Hi, I understand the that this does *NPTv6* RFC6296 when forwarding traffic
with source addresses that do not fit into the uplink ISP.
You've called this masquerade-prefix, and I think that will confuse people
into thinking it's like "NAT44" aka NAPT, when it's different.
signature.asc
Descri
Denver Gingerich wrote:
> However, I did confirm with my contact at Banana Pi today that these are
the best canonical links for now:
> * https://www.aliexpress.com/item/1005007795779282.html - fully assembled
with case (US$89)
> * https://www.aliexpress.com/item/1005008143000598.ht
Paul Spooren wrote:
> - Available for purchase on AliExpress.
Is this the URL:
https://www.aliexpress.com/item/1005007870205805.html?spm=a2g0o.productlist.main.3.278c52a4JYaaPm&algo_pvid=fc7fd612-711e-4ca0-894f-6d2692690fa8&algo_exp_id=fc7fd612-711e-4ca0-894f-6d2692690fa8-1&pdp_npi=4%40dis%2
Michael Richardson wrote:
> chriss wrote:
>> I happens that I have to reconnect my VDSL (update of router, tripped
over
>> cable, whatever) - with that I get a new IPv6 prefix delegated. Now my
>> clients have 2 prefixes/addresses. The old o
ht to automatically deprecate GUAs that
go away when they are not renewed after a network outage.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
there.
Signed-off-by: Michael Heimpold
---
target/linux/mxs/image/Makefile | 29 ++---
1 file changed, 26 insertions(+), 3 deletions(-)
diff --git a/target/linux/mxs/image/Makefile b/target/linux/mxs/image/Makefile
index fff7e7ca3325..468eca324879 100644
--- a/target/linux
Daniel Golle wrote:
>> Well, that's certainly true. It is not always possible to talk to the
>> outside world from inside that initial boot enclave. That's the detail
that
>> we need.
>> Do we even have a spare GPI(o) pin that can be used for this?
>> (It can't be used for
Daniel Golle wrote:
> On Mon, Apr 29, 2024 at 03:04:37PM -0400, Michael Richardson wrote:
>>
>> {sorry for the long delay, been unwell}
>>
>> Bjørn Mork wrote:
>> > Maybe it is possible to deploy the system with secure boot and a
t; supported, including playing with the BL2 code etc.
It won't work that way. If someone can easily turn off secure boot, then so
can malware.
I hope we can go the other way.
I'm willing to do the legwork, and I can sign an NDA if necessary, and then
communicate what needs to be said.
Bjørn Mork wrote:
> Michael Richardson writes:
>> Having orange and red pieces "secured" *does* mean that u-boot updates
would
>> have to come from openwrt.
> Does it? Is it possible to modify the BL2 to verify signatures of the
> BL31 and
oot (the u-boot checks the signature) linux kernel,
then nobody could change their kernel.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
__
the OAM board manufacturer, it just
doesn't work out.
ps: I'm willing to operate and secure the PK *I* junk that is needed to make
this all work. It won't pass PCI on round one, but I'm sure if that was
important, it could be done.
--
] Never tell me th
John Crispin wrote:
> On 12.04.24 15:30, Michael Richardson wrote:
>> Is the MT7981B specification available publically at this point?
>>
>> I can find a 7986 sheet on hackaday, but who knows how it differs
(marketing
>> people and their numbe
Is the MT7981B specification available publically at this point?
I can find a 7986 sheet on hackaday, but who knows how it differs (marketing
people and their numbers)
signature.asc
Description: PGP signature
___
openwrt-devel mailing list
openwrt-d
Bjørn Mork wrote:
> Michael Richardson writes:
>> I'd really like to find a way to work with your manufacturer to get an
>> IDevID certificate into each unit as it is manufacturered.
> For those of us who are not going to pay USD 100 for a document we
Thank you for the update.
I'd really like to find a way to work with your manufacturer to get an IDevID
certificate into each unit as it is manufacturered.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software
Bjørn Mork wrote:
> antennas. I realize that such a case will be relatively expensive. But
> without it all you have is yet another midrange dev board. This is
> your chance to make a device which shouts "OpenWrt!!!" whenever someone
> sees it. Just like the original WRT did. N
Dave Taht wrote:
> So I at least do not feel a huge urge to get on the 6ghz bandwagon at
> this time. I would actually, be happy cutting even more multiplexing
> latency out of the ath9k chips, and there is much fat left to be cut
> from the mt79 also, and the benefits of many peo
that 100km drive
to visit the device.
I would appreciate a switch chip, since that lets us do DSA and different
things with different ports, but I can live without it.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software
I am packaging a service which I would like to run as an unprivileged
user. This server does not support opening its ports before dropping
its privileges. I would like the service to listen on a privileged port
(i.e., <1024).
What is the best way to accomplish this on OpenWrt? I have been looking
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.--- Begin Message ---
Hi all,
> > Looking at that obser
td, but mmc. So this would require even more in detail knowledge I
> don't have.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.ca http://www.sandelman.
Janusz Dziedzic wrote:
>> > Finally buy: D-LINK DGS-1210-48 G1.
>>
> Also - HP 1920-24G JG924A works correctly.
> But what about future? Is there any new device we can buy and use
> openwrt there? Or even 2.5Gbps/5Gbps?
> So far just buy used/older devices.
mcr> Is
> Finally buy: D-LINK DGS-1210-48 G1.
Is this a device that is still for sale?
I have some control plane things that I'd like to test on a variety of
switches. I using the Zyxel GS1900 now.
signature.asc
Description: PGP signature
___
openwrt-dev
el loaders")
Fixes: a7fb589e8 ("image: always rebuild kernel loaders")
Signed-off-by: Michael Pratt
---
include/image.mk | 8 ++--
rules.mk | 2 ++
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/include/image.mk b/include/image.mk
index e9dc53f82e
ixes: a01d23e75 ("image: always rebuild kernel loaders")
Fixes: a7fb589e8 ("image: always rebuild kernel loaders")
Signed-off-by: Michael Pratt
---
include/image.mk | 3 +++
1 file changed, 3 insertions(+)
diff --git a/include/image.mk b/include/image.mk
index e9dc53f82e..575d
if defined,
when the subtarget has completed successfully.
A small amount of build time is expected to be saved
when rebuilding after 'make clean' or an interruption.
Signed-off-by: Michael Pratt
---
include/subdir.mk | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/subdir
sts might need to know, such as seeing the status
page to see if the network is up.
> It might also be better if uhttpd could be configured to bind
> to a specific interface rather than knowing its IP upfront, but
> that might be impractical.
It's totally impractical.
--
M
Paweł Dembicki wrote:
> I am preparing support for the T4240RDB board. But I'm stuck with one
> problem:
> Qoriq target is powerpc64. But T4240RDB in u-boot is supported as
> mpc85xx family and requires a 32-bit compiler.
Seems like you might need to just use two build trees.
Jo-Philipp Wich wrote:
> Bluntly speaking, DSA is the thing that gives you one Linux network
> device per switch port and bridge VLAN filtering is the stuff that
> allows you declaring swconfig-esque VLAN port groups on top of an
> arbitrary bridge interface.
..
> Another con
ping the internet.
"so I suppose IP assignment is fine."
But they weren't because the router didn't assign a v6 prefix to the LAN.
Having ULAs available is critical to efforts to do HTTPS to the router.
Please do not change this default.
--
Michael
> Baptiste Jonglez writes:
> ULA IPv6 prefixes (Unique Local Addresses, RFC 4193) are not routable
> on the Internet. As such, they have very limited use, and enabling
> them by default causes more problems than it solves:
> - if an OpenWrt device already has external IPv6 c
I'd solder pins and connect to serial console and try if this still works
HT,
Michael!
Am 18/06/2022 um 17:59 schrieb Luca Bertoncello:
Am 18.06.2022 um 17:55 schrieb Brice GIBOUDEAU:
Try the recovery procedure detailed on the device page. (Tftp, recovery).
I tried it, but no TFTP-Se
please forgive me stupidity, I couldn't understand the last part of your
recommendation:
Daniel Golle wrote:
> Hence, to achieve reproducible builds we will either have to resort to
> identical containers/VMs for building or get rid of the BuildID hash
> alltogether (or use a differ
Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
signature.asc
Description: PGP signature
___
Thank you for this great report!
I did not know codeberg existed, but when I looked, discovered I already had
a login!
I would go with codeberg.
It's okay that many community repos are on git, git makes cloning easy.
Who is funding codeberg, and how stable is that funding?
"Codeberg is not a co
operations more
sustainable, inspiring others to follow. "
if Google could just turn over/upstream their code base.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@s
I haven't used the UML target in the past year, but I have used it a lot
before.
The ability to do hostfs mounts is very nice.
If it went away, I'd be sad, it's not a disaster as you say.
--
] Never tell me the odds! | ipv6 mesh networks [
] Mic
Rich Brown wrote:
> - Having a firm feature freeze date decreases stress. If a particular
> feature is done/substantially working, it goes in. If it's not quite
> ready, it can skip this release, and get into the next release. (The
> alternative is what I think happened with DSA.
oading.
Why do you configure this with two layers of bridge?
I think that bridge1 is hardware offloaded, right?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.c
ve existing behavior. In my testing with v19.07.7,
however, the MAC address determined from the device tree takes precedence
over the one set by 02_network, so the aforementioned commit actually
changed the behavior.
Signed-off-by: Michael Siegenthaler
diff --git a/target/linux/ramips/dts/mt7628an
ment on how to do
better/secure onboarding.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
est having a standard names .json
file that can be fed into uci in some way. I think that this solves a lot
problems. Have to make sure that vfat support is included in the base image
because... users.
--
] Never tell me the odds! | ipv6 mesh networks [
]
process will not satisfy the UK and US regulations on it's own.
Would a (secret) key hash of the MAC address satisfy it?
The UK https://www.ncsc.gov.uk/ people I spoke with said that it would
technically satisfy
https://www.etsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101
Enrico Mioso wrote:
> I wasn't sure about uci-defaults being the correct way to do it - I was
> under the impression it could happen that my script gets ran when it's
> too early and /etc/config/wireless hasn't been generated yet.
> If this isn't the case, then I think it's fine!
en you should ahve the public key you can copy
over. I think that sysupgrade also an option to skip the check, but I can't
double check that from my laptop at the moment.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Sof
same issue, (for example PR#4112).
I have tested the patches on a board with an external switch, and one without.
Several others have also tested the patches (see discussion in the PR).
Thanks,
Michael Pratt
--- End Message ---
___
openwrt-devel ma
> So now I'm looking for testers (and reviewers) who could test this change on
> the affected devices (with bad blocks) and NOR Mikrotiks. Also, a word from
> OpenWrt maintainers if this is the acceptable approach - there is not much
> choice, alternatives would be include porting U-Boot, a task wi
Hi,
I'm not exactly sure if this is trivial or totally insane- I have the idea to
compile the whole openwrt with clang instead of gcc. I could not get a point to
start at. Can you help me?
Any hints?
Regards,
Michael!
___
openwrt-devel ma
Hi Mathew,
Am 2021-02-15 01:28, schrieb Mathew McBride:
On Sat, Feb 13, 2021, at 2:13 AM, Michael Walle wrote:
Hi,
I am looking into how to bring openwrt support for my board
(Kontron sl28) upstream. The board has upstream support in
both vanilla linux (since 5.8) and vanilla u-boot. Someone
in the device trees. But that would mean
the kernel image will bloat over time. I don't know if that is
a major issue, given that most aarch64 boards should have
enough storage and memory.
-michael
___
openwrt-devel mailing list
openwrt
OpenWrt provides two snort packages: snort and snort3. Now that snort3 is
out of beta, I would like to consider deprecating the snort package. One
difficulty of maintaining both packages is that a different version of
the libdaq package is required for each. The two versions cannot coexist,
and thi
Changelog:
- ath10k-ct: Pull in some upstream patches.
Runtime-tested on ipq806x (Netgear R7800).
Signed-off-by: Michael Yartys
---
package/kernel/ath10k-ct/Makefile | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/kernel/ath10k-ct/Makefile
b/package/kernel
Stijn Segers wrote:
> Op woensdag 6 januari 2021 om 11u22 schreef Michael Richardson
> :
>> The 1900-8/8HP are discontinued by ZyXEL, but the GS1900-16 and 24E seem
to
>> still be in production.
> How do you know? At least the 8 and 8HP are still be
I have a peculiar use case for OpenWrt: an image with an ext4 root
filesystem running on Xen as a DomU.
I often find the OpenWrt image's root filesystem corrupt after running
"poweroff" and then restarting the DomU VM. I have gone as far as to
activate CONFIG_TARGET_EXT4_JOURNAL, but this does not
> I think that if the first setup is done with only the router and the trusted
> PC connected to it through an ethernet cable (wifi is disabled by default),
> there is physically nothing else on that "network" so whatever you see can
> be accepted even if you don't have "dual authentication" with t
I think making use of self-signed certificates in production is a bad
idea because (1) it reinforces poor practices, namely electing to trust
a self-signed certificate and (2) it does not authenticate the
server/router, a critical piece of the TLS security model.
>>> maybe, but
>> I think making use of self-signed certificates in production is a bad
>> idea because (1) it reinforces poor practices, namely electing to trust
>> a self-signed certificate and (2) it does not authenticate the
>> server/router, a critical piece of the TLS security model.
> maybe, but it's sti
I think making use of self-signed certificates in production is a bad
idea because (1) it reinforces poor practices, namely electing to trust
a self-signed certificate and (2) it does not authenticate the
server/router, a critical piece of the TLS security model.
My point of view is that we should
e working
meetings if the group wants.
The need for a PPPoE username/password is one of the challenges.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.ca http://ww
long run.
--
Michael Richardson. o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https
Using iw scan?
We've done this in the spectrum analyser plugin in Gargoyle [1].
It's not what i would call reliable though as iw itself specifically
says not to screen scrape the data. That being said, it has worked for
several years now.
[1] -
https://github.com/ericpaulbishop/gargoyle/blob/mast
I have two MikroTik RouterBOARDs whose bad blocks seem to prevent the
devices from holding onto OpenWrt. I would be willing to provide these
to an OpenWrt developer for free (I would prefer if you are willing to
pay shipping). Both boards boot 19.07.04 fine over DHCP.
Please email me if interested
I have found that Klaus Kudielka's patch to add support for the Turris
Omnia 2019/2020 both necessary and sound:
https://github.com/openwrt/openwrt/pull/2693
Adrian Schmutzler already merged some of Klaus' work, but it is not
clear to me what hurdles remain, if anything. Would someone kin
some configurable service to periodically download and install
certificates
> from an external host might be desirable (that's how I do it with my NAS
> boxes at home).
You need a name is DNS, then it's just a dns-01 challenge.
--
] Never tell me the odds!
routers are critical parts of the home IoT ecosystem.
OpenWRT is shipped in millions of devices by manufacturers too lazy to bother
doing much.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelma
the OpenWRT LuCI interface.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
signature.asc
vents.
(The MOX has a private key that is stored across such events, for instance)
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.ca http://www.sandelman.ca/
often wifi), this won't work that well.
> now user only have to check :
> 1. page has valid certificate
> 2. the subdomain is match with device's ssh host key
> and this verify it's the device we wanted.
--
] Never tell me the odds!
On Tue, Sep 29, 2020 at 1:59 PM John Crispin wrote:
>
>
> On 29.09.20 20:55, Michael Jones wrote:
> > On Tue, Sep 29, 2020 at 1:47 PM John Crispin wrote:
> >>
> >> On 29.09.20 18:22, Michael Jones wrote:
> >>> Signed-off-by: Michael Jones
> >
On Tue, Sep 29, 2020 at 1:47 PM John Crispin wrote:
>
>
> On 29.09.20 18:22, Michael Jones wrote:
> > Signed-off-by: Michael Jones
> > ---
> > watchdog.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/watch
Signed-off-by: Michael Jones
---
system.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/system.c b/system.c
index 0fb98f1..ef7943a 100644
--- a/system.c
+++ b/system.c
@@ -325,6 +325,7 @@ enum {
WDT_TIMEOUT,
WDT_MAGICCLOSE,
WDT_STOP,
+ WDT_TICKLE,
__WDT_MAX
This change improves the frequently called path of determining
if the watchdog is alive when responding to ubus transactions
at the expense of complicating the less frequently called code
of transitioning to the upgraded binary, and transitioning from
pre-init to procd.
Signed-off-by: Michael
Signed-off-by: Michael Jones
---
watchdog.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/watchdog.c b/watchdog.c
index 9d770b4..20b6e20 100644
--- a/watchdog.c
+++ b/watchdog.c
@@ -65,8 +65,7 @@ static int watchdog_open(bool cloexec)
if (wdt_fd < 0)
ret
If the watchdog frequency is changed from high to low,
the watchdog won't be tickled again until the previous
period has expired, which may result in a watchdog timeout.
This change ensures that the new frequency is applied immediately.
Signed-off-by: Michael Jones
---
watchdog.c | 1 +
1
Signed-off-by: Michael Jones
---
watchdog.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/watchdog.c b/watchdog.c
index 20830c3..ac5b656 100644
--- a/watchdog.c
+++ b/watchdog.c
@@ -49,11 +49,11 @@ static void watchdog_timeout_cb(struct uloop_timeout *t)
static int
This set of patches makes various minor improvements to the hardware
watchdog code of procd.
The first patch adds a new feature to allow the watchdog to be manually
tickled via ubus.
The other patches are minor optimizations and improvements.
Michael Jones (5):
initd: Add ubus argument to
I'd pick one of
the brainpool curves: will browsers support them, I have no idea.
EdDSA is really a different algorithm, and browsers do not support them yet.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works
Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[
signature.asc
Description: PGP signature
__
Paul Spooren wrote:
> On 30.08.20 12:32, Michael Richardson wrote:
>> Paul Spooren wrote:
>> > I recently rewrote px5g[1] to use WolfSSL instead of MbedTLS, as the
former
>> > will be included in OpenWrt 20.x per default.
>>
>
based tool?
uhm, okay. I can live with that for sure.
I care more about what's in the certificate than the algorithm.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works|IoT architect [
] m...@sandelm
I wish to make a configuration file read-only in UCI.
I tried to do this by bind-mounting the default config for it in /rom
onto the file in /etc/config.
However, while this does prevent changes to that config from
persisting across reboots, it doesn't prevent changes from showing up
in, e.g. "uc
#x27;t operate with the /usr/share/libubox/jshn.sh.
But, whatever.
In the end, I've managed to create a file for /etc/umdns/foo.json which does
what I needed, and I'd like to document that better.
--
] Never tell me the odds! | ipv6 mesh networks [
] Mic
Hi List.
I am trying to control the routes on my OpenWRT system
programmatically, and would like to know if this is possible to do via
ubus and netifd.
I've located the ubus target "ubus call network add_host_route
'{"interface":"wan", "target":"1.0.0.0"}'" However, it does not seem
to actually d
Thanks. That works.
Could you write a little bit about the underlying cause of this just
so I can understand better?
On Wed, Aug 12, 2020 at 3:59 PM Jo-Philipp Wich wrote:
>
> Hi,
>
> as already implied by Dirk, you need to use bracket notation for labels that
> are not valid variable identifier
Hi List,
I am trying to query netifd via ubus for the list of ipv4 ipaddresses
associated with an interface.
Currently my query looks like
ubus call network.interface.wan status | jsonfilter -e "@.ipv4-address"
Syntax error: Invalid escape sequence
In expression @.ipv4-address
Near here
Fix at least one rare wave-2 crash.
Tested on R7800.
Signed-off-by: Michael Yartys
---
package/firmware/ath10k-ct-firmware/Makefile | 60 ++--
1 file changed, 30 insertions(+), 30 deletions(-)
diff --git a/package/firmware/ath10k-ct-firmware/Makefile
b/package/firmware/ath10k
From: "W. Michael Petullo"
Building the binutils package produced the following error:
Package binutils is missing dependencies for the following libraries:
libctf-nobfd.so.0
This changes the glob for the libctf subpackage so that it catches
libctf-nobfd.so.0.
Signed-off-by:
[...]
> This is part of a bigger PR on GitHub[1], however this patch should be
> added directly to `procd` rather than as a patch in openwrt.git.
[...]
I will update the GitHub pull request once this is merged. Thank you,
Paul!
--
Mike
:wq
___
open
Fix at least one rare wave-2 crash.
Tested on R7800.
Signed-off-by: Michael Yartys
---
package/firmware/ath10k-ct-firmware/Makefile | 56 ++--
1 file changed, 28 insertions(+), 28 deletions(-)
diff --git a/package/firmware/ath10k-ct-firmware/Makefile
b/package/firmware/ath10k
I have some feedback about the ATH79 RouterBoard 493G image built from
master, as documented at:
https://github.com/openwrt/openwrt/pull/3026
First, I was unable to update to the sysupgrade image at:
https://downloads.openwrt.org/snapshots/targets/ath79/mikrotik/openwrt-ath79-mi
> Security sounds fun. Should I just compile the patches and flash on a
> device?
>
> Any concrete test cases to see if it did work? Would any router work or do I
> need some flagship x86 device?
Please see
https://github.com/openwrt/openwrt/pull/3207#issuecomment-660555489
for the step
>>> I'm sorry, and although I fear a similar fate will hit the SELinux
>>> effort, I still hope you will not feel repelled and continue to
>>> contribute to OpenWrt in the future.
>> That would be a shame. I stepped up to help Thomas revise his SELinux
>> patches for inclusion, and I did a fair am
> I'm sorry, and although I fear a similar fate will hit the SELinux
> effort, I still hope you will not feel repelled and continue to contribute
> to OpenWrt in the future.
That would be a shame. I stepped up to help Thomas revise his SELinux
patches for inclusion, and I did a fair amount of work
> I am very interested in Thomas Petazzoni's work to add SELinux
> support to OpenWrt. I spent some time today trying to reproduce his
> build. I found a few things needed updating, so I wanted to share my
> results here.
I updated Thomas' work, and I made my updates available at:
https://github.
Fix at least one rare wave-2 crash.
Signed-off-by: Michael Yartys
---
package/firmware/ath10k-ct-firmware/Makefile | 56 ++--
1 file changed, 28 insertions(+), 28 deletions(-)
diff --git a/package/firmware/ath10k-ct-firmware/Makefile
b/package/firmware/ath10k-ct-firmware
From: Michael Yartys
Fix at least one rare wave-2 crash.
Signed-off-by: Michael Yartys
---
package/firmware/ath10k-ct-firmware/Makefile | 56 ++--
1 file changed, 28 insertions(+), 28 deletions(-)
diff --git a/package/firmware/ath10k-ct-firmware/Makefile
b/package/firmware
Currently both PMKSA caching and Opportunistic Key Caching are set by the
option auth_cache. iOS devices are unable to connect to WPA3-Personal
networks when PMKSA caching is not enabled, but setting auth_cache to 1
also enables Opportunistic Key Caching which is not required. This doesn't
seem to
Split auth_cache into pmksa_cache (PMKSA caching) and
okc (Opportunistic Key Caching) to enable setting these options
individually.
Signed-off-by: Michael Yartys
---
.../network/services/hostapd/files/hostapd.sh | 17 ++---
1 file changed, 10 insertions(+), 7 deletions(-)
diff
g for WPA3-Personal")
Signed-off-by: Michael Yartys
---
package/network/services/hostapd/files/hostapd.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/package/network/services/hostapd/files/hostapd.sh
b/package/network/services/hostapd/files/hostapd.sh
index 644bad2
1 - 100 of 994 matches
Mail list logo
