Filip Hron authored Jan 20, 2023 and Martin Matějek committed Feb 02, 2023

There was discrepancy in names of network bridges between multiple
modules of foris-controller.

Which could lead to following error:

SQM: ERROR: br-guest_turris does currently not exist, not even trying to start SQM on nothing.

Use the correct name (from Turris OS 6.0+) for guest network bridge,
which will in turn allow starting QoS for guest network again.

Rename bridge `br-guest_turris` -> `br-guest-turris`

Closes: #255



Co-authored-by: Martin Matějek <martin.matejek@nic.cz>

Move helper functions into shared 'helpers' module and reuse these
functions across different tests.

Closes: #243

Added
- Add new backend "ubus" for querying `/bin/ubus`.
- tests: Allow ubus-cli mock to load json data for tests.

Changed
- lan+wan: refactor querying ubus from lan & wan backends.
- networks: Change severity of log message during detection of network bridges
  from "warning" to "debug". It will no longer spam system log during normal operation
  of foris-controller with message
  "WARNING:foris_controller_backends.networks:No anonymous section 'br-<bridge_name>' found among network devices.".
- lan: Make fetching dhcpv6 leases more resilient to unexpected values.

Make function `get_ipv6_client_list()` internal static method.

Also update docstring and type annotation.

'-1' or other negative numbers points to some kind of error with lease
time (see odhcpd source code).

Fallback to 0 in case of negative lease time.

Closes: #254

Prevent crash of foris-controller in case when `br-lan` is not managed
by `odhcpd`, for instance when `br-lan` is missing or IPv6 is
explicitly disabled for `br-lan`.

Return empty list (no DHCPv6 leases) instead.

Closes: #253

We rely on `odhcpd` through ubus call to get DHCPv6 leases data.

However depending on network configuration - both topology and IPv6
setup - there might some unexpected keys in JSON data provided by
`odhcpd`. Which could in turn cause function `get_ipv6_client_list()` to fail.

Currently for the sake of reForis LAN page, we are interested only in
devices in network (`ipv6-addr`) and we don't care about assigned IPv6
prefixes (`ipv6-prefix`) for downstream routers.

For instance:

$ ubus call dhcp ipv6leases
{
  "device": {
    "br-guest-turris": {
      "leases": [

      ]
    },
    "br-lan": {
      "leases": [
        {
          "duid": "<DUID redacted>",
          "iaid": 1,
          "hostname": "downstream-router",
          "accept-reconf": true,
          "assigned": 17,
          "flags": [
            "bound",
            "static"
          ],
          "ipv6-addr": [
            {
              "address": "2001:xxxx:xxxx::11",
              "preferred-lifetime": 42,
              "valid-lifetime": 42
            },
            {
              "address": "fd60:xxxx:xxxx::11",
              "preferred-lifetime": 42,
              "valid-lifetime": 42
            }
          ],
          "valid": 42
        },
        {
          "duid": "<DUID redacted>",
          "iaid": 1,
          "hostname": "downstream-router",
          "accept-reconf": true,
          "assigned": 4,
          "flags": [
            "bound",
            "static"
          ],
          "ipv6-prefix": [ <-- ignore this part
            {
              "address": "2001:xxxx:xxxx:4::",
              "preferred-lifetime": 42,
              "valid-lifetime": 42,
              "prefix-length": 62
            },
            {
              "address": "fd60:xxxx:xxxx:4::",
              "preferred-lifetime": 42,
              "valid-lifetime": 42,
              "prefix-length": 62
            }
          ],
          "valid": 42
        }
      ]
    }
  }
}

Closes: #259

Add ability to load mocked data for various ubus objects dynamically.
This will help with testing different situations that static mock data
cannot cover.

For instance: different wireless devices setup, various DHCPv6 leases
replies and so on.

Change log message severity for detection of network bridges and its
ports.

This particular log message covers few edge cases in network bridges
configuration.

It doesn't really signal anything seriously wrong with configuration and
rather spam system log with confusing message, while the configuration
is fine and network is working as intended.

Refactor current code for calling ubus binary to single place and reuse
it elsewhere.

Closes: #210

Added
- wifi: Allow disabling Management Frame Protection (IEEE 802.11w) for WPA3
  encryption modes (WPA2/3 and WPA3). It might help when wifi clients are
  having trouble connecting to the wifi Access Point.
- wan: Allow setting VLAN ID for WAN interface
- networks: Add optional VLAN ID of interface to the json schema

Changed
- setup: bump turrishw version to 0.10.0
- wan: Reuse shared 'vlan_id' definition in the json schema

Turrishw could provide additional information about VLAN ID of the
interface, in case interface has VLAN ID assigned.

Adjust the json schema accordingly.

Closes: #105

Fix unnecessary strict json schema constraints for `get_settings`, which
permitted WPA2 encryption mode to be used only in conjunction with 2.4 GHz
High Throughput modes.

Rename attribute in json schema "vlan" -> "vlan_settings" to be
consistent with other "settings*" objects.

For example: wan_settings, mac_settings and so on.

Add option to disable 802.11w with WPA3 for radio, in case wifi clients
fails to connect to wifi Acess Point.

Various Android, iOS and few other devices are prone to this.

Allow setting/unsetting option 'ieee802.11w 0' - just explicit disable.

Closes: #239

Allow setting or clearing the VLAN ID for WAN interface.

Closes: #250

Changed
- wan: store wan interface L2 options in separate device section
- lan: use ubus call instead of parsing odhcpd files to get DHCPv6 leases

Since OpenWrt 21.02, L2 interface options should be stored in
interface's `device` section instead of `interface` section.

OpenWrt 19.07

```
config interface 'wan'
    option iface 'eth0'
    option macaddr '11:22:33:44:55:66'
```

OpenWrt 21.02

```
config interface 'wan'
    option device 'eth0'

config device
    option name 'eth0'
    option macaddr '11:22:33:44:55:66'
```

Closes: #242

Make the mock slightly more modular in terms of defining and querying
different ubus modules mocks.

Filip Hron authored Jul 27, 2021 and Martin Matějek committed Aug 26, 2022

Use ubus object provided by OpenWrt to get dhcpv6 leases, instead of
parsing `odhcpd` files directly.

Use following ubus call:

`ubus call dhcp ipv6leases`

It should give us nicely structured JSON data, which is easier to work
with.

Needed for testing updater supervisor type annotations.

Changed in updater supervisor made validation of API call `updater->get_settings`
fail on `reboot` attribute in JSON reply.

Which in turn makes updates page in reForis unusable, because error is shown
instead of update summary. That way it is not possible to approve update request.

For relevant changes in updater-supervisor see:
turris/updater/supervisor@aecdf2c4

Closes: #241

Update turrishw dependency to v0.9.0, so we can tell which ethernet port
belongs to which Mox module again on TOS 6.0.

Ability for managing network interfaces was intentionally disabled for
Turris 1.x devices, until support for Turris 1.x will be implemented in
turrishw.

Unfortunately, even though turrishw supports Turris 1.x devices for
quite some time, update of interfaces assignment was still disabled in
foris-controller.

This commit removes that artificial limitation and it is now possible to
assign interfaces to WAN, LAN and Guest network even on Turris 1.x.

Closes: #236

Reuse existing sorting function to avoid code duplication.

Interfaces were returned in order defined in uci config, e.g.:

config device
	option name 'br-lan'
	list ports 'lan3'
	list ports 'lan0'
	list ports 'lan4'
	list ports 'lan2'
	list ports 'lan1'

Would return interfaces in order ['lan3', 'lan0', 'lan4', 'lan2', 'lan1']
instead of expected ['lan0', 'lan1', 'lan2', 'lan3', 'lan4'].

It is possible to get to this state by moving interfaces between
interfaces groups (wan, lan, guest), because newly added interface will
be appended to the list in uci config file.

This commit will sort interfaces again by their names, before finalizing
the json data.

Closes: #238

Remove leftover comment, because that test is already implemented.

Allow these operations on DHCPv4 static leases:
* create
* update
* delete

MAC/IP/Hostname collisions are not allowed and it should not be possible
to set such configuration through foris-controller.

It should be able to handle configuration edge cases with multiple MAC
addresses per IP address for DHCP host.

It can read such config, but it won't allow to store multiple MACs per
IP address for DHCP host.

Refactor schema to make message data for `update_settings` request and
reply mandatory.

Add support for new High-Efficiency Wireless (HEW) modes in 802.11ax.

Allow new htmodes:
* HE20
* HE40
* HE80
* HE160

HE80+80 is intentionally left out and will be addressed later.

Closes: #219