MaxSoniX has quit [Remote host closed the connection]
MaxSoniX has joined #openwrt-devel
valku has quit [Quit: valku]
<hgl>
I wonder if it's possible to convert "ip route add local default dev lo table 10" to uci's network route? I couldn't figure out how to translate "default dev lo
<philipp64>
hgl: mgf1 is required for PKCS1.5 padding as I remember.
<hgl>
philipp64: i asked ecdsa in the strongswan chanel, and he replied: It's basically only needed for RSA-PSS with the gmp plugin and for the deprecated bliss and ntru plugins, so if none of these are enabled, it's not needed
<hgl>
do you think it would be a bad idea to not unconditionally enable it?
<philipp64>
RSA-PSS is needed for any sort of X.509 certificates using RSA.
<philipp64>
if you want to test a PR that makes it conditional and doesn't break anything, go for it.
<hgl>
philipp64: cool, I actually tested it. I used an ecdsa certificate, and it works without issue without mgf1. According to ecdsa, it's conditioned under (gmp || bliss || ntru) anyway
<philipp64>
not sure if the "proto static" is necessary or not. might not be.
cbeznea has joined #openwrt-devel
<hgl>
philipp64: thanks a lot, I was asking because I tried that config, but `ip route list table 10` showed empty result. If I manually run `ip route add local default dev lo table 11`, `ip route list table 11` shows correct route, so I presume that config is at least missing something. (i just tried it, adding "proto static" didn't seem to help)
<dwfreed>
that's because interface is a UCI interface, not a Linux interface
<dwfreed>
so interface should be 'loopback' not 'lo'
<hgl>
dwfreed: oh, that's right. that works! thank you!
<hgl>
Ansuel: I want to continue the work on the nginx PR, but I figure it's probably a bad idea to work on the old version. How about we first nail down the new version?
<hgl>
and since it also gives a big fat warning that its own version of nginx should be used, I'm pretty inclined to drop lua support in our package, thoughts?
danitool has quit [Remote host closed the connection]
johnf|znc has quit [Quit: ZNC 1.7.5+deb4 - https://znc.in]
johnf has joined #openwrt-devel
<Piraty>
in deseperate need to provide a $good_enough timestamp upon boot of an otherwise not rtc'ed system so it can resume to do $the_thing as well as possible, would scraping the timestamp from wpa beacon frames make sense?
<Piraty>
is anyone aware of an implementation that does this? or could hint me some code that's bisecting the frames?
<minimal>
Piraty: do a HTTP request to somewhere and get time from "Date:" header in response?
<Piraty>
no
<Piraty>
internet connectivity cannot be assumed
<Piraty>
at this stage
<dwfreed>
openwrt already uses the last modified timestamp of the newest file in /etc for this purpose
<f00b4r0>
which can be months ago :)
<Piraty>
the question is not openwrt specific , but this is a nice hint
<dwfreed>
then why are you asking in *#openwrt-devel*
<Piraty>
f00b4r0: except if you touch a timestamp file every x seconds ;)
<f00b4r0>
Piraty: if you want to kill your underlying storage, that's a nice idea indeed
<Piraty>
i ask in #openwrt-devel 'cause i assume wpa expterts lurking here
<Piraty>
technically the issue may affect openwrt.
<Piraty>
the issue is that if a wireguard connection was active before $device reboots (and thus loses system time), the other peer may reject wireguard packets afterwards as they are timestamped with old timestamp
<Piraty>
this eventually resolves by wireguard internal timeout, but it is not configurable from userspace
<f00b4r0>
i'm sorry I don't follow, a wireguard connection requires internet access. If you have that, you have time.
<Piraty>
also, requirement may be "no traffic outside of wg" ;)
<dwfreed>
the "timestamp" in 802.11 beacon frames is not based on any real time
<f00b4r0>
^
<Piraty>
i wasn't aware
<dwfreed>
the usual implementation is time since the AP started
<Piraty>
ok , scratching that
<f00b4r0>
seems you need a proper RTC
<Piraty>
yea
<Piraty>
or an antenna to decode cosmic rays since big bang
<f00b4r0>
a gps receiver would be cheaper
danitool has joined #openwrt-devel
rmilecki has joined #openwrt-devel
<Piraty>
consulting chatpdf.com, after feeding some wpa docs into it, seems to confirm. it says though, "The IEEE 802.11 standard specifies that the timestamp field in management frames should represent the number of microseconds that have elapsed since midnight on January 1, 2000, in the UTC time zone. However, it's possible for implementations to deviate from this standard and use other methods for generating timestamps. <...>"
zkrx has quit []
_zer0def has joined #openwrt-devel
zkrx has joined #openwrt-devel
zer0def has quit [Ping timeout: 480 seconds]
_zer0def has quit [Quit: _zer0def]
zer0def has joined #openwrt-devel
fakuivan_ has quit [Remote host closed the connection]
fakuivan has joined #openwrt-devel
BWhitten has joined #openwrt-devel
<mrnuke>
hurricos: sg2008p uses a TI chip, not broadcom commpatible (I have one such tplink)
<hurricos>
Ah! Now I remember. I had the v1 on hand and didn't know it was the v1 until I looked. Sold it. Let see see if the v1 is available
<hurricos>
Too pricy for me, unfortunately, except for one unit with a potentially bad PSU for $130.
<mrnuke>
I wasn't able to confirm that Netgear GS728TPv2 uses an I2C conenction with broadcom protocol. So even if we got our hands on one (no openwrt support), It might not be th right one
cbeznea has quit [Quit: Leaving.]
cbeznea has joined #openwrt-devel
zarzarzar_ has joined #openwrt-devel
zarzarzar has quit [Read error: Connection reset by peer]