From f8fb3213152355a4ce759047c6369557c73862ab Mon Sep 17 00:00:00 2001 From: RISCi_ATOM Date: Mon, 9 Sep 2019 10:21:36 -0400 Subject: [PATCH] Add core additional core pkgs feed/master commit : f564008b9d6b458d2e5291414ef4ac05cc2d4ce2 --- package/kernel/linux/modules/usb.mk | 4 +- package/libs/cyrus-sasl/Makefile | 113 + package/libs/db47/Makefile | 100 + .../db47/patches/010-patch.4.7.25.1.patch | 55 + .../db47/patches/020-patch.4.7.25.2.patch | 42 + .../db47/patches/030-patch.4.7.25.3.patch | 211 + .../db47/patches/040-patch.4.7.25.4.patch | 118 + .../patches/100-repmgr-format-security.patch | 11 + package/libs/expat/Makefile | 70 + package/libs/gnutls/Config.in | 52 + package/libs/gnutls/Makefile | 250 + package/libs/icu/Makefile | 163 + .../000-dont-cpy-files-from-topdirs.patch | 12 + .../001-change_optimization_option.patch | 13 + .../002-Disable-LDFLAGSICUDT-for-Linux.patch | 28 + .../010-add-big-endian-arm-support.patch | 23 + package/libs/icu/patches/020-uClibc-ng.patch | 22 + package/libs/jansson/Makefile | 52 + package/libs/libcap/Makefile | 89 + .../libs/libcap/patches/100-portability.patch | 19 + .../200-change-hardcoded-shell-to-sh.patch | 34 + package/libs/libgcrypt/Makefile | 73 + package/libs/libgpg-error/Makefile | 86 + .../patches/001-cross-compile-fix.patch | 24 + .../patches/010-add-arc-support.patch | 71 + .../patches/020-gawk5-support.patch | 158 + package/libs/libidn2/Makefile | 92 + package/libs/libp11/Makefile | 62 + .../libs/libp11/patches/001-fix-install.patch | 53 + package/libs/libpam/Makefile | 77 + package/libs/libpam/files/pam.conf | 15 + .../libs/libpam/files/pam.d/common-account | 20 + package/libs/libpam/files/pam.d/common-auth | 21 + .../libs/libpam/files/pam.d/common-password | 28 + .../libs/libpam/files/pam.d/common-session | 25 + .../files/pam.d/common-session-noninteractive | 25 + package/libs/libpam/files/pam.d/other | 16 + ...uild-always-use-lib-instead-of-lib64.patch | 36 + ..._rhosts-if-neither-ruserok-nor-ruser.patch | 77 + ..._lastlog-when-logwtmp-is-not-availab.patch | 60 + .../patches/0005-build-fix-doc-build.patch | 133 + ...pilation-in-case-rpc-rpc.h-is-missin.patch | 29 + .../0007-Replace-strndupa-with-strcpy.patch | 75 + package/libs/libssh2/Config.in | 15 + package/libs/libssh2/Makefile | 67 + package/libs/libtasn1/Makefile | 64 + package/libs/libunistring/Makefile | 59 + package/libs/libxml2/Makefile | 197 + package/libs/openldap/Makefile | 219 + package/libs/openldap/files/ldap.init | 19 + .../patches/001-automake-compat.patch | 323 + .../patches/002-no-doc-and-tests-subdir.patch | 5 + .../openldap/patches/020-autofs-schema.patch | 26 + .../patches/110-reproducible-builds.patch | 24 + .../libs/openldap/patches/750-no-strip.patch | 22 + .../libs/openldap/patches/800-implicit.patch | 10 + .../901-reduce-slapd-default-mem-usage.patch | 11 + package/libs/p11-kit/Makefile | 69 + package/libs/p11-kit/files/opensc.module | 1 + package/libs/p11-kit/patches/010-uclibc.patch | 15 + package/network/net-snmp/Makefile | 290 + package/network/net-snmp/files/snmpd.conf | 130 + package/network/net-snmp/files/snmpd.init | 359 + package/network/net-snmp/files/snmptrapd.init | 15 + .../net-snmp/patches/000-cross-compile.patch | 47 + .../patches/100-debian-statistics.patch | 22 + .../patches/110-debian-makefiles.patch | 43 + .../patches/120-debian-searchdirs.patch | 14 + .../patches/130-debian-extramibs.patch | 5183 ++++++++++++++ .../net-snmp/patches/160-no_ldconfig.patch | 11 + .../net-snmp/patches/170-ldflags.patch | 11 + .../net-snmp/patches/750-ieee802dot11.patch | 6156 +++++++++++++++++ .../net-snmp/patches/900-musl-compat.patch | 14 + package/network/services/bind/Config.in | 22 + package/network/services/bind/Makefile | 254 + .../services/bind/files/bind/bind.keys | 69 + package/network/services/bind/files/bind/db.0 | 12 + .../network/services/bind/files/bind/db.127 | 13 + .../network/services/bind/files/bind/db.255 | 12 + .../network/services/bind/files/bind/db.local | 13 + .../network/services/bind/files/bind/db.root | 90 + .../bind/files/bind/named.conf.example | 45 + .../network/services/bind/files/named.init | 35 + .../services/bind/patches/001-no-tests.patch | 11 + .../network/services/openconnect/Config.in | 21 + package/network/services/openconnect/Makefile | 83 + package/network/services/openconnect/README | 49 + .../openconnect/files/openconnect-wrapper | 13 + .../services/openconnect/files/openconnect.sh | 111 + .../openconnect/files/openconnect.upgrade | 9 + package/network/services/p910nd/Makefile | 62 + .../services/p910nd/files/p910nd.config | 26 + .../services/p910nd/files/p910nd.hotplug | 13 + .../network/services/p910nd/files/p910nd.init | 59 + package/network/services/pppossh/Makefile | 38 + package/network/services/pppossh/README.md | 68 + .../network/services/pppossh/files/pppossh.sh | 72 + package/network/services/unbound/Makefile | 263 + .../network/services/unbound/files/README.md | 432 ++ .../services/unbound/files/defaults.sh | 66 + .../network/services/unbound/files/dnsmasq.sh | 310 + .../network/services/unbound/files/iptools.sh | 198 + .../network/services/unbound/files/odhcpd.awk | 211 + .../network/services/unbound/files/odhcpd.sh | 124 + .../network/services/unbound/files/root.key | 3 + .../services/unbound/files/stopping.sh | 127 + .../services/unbound/files/unbound.init | 84 + .../services/unbound/files/unbound.ntpd | 27 + .../network/services/unbound/files/unbound.sh | 1458 ++++ .../services/unbound/files/unbound.uci | 54 + .../services/unbound/files/unbound_ext.conf | 9 + .../services/unbound/files/unbound_srv.conf | 9 + .../unbound/patches/100-example-conf-in.patch | 86 + .../network/services/vpnc-scripts/Makefile | 38 + .../services/vpnc-scripts/files/vpnc-script | 219 + package/network/services/vpnc/Config.in | 18 + package/network/services/vpnc/Makefile | 94 + package/network/services/vpnc/README | 41 + package/network/services/vpnc/files/vpnc.sh | 110 + .../network/services/vpnc/files/vpnc.upgrade | 2 + .../services/vpnc/patches/001-cross.patch | 42 + .../vpnc/patches/100-musl-compat.patch | 42 + .../vpnc/patches/110-openssl-deprecated.patch | 23 + package/utils/kmod/Makefile | 93 + .../kmod/patches/001-fix_pkgconfig_file.patch | 22 + package/utils/pciutils/Makefile | 105 + .../patches/100-remove-no-timestamping.patch | 11 + .../utils/pciutils/patches/101-no-strip.patch | 11 + .../pciutils/patches/102-compressed-ids.patch | 31 + .../patches/103-relative-path-ids.patch | 11 + .../utils/pciutils/patches/104-resolv.patch | 11 + .../utils/pciutils/patches/105-fix-host.patch | 11 + package/utils/stoken/Makefile | 75 + package/utils/xz/Makefile | 123 + .../001-relative-pkg-config-paths.patch | 13 + 135 files changed, 21982 insertions(+), 3 deletions(-) create mode 100644 package/libs/cyrus-sasl/Makefile create mode 100644 package/libs/db47/Makefile create mode 100644 package/libs/db47/patches/010-patch.4.7.25.1.patch create mode 100644 package/libs/db47/patches/020-patch.4.7.25.2.patch create mode 100644 package/libs/db47/patches/030-patch.4.7.25.3.patch create mode 100644 package/libs/db47/patches/040-patch.4.7.25.4.patch create mode 100644 package/libs/db47/patches/100-repmgr-format-security.patch create mode 100644 package/libs/expat/Makefile create mode 100644 package/libs/gnutls/Config.in create mode 100644 package/libs/gnutls/Makefile create mode 100644 package/libs/icu/Makefile create mode 100644 package/libs/icu/patches/000-dont-cpy-files-from-topdirs.patch create mode 100644 package/libs/icu/patches/001-change_optimization_option.patch create mode 100644 package/libs/icu/patches/002-Disable-LDFLAGSICUDT-for-Linux.patch create mode 100644 package/libs/icu/patches/010-add-big-endian-arm-support.patch create mode 100644 package/libs/icu/patches/020-uClibc-ng.patch create mode 100644 package/libs/jansson/Makefile create mode 100644 package/libs/libcap/Makefile create mode 100644 package/libs/libcap/patches/100-portability.patch create mode 100644 package/libs/libcap/patches/200-change-hardcoded-shell-to-sh.patch create mode 100644 package/libs/libgcrypt/Makefile create mode 100644 package/libs/libgpg-error/Makefile create mode 100644 package/libs/libgpg-error/patches/001-cross-compile-fix.patch create mode 100644 package/libs/libgpg-error/patches/010-add-arc-support.patch create mode 100644 package/libs/libgpg-error/patches/020-gawk5-support.patch create mode 100644 package/libs/libidn2/Makefile create mode 100644 package/libs/libp11/Makefile create mode 100644 package/libs/libp11/patches/001-fix-install.patch create mode 100644 package/libs/libpam/Makefile create mode 100644 package/libs/libpam/files/pam.conf create mode 100644 package/libs/libpam/files/pam.d/common-account create mode 100644 package/libs/libpam/files/pam.d/common-auth create mode 100644 package/libs/libpam/files/pam.d/common-password create mode 100644 package/libs/libpam/files/pam.d/common-session create mode 100644 package/libs/libpam/files/pam.d/common-session-noninteractive create mode 100644 package/libs/libpam/files/pam.d/other create mode 100644 package/libs/libpam/patches/0001-build-always-use-lib-instead-of-lib64.patch create mode 100644 package/libs/libpam/patches/0002-build-ignore-pam_rhosts-if-neither-ruserok-nor-ruser.patch create mode 100644 package/libs/libpam/patches/0003-build-ignore-pam_lastlog-when-logwtmp-is-not-availab.patch create mode 100644 package/libs/libpam/patches/0005-build-fix-doc-build.patch create mode 100644 package/libs/libpam/patches/0006-pam_unix-fix-compilation-in-case-rpc-rpc.h-is-missin.patch create mode 100644 package/libs/libpam/patches/0007-Replace-strndupa-with-strcpy.patch create mode 100644 package/libs/libssh2/Config.in create mode 100644 package/libs/libssh2/Makefile create mode 100644 package/libs/libtasn1/Makefile create mode 100644 package/libs/libunistring/Makefile create mode 100644 package/libs/libxml2/Makefile create mode 100644 package/libs/openldap/Makefile create mode 100644 package/libs/openldap/files/ldap.init create mode 100644 package/libs/openldap/patches/001-automake-compat.patch create mode 100644 package/libs/openldap/patches/002-no-doc-and-tests-subdir.patch create mode 100644 package/libs/openldap/patches/020-autofs-schema.patch create mode 100644 package/libs/openldap/patches/110-reproducible-builds.patch create mode 100644 package/libs/openldap/patches/750-no-strip.patch create mode 100644 package/libs/openldap/patches/800-implicit.patch create mode 100644 package/libs/openldap/patches/901-reduce-slapd-default-mem-usage.patch create mode 100644 package/libs/p11-kit/Makefile create mode 100644 package/libs/p11-kit/files/opensc.module create mode 100644 package/libs/p11-kit/patches/010-uclibc.patch create mode 100644 package/network/net-snmp/Makefile create mode 100644 package/network/net-snmp/files/snmpd.conf create mode 100644 package/network/net-snmp/files/snmpd.init create mode 100644 package/network/net-snmp/files/snmptrapd.init create mode 100644 package/network/net-snmp/patches/000-cross-compile.patch create mode 100644 package/network/net-snmp/patches/100-debian-statistics.patch create mode 100644 package/network/net-snmp/patches/110-debian-makefiles.patch create mode 100644 package/network/net-snmp/patches/120-debian-searchdirs.patch create mode 100644 package/network/net-snmp/patches/130-debian-extramibs.patch create mode 100644 package/network/net-snmp/patches/160-no_ldconfig.patch create mode 100644 package/network/net-snmp/patches/170-ldflags.patch create mode 100644 package/network/net-snmp/patches/750-ieee802dot11.patch create mode 100644 package/network/net-snmp/patches/900-musl-compat.patch create mode 100644 package/network/services/bind/Config.in create mode 100644 package/network/services/bind/Makefile create mode 100644 package/network/services/bind/files/bind/bind.keys create mode 100644 package/network/services/bind/files/bind/db.0 create mode 100644 package/network/services/bind/files/bind/db.127 create mode 100644 package/network/services/bind/files/bind/db.255 create mode 100644 package/network/services/bind/files/bind/db.local create mode 100644 package/network/services/bind/files/bind/db.root create mode 100644 package/network/services/bind/files/bind/named.conf.example create mode 100644 package/network/services/bind/files/named.init create mode 100644 package/network/services/bind/patches/001-no-tests.patch create mode 100644 package/network/services/openconnect/Config.in create mode 100644 package/network/services/openconnect/Makefile create mode 100644 package/network/services/openconnect/README create mode 100755 package/network/services/openconnect/files/openconnect-wrapper create mode 100755 package/network/services/openconnect/files/openconnect.sh create mode 100644 package/network/services/openconnect/files/openconnect.upgrade create mode 100644 package/network/services/p910nd/Makefile create mode 100644 package/network/services/p910nd/files/p910nd.config create mode 100644 package/network/services/p910nd/files/p910nd.hotplug create mode 100644 package/network/services/p910nd/files/p910nd.init create mode 100644 package/network/services/pppossh/Makefile create mode 100644 package/network/services/pppossh/README.md create mode 100644 package/network/services/pppossh/files/pppossh.sh create mode 100644 package/network/services/unbound/Makefile create mode 100644 package/network/services/unbound/files/README.md create mode 100644 package/network/services/unbound/files/defaults.sh create mode 100644 package/network/services/unbound/files/dnsmasq.sh create mode 100644 package/network/services/unbound/files/iptools.sh create mode 100644 package/network/services/unbound/files/odhcpd.awk create mode 100644 package/network/services/unbound/files/odhcpd.sh create mode 100644 package/network/services/unbound/files/root.key create mode 100644 package/network/services/unbound/files/stopping.sh create mode 100755 package/network/services/unbound/files/unbound.init create mode 100755 package/network/services/unbound/files/unbound.ntpd create mode 100644 package/network/services/unbound/files/unbound.sh create mode 100644 package/network/services/unbound/files/unbound.uci create mode 100644 package/network/services/unbound/files/unbound_ext.conf create mode 100644 package/network/services/unbound/files/unbound_srv.conf create mode 100644 package/network/services/unbound/patches/100-example-conf-in.patch create mode 100644 package/network/services/vpnc-scripts/Makefile create mode 100755 package/network/services/vpnc-scripts/files/vpnc-script create mode 100644 package/network/services/vpnc/Config.in create mode 100644 package/network/services/vpnc/Makefile create mode 100644 package/network/services/vpnc/README create mode 100755 package/network/services/vpnc/files/vpnc.sh create mode 100644 package/network/services/vpnc/files/vpnc.upgrade create mode 100644 package/network/services/vpnc/patches/001-cross.patch create mode 100644 package/network/services/vpnc/patches/100-musl-compat.patch create mode 100644 package/network/services/vpnc/patches/110-openssl-deprecated.patch create mode 100644 package/utils/kmod/Makefile create mode 100644 package/utils/kmod/patches/001-fix_pkgconfig_file.patch create mode 100644 package/utils/pciutils/Makefile create mode 100644 package/utils/pciutils/patches/100-remove-no-timestamping.patch create mode 100644 package/utils/pciutils/patches/101-no-strip.patch create mode 100644 package/utils/pciutils/patches/102-compressed-ids.patch create mode 100644 package/utils/pciutils/patches/103-relative-path-ids.patch create mode 100644 package/utils/pciutils/patches/104-resolv.patch create mode 100644 package/utils/pciutils/patches/105-fix-host.patch create mode 100644 package/utils/stoken/Makefile create mode 100644 package/utils/xz/Makefile create mode 100644 package/utils/xz/patches/001-relative-pkg-config-paths.patch diff --git a/package/kernel/linux/modules/usb.mk b/package/kernel/linux/modules/usb.mk index 3666a2bff7..9fc60e1553 100644 --- a/package/kernel/linux/modules/usb.mk +++ b/package/kernel/linux/modules/usb.mk @@ -374,7 +374,6 @@ define KernelPackage/usb2 +TARGET_brcm47xx:kmod-usb-bcma \ +TARGET_brcm47xx:kmod-usb-ssb \ +TARGET_bcm53xx:kmod-usb-bcma \ - +TARGET_bcm53xx:kmod-phy-bcm-ns-usb2 \ +TARGET_ath79:kmod-phy-ath79-usb \ +kmod-usb-ehci KCONFIG:=\ @@ -1637,8 +1636,7 @@ XHCI_AUTOLOAD := $(patsubst $(LINUX_DIR)/drivers/usb/host/%.ko,%,$(XHCI_FILES)) define KernelPackage/usb3 TITLE:=Support for USB3 controllers DEPENDS:= \ - +TARGET_bcm53xx:kmod-usb-bcma \ - +TARGET_bcm53xx:kmod-phy-bcm-ns-usb3 + +TARGET_bcm53xx:kmod-usb-bcma KCONFIG:= \ CONFIG_USB_PCI=y \ CONFIG_USB_XHCI_HCD \ diff --git a/package/libs/cyrus-sasl/Makefile b/package/libs/cyrus-sasl/Makefile new file mode 100644 index 0000000000..2a670e9b6e --- /dev/null +++ b/package/libs/cyrus-sasl/Makefile @@ -0,0 +1,113 @@ +# +# Copyright (C) 2006-2014 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=cyrus-sasl +PKG_VERSION:=2.1.27 +PKG_RELEASE:=1 + +PKG_MAINTAINER:=W. Michael Petullo + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://www.cyrusimap.org/releases/ +PKG_HASH:=26866b1549b00ffd020f188a43c258017fa1c382b3ddadd8201536f72efb05d5 + +PKG_LICENSE:=BSD-4c BSD +PKG_LICENSE_FILES:=COPYING cmulocal/COPYING saslauthd/COPYING +PKG_CPE_ID:=cpe:/a:cmu:cyrus-sasl + +PKG_FIXUP:=autoreconf +PKG_MACRO_PATHS:=cmulocal config ../cmulocal ../config +PKG_AUTOMAKE_PATHS:=. saslauthd sasldb +PKG_REMOVE_FILES:=aclocal.m4 saslauthd/aclocal.m4 config/libtool.m4 + +include $(INCLUDE_DIR)/package.mk + +define Package/libsasl2 + SECTION:=libs + CATEGORY:=Libraries + TITLE:=A general purpose authentication library + URL:=http://asg.web.cmu.edu/sasl/ + DEPENDS:=+libopenssl +endef + +TARGET_CFLAGS += $(FPIC) +CONFIGURE_ARGS += \ + --enable-shared \ + --enable-static \ + --disable-sample \ + --enable-staticdlopen \ + --disable-java \ + --disable-alwaystrue \ + --disable-checkapop \ + --enable-cram \ + --enable-digest \ + --without-auth-sasldb \ + --disable-otp \ + --disable-srp \ + --disable-srp-setpass \ + --disable-krb4 \ + --disable-gssapi \ + --disable-gss_mutexes \ + --enable-plain \ + --enable-anon \ + --disable-login \ + --disable-ntlm \ + --disable-sql \ + --disable-ldapdb \ + --without-dblib \ + --without-gdbm \ + --with-devrandom="/dev/urandom" \ + --without-pam \ + --without-saslauthd \ + --without-authdaemond \ + --without-pwcheck \ + --with-ipctype=unix \ + --with-openssl="$(STAGING_DIR)/usr" \ + --without-des \ + --without-opie \ + --without-ldap \ + --without-mysql \ + --without-pgsql \ + --without-sqlite \ + --without-rc4 \ + --without-dmalloc \ + --without-sfio \ + --disable-sample + +define Build/Compile + $(MAKE) -C $(PKG_BUILD_DIR)/include \ + CC="$(HOSTCC)" \ + LINK="$(HOSTCC) -o makemd5 -lc" \ + CFLAGS="" \ + CPPFLAGS="" \ + makemd5 + $(MAKE) -C $(PKG_BUILD_DIR) \ + DESTDIR="$(PKG_INSTALL_DIR)" \ + all install +endef + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include/ + $(CP) $(PKG_INSTALL_DIR)/usr/include/sasl $(1)/usr/include/ + $(INSTALL_DIR) $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libsasl2.{a,so*} $(1)/usr/lib/ + ln -sf libsasl2.a $(1)/usr/lib/libsasl.a + ln -sf libsasl2.so $(1)/usr/lib/libsasl.so + $(INSTALL_DIR) $(1)/usr/lib/sasl2 + $(CP) $(PKG_INSTALL_DIR)/usr/lib/sasl2/lib*.{a,so*} $(1)/usr/lib/sasl2/ +endef + +define Package/libsasl2/install + $(INSTALL_DIR) $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libsasl2.so* $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/lib/sasl2 + $(CP) $(PKG_INSTALL_DIR)/usr/lib/sasl2/lib*.so* $(1)/usr/lib/sasl2/ +endef + +$(eval $(call BuildPackage,libsasl2)) diff --git a/package/libs/db47/Makefile b/package/libs/db47/Makefile new file mode 100644 index 0000000000..7f642abd95 --- /dev/null +++ b/package/libs/db47/Makefile @@ -0,0 +1,100 @@ +# +# Copyright (C) 2009-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk +include $(INCLUDE_DIR)/uclibc++.mk + +BASE_VERSION:=4.7.25 + +PKG_NAME:=db47 +PKG_VERSION:=$(BASE_VERSION).4.NC +PKG_RELEASE:=5 + +PKG_BUILD_DIR:=$(BUILD_DIR)/db-$(BASE_VERSION).NC +PKG_SOURCE:=db-$(BASE_VERSION).NC.tar.gz +PKG_SOURCE_URL:=http://download.oracle.com/berkeley-db/ +PKG_HASH:=cd39c711023ff44c01d3c8ff0323eef7318660772b24f287556e6bf676a12535 + +PKG_MAINTAINER:=Marcel Denia +PKG_LICENSE:=Sleepycat +PKG_LICENSE_FILES:=LICENSE + +PKG_FIXUP:=autoreconf +PKG_LIBTOOL_PATHS:=. build_unix +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/libdb47 + SECTION:=libs + CATEGORY:=Libraries + DEPENDS:=+libxml2 + TITLE:=Berkeley DB library (4.7) + URL:=http://www.oracle.com/us/products/database/berkeley-db + PROVIDES:=libdb47-full +endef + +define Package/libdb47/description + Berkeley DB library (4.7). +endef + +define Package/libdb47xx + SECTION:=libs + CATEGORY:=Libraries + DEPENDS:=+libdb47 $(CXX_DEPENDS) + TITLE:=Berkeley DB library (4.7) for C++ + URL:=http://www.oracle.com/us/products/database/berkeley-db + PROVIDES:=libdb47xx-full +endef + +define Package/libdb47xx/description + Berkeley DB library (4.7). C++ wrapper. +endef + +CONFIGURE_PATH = build_unix +CONFIGURE_CMD = ../dist/configure + +CONFIGURE_ARGS += \ + --enable-shared \ + --enable-static \ + --disable-java \ + --with-mutex=POSIX/pthreads/library \ + --disable-tcl \ + --disable-rpc \ + --enable-compat185 \ + --disable-debug \ + $(if $(CONFIG_PACKAGE_libdb47xx),--enable-cxx,--disable-cxx) + +TARGET_CFLAGS += $(FPIC) + +define Build/Compile + +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/build_unix \ + DESTDIR="$(PKG_INSTALL_DIR)" all + $(MAKE) -C $(PKG_BUILD_DIR)/build_unix \ + DESTDIR="$(PKG_INSTALL_DIR)" install +endef + +define Package/libdb47/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libdb-*.so $(1)/usr/lib/ +endef + +define Package/libdb47xx/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libdb_cxx-*.so $(1)/usr/lib/ +endef + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include + $(CP) $(PKG_INSTALL_DIR)/usr/include/db.h $(1)/usr/include/ + $(CP) $(PKG_INSTALL_DIR)/usr/include/db_cxx.h $(1)/usr/include/ + $(INSTALL_DIR) $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libdb*.{a,so} $(1)/usr/lib +endef + +$(eval $(call BuildPackage,libdb47)) +$(eval $(call BuildPackage,libdb47xx)) diff --git a/package/libs/db47/patches/010-patch.4.7.25.1.patch b/package/libs/db47/patches/010-patch.4.7.25.1.patch new file mode 100644 index 0000000000..f1fd472708 --- /dev/null +++ b/package/libs/db47/patches/010-patch.4.7.25.1.patch @@ -0,0 +1,55 @@ +--- a/sequence/sequence.c ++++ b/sequence/sequence.c +@@ -187,7 +187,11 @@ __seq_open_pp(seq, txn, keyp, flags) + if ((ret = __db_get_flags(dbp, &tflags)) != 0) + goto err; + +- if (DB_IS_READONLY(dbp)) { ++ /* ++ * We can let replication clients open sequences, but must ++ * check later that they do not update them. ++ */ ++ if (F_ISSET(dbp, DB_AM_RDONLY)) { + ret = __db_rdonly(dbp->env, "DB_SEQUENCE->open"); + goto err; + } +@@ -244,6 +248,11 @@ retry: if ((ret = __db_get(dbp, ip, + if ((ret != DB_NOTFOUND && ret != DB_KEYEMPTY) || + !LF_ISSET(DB_CREATE)) + goto err; ++ if (IS_REP_CLIENT(env) && ++ !F_ISSET(dbp, DB_AM_NOT_DURABLE)) { ++ ret = __db_rdonly(env, "DB_SEQUENCE->open"); ++ goto err; ++ } + ret = 0; + + rp = &seq->seq_record; +@@ -296,7 +305,12 @@ retry: if ((ret = __db_get(dbp, ip, + */ + rp = seq->seq_data.data; + if (rp->seq_version == DB_SEQUENCE_OLDVER) { +-oldver: rp->seq_version = DB_SEQUENCE_VERSION; ++oldver: if (IS_REP_CLIENT(env) && ++ !F_ISSET(dbp, DB_AM_NOT_DURABLE)) { ++ ret = __db_rdonly(env, "DB_SEQUENCE->open"); ++ goto err; ++ } ++ rp->seq_version = DB_SEQUENCE_VERSION; + if (!F_ISSET(env, ENV_LITTLEENDIAN)) { + if (IS_DB_AUTO_COMMIT(dbp, txn)) { + if ((ret = +@@ -707,6 +721,13 @@ __seq_get(seq, txn, delta, retp, flags) + + MUTEX_LOCK(env, seq->mtx_seq); + ++ if (handle_check && IS_REP_CLIENT(env) && ++ !F_ISSET(dbp, DB_AM_NOT_DURABLE)) { ++ ret = __db_rdonly(env, "DB_SEQUENCE->get"); ++ goto err; ++ } ++ ++ + if (rp->seq_min + delta > rp->seq_max) { + __db_errx(env, "Sequence overflow"); + ret = EINVAL; diff --git a/package/libs/db47/patches/020-patch.4.7.25.2.patch b/package/libs/db47/patches/020-patch.4.7.25.2.patch new file mode 100644 index 0000000000..ddf830a301 --- /dev/null +++ b/package/libs/db47/patches/020-patch.4.7.25.2.patch @@ -0,0 +1,42 @@ +--- a/lock/lock.c ++++ b/lock/lock.c +@@ -1274,10 +1274,12 @@ __lock_put_internal(lt, lockp, obj_ndx, + SH_TAILQ_REMOVE( + <->obj_tab[obj_ndx], sh_obj, links, __db_lockobj); + if (sh_obj->lockobj.size > sizeof(sh_obj->objdata)) { +- LOCK_REGION_LOCK(env); ++ if (region->part_t_size != 1) ++ LOCK_REGION_LOCK(env); + __env_alloc_free(<->reginfo, + SH_DBT_PTR(&sh_obj->lockobj)); +- LOCK_REGION_UNLOCK(env); ++ if (region->part_t_size != 1) ++ LOCK_REGION_UNLOCK(env); + } + SH_TAILQ_INSERT_HEAD( + &FREE_OBJS(lt, part_id), sh_obj, links, __db_lockobj); +@@ -1467,15 +1469,21 @@ retry: SH_TAILQ_FOREACH(sh_obj, <->obj + if (obj->size <= sizeof(sh_obj->objdata)) + p = sh_obj->objdata; + else { +- LOCK_REGION_LOCK(env); ++ /* ++ * If we have only one partition, the region is locked. ++ */ ++ if (region->part_t_size != 1) ++ LOCK_REGION_LOCK(env); + if ((ret = + __env_alloc(<->reginfo, obj->size, &p)) != 0) { + __db_errx(env, + "No space for lock object storage"); +- LOCK_REGION_UNLOCK(env); ++ if (region->part_t_size != 1) ++ LOCK_REGION_UNLOCK(env); + goto err; + } +- LOCK_REGION_UNLOCK(env); ++ if (region->part_t_size != 1) ++ LOCK_REGION_UNLOCK(env); + } + + memcpy(p, obj->data, obj->size); diff --git a/package/libs/db47/patches/030-patch.4.7.25.3.patch b/package/libs/db47/patches/030-patch.4.7.25.3.patch new file mode 100644 index 0000000000..12bbeddb3e --- /dev/null +++ b/package/libs/db47/patches/030-patch.4.7.25.3.patch @@ -0,0 +1,211 @@ +--- a/lock/lock_deadlock.c ++++ b/lock/lock_deadlock.c +@@ -121,7 +121,7 @@ __lock_detect(env, atype, rejectp) + DB_LOCKTAB *lt; + db_timespec now; + locker_info *idmap; +- u_int32_t *bitmap, *copymap, **deadp, **free_me, *tmpmap; ++ u_int32_t *bitmap, *copymap, **deadp, **deadlist, *tmpmap; + u_int32_t i, cid, keeper, killid, limit, nalloc, nlockers; + u_int32_t lock_max, txn_max; + int ret, status; +@@ -133,7 +133,8 @@ __lock_detect(env, atype, rejectp) + if (IS_REP_CLIENT(env)) + atype = DB_LOCK_MINWRITE; + +- free_me = NULL; ++ copymap = tmpmap = NULL; ++ deadlist = NULL; + + lt = env->lk_handle; + if (rejectp != NULL) +@@ -179,11 +180,11 @@ __lock_detect(env, atype, rejectp) + memcpy(copymap, bitmap, nlockers * sizeof(u_int32_t) * nalloc); + + if ((ret = __os_calloc(env, sizeof(u_int32_t), nalloc, &tmpmap)) != 0) +- goto err1; ++ goto err; + + /* Find a deadlock. */ + if ((ret = +- __dd_find(env, bitmap, idmap, nlockers, nalloc, &deadp)) != 0) ++ __dd_find(env, bitmap, idmap, nlockers, nalloc, &deadlist)) != 0) + return (ret); + + /* +@@ -204,8 +205,7 @@ __lock_detect(env, atype, rejectp) + txn_max = TXN_MAXIMUM; + + killid = BAD_KILLID; +- free_me = deadp; +- for (; *deadp != NULL; deadp++) { ++ for (deadp = deadlist; *deadp != NULL; deadp++) { + if (rejectp != NULL) + ++*rejectp; + killid = (u_int32_t)(*deadp - bitmap) / nalloc; +@@ -342,11 +342,12 @@ dokill: if (killid == BAD_KILLID) { + __db_msg(env, + "Aborting locker %lx", (u_long)idmap[killid].id); + } +- __os_free(env, tmpmap); +-err1: __os_free(env, copymap); +- +-err: if (free_me != NULL) +- __os_free(env, free_me); ++err: if(copymap != NULL) ++ __os_free(env, copymap); ++ if (deadlist != NULL) ++ __os_free(env, deadlist); ++ if(tmpmap != NULL) ++ __os_free(env, tmpmap); + __os_free(env, bitmap); + __os_free(env, idmap); + +@@ -360,6 +361,17 @@ err: if (free_me != NULL) + + #define DD_INVALID_ID ((u_int32_t) -1) + ++/* ++ * __dd_build -- ++ * Build the lock dependency bit maps. ++ * Notes on synchronization: ++ * LOCK_SYSTEM_LOCK is used to hold objects locked when we have ++ * a single partition. ++ * LOCK_LOCKERS is held while we are walking the lockers list and ++ * to single thread the use of lockerp->dd_id. ++ * LOCK_DD protects the DD list of objects. ++ */ ++ + static int + __dd_build(env, atype, bmp, nlockers, allocp, idmap, rejectp) + ENV *env; +@@ -393,6 +405,7 @@ __dd_build(env, atype, bmp, nlockers, al + * In particular we do not build the conflict array and our caller + * needs to expect this. + */ ++ LOCK_SYSTEM_LOCK(lt, region); + if (atype == DB_LOCK_EXPIRE) { + skip: LOCK_DD(env, region); + op = SH_TAILQ_FIRST(®ion->dd_objs, __db_lockobj); +@@ -430,17 +443,18 @@ skip: LOCK_DD(env, region); + OBJECT_UNLOCK(lt, region, indx); + } + UNLOCK_DD(env, region); ++ LOCK_SYSTEM_UNLOCK(lt, region); + goto done; + } + + /* +- * We'll check how many lockers there are, add a few more in for +- * good measure and then allocate all the structures. Then we'll +- * verify that we have enough room when we go back in and get the +- * mutex the second time. ++ * Allocate after locking the region ++ * to make sure the structures are large enough. + */ +-retry: count = region->stat.st_nlockers; ++ LOCK_LOCKERS(env, region); ++ count = region->stat.st_nlockers; + if (count == 0) { ++ UNLOCK_LOCKERS(env, region); + *nlockers = 0; + return (0); + } +@@ -448,50 +462,37 @@ retry: count = region->stat.st_nlockers; + if (FLD_ISSET(env->dbenv->verbose, DB_VERB_DEADLOCK)) + __db_msg(env, "%lu lockers", (u_long)count); + +- count += 20; + nentries = (u_int32_t)DB_ALIGN(count, 32) / 32; + +- /* +- * Allocate enough space for a count by count bitmap matrix. +- * +- * XXX +- * We can probably save the malloc's between iterations just +- * reallocing if necessary because count grew by too much. +- */ ++ /* Allocate enough space for a count by count bitmap matrix. */ + if ((ret = __os_calloc(env, (size_t)count, +- sizeof(u_int32_t) * nentries, &bitmap)) != 0) ++ sizeof(u_int32_t) * nentries, &bitmap)) != 0) { ++ UNLOCK_LOCKERS(env, region); + return (ret); ++ } + + if ((ret = __os_calloc(env, + sizeof(u_int32_t), nentries, &tmpmap)) != 0) { ++ UNLOCK_LOCKERS(env, region); + __os_free(env, bitmap); + return (ret); + } + + if ((ret = __os_calloc(env, + (size_t)count, sizeof(locker_info), &id_array)) != 0) { ++ UNLOCK_LOCKERS(env, region); + __os_free(env, bitmap); + __os_free(env, tmpmap); + return (ret); + } + + /* +- * Now go back in and actually fill in the matrix. +- */ +- if (region->stat.st_nlockers > count) { +- __os_free(env, bitmap); +- __os_free(env, tmpmap); +- __os_free(env, id_array); +- goto retry; +- } +- +- /* + * First we go through and assign each locker a deadlock detector id. + */ + id = 0; +- LOCK_LOCKERS(env, region); + SH_TAILQ_FOREACH(lip, ®ion->lockers, ulinks, __db_locker) { + if (lip->master_locker == INVALID_ROFF) { ++ DB_ASSERT(env, id < count); + lip->dd_id = id++; + id_array[lip->dd_id].id = lip->id; + switch (atype) { +@@ -510,7 +511,6 @@ retry: count = region->stat.st_nlockers; + lip->dd_id = DD_INVALID_ID; + + } +- UNLOCK_LOCKERS(env, region); + + /* + * We only need consider objects that have waiters, so we use +@@ -669,7 +669,6 @@ again: memset(bitmap, 0, count * sizeof + * status after building the bit maps so that we will not detect + * a blocked transaction without noting that it is already aborting. + */ +- LOCK_LOCKERS(env, region); + for (id = 0; id < count; id++) { + if (!id_array[id].valid) + continue; +@@ -738,6 +737,7 @@ get_lock: id_array[id].last_lock = R_OF + id_array[id].in_abort = 1; + } + UNLOCK_LOCKERS(env, region); ++ LOCK_SYSTEM_UNLOCK(lt, region); + + /* + * Now we can release everything except the bitmap matrix that we +@@ -839,6 +839,7 @@ __dd_abort(env, info, statusp) + ret = 0; + + /* We must lock so this locker cannot go away while we abort it. */ ++ LOCK_SYSTEM_LOCK(lt, region); + LOCK_LOCKERS(env, region); + + /* +@@ -895,6 +896,7 @@ __dd_abort(env, info, statusp) + done: OBJECT_UNLOCK(lt, region, info->last_ndx); + err: + out: UNLOCK_LOCKERS(env, region); ++ LOCK_SYSTEM_UNLOCK(lt, region); + return (ret); + } + diff --git a/package/libs/db47/patches/040-patch.4.7.25.4.patch b/package/libs/db47/patches/040-patch.4.7.25.4.patch new file mode 100644 index 0000000000..7db406120d --- /dev/null +++ b/package/libs/db47/patches/040-patch.4.7.25.4.patch @@ -0,0 +1,118 @@ +--- a/dbinc/repmgr.h ++++ b/dbinc/repmgr.h +@@ -374,6 +374,7 @@ typedef struct { + #define SITE_FROM_EID(eid) (&db_rep->sites[eid]) + #define EID_FROM_SITE(s) ((int)((s) - (&db_rep->sites[0]))) + #define IS_VALID_EID(e) ((e) >= 0) ++#define IS_KNOWN_REMOTE_SITE(e) ((e) >= 0 && ((u_int)(e)) < db_rep->site_cnt) + #define SELF_EID INT_MAX + + #define IS_PEER_POLICY(p) ((p) == DB_REPMGR_ACKS_ALL_PEERS || \ +--- a/rep/rep_elect.c ++++ b/rep/rep_elect.c +@@ -33,7 +33,7 @@ static int __rep_elect_init + static int __rep_fire_elected __P((ENV *, REP *, u_int32_t)); + static void __rep_elect_master __P((ENV *, REP *)); + static int __rep_tally __P((ENV *, REP *, int, u_int32_t *, u_int32_t, roff_t)); +-static int __rep_wait __P((ENV *, db_timeout_t *, int *, int, u_int32_t)); ++static int __rep_wait __P((ENV *, db_timeout_t *, int, u_int32_t)); + + /* + * __rep_elect -- +@@ -55,7 +55,7 @@ __rep_elect(dbenv, given_nsites, nvotes, + ENV *env; + LOG *lp; + REP *rep; +- int done, eid, elected, full_elect, locked, in_progress, need_req; ++ int done, elected, full_elect, locked, in_progress, need_req; + int ret, send_vote, t_ret; + u_int32_t ack, ctlflags, egen, nsites, orig_tally, priority, realpri; + u_int32_t tiebreaker; +@@ -181,8 +181,7 @@ __rep_elect(dbenv, given_nsites, nvotes, + REP_SYSTEM_UNLOCK(env); + (void)__rep_send_message(env, DB_EID_BROADCAST, + REP_MASTER_REQ, NULL, NULL, 0, 0); +- ret = __rep_wait(env, &to, &eid, +- 0, REP_F_EPHASE0); ++ ret = __rep_wait(env, &to, 0, REP_F_EPHASE0); + REP_SYSTEM_LOCK(env); + F_CLR(rep, REP_F_EPHASE0); + switch (ret) { +@@ -286,11 +285,11 @@ restart: + REP_SYSTEM_LOCK(env); + goto vote; + } +- ret = __rep_wait(env, &to, &eid, full_elect, REP_F_EPHASE1); ++ ret = __rep_wait(env, &to, full_elect, REP_F_EPHASE1); + switch (ret) { + case 0: + /* Check if election complete or phase complete. */ +- if (eid != DB_EID_INVALID && !IN_ELECTION(rep)) { ++ if (!IN_ELECTION(rep)) { + RPRINT(env, DB_VERB_REP_ELECT, + (env, "Ended election phase 1")); + goto edone; +@@ -398,15 +397,12 @@ phase2: + REP_SYSTEM_LOCK(env); + goto i_won; + } +- ret = __rep_wait(env, &to, &eid, full_elect, REP_F_EPHASE2); ++ ret = __rep_wait(env, &to, full_elect, REP_F_EPHASE2); + RPRINT(env, DB_VERB_REP_ELECT, + (env, "Ended election phase 2 %d", ret)); + switch (ret) { + case 0: +- if (eid != DB_EID_INVALID) +- goto edone; +- ret = DB_REP_UNAVAIL; +- break; ++ goto edone; + case DB_REP_EGENCHG: + if (to > timeout) + to = timeout; +@@ -1050,13 +1046,6 @@ __rep_elect_master(env, rep) + ENV *env; + REP *rep; + { +- /* +- * We often come through here twice, sometimes even more. We mustn't +- * let the redundant calls affect stats counting. But rep_elect relies +- * on this first part for setting eidp. +- */ +- rep->master_id = rep->eid; +- + if (F_ISSET(rep, REP_F_MASTERELECT | REP_F_MASTER)) { + /* We've been through here already; avoid double counting. */ + return; +@@ -1093,10 +1082,10 @@ __rep_fire_elected(env, rep, egen) + (timeout > 5000000) ? 500000 : ((timeout >= 10) ? timeout / 10 : 1); + + static int +-__rep_wait(env, timeoutp, eidp, full_elect, flags) ++__rep_wait(env, timeoutp, full_elect, flags) + ENV *env; + db_timeout_t *timeoutp; +- int *eidp, full_elect; ++ int full_elect; + u_int32_t flags; + { + DB_REP *db_rep; +@@ -1174,7 +1163,6 @@ __rep_wait(env, timeoutp, eidp, full_ele + F_CLR(rep, REP_F_EGENUPDATE); + ret = DB_REP_EGENCHG; + } else if (phase_over) { +- *eidp = rep->master_id; + done = 1; + ret = 0; + } +--- a/repmgr/repmgr_net.c ++++ b/repmgr/repmgr_net.c +@@ -100,6 +100,8 @@ __repmgr_send(dbenv, control, rec, lsnp, + control, rec, &nsites_sent, &npeers_sent)) != 0) + goto out; + } else { ++ DB_ASSERT(env, IS_KNOWN_REMOTE_SITE(eid)); ++ + /* + * If this is a request that can be sent anywhere, then see if + * we can send it to our peer (to save load on the master), but diff --git a/package/libs/db47/patches/100-repmgr-format-security.patch b/package/libs/db47/patches/100-repmgr-format-security.patch new file mode 100644 index 0000000000..58cfafdd01 --- /dev/null +++ b/package/libs/db47/patches/100-repmgr-format-security.patch @@ -0,0 +1,11 @@ +--- a/repmgr/repmgr_net.c ++++ b/repmgr/repmgr_net.c +@@ -1136,7 +1136,7 @@ __repmgr_listen(env) + } + + ret = net_errno; +- __db_err(env, ret, why); ++ __db_err(env, ret, "%s", why); + clean: if (s != INVALID_SOCKET) + (void)closesocket(s); + return (ret); diff --git a/package/libs/expat/Makefile b/package/libs/expat/Makefile new file mode 100644 index 0000000000..ec064986c1 --- /dev/null +++ b/package/libs/expat/Makefile @@ -0,0 +1,70 @@ +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=expat +PKG_VERSION:=2.2.7 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=@SF/expat +PKG_HASH:=30e3f40acf9a8fdbd5c379bdcc8d1178a1d9af306de29fc8ece922bc4c57bef8 + +PKG_MAINTAINER:=Ted Hess +PKG_LICENSE:=MIT +PKG_LICENSE_FILES:=COPYING +PKG_CPE_ID:=cpe:/a:libexpat:expat + +PKG_FIXUP:=autoreconf +PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/host-build.mk +include $(INCLUDE_DIR)/package.mk + +define Package/libexpat + SECTION:=libs + CATEGORY:=Libraries + TITLE:=An XML parsing library + URL:=https://libexpat.github.io/ +endef + +define Package/libexpat/description + A fast, non-validating, stream-oriented XML parsing library. +endef + +TARGET_CFLAGS += $(FPIC) + +CONFIGURE_ARGS += \ + --enable-shared \ + --enable-static \ + --without-docbook + +HOST_CONFIGURE_ARGS += \ + --without-docbook + +define Host/Install + $(MAKE) -C $(HOST_BUILD_DIR) install +endef + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include + $(CP) $(PKG_INSTALL_DIR)/usr/include/expat{,_external}.h $(1)/usr/include/ + + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/expat.pc $(1)/usr/lib/pkgconfig/ + + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libexpat.{a,so*} $(1)/usr/lib/ +endef + +define Package/libexpat/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libexpat.so.* $(1)/usr/lib/ +endef + +$(eval $(call HostBuild)) +$(eval $(call BuildPackage,libexpat)) diff --git a/package/libs/gnutls/Config.in b/package/libs/gnutls/Config.in new file mode 100644 index 0000000000..88dbc7a935 --- /dev/null +++ b/package/libs/gnutls/Config.in @@ -0,0 +1,52 @@ +# gnutls avanced configuration + +menu "Configuration" + depends on PACKAGE_libgnutls + +config GNUTLS_DTLS_SRTP + bool "enable DTLS SRTP support" + default y + +config GNUTLS_ALPN + bool "enable ALPN support" + default y + +config GNUTLS_OCSP + bool "enable ocsp support" + default y + +config GNUTLS_CRYPTODEV + bool "enable /dev/crypto support" + default n + +config GNUTLS_HEARTBEAT + bool "enable DTLS heartbeat support" + default y + +config GNUTLS_SRP + bool "enable SRP authentication support" + default n + +config GNUTLS_PSK + bool "enable PSK authentication support" + default y + +config GNUTLS_ANON + bool "enable anonymous authentication support" + default y + +config GNUTLS_TPM + bool "enable tpm support" + select GNUTLS_PKCS11 + default n + +config GNUTLS_PKCS11 + bool "enable smart card (PKCS11) support" + select GNUTLS_EXT_LIBTASN1 + default n + +config GNUTLS_EXT_LIBTASN1 + bool "use external libtasn1" + default n + +endmenu diff --git a/package/libs/gnutls/Makefile b/package/libs/gnutls/Makefile new file mode 100644 index 0000000000..61312207e1 --- /dev/null +++ b/package/libs/gnutls/Makefile @@ -0,0 +1,250 @@ +# +# Copyright (C) 2005-2016 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=gnutls +PKG_VERSION:=3.6.9 +PKG_RELEASE:=1 +PKG_USE_MIPS16:=0 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6 +PKG_HASH:=4331fca55817ecdd74450b908a6c29b4f05bb24dd13144c6284aa34d872e1fcb +#PKG_FIXUP:=autoreconf gettext-version +PKG_MAINTAINER:=Nikos Mavrogiannopoulos +PKG_LICENSE:=LGPLv2.1+ +PKG_CPE_ID:=cpe:/a:gnu:gnutls + +PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 +PKG_LIBTOOL_PATHS:=. lib + +PKG_CONFIG_DEPENDS:= \ + CONFIG_GNUTLS_ALPN \ + CONFIG_GNUTLS_ANON \ + CONFIG_GNUTLS_CRYPTODEV \ + CONFIG_GNUTLS_DTLS_SRTP \ + CONFIG_GNUTLS_EXT_LIBTASN1 \ + CONFIG_GNUTLS_HEARTBEAT \ + CONFIG_GNUTLS_OCSP \ + CONFIG_GNUTLS_PKCS11 \ + CONFIG_GNUTLS_PSK \ + CONFIG_GNUTLS_SRP \ + CONFIG_GNUTLS_TPM \ + CONFIG_LIBNETTLE_MINI \ + +include $(INCLUDE_DIR)/package.mk + + +define Package/gnutls/Default + SUBMENU:=SSL + SECTION:=libs + CATEGORY:=Libraries + TITLE:=GNU TLS + URL:=http://www.gnutls.org/ +endef + +define Package/gnutls/Default/description + GnuTLS is a secure communications library implementing the SSL, TLS + and DTLS protocols and technologies around them. It provides a simple + C language application programming interface (API) to access the secure + communications protocols as well as APIs to parse and write X.509, PKCS12, + OpenPGP and other required structures. It is aimed to be portable and + efficient with focus on security and interoperability. +endef + + +define Package/certtool +$(call Package/gnutls/Default) + SECTION:=utils + CATEGORY:=Utilities + SUBMENU:=Encryption + TITLE+= (certool utility) + DEPENDS+= +libgnutls +endef + +define Package/certtool/description +$(call Package/gnutls/Default/description) + This package contains the GnuTLS certtool utility. +endef + + +define Package/gnutls-utils +$(call Package/gnutls/Default) + SECTION:=utils + CATEGORY:=Utilities + SUBMENU:=Encryption + TITLE+= (utilities) + DEPENDS+= +libgnutls +endef + +define Package/gnutls-utils/description +$(call Package/gnutls/Default/description) + This package contains the GnuTLS gnutls-cli, gnutls-serv, psktool, + and srptool utilities. +endef + +define Package/libgnutls/config + source "$(SOURCE)/Config.in" +endef + +define Package/libgnutls +$(call Package/gnutls/Default) + TITLE+= (library) + DEPENDS+= +libnettle +!LIBNETTLE_MINI:libgmp +GNUTLS_EXT_LIBTASN1:libtasn1 +GNUTLS_PKCS11:p11-kit +GNUTLS_CRYPTODEV:kmod-cryptodev +libatomic +endef + +define Package/libgnutls/description +$(call Package/gnutls/Default/description) + This package contains the GnuTLS shared library, needed by other programs. +endef + +# We disable the configuration file (system-priority-file) because +# the use of configuration increases the non-shared memory used by +# the library and we don't provide an openwrt-specific configuration +# anyway. +CONFIGURE_ARGS+= \ + --enable-shared \ + --enable-static \ + --disable-doc \ + --disable-gcc-warnings \ + --disable-guile \ + --disable-rpath \ + --disable-seccomp-tests \ + --disable-tests \ + --disable-valgrind-tests \ + \ + --disable-libdane \ + --disable-ssl2-support \ + --disable-ssl3-support \ + --enable-local-libopts \ + --without-idn \ + --with-default-trust-store-dir=/etc/ssl/certs/ \ + --with-included-unistring \ + --with-librt-prefix="$(LIBRT_ROOT_DIR)/" \ + --with-pic \ + --with-system-priority-file="" + +ifneq ($(CONFIG_GNUTLS_EXT_LIBTASN1),y) +CONFIGURE_ARGS += --with-included-libtasn1 +endif + +ifneq ($(CONFIG_GNUTLS_PKCS11),y) +CONFIGURE_ARGS += --without-p11-kit +endif + +ifeq ($(CONFIG_LIBNETTLE_MINI),y) +CONFIGURE_ARGS += --with-nettle-mini +endif + +ifneq ($(CONFIG_GNUTLS_DTLS_SRTP),y) +CONFIGURE_ARGS += --disable-dtls-srtp-support +endif + +ifneq ($(CONFIG_GNUTLS_ALPN),y) +CONFIGURE_ARGS += --disable-alpn-support +endif + +ifneq ($(CONFIG_GNUTLS_HEARTBEAT),y) +CONFIGURE_ARGS += --disable-heartbeat-support +endif + +ifneq ($(CONFIG_GNUTLS_SRP),y) +CONFIGURE_ARGS += --disable-srp-authentication +endif + +ifneq ($(CONFIG_GNUTLS_PSK),y) +CONFIGURE_ARGS += --disable-psk-authentication +endif + +ifneq ($(CONFIG_GNUTLS_ANON),y) +CONFIGURE_ARGS += --disable-anon-authentication +endif + +ifneq ($(CONFIG_GNUTLS_OCSP),y) +CONFIGURE_ARGS += --disable-ocsp +endif + +ifneq ($(CONFIG_GNUTLS_TPM),y) +CONFIGURE_ARGS += --without-tpm +endif + +ifeq ($(CONFIG_GNUTLS_CRYPTODEV),y) +CONFIGURE_ARGS += --enable-cryptodev +endif + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib/pkgconfig + $(CP) \ + $(PKG_INSTALL_DIR)/usr/lib/libgnutls.so* \ + $(1)/usr/lib/ + $(CP) \ + $(PKG_INSTALL_DIR)/usr/include/gnutls \ + $(1)/usr/include/ + $(CP) \ + $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/gnutls.pc \ + $(1)/usr/lib/pkgconfig/ +endef + + +define Package/certtool/conffiles +/etc/gnutls/certtool.cfg +endef + +define Package/certtool/install + $(INSTALL_DIR) $(1)/etc/gnutls + $(INSTALL_CONF) $(PKG_BUILD_DIR)/doc/certtool.cfg $(1)/etc/gnutls/ + $(INSTALL_DIR) $(1)/usr/bin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/certtool $(1)/usr/bin/ +endef + + +define Package/gnutls-utils/install + $(INSTALL_DIR) $(1)/usr/bin +ifeq ($(CONFIG_GNUTLS_OCSP),y) +ifeq ($(CONFIG_GNUTLS_ANON),y) + $(CP) \ + $(PKG_INSTALL_DIR)/usr/bin/gnutls-{cli,serv} \ + $(1)/usr/bin/ +endif + $(CP) \ + $(PKG_INSTALL_DIR)/usr/bin/ocsptool \ + $(1)/usr/bin/ +endif +ifeq ($(CONFIG_GNUTLS_SRP),y) + $(CP) \ + $(PKG_INSTALL_DIR)/usr/bin/srptool \ + $(1)/usr/bin/ +endif +ifeq ($(CONFIG_GNUTLS_PSK),y) + $(CP) \ + $(PKG_INSTALL_DIR)/usr/bin/psktool \ + $(1)/usr/bin/ +endif +ifeq ($(CONFIG_GNUTLS_PKCS11),y) + $(CP) \ + $(PKG_INSTALL_DIR)/usr/bin/p11tool \ + $(1)/usr/bin/ +endif +ifeq ($(CONFIG_GNUTLS_TPM),y) + $(CP) \ + $(PKG_INSTALL_DIR)/usr/bin/tpmtool \ + $(1)/usr/bin/ +endif +endef + + +define Package/libgnutls/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgnutls.so.* $(1)/usr/lib/ +endef + + +$(eval $(call BuildPackage,certtool)) +$(eval $(call BuildPackage,gnutls-utils)) +$(eval $(call BuildPackage,libgnutls)) diff --git a/package/libs/icu/Makefile b/package/libs/icu/Makefile new file mode 100644 index 0000000000..e7ca37bf54 --- /dev/null +++ b/package/libs/icu/Makefile @@ -0,0 +1,163 @@ +# +# Copyright (C) 2006-2016 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=icu4c +MAJOR_VERSION:=64 +MINOR_VERSION:=2 +PKG_VERSION:=$(MAJOR_VERSION).$(MINOR_VERSION) +PKG_RELEASE:=2 + +PKG_SOURCE:=$(PKG_NAME)-$(MAJOR_VERSION)_$(MINOR_VERSION)-src.tgz +PKG_SOURCE_URL:=https://github.com/unicode-org/icu/releases/download/release-$(MAJOR_VERSION)-$(MINOR_VERSION) +PKG_HASH:=627d5d8478e6d96fc8c90fed4851239079a561a6a8b9e48b0892f24e82d31d6c + +PKG_LICENSE:=ICU-1.8.1+ +PKG_LICENSE_FILES:=LICENSE +PKG_CPE_ID:=cpe:/a:icu-project:international_components_for_unicode + +PKG_MAINTAINER:=Hirokazu MORIKAWA + +PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) + +PKG_BUILD_DEPENDS:=icu/host + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/host-build.mk + +TAR_OPTIONS+= icu/source --strip-components 2 +TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS) + +define Package/icu + SECTION:=libs + CATEGORY:=Libraries + TITLE:=International Components for Unicode + URL:=http://icu-project.org + DEPENDS:=+libstdcpp +libpthread +endef + +define Package/icu/description + ICU is a mature, widely used set of C/C++ and Java libraries providing Unicode and Globalization support for software applications. ICU is widely portable and gives applications the same results on all platforms and between C/C++ and Java software. + This package supports C/C++. +endef + +define Package/icu-full-data + SECTION:=libs + CATEGORY:=Libraries + TITLE:=Full ICU Data + URL:=http://icu-project.org + DEPENDS:=+icu +endef + +define Package/icu-full-data/description + ICU makes use of a wide variety of data tables to provide many of its services. Examples include converter mapping tables, collation rules, transliteration rules, break iterator rules and dictionaries, and other locale data. + This package contains the complete data library provided by ICU. + A custom data library can be generated at http://apps.icu-project.org/datacustom/ +endef + +define Package/icu-data-tools + SECTION:=libs + CATEGORY:=Libraries + TITLE:=ICU Data manipulation tools + URL:=http://icu-project.org + DEPENDS:=+icu +endef + +define Package/icu-data-tools/description + This package provides tools for manipulating ICU data. +endef + +CONFIGURE_CMD:= ./runConfigureICU +CONFIGURE_ARGS:= \ + Linux/gcc \ + CC="$(TARGET_CC)" \ + CXX="$(TARGET_CXX)" \ + --target=$(GNU_TARGET_NAME) \ + --host=$(GNU_TARGET_NAME) \ + --build=$(GNU_HOST_NAME) \ + --disable-debug \ + --enable-release \ + --enable-shared \ + --enable-static \ + --enable-draft \ + --enable-renaming \ + --disable-tracing \ + --disable-extras \ + --enable-dyload \ + --with-data-packaging=archive \ + --disable-tests \ + --disable-samples \ + --with-cross-build="$(STAGING_DIR_HOSTPKG)/share/icu/$(PKG_VERSION)" \ + --prefix=/usr + +HOST_CONFIGURE_CMD:= ./runConfigureICU +HOST_CONFIGURE_VARS:= +HOST_CONFIGURE_ARGS:= \ + Linux/gcc \ + --disable-debug \ + --enable-release \ + --enable-shared \ + --enable-static \ + --enable-draft \ + --enable-renaming \ + --disable-tracing \ + --disable-extras \ + --enable-dyload \ + --prefix=$(STAGING_DIR_HOSTPKG) + +define Build/Prepare + $(call Build/Prepare/Default) + mkdir -p $(PKG_BUILD_DIR)/data/out +endef + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include + $(INSTALL_DIR) $(1)/usr/lib + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_DIR) $(2)/bin + $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/icu-config $(1)/usr/bin/ + $(SED) 's,^\(prefix\|execprefix\)=.*,\1=$(STAGING_DIR)/usr,g' $(1)/usr/bin/icu-config + $(LN) $(STAGING_DIR)/usr/bin/icu-config $(2)/bin/ +endef + +define Host/Install + $(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/share/icu/$(PKG_VERSION)/config + $(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/share/icu/$(PKG_VERSION)/bin + $(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/share/icu/$(PKG_VERSION)/lib + $(INSTALL_DATA) $(HOST_BUILD_DIR)/config/icucross.* $(STAGING_DIR_HOSTPKG)/share/icu/$(PKG_VERSION)/config/ + $(INSTALL_BIN) $(HOST_BUILD_DIR)/bin/icupkg $(STAGING_DIR_HOSTPKG)/share/icu/$(PKG_VERSION)/bin/ + $(INSTALL_BIN) $(HOST_BUILD_DIR)/bin/pkgdata $(STAGING_DIR_HOSTPKG)/share/icu/$(PKG_VERSION)/bin/ + $(CP) $(HOST_BUILD_DIR)/lib/*.so* $(STAGING_DIR_HOSTPKG)/share/icu/$(PKG_VERSION)/lib/ +endef + +define Package/icu/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib/ +endef + +define Package/icu-full-data/install + $(INSTALL_DIR) $(1)/usr/share/icu/$(PKG_VERSION) + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/icu/$(PKG_VERSION)/icudt*.dat \ + $(1)/usr/share/icu/$(PKG_VERSION)/ +endef + +define Package/icu-data-tools/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/* $(1)/usr/sbin/ +endef + +$(eval $(call HostBuild)) +$(eval $(call BuildPackage,icu)) +$(eval $(call BuildPackage,icu-full-data)) +$(eval $(call BuildPackage,icu-data-tools)) diff --git a/package/libs/icu/patches/000-dont-cpy-files-from-topdirs.patch b/package/libs/icu/patches/000-dont-cpy-files-from-topdirs.patch new file mode 100644 index 0000000000..55dc4859da --- /dev/null +++ b/package/libs/icu/patches/000-dont-cpy-files-from-topdirs.patch @@ -0,0 +1,12 @@ +diff --git a/Makefile.in b/Makefile.in +index 9db6c52..6aa2273 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -190,7 +190,6 @@ install-icu: $(INSTALLED_BUILT_FILES) + $(INSTALL_SCRIPT) $(top_srcdir)/install-sh $(DESTDIR)$(pkgdatadir)/install-sh + @$(MKINSTALLDIRS) $(DESTDIR)$(libdir)/pkgconfig + $(INSTALL_DATA) $(ALL_PKGCONFIG_FILES) $(DESTDIR)$(libdir)/pkgconfig/ +- $(INSTALL_DATA) $(top_srcdir)/../LICENSE $(DESTDIR)$(pkgdatadir)/LICENSE + ifeq ($(INSTALL_ICU_CONFIG),true) + $(INSTALL_SCRIPT) $(top_builddir)/config/icu-config $(DESTDIR)$(bindir)/icu-config + endif diff --git a/package/libs/icu/patches/001-change_optimization_option.patch b/package/libs/icu/patches/001-change_optimization_option.patch new file mode 100644 index 0000000000..6914a07033 --- /dev/null +++ b/package/libs/icu/patches/001-change_optimization_option.patch @@ -0,0 +1,13 @@ +--- a/runConfigureICU ++++ b/runConfigureICU +@@ -239,8 +239,8 @@ + THE_COMP="the GNU C++" + CC=gcc; export CC + CXX=g++; export CXX +- RELEASE_CFLAGS='-O3' +- RELEASE_CXXFLAGS='-O3' ++ RELEASE_CFLAGS=' ' ++ RELEASE_CXXFLAGS=' ' + DEBUG_CFLAGS='-g' + DEBUG_CXXFLAGS='-g' + ;; diff --git a/package/libs/icu/patches/002-Disable-LDFLAGSICUDT-for-Linux.patch b/package/libs/icu/patches/002-Disable-LDFLAGSICUDT-for-Linux.patch new file mode 100644 index 0000000000..bdab3f9365 --- /dev/null +++ b/package/libs/icu/patches/002-Disable-LDFLAGSICUDT-for-Linux.patch @@ -0,0 +1,28 @@ +From 0c82d6aa02c08e41b13c83b14782bd7024e25d59 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sat, 15 Feb 2014 21:06:42 +0000 +Subject: [PATCH] Disable LDFLAGSICUDT for Linux + +Upstream-Status: Inappropriate [ OE Configuration ] + +Signed-off-by: Khem Raj +--- + source/config/mh-linux | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/config/mh-linux b/config/mh-linux +index 366f0cc..2689aab 100644 +--- a/config/mh-linux ++++ b/config/mh-linux +@@ -23,7 +23,7 @@ LD_RPATH= -Wl,-zorigin,-rpath,'$$'ORIGIN + LD_RPATH_PRE = -Wl,-rpath, + + ## These are the library specific LDFLAGS +-LDFLAGSICUDT=-nodefaultlibs -nostdlib ++# LDFLAGSICUDT=-nodefaultlibs -nostdlib + + ## Compiler switch to embed a library name + # The initial tab in the next line is to prevent icu-config from reading it. +-- +1.7.10.4 + diff --git a/package/libs/icu/patches/010-add-big-endian-arm-support.patch b/package/libs/icu/patches/010-add-big-endian-arm-support.patch new file mode 100644 index 0000000000..2c4dee8f42 --- /dev/null +++ b/package/libs/icu/patches/010-add-big-endian-arm-support.patch @@ -0,0 +1,23 @@ +From cb5cf996d123014a2420c853c4db60e4500973b1 Mon Sep 17 00:00:00 2001 +From: Rosen Penev +Date: Mon, 1 Apr 2019 04:52:32 -0700 +Subject: [PATCH] Add big endian ARM support (#92) + +This fixes compilation on such platforms. +--- + double-conversion/utils.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/source/i18n/double-conversion-utils.h b/source/i18n/double-conversion-utils.h +index 1e44fca..b715c65 100644 +--- a/18n/double-conversion-utils.h ++++ b/i18n/double-conversion-utils.h +@@ -99,7 +99,7 @@ int main(int argc, char** argv) { + defined(_POWER) || defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \ + defined(__sparc__) || defined(__sparc) || defined(__s390__) || \ + defined(__SH4__) || defined(__alpha__) || \ +- defined(_MIPS_ARCH_MIPS32R2) || \ ++ defined(_MIPS_ARCH_MIPS32R2) || defined(__ARMEB__) || \ + defined(__AARCH64EL__) || defined(__aarch64__) || defined(__AARCH64EB__) || \ + defined(__riscv) || \ + defined(__or1k__) || defined(__arc__) || \ diff --git a/package/libs/icu/patches/020-uClibc-ng.patch b/package/libs/icu/patches/020-uClibc-ng.patch new file mode 100644 index 0000000000..2d2a3e7b05 --- /dev/null +++ b/package/libs/icu/patches/020-uClibc-ng.patch @@ -0,0 +1,22 @@ +--- a/i18n/decimfmt.cpp ++++ b/i18n/decimfmt.cpp +@@ -1812,7 +1812,7 @@ bool DecimalFormat::fastFormatDouble(double input, UnicodeString& output) const + return false; + } + if (std::isnan(input) +- || std::trunc(input) != input ++ || trunc(input) != input + || input <= INT32_MIN + || input > INT32_MAX) { + return false; +--- a/i18n/number_decimalquantity.cpp ++++ b/i18n/number_decimalquantity.cpp +@@ -446,7 +446,7 @@ void DecimalQuantity::_setToDoubleFast(double n) { + for (; i <= -22; i += 22) n /= 1e22; + n /= DOUBLE_MULTIPLIERS[-i]; + } +- auto result = static_cast(std::round(n)); ++ auto result = static_cast(round(n)); + if (result != 0) { + _setToLong(result); + scale -= fracLength; diff --git a/package/libs/jansson/Makefile b/package/libs/jansson/Makefile new file mode 100644 index 0000000000..cea5132980 --- /dev/null +++ b/package/libs/jansson/Makefile @@ -0,0 +1,52 @@ +# +# Copyright (C) 2011-2017 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=jansson +PKG_VERSION:=2.12 +PKG_RELEASE:=1 +PKG_LICENSE:=MIT + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 +PKG_SOURCE_URL:=http://www.digip.org/jansson/releases/ +PKG_HASH:=645d72cc5dbebd4df608d33988e55aa42a7661039e19a379fcbe5c79d1aee1d2 + +PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/jansson + SECTION:=libs + CATEGORY:=Libraries + TITLE:=Jansson library + URL:=http://www.digip.org/jansson/ + MAINTAINER:=Gergely Kiss +endef + +define Package/jansson/description + Jansson is a C library for encoding, decoding and manipulating JSON data +endef + +TARGET_CFLAGS += $(FPIC) +TARGET_LDFLAGS += -Wl,-rpath-link=$(STAGING_DIR)/usr/lib -lm + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/{lib,include} + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libjansson* $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/* $(1)/usr/lib/pkgconfig + $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ +endef + +define Package/jansson/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libjansson*so* $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,jansson)) diff --git a/package/libs/libcap/Makefile b/package/libs/libcap/Makefile new file mode 100644 index 0000000000..06ff8a1179 --- /dev/null +++ b/package/libs/libcap/Makefile @@ -0,0 +1,89 @@ +# +# Copyright (C) 2011 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libcap +PKG_VERSION:=2.27 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=@KERNEL/linux/libs/security/linux-privs/libcap2 +PKG_HASH:=dac1792d0118bee6aae6ba7fb93ff1602c6a9bda812fd63916eee1435b9c486a + +PKG_MAINTAINER:=Paul Wassi +PKG_LICENSE:=GPL-2.0 +PKG_LICENSE_FILES:=License + +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/kernel.mk + +define Package/libcap + TITLE:=Linux capabilities library + SECTION:=libs + CATEGORY:=Libraries + URL:=https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/ +endef + +define Package/libcap/config + if PACKAGE_libcap + + config PACKAGE_libcap-bin + bool "install libcap executables" + help + Install capsh, getcap, getpcaps, setcap into the target image. + default n + + config PACKAGE_libcap-bin-capsh-shell + string "capsh shell" + depends on PACKAGE_libcap-bin + help + Set the capsh shell. + default "/bin/sh" + + endif +endef + +MAKE_FLAGS += \ + BUILD_CC="$(CC)" \ + BUILD_CFLAGS="$(FPIC) -I$(PKG_BUILD_DIR)/libcap/include" \ + CFLAGS="$(TARGET_CFLAGS)" \ + LD="$(TARGET_CC) -Wl,-x -shared" \ + LDFLAGS="$(TARGET_LDFLAGS)" \ + INDENT="| true" \ + PAM_CAP="no" \ + RAISE_SETFCAP="no" \ + DYNAMIC="yes" \ + lib="lib" + +ifneq ($(CONFIG_PACKAGE_libcap-bin-capsh-shell),) +TARGET_CFLAGS += -DSHELL='\"$(CONFIG_PACKAGE_libcap-bin-capsh-shell)\"' +endif + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include/sys + $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ + $(INSTALL_DIR) $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/lib/* $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/ +endef + +define Package/libcap/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/lib/libcap.so* $(1)/usr/lib/ +ifneq ($(CONFIG_PACKAGE_libcap-bin),) + $(INSTALL_DIR) $(1)/usr/sbin + $(CP) $(PKG_INSTALL_DIR)/sbin/capsh $(1)/usr/sbin/ + $(CP) $(PKG_INSTALL_DIR)/sbin/getcap $(1)/usr/sbin/ + $(CP) $(PKG_INSTALL_DIR)/sbin/getpcaps $(1)/usr/sbin/ + $(CP) $(PKG_INSTALL_DIR)/sbin/setcap $(1)/usr/sbin/ +endif +endef + +$(eval $(call BuildPackage,libcap)) diff --git a/package/libs/libcap/patches/100-portability.patch b/package/libs/libcap/patches/100-portability.patch new file mode 100644 index 0000000000..735a97396b --- /dev/null +++ b/package/libs/libcap/patches/100-portability.patch @@ -0,0 +1,19 @@ +--- a/libcap/_makenames.c ++++ b/libcap/_makenames.c +@@ -7,7 +7,6 @@ + + #include + #include +-#include + + /* + * #include 'sed' generated array +@@ -22,7 +21,7 @@ struct { + }; + + /* this should be more than big enough (factor of three at least) */ +-const char *pointers[8*sizeof(struct __user_cap_data_struct)]; ++const char *pointers[8*12]; + + int main(void) + { diff --git a/package/libs/libcap/patches/200-change-hardcoded-shell-to-sh.patch b/package/libs/libcap/patches/200-change-hardcoded-shell-to-sh.patch new file mode 100644 index 0000000000..27865ff617 --- /dev/null +++ b/package/libs/libcap/patches/200-change-hardcoded-shell-to-sh.patch @@ -0,0 +1,34 @@ +--- a/progs/capsh.c ++++ b/progs/capsh.c +@@ -24,6 +24,9 @@ + #include + #include + ++#ifndef SHELL ++#define SHELL "/bin/sh" ++#endif + #define MAX_GROUPS 100 /* max number of supplementary groups for user */ + + static char *binary(unsigned long value) +@@ -692,10 +695,10 @@ int main(int argc, char *argv[], char *envp[]) + } else if (!strcmp("--print", argv[i])) { + arg_print(); + } else if ((!strcmp("--", argv[i])) || (!strcmp("==", argv[i]))) { +- argv[i] = strdup(argv[i][0] == '-' ? "/bin/bash" : argv[0]); ++ argv[i] = strdup(argv[i][0] == '-' ? SHELL : argv[0]); + argv[argc] = NULL; + execve(argv[i], argv+i, envp); +- fprintf(stderr, "execve /bin/bash failed!\n"); ++ fprintf(stderr, "execve " SHELL " failed!\n"); + exit(1); + } else { + usage: +@@ -720,7 +723,7 @@ int main(int argc, char *argv[], char *envp[]) + " --killit= send signal(n) to child\n" + " --forkfor= fork and make child sleep for sec\n" + " == re-exec(capsh) with args as for --\n" +- " -- remaing arguments are for /bin/bash\n" ++ " -- remaing arguments are for " SHELL "\n" + " (without -- [%s] will simply exit(0))\n", + argv[0], argv[0]); + diff --git a/package/libs/libgcrypt/Makefile b/package/libs/libgcrypt/Makefile new file mode 100644 index 0000000000..42c1e9dee8 --- /dev/null +++ b/package/libs/libgcrypt/Makefile @@ -0,0 +1,73 @@ +# +# Copyright (C) 2005-2011 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libgcrypt +PKG_VERSION:=1.8.4 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 +PKG_SOURCE_URL:=https://www.gnupg.org/ftp/gcrypt/libgcrypt/ +PKG_HASH:=f638143a0672628fde0cad745e9b14deb85dffb175709cacc1f4fe24b93f2227 + +PKG_MAINTAINER:=W. Michael Petullo +PKG_LICENSE:=LGPL-2.1+ GPL-2.0+ +PKG_LICENSE_FILES:=COPYING +PKG_CPE_ID:=cpe:/a:gnupg:libgcrypt + +PKG_FIXUP:=autoreconf patch-libtool +PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/libgcrypt + SECTION:=libs + CATEGORY:=Libraries + DEPENDS:=+libgpg-error + TITLE:=GNU crypto library + URL:=https://www.gnupg.org/related_software/libgcrypt/ +endef + +define Package/libgcrypt/description + This is a general purpose cryptographic library based on the code from + GnuPG. It provides functions for all cryptograhic building blocks: + symmetric ciphers (AES, DES, Arcfour, CAST5), hash algorithms (MD5, SHA-1, + RIPE-MD160, SHA-224/256, SHA-384/512), MACs (HMAC for all hash + algorithms), public key algorithms (RSA, DSA), large integer functions, + random numbers and a lot of supporting functions. Some algorithms have + been disabled to reduce size (Blowfish, Twofish, Serpent, + RC2, SEED, Camellia, CRC, MD4, TIGER-192, Whirlpool, ElGamal, ECC). +endef + +CONFIGURE_ARGS += \ + --enable-shared \ + --enable-static \ + --disable-asm \ + --disable-doc \ + --with-gpg-error-prefix="$(STAGING_DIR)/usr" + +TARGET_CFLAGS += $(FPIC) + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/bin $(2)/bin $(1)/usr/include $(1)/usr/lib $(1)/usr/share/aclocal + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/libgcrypt-config $(1)/usr/bin/ + $(CP) $(PKG_INSTALL_DIR)/usr/include/gcrypt*.h $(1)/usr/include/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgcrypt.{la,a,so*} $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/share/aclocal/libgcrypt.m4 $(1)/usr/share/aclocal/ + $(SED) 's,^libdir=\"$$$${exec_prefix}/lib,libdir=\"$(STAGING_DIR)/usr/lib,g' $(1)/usr/bin/libgcrypt-config + $(SED) 's,^includedir=\"$$$${prefix}/include/,includedir=\"$(STAGING_DIR)/usr/include/,g' $(1)/usr/bin/libgcrypt-config + ln -sf $(STAGING_DIR)/usr/bin/libgcrypt-config $(2)/bin/ +endef + +define Package/libgcrypt/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libgcrypt.so.* $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,libgcrypt)) diff --git a/package/libs/libgpg-error/Makefile b/package/libs/libgpg-error/Makefile new file mode 100644 index 0000000000..8a18cd18a3 --- /dev/null +++ b/package/libs/libgpg-error/Makefile @@ -0,0 +1,86 @@ +# +# Copyright (C) 2005-2011 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libgpg-error +PKG_VERSION:=1.36 +PKG_RELEASE:=3 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 +PKG_SOURCE_URL:=https://mirrors.dotsrc.org/gcrypt/libgpg-error \ + http://ring.ksc.gr.jp/archives/net/gnupg/libgpg-error \ + https://www.gnupg.org/ftp/gcrypt/libgpg-error +PKG_HASH:=babd98437208c163175c29453f8681094bcaf92968a15cafb1a276076b33c97c + +PKG_MAINTAINER:=W. Michael Petullo +PKG_LICENSE:=LGPL-2.1-or-later +PKG_LICENSE_FILES:=COPYING + +PKG_BUILD_PARALLEL:=1 +PKG_INSTALL:=1 +PKG_FIXUP:=autoreconf + +include $(INCLUDE_DIR)/package.mk + +define Package/libgpg-error + SECTION:=libs + CATEGORY:=Libraries + TITLE:=GnuPG error handling helper library + URL:=https://www.gnupg.org/related_software/libgpg-error/ +endef + +define Package/libgpg-error/description + An helper library for common error codes and descriptions. + This is a library that defines common error values for all GnuPG + components. Among these are GPG, GPGSM, GPGME, GPG-Agent, libgcrypt, + Libksba, DirMngr, Pinentry, SmartCard Daemon and possibly more in the + future. +endef + +CONFIGURE_ARGS += \ + --enable-shared \ + --enable-static \ + --disable-doc \ + --disable-languages \ + --disable-rpath \ + --disable-tests + +define Build/InstallDev + $(INSTALL_DIR) $(2)/bin $(1)/usr/bin + $(INSTALL_BIN) \ + $(PKG_INSTALL_DIR)/usr/bin/gpg-error-config \ + $(2)/bin/ + $(SED) \ + 's,^\(prefix\|exec_prefix\)=.*,\1=$(STAGING_DIR)/usr,g' \ + $(2)/bin/gpg-error-config + ln -sf $(STAGING_DIR)/host/bin/gpg-error-config $(1)/usr/bin/gpg-error-config + + $(INSTALL_DIR) $(1)/usr/include + $(INSTALL_DATA) \ + $(PKG_INSTALL_DIR)/usr/include/gpg-error.h \ + $(1)/usr/include/ + + $(INSTALL_DIR) $(1)/usr/lib + $(CP) \ + $(PKG_INSTALL_DIR)/usr/lib/libgpg-error.{la,a,so*} \ + $(1)/usr/lib/ + + $(INSTALL_DIR) $(1)/usr/share/aclocal + $(INSTALL_DATA) \ + $(PKG_INSTALL_DIR)/usr/share/aclocal/gpg-error.m4 \ + $(1)/usr/share/aclocal/ +endef + +define Package/libgpg-error/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) \ + $(PKG_INSTALL_DIR)/usr/lib/libgpg-error.so.* \ + $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,libgpg-error)) diff --git a/package/libs/libgpg-error/patches/001-cross-compile-fix.patch b/package/libs/libgpg-error/patches/001-cross-compile-fix.patch new file mode 100644 index 0000000000..606cdd3785 --- /dev/null +++ b/package/libs/libgpg-error/patches/001-cross-compile-fix.patch @@ -0,0 +1,24 @@ +--- a/configure.ac ++++ b/configure.ac +@@ -74,6 +74,21 @@ AM_SILENT_RULES + AC_CANONICAL_HOST + AB_INIT + ++case "${host}" in ++ x86_64-openwrt-linux-gnu|i?86-openwrt-linux-gnu) ++ host=$(echo $host | sed 's/openwrt/pc/g') ++ ;; ++ arm-openwrt-linux-gnu|armeb-openwrt-linux-gnu) ++ host=arm-unknown-linux-gnueabi ++ ;; ++ mips64-openwrt-linux-gnu) ++ host=mips64el-unknown-linux-gnuabi64 ++ ;; ++ *) ++ host=$(echo $host | sed 's/openwrt/unknown/g') ++ ;; ++esac ++ + # Checks for programs. + AC_PROG_CC + AM_PROG_CC_C_O diff --git a/package/libs/libgpg-error/patches/010-add-arc-support.patch b/package/libs/libgpg-error/patches/010-add-arc-support.patch new file mode 100644 index 0000000000..1020c7e397 --- /dev/null +++ b/package/libs/libgpg-error/patches/010-add-arc-support.patch @@ -0,0 +1,71 @@ +From: Mylene Josserand + +DesignWare ARC Processors are a family of 32-bit CPUs from Synopsys. +This change allows us to build for and use libgpg-error on ARC cores. + +These values were obtained from a test application executed on ARC +in simulation this way: + +1. Instructions for cross-compilation used are here: + http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=blob;f=README + +2. Commands used on host: + # build="$(build-aux/config.guess)" + # ./configure --prefix=build/tmp-uclibc/sysroots/nsimhs/usr/ --host=arc-oe-linux-uclibc --build=$build + # cd src + # make gen-posix-lock-obj + +3. Commands used on target: + # ./gen-posix-lock-obj + +Signed-off-by: Mylene Josserand +Signed-off-by: Alexey Brodkin +--- + src/Makefile.am | 1 + + .../lock-obj-pub.arc-unknown-linux-gnu.h | 23 +++++++++++++++++++ + 2 files changed, 24 insertions(+) + create mode 100644 src/syscfg/lock-obj-pub.arc-unknown-linux-gnu.h + +diff --git a/src/Makefile.am b/src/Makefile.am +index 380ea7c09c04..bd00961c2f27 100644 +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -48,6 +48,7 @@ lock_obj_pub = \ + syscfg/lock-obj-pub.aarch64-unknown-linux-gnu_ilp32.h \ + syscfg/lock-obj-pub.aarch64-apple-darwin.h \ + syscfg/lock-obj-pub.alpha-unknown-linux-gnu.h \ ++ syscfg/lock-obj-pub.arc-unknown-linux-gnu.h \ + syscfg/lock-obj-pub.arm-unknown-linux-androideabi.h \ + syscfg/lock-obj-pub.arm-unknown-linux-gnueabi.h \ + syscfg/lock-obj-pub.arm-apple-darwin.h \ +diff --git a/src/syscfg/lock-obj-pub.arc-unknown-linux-gnu.h b/src/syscfg/lock-obj-pub.arc-unknown-linux-gnu.h +new file mode 100644 +index 000000000000..3b1a8fadf8a7 +--- /dev/null ++++ b/src/syscfg/lock-obj-pub.arc-unknown-linux-gnu.h +@@ -0,0 +1,23 @@ ++## lock-obj-pub.arc-oe-linux-uclibc.h ++## File created by gen-posix-lock-obj - DO NOT EDIT ++## To be included by mkheader into gpg-error.h ++ ++typedef struct ++{ ++ long _vers; ++ union { ++ volatile char _priv[24]; ++ long _x_align; ++ long *_xp_align; ++ } u; ++} gpgrt_lock_t; ++ ++#define GPGRT_LOCK_INITIALIZER {1,{{0,0,0,0,0,0,0,0, \ ++ 0,0,0,0,0,0,0,0, \ ++ 0,0,0,0,0,0,0,0}}} ++## ++## Local Variables: ++## mode: c ++## buffer-read-only: t ++## End: ++## +-- +2.17.1 diff --git a/package/libs/libgpg-error/patches/020-gawk5-support.patch b/package/libs/libgpg-error/patches/020-gawk5-support.patch new file mode 100644 index 0000000000..17e8816453 --- /dev/null +++ b/package/libs/libgpg-error/patches/020-gawk5-support.patch @@ -0,0 +1,158 @@ +From 7865041c77f4f7005282f10f9b6666b19072fbdf Mon Sep 17 00:00:00 2001 +From: NIIBE Yutaka +Date: Mon, 15 Apr 2019 15:10:44 +0900 +Subject: [PATCH] awk: Prepare for Gawk 5.0. + +* src/Makefile.am: Use pkg_namespace (instead of namespace). +* src/mkerrnos.awk: Likewise. +* lang/cl/mkerrcodes.awk: Don't escape # in regexp. +* src/mkerrcodes.awk, src/mkerrcodes1.awk, src/mkerrcodes2.awk: Ditto. + +-- + +In Gawk 5.0, regexp routines are replaced by Gnulib implementation, +which only allows escaping specific characters. + +GnuPG-bug-id: 4459 +Reported-by: Marius Schamschula +Signed-off-by: NIIBE Yutaka +--- + lang/cl/mkerrcodes.awk | 2 +- + src/Makefile.am | 2 +- + src/mkerrcodes.awk | 2 +- + src/mkerrcodes1.awk | 2 +- + src/mkerrcodes2.awk | 2 +- + src/mkerrnos.awk | 2 +- + src/mkstrtable.awk | 10 +++++----- + 7 files changed, 11 insertions(+), 11 deletions(-) + +diff --git a/lang/cl/mkerrcodes.awk b/lang/cl/mkerrcodes.awk +index ae29043..9a1fc18 100644 +--- a/lang/cl/mkerrcodes.awk ++++ b/lang/cl/mkerrcodes.awk +@@ -122,7 +122,7 @@ header { + } + + !header { +- sub (/\#.+/, ""); ++ sub (/#.+/, ""); + sub (/[ ]+$/, ""); # Strip trailing space and tab characters. + + if (/^$/) +diff --git a/src/Makefile.am b/src/Makefile.am +index ce1b882..f2590cb 100644 +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -293,7 +293,7 @@ code-from-errno.h: mkerrcodes$(EXEEXT_FOR_BUILD) Makefile + + errnos-sym.h: Makefile mkstrtable.awk errnos.in + $(AWK) -f $(srcdir)/mkstrtable.awk -v textidx=2 -v nogettext=1 \ +- -v prefix=GPG_ERR_ -v namespace=errnos_ \ ++ -v prefix=GPG_ERR_ -v pkg_namespace=errnos_ \ + $(srcdir)/errnos.in >$@ + + +diff --git a/src/mkerrcodes.awk b/src/mkerrcodes.awk +index 46d436c..e9c857c 100644 +--- a/src/mkerrcodes.awk ++++ b/src/mkerrcodes.awk +@@ -85,7 +85,7 @@ header { + } + + !header { +- sub (/\#.+/, ""); ++ sub (/#.+/, ""); + sub (/[ ]+$/, ""); # Strip trailing space and tab characters. + + if (/^$/) +diff --git a/src/mkerrcodes1.awk b/src/mkerrcodes1.awk +index a771a73..4578e29 100644 +--- a/src/mkerrcodes1.awk ++++ b/src/mkerrcodes1.awk +@@ -81,7 +81,7 @@ header { + } + + !header { +- sub (/\#.+/, ""); ++ sub (/#.+/, ""); + sub (/[ ]+$/, ""); # Strip trailing space and tab characters. + + if (/^$/) +diff --git a/src/mkerrcodes2.awk b/src/mkerrcodes2.awk +index ea58503..188f7a4 100644 +--- a/src/mkerrcodes2.awk ++++ b/src/mkerrcodes2.awk +@@ -91,7 +91,7 @@ header { + } + + !header { +- sub (/\#.+/, ""); ++ sub (/#.+/, ""); + sub (/[ ]+$/, ""); # Strip trailing space and tab characters. + + if (/^$/) +diff --git a/src/mkerrnos.awk b/src/mkerrnos.awk +index f79df66..15b1aad 100644 +--- a/src/mkerrnos.awk ++++ b/src/mkerrnos.awk +@@ -83,7 +83,7 @@ header { + } + + !header { +- sub (/\#.+/, ""); ++ sub (/#.+/, ""); + sub (/[ ]+$/, ""); # Strip trailing space and tab characters. + + if (/^$/) +diff --git a/src/mkstrtable.awk b/src/mkstrtable.awk +index c9de9c1..285e45f 100644 +--- a/src/mkstrtable.awk ++++ b/src/mkstrtable.awk +@@ -77,7 +77,7 @@ + # + # The variable prefix can be used to prepend a string to each message. + # +-# The variable namespace can be used to prepend a string to each ++# The variable pkg_namespace can be used to prepend a string to each + # variable and macro name. + + BEGIN { +@@ -102,7 +102,7 @@ header { + print "/* The purpose of this complex string table is to produce"; + print " optimal code with a minimum of relocations. */"; + print ""; +- print "static const char " namespace "msgstr[] = "; ++ print "static const char " pkg_namespace "msgstr[] = "; + header = 0; + } + else +@@ -110,7 +110,7 @@ header { + } + + !header { +- sub (/\#.+/, ""); ++ sub (/#.+/, ""); + sub (/[ ]+$/, ""); # Strip trailing space and tab characters. + + if (/^$/) +@@ -150,7 +150,7 @@ END { + else + print " gettext_noop (\"" last_msgstr "\");"; + print ""; +- print "static const int " namespace "msgidx[] ="; ++ print "static const int " pkg_namespace "msgidx[] ="; + print " {"; + for (i = 0; i < coded_msgs; i++) + print " " pos[i] ","; +@@ -158,7 +158,7 @@ END { + print " };"; + print ""; + print "static GPG_ERR_INLINE int"; +- print namespace "msgidxof (int code)"; ++ print pkg_namespace "msgidxof (int code)"; + print "{"; + print " return (0 ? 0"; + +-- +2.21.0 + diff --git a/package/libs/libidn2/Makefile b/package/libs/libidn2/Makefile new file mode 100644 index 0000000000..be17d37828 --- /dev/null +++ b/package/libs/libidn2/Makefile @@ -0,0 +1,92 @@ +# +# Copyright (C) 2017-2018 Daniel Engberg +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libidn2 +PKG_VERSION:=2.0.5 +PKG_RELEASE:=1 +PKG_LICENSE:=GPL-2.0-or-later LGPL-3.0-or-later +PKG_LICENSE_FILES:=COPYING COPYINGv2 COPYING.LESSERv3 + +PKG_SOURCE_URL:=@GNU/libidn +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_HASH:=53f69170886f1fa6fa5b332439c7a77a7d22626a82ef17e2c1224858bb4ca2b8 + +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/nls.mk + +define Package/idn2/Default + SECTION:=net + CATEGORY:=Network + URL:=http://www.gnu.org/software/libidn/ +endef + +define Package/idn2/Default/description + Libidn2 is a free software implementation of IDNA2008, + Punycode and TR46 in library form. It contains + functionality to convert internationalized domain + names to and from ASCII Compatible Encoding (ACE), + following the IDNA2008 and TR46 standards. +endef + +define Package/idn2 + $(call Package/idn2/Default) + SUBMENU:=IP Addresses and Names + TITLE:=GNU IDN2 (Internationalized Domain Name) tool + DEPENDS:=+libidn2 +endef + +define Package/idn2/description +$(call Package/idn2/Default/description) + + Command line tool using libidn2 + +endef + +define Package/libidn2 + SECTION:=libs + CATEGORY:=Libraries + DEPENDS:=+libunistring $(ICONV_DEPENDS) $(INTL_DEPENDS) + TITLE:=International domain name library (IDNA2008, Punycode and TR46) + URL:=https://www.gnu.org/software/libidn/#libidn2 +endef + +define Package/libidn2/description +$(call Package/idn2/Default/description) + + Library only package + +endef + +CONFIGURE_ARGS += \ + --disable-rpath \ + --disable-doc + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/idn2.h $(1)/usr/include + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.{la,so}* $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libidn2.pc $(1)/usr/lib/pkgconfig/ +endef + +define Package/idn2/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/ +endef + +define Package/libidn2/install + $(INSTALL_DIR) $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,idn2)) +$(eval $(call BuildPackage,libidn2)) diff --git a/package/libs/libp11/Makefile b/package/libs/libp11/Makefile new file mode 100644 index 0000000000..9c6eda9988 --- /dev/null +++ b/package/libs/libp11/Makefile @@ -0,0 +1,62 @@ +# +# Copyright (C) 2011-2014 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libp11 +PKG_VERSION:=0.4.10 +PKG_RELEASE:=1 + +PKG_SOURCE_URL:=https://github.com/OpenSC/libp11/releases/download/$(PKG_NAME)-$(PKG_VERSION)/ +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_HASH:=639ea43c3341e267214b712e1e5e12397fd2d350899e673dd1220f3c6b8e3db4 + +PKG_MAINTAINER:=Daniel Golle +PKG_LICENSE:=LGPL-2.1+ +PKG_LICENSE_FILES:=COPYING + +PKG_BUILD_PARALLEL:=1 +PKG_FIXUP:=libtool +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/libp11 + SECTION:=libs + CATEGORY:=Libraries + TITLE:=PKCS#11 wrapper library + URL:=https://www.opensc-project.org/opensc/wiki/libp11 + DEPENDS:=+libopenssl +@OPENSSL_ENGINE + CONFLICTS:=engine_pkcs11 +endef + +define Package/libp11/description + Libp11 is a library implementing a small layer on top of PKCS#11 API + to make using PKCS#11 implementations easier. +endef + +CONFIGURE_ARGS += --with-enginesdir=/usr/lib/engines + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include/ + $(CP) $(PKG_INSTALL_DIR)/usr/include/*.h $(1)/usr/include/ + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libp11.{a,so} $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libp11.so* $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libp11.pc $(1)/usr/lib/pkgconfig/libp11.pc +endef + +define Package/libp11/install + $(INSTALL_DIR) $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libp11.so.* $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/lib/engines + $(CP) $(PKG_INSTALL_DIR)/usr/lib/engines/*.so* $(1)/usr/lib/engines + $(LN) pkcs11.so $(1)/usr/lib/engines/libpkcs11.so +endef + +$(eval $(call BuildPackage,libp11)) diff --git a/package/libs/libp11/patches/001-fix-install.patch b/package/libs/libp11/patches/001-fix-install.patch new file mode 100644 index 0000000000..0a576c688b --- /dev/null +++ b/package/libs/libp11/patches/001-fix-install.patch @@ -0,0 +1,53 @@ +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -49,13 +49,6 @@ pkcs11_la_LIBADD = $(libp11_la_OBJECTS) + pkcs11_la_LDFLAGS = $(AM_LDFLAGS) -module -shared -shrext $(SHARED_EXT) \ + -avoid-version -export-symbols "$(srcdir)/pkcs11.exports" + +-# OpenSSL older than 1.1.0 expected libpkcs11.so instead of pkcs11.so +-check-local: $(LTLIBRARIES) +- cd .libs && $(LN_S) -f pkcs11$(SHARED_EXT) libpkcs11$(SHARED_EXT) +- +-install-exec-hook: +- cd '$(DESTDIR)$(enginesexecdir)' && $(LN_S) -f pkcs11$(SHARED_EXT) libpkcs11$(SHARED_EXT) +- + if WIN32 + # def file required for MS users to build library + mylibdir=$(libdir) +--- a/src/Makefile.in ++++ b/src/Makefile.in +@@ -899,7 +899,7 @@ distdir-am: $(DISTFILES) + fi; \ + done + check-am: all-am +- $(MAKE) $(AM_MAKEFLAGS) check-local ++ $(MAKE) $(AM_MAKEFLAGS) + check: check-am + all-am: Makefile $(LTLIBRARIES) $(DATA) $(HEADERS) config.h + installdirs: +@@ -988,7 +988,7 @@ install-dvi-am: + + install-exec-am: install-enginesexecLTLIBRARIES install-libLTLIBRARIES + @$(NORMAL_INSTALL) +- $(MAKE) $(AM_MAKEFLAGS) install-exec-hook ++ $(MAKE) $(AM_MAKEFLAGS) + install-html: install-html-am + + install-html-am: +@@ -1051,14 +1051,14 @@ uninstall-am: uninstall-enginesexecLTLIB + .MAKE: all check-am install-am install-exec-am install-strip + + .PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am \ +- check-local clean clean-enginesexecLTLIBRARIES clean-generic \ ++ clean clean-enginesexecLTLIBRARIES clean-generic \ + clean-libLTLIBRARIES clean-libtool cscopelist-am ctags \ + ctags-am distclean distclean-compile distclean-generic \ + distclean-hdr distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-enginesexecLTLIBRARIES install-exec install-exec-am \ +- install-exec-hook install-html install-html-am \ ++ install-html install-html-am \ + install-includeHEADERS install-info install-info-am \ + install-libLTLIBRARIES install-man install-mylibDATA \ + install-pdf install-pdf-am install-pkgconfigDATA install-ps \ diff --git a/package/libs/libpam/Makefile b/package/libs/libpam/Makefile new file mode 100644 index 0000000000..5c0952cd0f --- /dev/null +++ b/package/libs/libpam/Makefile @@ -0,0 +1,77 @@ +# +# Copyright (C) 2006-2014 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libpam +PKG_VERSION:=1.3.1 +PKG_RELEASE:=1 + +PKG_SOURCE:=Linux-PAM-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=https://github.com/linux-pam/linux-pam/releases/download/v$(PKG_VERSION) +PKG_HASH:=eff47a4ecd833fbf18de9686632a70ee8d0794b79aecb217ebd0ce11db4cd0db +PKG_BUILD_DIR:=$(BUILD_DIR)/Linux-PAM-$(PKG_VERSION) + +PKG_MAINTAINER:=Nikos Mavrogiannopoulos +PKG_LICENSE:=BSD-3c GPL +PKG_LICENSE_FILES:=COPYING Copyright +PKG_CPE_ID:=cpe:/a:kernel:linux-pam + +PKG_FIXUP:=autoreconf +PKG_BUILD_PARALLEL:=1 +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/libpam + SECTION:=libs + CATEGORY:=Libraries + TITLE:=the Linux-PAM libraries and modules. + URL:=http://www.kernel.org/pub/linux/libs/pam +endef + +define Package/libpam/description + The Linux-PAM Pluggable Authentication Modules. +endef + +CONFIGURE_ARGS += \ + --enable-pamlocking \ + --enable-shared \ + --enable-static \ + --disable-audit \ + --disable-cracklib \ + --disable-db \ + --disable-prelude \ + --disable-lckpwdf \ + --disable-nis \ + --disable-regenerate-docu \ + --disable-rpath \ + --disable-selinux \ + --with-gnu-ld \ + --without-mailspool \ + --without-xauth + +define Build/InstallDev + $(INSTALL_DIR) $(1)/lib + $(INSTALL_DIR) $(1)/usr/include + $(CP) $(PKG_INSTALL_DIR)/lib/* $(1)/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include +endef + +define Package/libpam/install + $(INSTALL_DIR) $(1)/lib $(1)/lib/security $(1)/lib/security/pam_filter + $(INSTALL_DIR) $(1)/etc $(1)/etc/pam.d + $(INSTALL_DIR) $(1)/usr/sbin + $(CP) $(PKG_INSTALL_DIR)/lib/*.so* $(1)/lib/ + $(CP) $(PKG_INSTALL_DIR)/lib/security/*.so* $(1)/lib/security/ + $(CP) $(PKG_INSTALL_DIR)/lib/security/pam_filter/* $(1)/lib/security/pam_filter/ + $(CP) $(PKG_INSTALL_DIR)/etc/* $(1)/etc/ + $(CP) ./files/* $(1)/etc/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/* $(1)/usr/sbin/ +endef + +$(eval $(call BuildPackage,libpam)) diff --git a/package/libs/libpam/files/pam.conf b/package/libs/libpam/files/pam.conf new file mode 100644 index 0000000000..3eeb72d320 --- /dev/null +++ b/package/libs/libpam/files/pam.conf @@ -0,0 +1,15 @@ +# ---------------------------------------------------------------------------# +# /etc/pam.conf # +# ---------------------------------------------------------------------------# +# +# NOTE +# ---- +# +# NOTE: Most program use a file under the /etc/pam.d/ directory to setup their +# PAM service modules. This file is used only if that directory does not exist. +# ---------------------------------------------------------------------------# + +# Format: +# serv. module ctrl module [path] ...[args..] # +# name type flag # + diff --git a/package/libs/libpam/files/pam.d/common-account b/package/libs/libpam/files/pam.d/common-account new file mode 100644 index 0000000000..7162548ccb --- /dev/null +++ b/package/libs/libpam/files/pam.d/common-account @@ -0,0 +1,20 @@ +# +# /etc/pam.d/common-account - authorization settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authorization modules that define +# the central access policy for use on the system. The default is to +# only deny service to users whose accounts are expired in /etc/shadow. +# + +# here are the per-package modules (the "Primary" block) +account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so +# here's the fallback if no module succeeds +account requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +account required pam_permit.so +# and here are more per-package modules (the "Additional" block) + +# end of pam-auth-update config diff --git a/package/libs/libpam/files/pam.d/common-auth b/package/libs/libpam/files/pam.d/common-auth new file mode 100644 index 0000000000..8fc529d70f --- /dev/null +++ b/package/libs/libpam/files/pam.d/common-auth @@ -0,0 +1,21 @@ +# +# /etc/pam.d/common-auth - authentication settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authentication modules that define +# the central authentication scheme for use on the system +# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the +# traditional Unix authentication mechanisms. +# + +# here are the per-package modules (the "Primary" block) +auth [success=1 default=ignore] pam_unix.so nullok_secure +# here's the fallback if no module succeeds +auth requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +auth required pam_permit.so +# and here are more per-package modules (the "Additional" block) + +# end of pam-auth-update config diff --git a/package/libs/libpam/files/pam.d/common-password b/package/libs/libpam/files/pam.d/common-password new file mode 100644 index 0000000000..5d0dee0a68 --- /dev/null +++ b/package/libs/libpam/files/pam.d/common-password @@ -0,0 +1,28 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "sha512" option enables salted SHA512 passwords. Without this option, +# the default is Unix crypt. Prior releases used the option "md5". +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha512 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) + +# end of pam-auth-update config diff --git a/package/libs/libpam/files/pam.d/common-session b/package/libs/libpam/files/pam.d/common-session new file mode 100644 index 0000000000..f0d41ccf7d --- /dev/null +++ b/package/libs/libpam/files/pam.d/common-session @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-session - session-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define tasks to be performed +# at the start and end of sessions of *any* kind (both interactive and +# non-interactive). +# + +# here are the per-package modules (the "Primary" block) +session [default=1] pam_permit.so +# here's the fallback if no module succeeds +session requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +session required pam_permit.so +# The pam_umask module will set the umask according to the system default in +# /etc/login.defs and user settings, solving the problem of different +# umask settings with different shells, display managers, remote sessions etc. +# See "man pam_umask". +session optional pam_umask.so +# and here are more per-package modules (the "Additional" block) +session required pam_unix.so +# end of pam-auth-update config diff --git a/package/libs/libpam/files/pam.d/common-session-noninteractive b/package/libs/libpam/files/pam.d/common-session-noninteractive new file mode 100644 index 0000000000..f4943e1b0e --- /dev/null +++ b/package/libs/libpam/files/pam.d/common-session-noninteractive @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-session-noninteractive - session-related modules +# common to all non-interactive services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define tasks to be performed +# at the start and end of all non-interactive sessions. +# + +# here are the per-package modules (the "Primary" block) +session [default=1] pam_permit.so +# here's the fallback if no module succeeds +session requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +session required pam_permit.so +# The pam_umask module will set the umask according to the system default in +# /etc/login.defs and user settings, solving the problem of different +# umask settings with different shells, display managers, remote sessions etc. +# See "man pam_umask". +session optional pam_umask.so +# and here are more per-package modules (the "Additional" block) +session required pam_unix.so +# end of pam-auth-update config diff --git a/package/libs/libpam/files/pam.d/other b/package/libs/libpam/files/pam.d/other new file mode 100644 index 0000000000..6679e4f198 --- /dev/null +++ b/package/libs/libpam/files/pam.d/other @@ -0,0 +1,16 @@ +# +# /etc/pam.d/other - specify the PAM fallback behaviour +# +# Note that this file is used for any unspecified service; for example +#if /etc/pam.d/cron specifies no session modules but cron calls +#pam_open_session, the session module out of /etc/pam.d/other is +#used. If you really want nothing to happen then use pam_permit.so or +#pam_deny.so as appropriate. + +# We fall back to the system default in /etc/pam.d/common-* +# + +auth include common-auth +account include common-account +password include common-password +session include common-session diff --git a/package/libs/libpam/patches/0001-build-always-use-lib-instead-of-lib64.patch b/package/libs/libpam/patches/0001-build-always-use-lib-instead-of-lib64.patch new file mode 100644 index 0000000000..da0b7402e8 --- /dev/null +++ b/package/libs/libpam/patches/0001-build-always-use-lib-instead-of-lib64.patch @@ -0,0 +1,36 @@ +From 1948dd03d69c1a50e92d7e8868b7d6eabd4873c1 Mon Sep 17 00:00:00 2001 +From: Yousong Zhou +Date: Wed, 17 Jun 2015 16:11:31 +0800 +Subject: [PATCH 1/7] build: always use /lib instead of /lib64. + +* configure.ac: OpenWrt does not use /lib64. + +Signed-off-by: Yousong Zhou +--- + configure.ac | 10 +--------- + 1 file changed, 1 insertion(+), 9 deletions(-) + +diff --git a/configure.ac b/configure.ac +index fd0e310..306b6e2 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -25,15 +25,7 @@ dnl If we use /usr as prefix, use /etc for config files + then + sysconfdir="/etc" + fi +- if test ${libdir} = '${exec_prefix}/lib' +- then +- case "$host_cpu" in +- x86_64|ppc64|s390x|sparc64) +- libdir="/lib64" ;; +- *) +- libdir="/lib" ;; +- esac +- fi ++ libdir="/lib" + if test ${sbindir} = '${exec_prefix}/sbin' + then + sbindir="/sbin" +-- +1.7.10.4 + diff --git a/package/libs/libpam/patches/0002-build-ignore-pam_rhosts-if-neither-ruserok-nor-ruser.patch b/package/libs/libpam/patches/0002-build-ignore-pam_rhosts-if-neither-ruserok-nor-ruser.patch new file mode 100644 index 0000000000..cfa9a3c39b --- /dev/null +++ b/package/libs/libpam/patches/0002-build-ignore-pam_rhosts-if-neither-ruserok-nor-ruser.patch @@ -0,0 +1,77 @@ +From 1a2e6c979118dce5e79604e88c008c7879d1e4e6 Mon Sep 17 00:00:00 2001 +From: Yousong Zhou +Date: Wed, 17 Jun 2015 18:19:23 +0800 +Subject: [PATCH 2/7] build: ignore pam_rhosts if neither ruserok nor + ruserok_af is available. + +* configure.ac: check for ruserok and ruserok_af +* modules/Makefile.am: ignore pam_rhosts/ if it's disabled +* modules/pam_rhosts/pam_rhosts.c: include stdlib.h for malloc and free + +Signed-off-by: Yousong Zhou +--- + configure.ac | 5 ++++- + modules/Makefile.am | 11 ++++++++--- + modules/pam_rhosts/pam_rhosts.c | 1 + + 3 files changed, 13 insertions(+), 4 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 306b6e2..084071a 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -524,7 +524,10 @@ AC_CHECK_FUNCS(fseeko getdomainname gethostname gettimeofday lckpwdf mkdir selec + AC_CHECK_FUNCS(strcspn strdup strspn strstr strtol uname) + AC_CHECK_FUNCS(getutent_r getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r) + AC_CHECK_FUNCS(getgrouplist getline getdelim) +-AC_CHECK_FUNCS(inet_ntop inet_pton innetgr ruserok_af) ++AC_CHECK_FUNCS(inet_ntop inet_pton innetgr) ++AC_CHECK_FUNCS([ruserok_af ruserok], [break]) ++ ++AM_CONDITIONAL([COND_BUILD_PAM_RHOSTS], [test "$ac_cv_func_ruserok_af" = yes -o "$ac_cv_func_ruserok" = yes]) + + AC_CHECK_FUNCS(unshare, [UNSHARE=yes], [UNSHARE=no]) + AM_CONDITIONAL([HAVE_UNSHARE], [test "$UNSHARE" = yes]) +diff --git a/modules/Makefile.am b/modules/Makefile.am +index 0c80cea..9ad26a9 100644 +--- a/modules/Makefile.am ++++ b/modules/Makefile.am +@@ -2,16 +2,21 @@ + # Copyright (c) 2005, 2006, 2008 Thorsten Kukuk + # + +-SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \ ++if COND_BUILD_PAM_RHOSTS ++ MAYBE_PAM_RHOSTS = pam_rhosts ++endif ++ ++SUBDIRS := pam_access pam_cracklib pam_debug pam_deny pam_echo \ + pam_env pam_exec pam_faildelay pam_filter pam_ftp \ + pam_group pam_issue pam_keyinit pam_lastlog pam_limits \ + pam_listfile pam_localuser pam_loginuid pam_mail \ + pam_mkhomedir pam_motd pam_namespace pam_nologin \ +- pam_permit pam_pwhistory pam_rhosts pam_rootok pam_securetty \ ++ pam_permit pam_pwhistory pam_rootok pam_securetty \ + pam_selinux pam_sepermit pam_shells pam_stress \ + pam_succeed_if pam_tally pam_tally2 pam_time pam_timestamp \ + pam_tty_audit pam_umask \ +- pam_unix pam_userdb pam_warn pam_wheel pam_xauth ++ pam_unix pam_userdb pam_warn pam_wheel pam_xauth \ ++ $(MAYBE_PAM_RHOSTS) + + CLEANFILES = *~ + +diff --git a/modules/pam_rhosts/pam_rhosts.c b/modules/pam_rhosts/pam_rhosts.c +index bc9e76f..51ef13e 100644 +--- a/modules/pam_rhosts/pam_rhosts.c ++++ b/modules/pam_rhosts/pam_rhosts.c +@@ -35,6 +35,7 @@ + #include + #include + #include ++#include + #include + + #define PAM_SM_AUTH /* only defines this management group */ +-- +1.7.10.4 + diff --git a/package/libs/libpam/patches/0003-build-ignore-pam_lastlog-when-logwtmp-is-not-availab.patch b/package/libs/libpam/patches/0003-build-ignore-pam_lastlog-when-logwtmp-is-not-availab.patch new file mode 100644 index 0000000000..21ebf94f57 --- /dev/null +++ b/package/libs/libpam/patches/0003-build-ignore-pam_lastlog-when-logwtmp-is-not-availab.patch @@ -0,0 +1,60 @@ +From bac1ee3033cf22e31730fe3e77ca82bd5ebba692 Mon Sep 17 00:00:00 2001 +From: Yousong Zhou +Date: Wed, 17 Jun 2015 21:18:05 +0800 +Subject: [PATCH 3/7] build: ignore pam_lastlog when logwtmp is not available. + +* configure.ac: check logwtmp and set COND_BUILD_PAM_LASTLOG +* modules/pam_lastlog/Makefile.am: check COND_BUILD_PAM_LASTLOG + +Signed-off-by: Yousong Zhou +--- + configure.ac | 2 ++ + modules/Makefile.am | 8 ++++++-- + 2 files changed, 8 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 084071a..ca4bf5b 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -526,8 +526,10 @@ AC_CHECK_FUNCS(getutent_r getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r + AC_CHECK_FUNCS(getgrouplist getline getdelim) + AC_CHECK_FUNCS(inet_ntop inet_pton innetgr) + AC_CHECK_FUNCS([ruserok_af ruserok], [break]) ++AC_CHECK_FUNCS([logwtmp]) + + AM_CONDITIONAL([COND_BUILD_PAM_RHOSTS], [test "$ac_cv_func_ruserok_af" = yes -o "$ac_cv_func_ruserok" = yes]) ++AM_CONDITIONAL([COND_BUILD_PAM_LASTLOG], [test "$ac_cv_func_logwtmp" = yes]) + + AC_CHECK_FUNCS(unshare, [UNSHARE=yes], [UNSHARE=no]) + AM_CONDITIONAL([HAVE_UNSHARE], [test "$UNSHARE" = yes]) +diff --git a/modules/Makefile.am b/modules/Makefile.am +index 9ad26a9..b98dc5c 100644 +--- a/modules/Makefile.am ++++ b/modules/Makefile.am +@@ -6,9 +6,13 @@ if COND_BUILD_PAM_RHOSTS + MAYBE_PAM_RHOSTS = pam_rhosts + endif + ++if COND_BUILD_PAM_LASTLOG ++ MAYBE_PAM_LASTLOG = pam_lastlog ++endif ++ + SUBDIRS := pam_access pam_cracklib pam_debug pam_deny pam_echo \ + pam_env pam_exec pam_faildelay pam_filter pam_ftp \ +- pam_group pam_issue pam_keyinit pam_lastlog pam_limits \ ++ pam_group pam_issue pam_keyinit pam_limits \ + pam_listfile pam_localuser pam_loginuid pam_mail \ + pam_mkhomedir pam_motd pam_namespace pam_nologin \ + pam_permit pam_pwhistory pam_rootok pam_securetty \ +@@ -16,7 +20,7 @@ SUBDIRS := pam_access pam_cracklib pam_debug pam_deny pam_echo \ + pam_succeed_if pam_tally pam_tally2 pam_time pam_timestamp \ + pam_tty_audit pam_umask \ + pam_unix pam_userdb pam_warn pam_wheel pam_xauth \ +- $(MAYBE_PAM_RHOSTS) ++ $(MAYBE_PAM_RHOSTS) $(MAYBE_PAM_LASTLOG) + + CLEANFILES = *~ + +-- +1.7.10.4 + diff --git a/package/libs/libpam/patches/0005-build-fix-doc-build.patch b/package/libs/libpam/patches/0005-build-fix-doc-build.patch new file mode 100644 index 0000000000..6d56f8c047 --- /dev/null +++ b/package/libs/libpam/patches/0005-build-fix-doc-build.patch @@ -0,0 +1,133 @@ +From 1563e57ea8ab9d123f765129a6840929ef58ff7a Mon Sep 17 00:00:00 2001 +From: Yousong Zhou +Date: Wed, 17 Jun 2015 20:38:41 +0800 +Subject: [PATCH 5/7] build: fix doc build. + +* Makefile.am: ignore doc/ directory if not ENABLE_REGENERATE_MAN +* doc/adg/Makefile.am: remove check on ENABLE_REGENERATE_MAN +* doc/man/Makefile.am: ditto +* doc/mwg/Makefile.am: ditto +* doc/sag/Makefile.am: ditto +* doc/specs/Makefile.am: ignore CC from command line + +Signed-off-by: Yousong Zhou +--- + Makefile.am | 5 ++++- + doc/adg/Makefile.am | 3 --- + doc/man/Makefile.am | 2 -- + doc/mwg/Makefile.am | 3 --- + doc/sag/Makefile.am | 2 -- + doc/specs/Makefile.am | 2 +- + 6 files changed, 5 insertions(+), 12 deletions(-) + +diff --git a/Makefile.am b/Makefile.am +index 3db4e37..5e6592a 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -4,7 +4,10 @@ + + AUTOMAKE_OPTIONS = 1.9 gnu dist-bzip2 dist-xz check-news + +-SUBDIRS = libpam tests libpamc libpam_misc modules po conf doc examples xtests ++if ENABLE_REGENERATE_MAN ++ MAYBE_DOC = doc ++endif ++SUBDIRS = libpam tests libpamc libpam_misc modules po conf examples xtests $(MAYBE_DOC) + + CLEANFILES = *~ + +diff --git a/doc/adg/Makefile.am b/doc/adg/Makefile.am +index 77bd7a9..bec5edc 100644 +--- a/doc/adg/Makefile.am ++++ b/doc/adg/Makefile.am +@@ -9,7 +9,6 @@ EXTRA_DIST = $(XMLS) + XMLS = Linux-PAM_ADG.xml $(shell ls $(srcdir)/pam_*.xml) + DEP_XMLS = $(shell ls $(top_srcdir)/doc/man/pam_*.xml) + +-if ENABLE_REGENERATE_MAN + MAINTAINERCLEANFILES = Linux-PAM_ADG.txt Linux-PAM_ADG.pdf html/*.html + + all: Linux-PAM_ADG.txt html/Linux-PAM_ADG.html Linux-PAM_ADG.pdf +@@ -51,8 +50,6 @@ html/Linux-PAM_ADG.html: $(XMLS) $(DEP_XMLS) + distclean-local: + -rm -rf html Linux-PAM_ADG.txt Linux-PAM_ADG.pdf + +-endif +- + install-data-local: + $(mkinstalldirs) $(DESTDIR)$(docdir) + $(mkinstalldirs) $(DESTDIR)$(pdfdir) +diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am +index 78c891d..b1dc421 100644 +--- a/doc/man/Makefile.am ++++ b/doc/man/Makefile.am +@@ -45,7 +45,6 @@ XMLS = pam.3.xml pam.8.xml \ + misc_conv.3.xml pam_misc_paste_env.3.xml pam_misc_drop_env.3.xml \ + pam_misc_setenv.3.xml + +-if ENABLE_REGENERATE_MAN + PAM.8: pam.8 + pam_get_authtok_noverify.3: pam_get_authtok.3 + pam_get_authtok_verify.3: pam_get_authtok.3 +@@ -60,4 +59,3 @@ pam_get_item.3: pam_item_types_std.inc.xml pam_item_types_ext.inc.xml + pam_set_data.3: pam_item_types_std.inc.xml pam_item_types_ext.inc.xml + pam.conf.5: pam.conf-desc.xml pam.conf-dir.xml pam.conf-syntax.xml + -include $(top_srcdir)/Make.xml.rules +-endif +diff --git a/doc/mwg/Makefile.am b/doc/mwg/Makefile.am +index 2bbb2d0..f57e297 100644 +--- a/doc/mwg/Makefile.am ++++ b/doc/mwg/Makefile.am +@@ -9,7 +9,6 @@ EXTRA_DIST = $(XMLS) + XMLS = Linux-PAM_MWG.xml $(shell ls $(srcdir)/pam_*.xml) + DEP_XMLS = $(shell ls $(top_srcdir)/doc/man/pam_*.xml) + +-if ENABLE_REGENERATE_MAN + MAINTAINERCLEANFILES = Linux-PAM_MWG.txt Linux-PAM_MWG.pdf html/*.html + + all: Linux-PAM_MWG.txt html/Linux-PAM_MWG.html Linux-PAM_MWG.pdf +@@ -51,8 +50,6 @@ html/Linux-PAM_MWG.html: $(XMLS) $(DEP_XMLS) + distclean-local: + -rm -rf html Linux-PAM_MWG.txt Linux-PAM_MWG.pdf + +-endif +- + install-data-local: + $(mkinstalldirs) $(DESTDIR)$(docdir) + $(mkinstalldirs) $(DESTDIR)$(pdfdir) +diff --git a/doc/sag/Makefile.am b/doc/sag/Makefile.am +index 31816aa..a8b655f 100644 +--- a/doc/sag/Makefile.am ++++ b/doc/sag/Makefile.am +@@ -10,7 +10,6 @@ XMLS = Linux-PAM_SAG.xml $(shell ls $(srcdir)/pam_*.xml) + + DEP_XMLS = $(shell ls $(top_srcdir)/modules/pam_*/pam_*.xml) + +-if ENABLE_REGENERATE_MAN + MAINTAINERCLEANFILES = Linux-PAM_SAG.txt Linux-PAM_SAG.pdf html/*.html + + all: Linux-PAM_SAG.txt html/Linux-PAM_SAG.html Linux-PAM_SAG.pdf +@@ -51,7 +50,6 @@ html/Linux-PAM_SAG.html: $(XMLS) $(DEP_XMLS) + + distclean-local: + -rm -rf html Linux-PAM_SAG.txt Linux-PAM_SAG.pdf +-endif + + install-data-local: + $(mkinstalldirs) $(DESTDIR)$(docdir) +diff --git a/doc/specs/Makefile.am b/doc/specs/Makefile.am +index 99ecc70..39c850f 100644 +--- a/doc/specs/Makefile.am ++++ b/doc/specs/Makefile.am +@@ -11,7 +11,7 @@ draft-morgan-pam-current.txt: padout draft-morgan-pam.raw + + AM_YFLAGS = -d + +-CC = @CC_FOR_BUILD@ ++override CC = @CC_FOR_BUILD@ + CPPFLAGS = @BUILD_CPPFLAGS@ + CFLAGS = @BUILD_CFLAGS@ + LDFLAGS = @BUILD_LDFLAGS@ +-- +1.7.10.4 + diff --git a/package/libs/libpam/patches/0006-pam_unix-fix-compilation-in-case-rpc-rpc.h-is-missin.patch b/package/libs/libpam/patches/0006-pam_unix-fix-compilation-in-case-rpc-rpc.h-is-missin.patch new file mode 100644 index 0000000000..3fd0a1b4ef --- /dev/null +++ b/package/libs/libpam/patches/0006-pam_unix-fix-compilation-in-case-rpc-rpc.h-is-missin.patch @@ -0,0 +1,29 @@ +From 2e3ed4c6fb09f84fede589047d37d11783202d34 Mon Sep 17 00:00:00 2001 +From: Yousong Zhou +Date: Wed, 17 Jun 2015 18:16:18 +0800 +Subject: [PATCH 6/7] pam_unix: fix compilation in case rpc/rpc.h is missing. + +* modules/pam_unix/pam_unix_passwd.c: conditional compile on the + availability of rpc/rpc.h + +Signed-off-by: Yousong Zhou +--- + modules/pam_unix/pam_unix_passwd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c +index 2d330e5..970724a 100644 +--- a/modules/pam_unix/pam_unix_passwd.c ++++ b/modules/pam_unix/pam_unix_passwd.c +@@ -410,7 +410,7 @@ static int _do_setpass(pam_handle_t* pamh, const char *forwho, + } + + if (on(UNIX_NIS, ctrl) && _unix_comesfromsource(pamh, forwho, 0, 1)) { +-#ifdef HAVE_NIS ++#if defined(HAVE_NIS) && defined(HAVE_RPC_RPC_H) + if ((master=getNISserver(pamh, ctrl)) != NULL) { + struct timeval timeout; + struct yppasswd yppwd; +-- +1.7.10.4 + diff --git a/package/libs/libpam/patches/0007-Replace-strndupa-with-strcpy.patch b/package/libs/libpam/patches/0007-Replace-strndupa-with-strcpy.patch new file mode 100644 index 0000000000..11a97246ab --- /dev/null +++ b/package/libs/libpam/patches/0007-Replace-strndupa-with-strcpy.patch @@ -0,0 +1,75 @@ +From 9f23ba5a40b42acf4463b593bffd73caee8b527c Mon Sep 17 00:00:00 2001 +From: Rosen Penev +Date: Sun, 15 Jul 2018 20:43:44 -0700 +Subject: [PATCH] Replace strndupa with strcpy + +glibc only. A static string is better. + +Signed-off-by: Rosen Penev +--- + modules/pam_exec/pam_exec.c | 31 +++++++++++-------------------- + 1 file changed, 11 insertions(+), 20 deletions(-) + +diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c +index 0ab6548..2fbab4f 100644 +--- a/modules/pam_exec/pam_exec.c ++++ b/modules/pam_exec/pam_exec.c +@@ -102,7 +102,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh, + int use_stdout = 0; + int optargc; + const char *logfile = NULL; +- const char *authtok = NULL; ++ char authtok[PAM_MAX_RESP_SIZE]; + pid_t pid; + int fds[2]; + int stdout_fds[2]; +@@ -180,12 +180,12 @@ call_exec (const char *pam_type, pam_handle_t *pamh, + if (resp) + { + pam_set_item (pamh, PAM_AUTHTOK, resp); +- authtok = strndupa (resp, PAM_MAX_RESP_SIZE); ++ strcpy (authtok, resp); + _pam_drop (resp); + } + } + else +- authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE); ++ strcpy (authtok, void_pass); + + if (pipe(fds) != 0) + { +@@ -225,23 +225,14 @@ call_exec (const char *pam_type, pam_handle_t *pamh, + + if (expose_authtok) /* send the password to the child */ + { +- if (authtok != NULL) +- { /* send the password to the child */ +- if (debug) +- pam_syslog (pamh, LOG_DEBUG, "send password to child"); +- if (write(fds[1], authtok, strlen(authtok)+1) == -1) +- pam_syslog (pamh, LOG_ERR, +- "sending password to child failed: %m"); +- authtok = NULL; +- } +- else +- { +- if (write(fds[1], "", 1) == -1) /* blank password */ +- pam_syslog (pamh, LOG_ERR, +- "sending password to child failed: %m"); +- } +- close(fds[0]); /* close here to avoid possible SIGPIPE above */ +- close(fds[1]); ++ if (debug) ++ pam_syslog (pamh, LOG_DEBUG, "send password to child"); ++ if (write(fds[1], authtok, strlen(authtok)) == -1) ++ pam_syslog (pamh, LOG_ERR, ++ "sending password to child failed: %m"); ++ ++ close(fds[0]); /* close here to avoid possible SIGPIPE above */ ++ close(fds[1]); + } + + if (use_stdout) +-- +2.19.1 + diff --git a/package/libs/libssh2/Config.in b/package/libs/libssh2/Config.in new file mode 100644 index 0000000000..708c07bad5 --- /dev/null +++ b/package/libs/libssh2/Config.in @@ -0,0 +1,15 @@ +if PACKAGE_libssh2 + +choice + prompt "Choose crypto backend" + default LIBSSH2_MBEDTLS + + config LIBSSH2_MBEDTLS + bool "mbedtls" + + config LIBSSH2_OPENSSL + bool "openssl" + +endchoice + +endif diff --git a/package/libs/libssh2/Makefile b/package/libs/libssh2/Makefile new file mode 100644 index 0000000000..f619f37eea --- /dev/null +++ b/package/libs/libssh2/Makefile @@ -0,0 +1,67 @@ +# +# Copyright (C) 2015-2018 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libssh2 +PKG_VERSION:=1.9.0 +PKG_RELEASE:=2 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://www.libssh2.org/download +PKG_HASH:=d5fb8bd563305fd1074dda90bd053fb2d29fc4bce048d182f96eaa466dfadafd + +PKG_MAINTAINER:=Jiri Slachta +PKG_LICENSE:=BSD-3-Clause +PKG_LICENSE_FILES:=COPYING +PKG_CPE_ID:=cpe:/a:libssh2:libssh2 + +CMAKE_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 + +PKG_CONFIG_DEPENDS:= \ + CONFIG_LIBSSH2_MBEDTLS \ + CONFIG_LIBSSH2_OPENSSL + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/cmake.mk + +define Package/libssh2 + SECTION:=libs + CATEGORY:=Libraries + TITLE:=SSH2 library + URL:=https://www.libssh2.org/ + DEPENDS:=+LIBSSH2_MBEDTLS:libmbedtls +LIBSSH2_OPENSSL:libopenssl +zlib + ABI_VERSION:=1 +endef + +define Package/libssh2/description + libssh2 is a client-side C library implementing the SSH2 protocol. +endef + +define Package/libssh2/config + source "$(SOURCE)/Config.in" +endef + +CMAKE_OPTIONS += \ + -DBUILD_SHARED_LIBS=ON \ + -DBUILD_TESTING=OFF \ + -DENABLE_ZLIB_COMPRESSION=ON \ + -DCLEAR_MEMORY=ON + +ifeq ($(CONFIG_LIBSSH2_OPENSSL),y) + CMAKE_OPTIONS += -DCRYPTO_BACKEND=OpenSSL +else + CMAKE_OPTIONS += -DCRYPTO_BACKEND=mbedTLS +endif + +define Package/libssh2/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libssh2.so.$(ABI_VERSION)* $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,libssh2)) diff --git a/package/libs/libtasn1/Makefile b/package/libs/libtasn1/Makefile new file mode 100644 index 0000000000..039580ae43 --- /dev/null +++ b/package/libs/libtasn1/Makefile @@ -0,0 +1,64 @@ +# +# Copyright (C) 2005-2008 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libtasn1 +PKG_VERSION:=4.14 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=@GNU/$(PKG_NAME) +PKG_HASH:=9e604ba5c5c8ea403487695c2e407405820d98540d9de884d6e844f9a9c5ba08 + +PKG_MAINTAINER:=Nikos Mavrogiannopoulos +PKG_LICENSE:=LGPLv2.1-or-later +PKG_LICENSE_FILES:=COPYING.LIB + +#PKG_FIXUP:=autoreconf +PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/libtasn1 + SECTION:=libs + CATEGORY:=Libraries + TITLE:=An ASN.1 and DER structures manipulation library + URL:=https://www.gnu.org/software/libtasn1/ +endef + +define Package/libtasn1/description + This is a library for Abstract Syntax Notation One (ASN.1) and + Distinguish Encoding Rules (DER) manipulation. +endef + +TARGET_CFLAGS += -ffunction-sections -fdata-sections +TARGET_LDFLAGS += -Wl,--gc-sections + +CONFIGURE_ARGS += \ + --disable-doc \ + --disable-gcc-warnings \ + --disable-ld-version-script \ + --disable-valgrind-tests + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_DIR) $(1)/usr/include + $(CP) $(PKG_INSTALL_DIR)/usr/include/libtasn1.h $(1)/usr/include/ + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libtasn1.{a,so*} $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libtasn1*.pc $(1)/usr/lib/pkgconfig/ +endef + +define Package/libtasn1/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libtasn1.so.* $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,libtasn1)) diff --git a/package/libs/libunistring/Makefile b/package/libs/libunistring/Makefile new file mode 100644 index 0000000000..c0211217e3 --- /dev/null +++ b/package/libs/libunistring/Makefile @@ -0,0 +1,59 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libunistring +PKG_VERSION:=0.9.10 +PKG_RELEASE:=1 +PKG_HASH:=eb8fb2c3e4b6e2d336608377050892b54c3c983b646c561836550863003c05d7 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=@GNU/libunistring +PKG_BUILD_PARALLEL:=1 +PKG_INSTALL:=1 + +PKG_MAINTAINER:=Espen Jürgensen +PKG_LICENSE:=GPL-3.0 +PKG_LICENSE_FILES:=COPYING + +include $(INCLUDE_DIR)/package.mk + +define Package/libunistring + SECTION:=libs + CATEGORY:=Libraries + TITLE:=libunistring + URL:=http://www.gnu.org/software/libunistring/ +endef + +define Package/libunistring/description + This library provides functions for manipulating Unicode strings and for manipulating C strings according to the Unicode standard. +endef + +TARGET_CFLAGS += $(FPIC) + +CONFIGURE_ARGS += \ + --enable-shared \ + --enable-static \ + --without-libiconv-prefix \ + --without-libpth-prefix + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include + $(CP) $(PKG_INSTALL_DIR)/usr/include/*.h $(1)/usr/include/ + $(INSTALL_DIR) $(1)/usr/include/unistring + $(CP) $(PKG_INSTALL_DIR)/usr/include/unistring/*.h $(1)/usr/include/unistring/ + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libunistring.{a,so*} $(1)/usr/lib/ +endef + +define Package/libunistring/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libunistring.so.* $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,libunistring)) diff --git a/package/libs/libxml2/Makefile b/package/libs/libxml2/Makefile new file mode 100644 index 0000000000..e0b4af6d1e --- /dev/null +++ b/package/libs/libxml2/Makefile @@ -0,0 +1,197 @@ +# +# Copyright (C) 2006-2016 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=libxml2 +PKG_VERSION:=2.9.9 +PKG_RELEASE:=2 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=http://xmlsoft.org/sources/ +PKG_HASH:=94fb70890143e3c6549f265cee93ec064c80a84c42ad0f23e85ee1fd6540a871 + +PKG_LICENSE:=MIT +PKG_LICENSE_FILES:=COPYING +PKG_CPE_ID:=cpe:/a:xmlsoft:libxml2 + +PKG_MAINTAINER:=Michael Heimpold + +PKG_FIXUP:=autoreconf +PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=0 + +include $(INCLUDE_DIR)/host-build.mk +include $(INCLUDE_DIR)/package.mk + +define Package/libxml2 + SECTION:=libs + CATEGORY:=Libraries + TITLE:=Gnome XML library + URL:=http://xmlsoft.org/ + DEPENDS:=+libpthread +zlib +endef + +define Package/libxml2/description + A library for manipulating XML and HTML resources. +endef + +define Package/libxml2-dev + SECTION:=devel + CATEGORY:=Development + SUBMENU:=Libraries + TITLE:=Development files for libxml2 + URL:=http://xmlsoft.org/ + DEPENDS:=+libxml2 +endef + +define Package/libxml2-dev/description + A library for manipulating XML and HTML resources. + + This package contains the headers and xml2-config binary. +endef + +define Package/libxml2-utils + SECTION:=utils + CATEGORY:=Utilities + TITLE:=XML command line utilities (xmllint...) + URL:=http://xmlsoft.org/ + DEPENDS:=+libxml2 +endef + +define Package/libxml2-utils/description + This package contains the binaries xmllint and xmlcatalog + from libxml2, a library for manipulating XML and HTML resources. +endef + +TARGET_CFLAGS += $(FPIC) + +CONFIGURE_ARGS += \ + --enable-shared \ + --enable-static \ + --with-c14n \ + --without-catalog \ + --with-debug \ + --without-docbook \ + --with-html \ + --without-ftp \ + --without-http \ + --without-iconv \ + --without-iso8859x \ + --without-legacy \ + --with-output \ + --without-pattern \ + --without-push \ + --without-python \ + --with-reader \ + --without-readline \ + --without-regexps \ + --with-sax1 \ + --with-schemas \ + --with-threads \ + --with-tree \ + --with-valid \ + --with-writer \ + --with-xinclude \ + --with-xpath \ + --with-xptr \ + --with-zlib=$(STAGING_DIR)/usr \ + --without-lzma + +HOST_CONFIGURE_ARGS += \ + --enable-shared \ + --enable-static \ + --with-c14n \ + --without-catalog \ + --with-debug \ + --without-docbook \ + --with-html \ + --without-ftp \ + --without-http \ + --without-iconv \ + --without-iso8859x \ + --without-legacy \ + --with-output \ + --without-pattern \ + --without-push \ + --without-python \ + --with-reader \ + --without-readline \ + --without-regexps \ + --with-sax1 \ + --with-schemas \ + --with-threads \ + --with-tree \ + --with-valid \ + --with-writer \ + --with-xinclude \ + --with-xpath \ + --with-xptr \ + --with-zlib \ + --without-lzma + +define Build/InstallDev + $(INSTALL_DIR) $(2)/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/xml2-config $(2)/bin/ + $(SED) 's,^\(prefix\|exec_prefix\)=.*,\1=$(STAGING_DIR)/usr,g' $(2)/bin/xml2-config + + $(INSTALL_DIR) $(1)/usr/include + $(CP) $(PKG_INSTALL_DIR)/usr/include/libxml2 $(1)/usr/include/ + + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxml2.{la,a,so*} $(1)/usr/lib/ + + $(INSTALL_DIR) $(1)/usr/lib/cmake/libxml2 + $(CP) $(PKG_INSTALL_DIR)/usr/lib/cmake/libxml2/libxml2-config.cmake \ + $(1)/usr/lib/cmake/libxml2 + + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libxml-2.0.pc $(1)/usr/lib/pkgconfig/ + + $(INSTALL_DIR) $(2)/share/aclocal/ + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/aclocal/* $(2)/share/aclocal +endef + +define Package/libxml2/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxml2.so.* $(1)/usr/lib/ +endef + +define Package/libxml2-dev/install + $(INSTALL_DIR) $(1)/usr/bin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/xml2-config $(1)/usr/bin/ + $(SED) "s,$(STAGING_DIR),,g" $(1)/usr/bin/xml2-config + + $(INSTALL_DIR) $(1)/usr/include/ + $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/ + + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libxml2.so $(1)/usr/lib/ + + $(INSTALL_DIR) $(1)/usr/lib/{cmake,pkgconfig} + $(CP) $(PKG_INSTALL_DIR)/usr/lib/{cmake,pkgconfig} $(1)/usr/lib/ + $(SED) "s,$(STAGING_DIR),,g" $(1)/usr/lib/pkgconfig/*.pc + + $(INSTALL_DIR) $(1)/usr/share/aclocal + $(CP) $(PKG_INSTALL_DIR)/usr/share/aclocal/* $(1)/usr/share/aclocal +endef + +define Package/libxml2-utils/install + $(INSTALL_DIR) $(1)/usr/bin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/xmllint $(1)/usr/bin/ + $(CP) $(PKG_INSTALL_DIR)/usr/bin/xmlcatalog $(1)/usr/bin/ +endef + +define Host/Install + $(SED) 's,^\(prefix\|exec_prefix\)=.*,\1=$(STAGING_DIR)/usr,g' $(HOST_BUILD_DIR)/xml2-config + $(call Host/Install/Default) +endef + +$(eval $(call HostBuild)) +$(eval $(call BuildPackage,libxml2)) +$(eval $(call BuildPackage,libxml2-dev)) +$(eval $(call BuildPackage,libxml2-utils)) diff --git a/package/libs/openldap/Makefile b/package/libs/openldap/Makefile new file mode 100644 index 0000000000..d7db725ce4 --- /dev/null +++ b/package/libs/openldap/Makefile @@ -0,0 +1,219 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=openldap +PKG_VERSION:=2.4.47 +PKG_RELEASE:=3 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tgz +PKG_SOURCE_URL:=https://gpl.savoirfairelinux.net/pub/mirrors/openldap/openldap-release/ \ + http://mirror.eu.oneandone.net/software/openldap/openldap-release/ \ + http://mirror.switch.ch/ftp/software/mirror/OpenLDAP/openldap-release/ \ + https://www.openldap.org/software/download/OpenLDAP/openldap-release/ +PKG_HASH:=f54c5877865233d9ada77c60c0f69b3e0bfd8b1b55889504c650047cc305520b +PKG_LICENSE:=OLDAP-2.8 +PKG_LICENSE_FILES:=LICENSE + +PKG_FIXUP:=autoreconf + +PKG_CONFIG_DEPENDS := \ + CONFIG_OPENLDAP_DEBUG \ + CONFIG_OPENLDAP_CRYPT \ + CONFIG_OPENLDAP_MONITOR \ + CONFIG_OPENLDAP_DB47 \ + CONFIG_OPENLDAP_ICU + +include $(INCLUDE_DIR)/package.mk + +define Package/libopenldap/Default + SECTION:=net + CATEGORY:=Network + SUBMENU:=OpenLDAP + TITLE:=LDAP directory suite + URL:=http://www.openldap.org/ + MAINTAINER:=W. Michael Petullo +endef + +define Package/libopenldap + $(call Package/libopenldap/Default) + MENU:=1 + DEPENDS:=+libopenssl +libsasl2 +libpthread +OPENLDAP_DB47:libdb47 +OPENLDAP_ICU:icu + TITLE+= (libraries) +endef + +define Package/libopenldap/config + config OPENLDAP_DEBUG + bool "Enable debugging information" + default y + help + Enable debugging information. This option must be enabled + for the loglevel directive to work. + config OPENLDAP_CRYPT + bool "Crypt(3) passwords support" + default n + help + With crypt(3) password storage scheme enabled, OpenLDAP can + receive and store SHA-256 and SHA-512 password hashes from + Samba AD-DC. If this option is disabled, synchronization of + passwords between Samba AD-DC (v4.5 and above) and OpenLDAP + requires use of cleartext passwords. + To enable crypt(3) password synchronization functionality: + 1. Re-include crypt(3) support in OpenWRT by enabling 'Include + crypt() support for SHA256, SHA512 and Blowfish ciphers' option + in "Advanced configuration options (for developers)" -> + "Toolchain Options". + 2. Provision AD-DC with 'password hash userPassword schemes' + option. For more information, see smb.conf manpage for details + on 'password hash userPassword schemes'. + 3. Use a script to synchronize passwords from AD-DC to + OpenLDAP. See samba-tool manpage for 'user syncpasswords'. + config OPENLDAP_MONITOR + bool "Enable monitor backend" + default n + help + Enable monitor backend to obtain information about the running + status of the daemon. See OpenLDAP documentation for more + information. + config OPENLDAP_DB47 + bool "Berkeley DB support" + default n + help + Enable Berkeley DB support (BDB). + config OPENLDAP_ICU + bool "ICU support" + default n + help + Enable ICU (International Components for Unicode) support. +endef + +define Package/libopenldap/description +OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol (LDAP). This package contains the shared LDAP client libraries, needed by other programs. +endef + +define Package/libopenldap/conffiles +/etc/openldap/ldap.conf +endef + +define Package/openldap-utils + $(call Package/libopenldap/Default) + DEPENDS:=+libopenldap + TITLE+= (utilities) +endef + +define Package/openldap-utils/description +This package contains client programs required to access LDAP servers. +endef + +define Package/openldap-server + $(call Package/libopenldap/Default) + DEPENDS:=+libopenldap +libuuid + TITLE+= (server) +endef + +define Package/openldap-server/description +This package contains server programs required to provide LDAP services. +endef + +define Package/openldap-server/conffiles +/etc/openldap/slapd.conf +/etc/init.d/ldap +endef + +TARGET_CFLAGS += $(FPIC) -lpthread \ + -DURANDOM_DEVICE=\\\"/dev/urandom\\\" + +CONFIGURE_ARGS += \ + --enable-shared \ + --enable-static \ + --enable-dynamic \ + --enable-syslog \ + --with-cyrus-sasl \ + --with-threads \ + --with-tls \ + --with-yielding_select="yes" \ + --enable-null \ + --disable-relay + + +ifdef CONFIG_OPENLDAP_CRYPT + CONFIGURE_ARGS+= --enable-crypt +else + CONFIGURE_ARGS+= --disable-crypt +endif + +ifdef CONFIG_OPENLDAP_MONITOR + CONFIGURE_ARGS+= --enable-monitor +else + CONFIGURE_ARGS+= --disable-monitor +endif + +ifdef CONFIG_OPENLDAP_DEBUG + CONFIGURE_ARGS+= --enable-debug +else + CONFIGURE_ARGS+= --disable-debug +endif + +ifdef CONFIG_OPENLDAP_DB47 + CONFIGURE_ARGS+= \ + --enable-bdb \ + --enable-hdb +else + CONFIGURE_ARGS+= \ + --disable-bdb \ + --disable-hdb +endif + +ifndef CONFIG_OPENLDAP_ICU + CONFIGURE_VARS += \ + ol_cv_lib_icu="no" +endif + +define Build/Compile + $(MAKE) -C $(PKG_BUILD_DIR) \ + DESTDIR="$(PKG_INSTALL_DIR)" \ + HOSTCC="$(HOSTCC)" \ + depend all install + cd $(PKG_BUILD_DIR)/libraries/liblmdb && $(MAKE) $(CONFIGURE_VARS) +endef + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/include/{lber,ldap}*.h $(1)/usr/include/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{lber,ldap}*.{a,so*} $(1)/usr/lib/ +endef + +define Package/libopenldap/install + $(INSTALL_DIR) $(1)/etc/openldap $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/etc/openldap/ldap.conf $(1)/etc/openldap/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/lib{lber,ldap}*.so.* $(1)/usr/lib/ +endef + +define Package/openldap-utils/install + $(INSTALL_DIR) $(1)/usr/bin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/ldap* $(1)/usr/bin/ +endef + +define Package/openldap-server/install + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/ldap.init $(1)/etc/init.d/ldap + $(INSTALL_DIR) $(1)/etc/openldap/schema + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/openldap/schema/* $(1)/etc/openldap/schema/ + $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/openldap/slapd.conf $(1)/etc/openldap/ + $(INSTALL_DIR) $(1)/usr/sbin + # NB: OpenLDAP installs slapd into libexecdir, not sbindir + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/slapd $(1)/usr/sbin/ + $(eval SLAPTOOLS := slapadd slapcat slapdn slapindex slappasswd slaptest slapauth slapacl slapschema) + for i in $(SLAPTOOLS); do \ + $(LN) ./slapd $(1)/usr/sbin/$$$$i; \ + done +endef + +$(eval $(call BuildPackage,libopenldap)) +$(eval $(call BuildPackage,openldap-utils)) +$(eval $(call BuildPackage,openldap-server)) diff --git a/package/libs/openldap/files/ldap.init b/package/libs/openldap/files/ldap.init new file mode 100644 index 0000000000..2209e76b48 --- /dev/null +++ b/package/libs/openldap/files/ldap.init @@ -0,0 +1,19 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2009-2011 OpenWrt.org + +START=60 + +SERVICE_USE_PID=1 + +start() { + mkdir -m 0755 -p /var/openldap-data + service_start /usr/sbin/slapd -h "ldap://localhost/ ldaps:///" +} + +stop() { + service_stop /usr/sbin/slapd +} + +reload() { + service_reload /usr/sbin/slapd +} diff --git a/package/libs/openldap/patches/001-automake-compat.patch b/package/libs/openldap/patches/001-automake-compat.patch new file mode 100644 index 0000000000..c6a9ed89ee --- /dev/null +++ b/package/libs/openldap/patches/001-automake-compat.patch @@ -0,0 +1,323 @@ +--- /dev/null ++++ b/Makefile.am +@@ -0,0 +1 @@ ++SUBDIRS = include libraries clients servers tests doc +--- a/libraries/Makefile.in ++++ b/libraries/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SUBDIRS= \ + liblutil \ + liblber \ +--- a/libraries/liblber/Makefile.in ++++ b/libraries/liblber/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + LIBRARY = liblber.la + + NT_SRCS = nt_err.c +--- a/libraries/libldap/Makefile.in ++++ b/libraries/libldap/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + LIBRARY = libldap.la + + PROGRAMS = apitest dntest ftest ltest urltest +--- a/libraries/libldap_r/Makefile.in ++++ b/libraries/libldap_r/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + LIBRARY = libldap_r.la + + PROGRAMS = apitest ltest +--- a/libraries/liblunicode/Makefile.in ++++ b/libraries/liblunicode/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + LIBRARY = liblunicode.a + + XXDIR = $(srcdir)/ucdata/ +--- a/libraries/liblutil/Makefile.in ++++ b/libraries/liblutil/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + LIBRARY = liblutil.a + PROGRAM = testavl + +--- a/libraries/librewrite/Makefile.in ++++ b/libraries/librewrite/Makefile.in +@@ -16,6 +16,8 @@ + ## Copyright 2000-2001 Pierangelo Masarati + ## + ++SHELL = @SHELL@ ++ + SRCS = config.c context.c info.c ldapmap.c map.c params.c rule.c \ + session.c subst.c var.c xmap.c \ + parse.c rewrite.c +--- a/clients/tools/Makefile.in ++++ b/clients/tools/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = ldapsearch.c ldapmodify.c ldapdelete.c ldapmodrdn.c \ + ldappasswd.c ldapwhoami.c ldapcompare.c \ + ldapexop.c ldapurl.c common.c +--- a/servers/slapd/Makefile.in ++++ b/servers/slapd/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SLAPTOOLS=slapadd slapcat slapdn slapindex slappasswd slaptest slapauth slapacl slapschema + PROGRAMS=slapd $(SLAPTOOLS) + XPROGRAMS=sslapd libbackends.a .backend liboverlays.a +--- a/servers/slapd/overlays/Makefile.in ++++ b/servers/slapd/overlays/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = overlays.c \ + accesslog.c \ + auditlog.c \ +--- a/tests/progs/Makefile.in ++++ b/tests/progs/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + PROGRAMS = slapd-tester slapd-search slapd-read slapd-addel slapd-modrdn \ + slapd-modify slapd-bind slapd-mtread ldif-filter + +--- a/servers/slapd/back-bdb/Makefile.in ++++ b/servers/slapd/back-bdb/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = init.c tools.c config.c \ + add.c bind.c compare.c delete.c modify.c modrdn.c search.c \ + extended.c referral.c operational.c \ +--- a/servers/slapd/back-dnssrv/Makefile.in ++++ b/servers/slapd/back-dnssrv/Makefile.in +@@ -18,6 +18,8 @@ + # The DNSSRV backend was written by Kurt D. Zeilenga. + # + ++SHELL = @SHELL@ ++ + SRCS = init.c bind.c search.c config.c referral.c + OBJS = init.lo bind.lo search.lo config.lo referral.lo + +--- a/servers/slapd/back-hdb/Makefile.in ++++ b/servers/slapd/back-hdb/Makefile.in +@@ -15,6 +15,8 @@ + # + ## Copyright 2003 Howard Chu @ Symas Corp. See master COPYRIGHT file for terms. + ++SHELL = @SHELL@ ++ + XXDIR = $(srcdir)/../back-bdb + + XXSRCS = init.c tools.c config.c \ +--- a/servers/slapd/back-ldap/Makefile.in ++++ b/servers/slapd/back-ldap/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = init.c config.c search.c bind.c unbind.c add.c compare.c \ + delete.c modify.c modrdn.c extended.c chain.c \ + distproc.c monitor.c pbind.c +--- a/servers/slapd/back-ldif/Makefile.in ++++ b/servers/slapd/back-ldif/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = ldif.c + OBJS = ldif.lo + +--- a/servers/slapd/back-mdb/Makefile.in ++++ b/servers/slapd/back-mdb/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = init.c tools.c config.c \ + add.c bind.c compare.c delete.c modify.c modrdn.c search.c \ + extended.c operational.c \ +--- a/servers/slapd/back-meta/Makefile.in ++++ b/servers/slapd/back-meta/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = init.c config.c search.c bind.c unbind.c add.c compare.c \ + delete.c modify.c modrdn.c suffixmassage.c map.c \ + conn.c candidates.c dncache.c +--- a/servers/slapd/back-monitor/Makefile.in ++++ b/servers/slapd/back-monitor/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = init.c search.c compare.c modify.c bind.c \ + operational.c \ + cache.c entry.c \ +--- a/servers/slapd/back-ndb/Makefile.in ++++ b/servers/slapd/back-ndb/Makefile.in +@@ -17,6 +17,8 @@ + ## This work was initially developed by Howard Chu for inclusion + ## in OpenLDAP Software. This work was sponsored by MySQL. + ++SHELL = @SHELL@ ++ + SRCS = init.cpp tools.cpp config.cpp ndbio.cpp \ + add.cpp bind.cpp compare.cpp delete.cpp modify.cpp modrdn.cpp search.cpp + +--- a/servers/slapd/back-null/Makefile.in ++++ b/servers/slapd/back-null/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = null.c + OBJS = null.lo + +--- a/servers/slapd/back-passwd/Makefile.in ++++ b/servers/slapd/back-passwd/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = search.c config.c init.c + OBJS = search.lo config.lo init.lo + +--- a/servers/slapd/back-perl/Makefile.in ++++ b/servers/slapd/back-perl/Makefile.in +@@ -14,6 +14,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = init.c search.c close.c config.c bind.c compare.c \ + modify.c add.c modrdn.c delete.c + OBJS = init.lo search.lo close.lo config.lo bind.lo compare.lo \ +--- a/servers/slapd/back-relay/Makefile.in ++++ b/servers/slapd/back-relay/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = init.c op.c + OBJS = init.lo op.lo + +--- a/servers/slapd/back-shell/Makefile.in ++++ b/servers/slapd/back-shell/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = init.c config.c fork.c search.c bind.c unbind.c add.c \ + delete.c modify.c modrdn.c compare.c result.c + OBJS = init.lo config.lo fork.lo search.lo bind.lo unbind.lo add.lo \ +--- a/servers/slapd/back-sock/Makefile.in ++++ b/servers/slapd/back-sock/Makefile.in +@@ -17,6 +17,8 @@ + ## This work was initially developed by Brian Candler for inclusion + ## in OpenLDAP Software. + ++SHELL = @SHELL@ ++ + SRCS = init.c config.c opensock.c search.c bind.c unbind.c add.c \ + delete.c modify.c modrdn.c compare.c result.c extended.c + OBJS = init.lo config.lo opensock.lo search.lo bind.lo unbind.lo add.lo \ +--- a/servers/slapd/back-sql/Makefile.in ++++ b/servers/slapd/back-sql/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + SRCS = init.c config.c search.c bind.c compare.c operational.c \ + entry-id.c schema-map.c sql-wrap.c modify.c util.c \ + add.c delete.c modrdn.c api.c +--- a/servers/slapd/shell-backends/Makefile.in ++++ b/servers/slapd/shell-backends/Makefile.in +@@ -13,6 +13,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + PROGRAMS = passwd-shell + + SRCS = passwd-shell.c shellutil.c +--- a/servers/slapd/slapi/Makefile.in ++++ b/servers/slapd/slapi/Makefile.in +@@ -14,6 +14,8 @@ + ## top-level directory of the distribution or, alternatively, at + ## . + ++SHELL = @SHELL@ ++ + LIBRARY = libslapi.la + + #all-common: $(LIBRARY) $(PROGRAMS) diff --git a/package/libs/openldap/patches/002-no-doc-and-tests-subdir.patch b/package/libs/openldap/patches/002-no-doc-and-tests-subdir.patch new file mode 100644 index 0000000000..5d8c93eefc --- /dev/null +++ b/package/libs/openldap/patches/002-no-doc-and-tests-subdir.patch @@ -0,0 +1,5 @@ +--- a/Makefile.am ++++ b/Makefile.am +@@ -1 +1 @@ +-SUBDIRS = include libraries clients servers tests doc ++SUBDIRS = include libraries clients servers diff --git a/package/libs/openldap/patches/020-autofs-schema.patch b/package/libs/openldap/patches/020-autofs-schema.patch new file mode 100644 index 0000000000..11c73f5551 --- /dev/null +++ b/package/libs/openldap/patches/020-autofs-schema.patch @@ -0,0 +1,26 @@ +--- /dev/null ++++ b/servers/slapd/schema/autofs.schema +@@ -0,0 +1,23 @@ ++attributetype ( 1.3.6.1.1.1.1.31 NAME 'automountMapName' ++ DESC 'Automount map name' ++ EQUALITY caseExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.1.1.1.32 NAME 'automountKey' ++ DESC 'Automount key value' ++ EQUALITY caseExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) ++ ++attributetype ( 1.3.6.1.1.1.1.33 NAME 'automountInformation' ++ DESC 'Automount information' ++ EQUALITY caseExactMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) ++ ++objectclass ( 1.3.6.1.1.1.2.16 NAME 'automountMap' SUP top STRUCTURAL ++ MUST ( automountMapName ) ++ MAY ( description ) ) ++ ++objectclass ( 1.3.6.1.1.1.2.17 NAME 'automount' SUP top STRUCTURAL ++ DESC 'Automount' ++ MUST ( automountKey $ automountInformation ) ++ MAY description ) diff --git a/package/libs/openldap/patches/110-reproducible-builds.patch b/package/libs/openldap/patches/110-reproducible-builds.patch new file mode 100644 index 0000000000..b3f724f7cc --- /dev/null +++ b/package/libs/openldap/patches/110-reproducible-builds.patch @@ -0,0 +1,24 @@ +--- a/build/mkversion ++++ b/build/mkversion +@@ -50,12 +50,6 @@ if test $# != 1 ; then + fi + + APPLICATION=$1 +-# Reproducible builds set SOURCE_DATE_EPOCH, want constant strings +-if [ -n "${SOURCE_DATE_EPOCH}" ]; then +- WHOWHERE="openldap" +-else +- WHOWHERE="$USER@$(uname -n):$(pwd)" +-fi + + cat << __EOF__ + /* This work is part of OpenLDAP Software . +@@ -77,7 +71,6 @@ static const char copyright[] = + "COPYING RESTRICTIONS APPLY\n"; + + $static $const char $SYMBOL[] = +-"@(#) \$$PACKAGE: $APPLICATION $VERSION (" __DATE__ " " __TIME__ ") \$\n" +-"\t$WHOWHERE\n"; ++"@(#) \$$PACKAGE: $APPLICATION $VERSION\$\n"; + + __EOF__ diff --git a/package/libs/openldap/patches/750-no-strip.patch b/package/libs/openldap/patches/750-no-strip.patch new file mode 100644 index 0000000000..a70aacc902 --- /dev/null +++ b/package/libs/openldap/patches/750-no-strip.patch @@ -0,0 +1,22 @@ +--- a/clients/tools/Makefile.in ++++ b/clients/tools/Makefile.in +@@ -122,7 +122,7 @@ install-local: FORCE + -$(MKDIR) $(DESTDIR)$(bindir) + @( \ + for prg in $(PROGRAMS); do \ +- $(LTINSTALL) $(INSTALLFLAGS) $(STRIP) -m 755 $$prg$(EXEEXT) \ ++ $(LTINSTALL) $(INSTALLFLAGS) -m 755 $$prg$(EXEEXT) \ + $(DESTDIR)$(bindir); \ + done \ + ) +--- a/servers/slapd/Makefile.in ++++ b/servers/slapd/Makefile.in +@@ -380,7 +380,7 @@ install-local-srv: install-slapd install + install-slapd: FORCE + -$(MKDIR) $(DESTDIR)$(libexecdir) + -$(MKDIR) $(DESTDIR)$(localstatedir)/run +- $(LTINSTALL) $(INSTALLFLAGS) $(STRIP) -m 755 \ ++ $(LTINSTALL) $(INSTALLFLAGS) -m 755 \ + slapd$(EXEEXT) $(DESTDIR)$(libexecdir) + @for i in $(SUBDIRS); do \ + if test -d $$i && test -f $$i/Makefile ; then \ diff --git a/package/libs/openldap/patches/800-implicit.patch b/package/libs/openldap/patches/800-implicit.patch new file mode 100644 index 0000000000..6a39d78b47 --- /dev/null +++ b/package/libs/openldap/patches/800-implicit.patch @@ -0,0 +1,10 @@ +--- a/libraries/libldap/tls2.c ++++ b/libraries/libldap/tls2.c +@@ -41,6 +41,7 @@ static tls_impl *tls_imp = &ldap_int_tls_impl; + #define HAS_TLS( sb ) ber_sockbuf_ctrl( sb, LBER_SB_OPT_HAS_IO, \ + (void *)tls_imp->ti_sbio ) + ++static int ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const char *name_in ); + #endif /* HAVE_TLS */ + + #ifdef LDAP_DEVEL diff --git a/package/libs/openldap/patches/901-reduce-slapd-default-mem-usage.patch b/package/libs/openldap/patches/901-reduce-slapd-default-mem-usage.patch new file mode 100644 index 0000000000..0c4dd34a85 --- /dev/null +++ b/package/libs/openldap/patches/901-reduce-slapd-default-mem-usage.patch @@ -0,0 +1,11 @@ +--- a/servers/slapd/slapd.conf ++++ b/servers/slapd/slapd.conf +@@ -50,7 +50,7 @@ argsfile %LOCALSTATEDIR%/run/slapd.args + ####################################################################### + + database mdb +-maxsize 1073741824 ++maxsize 8388608 + suffix "dc=my-domain,dc=com" + rootdn "cn=Manager,dc=my-domain,dc=com" + # Cleartext passwords, especially for the rootdn, should diff --git a/package/libs/p11-kit/Makefile b/package/libs/p11-kit/Makefile new file mode 100644 index 0000000000..ef48b76a9e --- /dev/null +++ b/package/libs/p11-kit/Makefile @@ -0,0 +1,69 @@ +# +# Copyright (C) 2011-2014 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=p11-kit +PKG_VERSION:=0.23.16.1 +PKG_RELEASE:=2 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://github.com/p11-glue/p11-kit/releases/download/$(PKG_VERSION) +PKG_HASH:=4b34e92ae36fa493e0d94366c767f06d5f9951e3d8581d10fd935d738db1574d + +PKG_MAINTAINER:=Nikos Mavrogiannopoulos +PKG_LICENSE:=BSD-3-Clause +PKG_LICENSE_FILES:=COPYING + +PKG_BUILD_PARALLEL:=1 +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/p11-kit + SECTION:=libs + CATEGORY:=Libraries + TITLE:=A library that provides a way to load and enumerate PKCS11 modules. + URL:=https://p11-glue.github.io/p11-glue/p11-kit.html + DEPENDS:=+libtasn1 +libpthread +endef + +define Package/p11-kit/description + Provides a way to load and enumerate PKCS11 modules. Provides a + standard configuration setup for installing PKCS11 modules in such a + way that they are discoverable. +endef + +TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed + +CONFIGURE_ARGS+= \ + --disable-debug \ + --disable-rpath \ + --disable-trust-module \ + --without-libffi \ + --without-systemd + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include/p11-kit-1/p11-kit/ + $(CP) $(PKG_INSTALL_DIR)/usr/include/p11-kit-1/p11-kit/* $(1)/usr/include/p11-kit-1/p11-kit/ + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libp11-kit.so $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libp11-kit.so* $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/p11-kit-1.pc $(1)/usr/lib/pkgconfig/p11-kit-1.pc +endef + +define Package/p11-kit/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libp11-kit.so.* $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/etc/p11-kit/modules/ +ifneq ($(CONFIG_PACKAGE_libopensc),) + $(CP) ./files/opensc.module $(1)/etc/p11-kit/modules/ +endif +endef + +$(eval $(call BuildPackage,p11-kit)) diff --git a/package/libs/p11-kit/files/opensc.module b/package/libs/p11-kit/files/opensc.module new file mode 100644 index 0000000000..5f59814eff --- /dev/null +++ b/package/libs/p11-kit/files/opensc.module @@ -0,0 +1 @@ +module: /usr/lib/opensc-pkcs11.so diff --git a/package/libs/p11-kit/patches/010-uclibc.patch b/package/libs/p11-kit/patches/010-uclibc.patch new file mode 100644 index 0000000000..642fdb4e41 --- /dev/null +++ b/package/libs/p11-kit/patches/010-uclibc.patch @@ -0,0 +1,15 @@ +--- a/common/compat.c ++++ b/common/compat.c +@@ -97,8 +97,12 @@ + #include + + #if defined (HAVE_PROGRAM_INVOCATION_SHORT_NAME) && !HAVE_DECL_PROGRAM_INVOCATION_SHORT_NAME ++#ifdef __UCLIBC__ ++extern const char *program_invocation_short_name; ++#else + extern char *program_invocation_short_name; + #endif ++#endif + + #if defined (HAVE___PROGNAME) && !HAVE_DECL___PROGNAME + extern char *__progname; diff --git a/package/network/net-snmp/Makefile b/package/network/net-snmp/Makefile new file mode 100644 index 0000000000..bfcaa90661 --- /dev/null +++ b/package/network/net-snmp/Makefile @@ -0,0 +1,290 @@ +# +# Copyright (C) 2006-2017 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=net-snmp +PKG_VERSION:=5.8 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=@SF/net-snmp +PKG_HASH:=b2fc3500840ebe532734c4786b0da4ef0a5f67e51ef4c86b3345d697e4976adf +PKG_MAINTAINER:=Stijn Tintel +PKG_LICENSE:=MIT BSD-3-Clause-Clear + +PKG_FIXUP:=autoreconf + +include $(INCLUDE_DIR)/package.mk + +define Package/net-snmp/Default + SECTION:=net + CATEGORY:=Network + URL:=http://www.net-snmp.org/ +endef + +define Package/net-snmp/Default/description + Simple Network Management Protocol (SNMP) is a widely used protocol for + monitoring the health and welfare of network equipment (eg. routers), + computer equipment and even devices like UPSs. Net-SNMP is a suite of + applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both + IPv4 and IPv6. +endef + + +define Package/libnetsnmp +$(call Package/net-snmp/Default) + SECTION:=libs + CATEGORY:=Libraries + DEPENDS:=+libnl-tiny +libpci + TITLE:=Open source SNMP implementation (libraries) +endef + +define Package/libnetsnmp/description +$(call Package/net-snmp/Default/description) + . + This package contains shared libraries, needed by other programs. +endef + + +define Package/snmp-mibs +$(call Package/net-snmp/Default) + TITLE:=Open source SNMP implementation (MIB-files) +endef + +define Package/snmp-mibs/description +$(call Package/net-snmp/Default/description) + . + This package contains SNMP MIB-Files. +endef + + +define Package/snmp-utils +$(call Package/net-snmp/Default) + DEPENDS:=+libnetsnmp + TITLE:=Open source SNMP implementation (utilities) +endef + +define Package/snmp-utils/description +$(call Package/net-snmp/Default/description) + . + This package contains SNMP client utilities: + - snmpget + - snmpset + - snmpstatus + - snmptest + - snmptrap + - snmpwalk +endef + + +define Package/snmpd +$(call Package/net-snmp/Default) + DEPENDS:=+libnetsnmp + TITLE:=Open source SNMP implementation (daemon) +endef + +define Package/snmpd/description +$(call Package/net-snmp/Default/description) + . + This package contains the SNMP agent, dynamically linked. +endef + + +define Package/snmpd-static +$(call Package/net-snmp/Default) + DEPENDS:=+snmpd + TITLE:=Open source SNMP implementation (daemon) +endef + + +define Package/snmptrapd +$(call Package/net-snmp/Default) + DEPENDS:=+libnetsnmp + TITLE:=Open source SNMP implementation (notification receiver) +endef + +define Package/snmptrapd/description +$(call Package/net-snmp/Default/description) + . + This package contains the SNMP notification receiver. +endef + + +SNMP_MIB_MODULES_INCLUDED = \ + agent/extend \ + agentx \ + host/hr_device \ + host/hr_disk \ + host/hr_filesys \ + host/hr_network \ + host/hr_partition \ + host/hr_proc \ + host/hr_storage \ + host/hr_system \ + ieee802dot11 \ + if-mib/ifXTable \ + ip-mib/inetNetToMediaTable \ + mibII/at \ + mibII/icmp \ + mibII/ifTable \ + mibII/ip \ + mibII/snmp_mib \ + mibII/sysORTable \ + mibII/system_mib \ + mibII/tcp \ + mibII/udp \ + mibII/vacm_context \ + mibII/vacm_vars \ + snmpv3/snmpEngine \ + snmpv3/snmpMPDStats \ + snmpv3/usmConf \ + snmpv3/usmStats \ + snmpv3/usmUser \ + tunnel \ + ucd-snmp/disk \ + ucd-snmp/dlmod \ + ucd-snmp/extensible \ + ucd-snmp/loadave \ + ucd-snmp/memory \ + ucd-snmp/pass \ + ucd-snmp/pass_persist \ + ucd-snmp/proc \ + ucd-snmp/vmstat \ + util_funcs \ + utilities/execute \ + +SNMP_MIB_MODULES_EXCLUDED = \ + agent_mibs \ + disman/event \ + disman/schedule \ + hardware \ + host \ + if-mib \ + ip-mib \ + mibII \ + notification \ + notification-log-mib \ + snmpv3mibs \ + target \ + tcp-mib \ + ucd_snmp \ + udp-mib \ + utilities \ + +SNMP_TRANSPORTS_INCLUDED = Callback UDP Unix + +SNMP_TRANSPORTS_EXCLUDED = TCP TCPIPv6 + +TARGET_CFLAGS += $(FPIC) +TARGET_CPPFLAGS += -I$(STAGING_DIR)/usr/include/libnl-tiny + +CONFIGURE_ARGS += \ + --enable-mfd-rewrites \ + --enable-shared \ + --enable-static \ + --with-endianness=$(if $(CONFIG_BIG_ENDIAN),big,little) \ + --with-logfile=/var/log/snmpd.log \ + --with-persistent-directory=/usr/lib/snmp/ \ + --with-default-snmp-version=1 \ + --with-sys-contact=root@localhost \ + --with-sys-location=Unknown \ + --enable-applications \ + --disable-debugging \ + --disable-manuals \ + --disable-scripts \ + --with-out-mib-modules="$(SNMP_MIB_MODULES_EXCLUDED)" \ + --with-mib-modules="$(SNMP_MIB_MODULES_INCLUDED)" \ + --with-out-transports="$(SNMP_TRANSPORTS_EXCLUDED)" \ + --with-transports="$(SNMP_TRANSPORTS_INCLUDED)" \ + --without-openssl \ + --without-libwrap \ + --without-mysql \ + --without-rpm \ + --without-zlib \ + --with-nl \ + $(call autoconf_bool,CONFIG_IPV6,ipv6) \ + --disable-perl-cc-checks \ + --disable-embedded-perl \ + --without-perl-modules + +CONFIGURE_VARS += \ + ac_cv_header_netlink_netlink_h=yes \ + ac_cv_header_pcre_h=no \ + netsnmp_cv_func_nl_connect_LIBS=-lnl-tiny \ + +ifeq ($(CONFIG_IPV6),y) +SNMP_TRANSPORTS_INCLUDED+= UDPIPv6 +endif + +TARGET_LDFLAGS += -L$(TOOLCHAIN_DIR)/usr/lib + +define Build/Compile + $(MAKE) -C $(PKG_BUILD_DIR) \ + INSTALL_PREFIX="$(PKG_INSTALL_DIR)" \ + LDFLAGS="$(TARGET_LDFLAGS) -lm -lc" \ + all install +endef + +define Build/InstallDev + $(INSTALL_DIR) $(2)/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/net-snmp-config $(2)/bin/ + $(SED) 's,=/usr,=$(STAGING_DIR)/usr,g' $(2)/bin/net-snmp-config + $(INSTALL_DIR) $(STAGING_DIR)/usr/bin + $(LN) $(STAGING_DIR)/host/bin/net-snmp-config $(STAGING_DIR)/usr/bin/ + + $(INSTALL_DIR) $(1)/usr/include + $(CP) $(PKG_INSTALL_DIR)/usr/include/net-snmp $(1)/usr/include/ + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libnetsnmp{,agent,helpers,mibs}.{a,so*} $(1)/usr/lib/ +endef + +define Package/libnetsnmp/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libnetsnmp{,agent,helpers,mibs}.so.* $(1)/usr/lib/ +endef + +define Package/snmp-mibs/install + $(INSTALL_DIR) $(1)/usr/share/snmp/mibs + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/snmp/mibs/* $(1)/usr/share/snmp/mibs/ +endef + +define Package/snmp-utils/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/snmp{get,set,status,test,trap,walk} $(1)/usr/bin/ +endef + +define Package/snmpd/conffiles +/etc/config/snmpd +endef + +define Package/snmpd/install + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_DATA) ./files/snmpd.conf $(1)/etc/config/snmpd + $(INSTALL_DIR) $(1)/etc/snmp + $(LN) /var/run/snmpd.conf $(1)/etc/snmp/ + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/snmpd.init $(1)/etc/init.d/snmpd + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/snmpd $(1)/usr/sbin/snmpd +endef + +define Package/snmptrapd/install + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/snmptrapd.init $(1)/etc/init.d/snmptrapd + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libnetsnmptrapd.so.* $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/snmptrapd $(1)/usr/sbin/ +endef + +$(eval $(call BuildPackage,libnetsnmp)) +$(eval $(call BuildPackage,snmp-mibs)) +$(eval $(call BuildPackage,snmp-utils)) +$(eval $(call BuildPackage,snmpd)) +$(eval $(call BuildPackage,snmpd-static)) +$(eval $(call BuildPackage,snmptrapd)) diff --git a/package/network/net-snmp/files/snmpd.conf b/package/network/net-snmp/files/snmpd.conf new file mode 100644 index 0000000000..e18864d539 --- /dev/null +++ b/package/network/net-snmp/files/snmpd.conf @@ -0,0 +1,130 @@ +config agent + option agentaddress UDP:161,UDP6:161 + +config agentx + option agentxsocket /var/run/agentx.sock + +config com2sec public + option secname ro + option source default + option community public + +config com2sec private + option secname rw + option source localhost + option community private + +config com2sec6 public6 + option secname ro + option source default + option community public + +config com2sec6 private6 + option secname rw + option source localhost + option community private + +config group public_v1 + option group public + option version v1 + option secname ro + +config group public_v2c + option group public + option version v2c + option secname ro + +config group public_usm + option group public + option version usm + option secname ro + +config group private_v1 + option group private + option version v1 + option secname rw + +config group private_v2c + option group private + option version v2c + option secname rw + +config group private_usm + option group private + option version usm + option secname rw + +config view all + option viewname all + option type included + option oid .1 + +config access public_access + option group public + option context none + option version any + option level noauth + option prefix exact + option read all + option write none + option notify none + +config access private_access + option group private + option context none + option version any + option level noauth + option prefix exact + option read all + option write all + option notify all + +config system + option sysLocation 'office' + option sysContact 'bofh@example.com' + option sysName 'HeartOfGold' +# option sysServices 72 +# option sysDescr 'adult playground' +# option sysObjectID '1.2.3.4' + +config exec + option name filedescriptors + option prog /bin/cat + option args /proc/sys/fs/file-nr +# option miboid 1.2.3.4 + +config engineid +# option engineid 'LEDE' + option engineidtype '3' + option engineidnic 'eth0' + +#config trapcommunity 'trapcommunity' +# option community 'public' + +#config trapsink +# option host 'nms.system.com' +# option community 'public' +# option port '162' + +#config trap2sink +# option host 'nms.system.com' +# option community 'secret' +# option port '162' + +#config informsink +# option host 'nms.sytem.com' +# option community 'public' +# option port '162' + +#config authtrapenable 'authtrapenable' +# option enable '1' + +#config v1trapaddress 'v1trapaddress' +# option host '1.2.3.4' + +#config trapsess 'trapsess' +# option trapsess '-v 3 -e 0x80001f88808c18d3f7b0000 -u trapuser -a MD5 -A administrator -l authPriv -x DES -X rootpasswd udp:127.0.0.1:162' + +config snmpd general + option enabled '1' +# list network 'wan' diff --git a/package/network/net-snmp/files/snmpd.init b/package/network/net-snmp/files/snmpd.init new file mode 100644 index 0000000000..a7653176d4 --- /dev/null +++ b/package/network/net-snmp/files/snmpd.init @@ -0,0 +1,359 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2008 OpenWrt.org +START=50 + +USE_PROCD=1 +PROG="/usr/sbin/snmpd" + +CONFIGFILE="/var/run/snmpd.conf" + +snmpd_agent_add() { + local cfg="$1" + + config_get agentaddress "$cfg" agentaddress + [ -n "$agentaddress" ] || return 0 + echo "agentaddress $agentaddress" >> $CONFIGFILE +} + +snmpd_agentx_add() { + local cfg="$1" + echo "master agentx" >> $CONFIGFILE + config_get agentxsocket "$cfg" agentxsocket + [ -n "$agentxsocket" ] && echo "agentXSocket $agentxsocket" >> $CONFIGFILE +} + +snmpd_system_add() { + local cfg="$1" + config_get syslocation "$cfg" sysLocation + [ -n "$syslocation" ] && echo "sysLocation $syslocation" >> $CONFIGFILE + config_get syscontact "$cfg" sysContact + [ -n "$syscontact" ] && echo "sysContact $syscontact" >> $CONFIGFILE + config_get sysname "$cfg" sysName + [ -n "$sysname" ] && echo "sysName $sysname" >> $CONFIGFILE + config_get sysservice "$cfg" sysService + [ -n "$sysservice" ] && echo "sysService $sysservice" >> $CONFIGFILE + config_get sysdescr "$cfg" sysDescr + [ -n "$sysdescr" ] && echo "sysDescr $sysdescr" >> $CONFIGFILE + config_get sysobjectid "$cfg" sysObjectID + [ -n "$sysobjectid" ] && echo "sysObjectID $sysobjectid" >> $CONFIGFILE +} + +snmpd_com2sec_add() { + local cfg="$1" + config_get secname "$cfg" secname + [ -n "$secname" ] || return 0 + config_get source "$cfg" source + [ -n "$source" ] || return 0 + config_get community "$cfg" community + [ -n "$community" ] || return 0 + echo "com2sec $secname $source $community" >> $CONFIGFILE +} + +snmpd_com2sec6_add() { + local cfg="$1" + config_get secname "$cfg" secname + [ -n "$secname" ] || return 0 + config_get source "$cfg" source + [ -n "$source" ] || return 0 + config_get community "$cfg" community + [ -n "$community" ] || return 0 + echo "com2sec6 $secname $source $community" >> $CONFIGFILE +} + +snmpd_group_add() { + local cfg="$1" + config_get group "$cfg" group + [ -n "$group" ] || return 0 + config_get version "$cfg" version + [ -n "$version" ] || return 0 + config_get secname "$cfg" secname + [ -n "$secname" ] || return 0 + echo "group $group $version $secname" >> $CONFIGFILE +} + +snmpd_view_add() { + local cfg="$1" + config_get viewname "$cfg" viewname + [ -n "$viewname" ] || return 0 + config_get type "$cfg" type + [ -n "$type" ] || return 0 + config_get oid "$cfg" oid + [ -n "$oid" ] || return 0 + # optional mask + config_get mask "$cfg" mask + echo "view $viewname $type $oid $mask" >> $CONFIGFILE +} + +snmpd_access_add() { + local cfg="$1" + config_get group "$cfg" group + [ -n "$group" ] || return 0 + config_get context "$cfg" context + [ -n $context ] || return 0 + [ "$context" == "none" ] && context='""' + config_get version "$cfg" version + [ -n "$version" ] || return 0 + config_get level "$cfg" level + [ -n "$level" ] || return 0 + config_get prefix "$cfg" prefix + [ -n "$prefix" ] || return 0 + config_get read "$cfg" read + [ -n "$read" ] || return 0 + config_get write "$cfg" write + [ -n "$write" ] || return 0 + config_get notify "$cfg" notify + [ -n "$notify" ] || return 0 + echo "access $group $context $version $level $prefix $read $write $notify" >> $CONFIGFILE +} + +snmpd_trap_hostname_add() { + local cfg="$1" + config_get hostname "$cfg" HostName + config_get port "$cfg" Port + config_get community "$cfg" Community + config_get type "$cfg" Type + echo "$type $hostname $community $port" >> $CONFIGFILE +} + +snmpd_trap_ip_add() { + local cfg="$1" + config_get host_ip "$cfg" HostIP + config_get port "$cfg" Port + config_get community "$cfg" Community + config_get type "$cfg" Type + echo "$type $host_ip $community $port" >> $CONFIGFILE +} + +snmpd_access_default_add() { + local cfg="$1" + config_get mode "$cfg" Mode + config_get community "$cfg" CommunityName + config_get oidrestrict "$cfg" RestrictOID + config_get oid "$cfg" RestrictedOID + echo -n "$mode $community default" >> $CONFIGFILE + [ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE + [ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE +} + +snmpd_access_HostName_add() { + local cfg="$1" + config_get hostname "$cfg" HostName + config_get mode "$cfg" Mode + config_get community "$cfg" CommunityName + config_get oidrestrict "$cfg" RestrictOID + config_get oid "$cfg" RestrictedOID + echo -n "$mode $community $hostname" >> $CONFIGFILE + [ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE + [ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE +} + +snmpd_access_HostIP_add() { + local cfg="$1" + config_get host_ip "$cfg" HostIP + config_get ip_mask "$cfg" IPMask + config_get mode "$cfg" Mode + config_get community "$cfg" CommunityName + config_get oidrestrict "$cfg" RestrictOID + config_get oid "$cfg" RestrictedOID + echo -n "$mode $community $host_ip/$ip_mask" >> $CONFIGFILE + [ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE + [ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE +} + +snmpd_pass_add() { + local cfg="$1" + local pass='pass' + + config_get miboid "$cfg" miboid + [ -n "$miboid" ] || return 0 + config_get prog "$cfg" prog + [ -n "$prog" ] || return 0 + config_get_bool persist "$cfg" persist 0 + [ $persist -ne 0 ] && pass='pass_persist' + config_get priority "$cfg" priority + priority=${priority:+-p $priority} + echo "$pass $priority $miboid $prog" >> $CONFIGFILE +} + +snmpd_exec_add() { + local cfg="$1" + + config_get name "$cfg" name + [ -n "$name" ] || return 0 + config_get prog "$cfg" prog + [ -n "$prog" ] || return 0 + config_get args "$cfg" args + config_get miboid "$cfg" miboid + echo "exec $miboid $name $prog $args" >> $CONFIGFILE +} + +snmpd_extend_add() { + local cfg="$1" + + config_get name "$cfg" name + [ -n "$name" ] || return 0 + config_get prog "$cfg" prog + [ -n "$prog" ] || return 0 + config_get args "$cfg" args + config_get miboid "$cfg" miboid + echo "extend $miboid $name $prog $args" >> $CONFIGFILE +} + +snmpd_disk_add() { + local cfg="$1" + local disk='disk' + + config_get partition "$cfg" partition + [ -n "$partition" ] || return 0 + config_get size "$cfg" size + [ -n "$size" ] || return 0 + echo "$disk $partition $size" >> $CONFIGFILE +} + +snmpd_engineid_add() { + local cfg="$1" + + config_get engineid "$cfg" engineid + [ -n "$engineid" ] && echo "engineID $engineid" >> $CONFIGFILE + config_get engineidtype "$cfg" engineidtype + [ "$engineidtype" -ge 1 -a "$engineidtype" -le 3 ] && \ + echo "engineIDType $engineidtype" >> $CONFIGFILE + config_get engineidnic "$cfg" engineidnic + [ -n "$engineidnic" ] && echo "engineIDNic $engineidnic" >> $CONFIGFILE +} + +snmpd_sink_add() { + local cfg="$1" + local section="$2" + local community + local port + local host + + config_get host "$cfg" host + [ -n "section" -a -n "$host" ] || return 0 + # optional community + config_get community "$cfg" community + # optional port + config_get port "$cfg" port + port=${port:+:$port} + echo "$section $host$port $community" >> $CONFIGFILE +} + +append_parm() { + local section="$1" + local option="$2" + local switch="$3" + local _loctmp + config_get _loctmp "$section" "$option" + [ -z "$_loctmp" ] && return 0 + echo "$switch $_loctmp" >> $CONFIGFILE +} + +append_authtrapenable() { + local section="$1" + local option="$2" + local switch="$3" + local _loctmp + config_get_bool _loctmp "$section" "$option" + [ -z "$_loctmp" ] && return 0 + [ "$_loctmp" -gt 0 ] && echo "$switch $_loctmp" >> $CONFIGFILE +} + +snmpd_setup_fw_rules() { + local net="$1" + local zone + + zone=$(fw3 -q network "$net" 2>/dev/null) + + local handled_zone + for handled_zone in $HANDLED_SNMP_ZONES; do + [ "$handled_zone" = "$zone" ] && return + done + + json_add_object "" + json_add_string type rule + json_add_string src "$zone" + json_add_string proto udp + json_add_string dest_port 161 + json_add_string target ACCEPT + json_close_object + + HANDLED_SNMP_ZONES="$HANDLED_SNMP_ZONES $zone" +} + +start_service() { + [ -f "$CONFIGFILE" ] && rm -f "$CONFIGFILE" + + config_load snmpd + + config_get_bool snmp_enabled general enabled 1 + [ "$snmp_enabled" -eq 0 ] && return + + procd_open_instance + + config_foreach snmpd_agent_add agent + config_foreach snmpd_agentx_add agentx + config_foreach snmpd_system_add system + config_foreach snmpd_com2sec_add com2sec + config_foreach snmpd_com2sec6_add com2sec6 + config_foreach snmpd_group_add group + config_foreach snmpd_view_add view + config_foreach snmpd_access_add access + config_foreach snmpd_trap_hostname_add trap_HostName + config_foreach snmpd_trap_ip_add trap_HostIP + config_foreach snmpd_access_default_add access_default + config_foreach snmpd_access_HostName_add access_HostName + config_foreach snmpd_access_HostIP_add access_HostIP + config_foreach snmpd_pass_add pass + config_foreach snmpd_exec_add exec + config_foreach snmpd_extend_add extend + config_foreach snmpd_disk_add disk + config_foreach snmpd_engineid_add engineid + append_parm trapcommunity community trapcommunity + config_foreach snmpd_sink_add trapsink trapsink + config_foreach snmpd_sink_add trap2sink trap2sink + config_foreach snmpd_sink_add informsink informsink + append_authtrapenable authtrapenable enable authtrapenable + append_parm v1trapaddress host v1trapaddress + append_parm trapsess trapsess trapsess + + procd_set_param command $PROG -Lf /dev/null -f + procd_set_param file $CONFIGFILE + procd_set_param respawn + + for iface in $(ls /sys/class/net 2>/dev/null); do + procd_append_param netdev "$iface" + done + + procd_open_data + + json_add_array firewall + config_list_foreach general network snmpd_setup_fw_rules + json_close_array + + procd_close_data + + procd_close_instance +} + +stop_service() { + [ -f "$CONFIGFILE" ] || return + rm -f "$CONFIGFILE" + procd_set_config_changed firewall +} + +service_triggers(){ + local script=$(readlink "$initscript") + local name=$(basename ${script:-$initscript}) + + procd_open_trigger + procd_add_raw_trigger "interface.*" 2000 /etc/init.d/$name reload + procd_close_trigger + + procd_add_reload_trigger 'snmpd' +} + +service_started() { + [ "$snmp_enabled" -eq 0 ] && return + procd_set_config_changed firewall +} diff --git a/package/network/net-snmp/files/snmptrapd.init b/package/network/net-snmp/files/snmptrapd.init new file mode 100644 index 0000000000..43278a2f18 --- /dev/null +++ b/package/network/net-snmp/files/snmptrapd.init @@ -0,0 +1,15 @@ +#!/bin/sh /etc/rc.common + +START=50 + +USE_PROCD=1 +PROG="/usr/sbin/snmptrapd" + +start_service() { + procd_open_instance + + procd_set_param command $PROG -Lf /dev/null -f + procd_set_param respawn + + procd_close_instance +} diff --git a/package/network/net-snmp/patches/000-cross-compile.patch b/package/network/net-snmp/patches/000-cross-compile.patch new file mode 100644 index 0000000000..730bdbcfc9 --- /dev/null +++ b/package/network/net-snmp/patches/000-cross-compile.patch @@ -0,0 +1,47 @@ +From: Jo-Philipp Wich +Date: Fri, 6 Jan 2017 13:41:00 +0100 +Subject: [PATCH] configure: allow overriding hardcoded /usr/include/libnl3 + +In a cross-compile setting we do not want to probe the host systems +/usr/include path, therfore allow to disable this include path by passing +ac_cv_header_netlink_netlink_h=yes to configure. + +Also disable the testing for libraries providing nl_connect when +netsnmp_cv_func_nl_connect_LIBS is predefined since the proprietary +NETSNMP_SEARCH_LIBS() macro will clobber the internal link flags upon +encountering predefined cache variables, causing all subsequent configure +link tests to fail due to a stray "no" word getting passed to the linker. + +Signed-off-by: Jo-Philipp Wich +--- a/configure.d/config_os_libs2 ++++ b/configure.d/config_os_libs2 +@@ -254,14 +254,22 @@ if test "x$with_nl" != "xno"; then + ) + + netsnmp_save_CPPFLAGS="$CPPFLAGS" +- CPPFLAGS="${LIBNL3_CFLAGS} $CPPFLAGS" +- NETSNMP_SEARCH_LIBS(nl_connect, nl-3, +- [AC_CHECK_HEADERS(netlink/netlink.h) +- EXTERNAL_MIBGROUP_INCLUDES="$EXTERNAL_MIBGROUP_INCLUDES ${LIBNL3_CFLAGS}"], +- [CPPFLAGS="$netsnmp_save_CPPFLAGS"], [], [], [LMIBLIBS]) ++ netsnmp_netlink_include_flags="" + if test "x$ac_cv_header_netlink_netlink_h" != xyes; then +- NETSNMP_SEARCH_LIBS(nl_connect, nl, [ +- AC_CHECK_HEADERS(netlink/netlink.h)], [], [], LMIBLIBS) ++ netsnmp_netlink_include_flags="-I/usr/include/libnl3" ++ fi ++ CPPFLAGS="$netsnmp_netlink_include_flags $CPPFLAGS" ++ if test "x$netsnmp_cv_func_nl_connect_LIBS" = x; then ++ NETSNMP_SEARCH_LIBS(nl_connect, nl-3, ++ [AC_CHECK_HEADERS(netlink/netlink.h) ++ EXTERNAL_MIBGROUP_INCLUDES="$EXTERNAL_MIBGROUP_INCLUDES $netsnmp_netlink_include_flags"], ++ [CPPFLAGS="$netsnmp_save_CPPFLAGS"], [], [], [LMIBLIBS]) ++ if test "x$ac_cv_header_netlink_netlink_h" != xyes; then ++ NETSNMP_SEARCH_LIBS(nl_connect, nl, [ ++ AC_CHECK_HEADERS(netlink/netlink.h)], [], [], LMIBLIBS) ++ fi ++ else ++ LMIBLIBS="$LMIBLIBS $netsnmp_cv_func_nl_connect_LIBS" + fi + if test "x$ac_cv_header_netlink_netlink_h" = xyes; then + AC_EGREP_HEADER([nl_socket_free], [netlink/socket.h], diff --git a/package/network/net-snmp/patches/100-debian-statistics.patch b/package/network/net-snmp/patches/100-debian-statistics.patch new file mode 100644 index 0000000000..2b24d94438 --- /dev/null +++ b/package/network/net-snmp/patches/100-debian-statistics.patch @@ -0,0 +1,22 @@ +--- a/agent/mibgroup/mibII/interfaces.c ++++ b/agent/mibgroup/mibII/interfaces.c +@@ -1588,6 +1588,10 @@ Interface_Scan_Init(void) + struct ifnet *nnew; + char *stats, *ifstart = line; + ++ /* Ignore interfaces with no statistics. */ ++ if (strstr(line, "No statistics available.")) ++ continue; ++ + if (line[strlen(line) - 1] == '\n') + line[strlen(line) - 1] = '\0'; + +@@ -1620,7 +1624,7 @@ Interface_Scan_Init(void) + &coll) != 5)) { + if ((scan_line_to_use == scan_line_2_2) + && !strstr(line, "No statistics available")) +- snmp_log(LOG_ERR, ++ snmp_log(LOG_DEBUG, + "/proc/net/dev data format error, line ==|%s|", + line); + continue; diff --git a/package/network/net-snmp/patches/110-debian-makefiles.patch b/package/network/net-snmp/patches/110-debian-makefiles.patch new file mode 100644 index 0000000000..7b71ed0874 --- /dev/null +++ b/package/network/net-snmp/patches/110-debian-makefiles.patch @@ -0,0 +1,43 @@ +diff -uNr a/local/Makefile.in b/local/Makefile.in +--- a/local/Makefile.in 2014-02-20 08:36:42.000000000 +0800 ++++ b/local/Makefile.in 2014-05-27 13:21:34.245223503 +0800 +@@ -101,7 +101,7 @@ + + mib2c.made: $(srcdir)/mib2c + if test "x$(PERL)" != "x" ; then \ +- $(PERL) -p -e 's%^#!.*/perl.*%#!$(PERL)%;s#/usr/local/share/snmp#$(snmplibdir)#;' ${srcdir}/mib2c > mib2c.made; \ ++ $(PERL) -p -e 's%^#!.*/perl.*%#!$(PERL)%;s#/usr/local/share/snmp#$(snmplibdir)#;s#/usr/local/etc/snmp#$(SNMPCONFPATH)#;' ${srcdir}/mib2c > mib2c.made; \ + else \ + touch mib2c.made; \ + fi +diff -uNr a/Makefile.top b/Makefile.top +--- a/Makefile.top 2014-02-20 08:36:42.000000000 +0800 ++++ b/Makefile.top 2014-05-27 13:26:53.023737120 +0800 +@@ -28,6 +28,7 @@ + snmplibdir = $(datadir)/snmp + mibdir = $(snmplibdir)/mibs + persistentdir = @PERSISTENT_DIRECTORY@ ++sysconfdir = @sysconfdir@ + DESTDIR = @INSTALL_PREFIX@ + INSTALL_PREFIX = $(DESTDIR) + +diff -uNr a/mibs/Makefile.in b/mibs/Makefile.in +--- a/mibs/Makefile.in 2014-02-20 08:36:42.000000000 +0800 ++++ b/mibs/Makefile.in 2014-05-27 13:25:07.151988585 +0800 +@@ -47,11 +47,15 @@ + UCDMIBS = UCD-SNMP-MIB.txt UCD-DEMO-MIB.txt UCD-IPFWACC-MIB.txt \ + UCD-DLMOD-MIB.txt UCD-DISKIO-MIB.txt + ++EXTRAMIBS = BGP4-MIB.txt BRIDGE-MIB.txt GNOME-SMI.txt OSPF-MIB.txt \ ++ OSPF-TRAP-MIB.txt RIPv2-MIB.txt SOURCE-ROUTING-MIB.txt \ ++ LM-SENSORS-MIB.txt ++ + DEFAULTMIBS = @default_mibs_install@ + + MIBS = $(V1MIBS) $(V2MIBS) $(V3MIBS) $(RFCMIBS) \ + $(AGENTMIBS) $(IANAMIBS) \ +- $(NETSNMPMIBS) $(UCDMIBS) $(DEFAULTMIBS) ++ $(NETSNMPMIBS) $(UCDMIBS) $(DEFAULTMIBS) $(EXTRAMIBS) + + all: standardall + diff --git a/package/network/net-snmp/patches/120-debian-searchdirs.patch b/package/network/net-snmp/patches/120-debian-searchdirs.patch new file mode 100644 index 0000000000..b5e377f963 --- /dev/null +++ b/package/network/net-snmp/patches/120-debian-searchdirs.patch @@ -0,0 +1,14 @@ +--- a/local/mib2c ++++ b/local/mib2c +@@ -61,8 +61,9 @@ $currentlevel = -1; + if($ENV{MIB2C_DIR}) { + push @def_search_dirs, split(/:/, $ENV{MIB2C_DIR}); + } +-push @def_search_dirs, "/usr/local/share/snmp/"; +-push @def_search_dirs, "/usr/local/share/snmp/mib2c-data"; ++push @def_search_dirs, "/etc/snmp/"; ++push @def_search_dirs, "/usr/share/snmp/"; ++push @def_search_dirs, "/usr/share/snmp/mib2c-data"; + push @def_search_dirs, "./mib2c-conf.d"; + + sub usage { diff --git a/package/network/net-snmp/patches/130-debian-extramibs.patch b/package/network/net-snmp/patches/130-debian-extramibs.patch new file mode 100644 index 0000000000..48fb90747a --- /dev/null +++ b/package/network/net-snmp/patches/130-debian-extramibs.patch @@ -0,0 +1,5183 @@ +--- /dev/null ++++ b/mibs/BGP4-MIB.txt +@@ -0,0 +1,929 @@ ++ BGP4-MIB DEFINITIONS ::= BEGIN ++ ++ IMPORTS ++ MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, ++ IpAddress, Integer32, Counter32, Gauge32, mib-2 ++ FROM SNMPv2-SMI ++ MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP ++ FROM SNMPv2-CONF; ++ ++ bgp MODULE-IDENTITY ++ LAST-UPDATED "9902100000Z" ++ ORGANIZATION "IETF IDR Working Group" ++ CONTACT-INFO "E-mail: idr@merit.net ++ ++ Susan Hares (Editor) ++ Merit Network ++ 4251 Plymouth Road ++ Suite C ++ Ann Arbor, MI 48105-2785 ++ Tel: +1 734 936 2095 ++ Fax: +1 734 647 3185 ++ E-mail: skh@merit.edu ++ ++ Jeff Johnson (Editor) ++ RedBack Networks, Inc. ++ 1389 Moffett Park Drive ++ Sunnyvale, CA 94089-1134 ++ Tel: +1 408 548 3516 ++ Fax: +1 408 548 3599 ++ E-mail: jeff@redback.com" ++ DESCRIPTION ++ "The MIB module for BGP-4." ++ REVISION "9902100000Z" ++ DESCRIPTION ++ "Corrected duplicate OBJECT IDENTIFIER ++ assignment in the conformance information." ++ REVISION "9601080000Z" ++ DESCRIPTION ++ "1) Fixed the definitions of the traps to ++ make them equivalent to their initial ++ definition in RFC 1269. ++ 2) Added compliance and conformance info." ++ ::= { mib-2 15 } ++ ++ bgpVersion OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (1..255)) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Vector of supported BGP protocol version ++ numbers. Each peer negotiates the version ++ from this vector. Versions are identified ++ via the string of bits contained within this ++ object. The first octet contains bits 0 to ++ 7, the second octet contains bits 8 to 15, ++ and so on, with the most significant bit ++ referring to the lowest bit number in the ++ octet (e.g., the MSB of the first octet ++ refers to bit 0). If a bit, i, is present ++ and set, then the version (i+1) of the BGP ++ is supported." ++ ::= { bgp 1 } ++ ++ bgpLocalAs OBJECT-TYPE ++ SYNTAX INTEGER (0..65535) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The local autonomous system number." ++ ::= { bgp 2 } ++ ++ ++ ++ -- BGP Peer table. This table contains, one entry per BGP ++ -- peer, information about the BGP peer. ++ ++ bgpPeerTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF BgpPeerEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "BGP peer table. This table contains, ++ one entry per BGP peer, information about the ++ connections with BGP peers." ++ ::= { bgp 3 } ++ ++ bgpPeerEntry OBJECT-TYPE ++ SYNTAX BgpPeerEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Entry containing information about the ++ connection with a BGP peer." ++ INDEX { bgpPeerRemoteAddr } ++ ::= { bgpPeerTable 1 } ++ ++ BgpPeerEntry ::= SEQUENCE { ++ bgpPeerIdentifier ++ IpAddress, ++ bgpPeerState ++ INTEGER, ++ bgpPeerAdminStatus ++ INTEGER, ++ bgpPeerNegotiatedVersion ++ Integer32, ++ bgpPeerLocalAddr ++ IpAddress, ++ bgpPeerLocalPort ++ INTEGER, ++ bgpPeerRemoteAddr ++ IpAddress, ++ bgpPeerRemotePort ++ INTEGER, ++ bgpPeerRemoteAs ++ INTEGER, ++ bgpPeerInUpdates ++ Counter32, ++ bgpPeerOutUpdates ++ Counter32, ++ bgpPeerInTotalMessages ++ Counter32, ++ bgpPeerOutTotalMessages ++ Counter32, ++ bgpPeerLastError ++ OCTET STRING, ++ bgpPeerFsmEstablishedTransitions ++ Counter32, ++ bgpPeerFsmEstablishedTime ++ Gauge32, ++ bgpPeerConnectRetryInterval ++ INTEGER, ++ bgpPeerHoldTime ++ INTEGER, ++ bgpPeerKeepAlive ++ INTEGER, ++ bgpPeerHoldTimeConfigured ++ INTEGER, ++ bgpPeerKeepAliveConfigured ++ INTEGER, ++ bgpPeerMinASOriginationInterval ++ INTEGER, ++ bgpPeerMinRouteAdvertisementInterval ++ INTEGER, ++ bgpPeerInUpdateElapsedTime ++ Gauge32 ++ } ++ ++ bgpPeerIdentifier OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The BGP Identifier of this entry's BGP peer." ++ ::= { bgpPeerEntry 1 } ++ ++ bgpPeerState OBJECT-TYPE ++ SYNTAX INTEGER { ++ idle(1), ++ connect(2), ++ active(3), ++ opensent(4), ++ openconfirm(5), ++ established(6) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The BGP peer connection state." ++ ::= { bgpPeerEntry 2 } ++ ++ bgpPeerAdminStatus OBJECT-TYPE ++ SYNTAX INTEGER { ++ stop(1), ++ start(2) ++ } ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "The desired state of the BGP connection. A ++ transition from 'stop' to 'start' will cause ++ the BGP Start Event to be generated. A ++ transition from 'start' to 'stop' will cause ++ the BGP Stop Event to be generated. This ++ parameter can be used to restart BGP peer ++ connections. Care should be used in providing ++ write access to this object without adequate ++ authentication." ++ ::= { bgpPeerEntry 3 } ++ ++ bgpPeerNegotiatedVersion OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The negotiated version of BGP running between ++ the two peers." ++ ::= { bgpPeerEntry 4 } ++ ++ bgpPeerLocalAddr OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The local IP address of this entry's BGP ++ connection." ++ ::= { bgpPeerEntry 5 } ++ ++ bgpPeerLocalPort OBJECT-TYPE ++ SYNTAX INTEGER (0..65535) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The local port for the TCP connection between ++ the BGP peers." ++ ::= { bgpPeerEntry 6 } ++ ++ bgpPeerRemoteAddr OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The remote IP address of this entry's BGP ++ peer." ++ ::= { bgpPeerEntry 7 } ++ ++ bgpPeerRemotePort OBJECT-TYPE ++ SYNTAX INTEGER (0..65535) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The remote port for the TCP connection between ++ the BGP peers. Note that the objects ++ bgpPeerLocalAddr, bgpPeerLocalPort, ++ bgpPeerRemoteAddr and bgpPeerRemotePort ++ provide the appropriate reference to the ++ standard MIB TCP connection table." ++ ::= { bgpPeerEntry 8 } ++ ++ bgpPeerRemoteAs OBJECT-TYPE ++ SYNTAX INTEGER (0..65535) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The remote autonomous system number." ++ ::= { bgpPeerEntry 9 } ++ ++ bgpPeerInUpdates OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of BGP UPDATE messages received on ++ this connection. This object should be ++ initialized to zero (0) when the connection is ++ established." ++ ::= { bgpPeerEntry 10 } ++ ++ bgpPeerOutUpdates OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of BGP UPDATE messages transmitted ++ on this connection. This object should be ++ initialized to zero (0) when the connection is ++ established." ++ ::= { bgpPeerEntry 11 } ++ ++ bgpPeerInTotalMessages OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The total number of messages received from the ++ remote peer on this connection. This object ++ should be initialized to zero when the ++ connection is established." ++ ::= { bgpPeerEntry 12 } ++ ++ bgpPeerOutTotalMessages OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The total number of messages transmitted to ++ the remote peer on this connection. This object ++ should be initialized to zero when the ++ connection is established." ++ ::= { bgpPeerEntry 13 } ++ ++ bgpPeerLastError OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (2)) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The last error code and subcode seen by this ++ peer on this connection. If no error has ++ occurred, this field is zero. Otherwise, the ++ first byte of this two byte OCTET STRING ++ contains the error code, and the second byte ++ contains the subcode." ++ ::= { bgpPeerEntry 14 } ++ ++ bgpPeerFsmEstablishedTransitions OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The total number of times the BGP FSM ++ transitioned into the established state." ++ ::= { bgpPeerEntry 15 } ++ ++ bgpPeerFsmEstablishedTime OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This timer indicates how long (in seconds) this ++ peer has been in the Established state or how long ++ since this peer was last in the Established state. ++ It is set to zero when a new peer is configured or ++ the router is booted." ++ ::= { bgpPeerEntry 16 } ++ ++ bgpPeerConnectRetryInterval OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the ConnectRetry ++ timer. The suggested value for this timer is ++ 120 seconds." ++ ::= { bgpPeerEntry 17 } ++ ++ bgpPeerHoldTime OBJECT-TYPE ++ SYNTAX INTEGER ( 0 | 3..65535 ) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the Hold Timer ++ established with the peer. The value of this ++ object is calculated by this BGP speaker by ++ using the smaller of the value in ++ bgpPeerHoldTimeConfigured and the Hold Time ++ received in the OPEN message. This value ++ must be at lease three seconds if it is not ++ zero (0) in which case the Hold Timer has ++ not been established with the peer, or, the ++ value of bgpPeerHoldTimeConfigured is zero (0)." ++ ::= { bgpPeerEntry 18 } ++ ++ bgpPeerKeepAlive OBJECT-TYPE ++ SYNTAX INTEGER ( 0 | 1..21845 ) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the KeepAlive ++ timer established with the peer. The value of ++ this object is calculated by this BGP speaker ++ such that, when compared with bgpPeerHoldTime, ++ it has the same proportion as what ++ bgpPeerKeepAliveConfigured has when compared ++ with bgpPeerHoldTimeConfigured. If the value ++ of this object is zero (0), it indicates that ++ the KeepAlive timer has not been established ++ with the peer, or, the value of ++ bgpPeerKeepAliveConfigured is zero (0)." ++ ::= { bgpPeerEntry 19 } ++ ++ bgpPeerHoldTimeConfigured OBJECT-TYPE ++ SYNTAX INTEGER ( 0 | 3..65535 ) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the Hold Time ++ configured for this BGP speaker with this peer. ++ This value is placed in an OPEN message sent to ++ this peer by this BGP speaker, and is compared ++ with the Hold Time field in an OPEN message ++ received from the peer when determining the Hold ++ Time (bgpPeerHoldTime) with the peer. This value ++ must not be less than three seconds if it is not ++ zero (0) in which case the Hold Time is NOT to be ++ established with the peer. The suggested value for ++ this timer is 90 seconds." ++ ::= { bgpPeerEntry 20 } ++ ++ bgpPeerKeepAliveConfigured OBJECT-TYPE ++ SYNTAX INTEGER ( 0 | 1..21845 ) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the KeepAlive timer ++ configured for this BGP speaker with this peer. ++ The value of this object will only determine the ++ KEEPALIVE messages' frequency relative to the value ++ specified in bgpPeerHoldTimeConfigured; the actual ++ time interval for the KEEPALIVE messages is ++ indicated by bgpPeerKeepAlive. A reasonable ++ maximum value for this timer would be configured to ++ be one third of that of bgpPeerHoldTimeConfigured. ++ If the value of this object is zero (0), no ++ periodical KEEPALIVE messages are sent to the peer ++ after the BGP connection has been established. The ++ suggested value for this timer is 30 seconds." ++ ::= { bgpPeerEntry 21 } ++ ++ bgpPeerMinASOriginationInterval OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the ++ MinASOriginationInterval timer. ++ The suggested value for this timer is 15 seconds." ++ ::= { bgpPeerEntry 22 } ++ ++ bgpPeerMinRouteAdvertisementInterval OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the ++ MinRouteAdvertisementInterval timer. ++ The suggested value for this timer is 30 seconds." ++ ::= { bgpPeerEntry 23 } ++ ++ bgpPeerInUpdateElapsedTime OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Elapsed time in seconds since the last BGP ++ UPDATE message was received from the peer. ++ Each time bgpPeerInUpdates is incremented, ++ the value of this object is set to zero (0)." ++ ::= { bgpPeerEntry 24 } ++ ++ ++ ++ bgpIdentifier OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The BGP Identifier of local system." ++ ::= { bgp 4 } ++ ++ ++ ++ -- Received Path Attribute Table. This table contains, ++ -- one entry per path to a network, path attributes ++ -- received from all peers running BGP version 3 or less. ++ -- This table is obsolete, having been replaced in ++ -- functionality with the bgp4PathAttrTable. ++ ++ bgpRcvdPathAttrTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF BgpPathAttrEntry ++ MAX-ACCESS not-accessible ++ STATUS obsolete ++ DESCRIPTION ++ "The BGP Received Path Attribute Table contains ++ information about paths to destination networks ++ received from all peers running BGP version 3 or ++ less." ++ ::= { bgp 5 } ++ ++ bgpPathAttrEntry OBJECT-TYPE ++ SYNTAX BgpPathAttrEntry ++ MAX-ACCESS not-accessible ++ STATUS obsolete ++ DESCRIPTION ++ "Information about a path to a network." ++ INDEX { bgpPathAttrDestNetwork, ++ bgpPathAttrPeer } ++ ::= { bgpRcvdPathAttrTable 1 } ++ ++ BgpPathAttrEntry ::= SEQUENCE { ++ bgpPathAttrPeer ++ IpAddress, ++ bgpPathAttrDestNetwork ++ IpAddress, ++ bgpPathAttrOrigin ++ INTEGER, ++ bgpPathAttrASPath ++ OCTET STRING, ++ bgpPathAttrNextHop ++ IpAddress, ++ bgpPathAttrInterASMetric ++ Integer32 ++ } ++ ++ bgpPathAttrPeer OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The IP address of the peer where the path ++ information was learned." ++ ::= { bgpPathAttrEntry 1 } ++ ++ bgpPathAttrDestNetwork OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The address of the destination network." ++ ::= { bgpPathAttrEntry 2 } ++ ++ bgpPathAttrOrigin OBJECT-TYPE ++ SYNTAX INTEGER { ++ igp(1),-- networks are interior ++ egp(2),-- networks learned via EGP ++ incomplete(3) -- undetermined ++ } ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The ultimate origin of the path information." ++ ::= { bgpPathAttrEntry 3 } ++ ++ bgpPathAttrASPath OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (2..255)) ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The set of ASs that must be traversed to reach ++ the network. This object is probably best ++ represented as SEQUENCE OF INTEGER. For SMI ++ compatibility, though, it is represented as ++ OCTET STRING. Each AS is represented as a pair ++ of octets according to the following algorithm: ++ ++ first-byte-of-pair = ASNumber / 256; ++ second-byte-of-pair = ASNumber & 255;" ++ ::= { bgpPathAttrEntry 4 } ++ ++ bgpPathAttrNextHop OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The address of the border router that should ++ be used for the destination network." ++ ::= { bgpPathAttrEntry 5 } ++ ++ bgpPathAttrInterASMetric OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The optional inter-AS metric. If this ++ attribute has not been provided for this route, ++ the value for this object is 0." ++ ::= { bgpPathAttrEntry 6 } ++ ++ ++ ++ -- BGP-4 Received Path Attribute Table. This table contains, ++ -- one entry per path to a network, path attributes ++ -- received from all peers running BGP-4. ++ ++ bgp4PathAttrTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Bgp4PathAttrEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The BGP-4 Received Path Attribute Table contains ++ information about paths to destination networks ++ received from all BGP4 peers." ++ ::= { bgp 6 } ++ ++ bgp4PathAttrEntry OBJECT-TYPE ++ SYNTAX Bgp4PathAttrEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Information about a path to a network." ++ INDEX { bgp4PathAttrIpAddrPrefix, ++ bgp4PathAttrIpAddrPrefixLen, ++ bgp4PathAttrPeer } ++ ::= { bgp4PathAttrTable 1 } ++ ++ Bgp4PathAttrEntry ::= SEQUENCE { ++ bgp4PathAttrPeer ++ IpAddress, ++ bgp4PathAttrIpAddrPrefixLen ++ INTEGER, ++ bgp4PathAttrIpAddrPrefix ++ IpAddress, ++ bgp4PathAttrOrigin ++ INTEGER, ++ bgp4PathAttrASPathSegment ++ OCTET STRING, ++ bgp4PathAttrNextHop ++ IpAddress, ++ bgp4PathAttrMultiExitDisc ++ INTEGER, ++ bgp4PathAttrLocalPref ++ INTEGER, ++ bgp4PathAttrAtomicAggregate ++ INTEGER, ++ bgp4PathAttrAggregatorAS ++ INTEGER, ++ bgp4PathAttrAggregatorAddr ++ IpAddress, ++ bgp4PathAttrCalcLocalPref ++ INTEGER, ++ bgp4PathAttrBest ++ INTEGER, ++ bgp4PathAttrUnknown ++ OCTET STRING ++ } ++ ++ bgp4PathAttrPeer OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address of the peer where the path ++ information was learned." ++ ::= { bgp4PathAttrEntry 1 } ++ bgp4PathAttrIpAddrPrefixLen OBJECT-TYPE ++ SYNTAX INTEGER (0..32) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Length in bits of the IP address prefix in the ++ Network Layer Reachability Information field." ++ ::= { bgp4PathAttrEntry 2 } ++ ++ bgp4PathAttrIpAddrPrefix OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "An IP address prefix in the Network Layer ++ Reachability Information field. This object ++ is an IP address containing the prefix with ++ length specified by bgp4PathAttrIpAddrPrefixLen. ++ Any bits beyond the length specified by ++ bgp4PathAttrIpAddrPrefixLen are zeroed." ++ ::= { bgp4PathAttrEntry 3 } ++ ++ bgp4PathAttrOrigin OBJECT-TYPE ++ SYNTAX INTEGER { ++ igp(1),-- networks are interior ++ egp(2),-- networks learned via EGP ++ incomplete(3) -- undetermined ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The ultimate origin of the path information." ++ ::= { bgp4PathAttrEntry 4 } ++ ++ bgp4PathAttrASPathSegment OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (2..255)) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The sequence of AS path segments. Each AS ++ path segment is represented by a triple ++ . ++ ++ The type is a 1-octet field which has two ++ possible values: ++ 1 AS_SET: unordered set of ASs a ++ route in the UPDATE message ++ has traversed ++ 2 AS_SEQUENCE: ordered set of ASs ++ a route in the UPDATE message ++ has traversed. ++ ++ The length is a 1-octet field containing the ++ number of ASs in the value field. ++ ++ The value field contains one or more AS ++ numbers, each AS is represented in the octet ++ string as a pair of octets according to the ++ following algorithm: ++ ++ first-byte-of-pair = ASNumber / 256; ++ second-byte-of-pair = ASNumber & 255;" ++ ::= { bgp4PathAttrEntry 5 } ++ ++ bgp4PathAttrNextHop OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The address of the border router that should ++ be used for the destination network." ++ ::= { bgp4PathAttrEntry 6 } ++ ++ bgp4PathAttrMultiExitDisc OBJECT-TYPE ++ SYNTAX INTEGER (-1..2147483647) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This metric is used to discriminate between ++ multiple exit points to an adjacent autonomous ++ system. A value of -1 indicates the absence of ++ this attribute." ++ ::= { bgp4PathAttrEntry 7 } ++ ++ bgp4PathAttrLocalPref OBJECT-TYPE ++ SYNTAX INTEGER (-1..2147483647) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The originating BGP4 speaker's degree of ++ preference for an advertised route. A value of ++ -1 indicates the absence of this attribute." ++ ::= { bgp4PathAttrEntry 8 } ++ ++ bgp4PathAttrAtomicAggregate OBJECT-TYPE ++ SYNTAX INTEGER { ++ lessSpecificRrouteNotSelected(1), ++ lessSpecificRouteSelected(2) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Whether or not a system has selected ++ a less specific route without selecting a ++ more specific route." ++ ::= { bgp4PathAttrEntry 9 } ++ ++ bgp4PathAttrAggregatorAS OBJECT-TYPE ++ SYNTAX INTEGER (0..65535) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The AS number of the last BGP4 speaker that ++ performed route aggregation. A value of zero (0) ++ indicates the absence of this attribute." ++ ::= { bgp4PathAttrEntry 10 } ++ ++ bgp4PathAttrAggregatorAddr OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address of the last BGP4 speaker that ++ performed route aggregation. A value of ++ 0.0.0.0 indicates the absence of this attribute." ++ ::= { bgp4PathAttrEntry 11 } ++ ++ bgp4PathAttrCalcLocalPref OBJECT-TYPE ++ SYNTAX INTEGER (-1..2147483647) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The degree of preference calculated by the ++ receiving BGP4 speaker for an advertised route. ++ A value of -1 indicates the absence of this ++ attribute." ++ ::= { bgp4PathAttrEntry 12 } ++ ++ bgp4PathAttrBest OBJECT-TYPE ++ SYNTAX INTEGER { ++ false(1),-- not chosen as best route ++ true(2) -- chosen as best route ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "An indication of whether or not this route ++ was chosen as the best BGP4 route." ++ ::= { bgp4PathAttrEntry 13 } ++ ++ bgp4PathAttrUnknown OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE(0..255)) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "One or more path attributes not understood ++ by this BGP4 speaker. Size zero (0) indicates ++ the absence of such attribute(s). Octets ++ beyond the maximum size, if any, are not ++ recorded by this object." ++ ::= { bgp4PathAttrEntry 14 } ++ ++ ++ -- Traps. ++ ++ -- note that in RFC 1657, bgpTraps was incorrectly ++ -- assigned a value of { bgp 7 }, and each of the ++ -- traps had the bgpPeerRemoteAddr object inappropriately ++ -- removed from their OBJECTS clause. The following ++ -- definitions restore the semantics of the traps as ++ -- they were initially defined in RFC 1269. ++ ++ -- { bgp 7 } is unused ++ ++ bgpTraps OBJECT IDENTIFIER ::= { bgp 0 } ++ ++ bgpEstablished NOTIFICATION-TYPE ++ OBJECTS { bgpPeerRemoteAddr, ++ bgpPeerLastError, ++ bgpPeerState } ++ STATUS current ++ DESCRIPTION ++ "The BGP Established event is generated when ++ the BGP FSM enters the ESTABLISHED state." ++ ::= { bgpTraps 1 } ++ ++ bgpBackwardTransition NOTIFICATION-TYPE ++ OBJECTS { bgpPeerRemoteAddr, ++ bgpPeerLastError, ++ bgpPeerState } ++ STATUS current ++ DESCRIPTION ++ "The BGPBackwardTransition Event is generated ++ when the BGP FSM moves from a higher numbered ++ state to a lower numbered state." ++ ::= { bgpTraps 2 } ++ ++ -- conformance information ++ ++ bgpMIBConformance OBJECT IDENTIFIER ::= { bgp 8 } ++ bgpMIBCompliances OBJECT IDENTIFIER ::= { bgpMIBConformance 1 } ++ bgpMIBGroups OBJECT IDENTIFIER ::= { bgpMIBConformance 2 } ++ ++ -- compliance statements ++ ++ bgpMIBCompliance MODULE-COMPLIANCE ++ STATUS current ++ DESCRIPTION ++ "The compliance statement for entities which ++ implement the BGP4 mib." ++ MODULE -- this module ++ MANDATORY-GROUPS { bgp4MIBGlobalsGroup, ++ bgp4MIBPeerGroup, ++ bgp4MIBPathAttrGroup, ++ bgp4MIBNotificationGroup } ++ ::= { bgpMIBCompliances 1 } ++ ++ -- units of conformance ++ ++ bgp4MIBGlobalsGroup OBJECT-GROUP ++ OBJECTS { bgpVersion, ++ bgpLocalAs, ++ bgpIdentifier } ++ STATUS current ++ DESCRIPTION ++ "A collection of objects providing information ++ on global BGP state." ++ ::= { bgpMIBGroups 1 } ++ ++ bgp4MIBPeerGroup OBJECT-GROUP ++ OBJECTS { bgpPeerIdentifier, ++ bgpPeerState, ++ bgpPeerAdminStatus, ++ bgpPeerNegotiatedVersion, ++ bgpPeerLocalAddr, ++ bgpPeerLocalPort, ++ bgpPeerRemoteAddr, ++ bgpPeerRemotePort, ++ bgpPeerRemoteAs, ++ bgpPeerInUpdates, ++ bgpPeerOutUpdates, ++ bgpPeerInTotalMessages, ++ bgpPeerOutTotalMessages, ++ bgpPeerLastError, ++ bgpPeerFsmEstablishedTransitions, ++ bgpPeerFsmEstablishedTime, ++ bgpPeerConnectRetryInterval, ++ bgpPeerHoldTime, ++ bgpPeerKeepAlive, ++ bgpPeerHoldTimeConfigured, ++ bgpPeerKeepAliveConfigured, ++ bgpPeerMinASOriginationInterval, ++ bgpPeerMinRouteAdvertisementInterval, ++ bgpPeerInUpdateElapsedTime } ++ STATUS current ++ DESCRIPTION ++ "A collection of objects for managing ++ BGP peers." ++ ::= { bgpMIBGroups 2 } ++ ++ bgp4MIBRcvdPathAttrGroup OBJECT-GROUP ++ OBJECTS { bgpPathAttrPeer, ++ bgpPathAttrDestNetwork, ++ bgpPathAttrOrigin, ++ bgpPathAttrASPath, ++ bgpPathAttrNextHop, ++ bgpPathAttrInterASMetric } ++ STATUS obsolete ++ DESCRIPTION ++ "A collection of objects for managing BGP ++ path entries. ++ ++ This conformance group is obsolete, ++ replaced by bgp4MIBPathAttrGroup." ++ ::= { bgpMIBGroups 3 } ++ ++ bgp4MIBPathAttrGroup OBJECT-GROUP ++ OBJECTS { bgp4PathAttrPeer, ++ bgp4PathAttrIpAddrPrefixLen, ++ bgp4PathAttrIpAddrPrefix, ++ bgp4PathAttrOrigin, ++ bgp4PathAttrASPathSegment, ++ bgp4PathAttrNextHop, ++ bgp4PathAttrMultiExitDisc, ++ bgp4PathAttrLocalPref, ++ bgp4PathAttrAtomicAggregate, ++ bgp4PathAttrAggregatorAS, ++ bgp4PathAttrAggregatorAddr, ++ bgp4PathAttrCalcLocalPref, ++ bgp4PathAttrBest, ++ bgp4PathAttrUnknown } ++ STATUS current ++ DESCRIPTION ++ "A collection of objects for managing ++ BGP path entries." ++ ::= { bgpMIBGroups 4 } ++ ++ bgp4MIBNotificationGroup NOTIFICATION-GROUP ++ NOTIFICATIONS { bgpEstablished, ++ bgpBackwardTransition } ++ STATUS current ++ DESCRIPTION ++ "A collection of notifications for signaling ++ changes in BGP peer relationships." ++ ::= { bgpMIBGroups 5 } ++ ++ END +--- /dev/null ++++ b/mibs/GNOME-SMI.txt +@@ -0,0 +1,88 @@ ++GNOME-SMI DEFINITIONS ::= BEGIN ++ ++IMPORTS ++ MODULE-IDENTITY, ++ OBJECT-IDENTITY, ++ enterprises ++ FROM SNMPv2-SMI; ++ ++gnome MODULE-IDENTITY ++ LAST-UPDATED "200709070000Z" ++ ORGANIZATION "GNOME project" ++ CONTACT-INFO ++ "GNU Network Object Model Environment project ++ ++ see http://www.gnome.org for contact persons of a particular ++ area or subproject of GNOME. ++ ++ Administrative contact for MIB module: ++ ++ Jochen Friedrich ++ Ramsaystr. 9 ++ 63450 Hanau ++ Germany ++ ++ email: jochen@scram.de" ++ DESCRIPTION ++ "The Structure of GNOME." ++ ++ -- revision history ++ ++ REVISION "200709070000Z" -- Sep 07, 2007 ++ DESCRIPTION ++ "Fixed wrong enterprise number (how comes this ++ typo was unnoticed for so long?)." ++ ++ REVISION "200505070000Z" -- May 07, 2005 ++ DESCRIPTION ++ "Added gnomeLDAP subtree for LDAP definitions." ++ ++ REVISION "200312070000Z" -- December 07, 2003 ++ DESCRIPTION ++ "Added gnomeSysadmin subtree for GNOME project system administration. ++ Updated contact info." ++ ++ REVISION "9809010000Z" -- September 01, 1998 ++ DESCRIPTION ++ "Initial version." ++ ++ ::= { enterprises 3319 } -- assigned by IANA ++ ++gnomeProducts OBJECT-IDENTITY ++ STATUS current ++ DESCRIPTION ++ "gnomeProducts is the root OBJECT IDENTIFIER from ++ which sysObjectID values are assigned." ++ ::= { gnome 1 } ++ ++gnomeMgmt OBJECT-IDENTITY ++ STATUS current ++ DESCRIPTION ++ "gnomeMgmt defines the subtree for production GNOME related ++ MIB registrations." ++ ::= { gnome 2 } ++ ++gnomeTest OBJECT-IDENTITY ++ STATUS current ++ DESCRIPTION ++ "gnomeTest defines the subtree for testing GNOME related ++ MIB registrations." ++ ::= { gnome 3 } ++ ++gnomeSysadmin OBJECT-IDENTITY ++ STATUS current ++ DESCRIPTION ++ "gnomeSysadmin defines the subtree for GNOME related Sysadmin ++ MIB registrations." ++ ::= { gnome 4 } ++ ++gnomeLDAP OBJECT-IDENTITY ++ STATUS current ++ DESCRIPTION ++ "gnomeLDAP defines the subtree for GNOME related LDAP ++ registrations." ++ ::= { gnome 5 } ++ ++-- more to come if necessary. ++ ++END +--- /dev/null ++++ b/mibs/OSPF-MIB.txt +@@ -0,0 +1,2723 @@ ++OSPF-MIB DEFINITIONS ::= BEGIN ++ ++ IMPORTS ++ MODULE-IDENTITY, OBJECT-TYPE, Counter32, Gauge32, ++ Integer32, IpAddress ++ FROM SNMPv2-SMI ++ TEXTUAL-CONVENTION, TruthValue, RowStatus ++ FROM SNMPv2-TC ++ MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF ++ mib-2 FROM RFC1213-MIB; ++ ++-- This MIB module uses the extended OBJECT-TYPE macro as ++-- defined in [9]. ++ ++ospf MODULE-IDENTITY ++ LAST-UPDATED "9501201225Z" -- Fri Jan 20 12:25:50 PST 1995 ++ ORGANIZATION "IETF OSPF Working Group" ++ CONTACT-INFO ++ " Fred Baker ++ Postal: Cisco Systems ++ 519 Lado Drive ++ Santa Barbara, California 93111 ++ Tel: +1 805 681 0115 ++ E-Mail: fred@cisco.com ++ ++ Rob Coltun ++ Postal: RainbowBridge Communications ++ Tel: (301) 340-9416 ++ E-Mail: rcoltun@rainbow-bridge.com" ++ DESCRIPTION ++ "The MIB module to describe the OSPF Version 2 ++ Protocol" ++ ::= { mib-2 14 } ++ ++-- The Area ID, in OSPF, has the same format as an IP Address, ++-- but has the function of defining a summarization point for ++-- Link State Advertisements ++ ++AreaID ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "An OSPF Area Identifier." ++ SYNTAX IpAddress ++ ++ ++-- The Router ID, in OSPF, has the same format as an IP Address, ++-- but identifies the router independent of its IP Address. ++ ++RouterID ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "A OSPF Router Identifier." ++ SYNTAX IpAddress ++ ++ ++-- The OSPF Metric is defined as an unsigned value in the range ++ ++Metric ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The OSPF Internal Metric." ++ SYNTAX Integer32 (0..'FFFF'h) ++ ++BigMetric ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The OSPF External Metric." ++ SYNTAX Integer32 (0..'FFFFFF'h) ++ ++-- Status Values ++ ++Status ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The status of an interface: 'enabled' indicates that ++ it is willing to communicate with other OSPF Routers, ++ while 'disabled' indicates that it is not." ++ SYNTAX INTEGER { enabled (1), disabled (2) } ++ ++-- Time Durations measured in seconds ++ ++PositiveInteger ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "A positive integer. Values in excess are precluded as ++ unnecessary and prone to interoperability issues." ++ SYNTAX Integer32 (0..'7FFFFFFF'h) ++ ++HelloRange ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The range of intervals on which hello messages are ++ exchanged." ++ SYNTAX Integer32 (1..'FFFF'h) ++ ++UpToMaxAge ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The values that one might find or configure for ++ variables bounded by the maximum age of an LSA." ++ SYNTAX Integer32 (0..3600) ++ ++ ++-- The range of ifIndex ++ ++InterfaceIndex ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The range of ifIndex." ++ SYNTAX Integer32 ++ ++ ++-- Potential Priorities for the Designated Router Election ++ ++DesignatedRouterPriority ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The values defined for the priority of a system for ++ becoming the designated router." ++ SYNTAX Integer32 (0..'FF'h) ++ ++TOSType ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "Type of Service is defined as a mapping to the IP Type of ++ Service Flags as defined in the IP Forwarding Table MIB ++ ++ +-----+-----+-----+-----+-----+-----+-----+-----+ ++ | | | | ++ | PRECEDENCE | TYPE OF SERVICE | 0 | ++ | | | | ++ +-----+-----+-----+-----+-----+-----+-----+-----+ ++ ++ IP TOS IP TOS ++ Field Policy Field Policy ++ ++ Contents Code Contents Code ++ 0 0 0 0 ==> 0 0 0 0 1 ==> 2 ++ 0 0 1 0 ==> 4 0 0 1 1 ==> 6 ++ 0 1 0 0 ==> 8 0 1 0 1 ==> 10 ++ 0 1 1 0 ==> 12 0 1 1 1 ==> 14 ++ 1 0 0 0 ==> 16 1 0 0 1 ==> 18 ++ 1 0 1 0 ==> 20 1 0 1 1 ==> 22 ++ 1 1 0 0 ==> 24 1 1 0 1 ==> 26 ++ 1 1 1 0 ==> 28 1 1 1 1 ==> 30 ++ ++ The remaining values are left for future definition." ++ SYNTAX Integer32 (0..30) ++ ++ ++-- OSPF General Variables ++ ++-- These parameters apply globally to the Router's ++-- OSPF Process. ++ ++ospfGeneralGroup OBJECT IDENTIFIER ::= { ospf 1 } ++ ++ ++ ospfRouterId OBJECT-TYPE ++ SYNTAX RouterID ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "A 32-bit integer uniquely identifying the ++ router in the Autonomous System. ++ ++ By convention, to ensure uniqueness, this ++ should default to the value of one of the ++ router's IP interface addresses." ++ REFERENCE ++ "OSPF Version 2, C.1 Global parameters" ++ ::= { ospfGeneralGroup 1 } ++ ++ ++ ospfAdminStat OBJECT-TYPE ++ SYNTAX Status ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "The administrative status of OSPF in the ++ router. The value 'enabled' denotes that the ++ OSPF Process is active on at least one inter- ++ face; 'disabled' disables it on all inter- ++ faces." ++ ::= { ospfGeneralGroup 2 } ++ ++ ospfVersionNumber OBJECT-TYPE ++ SYNTAX INTEGER { version2 (2) } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The current version number of the OSPF proto- ++ col is 2." ++ REFERENCE ++ "OSPF Version 2, Title" ++ ::= { ospfGeneralGroup 3 } ++ ++ ++ ospfAreaBdrRtrStatus OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "A flag to note whether this router is an area ++ border router." ++ REFERENCE ++ "OSPF Version 2, Section 3 Splitting the AS into ++ Areas" ++ ::= { ospfGeneralGroup 4 } ++ ++ ++ ospfASBdrRtrStatus OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "A flag to note whether this router is config- ++ ured as an Autonomous System border router." ++ REFERENCE ++ "OSPF Version 2, Section 3.3 Classification of ++ routers" ++ ::= { ospfGeneralGroup 5 } ++ ++ ospfExternLsaCount OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of external (LS type 5) link-state ++ advertisements in the link-state database." ++ REFERENCE ++ "OSPF Version 2, Appendix A.4.5 AS external link ++ advertisements" ++ ::= { ospfGeneralGroup 6 } ++ ++ ++ ospfExternLsaCksumSum OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The 32-bit unsigned sum of the LS checksums of ++ the external link-state advertisements con- ++ tained in the link-state database. This sum ++ can be used to determine if there has been a ++ change in a router's link state database, and ++ to compare the link-state database of two ++ routers." ++ ::= { ospfGeneralGroup 7 } ++ ++ ++ ospfTOSSupport OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "The router's support for type-of-service rout- ++ ing." ++ REFERENCE ++ "OSPF Version 2, Appendix F.1.2 Optional TOS ++ support" ++ ::= { ospfGeneralGroup 8 } ++ ++ ospfOriginateNewLsas OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of new link-state advertisements ++ that have been originated. This number is in- ++ cremented each time the router originates a new ++ LSA." ++ ::= { ospfGeneralGroup 9 } ++ ++ ++ ospfRxNewLsas OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of link-state advertisements re- ++ ceived determined to be new instantiations. ++ This number does not include newer instantia- ++ tions of self-originated link-state advertise- ++ ments." ++ ::= { ospfGeneralGroup 10 } ++ ++ ospfExtLsdbLimit OBJECT-TYPE ++ SYNTAX Integer32 (-1..'7FFFFFFF'h) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "The maximum number of non-default AS- ++ external-LSAs entries that can be stored in the ++ link-state database. If the value is -1, then ++ there is no limit. ++ ++ When the number of non-default AS-external-LSAs ++ in a router's link-state database reaches ++ ospfExtLsdbLimit, the router enters Overflow- ++ State. The router never holds more than ++ ospfExtLsdbLimit non-default AS-external-LSAs ++ in its database. OspfExtLsdbLimit MUST be set ++ identically in all routers attached to the OSPF ++ backbone and/or any regular OSPF area. (i.e., ++ OSPF stub areas and NSSAs are excluded)." ++ DEFVAL { -1 } ++ ::= { ospfGeneralGroup 11 } ++ ++ ospfMulticastExtensions OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "A Bit Mask indicating whether the router is ++ forwarding IP multicast (Class D) datagrams ++ based on the algorithms defined in the Multi- ++ cast Extensions to OSPF. ++ ++ Bit 0, if set, indicates that the router can ++ forward IP multicast datagrams in the router's ++ directly attached areas (called intra-area mul- ++ ticast routing). ++ ++ Bit 1, if set, indicates that the router can ++ forward IP multicast datagrams between OSPF ++ areas (called inter-area multicast routing). ++ ++ Bit 2, if set, indicates that the router can ++ forward IP multicast datagrams between Auto- ++ nomous Systems (called inter-AS multicast rout- ++ ing). ++ ++ Only certain combinations of bit settings are ++ allowed, namely: 0 (no multicast forwarding is ++ enabled), 1 (intra-area multicasting only), 3 ++ (intra-area and inter-area multicasting), 5 ++ (intra-area and inter-AS multicasting) and 7 ++ (multicasting everywhere). By default, no mul- ++ ticast forwarding is enabled." ++ DEFVAL { 0 } ++ ::= { ospfGeneralGroup 12 } ++ ++ ospfExitOverflowInterval OBJECT-TYPE ++ SYNTAX PositiveInteger ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "The number of seconds that, after entering ++ OverflowState, a router will attempt to leave ++ OverflowState. This allows the router to again ++ originate non-default AS-external-LSAs. When ++ set to 0, the router will not leave Overflow- ++ State until restarted." ++ DEFVAL { 0 } ++ ::= { ospfGeneralGroup 13 } ++ ++ ++ ospfDemandExtensions OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "The router's support for demand routing." ++ REFERENCE ++ "OSPF Version 2, Appendix on Demand Routing" ++ ::= { ospfGeneralGroup 14 } ++ ++ ++-- The OSPF Area Data Structure contains information ++-- regarding the various areas. The interfaces and ++-- virtual links are configured as part of these areas. ++-- Area 0.0.0.0, by definition, is the Backbone Area ++ ++ ++ ospfAreaTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfAreaEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Information describing the configured parame- ++ ters and cumulative statistics of the router's ++ attached areas." ++ REFERENCE ++ "OSPF Version 2, Section 6 The Area Data Struc- ++ ture" ++ ::= { ospf 2 } ++ ++ ++ ospfAreaEntry OBJECT-TYPE ++ SYNTAX OspfAreaEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Information describing the configured parame- ++ ters and cumulative statistics of one of the ++ router's attached areas." ++ INDEX { ospfAreaId } ++ ::= { ospfAreaTable 1 } ++ ++OspfAreaEntry ::= ++ SEQUENCE { ++ ospfAreaId ++ AreaID, ++ ospfAuthType ++ Integer32, ++ ospfImportAsExtern ++ INTEGER, ++ ospfSpfRuns ++ Counter32, ++ ospfAreaBdrRtrCount ++ Gauge32, ++ ospfAsBdrRtrCount ++ Gauge32, ++ ospfAreaLsaCount ++ Gauge32, ++ ospfAreaLsaCksumSum ++ Integer32, ++ ospfAreaSummary ++ INTEGER, ++ ospfAreaStatus ++ RowStatus ++ } ++ ++ ospfAreaId OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "A 32-bit integer uniquely identifying an area. ++ Area ID 0.0.0.0 is used for the OSPF backbone." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaEntry 1 } ++ ++ ++ ospfAuthType OBJECT-TYPE ++ SYNTAX Integer32 ++ -- none (0), ++ -- simplePassword (1) ++ -- md5 (2) ++ -- reserved for specification by IANA (> 2) ++ MAX-ACCESS read-create ++ STATUS obsolete ++ DESCRIPTION ++ "The authentication type specified for an area. ++ Additional authentication types may be assigned ++ locally on a per Area basis." ++ REFERENCE ++ "OSPF Version 2, Appendix E Authentication" ++ DEFVAL { 0 } -- no authentication, by default ++ ::= { ospfAreaEntry 2 } ++ ++ ospfImportAsExtern OBJECT-TYPE ++ SYNTAX INTEGER { ++ importExternal (1), ++ importNoExternal (2), ++ importNssa (3) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The area's support for importing AS external ++ link- state advertisements." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ DEFVAL { importExternal } ++ ::= { ospfAreaEntry 3 } ++ ++ ++ ospfSpfRuns OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of times that the intra-area route ++ table has been calculated using this area's ++ link-state database. This is typically done ++ using Dijkstra's algorithm." ++ ::= { ospfAreaEntry 4 } ++ ++ ++ ospfAreaBdrRtrCount OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The total number of area border routers reach- ++ able within this area. This is initially zero, ++ and is calculated in each SPF Pass." ++ ::= { ospfAreaEntry 5 } ++ ++ ospfAsBdrRtrCount OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The total number of Autonomous System border ++ routers reachable within this area. This is ++ initially zero, and is calculated in each SPF ++ Pass." ++ ::= { ospfAreaEntry 6 } ++ ++ ++ ospfAreaLsaCount OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The total number of link-state advertisements ++ in this area's link-state database, excluding ++ AS External LSA's." ++ ::= { ospfAreaEntry 7 } ++ ++ ++ ospfAreaLsaCksumSum OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The 32-bit unsigned sum of the link-state ad- ++ vertisements' LS checksums contained in this ++ area's link-state database. This sum excludes ++ external (LS type 5) link-state advertisements. ++ The sum can be used to determine if there has ++ been a change in a router's link state data- ++ base, and to compare the link-state database of ++ two routers." ++ DEFVAL { 0 } ++ ::= { ospfAreaEntry 8 } ++ ++ ospfAreaSummary OBJECT-TYPE ++ SYNTAX INTEGER { ++ noAreaSummary (1), ++ sendAreaSummary (2) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The variable ospfAreaSummary controls the im- ++ port of summary LSAs into stub areas. It has ++ no effect on other areas. ++ ++ If it is noAreaSummary, the router will neither ++ originate nor propagate summary LSAs into the ++ stub area. It will rely entirely on its de- ++ fault route. ++ ++ If it is sendAreaSummary, the router will both ++ summarize and propagate summary LSAs." ++ DEFVAL { noAreaSummary } ++ ::= { ospfAreaEntry 9 } ++ ++ ++ ospfAreaStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfAreaEntry 10 } ++ ++ ++-- OSPF Area Default Metric Table ++ ++-- The OSPF Area Default Metric Table describes the metrics ++-- that a default Area Border Router will advertise into a ++-- Stub area. ++ ++ ++ ospfStubAreaTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfStubAreaEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The set of metrics that will be advertised by ++ a default Area Border Router into a stub area." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2, Area Parameters" ++ ::= { ospf 3 } ++ ++ ++ ospfStubAreaEntry OBJECT-TYPE ++ SYNTAX OspfStubAreaEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The metric for a given Type of Service that ++ will be advertised by a default Area Border ++ Router into a stub area." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2, Area Parameters" ++ INDEX { ospfStubAreaId, ospfStubTOS } ++ ::= { ospfStubAreaTable 1 } ++ ++OspfStubAreaEntry ::= ++ SEQUENCE { ++ ospfStubAreaId ++ AreaID, ++ ospfStubTOS ++ TOSType, ++ ospfStubMetric ++ BigMetric, ++ ospfStubStatus ++ RowStatus, ++ ospfStubMetricType ++ INTEGER ++ } ++ ++ ospfStubAreaId OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The 32 bit identifier for the Stub Area. On ++ creation, this can be derived from the in- ++ stance." ++ ::= { ospfStubAreaEntry 1 } ++ ++ ++ ospfStubTOS OBJECT-TYPE ++ SYNTAX TOSType ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Type of Service associated with the ++ metric. On creation, this can be derived from ++ the instance." ++ ::= { ospfStubAreaEntry 2 } ++ ++ ++ ospfStubMetric OBJECT-TYPE ++ SYNTAX BigMetric ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The metric value applied at the indicated type ++ of service. By default, this equals the least ++ metric at the type of service among the inter- ++ faces to other areas." ++ ::= { ospfStubAreaEntry 3 } ++ ++ ++ ospfStubStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfStubAreaEntry 4 } ++ ++ ospfStubMetricType OBJECT-TYPE ++ SYNTAX INTEGER { ++ ospfMetric (1), -- OSPF Metric ++ comparableCost (2), -- external type 1 ++ nonComparable (3) -- external type 2 ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the type of metric ad- ++ vertised as a default route." ++ DEFVAL { ospfMetric } ++ ::= { ospfStubAreaEntry 5 } ++ ++-- OSPF Link State Database ++ ++-- The Link State Database contains the Link State ++-- Advertisements from throughout the areas that the ++-- device is attached to. ++ ++ ++ ospfLsdbTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfLsdbEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The OSPF Process's Link State Database." ++ REFERENCE ++ "OSPF Version 2, Section 12 Link State Adver- ++ tisements" ++ ::= { ospf 4 } ++ ++ ++ ospfLsdbEntry OBJECT-TYPE ++ SYNTAX OspfLsdbEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A single Link State Advertisement." ++ INDEX { ospfLsdbAreaId, ospfLsdbType, ++ ospfLsdbLsid, ospfLsdbRouterId } ++ ::= { ospfLsdbTable 1 } ++ ++OspfLsdbEntry ::= ++ SEQUENCE { ++ ospfLsdbAreaId ++ AreaID, ++ ospfLsdbType ++ INTEGER, ++ ospfLsdbLsid ++ IpAddress, ++ ospfLsdbRouterId ++ RouterID, ++ ospfLsdbSequence ++ Integer32, ++ ospfLsdbAge ++ Integer32, ++ ospfLsdbChecksum ++ Integer32, ++ ospfLsdbAdvertisement ++ OCTET STRING ++ } ++ ospfLsdbAreaId OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The 32 bit identifier of the Area from which ++ the LSA was received." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfLsdbEntry 1 } ++ ++-- External Link State Advertisements are permitted ++-- for backward compatibility, but should be displayed in ++-- the ospfExtLsdbTable rather than here. ++ ++ ospfLsdbType OBJECT-TYPE ++ SYNTAX INTEGER { ++ routerLink (1), ++ networkLink (2), ++ summaryLink (3), ++ asSummaryLink (4), ++ asExternalLink (5), -- but see ospfExtLsdbTable ++ multicastLink (6), ++ nssaExternalLink (7) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The type of the link state advertisement. ++ Each link state type has a separate advertise- ++ ment format." ++ REFERENCE ++ "OSPF Version 2, Appendix A.4.1 The Link State ++ Advertisement header" ++ ::= { ospfLsdbEntry 2 } ++ ++ ospfLsdbLsid OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Link State ID is an LS Type Specific field ++ containing either a Router ID or an IP Address; ++ it identifies the piece of the routing domain ++ that is being described by the advertisement." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.4 Link State ID" ++ ::= { ospfLsdbEntry 3 } ++ ospfLsdbRouterId OBJECT-TYPE ++ SYNTAX RouterID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The 32 bit number that uniquely identifies the ++ originating router in the Autonomous System." ++ REFERENCE ++ "OSPF Version 2, Appendix C.1 Global parameters" ++ ::= { ospfLsdbEntry 4 } ++ ++-- Note that the OSPF Sequence Number is a 32 bit signed ++-- integer. It starts with the value '80000001'h, ++-- or -'7FFFFFFF'h, and increments until '7FFFFFFF'h ++-- Thus, a typical sequence number will be very negative. ++ ++ ospfLsdbSequence OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The sequence number field is a signed 32-bit ++ integer. It is used to detect old and dupli- ++ cate link state advertisements. The space of ++ sequence numbers is linearly ordered. The ++ larger the sequence number the more recent the ++ advertisement." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.6 LS sequence ++ number" ++ ::= { ospfLsdbEntry 5 } ++ ++ ++ ospfLsdbAge OBJECT-TYPE ++ SYNTAX Integer32 -- Should be 0..MaxAge ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This field is the age of the link state adver- ++ tisement in seconds." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.1 LS age" ++ ::= { ospfLsdbEntry 6 } ++ ++ ospfLsdbChecksum OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This field is the checksum of the complete ++ contents of the advertisement, excepting the ++ age field. The age field is excepted so that ++ an advertisement's age can be incremented ++ without updating the checksum. The checksum ++ used is the same that is used for ISO connec- ++ tionless datagrams; it is commonly referred to ++ as the Fletcher checksum." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.7 LS checksum" ++ ::= { ospfLsdbEntry 7 } ++ ++ ++ ospfLsdbAdvertisement OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (1..65535)) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The entire Link State Advertisement, including ++ its header." ++ REFERENCE ++ "OSPF Version 2, Section 12 Link State Adver- ++ tisements" ++ ::= { ospfLsdbEntry 8 } ++ ++ ++-- Address Range Table ++ ++-- The Address Range Table acts as an adjunct to the Area ++-- Table; It describes those Address Range Summaries that ++-- are configured to be propagated from an Area to reduce ++-- the amount of information about it which is known beyond ++-- its borders. ++ ++ ospfAreaRangeTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfAreaRangeEntry ++ MAX-ACCESS not-accessible ++ STATUS obsolete ++ DESCRIPTION ++ "A range if IP addresses specified by an IP ++ address/IP network mask pair. For example, ++ class B address range of X.X.X.X with a network ++ mask of 255.255.0.0 includes all IP addresses ++ from X.X.0.0 to X.X.255.255" ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospf 5 } ++ ospfAreaRangeEntry OBJECT-TYPE ++ SYNTAX OspfAreaRangeEntry ++ MAX-ACCESS not-accessible ++ STATUS obsolete ++ DESCRIPTION ++ "A range if IP addresses specified by an IP ++ address/IP network mask pair. For example, ++ class B address range of X.X.X.X with a network ++ mask of 255.255.0.0 includes all IP addresses ++ from X.X.0.0 to X.X.255.255" ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ INDEX { ospfAreaRangeAreaId, ospfAreaRangeNet } ++ ::= { ospfAreaRangeTable 1 } ++ ++OspfAreaRangeEntry ::= ++ SEQUENCE { ++ ospfAreaRangeAreaId ++ AreaID, ++ ospfAreaRangeNet ++ IpAddress, ++ ospfAreaRangeMask ++ IpAddress, ++ ospfAreaRangeStatus ++ RowStatus, ++ ospfAreaRangeEffect ++ INTEGER ++ } ++ ++ ospfAreaRangeAreaId OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The Area the Address Range is to be found ++ within." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaRangeEntry 1 } ++ ++ ++ ospfAreaRangeNet OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The IP Address of the Net or Subnet indicated ++ by the range." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaRangeEntry 2 } ++ ++ ++ ospfAreaRangeMask OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-create ++ STATUS obsolete ++ DESCRIPTION ++ "The Subnet Mask that pertains to the Net or ++ Subnet." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaRangeEntry 3 } ++ ++ ospfAreaRangeStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS obsolete ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfAreaRangeEntry 4 } ++ ++ ++ ospfAreaRangeEffect OBJECT-TYPE ++ SYNTAX INTEGER { ++ advertiseMatching (1), ++ doNotAdvertiseMatching (2) ++ } ++ MAX-ACCESS read-create ++ STATUS obsolete ++ DESCRIPTION ++ "Subnets subsumed by ranges either trigger the ++ advertisement of the indicated summary (adver- ++ tiseMatching), or result in the subnet's not ++ being advertised at all outside the area." ++ DEFVAL { advertiseMatching } ++ ::= { ospfAreaRangeEntry 5 } ++ ++ ++ ++-- OSPF Host Table ++ ++-- The Host/Metric Table indicates what hosts are directly ++-- attached to the Router, and what metrics and types of ++-- service should be advertised for them. ++ ++ ospfHostTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfHostEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The list of Hosts, and their metrics, that the ++ router will advertise as host routes." ++ REFERENCE ++ "OSPF Version 2, Appendix C.6 Host route param- ++ eters" ++ ::= { ospf 6 } ++ ++ ++ ospfHostEntry OBJECT-TYPE ++ SYNTAX OspfHostEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A metric to be advertised, for a given type of ++ service, when a given host is reachable." ++ INDEX { ospfHostIpAddress, ospfHostTOS } ++ ::= { ospfHostTable 1 } ++ ++OspfHostEntry ::= ++ SEQUENCE { ++ ospfHostIpAddress ++ IpAddress, ++ ospfHostTOS ++ TOSType, ++ ospfHostMetric ++ Metric, ++ ospfHostStatus ++ RowStatus, ++ ospfHostAreaID ++ AreaID ++ } ++ ++ ospfHostIpAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address of the Host." ++ REFERENCE ++ "OSPF Version 2, Appendix C.6 Host route parame- ++ ters" ++ ::= { ospfHostEntry 1 } ++ ++ ++ ospfHostTOS OBJECT-TYPE ++ SYNTAX TOSType ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Type of Service of the route being config- ++ ured." ++ REFERENCE ++ "OSPF Version 2, Appendix C.6 Host route parame- ++ ters" ++ ::= { ospfHostEntry 2 } ++ ++ ++ ospfHostMetric OBJECT-TYPE ++ SYNTAX Metric ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The Metric to be advertised." ++ REFERENCE ++ "OSPF Version 2, Appendix C.6 Host route parame- ++ ters" ++ ::= { ospfHostEntry 3 } ++ ++ ospfHostStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfHostEntry 4 } ++ ++ ++ ospfHostAreaID OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Area the Host Entry is to be found within. ++ By default, the area that a subsuming OSPF in- ++ terface is in, or 0.0.0.0" ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfHostEntry 5 } ++ ++ ++-- OSPF Interface Table ++ ++-- The OSPF Interface Table augments the ipAddrTable ++-- with OSPF specific information. ++ ++ ospfIfTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfIfEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The OSPF Interface Table describes the inter- ++ faces from the viewpoint of OSPF." ++ REFERENCE ++ "OSPF Version 2, Appendix C.3 Router interface ++ parameters" ++ ::= { ospf 7 } ++ ++ ++ ospfIfEntry OBJECT-TYPE ++ SYNTAX OspfIfEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The OSPF Interface Entry describes one inter- ++ face from the viewpoint of OSPF." ++ INDEX { ospfIfIpAddress, ospfAddressLessIf } ++ ::= { ospfIfTable 1 } ++ ++OspfIfEntry ::= ++ SEQUENCE { ++ ospfIfIpAddress ++ IpAddress, ++ ospfAddressLessIf ++ Integer32, ++ ospfIfAreaId ++ AreaID, ++ ospfIfType ++ INTEGER, ++ ospfIfAdminStat ++ Status, ++ ospfIfRtrPriority ++ DesignatedRouterPriority, ++ ospfIfTransitDelay ++ UpToMaxAge, ++ ospfIfRetransInterval ++ UpToMaxAge, ++ ospfIfHelloInterval ++ HelloRange, ++ ospfIfRtrDeadInterval ++ PositiveInteger, ++ ospfIfPollInterval ++ PositiveInteger, ++ ospfIfState ++ INTEGER, ++ ospfIfDesignatedRouter ++ IpAddress, ++ ospfIfBackupDesignatedRouter ++ IpAddress, ++ ospfIfEvents ++ Counter32, ++ ospfIfAuthType ++ INTEGER, ++ ospfIfAuthKey ++ OCTET STRING, ++ ospfIfStatus ++ RowStatus, ++ ospfIfMulticastForwarding ++ INTEGER, ++ ospfIfDemand ++ TruthValue ++ } ++ ++ ospfIfIpAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address of this OSPF interface." ++ ::= { ospfIfEntry 1 } ++ ++ ospfAddressLessIf OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "For the purpose of easing the instancing of ++ addressed and addressless interfaces; This ++ variable takes the value 0 on interfaces with ++ IP Addresses, and the corresponding value of ++ ifIndex for interfaces having no IP Address." ++ ::= { ospfIfEntry 2 } ++ ospfIfAreaId OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "A 32-bit integer uniquely identifying the area ++ to which the interface connects. Area ID ++ 0.0.0.0 is used for the OSPF backbone." ++ DEFVAL { '00000000'H } -- 0.0.0.0 ++ ::= { ospfIfEntry 3 } ++ ++ ospfIfType OBJECT-TYPE ++ SYNTAX INTEGER { ++ broadcast (1), ++ nbma (2), ++ pointToPoint (3), ++ pointToMultipoint (5) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The OSPF interface type. ++ ++ By way of a default, this field may be intuited ++ from the corresponding value of ifType. Broad- ++ cast LANs, such as Ethernet and IEEE 802.5, ++ take the value 'broadcast', X.25 and similar ++ technologies take the value 'nbma', and links ++ that are definitively point to point take the ++ value 'pointToPoint'." ++ ::= { ospfIfEntry 4 } ++ ++ ++ ospfIfAdminStat OBJECT-TYPE ++ SYNTAX Status ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The OSPF interface's administrative status. ++ The value formed on the interface, and the in- ++ terface will be advertised as an internal route ++ to some area. The value 'disabled' denotes ++ that the interface is external to OSPF." ++ DEFVAL { enabled } ++ ::= { ospfIfEntry 5 } ++ ++ ospfIfRtrPriority OBJECT-TYPE ++ SYNTAX DesignatedRouterPriority ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The priority of this interface. Used in ++ multi-access networks, this field is used in ++ the designated router election algorithm. The ++ value 0 signifies that the router is not eligi- ++ ble to become the designated router on this ++ particular network. In the event of a tie in ++ this value, routers will use their Router ID as ++ a tie breaker." ++ DEFVAL { 1 } ++ ::= { ospfIfEntry 6 } ++ ++ ++ ospfIfTransitDelay OBJECT-TYPE ++ SYNTAX UpToMaxAge ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The estimated number of seconds it takes to ++ transmit a link state update packet over this ++ interface." ++ DEFVAL { 1 } ++ ::= { ospfIfEntry 7 } ++ ++ ++ ospfIfRetransInterval OBJECT-TYPE ++ SYNTAX UpToMaxAge ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The number of seconds between link-state ad- ++ vertisement retransmissions, for adjacencies ++ belonging to this interface. This value is ++ also used when retransmitting database descrip- ++ tion and link-state request packets." ++ DEFVAL { 5 } ++ ::= { ospfIfEntry 8 } ++ ++ ++ ospfIfHelloInterval OBJECT-TYPE ++ SYNTAX HelloRange ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The length of time, in seconds, between the ++ Hello packets that the router sends on the in- ++ terface. This value must be the same for all ++ routers attached to a common network." ++ DEFVAL { 10 } ++ ::= { ospfIfEntry 9 } ++ ++ ++ ospfIfRtrDeadInterval OBJECT-TYPE ++ SYNTAX PositiveInteger ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The number of seconds that a router's Hello ++ packets have not been seen before it's neigh- ++ bors declare the router down. This should be ++ some multiple of the Hello interval. This ++ value must be the same for all routers attached ++ to a common network." ++ DEFVAL { 40 } ++ ::= { ospfIfEntry 10 } ++ ++ ++ ospfIfPollInterval OBJECT-TYPE ++ SYNTAX PositiveInteger ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The larger time interval, in seconds, between ++ the Hello packets sent to an inactive non- ++ broadcast multi- access neighbor." ++ DEFVAL { 120 } ++ ::= { ospfIfEntry 11 } ++ ++ ++ ospfIfState OBJECT-TYPE ++ SYNTAX INTEGER { ++ down (1), ++ loopback (2), ++ waiting (3), ++ pointToPoint (4), ++ designatedRouter (5), ++ backupDesignatedRouter (6), ++ otherDesignatedRouter (7) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The OSPF Interface State." ++ DEFVAL { down } ++ ::= { ospfIfEntry 12 } ++ ++ ++ ospfIfDesignatedRouter OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address of the Designated Router." ++ DEFVAL { '00000000'H } -- 0.0.0.0 ++ ::= { ospfIfEntry 13 } ++ ++ ++ ospfIfBackupDesignatedRouter OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address of the Backup Designated ++ Router." ++ DEFVAL { '00000000'H } -- 0.0.0.0 ++ ::= { ospfIfEntry 14 } ++ ++ ospfIfEvents OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of times this OSPF interface has ++ changed its state, or an error has occurred." ++ ::= { ospfIfEntry 15 } ++ ++ ++ ospfIfAuthKey OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (0..256)) ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The Authentication Key. If the Area's Author- ++ ization Type is simplePassword, and the key ++ length is shorter than 8 octets, the agent will ++ left adjust and zero fill to 8 octets. ++ ++ Note that unauthenticated interfaces need no ++ authentication key, and simple password authen- ++ tication cannot use a key of more than 8 oc- ++ tets. Larger keys are useful only with authen- ++ tication mechanisms not specified in this docu- ++ ment. ++ ++ When read, ospfIfAuthKey always returns an Oc- ++ tet String of length zero." ++ REFERENCE ++ "OSPF Version 2, Section 9 The Interface Data ++ Structure" ++ DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0 ++ ::= { ospfIfEntry 16 } ++ ++ ospfIfStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfIfEntry 17 } ++ ++ ++ ospfIfMulticastForwarding OBJECT-TYPE ++ SYNTAX INTEGER { ++ blocked (1), -- no multicast forwarding ++ multicast (2), -- using multicast address ++ unicast (3) -- to each OSPF neighbor ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The way multicasts should forwarded on this ++ interface; not forwarded, forwarded as data ++ link multicasts, or forwarded as data link uni- ++ casts. Data link multicasting is not meaning- ++ ful on point to point and NBMA interfaces, and ++ setting ospfMulticastForwarding to 0 effective- ++ ly disables all multicast forwarding." ++ DEFVAL { blocked } ++ ::= { ospfIfEntry 18 } ++ ++ ++ ospfIfDemand OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "Indicates whether Demand OSPF procedures (hel- ++ lo supression to FULL neighbors and setting the ++ DoNotAge flag on proogated LSAs) should be per- ++ formed on this interface." ++ DEFVAL { false } ++ ::= { ospfIfEntry 19 } ++ ++ ++ ospfIfAuthType OBJECT-TYPE ++ SYNTAX INTEGER (0..255) ++ -- none (0), ++ -- simplePassword (1) ++ -- md5 (2) ++ -- reserved for specification by IANA (> 2) ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The authentication type specified for an in- ++ terface. Additional authentication types may ++ be assigned locally." ++ REFERENCE ++ "OSPF Version 2, Appendix E Authentication" ++ DEFVAL { 0 } -- no authentication, by default ++ ::= { ospfIfEntry 20 } ++ ++ ++-- OSPF Interface Metric Table ++ ++-- The Metric Table describes the metrics to be advertised ++-- for a specified interface at the various types of service. ++-- As such, this table is an adjunct of the OSPF Interface ++-- Table. ++ ++-- Types of service, as defined by RFC 791, have the ability ++-- to request low delay, high bandwidth, or reliable linkage. ++ ++-- For the purposes of this specification, the measure of ++-- bandwidth ++ ++-- Metric = 10^8 / ifSpeed ++ ++-- is the default value. For multiple link interfaces, note ++-- that ifSpeed is the sum of the individual link speeds. ++-- This yields a number having the following typical values: ++ ++-- Network Type/bit rate Metric ++ ++-- >= 100 MBPS 1 ++-- Ethernet/802.3 10 ++-- E1 48 ++-- T1 (ESF) 65 ++-- 64 KBPS 1562 ++-- 56 KBPS 1785 ++-- 19.2 KBPS 5208 ++-- 9.6 KBPS 10416 ++ ++-- Routes that are not specified use the default (TOS 0) metric ++ ++ ospfIfMetricTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfIfMetricEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The TOS metrics for a non-virtual interface ++ identified by the interface index." ++ REFERENCE ++ "OSPF Version 2, Appendix C.3 Router interface ++ parameters" ++ ::= { ospf 8 } ++ ++ ospfIfMetricEntry OBJECT-TYPE ++ SYNTAX OspfIfMetricEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A particular TOS metric for a non-virtual in- ++ terface identified by the interface index." ++ REFERENCE ++ "OSPF Version 2, Appendix C.3 Router interface ++ parameters" ++ INDEX { ospfIfMetricIpAddress, ++ ospfIfMetricAddressLessIf, ++ ospfIfMetricTOS } ++ ::= { ospfIfMetricTable 1 } ++ ++OspfIfMetricEntry ::= ++ SEQUENCE { ++ ospfIfMetricIpAddress ++ IpAddress, ++ ospfIfMetricAddressLessIf ++ Integer32, ++ ospfIfMetricTOS ++ TOSType, ++ ospfIfMetricValue ++ Metric, ++ ospfIfMetricStatus ++ RowStatus ++ } ++ ++ ospfIfMetricIpAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address of this OSPF interface. On row ++ creation, this can be derived from the in- ++ stance." ++ ::= { ospfIfMetricEntry 1 } ++ ++ ospfIfMetricAddressLessIf OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "For the purpose of easing the instancing of ++ addressed and addressless interfaces; This ++ variable takes the value 0 on interfaces with ++ IP Addresses, and the value of ifIndex for in- ++ terfaces having no IP Address. On row crea- ++ tion, this can be derived from the instance." ++ ::= { ospfIfMetricEntry 2 } ++ ++ ++ ospfIfMetricTOS OBJECT-TYPE ++ SYNTAX TOSType ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The type of service metric being referenced. ++ On row creation, this can be derived from the ++ instance." ++ ::= { ospfIfMetricEntry 3 } ++ ++ ++ ospfIfMetricValue OBJECT-TYPE ++ SYNTAX Metric ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The metric of using this type of service on ++ this interface. The default value of the TOS 0 ++ Metric is 10^8 / ifSpeed." ++ ::= { ospfIfMetricEntry 4 } ++ ++ ospfIfMetricStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfIfMetricEntry 5 } ++ ++ ++-- OSPF Virtual Interface Table ++ ++-- The Virtual Interface Table describes the virtual ++-- links that the OSPF Process is configured to ++-- carry on. ++ ++ ospfVirtIfTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfVirtIfEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Information about this router's virtual inter- ++ faces." ++ REFERENCE ++ "OSPF Version 2, Appendix C.4 Virtual link ++ parameters" ++ ::= { ospf 9 } ++ ++ ++ ospfVirtIfEntry OBJECT-TYPE ++ SYNTAX OspfVirtIfEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Information about a single Virtual Interface." ++ INDEX { ospfVirtIfAreaId, ospfVirtIfNeighbor } ++ ::= { ospfVirtIfTable 1 } ++ ++OspfVirtIfEntry ::= ++ SEQUENCE { ++ ospfVirtIfAreaId ++ AreaID, ++ ospfVirtIfNeighbor ++ RouterID, ++ ospfVirtIfTransitDelay ++ UpToMaxAge, ++ ospfVirtIfRetransInterval ++ UpToMaxAge, ++ ospfVirtIfHelloInterval ++ HelloRange, ++ ospfVirtIfRtrDeadInterval ++ PositiveInteger, ++ ospfVirtIfState ++ INTEGER, ++ ospfVirtIfEvents ++ Counter32, ++ ospfVirtIfAuthType ++ INTEGER, ++ ospfVirtIfAuthKey ++ OCTET STRING, ++ ospfVirtIfStatus ++ RowStatus ++ } ++ ++ ospfVirtIfAreaId OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Transit Area that the Virtual Link ++ traverses. By definition, this is not 0.0.0.0" ++ ::= { ospfVirtIfEntry 1 } ++ ++ ++ ospfVirtIfNeighbor OBJECT-TYPE ++ SYNTAX RouterID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Router ID of the Virtual Neighbor." ++ ::= { ospfVirtIfEntry 2 } ++ ++ ++ ospfVirtIfTransitDelay OBJECT-TYPE ++ SYNTAX UpToMaxAge ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The estimated number of seconds it takes to ++ transmit a link- state update packet over this ++ interface." ++ DEFVAL { 1 } ++ ::= { ospfVirtIfEntry 3 } ++ ++ ++ ospfVirtIfRetransInterval OBJECT-TYPE ++ SYNTAX UpToMaxAge ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The number of seconds between link-state ad- ++ vertisement retransmissions, for adjacencies ++ belonging to this interface. This value is ++ also used when retransmitting database descrip- ++ tion and link-state request packets. This ++ value should be well over the expected round- ++ trip time." ++ DEFVAL { 5 } ++ ::= { ospfVirtIfEntry 4 } ++ ++ ++ ospfVirtIfHelloInterval OBJECT-TYPE ++ SYNTAX HelloRange ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The length of time, in seconds, between the ++ Hello packets that the router sends on the in- ++ terface. This value must be the same for the ++ virtual neighbor." ++ DEFVAL { 10 } ++ ::= { ospfVirtIfEntry 5 } ++ ++ ++ ospfVirtIfRtrDeadInterval OBJECT-TYPE ++ SYNTAX PositiveInteger ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The number of seconds that a router's Hello ++ packets have not been seen before it's neigh- ++ bors declare the router down. This should be ++ some multiple of the Hello interval. This ++ value must be the same for the virtual neigh- ++ bor." ++ DEFVAL { 60 } ++ ::= { ospfVirtIfEntry 6 } ++ ++ ++ ospfVirtIfState OBJECT-TYPE ++ SYNTAX INTEGER { ++ down (1), -- these use the same encoding ++ pointToPoint (4) -- as the ospfIfTable ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "OSPF virtual interface states." ++ DEFVAL { down } ++ ::= { ospfVirtIfEntry 7 } ++ ++ ++ ospfVirtIfEvents OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of state changes or error events on ++ this Virtual Link" ++ ::= { ospfVirtIfEntry 8 } ++ ++ ++ ospfVirtIfAuthKey OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE(0..256)) ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "If Authentication Type is simplePassword, the ++ device will left adjust and zero fill to 8 oc- ++ tets. ++ ++ Note that unauthenticated interfaces need no ++ authentication key, and simple password authen- ++ tication cannot use a key of more than 8 oc- ++ tets. Larger keys are useful only with authen- ++ tication mechanisms not specified in this docu- ++ ment. ++ ++ When read, ospfVifAuthKey always returns a ++ string of length zero." ++ REFERENCE ++ "OSPF Version 2, Section 9 The Interface Data ++ Structure" ++ DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0 ++ ::= { ospfVirtIfEntry 9 } ++ ++ ++ ospfVirtIfStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfVirtIfEntry 10 } ++ ++ ++ ospfVirtIfAuthType OBJECT-TYPE ++ SYNTAX INTEGER (0..255) ++ -- none (0), ++ -- simplePassword (1) ++ -- md5 (2) ++ -- reserved for specification by IANA (> 2) ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The authentication type specified for a virtu- ++ al interface. Additional authentication types ++ may be assigned locally." ++ REFERENCE ++ "OSPF Version 2, Appendix E Authentication" ++ DEFVAL { 0 } -- no authentication, by default ++ ::= { ospfVirtIfEntry 11 } ++ ++ ++-- OSPF Neighbor Table ++ ++-- The OSPF Neighbor Table describes all neighbors in ++-- the locality of the subject router. ++ ++ ospfNbrTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfNbrEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A table of non-virtual neighbor information." ++ REFERENCE ++ "OSPF Version 2, Section 10 The Neighbor Data ++ Structure" ++ ::= { ospf 10 } ++ ++ ++ ospfNbrEntry OBJECT-TYPE ++ SYNTAX OspfNbrEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The information regarding a single neighbor." ++ REFERENCE ++ "OSPF Version 2, Section 10 The Neighbor Data ++ Structure" ++ INDEX { ospfNbrIpAddr, ospfNbrAddressLessIndex } ++ ::= { ospfNbrTable 1 } ++ ++OspfNbrEntry ::= ++ SEQUENCE { ++ ospfNbrIpAddr ++ IpAddress, ++ ospfNbrAddressLessIndex ++ InterfaceIndex, ++ ospfNbrRtrId ++ RouterID, ++ ospfNbrOptions ++ Integer32, ++ ospfNbrPriority ++ DesignatedRouterPriority, ++ ospfNbrState ++ INTEGER, ++ ospfNbrEvents ++ Counter32, ++ ospfNbrLsRetransQLen ++ Gauge32, ++ ospfNbmaNbrStatus ++ RowStatus, ++ ospfNbmaNbrPermanence ++ INTEGER, ++ ospfNbrHelloSuppressed ++ TruthValue ++ } ++ ++ ospfNbrIpAddr OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address this neighbor is using in its ++ IP Source Address. Note that, on addressless ++ links, this will not be 0.0.0.0, but the ad- ++ dress of another of the neighbor's interfaces." ++ ::= { ospfNbrEntry 1 } ++ ++ ++ ospfNbrAddressLessIndex OBJECT-TYPE ++ SYNTAX InterfaceIndex ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "On an interface having an IP Address, zero. ++ On addressless interfaces, the corresponding ++ value of ifIndex in the Internet Standard MIB. ++ On row creation, this can be derived from the ++ instance." ++ ::= { ospfNbrEntry 2 } ++ ++ ++ ospfNbrRtrId OBJECT-TYPE ++ SYNTAX RouterID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "A 32-bit integer (represented as a type IpAd- ++ dress) uniquely identifying the neighboring ++ router in the Autonomous System." ++ DEFVAL { '00000000'H } -- 0.0.0.0 ++ ::= { ospfNbrEntry 3 } ++ ++ ++ ospfNbrOptions OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "A Bit Mask corresponding to the neighbor's op- ++ tions field. ++ ++ Bit 0, if set, indicates that the system will ++ operate on Type of Service metrics other than ++ TOS 0. If zero, the neighbor will ignore all ++ metrics except the TOS 0 metric. ++ ++ Bit 1, if set, indicates that the associated ++ area accepts and operates on external informa- ++ tion; if zero, it is a stub area. ++ ++ Bit 2, if set, indicates that the system is ca- ++ pable of routing IP Multicast datagrams; i.e., ++ that it implements the Multicast Extensions to ++ OSPF. ++ ++ Bit 3, if set, indicates that the associated ++ area is an NSSA. These areas are capable of ++ carrying type 7 external advertisements, which ++ are translated into type 5 external advertise- ++ ments at NSSA borders." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.2 Options" ++ DEFVAL { 0 } ++ ::= { ospfNbrEntry 4 } ++ ++ ++ ospfNbrPriority OBJECT-TYPE ++ SYNTAX DesignatedRouterPriority ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The priority of this neighbor in the designat- ++ ed router election algorithm. The value 0 sig- ++ nifies that the neighbor is not eligible to be- ++ come the designated router on this particular ++ network." ++ DEFVAL { 1 } ++ ::= { ospfNbrEntry 5 } ++ ++ ++ ospfNbrState OBJECT-TYPE ++ SYNTAX INTEGER { ++ down (1), ++ attempt (2), ++ init (3), ++ twoWay (4), ++ exchangeStart (5), ++ exchange (6), ++ loading (7), ++ full (8) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The State of the relationship with this Neigh- ++ bor." ++ REFERENCE ++ "OSPF Version 2, Section 10.1 Neighbor States" ++ DEFVAL { down } ++ ::= { ospfNbrEntry 6 } ++ ++ ++ ospfNbrEvents OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of times this neighbor relationship ++ has changed state, or an error has occurred." ++ ::= { ospfNbrEntry 7 } ++ ++ ++ ospfNbrLsRetransQLen OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The current length of the retransmission ++ queue." ++ ::= { ospfNbrEntry 8 } ++ ++ ++ ospfNbmaNbrStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfNbrEntry 9 } ++ ++ ++ ospfNbmaNbrPermanence OBJECT-TYPE ++ SYNTAX INTEGER { ++ dynamic (1), -- learned through protocol ++ permanent (2) -- configured address ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. 'dynamic' and 'permanent' refer to how ++ the neighbor became known." ++ DEFVAL { permanent } ++ ::= { ospfNbrEntry 10 } ++ ++ ++ ospfNbrHelloSuppressed OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Indicates whether Hellos are being suppressed ++ to the neighbor" ++ ::= { ospfNbrEntry 11 } ++ ++ ++-- OSPF Virtual Neighbor Table ++ ++-- This table describes all virtual neighbors. ++-- Since Virtual Links are configured in the ++-- virtual interface table, this table is read-only. ++ ++ ospfVirtNbrTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfVirtNbrEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A table of virtual neighbor information." ++ REFERENCE ++ "OSPF Version 2, Section 15 Virtual Links" ++ ::= { ospf 11 } ++ ++ ++ ospfVirtNbrEntry OBJECT-TYPE ++ SYNTAX OspfVirtNbrEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Virtual neighbor information." ++ INDEX { ospfVirtNbrArea, ospfVirtNbrRtrId } ++ ::= { ospfVirtNbrTable 1 } ++ ++OspfVirtNbrEntry ::= ++ SEQUENCE { ++ ospfVirtNbrArea ++ AreaID, ++ ospfVirtNbrRtrId ++ RouterID, ++ ospfVirtNbrIpAddr ++ IpAddress, ++ ospfVirtNbrOptions ++ Integer32, ++ ospfVirtNbrState ++ INTEGER, ++ ospfVirtNbrEvents ++ Counter32, ++ ospfVirtNbrLsRetransQLen ++ Gauge32, ++ ospfVirtNbrHelloSuppressed ++ TruthValue ++ } ++ ++ ospfVirtNbrArea OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Transit Area Identifier." ++ ::= { ospfVirtNbrEntry 1 } ++ ++ ++ ospfVirtNbrRtrId OBJECT-TYPE ++ SYNTAX RouterID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "A 32-bit integer uniquely identifying the ++ neighboring router in the Autonomous System." ++ ::= { ospfVirtNbrEntry 2 } ++ ++ ++ ospfVirtNbrIpAddr OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address this Virtual Neighbor is us- ++ ing." ++ ::= { ospfVirtNbrEntry 3 } ++ ++ ++ ospfVirtNbrOptions OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "A Bit Mask corresponding to the neighbor's op- ++ tions field. ++ ++ Bit 1, if set, indicates that the system will ++ operate on Type of Service metrics other than ++ TOS 0. If zero, the neighbor will ignore all ++ metrics except the TOS 0 metric. ++ ++ Bit 2, if set, indicates that the system is ++ Network Multicast capable; ie, that it imple- ++ ments OSPF Multicast Routing." ++ ::= { ospfVirtNbrEntry 4 } ++ ospfVirtNbrState OBJECT-TYPE ++ SYNTAX INTEGER { ++ down (1), ++ attempt (2), ++ init (3), ++ twoWay (4), ++ exchangeStart (5), ++ exchange (6), ++ loading (7), ++ full (8) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The state of the Virtual Neighbor Relation- ++ ship." ++ ::= { ospfVirtNbrEntry 5 } ++ ++ ++ ospfVirtNbrEvents OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of times this virtual link has ++ changed its state, or an error has occurred." ++ ::= { ospfVirtNbrEntry 6 } ++ ++ ++ ospfVirtNbrLsRetransQLen OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The current length of the retransmission ++ queue." ++ ::= { ospfVirtNbrEntry 7 } ++ ++ ++ ospfVirtNbrHelloSuppressed OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Indicates whether Hellos are being suppressed ++ to the neighbor" ++ ::= { ospfVirtNbrEntry 8 } ++ ++-- OSPF Link State Database, External ++ ++-- The Link State Database contains the Link State ++-- Advertisements from throughout the areas that the ++-- device is attached to. ++ ++-- This table is identical to the OSPF LSDB Table in ++-- format, but contains only External Link State ++-- Advertisements. The purpose is to allow external ++-- LSAs to be displayed once for the router rather ++-- than once in each non-stub area. ++ ++ ospfExtLsdbTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfExtLsdbEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The OSPF Process's Links State Database." ++ REFERENCE ++ "OSPF Version 2, Section 12 Link State Adver- ++ tisements" ++ ::= { ospf 12 } ++ ++ ++ ospfExtLsdbEntry OBJECT-TYPE ++ SYNTAX OspfExtLsdbEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A single Link State Advertisement." ++ INDEX { ospfExtLsdbType, ospfExtLsdbLsid, ospfExtLsdbRouterId } ++ ::= { ospfExtLsdbTable 1 } ++ ++OspfExtLsdbEntry ::= ++ SEQUENCE { ++ ospfExtLsdbType ++ INTEGER, ++ ospfExtLsdbLsid ++ IpAddress, ++ ospfExtLsdbRouterId ++ RouterID, ++ ospfExtLsdbSequence ++ Integer32, ++ ospfExtLsdbAge ++ Integer32, ++ ospfExtLsdbChecksum ++ Integer32, ++ ospfExtLsdbAdvertisement ++ OCTET STRING ++ } ++ ++ ospfExtLsdbType OBJECT-TYPE ++ SYNTAX INTEGER { ++ asExternalLink (5) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The type of the link state advertisement. ++ Each link state type has a separate advertise- ++ ment format." ++ REFERENCE ++ "OSPF Version 2, Appendix A.4.1 The Link State ++ Advertisement header" ++ ::= { ospfExtLsdbEntry 1 } ++ ++ ++ ospfExtLsdbLsid OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Link State ID is an LS Type Specific field ++ containing either a Router ID or an IP Address; ++ it identifies the piece of the routing domain ++ that is being described by the advertisement." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.4 Link State ID" ++ ::= { ospfExtLsdbEntry 2 } ++ ++ ++ ospfExtLsdbRouterId OBJECT-TYPE ++ SYNTAX RouterID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The 32 bit number that uniquely identifies the ++ originating router in the Autonomous System." ++ REFERENCE ++ "OSPF Version 2, Appendix C.1 Global parameters" ++ ::= { ospfExtLsdbEntry 3 } ++ ++-- Note that the OSPF Sequence Number is a 32 bit signed ++-- integer. It starts with the value '80000001'h, ++-- or -'7FFFFFFF'h, and increments until '7FFFFFFF'h ++-- Thus, a typical sequence number will be very negative. ++ ospfExtLsdbSequence OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The sequence number field is a signed 32-bit ++ integer. It is used to detect old and dupli- ++ cate link state advertisements. The space of ++ sequence numbers is linearly ordered. The ++ larger the sequence number the more recent the ++ advertisement." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.6 LS sequence ++ number" ++ ::= { ospfExtLsdbEntry 4 } ++ ++ ++ ospfExtLsdbAge OBJECT-TYPE ++ SYNTAX Integer32 -- Should be 0..MaxAge ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This field is the age of the link state adver- ++ tisement in seconds." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.1 LS age" ++ ::= { ospfExtLsdbEntry 5 } ++ ++ ++ ospfExtLsdbChecksum OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This field is the checksum of the complete ++ contents of the advertisement, excepting the ++ age field. The age field is excepted so that ++ an advertisement's age can be incremented ++ without updating the checksum. The checksum ++ used is the same that is used for ISO connec- ++ tionless datagrams; it is commonly referred to ++ as the Fletcher checksum." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.7 LS checksum" ++ ::= { ospfExtLsdbEntry 6 } ++ ++ ++ ospfExtLsdbAdvertisement OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE(36)) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The entire Link State Advertisement, including ++ its header." ++ REFERENCE ++ "OSPF Version 2, Section 12 Link State Adver- ++ tisements" ++ ::= { ospfExtLsdbEntry 7 } ++ ++ ++-- OSPF Use of the CIDR Route Table ++ ++ospfRouteGroup OBJECT IDENTIFIER ::= { ospf 13 } ++ ++-- The IP Forwarding Table defines a number of objects for use by ++-- the routing protocol to externalize its information. Most of ++-- the variables (ipForwardDest, ipForwardMask, ipForwardPolicy, ++-- ipForwardNextHop, ipForwardIfIndex, ipForwardType, ++-- ipForwardProto, ipForwardAge, and ipForwardNextHopAS) are ++-- defined there. ++ ++-- Those that leave some discretion are defined here. ++ ++-- ipCidrRouteProto is, of course, ospf (13). ++ ++-- ipCidrRouteAge is the time since the route was first calculated, ++-- as opposed to the time since the last SPF run. ++ ++-- ipCidrRouteInfo is an OBJECT IDENTIFIER for use by the routing ++-- protocol. The following values shall be found there depending ++-- on the way the route was calculated. ++ ++ospfIntraArea OBJECT IDENTIFIER ::= { ospfRouteGroup 1 } ++ospfInterArea OBJECT IDENTIFIER ::= { ospfRouteGroup 2 } ++ospfExternalType1 OBJECT IDENTIFIER ::= { ospfRouteGroup 3 } ++ospfExternalType2 OBJECT IDENTIFIER ::= { ospfRouteGroup 4 } ++ ++-- ipCidrRouteMetric1 is, by definition, the primary routing ++-- metric. Therefore, it should be the metric that route ++-- selection is based on. For intra-area and inter-area routes, ++-- it is an OSPF metric. For External Type 1 (comparable value) ++-- routes, it is an OSPF metric plus the External Metric. For ++-- external Type 2 (non-comparable value) routes, it is the ++-- external metric. ++ ++-- ipCidrRouteMetric2 is, by definition, a secondary routing ++-- metric. Therefore, it should be the metric that breaks a tie ++-- among routes having equal metric1 values and the same ++-- calculation rule. For intra-area, inter-area routes, and ++-- External Type 1 (comparable value) routes, it is unused. For ++-- external Type 2 (non-comparable value) routes, it is the metric ++-- to the AS border router. ++ ++-- ipCidrRouteMetric3, ipCidrRouteMetric4, and ipCidrRouteMetric5 are ++-- unused. ++ ++-- ++-- The OSPF Area Aggregate Table ++-- ++-- This table replaces the OSPF Area Summary Table, being an ++-- extension of that for CIDR routers. ++ ++ ospfAreaAggregateTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfAreaAggregateEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A range of IP addresses specified by an IP ++ address/IP network mask pair. For example, ++ class B address range of X.X.X.X with a network ++ mask of 255.255.0.0 includes all IP addresses ++ from X.X.0.0 to X.X.255.255. Note that if ++ ranges are configured such that one range sub- ++ sumes another range (e.g., 10.0.0.0 mask ++ 255.0.0.0 and 10.1.0.0 mask 255.255.0.0), the ++ most specific match is the preferred one." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospf 14 } ++ ++ ++ ospfAreaAggregateEntry OBJECT-TYPE ++ SYNTAX OspfAreaAggregateEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A range of IP addresses specified by an IP ++ address/IP network mask pair. For example, ++ class B address range of X.X.X.X with a network ++ mask of 255.255.0.0 includes all IP addresses ++ from X.X.0.0 to X.X.255.255. Note that if ++ ranges are range configured such that one range ++ subsumes another range (e.g., 10.0.0.0 mask ++ 255.0.0.0 and 10.1.0.0 mask 255.255.0.0), the ++ most specific match is the preferred one." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ INDEX { ospfAreaAggregateAreaID, ospfAreaAggregateLsdbType, ++ ospfAreaAggregateNet, ospfAreaAggregateMask } ++ ::= { ospfAreaAggregateTable 1 } ++ ++ ++OspfAreaAggregateEntry ::= ++ SEQUENCE { ++ ospfAreaAggregateAreaID ++ AreaID, ++ ospfAreaAggregateLsdbType ++ INTEGER, ++ ospfAreaAggregateNet ++ IpAddress, ++ ospfAreaAggregateMask ++ IpAddress, ++ ospfAreaAggregateStatus ++ RowStatus, ++ ospfAreaAggregateEffect ++ INTEGER ++ } ++ ++ ospfAreaAggregateAreaID OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Area the Address Aggregate is to be found ++ within." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaAggregateEntry 1 } ++ ++ ++ ospfAreaAggregateLsdbType OBJECT-TYPE ++ SYNTAX INTEGER { ++ summaryLink (3), ++ nssaExternalLink (7) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The type of the Address Aggregate. This field ++ specifies the Lsdb type that this Address Ag- ++ gregate applies to." ++ REFERENCE ++ "OSPF Version 2, Appendix A.4.1 The Link State ++ Advertisement header" ++ ::= { ospfAreaAggregateEntry 2 } ++ ++ ++ ospfAreaAggregateNet OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address of the Net or Subnet indicated ++ by the range." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaAggregateEntry 3 } ++ ++ ++ ospfAreaAggregateMask OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Subnet Mask that pertains to the Net or ++ Subnet." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaAggregateEntry 4 } ++ ++ ++ ospfAreaAggregateStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfAreaAggregateEntry 5 } ++ ++ ++ ospfAreaAggregateEffect OBJECT-TYPE ++ SYNTAX INTEGER { ++ advertiseMatching (1), ++ doNotAdvertiseMatching (2) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "Subnets subsumed by ranges either trigger the ++ advertisement of the indicated aggregate (ad- ++ vertiseMatching), or result in the subnet's not ++ being advertised at all outside the area." ++ DEFVAL { advertiseMatching } ++ ::= { ospfAreaAggregateEntry 6 } ++ ++ ++-- conformance information ++ ++ospfConformance OBJECT IDENTIFIER ::= { ospf 15 } ++ ++ospfGroups OBJECT IDENTIFIER ::= { ospfConformance 1 } ++ospfCompliances OBJECT IDENTIFIER ::= { ospfConformance 2 } ++ ++-- compliance statements ++ ++ ospfCompliance MODULE-COMPLIANCE ++ STATUS current ++ DESCRIPTION ++ "The compliance statement " ++ MODULE -- this module ++ MANDATORY-GROUPS { ++ ospfBasicGroup, ++ ospfAreaGroup, ++ ospfStubAreaGroup, ++ ospfIfGroup, ++ ospfIfMetricGroup, ++ ospfVirtIfGroup, ++ ospfNbrGroup, ++ ospfVirtNbrGroup, ++ ospfAreaAggregateGroup ++ } ++ ::= { ospfCompliances 1 } ++ ++ ++-- units of conformance ++ ++ ospfBasicGroup OBJECT-GROUP ++ OBJECTS { ++ ospfRouterId, ++ ospfAdminStat, ++ ospfVersionNumber, ++ ospfAreaBdrRtrStatus, ++ ospfASBdrRtrStatus, ++ ospfExternLsaCount, ++ ospfExternLsaCksumSum, ++ ospfTOSSupport, ++ ospfOriginateNewLsas, ++ ospfRxNewLsas, ++ ospfExtLsdbLimit, ++ ospfMulticastExtensions, ++ ospfExitOverflowInterval, ++ ospfDemandExtensions ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 1 } ++ ++ ++ ospfAreaGroup OBJECT-GROUP ++ OBJECTS { ++ ospfAreaId, ++ ospfImportAsExtern, ++ ospfSpfRuns, ++ ospfAreaBdrRtrCount, ++ ospfAsBdrRtrCount, ++ ospfAreaLsaCount, ++ ospfAreaLsaCksumSum, ++ ospfAreaSummary, ++ ospfAreaStatus ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems ++ supporting areas." ++ ::= { ospfGroups 2 } ++ ++ ++ ospfStubAreaGroup OBJECT-GROUP ++ OBJECTS { ++ ospfStubAreaId, ++ ospfStubTOS, ++ ospfStubMetric, ++ ospfStubStatus, ++ ospfStubMetricType ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems ++ supporting stub areas." ++ ::= { ospfGroups 3 } ++ ++ ++ ospfLsdbGroup OBJECT-GROUP ++ OBJECTS { ++ ospfLsdbAreaId, ++ ospfLsdbType, ++ ospfLsdbLsid, ++ ospfLsdbRouterId, ++ ospfLsdbSequence, ++ ospfLsdbAge, ++ ospfLsdbChecksum, ++ ospfLsdbAdvertisement ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems ++ that display their link state database." ++ ::= { ospfGroups 4 } ++ ++ ++ ospfAreaRangeGroup OBJECT-GROUP ++ OBJECTS { ++ ospfAreaRangeAreaId, ++ ospfAreaRangeNet, ++ ospfAreaRangeMask, ++ ospfAreaRangeStatus, ++ ospfAreaRangeEffect ++ } ++ STATUS obsolete ++ DESCRIPTION ++ "These objects are required for non-CIDR OSPF ++ systems that support multiple areas." ++ ::= { ospfGroups 5 } ++ ++ ++ ospfHostGroup OBJECT-GROUP ++ OBJECTS { ++ ospfHostIpAddress, ++ ospfHostTOS, ++ ospfHostMetric, ++ ospfHostStatus, ++ ospfHostAreaID ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems ++ that support attached hosts." ++ ::= { ospfGroups 6 } ++ ++ ++ ospfIfGroup OBJECT-GROUP ++ OBJECTS { ++ ospfIfIpAddress, ++ ospfAddressLessIf, ++ ospfIfAreaId, ++ ospfIfType, ++ ospfIfAdminStat, ++ ospfIfRtrPriority, ++ ospfIfTransitDelay, ++ ospfIfRetransInterval, ++ ospfIfHelloInterval, ++ ospfIfRtrDeadInterval, ++ ospfIfPollInterval, ++ ospfIfState, ++ ospfIfDesignatedRouter, ++ ospfIfBackupDesignatedRouter, ++ ospfIfEvents, ++ ospfIfAuthType, ++ ospfIfAuthKey, ++ ospfIfStatus, ++ ospfIfMulticastForwarding, ++ ospfIfDemand ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 7 } ++ ++ ++ ospfIfMetricGroup OBJECT-GROUP ++ OBJECTS { ++ ospfIfMetricIpAddress, ++ ospfIfMetricAddressLessIf, ++ ospfIfMetricTOS, ++ ospfIfMetricValue, ++ ospfIfMetricStatus ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 8 } ++ ++ ++ ospfVirtIfGroup OBJECT-GROUP ++ OBJECTS { ++ ospfVirtIfAreaId, ++ ospfVirtIfNeighbor, ++ ospfVirtIfTransitDelay, ++ ospfVirtIfRetransInterval, ++ ospfVirtIfHelloInterval, ++ ospfVirtIfRtrDeadInterval, ++ ospfVirtIfState, ++ ospfVirtIfEvents, ++ ospfVirtIfAuthType, ++ ospfVirtIfAuthKey, ++ ospfVirtIfStatus ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 9 } ++ ++ ++ ospfNbrGroup OBJECT-GROUP ++ OBJECTS { ++ ospfNbrIpAddr, ++ ospfNbrAddressLessIndex, ++ ospfNbrRtrId, ++ ospfNbrOptions, ++ ospfNbrPriority, ++ ospfNbrState, ++ ospfNbrEvents, ++ ospfNbrLsRetransQLen, ++ ospfNbmaNbrStatus, ++ ospfNbmaNbrPermanence, ++ ospfNbrHelloSuppressed ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 10 } ++ ++ ++ ospfVirtNbrGroup OBJECT-GROUP ++ OBJECTS { ++ ospfVirtNbrArea, ++ ospfVirtNbrRtrId, ++ ospfVirtNbrIpAddr, ++ ospfVirtNbrOptions, ++ ospfVirtNbrState, ++ ospfVirtNbrEvents, ++ ospfVirtNbrLsRetransQLen, ++ ospfVirtNbrHelloSuppressed ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 11 } ++ ++ ++ ospfExtLsdbGroup OBJECT-GROUP ++ OBJECTS { ++ ospfExtLsdbType, ++ ospfExtLsdbLsid, ++ ospfExtLsdbRouterId, ++ ospfExtLsdbSequence, ++ ospfExtLsdbAge, ++ ospfExtLsdbChecksum, ++ ospfExtLsdbAdvertisement ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems ++ that display their link state database." ++ ::= { ospfGroups 12 } ++ ++ ++ ospfAreaAggregateGroup OBJECT-GROUP ++ OBJECTS { ++ ospfAreaAggregateAreaID, ++ ospfAreaAggregateLsdbType, ++ ospfAreaAggregateNet, ++ ospfAreaAggregateMask, ++ ospfAreaAggregateStatus, ++ ospfAreaAggregateEffect ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 13 } ++ ++END +--- /dev/null ++++ b/mibs/OSPF-TRAP-MIB.txt +@@ -0,0 +1,443 @@ ++OSPF-TRAP-MIB DEFINITIONS ::= BEGIN ++ ++ IMPORTS ++ MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, IpAddress ++ FROM SNMPv2-SMI ++ MODULE-COMPLIANCE, OBJECT-GROUP ++ FROM SNMPv2-CONF ++ ospfRouterId, ospfIfIpAddress, ospfAddressLessIf, ospfIfState, ++ ospfVirtIfAreaId, ospfVirtIfNeighbor, ospfVirtIfState, ++ ospfNbrIpAddr, ospfNbrAddressLessIndex, ospfNbrRtrId, ++ ospfNbrState, ospfVirtNbrArea, ospfVirtNbrRtrId, ospfVirtNbrState, ++ ospfLsdbType, ospfLsdbLsid, ospfLsdbRouterId, ospfLsdbAreaId, ++ ospfExtLsdbLimit, ospf ++ FROM OSPF-MIB; ++ ++ ospfTrap MODULE-IDENTITY ++ LAST-UPDATED "9501201225Z" -- Fri Jan 20 12:25:50 PST 1995 ++ ORGANIZATION "IETF OSPF Working Group" ++ CONTACT-INFO ++ " Fred Baker ++ Postal: Cisco Systems ++ 519 Lado Drive ++ Santa Barbara, California 93111 ++ Tel: +1 805 681 0115 ++ E-Mail: fred@cisco.com ++ ++ Rob Coltun ++ Postal: RainbowBridge Communications ++ Tel: (301) 340-9416 ++ E-Mail: rcoltun@rainbow-bridge.com" ++ DESCRIPTION ++ "The MIB module to describe traps for the OSPF ++ Version 2 Protocol." ++ ::= { ospf 16 } ++ ++-- Trap Support Objects ++ ++-- The following are support objects for the OSPF traps. ++ ++ospfTrapControl OBJECT IDENTIFIER ::= { ospfTrap 1 } ++ospfTraps OBJECT IDENTIFIER ::= { ospfTrap 2 } ++ ++ ospfSetTrap OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE(4)) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "A four-octet string serving as a bit map for ++ the trap events defined by the OSPF traps. This ++ object is used to enable and disable specific ++ OSPF traps where a 1 in the bit field ++ represents enabled. The right-most bit (least ++ significant) represents trap 0." ++ ::= { ospfTrapControl 1 } ++ ++ ++ ospfConfigErrorType OBJECT-TYPE ++ SYNTAX INTEGER { ++ badVersion (1), ++ areaMismatch (2), ++ unknownNbmaNbr (3), -- Router is Dr eligible ++ unknownVirtualNbr (4), ++ authTypeMismatch(5), ++ authFailure (6), ++ netMaskMismatch (7), ++ helloIntervalMismatch (8), ++ deadIntervalMismatch (9), ++ optionMismatch (10) } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Potential types of configuration conflicts. ++ Used by the ospfConfigError and ospfConfigVir- ++ tError traps." ++ ::= { ospfTrapControl 2 } ++ ++ ++ ospfPacketType OBJECT-TYPE ++ SYNTAX INTEGER { ++ hello (1), ++ dbDescript (2), ++ lsReq (3), ++ lsUpdate (4), ++ lsAck (5) } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "OSPF packet types." ++ ::= { ospfTrapControl 3 } ++ ++ ++ ospfPacketSrc OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address of an inbound packet that can- ++ not be identified by a neighbor instance." ++ ::= { ospfTrapControl 4 } ++ ++ ++-- Traps ++ ++ ++ ospfIfStateChange NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfIfIpAddress, ++ ospfAddressLessIf, ++ ospfIfState -- The new state ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfIfStateChange trap signifies that there ++ has been a change in the state of a non-virtual ++ OSPF interface. This trap should be generated ++ when the interface state regresses (e.g., goes ++ from Dr to Down) or progresses to a terminal ++ state (i.e., Point-to-Point, DR Other, Dr, or ++ Backup)." ++ ::= { ospfTraps 16 } ++ ++ ++ ospfVirtIfStateChange NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfVirtIfAreaId, ++ ospfVirtIfNeighbor, ++ ospfVirtIfState -- The new state ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfIfStateChange trap signifies that there ++ has been a change in the state of an OSPF vir- ++ tual interface. ++ This trap should be generated when the inter- ++ face state regresses (e.g., goes from Point- ++ to-Point to Down) or progresses to a terminal ++ state (i.e., Point-to-Point)." ++ ::= { ospfTraps 1 } ++ ++ ++ ospfNbrStateChange NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfNbrIpAddr, ++ ospfNbrAddressLessIndex, ++ ospfNbrRtrId, ++ ospfNbrState -- The new state ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfNbrStateChange trap signifies that ++ there has been a change in the state of a non- ++ virtual OSPF neighbor. This trap should be ++ generated when the neighbor state regresses ++ (e.g., goes from Attempt or Full to 1-Way or ++ Down) or progresses to a terminal state (e.g., ++ 2-Way or Full). When an neighbor transitions ++ from or to Full on non-broadcast multi-access ++ and broadcast networks, the trap should be gen- ++ erated by the designated router. A designated ++ router transitioning to Down will be noted by ++ ospfIfStateChange." ++ ::= { ospfTraps 2 } ++ ++ ++ ospfVirtNbrStateChange NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfVirtNbrArea, ++ ospfVirtNbrRtrId, ++ ospfVirtNbrState -- The new state ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfIfStateChange trap signifies that there ++ has been a change in the state of an OSPF vir- ++ tual neighbor. This trap should be generated ++ when the neighbor state regresses (e.g., goes ++ from Attempt or Full to 1-Way or Down) or ++ progresses to a terminal state (e.g., Full)." ++ ::= { ospfTraps 3 } ++ ospfIfConfigError NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfIfIpAddress, ++ ospfAddressLessIf, ++ ospfPacketSrc, -- The source IP address ++ ospfConfigErrorType, -- Type of error ++ ospfPacketType ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfIfConfigError trap signifies that a ++ packet has been received on a non-virtual in- ++ terface from a router whose configuration ++ parameters conflict with this router's confi- ++ guration parameters. Note that the event op- ++ tionMismatch should cause a trap only if it ++ prevents an adjacency from forming." ++ ::= { ospfTraps 4 } ++ ++ ++ ospfVirtIfConfigError NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfVirtIfAreaId, ++ ospfVirtIfNeighbor, ++ ospfConfigErrorType, -- Type of error ++ ospfPacketType ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfConfigError trap signifies that a pack- ++ et has been received on a virtual interface ++ from a router whose configuration parameters ++ conflict with this router's configuration ++ parameters. Note that the event optionMismatch ++ should cause a trap only if it prevents an ad- ++ jacency from forming." ++ ::= { ospfTraps 5 } ++ ++ ++ ospfIfAuthFailure NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfIfIpAddress, ++ ospfAddressLessIf, ++ ospfPacketSrc, -- The source IP address ++ ospfConfigErrorType, -- authTypeMismatch or ++ -- authFailure ++ ospfPacketType ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfIfAuthFailure trap signifies that a ++ packet has been received on a non-virtual in- ++ terface from a router whose authentication key ++ or authentication type conflicts with this ++ router's authentication key or authentication ++ type." ++ ::= { ospfTraps 6 } ++ ++ ++ ospfVirtIfAuthFailure NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfVirtIfAreaId, ++ ospfVirtIfNeighbor, ++ ospfConfigErrorType, -- authTypeMismatch or ++ -- authFailure ++ ospfPacketType ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfVirtIfAuthFailure trap signifies that a ++ packet has been received on a virtual interface ++ from a router whose authentication key or au- ++ thentication type conflicts with this router's ++ authentication key or authentication type." ++ ::= { ospfTraps 7 } ++ ++ ++ ospfIfRxBadPacket NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfIfIpAddress, ++ ospfAddressLessIf, ++ ospfPacketSrc, -- The source IP address ++ ospfPacketType ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfIfRxBadPacket trap signifies that an ++ OSPF packet has been received on a non-virtual ++ interface that cannot be parsed." ++ ::= { ospfTraps 8 } ++ ++ ospfVirtIfRxBadPacket NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfVirtIfAreaId, ++ ospfVirtIfNeighbor, ++ ospfPacketType ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfRxBadPacket trap signifies that an OSPF ++ packet has been received on a virtual interface ++ that cannot be parsed." ++ ::= { ospfTraps 9 } ++ ++ ++ ospfTxRetransmit NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfIfIpAddress, ++ ospfAddressLessIf, ++ ospfNbrRtrId, -- Destination ++ ospfPacketType, ++ ospfLsdbType, ++ ospfLsdbLsid, ++ ospfLsdbRouterId ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfTxRetransmit trap signifies than an ++ OSPF packet has been retransmitted on a non- ++ virtual interface. All packets that may be re- ++ transmitted are associated with an LSDB entry. ++ The LS type, LS ID, and Router ID are used to ++ identify the LSDB entry." ++ ::= { ospfTraps 10 } ++ ++ ++ ospfVirtIfTxRetransmit NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfVirtIfAreaId, ++ ospfVirtIfNeighbor, ++ ospfPacketType, ++ ospfLsdbType, ++ ospfLsdbLsid, ++ ospfLsdbRouterId ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfTxRetransmit trap signifies than an ++ OSPF packet has been retransmitted on a virtual ++ interface. All packets that may be retransmit- ++ ted are associated with an LSDB entry. The LS ++ type, LS ID, and Router ID are used to identify ++ the LSDB entry." ++ ::= { ospfTraps 11 } ++ ++ ++ ospfOriginateLsa NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfLsdbAreaId, -- 0.0.0.0 for AS Externals ++ ospfLsdbType, ++ ospfLsdbLsid, ++ ospfLsdbRouterId ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfOriginateLsa trap signifies that a new ++ LSA has been originated by this router. This ++ trap should not be invoked for simple refreshes ++ of LSAs (which happesn every 30 minutes), but ++ instead will only be invoked when an LSA is ++ (re)originated due to a topology change. Addi- ++ tionally, this trap does not include LSAs that ++ are being flushed because they have reached ++ MaxAge." ++ ::= { ospfTraps 12 } ++ ++ ++ ospfMaxAgeLsa NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfLsdbAreaId, -- 0.0.0.0 for AS Externals ++ ospfLsdbType, ++ ospfLsdbLsid, ++ ospfLsdbRouterId ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfMaxAgeLsa trap signifies that one of ++ the LSA in the router's link-state database has ++ aged to MaxAge." ++ ::= { ospfTraps 13 } ++ ++ ++ ospfLsdbOverflow NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfExtLsdbLimit ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfLsdbOverflow trap signifies that the ++ number of LSAs in the router's link-state data- ++ base has exceeded ospfExtLsdbLimit." ++ ::= { ospfTraps 14 } ++ ++ ++ ospfLsdbApproachingOverflow NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfExtLsdbLimit ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfLsdbApproachingOverflow trap signifies ++ that the number of LSAs in the router's link- ++ state database has exceeded ninety percent of ++ ospfExtLsdbLimit." ++ ::= { ospfTraps 15 } ++ ++ ++-- conformance information ++ ++ospfTrapConformance OBJECT IDENTIFIER ::= { ospfTrap 3 } ++ ++ospfTrapGroups OBJECT IDENTIFIER ::= { ospfTrapConformance 1 } ++ospfTrapCompliances OBJECT IDENTIFIER ::= { ospfTrapConformance 2 } ++ ++-- compliance statements ++ ++ ospfTrapCompliance MODULE-COMPLIANCE ++ STATUS current ++ DESCRIPTION ++ "The compliance statement " ++ MODULE -- this module ++ MANDATORY-GROUPS { ospfTrapControlGroup } ++ ++ ++ GROUP ospfTrapControlGroup ++ DESCRIPTION ++ "This group is optional but recommended for all ++ OSPF systems" ++ ::= { ospfTrapCompliances 1 } ++ ++ ++-- units of conformance ++ ++ ospfTrapControlGroup OBJECT-GROUP ++ OBJECTS { ++ ospfSetTrap, ++ ospfConfigErrorType, ++ ospfPacketType, ++ ospfPacketSrc ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required to control traps ++ from OSPF systems." ++ ::= { ospfTrapGroups 1 } ++ ++ ++END +--- /dev/null ++++ b/mibs/RIPv2-MIB.txt +@@ -0,0 +1,530 @@ ++ RIPv2-MIB DEFINITIONS ::= BEGIN ++ ++ IMPORTS ++ MODULE-IDENTITY, OBJECT-TYPE, Counter32, ++ TimeTicks, IpAddress FROM SNMPv2-SMI ++ TEXTUAL-CONVENTION, RowStatus FROM SNMPv2-TC ++ MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF ++ mib-2 FROM RFC1213-MIB; ++ ++ -- This MIB module uses the extended OBJECT-TYPE macro as ++ -- defined in [9]. ++ ++ rip2 MODULE-IDENTITY ++ LAST-UPDATED "9407272253Z" -- Wed Jul 27 22:53:04 PDT 1994 ++ ORGANIZATION "IETF RIP-II Working Group" ++ CONTACT-INFO ++ " Fred Baker ++ Postal: Cisco Systems ++ 519 Lado Drive ++ Santa Barbara, California 93111 ++ Tel: +1 805 681 0115 ++ E-Mail: fbaker@cisco.com ++ ++ Postal: Gary Malkin ++ Xylogics, Inc. ++ 53 Third Avenue ++ Burlington, MA 01803 ++ ++ Phone: (617) 272-8140 ++ EMail: gmalkin@Xylogics.COM" ++ DESCRIPTION ++ "The MIB module to describe the RIP2 Version 2 Protocol" ++ ::= { mib-2 23 } ++ ++ -- RIP-2 Management Information Base ++ ++ -- the RouteTag type represents the contents of the ++ -- Route Domain field in the packet header or route entry. ++ -- The use of the Route Domain is deprecated. ++ ++ RouteTag ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "the RouteTag type represents the contents of the Route Domain ++ field in the packet header or route entry" ++ SYNTAX OCTET STRING (SIZE (2)) ++ ++--4.1 Global Counters ++ ++-- The RIP-2 Globals Group. ++-- Implementation of this group is mandatory for systems ++-- which implement RIP-2. ++ ++-- These counters are intended to facilitate debugging quickly ++-- changing routes or failing neighbors ++ ++rip2Globals OBJECT IDENTIFIER ::= { rip2 1 } ++ ++ rip2GlobalRouteChanges OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of route changes made to the IP Route ++ Database by RIP. This does not include the refresh ++ of a route's age." ++ ::= { rip2Globals 1 } ++ ++ rip2GlobalQueries OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of responses sent to RIP queries ++ from other systems." ++ ::= { rip2Globals 2 } ++ ++--4.2 RIP Interface Tables ++ ++-- RIP Interfaces Groups ++-- Implementation of these Groups is mandatory for systems ++-- which implement RIP-2. ++ ++-- The RIP Interface Status Table. ++ ++ rip2IfStatTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Rip2IfStatEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A list of subnets which require separate ++ status monitoring in RIP." ++ ::= { rip2 2 } ++ ++ rip2IfStatEntry OBJECT-TYPE ++ SYNTAX Rip2IfStatEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A Single Routing Domain in a single Subnet." ++ INDEX { rip2IfStatAddress } ++ ::= { rip2IfStatTable 1 } ++ ++ Rip2IfStatEntry ::= ++ SEQUENCE { ++ rip2IfStatAddress ++ IpAddress, ++ rip2IfStatRcvBadPackets ++ Counter32, ++ rip2IfStatRcvBadRoutes ++ Counter32, ++ rip2IfStatSentUpdates ++ Counter32, ++ rip2IfStatStatus ++ RowStatus ++ } ++ ++ rip2IfStatAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address of this system on the indicated ++ subnet. For unnumbered interfaces, the value 0.0.0.N, ++ where the least significant 24 bits (N) is the ifIndex ++ for the IP Interface in network byte order." ++ ::= { rip2IfStatEntry 1 } ++ ++ rip2IfStatRcvBadPackets OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of RIP response packets received by ++ the RIP process which were subsequently discarded ++ for any reason (e.g. a version 0 packet, or an ++ unknown command type)." ++ ::= { rip2IfStatEntry 2 } ++ ++ rip2IfStatRcvBadRoutes OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of routes, in valid RIP packets, ++ which were ignored for any reason (e.g. unknown ++ address family, or invalid metric)." ++ ::= { rip2IfStatEntry 3 } ++ ++ rip2IfStatSentUpdates OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of triggered RIP updates actually ++ sent on this interface. This explicitly does ++ NOT include full updates sent containing new ++ information." ++ ::= { rip2IfStatEntry 4 } ++ ++ rip2IfStatStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "Writing invalid has the effect of deleting ++ this interface." ++ ::= { rip2IfStatEntry 5 } ++ ++-- The RIP Interface Configuration Table. ++ ++ rip2IfConfTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Rip2IfConfEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A list of subnets which require separate ++ configuration in RIP." ++ ::= { rip2 3 } ++ ++ rip2IfConfEntry OBJECT-TYPE ++ SYNTAX Rip2IfConfEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A Single Routing Domain in a single Subnet." ++ INDEX { rip2IfConfAddress } ++ ::= { rip2IfConfTable 1 } ++ ++ Rip2IfConfEntry ::= ++ SEQUENCE { ++ rip2IfConfAddress ++ IpAddress, ++ rip2IfConfDomain ++ RouteTag, ++ rip2IfConfAuthType ++ INTEGER, ++ rip2IfConfAuthKey ++ OCTET STRING (SIZE(0..16)), ++ rip2IfConfSend ++ INTEGER, ++ rip2IfConfReceive ++ INTEGER, ++ rip2IfConfDefaultMetric ++ INTEGER, ++ rip2IfConfStatus ++ RowStatus, ++ rip2IfConfSrcAddress ++ IpAddress ++ } ++ ++ rip2IfConfAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address of this system on the indicated ++ subnet. For unnumbered interfaces, the value 0.0.0.N, ++ where the least significant 24 bits (N) is the ifIndex ++ for the IP Interface in network byte order." ++ ::= { rip2IfConfEntry 1 } ++ ++ rip2IfConfDomain OBJECT-TYPE ++ SYNTAX RouteTag ++ MAX-ACCESS read-create ++ STATUS obsolete ++ DESCRIPTION ++ "Value inserted into the Routing Domain field ++ of all RIP packets sent on this interface." ++ DEFVAL { '0000'h } ++ ::= { rip2IfConfEntry 2 } ++ ++ rip2IfConfAuthType OBJECT-TYPE ++ SYNTAX INTEGER { ++ noAuthentication (1), ++ simplePassword (2), ++ md5 (3) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The type of Authentication used on this ++ interface." ++ DEFVAL { noAuthentication } ++ ::= { rip2IfConfEntry 3 } ++ ++ rip2IfConfAuthKey OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE(0..16)) ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The value to be used as the Authentication Key ++ whenever the corresponding instance of ++ rip2IfConfAuthType has a value other than ++ noAuthentication. A modification of the corresponding ++ instance of rip2IfConfAuthType does not modify ++ the rip2IfConfAuthKey value. If a string shorter ++ than 16 octets is supplied, it will be left- ++ justified and padded to 16 octets, on the right, ++ with nulls (0x00). ++ ++ Reading this object always results in an OCTET ++ STRING of length zero; authentication may not ++ be bypassed by reading the MIB object." ++ DEFVAL { ''h } ++ ::= { rip2IfConfEntry 4 } ++ ++ rip2IfConfSend OBJECT-TYPE ++ SYNTAX INTEGER { ++ doNotSend (1), ++ ripVersion1 (2), ++ rip1Compatible (3), ++ ripVersion2 (4), ++ ripV1Demand (5), ++ ripV2Demand (6) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "What the router sends on this interface. ++ ripVersion1 implies sending RIP updates compliant ++ with RFC 1058. rip1Compatible implies ++ broadcasting RIP-2 updates using RFC 1058 route ++ subsumption rules. ripVersion2 implies ++ multicasting RIP-2 updates. ripV1Demand indicates ++ the use of Demand RIP on a WAN interface under RIP ++ Version 1 rules. ripV2Demand indicates the use of ++ Demand RIP on a WAN interface under Version 2 rules." ++ DEFVAL { rip1Compatible } ++ ::= { rip2IfConfEntry 5 } ++ ++ rip2IfConfReceive OBJECT-TYPE ++ SYNTAX INTEGER { ++ rip1 (1), ++ rip2 (2), ++ rip1OrRip2 (3), ++ doNotRecieve (4) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This indicates which version of RIP updates ++ are to be accepted. Note that rip2 and ++ rip1OrRip2 implies reception of multicast ++ packets." ++ DEFVAL { rip1OrRip2 } ++ ::= { rip2IfConfEntry 6 } ++ ++ rip2IfConfDefaultMetric OBJECT-TYPE ++ SYNTAX INTEGER ( 0..15 ) ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable indicates the metric that is to ++ be used for the default route entry in RIP updates ++ originated on this interface. A value of zero ++ indicates that no default route should be ++ originated; in this case, a default route via ++ another router may be propagated." ++ ::= { rip2IfConfEntry 7 } ++ ++ rip2IfConfStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "Writing invalid has the effect of deleting ++ this interface." ++ ::= { rip2IfConfEntry 8 } ++ ++ rip2IfConfSrcAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The IP Address this system will use as a source ++ address on this interface. If it is a numbered ++ interface, this MUST be the same value as ++ rip2IfConfAddress. On unnumbered interfaces, ++ it must be the value of rip2IfConfAddress for ++ some interface on the system." ++ ::= { rip2IfConfEntry 9 } ++ ++--4.3 Peer Table ++ ++-- Peer Table ++ ++-- The RIP Peer Group ++-- Implementation of this Group is Optional ++ ++-- This group provides information about active peer ++-- relationships intended to assist in debugging. An ++-- active peer is a router from which a valid RIP ++-- updated has been heard in the last 180 seconds. ++ ++ rip2PeerTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Rip2PeerEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A list of RIP Peers." ++ ::= { rip2 4 } ++ ++ rip2PeerEntry OBJECT-TYPE ++ SYNTAX Rip2PeerEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Information regarding a single routing peer." ++ INDEX { rip2PeerAddress, rip2PeerDomain } ++ ::= { rip2PeerTable 1 } ++ ++ Rip2PeerEntry ::= ++ SEQUENCE { ++ rip2PeerAddress ++ IpAddress, ++ rip2PeerDomain ++ RouteTag, ++ rip2PeerLastUpdate ++ TimeTicks, ++ rip2PeerVersion ++ INTEGER, ++ rip2PeerRcvBadPackets ++ Counter32, ++ rip2PeerRcvBadRoutes ++ Counter32 ++ } ++ ++ rip2PeerAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address that the peer is using as its source ++ address. Note that on an unnumbered link, this may ++ not be a member of any subnet on the system." ++ ::= { rip2PeerEntry 1 } ++ ++ rip2PeerDomain OBJECT-TYPE ++ SYNTAX RouteTag ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The value in the Routing Domain field in RIP ++ packets received from the peer. As domain suuport ++ is deprecated, this must be zero." ++ ::= { rip2PeerEntry 2 } ++ ++ rip2PeerLastUpdate OBJECT-TYPE ++ SYNTAX TimeTicks ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The value of sysUpTime when the most recent ++ RIP update was received from this system." ++ ::= { rip2PeerEntry 3 } ++ ++ rip2PeerVersion OBJECT-TYPE ++ SYNTAX INTEGER ( 0..255 ) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The RIP version number in the header of the ++ last RIP packet received." ++ ::= { rip2PeerEntry 4 } ++ ++ rip2PeerRcvBadPackets OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of RIP response packets from this ++ peer discarded as invalid." ++ ::= { rip2PeerEntry 5 } ++ ++ ++ rip2PeerRcvBadRoutes OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of routes from this peer that were ++ ignored because the entry format was invalid." ++ ::= { rip2PeerEntry 6 } ++ ++-- conformance information ++ ++rip2Conformance OBJECT IDENTIFIER ::= { rip2 5 } ++ ++rip2Groups OBJECT IDENTIFIER ::= { rip2Conformance 1 } ++rip2Compliances OBJECT IDENTIFIER ::= { rip2Conformance 2 } ++ ++-- compliance statements ++rip2Compliance MODULE-COMPLIANCE ++ STATUS current ++ DESCRIPTION ++ "The compliance statement " ++ MODULE -- this module ++ MANDATORY-GROUPS { ++ rip2GlobalGroup, ++ rip2IfStatGroup, ++ rip2IfConfGroup, ++ rip2PeerGroup ++ } ++ GROUP rip2GlobalGroup ++ DESCRIPTION ++ "This group defines global controls for RIP-II systems." ++ GROUP rip2IfStatGroup ++ DESCRIPTION ++ "This group defines interface statistics for RIP-II systems." ++ GROUP rip2IfConfGroup ++ DESCRIPTION ++ "This group defines interface configuration for RIP-II systems." ++ GROUP rip2PeerGroup ++ DESCRIPTION ++ "This group defines peer information for RIP-II systems." ++ ::= { rip2Compliances 1 } ++ ++-- units of conformance ++ ++rip2GlobalGroup OBJECT-GROUP ++ OBJECTS { ++ rip2GlobalRouteChanges, ++ rip2GlobalQueries ++ } ++ STATUS current ++ DESCRIPTION ++ "This group defines global controls for RIP-II systems." ++ ::= { rip2Groups 1 } ++rip2IfStatGroup OBJECT-GROUP ++ OBJECTS { ++ rip2IfStatAddress, ++ rip2IfStatRcvBadPackets, ++ rip2IfStatRcvBadRoutes, ++ rip2IfStatSentUpdates, ++ rip2IfStatStatus ++ } ++ STATUS current ++ DESCRIPTION ++ "This group defines interface statistics for RIP-II systems." ++ ::= { rip2Groups 2 } ++rip2IfConfGroup OBJECT-GROUP ++ OBJECTS { ++ rip2IfConfAddress, ++ rip2IfConfAuthType, ++ rip2IfConfAuthKey, ++ rip2IfConfSend, ++ rip2IfConfReceive, ++ rip2IfConfDefaultMetric, ++ rip2IfConfStatus, ++ rip2IfConfSrcAddress ++ } ++ STATUS current ++ DESCRIPTION ++ "This group defines interface configuration for RIP-II systems." ++ ::= { rip2Groups 3 } ++rip2PeerGroup OBJECT-GROUP ++ OBJECTS { ++ rip2PeerAddress, ++ rip2PeerDomain, ++ rip2PeerLastUpdate, ++ rip2PeerVersion, ++ rip2PeerRcvBadPackets, ++ rip2PeerRcvBadRoutes ++ } ++ STATUS current ++ DESCRIPTION ++ "This group defines peer information for RIP-II systems." ++ ::= { rip2Groups 4 } ++END +--- /dev/null ++++ b/mibs/SOURCE-ROUTING-MIB.txt +@@ -0,0 +1,452 @@ ++SOURCE-ROUTING-MIB DEFINITIONS ::= BEGIN ++ ++IMPORTS ++ Counter, Gauge ++ FROM RFC1155-SMI ++ dot1dBridge, dot1dSr ++ FROM BRIDGE-MIB ++ OBJECT-TYPE ++ FROM RFC-1212; ++ ++-- groups in the SR MIB ++ ++-- dot1dSr is imported from the Bridge MIB ++ ++dot1dPortPair OBJECT IDENTIFIER ::= { dot1dBridge 10 } ++ ++-- the dot1dSr group ++ ++-- this group is implemented by those bridges that ++-- support the source route bridging mode, including Source ++-- Routing and SRT bridges. ++ ++dot1dSrPortTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Dot1dSrPortEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A table that contains information about every ++ port that is associated with this source route ++ bridge." ++ ::= { dot1dSr 1 } ++ ++dot1dSrPortEntry OBJECT-TYPE ++ SYNTAX Dot1dSrPortEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A list of information for each port of a source ++ route bridge." ++ INDEX { dot1dSrPort } ++ ++ ::= { dot1dSrPortTable 1 } ++ ++Dot1dSrPortEntry ::= ++ SEQUENCE { ++ dot1dSrPort ++ INTEGER, ++ dot1dSrPortHopCount ++ INTEGER, ++ dot1dSrPortLocalSegment ++ INTEGER, ++ dot1dSrPortBridgeNum ++ INTEGER, ++ dot1dSrPortTargetSegment ++ INTEGER, ++ dot1dSrPortLargestFrame ++ INTEGER, ++ dot1dSrPortSTESpanMode ++ INTEGER, ++ dot1dSrPortSpecInFrames ++ Counter, ++ dot1dSrPortSpecOutFrames ++ Counter, ++ dot1dSrPortApeInFrames ++ Counter, ++ dot1dSrPortApeOutFrames ++ Counter, ++ dot1dSrPortSteInFrames ++ Counter, ++ dot1dSrPortSteOutFrames ++ Counter, ++ dot1dSrPortSegmentMismatchDiscards ++ Counter, ++ dot1dSrPortDuplicateSegmentDiscards ++ Counter, ++ dot1dSrPortHopCountExceededDiscards ++ Counter, ++ dot1dSrPortDupLanIdOrTreeErrors ++ Counter, ++ dot1dSrPortLanIdMismatches ++ Counter ++ } ++ ++dot1dSrPort OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The port number of the port for which this entry ++ ++ contains Source Route management information." ++ ::= { dot1dSrPortEntry 1 } ++ ++dot1dSrPortHopCount OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The maximum number of routing descriptors allowed ++ in an All Paths or Spanning Tree Explorer frames." ++ ::= { dot1dSrPortEntry 2 } ++ ++dot1dSrPortLocalSegment OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The segment number that uniquely identifies the ++ segment to which this port is connected. Current ++ source routing protocols limit this value to the ++ range: 0 through 4095. (The value 0 is used by ++ some management applications for special test ++ cases.) A value of 65535 signifies that no segment ++ number is assigned to this port." ++ ::= { dot1dSrPortEntry 3 } ++ ++dot1dSrPortBridgeNum OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "A bridge number uniquely identifies a bridge when ++ more than one bridge is used to span the same two ++ segments. Current source routing protocols limit ++ this value to the range: 0 through 15. A value of ++ 65535 signifies that no bridge number is assigned ++ to this bridge." ++ ::= { dot1dSrPortEntry 4 } ++ ++dot1dSrPortTargetSegment OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The segment number that corresponds to the target ++ segment this port is considered to be connected to ++ by the bridge. Current source routing protocols ++ limit this value to the range: 0 through 4095. ++ ++ (The value 0 is used by some management ++ applications for special test cases.) A value of ++ 65535 signifies that no target segment is assigned ++ to this port." ++ ::= { dot1dSrPortEntry 5 } ++ ++-- It would be nice if we could use ifMtu as the size of the ++-- largest frame, but we can't because ifMtu is defined to be ++-- the size that the (inter-)network layer can use which can ++-- differ from the MAC layer (especially if several layers of ++-- encapsulation are used). ++ ++dot1dSrPortLargestFrame OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The maximum size of the INFO field (LLC and ++ above) that this port can send/receive. It does ++ not include any MAC level (framing) octets. The ++ value of this object is used by this bridge to ++ determine whether a modification of the ++ LargestFrame (LF, see [14]) field of the Routing ++ Control field of the Routing Information Field is ++ necessary. ++ ++ 64 valid values are defined by the IEEE 802.5M SRT ++ Addendum: 516, 635, 754, 873, 993, 1112, 1231, ++ 1350, 1470, 1542, 1615, 1688, 1761, 1833, 1906, ++ 1979, 2052, 2345, 2638, 2932, 3225, 3518, 3812, ++ 4105, 4399, 4865, 5331, 5798, 6264, 6730, 7197, ++ 7663, 8130, 8539, 8949, 9358, 9768, 10178, 10587, ++ 10997, 11407, 12199, 12992, 13785, 14578, 15370, ++ 16163, 16956, 17749, 20730, 23711, 26693, 29674, ++ 32655, 35637, 38618, 41600, 44591, 47583, 50575, ++ 53567, 56559, 59551, and 65535. ++ ++ An illegal value will not be accepted by the ++ bridge." ++ ::= { dot1dSrPortEntry 6 } ++ ++dot1dSrPortSTESpanMode OBJECT-TYPE ++ SYNTAX INTEGER { ++ auto-span(1), ++ disabled(2), ++ forced(3) ++ } ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "Determines how this port behaves when presented ++ with a Spanning Tree Explorer frame. The value ++ 'disabled(2)' indicates that the port will not ++ accept or send Spanning Tree Explorer packets; any ++ STE packets received will be silently discarded. ++ The value 'forced(3)' indicates the port will ++ always accept and propagate Spanning Tree Explorer ++ frames. This allows a manually configured ++ Spanning Tree for this class of packet to be ++ configured. Note that unlike transparent ++ bridging, this is not catastrophic to the network ++ if there are loops. The value 'auto-span(1)' can ++ only be returned by a bridge that both implements ++ the Spanning Tree Protocol and has use of the ++ protocol enabled on this port. The behavior of the ++ port for Spanning Tree Explorer frames is ++ determined by the state of dot1dStpPortState. If ++ the port is in the 'forwarding' state, the frame ++ will be accepted or propagated. Otherwise, it ++ will be silently discarded." ++ ::= { dot1dSrPortEntry 7 } ++ ++dot1dSrPortSpecInFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of Specifically Routed frames, also ++ referred to as Source Routed Frames, that have ++ been received from this port's segment." ++ ::= { dot1dSrPortEntry 8 } ++ ++dot1dSrPortSpecOutFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of Specifically Routed frames, also ++ referred to as Source Routed Frames, that this ++ port has transmitted on its segment." ++ ::= { dot1dSrPortEntry 9 } ++ ++dot1dSrPortApeInFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of All Paths Explorer frames, also ++ referred to as All Routes Explorer frames, that ++ have been received by this port from its segment." ++ ::= { dot1dSrPortEntry 10 } ++ ++dot1dSrPortApeOutFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of all Paths Explorer Frames, also ++ referred to as All Routes Explorer frames, that ++ have been transmitted by this port on its ++ segment." ++ ::= { dot1dSrPortEntry 11 } ++ ++dot1dSrPortSteInFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of spanning tree explorer frames that ++ have been received by this port from its segment." ++ ::= { dot1dSrPortEntry 12 } ++ ++dot1dSrPortSteOutFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of spanning tree explorer frames that ++ have been transmitted by this port on its ++ segment." ++ ::= { dot1dSrPortEntry 13 } ++ ++dot1dSrPortSegmentMismatchDiscards OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of explorer frames that have been ++ discarded by this port because the routing ++ descriptor field contained an invalid adjacent ++ segment value." ++ ::= { dot1dSrPortEntry 14 } ++ ++dot1dSrPortDuplicateSegmentDiscards OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of frames that have been discarded by ++ this port because the routing descriptor field ++ contained a duplicate segment identifier." ++ ::= { dot1dSrPortEntry 15 } ++ ++dot1dSrPortHopCountExceededDiscards OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of explorer frames that have been ++ discarded by this port because the Routing ++ Information Field has exceeded the maximum route ++ descriptor length." ++ ::= { dot1dSrPortEntry 16 } ++ ++dot1dSrPortDupLanIdOrTreeErrors OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of duplicate LAN IDs or Tree errors. ++ This helps in detection of problems in networks ++ containing older IBM Source Routing Bridges." ++ ::= { dot1dSrPortEntry 17 } ++ ++dot1dSrPortLanIdMismatches OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of ARE and STE frames that were ++ discarded because the last LAN ID in the routing ++ information field did not equal the LAN-in ID. ++ This error can occur in implementations which do ++ only a LAN-in ID and Bridge Number check instead ++ of a LAN-in ID, Bridge Number, and LAN-out ID ++ check before they forward broadcast frames." ++ ::= { dot1dSrPortEntry 18 } ++ ++-- scalar object in dot1dSr ++ ++dot1dSrBridgeLfMode OBJECT-TYPE ++ SYNTAX INTEGER { ++ mode3(1), ++ mode6(2) ++ } ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "Indicates whether the bridge operates using older ++ 3 bit length negotiation fields or the newer 6 bit ++ length field in its RIF." ++ ::= { dot1dSr 2 } ++ ++-- The Port-Pair Database ++ ++-- Implementation of this group is optional. ++ ++-- This group is implemented by those bridges that support ++-- the direct multiport model of the source route bridging ++-- mode as defined in the IEEE 802.5 SRT Addendum to ++-- 802.1d. ++ ++-- Bridges implementing this group may report 65535 for ++-- dot1dSrPortBridgeNumber and dot1dSrPortTargetSegment, ++-- indicating that those objects are not applicable. ++ ++dot1dPortPairTableSize OBJECT-TYPE ++ SYNTAX Gauge ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The total number of entries in the Bridge Port ++ Pair Database." ++ ::= { dot1dPortPair 1 } ++ ++-- the Bridge Port-Pair table ++ ++-- this table represents port pairs within a bridge forming ++-- a unique bridge path, as defined in the IEEE 802.5M SRT ++-- Addendum. ++ ++dot1dPortPairTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Dot1dPortPairEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A table that contains information about every ++ ++ port pair database entity associated with this ++ source routing bridge." ++ ::= { dot1dPortPair 2 } ++ ++dot1dPortPairEntry OBJECT-TYPE ++ SYNTAX Dot1dPortPairEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A list of information for each port pair entity ++ of a bridge." ++ INDEX { dot1dPortPairLowPort, dot1dPortPairHighPort } ++ ::= { dot1dPortPairTable 1 } ++ ++Dot1dPortPairEntry ::= ++ SEQUENCE { ++ dot1dPortPairLowPort ++ INTEGER, ++ dot1dPortPairHighPort ++ INTEGER, ++ dot1dPortPairBridgeNum ++ INTEGER, ++ dot1dPortPairBridgeState ++ INTEGER ++ } ++ ++dot1dPortPairLowPort OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The port number of the lower numbered port for ++ which this entry contains port pair database ++ information." ++ ::= { dot1dPortPairEntry 1 } ++ ++dot1dPortPairHighPort OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The port number of the higher numbered port for ++ which this entry contains port pair database ++ information." ++ ::= { dot1dPortPairEntry 2 } ++ ++dot1dPortPairBridgeNum OBJECT-TYPE ++ SYNTAX INTEGER ++ ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "A bridge number that uniquely identifies the path ++ provided by this source routing bridge between the ++ segments connected to dot1dPortPairLowPort and ++ dot1dPortPairHighPort. The purpose of bridge ++ number is to disambiguate between multiple paths ++ connecting the same two LANs." ++ ::= { dot1dPortPairEntry 3 } ++ ++dot1dPortPairBridgeState OBJECT-TYPE ++ SYNTAX INTEGER { ++ enabled(1), ++ disabled(2), ++ invalid(3) ++ } ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The state of dot1dPortPairBridgeNum. Writing ++ 'invalid(3)' to this object removes the ++ corresponding entry." ++ ::= { dot1dPortPairEntry 4 } ++ ++END diff --git a/package/network/net-snmp/patches/160-no_ldconfig.patch b/package/network/net-snmp/patches/160-no_ldconfig.patch new file mode 100644 index 0000000000..d9de73e0d1 --- /dev/null +++ b/package/network/net-snmp/patches/160-no_ldconfig.patch @@ -0,0 +1,11 @@ +--- a/configure ++++ b/configure +@@ -15097,7 +15097,7 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu) + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' +- finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' ++ finish_cmds='' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + diff --git a/package/network/net-snmp/patches/170-ldflags.patch b/package/network/net-snmp/patches/170-ldflags.patch new file mode 100644 index 0000000000..656fdede49 --- /dev/null +++ b/package/network/net-snmp/patches/170-ldflags.patch @@ -0,0 +1,11 @@ +--- a/Makefile.top ++++ b/Makefile.top +@@ -87,7 +87,7 @@ LIBCURRENT = 30 + LIBAGE = 0 + LIBREVISION = 0 + +-LIB_LD_CMD = $(LIBTOOL) --mode=link $(LINKCC) $(CFLAGS) -rpath $(libdir) -version-info $(LIBCURRENT):$(LIBREVISION):$(LIBAGE) -o ++LIB_LD_CMD = $(LIBTOOL) --mode=link $(LINKCC) $(CFLAGS) -rpath $(libdir) $(LDFLAGS) -version-info $(LIBCURRENT):$(LIBREVISION):$(LIBAGE) -o + LIB_EXTENSION = la + LIB_VERSION = + LIB_LDCONFIG_CMD = $(LIBTOOL) --mode=finish $(INSTALL_PREFIX)$(libdir) diff --git a/package/network/net-snmp/patches/750-ieee802dot11.patch b/package/network/net-snmp/patches/750-ieee802dot11.patch new file mode 100644 index 0000000000..a3c5c0a9d6 --- /dev/null +++ b/package/network/net-snmp/patches/750-ieee802dot11.patch @@ -0,0 +1,6156 @@ +--- /dev/null ++++ b/agent/mibgroup/ieee802dot11.c +@@ -0,0 +1,4915 @@ ++/**************************************************************************** ++* * ++* File Name: ieee802dot11.c * ++* Used By: * ++* * ++* Operating System: * ++* Purpose: * ++* * ++* Comments: * ++* * ++* Author: Larry Simmons * ++* lsimmons@avantcom.com * ++* www.avantcom.com * ++* * ++* Creation Date: 09/02/03 * ++* * ++* Ver Date Inits Modification * ++* ----- -------- ----- ------------ * ++* 0.0.1 09/02/03 LRS created * ++* 0.0.2 09/24/03 LRS wouldn't build after fresh ./configure * ++****************************************************************************/ ++/**************************************************************************** ++* Includes * ++****************************************************************************/ ++#include ++#include ++#include ++#include "ieee802dot11.h" ++#include "iwlib.h" ++ ++/**************************************************************************** ++* Defines * ++****************************************************************************/ ++#define DISPLAYWIEXT // display wireless ext info ++#define TABLE_SIZE 1 ++//#define MINLOADFREQ 15 // min reload frequency in seconds ++#define MINLOADFREQ 5 // min reload frequency in seconds // for testing ++#define PROC_NET_DEV "/proc/net/dev" ++#define PROC_NET_WIRELESS "/proc/net/wireless" ++ ++#ifndef UCHAR ++ typedef unsigned char UCHAR; ++#endif ++ ++/**************************************************************************** ++* Private Functions * ++****************************************************************************/ ++static void loadTables(); ++static void loadWiExt ( int, char *, struct wireless_info * ); ++static void load80211Structs ( int, char *, struct wireless_info * ); ++static void initStructs(); ++ ++// Wireless Extensions Specific Functions ++static void loadWiExtTo80211Structs ( int, char *, struct wireless_info * ); ++static void displayWiExt ( struct wireless_info ); ++ ++// Linked List Functions ++static void addList ( char *, char *, int ); ++static void initLists(); // initialize all the linked lists ++static void flushLists(); // flush all the linked lists ++static void flushList ( char * ); // flush a single linked list ++ ++// Utility Functions ++static int openSocket ( void ); ++static int mWatt2dbm ( int ); ++static char *htob ( char * ); ++static int hasChanged ( char *, int ); ++ ++/**************************************************************************** ++* Private Variables * ++****************************************************************************/ ++static unsigned long lastLoad = 0; // ET in secs at last table load ++ ++static struct avNode *lastNode, *newNode, *np; ++ ++/**************************************************************************** ++* External Functions * ++****************************************************************************/ ++ ++/**************************************************************************** ++* ieee802dot11_variables_oid: * ++* this is the top level oid that we want to register under. This * ++* is essentially a prefix, with the suffix appearing in the * ++* variable below. * ++****************************************************************************/ ++oid ieee802dot11_variables_oid[] = { 1,2,840,10036 }; ++ ++/**************************************************************************** ++* variable7 ieee802dot11_variables: * ++* this variable defines function callbacks and type return information * ++* for the ieee802dot11 mib section * ++****************************************************************************/ ++struct variable7 ieee802dot11_variables[] = { ++/* magic number , variable type , ro/rw , callback fn , L, oidsuffix */ ++#define DOT11STATIONID 3 ++ { DOT11STATIONID , ASN_OCTET_STR , RWRITE, var_dot11StationConfigTable, 4, { 1,1,1,1 } }, ++#define DOT11MEDIUMOCCUPANCYLIMIT 4 ++ { DOT11MEDIUMOCCUPANCYLIMIT, ASN_INTEGER , RWRITE, var_dot11StationConfigTable, 4, { 1,1,1,2 } }, ++#define DOT11CFPOLLABLE 5 ++ { DOT11CFPOLLABLE , ASN_INTEGER , RONLY , var_dot11StationConfigTable, 4, { 1,1,1,3 } }, ++#define DOT11CFPPERIOD 6 ++ { DOT11CFPPERIOD , ASN_INTEGER , RWRITE, var_dot11StationConfigTable, 4, { 1,1,1,4 } }, ++#define DOT11CFPMAXDURATION 7 ++ { DOT11CFPMAXDURATION , ASN_INTEGER , RWRITE, var_dot11StationConfigTable, 4, { 1,1,1,5 } }, ++#define DOT11AUTHENTICATIONRESPONSETIMEOUT 8 ++ { DOT11AUTHENTICATIONRESPONSETIMEOUT, ASN_INTEGER , RWRITE, var_dot11StationConfigTable, 4, { 1,1,1,6 } }, ++#define DOT11PRIVACYOPTIONIMPLEMENTED 9 ++ { DOT11PRIVACYOPTIONIMPLEMENTED, ASN_INTEGER , RONLY , var_dot11StationConfigTable, 4, { 1,1,1,7 } }, ++#define DOT11POWERMANAGEMENTMODE 10 ++ { DOT11POWERMANAGEMENTMODE, ASN_INTEGER , RWRITE, var_dot11StationConfigTable, 4, { 1,1,1,8 } }, ++#define DOT11DESIREDSSID 11 ++ { DOT11DESIREDSSID , ASN_OCTET_STR , RWRITE, var_dot11StationConfigTable, 4, { 1,1,1,9 } }, ++#define DOT11DESIREDBSSTYPE 12 ++ { DOT11DESIREDBSSTYPE , ASN_INTEGER , RWRITE, var_dot11StationConfigTable, 4, { 1,1,1,10 } }, ++#define DOT11OPERATIONALRATESET 13 ++ { DOT11OPERATIONALRATESET, ASN_OCTET_STR , RWRITE, var_dot11StationConfigTable, 4, { 1,1,1,11 } }, ++#define DOT11BEACONPERIOD 14 ++ { DOT11BEACONPERIOD , ASN_INTEGER , RWRITE, var_dot11StationConfigTable, 4, { 1,1,1,12 } }, ++#define DOT11DTIMPERIOD 15 ++ { DOT11DTIMPERIOD , ASN_INTEGER , RWRITE, var_dot11StationConfigTable, 4, { 1,1,1,13 } }, ++#define DOT11ASSOCIATIONRESPONSETIMEOUT 16 ++ { DOT11ASSOCIATIONRESPONSETIMEOUT, ASN_INTEGER , RWRITE, var_dot11StationConfigTable, 4, { 1,1,1,14 } }, ++#define DOT11DISASSOCIATEREASON 17 ++ { DOT11DISASSOCIATEREASON, ASN_INTEGER , RONLY , var_dot11StationConfigTable, 4, { 1,1,1,15 } }, ++#define DOT11DISASSOCIATESTATION 18 ++ { DOT11DISASSOCIATESTATION, ASN_OCTET_STR , RONLY , var_dot11StationConfigTable, 4, { 1,1,1,16 } }, ++#define DOT11DEAUTHENTICATEREASON 19 ++ { DOT11DEAUTHENTICATEREASON, ASN_INTEGER , RONLY , var_dot11StationConfigTable, 4, { 1,1,1,17 } }, ++#define DOT11DEAUTHENTICATESTATION 20 ++ { DOT11DEAUTHENTICATESTATION, ASN_OCTET_STR , RONLY , var_dot11StationConfigTable, 4, { 1,1,1,18 } }, ++#define DOT11AUTHENTICATEFAILSTATUS 21 ++ { DOT11AUTHENTICATEFAILSTATUS, ASN_INTEGER , RONLY , var_dot11StationConfigTable, 4, { 1,1,1,19 } }, ++#define DOT11AUTHENTICATEFAILSTATION 22 ++ { DOT11AUTHENTICATEFAILSTATION, ASN_OCTET_STR , RONLY , var_dot11StationConfigTable, 4, { 1,1,1,20 } }, ++ ++#define DOT11AUTHENTICATIONALGORITHM 26 ++ { DOT11AUTHENTICATIONALGORITHM, ASN_INTEGER , RONLY , var_dot11AuthenticationAlgorithmsTable, 4, { 1,2,1,2 } }, ++#define DOT11AUTHENTICATIONALGORITHMSENABLE 27 ++ { DOT11AUTHENTICATIONALGORITHMSENABLE, ASN_INTEGER , RWRITE, var_dot11AuthenticationAlgorithmsTable, 4, { 1,2,1,3 } }, ++ ++#define DOT11WEPDEFAULTKEYVALUE 31 ++ { DOT11WEPDEFAULTKEYVALUE, ASN_OCTET_STR , RWRITE, var_dot11WEPDefaultKeysTable, 4, { 1,3,1,2 } }, ++ ++#define DOT11WEPKEYMAPPINGADDRESS 35 ++ { DOT11WEPKEYMAPPINGADDRESS, ASN_OCTET_STR , RWRITE, var_dot11WEPKeyMappingsTable, 4, { 1,4,1,2 } }, ++#define DOT11WEPKEYMAPPINGWEPON 36 ++ { DOT11WEPKEYMAPPINGWEPON, ASN_INTEGER , RWRITE, var_dot11WEPKeyMappingsTable, 4, { 1,4,1,3 } }, ++#define DOT11WEPKEYMAPPINGVALUE 37 ++ { DOT11WEPKEYMAPPINGVALUE, ASN_OCTET_STR , RWRITE, var_dot11WEPKeyMappingsTable, 4, { 1,4,1,4 } }, ++#define DOT11WEPKEYMAPPINGSTATUS 38 ++ { DOT11WEPKEYMAPPINGSTATUS, ASN_INTEGER , RWRITE, var_dot11WEPKeyMappingsTable, 4, { 1,4,1,5 } }, ++ ++#define DOT11PRIVACYINVOKED 41 ++ { DOT11PRIVACYINVOKED , ASN_INTEGER , RWRITE, var_dot11PrivacyTable, 4, { 1,5,1,1 } }, ++#define DOT11WEPDEFAULTKEYID 42 ++ { DOT11WEPDEFAULTKEYID, ASN_INTEGER , RWRITE, var_dot11PrivacyTable, 4, { 1,5,1,2 } }, ++#define DOT11WEPKEYMAPPINGLENGTH 43 ++ { DOT11WEPKEYMAPPINGLENGTH, ASN_INTEGER , RWRITE, var_dot11PrivacyTable, 4, { 1,5,1,3 } }, ++#define DOT11EXCLUDEUNENCRYPTED 44 ++ { DOT11EXCLUDEUNENCRYPTED, ASN_INTEGER , RWRITE, var_dot11PrivacyTable, 4, { 1,5,1,4 } }, ++#define DOT11WEPICVERRORCOUNT 45 ++ { DOT11WEPICVERRORCOUNT, ASN_COUNTER , RONLY , var_dot11PrivacyTable, 4, { 1,5,1,5 } }, ++#define DOT11WEPEXCLUDEDCOUNT 46 ++ { DOT11WEPEXCLUDEDCOUNT, ASN_COUNTER , RONLY , var_dot11PrivacyTable, 4, { 1,5,1,6 } }, ++ ++#define DOT11MACADDRESS 49 ++ { DOT11MACADDRESS , ASN_OCTET_STR , RONLY , var_dot11OperationTable, 4, { 2,1,1,1 } }, ++#define DOT11RTSTHRESHOLD 50 ++ { DOT11RTSTHRESHOLD , ASN_INTEGER , RWRITE, var_dot11OperationTable, 4, { 2,1,1,2 } }, ++#define DOT11SHORTRETRYLIMIT 51 ++ { DOT11SHORTRETRYLIMIT, ASN_INTEGER , RWRITE, var_dot11OperationTable, 4, { 2,1,1,3 } }, ++#define DOT11LONGRETRYLIMIT 52 ++ { DOT11LONGRETRYLIMIT , ASN_INTEGER , RWRITE, var_dot11OperationTable, 4, { 2,1,1,4 } }, ++#define DOT11FRAGMENTATIONTHRESHOLD 53 ++ { DOT11FRAGMENTATIONTHRESHOLD, ASN_INTEGER , RWRITE, var_dot11OperationTable, 4, { 2,1,1,5 } }, ++#define DOT11MAXTRANSMITMSDULIFETIME 54 ++ { DOT11MAXTRANSMITMSDULIFETIME, ASN_INTEGER , RWRITE, var_dot11OperationTable, 4, { 2,1,1,6 } }, ++#define DOT11MAXRECEIVELIFETIME 55 ++ { DOT11MAXRECEIVELIFETIME, ASN_INTEGER , RWRITE, var_dot11OperationTable, 4, { 2,1,1,7 } }, ++#define DOT11MANUFACTURERID 56 ++ { DOT11MANUFACTURERID , ASN_OCTET_STR , RONLY , var_dot11OperationTable, 4, { 2,1,1,8 } }, ++#define DOT11PRODUCTID 57 ++ { DOT11PRODUCTID , ASN_OCTET_STR , RONLY , var_dot11OperationTable, 4, { 2,1,1,9 } }, ++ ++#define DOT11TRANSMITTEDFRAGMENTCOUNT 60 ++ { DOT11TRANSMITTEDFRAGMENTCOUNT, ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,1 } }, ++#define DOT11MULTICASTTRANSMITTEDFRAMECOUNT 61 ++ { DOT11MULTICASTTRANSMITTEDFRAMECOUNT, ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,2 } }, ++#define DOT11FAILEDCOUNT 62 ++ { DOT11FAILEDCOUNT , ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,3 } }, ++#define DOT11RETRYCOUNT 63 ++ { DOT11RETRYCOUNT , ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,4 } }, ++#define DOT11MULTIPLERETRYCOUNT 64 ++ { DOT11MULTIPLERETRYCOUNT, ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,5 } }, ++#define DOT11FRAMEDUPLICATECOUNT 65 ++ { DOT11FRAMEDUPLICATECOUNT, ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,6 } }, ++#define DOT11RTSSUCCESSCOUNT 66 ++ { DOT11RTSSUCCESSCOUNT, ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,7 } }, ++#define DOT11RTSFAILURECOUNT 67 ++ { DOT11RTSFAILURECOUNT, ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,8 } }, ++#define DOT11ACKFAILURECOUNT 68 ++ { DOT11ACKFAILURECOUNT, ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,9 } }, ++#define DOT11RECEIVEDFRAGMENTCOUNT 69 ++ { DOT11RECEIVEDFRAGMENTCOUNT, ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,10 } }, ++#define DOT11MULTICASTRECEIVEDFRAMECOUNT 70 ++ { DOT11MULTICASTRECEIVEDFRAMECOUNT, ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,11 } }, ++#define DOT11FCSERRORCOUNT 71 ++ { DOT11FCSERRORCOUNT , ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,12 } }, ++#define DOT11TRANSMITTEDFRAMECOUNT 72 ++ { DOT11TRANSMITTEDFRAMECOUNT, ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,13 } }, ++#define DOT11WEPUNDECRYPTABLECOUNT 73 ++ { DOT11WEPUNDECRYPTABLECOUNT, ASN_COUNTER , RONLY , var_dot11CountersTable, 4, { 2,2,1,14 } }, ++ ++#define DOT11ADDRESS 77 ++ { DOT11ADDRESS , ASN_OCTET_STR , RWRITE, var_dot11GroupAddressesTable, 4, { 2,3,1,2 } }, ++#define DOT11GROUPADDRESSESSTATUS 78 ++ { DOT11GROUPADDRESSESSTATUS, ASN_INTEGER , RWRITE, var_dot11GroupAddressesTable, 4, { 2,3,1,3 } }, ++ ++#define DOT11RESOURCETYPEIDNAME 79 ++ { DOT11RESOURCETYPEIDNAME, ASN_OCTET_STR , RONLY , var_ieee802dot11, 3, { 3,1,1 } }, ++#define DOT11MANUFACTUREROUI 82 ++ { DOT11MANUFACTUREROUI, ASN_OCTET_STR , RONLY , var_dot11ResourceInfoTable, 5, { 3,1,2,1,1 } }, ++#define DOT11MANUFACTURERNAME 83 ++ { DOT11MANUFACTURERNAME, ASN_OCTET_STR , RONLY , var_dot11ResourceInfoTable, 5, { 3,1,2,1,2 } }, ++#define DOT11MANUFACTURERPRODUCTNAME 84 ++ { DOT11MANUFACTURERPRODUCTNAME, ASN_OCTET_STR , RONLY , var_dot11ResourceInfoTable, 5, { 3,1,2,1,3 } }, ++#define DOT11MANUFACTURERPRODUCTVERSION 85 ++ { DOT11MANUFACTURERPRODUCTVERSION, ASN_OCTET_STR , RONLY , var_dot11ResourceInfoTable, 5, { 3,1,2,1,4 } }, ++ ++#define DOT11PHYTYPE 88 ++ { DOT11PHYTYPE , ASN_INTEGER , RONLY , var_dot11PhyOperationTable, 4, { 4,1,1,1 } }, ++#define DOT11CURRENTREGDOMAIN 89 ++ { DOT11CURRENTREGDOMAIN, ASN_INTEGER , RWRITE, var_dot11PhyOperationTable, 4, { 4,1,1,2 } }, ++#define DOT11TEMPTYPE 90 ++ { DOT11TEMPTYPE , ASN_INTEGER , RONLY , var_dot11PhyOperationTable, 4, { 4,1,1,3 } }, ++#define DOT11CURRENTTXANTENNA 93 ++ { DOT11CURRENTTXANTENNA, ASN_INTEGER , RWRITE, var_dot11PhyAntennaTable, 4, { 4,2,1,1 } }, ++#define DOT11DIVERSITYSUPPORT 94 ++ { DOT11DIVERSITYSUPPORT, ASN_INTEGER , RONLY , var_dot11PhyAntennaTable, 4, { 4,2,1,2 } }, ++#define DOT11CURRENTRXANTENNA 95 ++ { DOT11CURRENTRXANTENNA, ASN_INTEGER , RWRITE, var_dot11PhyAntennaTable, 4, { 4,2,1,3 } }, ++#define DOT11NUMBERSUPPORTEDPOWERLEVELS 98 ++ { DOT11NUMBERSUPPORTEDPOWERLEVELS, ASN_INTEGER , RONLY , var_dot11PhyTxPowerTable, 4, { 4,3,1,1 } }, ++#define DOT11TXPOWERLEVEL1 99 ++ { DOT11TXPOWERLEVEL1 , ASN_INTEGER , RONLY , var_dot11PhyTxPowerTable, 4, { 4,3,1,2 } }, ++#define DOT11TXPOWERLEVEL2 100 ++ { DOT11TXPOWERLEVEL2 , ASN_INTEGER , RONLY , var_dot11PhyTxPowerTable, 4, { 4,3,1,3 } }, ++#define DOT11TXPOWERLEVEL3 101 ++ { DOT11TXPOWERLEVEL3 , ASN_INTEGER , RONLY , var_dot11PhyTxPowerTable, 4, { 4,3,1,4 } }, ++#define DOT11TXPOWERLEVEL4 102 ++ { DOT11TXPOWERLEVEL4 , ASN_INTEGER , RONLY , var_dot11PhyTxPowerTable, 4, { 4,3,1,5 } }, ++#define DOT11TXPOWERLEVEL5 103 ++ { DOT11TXPOWERLEVEL5 , ASN_INTEGER , RONLY , var_dot11PhyTxPowerTable, 4, { 4,3,1,6 } }, ++#define DOT11TXPOWERLEVEL6 104 ++ { DOT11TXPOWERLEVEL6 , ASN_INTEGER , RONLY , var_dot11PhyTxPowerTable, 4, { 4,3,1,7 } }, ++#define DOT11TXPOWERLEVEL7 105 ++ { DOT11TXPOWERLEVEL7 , ASN_INTEGER , RONLY , var_dot11PhyTxPowerTable, 4, { 4,3,1,8 } }, ++#define DOT11TXPOWERLEVEL8 106 ++ { DOT11TXPOWERLEVEL8 , ASN_INTEGER , RONLY , var_dot11PhyTxPowerTable, 4, { 4,3,1,9 } }, ++#define DOT11CURRENTTXPOWERLEVEL 107 ++ { DOT11CURRENTTXPOWERLEVEL, ASN_INTEGER , RWRITE, var_dot11PhyTxPowerTable, 4, { 4,3,1,10 } }, ++ ++#define DOT11HOPTIME 110 ++ { DOT11HOPTIME , ASN_INTEGER , RONLY , var_dot11PhyFHSSTable, 4, { 4,4,1,1 } }, ++#define DOT11CURRENTCHANNELNUMBER 111 ++ { DOT11CURRENTCHANNELNUMBER, ASN_INTEGER , RWRITE, var_dot11PhyFHSSTable, 4, { 4,4,1,2 } }, ++#define DOT11MAXDWELLTIME 112 ++ { DOT11MAXDWELLTIME , ASN_INTEGER , RONLY , var_dot11PhyFHSSTable, 4, { 4,4,1,3 } }, ++#define DOT11CURRENTDWELLTIME 113 ++ { DOT11CURRENTDWELLTIME, ASN_INTEGER , RWRITE, var_dot11PhyFHSSTable, 4, { 4,4,1,4 } }, ++#define DOT11CURRENTSET 114 ++ { DOT11CURRENTSET , ASN_INTEGER , RWRITE, var_dot11PhyFHSSTable, 4, { 4,4,1,5 } }, ++#define DOT11CURRENTPATTERN 115 ++ { DOT11CURRENTPATTERN , ASN_INTEGER , RWRITE, var_dot11PhyFHSSTable, 4, { 4,4,1,6 } }, ++#define DOT11CURRENTINDEX 116 ++ { DOT11CURRENTINDEX , ASN_INTEGER , RWRITE, var_dot11PhyFHSSTable, 4, { 4,4,1,7 } }, ++ ++#define DOT11CURRENTCHANNEL 119 ++ { DOT11CURRENTCHANNEL , ASN_INTEGER , RWRITE, var_dot11PhyDSSSTable, 4, { 4,5,1,1 } }, ++#define DOT11CCAMODESUPPORTED 120 ++ { DOT11CCAMODESUPPORTED, ASN_INTEGER , RONLY , var_dot11PhyDSSSTable, 4, { 4,5,1,2 } }, ++#define DOT11CURRENTCCAMODE 121 ++ { DOT11CURRENTCCAMODE , ASN_INTEGER , RWRITE, var_dot11PhyDSSSTable, 4, { 4,5,1,3 } }, ++#define DOT11EDTHRESHOLD 122 ++ { DOT11EDTHRESHOLD , ASN_INTEGER , RWRITE, var_dot11PhyDSSSTable, 4, { 4,5,1,4 } }, ++ ++#define DOT11CCAWATCHDOGTIMERMAX 125 ++ { DOT11CCAWATCHDOGTIMERMAX, ASN_INTEGER , RWRITE, var_dot11PhyIRTable, 4, { 4,6,1,1 } }, ++#define DOT11CCAWATCHDOGCOUNTMAX 126 ++ { DOT11CCAWATCHDOGCOUNTMAX, ASN_INTEGER , RWRITE, var_dot11PhyIRTable, 4, { 4,6,1,2 } }, ++#define DOT11CCAWATCHDOGTIMERMIN 127 ++ { DOT11CCAWATCHDOGTIMERMIN, ASN_INTEGER , RWRITE, var_dot11PhyIRTable, 4, { 4,6,1,3 } }, ++#define DOT11CCAWATCHDOGCOUNTMIN 128 ++ { DOT11CCAWATCHDOGCOUNTMIN, ASN_INTEGER , RWRITE, var_dot11PhyIRTable, 4, { 4,6,1,4 } }, ++ ++#define DOT11REGDOMAINSSUPPORTVALUE 132 ++ { DOT11REGDOMAINSSUPPORTVALUE, ASN_INTEGER , RONLY , var_dot11RegDomainsSupportedTable, 4, { 4,7,1,2 } }, ++ ++#define DOT11SUPPORTEDTXANTENNA 136 ++ { DOT11SUPPORTEDTXANTENNA, ASN_INTEGER , RWRITE, var_dot11AntennasListTable, 4, { 4,8,1,2 } }, ++#define DOT11SUPPORTEDRXANTENNA 137 ++ { DOT11SUPPORTEDRXANTENNA, ASN_INTEGER , RWRITE, var_dot11AntennasListTable, 4, { 4,8,1,3 } }, ++#define DOT11DIVERSITYSELECTIONRX 138 ++ { DOT11DIVERSITYSELECTIONRX, ASN_INTEGER , RWRITE, var_dot11AntennasListTable, 4, { 4,8,1,4 } }, ++ ++#define DOT11SUPPORTEDDATARATESTXVALUE 142 ++ { DOT11SUPPORTEDDATARATESTXVALUE, ASN_INTEGER , RONLY , var_dot11SupportedDataRatesTxTable, 4, { 4,9,1,2 } }, ++ ++#define DOT11SUPPORTEDDATARATESRXVALUE 146 ++ { DOT11SUPPORTEDDATARATESRXVALUE, ASN_INTEGER , RONLY , var_dot11SupportedDataRatesRxTable, 4, { 4,10,1,2 } }, ++}; ++// ( L = length of the oidsuffix ) ++ ++/**************************************************************************** ++* * ++* init_ieee802dot11() - perform any required initialization * ++* * ++****************************************************************************/ ++void init_ieee802dot11 ( void ) { ++ ++ /* register ourselves with the agent to handle our mib tree */ ++ REGISTER_MIB("ieee802dot11", ieee802dot11_variables, variable7, ++ ieee802dot11_variables_oid); ++ ++ initLists(); ++} ++ ++/**************************************************************************** ++* * ++* shutdown_ieee802dot11() - perform any required cleanup @ shutdown * ++* * ++****************************************************************************/ ++void shutdown_ieee802dot11 ( void ) ++{ ++ flushLists(); ++} ++ ++/**************************************************************************** ++* * ++* var_ieee802dot11() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_ieee802dot11 ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method) ++{ ++ loadTables(); ++ ++ if ( header_generic ( vp, name, length, exact,var_len,write_method ) ++ == MATCH_FAILED ) ++ return NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11RESOURCETYPEIDNAME: ++ if ( !haveResourceTypeIDName ) ++ return NULL; ++ *var_len = strlen ( resourceTypeIDName ); ++ return ( UCHAR * ) resourceTypeIDName; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11StationConfigTable() - return a variable value from the table * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11StationConfigTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ static char MACWork[17]; ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &scList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ sc = ( struct scTbl_data * ) np->data; ++ rName[vp->namelen] = sc->ifIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) > 0 ))) { ++ ++ switch ( vp->magic ) { // found requested OID, now check for requested variable ++ case DOT11STATIONID: ++ if ( sc->haveStationID ) found = TRUE; break; ++ case DOT11MEDIUMOCCUPANCYLIMIT: ++ if ( sc->haveMediumOccupancyLimit ) found = TRUE; break; ++ case DOT11CFPOLLABLE: ++ if ( sc->haveCFPPollable ) found = TRUE; break; ++ case DOT11CFPPERIOD: ++ if ( sc->haveCFPPeriod ) found = TRUE; break; ++ case DOT11CFPMAXDURATION: ++ if ( sc->haveMaxDuration ) found = TRUE; break; ++ case DOT11AUTHENTICATIONRESPONSETIMEOUT: ++ if ( sc->haveAuthenticationResponseTimeOut ) found = TRUE; break; ++ case DOT11PRIVACYOPTIONIMPLEMENTED: ++ if ( sc->havePrivacyOptionImplemented ) found = TRUE; break; ++ case DOT11POWERMANAGEMENTMODE: ++ if ( sc->havePowerManagementMode ) found = TRUE; break; ++ case DOT11DESIREDSSID: ++ if ( sc->haveDesiredSSID ) found = TRUE; break; ++ case DOT11DESIREDBSSTYPE: ++ if ( sc->haveDesiredBSSType ) found = TRUE; break; ++ case DOT11OPERATIONALRATESET: ++ if ( sc->haveOperationalRateSet ) found = TRUE; break; ++ case DOT11BEACONPERIOD: ++ if ( sc->haveBeaconPeriod ) found = TRUE; break; ++ case DOT11DTIMPERIOD: ++ if ( sc->haveDTIMPeriod ) found = TRUE; break; ++ case DOT11ASSOCIATIONRESPONSETIMEOUT: ++ if ( sc->haveAssociationResponseTimeOut ) found = TRUE; break; ++ case DOT11DISASSOCIATEREASON: ++ if ( sc->disAssociationReason ) found = TRUE; break; ++ case DOT11DISASSOCIATESTATION: ++ if ( sc->haveDisAssociationStation ) found = TRUE; break; ++ case DOT11DEAUTHENTICATEREASON: ++ if ( sc->deAuthenticationReason ) found = TRUE; break; ++ case DOT11DEAUTHENTICATESTATION: ++ if ( sc->haveDeAuthenticationStation ) found = TRUE; break; ++ case DOT11AUTHENTICATEFAILSTATUS: ++ if ( sc->authenticateFailStatus ) found = TRUE; break; ++ case DOT11AUTHENTICATEFAILSTATION: ++ if ( sc->haveAuthenticateFailStation ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 1 ) * sizeof ( oid )); ++ *length = vp->namelen + 1; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11STATIONID: ++// *write_method = write_dot11StationID; ++ MACWork[ 0] = sc->stationID [ 0]; ++ MACWork[ 1] = sc->stationID [ 1]; ++ MACWork[ 2] = sc->stationID [ 3]; ++ MACWork[ 3] = sc->stationID [ 4]; ++ MACWork[ 4] = sc->stationID [ 6]; ++ MACWork[ 5] = sc->stationID [ 7]; ++ MACWork[ 6] = sc->stationID [ 9]; ++ MACWork[ 7] = sc->stationID [10]; ++ MACWork[ 8] = sc->stationID [12]; ++ MACWork[ 9] = sc->stationID [13]; ++ MACWork[10] = sc->stationID [15]; ++ MACWork[11] = sc->stationID [16]; ++ MACWork[12] = '\0'; ++ *var_len = 6; ++ return ( UCHAR * ) htob ( MACWork ); ++ ++ case DOT11MEDIUMOCCUPANCYLIMIT: ++// *write_method = write_dot11MediumOccupancyLimit; ++ sc->mediumOccupancyLimit = 5; ++ return ( UCHAR * ) &sc->mediumOccupancyLimit; ++ ++ case DOT11CFPOLLABLE: ++ return ( UCHAR * ) &sc->CFPPollable; ++ ++ case DOT11CFPPERIOD: ++// *write_method = write_dot11CFPPeriod; ++ return ( UCHAR * ) &sc->CFPPeriod; ++ ++ case DOT11CFPMAXDURATION: ++// *write_method = write_dot11CFPMaxDuration; ++ return ( UCHAR * ) &sc->maxDuration; ++ ++ case DOT11AUTHENTICATIONRESPONSETIMEOUT: ++// *write_method = write_dot11AuthenticationResponseTimeOut; ++ return ( UCHAR * ) &sc->authenticationResponseTimeOut; ++ ++ case DOT11PRIVACYOPTIONIMPLEMENTED: ++ return ( UCHAR * ) &sc->privacyOptionImplemented; ++ ++ case DOT11POWERMANAGEMENTMODE: ++// *write_method = write_dot11PowerManagementMode; ++ return ( UCHAR * ) &sc->powerManagementMode; ++ ++ case DOT11DESIREDSSID: ++// *write_method = write_dot11DesiredSSID; ++ *var_len = strlen ( sc->desiredSSID ); ++ return ( UCHAR * ) sc->desiredSSID; ++ ++ case DOT11DESIREDBSSTYPE: ++// *write_method = write_dot11DesiredBSSType; ++ return ( UCHAR * ) &sc->desiredBSSType; ++ ++ case DOT11OPERATIONALRATESET: ++// *write_method = write_dot11OperationalRateSet; ++ *var_len = strlen ( sc->operationalRateSet ); ++ return ( UCHAR * ) sc->operationalRateSet; ++ ++ case DOT11BEACONPERIOD: ++// *write_method = write_dot11BeaconPeriod; ++ return ( UCHAR * ) &sc->beaconPeriod; ++ ++ case DOT11DTIMPERIOD: ++// *write_method = write_dot11DTIMPeriod; ++ return ( UCHAR * ) &sc->DTIMPeriod; ++ ++ case DOT11ASSOCIATIONRESPONSETIMEOUT: ++// *write_method = write_dot11AssociationResponseTimeOut; ++ return ( UCHAR * ) &sc->associationResponseTimeOut; ++ ++ case DOT11DISASSOCIATEREASON: ++ return ( UCHAR * ) &sc->disAssociationReason; ++ ++ case DOT11DISASSOCIATESTATION: ++ MACWork[ 0] = sc->disAssociationStation[ 0]; ++ MACWork[ 1] = sc->disAssociationStation[ 1]; ++ MACWork[ 2] = sc->disAssociationStation[ 3]; ++ MACWork[ 3] = sc->disAssociationStation[ 4]; ++ MACWork[ 4] = sc->disAssociationStation[ 6]; ++ MACWork[ 5] = sc->disAssociationStation[ 7]; ++ MACWork[ 6] = sc->disAssociationStation[ 9]; ++ MACWork[ 7] = sc->disAssociationStation[10]; ++ MACWork[ 8] = sc->disAssociationStation[12]; ++ MACWork[ 9] = sc->disAssociationStation[13]; ++ MACWork[10] = sc->disAssociationStation[15]; ++ MACWork[11] = sc->disAssociationStation[16]; ++ MACWork[12] = '\0'; ++ *var_len = 6; ++ return ( UCHAR * ) htob ( MACWork ); ++ ++ case DOT11DEAUTHENTICATEREASON: ++ return ( UCHAR * ) &sc->deAuthenticationReason; ++ ++ case DOT11DEAUTHENTICATESTATION: ++ MACWork[ 0] = sc->deAuthenticationStation[ 0]; ++ MACWork[ 1] = sc->deAuthenticationStation[ 1]; ++ MACWork[ 2] = sc->deAuthenticationStation[ 3]; ++ MACWork[ 3] = sc->deAuthenticationStation[ 4]; ++ MACWork[ 4] = sc->deAuthenticationStation[ 6]; ++ MACWork[ 5] = sc->deAuthenticationStation[ 7]; ++ MACWork[ 6] = sc->deAuthenticationStation[ 9]; ++ MACWork[ 7] = sc->deAuthenticationStation[10]; ++ MACWork[ 8] = sc->deAuthenticationStation[12]; ++ MACWork[ 9] = sc->deAuthenticationStation[13]; ++ MACWork[10] = sc->deAuthenticationStation[15]; ++ MACWork[11] = sc->deAuthenticationStation[16]; ++ MACWork[12] = '\0'; ++ *var_len = 6; ++ return ( UCHAR * ) htob ( MACWork ); ++ ++ case DOT11AUTHENTICATEFAILSTATUS: ++ return ( UCHAR * ) &sc->authenticateFailStatus; ++ ++ case DOT11AUTHENTICATEFAILSTATION: ++ MACWork[ 0] = sc->authenticateFailStation[ 0]; ++ MACWork[ 1] = sc->authenticateFailStation[ 1]; ++ MACWork[ 2] = sc->authenticateFailStation[ 3]; ++ MACWork[ 3] = sc->authenticateFailStation[ 4]; ++ MACWork[ 4] = sc->authenticateFailStation[ 6]; ++ MACWork[ 5] = sc->authenticateFailStation[ 7]; ++ MACWork[ 6] = sc->authenticateFailStation[ 9]; ++ MACWork[ 7] = sc->authenticateFailStation[10]; ++ MACWork[ 8] = sc->authenticateFailStation[12]; ++ MACWork[ 9] = sc->authenticateFailStation[13]; ++ MACWork[10] = sc->authenticateFailStation[15]; ++ MACWork[11] = sc->authenticateFailStation[16]; ++ MACWork[12] = '\0'; ++ *var_len = 6; ++ return ( UCHAR * ) htob ( MACWork ); ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11AuthenticationAlgorithmsTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11AuthenticationAlgorithmsTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &aaList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ aa = ( struct aaTbl_data * ) np->data; ++ rName[vp->namelen + 0] = aa->ifIndex; ++ rName[vp->namelen + 1] = aa->authenticationAlgorithmsIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11AUTHENTICATIONALGORITHM: ++ if ( aa->haveAuthenticationAlgorithm ) found = TRUE; break; ++ case DOT11AUTHENTICATIONALGORITHMSENABLE: ++ if ( aa->authenticationAlgorithmsEnable ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 2 ) * sizeof ( oid )); ++ *length = vp->namelen + 2; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11AUTHENTICATIONALGORITHM: ++ return ( UCHAR * ) &aa->authenticationAlgorithm; ++ ++ case DOT11AUTHENTICATIONALGORITHMSENABLE: ++// *write_method = write_dot11AuthenticationAlgorithmsEnable; ++ return ( UCHAR * ) &aa->authenticationAlgorithmsEnable; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11WEPDefaultKeysTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11WEPDefaultKeysTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &dfList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ df = ( struct dfTbl_data * ) np->data; ++ rName[vp->namelen + 0] = df->ifIndex; ++ rName[vp->namelen + 1] = df->WEPDefaultKeyIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11WEPDEFAULTKEYVALUE: ++ if ( df->haveWEPDefaultKeyValue ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 2 ) * sizeof ( oid )); ++ *length = vp->namelen + 2; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11WEPDEFAULTKEYVALUE: ++// *write_method = write_dot11WEPDefaultKeyValue; ++ *var_len = strlen ( df->WEPDefaultKeyValue ); ++ return ( UCHAR * ) df->WEPDefaultKeyValue; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11WEPKeyMappingsTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11WEPKeyMappingsTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method) ++{ ++ static char MACWork[17]; ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &kmList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ km = ( struct kmTbl_data * ) np->data; ++ rName[vp->namelen + 0] = km->ifIndex; ++ rName[vp->namelen + 1] = km->WEPKeyMappingIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11WEPKEYMAPPINGADDRESS: ++ if ( km->haveWEPKeyMappingAddress ) found = TRUE; break; ++ case DOT11WEPKEYMAPPINGWEPON: ++ if ( km->haveWEPKeyMappingWEPOn ) found = TRUE; break; ++ case DOT11WEPKEYMAPPINGVALUE: ++ if ( km->haveWEPKeyMappingValue ) found = TRUE; break; ++ case DOT11WEPKEYMAPPINGSTATUS: ++ if ( km->haveWEPKeyMappingStatus ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 2 ) * sizeof ( oid )); ++ *length = vp->namelen + 2; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11WEPKEYMAPPINGADDRESS: ++// *write_method = write_dot11WEPKeyMappingAddress; ++ MACWork[ 0] = km->WEPKeyMappingAddress[ 0]; ++ MACWork[ 1] = km->WEPKeyMappingAddress[ 1]; ++ MACWork[ 2] = km->WEPKeyMappingAddress[ 3]; ++ MACWork[ 3] = km->WEPKeyMappingAddress[ 4]; ++ MACWork[ 4] = km->WEPKeyMappingAddress[ 6]; ++ MACWork[ 5] = km->WEPKeyMappingAddress[ 7]; ++ MACWork[ 6] = km->WEPKeyMappingAddress[ 9]; ++ MACWork[ 7] = km->WEPKeyMappingAddress[10]; ++ MACWork[ 8] = km->WEPKeyMappingAddress[12]; ++ MACWork[ 9] = km->WEPKeyMappingAddress[13]; ++ MACWork[10] = km->WEPKeyMappingAddress[15]; ++ MACWork[11] = km->WEPKeyMappingAddress[16]; ++ MACWork[12] = '\0'; ++ *var_len = 6; ++ return ( UCHAR * ) htob ( MACWork ); ++ ++ case DOT11WEPKEYMAPPINGWEPON: ++// *write_method = write_dot11WEPKeyMappingWEPOn; ++ return ( UCHAR * ) &km->WEPKeyMappingWEPOn; ++ ++ case DOT11WEPKEYMAPPINGVALUE: ++// *write_method = write_dot11WEPKeyMappingValue; ++ *var_len = strlen ( km->WEPKeyMappingValue ); ++ return ( UCHAR * ) km->WEPKeyMappingValue; ++ ++ case DOT11WEPKEYMAPPINGSTATUS: ++// *write_method = write_dot11WEPKeyMappingStatus; ++ return ( UCHAR * ) &km->WEPKeyMappingStatus; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11PrivacyTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11PrivacyTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &prList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ pr = ( struct prTbl_data * ) np->data; ++ rName[vp->namelen] = pr->ifIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11PRIVACYINVOKED: ++ if ( pr->havePrivacyInvoked ) found = TRUE; break; ++ case DOT11WEPDEFAULTKEYID: ++ if ( pr->haveWEPDefaultKeyID ) found = TRUE; break; ++ case DOT11WEPKEYMAPPINGLENGTH: ++ if ( pr->haveWEPKeyMappingLength ) found = TRUE; break; ++ case DOT11EXCLUDEUNENCRYPTED: ++ if ( pr->haveExcludeUnencrypted ) found = TRUE; break; ++ case DOT11WEPICVERRORCOUNT: ++ if ( pr->haveWEPICVErrorCount ) found = TRUE; break; ++ case DOT11WEPEXCLUDEDCOUNT: ++ if ( pr->haveWEPExcludedCount ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 1 ) * sizeof ( oid )); ++ *length = vp->namelen + 1; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11PRIVACYINVOKED: ++// *write_method = write_dot11PrivacyInvoked; ++ return ( UCHAR * ) &pr->privacyInvoked; ++ ++ case DOT11WEPDEFAULTKEYID: ++// *write_method = write_dot11WEPDefaultKeyID; ++ return ( UCHAR * ) &pr->WEPDefaultKeyID; ++ ++ case DOT11WEPKEYMAPPINGLENGTH: ++// *write_method = write_dot11WEPKeyMappingLength; ++ return ( UCHAR * ) &pr->WEPKeyMappingLength; ++ ++ case DOT11EXCLUDEUNENCRYPTED: ++// *write_method = write_dot11ExcludeUnencrypted; ++ return ( UCHAR * ) &pr->excludeUnencrypted; ++ ++ case DOT11WEPICVERRORCOUNT: ++ return ( UCHAR * ) &pr->WEPICVErrorCount; ++ ++ case DOT11WEPEXCLUDEDCOUNT: ++ return ( UCHAR * ) &pr->WEPExcludedCount; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11OperationTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11OperationTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ static char MACWork[17]; ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &opList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ op = ( struct opTbl_data * ) np->data; ++ rName[vp->namelen] = op->ifIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) > 0 ))) { ++ ++ switch ( vp->magic ) { // found requested OID, now check for requested variable ++ case DOT11MACADDRESS: ++ if ( op->haveMACAddress ) found = TRUE; break; ++ case DOT11RTSTHRESHOLD: ++ if ( op->haveRTSThreshold ) found = TRUE; break; ++ case DOT11SHORTRETRYLIMIT: ++ if ( op->haveShortRetryLimit ) found = TRUE; break; ++ case DOT11LONGRETRYLIMIT: ++ if ( op->haveLongRetryLimit ) found = TRUE; break; ++ case DOT11FRAGMENTATIONTHRESHOLD: ++ if ( op->haveFragmentationThreshold ) found = TRUE; break; ++ case DOT11MAXTRANSMITMSDULIFETIME: ++ if ( op->haveMaxTransmitMSDULifetime ) found = TRUE; break; ++ case DOT11MAXRECEIVELIFETIME: ++ if ( op->haveMaxReceiveLifetime ) found = TRUE; break; ++ case DOT11MANUFACTURERID: ++ if ( op->haveManufacturerID ) found = TRUE; break; ++ case DOT11PRODUCTID: ++ if ( op->haveProductID ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 1 ) * sizeof ( oid )); ++ *length = vp->namelen + 1; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11MACADDRESS: ++ MACWork[ 0] = op->MACAddress[ 0]; ++ MACWork[ 1] = op->MACAddress[ 1]; ++ MACWork[ 2] = op->MACAddress[ 3]; ++ MACWork[ 3] = op->MACAddress[ 4]; ++ MACWork[ 4] = op->MACAddress[ 6]; ++ MACWork[ 5] = op->MACAddress[ 7]; ++ MACWork[ 6] = op->MACAddress[ 9]; ++ MACWork[ 7] = op->MACAddress[10]; ++ MACWork[ 8] = op->MACAddress[12]; ++ MACWork[ 9] = op->MACAddress[13]; ++ MACWork[10] = op->MACAddress[15]; ++ MACWork[11] = op->MACAddress[16]; ++ MACWork[12] = '\0'; ++ *var_len = 6; ++ return ( UCHAR * ) htob ( MACWork ); ++ ++ case DOT11RTSTHRESHOLD: ++// *write_method = write_dot11RTSThreshold; ++ return ( UCHAR * ) &op->RTSThreshold; ++ ++ case DOT11SHORTRETRYLIMIT: ++// *write_method = write_dot11ShortRetryLimit; ++ return ( UCHAR * ) &op->shortRetryLimit; ++ ++ case DOT11LONGRETRYLIMIT: ++// *write_method = write_dot11LongRetryLimit; ++ return ( UCHAR * ) &op->longRetryLimit; ++ ++ case DOT11FRAGMENTATIONTHRESHOLD: ++// *write_method = write_dot11FragmentationThreshold; ++ return ( UCHAR * ) &op->fragmentationThreshold; ++ ++ case DOT11MAXTRANSMITMSDULIFETIME: ++// *write_method = write_dot11MaxTransmitMSDULifetime; ++ return ( UCHAR * ) &op->maxTransmitMSDULifetime; ++ ++ case DOT11MAXRECEIVELIFETIME: ++// *write_method = write_dot11MaxReceiveLifetime; ++ return ( UCHAR * ) &op->maxReceiveLifetime; ++ ++ case DOT11MANUFACTURERID: ++ *var_len = strlen ( op->manufacturerID ); ++ return ( UCHAR * ) op->manufacturerID; ++ ++ case DOT11PRODUCTID: ++ *var_len = strlen ( op->productID ); ++ return ( UCHAR * ) op->productID; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11CountersTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11CountersTable(struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &coList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ co = ( struct coTbl_data * ) np->data; ++ rName[vp->namelen] = co->ifIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11TRANSMITTEDFRAGMENTCOUNT: ++ if ( co->haveTransmittedFragmentCount ) found = TRUE; break; ++ case DOT11MULTICASTTRANSMITTEDFRAMECOUNT: ++ if ( co->haveTransmittedFrameCount ) found = TRUE; break; ++ case DOT11FAILEDCOUNT: ++ if ( co->haveFailedCount ) found = TRUE; break; ++ case DOT11RETRYCOUNT: ++ if ( co->haveRetryCount ) found = TRUE; break; ++ case DOT11MULTIPLERETRYCOUNT: ++ if ( co->haveMultipleRetryCount ) found = TRUE; break; ++ case DOT11FRAMEDUPLICATECOUNT: ++ if ( co->haveFrameDuplicateCount ) found = TRUE; break; ++ case DOT11RTSSUCCESSCOUNT: ++ if ( co->haveRTSSuccessCount ) found = TRUE; break; ++ case DOT11RTSFAILURECOUNT: ++ if ( co->haveRTSFailureCount ) found = TRUE; break; ++ case DOT11ACKFAILURECOUNT: ++ if ( co->haveACKFailureCount ) found = TRUE; break; ++ case DOT11RECEIVEDFRAGMENTCOUNT: ++ if ( co->haveReceivedFragmentCount ) found = TRUE; break; ++ case DOT11MULTICASTRECEIVEDFRAMECOUNT: ++ if ( co->haveMulticastReceivedFrameCount ) found = TRUE; break; ++ case DOT11FCSERRORCOUNT: ++ if ( co->haveFCSErrorCount ) found = TRUE; break; ++ case DOT11TRANSMITTEDFRAMECOUNT: ++ if ( co->haveTransmittedFrameCount ) found = TRUE; break; ++ case DOT11WEPUNDECRYPTABLECOUNT: ++ if ( co->haveWEPUndecryptableCount ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 1 ) * sizeof ( oid )); ++ *length = vp->namelen + 1; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11TRANSMITTEDFRAGMENTCOUNT: return ( UCHAR * ) &co->transmittedFragmentCount; ++ case DOT11MULTICASTTRANSMITTEDFRAMECOUNT: return ( UCHAR * ) &co->transmittedFrameCount; ++ case DOT11FAILEDCOUNT: return ( UCHAR * ) &co->failedCount; ++ case DOT11RETRYCOUNT: return ( UCHAR * ) &co->retryCount; ++ case DOT11MULTIPLERETRYCOUNT: return ( UCHAR * ) &co->multipleRetryCount; ++ case DOT11FRAMEDUPLICATECOUNT: return ( UCHAR * ) &co->frameDuplicateCount; ++ case DOT11RTSSUCCESSCOUNT: return ( UCHAR * ) &co->RTSSuccessCount; ++ case DOT11RTSFAILURECOUNT: return ( UCHAR * ) &co->RTSFailureCount; ++ case DOT11ACKFAILURECOUNT: return ( UCHAR * ) &co->ACKFailureCount; ++ case DOT11RECEIVEDFRAGMENTCOUNT: return ( UCHAR * ) &co->receivedFragmentCount; ++ case DOT11MULTICASTRECEIVEDFRAMECOUNT: return ( UCHAR * ) &co->multicastReceivedFrameCount; ++ case DOT11FCSERRORCOUNT: return ( UCHAR * ) &co->FCSErrorCount; ++ case DOT11TRANSMITTEDFRAMECOUNT: return ( UCHAR * ) &co->transmittedFrameCount; ++ case DOT11WEPUNDECRYPTABLECOUNT: return ( UCHAR * ) &co->WEPUndecryptableCount; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11GroupAddressesTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11GroupAddressesTable(struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method) ++{ ++ static char MACWork[17]; ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &gaList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ ga = ( struct gaTbl_data * ) np->data; ++ rName[vp->namelen + 0] = ga->ifIndex; ++ rName[vp->namelen + 1] = ga->groupAddressesIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11ADDRESS: ++ if ( ga->haveAddress ) found = TRUE; break; ++ case DOT11GROUPADDRESSESSTATUS: ++ if ( ga->haveGroupAddressesStatus ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 2 ) * sizeof ( oid )); ++ *length = vp->namelen + 2; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11ADDRESS: ++// *write_method = write_dot11Address; ++ MACWork[ 0] = ga->address[ 0]; ++ MACWork[ 1] = ga->address[ 1]; ++ MACWork[ 2] = ga->address[ 3]; ++ MACWork[ 3] = ga->address[ 4]; ++ MACWork[ 4] = ga->address[ 6]; ++ MACWork[ 5] = ga->address[ 7]; ++ MACWork[ 6] = ga->address[ 9]; ++ MACWork[ 7] = ga->address[10]; ++ MACWork[ 8] = ga->address[12]; ++ MACWork[ 9] = ga->address[13]; ++ MACWork[10] = ga->address[15]; ++ MACWork[11] = ga->address[16]; ++ MACWork[12] = '\0'; ++ *var_len = 6; ++ return ( UCHAR * ) htob ( MACWork ); ++ ++ case DOT11GROUPADDRESSESSTATUS: ++// *write_method = write_dot11GroupAddressesStatus; ++ return ( UCHAR * ) &ga->groupAddressesStatus; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11ResourceInfoTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11ResourceInfoTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &riList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ ri = ( struct riTbl_data * ) np->data; ++ rName[vp->namelen] = ri->ifIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11MANUFACTUREROUI: ++ if ( ri->haveManufacturerOUI ) found = TRUE; break; ++ case DOT11MANUFACTURERNAME: ++ if ( ri->haveManufacturerName ) found = TRUE; break; ++ case DOT11MANUFACTURERPRODUCTNAME: ++ if ( ri->haveManufacturerProductName ) found = TRUE; break; ++ case DOT11MANUFACTURERPRODUCTVERSION: ++ if ( ri->haveManufacturerProductVersion ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 1 ) * sizeof ( oid )); ++ *length = vp->namelen + 1; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11MANUFACTUREROUI: ++ *var_len = strlen ( ri->manufacturerOUI ); ++ return ( UCHAR * ) ri->manufacturerOUI; ++ ++ case DOT11MANUFACTURERNAME: ++ *var_len = strlen ( ri->manufacturerName ); ++ return ( UCHAR * ) ri->manufacturerName; ++ ++ case DOT11MANUFACTURERPRODUCTNAME: ++ *var_len = strlen ( ri->manufacturerProductName ); ++ return ( UCHAR * ) ri->manufacturerProductName; ++ ++ case DOT11MANUFACTURERPRODUCTVERSION: ++ *var_len = strlen ( ri->manufacturerProductVersion ); ++ return ( UCHAR * ) ri->manufacturerProductVersion; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11PhyOperationTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11PhyOperationTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &poList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ po = ( struct poTbl_data * ) np->data; ++ rName[vp->namelen] = po->ifIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11PHYTYPE: ++ if ( po->havePHYType ) found = TRUE; break; ++ case DOT11CURRENTREGDOMAIN: ++ if ( po->haveCurrentRegDomain ) found = TRUE; break; ++ case DOT11TEMPTYPE: ++ if ( po->haveTempType ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 1 ) * sizeof ( oid )); ++ *length = vp->namelen + 1; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11PHYTYPE: ++ return ( UCHAR * ) &po->PHYType; ++ ++ case DOT11CURRENTREGDOMAIN: ++// *write_method = write_dot11CurrentRegDomain; ++ return ( UCHAR * ) &po->currentRegDomain; ++ ++ case DOT11TEMPTYPE: ++ return ( UCHAR * ) &po->tempType; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11PhyAntennaTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11PhyAntennaTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &paList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ pa = ( struct paTbl_data * ) np->data; ++ rName[vp->namelen] = pa->ifIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11CURRENTTXANTENNA: ++ if ( pa->haveCurrentTxAntenna ) found = TRUE; break; ++ case DOT11DIVERSITYSUPPORT: ++ if ( pa->haveDiversitySupport ) found = TRUE; break; ++ case DOT11CURRENTRXANTENNA: ++ if ( pa->haveCurrentRxAntenna ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 1 ) * sizeof ( oid )); ++ *length = vp->namelen + 1; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11CURRENTTXANTENNA: ++// *write_method = write_dot11CurrentTxAntenna; ++ return ( UCHAR * ) &pa->currentTxAntenna; ++ ++ case DOT11DIVERSITYSUPPORT: ++ return ( UCHAR * ) &pa->diversitySupport; ++ ++ case DOT11CURRENTRXANTENNA: ++// *write_method = write_dot11CurrentRxAntenna; ++ return ( UCHAR * ) &pa->currentRxAntenna; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11PhyTxPowerTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11PhyTxPowerTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &ptList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ pt = ( struct ptTbl_data * ) np->data; ++ rName[vp->namelen] = pt->ifIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11NUMBERSUPPORTEDPOWERLEVELS: ++ if ( pt->haveNumberSupportedPowerLevels ) found = TRUE; break; ++ case DOT11TXPOWERLEVEL1: ++ if ( pt->haveTxPowerLevel1 ) found = TRUE; break; ++ case DOT11TXPOWERLEVEL2: ++ if ( pt->haveTxPowerLevel2 ) found = TRUE; break; ++ case DOT11TXPOWERLEVEL3: ++ if ( pt->haveTxPowerLevel3 ) found = TRUE; break; ++ case DOT11TXPOWERLEVEL4: ++ if ( pt->haveTxPowerLevel4 ) found = TRUE; break; ++ case DOT11TXPOWERLEVEL5: ++ if ( pt->haveTxPowerLevel5 ) found = TRUE; break; ++ case DOT11TXPOWERLEVEL6: ++ if ( pt->haveTxPowerLevel6 ) found = TRUE; break; ++ case DOT11TXPOWERLEVEL7: ++ if ( pt->haveTxPowerLevel7 ) found = TRUE; break; ++ case DOT11TXPOWERLEVEL8: ++ if ( pt->haveTxPowerLevel8 ) found = TRUE; break; ++ case DOT11CURRENTTXPOWERLEVEL: ++ if ( pt->currentTxPowerLevel ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 1 ) * sizeof ( oid )); ++ *length = vp->namelen + 1; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11NUMBERSUPPORTEDPOWERLEVELS: ++ return ( UCHAR * ) &pt->numberSupportedPowerLevels; ++ ++ case DOT11TXPOWERLEVEL1: return ( UCHAR * ) &pt->TxPowerLevel1; ++ case DOT11TXPOWERLEVEL2: return ( UCHAR * ) &pt->TxPowerLevel2; ++ case DOT11TXPOWERLEVEL3: return ( UCHAR * ) &pt->TxPowerLevel3; ++ case DOT11TXPOWERLEVEL4: return ( UCHAR * ) &pt->TxPowerLevel4; ++ case DOT11TXPOWERLEVEL5: return ( UCHAR * ) &pt->TxPowerLevel5; ++ case DOT11TXPOWERLEVEL6: return ( UCHAR * ) &pt->TxPowerLevel6; ++ case DOT11TXPOWERLEVEL7: return ( UCHAR * ) &pt->TxPowerLevel7; ++ case DOT11TXPOWERLEVEL8: return ( UCHAR * ) &pt->TxPowerLevel8; ++ ++ case DOT11CURRENTTXPOWERLEVEL: ++// *write_method = write_dot11CurrentTxPowerLevel; ++ return ( UCHAR * ) &pt->currentTxPowerLevel; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11PhyFHSSTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11PhyFHSSTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &pfList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ pf = ( struct pfTbl_data * ) np->data; ++ rName[vp->namelen] = pf->ifIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11HOPTIME: ++ if ( pf->haveHopTime ) found = TRUE; break; ++ case DOT11CURRENTCHANNELNUMBER: ++ if ( pf->haveCurrentChannelNumber ) found = TRUE; break; ++ case DOT11MAXDWELLTIME: ++ if ( pf->haveMaxDwellTime ) found = TRUE; break; ++ case DOT11CURRENTDWELLTIME: ++ if ( pf->haveCurrentDwellTime ) found = TRUE; break; ++ case DOT11CURRENTSET: ++ if ( pf->haveCurrentSet ) found = TRUE; break; ++ case DOT11CURRENTPATTERN: ++ if ( pf->haveCurrentPattern ) found = TRUE; break; ++ case DOT11CURRENTINDEX: ++ if ( pf->haveCurrentIndex ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 1 ) * sizeof ( oid )); ++ *length = vp->namelen + 1; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11HOPTIME: ++ return ( UCHAR * ) &pf->hopTime; ++ ++ case DOT11CURRENTCHANNELNUMBER: ++// *write_method = write_dot11CurrentChannelNumber; ++ return ( UCHAR * ) &pf->currentChannelNumber; ++ ++ case DOT11MAXDWELLTIME: ++ return ( UCHAR * ) &pf->maxDwellTime; ++ ++ case DOT11CURRENTDWELLTIME: ++// *write_method = write_dot11CurrentDwellTime; ++ return ( UCHAR * ) &pf->currentDwellTime; ++ ++ case DOT11CURRENTSET: ++// *write_method = write_dot11CurrentSet; ++ return ( UCHAR * ) &pf->currentSet; ++ ++ case DOT11CURRENTPATTERN: ++// *write_method = write_dot11CurrentPattern; ++ return ( UCHAR * ) &pf->currentPattern; ++ ++ case DOT11CURRENTINDEX: ++// *write_method = write_dot11CurrentIndex; ++ return ( UCHAR * ) &pf->currentIndex; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11PhyDSSSTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11PhyDSSSTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &pdList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ pd = ( struct pdTbl_data * ) np->data; ++ rName[vp->namelen] = pd->ifIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11CURRENTCHANNEL: ++ if ( pd->haveCurrentChannel ) found = TRUE; break; ++ case DOT11CCAMODESUPPORTED: ++ if ( pd->haveCCAModeSupported ) found = TRUE; break; ++ case DOT11CURRENTCCAMODE: ++ if ( pd->haveCurrentCCAMode ) found = TRUE; break; ++ case DOT11EDTHRESHOLD: ++ if ( pd->haveEDThreshold ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 1 ) * sizeof ( oid )); ++ *length = vp->namelen + 1; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11CURRENTCHANNEL: ++// *write_method = write_dot11CurrentChannel; ++ return ( UCHAR * ) &pd->currentChannel; ++ ++ case DOT11CCAMODESUPPORTED: ++ return ( UCHAR * ) &pd->CCAModeSupported; ++ ++ case DOT11CURRENTCCAMODE: ++// *write_method = write_dot11CurrentCCAMode; ++ return ( UCHAR * ) &pd->currentCCAMode; ++ ++ case DOT11EDTHRESHOLD: ++// *write_method = write_dot11EDThreshold; ++ return ( UCHAR * ) &pd->EDThreshold; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11PhyIRTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11PhyIRTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method) ++{ ++ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &piList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ pi = ( struct piTbl_data * ) np->data; ++ rName[vp->namelen] = pi->ifIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 1, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11CCAWATCHDOGTIMERMAX: ++ if ( pi->CCAWatchdogTimerMax ) found = TRUE; break; ++ case DOT11CCAWATCHDOGCOUNTMAX: ++ if ( pi->CCAWatchdogCountMax ) found = TRUE; break; ++ case DOT11CCAWATCHDOGTIMERMIN: ++ if ( pi->CCAWatchdogTimerMin ) found = TRUE; break; ++ case DOT11CCAWATCHDOGCOUNTMIN: ++ if ( pi->CCAWatchdogCountMin ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 1 ) * sizeof ( oid )); ++ *length = vp->namelen + 1; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11CCAWATCHDOGTIMERMAX: ++// *write_method = write_dot11CCAWatchdogTimerMax; ++ return ( UCHAR * ) &pi->CCAWatchdogTimerMax; ++ ++ case DOT11CCAWATCHDOGCOUNTMAX: ++// *write_method = write_dot11CCAWatchdogCountMax; ++ return ( UCHAR * ) &pi->CCAWatchdogCountMax; ++ ++ case DOT11CCAWATCHDOGTIMERMIN: ++// *write_method = write_dot11CCAWatchdogTimerMin; ++ return ( UCHAR * ) &pi->CCAWatchdogTimerMin; ++ ++ case DOT11CCAWATCHDOGCOUNTMIN: ++// *write_method = write_dot11CCAWatchdogCountMin; ++ return ( UCHAR * ) &pi->CCAWatchdogCountMin; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11RegDomainsSupportedTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11RegDomainsSupportedTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &rdList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ rd = ( struct rdTbl_data * ) np->data; ++ rName[vp->namelen + 0] = rd->ifIndex; ++ rName[vp->namelen + 1] = rd->regDomainsSupportIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11REGDOMAINSSUPPORTVALUE: ++ if ( rd->haveRegDomainsSupportValue ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 2 ) * sizeof ( oid )); ++ *length = vp->namelen + 2; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11REGDOMAINSSUPPORTVALUE: ++ return ( UCHAR * ) &rd->regDomainsSupportValue; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11AntennasListTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11AntennasListTable(struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &alList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ al = ( struct alTbl_data * ) np->data; ++ rName[vp->namelen + 0] = al->ifIndex; ++ rName[vp->namelen + 1] = al->antennaListIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11SUPPORTEDTXANTENNA: ++ if ( al->haveSupportedTxAntenna ) found = TRUE; break; ++ case DOT11SUPPORTEDRXANTENNA: ++ if ( al->haveSupportedRxAntenna ) found = TRUE; break; ++ case DOT11DIVERSITYSELECTIONRX: ++ if ( al->haveDiversitySelectionRx ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 2 ) * sizeof ( oid )); ++ *length = vp->namelen + 2; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11SUPPORTEDTXANTENNA: ++// *write_method = write_dot11SupportedTxAntenna; ++ return ( UCHAR * ) &al->supportedTxAntenna; ++ ++ case DOT11SUPPORTEDRXANTENNA: ++// *write_method = write_dot11SupportedRxAntenna; ++ return ( UCHAR * ) &al->supportedRxAntenna; ++ ++ case DOT11DIVERSITYSELECTIONRX: ++// *write_method = write_dot11DiversitySelectionRx; ++ return ( UCHAR * ) &al->diversitySelectionRx; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11SupportedDataRatesTxTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11SupportedDataRatesTxTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &rtList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ rt = ( struct rtTbl_data * ) np->data; ++ rName[vp->namelen + 0] = rt->ifIndex; ++ rName[vp->namelen + 1] = rt->supportedDataRatesTxIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11SUPPORTEDDATARATESTXVALUE: ++ if ( rt->haveSupportedDataRatesTxValue ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 2 ) * sizeof ( oid )); ++ *length = vp->namelen + 2; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11SUPPORTEDDATARATESTXVALUE: ++ return ( UCHAR * ) &rt->supportedDataRatesTxValue; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++* var_dot11SupportedDataRatesRxTable() - * ++* * ++****************************************************************************/ ++unsigned char * ++var_dot11SupportedDataRatesRxTable ( struct variable *vp, ++ oid *name, ++ size_t *length, ++ int exact, ++ size_t *var_len, ++ WriteMethod **write_method ) ++{ ++ int found = FALSE; ++ oid rName [ MAX_OID_LEN ]; // OID to be returned ++ ++ loadTables(); ++ memcpy (( char * ) rName, ( char * ) vp->name, ( int ) vp->namelen * sizeof ( oid )); ++ for ( np = LIST_FIRST ( &rrList ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ rr = ( struct rrTbl_data * ) np->data; ++ rName[vp->namelen + 0] = rr->ifIndex; ++ rName[vp->namelen + 1] = rr->supportedDataRatesRxIndex; ++ if (( exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) == 0 )) || ++ ( !exact && ( snmp_oid_compare ( rName, vp->namelen + 2, name, *length ) > 0 ))) { ++ switch ( vp->magic ) { ++ case DOT11SUPPORTEDDATARATESRXVALUE: ++ if ( rr->haveSupportedDataRatesRxValue ) found = TRUE; break; ++ } ++ } ++ if ( found ) ++ break; ++ } ++ ++ if ( !found ) ++ return NULL; ++ ++ memcpy (( char * ) name, ( char * ) rName, ( vp->namelen + 2 ) * sizeof ( oid )); ++ *length = vp->namelen + 2; ++ *var_len = sizeof ( long ); ++ *write_method = NULL; ++ ++ switch ( vp->magic ) { ++ ++ case DOT11SUPPORTEDDATARATESRXVALUE: ++ return ( UCHAR * ) &rr->supportedDataRatesRxValue; ++ ++ default: ++ ERROR_MSG ( "" ); ++ } ++ ++ return NULL; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11StationID(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static unsigned char string[SPRINT_MAX_LEN]; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_OCTET_STR ) { ++ fprintf ( stderr, "write to dot11StationID not ASN_OCTET_STR\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( string )) { ++ fprintf ( stderr,"write to dot11StationID: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11MediumOccupancyLimit(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11MediumOccupancyLimit not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr,"write to dot11MediumOccupancyLimit: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CFPPeriod(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CFPPeriod not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CFPPeriod: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CFPMaxDuration(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CFPMaxDuration not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CFPMaxDuration: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11AuthenticationResponseTimeOut(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11AuthenticationResponseTimeOut not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11AuthenticationResponseTimeOut: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11PowerManagementMode(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11PowerManagementMode not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )) { ++ fprintf ( stderr, "write to dot11PowerManagementMode: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11DesiredSSID(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static unsigned char string[SPRINT_MAX_LEN]; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_OCTET_STR ) { ++ fprintf ( stderr, "write to dot11DesiredSSID not ASN_OCTET_STR\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( string )){ ++ fprintf ( stderr, "write to dot11DesiredSSID: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11DesiredBSSType(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11DesiredBSSType not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11DesiredBSSType: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11OperationalRateSet(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static unsigned char string[SPRINT_MAX_LEN]; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_OCTET_STR ) { ++ fprintf ( stderr, "write to dot11OperationalRateSet not ASN_OCTET_STR\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( string )){ ++ fprintf ( stderr, "write to dot11OperationalRateSet: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11BeaconPeriod(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11BeaconPeriod not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr,"write to dot11BeaconPeriod: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11DTIMPeriod(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11DTIMPeriod not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr,"write to dot11DTIMPeriod: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11AssociationResponseTimeOut(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11AssociationResponseTimeOut not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )) { ++ fprintf ( stderr,"write to dot11AssociationResponseTimeOut: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11AuthenticationAlgorithmsEnable(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11AuthenticationAlgorithmsEnable not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr,"write to dot11AuthenticationAlgorithmsEnable: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11WEPDefaultKeyValue(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static unsigned char string[SPRINT_MAX_LEN]; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_OCTET_STR ) { ++ fprintf ( stderr, "write to dot11WEPDefaultKeyValue not ASN_OCTET_STR\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( string )){ ++ fprintf ( stderr,"write to dot11WEPDefaultKeyValue: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11WEPKeyMappingAddress(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static unsigned char string[SPRINT_MAX_LEN]; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_OCTET_STR ) { ++ fprintf ( stderr, "write to dot11WEPKeyMappingAddress not ASN_OCTET_STR\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( string )) { ++ fprintf ( stderr,"write to dot11WEPKeyMappingAddress: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11WEPKeyMappingWEPOn(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11WEPKeyMappingWEPOn not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11WEPKeyMappingWEPOn: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11WEPKeyMappingValue(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static unsigned char string[SPRINT_MAX_LEN]; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_OCTET_STR ) { ++ fprintf ( stderr, "write to dot11WEPKeyMappingValue not ASN_OCTET_STR\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( string )) { ++ fprintf ( stderr, "write to dot11WEPKeyMappingValue: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11WEPKeyMappingStatus(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11WEPKeyMappingStatus not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11WEPKeyMappingStatus: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11PrivacyInvoked(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11PrivacyInvoked not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11PrivacyInvoked: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11WEPDefaultKeyID(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11WEPDefaultKeyID not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11WEPDefaultKeyID: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11WEPKeyMappingLength(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11WEPKeyMappingLength not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11WEPKeyMappingLength: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11ExcludeUnencrypted(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11ExcludeUnencrypted not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr,"write to dot11ExcludeUnencrypted: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11RTSThreshold(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ){ ++ fprintf ( stderr, "write to dot11RTSThreshold not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11RTSThreshold: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11ShortRetryLimit(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11ShortRetryLimit not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11ShortRetryLimit: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11LongRetryLimit(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11LongRetryLimit not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr,"write to dot11LongRetryLimit: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11FragmentationThreshold(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11FragmentationThreshold not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr,"write to dot11FragmentationThreshold: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11MaxTransmitMSDULifetime(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11MaxTransmitMSDULifetime not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11MaxTransmitMSDULifetime: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11MaxReceiveLifetime(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11MaxReceiveLifetime not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11MaxReceiveLifetime: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11Address(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static unsigned char string[SPRINT_MAX_LEN]; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_OCTET_STR ) { ++ fprintf ( stderr, "write to dot11Address not ASN_OCTET_STR\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( string )){ ++ fprintf ( stderr, "write to dot11Address: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11GroupAddressesStatus(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11GroupAddressesStatus not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr,"write to dot11GroupAddressesStatus: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CurrentRegDomain(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CurrentRegDomain not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CurrentRegDomain: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CurrentTxAntenna(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CurrentTxAntenna not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CurrentTxAntenna: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CurrentRxAntenna(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CurrentRxAntenna not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr,"write to dot11CurrentRxAntenna: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CurrentTxPowerLevel(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CurrentTxPowerLevel not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CurrentTxPowerLevel: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CurrentChannelNumber(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CurrentChannelNumber not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr,"write to dot11CurrentChannelNumber: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CurrentDwellTime(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CurrentDwellTime not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CurrentDwellTime: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CurrentSet(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CurrentSet not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CurrentSet: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CurrentPattern(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CurrentPattern not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CurrentPattern: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CurrentIndex(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CurrentIndex not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CurrentIndex: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CurrentChannel(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CurrentChannel not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CurrentChannel: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CurrentCCAMode(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CurrentCCAMode not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr,"write to dot11CurrentCCAMode: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11EDThreshold(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11EDThreshold not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11EDThreshold: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CCAWatchdogTimerMax(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CCAWatchdogTimerMax not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CCAWatchdogTimerMax: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CCAWatchdogCountMax(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CCAWatchdogCountMax not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CCAWatchdogCountMax: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CCAWatchdogTimerMin(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CCAWatchdogTimerMin not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CCAWatchdogTimerMin: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11CCAWatchdogCountMin(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11CCAWatchdogCountMin not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11CCAWatchdogCountMin: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11SupportedTxAntenna(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11SupportedTxAntenna not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11SupportedTxAntenna: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11SupportedRxAntenna(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11SupportedRxAntenna not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr,"write to dot11SupportedRxAntenna: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++int ++write_dot11DiversitySelectionRx(int action, ++ u_char *var_val, ++ u_char var_val_type, ++ size_t var_val_len, ++ u_char *statP, ++ oid *name, ++ size_t name_len) ++{ ++ static long *long_ret; ++ int size; ++ ++ switch ( action ) { ++ ++ case RESERVE1: ++ if ( var_val_type != ASN_INTEGER ) { ++ fprintf ( stderr, "write to dot11DiversitySelectionRx not ASN_INTEGER\n" ); ++ return SNMP_ERR_WRONGTYPE; ++ } ++ if ( var_val_len > sizeof ( long_ret )){ ++ fprintf ( stderr, "write to dot11DiversitySelectionRx: bad length\n" ); ++ return SNMP_ERR_WRONGLENGTH; ++ } ++ break; ++ ++ case RESERVE2: ++ case FREE: ++ case ACTION: ++ case UNDO: ++ break; ++ ++ case COMMIT: ++ break; ++ } ++ ++ return SNMP_ERR_NOERROR; ++} ++ ++/**************************************************************************** ++* * ++* loadTables() - Load the Tables * ++* * ++****************************************************************************/ ++static void loadTables() ++{ ++ int skfd; // generic raw socket desc ++ struct iwreq wrq; // ioctl request structure ++ struct ifreq ifr; ++ struct timeval et; // elapsed time ++ struct wireless_info info; // workarea for wireless ioctl information ++ FILE *fp; ++ char bfr[1024], ifName[1024]; ++ char *s, *t; ++ ++ gettimeofday ( &et, ( struct timezone * ) 0 ); // get time-of-day ++ if ( et.tv_sec < lastLoad + MINLOADFREQ ) // only reload so often ++ return; ++ lastLoad = et.tv_sec; ++ ++ skfd = openSocket(); // open socket ++ if ( skfd < 0 ) { ++ syslog ( LOG_ERR, "SNMP ieee802dot11.loadTables() - %s\n", "socket open failure" ); ++ return; ++ } ++ ++ flushLists(); ++ ++ // find interfaces in /proc/net/dev and find the wireless interfaces ++ fp = fopen ( PROC_NET_DEV, "r" ); ++ if ( fp ) { ++ while ( fgets ( bfr, sizeof ( bfr ), fp )) { ++ if ( strstr ( bfr, ":" )) { ++ s = bfr; t = ifName; ++ while ( isspace ( *s )) // discard white space ++ *s++; ++ while ( *s != ':' ) // get interface name ++ *t++ = *s++; ++ *t = '\0'; ++ ++ // verify as a wireless device ++ memset (( char * ) &info, 0, sizeof ( struct wireless_info )); ++ strncpy ( wrq.ifr_name, ifName, IFNAMSIZ ); ++ if ( ioctl ( skfd, SIOCGIWNAME, &wrq ) >= 0 ) { ++ printf ( "%s ifName: %s\n", "loadTables() -", ifName ); ++ initStructs(); ++ loadWiExt( skfd, ifName, &info ); ++ displayWiExt ( info ); ++ load80211Structs ( skfd, ifName, &info ); ++ } ++ } ++ } ++ fclose ( fp ); ++ } ++ ++ close ( skfd ); ++} ++ ++/**************************************************************************** ++* * ++* load80211Structs() - load the 802.11 structures * ++* * ++****************************************************************************/ ++static void ++load80211Structs ( int skfd, char *ifName, struct wireless_info *wi ) ++{ ++ int rc, ifIndex = 0; ++ struct ifreq ifr; ++ char MACAddress [ MACADDR_LEN + 1 ]; ++ ++ strcpy ( ifr.ifr_name, ifName ); ++ rc = ioctl ( skfd, SIOCGIFHWADDR, &ifr ); ++ if ( rc >= 0 ) { ++ ++ sprintf ( MACAddress, "%02X:%02X:%02X:%02X:%02X:%02X\0", ++ ( UCHAR ) ifr.ifr_hwaddr.sa_data[0], ( UCHAR ) ifr.ifr_hwaddr.sa_data[1], ++ ( UCHAR ) ifr.ifr_hwaddr.sa_data[2], ( UCHAR ) ifr.ifr_hwaddr.sa_data[3], ++ ( UCHAR ) ifr.ifr_hwaddr.sa_data[4], ( UCHAR ) ifr.ifr_hwaddr.sa_data[5] ); ++ ++ nSc.haveStationID = TRUE; ++ strcpy ( nSc.stationID, MACAddress ); ++ nOp.haveMACAddress = TRUE; ++ strcpy ( nOp.MACAddress, MACAddress ); ++ nRi.haveManufacturerOUI = TRUE; ++ strncpy ( nRi.manufacturerOUI, MACAddress, MAN_OUI_LEN ); ++ ++ ifIndex = if_nametoindex ( ifName ); ++ if ( !ifIndex ) { ++ syslog ( LOG_ERR, "SNMP %s - %s %s\n", ++ "ieee802dot11.load80211Structs()", ifName, "has no ifIndex" ); ++ return; ++ } ++ ++ loadWiExtTo80211Structs ( ifIndex, ifName, wi ); ++ ++ if ( hasChanged (( char * ) &nSc, sizeof ( nSc ))) { ++ nSc.ifIndex = ifIndex; ++ sprintf ( nSc.UID, "%04d\0", nSc.ifIndex ); ++ strcpy ( nSc.ifName, ifName ); ++ addList (( char * ) &scList, ( char * ) &nSc, sizeof ( nSc )); ++ } ++ ++ if ( hasChanged (( char * ) &nPr, sizeof ( nPr ))) { ++ nPr.ifIndex = ifIndex; ++ sprintf ( nPr.UID, "%04d\0", nPr.ifIndex ); ++ strcpy ( nPr.ifName, ifName ); ++ addList (( char * ) &prList, ( char * ) &nPr, sizeof ( nPr )); ++ } ++ ++ if ( hasChanged (( char * ) &nOp, sizeof ( nOp ))) { ++ nOp.ifIndex = ifIndex; ++ sprintf ( nOp.UID, "%04d\0", nOp.ifIndex ); ++ strcpy ( nOp.ifName, ifName ); ++ addList (( char * ) &opList, ( char * ) &nOp, sizeof ( nOp )); ++ } ++ ++ if ( hasChanged (( char * ) &nCo, sizeof ( nCo ))) { ++ nCo.ifIndex = ifIndex; ++ sprintf ( nCo.UID, "%04d\0", nCo.ifIndex ); ++ strcpy ( nCo.ifName, ifName ); ++ addList (( char * ) &coList, ( char * ) &nCo, sizeof ( nCo )); ++ } ++ ++ if ( hasChanged (( char * ) &nRi, sizeof ( nRi ))) { ++ nRi.ifIndex = ifIndex; ++ sprintf ( nRi.UID, "%04d\0", nRi.ifIndex ); ++ strcpy ( nRi.ifName, ifName ); ++ addList (( char * ) &riList, ( char * ) &nRi, sizeof ( nRi )); ++ } ++ ++ if ( hasChanged (( char * ) &nPo, sizeof ( nPo ))) { ++ nPo.ifIndex = ifIndex; ++ sprintf ( nPo.UID, "%04d\0", nPo.ifIndex ); ++ strcpy ( nPo.ifName, ifName ); ++ addList (( char * ) &poList, ( char * ) &nPo, sizeof ( nPo )); ++ } ++ ++ if ( hasChanged (( char * ) &nPa, sizeof ( nPa ))) { ++ nPa.ifIndex = ifIndex; ++ sprintf ( nPa.UID, "%04d\0", nPa.ifIndex ); ++ strcpy ( nPa.ifName, ifName ); ++ addList (( char * ) &paList, ( char * ) &nPa, sizeof ( nPa )); ++ } ++ ++ if ( hasChanged (( char * ) &nPt, sizeof ( nPt ))) { ++ nPt.ifIndex = ifIndex; ++ sprintf ( nPt.UID, "%04d\0", nPt.ifIndex ); ++ strcpy ( nPt.ifName, ifName ); ++ addList (( char * ) &ptList, ( char * ) &nPt, sizeof ( nPt )); ++ } ++ ++ if ( hasChanged (( char * ) &nPf, sizeof ( nPf ))) { ++ nPf.ifIndex = ifIndex; ++ sprintf ( nPf.UID, "%04d\0", nPf.ifIndex ); ++ strcpy ( nPf.ifName, ifName ); ++ addList (( char * ) &pfList, ( char * ) &nPf, sizeof ( nPf )); ++ } ++ ++ if ( hasChanged (( char * ) &nPd, sizeof ( nPd ))) { ++ nPd.ifIndex = ifIndex; ++ sprintf ( nPd.UID, "%04d\0", nPd.ifIndex ); ++ strcpy ( nPd.ifName, ifName ); ++ addList (( char * ) &pdList, ( char * ) &nPd, sizeof ( nPd )); ++ } ++ ++ if ( hasChanged (( char * ) &nPi, sizeof ( nPi ))) { ++ nPi.ifIndex = ifIndex; ++ sprintf ( nPi.UID, "%04d\0", nPi.ifIndex ); ++ strcpy ( nPi.ifName, ifName ); ++ addList (( char * ) &piList, ( char * ) &nPi, sizeof ( nPi )); ++ } ++ } ++ ++//printf ( "%s - ifIndex: %d ifName: %s UID: %s\n", ++// "load80211Structs() - HASCHANGED", ifIndex, ifName, nSc.UID ); ++} ++ ++/**************************************************************************** ++* * ++* initStructs() - initialize structures * ++* * ++****************************************************************************/ ++static void initStructs() ++{ ++ int i; ++ ++ // 802.11 MIB Stuctures ++ memset (( char * ) &nSc, 0, sizeof ( nSc )); memset (( char * ) &nAa, 0, sizeof ( nAa )); ++ memset (( char * ) &nDf, 0, sizeof ( nDf )); memset (( char * ) &nKm, 0, sizeof ( nKm )); ++ memset (( char * ) &nPr, 0, sizeof ( nPr )); memset (( char * ) &nOp, 0, sizeof ( nOp )); ++ memset (( char * ) &nCo, 0, sizeof ( nCo )); memset (( char * ) &nGa, 0, sizeof ( nGa )); ++ memset (( char * ) &nRi, 0, sizeof ( nRi )); memset (( char * ) &nPo, 0, sizeof ( nPo )); ++ memset (( char * ) &nPa, 0, sizeof ( nPa )); memset (( char * ) &nPt, 0, sizeof ( nPt )); ++ memset (( char * ) &nPf, 0, sizeof ( nPf )); memset (( char * ) &nPd, 0, sizeof ( nPd )); ++ memset (( char * ) &nPi, 0, sizeof ( nPi )); memset (( char * ) &nRd, 0, sizeof ( nRd )); ++ memset (( char * ) &nAl, 0, sizeof ( nAl )); memset (( char * ) &nRt, 0, sizeof ( nRt )); ++ memset (( char * ) &nRr, 0, sizeof ( nRr )); ++ ++ // Wireless Extensions ++ wepCurrentKey = 0; ++ haveWepCurrentKey = FALSE; ++ for ( i = 0; i < MAX_WEP_KEYS; i++ ) { ++ wep[i].len = 0; ++ wep[i].key[0] = '\0'; ++ wep[i].haveKey = FALSE; ++ } ++} ++ ++/**************************************************************************** ++* * ++* Wireless Extensions Specific Functions * ++* * ++****************************************************************************/ ++/**************************************************************************** ++* * ++* loadWiExtTo80211Structs() - load wireless extensions to 802.11 structures * ++* * ++****************************************************************************/ ++static void ++loadWiExtTo80211Structs ( int ifIndex, char *ifName, struct wireless_info *wi ) ++{ ++ int i, j = 0; ++ ++ // dot11Smt Group ++ // dot11StationConfigTable ++ nSc.havePrivacyOptionImplemented = TRUE; ++ nSc.privacyOptionImplemented = 1; // assume we support WEP ++ ++ if ( wi->has_power ) { ++ nSc.havePowerManagementMode = TRUE; ++ nSc.powerManagementMode = 1; // assume power is active ++ if ( !wi->power.disabled && ++ wi->power.flags & IW_POWER_MIN ) ++ nSc.powerManagementMode = 2; // power save mode ++ } ++ ++ if ( wi->has_essid && strlen ( wi->essid )) { ++ nSc.haveDesiredSSID = TRUE; ++ strcpy ( nSc.desiredSSID, wi->essid ); ++ } ++ ++ if ( wi->has_mode ) { ++ nSc.haveDesiredBSSType = TRUE; ++ if ( wi->mode == IW_MODE_ADHOC ) ++ nSc.desiredBSSType = 2; // independent ++ else if ( wi->has_ap_addr ) ++ nSc.desiredBSSType = 1; // infrastructure ++ else ++ nSc.desiredBSSType = 3; // any ++ } ++ ++ if ( wi->has_range ) { ++ for ( i = 0; i < wi->range.num_bitrates && j < 126; i++ ) { ++ nSc.haveOperationalRateSet = TRUE; ++ nSc.operationalRateSet[j++] = ( char ) ( wi->range.bitrate[i] / 500000L ); ++ } ++ } ++ ++ // dot11AuthenticationAlgorithmsTable ++ nAa.haveAuthenticationAlgorithm = TRUE; // it's a rule to always have ++ nAa.haveAuthenticationAlgorithmsEnable = TRUE; // 'open' supported ++ nAa.ifIndex = ifIndex; ++ nAa.authenticationAlgorithmsIndex = 1; // index number one ++ nAa.authenticationAlgorithm = 1; // 1 => open key ++ sprintf ( nAa.UID, "%04d%04d\0", nAa.ifIndex, nAa.authenticationAlgorithmsIndex ); ++ nAa.authenticationAlgorithmsEnable = 1; // enabled by default ++ if ( ( wi->has_key ) && ++ ( wi->key_size != 0 ) && ++ !( wi->key_flags & IW_ENCODE_DISABLED )) ++ nAa.authenticationAlgorithmsEnable = 2; ++ addList (( char * ) &aaList, ( char * ) &nAa, sizeof ( nAa )); ++ ++ nAa.haveAuthenticationAlgorithm = TRUE; // I'm gonna assume we always support WEP ++ nAa.haveAuthenticationAlgorithmsEnable = TRUE; ++ nAa.ifIndex = ifIndex; ++ nAa.authenticationAlgorithmsIndex = 2; // index number 2 ++ nAa.authenticationAlgorithm = 2; // 2 => shared key ++ sprintf ( nAa.UID, "%04d%04d\0", nAa.ifIndex, nAa.authenticationAlgorithmsIndex ); ++ nAa.authenticationAlgorithmsEnable = 2; ++ if ( ( wi->has_key ) && ++ ( wi->key_size != 0 ) && ++ !( wi->key_flags & IW_ENCODE_DISABLED )) ++ nAa.authenticationAlgorithmsEnable = 1; // disabled by default ++ addList (( char * ) &aaList, ( char * ) &nAa, sizeof ( nAa )); ++ ++ //dot11WEPDefaultKeysTable ++ if ( wi->has_range ) { ++ for ( i = 0; i < MAX_WEP_KEYS; i++ ) { ++ nDf.haveWEPDefaultKeyValue = TRUE; ++ nDf.ifIndex = ifIndex; ++ nDf.WEPDefaultKeyIndex = i + 1; // index number ++ sprintf ( nDf.UID, "%04d%04d\0", nDf.ifIndex, nDf.WEPDefaultKeyIndex ); ++ if ( wep[i].haveKey ) ++ strcpy ( nDf.WEPDefaultKeyValue, "*****" ); ++ else ++ nDf.WEPDefaultKeyValue[0] = '\0'; ++ addList (( char * ) &dfList, ( char * ) &nDf, sizeof ( nDf )); ++ } ++ } ++ ++ // dot11PrivacyTable ++ nPr.havePrivacyInvoked = TRUE; ++ nPr.privacyInvoked = 2; // 2 => FALSE ++ nPr.haveWEPDefaultKeyID = TRUE; ++ nPr.WEPDefaultKeyID = 0; ++ nPr.haveExcludeUnencrypted = TRUE; ++ nPr.excludeUnencrypted = 2; // 2 => FALSE ++ if ( wi->has_range ) { ++ if ( ( wi->key_size != 0 ) && ++ !( wi->key_flags & IW_ENCODE_DISABLED )) { ++ nPr.privacyInvoked = 1; ++ if ( wi->key_flags & IW_ENCODE_RESTRICTED ) ++ nPr.excludeUnencrypted = 1; ++ nPr.WEPDefaultKeyID = wepCurrentKey; ++ } ++ } ++ ++ // dot11Mac Group ++ // dot11OperationTable ++ if ( wi->has_range ) { ++ nOp.haveRTSThreshold = TRUE; ++ nOp.RTSThreshold = wi->range.max_rts; ++ } ++ ++ if ( wi->has_frag && wi->frag.value ) { ++ nOp.haveFragmentationThreshold = TRUE; ++ nOp.fragmentationThreshold = wi->frag.value; ++ } ++ ++ // dot11Phy Group ++ // dot11PhyOperationTable ++ if ( strstr ( wi->name, "IEEE 802.11-FS" )) nPo.PHYType = 1; // So what if I ++ if ( strstr ( wi->name, "IEEE 802.11-DS" )) nPo.PHYType = 2; // made up a couple? ++ if ( strstr ( wi->name, "IEEE 802.11-IR" )) nPo.PHYType = 3; ++ if ( strstr ( wi->name, "IEEE 802.11-OFDM" )) nPo.PHYType = 4; // 802.11a ++ if ( strstr ( wi->name, "IEEE 802.11-OFDM/DS" )) nPo.PHYType = 5; // 802.11g ++ if ( strstr ( wi->name, "IEEE 802.11-TURBO" )) nPo.PHYType = 6; // Atheros TURBO mode ++ if ( nPo.PHYType ) nPo.havePHYType = TRUE; ++ ++ // dot11PhyDSSSTable ++ if ( wi->has_range ) { // && wi->freq <= ( double ) 2483000000 ) { // DSSS frequencies only ++ for ( i = 0; i < wi->range.num_frequency; i++ ) { ++ if ((( double ) ( wi->range.freq[i].e * 10 ) * ( double ) wi->range.freq[i].m ) == wi->freq ) { ++ nPd.haveCurrentChannel = TRUE; ++ nPd.currentChannel = wi->range.freq[i].i; ++ } ++ } ++ } ++ ++ // dot11SupportedDataRatesTxTable ++ if ( wi->has_range ) { ++ for ( i = 0; i < wi->range.num_bitrates; i++ ) { ++ nRt.ifIndex = ifIndex; ++ nRt.supportedDataRatesTxIndex = i + 1; ++ nRt.supportedDataRatesTxValue = wi->range.bitrate[i] / 500000L; ++ nRt.haveSupportedDataRatesTxValue = TRUE; ++ sprintf ( nRt.UID, "%04d%04d\0", nRt.ifIndex, nRt.supportedDataRatesTxIndex ); ++ strcpy ( nRt.ifName, ifName ); ++ addList (( char * ) &rtList, ( char * ) &nRt, sizeof ( nRt )); ++ } ++ } ++ ++ // dot11SupportedDataRatesRxTable ++ if ( wi->has_range ) { ++ for ( i = 0; i < wi->range.num_bitrates; i++ ) { ++ nRr.ifIndex = ifIndex; ++ nRr.supportedDataRatesRxIndex = i + 1; ++ nRr.supportedDataRatesRxValue = wi->range.bitrate[i] / 500000L; ++ nRr.haveSupportedDataRatesRxValue = TRUE; ++ sprintf ( nRr.UID, "%04d%04d\0", nRr.ifIndex, nRr.supportedDataRatesRxIndex ); ++ strcpy ( nRr.ifName, ifName ); ++ addList (( char * ) &rrList, ( char * ) &nRr, sizeof ( nRr )); ++ } ++ } ++ ++//printf ( "%s max_encoding_tokens: %d\n", ++// "loadWiExtTo80211Structs() - ", wi->range.max_encoding_tokens ); ++} ++ ++/**************************************************************************** ++* * ++* loadWiExt() - load wireless extensions structures; * ++* use ioctl calls and read /proc/net/wireless * ++* * ++****************************************************************************/ ++static void loadWiExt ( int skfd, char *ifname, struct wireless_info *wi ) ++{ ++ struct iwreq wrq; // ioctl request structure ++ FILE *fp; ++ char bfr[1024]; ++ char buffer[sizeof ( iwrange ) * 2]; /* Large enough */ ++ char *s, *t; ++ int i, j; ++ ++ strncpy ( wrq.ifr_name, ifname, IFNAMSIZ ); ++ ++ /* Get wireless name */ ++ if ( ioctl ( skfd, SIOCGIWNAME, &wrq ) >= 0 ) { ++ strncpy ( wi->name, wrq.u.name, IFNAMSIZ ); ++ wi->name[IFNAMSIZ] = '\0'; ++ } ++ ++ /* Get ranges */ // NOTE: some version checking in iwlib.c ++ memset ( buffer, 0, sizeof ( buffer )); ++ wrq.u.data.pointer = ( caddr_t ) &buffer; ++ wrq.u.data.length = sizeof ( buffer ); ++ wrq.u.data.flags = 0; ++ if ( ioctl ( skfd, SIOCGIWRANGE, &wrq ) >= 0 ) { ++ memcpy (( char * ) &wi->range, buffer, sizeof ( iwrange )); ++ wi->has_range = 1; ++ } ++ ++ /* Get network ID */ ++ if ( ioctl ( skfd, SIOCGIWNWID, &wrq ) >= 0 ) { ++ memcpy ( &wi->nwid, &wrq.u.nwid, sizeof ( iwparam )); ++ wi->has_nwid = 1; ++ } ++ ++ /* Get frequency / channel */ // THIS NUMBER LOOKS FUNNY ++ if ( ioctl ( skfd, SIOCGIWFREQ, &wrq ) >= 0 ) { ++ wi->has_freq = 1; ++ wi->freq = (( double ) wrq.u.freq.m ) * pow ( 10, wrq.u.freq.e ); ++ } ++ ++ /* Get sensitivity */ ++ if ( ioctl ( skfd, SIOCGIWSENS, &wrq ) >= 0 ) { ++ wi->has_sens = 1; ++ memcpy ( &wi->sens, &wrq.u.sens, sizeof ( iwparam )); ++ } ++ ++ /* Get encryption information */ ++ wrq.u.data.pointer = ( caddr_t ) &wi->key; ++ wrq.u.data.length = IW_ENCODING_TOKEN_MAX; ++ wrq.u.data.flags = 0; ++ if ( ioctl ( skfd, SIOCGIWENCODE, &wrq ) >= 0 ) { ++ wi->has_key = 1; ++ wi->key_size = wrq.u.data.length; ++ wi->key_flags = wrq.u.data.flags; ++ wepCurrentKey = wrq.u.data.flags & IW_ENCODE_INDEX; ++ } ++ ++ for ( i = 0; i < wi->range.max_encoding_tokens; i++ ) { ++ wrq.u.data.pointer = ( caddr_t ) &wi->key; ++ wrq.u.data.length = IW_ENCODING_TOKEN_MAX; ++ wrq.u.data.flags = i; ++ if ( ioctl ( skfd, SIOCGIWENCODE, &wrq ) >= 0 ) { ++ if ( ( wrq.u.data.length != 0 ) && ++ !( wrq.u.data.flags & IW_ENCODE_DISABLED )) { ++ wep[i].len = wrq.u.data.length; ++ wep[i].haveKey = TRUE; ++ t = wep[i].key; ++ for ( j = 0; j < wrq.u.data.length; j++ ) { ++ if (( j & 0x1 ) == 0 && j != 0 ) ++ strcpy ( t++, "-"); ++ sprintf ( t, "%.2X", wi->key[j] ); ++ t += 2; ++ } ++ t = '\0'; ++ } ++ } ++ } ++ ++ /* Get ESSID */ ++ wrq.u.essid.pointer = ( caddr_t ) &wi->essid; ++ wrq.u.essid.length = IW_ESSID_MAX_SIZE + 1; ++ wrq.u.essid.flags = 0; ++ if ( ioctl ( skfd, SIOCGIWESSID, &wrq ) >= 0 ) { ++ wi->has_essid = 1; ++ wi->essid_on = wrq.u.data.flags; ++ } ++ ++ /* Get AP address */ ++ if ( ioctl ( skfd, SIOCGIWAP, &wrq ) >= 0 ) { ++ wi->has_ap_addr = 1; ++ memcpy ( &wi->ap_addr, &wrq.u.ap_addr, sizeof ( sockaddr )); ++ } ++ ++ /* Get NickName */ ++ wrq.u.essid.pointer = ( caddr_t ) &wi->nickname; ++ wrq.u.essid.length = IW_ESSID_MAX_SIZE + 1; ++ wrq.u.essid.flags = 0; ++ if ( ioctl ( skfd, SIOCGIWNICKN, &wrq ) >= 0 ) { ++ if ( wrq.u.data.length > 1 ) ++ wi->has_nickname = 1; ++ } ++ ++ /* Get bit rate */ ++ if ( ioctl ( skfd, SIOCGIWRATE, &wrq ) >= 0 ) { ++ wi->has_bitrate = 1; ++ memcpy ( &wi->bitrate, &wrq.u.bitrate, sizeof ( iwparam )); ++ } ++ ++ /* Get RTS threshold */ ++ if ( ioctl ( skfd, SIOCGIWRTS, &wrq ) >= 0 ) { ++ wi->has_rts = 1; ++ memcpy ( &wi->rts, &wrq.u.rts, sizeof ( iwparam )); ++ } ++ ++ /* Get fragmentation threshold */ ++ if ( ioctl ( skfd, SIOCGIWFRAG, &wrq ) >= 0 ) { ++ wi->has_frag = 1; ++ memcpy ( &wi->frag, &wrq.u.frag, sizeof ( iwparam )); ++ } ++ ++ /* Get operation mode */ ++ if ( ioctl ( skfd, SIOCGIWMODE, &wrq ) >= 0 ) { ++ wi->mode = wrq.u.mode; ++ if ( wi->mode < IW_NUM_OPER_MODE && wi->mode >= 0 ) ++ wi->has_mode = 1; ++ } ++ ++ /* Get Power Management settings */ // #if WIRELESS_EXT > 9 ++ wrq.u.power.flags = 0; ++ if ( ioctl ( skfd, SIOCGIWPOWER, &wrq ) >= 0 ) { ++ wi->has_power = 1; ++ memcpy ( &wi->power, &wrq.u.power, sizeof ( iwparam )); ++ } ++ ++ /* Get retry limit/lifetime */ // #if WIRELESS_EXT > 10 ++ if ( ioctl ( skfd, SIOCGIWRETRY, &wrq ) >= 0 ) { ++ wi->has_retry = 1; ++ memcpy ( &wi->retry, &wrq.u.retry, sizeof ( iwparam )); ++ } ++ ++ /* Get stats */ // #if WIRELESS_EXT > 11 ++ wrq.u.data.pointer = ( caddr_t ) &wi->stats; ++ wrq.u.data.length = 0; ++ wrq.u.data.flags = 1; /* Clear updated flag */ ++ if ( ioctl ( skfd, SIOCGIWSTATS, &wrq ) < 0 ) ++ wi->has_stats = 1; ++ ++ if ( !wi->has_stats ) { // no ioctl support, go to file ++ fp = fopen ( PROC_NET_WIRELESS, "r" ); ++ if ( fp ) { ++ while ( fgets ( bfr, sizeof ( bfr ), fp )) { ++ bfr [ sizeof ( bfr ) - 1 ] = '\0'; // no buffer overruns here! ++ strtok (( char * ) &bfr, "\n" ); // '\n' => '\0' ++ if ( strstr ( bfr, ifname ) && strstr ( bfr, ":" )) { ++ wi->has_stats = 1; ++ s = bfr; ++ s = strchr ( s, ':' ); s++; /* Skip ethX: */ ++ s = strtok ( s, " " ); /* ' ' => '\0' */ ++ sscanf ( s, "%X", &wi->stats.status ); // status ++ ++ s = strtok ( NULL, " " ); // link quality ++ if ( strchr ( s, '.' ) != NULL ) ++ wi->stats.qual.updated |= 1; ++ sscanf ( s, "%d", &wi->stats.qual.qual ); ++ ++ s = strtok ( NULL, " " ); // signal level ++ if ( strchr ( s,'.' ) != NULL ) ++ wi->stats.qual.updated |= 2; ++ sscanf ( s, "%d", &wi->stats.qual.level ); ++ ++ s = strtok ( NULL, " " ); // noise level ++ if ( strchr ( s, '.' ) != NULL ) ++ wi->stats.qual.updated += 4; ++ sscanf ( s, "%d", &wi->stats.qual.noise ); ++ ++ s = strtok ( NULL, " " ); sscanf ( s, "%d", &wi->stats.discard.nwid ); ++ s = strtok ( NULL, " " ); sscanf ( s, "%d", &wi->stats.discard.code ); ++ s = strtok ( NULL, " " ); sscanf ( s, "%d", &wi->stats.discard.fragment ); ++ s = strtok ( NULL, " " ); sscanf ( s, "%d", &wi->stats.discard.retries ); ++ s = strtok ( NULL, " " ); sscanf ( s, "%d", &wi->stats.discard.misc ); ++ s = strtok ( NULL, " " ); sscanf ( s, "%d", &wi->stats.miss.beacon ); ++ } ++ } ++ fclose ( fp ); ++ } ++ } ++ ++// printf ( "%s bfr: %s\n", "loadTables()", bfr ); ++} ++ ++/**************************************************************************** ++* * ++* displayWiExt() - show what I got from Wireless Extensions * ++* * ++****************************************************************************/ ++static void displayWiExt ( struct wireless_info info ) ++{ ++#ifdef DISPLAYWIEXT ++ int i; ++ char title[] = "displayWiExt() -"; ++ ++ printf ( "========================================\n" ); ++ printf ( "===> Wireless Extension IOCTL calls <===\n" ); ++ printf ( "========================================\n" ); ++ ++ if ( strlen ( info.name )) ++ printf ( "%s name: %s\n", "SIOCGIWNAME", info.name ); ++ else ++ printf ( "%s\n", "no info.name support" ); ++ ++ if ( info.has_nickname = 1 ) ++ printf ( "%s nickname: %s\n", "SIOCGIWNICKN", info.nickname ); ++ else ++ printf ( "%s %s\n", "SIOCGIWNICKN", " ===> no info.nickname support" ); ++ ++ if ( info.has_essid ) ++ printf ( "%s essid_on: %d essid: %s\n", "SIOCGIWESSID", info.essid_on, info.essid ); ++ else ++ printf ( "%s %s\n", "SIOCGIWESSID", " ===> no info.essid support" ); ++ ++ if ( info.has_range ) { ++ printf ( "%s throughput: %d\n", "SIOCGIWRANGE", info.range.throughput ); ++ printf ( "%s min_nwid: %d\n", "SIOCGIWRANGE", info.range.min_nwid ); ++ printf ( "%s max_nwid: %d\n", "SIOCGIWRANGE", info.range.max_nwid ); ++ printf ( "%s sensitivity: %d\n", "SIOCGIWRANGE", info.range.sensitivity ); ++ printf ( "%s num_bitrates: %d\n", "SIOCGIWRANGE", info.range.num_bitrates ); ++ for ( i = 0; i < info.range.num_bitrates; i++ ) ++ printf ( "%s bitrate[%d]: %d\n", "SIOCGIWRANGE", i, info.range.bitrate[i] ); ++ printf ( "%s min_rts: %d\n", "SIOCGIWRANGE", info.range.min_rts ); ++ printf ( "%s max_rts: %d\n", "SIOCGIWRANGE", info.range.max_rts ); ++ printf ( "%s min_frag: %d\n", "SIOCGIWRANGE", info.range.min_frag ); ++ printf ( "%s max_frag: %d\n", "SIOCGIWRANGE", info.range.max_frag ); ++ printf ( "%s min_pmp: %d\n", "SIOCGIWRANGE", info.range.min_pmp ); ++ printf ( "%s max_pmp: %d\n", "SIOCGIWRANGE", info.range.max_pmp ); ++ printf ( "%s min_pmt: %d\n", "SIOCGIWRANGE", info.range.min_pmt ); ++ printf ( "%s max_pmt: %d\n", "SIOCGIWRANGE", info.range.max_pmt ); ++ printf ( "%s pmp_flags: %d\n", "SIOCGIWRANGE", info.range.pmp_flags ); ++ printf ( "%s pmt_flags: %d\n", "SIOCGIWRANGE", info.range.pmt_flags ); ++ printf ( "%s pm_capa: %d\n", "SIOCGIWRANGE", info.range.pm_capa ); ++ printf ( "%s num_encoding_sizes: %d\n", "SIOCGIWRANGE", info.range.num_encoding_sizes ); ++ for ( i = 0; i < info.range.num_encoding_sizes; i++ ) ++ printf ( "%s encoding_size[%d]: %d\n", "SIOCGIWRANGE", i, info.range.encoding_size[i] ); ++ printf ( "%s max_encoding_tokens: %d\n", "SIOCGIWRANGE", info.range.max_encoding_tokens ); ++// printf ( "%s encoding_login_index: %d\n", "SIOCGIWRANGE", info.range.encoding_login_index ); ++ printf ( "%s txpower_capa: %d\n", "SIOCGIWRANGE", info.range.txpower_capa ); ++ printf ( "%s num_txpower: %d dBm\n", "SIOCGIWRANGE", info.range.num_txpower ); ++ for ( i = 0; i < info.range.num_txpower; i++ ) ++ printf ( "%s txpower[%d]: %d\n", "SIOCGIWRANGE", i, info.range.txpower[i] ); ++ printf ( "%s we_version_compiled: %d\n", "SIOCGIWRANGE", info.range.we_version_compiled ); ++ printf ( "%s we_version_source: %d\n", "SIOCGIWRANGE", info.range.we_version_source ); ++ printf ( "%s retry_capa: %d\n", "SIOCGIWRANGE", info.range.retry_capa ); ++ printf ( "%s retry_flags: %d\n", "SIOCGIWRANGE", info.range.retry_flags ); ++ printf ( "%s r_time_flags: %d\n", "SIOCGIWRANGE", info.range.r_time_flags ); ++ printf ( "%s min_retry: %d\n", "SIOCGIWRANGE", info.range.min_retry ); ++ printf ( "%s max_retry: %d\n", "SIOCGIWRANGE", info.range.max_retry ); ++ printf ( "%s min_r_time: %d\n", "SIOCGIWRANGE", info.range.min_r_time ); ++ printf ( "%s max_r_time: %d\n", "SIOCGIWRANGE", info.range.max_r_time ); ++ printf ( "%s num_channels: %d\n", "SIOCGIWRANGE", info.range.num_channels ); ++ printf ( "%s num_frequency: %d\n", "SIOCGIWRANGE", info.range.num_frequency ); ++ for ( i = 0; i < info.range.num_frequency; i++ ) ++ printf ( "%s freq[%d].i: %d freq[%d].e: %d freq[%d].m: %d\n", "SIOCGIWRANGE", ++ i, info.range.freq[i].i, i, info.range.freq[i].e, i, info.range.freq[i].m ); ++ } ++ else ++ printf ( "%s %s\n", "SIOCGIWRANGE", " ===> no info.range support" ); ++ ++ if ( info.has_nwid ) ++ printf ( "%s nwid - disabled: %d value: %X\n", "SIOCGIWNWID", info.nwid.disabled, info.nwid.value ); ++ else ++ printf ( "%s %s\n", "SIOCGIWNWID", " ===> no info.nwid support" ); ++ ++ if ( info.has_freq ) { ++// printf ( "%s freq: %g\n", "SIOCGIWFREQ", info.freq / GIGA ); ++ printf ( "%s freq: %g\n", "SIOCGIWFREQ", info.freq ); ++ } ++ else ++ printf ( "%s %s\n", "SIOCGIWFREQ", " ===> no info.freq support" ); ++ ++ if ( info.has_sens ) ++ printf ( "%s sens: %d\n", "SIOCGIWSENS", info.sens ); ++ else ++ printf ( "%s %s\n", "SIOCGIWSENS", " ===> no info.sens support" ); ++ ++ if ( info.has_key ) { ++ printf ( "%s key_size: %d key_flags: %d wepCurrentKey: %d\n", ++ "SIOCGIWENCODE", info.key_size, info.key_flags, wepCurrentKey ); ++ printf ( "%s MODE: %d DISABLED: %d INDEX: %d OPEN: %d RESTRICTED: %d NOKEY: %d TEMP: %d\n", ++ "SIOCGIWENCODE", info.key_flags & IW_ENCODE_MODE, ++ info.key_flags & IW_ENCODE_DISABLED ? 1:0, info.key_flags & IW_ENCODE_INDEX, ++ info.key_flags & IW_ENCODE_OPEN ? 1:0, info.key_flags & IW_ENCODE_RESTRICTED ? 1:0, ++ info.key_flags & IW_ENCODE_NOKEY ? 1:0, info.key_flags & IW_ENCODE_TEMP ? 1:0 ); ++ } ++ else ++ printf ( "%s %s\n", "SIOCGIWENCODE", " ===> no info.key support" ); ++ ++ for ( i = 0; i < MAX_WEP_KEYS; i++ ) { ++ if ( wep[i].haveKey ) ++ printf ( "%s wep[%d].len: %d wep[%d].key: %s\n", ++ "SIOCGIWENCODE", i, wep[i].len, i, wep[i].key ); ++ } ++ ++ if ( info.has_ap_addr ) ++ printf ( "%s ap_addr.sa_data: %02X:%02X:%02X:%02X:%02X:%02X ap_addr.sa_family: %d\n", ++ "SIOCGIWAP", ( UCHAR ) info.ap_addr.sa_data[0], ( UCHAR ) info.ap_addr.sa_data[1], ++ ( UCHAR ) info.ap_addr.sa_data[2], ( UCHAR ) info.ap_addr.sa_data[3], ++ ( UCHAR ) info.ap_addr.sa_data[4], ( UCHAR ) info.ap_addr.sa_data[5], ++ info.ap_addr.sa_family ); ++ else ++ printf ( "%s %s\n", "SIOCGIWAP", " ===> no ap_addr information" ); ++ ++ if ( info.has_bitrate ) ++ printf ( "%s bitrate: %d value: %d fixed: %d disabled: %d flags: %d\n", ++ "SIOCGIWRATE", info.bitrate, info.bitrate.value, info.bitrate.fixed, ++ info.bitrate.disabled, info.bitrate.flags ); ++ else ++ printf ( "%s %s\n", "SIOCGIWRATE", " ===> no info.bitrate support" ); ++ ++ if ( info.has_rts ) ++ printf ( "%s rts: %d\n", "SIOCGIWRTS", info.rts ); ++ else ++ printf ( "%s %s\n", "SIOCGIWRTS", " ===> no info.rts support" ); ++ ++ if ( info.has_frag ) ++ printf ( "%s frag: %d\n", "SIOCGIWFRAG", info.frag ); ++ else ++ printf ( "%s %s\n", "SIOCGIWFRAG", " ===> no info.frag support" ); ++ ++ if ( info.has_mode ) ++ printf ( "%s mode: %d\n", "SIOCGIWMODE", info.mode ); ++ else ++ printf ( "%s %s\n", "SIOCGIWMODE", " ===> no info.mode support" ); ++ ++ if ( info.has_power ) { ++ printf ( "%s power: %d\n", "SIOCGIWPOWER", info.power ); ++ printf ( "%s disabled: %d MIN: %d MAX: %d TIMEOUT: %d RELATIVE: %d\n", ++ "SIOCGIWPOWER", ++ info.power.disabled ? 1:0, ++ info.power.flags & IW_POWER_MIN ? 1:0, ++ info.power.flags & IW_POWER_MAX ? 1:0, ++ info.power.flags & IW_POWER_TIMEOUT ? 1:0, ++ info.power.flags & IW_POWER_RELATIVE ? 1:0 ); ++ printf ( "%s UNICAST: %d MULTICAST: %d ALL: %d FORCE: %d REPEATER: %d\n", ++ "SIOCGIWPOWER", ++ info.power.flags & IW_POWER_UNICAST_R ? 1:0, ++ info.power.flags & IW_POWER_MULTICAST_R ? 1:0, ++ info.power.flags & IW_POWER_ALL_R ? 1:0, ++ info.power.flags & IW_POWER_FORCE_S ? 1:0, ++ info.power.flags & IW_POWER_REPEATER ? 1:0 ); ++ } ++ else ++ printf ( "%s %s\n", "SIOCGIWPOWER", " ===> no info.power support" ); ++ ++ if ( info.has_retry ) ++ printf ( "%s retry: %d\n", "SIOCGIWRETRY", info.retry ); ++ else ++ printf ( "%s %s\n", "SIOCGIWRETRY", " ===> no info.retry support" ); ++ ++ if ( info.has_stats ) { ++ printf ( "%s status: %d\n", "SIOCGIWSTATS", info.stats.status ); ++ printf ( "%s qual.level: %d\n", "SIOCGIWSTATS", info.stats.qual.level ); ++ printf ( "%s qual.noise: %d\n", "SIOCGIWSTATS", info.stats.qual.noise ); ++ printf ( "%s qual.qual: %d\n", "SIOCGIWSTATS", info.stats.qual.qual ); ++ printf ( "%s qual.updated: %d\n", "SIOCGIWSTATS", info.stats.qual.updated ); ++ printf ( "%s discard.code: %d\n", "SIOCGIWSTATS", info.stats.discard.code ); ++ printf ( "%s discard.fragment: %d\n", "SIOCGIWSTATS", info.stats.discard.fragment ); ++ printf ( "%s discard.misc: %d\n", "SIOCGIWSTATS", info.stats.discard.misc ); ++ printf ( "%s discard.nwid: %d\n", "SIOCGIWSTATS", info.stats.discard.nwid ); ++ printf ( "%s discard.retries: %d\n", "SIOCGIWSTATS", info.stats.discard.retries ); ++ printf ( "%s miss.beacon: %d\n", "SIOCGIWSTATS", info.stats.miss.beacon ); ++ } ++ else ++ printf ( "%s %s\n", "SIOCGIWSTATS", " ===> no info.stats support" ); ++ ++ if ( info.txpower.flags & IW_TXPOW_MWATT ) ++ printf ( "%s txpower1: %d dBm disabled: %d fixed: %d flags: %d\n", "SIOCGIWRANGE", ++ mWatt2dbm ( info.txpower.value ), info.txpower.disabled, info.txpower.fixed, info.txpower.flags); ++ else ++ printf ( "%s txpower2: %d dBm disabled: %d fixed: %d flags: %d\n", "SIOCGIWRANGE", info.txpower.value, info.txpower.disabled, info.txpower.fixed, info.txpower.flags ); ++ ++ if ( info.has_range ) ++ if ( info.sens.value < 0 ) ++ printf ( "%s sens: %d dBm\n", "SIOCGIWRANGE", info.sens.value ); ++ else ++ printf ( "%s sens: %d/%d\n", "SIOCGIWRANGE", info.sens.value, info.range.sensitivity ); ++ ++ if ( info.has_range && ( info.stats.qual.level != 0 )) ++ if ( info.stats.qual.level > info.range.max_qual.level ) ++ /* Statistics are in dBm (absolute power measurement) */ ++ printf ( "%s Quality: %d/%d Signal level: %d dBm Noise level: %d dBm\n", ++ "SIOCGIWRANGE", ++ info.stats.qual.qual, info.range.max_qual.qual, ++ info.stats.qual.level - 0x100, ++ info.stats.qual.noise - 0x100 ); ++ else ++ printf ( "%s Quality: %d/%d Signal level: %d/%d Noise level: %d/%d", ++ "SIOCGIWRANGE", ++ info.stats.qual.qual, info.range.max_qual.qual, ++ info.stats.qual.level, info.range.max_qual.level, ++ info.stats.qual.noise, info.range.max_qual.noise ); ++ ++#endif // #ifdef DISPLAYWIEXT ++} ++ ++/**************************************************************************** ++* * ++* Linked List Functions * ++* * ++****************************************************************************/ ++/**************************************************************************** ++* * ++* addList() - add an entry to a linked list * ++* * ++****************************************************************************/ ++static void ++addList ( char *l, char *data, int len ) ++{ ++ char uid[256]; ++ LIST_HEAD ( , avNode ) *list; ++ ++ // NOTE: this assumes the UID is at the beginning of the ++ // data structure and that UIDs are strings ++ ++ list = ( LIST_HEAD ( , avNode ) * ) l; // NOTE: don't know how to get ++ strcpy ( uid, data ); // rid of compiler warning on ++ // LISTHEAD typecast ++ // create a new node and the data that goes in it ++ newNode = malloc ( sizeof ( struct avNode )); ++ newNode->data = malloc ( len ); ++ memcpy ( newNode->data, data, len ); ++ ++ // this deals with an empty list ++ if ( LIST_EMPTY ( list )) { ++ LIST_INSERT_HEAD ( list, newNode, nodes ); ++ return; ++ } ++ ++ // this deals with UIDs that match ++ for ( np = LIST_FIRST ( list ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ if ( strncmp ( uid, np->data, strlen ( uid )) == 0 ) { // found matching UID ++ LIST_INSERT_AFTER ( np, newNode, nodes ); ++ if ( np->data ) ++ free ( np->data ); ++ LIST_REMOVE ( np, nodes ); ++ free ( np ); ++ return; ++ } ++ } ++ ++ // this deals with inserting a new UID in the list ++ for ( np = LIST_FIRST ( list ); np != NULL; np = LIST_NEXT ( np, nodes )) { ++ lastNode = np; ++ if ( strncmp ( np->data, uid, strlen ( uid )) > 0 ) { // old ID > new ID AND ++ LIST_INSERT_BEFORE ( np, newNode, nodes ); ++ return; ++ } ++ } ++ ++ // this deals with a UID that needs to go on the end of the list ++ LIST_INSERT_AFTER ( lastNode, newNode, nodes ); ++ ++ return; ++} ++ ++/**************************************************************************** ++* * ++* initLists() - initialize all the linked lists * ++* * ++****************************************************************************/ ++static void initLists() ++{ ++ LIST_INIT ( &scList ); LIST_INIT ( &aaList ); LIST_INIT ( &dfList ); ++ LIST_INIT ( &kmList ); LIST_INIT ( &prList ); ++ LIST_INIT ( &opList ); LIST_INIT ( &coList ); ++ LIST_INIT ( &gaList ); LIST_INIT ( &riList ); LIST_INIT ( &poList ); ++ LIST_INIT ( &paList ); LIST_INIT ( &ptList ); LIST_INIT ( &pfList ); ++ LIST_INIT ( &pdList ); LIST_INIT ( &piList ); LIST_INIT ( &rdList ); ++ LIST_INIT ( &alList ); LIST_INIT ( &rtList ); LIST_INIT ( &rrList ); ++} ++/**************************************************************************** ++* * ++* flushLists() - flush all linked lists * ++* * ++****************************************************************************/ ++static void flushLists() ++{ ++ flushList (( char * ) &scList ); flushList (( char * ) &aaList ); ++ flushList (( char * ) &dfList ); flushList (( char * ) &kmList ); ++ flushList (( char * ) &prList ); ++ flushList (( char * ) &opList ); flushList (( char * ) &coList ); ++ flushList (( char * ) &gaList ); flushList (( char * ) &riList ); ++ flushList (( char * ) &poList ); flushList (( char * ) &paList ); ++ flushList (( char * ) &ptList ); flushList (( char * ) &pfList ); ++ flushList (( char * ) &pdList ); flushList (( char * ) &piList ); ++ flushList (( char * ) &rdList ); flushList (( char * ) &alList ); ++ flushList (( char * ) &rtList ); flushList (( char * ) &rrList ); ++} ++ ++/**************************************************************************** ++* * ++* flushList() - flush a linked list * ++* * ++****************************************************************************/ ++static void flushList ( char *l ) ++{ ++ LIST_HEAD ( , avNode ) *list; ++ ++ list = ( LIST_HEAD ( , avNode ) * ) l; // NOTE: don't know how to get ++ while ( !LIST_EMPTY ( list )) { // rid of compiler warning on ++ np = LIST_FIRST ( list ); // LISTHEAD typecast ++ if ( np->data ) ++ free ( np->data ); ++ LIST_REMOVE ( np, nodes ); ++ free ( np ); ++ } ++} ++ ++/**************************************************************************** ++* * ++* Utility Functions * ++* * ++****************************************************************************/ ++/**************************************************************************** ++* * ++* The following two routines were taken directly from iwlib.c * ++* * ++****************************************************************************/ ++ /* ++ * Open a socket. ++ * Depending on the protocol present, open the right socket. The socket ++ * will allow us to talk to the driver. ++ */ ++static int openSocket ( void ) ++{ ++ static const int families[] = { ++ AF_INET, AF_IPX, AF_AX25, AF_APPLETALK ++ }; ++ unsigned int i; ++ int sock; ++ ++ /* ++ * Now pick any (exisiting) useful socket family for generic queries ++ * Note : don't open all the socket, only returns when one matches, ++ * all protocols might not be valid. ++ * Workaround by Jim Kaba ++ * Note : in 99% of the case, we will just open the inet_sock. ++ * The remaining 1% case are not fully correct... ++ */ ++ ++ /* Try all families we support */ ++ for(i = 0; i < sizeof(families)/sizeof(int); ++i) { ++ /* Try to open the socket, if success returns it */ ++ sock = socket(families[i], SOCK_DGRAM, 0); ++ if(sock >= 0) ++ return sock; ++ } ++ ++ return -1; ++} ++ ++/*------------------------------------------------------------------*/ ++/* ++ * Convert a value in milliWatt to a value in dBm. ++ */ ++static int mWatt2dbm ( int in ) ++{ ++#ifdef WE_NOLIBM ++ /* Version without libm : slower */ ++ double fin = (double) in; ++ int res = 0; ++ ++ /* Split integral and floating part to avoid accumulating rounding errors */ ++ while(fin > 10.0) ++ { ++ res += 10; ++ fin /= 10.0; ++ } ++ while(fin > 1.000001) /* Eliminate rounding errors, take ceil */ ++ { ++ res += 1; ++ fin /= LOG10_MAGIC; ++ } ++ return(res); ++#else /* WE_NOLIBM */ ++ /* Version with libm : faster */ ++ return((int) (ceil(10.0 * log10((double) in)))); ++#endif /* WE_NOLIBM */ ++} ++ ++/**************************************************************************** ++* * ++* htob - converts hex string to binary * ++* * ++****************************************************************************/ ++static char *htob ( char *s ) ++{ ++ char nibl, *byt; ++ static char bin[20]; ++ ++ byt = bin; ++ ++ while ((nibl = *s++) && nibl != ' ') { /* While not end of string. */ ++ nibl -= ( nibl > '9') ? ('A' - 10): '0'; ++ *byt = nibl << 4; /* place high nibble */ ++ if((nibl = *s++) && nibl != ' ') { ++ nibl -= ( nibl > '9') ? ('A' - 10): '0'; ++ *byt |= nibl; /* place low nibble */ ++ } ++ else break; ++ ++byt; ++ } ++ *++byt = '\0'; ++ return ( bin ); ++} ++ ++/**************************************************************************** ++* * ++* hasChanged() - see if area has been changed from NULLs * ++* * ++****************************************************************************/ ++static int hasChanged ( char *loc, int len ) ++{ ++ char *wrk; ++ int changed = TRUE; ++ ++ wrk = malloc ( len ); ++ memset ( wrk, 0, len ); ++ if ( memcmp ( loc, wrk, len ) == 0 ) ++ changed = FALSE; ++ free ( wrk ); ++ ++ return ( changed ); ++} ++ +--- /dev/null ++++ b/agent/mibgroup/ieee802dot11.h +@@ -0,0 +1,730 @@ ++/**************************************************************************** ++* * ++* File Name: ieee802dot11.h * ++* Used By: * ++* * ++* Operating System: * ++* Purpose: * ++* * ++* Comments: * ++* * ++* Author: Larry Simmons * ++* lsimmons@avantcom.com * ++* www.avantcom.com * ++* * ++* Creation Date: 09/02/03 * ++* * ++* Ver Date Inits Modification * ++* ----- -------- ----- ------------ * ++* 0.0.1 09/02/03 LRS created * ++* 0.0.2 09/24/03 LRS wouldn't build after fresh ./configure * ++****************************************************************************/ ++/* This file was generated by mib2c and is intended for use as a mib module ++ for the ucd-snmp snmpd agent. */ ++#ifndef _MIBGROUP_IEEE802DOT11_H ++#define _MIBGROUP_IEEE802DOT11_H ++/* we may use header_generic and header_simple_table from the util_funcs module */ ++ ++/**************************************************************************** ++* Includes * ++****************************************************************************/ ++#include ++ ++/**************************************************************************** ++* Linked List Defines * ++****************************************************************************/ ++// here are some Linked List MACROS I wanted to use, ++// but curiously were not in /usr/includes/sys/queue.h ++ ++#ifndef LIST_EMPTY ++ #define LIST_EMPTY(head) ((head)->lh_first == NULL) ++#endif ++ ++#ifndef LIST_NEXT ++ #define LIST_NEXT(elm, field) ((elm)->field.le_next) ++#endif ++ ++#ifndef LIST_INSERT_BEFORE ++ #define LIST_INSERT_BEFORE(listelm, elm, field) do { \ ++ (elm)->field.le_prev = (listelm)->field.le_prev; \ ++ LIST_NEXT((elm), field) = (listelm); \ ++ *(listelm)->field.le_prev = (elm); \ ++ (listelm)->field.le_prev = &LIST_NEXT((elm), field); \ ++ } while (0) ++#endif ++ ++#ifndef LIST_FIRST ++ #define LIST_FIRST(head) ((head)->lh_first) ++#endif ++ ++/**************************************************************************** ++* 802.11 MIB Defines * ++****************************************************************************/ ++#define SYS_STRING_LEN 256 ++#define MACADDR_LEN ( 6 * 2 ) + 5 ++#define OPER_RATE_SET_LEN 126 ++#define MAN_OUI_LEN ( 3 * 2 ) + 2 ++#define WEP_STR_LEN 64 ++#define SNMP_STR_LEN 128 ++#define TEXT_LEN 80 ++#define IFINDEX_LEN 4 ++#define IFNAME_LEN 16 ++#define MAX_WEP_KEYS 4 ++ ++#define AUTHENICATION_ALGORITHMS_INDEX_LEN 4 ++#define WEP_DEFAULT_KEY_INDEX_LEN 4 ++#define WEP_KEY_MAPPING_INDEX_LEN 4 ++#define GROUP_ADDRESS_INDEX_LEN 4 ++#define REG_DOMAIN_SUPPORT_INDEX_LEN 4 ++#define ANTENNA_LIST_INDEX_LEN 4 ++#define SUPPORTED_DATA_RATES_TX_INDEX_LEN 4 ++#define SUPPORTED_DATA_RATES_RX_INDEX_LEN 4 ++ ++#define SC_UID_LEN IFINDEX_LEN ++#define AA_UID_LEN IFINDEX_LEN + AUTHENICATION_ALGORITHMS_INDEX_LEN ++#define DF_UID_LEN IFINDEX_LEN + WEP_DEFAULT_KEY_INDEX_LEN ++#define KM_UID_LEN IFINDEX_LEN + WEP_KEY_MAPPING_INDEX_LEN ++#define PR_UID_LEN IFINDEX_LEN ++#define OP_UID_LEN IFINDEX_LEN ++#define CO_UID_LEN IFINDEX_LEN ++#define GA_UID_LEN IFINDEX_LEN + GROUP_ADDRESS_INDEX_LEN ++#define RI_UID_LEN IFINDEX_LEN ++#define PO_UID_LEN IFINDEX_LEN ++#define PA_UID_LEN IFINDEX_LEN ++#define PT_UID_LEN IFINDEX_LEN ++#define PF_UID_LEN IFINDEX_LEN ++#define PD_UID_LEN IFINDEX_LEN ++#define PI_UID_LEN IFINDEX_LEN ++#define RD_UID_LEN IFINDEX_LEN + REG_DOMAIN_SUPPORT_INDEX_LEN ++#define AL_UID_LEN IFINDEX_LEN + ANTENNA_LIST_INDEX_LEN ++#define RT_UID_LEN IFINDEX_LEN + SUPPORTED_DATA_RATES_TX_INDEX_LEN ++#define RR_UID_LEN IFINDEX_LEN + SUPPORTED_DATA_RATES_RX_INDEX_LEN ++ ++/**************************************************************************** ++* Linked List Structure * ++****************************************************************************/ ++static struct avNode { ++ LIST_ENTRY ( avNode ) nodes; ++ char *data; // pointer to data ++}; ++ ++typedef LIST_HEAD ( , avNode ) avList_t; ++ ++/**************************************************************************** ++* 802.11 MIB structures * ++****************************************************************************/ ++/**************************************************************************** ++* dot11Smt Group * ++****************************************************************************/ ++/**************************************************************************** ++* dot11StationConfigTable * ++****************************************************************************/ ++static struct scTbl_data { ++ ++ char UID [ SC_UID_LEN + 1 ]; // unique ID ++ char ifName [ IFNAME_LEN + 1 ]; // ifName of card ++ ++ long ifIndex; // ifindex of card ++ ++ char stationID [ MACADDR_LEN + 1 ]; // Default actual MacAddr ++ long mediumOccupancyLimit; ++ long CFPPollable; ++ long CFPPeriod; ++ long maxDuration; ++ long authenticationResponseTimeOut; ++ long privacyOptionImplemented; ++ long powerManagementMode; ++ char desiredSSID [ SNMP_STR_LEN + 1 ]; ++ long desiredBSSType; ++ char operationalRateSet [ OPER_RATE_SET_LEN + 1]; ++ long beaconPeriod; ++ long DTIMPeriod; ++ long associationResponseTimeOut; ++ long disAssociationReason; ++ char disAssociationStation [ MACADDR_LEN + 1 ]; ++ long deAuthenticationReason; ++ char deAuthenticationStation [ MACADDR_LEN + 1 ]; ++ long authenticateFailStatus; ++ char authenticateFailStation [ MACADDR_LEN + 1 ]; ++ ++ long haveStationID; ++ long haveMediumOccupancyLimit; ++ long haveCFPPollable; ++ long haveCFPPeriod; ++ long haveMaxDuration; ++ long haveAuthenticationResponseTimeOut; ++ long havePrivacyOptionImplemented; ++ long havePowerManagementMode; ++ long haveDesiredSSID; ++ long haveDesiredBSSType; ++ long haveOperationalRateSet; ++ long haveBeaconPeriod; ++ long haveDTIMPeriod; ++ long haveAssociationResponseTimeOut; ++ long haveDisAssociationReason; ++ long haveDisAssociationStation; ++ long haveDeAuthenticationReason; ++ long haveDeAuthenticationStation; ++ long haveAuthenticateFailStatus; ++ long haveAuthenticateFailStation; ++ ++} nSc, *sc = &nSc; ++ ++static avList_t scList; ++ ++/**************************************************************************** ++* dot11AuthenticationAlgorithmsTable * ++****************************************************************************/ ++static struct aaTbl_data { ++ ++ char UID [ AA_UID_LEN + 1 ]; ++ char ifName [ IFNAME_LEN + 1 ]; // ifName of card ++ ++ long ifIndex; // ifindex of card ++ long authenticationAlgorithmsIndex; ++ ++ long authenticationAlgorithm; ++ long authenticationAlgorithmsEnable; ++ ++ long haveAuthenticationAlgorithm; ++ long haveAuthenticationAlgorithmsEnable; ++ ++} nAa, *aa = &nAa; ++ ++static avList_t aaList; ++ ++/**************************************************************************** ++* dot11WEPDefaultKeysTable * ++****************************************************************************/ ++static struct dfTbl_data { ++ ++ char UID [ DF_UID_LEN + 1 ]; ++ char ifName [ IFNAME_LEN + 1 ]; ++ ++ long ifIndex; // ifindex of card ++ long WEPDefaultKeyIndex; ++ ++ char WEPDefaultKeyValue [ WEP_STR_LEN + 1 ]; ++ long haveWEPDefaultKeyValue; ++ ++} nDf, *df = &nDf; ++ ++static avList_t dfList; ++ ++/**************************************************************************** ++* dot11WEPKeyMappingsTable * ++****************************************************************************/ ++static struct kmTbl_data { ++ ++ char UID [ KM_UID_LEN + 1 ]; ++ char ifName [ IFNAME_LEN + 1 ]; ++ ++ long ifIndex; ++ long WEPKeyMappingIndex; ++ ++ char WEPKeyMappingAddress [ MACADDR_LEN + 1 ]; ++ long WEPKeyMappingWEPOn; ++ char WEPKeyMappingValue [ WEP_STR_LEN + 1 ]; ++ long WEPKeyMappingStatus; ++ ++ long haveWEPKeyMappingIndex; ++ long haveWEPKeyMappingAddress; ++ long haveWEPKeyMappingWEPOn; ++ long haveWEPKeyMappingValue; ++ long haveWEPKeyMappingStatus; ++ ++} nKm, *km = &nKm; ++ ++static avList_t kmList; ++ ++/**************************************************************************** ++* dot11PrivacyTable * ++****************************************************************************/ ++static struct prTbl_data { ++ ++ char UID [ PR_UID_LEN + 1 ]; ++ char ifName [ IFNAME_LEN + 1 ]; ++ ++ long ifIndex; ++ ++ long privacyInvoked; ++ long WEPDefaultKeyID; ++ long WEPKeyMappingLength; ++ long excludeUnencrypted; ++ unsigned long WEPICVErrorCount; ++ unsigned long WEPExcludedCount; ++ ++ long havePrivacyInvoked; ++ long haveWEPDefaultKeyID; ++ long haveWEPKeyMappingLength; ++ long haveExcludeUnencrypted; ++ long haveWEPICVErrorCount; ++ long haveWEPExcludedCount; ++ ++} nPr, *pr = &nPr; ++ ++static avList_t prList; ++ ++/**************************************************************************** ++* dot11Mac Group * ++****************************************************************************/ ++/**************************************************************************** ++* dot11OperationTable * ++****************************************************************************/ ++static struct opTbl_data { ++ ++ char UID [ OP_UID_LEN + 1 ]; // unique ID ++ char ifName [ IFNAME_LEN + 1 ]; // ifName of card ++ ++ long ifIndex; // ifindex of card ++ ++ char MACAddress [ MACADDR_LEN + 1 ]; ++ long RTSThreshold; ++ long shortRetryLimit; ++ long longRetryLimit; ++ long fragmentationThreshold; ++ long maxTransmitMSDULifetime; ++ long maxReceiveLifetime; ++ char manufacturerID [ SNMP_STR_LEN + 1 ]; ++ char productID [ SNMP_STR_LEN + 1 ]; ++ ++ long haveMACAddress; ++ long haveRTSThreshold; ++ long haveShortRetryLimit; ++ long haveLongRetryLimit; ++ long haveFragmentationThreshold; ++ long haveMaxTransmitMSDULifetime; ++ long haveMaxReceiveLifetime; ++ long haveManufacturerID; ++ long haveProductID; ++ ++} nOp, *op = &nOp; ++ ++static avList_t opList; ++ ++/**************************************************************************** ++* dot11CountersTable * ++****************************************************************************/ ++static struct coTbl_data { ++ ++ char UID [ CO_UID_LEN + 1 ]; // unique ID ++ char ifName [ IFNAME_LEN + 1 ]; // ifName of card ++ ++ long ifIndex; // ifindex of card ++ ++ unsigned long transmittedFragmentCount; ++ unsigned long multicastTransmittedFrameCount; ++ unsigned long failedCount; ++ unsigned long retryCount; ++ unsigned long multipleRetryCount; ++ unsigned long frameDuplicateCount; ++ unsigned long RTSSuccessCount; ++ unsigned long RTSFailureCount; ++ unsigned long ACKFailureCount; ++ unsigned long receivedFragmentCount; ++ unsigned long multicastReceivedFrameCount; ++ unsigned long FCSErrorCount; ++ unsigned long transmittedFrameCount; ++ unsigned long WEPUndecryptableCount; ++ ++ long haveTransmittedFragmentCount; ++ long haveMulticastTransmittedFrameCount; ++ long haveFailedCount; ++ long haveRetryCount; ++ long haveMultipleRetryCount; ++ long haveFrameDuplicateCount; ++ long haveRTSSuccessCount; ++ long haveRTSFailureCount; ++ long haveACKFailureCount; ++ long haveReceivedFragmentCount; ++ long haveMulticastReceivedFrameCount; ++ long haveFCSErrorCount; ++ long haveTransmittedFrameCount; ++ long haveWEPUndecryptableCount; ++ ++} nCo, *co = &nCo; ++ ++static avList_t coList; ++ ++/**************************************************************************** ++* dot11GroupAddressesTable * ++****************************************************************************/ ++static struct gaTbl_data { ++ ++ char UID [ GA_UID_LEN + 1 ]; ++ char ifName [ IFNAME_LEN + 1 ]; ++ ++ long ifIndex; // ifindex of card ++ long groupAddressesIndex; ++ ++ char address [ MACADDR_LEN + 1 ]; ++ long groupAddressesStatus; ++ ++ long haveAddress; ++ long haveGroupAddressesStatus; ++ ++} nGa, *ga = &nGa; ++ ++static avList_t gaList; ++ ++/**************************************************************************** ++* dot11Res Group * ++****************************************************************************/ ++static char resourceTypeIDName[] = "RTID"; ++static long haveResourceTypeIDName = 1; ++ ++/**************************************************************************** ++* dot11ResourceInfoTable * ++****************************************************************************/ ++static struct riTbl_data { ++ ++ char UID [ RI_UID_LEN + 1 ]; // unique ID ++ char ifName [ IFNAME_LEN + 1 ]; // ifName of card ++ ++ long ifIndex; // ifindex of card ++ ++ char manufacturerOUI [ MAN_OUI_LEN + 1 ]; ++ char manufacturerName [ SYS_STRING_LEN + 1 ]; ++ char manufacturerProductName [ SYS_STRING_LEN + 1 ]; ++ char manufacturerProductVersion [ SYS_STRING_LEN + 1 ]; ++ ++ char haveManufacturerOUI; ++ char haveManufacturerName; ++ char haveManufacturerProductName; ++ char haveManufacturerProductVersion; ++ ++} nRi, *ri = &nRi; ++ ++static avList_t riList; ++ ++/**************************************************************************** ++* dot11Phy Group * ++****************************************************************************/ ++/**************************************************************************** ++* dot11PhyOperationTable * ++****************************************************************************/ ++static struct poTbl_data { ++ ++ char UID [ PO_UID_LEN + 1 ]; // unique ID ++ char ifName [ IFNAME_LEN + 1 ]; // ifName of card ++ ++ long ifIndex; // ifindex of card ++ ++ long PHYType; ++ long currentRegDomain; ++ long tempType; ++ ++ long havePHYType; ++ long haveCurrentRegDomain; ++ long haveTempType; ++ ++} nPo, *po = &nPo; ++ ++static avList_t poList; ++ ++/**************************************************************************** ++* dot11PhyAntennaEntry * ++****************************************************************************/ ++static struct paTbl_data { ++ ++ char UID [ PA_UID_LEN + 1 ]; // unique ID ++ char ifName [ IFNAME_LEN + 1 ]; // ifName of card ++ ++ long ifIndex; // ifindex of card ++ ++ long currentTxAntenna; ++ long diversitySupport; ++ long currentRxAntenna; ++ ++ long haveCurrentTxAntenna; ++ long haveDiversitySupport; ++ long haveCurrentRxAntenna; ++ ++} nPa, *pa = &nPa; ++ ++static avList_t paList; ++ ++/**************************************************************************** ++* dot11PhyTxPowerTable * ++****************************************************************************/ ++static struct ptTbl_data { ++ ++ char UID [ PT_UID_LEN + 1 ]; // unique ID ++ char ifName [ IFNAME_LEN + 1 ]; // ifName of card ++ ++ long ifIndex; // ifindex of card ++ ++ long numberSupportedPowerLevels; ++ long TxPowerLevel1; ++ long TxPowerLevel2; ++ long TxPowerLevel3; ++ long TxPowerLevel4; ++ long TxPowerLevel5; ++ long TxPowerLevel6; ++ long TxPowerLevel7; ++ long TxPowerLevel8; ++ long currentTxPowerLevel; ++ ++ long haveNumberSupportedPowerLevels; ++ long haveTxPowerLevel1; ++ long haveTxPowerLevel2; ++ long haveTxPowerLevel3; ++ long haveTxPowerLevel4; ++ long haveTxPowerLevel5; ++ long haveTxPowerLevel6; ++ long haveTxPowerLevel7; ++ long haveTxPowerLevel8; ++ long haveCurrentTxPowerLevel ; ++ ++} nPt, *pt = &nPt; ++ ++static avList_t ptList; ++ ++/**************************************************************************** ++* dot11PhyFHSSTable * ++****************************************************************************/ ++static struct pfTbl_data { ++ ++ char UID [ PF_UID_LEN + 1 ]; // unique ID ++ char ifName [ IFNAME_LEN + 1 ]; // ifName of card ++ ++ long ifIndex; // ifindex of card ++ ++ long hopTime; ++ long currentChannelNumber; ++ long maxDwellTime; ++ long currentDwellTime; ++ long currentSet; ++ long currentPattern; ++ long currentIndex; ++ ++ long haveHopTime; ++ long haveCurrentChannelNumber; ++ long haveMaxDwellTime; ++ long haveCurrentDwellTime; ++ long haveCurrentSet; ++ long haveCurrentPattern; ++ long haveCurrentIndex; ++ ++} nPf, *pf = &nPf; ++ ++static avList_t pfList; ++ ++/**************************************************************************** ++* dot11PhyDSSSTable * ++****************************************************************************/ ++static struct pdTbl_data { ++ ++ char UID [ PD_UID_LEN + 1 ]; // unique ID ++ char ifName [ IFNAME_LEN + 1 ]; // ifName of card ++ ++ long ifIndex; // ifindex of card ++ ++ long currentChannel; ++ long CCAModeSupported; ++ long currentCCAMode; ++ long EDThreshold; ++ ++ long haveCurrentChannel; ++ long haveCCAModeSupported ; ++ long haveCurrentCCAMode; ++ long haveEDThreshold; ++ ++} nPd, *pd = &nPd; ++ ++static avList_t pdList; ++ ++/**************************************************************************** ++* dot11PhyIRTable * ++****************************************************************************/ ++static struct piTbl_data { ++ ++ char UID [ PI_UID_LEN + 1 ]; // unique ID ++ char ifName [ IFNAME_LEN + 1 ]; // ifName of card ++ ++ long ifIndex; // ifindex of card ++ ++ long CCAWatchdogTimerMax; ++ long CCAWatchdogCountMax; ++ long CCAWatchdogTimerMin; ++ long CCAWatchdogCountMin; ++ ++ long haveCCAWatchdogTimerMax; ++ long haveCCAWatchdogCountMax; ++ long haveCCAWatchdogTimerMin; ++ long haveCCAWatchdogCountMin; ++ ++} nPi, *pi = &nPi; ++ ++static avList_t piList; ++ ++/**************************************************************************** ++* dot11RegDomainsSupportedTable * ++****************************************************************************/ ++static struct rdTbl_data { ++ ++ char UID [ RD_UID_LEN + 1 ]; ++ char ifName [ IFNAME_LEN + 1 ]; ++ ++ long ifIndex; // ifindex of card ++ long regDomainsSupportIndex; ++ ++ long regDomainsSupportValue; ++ long haveRegDomainsSupportValue; ++ ++} nRd, *rd = &nRd; ++ ++static avList_t rdList; ++ ++/**************************************************************************** ++* dot11AntennasListTable * ++****************************************************************************/ ++static struct alTbl_data { ++ ++ char UID [ AL_UID_LEN + 1 ]; ++ char ifName [ IFNAME_LEN + 1 ]; ++ ++ long ifIndex; // ifindex of card ++ long antennaListIndex; ++ ++ long supportedTxAntenna; ++ long supportedRxAntenna; ++ long diversitySelectionRx ; ++ ++ long haveSupportedTxAntenna; ++ long haveSupportedRxAntenna; ++ long haveDiversitySelectionRx ; ++ ++} nAl, *al = &nAl; ++ ++static avList_t alList; ++ ++/**************************************************************************** ++* dot11SupportedDataRatesTxTable * ++****************************************************************************/ ++static struct rtTbl_data { ++ ++ char UID [ RT_UID_LEN + 1 ]; ++ char ifName [ IFNAME_LEN + 1 ]; ++ ++ long ifIndex; // ifindex of card ++ long supportedDataRatesTxIndex; ++ ++ long supportedDataRatesTxValue; ++ long haveSupportedDataRatesTxValue; ++ ++} nRt, *rt = &nRt; ++ ++static avList_t rtList; ++ ++/**************************************************************************** ++* dot11SupportedDataRatesRxTable * ++****************************************************************************/ ++static struct rrTbl_data { ++ ++ char UID [ RR_UID_LEN + 1 ]; ++ char ifName [ IFNAME_LEN + 1 ]; ++ ++ long ifIndex; // ifindex of card ++ long supportedDataRatesRxIndex; ++ ++ long supportedDataRatesRxValue; ++ long haveSupportedDataRatesRxValue; ++ ++} nRr, *rr = &nRr; ++ ++static avList_t rrList; ++ ++/**************************************************************************** ++* Wireless Extensions Structures * ++****************************************************************************/ ++static long wepCurrentKey; ++static long haveWepCurrentKey; ++static struct wepTbl_data { ++ ++ long len; ++ char key [ WEP_STR_LEN + 1 ]; ++ long haveKey; ++ ++} wep[4]; ++ ++/**************************************************************************** ++* * ++****************************************************************************/ ++config_require(util_funcs) ++ ++/* function prototypes */ ++ ++void init_ieee802dot11 ( void ); ++FindVarMethod var_ieee802dot11; ++FindVarMethod var_dot11StationConfigTable; ++FindVarMethod var_dot11AuthenticationAlgorithmsTable; ++FindVarMethod var_dot11WEPDefaultKeysTable; ++FindVarMethod var_dot11WEPKeyMappingsTable; ++FindVarMethod var_dot11PrivacyTable; ++FindVarMethod var_dot11OperationTable; ++FindVarMethod var_dot11CountersTable; ++FindVarMethod var_dot11GroupAddressesTable; ++FindVarMethod var_dot11ResourceInfoTable; ++FindVarMethod var_dot11PhyOperationTable; ++FindVarMethod var_dot11PhyAntennaTable; ++FindVarMethod var_dot11PhyTxPowerTable; ++FindVarMethod var_dot11PhyFHSSTable; ++FindVarMethod var_dot11PhyDSSSTable; ++FindVarMethod var_dot11PhyIRTable; ++FindVarMethod var_dot11RegDomainsSupportedTable; ++FindVarMethod var_dot11AntennasListTable; ++FindVarMethod var_dot11SupportedDataRatesTxTable; ++FindVarMethod var_dot11SupportedDataRatesRxTable; ++ ++WriteMethod write_dot11StationID; ++WriteMethod write_dot11MediumOccupancyLimit; ++WriteMethod write_dot11CFPPeriod; ++WriteMethod write_dot11CFPMaxDuration; ++WriteMethod write_dot11AuthenticationResponseTimeOut; ++WriteMethod write_dot11PowerManagementMode; ++WriteMethod write_dot11DesiredSSID; ++WriteMethod write_dot11DesiredBSSType; ++WriteMethod write_dot11OperationalRateSet; ++WriteMethod write_dot11BeaconPeriod; ++WriteMethod write_dot11DTIMPeriod; ++WriteMethod write_dot11AssociationResponseTimeOut; ++WriteMethod write_dot11AuthenticationAlgorithmsEnable; ++WriteMethod write_dot11WEPDefaultKeyValue; ++WriteMethod write_dot11WEPKeyMappingAddress; ++WriteMethod write_dot11WEPKeyMappingWEPOn; ++WriteMethod write_dot11WEPKeyMappingValue; ++WriteMethod write_dot11WEPKeyMappingStatus; ++WriteMethod write_dot11PrivacyInvoked; ++WriteMethod write_dot11WEPDefaultKeyID; ++WriteMethod write_dot11WEPKeyMappingLength; ++WriteMethod write_dot11ExcludeUnencrypted; ++WriteMethod write_dot11RTSThreshold; ++WriteMethod write_dot11ShortRetryLimit; ++WriteMethod write_dot11LongRetryLimit; ++WriteMethod write_dot11FragmentationThreshold; ++WriteMethod write_dot11MaxTransmitMSDULifetime; ++WriteMethod write_dot11MaxReceiveLifetime; ++WriteMethod write_dot11Address; ++WriteMethod write_dot11GroupAddressesStatus; ++WriteMethod write_dot11CurrentRegDomain; ++WriteMethod write_dot11CurrentTxAntenna; ++WriteMethod write_dot11CurrentRxAntenna; ++WriteMethod write_dot11CurrentTxPowerLevel; ++WriteMethod write_dot11CurrentChannelNumber; ++WriteMethod write_dot11CurrentDwellTime; ++WriteMethod write_dot11CurrentSet; ++WriteMethod write_dot11CurrentPattern; ++WriteMethod write_dot11CurrentIndex; ++WriteMethod write_dot11CurrentChannel; ++WriteMethod write_dot11CurrentCCAMode; ++WriteMethod write_dot11EDThreshold; ++WriteMethod write_dot11CCAWatchdogTimerMax; ++WriteMethod write_dot11CCAWatchdogCountMax; ++WriteMethod write_dot11CCAWatchdogTimerMin; ++WriteMethod write_dot11CCAWatchdogCountMin; ++WriteMethod write_dot11SupportedTxAntenna; ++WriteMethod write_dot11SupportedRxAntenna; ++WriteMethod write_dot11DiversitySelectionRx; ++ ++#endif /* _MIBGROUP_IEEE802DOT11_H */ +--- /dev/null ++++ b/agent/mibgroup/iwlib.h +@@ -0,0 +1,502 @@ ++/* ++ * Wireless Tools ++ * ++ * Jean II - HPLB 97->99 - HPL 99->02 ++ * ++ * Common header for the Wireless Extension library... ++ * ++ * This file is released under the GPL license. ++ * Copyright (c) 1997-2002 Jean Tourrilhes ++ */ ++ ++#ifndef IWLIB_H ++#define IWLIB_H ++ ++/*#include "CHANGELOG.h"*/ ++ ++/***************************** INCLUDES *****************************/ ++ ++/* Standard headers */ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include /* gethostbyname, getnetbyname */ ++#include /* struct ether_addr */ ++#include /* struct timeval */ ++#include ++ ++/* This is our header selection. Try to hide the mess and the misery :-( ++ * Don't look, you would go blind ;-) */ ++ ++#ifndef LINUX_VERSION_CODE ++#include ++#endif ++ ++/* Kernel headers 2.4.X + Glibc 2.2 - Mandrake 8.0, Debian 2.3, RH 7.1 ++ * Kernel headers 2.2.X + Glibc 2.2 - Slackware 8.0 */ ++#if defined(__GLIBC__) \ ++ && __GLIBC__ == 2 \ ++ && __GLIBC_MINOR__ >= 2 \ ++ && LINUX_VERSION_CODE >= KERNEL_VERSION(2,2,0) ++//#define GLIBC22_HEADERS ++#define GENERIC_HEADERS ++ ++/* Kernel headers 2.4.X + Glibc 2.1 - Debian 2.2 upgraded, RH 7.0 ++ * Kernel headers 2.2.X + Glibc 2.1 - Debian 2.2, RH 6.1 */ ++#elif defined(__GLIBC__) \ ++ && __GLIBC__ == 2 \ ++ && __GLIBC_MINOR__ == 1 \ ++ && LINUX_VERSION_CODE >= KERNEL_VERSION(2,2,0) ++//#define GLIBC_HEADERS ++#define GENERIC_HEADERS ++ ++/* Kernel headers 2.2.X + Glibc 2.0 - Debian 2.1 */ ++#elif defined(__GLIBC__) \ ++ && __GLIBC__ == 2 \ ++ && __GLIBC_MINOR__ == 0 \ ++ && LINUX_VERSION_CODE >= KERNEL_VERSION(2,0,0) \ ++ && LINUX_VERSION_CODE < KERNEL_VERSION(2,1,0) ++#define GLIBC_HEADERS ++#define KLUDGE_HEADERS ++ ++/* Note : is it really worth supporting kernel 2.0.X, knowing that ++ * we require WE v9, which is only available in 2.2.X and higher ? ++ * I guess one could use 2.0.x with an upgraded wireless.h... */ ++ ++/* Kernel headers 2.0.X + Glibc 2.0 - Debian 2.0, RH 5 */ ++#elif defined(__GLIBC__) \ ++ && __GLIBC__ == 2 \ ++ && __GLIBC_MINOR__ == 0 \ ++ && LINUX_VERSION_CODE < KERNEL_VERSION(2,1,0) \ ++ && LINUX_VERSION_CODE >= KERNEL_VERSION(2,0,0) ++#define GLIBC_HEADERS ++ ++/* Kernel headers 2.0.X + libc5 - old systems */ ++#elif defined(_LINUX_C_LIB_VERSION_MAJOR) \ ++ && _LINUX_C_LIB_VERSION_MAJOR == 5 \ ++ && LINUX_VERSION_CODE >= KERNEL_VERSION(2,0,0) \ ++ && LINUX_VERSION_CODE < KERNEL_VERSION(2,1,0) ++#define LIBC5_HEADERS ++ ++/* Unsupported combination */ ++#else ++#error "Your kernel/libc combination is not supported" ++#endif ++ ++#ifdef GENERIC_HEADERS ++/* Proposed by Dr. Michael Rietz , 27.3.2 */ ++/* If this works for all, it might be more stable on the long term - Jean II */ ++#include /* For ARPHRD_ETHER */ ++#include /* For AF_INET & struct sockaddr */ ++#include /* For struct sockaddr_in */ ++#include ++#endif /* GENERIC_HEADERS */ ++ ++#ifdef GLIBC22_HEADERS ++/* Added by Ross G. Miller , 3/28/01 */ ++#include /* For ARPHRD_ETHER */ ++#include /* For AF_INET & struct sockaddr */ ++#include ++#endif /* GLIBC22_HEADERS */ ++ ++#ifdef KLUDGE_HEADERS ++#include ++#endif /* KLUDGE_HEADERS */ ++ ++#ifdef GLIBC_HEADERS ++#include /* For ARPHRD_ETHER */ ++#include /* For AF_INET & struct sockaddr */ ++#include /* For struct sockaddr_in */ ++#endif /* KLUDGE_HEADERS || GLIBC_HEADERS */ ++ ++#ifdef LIBC5_HEADERS ++#include /* For AF_INET & struct sockaddr & socket() */ ++#include /* For ARPHRD_ETHER */ ++#include /* For struct sockaddr_in */ ++#endif /* LIBC5_HEADERS */ ++ ++/* Those 3 headers were previously included in wireless.h */ ++#include /* for "caddr_t" et al */ ++#include /* for "struct sockaddr" et al */ ++#include /* for IFNAMSIZ and co... */ ++ ++#ifdef WEXT_HEADER ++/* Private copy of Wireless extensions */ ++#include WEXT_HEADER ++#else /* !WEXT_HEADER */ ++/* System wide Wireless extensions */ ++#include ++#endif /* !WEXT_HEADER */ ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++/****************************** DEBUG ******************************/ ++ ++ ++/************************ CONSTANTS & MACROS ************************/ ++ ++/* Paths */ ++#define PROC_NET_WIRELESS "/proc/net/wireless" ++#define PROC_NET_DEV "/proc/net/dev" ++ ++/* Some useful constants */ ++#define KILO 1e3 ++#define MEGA 1e6 ++#define GIGA 1e9 ++/* For doing log10/exp10 without libm */ ++#define LOG10_MAGIC 1.25892541179 ++ ++/* Backward compatibility for Wireless Extension 9 */ ++#ifndef IW_POWER_MODIFIER ++#define IW_POWER_MODIFIER 0x000F /* Modify a parameter */ ++#define IW_POWER_MIN 0x0001 /* Value is a minimum */ ++#define IW_POWER_MAX 0x0002 /* Value is a maximum */ ++#define IW_POWER_RELATIVE 0x0004 /* Value is not in seconds/ms/us */ ++#endif /* IW_POWER_MODIFIER */ ++ ++#ifndef IW_ENCODE_NOKEY ++#define IW_ENCODE_NOKEY 0x0800 /* Key is write only, so not here */ ++#define IW_ENCODE_MODE 0xF000 /* Modes defined below */ ++#endif /* IW_ENCODE_NOKEY */ ++#ifndef IW_ENCODE_TEMP ++#define IW_ENCODE_TEMP 0x0400 /* Temporary key */ ++#endif /* IW_ENCODE_TEMP */ ++ ++/* More backward compatibility */ ++#ifndef SIOCSIWCOMMIT ++#define SIOCSIWCOMMIT SIOCSIWNAME ++#endif /* SIOCSIWCOMMIT */ ++ ++/****************************** TYPES ******************************/ ++ ++/* Shortcuts */ ++typedef struct iw_statistics iwstats; ++typedef struct iw_range iwrange; ++typedef struct iw_param iwparam; ++typedef struct iw_freq iwfreq; ++typedef struct iw_quality iwqual; ++typedef struct iw_priv_args iwprivargs; ++typedef struct sockaddr sockaddr; ++ ++/* Structure for storing all wireless information for each device ++ * This is pretty exhaustive... */ ++typedef struct wireless_info ++{ ++ char name[IFNAMSIZ + 1]; /* Wireless/protocol name */ ++ int has_nwid; ++ iwparam nwid; /* Network ID */ ++ int has_freq; ++ double freq; /* Frequency/channel */ ++ int has_sens; ++ iwparam sens; /* sensitivity */ ++ int has_key; ++ unsigned char key[IW_ENCODING_TOKEN_MAX]; /* Encoding key used */ ++ int key_size; /* Number of bytes */ ++ int key_flags; /* Various flags */ ++ int has_essid; ++ int essid_on; ++ char essid[IW_ESSID_MAX_SIZE + 1]; /* ESSID (extended network) */ ++ int has_nickname; ++ char nickname[IW_ESSID_MAX_SIZE + 1]; /* NickName */ ++ int has_ap_addr; ++ sockaddr ap_addr; /* Access point address */ ++ int has_bitrate; ++ iwparam bitrate; /* Bit rate in bps */ ++ int has_rts; ++ iwparam rts; /* RTS threshold in bytes */ ++ int has_frag; ++ iwparam frag; /* Fragmentation threshold in bytes */ ++ int has_mode; ++ int mode; /* Operation mode */ ++ int has_power; ++ iwparam power; /* Power management parameters */ ++ int has_txpower; ++ iwparam txpower; /* Transmit Power in dBm */ ++ int has_retry; ++ iwparam retry; /* Retry limit or lifetime */ ++ ++ /* Stats */ ++ iwstats stats; ++ int has_stats; ++ iwrange range; ++ int has_range; ++} wireless_info; ++ ++/* Structure for storing all wireless information for each device ++ * This is a cut down version of the one above, containing only ++ * the things *truly* needed to configure a card. ++ * Don't add other junk, I'll remove it... */ ++typedef struct wireless_config ++{ ++ char name[IFNAMSIZ + 1]; /* Wireless/protocol name */ ++ int has_nwid; ++ iwparam nwid; /* Network ID */ ++ int has_freq; ++ double freq; /* Frequency/channel */ ++ int has_key; ++ unsigned char key[IW_ENCODING_TOKEN_MAX]; /* Encoding key used */ ++ int key_size; /* Number of bytes */ ++ int key_flags; /* Various flags */ ++ int has_essid; ++ int essid_on; ++ char essid[IW_ESSID_MAX_SIZE + 1]; /* ESSID (extended network) */ ++ int has_mode; ++ int mode; /* Operation mode */ ++} wireless_config; ++ ++typedef struct stream_descr ++{ ++ char * end; /* End of the stream */ ++ char * current; /* Current event in stream of events */ ++ char * value; /* Current value in event */ ++} stream_descr; ++ ++/* Prototype for handling display of each single interface on the ++ * system - see iw_enum_devices() */ ++typedef int (*iw_enum_handler)(int skfd, ++ char * ifname, ++ char * args[], ++ int count); ++ ++/**************************** PROTOTYPES ****************************/ ++/* ++ * All the functions in iwcommon.c ++ */ ++ ++/* ---------------------- SOCKET SUBROUTINES -----------------------*/ ++int ++ iw_sockets_open(void); ++void ++ iw_enum_devices(int skfd, ++ iw_enum_handler fn, ++ char * args[], ++ int count); ++/* --------------------- WIRELESS SUBROUTINES ----------------------*/ ++int ++ iw_get_range_info(int skfd, ++ char * ifname, ++ iwrange * range); ++int ++ iw_print_version_info(char * toolname); ++int ++ iw_get_priv_info(int skfd, ++ char * ifname, ++ iwprivargs * priv, ++ int maxpriv); ++int ++ iw_get_basic_config(int skfd, ++ char * ifname, ++ wireless_config * info); ++int ++ iw_set_basic_config(int skfd, ++ char * ifname, ++ wireless_config * info); ++/* --------------------- PROTOCOL SUBROUTINES --------------------- */ ++int ++ iw_protocol_compare(char * protocol1, ++ char * protocol2); ++/* -------------------- FREQUENCY SUBROUTINES --------------------- */ ++void ++ iw_float2freq(double in, ++ iwfreq * out); ++double ++ iw_freq2float(iwfreq * in); ++void ++ iw_print_freq(char * buffer, ++ double freq); ++int ++ iw_freq_to_channel(double freq, ++ struct iw_range * range); ++void ++ iw_print_bitrate(char * buffer, ++ int bitrate); ++/* ---------------------- POWER SUBROUTINES ----------------------- */ ++int ++ iw_dbm2mwatt(int in); ++int ++ iw_mwatt2dbm(int in); ++/* -------------------- STATISTICS SUBROUTINES -------------------- */ ++int ++ iw_get_stats(int skfd, ++ char * ifname, ++ iwstats * stats); ++void ++ iw_print_stats(char * buffer, ++ iwqual * qual, ++ iwrange * range, ++ int has_range); ++/* --------------------- ENCODING SUBROUTINES --------------------- */ ++void ++ iw_print_key(char * buffer, ++ unsigned char * key, ++ int key_size, ++ int key_flags); ++int ++ iw_in_key(char * input, ++ unsigned char * key); ++int ++ iw_in_key_full(int skfd, ++ char * ifname, ++ char * input, ++ unsigned char * key, ++ __u16 * flags); ++/* ----------------- POWER MANAGEMENT SUBROUTINES ----------------- */ ++void ++ iw_print_pm_value(char * buffer, ++ int value, ++ int flags); ++void ++ iw_print_pm_mode(char * buffer, ++ int flags); ++/* --------------- RETRY LIMIT/LIFETIME SUBROUTINES --------------- */ ++#if WIRELESS_EXT > 10 ++void ++ iw_print_retry_value(char * buffer, ++ int value, ++ int flags); ++#endif ++/* ----------------------- TIME SUBROUTINES ----------------------- */ ++void ++ iw_print_timeval(char * buffer, ++ const struct timeval * time); ++/* --------------------- ADDRESS SUBROUTINES ---------------------- */ ++int ++ iw_check_mac_addr_type(int skfd, ++ char * ifname); ++int ++ iw_check_if_addr_type(int skfd, ++ char * ifname); ++#if 0 ++int ++ iw_check_addr_type(int skfd, ++ char * ifname); ++#endif ++void ++ iw_ether_ntop(const struct ether_addr* eth, char* buf); ++char* ++ iw_ether_ntoa(const struct ether_addr* eth); ++int ++ iw_ether_aton(const char* bufp, struct ether_addr* eth); ++int ++ iw_in_inet(char *bufp, struct sockaddr *sap); ++int ++ iw_in_addr(int skfd, ++ char * ifname, ++ char * bufp, ++ struct sockaddr * sap); ++/* ----------------------- MISC SUBROUTINES ------------------------ */ ++int ++ iw_get_priv_size(int args); ++ ++#if WIRELESS_EXT > 13 ++/* ---------------------- EVENT SUBROUTINES ---------------------- */ ++void ++ iw_init_event_stream(struct stream_descr * stream, ++ char * data, ++ int len); ++int ++ iw_extract_event_stream(struct stream_descr * stream, ++ struct iw_event * iwe); ++#endif /* WIRELESS_EXT > 13 */ ++ ++/**************************** VARIABLES ****************************/ ++ ++extern const char * const iw_operation_mode[]; ++#define IW_NUM_OPER_MODE 7 ++ ++/************************* INLINE FUNTIONS *************************/ ++/* ++ * Functions that are so simple that it's more efficient inlining them ++ */ ++ ++/* ++ * Note : I've defined wrapper for the ioctl request so that ++ * it will be easier to migrate to other kernel API if needed ++ */ ++ ++/*------------------------------------------------------------------*/ ++/* ++ * Wrapper to push some Wireless Parameter in the driver ++ */ ++static inline int ++iw_set_ext(int skfd, /* Socket to the kernel */ ++ char * ifname, /* Device name */ ++ int request, /* WE ID */ ++ struct iwreq * pwrq) /* Fixed part of the request */ ++{ ++ /* Set device name */ ++ strncpy(pwrq->ifr_name, ifname, IFNAMSIZ); ++ /* Do the request */ ++ return(ioctl(skfd, request, pwrq)); ++} ++ ++/*------------------------------------------------------------------*/ ++/* ++ * Wrapper to extract some Wireless Parameter out of the driver ++ */ ++static inline int ++iw_get_ext(int skfd, /* Socket to the kernel */ ++ char * ifname, /* Device name */ ++ int request, /* WE ID */ ++ struct iwreq * pwrq) /* Fixed part of the request */ ++{ ++ /* Set device name */ ++ strncpy(pwrq->ifr_name, ifname, IFNAMSIZ); ++ /* Do the request */ ++ return(ioctl(skfd, request, pwrq)); ++} ++ ++/*------------------------------------------------------------------*/ ++/* Backwards compatibility ++ * Actually, those form are much easier to use when dealing with ++ * struct sockaddr... */ ++static inline char* ++iw_pr_ether(char* bufp, const unsigned char* addr) ++{ ++ iw_ether_ntop((const struct ether_addr *) addr, bufp); ++ return bufp; ++} ++/* Backwards compatibility */ ++static inline int ++iw_in_ether(const char *bufp, struct sockaddr *sap) ++{ ++ sap->sa_family = ARPHRD_ETHER; ++ return iw_ether_aton(bufp, (struct ether_addr *) sap->sa_data) ? 0 : -1; ++} ++ ++/*------------------------------------------------------------------*/ ++/* ++ * Create an Ethernet broadcast address ++ */ ++static inline void ++iw_broad_ether(struct sockaddr *sap) ++{ ++ sap->sa_family = ARPHRD_ETHER; ++ memset((char *) sap->sa_data, 0xFF, ETH_ALEN); ++} ++ ++/*------------------------------------------------------------------*/ ++/* ++ * Create an Ethernet NULL address ++ */ ++static inline void ++iw_null_ether(struct sockaddr *sap) ++{ ++ sap->sa_family = ARPHRD_ETHER; ++ memset((char *) sap->sa_data, 0x00, ETH_ALEN); ++} ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* IWLIB_H */ diff --git a/package/network/net-snmp/patches/900-musl-compat.patch b/package/network/net-snmp/patches/900-musl-compat.patch new file mode 100644 index 0000000000..fa9a01e1b4 --- /dev/null +++ b/package/network/net-snmp/patches/900-musl-compat.patch @@ -0,0 +1,14 @@ +--- a/agent/mibgroup/iwlib.h ++++ b/agent/mibgroup/iwlib.h +@@ -85,6 +85,11 @@ + && LINUX_VERSION_CODE < KERNEL_VERSION(2,1,0) + #define LIBC5_HEADERS + ++/* Musl */ ++#elif !defined(__GLIBC__) && !defined(__UCLIBC__) \ ++ && LINUX_VERSION_CODE >= KERNEL_VERSION(3,0,0) ++#define GENERIC_HEADERS ++ + /* Unsupported combination */ + #else + #error "Your kernel/libc combination is not supported" diff --git a/package/network/services/bind/Config.in b/package/network/services/bind/Config.in new file mode 100644 index 0000000000..ab27b18e3c --- /dev/null +++ b/package/network/services/bind/Config.in @@ -0,0 +1,22 @@ +if PACKAGE_bind-server + +config BIND_LIBJSON + bool + default n + prompt "Include libjson support in bind-server" + help + BIND 9 supports reporting statistics about usage. libjson + is required to report server statistics in JSON format. + Building with libjson support will require the libjson-c + package to be installed as well. + +config BIND_LIBXML2 + bool + default n + prompt "Include libxml2 support in bind-server" + help + BIND 9 supports reporting statistics about usage. + libxml2 is required to report server statistics in XML + format. Building with libjson support will require the + libxml2 package to be installed as well. +endif diff --git a/package/network/services/bind/Makefile b/package/network/services/bind/Makefile new file mode 100644 index 0000000000..e3e06a6745 --- /dev/null +++ b/package/network/services/bind/Makefile @@ -0,0 +1,254 @@ +# +# Copyright (C) 2006-2012 OpenWrt.org +# 2014-2017 Noah Meyerhans +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=bind +PKG_VERSION:=9.14.4 +PKG_RELEASE:=1 +USERID:=bind=57:bind=57 + +PKG_MAINTAINER:=Noah Meyerhans +PKG_LICENSE := MPL-2.0 +PKG_CPE_ID:=cpe:/a:isc:bind + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:= \ + https://www.mirrorservice.org/sites/ftp.isc.org/isc/bind9/$(PKG_VERSION) \ + https://ftp.isc.org/isc/bind9/$(PKG_VERSION) +PKG_HASH:=312efb82a6889074f31ef2849af498b3ec97ca69acd5c4e5e4b4045a8fe6b83f + +PKG_FIXUP:=autoreconf +PKG_REMOVE_FILES:=aclocal.m4 libtool.m4 + +PKG_INSTALL:=1 +PKG_USE_MIPS16:=0 +PKG_BUILD_PARALLEL:=1 + +PKG_CONFIG_DEPENDS := \ + CONFIG_BIND_LIBJSON \ + CONFIG_BIND_LIBXML2 + +ifdef CONFIG_BIND_LIBXML2 + PKG_BUILD_DEPENDS += libxml2 +endif +ifdef CONFIG_BIND_LIBJSON + PKG_BUILD_DEPENDS += libjson-c +endif + +include $(INCLUDE_DIR)/package.mk + +define Package/bind/Default + SECTION:=net + CATEGORY:=Network + DEPENDS:=+bind-libs +@OPENSSL_WITH_EC + TITLE:=bind + URL:=https://www.isc.org/software/bind + SUBMENU:=IP Addresses and Names +endef + +define Package/bind-libs + SECTION:=libs + CATEGORY:=Libraries + DEPENDS:=+libopenssl +zlib +libpthread +libatomic + TITLE:=bind shared libraries + URL:=https://www.isc.org/software/bind +ifdef CONFIG_BIND_LIBJSON + DEPENDS+= +libjson-c +endif +ifdef CONFIG_BIND_LIBXML2 + DEPENDS+= +libxml2 +endif +endef + +define Package/bind-server + $(call Package/bind/Default) + TITLE+= DNS server +endef + +define Package/bind-server/config + source "$(SOURCE)/Config.in" +endef + +define Package/bind-server-filter-aaaa + $(call Package/bind-server) + DEPENDS:=+bind-server + TITLE+= filter AAAA plugin +endef + +define Package/bind-client + $(call Package/bind/Default) + TITLE+= dynamic DNS client +endef + +define Package/bind-tools + $(call Package/bind/Default) + TITLE+= administration tools (all) + DEPENDS:= \ + +bind-check \ + +bind-dig \ + +bind-dnssec \ + +bind-host \ + +bind-rndc +endef + +define Package/bind-rndc + $(call Package/bind/Default) + TITLE+= administration tools (rndc and rndc-confgen only) +endef + +define Package/bind-check + $(call Package/bind/Default) + TITLE+= administration tools (named-checkconf and named-checkzone only) +endef + +define Package/bind-dnssec + $(call Package/bind/Default) + TITLE+= administration tools (dnssec-keygen, dnssec-settime and dnssec-signzone only) +endef + +define Package/bind-host + $(call Package/bind/Default) + TITLE+= simple DNS client +endef + +define Package/bind-dig + $(call Package/bind/Default) + TITLE+= DNS excavation tool +endef + +export BUILD_CC="$(TARGET_CC)" + +TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed + +CONFIGURE_ARGS += \ + --disable-linux-caps \ + --with-openssl="$(STAGING_DIR)/usr" \ + --with-libtool \ + --without-lmdb \ + --enable-epoll \ + --without-gssapi \ + --without-readline \ + --without-python \ + --sysconfdir=/etc/bind + +ifdef CONFIG_BIND_LIBJSON + CONFIGURE_ARGS += \ + --with-libjson="$(STAGING_DIR)/usr" +else + CONFIGURE_ARGS += \ + --without-libjson +endif + +ifdef CONFIG_BIND_LIBXML2 + CONFIGURE_ARGS += \ + --with-libxml2="$(STAGING_DIR)/usr" +else + CONFIGURE_ARGS += \ + --without-libxml2 +endif + +CONFIGURE_VARS += \ + BUILD_CC="$(TARGET_CC)" \ + +define Build/Compile + $(MAKE) -C $(PKG_BUILD_DIR)/lib/dns \ + BUILD_CC="$(HOSTCC)" \ + CC="$(HOSTCC)" \ + CFLAGS="-O2" \ + LIBS="" \ + gen + $(call Build/Compile/Default) +endef + +define Package/bind-libs/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib +endef + +define Package/bind-server/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/named $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/etc/bind + $(CP) \ + ./files/bind/db.0 \ + ./files/bind/db.127 \ + ./files/bind/db.255 \ + ./files/bind/db.local \ + ./files/bind/db.root \ + ./files/bind/bind.keys \ + $(1)/etc/bind/ + $(CP) ./files/bind/named.conf.example $(1)/etc/bind/named.conf + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/named.init $(1)/etc/init.d/named + find $(1)/etc/bind/ -name ".svn" | xargs rm -rf +endef + +define Package/bind-server/conffiles +/etc/bind/db.0 +/etc/bind/db.127 +/etc/bind/db.255 +/etc/bind/db.local +/etc/bind/db.root +/etc/bind/named.conf +endef + +define Package/bind-server-filter-aaaa/install + $(INSTALL_DIR) $(1)/usr/lib/named + $(CP) $(PKG_INSTALL_DIR)/usr/lib/named/filter-aaaa.so $(1)/usr/lib/named +endef + +define Package/bind-client/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nsupdate $(1)/usr/bin/ +endef + +define Package/bind-tools/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/delv $(1)/usr/bin/ +endef + +define Package/bind-rndc/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/rndc $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/rndc-confgen $(1)/usr/sbin/ +endef + +define Package/bind-check/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/named-checkconf $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/named-checkzone $(1)/usr/sbin/ +endef + +define Package/bind-dnssec/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/dnssec-keygen $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/dnssec-settime $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/dnssec-signzone $(1)/usr/sbin/ +endef + +define Package/bind-host/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/host $(1)/usr/bin/ +endef + +define Package/bind-dig/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/dig $(1)/usr/bin/ +endef + +$(eval $(call BuildPackage,bind-libs)) +$(eval $(call BuildPackage,bind-server)) +$(eval $(call BuildPackage,bind-server-filter-aaaa)) +$(eval $(call BuildPackage,bind-client)) +$(eval $(call BuildPackage,bind-tools)) +$(eval $(call BuildPackage,bind-rndc)) +$(eval $(call BuildPackage,bind-check)) +$(eval $(call BuildPackage,bind-dnssec)) +$(eval $(call BuildPackage,bind-host)) +$(eval $(call BuildPackage,bind-dig)) diff --git a/package/network/services/bind/files/bind/bind.keys b/package/network/services/bind/files/bind/bind.keys new file mode 100644 index 0000000000..db22d4bc03 --- /dev/null +++ b/package/network/services/bind/files/bind/bind.keys @@ -0,0 +1,69 @@ +# The bind.keys file is used to override the built-in DNSSEC trust anchors +# which are included as part of BIND 9. As of the current release, the only +# trust anchors it contains are those for the DNS root zone ("."), and for +# the ISC DNSSEC Lookaside Validation zone ("dlv.isc.org"). Trust anchors +# for any other zones MUST be configured elsewhere; if they are configured +# here, they will not be recognized or used by named. +# +# The built-in trust anchors are provided for convenience of configuration. +# They are not activated within named.conf unless specifically switched on. +# To use the built-in root key, set "dnssec-validation auto;" in +# named.conf options. To use the built-in DLV key, set +# "dnssec-lookaside auto;". Without these options being set, +# the keys in this file are ignored. +# +# This file is NOT expected to be user-configured. +# +# These keys are current as of Feburary 2017. If any key fails to +# initialize correctly, it may have expired. In that event you should +# replace this file with a current version. The latest version of +# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys. + +managed-keys { + # ISC DLV: See https://www.isc.org/solutions/dlv for details. + # + # NOTE: The ISC DLV zone is being phased out as of February 2017; + # the key will remain in place but the zone will be otherwise empty. + # Configuring "dnssec-lookaside auto;" to activate this key is + # harmless, but is no longer useful and is not recommended. + dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 + brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ + 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 + ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk + Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM + QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt + TDN0YUuWrBNh"; + + # ROOT KEYS: See https://data.iana.org/root-anchors/root-anchors.xml + # for current trust anchor information. + # + # These keys are activated by setting "dnssec-validation auto;" + # in named.conf. + # + # This key (19036) is to be phased out starting in 2017. It will + # remain in the root zone for some time after its successor key + # has been added. It will remain this file until it is removed from + # the root zone. + . initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF + FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX + bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD + X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz + W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS + Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq + QxA+Uk1ihz0="; + + # This key (20326) is to be published in the root zone in 2017. + # Servers which were already using the old key (19036) should + # roll seamlessly to this new one via RFC 5011 rollover. Servers + # being set up for the first time can use the contents of this + # file as initializing keys; thereafter, the keys in the + # managed key database will be trusted and maintained + # automatically. + . initial-key 257 3 8 "AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3 + +/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv + ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF + 0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+e + oZG+SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfd + RUfhHdY6+cn8HFRm+2hM8AnXGXws9555KrUB5qihylGa8subX2Nn6UwN + R1AkUTV74bU="; +}; diff --git a/package/network/services/bind/files/bind/db.0 b/package/network/services/bind/files/bind/db.0 new file mode 100644 index 0000000000..e3aabdbeed --- /dev/null +++ b/package/network/services/bind/files/bind/db.0 @@ -0,0 +1,12 @@ +; +; BIND reverse data file for broadcast zone +; +$TTL 604800 +@ IN SOA localhost. root.localhost. ( + 1 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL +; +@ IN NS localhost. diff --git a/package/network/services/bind/files/bind/db.127 b/package/network/services/bind/files/bind/db.127 new file mode 100644 index 0000000000..cd05bef14a --- /dev/null +++ b/package/network/services/bind/files/bind/db.127 @@ -0,0 +1,13 @@ +; +; BIND reverse data file for local loopback interface +; +$TTL 604800 +@ IN SOA localhost. root.localhost. ( + 1 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL +; +@ IN NS localhost. +1.0.0 IN PTR localhost. diff --git a/package/network/services/bind/files/bind/db.255 b/package/network/services/bind/files/bind/db.255 new file mode 100644 index 0000000000..e3aabdbeed --- /dev/null +++ b/package/network/services/bind/files/bind/db.255 @@ -0,0 +1,12 @@ +; +; BIND reverse data file for broadcast zone +; +$TTL 604800 +@ IN SOA localhost. root.localhost. ( + 1 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL +; +@ IN NS localhost. diff --git a/package/network/services/bind/files/bind/db.local b/package/network/services/bind/files/bind/db.local new file mode 100644 index 0000000000..66b4892351 --- /dev/null +++ b/package/network/services/bind/files/bind/db.local @@ -0,0 +1,13 @@ +; +; BIND data file for local loopback interface +; +$TTL 604800 +@ IN SOA localhost. root.localhost. ( + 1 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL +; +@ IN NS localhost. +@ IN A 127.0.0.1 diff --git a/package/network/services/bind/files/bind/db.root b/package/network/services/bind/files/bind/db.root new file mode 100644 index 0000000000..f0b79d2af3 --- /dev/null +++ b/package/network/services/bind/files/bind/db.root @@ -0,0 +1,90 @@ +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . " +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC +; under anonymous FTP as +; file /domain/named.cache +; on server FTP.INTERNIC.NET +; -OR- RS.INTERNIC.NET +; +; last update: February 17, 2016 +; related version of root zone: 2016021701 +; +; formerly NS.INTERNIC.NET +; +. 3600000 NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 +; +; FORMERLY NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b +; +; FORMERLY C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c +; +; FORMERLY TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d +; +; FORMERLY NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +; +; FORMERLY NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f +; +; FORMERLY NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +; +; FORMERLY AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53 +; +; FORMERLY NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 +; +; OPERATED BY VERISIGN, INC. +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 +; +; OPERATED BY RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 +; +; OPERATED BY ICANN +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 +L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 +; +; OPERATED BY WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of file diff --git a/package/network/services/bind/files/bind/named.conf.example b/package/network/services/bind/files/bind/named.conf.example new file mode 100644 index 0000000000..1624549552 --- /dev/null +++ b/package/network/services/bind/files/bind/named.conf.example @@ -0,0 +1,45 @@ +// This is the primary configuration file for the BIND DNS server named. + +options { + directory "/tmp"; + + // If your ISP provided one or more IP addresses for stable + // nameservers, you probably want to use them as forwarders. + // Uncomment the following block, and insert the addresses replacing + // the all-0's placeholder. + + // forwarders { + // 0.0.0.0; + // }; + + auth-nxdomain no; # conform to RFC1035 +}; + +// prime the server with knowledge of the root servers +zone "." { + type hint; + file "/etc/bind/db.root"; +}; + +// be authoritative for the localhost forward and reverse zones, and for +// broadcast zones as per RFC 1912 + +zone "localhost" { + type master; + file "/etc/bind/db.local"; +}; + +zone "127.in-addr.arpa" { + type master; + file "/etc/bind/db.127"; +}; + +zone "0.in-addr.arpa" { + type master; + file "/etc/bind/db.0"; +}; + +zone "255.in-addr.arpa" { + type master; + file "/etc/bind/db.255"; +}; diff --git a/package/network/services/bind/files/named.init b/package/network/services/bind/files/named.init new file mode 100644 index 0000000000..b7876d9e1d --- /dev/null +++ b/package/network/services/bind/files/named.init @@ -0,0 +1,35 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2014 Noah Meyerhans +# Licensed under the terms of the GNU General Public License version 2 +# or (at your discretion) any later later version + +USE_PROCD=1 + +START=50 + +config_file=/etc/bind/named.conf +pid_file=/var/run/named/named.pid + +logdir=/var/log/named/ +cachedir=/var/cache/bind +libdir=/var/lib/bind + +fix_perms() { + for dir in $libdir $logdir $cachedir; do + test -e "$dir" || { + mkdir -p "$dir" + chgrp bind "$dir" + chmod g+w "$dir" + } + done +} + +start_service() { + user_exists bind 57 || user_add bind 57 + group_exists bind 57 || group_add bind 57 + fix_perms + procd_open_instance + procd_set_param command /usr/sbin/named -u bind -f -c $config_file + procd_set_param respawn + procd_close_instance +} diff --git a/package/network/services/bind/patches/001-no-tests.patch b/package/network/services/bind/patches/001-no-tests.patch new file mode 100644 index 0000000000..b21b563b77 --- /dev/null +++ b/package/network/services/bind/patches/001-no-tests.patch @@ -0,0 +1,11 @@ +--- a/bin/Makefile.in ++++ b/bin/Makefile.in +@@ -12,7 +12,7 @@ VPATH = @srcdir@ + top_srcdir = @top_srcdir@ + + SUBDIRS = named rndc dig delv dnssec tools nsupdate check confgen \ +- @NZD_TOOLS@ @PYTHON_TOOLS@ @PKCS11_TOOLS@ plugins tests ++ @NZD_TOOLS@ @PYTHON_TOOLS@ @PKCS11_TOOLS@ plugins + TARGETS = + + @BIND9_MAKE_RULES@ diff --git a/package/network/services/openconnect/Config.in b/package/network/services/openconnect/Config.in new file mode 100644 index 0000000000..d73bd3a88d --- /dev/null +++ b/package/network/services/openconnect/Config.in @@ -0,0 +1,21 @@ +# openconnect avanced configuration + +menu "Configuration" + depends on PACKAGE_openconnect + +choice + prompt "SSL library" + default OPENCONNECT_GNUTLS + +config OPENCONNECT_GNUTLS + bool "GnuTLS support" + +config OPENCONNECT_OPENSSL + bool "OpenSSL" + +endchoice + +config OPENCONNECT_STOKEN + bool "stoken support" + +endmenu diff --git a/package/network/services/openconnect/Makefile b/package/network/services/openconnect/Makefile new file mode 100644 index 0000000000..d4e62dd42d --- /dev/null +++ b/package/network/services/openconnect/Makefile @@ -0,0 +1,83 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=openconnect +PKG_VERSION:=8.04 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/ +PKG_HASH:=98979c6e3f78b294dc663e3fd75d5c9e9d779f247be9d4e3ab84b5e90565f81f + +PKG_LICENSE:=LGPL-2.1-or-later +PKG_LICENSE_FILES:=COPYING.LGPL + +PKG_CONFIG_DEPENDS:= \ + CONFIG_OPENCONNECT_GNUTLS \ + CONFIG_OPENCONNECT_OPENSSL \ + +PKG_USE_MIPS16:=0 + +include $(INCLUDE_DIR)/package.mk + +define Package/openconnect/config + source "$(SOURCE)/Config.in" +endef + +define Package/openconnect + SECTION:=net + CATEGORY:=Network + DEPENDS:=+libxml2 +kmod-tun +resolveip +vpnc-scripts +OPENCONNECT_OPENSSL:libopenssl +OPENCONNECT_OPENSSL:p11-kit +OPENCONNECT_OPENSSL:libp11 +OPENCONNECT_GNUTLS:libgnutls +OPENCONNECT_GNUTLS:libtasn1 +OPENCONNECT_STOKEN:libstoken + TITLE:=OpenConnect VPN client (Cisco AnyConnect and Juniper/Pulse compatible) + MAINTAINER:=Nikos Mavrogiannopoulos + URL:=https://www.infradead.org/openconnect/ + SUBMENU:=VPN +endef + +define Package/openconnect/description + A VPN client compatible with Cisco's AnyConnect SSL VPN, ocserv and Juniper (Pulse secure). + + OpenConnect is a client that follows the Cisco's AnyConnect SSL VPN protocol, + which is supported by IOS 12.4(9)T or later on Cisco SR500, 870, 880, 1800, + 2800, 3800, 7200 Series and Cisco 7301 Routers, as well as the OpenConnect + VPN server. It has later been ported to support the Juniper SSL VPN which + is now known as Pulse Connect Secure. +endef + +CONFIGURE_ARGS += \ + --disable-shared \ + --with-vpnc-script=/lib/netifd/vpnc-script \ + --without-libpcsclite \ + --without-stoken \ + --without-libpskc \ + --without-gssapi \ + --without-lz4 + +ifeq ($(CONFIG_OPENCONNECT_OPENSSL),y) +CONFIGURE_ARGS += \ + --without-gnutls +endif + +ifeq ($(CONFIG_OPENCONNECT_STOKEN),y) +CONFIGURE_ARGS += \ + --with-stoken +endif + +define Package/openconnect/install + $(INSTALL_DIR) $(1)/etc/openconnect/ + $(INSTALL_DIR) $(1)/lib/netifd/proto + $(INSTALL_BIN) ./files/openconnect.sh $(1)/lib/netifd/proto/ + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/openconnect $(1)/usr/sbin/ + $(INSTALL_BIN) ./files/openconnect-wrapper $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/lib/upgrade/keep.d + $(INSTALL_DATA) ./files/openconnect.upgrade $(1)/lib/upgrade/keep.d/openconnect +endef + +$(eval $(call BuildPackage,openconnect)) diff --git a/package/network/services/openconnect/README b/package/network/services/openconnect/README new file mode 100644 index 0000000000..019058ce50 --- /dev/null +++ b/package/network/services/openconnect/README @@ -0,0 +1,49 @@ +The openconnect client expects to be configured using the uci interface. + +To setup a VPN connection, add the following to /etc/config/network: + +config interface 'MYVPN' + option proto 'openconnect' + option interface 'wan' + option server 'vpn.example.com' + option port '4443' + option username 'test' + option password 'secret' + option serverhash 'AE7FF6A0426F0A0CD0A02EB9EC3C5066FAEB0B25' + option defaultroute '0' + option authgroup 'DEFAULT' + + # For second factor auth: + + # when a fixed 2FA password can be used + #option password2 'my-fixed-2fa-password' + + # RSA tokens, must be built with stoken support + #option token_mode 'rsa' + #option token_secret 'secret' + + # HOTP/TOTP tokens + #option token_mode 'hotp' + #option token_secret '00' + + # tokens from script + #option token_mode 'script' + #option token_script '/lib/custom/getocpass.sh' + + # Juniper vpn support + #option juniper '1' + +The additional files are also used: +/etc/openconnect/user-cert-vpn-MYVPN.pem: The user certificate +/etc/openconnect/user-key-vpn-MYVPN.pem: The user private key +/etc/openconnect/ca-vpn-MYVPN.pem: The CA certificate (instead of serverhash) + +After these are setup you can initiate the VPN using "ifup MYVPN", and +deinitialize it using ifdown. You may also use the luci web interface +(Network -> Interfaces -> MYVPN Connect). + +Note that you need to configure the firewall to allow communication between +the MYVPN interface and lan. + +There is a luci plugin to allow configuring an openconnect interface from +the web environment; see the luci-proto-openconnect package. diff --git a/package/network/services/openconnect/files/openconnect-wrapper b/package/network/services/openconnect/files/openconnect-wrapper new file mode 100755 index 0000000000..8a4ff78f98 --- /dev/null +++ b/package/network/services/openconnect/files/openconnect-wrapper @@ -0,0 +1,13 @@ +#!/bin/sh + +# This script wraps openconnect in order to obtain the password +# file from cmd. + +# $1 password file +# $2... are passed to openconnect + +test -z "$1" && exit 1 + +pwfile=$1 +shift +exec /usr/sbin/openconnect "$@" <$pwfile diff --git a/package/network/services/openconnect/files/openconnect.sh b/package/network/services/openconnect/files/openconnect.sh new file mode 100755 index 0000000000..dc1d42b80f --- /dev/null +++ b/package/network/services/openconnect/files/openconnect.sh @@ -0,0 +1,111 @@ +#!/bin/sh +. /lib/functions.sh +. ../netifd-proto.sh +init_proto "$@" + +proto_openconnect_init_config() { + proto_config_add_string "server" + proto_config_add_int "port" + proto_config_add_int "mtu" + proto_config_add_int "juniper" + proto_config_add_string "interface" + proto_config_add_string "username" + proto_config_add_string "serverhash" + proto_config_add_string "authgroup" + proto_config_add_string "password" + proto_config_add_string "password2" + proto_config_add_string "token_mode" + proto_config_add_string "token_secret" + proto_config_add_string "token_script" + proto_config_add_string "os" + proto_config_add_string "csd_wrapper" + no_device=1 + available=1 +} + +proto_openconnect_setup() { + local config="$1" + + json_get_vars server port interface username serverhash authgroup password password2 token_mode token_secret token_script os csd_wrapper mtu juniper + + grep -q tun /proc/modules || insmod tun + ifname="vpn-$config" + + logger -t openconnect "initializing..." + + logger -t "openconnect" "adding host dependency for $server at $config" + for ip in $(resolveip -t 10 "$server"); do + logger -t "openconnect" "adding host dependency for $ip at $config" + proto_add_host_dependency "$config" "$ip" "$interface" + done + + [ -n "$port" ] && port=":$port" + + cmdline="$server$port -i "$ifname" --non-inter --syslog --script /lib/netifd/vpnc-script" + [ -n "$mtu" ] && cmdline="$cmdline --mtu $mtu" + + # migrate to standard config files + [ -f "/etc/config/openconnect-user-cert-vpn-$config.pem" ] && mv "/etc/config/openconnect-user-cert-vpn-$config.pem" "/etc/openconnect/user-cert-vpn-$config.pem" + [ -f "/etc/config/openconnect-user-key-vpn-$config.pem" ] && mv "/etc/config/openconnect-user-key-vpn-$config.pem" "/etc/openconnect/user-key-vpn-$config.pem" + [ -f "/etc/config/openconnect-ca-vpn-$config.pem" ] && mv "/etc/config/openconnect-ca-vpn-$config.pem" "/etc/openconnect/ca-vpn-$config.pem" + + [ -f /etc/openconnect/user-cert-vpn-$config.pem ] && append cmdline "-c /etc/openconnect/user-cert-vpn-$config.pem" + [ -f /etc/openconnect/user-key-vpn-$config.pem ] && append cmdline "--sslkey /etc/openconnect/user-key-vpn-$config.pem" + [ -f /etc/openconnect/ca-vpn-$config.pem ] && { + append cmdline "--cafile /etc/openconnect/ca-vpn-$config.pem" + append cmdline "--no-system-trust" + } + + if [ "${juniper:-0}" -gt 0 ]; then + append cmdline "--juniper" + fi + + [ -n "$serverhash" ] && { + append cmdline " --servercert=$serverhash" + append cmdline "--no-system-trust" + } + [ -n "$authgroup" ] && append cmdline "--authgroup $authgroup" + [ -n "$username" ] && append cmdline "-u $username" + [ -n "$password" ] || [ "$token_mode" = "script" ] && { + umask 077 + mkdir -p /var/etc + pwfile="/var/etc/openconnect-$config.passwd" + [ -n "$password" ] && { + echo "$password" > "$pwfile" + [ -n "$password2" ] && echo "$password2" >> "$pwfile" + } + [ "$token_mode" = "script" ] && { + $token_script > "$pwfile" 2> /dev/null || { + logger -t openconenct "Cannot get password from script '$token_script'" + proto_setup_failed "$config" + } + } + append cmdline "--passwd-on-stdin" + } + + [ -n "$token_mode" -a "$token_mode" != "script" ] && append cmdline "--token-mode=$token_mode" + [ -n "$token_secret" ] && append cmdline "--token-secret=$token_secret" + [ -n "$os" ] && append cmdline "--os=$os" + [ -n "$csd_wrapper" ] && [ -x "$csd_wrapper" ] && append cmdline "--csd-wrapper=$csd_wrapper" + + proto_export INTERFACE="$config" + logger -t openconnect "executing 'openconnect $cmdline'" + + if [ -f "$pwfile" ]; then + proto_run_command "$config" /usr/sbin/openconnect-wrapper $pwfile $cmdline + else + proto_run_command "$config" /usr/sbin/openconnect $cmdline + fi +} + +proto_openconnect_teardown() { + local config="$1" + + pwfile="/var/etc/openconnect-$config.passwd" + + rm -f $pwfile + logger -t openconnect "bringing down openconnect" + proto_kill_command "$config" 2 +} + +add_protocol openconnect diff --git a/package/network/services/openconnect/files/openconnect.upgrade b/package/network/services/openconnect/files/openconnect.upgrade new file mode 100644 index 0000000000..01bad657cf --- /dev/null +++ b/package/network/services/openconnect/files/openconnect.upgrade @@ -0,0 +1,9 @@ +/etc/openconnect/user-cert-vpn-*.pem +/etc/openconnect/user-key-vpn-*.pem +/etc/openconnect/ca-vpn-*.pem +/etc/openconnect/pre-init.d/ +/etc/openconnect/connect.d/ +/etc/openconnect/post-connect.d/ +/etc/openconnect/disconnect.d/ +/etc/openconnect/post-disconnect.d/ +/etc/openconnect/reconnect.d/ diff --git a/package/network/services/p910nd/Makefile b/package/network/services/p910nd/Makefile new file mode 100644 index 0000000000..cfe4ea7d91 --- /dev/null +++ b/package/network/services/p910nd/Makefile @@ -0,0 +1,62 @@ +# +# Copyright (C) 2009-2014 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=p910nd +PKG_VERSION:=0.97 +PKG_RELEASE:=8 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 +PKG_SOURCE_URL:=@SF/p910nd +PKG_LICENSE:=GPLv2 +PKG_LICENSE_FILES:=COPYING +PKG_HASH:=4ac980a3ae24babae6f70f0a692625ece03a4a92c357fbb10d2e368386c3c26f +PKG_MAINTAINER:=Philipp Kerling + +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/p910nd + SECTION:=net + CATEGORY:=Network + SUBMENU:=Printing + TITLE:=A small non-spooling printer server + URL:=http://p910nd.sourceforge.net + USERID:=p910nd=393:lp=7 +endef + +define Package/p910nd/conffiles +/etc/config/p910nd +endef + +define Package/p910nd/description + p910nd is a small daemon that copies any data received on + the port it is listening on to the corresponding printer + port. It is primarily intended for diskless Linux hosts + running as printer drivers but there is no reason why it + could not be used on diskful hosts. Port 9100 is copied + to /dev/lp0, 9101 to /dev/lp1 and 9102 to /dev/lp2. The + default is port 9100 to /dev/lp0. +endef + +MAKE_FLAGS += \ + CFLAGS="$(TARGET_CFLAGS) -DLOCKFILE_DIR=\"\\\"/tmp\"\\\"" + +define Package/p910nd/install + $(INSTALL_DIR) $(1)/usr/sbin + $(CP) $(PKG_INSTALL_DIR)/usr/sbin/p910nd $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_DATA) ./files/p910nd.config $(1)/etc/config/p910nd + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/p910nd.init $(1)/etc/init.d/p910nd + $(INSTALL_DIR) $(1)/etc/hotplug.d/usbmisc + $(INSTALL_BIN) ./files/p910nd.hotplug $(1)/etc/hotplug.d/usbmisc/20-p910nd +endef + +$(eval $(call BuildPackage,p910nd)) diff --git a/package/network/services/p910nd/files/p910nd.config b/package/network/services/p910nd/files/p910nd.config new file mode 100644 index 0000000000..5446192c76 --- /dev/null +++ b/package/network/services/p910nd/files/p910nd.config @@ -0,0 +1,26 @@ +config p910nd + option device /dev/usb/lp0 + # Actual TCP port is 9100 plus this value + # Valid values are 0,1,2 + option port 0 + option bidirectional 1 + option enabled 0 + # Override running as user p910nd, group lp + option runas_root 0 + + # mDNS support - see Bonjour Printing Specification for details concerning the values + # Be aware that you can only advertise one printer on this host via mDNS + # Set to 1 to enable + option mdns 0 + # Human-readable printer make and model + option mdns_ty 'My Printer Manufacturer/Model' + # Human-readable location + option mdns_note 'Basement' + # Post-Script product string, including parenthesis + option mdns_product '' + # IEEE-1284 Device ID MANUFACTURER/MFG string + option mdns_mfg '' + # IEEE-1284 Device ID MODEL/MDL string + option mdns_mdl '' + # IEEE-1284 Device ID COMMAND SET/CMD string + option mdns_cmd '' diff --git a/package/network/services/p910nd/files/p910nd.hotplug b/package/network/services/p910nd/files/p910nd.hotplug new file mode 100644 index 0000000000..0c2291efaf --- /dev/null +++ b/package/network/services/p910nd/files/p910nd.hotplug @@ -0,0 +1,13 @@ +#!/bin/sh + +case "$ACTION" in + add) + [ -n "${DEVNAME}" ] && [ "${DEVNAME##usb/lp*}" = "" ] && { + chmod 660 /dev/"$DEVNAME" + chgrp lp /dev/"$DEVNAME" + } + ;; + remove) + # device is gone + ;; +esac diff --git a/package/network/services/p910nd/files/p910nd.init b/package/network/services/p910nd/files/p910nd.init new file mode 100644 index 0000000000..0eadebd65e --- /dev/null +++ b/package/network/services/p910nd/files/p910nd.init @@ -0,0 +1,59 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2007 OpenWrt.org +START=99 +USE_PROCD=1 + +append_bool() { + local section="$1" + local option="$2" + local value="$3" + local _val + config_get_bool _val "$section" "$option" '0' + [ "$_val" -gt 0 ] && append args "$3" +} + +append_string() { + local section="$1" + local option="$2" + local value="$3" + local _val + config_get _val "$section" "$option" + [ -n "$_val" ] && append args "$3$_val" +} + +start_service() { + config_load "p910nd" + config_foreach start_p910nd p910nd +} + + +start_p910nd() { + local section="$1" runas_root + config_get_bool "enabled" "$section" "enabled" '1' + if [ "$enabled" -gt 0 ]; then + args="-d " + config_get port "$section" port + name=p910${port}d + append_bool "$section" bidirectional "-b" + append_string "$section" device "-f " + append_string "$section" bind "-i " + append_string "$section" port "" + procd_open_instance $name + procd_set_param command /usr/sbin/p910nd $args + procd_set_param respawn + + config_get_bool runas_root "$section" runas_root 0 + [ "$runas_root" -ne 1 ] && procd_set_param user p910nd + + config_get_bool "mdns" "$section" "mdns" '0' + config_get mdns_note "$section" mdns_note + config_get mdns_ty "$section" mdns_ty + config_get mdns_product "$section" mdns_product + config_get mdns_mfg "$section" mdns_mfg + config_get mdns_mdl "$section" mdns_mdl + config_get mdns_cmd "$section" mdns_cmd + [ "$mdns" -gt 0 ] && procd_add_mdns "pdl-datastream" "tcp" "$((port+9100))" "note=$mdns_note" "ty=$mdns_ty" "product=$mdns_product" "usb_MFG=$mdns_mfg" "usb_MDL=$mdns_mdl" "usb_CMD=$mdns_cmd" + + procd_close_instance + fi +} diff --git a/package/network/services/pppossh/Makefile b/package/network/services/pppossh/Makefile new file mode 100644 index 0000000000..4567ac50b9 --- /dev/null +++ b/package/network/services/pppossh/Makefile @@ -0,0 +1,38 @@ +# +# Copyright (C) 2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=pppossh +PKG_RELEASE:=2 +PKG_MAINTAINER:=Yousong Zhou +PKG_LICENSE:=GPLv2 + +include $(INCLUDE_DIR)/package.mk + +define Package/pppossh + SECTION:=net + CATEGORY:=Network + TITLE:=PPPoSSH (Point-to-Point Protocol over SSH) + DEPENDS:=+ppp +resolveip @(PACKAGE_dropbear||PACKAGE_openssh-client) + PKGARCH:=all +endef + +define Package/pppossh/description +This package adds protocol support for PPP over SSH. The protocol name is +'pppossh' as in netifd interface config option 'proto'. +endef + +define Build/Compile +endef + +define Package/pppossh/install + $(INSTALL_DIR) $(1)/lib/netifd/proto + $(INSTALL_BIN) ./files/pppossh.sh $(1)/lib/netifd/proto +endef + +$(eval $(call BuildPackage,pppossh)) diff --git a/package/network/services/pppossh/README.md b/package/network/services/pppossh/README.md new file mode 100644 index 0000000000..4902ba6a31 --- /dev/null +++ b/package/network/services/pppossh/README.md @@ -0,0 +1,68 @@ +This package will add the so-called `pppossh` protocol support to OpenWrt. The idea is mainly from [`pvpn` project](https://github.com/halhen/pvpn) (poor man's VPN over SSH). + +PPPoSSH is generally not considered a network setup for production use mainly due to the TCP-over-TCP styles of traffic transport, but it can be quite handy for personal use. And with what's already in OpenWrt, it is really easy and takes little extra space to configure it up running. + +## Prerequisites and dependency. + +`pppossh` depends on either `dropbear` or `openssh-client`; `dropbear` is normally enabled in OpenWrt by default. + +The following requirements need to be fulfilled for it to work. + +- A SSH account on the remote machine with `CAP_NET_ADMIN` capability is required. +- Public key authentication must be enabled and setup properly. + + Public key of the one generated automatially by dropbear can be induced by the following command. But you can always use your own (dropbear can work with OpenSSH public key). + + dropbearkey -y -f /etc/dropbear/dropbear_rsa_host_key + +- SSH server's fingerprint has to be present in `~/.ssh/known_hosts` for the authentication to proceed in an unattended way. + + Manually logging in at least once to the remote server from OpenWrt should do this for you. + +## How to use it. + +The protocol name to use in `/etc/config/network` is `pppossh`. Options are as described below. + +- `server`, SSH server name +- `port`, SSH server port (defaults to `22`). +- `sshuser`, SSH login username +- `identity`, list of client private key files. `~/.ssh/id_{rsa,dsa}` will + be used if no identity file was specified and at least one of them must be + valid for the public key authentication to proceed. +- `ipaddr`, local ip address to be assigned. +- `peeraddr`, peer ip address to be assigned. +- `ssh_options`, extra options for the ssh client. +- `use_hostdep`, set it to `0` to disable the use of `proto_add_host_dependency`. This is mainly for the case that the appropriate route to `server` is not registered to `netifd` and thus causing a incorrect route being setup. + +## Tips + +An `uci batch` command template for your reference. Modify it to suite your situation. + + uci batch <&2 + exit 1 +} + +. /lib/functions.sh +. ../netifd-proto.sh +init_proto "$@" + +INCLUDE_ONLY=1 + +. ./ppp.sh + +proto_pppossh_init_config() { + ppp_generic_init_config + config_add_string server sshuser ipaddr peeraddr ssh_options + config_add_array 'identity:list(string)' + config_add_int port use_hostdep + available=1 + no_device=1 +} + +proto_pppossh_setup() { + local config="$1" + local iface="$2" + local user="$(id -nu)" + local home=$(sh -c "echo ~$user") + local server port sshuser ipaddr peeraddr ssh_options identity use_hostdep + local ip fn errmsg opts pty + + json_get_vars port sshuser ipaddr peeraddr ssh_options use_hostdep + json_get_var server server && { + [ -z "$use_hostdep" ] && use_hostdep=1 + for ip in $(resolveip -t 5 "$server"); do + if [ "$use_hostdep" -gt 0 ]; then + ( proto_add_host_dependency "$config" "$ip" ) + else + break + fi + done + } + [ -n "$ip" ] || errmsg="${errmsg}Could not resolve $server\n" + [ -n "$sshuser" ] || errmsg="${errmsg}Missing sshuser option\n" + + json_get_values identity identity + [ -z "$identity" ] && identity="$home/.ssh/id_rsa $home/.ssh/id_dsa" + for fn in $identity; do + [ -f "$fn" ] && opts="$opts -i $fn" + done + [ -n "$opts" ] || errmsg="${errmsg}Cannot find valid identity file\n" + + [ -n "$errmsg" ] && { + echo -ne "$errmsg" >&2 + proto_setup_failed "$config" + exit 1 + } + opts="$opts ${port:+-p $port}" + opts="$opts ${ssh_options}" + opts="$opts $sshuser@$server" + pty="exec env 'HOME=$home' $SSH $opts pppd nodetach notty noauth" + + ppp_generic_setup "$config" noauth pty "$pty" "$ipaddr:$peeraddr" +} + +proto_pppossh_teardown() { + ppp_generic_teardown "$@" +} + +add_protocol pppossh diff --git a/package/network/services/unbound/Makefile b/package/network/services/unbound/Makefile new file mode 100644 index 0000000000..95c04fb740 --- /dev/null +++ b/package/network/services/unbound/Makefile @@ -0,0 +1,263 @@ +# +# Copyright (C) 2010-2016 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=unbound +PKG_VERSION:=1.9.3 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://nlnetlabs.nl/downloads/unbound +PKG_HASH:=1b55dd9170e4bfb327fb644de7bbf7f0541701149dff3adf1b63ffa785f16dfa + +PKG_MAINTAINER:=Eric Luehrsen +PKG_LICENSE:=BSD-3-Clause +PKG_LICENSE_FILES:=LICENSE +PKG_CPE_ID:=cpe:/a:nlnetlabs:unbound + +PKG_BUILD_PARALLEL:=1 +PKG_FIXUP:=autoreconf +PKG_INSTALL:=1 +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) + +include $(INCLUDE_DIR)/package.mk + +define Package/unbound/Default + SECTION:=net + CATEGORY:=Network + SUBMENU:=IP Addresses and Names + USERID:=unbound:unbound + TITLE:=Recursive DNS Server + URL:=https://nlnetlabs.nl/projects/unbound/about + DEPENDS:=+libopenssl +@OPENSSL_WITH_EC +endef + +define Package/unbound-daemon + $(call Package/unbound/Default) + TITLE+= (daemon, light traffic) + DEPENDS+= +libunbound + VARIANT:=light +endef + +define Package/unbound-daemon/description + This package contains the Unbound daemon with basic includes + necessary to meet the needs of UCI/LuCI configuration optoins. +endef + +define Package/unbound-daemon-heavy + $(call Package/unbound/Default) + TITLE+= (daemon, heavy traffic) + URL:=https://nlnetlabs.nl/documentation/unbound/howto-optimise + DEPENDS+= +libunbound-heavy +libpthread +libevent2 +libevent2-pthreads + VARIANT:=heavy + PROVIDES:=unbound-daemon +endef + +define Package/unbound-daemon-heavy/description + This package contains the Unbound daemon including 'libevent' and + 'libpthread' to better handle large networks with heavy query loads. +endef + +define Package/libunbound + $(call Package/unbound/Default) + SECTION:=libs + CATEGORY:=Libraries + SUBMENU:=Networking + TITLE+= (library, light traffic) + VARIANT:=light + DEFAULT_VARIANT:=1 +endef + +define Package/libunbound/description + This package contains the Unbound shared library with basic includes + necessary to meet the needs of UCI/LuCI configuration optoins. +endef + +define Package/libunbound-heavy + $(call Package/unbound/Default) + SECTION:=libs + CATEGORY:=Libraries + SUBMENU:=Networking + TITLE+= (library, heavy traffic) + URL:=https://nlnetlabs.nl/documentation/unbound/howto-optimise + DEPENDS+= +libpthread +libevent2 +libevent2-pthreads + VARIANT:=heavy + PROVIDES:=libunbound +endef + +define Package/libunbound-heavy/description + This package contains the Unbound shared library including 'libevent' and + 'libpthread' to better handle large networks with heavy query loads. +endef + +define Package/unbound-anchor + $(call Package/unbound/Default) + TITLE+= (root DSKEY) + DEPENDS+= +unbound-daemon +libexpat +endef + +define Package/unbound-anchor/description + This package contains the Unbound anchor utility. +endef + +define Package/unbound-checkconf + $(call Package/unbound/Default) + TITLE+= (config checker) + DEPENDS+= +unbound-daemon +endef + +define Package/unbound-checkconf/description + This package contains the Unbound DNS configuration checker utility. +endef + +define Package/unbound-control + $(call Package/unbound/Default) + TITLE+= (remote control) + DEPENDS+= +unbound-daemon +endef + +define Package/unbound-control/description + This package contains the Unbound control utility. +endef + +define Package/unbound-control-setup + $(call Package/unbound/Default) + TITLE+= (control setup) + DEPENDS+= +unbound-control +openssl-util +endef + +define Package/unbound-control-setup/description + This package contains the Unbound control setup utility. +endef + +define Package/unbound-host + $(call Package/unbound/Default) + TITLE+= (DNS lookup) + DEPENDS+= +libunbound +endef + +define Package/unbound-host/description + This package contains the Unbound DNS lookup utility. +endef + +CONFIGURE_ARGS += \ + --disable-dsa \ + --disable-gost \ + --enable-allsymbols \ + --enable-ecdsa \ + --enable-tfo-client \ + --enable-tfo-server \ + --with-libexpat="$(STAGING_DIR)/usr" \ + --with-ssl="$(STAGING_DIR)/usr" \ + --with-user=unbound \ + --with-run-dir=/var/lib/unbound \ + --with-conf-file=/var/lib/unbound/unbound.conf \ + --with-pidfile=/var/run/unbound.pid + +ifeq ($(BUILD_VARIANT),heavy) + CONFIGURE_ARGS += \ + --with-pthreads \ + --with-libevent="$(STAGING_DIR)/usr" \ + --enable-event-api +else + CONFIGURE_ARGS += \ + --without-pthreads \ + --without-solaris-threads \ + --without-libevent +endif + +define Package/unbound-daemon/conffiles +/etc/config/unbound +/etc/unbound/unbound.conf +/etc/unbound/unbound_ext.conf +/etc/unbound/unbound_srv.conf +endef + +Package/unbound-daemon-heavy/conffiles = $(Package/unbound-daemon/conffiles) + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/lib + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libunbound.{so*,a,la} $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/include + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/unbound.h $(1)/usr/include/ +ifeq ($(BUILD_VARIANT),heavy) + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/unbound-event.h $(1)/usr/include/ +endif +endef + +define Package/unbound-daemon/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) \ + $(PKG_INSTALL_DIR)/usr/sbin/unbound $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/etc/unbound + $(INSTALL_DATA) \ + $(PKG_INSTALL_DIR)/var/lib/unbound/unbound.conf \ + $(1)/etc/unbound/unbound.conf + $(INSTALL_DATA) ./files/root.key $(1)/etc/unbound/root.key + $(INSTALL_DATA) ./files/unbound_ext.conf $(1)/etc/unbound/unbound_ext.conf + $(INSTALL_DATA) ./files/unbound_srv.conf $(1)/etc/unbound/unbound_srv.conf + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_DATA) ./files/unbound.uci $(1)/etc/config/unbound + $(INSTALL_DIR) $(1)/etc/hotplug.d/ntp + $(INSTALL_BIN) ./files/unbound.ntpd $(1)/etc/hotplug.d/ntp/25-unbound + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/unbound.init $(1)/etc/init.d/unbound + $(INSTALL_DIR) $(1)/usr/lib/unbound + $(INSTALL_DATA) ./files/defaults.sh $(1)/usr/lib/unbound/defaults.sh + $(INSTALL_DATA) ./files/dnsmasq.sh $(1)/usr/lib/unbound/dnsmasq.sh + $(INSTALL_DATA) ./files/iptools.sh $(1)/usr/lib/unbound/iptools.sh + $(INSTALL_BIN) ./files/odhcpd.sh $(1)/usr/lib/unbound/odhcpd.sh + $(INSTALL_DATA) ./files/odhcpd.awk $(1)/usr/lib/unbound/odhcpd.awk + $(INSTALL_DATA) ./files/stopping.sh $(1)/usr/lib/unbound/stopping.sh + $(INSTALL_DATA) ./files/unbound.sh $(1)/usr/lib/unbound/unbound.sh +endef + +Package/unbound-daemon-heavy/install = $(Package/unbound-daemon/install) + +define Package/libunbound/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libunbound.so.* $(1)/usr/lib/ +endef + +Package/libunbound-heavy/install = $(Package/libunbound/install) + +define Package/unbound-anchor/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/unbound-anchor $(1)/usr/sbin/ +endef + +define Package/unbound-checkconf/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/unbound-checkconf $(1)/usr/sbin/ +endef + +define Package/unbound-control/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/unbound-control $(1)/usr/sbin/ +endef + +define Package/unbound-control-setup/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/unbound-control-setup $(1)/usr/sbin/ +endef + +define Package/unbound-host/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/unbound-host $(1)/usr/sbin/ +endef + +$(eval $(call BuildPackage,unbound-daemon)) +$(eval $(call BuildPackage,unbound-daemon-heavy)) +$(eval $(call BuildPackage,libunbound)) +$(eval $(call BuildPackage,libunbound-heavy)) +$(eval $(call BuildPackage,unbound-anchor)) +$(eval $(call BuildPackage,unbound-checkconf)) +$(eval $(call BuildPackage,unbound-control)) +$(eval $(call BuildPackage,unbound-control-setup)) +$(eval $(call BuildPackage,unbound-host)) + diff --git a/package/network/services/unbound/files/README.md b/package/network/services/unbound/files/README.md new file mode 100644 index 0000000000..653a3f8367 --- /dev/null +++ b/package/network/services/unbound/files/README.md @@ -0,0 +1,432 @@ +# Unbound Recursive DNS Server with UCI + +## Unbound Description +[Unbound](https://www.unbound.net/) is a validating, recursive, and caching DNS resolver. The C implementation of Unbound is developed and maintained by [NLnet Labs](https://www.nlnetlabs.nl/). It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modular components, so that also DNSSEC (secure DNS) validation and stub-resolvers (that do not run as a server, but are linked into an application) are easily possible. + +## Package Overview +OpenWrt default build uses [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html) for DNS forwarding and DHCP. With a forward only resolver, dependence on the upstream recursors may be cause for concern. They are often provided by the ISP, and some users have switched to public DNS providers. Either way may result in problems due to performance, "snoop-vertising", hijacking (MiM), and other causes. Running a recursive resolver or resolver capable of TLS may be a solution. + +Unbound may be useful on consumer grade embedded hardware. It is fully DNSSEC and TLS capable. It is _intended_ to be a recursive resolver only. NLnet Labs [NSD](https://www.nlnetlabs.nl/projects/nsd/) is _intended_ for the authoritative task. This is different than [ISC Bind](https://www.isc.org/downloads/bind/) and its inclusive functions. Unbound configuration effort and memory consumption may be easier to control. A consumer could have their own recursive resolver with 8/64 MB router, and remove potential issues from forwarding resolvers outside of their control. + +This package builds on Unbounds capabilities with OpenWrt UCI. Not every Unbound option is in UCI, but rather, UCI simplifies the combination of related options. Unbounds native options are bundled and balanced within a smaller set of choices. Options include resources, DNSSEC, access control, and some TTL tweaking. The UCI also provides an escape option and works at the raw "unbound.conf" level. + +## HOW TO: Ad Blocking +The UCI scripts will work with [net/adblock](https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md), if it is installed and enabled. Its all detected and integrated automatically. In brief, the adblock scripts create distinct local-zone files that are simply included in the unbound conf file during UCI generation. If you don't want this, then disable adblock or reconfigure adblock to not send these files to Unbound. + +A few tweaks may be needed to enhance the realiability and effectiveness. Ad Block option for delay time may need to be set for upto one minute (adb_triggerdelay), because of boot up race conditions with interfaces calling Unbound restarts. Also many smart devices (TV, microwave, or refigerator) will also use public DNS servers either as a bypass or for certain connections in general. If you wish to force exclusive DNS to your router, then you will need a firewall rule for example: + +**/etc/config/firewall**: +``` +config rule + option name 'Block-Public-DNS' + option enabled '1' + option src 'lan' + option dest 'wan' + option dest_port '53 853 5353' + option proto 'tcpudp' + option family 'any' + option target 'REJECT' +``` + +## HOW TO: Integrate with DHCP +Some UCI options and scripts help Unbound to work with DHCP servers to load the local DNS. The examples provided here are serial dnsmasq-unbound, parallel dnsmasq-unbound, and unbound scripted with odhcpd. + +### Serial dnsmasq +In this case, dnsmasq is not changed *much* with respect to the default [OpenWrt](https://openwrt.org/docs/guide-user/base-system/dns_configuration) configuration. Here dnsmasq is forced to use the local Unbound instance as the lone upstream DNS server, instead of your ISP. This may be the easiest implementation, but performance degradation can occur in high volume networks. Unbound and dnsmasq effectively have the same information in memory, and all transfers are double handled. + +**/etc/config/unbound**: +``` +config unbound + option add_local_fqdn '0' + option add_wan_fqdn '0' + option dhcp_link 'none' + # dnsmasq should not forward your domain to unbound, but if... + option domain 'yourdomain' + option domain_type 'refuse' + option listen_port '1053' + ... +``` + +**/etc/config/dhcp**: +``` +config dnsmasq + option domain 'yourdomain' + option noresolv '1' + option resolvfile '/tmp/resolv.conf.auto' + option port '53' + list server '127.0.0.1#1053' + list server '::1#1053' + ... +``` + +### Parallel dnsmasq +In this case, Unbound serves your local network directly for all purposes. It will look over to dnsmasq for DHCP-DNS resolution. Unbound is generally accessible on port 53, and dnsmasq is only accessed at 127.0.0.1:1053 by Unbound. Although you can dig/drill/nslookup remotely with the proper directives. + +**/etc/config/unbound**: +``` +config unbound + option dhcp_link 'dnsmasq' + option listen_port '53' + ... +``` + +**/etc/config/dhcp**: +``` +config dnsmasq + option domain 'yourdomain' + option noresolv '1' + option resolvfile '/tmp/resolv.conf.auto' + option port '1053' + ... + +config dhcp 'lan' + # dnsmasq may not issue DNS option if not std. configuration + list dhcp_option 'option:dns-server,0.0.0.0' + ... +``` + +### Unbound and odhcpd +You may ask, "can Unbound replace dnsmasq?" You can have DHCP-DNS records with Unbound and [odhcpd](https://github.com/openwrt/odhcpd/blob/master/README) only. The UCI scripts will allow Unbound to act like dnsmasq. When odhcpd configures each DHCP lease, it will call a script. The script provided with Unbound will read the lease file for DHCP-DNS records. The unbound-control application is required, because simply rewriting conf-files and restarting unbound is too much overhead. +- Default OpenWrt has dnsmasq+odhcpd with `odhcpd-ipv6only` limited to DHCPv6. +- If you use dnsmasq+odhcpd together, then use dnsmasq serial or parallel methods above. +- You must install package `odhcpd` (full) to use odhcpd alone. +- You must install package `unbound-control` to load and unload leases. +- Remember to uninstall (or disable) dnsmasq when you won't use it. + +**/etc/config/unbound**: +``` +config unbound + # name your router in DNS + option add_local_fqdn '1' + option add_wan_fqdn '1' + option dhcp_link 'odhcpd' + # add SLAAC inferred from DHCPv4 + option dhcp4_slaac6 '1' + option domain 'lan' + option domain_type 'static' + option listen_port '53' + option rebind_protection '1' + # install unbound-control and set this + option unbound_control '1' + ... +``` + +**/etc/config/dhcp**: +``` +config dhcp 'lan' + option dhcpv4 'server' + option dhcpv6 'server' + option interface 'lan' + option leasetime '12h' + option ra 'server' + option ra_management '1' + ... + +config odhcpd 'odhcpd' + option maindhcp '1' + option leasefile '/var/lib/odhcpd/dhcp.leases' + # this is where the magic happens + option leasetrigger '/usr/lib/unbound/odhcpd.sh' +``` + +## HOW TO: Manual Override +Yes, there is a UCI to disable the rest of Unbound UCI. However, OpenWrt or LEDE are targeted at embedded machines with flash ROM. The initialization scripts do a few things to protect flash ROM. + +### Completely Manual (almost) +All of `/etc/unbound` (persistent, ROM) is copied to `/var/lib/unbound` (tmpfs, RAM). Edit your manual `/etc/unbound/unbound.conf` to reference this `/var/lib/unbound` location for included files. Note in preparation for a jail, `/var/lib/unbound` is `chown unbound`. Configure for security in`/etc/unbound/unbound.conf` with options `username:unbound` and `chroot:/var/lib/unbound`. + +Keep the DNSKEY updated with your choice of flash activity. `root.key` maintenance for DNSKEY RFC5011 would be hard on flash. Unbound natively updates frequently. It also creates and destroys working files in the process. In `/var/lib/unbound` this is no problem, but it would be gone at the next reboot. If you have DNSSEC (validator) active, then you should consider the age UCI option. Choose how many days to copy from `/var/lib/unbound/root.key` (tmpfs) to `/etc/unbound/root.key` (flash). + +**/etc/config/unbound**: +``` +config unbound + option manual_conf '1' + option root_age '9' + # end +``` + +### Hybrid Manual/UCI +You like the UCI. Yet, you need to add some difficult to standardize options, or just are not ready to make a UCI request yet. The files `/etc/unbound/unbound_srv.conf` and `/etc/unbound/unbound_ext.conf` will be copied to Unbounds chroot directory and included during auto generation. + +The file `unbound_srv.conf` will be added into the `server:` clause. The file `unbound_ext.conf` will be added to the end of all configuration. It is for extended `forward-zone:`, `stub-zone:`, `auth-zone:`, and `view:` clauses. You can also disable unbound-control in the UCI which only allows "localhost" connections unencrypted, and then add an encrypted remote `control:` clause. + +## HOW TO: Cache Zone Files +Unbound has the ability to AXFR a whole zone from an authoritative server to prefetch the zone. This can speed up access to common zones. Some may have special bandwidth concerns for DNSSEC overhead. The following is a generic example. UCI defaults include the [root](https://www.internic.net/domain/) zone, but it is disabled as a ready to go example. + +**/etc/config/unbound**: +``` +config zone + option enabled '1' + option fallback '1' + option url_dir 'https://asset-management.it.example.com/zones/' + option zone_type 'auth_zone' + list server 'ns1.it.example.com' + list server 'ns2.it.example.com' + list zone_name 'example.com' +``` + +## HOW TO: TLS Over DNS +Unbound can use TLS as a client or server. UCI supports Unbound as a forwarding client with TLS. Servers are more complex and need manual configuration. This may be desired for privacy against stealth tracking. Some public DNS servers seem to advertise help in this quest. If your looking for a better understanding, then some information can be found at [Cloudflare](https://www.cloudflare.com/) DNS [1.1.1.1](https://1.1.1.1/). The following is a generic example. You can mix providers by using complete server specificaiton to override the zones common port and certificate domain index. + +Update as of Unbound 1.9.1, all TLS functions work correctly with either OpenSSL 1.0.2 or 1.1.0. Please be sure to install `ca-bundle` package and use `opkg` to get updates regularly. + +**/etc/config/unbound**: +``` +config zone + option enabled '1' + # question: do you want to recurse when TLS fails or not? + option fallback '0' + option tls_index 'dns.example.net' + option tls_port '853' + option tls_upstream '1' + option zone_type 'forward_zone' + # these servers assume a common TLS port/index + list server '192.0.2.53' + list server '2001:db8::53' + # this alternate server is fully specified inline + list server '192.0.2.153@443#dns.alternate.example.org' + list zone_name '.' +``` + +## Complete List of UCI Options +**/etc/config/unbound**: +``` +config unbound + Currently only one instance is supported. + + option add_extra_dns '0' + Level. Execute traditional DNS overrides found in `/etc/config/dhcp`. + Optional so you may use other Unbound conf or redirect to NSD instance. + 0 - Ignore `/etc/config/dhcp` + 1 - Use only 'domain' clause (host records) + 2 - Use 'domain', 'mxhost', and 'srvhost' clauses + 3 - Use all of 'domain', 'mxhost', 'srvhost', and 'cname' clauses + + option add_local_fqdn '0' + Level. This puts your routers host name in the LAN (local) DNS. + Each level is more detailed and comprehensive. + 0 - Disabled + 1 - Host Name on only the primary address + 2 - Host Name on all addresses found (except link) + 3 - FQDN and host name on all addresses (except link) + 4 - Above and interfaces named .. + + option add_wan_fqdn '0' + Level. Same as previous option only this applies to the WAN. WAN are + inferred by a UCI `config dhcp` entry that contains the 'option ignore 1'. + + option dns64 '0' + Boolean. Enable DNS64 through Unbound in order to bridge networks that are + IPV6 only and IPV4 only (see RFC6052). + + option dns64_prefix '64:ff9b::/96' + IPV6 Prefix. The IPV6 prefix wrapped on the IPV4 address for DNS64. You + should use RFC6052 "well known" address, unless you also redirect to a proxy + or gateway for your NAT64. + + option dhcp_link 'none' + Program Name. Link to one of the supported programs we have scripts + for. You may also need to install a trigger script in the DHCP + servers configuration. See HOW TO above. + + option dhcp4_slaac6 '0' + Boolean. Some DHCP servers do this natively (dnsmasq). Otherwise + the script provided with this package will try to fabricate SLAAC + IP6 addresses from DHCPv4 MAC records. + + option domain 'lan' + Unbound local-zone: . This is used to suffix all + host records, and maintain a local zone. When dnsmasq is dhcp_link + however, then this option is ignored (dnsmasq does it all). + + option domain_type 'static' + Unbound local-zone: . This allows you to lock + down or allow forwarding of the local zone. Notable types: + static - typical single router setup much like OpenWrt dnsmasq default + refuse - to answer overtly with DNS code REFUSED + deny - to drop queries for the local zone + transparent - to use your manually added forward-zone: or stub-zone: clause + + option edns_size '1280' + Bytes. Extended DNS is necessary for DNSSEC. However, it can run + into MTU issues. Use this size in bytes to manage drop outs. + + option extended_stats '0' + Boolean. extended statistics are printed from unbound-control. + Keeping track of more statistics takes time. + + option hide_binddata '1' + Boolean. If enabled version.server, version.bind, id.server, and + hostname.bind queries are refused. + + option listen_port '53' + Port. Incoming. Where Unbound will listen for queries. + + option localservice '1' + Boolean. Prevent DNS amplification attacks. Only provide access to + Unbound from subnets this machine has interfaces on. + + option manual_conf '0' + Boolean. Skip all this UCI nonsense. Manually edit the + configuration. Make changes to /etc/unbound/unbound.conf. + + option num_threads '1' + Count. Enable multithreading with the "heavy traffic" variant. Base variant + spins each as whole proces and is not efficient. Two threads may be used, + but they use one shared cache slab. More edges into an industrial setup, + and UCI simplificaitons may not be appropriate. + + option protocol 'mixed' + Unbound can limit its protocol used for recursive queries. + ip4_only - old fashioned IPv4 upstream and downstream + ip6_only - test environment only; could cauase problems + ip6_local - upstream IPv4 only and local network IPv4 and IPv6 + ip6_prefer - both IPv4 and IPv6 but try IPv6 first + mixed - both IPv4 and IPv6 + default - Unbound built-in defaults + + option query_minimize '0' + Boolean. Enable a minor privacy option. Don't let each server know the next + recursion. Query one piece at a time. + + option query_min_strict '0' + Boolean. Query minimize is best effort and will fall back to normal when it + must. This option prevents the fall back, but less than standard name + servers will fail to resolve their domains. + + option rebind_localhost '0' + Boolean. Prevent loopback "127.0.0.0/8" or "::1/128" responses. These may + used by black hole servers for good purposes like ad-blocking or parental + access control. Obviously these responses may be used to for bad purposes. + + option rebind_protection '1' + Level. Block your local address responses from global DNS. A poisoned + reponse within "192.168.0.0/24" or "fd00::/8" could turn a local browser + into an external attack proxy server. IP6 GLA may be vulnerable also. + 0 - Off + 1 - Only RFC 1918 and 4193 responses blocked + 2 - Plus GLA /64 on designated interface(s) + 3 - Plus DHCP-PD range passed down interfaces (not implemented) + + option recursion 'passive' + Unbound has many options for recrusion but UCI is bundled for simplicity. + passive - slower until cache fills but kind on CPU load + default - Unbound built-in defaults + aggressive - uses prefetching to handle more requests quickly + + option resource 'small' + Unbound has many options for resources but UCI is bundled for simplicity. + tiny - similar to published memory restricted configuration + small - about half of medium + medium - similar to default, but fixed for consistency + default - Unbound built-in defaults + large - about double of medium + + option root_age '9' + Days. >90 Disables. Age limit for Unbound root data like root DNSSEC key. + Unbound uses RFC 5011 to manage root key. This could harm flash ROM. This + activity is mapped to "tmpfs," but every so often it needs to be copied back + to flash for the next reboot. + + option ttl_min '120' + Seconds. Minimum TTL in cache. Recursion can be expensive without cache. A + low TTL is normal for server migration. A low TTL can be abused for snoop- + vertising (DNS hit counts; recording query IP). Typical to configure maybe + 0~300, but 1800 is the maximum accepted. + + option unbound_control '0' + Level. Enables unbound-control application access ports. + 0 - No unbound-control Access, or add your own in 'unbound_ext.conf' + 1 - Unencrypted Local Host Access + 2 - SSL Local Host Access; auto unbound-control-setup if available + 3 - SSL Network Access; auto unbound-control-setup if available + 4 - SSL Network Access; static key/pem files must already exist + + option validator '0' + Boolean. Enable DNSSEC. Unbound names this the "validator" module. + + option validator_ntp '1' + Boolean. Disable DNSSEC time checks at boot. Once NTP confirms global real + time, then DNSSEC is restarted at full strength. Many embedded devices don't + have a real time power off clock. NTP needs DNS to resolve servers. This + works around the chicken-and-egg. + + option verbosity '1' + Level. Sets Unbounds logging intensity. + + list domain_insecure 'ntp.somewhere.org' + Domain. Domains that you wish to skip DNSSEC. It is one way around NTP + chicken and egg. Your DHCP servered domains are automatically included. + + list trigger_interface 'lan' 'wan' + Interface (logical). This option is a work around for netifd/procd + interaction with WAN DHCPv6. Minor RA or DHCP changes in IP6 can cause + netifd to execute procd interface reload. Limit Unbound procd triggers to + LAN and WAN (IP4 only) to prevent restart @2-3 minutes. + + +config zone + Create Unbounds forward-zone:, stub-zone:, or auth-zone: clauses + + option enabled 1 + Boolean. Enable the zone clause. + + option fallback 1 + Boolean. Permit normal recursion when the narrowly selected servers in this + zone are unresponsive or return empty responses. Disable, if there are + security concerns (forward only internal to organization). + + option port 53 + Port. Servers are contact on this port for plain DNS operations. + + option resolv_conf 0 + Boolean. Use "resolv.conf" as it was filled by the DHCP client. This can be + used to forward zones within your ISP (mail.example.net) or that have co- + located services (streamed-movies.example.com). Recursion may not yield the + most local result, but forwarding may instead. + + option tls_index (n/a) + Domain. Name TLS certificates are signed for (dns.example.net). If this + option is ommitted, then Unbound will make connections but not validate. + + option tls_port 853 + Port. Servers are contact on this port for DNS over TLS operations. + + option tls_upstream 0 + Boolean. Use TLS to contact the zone server. + + option url_dir + String. http or https path, directory part only, to the zone file for + auth_zone type only. Files "${zone_name}.zone" are expect in this path. + + option zone_type (n/a) + State. Required field or the clause is effectively disabled. Check Unbound + documentation for clarity (unbound-conf). + auth_zone - prefetch whole zones from authoritative server (ICANN) + forward_zone - forward queries in these domains to the listed servers + stub_zone - force recursion of these domains to the listed servers + + list server (n/a) + IP. Every zone must have one server. Stub and forward require IP to prevent + chicken and egg (due to UCI simplicity). Authoritative prefetch may use a + server name. + + list zone_name + Domain. Every zone must represent some part of the DNS tree. It can be all + of it "." or you internal organization domain "example.com." Within each + zone clause all zone names will be matched to all servers. +``` + +## Replaced Options + config unbound / option prefetch_root + List the domains in a zone with type auth_zone and fill in the server or url + fields. Root zones are ready but disabled in default install UCI. + + config unbound / list domain_forward + List the domains in a zone with type forward_zone and enable the + resolv_conf option. + + config unbound / list rebind_interface + Enable rebind_protection at 2 and all DHCP interfaces are also protected for + IPV6 GLA (parallel to subnets in add_local_fqdn). + diff --git a/package/network/services/unbound/files/defaults.sh b/package/network/services/unbound/files/defaults.sh new file mode 100644 index 0000000000..c26511941d --- /dev/null +++ b/package/network/services/unbound/files/defaults.sh @@ -0,0 +1,66 @@ +#!/bin/sh +############################################################################## +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Copyright (C) 2016 Eric Luehrsen +# +############################################################################## + +# where are we? +UB_LIBDIR=/usr/lib/unbound +UB_VARDIR=/var/lib/unbound +UB_PIDFILE=/var/run/unbound.pid + +# conf deconstructed +UB_TOTAL_CONF=$UB_VARDIR/unbound.conf +UB_CORE_CONF=$UB_VARDIR/server.conf.tmp +UB_HOST_CONF=$UB_VARDIR/host.conf.tmp +UB_DHCP_CONF=$UB_VARDIR/dhcp.conf +UB_ZONE_CONF=$UB_VARDIR/zone.conf.tmp +UB_CTRL_CONF=$UB_VARDIR/ctrl.conf.tmp +UB_SRVMASQ_CONF=$UB_VARDIR/dnsmasq_srv.conf.tmp +UB_EXTMASQ_CONF=$UB_VARDIR/dnsmasq_ext.conf.tmp +UB_SRV_CONF=$UB_VARDIR/unbound_srv.conf +UB_EXT_CONF=$UB_VARDIR/unbound_ext.conf + +# TLS keys +UB_TLS_KEY_FILE="TLS server UCI not implemented" +UB_TLS_PEM_FILE="TLS server UCI not implemented" +UB_TLS_FWD_FILE=$UB_VARDIR/ca-certificates.crt +UB_TLS_ETC_FILE=/etc/ssl/certs/ca-certificates.crt + +# start files +UB_RKEY_FILE=$UB_VARDIR/root.key +UB_RHINT_FILE=$UB_VARDIR/root.hints +UB_TIME_FILE=$UB_VARDIR/hotplug.time +UB_SKIP_FILE=$UB_VARDIR/skip.time + +# control app keys +UB_CTLKEY_FILE=$UB_VARDIR/unbound_control.key +UB_CTLPEM_FILE=$UB_VARDIR/unbound_control.pem +UB_SRVKEY_FILE=$UB_VARDIR/unbound_server.key +UB_SRVPEM_FILE=$UB_VARDIR/unbound_server.pem + +# similar default SOA / NS RR as Unbound uses for private ARPA zones +UB_XSER=$(( $( date +%s ) / 60 )) +UB_XSOA="7200 IN SOA localhost. nobody.invalid. $UB_XSER 3600 1200 9600 300" +UB_XNS="7200 IN NS localhost." +UB_XTXT="7200 IN TXT \"comment=local intranet dns zone\"" +UB_MTXT="7200 IN TXT \"comment=masked internet dns zone\"" +UB_LTXT="7200 IN TXT \"comment=rfc6762 multicast dns zone\"" + +# helper apps +UB_ANCHOR=/usr/sbin/unbound-anchor +UB_CONTROL=/usr/sbin/unbound-control +UB_CONTROL_CFG="$UB_CONTROL -c $UB_TOTAL_CONF" + +############################################################################## + diff --git a/package/network/services/unbound/files/dnsmasq.sh b/package/network/services/unbound/files/dnsmasq.sh new file mode 100644 index 0000000000..54e4e85e6e --- /dev/null +++ b/package/network/services/unbound/files/dnsmasq.sh @@ -0,0 +1,310 @@ +#!/bin/sh +############################################################################## +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Copyright (C) 2016 Eric Luehrsen +# +############################################################################## +# +# This crosses over to the dnsmasq UCI file "dhcp" and parses it for fields +# that will allow Unbound to request local host DNS of dnsmasq. We need to look +# at the interfaces in "dhcp" and get their subnets. The Unbound conf syntax +# makes this a little difficult. First in "server:" we need to create private +# zones for the domain and PTR records. Then we need to create numerous +# "forward:" clauses to forward those zones to dnsmasq. +# +############################################################################## + +DM_D_WAN_FQDN=0 + +DM_LIST_KNOWN_ZONES="invalid" +DM_LIST_TRN_ZONES="" +DM_LIST_LOCAL_DATA="" +DM_LIST_LOCAL_PTR="" +DM_LIST_FWD_PORTS="" +DM_LIST_FWD_ZONES="" + +############################################################################## + +create_local_zone() { + local target="$1" + local partial domain found + + case $DM_LIST_TRN_ZONES in + *"${target}"*) + found=1 + ;; + + *) + case $target in + [A-Za-z0-9]*.[A-Za-z0-9]*) + found=0 + ;; + + *) # no dots + found=1 + ;; + esac + esac + + + if [ $found -eq 0 ] ; then + # New Zone! Bundle local-zones: by first two name tiers "abcd.tld." + partial=$( echo "$target" | awk -F. '{ j=NF ; i=j-1; print $i"."$j }' ) + DM_LIST_TRN_ZONES="$DM_LIST_TRN_ZONES $partial" + DM_LIST_KNOWN_ZONES="$DM_LIST_KNOWN_ZONES $partial" + fi +} + +############################################################################## + +create_host_record() { + local cfg="$1" + local ip name debug_ip + + # basefiles dhcp "domain" clause which means host A, AAAA, and PRT record + config_get ip "$cfg" ip + config_get name "$cfg" name + + + if [ -n "$name" ] && [ -n "$ip" ] ; then + create_local_zone "$name" + + + case $ip in + fe[89ab][0-9a-f]:*|169.254.*) + debug_ip="$ip@$name" + ;; + + [1-9a-f]*:*[0-9a-f]) + DM_LIST_LOCAL_DATA="$DM_LIST_LOCAL_DATA $name.@@300@@IN@@AAAA@@$ip" + DM_LIST_LOCAL_PTR="$DM_LIST_LOCAL_PTR $ip@@300@@$name" + ;; + + [1-9]*.*[0-9]) + DM_LIST_LOCAL_DATA="$DM_LIST_LOCAL_DATA $name.@@300@@IN@@A@@$ip" + DM_LIST_LOCAL_PTR="$DM_LIST_LOCAL_PTR $ip@@300@@$name" + ;; + esac + fi +} + +############################################################################## + +create_mx_record() { + local cfg="$1" + local domain relay pref record + + # Insert a static MX record + config_get domain "$cfg" domain + config_get relay "$cfg" relay + config_get pref "$cfg" pref 10 + + + if [ -n "$domain" ] && [ -n "$relay" ] ; then + create_local_zone "$domain" + record="$domain.@@300@@IN@@MX@@$pref@@$relay." + DM_LIST_LOCAL_DATA="$DM_LIST_LOCAL_DATA $record" + fi +} + +############################################################################## + +create_srv_record() { + local cfg="$1" + local srv target port class weight record + + # Insert a static SRV record such as SIP server + config_get srv "$cfg" srv + config_get target "$cfg" target + config_get port "$cfg" port + config_get class "$cfg" class 10 + config_get weight "$cfg" weight 10 + + + if [ -n "$srv" ] && [ -n "$target" ] && [ -n "$port" ] ; then + create_local_zone "$srv" + record="$srv.@@300@@IN@@SRV@@$class@@$weight@@$port@@$target." + DM_LIST_LOCAL_DATA="$DM_LIST_LOCAL_DATA $record" + fi +} + +############################################################################## + +create_cname_record() { + local cfg="$1" + local cname target record + + # Insert static CNAME record + config_get cname "$cfg" cname + config_get target "$cfg" target + + + if [ -n "$cname" ] && [ -n "$target" ] ; then + create_local_zone "$cname" + record="$cname.@@300@@IN@@CNAME@@$target." + DM_LIST_LOCAL_DATA="$DM_LIST_LOCAL_DATA $record" + fi +} + +############################################################################## + +dnsmasq_local_zone() { + local cfg="$1" + local fwd_port fwd_domain wan_fqdn + + # dnsmasq domain and interface assignment settings will control config + config_get fwd_domain "$cfg" domain + config_get fwd_port "$cfg" port + config_get wan_fqdn "$cfg" add_wan_fqdn + + + if [ -n "$wan_fqdn" ] ; then + DM_D_WAN_FQDN=$wan_fqdn + fi + + + if [ -n "$fwd_domain" ] && [ -n "$fwd_port" ] \ + && [ ! "${fwd_port:-53}" -eq 53 ] ; then + # dnsmasq localhost listening ports (possible multiple instances) + DM_LIST_FWD_PORTS="$DM_LIST_FWD_PORTS $fwd_port" + DM_LIST_FWD_ZONES="$DM_LIST_FWD_ZONES $fwd_domain" + fi +} + +############################################################################## + +dnsmasq_local_arpa() { + local ifarpa ifsubnet + + + if [ -n "$UB_LIST_NETW_LAN" ] ; then + for ifsubnet in $UB_LIST_NETW_LAN ; do + ifarpa=$( domain_ptr_any "${ifsubnet#*@}" ) + DM_LIST_FWD_ZONES="$DM_LIST_FWD_ZONES $ifarpa" + done + fi + + + if [ -n "$UB_LIST_NETW_WAN" ] && [ "$DM_D_WAN_FQDN" -gt 0 ] ; then + for ifsubnet in $UB_LIST_NETW_WAN ; do + ifarpa=$( domain_ptr_any "${ifsubnet#*@}" ) + DM_LIST_FWD_ZONES="$DM_LIST_FWD_ZONES $ifarpa" + done + fi +} + +############################################################################## + +dnsmasq_inactive() { + local record + + + if [ "$UB_D_EXTRA_DNS" -gt 0 ] ; then + # Parasite from the uci.dhcp.domain clauses + DM_LIST_KNOWN_ZONES="$DM_LIST_KNOWN_ZONES $UB_TXT_DOMAIN" + config_load dhcp + config_foreach create_host_record domain + + + if [ "$UB_D_EXTRA_DNS" -gt 1 ] ; then + config_foreach create_srv_record srvhost + config_foreach create_mx_record mxhost + fi + + + if [ "$UB_D_EXTRA_DNS" -gt 2 ] ; then + config_foreach create_cname_record cname + fi + + + { + echo "# $UB_SRVMASQ_CONF generated by UCI $( date -Is )" + if [ -n "$DM_LIST_TRN_ZONES" ] ; then + for record in $DM_LIST_TRN_ZONES ; do + echo " local-zone: $record transparent" + done + echo + fi + if [ -n "$DM_LIST_LOCAL_DATA" ] ; then + for record in $DM_LIST_LOCAL_DATA ; do + echo " local-data: \"${record//@@/ }\"" + done + echo + fi + if [ -n "$DM_LIST_LOCAL_PTR" ] ; then + for record in $DM_LIST_LOCAL_PTR ; do + echo " local-data-ptr: \"${record//@@/ }\"" + done + echo + fi + } > $UB_SRVMASQ_CONF + fi +} + +############################################################################## + +dnsmasq_active() { + # Look at dnsmasq settings + config_load dhcp + # Zone for DHCP / SLAAC-PING DOMAIN + config_foreach dnsmasq_local_zone dnsmasq + # Zone for DHCP / SLAAC-PING ARPA + dnsmasq_local_arpa + + + if [ -n "$DM_LIST_FWD_PORTS" ] && [ -n "$DM_LIST_FWD_ZONES" ] ; then + { + # Forward to dnsmasq on same host for DHCP lease hosts + echo "# $UB_SRVMASQ_CONF generated by UCI $( date -Is )" + echo " do-not-query-localhost: no" + echo + } > $UB_SRVMASQ_CONF + + echo "# $UB_EXTMASQ_CONF generated by UCI $( date -Is )" > $UB_EXTMASQ_CONF + + + for fwd_domain in $DM_LIST_FWD_ZONES ; do + { + # This creates a domain with local privledges + echo " domain-insecure: $fwd_domain" + echo " private-domain: $fwd_domain" + echo " local-zone: $fwd_domain transparent" + echo + } >> $UB_SRVMASQ_CONF + + { + # This is derived from dnsmasq local domain and dhcp service subnets + echo "forward-zone:" + echo " name: $fwd_domain" + echo " forward-first: no" + for port in $DM_LIST_FWD_PORTS ; do + echo " forward-addr: 127.0.0.1@$port" + done + echo + } >> $UB_EXTMASQ_CONF + done + fi +} + +############################################################################## + +dnsmasq_link() { + if [ "$UB_D_DHCP_LINK" = "dnsmasq" ] ; then + dnsmasq_active + + else + dnsmasq_inactive + fi +} + +############################################################################## + diff --git a/package/network/services/unbound/files/iptools.sh b/package/network/services/unbound/files/iptools.sh new file mode 100644 index 0000000000..346e4e59d9 --- /dev/null +++ b/package/network/services/unbound/files/iptools.sh @@ -0,0 +1,198 @@ +#!/bin/sh +############################################################################## +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Copyright (C) 2016 Eric Luehrsen +# +############################################################################## +# +# These are iptools that might be useful in a larger package, if provided +# elsewhere for common use. One example that many may find useful is turning +# flexible IPV6 colon dividers into PTR. Otherwise these are incomplete and +# would need robustness improvements for more generic applications. +# +############################################################################## + +domain_ptr_ip6() { + # Get the nibble rounded /CIDR ...ip6.arpa. + echo "$1" | awk -F: \ + 'BEGIN { OFS = "" ; } + { CIDR = $0 ; + sub(/.*\//,"",CIDR) ; + CIDR = (CIDR / 4) ; + sub(/\/[0-9]+/,"",$0) ; + ct_stop = 9 - NF ; + for(i=1; i<=NF; i++) { + if(length($i) == 0) { + for(j=1; j<=ct_stop; j++) { $i = ($i "0000") ; } } + else { $i = substr(("0000" $i), length($i)+5-4) ; } } ; + y = $0 ; + ct_start = length(y) - 32 + CIDR ; + for(i=ct_start; i>0; i--) { x = (x substr(y,i,1)) ; } ; + gsub(/./,"&\.",x) ; + x = (x "ip6.arpa") ; + print x }' +} + +############################################################################## + +host_ptr_ip6() { + # Get complete host ...ip6.arpa. + echo "$1" | awk -F: \ + 'BEGIN { OFS = "" ; } + { sub(/\/[0-9]+/,"",$0) ; + ct_stop = 9 - NF ; + for(i=1; i<=NF; i++) { + if(length($i) == 0) { + for(j=1; j<=ct_stop; j++) { $i = ($i "0000") ; } } + else { $i = substr(("0000" $i), length($i)+5-4) ; } } ; + y = $0 ; + ct_start = length(y); + for(i=ct_start; i>0; i--) { x = (x substr(y,i,1)) ; } ; + sub(/[0-9]+\//,"",x) ; + gsub(/./,"&\.",x) ; + x = (x "ip6.arpa") ; + print x }' +} + +############################################################################## + +domain_ptr_ip4() { + # Get the byte rounded /CIDR ...in-addr.arpa. + echo "$1" | awk \ + '{ CIDR = $0 ; + sub(/.*\//,"",CIDR) ; + CIDR = (CIDR / 8) ; + dtxt = $0 ; + sub(/\/.*/,"",dtxt) ; + split(dtxt, dtxt, ".") ; + for(i=1; i<=CIDR; i++) { x = (dtxt[i] "." x) ; } + x = (x "in-addr.arpa") ; + print x }' +} + +############################################################################## + +host_ptr_ip4() { + # Get omplete host ...in-addr.arpa. + echo "$1" | awk -F. \ + '{ x = ( $4"."$3"."$2"."$1".in-addr.arpa" ) ; + sub(/\/[0-9]+/,"",x) ; + print x }' +} + +############################################################################## + +valid_subnet6() { + case "$1" in + # GA + [1-9][0-9a-f][0-9a-f][0-9a-f]":"*) echo "ok" ;; + # ULA + f[cd][0-9a-f][0-9a-f]":"*) echo "ok" ;; + # fe80::, ::1, and such + *) echo "not" ;; + esac +} + +############################################################################## + +valid_subnet4() { + case "$1" in + # Link, Local, and Such + 169"."254"."*) echo "not" ;; + 127"."*) echo "not" ;; + 0"."*) echo "not" ;; + 255"."*) echo "not" ;; + # Other Normal + 25[0-4]"."[0-9]*) echo "ok" ;; + 2[0-4][0-9]"."[0-9]*) echo "ok" ;; + 1[0-9][0-9]"."[0-9]*) echo "ok" ;; + [0-9][0-9]"."[0-9]*) echo "ok" ;; + [0-9]"."[0-9]*) echo "ok" ;; + # Not Right + *) echo "not";; + esac +} + +############################################################################## + +valid_subnet_any() { + local subnet=$1 + local validip4=$( valid_subnet4 $subnet ) + local validip6=$( valid_subnet6 $subnet ) + + + if [ "$validip4" = "ok" ] || [ "$validip6" = "ok" ] ; then + echo "ok" + else + echo "not" + fi +} +############################################################################## + +private_subnet() { + case "$1" in + 10"."*) echo "ok" ;; + 172"."1[6-9]"."*) echo "ok" ;; + 172"."2[0-9]"."*) echo "ok" ;; + 172"."3[0-1]"."*) echo "ok" ;; + 192"."168"."*) echo "ok" ;; + f[cd][0-9a-f][0-9a-f]":"*) echo "ok" ;; + *) echo "not" ;; + esac +} + +############################################################################## + +domain_ptr_any() { + local subnet=$1 + local arpa validip4 validip6 + + validip4=$( valid_subnet4 $subnet ) + validip6=$( valid_subnet6 $subnet ) + + + if [ "$validip4" = "ok" ] ; then + arpa=$( domain_ptr_ip4 "$subnet" ) + elif [ "$validip6" = "ok" ] ; then + arpa=$( domain_ptr_ip6 "$subnet" ) + fi + + + if [ -n "$arpa" ] ; then + echo $arpa + fi +} + +############################################################################## + +host_ptr_any() { + local subnet=$1 + local arpa validip4 validip6 + + validip4=$( valid_subnet4 $subnet ) + validip6=$( valid_subnet6 $subnet ) + + + if [ "$validip4" = "ok" ] ; then + arpa=$( host_ptr_ip4 "$subnet" ) + elif [ "$validip6" = "ok" ] ; then + arpa=$( host_ptr_ip6 "$subnet" ) + fi + + + if [ -n "$arpa" ] ; then + echo $arpa + fi +} + +############################################################################## + diff --git a/package/network/services/unbound/files/odhcpd.awk b/package/network/services/unbound/files/odhcpd.awk new file mode 100644 index 0000000000..f8912dfe61 --- /dev/null +++ b/package/network/services/unbound/files/odhcpd.awk @@ -0,0 +1,211 @@ +#!/usr/bin/awk +############################################################################## +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Copyright (C) 2016 Eric Luehrsen +# +############################################################################## +# +# Turn DHCP records into meaningful A, AAAA, and PTR records. Also lift a +# function from dnsmasq and use DHCPv4 MAC to find IPV6 SLAAC hosts. +# +# External Parameters +# "conffile" = Unbound configuration left for a restart +# "pipefile" = DNS entries for unbound-control standard input +# "domain" = text domain suffix +# "bslaac" = boolean, use DHCPv4 MAC to find GA and ULA IPV6 SLAAC +# "bisolt" = boolean, format ... so you can isolate +# "bconf" = boolean, write conf file with pipe records +# +############################################################################## + +/^#/ { + # We need to pick out DHCP v4 or v6 records + net = $2 ; id = $3 ; cls = $4 ; hst = $5 ; adr = $9 ; adr2 = $10 + cdr = adr ; + cdr2 = adr2 ; + sub( /\/.*/, "", adr ) ; + sub( /.*\//, "", cdr ) ; + sub( /\/.*/, "", adr2 ) ; + sub( /.*\//, "", cdr2 ) ; + gsub( /_/, "-", hst ) ; + + + if ( hst !~ /^[[:alnum:]]([-[:alnum:]]*[[:alnum:]])?$/ ) { + # that is not a valid host name (RFC1123) + # above replaced common error of "_" in host name with "-" + hst = "-" ; + } + + + if ( bisolt == 1 ) { + # TODO: this might be better with a substituion option, + # or per DHCP pool do-not-DNS option, but its getting busy here. + fqdn = net + gsub( /\./, "-", fqdn ) ; + fqdn = tolower( hst "." fqdn "." domain ) ; + } + + else { + fqdn = tolower( hst "." domain ) ; + } + + + if ((cls == "ipv4") && (hst != "-") && (cdr == 32) && (NF == 9)) { + # IPV4 ; only for provided hostnames and full /32 assignments + # NF=9 ; odhcpd errata in field format without host name + ptr = adr ; qpr = "" ; split( ptr, ptr, "." ) ; + slaac = slaac_eui64( id ) ; + + + if ( bconf == 1 ) { + x = ( "local-data: \"" fqdn ". 300 IN A " adr "\"" ) ; + y = ( "local-data-ptr: \"" adr " 300 " fqdn "\"" ) ; + print ( x "\n" y "\n" ) > conffile ; + } + + + # always create the pipe file + for( i=1; i<=4; i++ ) { qpr = ( ptr[i] "." qpr) ; } + x = ( fqdn ". 300 IN A " adr ) ; + y = ( qpr "in-addr.arpa. 300 IN PTR " fqdn ) ; + print ( x "\n" y ) > pipefile ; + + + if (( bslaac == 1 ) && ( slaac != 0 )) { + # UCI option to discover IPV6 routed SLAAC addresses + # NOT TODO - ping probe take too long when added in awk-rule loop + cmd = ( "ip -6 --oneline route show dev " net ) ; + + + while ( ( cmd | getline adr ) > 0 ) { + if (( substr( adr, 1, 5 ) <= "fdff:" ) \ + && ( index( adr, "::/" ) != 0 ) \ + && ( index( adr, "anycast" ) == 0 ) \ + && ( index( adr, "via" ) == 0 )) { + # GA or ULA routed addresses only (not LL or MC) + sub( /\/.*/, "", adr ) ; + adr = ( adr slaac ) ; + + + if ( split( adr, tmp0, ":" ) > 8 ) { + sub( "::", ":", adr ) ; + } + + + if ( bconf == 1 ) { + x = ( "local-data: \"" fqdn ". 300 IN AAAA " adr "\"" ) ; + y = ( "local-data-ptr: \"" adr " 300 " fqdn "\"" ) ; + print ( x "\n" y "\n" ) > conffile ; + } + + + # always create the pipe file + qpr = ipv6_ptr( adr ) ; + x = ( fqdn ". 300 IN AAAA " adr ) ; + y = ( qpr ". 300 IN PTR " fqdn ) ; + print ( x "\n" y ) > pipefile ; + } + } + + + close( cmd ) ; + } + } + + else if ((cls != "ipv4") && (hst != "-") && (9 <= NF) && (NF <= 10)) { + if (cdr == 128) { + if ( bconf == 1 ) { + x = ( "local-data: \"" fqdn ". 300 IN AAAA " adr "\"" ) ; + y = ( "local-data-ptr: \"" adr " 300 " fqdn "\"" ) ; + print ( x "\n" y "\n" ) > conffile ; + } + + + # only for provided hostnames and full /128 assignments + qpr = ipv6_ptr( adr ) ; + x = ( fqdn ". 300 IN AAAA " adr ) ; + y = ( qpr ". 300 IN PTR " fqdn ) ; + print ( x "\n" y ) > pipefile ; + } + + if (cdr2 == 128) { + if ( bconf == 1 ) { + x = ( "local-data: \"" fqdn ". 300 IN AAAA " adr2 "\"" ) ; + y = ( "local-data-ptr: \"" adr2 " 300 " fqdn "\"" ) ; + print ( x "\n" y "\n" ) > conffile ; + } + + + # odhcp puts GA and ULA on the same line (position 9 and 10) + qpr2 = ipv6_ptr( adr2 ) ; + x = ( fqdn ". 300 IN AAAA " adr2 ) ; + y = ( qpr2 ". 300 IN PTR " fqdn ) ; + print ( x "\n" y ) > pipefile ; + } + } + + else { + # dump non-conforming lease records + } +} + +############################################################################## + +function ipv6_ptr( ipv6, arpa, ary, end, i, j, new6, sz, start ) { + # IPV6 colon flexibility is a challenge when creating [ptr].ip6.arpa. + sz = split( ipv6, ary, ":" ) ; end = 9 - sz ; + + + for( i=1; i<=sz; i++ ) { + if( length(ary[i]) == 0 ) { + for( j=1; j<=end; j++ ) { ary[i] = ( ary[i] "0000" ) ; } + } + + else { + ary[i] = substr( ( "0000" ary[i] ), length( ary[i] )+5-4 ) ; + } + } + + + new6 = ary[1] ; + for( i = 2; i <= sz; i++ ) { new6 = ( new6 ary[i] ) ; } + start = length( new6 ) ; + for( i=start; i>0; i-- ) { arpa = ( arpa substr( new6, i, 1 ) ) ; } ; + gsub( /./, "&\.", arpa ) ; arpa = ( arpa "ip6.arpa" ) ; + + return arpa ; +} + +############################################################################## + +function slaac_eui64( mac, ary, glbit, eui64 ) { + if ( length(mac) >= 12 ) { + # RFC2373 and use DHCPv4 registered MAC to find SLAAC addresses + split( mac , ary , "" ) ; + glbit = ( "0x" ary[2] ) ; + glbit = sprintf( "%d", glbit ) ; + glbit = or( glbit, 2 ) ; + ary[2] = sprintf( "%x", glbit ) ; + eui64 = ( ary[1] ary[2] ary[3] ary[4] ":" ary[5] ary[6] "ff:fe" ) ; + eui64 = ( eui64 ary[7] ary[8] ":" ary[9] ary[10] ary[11] ary[12] ) ; + } + + else { + eui64 = 0 ; + } + + + return eui64 ; +} + +############################################################################## + diff --git a/package/network/services/unbound/files/odhcpd.sh b/package/network/services/unbound/files/odhcpd.sh new file mode 100644 index 0000000000..ecfba9ebbb --- /dev/null +++ b/package/network/services/unbound/files/odhcpd.sh @@ -0,0 +1,124 @@ +#!/bin/sh +############################################################################## +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Copyright (C) 2016 Eric Luehrsen +# +############################################################################## +# +# This script facilitates alternate installation of Unbound+odhcpd and no +# need for dnsmasq. There are some limitations, but it works and is small. +# The lease file is parsed to make "zone-data:" and "local-data:" entries. +# +# config odhcpd 'odhcpd' +# option leasetrigger '/usr/lib/unbound/odhcpd.sh' +# +############################################################################## + +. /lib/functions.sh +. /usr/lib/unbound/defaults.sh + +############################################################################## + +odhcpd_zonedata() { + local dhcp_link=$( uci_get unbound.@unbound[0].dhcp_link ) + local dhcp4_slaac6=$( uci_get unbound.@unbound[0].dhcp4_slaac6 ) + local dhcp_domain=$( uci_get unbound.@unbound[0].domain ) + local dhcp_origin=$( uci_get dhcp.@odhcpd[0].leasefile ) + + + if [ -f "$UB_TOTAL_CONF" ] && [ -f "$dhcp_origin" ] \ + && [ "$dhcp_link" = "odhcpd" ] && [ -n "$dhcp_domain" ] ; then + local longconf dateconf + local dns_ls_add=$UB_VARDIR/dhcp_dns.add + local dns_ls_del=$UB_VARDIR/dhcp_dns.del + local dns_ls_new=$UB_VARDIR/dhcp_dns.new + local dns_ls_old=$UB_VARDIR/dhcp_dns.old + local dhcp_ls_new=$UB_VARDIR/dhcp_lease.new + + # Capture the lease file which could be changing often + sort $dhcp_origin > $dhcp_ls_new + + + if [ ! -f $UB_DHCP_CONF ] || [ ! -f $dns_ls_old ] ; then + # no old files laying around + longconf=freshstart + + else + # incremental at high load or full refresh about each 5 minutes + dateconf=$(( $( date +%s ) - $( date -r $UB_DHCP_CONF +%s ) )) + + + if [ $dateconf -gt 300 ] ; then + longconf=longtime + else + longconf=increment + fi + fi + + + case $longconf in + freshstart) + awk -v conffile=$UB_DHCP_CONF -v pipefile=$dns_ls_new \ + -v domain=$dhcp_domain -v bslaac=$dhcp4_slaac6 \ + -v bisolt=0 -v bconf=1 \ + -f /usr/lib/unbound/odhcpd.awk $dhcp_ls_new + + cp $dns_ls_new $dns_ls_add + cp $dns_ls_new $dns_ls_old + ;; + + longtime) + awk -v conffile=$UB_DHCP_CONF -v pipefile=$dns_ls_new \ + -v domain=$dhcp_domain -v bslaac=$dhcp4_slaac6 \ + -v bisolt=0 -v bconf=1 \ + -f /usr/lib/unbound/odhcpd.awk $dhcp_ls_new + + awk '{ print $1 }' $dns_ls_old | sort | uniq > $dns_ls_del + cp $dns_ls_new $dns_ls_add + cp $dns_ls_new $dns_ls_old + ;; + + *) + # incremental add and prepare the old list for delete later + # unbound-control can be slow so high DHCP rates cannot run a full list + awk -v conffile=$UB_DHCP_CONF -v pipefile=$dns_ls_new \ + -v domain=$dhcp_domain -v bslaac=$dhcp4_slaac6 \ + -v bisolt=0 -v bconf=0 \ + -f /usr/lib/unbound/odhcpd.awk $dhcp_ls_new + + sort $dns_ls_new $dns_ls_old $dns_ls_old | uniq -u > $dns_ls_add + sort $dns_ls_new $dns_ls_old | uniq > $dns_ls_old + ;; + esac + + + if [ -f "$dns_ls_del" ] ; then + cat $dns_ls_del | $UB_CONTROL_CFG local_datas_remove + fi + + + if [ -f "$dns_ls_add" ] ; then + cat $dns_ls_add | $UB_CONTROL_CFG local_datas + fi + + + # prepare next round + rm -f $dns_ls_new $dns_ls_del $dns_ls_add $dhcp_ls_new + fi +} + +############################################################################## + +odhcpd_zonedata + +############################################################################## + diff --git a/package/network/services/unbound/files/root.key b/package/network/services/unbound/files/root.key new file mode 100644 index 0000000000..2de0b62460 --- /dev/null +++ b/package/network/services/unbound/files/root.key @@ -0,0 +1,3 @@ +. IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5 +. IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D + diff --git a/package/network/services/unbound/files/stopping.sh b/package/network/services/unbound/files/stopping.sh new file mode 100644 index 0000000000..cf0ce0561e --- /dev/null +++ b/package/network/services/unbound/files/stopping.sh @@ -0,0 +1,127 @@ +#!/bin/sh +############################################################################## +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Copyright (C) 2016 Eric Luehrsen +# +############################################################################## +# +# This component will copy root.key back to /etc/unbound/ periodically, but +# avoid ROM flash abuse (UCI option). +# +############################################################################## + +. /usr/lib/unbound/defaults.sh + +############################################################################## + +roothints_update() { + # TODO: Might not be implemented. Unbound doesn't natively update hints. + # Unbound philosophy is built in root hints are good for machine life. + return 0 +} + +############################################################################## + +rootkey_update() { + local basekey_date rootkey_date rootkey_age filestuff + local dnssec=$( uci_get unbound.@unbound[0].validator ) + local dnssec_ntp=$( uci_get unbound.@unbound[0].validator_ntp ) + local dnssec_age=$( uci_get unbound.@unbound[0].root_age ) + + # fix empty + [ -z "$dnssec" ] && dnssec=0 + [ -z "$dnssec_ntp" ] && dnssec_ntp=1 + [ -z "$dnssec_age" ] && dnssec_age=9 + + + if [ "$dnssec_age" -gt 90 ] || [ "$dnssec" -lt 1 ] ; then + # Feature disabled + return 0 + + elif [ "$dnssec_ntp" -gt 0 ] && [ ! -f "$UB_TIME_FILE" ] ; then + # We don't have time yet + return 0 + fi + + + if [ -f /etc/unbound/root.key ] ; then + basekey_date=$( date -r /etc/unbound/root.key +%s ) + + else + # No persistent storage key + basekey_date=$( date -d 2000-01-01 +%s ) + fi + + + if [ -f "$UB_RKEY_FILE" ] ; then + # Unbound maintains it itself + rootkey_date=$( date -r $UB_RKEY_FILE +%s ) + rootkey_age=$(( (rootkey_date - basekey_date) / 86440 )) + + elif [ -x "$UB_ANCHOR" ] ; then + # No tmpfs key - use unbound-anchor + rootkey_date=$( date -I +%s ) + rootkey_age=$(( (rootkey_date - basekey_date) / 86440 )) + $UB_ANCHOR -a $UB_RKEY_FILE + + else + # give up + rootkey_age=0 + fi + + + if [ "$rootkey_age" -gt "$dnssec_age" ] ; then + filestuff=$( cat $UB_RKEY_FILE ) + + + case "$filestuff" in + *NOERROR*) + # Header comment for drill and dig + logger -t unbound -s "root.key updated after $rootkey_age days" + cp -p $UB_RKEY_FILE /etc/unbound/root.key + ;; + + *"state=2 [ VALID ]"*) + # Comment inline to key for unbound-anchor + logger -t unbound -s "root.key updated after $rootkey_age days" + cp -p $UB_RKEY_FILE /etc/unbound/root.key + ;; + + *) + logger -t unbound -s "root.key still $rootkey_age days old" + ;; + esac + fi +} + +############################################################################## + +resolv_teardown() { + case $( cat /tmp/resolv.conf ) in + *"generated by Unbound UCI"*) + # our resolver file, reset to auto resolver file. + rm -f /tmp/resolv.conf + ln -s /tmp/resolv.conf.auto /tmp/resolv.conf + ;; + esac +} + +############################################################################## + +unbound_stop() { + resolv_teardown + roothints_update + rootkey_update +} + +############################################################################## + diff --git a/package/network/services/unbound/files/unbound.init b/package/network/services/unbound/files/unbound.init new file mode 100755 index 0000000000..2f2df14834 --- /dev/null +++ b/package/network/services/unbound/files/unbound.init @@ -0,0 +1,84 @@ +#!/bin/sh /etc/rc.common +############################################################################## +# +# Copyright (C) 2016 Michael Hanselmann, Eric Luehrsen +# +############################################################################## +# +# This init script is just the entry point for Unbound UCI. +# +############################################################################## + +START=19 +STOP=50 +USE_PROCD=1 +PROG=/usr/sbin/unbound + +############################################################################## + +boot() { + UB_BOOT=1 + start "$@" +} + +############################################################################## + +start_service() { + if [ -n "$UB_BOOT" ] ; then + # Load procd triggers (rc) and use event IFUP to really start + return 0 + fi + + # complex UCI work + . /usr/lib/unbound/unbound.sh + unbound_start + + # standard procd clause + procd_open_instance "unbound" + procd_set_param command $PROG -d -c $UB_TOTAL_CONF + procd_set_param respawn + procd_close_instance +} + +############################################################################## + +stop_service() { + # clean up + . /usr/lib/unbound/stopping.sh + unbound_stop + + # Wait! on restart Unbound may take time writing closure stats to syslog + pidof $PROG && sleep 1 +} + +############################################################################## + +service_triggers() { + local legacy=$( uci_get unbound.@unbound[0].trigger ) + local triggers=$( uci_get unbound.@unbound[0].trigger_interface ) + local trigger="$triggers $legacy" + + . /usr/lib/unbound/defaults.sh + + + if [ ! -f "$UB_TOTAL_CONF" ] || [ -n "$UB_BOOT" ] ; then + # Unbound can be a bit heavy, so wait some on first start. Any interface + # up affects the trigger delay and will guarantee start. + procd_add_raw_trigger "interface.*.up" 3000 /etc/init.d/unbound restart + + elif [ -n "$triggers" ] ; then + procd_add_reload_trigger "unbound" "dhcp" + + + for trigger in $triggers ; do + # User selected triggers to restart at any other time + procd_add_reload_interface_trigger "$trigger" + done + + else + procd_add_reload_trigger "unbound" "dhcp" + fi +} + +############################################################################## + diff --git a/package/network/services/unbound/files/unbound.ntpd b/package/network/services/unbound/files/unbound.ntpd new file mode 100755 index 0000000000..d9d0deefa5 --- /dev/null +++ b/package/network/services/unbound/files/unbound.ntpd @@ -0,0 +1,27 @@ +#!/bin/sh +############################################################################## +# +# Copyright (C) 2016 Eric Luehrsen +# +############################################################################## +# +# "Restart" Unbound on hotplug NTP ready: +# - Only do this the first time when no file exists +# - Some of Unbound conf options to not reload run time +# - Change the enable flag for DNSSEC date-time checking +# +############################################################################## + +# Common file location definitions +. /usr/lib/unbound/defaults.sh + +############################################################################## + +if [ ! -f "$UB_TIME_FILE" -a "$ACTION" = stratum ] ; then + date -Is > $UB_TIME_FILE + /etc/init.d/unbound enabled && /etc/init.d/unbound restart + # Yes, hard RESTART. We need to be absolutely sure to enable DNSSEC. +fi + +############################################################################## + diff --git a/package/network/services/unbound/files/unbound.sh b/package/network/services/unbound/files/unbound.sh new file mode 100644 index 0000000000..83717fefb5 --- /dev/null +++ b/package/network/services/unbound/files/unbound.sh @@ -0,0 +1,1458 @@ +#!/bin/sh +############################################################################## +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Copyright (C) 2016 Eric Luehrsen +# +############################################################################## +# +# Unbound is a full featured recursive server with many options. The UCI +# provided tries to simplify and bundle options. This should make Unbound +# easier to deploy. Even light duty routers may resolve recursively instead of +# depending on a stub with the ISP. The UCI also attempts to replicate dnsmasq +# features as used in base LEDE/OpenWrt. If there is a desire for more +# detailed tuning, then manual conf file overrides are also made available. +# +############################################################################## + +UB_B_SLAAC6_MAC=0 +UB_B_DNSSEC=0 +UB_B_DNS64=0 +UB_B_EXT_STATS=0 +UB_B_GATE_NAME=0 +UB_B_HIDE_BIND=1 +UB_B_LOCL_BLCK=0 +UB_B_LOCL_SERV=1 +UB_B_MAN_CONF=0 +UB_B_NTP_BOOT=1 +UB_B_QUERY_MIN=0 +UB_B_QRY_MINST=0 +UB_B_AUTH_ROOT=0 + +UB_D_CONTROL=0 +UB_D_DOMAIN_TYPE=static +UB_D_DHCP_LINK=none +UB_D_EXTRA_DNS=0 +UB_D_LAN_FQDN=0 +UB_D_PRIV_BLCK=1 +UB_D_PROTOCOL=mixed +UB_D_RESOURCE=small +UB_D_RECURSION=passive +UB_D_VERBOSE=1 +UB_D_WAN_FQDN=0 + +UB_IP_DNS64="64:ff9b::/96" + +UB_N_EDNS_SIZE=1280 +UB_N_RX_PORT=53 +UB_N_ROOT_AGE=9 +UB_N_THREADS=1 + +UB_TTL_MIN=120 +UB_TXT_DOMAIN=lan +UB_TXT_HOSTNAME=thisrouter + +############################################################################## + +# reset as a combo with UB_B_NTP_BOOT and some time stamp files +UB_B_READY=1 + +# keep track of assignments during inserted resource records +UB_LIST_NETW_ALL="" +UB_LIST_NETW_LAN="" +UB_LIST_NETW_WAN="" +UB_LIST_INSECURE="" +UB_LIST_ZONE_SERVERS="" +UB_LIST_ZONE_NAMES="" + +############################################################################## + +. /lib/functions.sh +. /lib/functions/network.sh + +. /usr/lib/unbound/defaults.sh +. /usr/lib/unbound/dnsmasq.sh +. /usr/lib/unbound/iptools.sh + +############################################################################## + +bundle_all_networks() { + local cfg="$1" + local ifname ifdashname validip + local subnet subnets subnets4 subnets6 + + network_get_subnets subnets4 "$cfg" + network_get_subnets6 subnets6 "$cfg" + network_get_device ifname "$cfg" + + ifdashname="${ifname//./-}" + subnets="$subnets4 $subnets6" + + + if [ -n "$subnets" ] ; then + for subnet in $subnets ; do + validip=$( valid_subnet_any $subnet ) + + + if [ "$validip" = "ok" ] ; then + UB_LIST_NETW_ALL="$UB_LIST_NETW_ALL $ifdashname@$subnet" + fi + done + fi +} + +############################################################################## + +bundle_lan_networks() { + local cfg="$1" + local interface ifsubnet ifname ifdashname ignore + + config_get_bool ignore "$cfg" ignore 0 + config_get interface "$cfg" interface "" + network_get_device ifname "$interface" + ifdashname="${ifname//./-}" + + + if [ "$ignore" -eq 0 ] && [ -n "$ifdashname" ] \ + && [ -n "$UB_LIST_NETW_ALL" ] ; then + for ifsubnet in $UB_LIST_NETW_ALL ; do + case $ifsubnet in + "${ifdashname}"@*) + # Special GLA protection for local block; ULA protected as a catagory + UB_LIST_NETW_LAN="$UB_LIST_NETW_LAN $ifsubnet" + ;; + esac + done + fi +} + +############################################################################## + +bundle_wan_networks() { + local ifsubnet + + + if [ -n "$UB_LIST_NETW_ALL" ] ; then + for ifsubnet in $UB_LIST_NETW_ALL ; do + case $UB_LIST_NETW_LAN in + *"${ifsubnet}"*) + # If LAN, then not WAN ... + ;; + + *) + UB_LIST_NETW_WAN="$UB_LIST_NETW_WAN $ifsubnet" + ;; + esac + done + fi +} + +############################################################################## + +bundle_resolv_conf_servers() { + local resolvers=$( awk '/nameserver/ { print $2 }' /tmp/resolv.conf.auto ) + UB_LIST_ZONE_SERVERS="$UB_LIST_ZONE_SERVERS $resolvers" +} + +############################################################################## + +bundle_zone_names() { + UB_LIST_ZONE_NAMES="$UB_LIST_ZONE_NAMES $1" +} + +############################################################################## + +bundle_zone_servers() { + UB_LIST_ZONE_SERVERS="$UB_LIST_ZONE_SERVERS $1" +} + +############################################################################## + +bundle_domain_insecure() { + UB_LIST_INSECURE="$UB_LIST_INSECURE $1" +} + +############################################################################## + +unbound_mkdir() { + local filestuff + + + if [ "$UB_D_DHCP_LINK" = "odhcpd" ] ; then + local dhcp_origin=$( uci_get dhcp.@odhcpd[0].leasefile ) + local dhcp_dir=$( dirname $dhcp_origin ) + + + if [ ! -d "$dhcp_dir" ] ; then + # make sure odhcpd has a directory to write (not done itself, yet) + mkdir -p "$dhcp_dir" + fi + fi + + + if [ -f $UB_RKEY_FILE ] ; then + filestuff=$( cat $UB_RKEY_FILE ) + + + case "$filestuff" in + *"state=2 [ VALID ]"*) + # Lets not lose RFC 5011 tracking if we don't have to + cp -p $UB_RKEY_FILE $UB_RKEY_FILE.keep + ;; + esac + fi + + + # Blind copy /etc/unbound to /var/lib/unbound + mkdir -p $UB_VARDIR + rm -f $UB_VARDIR/dhcp_* + touch $UB_TOTAL_CONF + cp -p /etc/unbound/* $UB_VARDIR/ + + + if [ ! -f $UB_RHINT_FILE ] ; then + if [ -f /usr/share/dns/root.hints ] ; then + # Debian-like package dns-root-data + cp -p /usr/share/dns/root.hints $UB_RHINT_FILE + + elif [ "$UB_B_READY" -eq 0 ] ; then + logger -t unbound -s "default root hints (built in root-servers.net)" + fi + fi + + + if [ ! -f $UB_RKEY_FILE ] ; then + if [ -f /usr/share/dns/root.key ] ; then + # Debian-like package dns-root-data + cp -p /usr/share/dns/root.key $UB_RKEY_FILE + + elif [ -x $UB_ANCHOR ] ; then + $UB_ANCHOR -a $UB_RKEY_FILE + + elif [ "$UB_B_READY" -eq 0 ] ; then + logger -t unbound -s "default trust anchor (built in root DS record)" + fi + fi + + + if [ -f $UB_RKEY_FILE.keep ] ; then + # root.key.keep is reused if newest + cp -u $UB_RKEY_FILE.keep $UB_RKEY_FILE + rm -f $UB_RKEY_FILE.keep + fi + + + if [ -f $UB_TLS_ETC_FILE ] ; then + # copy the cert bundle into jail + cp -p $UB_TLS_ETC_FILE $UB_TLS_FWD_FILE + fi + + + # Ensure access and prepare to jail + chown -R unbound:unbound $UB_VARDIR + chmod 755 $UB_VARDIR + chmod 644 $UB_VARDIR/* + + + if [ -f $UB_CTLKEY_FILE ] || [ -f $UB_CTLPEM_FILE ] \ + || [ -f $UB_SRVKEY_FILE ] || [ -f $UB_SRVPEM_FILE ] ; then + # Keys (some) exist already; do not create new ones + chmod 640 $UB_CTLKEY_FILE $UB_CTLPEM_FILE \ + $UB_SRVKEY_FILE $UB_SRVPEM_FILE + + elif [ -x /usr/sbin/unbound-control-setup ] ; then + case "$UB_D_CONTROL" in + [2-3]) + # unbound-control-setup for encrypt opt. 2 and 3, but not 4 "static" + /usr/sbin/unbound-control-setup -d $UB_VARDIR + + chown -R unbound:unbound $UB_CTLKEY_FILE $UB_CTLPEM_FILE \ + $UB_SRVKEY_FILE $UB_SRVPEM_FILE + + chmod 640 $UB_CTLKEY_FILE $UB_CTLPEM_FILE \ + $UB_SRVKEY_FILE $UB_SRVPEM_FILE + + cp -p $UB_CTLKEY_FILE /etc/unbound/unbound_control.key + cp -p $UB_CTLPEM_FILE /etc/unbound/unbound_control.pem + cp -p $UB_SRVKEY_FILE /etc/unbound/unbound_server.key + cp -p $UB_SRVPEM_FILE /etc/unbound/unbound_server.pem + ;; + esac + fi + + + if [ -f "$UB_TIME_FILE" ] ; then + # NTP is done so its like you actually had an RTC + UB_B_READY=1 + UB_B_NTP_BOOT=0 + + elif [ "$UB_B_NTP_BOOT" -eq 0 ] ; then + # time is considered okay on this device (ignore /etc/hotplug/ntpd/unbound) + date -Is > $UB_TIME_FILE + UB_B_READY=0 + UB_B_NTP_BOOT=0 + + else + # DNSSEC-TIME will not reconcile + UB_B_READY=0 + UB_B_NTP_BOOT=1 + fi +} + +############################################################################## + +unbound_control() { + echo "# $UB_CTRL_CONF generated by UCI $( date -Is )" > $UB_CTRL_CONF + + + if [ "$UB_D_CONTROL" -gt 1 ] ; then + if [ ! -f $UB_CTLKEY_FILE ] || [ ! -f $UB_CTLPEM_FILE ] \ + || [ ! -f $UB_SRVKEY_FILE ] || [ ! -f $UB_SRVPEM_FILE ] ; then + # Key files need to be present; if unbound-control-setup was found, then + # they might have been made during unbound_makedir() above. + UB_D_CONTROL=0 + fi + fi + + + case "$UB_D_CONTROL" in + 1) + { + # Local Host Only Unencrypted Remote Control + echo "remote-control:" + echo " control-enable: yes" + echo " control-use-cert: no" + echo " control-interface: 127.0.0.1" + echo " control-interface: ::1" + echo + } >> $UB_CTRL_CONF + ;; + + 2) + { + # Local Host Only Encrypted Remote Control + echo "remote-control:" + echo " control-enable: yes" + echo " control-use-cert: yes" + echo " control-interface: 127.0.0.1" + echo " control-interface: ::1" + echo " server-key-file: $UB_SRVKEY_FILE" + echo " server-cert-file: $UB_SRVPEM_FILE" + echo " control-key-file: $UB_CTLKEY_FILE" + echo " control-cert-file: $UB_CTLPEM_FILE" + echo + } >> $UB_CTRL_CONF + ;; + + [3-4]) + { + # Network Encrypted Remote Control + # (3) may auto setup and (4) must have static key/pem files + # TODO: add UCI list for interfaces to bind + echo "remote-control:" + echo " control-enable: yes" + echo " control-use-cert: yes" + echo " control-interface: 0.0.0.0" + echo " control-interface: ::0" + echo " server-key-file: $UB_SRVKEY_FILE" + echo " server-cert-file: $UB_SRVPEM_FILE" + echo " control-key-file: $UB_CTLKEY_FILE" + echo " control-cert-file: $UB_CTLPEM_FILE" + echo + } >> $UB_CTRL_CONF + ;; + esac +} + +############################################################################## + +unbound_zone() { + local cfg=$1 + local servers_ip="" + local servers_host="" + local zone_sym zone_name zone_type zone_enabled zone_file + local tls_upstream fallback + local server port tls_port tls_index tls_suffix url_dir + + if [ ! -f "$UB_ZONE_CONF" ] ; then + echo "# $UB_ZONE_CONF generated by UCI $( date -Is )" > $UB_ZONE_CONF + fi + + + config_get_bool zone_enabled "$cfg" enabled 0 + + + if [ "$zone_enabled" -eq 1 ] ; then + # these lists are built for each zone; empty to start + UB_LIST_ZONE_NAMES="" + UB_LIST_ZONE_SERVERS="" + + config_get zone_type "$cfg" zone_type "" + config_get port "$cfg" port "" + config_get tls_index "$cfg" tls_index "" + config_get tls_port "$cfg" tls_port 853 + config_get url_dir "$cfg" url_dir "" + + config_get_bool resolv_conf "$cfg" resolv_conf 0 + config_get_bool fallback "$cfg" fallback 1 + config_get_bool tls_upstream "$cfg" tls_upstream 0 + + config_list_foreach "$cfg" zone_name bundle_zone_names + config_list_foreach "$cfg" server bundle_zone_servers + + # string formating for Unbound syntax + tls_suffix="${tls_port:+@${tls_port}${tls_index:+#${tls_index}}}" + [ "$fallback" -eq 0 ] && fallback=no || fallback=yes + [ "$tls_upstream" -eq 0 ] && tls_upstream=no || tls_upstream=yes + + + if [ $resolv_conf -eq 1 ] ; then + bundle_resolv_conf_servers + fi + + else + zone_type=skip + fi + + + case $zone_type in + auth_zone) + if [ "$UB_B_NTP_BOOT" -eq 0 ] && [ -n "$UB_LIST_ZONE_NAMES" ] \ + && { [ -n "$url_dir" ] || [ -n "$UB_LIST_ZONE_SERVERS" ] ; } ; then + # Note AXFR may have large downloads. If NTP restart is configured, + # then this can cause procd to force a process kill. + for zone_name in $UB_LIST_ZONE_NAMES ; do + if [ "$zone_name" = "." ] ; then + zone_sym=. + zone_name=root + zone_file=root.zone + else + zone_sym=$zone_name + zone_file=$zone_name.zone + zone_file=${zone_file//../.} + fi + + + { + # generate an auth-zone: with switches for prefetch cache + echo "auth-zone:" + echo " name: $zone_sym" + for server in $UB_LIST_ZONE_SERVERS ; do + echo " master: $server${port:+@${port}}" + done + if [ -n "$url_dir" ] ; then + echo " url: $url_dir$zone_file" + fi + echo " fallback-enabled: $fallback" + echo " for-downstream: no" + echo " for-upstream: yes" + echo " zonefile: $zone_file" + echo + } >> $UB_ZONE_CONF + done + fi + ;; + + forward_zone) + if [ ! -f $UB_TLS_FWD_FILE ] && [ "$tls_upstream" = "yes" ] ; then + logger -p 4 -t unbound -s \ + "Forward-zone TLS benefits from authentication in package 'ca-bundle'" + fi + + + if [ -n "$UB_LIST_ZONE_NAMES" ] && [ -n "$UB_LIST_ZONE_SERVERS" ] ; then + for server in $UB_LIST_ZONE_SERVERS ; do + if [ "$( valid_subnet_any $server )" = "not" ] ; then + case $server in + *@[0-9]*) + # unique Unbound option for server host name + servers_host="$servers_host $server" + ;; + + *) + if [ "$tls_upstream" = "yes" ] ; then + servers_host="$servers_host $server${tls_port:+@${tls_port}}" + else + servers_host="$servers_host $server${port:+@${port}}" + fi + esac + + else + case $server in + *[0-9]@[0-9]*) + # unique Unbound option for server address + servers_ip="$servers_ip $server" + ;; + + *) + if [ "$tls_upstream" = "yes" ] ; then + servers_ip="$servers_ip $server$tls_suffix" + else + servers_ip="$servers_ip $server${port:+@${port}}" + fi + esac + fi + done + + + for zonename in $UB_LIST_ZONE_NAMES ; do + { + # generate a forward-zone with or without tls + echo "forward-zone:" + echo " name: $zonename" + for server in $servers_host ; do + echo " forward-host: $server" + done + for server in $servers_ip ; do + echo " forward-addr: $server" + done + echo " forward-first: $fallback" + echo " forward-tls-upstream: $tls_upstream" + echo + } >> $UB_ZONE_CONF + done + fi + ;; + + stub_zone) + if [ -n "$UB_LIST_ZONE_NAMES" ] && [ -n "$UB_LIST_ZONE_SERVERS" ] ; then + for zonename in $UB_LIST_ZONE_NAMES ; do + { + # generate a stub-zone: or ensure short cut to authority NS + echo "stub-zone:" + echo " name: $zonename" + for server in $UB_LIST_ZONE_SERVERS ; do + echo " stub-addr: $server${port:+@${port}}" + done + echo " stub-first: $fallback" + echo + } >> $UB_ZONE_CONF + done + fi + ;; + esac +} + +############################################################################## + +unbound_conf() { + local rt_mem rt_conn rt_buff modulestring domain ifsubnet + + { + # server: for this whole function + echo "# $UB_CORE_CONF generated by UCI $( date -Is )" + echo "server:" + echo " username: unbound" + echo " chroot: $UB_VARDIR" + echo " directory: $UB_VARDIR" + echo " pidfile: $UB_PIDFILE" + } > $UB_CORE_CONF + + + if [ -f "$UB_TLS_FWD_FILE" ] ; then + # TLS cert bundle for upstream forwarder and https zone files + # This is loaded before drop to root, so pull from /etc/ssl + echo " tls-cert-bundle: $UB_TLS_FWD_FILE" >> $UB_CORE_CONF + fi + + + if [ -f "$UB_RHINT_FILE" ] ; then + # Optional hints if found + echo " root-hints: $UB_RHINT_FILE" >> $UB_CORE_CONF + fi + + + if [ "$UB_B_DNSSEC" -gt 0 ] && [ -f "$UB_RKEY_FILE" ] ; then + { + echo " auto-trust-anchor-file: $UB_RKEY_FILE" + echo + } >> $UB_CORE_CONF + + else + echo >> $UB_CORE_CONF + fi + + + if [ "$UB_N_THREADS" -gt 1 ] \ + && $PROG -V | grep -q "Linked libs:.*libevent" ; then + # heavy variant using "threads" may need substantial resources + echo " num-threads: 2" >> $UB_CORE_CONF + else + # light variant with one "process" is much more efficient with light traffic + echo " num-threads: 1" >> $UB_CORE_CONF + fi + + + { + # Limited threading (2) with one shared slab + echo " msg-cache-slabs: 1" + echo " rrset-cache-slabs: 1" + echo " infra-cache-slabs: 1" + echo " key-cache-slabs: 1" + echo + # Logging + echo " use-syslog: yes" + echo " statistics-interval: 0" + echo " statistics-cumulative: no" + } >> $UB_CORE_CONF + + + if [ "$UB_D_VERBOSE" -ge 0 ] && [ "$UB_D_VERBOSE" -le 5 ] ; then + echo " verbosity: $UB_D_VERBOSE" >> $UB_CORE_CONF + fi + + + if [ "$UB_B_EXT_STATS" -gt 0 ] ; then + { + # Log More + echo " extended-statistics: yes" + echo + } >> $UB_CORE_CONF + + else + { + # Log Less + echo " extended-statistics: no" + echo + } >> $UB_CORE_CONF + fi + + + case "$UB_D_PROTOCOL" in + ip4_only) + { + echo " edns-buffer-size: $UB_N_EDNS_SIZE" + echo " port: $UB_N_RX_PORT" + echo " outgoing-port-permit: 10240-65535" + echo " interface: 0.0.0.0" + echo " outgoing-interface: 0.0.0.0" + echo " do-ip4: yes" + echo " do-ip6: no" + echo + } >> $UB_CORE_CONF + ;; + + ip6_only) + { + echo " edns-buffer-size: $UB_N_EDNS_SIZE" + echo " port: $UB_N_RX_PORT" + echo " outgoing-port-permit: 10240-65535" + echo " interface: ::0" + echo " outgoing-interface: ::0" + echo " do-ip4: no" + echo " do-ip6: yes" + echo + } >> $UB_CORE_CONF + ;; + + ip6_local) + { + echo " edns-buffer-size: $UB_N_EDNS_SIZE" + echo " port: $UB_N_RX_PORT" + echo " outgoing-port-permit: 10240-65535" + echo " interface: 0.0.0.0" + echo " interface: ::0" + echo " outgoing-interface: 0.0.0.0" + echo " do-ip4: yes" + echo " do-ip6: yes" + echo + } >> $UB_CORE_CONF + ;; + + ip6_prefer) + { + echo " edns-buffer-size: $UB_N_EDNS_SIZE" + echo " port: $UB_N_RX_PORT" + echo " outgoing-port-permit: 10240-65535" + echo " interface: 0.0.0.0" + echo " interface: ::0" + echo " outgoing-interface: 0.0.0.0" + echo " outgoing-interface: ::0" + echo " do-ip4: yes" + echo " do-ip6: yes" + echo " prefer-ip6: yes" + echo + } >> $UB_CORE_CONF + ;; + + mixed) + { + # Interface Wildcard (access contol handled by "option local_service") + echo " edns-buffer-size: $UB_N_EDNS_SIZE" + echo " port: $UB_N_RX_PORT" + echo " outgoing-port-permit: 10240-65535" + echo " interface: 0.0.0.0" + echo " interface: ::0" + echo " outgoing-interface: 0.0.0.0" + echo " outgoing-interface: ::0" + echo " do-ip4: yes" + echo " do-ip6: yes" + echo + } >> $UB_CORE_CONF + ;; + + *) + if [ "$UB_B_READY" -eq 0 ] ; then + logger -t unbound -s "default protocol configuration" + fi + + + { + # outgoing-interface has useful defaults; incoming is localhost though + echo " edns-buffer-size: $UB_N_EDNS_SIZE" + echo " port: $UB_N_RX_PORT" + echo " outgoing-port-permit: 10240-65535" + echo " interface: 0.0.0.0" + echo " interface: ::0" + echo + } >> $UB_CORE_CONF + ;; + esac + + + case "$UB_D_RESOURCE" in + # Tiny - Unbound's recommended cheap hardware config + tiny) rt_mem=1 ; rt_conn=2 ; rt_buff=1 ;; + # Small - Half RRCACHE and open ports + small) rt_mem=8 ; rt_conn=10 ; rt_buff=2 ;; + # Medium - Nearly default but with some added balancintg + medium) rt_mem=16 ; rt_conn=15 ; rt_buff=4 ;; + # Large - Double medium + large) rt_mem=32 ; rt_conn=20 ; rt_buff=4 ;; + # Whatever unbound does + *) rt_mem=0 ; rt_conn=0 ;; + esac + + + if [ "$rt_mem" -gt 0 ] ; then + { + # Other harding and options for an embedded router + echo " harden-short-bufsize: yes" + echo " harden-large-queries: yes" + echo " harden-glue: yes" + echo " use-caps-for-id: no" + echo + # Set memory sizing parameters + echo " msg-buffer-size: $(($rt_buff*8192))" + echo " outgoing-range: $(($rt_conn*32))" + echo " num-queries-per-thread: $(($rt_conn*16))" + echo " outgoing-num-tcp: $(($rt_conn))" + echo " incoming-num-tcp: $(($rt_conn))" + echo " rrset-cache-size: $(($rt_mem*256))k" + echo " msg-cache-size: $(($rt_mem*128))k" + echo " key-cache-size: $(($rt_mem*128))k" + echo " neg-cache-size: $(($rt_mem*64))k" + echo " infra-cache-numhosts: $(($rt_mem*256))" + echo + } >> $UB_CORE_CONF + + elif [ "$UB_B_READY" -eq 0 ] ; then + logger -t unbound -s "default memory configuration" + fi + + + # Assembly of module-config: options is tricky; order matters + modulestring="iterator" + + + if [ "$UB_B_DNSSEC" -gt 0 ] ; then + if [ "$UB_B_NTP_BOOT" -gt 0 ] ; then + # DNSSEC chicken and egg with getting NTP time + echo " val-override-date: -1" >> $UB_CORE_CONF + fi + + + { + echo " harden-dnssec-stripped: yes" + echo " val-clean-additional: yes" + echo " ignore-cd-flag: yes" + } >> $UB_CORE_CONF + + + modulestring="validator $modulestring" + fi + + + if [ "$UB_B_DNS64" -gt 0 ] ; then + echo " dns64-prefix: $UB_IP_DNS64" >> $UB_CORE_CONF + + modulestring="dns64 $modulestring" + fi + + + { + # Print final module string + echo " module-config: \"$modulestring\"" + echo + } >> $UB_CORE_CONF + + + case "$UB_D_RECURSION" in + passive) + { + # Some query privacy but "strict" will break some servers + if [ "$UB_B_QRY_MINST" -gt 0 ] && [ "$UB_B_QUERY_MIN" -gt 0 ] ; then + echo " qname-minimisation: yes" + echo " qname-minimisation-strict: yes" + elif [ "$UB_B_QUERY_MIN" -gt 0 ] ; then + echo " qname-minimisation: yes" + else + echo " qname-minimisation: no" + fi + # Use DNSSEC to quickly understand NXDOMAIN ranges + if [ "$UB_B_DNSSEC" -gt 0 ] ; then + echo " aggressive-nsec: yes" + echo " prefetch-key: no" + fi + # On demand fetching + echo " prefetch: no" + echo " target-fetch-policy: \"0 0 0 0 0\"" + echo + } >> $UB_CORE_CONF + ;; + + aggressive) + { + # Some query privacy but "strict" will break some servers + if [ "$UB_B_QRY_MINST" -gt 0 ] && [ "$UB_B_QUERY_MIN" -gt 0 ] ; then + echo " qname-minimisation: yes" + echo " qname-minimisation-strict: yes" + elif [ "$UB_B_QUERY_MIN" -gt 0 ] ; then + echo " qname-minimisation: yes" + else + echo " qname-minimisation: no" + fi + # Use DNSSEC to quickly understand NXDOMAIN ranges + if [ "$UB_B_DNSSEC" -gt 0 ] ; then + echo " aggressive-nsec: yes" + echo " prefetch-key: yes" + fi + # Prefetch what can be + echo " prefetch: yes" + echo " target-fetch-policy: \"3 2 1 0 0\"" + echo + } >> $UB_CORE_CONF + ;; + + *) + if [ "$UB_B_READY" -eq 0 ] ; then + logger -t unbound -s "default recursion configuration" + fi + ;; + esac + + + { + # Reload records more than 20 hours old + # DNSSEC 5 minute bogus cool down before retry + # Adaptive infrastructure info kept for 15 minutes + echo " cache-min-ttl: $UB_TTL_MIN" + echo " cache-max-ttl: 72000" + echo " val-bogus-ttl: 300" + echo " infra-host-ttl: 900" + echo + } >> $UB_CORE_CONF + + + if [ "$UB_B_HIDE_BIND" -gt 0 ] ; then + { + # Block server id and version DNS TXT records + echo " hide-identity: yes" + echo " hide-version: yes" + echo + } >> $UB_CORE_CONF + fi + + + if [ "$UB_D_PRIV_BLCK" -gt 0 ] ; then + { + # Remove _upstream_ or global reponses with private addresses. + # Unbounds own "local zone" and "forward zone" may still use these. + # RFC1918, RFC3927, RFC4291, RFC6598, RFC6890 + echo " private-address: 10.0.0.0/8" + echo " private-address: 100.64.0.0/10" + echo " private-address: 169.254.0.0/16" + echo " private-address: 172.16.0.0/12" + echo " private-address: 192.168.0.0/16" + echo " private-address: fc00::/7" + echo " private-address: fe80::/10" + echo + } >> $UB_CORE_CONF + fi + + + if [ -n "$UB_LIST_NETW_LAN" ] && [ "$UB_D_PRIV_BLCK" -gt 1 ] ; then + { + for ifsubnet in $UB_LIST_NETW_LAN ; do + case $ifsubnet in + *@[1-9][0-9a-f][0-9a-f][0-9a-f]:*:[0-9a-f]*) + # Remove global DNS responses with your local network IP6 GLA + echo " private-address: ${ifsubnet#*@}" + ;; + esac + done + echo + } >> $UB_CORE_CONF + fi + + + if [ "$UB_B_LOCL_BLCK" -gt 0 ] ; then + { + # Remove DNS reponses from upstream with loopback IP + # Black hole DNS method for ad blocking, so consider... + echo " private-address: 127.0.0.0/8" + echo " private-address: ::1/128" + echo + } >> $UB_CORE_CONF + fi + + + if [ -n "$UB_LIST_INSECURE" ] ; then + { + for domain in $UB_LIST_INSECURE ; do + # Except and accept domains without (DNSSEC); work around broken domains + echo " domain-insecure: $domain" + done + echo + } >> $UB_CORE_CONF + fi + + + if [ "$UB_B_LOCL_SERV" -gt 0 ] && [ -n "$UB_LIST_NETW_ALL" ] ; then + { + for ifsubnet in $UB_LIST_NETW_ALL ; do + # Only respond to queries from subnets which have an interface. + # Prevent DNS amplification attacks by not responding to the universe. + echo " access-control: ${ifsubnet#*@} allow" + done + echo " access-control: 127.0.0.0/8 allow" + echo " access-control: ::1/128 allow" + echo " access-control: fe80::/10 allow" + echo + } >> $UB_CORE_CONF + + else + { + echo " access-control: 0.0.0.0/0 allow" + echo " access-control: ::0/0 allow" + echo + } >> $UB_CORE_CONF + fi +} + +############################################################################## + +unbound_hostname() { + local ifsubnet ifarpa ifaddr ifname iffqdn + local ulaprefix hostfqdn name names namerec ptrrec + local zonetype=0 + + echo "# $UB_HOST_CONF generated by UCI $( date -Is )" > $UB_HOST_CONF + + + if [ "$UB_D_DHCP_LINK" = "dnsmasq" ] ; then + { + echo "# Local zone is handled by dnsmasq" + echo + } >> $UB_HOST_CONF + + elif [ -n "$UB_TXT_DOMAIN" ] \ + && { [ "$UB_D_WAN_FQDN" -gt 0 ] || [ "$UB_D_LAN_FQDN" -gt 0 ] ; } ; then + case "$UB_D_DOMAIN_TYPE" in + deny|inform_deny|refuse|static) + { + # type static means only this router has your domain + echo " domain-insecure: $UB_TXT_DOMAIN" + echo " private-domain: $UB_TXT_DOMAIN" + echo " local-zone: $UB_TXT_DOMAIN $UB_D_DOMAIN_TYPE" + echo " local-data: \"$UB_TXT_DOMAIN. $UB_XSOA\"" + echo " local-data: \"$UB_TXT_DOMAIN. $UB_XNS\"" + echo " local-data: '$UB_TXT_DOMAIN. $UB_XTXT'" + echo + if [ "$UB_TXT_DOMAIN" != "local" ] ; then + # avoid involvement in RFC6762, unless it is the local zone name + echo " local-zone: local always_nxdomain" + echo + fi + } >> $UB_HOST_CONF + zonetype=2 + ;; + + inform|transparent|typetransparent) + { + # transparent will permit forward-zone: or stub-zone: clauses + echo " private-domain: $UB_TXT_DOMAIN" + echo " local-zone: $UB_TXT_DOMAIN $UB_D_DOMAIN_TYPE" + echo + } >> $UB_HOST_CONF + zonetype=1 + ;; + esac + + + { + # Hostname as TLD works, but not transparent through recursion (singular) + echo " domain-insecure: $UB_TXT_HOSTNAME" + echo " private-domain: $UB_TXT_HOSTNAME" + echo " local-zone: $UB_TXT_HOSTNAME static" + echo " local-data: \"$UB_TXT_HOSTNAME. $UB_XSOA\"" + echo " local-data: \"$UB_TXT_HOSTNAME. $UB_XNS\"" + echo " local-data: '$UB_TXT_HOSTNAME. $UB_XTXT'" + echo + } >> $UB_HOST_CONF + + + if [ -n "$UB_LIST_NETW_WAN" ] ; then + for ifsubnet in $UB_LIST_NETW_WAN ; do + ifaddr=${ifsubnet#*@} + ifaddr=${ifaddr%/*} + ifarpa=$( host_ptr_any "$ifaddr" ) + + + if [ -n "$ifarpa" ] ; then + if [ "$UB_D_WAN_FQDN" -gt 0 ] ; then + { + # Create a static zone for WAN host record only (singular) + echo " domain-insecure: $ifarpa" + echo " private-address: $ifaddr" + echo " local-zone: $ifarpa static" + echo " local-data: \"$ifarpa. $UB_XSOA\"" + echo " local-data: \"$ifarpa. $UB_XNS\"" + echo " local-data: '$ifarpa. $UB_MTXT'" + echo + } >> $UB_HOST_CONF + + elif [ "$zonetype" -gt 0 ] ; then + { + echo " local-zone: $ifarpa transparent" + echo + } >> $UB_HOST_CONF + fi + fi + done + fi + + + if [ -n "$UB_LIST_NETW_LAN" ] ; then + for ifsubnet in $UB_LIST_NETW_LAN ; do + ifarpa=$( domain_ptr_any "${ifsubnet#*@}" ) + + + if [ -n "$ifarpa" ] ; then + if [ "$zonetype" -eq 2 ] ; then + { + # Do NOT forward queries with your ip6.arpa or in-addr.arpa + echo " domain-insecure: $ifarpa" + echo " local-zone: $ifarpa static" + echo " local-data: \"$ifarpa. $UB_XSOA\"" + echo " local-data: \"$ifarpa. $UB_XNS\"" + echo " local-data: '$ifarpa. $UB_XTXT'" + echo + } >> $UB_HOST_CONF + + elif [ "$zonetype" -eq 1 ] && [ "$UB_D_PRIV_BLCK" -eq 0 ] ; then + { + echo " local-zone: $ifarpa transparent" + echo + } >> $UB_HOST_CONF + fi + fi + done + fi + + + ulaprefix=$( uci_get network.@globals[0].ula_prefix ) + ulaprefix=${ulaprefix%%:/*} + hostfqdn="$UB_TXT_HOSTNAME.$UB_TXT_DOMAIN" + + + if [ -z "$ulaprefix" ] ; then + # Nonsense so this option isn't globbed below + ulaprefix="fdno:such:addr::" + fi + + + if [ "$UB_LIST_NETW_LAN" ] && [ "$UB_D_LAN_FQDN" -gt 0 ] ; then + for ifsubnet in $UB_LIST_NETW_LAN ; do + ifaddr=${ifsubnet#*@} + ifaddr=${ifaddr%/*} + ifname=${ifsubnet%@*} + iffqdn="$ifname.$hostfqdn" + + + if [ "$UB_D_LAN_FQDN" -eq 4 ] ; then + names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME" + ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\"" + echo "$ptrrec" >> $UB_HOST_CONF + + elif [ "$UB_D_LAN_FQDN" -eq 3 ] ; then + names="$hostfqdn $UB_TXT_HOSTNAME" + ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\"" + echo "$ptrrec" >> $UB_HOST_CONF + + else + names="$UB_TXT_HOSTNAME" + ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\"" + echo "$ptrrec" >> $UB_HOST_CONF + fi + + + for name in $names ; do + case $ifaddr in + "${ulaprefix}"*) + # IP6 ULA only is assigned for OPTION 1 + namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\"" + echo "$namerec" >> $UB_HOST_CONF + ;; + + [1-9]*.*[0-9]) + namerec=" local-data: \"$name. 300 IN A $ifaddr\"" + echo "$namerec" >> $UB_HOST_CONF + ;; + + *) + if [ "$UB_D_LAN_FQDN" -gt 1 ] ; then + # IP6 GLA is assigned for higher options + namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\"" + echo "$namerec" >> $UB_HOST_CONF + fi + ;; + esac + done + echo >> $UB_HOST_CONF + done + fi + + + if [ -n "$UB_LIST_NETW_WAN" ] && [ "$UB_D_WAN_FQDN" -gt 0 ] ; then + for ifsubnet in $UB_LIST_NETW_WAN ; do + ifaddr=${ifsubnet#*@} + ifaddr=${ifaddr%/*} + ifname=${ifsubnet%@*} + iffqdn="$ifname.$hostfqdn" + + + if [ "$UB_D_WAN_FQDN" -eq 4 ] ; then + names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME" + ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\"" + echo "$ptrrec" >> $UB_HOST_CONF + + elif [ "$UB_D_WAN_FQDN" -eq 3 ] ; then + names="$hostfqdn $UB_TXT_HOSTNAME" + ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\"" + echo "$ptrrec" >> $UB_HOST_CONF + + else + names="$UB_TXT_HOSTNAME" + ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\"" + echo "$ptrrec" >> $UB_HOST_CONF + fi + + + for name in $names ; do + case $ifaddr in + "${ulaprefix}"*) + # IP6 ULA only is assigned for OPTION 1 + namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\"" + echo "$namerec" >> $UB_HOST_CONF + ;; + + [1-9]*.*[0-9]) + namerec=" local-data: \"$name. 300 IN A $ifaddr\"" + echo "$namerec" >> $UB_HOST_CONF + ;; + + *) + if [ "$UB_D_WAN_FQDN" -gt 1 ] ; then + # IP6 GLA is assigned for higher options + namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\"" + echo "$namerec" >> $UB_HOST_CONF + fi + ;; + esac + done + echo >> $UB_HOST_CONF + done + fi + fi # end if uci valid +} + +############################################################################## + +unbound_uci() { + local cfg="$1" + local hostnm + + hostnm=$( uci_get system.@system[0].hostname | awk '{print tolower($0)}' ) + UB_TXT_HOSTNAME=${hostnm:-thisrouter} + + config_get_bool UB_B_SLAAC6_MAC "$cfg" dhcp4_slaac6 0 + config_get_bool UB_B_DNS64 "$cfg" dns64 0 + config_get_bool UB_B_EXT_STATS "$cfg" extended_stats 0 + config_get_bool UB_B_HIDE_BIND "$cfg" hide_binddata 1 + config_get_bool UB_B_LOCL_SERV "$cfg" localservice 1 + config_get_bool UB_B_MAN_CONF "$cfg" manual_conf 0 + config_get_bool UB_B_QUERY_MIN "$cfg" query_minimize 0 + config_get_bool UB_B_QRY_MINST "$cfg" query_min_strict 0 + config_get_bool UB_B_AUTH_ROOT "$cfg" prefetch_root 0 + config_get_bool UB_B_LOCL_BLCK "$cfg" rebind_localhost 0 + config_get_bool UB_B_DNSSEC "$cfg" validator 0 + config_get_bool UB_B_NTP_BOOT "$cfg" validator_ntp 1 + + config_get UB_IP_DNS64 "$cfg" dns64_prefix "64:ff9b::/96" + + config_get UB_N_EDNS_SIZE "$cfg" edns_size 1280 + config_get UB_N_RX_PORT "$cfg" listen_port 53 + config_get UB_N_ROOT_AGE "$cfg" root_age 9 + config_get UB_N_THREADS "$cfg" num_threads 1 + + config_get UB_D_CONTROL "$cfg" unbound_control 0 + config_get UB_D_DOMAIN_TYPE "$cfg" domain_type static + config_get UB_D_DHCP_LINK "$cfg" dhcp_link none + config_get UB_D_EXTRA_DNS "$cfg" add_extra_dns 0 + config_get UB_D_LAN_FQDN "$cfg" add_local_fqdn 0 + config_get UB_D_PRIV_BLCK "$cfg" rebind_protection 1 + config_get UB_D_PROTOCOL "$cfg" protocol mixed + config_get UB_D_RECURSION "$cfg" recursion passive + config_get UB_D_RESOURCE "$cfg" resource small + config_get UB_D_VERBOSE "$cfg" verbosity 1 + config_get UB_D_WAN_FQDN "$cfg" add_wan_fqdn 0 + + config_get UB_TTL_MIN "$cfg" ttl_min 120 + config_get UB_TXT_DOMAIN "$cfg" domain lan + + config_list_foreach "$cfg" domain_insecure bundle_domain_insecure + + + if [ "$UB_D_DHCP_LINK" = "none" ] ; then + config_get_bool UB_B_DNSMASQ "$cfg" dnsmasq_link_dns 0 + + + if [ "$UB_B_DNSMASQ" -gt 0 ] ; then + UB_D_DHCP_LINK=dnsmasq + + + if [ "$UB_B_READY" -eq 0 ] ; then + logger -t unbound -s "Please use 'dhcp_link' selector instead" + fi + fi + fi + + + if [ "$UB_D_DHCP_LINK" = "dnsmasq" ] ; then + if [ ! -x /usr/sbin/dnsmasq ] || [ ! -x /etc/init.d/dnsmasq ] ; then + UB_D_DHCP_LINK=none + else + /etc/init.d/dnsmasq enabled || UB_D_DHCP_LINK=none + fi + + + if [ "$UB_B_READY" -eq 0 ] && [ "$UB_D_DHCP_LINK" = "none" ] ; then + logger -t unbound -s "cannot forward to dnsmasq" + fi + fi + + + if [ "$UB_D_DHCP_LINK" = "odhcpd" ] ; then + if [ ! -x /usr/sbin/odhcpd ] || [ ! -x /etc/init.d/odhcpd ] ; then + UB_D_DHCP_LINK=none + else + /etc/init.d/odhcpd enabled || UB_D_DHCP_LINK=none + fi + + + if [ "$UB_B_READY" -eq 0 ] && [ "$UB_D_DHCP_LINK" = "none" ] ; then + logger -t unbound -s "cannot receive records from odhcpd" + fi + fi + + + if [ "$UB_N_EDNS_SIZE" -lt 512 ] || [ 4096 -lt "$UB_N_EDNS_SIZE" ] ; then + logger -t unbound -s "edns_size exceeds range, using default" + UB_N_EDNS_SIZE=1280 + fi + + + if [ "$UB_N_RX_PORT" -ne 53 ] \ + && { [ "$UB_N_RX_PORT" -lt 1024 ] || [ 10240 -lt "$UB_N_RX_PORT" ] ; } ; then + logger -t unbound -s "privileged port or in 5 digits, using default" + UB_N_RX_PORT=53 + fi + + + if [ "$UB_TTL_MIN" -gt 1800 ] ; then + logger -t unbound -s "ttl_min could have had awful side effects, using 300" + UB_TTL_MIN=300 + fi +} + +############################################################################## + +unbound_include() { + local adb_enabled + local adb_files=$( ls $UB_VARDIR/adb_list.* 2>/dev/null ) + + echo "# $UB_TOTAL_CONF generated by UCI $( date -Is )" > $UB_TOTAL_CONF + + + if [ -f "$UB_CORE_CONF" ] ; then + # Yes this all looks busy, but it is in TMPFS. Working on separate files + # and piecing together is easier. UCI order is less constrained. + cat $UB_CORE_CONF >> $UB_TOTAL_CONF + rm $UB_CORE_CONF + fi + + + if [ -f "$UB_HOST_CONF" ] ; then + # UCI definitions of local host or local subnet + cat $UB_HOST_CONF >> $UB_TOTAL_CONF + rm $UB_HOST_CONF + fi + + + if [ -f $UB_SRVMASQ_CONF ] ; then + # UCI found link to dnsmasq + cat $UB_SRVMASQ_CONF >> $UB_TOTAL_CONF + rm $UB_SRVMASQ_CONF + fi + + + if [ -f "$UB_DHCP_CONF" ] ; then + { + # Seed DHCP records because dhcp scripts trigger externally + # Incremental Unbound restarts may drop unbound-control records + echo "include: $UB_DHCP_CONF" + echo + }>> $UB_TOTAL_CONF + fi + + + if [ -z "$adb_files" ] || [ ! -x /usr/bin/adblock.sh ] \ + || [ ! -x /etc/init.d/adblock ] ; then + adb_enabled=0 + + elif /etc/init.d/adblock enabled ; then + adb_enabled=1 + { + # Pull in your selected openwrt/pacakges/net/adblock generated lists + echo "include: $UB_VARDIR/adb_list.*" + echo + } >> $UB_TOTAL_CONF + + else + adb_enabled=0 + fi + + + if [ -f $UB_SRV_CONF ] ; then + { + # Pull your own "server:" options here + echo "include: $UB_SRV_CONF" + echo + }>> $UB_TOTAL_CONF + fi + + + if [ -f "$UB_ZONE_CONF" ] ; then + # UCI defined forward, stub, and auth zones + cat $UB_ZONE_CONF >> $UB_TOTAL_CONF + rm $UB_ZONE_CONF + fi + + + if [ -f "$UB_CTRL_CONF" ] ; then + # UCI defined control application connection + cat $UB_CTRL_CONF >> $UB_TOTAL_CONF + rm $UB_CTRL_CONF + fi + + + if [ -f "$UB_EXTMASQ_CONF" ] ; then + # UCI found link to dnsmasq + cat $UB_EXTMASQ_CONF >> $UB_TOTAL_CONF + rm $UB_EXTMASQ_CONF + fi + + + if [ -f "$UB_EXT_CONF" ] ; then + { + # Pull your own extend feature clauses here + echo "include: $UB_EXT_CONF" + echo + } >> $UB_TOTAL_CONF + fi +} + +############################################################################## + +resolv_setup() { + if [ "$UB_N_RX_PORT" != "53" ] ; then + return + + elif [ -x /etc/init.d/dnsmasq ] \ + && /etc/init.d/dnsmasq enabled \ + && nslookup localhost 127.0.0.1#53 >/dev/null 2>&1 ; then + # unbound is configured for port 53, but dnsmasq is enabled and a resolver + # listens on localhost:53, lets assume dnsmasq manages the resolver file. + # TODO: + # really check if dnsmasq runs a local (main) resolver in stead of using + # nslookup that times out when no resolver listens on localhost:53. + return + fi + + + # unbound is designated to listen on 127.0.0.1#53, + # set resolver file to local. + rm -f /tmp/resolv.conf + + { + echo "# /tmp/resolv.conf generated by Unbound UCI $( date -Is )" + echo "nameserver 127.0.0.1" + echo "nameserver ::1" + echo "search $UB_TXT_DOMAIN." + } > /tmp/resolv.conf +} + +############################################################################## + +unbound_start() { + config_load unbound + config_foreach unbound_uci unbound + unbound_mkdir + + + if [ "$UB_B_MAN_CONF" -eq 0 ] ; then + # iterate zones before we load other UCI + # forward-zone: auth-zone: and stub-zone: + config_foreach unbound_zone zone + # associate potential DNS RR with interfaces + config_load network + config_foreach bundle_all_networks interface + config_load dhcp + config_foreach bundle_lan_networks dhcp + bundle_wan_networks + # server: + unbound_conf + unbound_hostname + # control: + unbound_control + # dnsmasq + dnsmasq_link + # merge + unbound_include + fi + + + resolv_setup +} + +############################################################################## + diff --git a/package/network/services/unbound/files/unbound.uci b/package/network/services/unbound/files/unbound.uci new file mode 100644 index 0000000000..604c960aa3 --- /dev/null +++ b/package/network/services/unbound/files/unbound.uci @@ -0,0 +1,54 @@ +config unbound + option add_extra_dns '0' + option add_local_fqdn '1' + option add_wan_fqdn '0' + option dhcp_link 'none' + option dhcp4_slaac6 '0' + option dns64 '0' + option dns64_prefix '64:ff9b::/96' + option domain 'lan' + option domain_type 'static' + option edns_size '1280' + option extended_stats '0' + option hide_binddata '1' + option listen_port '53' + option localservice '1' + option manual_conf '0' + option num_threads '1' + option protocol 'default' + option query_minimize '0' + option query_min_strict '0' + option rebind_localhost '0' + option rebind_protection '1' + option recursion 'default' + option resource 'default' + option root_age '9' + option ttl_min '120' + option unbound_control '0' + option validator '0' + option validator_ntp '1' + option verbosity '1' + list trigger_interface 'lan' + list trigger_interface 'wan' + #list domain_insecure 'ntp.example.com' + +config zone + option enabled '0' + option fallback '1' + option url_dir 'https://www.internic.net/domain/' + option zone_type 'auth_zone' + list server 'lax.xfr.dns.icann.org' + list server 'iad.xfr.dns.icann.org' + list zone_name '.' + list zone_name 'arpa.' + list zone_name 'in-addr.arpa.' + list zone_name 'ip6.arpa.' + +config zone + option enabled '0' + option fallback '1' + option resolv_conf '1' + option zone_type 'forward_zone' + list zone_name 'isp-bill.example.com.' + list zone_name 'isp-mail.example.net.' + diff --git a/package/network/services/unbound/files/unbound_ext.conf b/package/network/services/unbound/files/unbound_ext.conf new file mode 100644 index 0000000000..a44213b6a1 --- /dev/null +++ b/package/network/services/unbound/files/unbound_ext.conf @@ -0,0 +1,9 @@ +############################################################################## +# Extended user clauses added to the end of the UCI generated 'unbound.conf' +# +# Put your own forward:, view:, stub:, or remote-control: clauses here. This +# file is appended to the end of 'unbound.conf' with an include: statement. +# Notice that it is not part of the server: clause. Use 'unbound_srv.conf' to +# place custom option statements in the server: clause. +############################################################################## + diff --git a/package/network/services/unbound/files/unbound_srv.conf b/package/network/services/unbound/files/unbound_srv.conf new file mode 100644 index 0000000000..03eb48abcd --- /dev/null +++ b/package/network/services/unbound/files/unbound_srv.conf @@ -0,0 +1,9 @@ +############################################################################## +# User custom options added in the server: clause part of UCI 'unbound.conf' +# +# Add your own option statements here when they are not covered by UCI. This +# file is placed _inside_ the server: clause with an include: statement. Do +# not start other clauses here, because that would brake the server: clause. +# Use 'unbound_ext.conf' to start new clauses at the end of 'unbound.conf'. +############################################################################## + diff --git a/package/network/services/unbound/patches/100-example-conf-in.patch b/package/network/services/unbound/patches/100-example-conf-in.patch new file mode 100644 index 0000000000..0a4b61104b --- /dev/null +++ b/package/network/services/unbound/patches/100-example-conf-in.patch @@ -0,0 +1,86 @@ +OpenWrt (modification): +Patch the default configuration file with the tiny memory +configuration example from Unbound documentation. This is the best +starting point for embedded routers if one is not going to use UCI. + +Index: doc/example.conf.in +=================================================================== +--- a/doc/example.conf.in ++++ b/doc/example.conf.in +@@ -15,6 +15,76 @@ server: + # verbosity number, 0 is least verbose. 1 is default. + verbosity: 1 + ++ ############################################################################ ++ # MEMORY CONTROL EXAMPLE ++ # In the example config settings below memory usage is reduced. Some ser- ++ # vice levels are lower, notable very large data and a high TCP load are ++ # no longer supported ... are exceptional for the DNS. ++ # (http://unbound.net/documentation/unbound.conf.html) ++ ############################################################################ ++ ++ # Self jail Unbound with user "unbound" to /var/lib/unbound ++ # The script /etc/init.d/unbound will setup the location ++ username: "unbound" ++ directory: "/var/lib/unbound" ++ chroot: "/var/lib/unbound" ++ ++ # The pid file is created before privleges drop so no concern ++ pidfile: "/var/run/unbound.pid" ++ ++ # no threads and no memory slabs for threads ++ num-threads: 1 ++ msg-cache-slabs: 1 ++ rrset-cache-slabs: 1 ++ infra-cache-slabs: 1 ++ key-cache-slabs: 1 ++ ++ # don't be picky about interfaces but consider your firewall ++ interface: 0.0.0.0 ++ interface: ::0 ++ access-control: 0.0.0.0/0 allow ++ access-control: ::0/0 allow ++ ++ # this limits TCP service but uses less buffers ++ outgoing-num-tcp: 1 ++ incoming-num-tcp: 1 ++ ++ # use somewhat higher port numbers versus possible NAT issue ++ outgoing-port-permit: "10240-65335" ++ ++ # uses less memory but less performance ++ outgoing-range: 60 ++ num-queries-per-thread: 30 ++ ++ # exclude large responses ++ msg-buffer-size: 8192 ++ ++ # tiny memory cache ++ infra-cache-numhosts: 200 ++ msg-cache-size: 100k ++ rrset-cache-size: 100k ++ key-cache-size: 100k ++ neg-cache-size: 10k ++ ++ # gentle on recursion ++ target-fetch-policy: "2 1 0 0 0 0" ++ harden-large-queries: yes ++ harden-short-bufsize: yes ++ ++ # DNSSEC enable by removing comments on "module-config:" and "auto-trust- ++ # -anchor-file:" The init script will copy root key to /var/lib/unbound. ++ # See package documentation for crontab entry to copy RFC5011 results back. ++ #module-config: "validator iterator" ++ #auto-trust-anchor-file: "/var/lib/unbound/root.key" ++ ++ # DNSSEC needs real time to validate signatures. If your device does not ++ # have power off clock (reboot), then you may need this work around. ++ #domain-insecure: "pool.ntp.org" ++ ++ ############################################################################ ++ # Resume Stock example.conf.in ++ ############################################################################ ++ + # print statistics to the log (for every thread) every N seconds. + # Set to "" or 0 to disable. Default is disabled. + # statistics-interval: 0 diff --git a/package/network/services/vpnc-scripts/Makefile b/package/network/services/vpnc-scripts/Makefile new file mode 100644 index 0000000000..73649026f7 --- /dev/null +++ b/package/network/services/vpnc-scripts/Makefile @@ -0,0 +1,38 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=vpnc-scripts +PKG_VERSION:=20151220 +PKG_RELEASE:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/vpnc-scripts + SECTION:=net + CATEGORY:=Network + TITLE:=VPN configuration script for vpnc and OpenConnect + MAINTAINER:=Nikos Mavrogiannopoulos + SUBMENU:=VPN + PKGARCH:=all +endef + +define Package/vpnc-scripts/description + This package contains the vpnc-script which is used by vpnc + and OpenConnect to configure the tunnel interface. +endef + +define Build/Compile +endef + +define Package/vpnc-scripts/install + $(INSTALL_DIR) $(1)/lib/netifd + $(INSTALL_BIN) ./files/vpnc-script $(1)/lib/netifd/ +endef + +$(eval $(call BuildPackage,vpnc-scripts)) diff --git a/package/network/services/vpnc-scripts/files/vpnc-script b/package/network/services/vpnc-scripts/files/vpnc-script new file mode 100755 index 0000000000..5575c3cdab --- /dev/null +++ b/package/network/services/vpnc-scripts/files/vpnc-script @@ -0,0 +1,219 @@ +#!/bin/sh +# List of parameters passed through environment +#* reason -- why this script was called, one of: pre-init connect disconnect +#* VPNGATEWAY -- vpn gateway address (always present) +#* TUNDEV -- tunnel device (always present) +#* INTERNAL_IP4_ADDRESS -- address (always present) +#* INTERNAL_IP4_MTU -- mtu (often unset) +#* INTERNAL_IP4_NETMASK -- netmask (often unset) +#* INTERNAL_IP4_NETMASKLEN -- netmask length (often unset) +#* INTERNAL_IP4_NETADDR -- address of network (only present if netmask is set) +#* INTERNAL_IP4_DNS -- list of dns servers +#* INTERNAL_IP4_NBNS -- list of wins servers +#* INTERNAL_IP6_ADDRESS -- IPv6 address +#* INTERNAL_IP6_NETMASK -- IPv6 netmask +#* INTERNAL_IP6_DNS -- IPv6 list of dns servers +#* CISCO_DEF_DOMAIN -- default domain name +#* CISCO_BANNER -- banner from server +#* CISCO_SPLIT_INC -- number of networks in split-network-list +#* CISCO_SPLIT_INC_%d_ADDR -- network address +#* CISCO_SPLIT_INC_%d_MASK -- subnet mask (for example: 255.255.255.0) +#* CISCO_SPLIT_INC_%d_MASKLEN -- subnet masklen (for example: 24) +#* CISCO_SPLIT_INC_%d_PROTOCOL -- protocol (often just 0) +#* CISCO_SPLIT_INC_%d_SPORT -- source port (often just 0) +#* CISCO_SPLIT_INC_%d_DPORT -- destination port (often just 0) +#* CISCO_IPV6_SPLIT_INC -- number of networks in IPv6 split-network-list +#* CISCO_IPV6_SPLIT_INC_%d_ADDR -- IPv6 network address +#* CISCO_IPV6_SPLIT_INC_$%d_MASKLEN -- IPv6 subnet masklen + +HOOKS_DIR=/etc/openconnect + +# FIXMEs: + +# Section A: route handling + +# 1) The 3 values CISCO_SPLIT_INC_%d_PROTOCOL/SPORT/DPORT are currently being ignored +# In order to use them, we'll probably need os specific solutions +# * Linux: iptables -t mangle -I PREROUTING -j ROUTE --oif $TUNDEV +# This would be an *alternative* to changing the routes (and thus 2) and 3) +# shouldn't be relevant at all) +# 2) There are two different functions to set routes: generic routes and the +# default route. Why isn't the defaultroute handled via the generic route case? +# 3) In the split tunnel case, all routes but the default route might get replaced +# without getting restored later. We should explicitely check and save them just +# like the defaultroute +# 4) Replies to a dhcp-server should never be sent into the tunnel + +# Section B: Split DNS handling + +# 1) We parse CISCO_SPLIT_DNS and use dnsmasq to set it + +do_connect() { + if [ -n "$CISCO_BANNER" ]; then + logger -t openconnect "Connect Banner:" + echo "$CISCO_BANNER" | while read LINE ; do logger -t openconnect "|" "$LINE" ; done + fi + + proto_init_update "$TUNDEV" 1 + + if [ -n "$INTERNAL_IP4_MTU" ]; then + MTU=$INTERNAL_IP4_MTU + fi + + if [ -z "$MTU" ]; then + MTU=1412 + fi + + proto_add_ipv4_address "$INTERNAL_IP4_ADDRESS" 32 "" "$INTERNAL_IP4_ADDRESS" + + if [ -n "$INTERNAL_IP4_NETMASKLEN" ]; then + proto_add_ipv4_route "$INTERNAL_IP4_NETADDR" "$INTERNAL_IP4_NETMASKLEN" + fi + + # If the netmask is provided, it contains the address _and_ netmask + if [ -n "$INTERNAL_IP6_ADDRESS" ] && [ -z "$INTERNAL_IP6_NETMASK" ]; then + INTERNAL_IP6_NETMASK="$INTERNAL_IP6_ADDRESS/128" + fi + + if [ -n "$INTERNAL_IP6_NETMASK" ]; then + addr="${INTERNAL_IP6_NETMASK%%/*}" + mask="${INTERNAL_IP6_NETMASK##*/}" + [[ "$addr" != "$mask" ]] && proto_add_ipv6_address "$addr" "$mask" + fi + + DNSMASQ_FILE="/tmp/dnsmasq.d/openconnect.$TUNDEV" + LOCAL_DOMAIN=$(uci get dhcp.@dnsmasq[0].domain) + rm -f $DNSMASQ_FILE + if [ -n "$CISCO_SPLIT_DNS" ] && [ -d "/tmp/dnsmasq.d/" ];then + SDNS=`echo $CISCO_SPLIT_DNS|sed 's/,/\n/g'` + echo "$SDNS" | while read i; do + if [ "$i" = "$LOCAL_DOMAIN" ];then + continue + fi + if [ -n "$INTERNAL_IP4_DNS" ];then + for dns in $INTERNAL_IP4_DNS;do + echo "server=/$i/$dns" >> $DNSMASQ_FILE + done + fi + if [ -n "$INTERNAL_IP6_DNS" ];then + for dns in $INTERNAL_IP6_DNS;do + echo "server=/$i/$dns" >> $DNSMASQ_FILE + done + fi + echo "rebind-domain-ok=$i" >> $DNSMASQ_FILE + done + /etc/init.d/dnsmasq restart + else + if [ -n "$INTERNAL_IP4_DNS" ];then + for dns in $INTERNAL_IP4_DNS;do + proto_add_dns_server "$dns" + done + fi + if [ -n "$INTERNAL_IP6_DNS" ];then + for dns in $INTERNAL_IP6_DNS;do + proto_add_dns_server "$dns" + done + fi + if [ -n "$CISCO_DEF_DOMAIN" ] && [ "$CISCO_DEF_DOMAIN" != "$LOCAL_DOMAIN" ];then + if [ -n "$INTERNAL_IP4_DNS" ];then + for dns in $INTERNAL_IP4_DNS;do + echo "server=/$CISCO_DEF_DOMAIN/$dns" >> $DNSMASQ_FILE + done + fi + if [ -n "$INTERNAL_IP6_DNS" ];then + for dns in $INTERNAL_IP6_DNS;do + echo "server=/$CISCO_DEF_DOMAIN/$dns" >> $DNSMASQ_FILE + done + fi + proto_add_dns_search "$CISCO_DEF_DOMAIN" + fi + fi + + if [ -n "$CISCO_SPLIT_INC" ]; then + i=0 + while [ $i -lt $CISCO_SPLIT_INC ] ; do + eval NETWORK="\${CISCO_SPLIT_INC_${i}_ADDR}" + eval NETMASK="\${CISCO_SPLIT_INC_${i}_MASK}" + eval NETMASKLEN="\${CISCO_SPLIT_INC_${i}_MASKLEN}" + if [ $NETWORK != "0.0.0.0" ]; then + proto_add_ipv4_route "$NETWORK" "$NETMASKLEN" + else + proto_add_ipv4_route "0.0.0.0" 0 + fi + i=$(($i + 1)) + done + elif [ -n "$INTERNAL_IP4_ADDRESS" ]; then + proto_add_ipv4_route "0.0.0.0" 0 + fi + if [ -n "$CISCO_IPV6_SPLIT_INC" ]; then + i=0 + while [ $i -lt $CISCO_IPV6_SPLIT_INC ] ; do + eval NETWORK="\${CISCO_IPV6_SPLIT_INC_${i}_ADDR}" + eval NETMASKLEN="\${CISCO_IPV6_SPLIT_INC_${i}_MASKLEN}" + if [ $NETMASKLEN -lt 128 ]; then + proto_add_ipv6_route "$NETWORK" "$NETMASKLEN" + else + proto_add_ipv6_route "::0" 0 + fi + i=$(($i + 1)) + done + elif [ -n "$INTERNAL_IP6_NETMASK" -o -n "$INTERNAL_IP6_ADDRESS" ]; then + proto_add_ipv6_route "::0" 0 + fi + proto_send_update "$INTERFACE" +} + +do_disconnect() { + rm -f "/tmp/dnsmasq.d/openconnect.$TUNDEV" + proto_init_update "$TUNDEV" 0 + proto_send_update "$INTERFACE" +} + +#### Hooks +run_hooks() { + HOOK="$1" + + if [ -d ${HOOKS_DIR}/${HOOK}.d ]; then + for script in ${HOOKS_DIR}/${HOOK}.d/* ; do + [ -f $script ] && . $script + done + fi +} + +#### Main + +if [ -z "$reason" ]; then + logger -t openconnect "this script must be called from vpnc" 1>&2 + exit 1 +fi +if [ -z "$INTERFACE" ]; then + logger -t openconnect "this script must be called for an active interface" + exit 1 +fi + +. /lib/netifd/netifd-proto.sh + +case "$reason" in + pre-init) + run_hooks pre-init + ;; + connect) + run_hooks connect + do_connect + run_hooks post-connect + ;; + disconnect) + run_hooks disconnect + do_disconnect + run_hooks post-disconnect + ;; + reconnect) + run_hooks reconnect + ;; + *) + logger -t openconnect "unknown reason '$reason'. Maybe vpnc-script is out of date" 1>&2 + exit 1 + ;; +esac + +exit 0 diff --git a/package/network/services/vpnc/Config.in b/package/network/services/vpnc/Config.in new file mode 100644 index 0000000000..5eacd97825 --- /dev/null +++ b/package/network/services/vpnc/Config.in @@ -0,0 +1,18 @@ +# vpnc avanced configuration + +menu "Configuration" + depends on PACKAGE_vpnc + +choice + prompt "SSL library" + default VPNC_GNUTLS + +config VPNC_GNUTLS + bool "GnuTLS support" + +config VPNC_OPENSSL + bool "OpenSSL" + +endchoice + +endmenu diff --git a/package/network/services/vpnc/Makefile b/package/network/services/vpnc/Makefile new file mode 100644 index 0000000000..75900f33c4 --- /dev/null +++ b/package/network/services/vpnc/Makefile @@ -0,0 +1,94 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=vpnc +PKG_REV:=550 +PKG_VERSION:=0.5.3.r$(PKG_REV) +PKG_RELEASE:=9 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=http://svn.unix-ag.uni-kl.de/vpnc/trunk/ +PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) +PKG_SOURCE_VERSION:=$(PKG_REV) +PKG_SOURCE_PROTO:=svn + +PKG_MAINTAINER:=Daniel Gimpelevich +PKG_LICENSE:=VARIOUS +PKG_LICENSE_FILES:=COPYING + +PKG_CONFIG_DEPENDS:= \ + CONFIG_VPNC_GNUTLS \ + CONFIG_VPNC_OPENSSL \ + + +include $(INCLUDE_DIR)/package.mk + +define Package/vpnc/config + source "$(SOURCE)/Config.in" +endef + +define Package/vpnc + SECTION:=net + CATEGORY:=Network + DEPENDS:=+libgpg-error +libgcrypt +kmod-tun +VPNC_OPENSSL:libopenssl +VPNC_GNUTLS:libgnutls +vpnc-scripts +resolveip + TITLE:=VPN client for Cisco EasyVPN + URL:=http://www.unix-ag.uni-kl.de/~massar/vpnc/ + SUBMENU:=VPN +endef + +define Package/vpnc/description + A VPN client compatible with Cisco's EasyVPN equipment. + + Supports IPSec (ESP) with Mode Configuration and Xauth. Supports only + shared-secret IPSec authentication with Xauth, AES (256, 192, 128), + 3DES, 1DES, MD5, SHA1, DH1/2/5 and IP tunneling. +endef + +define Package/vpnc/conffiles +/etc/vpnc/default.conf +endef + +ifeq ($(CONFIG_VPNC_OPENSSL),y) +define Build/Compile + $(call Build/Compile/Default, \ + OFLAGS="$(TARGET_CFLAGS)" \ + OS="Linux" VERSION="$(PKG_VERSION)" \ + STAGING_DIR="$(STAGING_DIR)" \ + DESTDIR="$(PKG_INSTALL_DIR)" \ + OPENSSL_GPL_VIOLATION=yes PREFIX=/usr \ + all install \ + ) +endef +else +define Build/Compile + $(call Build/Compile/Default, \ + OFLAGS="$(TARGET_CFLAGS)" \ + OS="Linux" VERSION="$(PKG_VERSION)" \ + STAGING_DIR="$(STAGING_DIR)" \ + DESTDIR="$(PKG_INSTALL_DIR)" \ + PREFIX=/usr \ + all install \ + ) +endef +endif + +define Package/vpnc/install + $(INSTALL_DIR) $(1)/lib/netifd/proto + $(INSTALL_BIN) ./files/vpnc.sh $(1)/lib/netifd/proto/ + $(INSTALL_DIR) $(1)/usr/sbin + $(CP) $(PKG_INSTALL_DIR)/usr/sbin/vpnc \ + $(PKG_INSTALL_DIR)/usr/sbin/vpnc-disconnect \ + $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/etc/vpnc + $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/vpnc/default.conf $(1)/etc/vpnc/ + $(INSTALL_DIR) $(1)/lib/upgrade/keep.d + $(INSTALL_DATA) ./files/vpnc.upgrade $(1)/lib/upgrade/keep.d/vpnc +endef + +$(eval $(call BuildPackage,vpnc)) diff --git a/package/network/services/vpnc/README b/package/network/services/vpnc/README new file mode 100644 index 0000000000..975ee36005 --- /dev/null +++ b/package/network/services/vpnc/README @@ -0,0 +1,41 @@ +The vpnc client expects to be configured using the uci interface. + +To setup a VPN connection, add the following to /etc/config/network: + +config interface 'MYVPN' + option proto 'vpnc' + option interface 'wan' + option server 'vpn.example.com' + option username 'test' + option password 'secret' # or: + option hexpasswd 'AE7FF6A0426F0A0CD0A02EB9EC3C5066FAEB0B25' + option authgroup 'DEFAULT' + option passgroup 'groupsecret' # or: + option hexpassgroup '52B0BEAF6605C3CE9BE20A0DC0A0F6240A6FF7EA' + option domain 'WORKGROUP' + option vendor 'cisco' # or 'netscreen' + option natt_mode 'natt' # or 'none' or 'force-natt' or 'cisco-udp' + option dh_group 'dh2' # or 'dh1' or 'dh5' + option pfs 'server' # or 'nopfs' or 'dh1' or 'dh2' or 'dh5' + option enable_single_des '0' + option enable_no_enc '0' # '1' to enable unencrypted VPN + option mtu '0' + option local_addr '0.0.0.0' + option local_port '500' # '0' to use a random port + option udp_port '10000' # '0' to use a random port + option dpd_idle '300' + option auth_mode 'psk' # or 'hybrid' + option target_network '0.0.0.0/0.0.0.0' # network/netmask or CIDR + +The additional file(s) are also used: +/etc/vpnc/ca-vpn-MYVPN.pem: The server's CA certificate (for auth_mode 'hybrid') + +After these are setup you can initiate the VPN using "ifup MYVPN", and +deinitialize it using ifdown. You may also use the luci web interface +(Network -> Interfaces -> MYVPN Connect). + +Note that you need to configure the firewall to allow communication between +the MYVPN interface and lan. + +If you install this package via opkg, there are reports that you must reboot +before it can be used. diff --git a/package/network/services/vpnc/files/vpnc.sh b/package/network/services/vpnc/files/vpnc.sh new file mode 100755 index 0000000000..d7980ca526 --- /dev/null +++ b/package/network/services/vpnc/files/vpnc.sh @@ -0,0 +1,110 @@ +#!/bin/sh +. /lib/functions.sh +. ../netifd-proto.sh +init_proto "$@" + +proto_vpnc_init_config() { + proto_config_add_string "server" + proto_config_add_string "username" + proto_config_add_string "hexpasswd" + proto_config_add_string "authgroup" + proto_config_add_string "password" + proto_config_add_string "token_mode" + proto_config_add_string "token_secret" + proto_config_add_string "interface" + proto_config_add_string "passgroup" + proto_config_add_string "hexpassgroup" + proto_config_add_string "domain" + proto_config_add_string "vendor" + proto_config_add_string "natt_mode" + proto_config_add_string "dh_group" + proto_config_add_string "pfs" + proto_config_add_boolean "enable_single_des" + proto_config_add_boolean "enable_no_enc" + proto_config_add_int "mtu" + proto_config_add_string "local_addr" + proto_config_add_int "local_port" + proto_config_add_int "udp_port" + proto_config_add_int "dpd_idle" + proto_config_add_string "auth_mode" + proto_config_add_string "target_network" + proto_config_add_boolean "authfail" + no_device=1 + available=1 +} + +proto_vpnc_setup() { + local config="$1" + + json_get_vars server username hexpasswd authgroup password token_mode token_secret interface passgroup hexpassgroup domain vendor natt_mode dh_group pfs enable_single_des enable_no_enc mtu local_addr local_port udp_port dpd_idle auth_mode target_network authfail + + grep -q tun /proc/modules || insmod tun + + logger -t vpnc "initializing..." + serv_addr= + for ip in $(resolveip -4t 10 "$server"); do + ( proto_add_host_dependency "$config" "$ip" $interface ) + serv_addr=1 + done + [ -n "$serv_addr" ] || { + logger -t vpnc "Could not resolve server address: '$server'" + sleep 60 + proto_setup_failed "$config" + exit 1 + } + + mkdir -p /var/etc + umask 077 + pwfile="/var/etc/vpnc-$config.conf" + echo "IPSec gateway $server" > "$pwfile" + cmdline="--no-detach --pid-file /var/run/vpnc-$config.pid --ifname vpn-$config --non-inter --script /lib/netifd/vpnc-script $pwfile" + + [ -f /etc/vpnc/ca-vpn-$config.pem ] && echo "CA-File /etc/vpnc/ca-vpn-$config.pem" >> "$pwfile" + [ -n "$hexpasswd" ] && echo "Xauth obfuscated password $hexpasswd" >> "$pwfile" + [ -n "$authgroup" ] && echo "IPSec ID $authgroup" >> "$pwfile" + [ -n "$username" ] && echo "Xauth username $username" >> "$pwfile" + [ -n "$password" ] && echo "Xauth password $password" >> "$pwfile" + [ -n "$passgroup" ] && echo "IPSec secret $passgroup" >> "$pwfile" + [ -n "$hexpassgroup" ] && echo "IPSec obfuscated secret $hexpassgroup" >> "$pwfile" + [ -n "$domain" ] && echo "Domain $domain" >> "$pwfile" + [ -n "$vendor" ] && echo "Vendor $vendor" >> "$pwfile" + [ -n "$natt_mode" ] && echo "NAT Traversal Mode $natt_mode" >> "$pwfile" + [ -n "$dh_group" ] && echo "IKE DH Group $dh_group" >> "$pwfile" + [ -n "$pfs" ] && echo "Perfect Forward Secrecy $pfs" >> "$pwfile" + [ "${enable_single_des:-0}" -gt 0 ] && echo "Enable Single DES" >> "$pwfile" + [ "${enable_no_enc:-0}" -gt 0 ] && echo "Enable no encryption" >> "$pwfile" + [ -n "$mtu" ] && echo "Interface MTU $mtu" >> "$pwfile" + [ -n "$local_addr" ] && echo "Local Addr $local_addr" >> "$pwfile" + [ -n "$local_port" ] && echo "Local Port $local_port" >> "$pwfile" + [ -n "$udp_port" ] && echo "Cisco UDP Encapsulation Port $udp_port" >> "$pwfile" + [ -n "$dpd_idle" ] && echo "DPD idle timeout (our side) $dpd_idle" >> "$pwfile" + [ -n "$auth_mode" ] && echo "IKE Authmode $auth_mode" >> "$pwfile" + [ -n "$target_network" ] && echo "IPSEC target network $target_network" >> "$pwfile" + + proto_export INTERFACE="$config" + logger -t vpnc "executing 'vpnc $cmdline'" + proto_run_command "$config" /usr/sbin/vpnc $cmdline +} + +proto_vpnc_teardown() { + local config="$1" + + pwfile="/var/etc/vpnc-$config.conf" + + json_get_var authfail authfail + # On error exit (vpnc only has success = 0 and error = 1, so + # we can't be fine-grained and say only auth error) + # and authfail setting true, then don't retry starting vpnc + # This is used for the case were the server blocks repeated + # failed authentication attempts (which will occur if the password + # is wrong, for example). + if [ ${ERROR:-0} -gt 0 ] && [ "${authfail:-0}" -gt 0 ]; then + proto_block_restart "$config" + fi + + rm -f $pwfile + logger -t vpnc "bringing down vpnc" + proto_kill_command "$config" 2 +} + +add_protocol vpnc diff --git a/package/network/services/vpnc/files/vpnc.upgrade b/package/network/services/vpnc/files/vpnc.upgrade new file mode 100644 index 0000000000..585513dcbc --- /dev/null +++ b/package/network/services/vpnc/files/vpnc.upgrade @@ -0,0 +1,2 @@ +/etc/vpnc/ca-vpn-*.pem + diff --git a/package/network/services/vpnc/patches/001-cross.patch b/package/network/services/vpnc/patches/001-cross.patch new file mode 100644 index 0000000000..33bcfee3b4 --- /dev/null +++ b/package/network/services/vpnc/patches/001-cross.patch @@ -0,0 +1,42 @@ +--- a/Makefile ++++ b/Makefile +@@ -20,7 +20,7 @@ + # $Id: Makefile 539 2013-12-04 13:41:04Z Antonio Borneo $ + + DESTDIR= +-PREFIX=/usr/local ++PREFIX=/usr + ETCDIR=/etc/vpnc + BINDIR=$(PREFIX)/bin + SBINDIR=$(PREFIX)/sbin +@@ -57,18 +57,15 @@ OBJS = $(addsuffix .o,$(basename $(SRCS) + CRYPTO_OBJS = $(addsuffix .o,$(basename $(CRYPTO_SRCS))) + BINOBJS = $(addsuffix .o,$(BINS)) + BINSRCS = $(addsuffix .c,$(BINS)) +-VERSION := $(shell sh mk-version) + RELEASE_VERSION := $(shell cat VERSION) + + CC ?= gcc +-CFLAGS ?= -O3 -g + CFLAGS += -W -Wall -Wmissing-declarations -Wwrite-strings +-CFLAGS += $(shell libgcrypt-config --cflags) $(CRYPTO_CFLAGS) ++CFLAGS += -O3 -I$(STAGING_DIR)/usr/include -I$(STAGING_DIR)/include $(OFLAGS) $(CRYPTO_CFLAGS) + CPPFLAGS += -DVERSION=\"$(VERSION)\" +-LDFLAGS ?= -g +-LIBS += $(shell libgcrypt-config --libs) $(CRYPTO_LDADD) ++LIBS += -L$(STAGING_DIR)/usr/lib -L$(STAGING_DIR)/lib -lgcrypt -lgpg-error $(CRYPTO_LDADD) + +-ifeq ($(shell uname -s), SunOS) ++ifeq ($(OS), SunOS) + LIBS += -lnsl -lresolv -lsocket + endif + ifneq (,$(findstring Apple,$(shell $(CC) --version))) +@@ -82,7 +79,7 @@ vpnc : $(OBJS) vpnc.o + $(CC) $(LDFLAGS) -o $@ $^ $(LIBS) + + vpnc.8 : vpnc.8.template makeman.pl vpnc +- ./makeman.pl ++ touch vpnc.8 + + cisco-decrypt : cisco-decrypt.o decrypt-utils.o + $(CC) $(LDFLAGS) -o $@ $^ $(LIBS) diff --git a/package/network/services/vpnc/patches/100-musl-compat.patch b/package/network/services/vpnc/patches/100-musl-compat.patch new file mode 100644 index 0000000000..0a46770e48 --- /dev/null +++ b/package/network/services/vpnc/patches/100-musl-compat.patch @@ -0,0 +1,42 @@ +--- a/sysdep.h ++++ b/sysdep.h +@@ -37,12 +37,14 @@ int tun_read(int fd, unsigned char *buf, + int tun_get_hwaddr(int fd, char *dev, uint8_t *hwaddr); + + /***************************************************************************/ +-#if defined(__linux__) || defined(__GLIBC__) ++#if defined(__GLIBC__) || defined(__UCLIBC__) + #include ++#define HAVE_ERROR 1 ++#endif + ++#if defined(__linux__) || defined(__GLIBC__) + #define HAVE_VASPRINTF 1 + #define HAVE_ASPRINTF 1 +-#define HAVE_ERROR 1 + #define HAVE_UNSETENV 1 + #define HAVE_SETENV 1 + #endif +--- a/sysdep.c ++++ b/sysdep.c +@@ -59,6 +59,10 @@ + #if defined(__DragonFly__) + #include + #elif defined(__linux__) ++# if !defined(__GLIBC__) && !defined(__UCLIBC__) ++# define _LINUX_IF_ETHER_H ++# include ++# endif + #include + #elif defined(__APPLE__) + /* no header for tun */ +--- a/config.c ++++ b/config.c +@@ -28,6 +28,7 @@ + #include + #include + #include ++#include + #include + #include + #include diff --git a/package/network/services/vpnc/patches/110-openssl-deprecated.patch b/package/network/services/vpnc/patches/110-openssl-deprecated.patch new file mode 100644 index 0000000000..190bc839a2 --- /dev/null +++ b/package/network/services/vpnc/patches/110-openssl-deprecated.patch @@ -0,0 +1,23 @@ +--- a/crypto-openssl.c ++++ b/crypto-openssl.c +@@ -20,6 +20,7 @@ + #include + #include + #include ++#include + #include "config.h" + #include "sysdep.h" + #include "crypto.h" +@@ -35,10 +36,12 @@ crypto_ctx *crypto_ctx_new(crypto_error **error) + return NULL; + } + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + OpenSSL_add_all_ciphers(); + OpenSSL_add_all_digests(); + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); ++#endif + + memset(ctx, 0, sizeof(crypto_ctx)); + ctx->stack = sk_X509_new_null(); diff --git a/package/utils/kmod/Makefile b/package/utils/kmod/Makefile new file mode 100644 index 0000000000..d54e4583cc --- /dev/null +++ b/package/utils/kmod/Makefile @@ -0,0 +1,93 @@ +# +# Copyright (C) 2015 Jeff Waugh +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=kmod +PKG_VERSION:=20 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=@KERNEL/linux/utils/kernel/kmod/ +PKG_HASH:=89c1a1a2193c31f9ebe582640bfa2bd401341dc24119f5a7f702588116fadaa0 +PKG_MAINTAINER:=Jeff Waugh +PKG_LICENSE:=LGPL-2.1+ +PKG_LICENSE_FILES:=COPYING +PKG_FIXUP:=autoreconf + +PKG_BUILD_PARALLEL:=1 +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +CONFIGURE_ARGS += --with-zlib + +define Package/kmod/Default + SECTION:=utils + CATEGORY:=Utilities + TITLE:=Linux kernel module handling + URL:=https://www.kernel.org/pub/linux/utils/kernel/kmod/ + DEPENDS:=+zlib +endef + + +define Package/kmod +$(call Package/kmod/Default) + TITLE+= (tools) +endef + +define Package/kmod/description +Linux kernel module handling + kmod is a set of tools to handle common tasks with Linux kernel modules like + insert, remove, list, check properties, resolve dependencies and aliases. +endef + +LEGACY_BINARIES:= \ + depmod \ + insmod \ + lsmod \ + modinfo \ + modprobe \ + rmmod + +define Package/kmod/install + $(INSTALL_DIR) $(1)/sbin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/kmod $(1)/sbin + + for b in $(LEGACY_BINARIES); do \ + ln -sf kmod $(1)/sbin/$$$$b ; \ + done +endef + + +define Package/libkmod +$(call Package/kmod/Default) + SECTION:=libs + CATEGORY:=Libraries + TITLE+= (library) +endef + +define Package/libkmod/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libkmod.so.* $(1)/usr/lib/ +endef + + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include + $(CP) $(PKG_INSTALL_DIR)/usr/include $(1)/usr/ + + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libkmod.{so*,la} $(1)/usr/lib/ + + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libkmod.pc $(1)/usr/lib/pkgconfig/ +endef + + +$(eval $(call BuildPackage,kmod)) +$(eval $(call BuildPackage,libkmod)) diff --git a/package/utils/kmod/patches/001-fix_pkgconfig_file.patch b/package/utils/kmod/patches/001-fix_pkgconfig_file.patch new file mode 100644 index 0000000000..1891078d7f --- /dev/null +++ b/package/utils/kmod/patches/001-fix_pkgconfig_file.patch @@ -0,0 +1,22 @@ +--- a/Makefile.am ++++ b/Makefile.am +@@ -35,9 +35,6 @@ SED_PROCESS = \ + -e 's,@zlib_LIBS\@,${zlib_LIBS},g' \ + < $< > $@ || rm $@ + +-%.pc: %.pc.in Makefile +- $(SED_PROCESS) +- + LIBKMOD_CURRENT=4 + LIBKMOD_REVISION=9 + LIBKMOD_AGE=2 +--- a/configure.ac ++++ b/configure.ac +@@ -221,6 +221,7 @@ AC_CONFIG_HEADERS(config.h) + AC_CONFIG_FILES([ + Makefile + man/Makefile ++ libkmod/libkmod.pc + libkmod/docs/Makefile + libkmod/docs/version.xml + ]) diff --git a/package/utils/pciutils/Makefile b/package/utils/pciutils/Makefile new file mode 100644 index 0000000000..ed287eeff8 --- /dev/null +++ b/package/utils/pciutils/Makefile @@ -0,0 +1,105 @@ +# +# Copyright (C) 2007-2017 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=pciutils +PKG_VERSION:=3.6.2 +PKG_RELEASE:=3 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=@KERNEL/software/utils/pciutils +PKG_HASH:=db452ec986edefd88af0d222d22f6102f8030a8633fdfe846c3ae4bde9bb93f3 + +PKG_MAINTAINER:=Lucian Cristian +PKG_LICENSE:=GPL-2.0 +PKG_LICENSE_FILES:=COPYING + +PKG_USE_MIPS16:=0 +PKG_BUILD_PARALLEL:=1 +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/pciutils + SECTION:=utils + CATEGORY:=Utilities + TITLE:=Linux PCI Utilities + URL:=http://mj.ucw.cz/pciutils.shtml + DEPENDS:=+libkmod +libpci +endef + +define Package/pciutils/description + contains collection of programs for inspecting and manipulating configuration + of PCI devices +endef + +define Package/libpci + SECTION:=libs + CATEGORY:=Libraries + TITLE:=Linux PCI Libraries + URL:=http://mj.ucw.cz/pciutils.shtml +endef + + +PCI_IDS_VER:=0.324 +PCI_IDS_FILE:=pci.ids.$(PCI_IDS_VER) +define Download/pci_ids + FILE:=$(PCI_IDS_FILE) + URL_FILE:=pci.ids + URL:=@GITHUB/vcrhonek/hwdata/v$(PCI_IDS_VER) + HASH:=6dba287b4aaafb9582d6139eda22ee6580651b8557828b9598d99078a5f4217e +endef +$(eval $(call Download,pci_ids)) + +define Build/Prepare + $(call Build/Prepare/Default) + $(RM) $(PKG_BUILD_DIR)/pci.ids + $(CP) $(DL_DIR)/$(PCI_IDS_FILE) $(PKG_BUILD_DIR)/pci.ids +endef + +TARGET_CFLAGS += $(FPIC) + +MAKE_FLAGS += \ + CFLAGS="$(TARGET_CFLAGS) $(TARGET_CPPFLAGS)" \ + PREFIX="/usr" \ + HOST="Linux" \ + HWDB="no" \ + ZLIB="no" \ + SHARED="yes" + +ifneq ($(CONFIG_USE_GLIBC),) +TARGET_LDFLAGS += -lresolv +endif + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libpci.so.3 \ + $(PKG_INSTALL_DIR)/usr/lib/libpci.so + $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(CP) $(PKG_BUILD_DIR)/lib/libpci.pc $(1)/usr/lib/pkgconfig + $(INSTALL_DIR) $(1)/usr/include/pci + $(CP) $(foreach i,pci.h config.h header.h types.h, \ + $(PKG_BUILD_DIR)/lib/$(i)) $(1)/usr/include/pci +endef + +define Package/pciutils/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{lspci,setpci,update-pciids} $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/usr/share + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/pci.ids $(1)/usr/share/ +endef + +define Package/libpci/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib/ +endef + + +$(eval $(call BuildPackage,libpci)) +$(eval $(call BuildPackage,pciutils)) diff --git a/package/utils/pciutils/patches/100-remove-no-timestamping.patch b/package/utils/pciutils/patches/100-remove-no-timestamping.patch new file mode 100644 index 0000000000..93bc85faf5 --- /dev/null +++ b/package/utils/pciutils/patches/100-remove-no-timestamping.patch @@ -0,0 +1,11 @@ +--- a/update-pciids.sh ++++ b/update-pciids.sh +@@ -33,7 +33,7 @@ if which curl >/dev/null 2>&1 ; then + DL="curl -o $DEST.new $SRC" + ${quiet} && DL="$DL -s -S" + elif which wget >/dev/null 2>&1 ; then +- DL="wget --no-timestamping -O $DEST.new $SRC" ++ DL="wget -O $DEST.new $SRC" + ${quiet} && DL="$DL -q" + elif which lynx >/dev/null 2>&1 ; then + DL="eval lynx -source $SRC >$DEST.new" diff --git a/package/utils/pciutils/patches/101-no-strip.patch b/package/utils/pciutils/patches/101-no-strip.patch new file mode 100644 index 0000000000..4c1891ac31 --- /dev/null +++ b/package/utils/pciutils/patches/101-no-strip.patch @@ -0,0 +1,11 @@ +--- a/Makefile ++++ b/Makefile +@@ -119,7 +119,7 @@ distclean: clean + install: all + # -c is ignored on Linux, but required on FreeBSD + $(DIRINSTALL) -m 755 $(DESTDIR)$(SBINDIR) $(DESTDIR)$(IDSDIR) $(DESTDIR)$(MANDIR)/man8 $(DESTDIR)$(MANDIR)/man7 +- $(INSTALL) -c -m 755 $(STRIP) lspci setpci $(DESTDIR)$(SBINDIR) ++ $(INSTALL) -c -m 755 lspci setpci $(DESTDIR)$(SBINDIR) + $(INSTALL) -c -m 755 update-pciids $(DESTDIR)$(SBINDIR) + $(INSTALL) -c -m 644 $(PCI_IDS) $(DESTDIR)$(IDSDIR) + $(INSTALL) -c -m 644 lspci.8 setpci.8 update-pciids.8 $(DESTDIR)$(MANDIR)/man8 diff --git a/package/utils/pciutils/patches/102-compressed-ids.patch b/package/utils/pciutils/patches/102-compressed-ids.patch new file mode 100644 index 0000000000..9b31938458 --- /dev/null +++ b/package/utils/pciutils/patches/102-compressed-ids.patch @@ -0,0 +1,31 @@ +--- a/update-pciids.sh ++++ b/update-pciids.sh +@@ -6,9 +6,8 @@ set -e + SRC="http://pci-ids.ucw.cz/v2.2/pci.ids" + DEST=pci.ids + PCI_COMPRESSED_IDS= +-GREP=grep + +-# if pci.ids is read-only (because the filesystem is read-only), ++# if pci.ids.gz is read-only (because the filesystem is read-only), + # then just skip this whole process. + if ! touch ${DEST} >/dev/null 2>&1 ; then + ${quiet} || echo "${DEST} is read-only, exiting." 1>&2 +@@ -18,7 +17,7 @@ fi + if [ "$PCI_COMPRESSED_IDS" = 1 ] ; then + DECOMP="cat" + SRC="$SRC.gz" +- GREP=zgrep ++ DEST="$DEST.gz" + elif which bzip2 >/dev/null 2>&1 ; then + DECOMP="bzip2 -d" + SRC="$SRC.bz2" +@@ -53,7 +52,7 @@ if ! $DECOMP <$DEST.new >$DEST.neww ; th + exit 1 + fi + +-if ! $GREP >/dev/null "^C " $DEST.neww ; then ++if ! zcat $DEST.neww | grep >/dev/null "^C " ; then + echo >&2 "update-pciids: missing class info, probably truncated file" + exit 1 + fi diff --git a/package/utils/pciutils/patches/103-relative-path-ids.patch b/package/utils/pciutils/patches/103-relative-path-ids.patch new file mode 100644 index 0000000000..c6d6906815 --- /dev/null +++ b/package/utils/pciutils/patches/103-relative-path-ids.patch @@ -0,0 +1,11 @@ +--- a/Makefile ++++ b/Makefile +@@ -88,7 +88,7 @@ lspci: LDLIBS+=$(LIBKMOD_LIBS) + ls-kernel.o: CFLAGS+=$(LIBKMOD_CFLAGS) + + update-pciids: update-pciids.sh +- sed <$< >$@ "s@^DEST=.*@DEST=$(IDSDIR)/$(PCI_IDS)@;s@^PCI_COMPRESSED_IDS=.*@PCI_COMPRESSED_IDS=$(PCI_COMPRESSED_IDS)@" ++ sed <$< >$@ "s@^PCI_COMPRESSED_IDS=.*@PCI_COMPRESSED_IDS=$(PCI_COMPRESSED_IDS)@" + chmod +x $@ + + # The example of use of libpci diff --git a/package/utils/pciutils/patches/104-resolv.patch b/package/utils/pciutils/patches/104-resolv.patch new file mode 100644 index 0000000000..0acfb81cb5 --- /dev/null +++ b/package/utils/pciutils/patches/104-resolv.patch @@ -0,0 +1,11 @@ +--- a/lib/configure ++++ b/lib/configure +@@ -52,7 +52,7 @@ echo >>$c "#define PCI_OS_`echo $sys | t + echo >$m 'WITH_LIBS=' + + echo_n "Looking for access methods..." +-LIBRESOLV=-lresolv ++LIBRESOLV= + LIBEXT=so + + case $sys in diff --git a/package/utils/pciutils/patches/105-fix-host.patch b/package/utils/pciutils/patches/105-fix-host.patch new file mode 100644 index 0000000000..14f7ded61e --- /dev/null +++ b/package/utils/pciutils/patches/105-fix-host.patch @@ -0,0 +1,11 @@ +--- a/lib/configure ++++ b/lib/configure +@@ -39,7 +39,7 @@ if [ -z "$HOST" ] ; then + fi + [ -n "$RELEASE" ] && rel="${RELEASE}" + # CAVEAT: tr on Solaris is a bit weird and the extra [] is otherwise harmless. +-host=`echo $HOST | sed -e 's/^\([^-]*\)-\([^-]*\)-\([^-]*\)-\([^-]*\)$/\1-\3/' -e 's/^\([^-]*\)-\([^-]*\)-\([^-]*\)$/\1-\2/' -e 's/^\([^-]*\)-\([^-]*\)$/\1--\2/' | tr '[A-Z]' '[a-z]'` ++host=`echo $HOST | sed -e 's/^\([^-]*\)-\([^-]*\)-\([^-]*\)-\([^-]*\)$/\1-\3/' -e 's/^\([^-]*\)-\([^-]*\)$/\1--\2/' | tr '[A-Z]' '[a-z]'` + cpu=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` + sys=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` + echo " $host $rel $cpu $sys" diff --git a/package/utils/stoken/Makefile b/package/utils/stoken/Makefile new file mode 100644 index 0000000000..d385363e77 --- /dev/null +++ b/package/utils/stoken/Makefile @@ -0,0 +1,75 @@ +# +# Copyright (C) 2014 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=stoken +PKG_VERSION:=0.92 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=@SF/stoken +PKG_HASH:=aa2b481b058e4caf068f7e747a2dcf5772bcbf278a4f89bc9efcbf82bcc9ef5a + +PKG_MAINTAINER:=Florian Fainelli +PKG_LICENSE:=LGPL-2.1 +PKG_INSTALL:=1 + +PKG_FIXUP:=autoreconf + +include $(INCLUDE_DIR)/package.mk + +define Package/stoken/Default + TITLE:=tokencode generator compatible with RSA SecurID 128-bit (AES) + URL:=https://sourceforge.net/p/stoken/wiki/Home/ + DEPENDS:= +libxml2 +libnettle +endef + +define Package/stoken + $(call Package/stoken/Default) + SECTION:=utils + CATEGORY:=Utilities + SUBMENU:=Encryption + DEPENDS:=+libstoken + MENU:=1 +endef + +define Package/stoken/description + stoken is a tokencode generator compatible with RSA SecurID 128-bit (AES). This package contains the cli +endef + +define Package/libstoken + $(call Package/stoken/Default) + SECTION:=libs + CATEGORY:=Libraries +endef + +TARGET_LDFLAGS += -lz + +CONFIGURE_ARGS += \ + --with-nettle + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib/pkgconfig + $(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libstoken*.{la,a,so*} $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/stoken.pc \ + $(1)/usr/lib/pkgconfig/ +endef + +define Package/stoken/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/stoken $(1)/usr/bin/ +endef + +define Package/libstoken/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libstoken*.so* $(1)/usr/lib +endef + +$(eval $(call BuildPackage,stoken)) +$(eval $(call BuildPackage,libstoken)) diff --git a/package/utils/xz/Makefile b/package/utils/xz/Makefile new file mode 100644 index 0000000000..3075b9d006 --- /dev/null +++ b/package/utils/xz/Makefile @@ -0,0 +1,123 @@ +# +# Copyright (C) 2013-2015 OpenWrt.org +# Copyright (C) 2017 Daniel Engberg +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=xz +PKG_VERSION:=5.2.4 +PKG_RELEASE:=4 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 +PKG_SOURCE_URL:=@SF/lzmautils +PKG_HASH:=3313fd2a95f43d88e44264e6b015e7d03053e681860b0d5d3f9baca79c57b7bf + +PKG_MAINTAINER:= +PKG_LICENSE:=Public-Domain LGPL-2.1+ GPL-2.0+ GPL-3.0+ +PKG_LICENSE_FILES:=COPYING +PKG_CPE_ID:=cpe:/a:tukaani:xz + +PKG_BUILD_PARALLEL:=1 +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/xz/Default + SUBMENU:=Compression + SECTION:=utils + CATEGORY:=Utilities + URL:=https://tukaani.org/xz +endef + +define Package/xz-utils +$(call Package/xz/Default) + TITLE:=XZ Utils (meta) + MENU:=1 +endef + +define Package/liblzma +$(call Package/xz/Default) + SECTION:=libs + CATEGORY:=Libraries + DEPENDS:=+libpthread + TITLE:=liblzma library from XZ Utils +endef + +# $(1): package name & command in /usr/bin/ +# $(2): package dependencies +# $(3): symbolic links to $(1) in /usr/bin/ +define BuildSubPackage + + define Package/$(1) + $(call Package/xz/Default) + DEPENDS:=xz-utils $(2) + TITLE:=$(1) utility from XZ Utils + endef + + define Package/$(1)/description + Contains: $(1) $(3) + endef + + define Package/$(1)/install + $(INSTALL_DIR) $$(1)/usr/bin + $(CP) $(foreach f,$(1) $(3),$(PKG_INSTALL_DIR)/usr/bin/$(f)) $$(1)/usr/bin/ + endef + + $$(eval $$(call BuildPackage,$(1))) +endef + +TARGET_LDFLAGS += -Wl,--gc-sections -flto + +CONFIGURE_ARGS += \ + --enable-small \ + --enable-assume-ram=4 \ + --disable-assembler \ + --disable-debug \ + --disable-doc \ + --disable-rpath \ + --disable-symbol-versions \ + --disable-werror \ + --with-pic + +CONFIGURE_VARS += \ + gl_cv_posix_shell=/bin/sh + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include + $(CP) \ + $(PKG_INSTALL_DIR)/usr/include/lzma{,.h} \ + $(1)/usr/include/ + $(INSTALL_DIR) $(1)/usr/lib + $(CP) \ + $(PKG_INSTALL_DIR)/usr/lib/liblzma.{a,so*} \ + $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(CP) \ + $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/liblzma.pc \ + $(1)/usr/lib/pkgconfig/ +endef + +define Package/xz-utils/install + true +endef + +define Package/liblzma/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/liblzma.so.* $(1)/usr/lib/ +endef + + +$(eval $(call BuildPackage,xz-utils)) +$(eval $(call BuildPackage,liblzma)) +$(eval $(call BuildSubPackage,lzmadec, +liblzma,)) +$(eval $(call BuildSubPackage,lzmainfo, +liblzma,)) +$(eval $(call BuildSubPackage,xz, +liblzma, lzcat lzma unlzma unxz xzcat)) +$(eval $(call BuildSubPackage,xzdec, +liblzma,)) +$(eval $(call BuildSubPackage,xzdiff, +xz, lzcmp lzdiff xzcmp)) +$(eval $(call BuildSubPackage,xzgrep, +xz, lzegrep lzfgrep lzgrep xzegrep xzfgrep)) +$(eval $(call BuildSubPackage,xzless, +xz, lzless)) +$(eval $(call BuildSubPackage,xzmore, +xz, lzmore)) diff --git a/package/utils/xz/patches/001-relative-pkg-config-paths.patch b/package/utils/xz/patches/001-relative-pkg-config-paths.patch new file mode 100644 index 0000000000..b89c13f75f --- /dev/null +++ b/package/utils/xz/patches/001-relative-pkg-config-paths.patch @@ -0,0 +1,13 @@ +--- a/src/liblzma/liblzma.pc.in ++++ b/src/liblzma/liblzma.pc.in +@@ -7,8 +7,8 @@ + + prefix=@prefix@ + exec_prefix=@exec_prefix@ +-libdir=@libdir@ +-includedir=@includedir@ ++libdir=${exec_prefix}/lib ++includedir=${prefix}/include + + Name: liblzma + Description: General purpose data compression library -- 2.25.1