From 5eef46912087ede8cbc52e4b3e7ee506885fe734 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Mon, 6 Jan 2025 17:28:54 +0100 Subject: [PATCH 1/5] Fix Shadowsocks-libev compilation with mbedtls3 --- .../patches/900-fix-build-with-mbedtls3.patch | 196 ++++++++++++++++++ 1 file changed, 196 insertions(+) create mode 100644 shadowsocks-libev/patches/900-fix-build-with-mbedtls3.patch diff --git a/shadowsocks-libev/patches/900-fix-build-with-mbedtls3.patch b/shadowsocks-libev/patches/900-fix-build-with-mbedtls3.patch new file mode 100644 index 000000000..70cc32cbf --- /dev/null +++ b/shadowsocks-libev/patches/900-fix-build-with-mbedtls3.patch @@ -0,0 +1,196 @@ +From 228f8226c41a8fbd5ce48c2e201de41d59fec674 Mon Sep 17 00:00:00 2001 +From: Lu jicong +Date: Wed, 10 Jul 2024 21:29:07 +0800 +Subject: [PATCH] Fix build with mbedtls3.6 + +--- + m4/mbedtls.m4 | 20 ++++++++++++++++++++ + src/aead.c | 27 +++++++++++++++++++++++++++ + src/crypto.c | 2 +- + src/stream.c | 25 +++++++++++++++++++++++++ + 4 files changed, 73 insertions(+), 1 deletion(-) + +diff --git a/m4/mbedtls.m4 b/m4/mbedtls.m4 +index 2c478b960..a795790ca 100644 +--- a/m4/mbedtls.m4 ++++ b/m4/mbedtls.m4 +@@ -31,7 +31,12 @@ AC_DEFUN([ss_MBEDTLS], + AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM( + [[ ++#include ++#if MBEDTLS_VERSION_NUMBER >= 0x03000000 ++#include ++#else + #include ++#endif + ]], + [[ + #ifndef MBEDTLS_CIPHER_MODE_CFB +@@ -48,7 +53,12 @@ AC_DEFUN([ss_MBEDTLS], + AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM( + [[ ++#include ++#if MBEDTLS_VERSION_NUMBER >= 0x03000000 ++#include ++#else + #include ++#endif + ]], + [[ + #ifndef MBEDTLS_ARC4_C +@@ -64,7 +74,12 @@ AC_DEFUN([ss_MBEDTLS], + AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM( + [[ ++#include ++#if MBEDTLS_VERSION_NUMBER >= 0x03000000 ++#include ++#else + #include ++#endif + ]], + [[ + #ifndef MBEDTLS_BLOWFISH_C +@@ -80,7 +95,12 @@ AC_DEFUN([ss_MBEDTLS], + AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM( + [[ ++#include ++#if MBEDTLS_VERSION_NUMBER >= 0x03000000 ++#include ++#else + #include ++#endif + ]], + [[ + #ifndef MBEDTLS_CAMELLIA_C +diff --git a/src/aead.c b/src/aead.c +index 358ec9381..3388a5465 100644 +--- a/src/aead.c ++++ b/src/aead.c +@@ -178,9 +178,14 @@ aead_cipher_encrypt(cipher_ctx_t *cipher_ctx, + case AES192GCM: + case AES128GCM: + ++#if MBEDTLS_VERSION_NUMBER < 0x03000000 + err = mbedtls_cipher_auth_encrypt(cipher_ctx->evp, n, nlen, ad, adlen, + m, mlen, c, clen, c + mlen, tlen); + *clen += tlen; ++#else ++ err = mbedtls_cipher_auth_encrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen, ++ m, mlen, c, mlen + tlen, clen, tlen); ++#endif + break; + case CHACHA20POLY1305IETF: + err = crypto_aead_chacha20poly1305_ietf_encrypt(c, &long_clen, m, mlen, +@@ -226,8 +231,13 @@ aead_cipher_decrypt(cipher_ctx_t *cipher_ctx, + // Otherwise, just use the mbedTLS one with crappy AES-NI. + case AES192GCM: + case AES128GCM: ++#if MBEDTLS_VERSION_NUMBER < 0x03000000 + err = mbedtls_cipher_auth_decrypt(cipher_ctx->evp, n, nlen, ad, adlen, + m, mlen - tlen, p, plen, m + mlen - tlen, tlen); ++#else ++ err = mbedtls_cipher_auth_decrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen, ++ m, mlen, p, mlen - tlen, plen, tlen); ++#endif + break; + case CHACHA20POLY1305IETF: + err = crypto_aead_chacha20poly1305_ietf_decrypt(p, &long_plen, NULL, m, mlen, +@@ -724,9 +734,26 @@ aead_key_init(int method, const char *pass, const char *key) + if (method >= CHACHA20POLY1305IETF) { + cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t)); + cipher->info = cipher_info; ++#if MBEDTLS_VERSION_NUMBER < 0x03000000 + cipher->info->base = NULL; + cipher->info->key_bitlen = supported_aead_ciphers_key_size[method] * 8; + cipher->info->iv_size = supported_aead_ciphers_nonce_size[method]; ++#else ++ cipher->info->private_base_idx = 0; ++ ++#ifdef MBEDTLS_KEY_BITLEN_SHIFT ++ cipher->info->private_key_bitlen = supported_aead_ciphers_key_size[method] * 8 >> MBEDTLS_KEY_BITLEN_SHIFT; ++#else ++ cipher->info->private_key_bitlen = supported_aead_ciphers_key_size[method] * 8; ++#endif ++ ++#ifdef MBEDTLS_IV_SIZE_SHIFT ++ cipher->info->private_iv_size = supported_aead_ciphers_nonce_size[method] >> MBEDTLS_IV_SIZE_SHIFT; ++#else ++ cipher->info->private_iv_size = supported_aead_ciphers_nonce_size[method]; ++#endif ++ ++#endif + } else { + cipher->info = (cipher_kt_t *)aead_get_cipher_type(method); + } +diff --git a/src/crypto.c b/src/crypto.c +index b44d8674c..76c426b53 100644 +--- a/src/crypto.c ++++ b/src/crypto.c +@@ -103,7 +103,7 @@ crypto_md5(const unsigned char *d, size_t n, unsigned char *md) + if (md == NULL) { + md = m; + } +-#if MBEDTLS_VERSION_NUMBER >= 0x02070000 ++#if MBEDTLS_VERSION_NUMBER < 0x03000000 && MBEDTLS_VERSION_NUMBER >= 0x02070000 + if (mbedtls_md5_ret(d, n, md) != 0) + FATAL("Failed to calculate MD5"); + #else +diff --git a/src/stream.c b/src/stream.c +index 35d9050b3..4bb95981b 100644 +--- a/src/stream.c ++++ b/src/stream.c +@@ -174,7 +174,11 @@ cipher_nonce_size(const cipher_t *cipher) + if (cipher == NULL) { + return 0; + } ++#if MBEDTLS_VERSION_NUMBER < 0x03000000 + return cipher->info->iv_size; ++#else ++ return (int)mbedtls_cipher_info_get_iv_size(cipher->info); ++#endif + } + + int +@@ -192,7 +196,11 @@ cipher_key_size(const cipher_t *cipher) + return 0; + } + /* From Version 1.2.7 released 2013-04-13 Default Blowfish keysize is now 128-bits */ ++#if MBEDTLS_VERSION_NUMBER < 0x03000000 + return cipher->info->key_bitlen / 8; ++#else ++ return (int)mbedtls_cipher_info_get_key_bitlen(cipher->info) / 8; ++#endif + } + + const cipher_kt_t * +@@ -645,9 +653,26 @@ stream_key_init(int method, const char *pass, const char *key) + if (method == SALSA20 || method == CHACHA20 || method == CHACHA20IETF) { + cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t)); + cipher->info = cipher_info; ++#if MBEDTLS_VERSION_NUMBER < 0x03000000 + cipher->info->base = NULL; + cipher->info->key_bitlen = supported_stream_ciphers_key_size[method] * 8; + cipher->info->iv_size = supported_stream_ciphers_nonce_size[method]; ++#else ++ cipher->info->private_base_idx = 0; ++ ++#ifdef MBEDTLS_KEY_BITLEN_SHIFT ++ cipher->info->private_key_bitlen = supported_stream_ciphers_key_size[method] * 8 >> MBEDTLS_KEY_BITLEN_SHIFT; ++#else ++ cipher->info->private_key_bitlen = supported_stream_ciphers_key_size[method] * 8; ++#endif ++ ++#ifdef MBEDTLS_IV_SIZE_SHIFT ++ cipher->info->private_iv_size = supported_stream_ciphers_nonce_size[method] >> MBEDTLS_IV_SIZE_SHIFT; ++#else ++ cipher->info->private_iv_size = supported_stream_ciphers_nonce_size[method]; ++#endif ++ ++#endif + } else { + cipher->info = (cipher_kt_t *)stream_get_cipher_type(method); + } From 45bff4d322295b453d5a3f629054ddd4971670d0 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Mon, 6 Jan 2025 17:29:24 +0100 Subject: [PATCH 2/5] Remove openclash shortcut in luci-theme-design --- luci-theme-design/luasrc/view/themes/design/header.htm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/luci-theme-design/luasrc/view/themes/design/header.htm b/luci-theme-design/luasrc/view/themes/design/header.htm index d633adc52..85734061b 100644 --- a/luci-theme-design/luasrc/view/themes/design/header.htm +++ b/luci-theme-design/luasrc/view/themes/design/header.htm @@ -86,7 +86,7 @@
- + From 4e53b25d0b17430746af130d25750220c612a048 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Mon, 6 Jan 2025 17:30:04 +0100 Subject: [PATCH 3/5] Disable master selection option in OpenMPTCProuter interface --- .../luasrc/view/openmptcprouter/settings.htm | 2 ++ 1 file changed, 2 insertions(+) diff --git a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm index 47fdb814b..8f69bdb8c 100644 --- a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm +++ b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/settings.htm @@ -414,6 +414,7 @@
+ <% if nixio.fs.access("/lib/modules/" .. nixio.uname().release .. "/shortcut-fe.ko") then From 4d12d6cb4604f53714686b8f0214255a96933849 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Mon, 6 Jan 2025 17:30:36 +0100 Subject: [PATCH 4/5] Add default settings for z8102ax 5G modems --- .../files/etc/uci-defaults/1920-omr-network | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/openmptcprouter/files/etc/uci-defaults/1920-omr-network b/openmptcprouter/files/etc/uci-defaults/1920-omr-network index 96b3943ef..4d84d33a7 100755 --- a/openmptcprouter/files/etc/uci-defaults/1920-omr-network +++ b/openmptcprouter/files/etc/uci-defaults/1920-omr-network @@ -487,6 +487,20 @@ if [ "$board" = "z8102ax-128m" ] || [ "$board" = "z8102ax-64m" ] || [ "$board" = set network.modem2.delegate='0' set network.modem2.multipath='on' set network.modem2.defaultroute='0' + EOF + if [ -e /sys/devices/platform/soc/11200000.usb/usb1/1-1/1-1.1 ]; then + uci -q batch <<-EOF + set network.modem1.device='/sys/devices/platform/soc/11200000.usb/usb1/1-1/1-1.1' + set network.modem2.device='/sys/devices/platform/soc/11200000.usb/usb1/1-1/1-1.2' + EOF + elif [ -e /sys/devices/platform/soc/11200000.usb/usb2/2-1/2-1.1 ]; then + uci -q batch <<-EOF + set network.modem1.device='/sys/devices/platform/soc/11200000.usb/usb2/2-1/2-1.1' + set network.modem2.device='/sys/devices/platform/soc/11200000.usb/usb2/2-1/2-1.2' + EOF + fi + + uci -q batch <<-EOF commit network add_list firewall.@zone[1].network='modem1' add_list firewall.@zone[1].network='modem2' From b5ff7741663188397c3d925b083254cc570ca417 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Mon, 6 Jan 2025 18:21:59 +0100 Subject: [PATCH 5/5] Try to fix OMR-Tracker for PPPoE --- omr-tracker/files/bin/omr-tracker | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/omr-tracker/files/bin/omr-tracker b/omr-tracker/files/bin/omr-tracker index 26e3344f4..534ea2fee 100755 --- a/omr-tracker/files/bin/omr-tracker +++ b/omr-tracker/files/bin/omr-tracker @@ -298,8 +298,8 @@ while true; do OMR_TRACKER_DEVICE_GATEWAY6= serverip_ping=false [ -z "$OMR_TRACKER_DEVICE" ] || [ -d "/sys/class/net/$OMR_TRACKER_DEVICE" ] && { - network_get_physdev OMR_TRACKER_DEVICE "$OMR_TRACKER_INTERFACE" - [ -z "$OMR_TRACKER_DEVICE" ] && network_get_device OMR_TRACKER_DEVICE "$OMR_TRACKER_INTERFACE" + #network_get_physdev OMR_TRACKER_DEVICE "$OMR_TRACKER_INTERFACE" + #[ -z "$OMR_TRACKER_DEVICE" ] && network_get_device OMR_TRACKER_DEVICE "$OMR_TRACKER_INTERFACE" [ -z "$OMR_TRACKER_DEVICE" ] && OMR_TRACKER_DEVICE=$(ifstatus "$OMR_TRACKER_INTERFACE" | jsonfilter -q -e '@["l3_device"]') [ -z "$OMR_TRACKER_DEVICE" ] && OMR_TRACKER_DEVICE=$(ifstatus "${OMR_TRACKER_INTERFACE}_4" | jsonfilter -q -e '@["l3_device"]') #[ -z "$OMR_TRACKER_DEVICE" ] && config_get OMR_TRACKER_DEVICE "$OMR_TRACKER_INTERFACE" device