Thanks to Dave Taht for debugging and thanks to Comcast for
shipping strangely behaving software so I can fix some corner cases.
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 43415
b52053b 6in4: https support for he.net tunnel api
introduced HTTPS support using wget.
The busybox version of wget, however, doesn't support the -V option,
thus poluting logfiles with a full invalid-parameter-output.
Redirect stderr to fix that.
As libcurl and curl support selecting the SSL library of your choice,
also add support for curl which is more commonly used on OpenWrt than
"real" wget which needs libopenssl.
Also make sure to respect SSL_CERT_DIR and increase timeouts.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
SVN-Revision: 43228
Note, that licensing stuff is a nightmare: many packages does not clearly
state their licenses, and often multiple source files are simply copied
together - each with different licensing information in the file headers.
I tried hard to ensure, that the license information extracted into the OpenWRT's
makefiles fit the "spirit" of the packages, e.g. such small packages which
come without a dedicated source archive "inherites" the OpenWRT's own license
in my opinion.
However, I can not garantee that I always picked the correct information
and/or did not miss license information.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
SVN-Revision: 43155
HE.net tunnel update API requests are now made via https if an
SSL-capable wget is installed. Certificate validation is
conditionally enabled if the CA certs are available.
Signed-off-by: Andrew Skalski <askalski@gmail.com>
SVN-Revision: 43124
Some ISP seem to only do stateful DHCPv6 and not sending RAs.
This is technically broken because plain DHCPv6 doesn't carry routes.
We work around here by faking a default route to the DHCPv6 server
if we do not receive a useful RA from the ISP.
This workaround can be turned off with: option fakeroutes 0
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 42803
Tos support is added as a string parameter which can have the following values :
-inherit (outer header inherits the tos value of the inner header)
-hex value
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 42749
Tos support is added as a string parameter which can have the following values :
-inherit (outer header inherits the tos value of the inner header)
-hex value
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 42748
Tos support is added as a string parameter which can have the following values :
-inherit (outer header inherits the tos value of the inner header)
-hex value
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 42747
The preferred he.net /nic/update endpoint expects the password or updatekey in
plain text and not as md5 sum, therfore remove the hashing operation from the
script.
This effectively renders the "updatekey" option redundant but we keep it around
for backwards compatibility. Both "option password" and "option updatekey" will
have end up in the "&password=" parameter of the update url and are passed through
unmodified.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 41358
Gives the user the control to select the correct WAN IPv4 address to be used by the 6rd tunnel when mutiple WAN interfaces are configured
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 40566
* Reduce RA/DHCPv6 spam filter to 30s by default and make it configurable
* Don't set nd_ra_{reachable,retransmit] to 0 when received in RAs
SVN-Revision: 39775
Latest changes broke source-restriction of on-link routes. Restoring
old-behaviour but adding correct source-restrictions which prevents
the offlink handler to remove the on-link route.
SVN-Revision: 39454
* Fixed broken stateless-mode (fixes#14863)
* Support for multiple IAIDs, improved server compatibility,
improved NTP/SNTP support and other fixes (thanks to T-Labs)
SVN-Revision: 39433
Make the IPv4 "do not fragment" bit a configurable variable for the 6rd
tunnel interface as the bit should not be set in the encapsulating IPv4
header according to RFC3056.
On top the config variable allows to enable/disable path mtu discovery
for tunnel interfaces.
Config variable can be passed to netifd as tunnel config support is
already present for the "do not fragment" bit.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 39370
The correct bits are now cleared in the IPv6 address as the shift
value to the correct byte in the IPv6 address was wrong. Depending
on the stack values this could result in a hanging 6rdcalc program
due to an endless loop.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
SVN-Revision: 38818
* Various RFC compliance fixes (thanks to Hans Dedecker)
* Fix RA spam filter logic causing ipv6 connection issues
* Fix parameters -F and -P being order dependent
SVN-Revision: 38577
* Make SOL_MAX_RT configurable and default back to 120s
* Prefer servers with bigger prefixes (allows to use Comcast /60)
* Don't hang indefinitely if DHCPv6 REQUEST is not answered
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 38393
AVR32 misses a bunch of updated syscalls, including timerfd_create()
which is used by 6relayd. Since that requires Linux/libc changes, just
prevent building it for now.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
SVN-Revision: 37040