1 sh -c 'mkdir -p root/mnt/android/$0' +./data' | xargs -n1 sh -c 'mkdir -p root/mnt/android/$0; chmod 755 root/mnt/android/$0' -chmod 771 root/mnt/android/data chmod 750 root/mnt/android/sbin +chmod 771 root/mnt/android/data +chmod 770 root/mnt/android/cache \ No newline at end of file diff --git a/overlay_pack.sh b/overlay_pack.sh index c99e6ea..1428ca9 100644 --- a/overlay_pack.sh +++ b/overlay_pack.sh @@ -1,4 +1,4 @@ # use opkg offline mode `opkg -o / -f /etc/opkg.conf install ??` to install, then # run this on device /overlay/upper/ to package find etc/init.d/ -type f|xargs -n1 sh -c '/$0 enable' -find -type f -o -type l|grep -v ./mnt|grep -v ./root/|grep -v dropbear_rsa_host_key|grep -v urandom.seed|grep -v board.json|grep -v ./etc/config/|grep -v ./etc/samba/|tar -czf /tmp/update.tar.gz -T - +find -type f -o -type l|grep -v ./android|grep -v ./mnt|grep -v ./root/|grep -v dropbear_rsa_host_key|grep -v urandom.seed|grep -v board.json|grep -v ./etc/config/|grep -v ./etc/samba/|tar -czf /tmp/update.tar.gz -T - diff --git a/root/bin/busybox b/root/bin/busybox index 5f8b7e3..d7acf62 100755 Binary files a/root/bin/busybox and b/root/bin/busybox differ diff --git a/root/bin/config_generate b/root/bin/config_generate index df221cc..3bf48d7 100755 --- a/root/bin/config_generate +++ b/root/bin/config_generate @@ -85,12 +85,16 @@ generate_network() { set network.$1.proto='none' EOF - [ -n "$macaddr" ] && uci -q batch <<-EOF - delete network.$1_dev - set network.$1_dev='device' - set network.$1_dev.name='$ifname' - set network.$1_dev.macaddr='$macaddr' - EOF + if [ -n "$macaddr" ]; then + for name in $ifname; do + uci -q batch <<-EOF + delete network.$1_${name/./_}_dev + set network.$1_${name/./_}_dev='device' + set network.$1_${name/./_}_dev.name='$name' + set network.$1_${name/./_}_dev.macaddr='$macaddr' + EOF + done + fi case "$protocol" in static) @@ -213,7 +217,8 @@ generate_switch() { json_select switch json_select "$key" - json_get_vars enable reset blinkrate cpu_port + json_get_vars enable reset blinkrate cpu_port \ + ar8xxx_mib_type ar8xxx_mib_poll_interval uci -q batch <<-EOF add network switch @@ -221,6 +226,8 @@ generate_switch() { set network.@switch[-1].reset='$reset' set network.@switch[-1].enable_vlan='$enable' set network.@switch[-1].blinkrate='$blinkrate' + set network.@switch[-1].ar8xxx_mib_type='$ar8xxx_mib_type' + set network.@switch[-1].ar8xxx_mib_poll_interval='$ar8xxx_mib_poll_interval' EOF generate_switch_vlans_ports "$1" diff --git a/root/bin/kill b/root/bin/kill index a3aaff7..c3fa810 120000 --- a/root/bin/kill +++ b/root/bin/kill @@ -1 +1 @@ -/bin/busybox \ No newline at end of file +busybox \ No newline at end of file diff --git a/root/bin/opkg b/root/bin/opkg index a43d8ba..94ca874 100755 Binary files a/root/bin/opkg and b/root/bin/opkg differ diff --git a/root/bin/ps b/root/bin/ps index a3aaff7..c3fa810 120000 --- a/root/bin/ps +++ b/root/bin/ps @@ -1 +1 @@ -/bin/busybox \ No newline at end of file +busybox \ No newline at end of file diff --git a/root/bin/ubus b/root/bin/ubus index 66cb11d..10fad08 100755 Binary files a/root/bin/ubus and b/root/bin/ubus differ diff --git a/root/bin/uclient-fetch b/root/bin/uclient-fetch index 105ba12..9b1cc5f 100755 Binary files a/root/bin/uclient-fetch and b/root/bin/uclient-fetch differ diff --git a/root/etc/banner b/root/etc/banner index ffb48d5..32d833b 100644 --- a/root/etc/banner +++ b/root/etc/banner @@ -4,5 +4,5 @@ |_______|| __|_____|__|__||________||__| |____| |__| W I R E L E S S F R E E D O M ----------------------------------------------------- - OpenWrt SNAPSHOT, r9680-0304e76 + OpenWrt 19.07.0-rc2, r10775-db8345d8e4 ----------------------------------------------------- diff --git a/root/etc/board.d/02_network b/root/etc/board.d/02_network index 984d5b3..c8449bb 100755 --- a/root/etc/board.d/02_network +++ b/root/etc/board.d/02_network @@ -1,25 +1,27 @@ #!/bin/sh -# -# Copyright (C) 2013-2015 OpenWrt.org -# +# Copyright (C) 2014-2016 OpenWrt.org +# Copyright (C) 2017 LEDE project . /lib/functions/uci-defaults.sh +. /lib/functions.sh +. /lib/functions/system.sh board_config_update -case "$(board_name)" in -"olimex,a20-olinuxino-micro") - ucidef_set_interface_lan 'wlan0' - ;; -"lamobo,lamobo-r1") - ucidef_add_switch "switch0" \ - "4:lan:1" "0:lan:2" "1:lan:3" "2:lan:4" "3:wan" "8@eth0" - ;; -"xunlong,orangepi-r1") - ucidef_set_interfaces_lan_wan "eth0" "eth1" +board=$(board_name) + +case "$board" in +raspberrypi,model-b |\ +raspberrypi,model-b-plus |\ +raspberrypi,model-b-rev2 |\ +raspberrypi,2-model-b |\ +raspberrypi,3-model-b |\ +raspberrypi,3-model-b-plus) + ucidef_set_interface_lan "eth0" ;; -*) - ucidef_set_interface_lan 'eth0' + +raspberrypi,model-zero-w) + ucidef_set_interface_lan "wlan0" ;; esac diff --git a/root/etc/config/luci b/root/etc/config/luci index 12b69a8..6cc1617 100644 --- a/root/etc/config/luci +++ b/root/etc/config/luci @@ -1,34 +1,41 @@ -config core main - option lang auto - option mediaurlbase /luci-static/material - option resourcebase /luci-static/resources - -config extern flash_keep - option uci "/etc/config/" - option dropbear "/etc/dropbear/" - option openvpn "/etc/openvpn/" - option passwd "/etc/passwd" - option opkg "/etc/opkg.conf" - option firewall "/etc/firewall.user" - option uploads "/lib/uci/upload/" - -config internal languages - option en "English" - option zh_cn "中文 (Chinese)" - -config internal sauth - option sessionpath "/tmp/luci-sessions" - option sessiontime 3600 - -config internal ccache - option enable 1 - -config internal themes - option Bootstrap "/luci-static/bootstrap" - option Material "/luci-static/material" - -config internal apply - option rollback 30 - option holdoff 4 - option timeout 5 - option display 1.5 + +config core 'main' + option lang 'auto' + option resourcebase '/luci-static/resources' + option mediaurlbase '/luci-static/material' + +config extern 'flash_keep' + option uci '/etc/config/' + option dropbear '/etc/dropbear/' + option openvpn '/etc/openvpn/' + option passwd '/etc/passwd' + option opkg '/etc/opkg.conf' + option firewall '/etc/firewall.user' + option uploads '/lib/uci/upload/' + +config internal 'languages' + option zh_cn '中文 (Chinese)' + option en 'English' + +config internal 'sauth' + option sessionpath '/tmp/luci-sessions' + option sessiontime '3600' + +config internal 'ccache' + option enable '1' + +config internal 'themes' + option Bootstrap '/luci-static/bootstrap' + option Material '/luci-static/material' + +config internal 'apply' + option rollback '30' + option holdoff '4' + option timeout '5' + option display '1.5' + +config internal 'diag' + option dns 'openwrt.org' + option ping 'openwrt.org' + option route 'openwrt.org' + diff --git a/root/etc/config/minidlna b/root/etc/config/minidlna index 213beb1..defb02f 100644 --- a/root/etc/config/minidlna +++ b/root/etc/config/minidlna @@ -1,19 +1,20 @@ -config minidlna config - option 'enabled' '0' + +config minidlna 'config' + option enabled '0' option user 'nobody' option port '8200' option interface 'eth0,wlan0,p2p0' - option friendly_name 'OpenWrt DLNA Server' option db_dir '/var/run/minidlna' option log_dir '/var/log/minidlna' option inotify '1' option enable_tivo '0' option wide_links '0' option strict_dlna '0' - option presentation_url '' option notify_interval '900' option serial '12345678' option model_number '1' option root_container '.' list media_dir '/mnt' option album_art_names 'Cover.jpg/cover.jpg/AlbumArtSmall.jpg/albumartsmall.jpg/AlbumArt.jpg/albumart.jpg/Album.jpg/album.jpg/Folder.jpg/folder.jpg/Thumb.jpg/thumb.jpg' + option friendly_name 'ZIDOO_Z9S' + diff --git a/root/etc/config/ucitrack b/root/etc/config/ucitrack index edb62b0..2de272d 100644 --- a/root/etc/config/ucitrack +++ b/root/etc/config/ucitrack @@ -1,65 +1,76 @@ + config network - option init network - list affects dhcp - list affects radvd + option init 'network' + list affects 'dhcp' + list affects 'radvd' config wireless - list affects network + list affects 'network' config firewall - option init firewall - list affects luci-splash - list affects qos - list affects miniupnpd + option init 'firewall' + list affects 'luci-splash' + list affects 'qos' + list affects 'miniupnpd' config olsr - option init olsrd + option init 'olsrd' config dhcp - option init dnsmasq - list affects odhcpd + option init 'dnsmasq' + list affects 'odhcpd' config odhcpd - option init odhcpd + option init 'odhcpd' config dropbear - option init dropbear + option init 'dropbear' config httpd - option init httpd + option init 'httpd' config fstab - option init fstab + option init 'fstab' config qos - option init qos + option init 'qos' config system - option init led + option init 'led' option exec '/etc/init.d/log reload' - list affects luci_statistics - list affects dhcp + list affects 'luci_statistics' + list affects 'dhcp' config luci_splash - option init luci_splash + option init 'luci_splash' config upnpd - option init miniupnpd + option init 'miniupnpd' config ntpclient - option init ntpclient + option init 'ntpclient' config samba - option init samba + option init 'samba' config tinyproxy - option init tinyproxy - -config minidlna 'minidlna' - option init 'minidlna' + option init 'tinyproxy' config transmission option init 'transmission' config aria2 option init 'aria2' + +config afpd 'afpd' + option init 'afpd' + +config nfsd + option init 'nfsd' + +config vsftpd 'vsftpd' + option init 'vsftpd' + +config minidlna 'minidlna' + option init 'minidlna' + diff --git a/root/etc/config/uhttpd b/root/etc/config/uhttpd index 0bef6df..c24ea8d 100644 --- a/root/etc/config/uhttpd +++ b/root/etc/config/uhttpd @@ -24,7 +24,7 @@ config uhttpd main # If this number is exceeded, further requests are # queued until the number of running requests drops # below the limit again. - option max_requests 1 + option max_requests 3 # Maximum number of concurrent connections. # If this number is exceeded, further TCP connection @@ -118,9 +118,17 @@ config cert defaults # Validity time option days 730 + # key type: rsa or ec + option key_type rsa + # RSA key size option bits 2048 + # EC curve name + # Curve names vary between mbedtls/px5g and openssl + # P-256 or P-384 are guaranteed to work + option ec_curve P-256 + # Location option country ZZ option state Somewhere diff --git a/root/etc/device_info b/root/etc/device_info index ea4e03e..3d21cfc 100644 --- a/root/etc/device_info +++ b/root/etc/device_info @@ -1,4 +1,4 @@ DEVICE_MANUFACTURER='OpenWrt' -DEVICE_MANUFACTURER_URL='http://openwrt.org/' +DEVICE_MANUFACTURER_URL='https://openwrt.org/' DEVICE_PRODUCT='Generic' DEVICE_REVISION='v0' diff --git a/root/etc/diag.sh b/root/etc/diag.sh index 8eb36c6..ce0f591 100644 --- a/root/etc/diag.sh +++ b/root/etc/diag.sh @@ -1,50 +1,35 @@ #!/bin/sh -# Copyright (C) 2006-2019 OpenWrt.org +# Copyright (C) 2015-2016 OpenWrt.org +# Copyright (C) 2017 LEDE project +. /lib/functions.sh . /lib/functions/leds.sh -boot="$(get_dt_led boot)" -failsafe="$(get_dt_led failsafe)" -running="$(get_dt_led running)" -upgrade="$(get_dt_led upgrade)" - -set_led_state() { - status_led="$boot" +set_state() { + case "$(board_name)" in + raspberrypi,2-model-b |\ + raspberrypi,model-b-plus) + status_led="led1" + ;; + raspberrypi,model-b |\ + raspberrypi,model-zero |\ + raspberrypi,model-zero-w) + status_led="led0" + ;; + esac case "$1" in preinit) status_led_blink_preinit ;; failsafe) - status_led_off - [ -n "$running" ] && { - status_led="$running" - status_led_off - } - status_led="$failsafe" status_led_blink_failsafe ;; preinit_regular) status_led_blink_preinit_regular ;; - upgrade) - [ -n "$running" ] && { - status_led="$running" - status_led_off - } - status_led="$upgrade" - status_led_blink_preinit_regular - ;; done) - status_led_off - [ -n "$running" ] && { - status_led="$running" - status_led_on - } + status_led_on ;; esac } - -set_state() { - [ -n "$boot" -o -n "$failsafe" -o -n "$running" -o -n "$upgrade" ] && set_led_state "$1" -} diff --git a/root/etc/group b/root/etc/group index d2189b0..7af6004 100644 --- a/root/etc/group +++ b/root/etc/group @@ -1,8 +1,8 @@ root:x:0: daemon:x:1: adm:x:4: -tty:x:5: mail:x:8: +dialout:x:20: audio:x:29: www-data:x:33: ftp:x:55: diff --git a/root/etc/hotplug.d/ieee80211/10-wifi-detect b/root/etc/hotplug.d/ieee80211/10-wifi-detect new file mode 100644 index 0000000..6be4481 --- /dev/null +++ b/root/etc/hotplug.d/ieee80211/10-wifi-detect @@ -0,0 +1,8 @@ +#!/bin/sh + +# just skip wifi config in openwrt of rtd1296 +exit 0 + +[ "${ACTION}" = "add" ] && { + /sbin/wifi config +} diff --git a/root/etc/hotplug.json b/root/etc/hotplug.json index 1c949bb..f676bac 100644 --- a/root/etc/hotplug.json +++ b/root/etc/hotplug.json @@ -20,6 +20,10 @@ [ "regex", "DEVNAME", "^snd" ], [ "makedev", "/dev/%DEVNAME%", "0660", "audio" ] ], + [ "if", + [ "regex", "DEVNAME", "^tty" ], + [ "makedev", "/dev/%DEVNAME%", "0660", "dialout" ] + ], [ "if", [ "has", "DEVNAME" ], [ "makedev", "/dev/%DEVNAME%", "0600" ] diff --git a/root/etc/init.d/avahi-daemon b/root/etc/init.d/avahi-daemon index e60bfb2..b2ae458 100755 --- a/root/etc/init.d/avahi-daemon +++ b/root/etc/init.d/avahi-daemon @@ -4,7 +4,7 @@ START=61 BIN=avahi-daemon DEFAULT=/etc/default/$BIN -OPTIONS="--no-drop-root -D" +OPTIONS="-D" RUN_D=/var/run/$BIN start() { diff --git a/root/etc/init.d/boot b/root/etc/init.d/boot index fedf32a..b20ef5a 100755 --- a/root/etc/init.d/boot +++ b/root/etc/init.d/boot @@ -2,7 +2,7 @@ # Copyright (C) 2006-2011 OpenWrt.org START=10 -STOP=98 +STOP=90 uci_apply_defaults() { . /lib/functions/system.sh diff --git a/root/etc/init.d/dnsmasq b/root/etc/init.d/dnsmasq index 93a8f9a..1054f7a 100755 --- a/root/etc/init.d/dnsmasq +++ b/root/etc/init.d/dnsmasq @@ -22,10 +22,45 @@ DHCPSCRIPT="/usr/lib/dnsmasq/dhcp-script.sh" DNSMASQ_DHCP_VER=4 +dnsmasq_ignore_opt() { + local opt="$1" + + if [ -z "$dnsmasq_features" ]; then + dnsmasq_features="$(dnsmasq --version | grep -m1 'Compile time options:' | cut -d: -f2) " + [ "${dnsmasq_features#* DHCP }" = "$dnsmasq_features" ] || dnsmasq_has_dhcp=1 + [ "${dnsmasq_features#* DHCPv6 }" = "$dnsmasq_features" ] || dnsmasq_has_dhcp6=1 + [ "${dnsmasq_features#* DNSSEC }" = "$dnsmasq_features" ] || dnsmasq_has_dnssec=1 + [ "${dnsmasq_features#* TFTP }" = "$dnsmasq_features" ] || dnsmasq_has_tftp=1 + [ "${dnsmasq_features#* ipset }" = "$dnsmasq_features" ] || dnsmasq_has_ipset=1 + fi + + case "$opt" in + dhcp-duid|\ + ra-param) + [ -z "$dnsmasq_has_dhcp6" ] ;; + dhcp-*|\ + bootp-*|\ + pxe-*) + [ -z "$dnsmasq_has_dhcp" ] ;; + dnssec-*|\ + trust-anchor) + [ -z "$dnsmasq_has_dnssec" ] ;; + tftp-*) + [ -z "$dnsmasq_has_tftp" ] ;; + ipset) + [ -z "$dnsmasq_has_ipset" ] ;; + *) + return 1 + esac +} + xappend() { - local value="$1" + local value="${1#--}" + local opt="${value%%=*}" - echo "${value#--}" >> $CONFIGFILE_TMP + if ! dnsmasq_ignore_opt "$opt"; then + echo "$value" >>$CONFIGFILE_TMP + fi } hex_to_hostid() { diff --git a/root/etc/init.d/dropbear b/root/etc/init.d/dropbear index 2ea637e..173ab09 100755 --- a/root/etc/init.d/dropbear +++ b/root/etc/init.d/dropbear @@ -12,6 +12,91 @@ PIDCOUNT=0 EXTRA_COMMANDS="killclients" EXTRA_HELP=" killclients Kill ${NAME} processes except servers and yourself" +_dropbearkey() +{ + /usr/bin/dropbearkey "$@" 0<&- 1>&- 2>&- +} + +# $1 - host key file name +hk_verify() +{ + [ -f "$1" ] || return 1 + [ -s "$1" ] || return 2 + _dropbearkey -y -f "$1" || return 3 + return 0 +} + +# $1 - hk_verify() return code +hk_errmsg() +{ + case "$1" in + 0) ;; + 1) echo "file does not exist" ;; + 2) echo "file has zero length" ;; + 3) echo "file is not valid host key or not supported" ;; + *) echo "unknown error" ;; + esac +} + +# $1 - config option +# $2 - host key file name +hk_config() +{ + local x m + hk_verify "$2"; x=$? + case "$x" in + 0) procd_append_param command -r "$2" + ;; + *) m=$(hk_errmsg "$x") + logger -t "${NAME}" -p daemon.warn \ + "option '$1', value '$2': $m, skipping" + ;; + esac +} + +# $1 - host key file name +hk_config__keyfile() +{ + hk_config 'keyfile' "$1" +} + +hk_generate_as_needed() +{ + local kdir kgen ktype tdir kcount tfile + kdir='/etc/dropbear' + + kgen='' + for ktype in ecdsa rsa; do + hk_verify "${kdir}/dropbear_${ktype}_host_key" && continue + + kgen="${kgen} ${ktype}" + done + + [ -z "${kgen}" ] && return + + tdir=$(mktemp -d); chmod 0700 "${tdir}" + + kcount=0 + for ktype in ${kgen}; do + tfile="${tdir}/dropbear_${ktype}_host_key" + + if ! _dropbearkey -t ${ktype} -f "${tfile}"; then + # unsupported key type + rm -f "${tfile}" + continue + fi + + kcount=$((kcount+1)) + done + + if [ ${kcount} -ne 0 ]; then + mkdir -p "${kdir}"; chmod 0700 "${kdir}"; chown root "${kdir}" + mv -f "${tdir}/"* "${kdir}/" + fi + + rm -rf "${tdir}" +} + append_ports() { local ipaddrs="$1" @@ -37,8 +122,9 @@ validate_section_dropbear() 'RootPasswordAuth:bool:1' \ 'RootLogin:bool:1' \ 'rsakeyfile:file' \ + 'keyfile:list(file)' \ 'BannerFile:file' \ - 'Port:list(port):22' \ + 'Port:port:22' \ 'SSHKeepAlive:uinteger:300' \ 'IdleTimeout:uinteger:0' \ 'MaxAuthTries:uinteger:3' \ @@ -74,7 +160,13 @@ dropbear_instance() [ "${GatewayPorts}" -eq 1 ] && procd_append_param command -a [ "${RootPasswordAuth}" -eq 0 ] && procd_append_param command -g [ "${RootLogin}" -eq 0 ] && procd_append_param command -w - [ -n "${rsakeyfile}" ] && procd_append_param command -r "${rsakeyfile}" + if [ -n "${rsakeyfile}" ]; then + logger -t ${NAME} -p daemon.warn \ + "option 'rsakeyfile' is considered to be deprecated and" \ + "will be removed in future releases, use 'keyfile' instead" + hk_config 'rsakeyfile' "${rsakeyfile}" + fi + config_list_foreach "$1" "keyfile" hk_config__keyfile [ -n "${BannerFile}" ] && procd_append_param command -b "${BannerFile}" append_ports "${ipaddrs}" "${Port}" [ "${IdleTimeout}" -ne 0 ] && procd_append_param command -I "${IdleTimeout}" @@ -87,29 +179,6 @@ dropbear_instance() procd_close_instance } -keygen() -{ - for keytype in rsa; do - # check for keys - key=dropbear/dropbear_${keytype}_host_key - [ -f /tmp/$key -o -s /etc/$key ] || { - # generate missing keys - mkdir -p /tmp/dropbear - [ -x /usr/bin/dropbearkey ] && { - /usr/bin/dropbearkey -t $keytype -f /tmp/$key 2>&- >&- && exec /etc/rc.common "$initscript" start - } & - exit 0 - } - done - - lock /tmp/.switch2jffs - mkdir -p /etc/dropbear - mv /tmp/dropbear/dropbear_* /etc/dropbear/ - lock -u /tmp/.switch2jffs - chown root /etc/dropbear - chmod 0700 /etc/dropbear -} - load_interfaces() { config_get interface "$1" Interface @@ -126,7 +195,7 @@ boot() start_service() { - [ -s /etc/dropbear/dropbear_rsa_host_key ] || keygen + hk_generate_as_needed . /lib/functions.sh . /lib/functions/network.sh diff --git a/root/etc/init.d/log b/root/etc/init.d/log index 250f805..ba9c124 100755 --- a/root/etc/init.d/log +++ b/root/etc/init.d/log @@ -96,3 +96,7 @@ start_service() config_foreach validate_log_section system start_service_file config_foreach validate_log_section system start_service_remote } + +service_running() { + procd_running log +} diff --git a/root/etc/init.d/minidlna b/root/etc/init.d/minidlna index e50f9a8..80f1e4e 100755 --- a/root/etc/init.d/minidlna +++ b/root/etc/init.d/minidlna @@ -87,7 +87,7 @@ start() { [ "$enabled" -gt 0 ] || return 1 minidlna_create_config config || return 1 - + config_get db_dir config 'db_dir' '/var/run/minidlna' config_get log_dir config 'log_dir' '/var/log/minidlna' config_get user config 'user' 'nobody' diff --git a/root/etc/init.d/network b/root/etc/init.d/network index 99d9f65..2321a30 100755 --- a/root/etc/init.d/network +++ b/root/etc/init.d/network @@ -115,7 +115,9 @@ validate_switch_section() 'name:string' \ 'enable:bool' \ 'enable_vlan:bool' \ - 'reset:bool' + 'reset:bool' \ + 'ar8xxx_mib_poll_interval:uinteger' \ + 'ar8xxx_mib_type:range(0,1)' } validate_switch_vlan() diff --git a/root/etc/init.d/portmap b/root/etc/init.d/portmap new file mode 100755 index 0000000..9ffea47 --- /dev/null +++ b/root/etc/init.d/portmap @@ -0,0 +1,13 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2006-2011 OpenWrt.org + +START=19 +STOP=19 + +USE_PROCD=1 + +start_service() { + procd_open_instance + procd_set_param command /usr/sbin/portmap -f -g 3003 + procd_close_instance +} diff --git a/root/etc/init.d/rpcd b/root/etc/init.d/rpcd index 0a37ee1..77ebcbe 100755 --- a/root/etc/init.d/rpcd +++ b/root/etc/init.d/rpcd @@ -15,10 +15,10 @@ start_service() { procd_close_instance } -stop() { - service_stop /sbin/rpcd +reload_service() { + procd_send_signal rpcd } -reload() { - service_reload /sbin/rpcd +service_running() { + procd_running rpcd } diff --git a/root/etc/init.d/samba4 b/root/etc/init.d/samba4 index f0bf04d..5b81db2 100755 --- a/root/etc/init.d/samba4 +++ b/root/etc/init.d/samba4 @@ -7,7 +7,8 @@ smb_header() { config_get samba_iface $1 interface "loopback lan" # resolve interfaces - local interfaces=$( + local interfaces + interfaces=$( . /lib/functions/network.sh local net @@ -15,23 +16,24 @@ smb_header() { local device network_is_up $net || continue network_get_device device "$net" - echo -n "${device:-$net} " + printf "%s " "${device:-$net}" done ) local workgroup description charset # we dont use netbios anymore as default and wsd/avahi is dns based - local hostname="$(cat /proc/sys/kernel/hostname)" + local hostname + hostname="$(cat /proc/sys/kernel/hostname)" config_get workgroup $1 workgroup "WORKGROUP" config_get description $1 description "Samba on OpenWrt" - config_get charset $1 charset "UTF-8" + config_get charset $1 charset "UTF-8" - config_get_bool ENABLEDST $1 enabled 0 - config_get_bool MACOS $1 macos 0 + config_get_bool MACOS $1 macos 0 config_get_bool DISABLE_NETBIOS $1 disable_netbios 0 config_get_bool DISABLE_AD_DC $1 disable_ad_dc 0 config_get_bool DISABLE_WINBIND $1 disable_winbind 0 + config_get_bool DISABLE_ASYNC_IO $1 disable_async_io 0 mkdir -p /var/etc sed -e "s#|NAME|#$hostname#g" \ @@ -41,26 +43,26 @@ smb_header() { -e "s#|CHARSET|#$charset#g" \ /etc/samba/smb.conf.template > /var/etc/smb.conf - echo -e "\n######### Dynamic written config options #########\n" >> /var/etc/smb.conf - if [ "$DISABLE_NETBIOS" -eq 1 ] || [ ! -x /usr/sbin/nmbd ]; then - echo -e "\tdisable netbios = yes" >> /var/etc/smb.conf + { + printf "\n######### Dynamic written config options #########\n" + if [ "$DISABLE_NETBIOS" -eq 1 ] || [ ! -x /usr/sbin/nmbd ]; then + printf "\tdisable netbios = yes\n" + fi + + if [ "$DISABLE_ASYNC_IO" -eq 1 ]; then + printf "\taio read size = 0\n" + printf "\taio write size = 0\n" + # sendfile bug: https://bugzilla.samba.org/show_bug.cgi?id=14095 + printf "\tuse sendfile = no\n" + fi + } >> /var/etc/smb.conf + + [ -e /etc/samba/smb.conf ] || ln -nsf /var/etc/smb.conf /etc/samba/smb.conf + + if ! [ -L /etc/samba/smb.conf ]; then + logger -t 'samba4-server' "Local custom /etc/samba/smb.conf file detected, all luci/config settings are ignored!" fi - local homes - config_get_bool homes $1 homes 0 - [ $homes -gt 0 ] && { - cat <> /var/etc/smb.conf - -[homes] - comment = Home Directories - browsable = no - writable = yes - read only = no - create mask = 0750 -EOT - } - - [ -L /etc/samba/smb.conf ] || ln -nsf /var/etc/smb.conf /etc/samba/smb.conf } smb_add_share() { @@ -71,6 +73,7 @@ smb_add_share() { local dir_mask local browseable local read_only + local writeable local guest_ok local guest_only local inherit_owner @@ -78,6 +81,8 @@ smb_add_share() { local timemachine local timemachine_maxsize local force_root + local write_list + local read_list config_get name $1 name config_get path $1 path @@ -86,6 +91,7 @@ smb_add_share() { config_get dir_mask $1 dir_mask config_get browseable $1 browseable config_get read_only $1 read_only + config_get writeable $1 writeable config_get guest_ok $1 guest_ok config_get guest_only $1 guest_only config_get inherit_owner $1 inherit_owner @@ -93,40 +99,48 @@ smb_add_share() { config_get_bool timemachine $1 timemachine 0 config_get timemachine_maxsize $1 timemachine_maxsize config_get_bool force_root $1 force_root 0 + config_get write_list $1 write_list + config_get read_list $1 read_list - [ -z "$name" -o -z "$path" ] && return + [ -z "$name" ] || [ -z "$path" ] && return - echo -e "\n[$name]\n\tpath = $path" >> /var/etc/smb.conf - - if [ "$force_root" -eq 1 ]; then - echo -e "\tforce user = root" >> /var/etc/smb.conf - echo -e "\tforce group = root" >> /var/etc/smb.conf - else - [ -n "$users" ] && echo -e "\tvalid users = $users" >> /var/etc/smb.conf - fi + { + printf "\n[$name]\n\tpath = %s\n" "$path" - [ -n "$create_mask" ] && echo -e "\tcreate mask = $create_mask" >> /var/etc/smb.conf - [ -n "$dir_mask" ] && echo -e "\tdirectory mask = $dir_mask" >> /var/etc/smb.conf - - [ -n "$browseable" ] && echo -e "\tbrowseable = $browseable" >> /var/etc/smb.conf - [ -n "$read_only" ] && echo -e "\tread only = $read_only" >> /var/etc/smb.conf - [ -n "$guest_ok" ] && echo -e "\tguest ok = $guest_ok" >> /var/etc/smb.conf - [ -n "$guest_only" ] && echo -e "\tguest only = $guest_only" >> /var/etc/smb.conf - [ -n "$inherit_owner" ] && echo -e "\tinherit owner = $inherit_owner" >> /var/etc/smb.conf - - if [ "$MACOS" -eq 1 ]; then - vfs_objects="catia fruit streams_xattr $vfs_objects" - echo -e "\tfruit:encoding = native" >> /var/etc/smb.conf - echo -e "\tfruit:metadata = stream" >> /var/etc/smb.conf - echo -e "\tfruit:veto_appledouble = no" >> /var/etc/smb.conf - # avoid mixed shares order for aapl - if [ "$timemachine" -eq 1 ]; then - echo -e "\tfruit:time machine = yes" >> /var/etc/smb.conf - [ -n "$timemachine_maxsize" ] && echo -e "\tfruit:time machine max size = ${timemachine_maxsize}G" >> /var/etc/smb.conf + if [ "$force_root" -eq 1 ]; then + printf "\tforce user = root\n" + printf "\tforce group = root\n" + else + [ -n "$users" ] && printf "\tvalid users = %s\n" "$users" fi - fi - - [ -n "$vfs_objects" ] && echo -e "\tvfs objects = $vfs_objects" >> /var/etc/smb.conf + + [ -n "$create_mask" ] && printf "\tcreate mask = %s\n" "$create_mask" + [ -n "$dir_mask" ] && printf "\tdirectory mask = %s\n" "$dir_mask" + + [ -n "$browseable" ] && printf "\tbrowseable = %s\n" "$browseable" + [ -n "$read_only" ] && printf "\tread only = %s\n" "$read_only" + [ -n "$writeable" ] && printf "\twriteable = %s\n" "$writeable" + [ -n "$guest_ok" ] && printf "\tguest ok = %s\n" "$guest_ok" + [ -n "$guest_only" ] && printf "\tguest only = %s\n" "$guest_only" + [ -n "$inherit_owner" ] && printf "\tinherit owner = %s\n" "$inherit_owner" + + [ -n "$write_list" ] && printf "\twrite list = %s\n" "$write_list" + [ -n "$read_list" ] && printf "\tread list = %s\n" "$read_list" + + if [ "$MACOS" -eq 1 ]; then + vfs_objects="catia fruit streams_xattr $vfs_objects" + printf "\tfruit:encoding = native\n" + printf "\tfruit:metadata = stream\n" + printf "\tfruit:veto_appledouble = no\n" + # avoid mixed shares order for aapl + if [ "$timemachine" -eq 1 ]; then + printf "\tfruit:time machine = yes\n" + [ -n "$timemachine_maxsize" ] && printf "\tfruit:time machine max size = %sG\n" "${timemachine_maxsize}" + fi + fi + + [ -n "$vfs_objects" ] && printf "\tvfs objects = %s\n" "$vfs_objects" + } >> /var/etc/smb.conf } init_config() { @@ -135,10 +149,8 @@ init_config() { [ -d /var/cache/samba ] || mkdir -p /var/cache/samba [ -d /var/run/samba ] || mkdir -p /var/run/samba [ -d /var/log/samba ] || mkdir -p /var/log/samba - [ -d /var/lock ] && chmod 0755 /var/lock || { - mkdir -p /var/lock - chmod 0755 /var/lock - } + [ -d /var/lock ] || mkdir -p /var/lock + chmod 0755 /var/lock config_load samba4 config_foreach smb_header samba @@ -147,9 +159,9 @@ init_config() { service_triggers() { PROCD_RELOAD_DELAY=2000 - + procd_add_reload_trigger "dhcp" "system" "samba4" - + local i for i in $samba_iface; do procd_add_reload_interface_trigger $i @@ -159,7 +171,6 @@ service_triggers() { start_service() { init_config - [ "$ENABLEDST" == "1" ] || return 1 # start main AD-DC daemon, will spawn (smbd,nmbd,winbindd) as needed/configured. if [ "$DISABLE_AD_DC" -ne 1 ] && [ -x /usr/sbin/samba ]; then procd_open_instance diff --git a/root/etc/init.d/transmission b/root/etc/init.d/transmission index 6196713..f68388b 100755 --- a/root/etc/init.d/transmission +++ b/root/etc/init.d/transmission @@ -14,8 +14,8 @@ append_params() { IFS="$LIST_SEP" for v in $v; do [ -n "$v" ] && ( - echo "\"$p\": $v," | sed -e 's|_|-|g' >> $config_file - ) + echo "\"$p\": $v," | sed -e 's|_|-|g' + ) >> "$config_file" done unset IFS done @@ -28,9 +28,9 @@ append_params_quotes() { IFS="$LIST_SEP" for v in $v; do [ -n "$v" ] && ( - echo -n "\"$p" | sed -e 's|/|\\/|g;s|_|-|g' >> $config_file; \ - echo "\": \"$v\"," >> $config_file - ) + printf "\"%s" "$p" | sed -e 's|/|\\/|g;s|_|-|g'; \ + echo "\": \"$v\"," + ) >> "$config_file" done unset IFS done @@ -51,7 +51,6 @@ transmission() { local download_dir config_dir local mem_percentage local nice - local cmdline local web_home section_enabled "$section" || return 1 @@ -65,29 +64,24 @@ transmission() { config_get nice "$cfg" nice 0 config_get web_home "$cfg" 'web_home' - local MEM=$(sed -ne 's!^MemTotal:[[:space:]]*\([0-9]*\) kB$!\1!p' /proc/meminfo) + local MEM + + MEM=$(sed -ne 's!^MemTotal:[[:space:]]*\([0-9]*\) kB$!\1!p' /proc/meminfo) if test "$MEM" -gt 1;then - USE=$(expr $MEM \* $mem_percentage \* 10) + USE=$((MEM * mem_percentage * 10)) fi config_file="$config_dir/settings.json" - [ -d $config_dir ] || { - mkdir -p $config_dir - touch $config_file - } - - [ -d $download_dir ] || { - mkdir -p $download_dir + [ -d "$config_dir" ] || { + mkdir -p "$config_dir" + chmod 0755 "$config_dir" + touch "$config_file" } + [ -z "$user" ] || chown -R "$user:$group" "$config_dir" - chmod 0755 $config_dir - [ -z "$user" ] || { - chown -R "$user:$group" $config_dir - } - - [ "$config_overwrite" == 0 ] || { + [ "$config_overwrite" = 0 ] || { - echo "{" > $config_file + echo "{" > "$config_file" append_params "$cfg" \ alt_speed_down alt_speed_enabled alt_speed_time_begin alt_speed_time_day \ @@ -112,20 +106,24 @@ transmission() { peer_congestion_algorithm peer_socket_tos rpc_bind_address rpc_password rpc_url \ rpc_username rpc_host_whitelist rpc_whitelist script_torrent_done_filename watch_dir - echo "\"invalid-key\": false" >> $config_file - echo "}" >> $config_file - + { + echo "\"invalid-key\": false" + echo "}" + } >> "$config_file" } - cmdline="transmission-daemon -g $config_dir -f" procd_open_instance - procd_set_param command $cmdline - procd_set_param user $user - procd_set_param group $group - procd_set_param nice $nice + procd_set_param command "/usr/bin/transmission-daemon" + procd_append_param command -f + procd_append_param command --log-error + procd_append_param command -g $config_dir + procd_set_param user "$user" + procd_set_param group "$group" + procd_set_param nice "$nice" + procd_set_param stderr 1 procd_set_param respawn retry=60 - if test -z $USE; then + if [ -z "$USE" ]; then procd_set_param limits core="0 0" else procd_set_param limits core="0 0" as="$USE $USE" @@ -137,8 +135,8 @@ transmission() { fi procd_add_jail transmission log - procd_add_jail_mount $config_file - procd_add_jail_mount_rw $download_dir + procd_add_jail_mount "$config_file" + procd_add_jail_mount_rw "$download_dir" procd_close_instance } diff --git a/root/etc/init.d/uhttpd b/root/etc/init.d/uhttpd index dc496b3..6322473 100755 --- a/root/etc/init.d/uhttpd +++ b/root/etc/init.d/uhttpd @@ -43,15 +43,19 @@ generate_keys() { config_get state "$cfg" state config_get location "$cfg" location config_get commonname "$cfg" commonname + config_get key_type "$cfg" key_type + config_get ec_curve "$cfg" ec_curve # Prefer px5g for certificate generation (existence evaluated last) local GENKEY_CMD="" + local KEY_OPTS="rsa:${bits:-2048}" local UNIQUEID=$(dd if=/dev/urandom bs=1 count=4 | hexdump -e '1/1 "%02x"') + [ "$key_type" = "ec" ] && KEY_OPTS="ec -pkeyopt ec_paramgen_curve:${ec_curve:-P-256}" [ -x "$OPENSSL_BIN" ] && GENKEY_CMD="$OPENSSL_BIN req -x509 -sha256 -outform der -nodes" [ -x "$PX5G_BIN" ] && GENKEY_CMD="$PX5G_BIN selfsigned -der" [ -n "$GENKEY_CMD" ] && { $GENKEY_CMD \ - -days ${days:-730} -newkey rsa:${bits:-2048} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \ + -days ${days:-730} -newkey ${KEY_OPTS} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \ -subj /C="${country:-ZZ}"/ST="${state:-Somewhere}"/L="${location:-Unknown}"/O="${commonname:-OpenWrt}$UNIQUEID"/CN="${commonname:-OpenWrt}" sync mv "${UHTTPD_KEY}.new" "${UHTTPD_KEY}" diff --git a/root/etc/init.d/umount b/root/etc/init.d/umount index 9123864..ba6d35c 100755 --- a/root/etc/init.d/umount +++ b/root/etc/init.d/umount @@ -1,7 +1,12 @@ #!/bin/sh /etc/rc.common # Copyright (C) 2006 OpenWrt.org -STOP=99 +STOP=90 + +restart() { + : +} + stop() { sync find /mnt/ -maxdepth 1 -mindepth 1 -type d | xargs -n1 umount -r diff --git a/root/etc/init.d/urngd b/root/etc/init.d/urngd new file mode 100755 index 0000000..7531ca8 --- /dev/null +++ b/root/etc/init.d/urngd @@ -0,0 +1,17 @@ +#!/bin/sh /etc/rc.common + +START=00 + +USE_PROCD=1 +NAME=urngd +PROG=/sbin/urngd + +start_service() { + procd_open_instance + procd_set_param command "$PROG" + procd_close_instance +} + +reload_service() { + procd_send_signal $PROG +} diff --git a/root/etc/inittab b/root/etc/inittab index be81ab3..b944a93 100644 --- a/root/etc/inittab +++ b/root/etc/inittab @@ -1,5 +1,4 @@ ::sysinit:/etc/init.d/rcS S boot ::shutdown:/etc/init.d/rcS K shutdown -tts/0::askfirst:/usr/libexec/login.sh -ttyS0::askfirst:/usr/libexec/login.sh +::askconsole:/usr/libexec/login.sh tty1::askfirst:/usr/libexec/login.sh diff --git a/root/etc/openwrt_release b/root/etc/openwrt_release index e1a99c6..0196656 100644 --- a/root/etc/openwrt_release +++ b/root/etc/openwrt_release @@ -1,7 +1,7 @@ DISTRIB_ID='OpenWrt' -DISTRIB_RELEASE='SNAPSHOT' -DISTRIB_REVISION='r9680-0304e76' -DISTRIB_TARGET='sunxi/cortexa53' +DISTRIB_RELEASE='19.07.0-rc2' +DISTRIB_REVISION='r10775-db8345d8e4' +DISTRIB_TARGET='brcm2708/bcm2710' DISTRIB_ARCH='aarch64_cortex-a53' -DISTRIB_DESCRIPTION='OpenWrt SNAPSHOT r9680-0304e76' +DISTRIB_DESCRIPTION='OpenWrt 19.07.0-rc2 r10775-db8345d8e4' DISTRIB_TAINTS='' diff --git a/root/etc/openwrt_version b/root/etc/openwrt_version index cae1e34..c536fad 100644 --- a/root/etc/openwrt_version +++ b/root/etc/openwrt_version @@ -1 +1 @@ -r9680-0304e76 +r10775-db8345d8e4 diff --git a/root/etc/opkg/distfeeds.conf b/root/etc/opkg/distfeeds.conf index 542443b..7f1f23c 100644 --- a/root/etc/opkg/distfeeds.conf +++ b/root/etc/opkg/distfeeds.conf @@ -1,5 +1,5 @@ -src/gz openwrt_core https://mirror.0x.sg/openwrt/snapshots/targets/sunxi/cortexa53/packages -src/gz openwrt_base https://mirror.0x.sg/openwrt/snapshots/packages/aarch64_cortex-a53/base -src/gz openwrt_luci https://mirror.0x.sg/openwrt/snapshots/packages/aarch64_cortex-a53/luci -src/gz openwrt_packages https://mirror.0x.sg/openwrt/snapshots/packages/aarch64_cortex-a53/packages -src/gz openwrt_routing https://mirror.0x.sg/openwrt/snapshots/packages/aarch64_cortex-a53/routing +src/gz openwrt_core http://downloads.openwrt.org/releases/19.07.0-rc2/targets/brcm2708/bcm2710/packages +src/gz openwrt_base http://downloads.openwrt.org/releases/19.07.0-rc2/packages/aarch64_cortex-a53/base +src/gz openwrt_luci http://downloads.openwrt.org/releases/19.07.0-rc2/packages/aarch64_cortex-a53/luci +src/gz openwrt_packages http://downloads.openwrt.org/releases/19.07.0-rc2/packages/aarch64_cortex-a53/packages +src/gz openwrt_routing http://downloads.openwrt.org/releases/19.07.0-rc2/packages/aarch64_cortex-a53/routing \ No newline at end of file diff --git a/root/etc/opkg/keys/b26f36ae0f4106d b/root/etc/opkg/keys/0b26f36ae0f4106d similarity index 52% rename from root/etc/opkg/keys/b26f36ae0f4106d rename to root/etc/opkg/keys/0b26f36ae0f4106d index 8d408eb..a436c1f 100644 --- a/root/etc/opkg/keys/b26f36ae0f4106d +++ b/root/etc/opkg/keys/0b26f36ae0f4106d @@ -1,2 +1,2 @@ -untrusted comment: LEDE usign key of Stijn Tintel +untrusted comment: Public usign key of Stijn Tintel RWQLJvNq4PQQbSGZ05Az9jXSt/xlw/IfWc6USiB2FHEUoWL7QpMibzv6 diff --git a/root/etc/opkg/keys/1035ac73cc4e59e3 b/root/etc/opkg/keys/1035ac73cc4e59e3 index e8ce435..6ae478a 100644 --- a/root/etc/opkg/keys/1035ac73cc4e59e3 +++ b/root/etc/opkg/keys/1035ac73cc4e59e3 @@ -1,2 +1,2 @@ -untrusted comment: OpenWrt 18.06 public key +untrusted comment: Public usign key for 18.06 release builds RWQQNaxzzE5Z41cVmEh2rilAPKLsyfPKm+S4BJWA1Yv+LP1hKebmGtXi diff --git a/root/etc/opkg/keys/5151f69420c3f508 b/root/etc/opkg/keys/5151f69420c3f508 index d4cd777..37de5ff 100644 --- a/root/etc/opkg/keys/5151f69420c3f508 +++ b/root/etc/opkg/keys/5151f69420c3f508 @@ -1,2 +1,2 @@ -untrusted comment: LEDE usign key of Hans Dedecker +untrusted comment: Public usign key of Hans Dedecker RWRRUfaUIMP1CAL9wvk3ABBHdUM+3SjMvIuJlK68b3b04Pw3wiaiAfxX diff --git a/root/etc/opkg/keys/72a57f2191b211e0 b/root/etc/opkg/keys/72a57f2191b211e0 index 1719816..367ece0 100644 --- a/root/etc/opkg/keys/72a57f2191b211e0 +++ b/root/etc/opkg/keys/72a57f2191b211e0 @@ -1,2 +1,2 @@ -untrusted comment: LEDE usign key of Jo-Philipp Wich +untrusted comment: Public usign key of Jo-Philipp Wich RWRypX8hkbIR4FLhtx5pjXcAIsI1iPUIcI5bMG8jZoiCkrwTstECBPqL diff --git a/root/etc/opkg/keys/792d9d9b39f180dc b/root/etc/opkg/keys/792d9d9b39f180dc index 9044a0e..089fbaf 100644 --- a/root/etc/opkg/keys/792d9d9b39f180dc +++ b/root/etc/opkg/keys/792d9d9b39f180dc @@ -1,2 +1,2 @@ -untrusted comment: LEDE 17.01 "Reboot" public key +untrusted comment: Public usign key for 17.01 "Reboot" release builds RWR5LZ2bOfGA3FGliZosEDhodiAKDOISmQs/mmjo4rhcbFtqkibJqMzo diff --git a/root/etc/opkg/keys/9ef4694208102c43 b/root/etc/opkg/keys/9ef4694208102c43 index c4df7b6..3757905 100644 --- a/root/etc/opkg/keys/9ef4694208102c43 +++ b/root/etc/opkg/keys/9ef4694208102c43 @@ -1,2 +1,2 @@ -untrusted comment: LEDE usign key of Álvaro Fernández Rojas +untrusted comment: Public usign key of Álvaro Fernández Rojas RWSe9GlCCBAsQwI5+wztnWKHfBlvPFP2G00FvZyx+Wfv9AwSViUwo/s2 diff --git a/root/etc/opkg/keys/b2d571e0880ff617 b/root/etc/opkg/keys/b2d571e0880ff617 new file mode 100644 index 0000000..5bcd5f4 --- /dev/null +++ b/root/etc/opkg/keys/b2d571e0880ff617 @@ -0,0 +1,2 @@ +untrusted comment: Public usign key of Hauke Mehrtens +RWSy1XHgiA/2F8nrQOTCa0aRCJzueqmDRzhxuwBJuC++Btb37yr7FKG0 diff --git a/root/etc/opkg/keys/b5043e70f9a75cde b/root/etc/opkg/keys/b5043e70f9a75cde index bcbd9db..82d7677 100644 --- a/root/etc/opkg/keys/b5043e70f9a75cde +++ b/root/etc/opkg/keys/b5043e70f9a75cde @@ -1,2 +1,2 @@ -untrusted comment: LEDE usign key for unattended build jobs +untrusted comment: Public usign key for unattended snapshot builds RWS1BD5w+adc3j2Hqg9+b66CvLR7NlHbsj7wjNVj0XGt/othDgIAOJS+ diff --git a/root/etc/opkg/keys/c10b9afab19ee428 b/root/etc/opkg/keys/c10b9afab19ee428 index ee925b4..006b6c7 100644 --- a/root/etc/opkg/keys/c10b9afab19ee428 +++ b/root/etc/opkg/keys/c10b9afab19ee428 @@ -1,2 +1,2 @@ -untrusted comment: LEDE usign key of Alexander Couzens +untrusted comment: Public usign key of Alexander Couzens RWTBC5r6sZ7kKA/C5VnxUbJw5E0vy3MGo3MP2eXCQlgg65+2si4MKBnf diff --git a/root/etc/opkg/keys/dace9d4df16896bf b/root/etc/opkg/keys/dace9d4df16896bf index 543d569..f1fc0ea 100644 --- a/root/etc/opkg/keys/dace9d4df16896bf +++ b/root/etc/opkg/keys/dace9d4df16896bf @@ -1,2 +1,2 @@ -untrusted comment: LEDE usign key of Ted Hess +untrusted comment: Public usign key of Ted Hess RWTazp1N8WiWvy7rYxstJqaMzGiS4XfW1oyYrk2vwJMRBeBF+8xEA+EZ diff --git a/root/etc/opkg/keys/dd6de0d06bbd3d85 b/root/etc/opkg/keys/dd6de0d06bbd3d85 index 3c21dcd..a57a150 100644 --- a/root/etc/opkg/keys/dd6de0d06bbd3d85 +++ b/root/etc/opkg/keys/dd6de0d06bbd3d85 @@ -1,2 +1,2 @@ -untrusted comment: LEDE usign key of John Crispin +untrusted comment: Public usign key of John Crispin RWTdbeDQa709heyMmwDZjWmlhcTCUv/q+3TBYDPdJAGRuys6xcxE09fp diff --git a/root/etc/opkg/keys/f94b9dd6febac963 b/root/etc/opkg/keys/f94b9dd6febac963 new file mode 100644 index 0000000..1c130f7 --- /dev/null +++ b/root/etc/opkg/keys/f94b9dd6febac963 @@ -0,0 +1,2 @@ +OpenWrt 19.07 release signature +RWT5S53W/rrJY9BiIod3JF04AZ/eU1xDpVOb+rjZzAQBEcoETGx8BXEK \ No newline at end of file diff --git a/root/etc/rc.button/reboot b/root/etc/rc.button/reboot new file mode 100755 index 0000000..cd547e3 --- /dev/null +++ b/root/etc/rc.button/reboot @@ -0,0 +1,12 @@ +#!/bin/sh + +[ "${ACTION}" = "released" ] || exit 0 + +if [ "$SEEN" -ge 5 ] +then + echo "REBOOT" > /dev/console + sync + reboot +fi + +return 0 diff --git a/root/etc/rc.button/wps b/root/etc/rc.button/wps new file mode 100755 index 0000000..d00939d --- /dev/null +++ b/root/etc/rc.button/wps @@ -0,0 +1,62 @@ +#!/bin/sh + +wps_catch_credentials() { + local iface ifaces ifc ifname ssid encryption key radio radios + local found=0 + + . /usr/share/libubox/jshn.sh + ubus -S -t 30 listen wps_credentials | while read creds; do + json_init + json_load "$creds" + json_select wps_credentials || continue + json_get_vars ifname ssid key encryption + local ifcname="$ifname" + json_init + json_load "$(ubus -S call network.wireless status)" + json_get_keys radios + for radio in $radios; do + json_select $radio + json_select interfaces + json_get_keys ifaces + for ifc in $ifaces; do + json_select $ifc + json_get_vars ifname + [ "$ifname" = "$ifcname" ] && { + ubus -S call uci set "{\"config\":\"wireless\", \"type\":\"wifi-iface\", \ + \"match\": { \"device\": \"$radio\", \"encryption\": \"wps\" }, \ + \"values\": { \"encryption\": \"$encryption\", \ + \"ssid\": \"$ssid\", \ + \"key\": \"$key\" } }" + ubus -S call uci commit '{"config": "wireless"}' + ubus -S call uci apply + } + json_select .. + done + json_select .. + json_select .. + done + done +} + +if [ "$ACTION" = "pressed" -a "$BUTTON" = "wps" ]; then + wps_done=0 + ubusobjs="$( ubus -S list hostapd.* )" + for ubusobj in $ubusobjs; do + ubus -S call $ubusobj wps_start && wps_done=1 + done + [ $wps_done = 0 ] || return 0 + wps_done=0 + ubusobjs="$( ubus -S list wpa_supplicant.* )" + for ubusobj in $ubusobjs; do + ifname="$(echo $ubusobj | cut -d'.' -f2 )" + multi_ap="" + if [ -e "/var/run/wpa_supplicant-${ifname}.conf.is_multiap" ]; then + ubus -S call $ubusobj wps_start '{ "multi_ap": true }' && wps_done=1 + else + ubus -S call $ubusobj wps_start && wps_done=1 + fi + done + [ $wps_done = 0 ] || wps_catch_credentials & +fi + +return 0 diff --git a/root/etc/rc.common b/root/etc/rc.common index d9773a0..75dbeed 100755 --- a/root/etc/rc.common +++ b/root/etc/rc.common @@ -131,6 +131,9 @@ ${INIT_TRACE:+set -x} procd_lock stop_service "$@" procd_kill "$(basename ${basescript:-$initscript})" "$1" + if eval "type service_stopped" 2>/dev/null >/dev/null; then + service_stopped + fi } reload() { diff --git a/root/etc/rc.d/K19portmap b/root/etc/rc.d/K19portmap new file mode 120000 index 0000000..90a406c --- /dev/null +++ b/root/etc/rc.d/K19portmap @@ -0,0 +1 @@ +../init.d/portmap \ No newline at end of file diff --git a/root/etc/rc.d/K98boot b/root/etc/rc.d/K90boot similarity index 100% rename from root/etc/rc.d/K98boot rename to root/etc/rc.d/K90boot diff --git a/root/etc/rc.d/K99umount b/root/etc/rc.d/K90umount similarity index 100% rename from root/etc/rc.d/K99umount rename to root/etc/rc.d/K90umount diff --git a/root/etc/rc.d/S00urngd b/root/etc/rc.d/S00urngd new file mode 120000 index 0000000..061fcaa --- /dev/null +++ b/root/etc/rc.d/S00urngd @@ -0,0 +1 @@ +../init.d/urngd \ No newline at end of file diff --git a/root/etc/rc.d/S19portmap b/root/etc/rc.d/S19portmap new file mode 120000 index 0000000..90a406c --- /dev/null +++ b/root/etc/rc.d/S19portmap @@ -0,0 +1 @@ +../init.d/portmap \ No newline at end of file diff --git a/root/etc/rc.d/S60samba b/root/etc/rc.d/S60samba new file mode 120000 index 0000000..1a8aa11 --- /dev/null +++ b/root/etc/rc.d/S60samba @@ -0,0 +1 @@ +../init.d/samba \ No newline at end of file diff --git a/root/etc/rc.d/S99minidlna b/root/etc/rc.d/S99minidlna deleted file mode 120000 index 969da53..0000000 --- a/root/etc/rc.d/S99minidlna +++ /dev/null @@ -1 +0,0 @@ -../init.d/minidlna \ No newline at end of file diff --git a/root/etc/samba/smb.conf.template b/root/etc/samba/smb.conf.template index 9c18184..1625598 100644 --- a/root/etc/samba/smb.conf.template +++ b/root/etc/samba/smb.conf.template @@ -7,73 +7,87 @@ ## This global parameter allows the Samba admin to limit what interfaces on a machine will serve SMB requests. bind interfaces only = yes - + ## time for inactive connections to-be closed in minutes deadtime = 15 - + ## disable core dumps enable core files = no - + ## set security (auto, user, domain, ads) security = user - + ## This parameter controls whether a remote client is allowed or required to use SMB encryption. ## It has different effects depending on whether the connection uses SMB1 or SMB2 and newer: ## If the connection uses SMB1, then this option controls the use of a Samba-specific extension to the SMB protocol introduced in Samba 3.2 that makes use of the Unix extensions. ## If the connection uses SMB2 or newer, then this option controls the use of the SMB-level encryption that is supported in SMB version 3.0 and above and available in Windows 8 and newer. - ##(default/auto,desired,required,off) + ## (default/auto,desired,required,off) #smb encrypt = default - + ## set invalid users invalid users = root - + ## map unknow users to guest map to guest = Bad User ## allow client access to accounts that have null passwords. null passwords = yes - + ## The old plaintext passdb backend. Some Samba features will not work if this passdb backend is used. (NOTE: enabled for size reasons) ## (tdbsam,smbpasswd,ldapsam) passdb backend = smbpasswd - + ## Set location of smbpasswd ('smbd -b' will show default compiled location) #smb passwd file = /etc/samba/smbpasswd - + ## LAN/WAN options (IPTOS_LOWDELAY TCP_NODELAY) WAN (IPTOS_THROUGHPUT) socket options = IPTOS_LOWDELAY TCP_NODELAY - - ## lower CPU useage if supported - use sendfile = yes - + + ## If this integer parameter is set to a non-zero value, Samba will read from files asynchronously when the request size is bigger than this value. + ## Note that it happens only for non-chained and non-chaining reads and when not using write cache. + ## The only reasonable values for this parameter are 0 (no async I/O) and 1 (always do async I/O). + ## (1/0) + #aio read size = 0 + #aio write size = 0 + + ## If Samba has been built with asynchronous I/O support, Samba will not wait until write requests are finished before returning the result to the client for files listed in this parameter. + ## Instead, Samba will immediately return that the write request has been finished successfully, no matter if the operation will succeed or not. + ## This might speed up clients without aio support, but is really dangerous, because data could be lost and files could be damaged. + #aio write behind = /*.tmp/ + + ## lower CPU useage if supported and aio is disabled (aio read size = 0 ; aio write size = 0) + ## currently broken (NOTE: see https://bugzilla.samba.org/show_bug.cgi?id=14095 ) + ## (no, yes) + #use sendfile = yes + ## samba will behave as previous versions of Samba would and will fail the lock request immediately if the lock range cannot be obtained. #blocking locks = No - + ## disable loading of all printcap printers by default (iprint, cups, lpstat) load printers = No printcap name = /dev/null ## Enabling this parameter will disable Samba's support for the SPOOLSS set of MS-RPC's. disable spoolss = yes - + ## This parameters controls how printer status information is interpreted on your system. ## (BSD, AIX, LPRNG, PLP, SYSV, HPUX, QNX, SOFTQ) printing = bsd - + ## Disable that nmbd is acting as a WINS server for unknow netbios names #dns proxy = No - + ## win/unix user mapping backend #idmap config * : backend = tdb - + ## Allows the server name that is advertised through MDNS to be set to the hostname rather than the Samba NETBIOS name. ## This allows an administrator to make Samba registered MDNS records match the case of the hostname rather than being in all capitals. ## (netbios, mdns) mdns name = mdns - + ## Clients that only support netbios won't be able to see your samba server when netbios support is disabled. #disable netbios = Yes - + ## Setting this value to no will cause nmbd never to become a local master browser. #local master = no @@ -83,21 +97,21 @@ ## (445 139) Specifies which ports the server should listen on for SMB traffic. ## 139 is netbios/nmbd #smb ports = 445 139 - + ## This is a list of files and directories that are neither visible nor accessible. ## Each entry in the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?' can be used to specify multiple files or directories as in DOS wildcards. veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/ - + ## If a directory that is to be deleted contains nothing but veto files this deletion will fail unless you also set the delete veto files parameter to yes. delete veto files = yes - + ################ Filesystem and creation rules ################ ## reported filesystem type (NTFS,Samba,FAT) #fstype = FAT - + ## Allows a user who has write access to the file (by whatever means, including an ACL permission) to modify the permissions (including ACL) on it. #dos filemode = Yes - + ## file/dir creating rules #create mask = 0666 #directory mask = 0777 diff --git a/root/etc/sysctl.d/20-transmission.conf b/root/etc/sysctl.d/20-transmission.conf index bdf0de2..7d81b73 100644 --- a/root/etc/sysctl.d/20-transmission.conf +++ b/root/etc/sysctl.d/20-transmission.conf @@ -1,2 +1,6 @@ +# Transmission requests large buffers by default net.core.rmem_max = 4194304 net.core.wmem_max = 1048576 + +# Some firewalls block SYN packets that are too small +net.ipv4.tcp_adv_win_scale = 4 diff --git a/root/etc/uci-defaults/30_luci-theme-bootstrap b/root/etc/uci-defaults/30_luci-theme-bootstrap new file mode 100755 index 0000000..b516184 --- /dev/null +++ b/root/etc/uci-defaults/30_luci-theme-bootstrap @@ -0,0 +1,11 @@ +#!/bin/sh + +if [ "$PKG_UPGRADE" != 1 ]; then + uci batch <<-EOF + set luci.themes.Bootstrap=/luci-static/bootstrap + set luci.main.mediaurlbase=/luci-static/bootstrap + commit luci + EOF +fi + +exit 0 diff --git a/root/etc/uci-defaults/50_luci-mod-admin-full b/root/etc/uci-defaults/50_luci-mod-admin-full index 372eb15..140c832 100755 --- a/root/etc/uci-defaults/50_luci-mod-admin-full +++ b/root/etc/uci-defaults/50_luci-mod-admin-full @@ -5,7 +5,7 @@ if [ "$(uci -q get luci.diag)" != "internal" ]; then if [ -s /etc/os-release ]; then . /etc/os-release - host="${HOME_URL:-${BUG_URL:-$LEDE_DEVICE_MANUFACTURER_URL}}" + host="${HOME_URL:-${BUG_URL:-$OPENWRT_DEVICE_MANUFACTURER_URL}}" host="${host#*://}" host="${host%%/*}" fi diff --git a/root/etc/uci-defaults/samba4 b/root/etc/uci-defaults/samba4 index b239c3f..3771e09 100755 --- a/root/etc/uci-defaults/samba4 +++ b/root/etc/uci-defaults/samba4 @@ -8,8 +8,4 @@ ln -s samba4 /etc/config/samba } -[ -f /etc/init.d/samba ] && { - /etc/init.d/samba enabled && /etc/init.d/samba disable -} - exit 0 \ No newline at end of file diff --git a/root/lib/config/uci.sh b/root/lib/config/uci.sh index 78ec277..1e85ced 100644 --- a/root/lib/config/uci.sh +++ b/root/lib/config/uci.sh @@ -85,6 +85,15 @@ uci_set() { /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} set "$PACKAGE.$CONFIG.$OPTION=$VALUE" } +uci_add_list() { + local PACKAGE="$1" + local CONFIG="$2" + local OPTION="$3" + local VALUE="$4" + + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} add_list "$PACKAGE.$CONFIG.$OPTION=$VALUE" +} + uci_get_state() { uci_get "$1" "$2" "$3" "$4" "/var/state" } @@ -108,7 +117,7 @@ uci_add() { local CONFIG="$3" if [ -z "$CONFIG" ]; then - export ${NO_EXPORT:+-n} CONFIG_SECTION="$(/sbin/uci add "$PACKAGE" "$TYPE")" + export ${NO_EXPORT:+-n} CONFIG_SECTION="$(/sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} add "$PACKAGE" "$TYPE")" else /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} set "$PACKAGE.$CONFIG=$TYPE" export ${NO_EXPORT:+-n} CONFIG_SECTION="$CONFIG" @@ -132,6 +141,15 @@ uci_remove() { /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} del "$PACKAGE.$CONFIG${OPTION:+.$OPTION}" } +uci_remove_list() { + local PACKAGE="$1" + local CONFIG="$2" + local OPTION="$3" + local VALUE="$4" + + /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} del_list "$PACKAGE.$CONFIG.$OPTION=$VALUE" +} + uci_commit() { local PACKAGE="$1" /sbin/uci ${UCI_CONFIG_DIR:+-c $UCI_CONFIG_DIR} commit $PACKAGE diff --git a/root/lib/firmware/brcm/brcmfmac43143.bin b/root/lib/firmware/brcm/brcmfmac43143.bin new file mode 100644 index 0000000..28b8db9 Binary files /dev/null and b/root/lib/firmware/brcm/brcmfmac43143.bin differ diff --git a/root/lib/firmware/brcm/brcmfmac43236b.bin b/root/lib/firmware/brcm/brcmfmac43236b.bin new file mode 100644 index 0000000..8a2004a Binary files /dev/null and b/root/lib/firmware/brcm/brcmfmac43236b.bin differ diff --git a/root/lib/firmware/brcm/brcmfmac4329-sdio.txt b/root/lib/firmware/brcm/brcmfmac4329-sdio.txt deleted file mode 100644 index 6cb3fd7..0000000 --- a/root/lib/firmware/brcm/brcmfmac4329-sdio.txt +++ /dev/null @@ -1,57 +0,0 @@ -#AP6210_NVRAM_V1.2_03192013 -manfid=0x2d0 -prodid=0x492 -vendid=0x14e4 -devid=0x4343 -boardtype=0x0598 - -# Board Revision is P307, same nvram file can be used for P304, P305, P306 and P307 as the tssi pa params used are same -#Please force the automatic RX PER data to the respective board directory if not using P307 board, for e.g. for P305 boards force the data into the following directory /projects/BCM43362/a1_labdata/boardtests/results/sdg_rev0305 -boardrev=0x1307 -boardnum=777 -xtalfreq=26000 -boardflags=0x80201 -boardflags2=0x80 -sromrev=3 -wl0id=0x431b -macaddr=00:90:4c:07:71:12 -aa2g=1 -ag0=2 -maxp2ga0=74 -cck2gpo=0x2222 -ofdm2gpo=0x44444444 -mcs2gpo0=0x6666 -mcs2gpo1=0x6666 -pa0maxpwr=56 - -#P207 PA params -#pa0b0=5447 -#pa0b1=-658 -#pa0b2=-175
- -#Same PA params for P304,P305, P306, P307 - -pa0b0=5447 -pa0b1=-607 -pa0b2=-160 -pa0itssit=62 -pa1itssit=62 - - -cckPwrOffset=5 -ccode=0 -rssismf2g=0xa -rssismc2g=0x3 -rssisav2g=0x7 -triso2g=0 -noise_cal_enable_2g=0 -noise_cal_po_2g=0 -swctrlmap_2g=0x04040404,0x02020202,0x02020202,0x010101,0x1ff -temp_add=29767 -temp_mult=425 - -btc_flags=0x6 -btc_params0=5000 -btc_params1=1000 -btc_params6=63 - diff --git a/root/lib/firmware/brcm/brcmfmac43362-sdio.txt b/root/lib/firmware/brcm/brcmfmac43362-sdio.txt deleted file mode 100644 index 901e782..0000000 --- a/root/lib/firmware/brcm/brcmfmac43362-sdio.txt +++ /dev/null @@ -1,51 +0,0 @@ -#AP6181_NVRAM_V1.1_01152013 -#adjuest PA parameter for g/n mode -manfid=0x2d0 -prodid=0x492 -vendid=0x14e4 -devid=0x4343 -boardtype=0x0598 - -# Board Revision is P307, same nvram file can be used for P304, P305, P306 and P307 as the tssi pa params used are same -#Please force the automatic RX PER data to the respective board directory if not using P307 board, for e.g. for P305 boards force the data into the following directory /projects/BCM43362/a1_labdata/boardtests/results/sdg_rev0305 -boardrev=0x1307 -boardnum=777 -xtalfreq=26000 -boardflags=0xa00 -sromrev=3 -wl0id=0x431b -macaddr=00:90:4c:07:71:12 -aa2g=1 -ag0=2 -maxp2ga0=74 -cck2gpo=0x2222 -ofdm2gpo=0x66666666 -mcs2gpo0=0x7777 -mcs2gpo1=0x7777 -pa0maxpwr=56 - -#P207 PA params -#pa0b0=5447 -#pa0b1=-658 -#pa0b2=-175
- -#Same PA params for P304,P305, P306, P307 - -pa0b0=5447 -pa0b1=-607 -pa0b2=-160 -pa0itssit=62 -pa1itssit=62 - - -cckPwrOffset=5 -ccode=0 -rssismf2g=0xa -rssismc2g=0x3 -rssisav2g=0x7 -triso2g=0 -noise_cal_enable_2g=0 -noise_cal_po_2g=0 -swctrlmap_2g=0x04040404,0x02020202,0x02020202,0x010101,0x1ff -temp_add=29767 -temp_mult=425 diff --git a/root/lib/firmware/brcm/brcmfmac43430-sdio.bin b/root/lib/firmware/brcm/brcmfmac43430-sdio.bin new file mode 100644 index 0000000..4b2945e Binary files /dev/null and b/root/lib/firmware/brcm/brcmfmac43430-sdio.bin differ diff --git a/root/lib/firmware/brcm/brcmfmac43430-sdio.txt b/root/lib/firmware/brcm/brcmfmac43430-sdio.txt index 9baa5c3..3d917a7 100644 --- a/root/lib/firmware/brcm/brcmfmac43430-sdio.txt +++ b/root/lib/firmware/brcm/brcmfmac43430-sdio.txt @@ -1,4 +1,4 @@ -#AP6212_NVRAM_V1.0_20140603 +# NVRAM file for BCM943430WLSELG # 2.4 GHz, 20 MHz BW mode # The following parameter values are just placeholders, need to be updated. @@ -7,12 +7,14 @@ prodid=0x0726 vendid=0x14e4 devid=0x43e2 boardtype=0x0726 -boardrev=0x1101 +boardrev=0x1202 boardnum=22 macaddr=00:90:4c:c5:12:38 sromrev=11 boardflags=0x00404201 -xtalfreq=26000 +boardflags3=0x08000000 +xtalfreq=37400 +#xtalfreq=19200 nocrc=1 ag0=255 aa2g=1 @@ -27,27 +29,31 @@ AvVmid_c0=0x0,0xc8 cckpwroffset0=5 # PPR params -maxp2ga0=90 +maxp2ga0=84 txpwrbckof=6 -cckbw202gpo=0x5555 -legofdmbw202gpo=0x77777777 -mcsbw202gpo=0xaaaaaaaa +cckbw202gpo=0 +legofdmbw202gpo=0x66111111 +mcsbw202gpo=0x77711111 +propbw202gpo=0xdd # OFDM IIR : -ofdmdigfilttype=7 +ofdmdigfilttype=18 +ofdmdigfilttypebe=18 # PAPD mode: -papdmode=2 +papdmode=1 +papdvalidtest=1 +pacalidx2g=32 +papdepsoffset=-36 +papdendidx=61 il0macaddr=00:90:4c:c5:12:38 wl0id=0x431b -#OOB parameters -hostwake=0x40 -hostrdy=0x41 -usbrdy=0x03 -usbrdydelay=100 deadman_to=0xffffffff -# muxenab: 0x1 for UART enable, 0x10 for Host awake -muxenab=0x10 +# muxenab: 0x1 for UART enable, 0x2 for GPIOs, 0x8 for JTAG +muxenab=0x1 # CLDO PWM voltage settings - 0x4 - 1.1 volt #cldo_pwm=0x4 + +#VCO freq 326.4MHz +spurconfig=0x3 diff --git a/root/lib/firmware/brcm/brcmfmac43430a0-sdio.txt b/root/lib/firmware/brcm/brcmfmac43430a0-sdio.txt deleted file mode 120000 index 2ed6689..0000000 --- a/root/lib/firmware/brcm/brcmfmac43430a0-sdio.txt +++ /dev/null @@ -1 +0,0 @@ -brcmfmac43430-sdio.txt \ No newline at end of file diff --git a/root/lib/firmware/brcm/brcmfmac43455-sdio.bin b/root/lib/firmware/brcm/brcmfmac43455-sdio.bin new file mode 100644 index 0000000..0212bcf Binary files /dev/null and b/root/lib/firmware/brcm/brcmfmac43455-sdio.bin differ diff --git a/root/lib/firmware/brcm/brcmfmac43455-sdio.clm_blob b/root/lib/firmware/brcm/brcmfmac43455-sdio.clm_blob new file mode 100644 index 0000000..3b9b5bd Binary files /dev/null and b/root/lib/firmware/brcm/brcmfmac43455-sdio.clm_blob differ diff --git a/root/lib/firmware/brcm/brcmfmac43455-sdio.txt b/root/lib/firmware/brcm/brcmfmac43455-sdio.txt new file mode 100644 index 0000000..260c929 --- /dev/null +++ b/root/lib/firmware/brcm/brcmfmac43455-sdio.txt @@ -0,0 +1,92 @@ +# Cloned from bcm94345wlpagb_p2xx.txt +NVRAMRev=$Rev: 498373 $ +sromrev=11 +vendid=0x14e4 +devid=0x43ab +manfid=0x2d0 +prodid=0x06e4 +#macaddr=00:90:4c:c5:12:38 +macaddr=b8:27:eb:74:f2:6c +nocrc=1 +boardtype=0x6e4 +boardrev=0x1304 + +#XTAL 37.4MHz +xtalfreq=37400 + +btc_mode=1 +#------------------------------------------------------ +#boardflags: 5GHz eTR switch by default +# 2.4GHz eTR switch by default +# bit1 for btcoex +boardflags=0x00480201 +boardflags2=0x40800000 +boardflags3=0x48200100 +phycal_tempdelta=15 +rxchain=1 +txchain=1 +aa2g=1 +aa5g=1 +tssipos5g=1 +tssipos2g=1 +femctrl=0 +AvVmid_c0=1,165,2,100,2,100,2,100,2,100 +pa2ga0=-129,6525,-718 +pa2ga1=-149,4408,-601 +pa5ga0=-185,6836,-815,-186,6838,-815,-184,6859,-815,-184,6882,-818 +pa5ga1=-202,4285,-574,-201,4312,-578,-196,4391,-586,-201,4294,-575 +itrsw=1 +pdoffsetcckma0=2 +pdoffset2gperchan=0,-2,1,0,1,0,1,1,1,0,0,-1,-1,0 +pdoffset2g40ma0=16 +pdoffset40ma0=0x8888 +pdoffset80ma0=0x8888 +extpagain5g=2 +extpagain2g=2 +tworangetssi2g=1 +tworangetssi5g=1 +# LTECX flags +# WCI2 +ltecxmux=0 +ltecxpadnum=0x0504 +ltecxfnsel=0x22 +ltecxgcigpio=0x32 + +maxp2ga0=80 +ofdmlrbw202gpo=0x0022 +dot11agofdmhrbw202gpo=0x4442 +mcsbw202gpo=0x98444422 +mcsbw402gpo=0x98444422 +maxp5ga0=82,82,82,82 +mcsbw205glpo=0xb9555000 +mcsbw205gmpo=0xb9555000 +mcsbw205ghpo=0xb9555000 +mcsbw405glpo=0xb9555000 +mcsbw405gmpo=0xb9555000 +mcsbw405ghpo=0xb9555000 +mcsbw805glpo=0xb9555000 +mcsbw805gmpo=0xb9555000 +mcsbw805ghpo=0xb9555000 + +swctrlmap_2g=0x00000000,0x00000000,0x00000000,0x010000,0x3ff +swctrlmap_5g=0x00100010,0x00200020,0x00200020,0x010000,0x3fe +swctrlmapext_5g=0x00000000,0x00000000,0x00000000,0x000000,0x3 +swctrlmapext_2g=0x00000000,0x00000000,0x00000000,0x000000,0x3 + +vcodivmode=1 +deadman_to=481500000 + +ed_thresh2g=-54 +ed_thresh5g=-54 +eu_edthresh2g=-54 +eu_edthresh5g=-54 +ldo1=4 +rawtempsense=0x1ff +cckPwrIdxCorr=3 +cckTssiDelay=150 +ofdmTssiDelay=150 +txpwr2gAdcScale=1 +txpwr5gAdcScale=1 +dot11b_opts=0x3aa85 +cbfilttype=1 +fdsslevel_ch11=6 diff --git a/root/lib/firmware/regulatory.db b/root/lib/firmware/regulatory.db new file mode 100644 index 0000000..927ffb4 Binary files /dev/null and b/root/lib/firmware/regulatory.db differ diff --git a/root/lib/functions.sh b/root/lib/functions.sh index edce75e..860fc04 100755 --- a/root/lib/functions.sh +++ b/root/lib/functions.sh @@ -213,6 +213,7 @@ add_group_and_user() { default_postinst() { local root="${IPKG_INSTROOT}" local pkgname="$(basename ${1%.*})" + local filelist="/usr/lib/opkg/info/${pkgname}.list" local ret=0 add_group_and_user "${pkgname}" @@ -227,23 +228,29 @@ default_postinst() { rm -fR $root/rootfs-overlay/ fi - if [ -z "$root" ] && grep -q -s "^/etc/modules.d/" "/usr/lib/opkg/info/${pkgname}.list"; then - kmodloader - fi + if [ -z "$root" ]; then + if grep -m1 -q -s "^/etc/modules.d/" "$filelist"; then + kmodloader + fi - if [ -z "$root" ] && grep -q -s "^/etc/uci-defaults/" "/usr/lib/opkg/info/${pkgname}.list"; then - . /lib/functions/system.sh - [ -d /tmp/.uci ] || mkdir -p /tmp/.uci - for i in $(grep -s "^/etc/uci-defaults/" "/usr/lib/opkg/info/${pkgname}.list"); do - ( [ -f "$i" ] && cd "$(dirname $i)" && . "$i" ) && rm -f "$i" - done - uci commit - fi + if grep -m1 -q -s "^/etc/sysctl.d/" "$filelist"; then + /etc/init.d/sysctl restart + fi - [ -n "$root" ] || rm -f /tmp/luci-indexcache 2>/dev/null + if grep -m1 -q -s "^/etc/uci-defaults/" "$filelist"; then + . /lib/functions/system.sh + [ -d /tmp/.uci ] || mkdir -p /tmp/.uci + for i in $(grep -s "^/etc/uci-defaults/" "$filelist"); do + ( [ -f "$i" ] && cd "$(dirname $i)" && . "$i" ) && rm -f "$i" + done + uci commit + fi + + rm -f /tmp/luci-indexcache + fi local shell="$(which bash)" - for i in $(grep -s "^/etc/init.d/" "$root/usr/lib/opkg/info/${pkgname}.list"); do + for i in $(grep -s "^/etc/init.d/" "$root$filelist"); do if [ -n "$root" ]; then ${shell:-/bin/sh} "$root/etc/rc.common" "$root$i" enable else diff --git a/root/lib/functions/migrations.sh b/root/lib/functions/migrations.sh new file mode 100644 index 0000000..b180a02 --- /dev/null +++ b/root/lib/functions/migrations.sh @@ -0,0 +1,39 @@ +#!/bin/sh + +. /lib/functions.sh + +migrate_led_sysfs() { + local cfg="$1"; shift + local tuples="$@" + local sysfs + local name + + config_get sysfs ${cfg} sysfs + config_get name ${cfg} name + + [ -z "${sysfs}" ] && return + + for tuple in ${tuples}; do + local old=${tuple%=*} + local new=${tuple#*=} + local new_sysfs + + new_sysfs=$(echo ${sysfs} | sed "s/${old}/${new}/") + + [ "${new_sysfs}" = "${sysfs}" ] && continue + + uci set system.${cfg}.sysfs="${new_sysfs}" + + logger -t led-migration "sysfs option of LED \"${name}\" updated to ${new_sysfs}" + done; +} + +migrate_leds() { + config_load system + config_foreach migrate_led_sysfs led "$@" +} + +migrations_apply() { + local realm="$1" + [ -n "$(uci changes ${realm})" ] && uci -q commit ${realm} +} diff --git a/root/lib/functions/network.sh b/root/lib/functions/network.sh index 4fdcb66..6b946b9 100644 --- a/root/lib/functions/network.sh +++ b/root/lib/functions/network.sh @@ -271,6 +271,11 @@ network_is_up() # 2: interface network_get_protocol() { __network_ifstatus "$1" "$2" ".proto"; } +# determine the uptime of the given logical interface +# 1: destination variable +# 2: interface +network_get_uptime() { __network_ifstatus "$1" "$2" ".uptime"; } + # determine the metric of the given logical interface # 1: destination variable # 2: interface diff --git a/root/lib/functions/procd.sh b/root/lib/functions/procd.sh index 72f25fe..529ded1 100644 --- a/root/lib/functions/procd.sh +++ b/root/lib/functions/procd.sh @@ -18,14 +18,21 @@ # file: configuration files (array) # netdev: bound network device (detects ifindex changes) # limits: resource limits (passed to the process) -# user info: array with 1 values $username +# user: $username to run service as +# group: $groupname to run service as # pidfile: file name to write pid into +# stdout: boolean whether to redirect commands stdout to syslog (default: 0) +# stderr: boolean whether to redirect commands stderr to syslog (default: 0) +# facility: syslog facility used when logging to syslog (default: daemon) # # No space separation is done for arrays/tables - use one function argument per command line argument # # procd_close_instance(): # Complete the instance being prepared # +# procd_running(service, [instance]): +# Checks if service/instance is currently running +# # procd_kill(service, [instance]): # Kill a service instance (or all instances) # @@ -249,7 +256,7 @@ _procd_set_param() { reload_signal) json_add_int "$type" $(kill -l "$1") ;; - pidfile|user|seccomp|capabilities) + pidfile|user|group|seccomp|capabilities|facility) json_add_string "$type" "$1" ;; stdout|stderr|no_new_privs) @@ -398,6 +405,18 @@ _procd_add_instance() { _procd_close_instance } +procd_running() { + local service="$1" + local instance="${2:-instance1}" + local running + + json_init + json_add_string name "$service" + running=$(_procd_ubus_call list | jsonfilter -e "@['$service'].instances['$instance'].running") + + [ "$running" = "true" ] +} + _procd_kill() { local service="$1" local instance="$2" diff --git a/root/lib/functions/system.sh b/root/lib/functions/system.sh index 7ed6280..dceb66a 100644 --- a/root/lib/functions/system.sh +++ b/root/lib/functions/system.sh @@ -4,7 +4,7 @@ get_mac_binary() { local path="$1" local offset="$2" - if [ -z "$path" ]; then + if ! [ -e "$path" ]; then echo "get_mac_binary: file $path not found!" >&2 return fi @@ -79,12 +79,7 @@ mtd_get_mac_binary_ubi() { local ubidev=$(nand_find_ubi $CI_UBIPART) local part=$(nand_find_volume $ubidev $1) - if [ -z "$part" ]; then - echo "mtd_get_mac_binary: ubi volume $mtdname not found!" >&2 - return - fi - - hexdump -v -n 6 -s $offset -e '5/1 "%02x:" 1/1 "%02x"' /dev/$part 2>/dev/null + get_mac_binary "/dev/$part" "$offset" } mtd_get_part_size() { diff --git a/root/lib/functions/uci-defaults.sh b/root/lib/functions/uci-defaults.sh index 315df7b..2fb7555 100755 --- a/root/lib/functions/uci-defaults.sh +++ b/root/lib/functions/uci-defaults.sh @@ -182,6 +182,19 @@ _ucidef_finish_switch_roles() { done } +ucidef_set_ar8xxx_switch_mib() { + local name="$1" + local type="$2" + local interval="$3" + + json_select_object switch + json_select_object "$name" + json_add_int ar8xxx_mib_type $type + json_add_int ar8xxx_mib_poll_interval $interval + json_select .. + json_select .. +} + ucidef_add_switch() { local name="$1"; shift local port num role device index need_tag prev_role @@ -463,6 +476,7 @@ _ucidef_set_led_timer() { _ucidef_set_led_common "$1" "$2" "$3" + json_add_string type "$trigger_name" json_add_string trigger "$trigger_name" json_add_int delayon "$delayon" json_add_int delayoff "$delayoff" diff --git a/root/lib/libc.so b/root/lib/libc.so index 9c76b74..3373611 100755 Binary files a/root/lib/libc.so and b/root/lib/libc.so differ diff --git a/root/lib/libfstools.so b/root/lib/libfstools.so index 040666e..b4c0298 100644 Binary files a/root/lib/libfstools.so and b/root/lib/libfstools.so differ diff --git a/root/lib/libgcc_s.so.1 b/root/lib/libgcc_s.so.1 index fc2e1de..602892d 100644 Binary files a/root/lib/libgcc_s.so.1 and b/root/lib/libgcc_s.so.1 differ diff --git a/root/lib/libpam.so.0.84.2 b/root/lib/libpam.so.0.84.2 index 3249eae..cb7058c 100755 Binary files a/root/lib/libpam.so.0.84.2 and b/root/lib/libpam.so.0.84.2 differ diff --git a/root/lib/libpamc.so.0.82.1 b/root/lib/libpamc.so.0.82.1 index adaa9ad..db2ebd8 100755 Binary files a/root/lib/libpamc.so.0.82.1 and b/root/lib/libpamc.so.0.82.1 differ diff --git a/root/lib/librpc.so b/root/lib/librpc.so new file mode 100644 index 0000000..e6e965a Binary files /dev/null and b/root/lib/librpc.so differ diff --git a/root/lib/libuci.so b/root/lib/libuci.so index 320763f..b433fab 100755 Binary files a/root/lib/libuci.so and b/root/lib/libuci.so differ diff --git a/root/lib/netifd/hostapd.sh b/root/lib/netifd/hostapd.sh new file mode 100644 index 0000000..3c1504c --- /dev/null +++ b/root/lib/netifd/hostapd.sh @@ -0,0 +1,976 @@ +. /lib/functions/network.sh + +wpa_supplicant_add_rate() { + local var="$1" + local val="$(($2 / 1000))" + local sub="$((($2 / 100) % 10))" + append $var "$val" "," + [ $sub -gt 0 ] && append $var "." +} + +hostapd_add_rate() { + local var="$1" + local val="$(($2 / 100))" + append $var "$val" " " +} + +hostapd_append_wep_key() { + local var="$1" + + wep_keyidx=0 + set_default key 1 + case "$key" in + [1234]) + for idx in 1 2 3 4; do + local zidx + zidx=$(($idx - 1)) + json_get_var ckey "key${idx}" + [ -n "$ckey" ] && \ + append $var "wep_key${zidx}=$(prepare_key_wep "$ckey")" "$N$T" + done + wep_keyidx=$((key - 1)) + ;; + *) + append $var "wep_key0=$(prepare_key_wep "$key")" "$N$T" + ;; + esac +} + +hostapd_append_wpa_key_mgmt() { + local auth_type_l="$(echo $auth_type | tr 'a-z' 'A-Z')" + + case "$auth_type" in + psk|eap) + append wpa_key_mgmt "WPA-$auth_type_l" + [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-${auth_type_l}" + [ "${ieee80211w:-0}" -gt 0 ] && append wpa_key_mgmt "WPA-${auth_type_l}-SHA256" + ;; + eap192) + append wpa_key_mgmt "WPA-EAP-SUITE-B-192" + ;; + eap-eap192) + append wpa_key_mgmt "WPA-EAP-SUITE-B-192" + append wpa_key_mgmt "WPA-EAP" + [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-EAP" + [ "${ieee80211w:-0}" -gt 0 ] && append wpa_key_mgmt "WPA-EAP-SHA256" + ;; + sae) + append wpa_key_mgmt "SAE" + [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-SAE" + ;; + psk-sae) + append wpa_key_mgmt "WPA-PSK" + [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-PSK" + [ "${ieee80211w:-0}" -gt 0 ] && append wpa_key_mgmt "WPA-PSK-SHA256" + append wpa_key_mgmt "SAE" + [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-SAE" + ;; + owe) + append wpa_key_mgmt "OWE" + ;; + esac +} + +hostapd_add_log_config() { + config_add_boolean \ + log_80211 \ + log_8021x \ + log_radius \ + log_wpa \ + log_driver \ + log_iapp \ + log_mlme + + config_add_int log_level +} + +hostapd_common_add_device_config() { + config_add_array basic_rate + config_add_array supported_rates + + config_add_string country + config_add_boolean country_ie doth + config_add_string require_mode + config_add_boolean legacy_rates + + config_add_string acs_chan_bias + config_add_array hostapd_options + + hostapd_add_log_config +} + +hostapd_prepare_device_config() { + local config="$1" + local driver="$2" + + local base="${config%%.conf}" + local base_cfg= + + json_get_vars country country_ie beacon_int:100 doth require_mode legacy_rates acs_chan_bias + + hostapd_set_log_options base_cfg + + set_default country_ie 1 + set_default doth 1 + set_default legacy_rates 1 + + [ "$hwmode" = "b" ] && legacy_rates=1 + + [ -n "$country" ] && { + append base_cfg "country_code=$country" "$N" + + [ "$country_ie" -gt 0 ] && append base_cfg "ieee80211d=1" "$N" + [ "$hwmode" = "a" -a "$doth" -gt 0 ] && append base_cfg "ieee80211h=1" "$N" + } + + [ -n "$acs_chan_bias" ] && append base_cfg "acs_chan_bias=$acs_chan_bias" "$N" + + local brlist= br + json_get_values basic_rate_list basic_rate + local rlist= r + json_get_values rate_list supported_rates + + [ -n "$hwmode" ] && append base_cfg "hw_mode=$hwmode" "$N" + [ "$legacy_rates" -eq 0 ] && set_default require_mode g + + [ "$hwmode" = "g" ] && { + [ "$legacy_rates" -eq 0 ] && set_default rate_list "6000 9000 12000 18000 24000 36000 48000 54000" + [ -n "$require_mode" ] && set_default basic_rate_list "6000 12000 24000" + } + + case "$require_mode" in + n) append base_cfg "require_ht=1" "$N";; + ac) append base_cfg "require_vht=1" "$N";; + esac + + for r in $rate_list; do + hostapd_add_rate rlist "$r" + done + + for br in $basic_rate_list; do + hostapd_add_rate brlist "$br" + done + + [ -n "$rlist" ] && append base_cfg "supported_rates=$rlist" "$N" + [ -n "$brlist" ] && append base_cfg "basic_rates=$brlist" "$N" + append base_cfg "beacon_int=$beacon_int" "$N" + + json_get_values opts hostapd_options + for val in $opts; do + append base_cfg "$val" "$N" + done + + cat > "$config" <