diff --git a/doc/language_issues.de b/doc/language_issues.de index aae7ca565..5d079036a 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -889,6 +889,7 @@ WARNING: untranslated string: smb daemon = SMB Daemon WARNING: untranslated string: user management = User Management WARNING: untranslated string: winbind daemon = Winbind Daemon WARNING: untranslated string: wlan client encryption wpa3 = WPA3 +WARNING: untranslated string: wlan client management frame protection = Management Frame Protection WARNING: untranslated string: wlanap 802.11w disabled = Disabled WARNING: untranslated string: wlanap 802.11w enforced = Enforced WARNING: untranslated string: wlanap 802.11w optional = Optional diff --git a/doc/language_issues.en b/doc/language_issues.en index 434115902..6e30eb995 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -2132,6 +2132,7 @@ WARNING: untranslated string: wlan client group cipher = Group cipher WARNING: untranslated string: wlan client group key algorithm = GKA WARNING: untranslated string: wlan client identity = Identity WARNING: untranslated string: wlan client invalid key length = Invalid key length. +WARNING: untranslated string: wlan client management frame protection = Management Frame Protection WARNING: untranslated string: wlan client method = Method WARNING: untranslated string: wlan client new entry = Create new wireless client configuration WARNING: untranslated string: wlan client new network = New network diff --git a/doc/language_issues.es b/doc/language_issues.es index 2feec8924..82d65d99c 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -1509,6 +1509,7 @@ WARNING: untranslated string: wlan client group cipher = Group cipher WARNING: untranslated string: wlan client group key algorithm = GKA WARNING: untranslated string: wlan client identity = Identity WARNING: untranslated string: wlan client invalid key length = Invalid key length. +WARNING: untranslated string: wlan client management frame protection = Management Frame Protection WARNING: untranslated string: wlan client method = Method WARNING: untranslated string: wlan client new entry = Create new wireless client configuration WARNING: untranslated string: wlan client new network = New network diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 835352cf5..942be73ec 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -919,3 +919,4 @@ WARNING: untranslated string: routing config changed = unknown string WARNING: untranslated string: token = Token: WARNING: untranslated string: token not set = No Token has been given. WARNING: untranslated string: wlan client encryption wpa3 = WPA3 +WARNING: untranslated string: wlan client management frame protection = Management Frame Protection diff --git a/doc/language_issues.it b/doc/language_issues.it index 152ce4786..98074e59f 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -1197,6 +1197,7 @@ WARNING: untranslated string: wlan client eap state = EAP Status WARNING: untranslated string: wlan client encryption eap = EAP WARNING: untranslated string: wlan client encryption wpa3 = WPA3 WARNING: untranslated string: wlan client identity = Identity +WARNING: untranslated string: wlan client management frame protection = Management Frame Protection WARNING: untranslated string: wlan client method = Method WARNING: untranslated string: wlan client password = Password WARNING: untranslated string: wlan client tls cipher = TLS Cipher diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 683c08f44..8eebbd57f 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -1237,6 +1237,7 @@ WARNING: untranslated string: wlan client eap state = EAP Status WARNING: untranslated string: wlan client encryption eap = EAP WARNING: untranslated string: wlan client encryption wpa3 = WPA3 WARNING: untranslated string: wlan client identity = Identity +WARNING: untranslated string: wlan client management frame protection = Management Frame Protection WARNING: untranslated string: wlan client method = Method WARNING: untranslated string: wlan client password = Password WARNING: untranslated string: wlan client tls cipher = TLS Cipher diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 2feec8924..82d65d99c 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -1509,6 +1509,7 @@ WARNING: untranslated string: wlan client group cipher = Group cipher WARNING: untranslated string: wlan client group key algorithm = GKA WARNING: untranslated string: wlan client identity = Identity WARNING: untranslated string: wlan client invalid key length = Invalid key length. +WARNING: untranslated string: wlan client management frame protection = Management Frame Protection WARNING: untranslated string: wlan client method = Method WARNING: untranslated string: wlan client new entry = Create new wireless client configuration WARNING: untranslated string: wlan client new network = New network diff --git a/doc/language_issues.ru b/doc/language_issues.ru index cbd25d176..43c1f8c08 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -1502,6 +1502,7 @@ WARNING: untranslated string: wlan client group cipher = Group cipher WARNING: untranslated string: wlan client group key algorithm = GKA WARNING: untranslated string: wlan client identity = Identity WARNING: untranslated string: wlan client invalid key length = Invalid key length. +WARNING: untranslated string: wlan client management frame protection = Management Frame Protection WARNING: untranslated string: wlan client method = Method WARNING: untranslated string: wlan client new entry = Create new wireless client configuration WARNING: untranslated string: wlan client new network = New network diff --git a/doc/language_issues.tr b/doc/language_issues.tr index e4c25f931..439a58890 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -1067,6 +1067,7 @@ WARNING: untranslated string: vulnerable = Vulnerable WARNING: untranslated string: whois results from = WHOIS results from WARNING: untranslated string: winbind daemon = Winbind Daemon WARNING: untranslated string: wlan client encryption wpa3 = WPA3 +WARNING: untranslated string: wlan client management frame protection = Management Frame Protection WARNING: untranslated string: wlanap 802.11w disabled = Disabled WARNING: untranslated string: wlanap 802.11w enforced = Enforced WARNING: untranslated string: wlanap 802.11w optional = Optional diff --git a/doc/language_missings b/doc/language_missings index 1956eac48..0d89426ca 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -65,6 +65,7 @@ < wlanap 802.11w enforced < wlanap 802.11w optional < wlan client encryption wpa3 +< wlan client management frame protection ############################################################################ # Checking cgi-bin translations for language: es # ############################################################################ @@ -927,6 +928,7 @@ < wlan client group key algorithm < wlan client identity < wlan client invalid key length +< wlan client management frame protection < wlan client method < wlan client new entry < wlan client new network @@ -974,6 +976,7 @@ < token not set < upload fcdsl.o < wlan client encryption wpa3 +< wlan client management frame protection ############################################################################ # Checking cgi-bin translations for language: it # ############################################################################ @@ -1339,6 +1342,7 @@ < wlan client encryption eap < wlan client encryption wpa3 < wlan client identity +< wlan client management frame protection < wlan client method < wlan client password < wlan client tls cipher @@ -1777,6 +1781,7 @@ < wlan client encryption eap < wlan client encryption wpa3 < wlan client identity +< wlan client management frame protection < wlan client method < wlan client password < wlan client tls cipher @@ -2643,6 +2648,7 @@ < wlan client group key algorithm < wlan client identity < wlan client invalid key length +< wlan client management frame protection < wlan client method < wlan client new entry < wlan client new network @@ -3529,6 +3535,7 @@ < wlan client group key algorithm < wlan client identity < wlan client invalid key length +< wlan client management frame protection < wlan client method < wlan client new entry < wlan client new network @@ -3738,6 +3745,7 @@ < wlanap neighbor scan warning < wlanap ssid < wlan client encryption wpa3 +< wlan client management frame protection < working < zoneconf access native < zoneconf access none diff --git a/html/cgi-bin/dhcp.cgi b/html/cgi-bin/dhcp.cgi index 2ebdde818..867614f2a 100644 --- a/html/cgi-bin/dhcp.cgi +++ b/html/cgi-bin/dhcp.cgi @@ -180,12 +180,12 @@ if ($dhcpsettings{'ACTION'} eq $Lang::tr{'save'}) { if (($dhcpsettings{"START_ADDR_${itf}"}) eq '' && ($dhcpsettings{"END_ADDR_${itf}"}) eq '') { $errormessage = "DHCP on ${itf}: " . $Lang::tr{'dhcp valid range required when deny known clients checked'}; goto ERROR; + } } if (!($dhcpsettings{"DEFAULT_LEASE_TIME_${itf}"} =~ /^\d+$/)) { $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid default lease time'} . $dhcpsettings{'DEFAULT_LEASE_TIME_${itf}'}; goto ERROR; - } } if (!($dhcpsettings{"MAX_LEASE_TIME_${itf}"} =~ /^\d+$/)) { diff --git a/html/cgi-bin/wirelessclient.cgi b/html/cgi-bin/wirelessclient.cgi index b1679c128..63218a021 100644 --- a/html/cgi-bin/wirelessclient.cgi +++ b/html/cgi-bin/wirelessclient.cgi @@ -324,6 +324,8 @@ END $encryption_mode = $Lang::tr{'wlan client encryption wpa'}; } elsif ($config[3] eq "WPA2") { $encryption_mode = $Lang::tr{'wlan client encryption wpa2'}; + } elsif ($config[3] eq "WPA3") { + $encryption_mode = $Lang::tr{'wlan client encryption wpa3'}; } elsif ($config[3] eq "EAP") { $encryption_mode = $Lang::tr{'wlan client encryption eap'}; } @@ -682,6 +684,19 @@ sub ShowStatus() { END + if ($status{'pmf'} eq "1") { + print < + + $Lang::tr{'wlan client management frame protection'} + + + $Lang::tr{'active'} + + +END + } + if ($status{'EAP state'}) { my $selected_method = $status{'selectedMethod'}; $selected_method =~ s/\d+ \((.*)\)/$1/e; @@ -736,12 +751,25 @@ END } if (($status{'pairwise_cipher'} ne "NONE") || ($status{'group_cipher'} ne "NONE")) { - print < + + $Lang::tr{'wlan client encryption wpa3'} + + +END + } else { + print < $Lang::tr{'wlan client encryption wpa'} +END + } + + print < $Lang::tr{'wlan client pairwise cipher'} diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 22e8a4cc6..95a1cfda4 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -2956,6 +2956,7 @@ 'wlan client group key algorithm' => 'GKA', 'wlan client identity' => 'Identity', 'wlan client invalid key length' => 'Invalid key length.', +'wlan client management frame protection' => 'Management Frame Protection', 'wlan client method' => 'Method', 'wlan client new entry' => 'Create new wireless client configuration', 'wlan client new network' => 'New network', diff --git a/lfs/dhcpcd b/lfs/dhcpcd index 4e34e19d5..3bd33dc56 100644 --- a/lfs/dhcpcd +++ b/lfs/dhcpcd @@ -24,7 +24,7 @@ include Config -VER = 9.3.4 +VER = 9.1.4 THISAPP = dhcpcd-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = badb02dfc69fe9bbeec35a02efcdb4db +$(DL_FILE)_MD5 = dd77711cf3232002bb075f5210269f88 install : $(TARGET) @@ -70,9 +70,6 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) - - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketcall.patch - cd $(DIR_APP) && ./configure --prefix="" --sysconfdir=/var/ipfire/dhcpc \ --dbdir=/var/ipfire/dhcpc \ --libexecdir=/var/ipfire/dhcpc \ diff --git a/src/initscripts/system/wlanclient b/src/initscripts/system/wlanclient index 4b3938b46..338a743ab 100644 --- a/src/initscripts/system/wlanclient +++ b/src/initscripts/system/wlanclient @@ -275,9 +275,7 @@ function wpa_supplicant_start() { # Build wpa_supplicant command line. local wpa_suppl_cmd="wpa_supplicant -B -qqq -i${device} -c${config}" - if device_is_wireless ${device}; then - wpa_suppl_cmd="${wpa_suppl_cmd} -Dwext" - else + if ! device_is_wireless ${device}; then wpa_suppl_cmd="${wpa_suppl_cmd} -Dwired" fi diff --git a/src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketcall.patch b/src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketcall.patch deleted file mode 100644 index 9efcde219..000000000 --- a/src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketcall.patch +++ /dev/null @@ -1,36 +0,0 @@ -diff --git a/src/privsep-linux.c b/src/privsep-linux.c -index 050a30cf..d31d720d 100644 ---- a/src/privsep-linux.c -+++ b/src/privsep-linux.c -@@ -32,6 +32,7 @@ - - #include - #include -+#include - #include - #include - -@@ -304,6 +305,23 @@ static struct sock_filter ps_seccomp_filter[] = { - #ifdef __NR_sendto - SECCOMP_ALLOW(__NR_sendto), - #endif -+#ifdef __NR_socketcall -+ /* i386 needs this and demonstrates why SECCOMP -+ * is poor compared to OpenBSD pledge(2) and FreeBSD capsicum(4) -+ * as this is soooo tied to the kernel API which changes per arch -+ * and likely libc as well. */ -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_ACCEPT), -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_ACCEPT4), -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_LISTEN), -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_GETSOCKOPT), /* overflow */ -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECV), -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECVFROM), -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECVMSG), -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SEND), -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SENDMSG), -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SENDTO), -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SHUTDOWN), -+#endif - #ifdef __NR_shutdown - SECCOMP_ALLOW(__NR_shutdown), - #endif