From 1ac11e69007ad4522ca04dc857602a0fd2ad87a9 Mon Sep 17 00:00:00 2001 From: rirfha948 Date: Fri, 5 Sep 2025 11:58:46 +0000 Subject: [PATCH 01/63] RDKB-6079800: IPv6 Support for WiFi Hotspot Reason for change: Added appropriate Firewall changes Test Procedure: - TBD Risks: None Priority: P3 Change-Id: I21e345f281f9db6a3f28ac9f22c9103d1f22f93c Signed-off-by: rirfha948 --- source/firewall/firewall.c | 31 +++++++++++++++++++++++ source/firewall/firewall.h | 2 ++ source/firewall/firewall_ipv6.c | 45 ++++++++++++++++++++++++++++++--- 3 files changed, 74 insertions(+), 4 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 387202ee..f10e6aee 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -5248,6 +5248,31 @@ static int do_nat_ephemeral(FILE *fp) return(0); } +void applyHotspotPostRoutingRules(FILE *fp) +{ + FIREWALL_DEBUG("60736: Entering applyHotspotPostRoutingRules \n"); + int rc; + char *pStr = NULL; + errno_t safec_rc = -1; + char hotspot_wan_ifname[32]; + memset(hotspot_wan_ifname,0,sizeof(hotspot_wan_ifname)); + rc = PSM_VALUE_GET_STRING(PSM_HOTSPOT_WAN_IFNAME, pStr); + if(rc == CCSP_SUCCESS && pStr != NULL){ + FIREWALL_DEBUG("HotSpot wan interface fetched \n"); + safec_rc = strcpy_s(hotspot_wan_ifname, sizeof(hotspot_wan_ifname),pStr); + ERR_CHK(safec_rc); + Ansc_FreeMemory_Callback(pStr); + pStr = NULL; + } + FIREWALL_DEBUG(" line:%d current_wan_ifname:%s hotspot_wan_ifname %s \n" COMMA __LINE__ COMMA current_wan_ifname COMMA hotspot_wan_ifname); + + if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) + { + fprintf(fp, "-A postrouting_towan -j MASQUERADE\n"); + } + FIREWALL_DEBUG("60736: Exiting applyHotspotPostRoutingRules \n"); +} + #if defined(_BWG_PRODUCT_REQ_) /* * Procedure : do_raw_table_staticip @@ -5400,7 +5425,13 @@ static int do_wan_nat_lan_clients(FILE *fp) #ifdef RDKB_EXTENDER_ENABLED fprintf(fp, "-A postrouting_towan -j MASQUERADE\n"); #else + if (0 == checkIfULAEnabled()) + { + FIREWALL_DEBUG("Applying applyHotspotPostRoutingRules \n"); + applyHotspotPostRoutingRules(fp); + } else { fprintf(fp, "-A postrouting_towan -j SNAT --to-source %s\n", natip4); + } #endif #if defined (FEATURE_MAPT) || defined (FEATURE_SUPPORT_MAPT_NAT46) } diff --git a/source/firewall/firewall.h b/source/firewall/firewall.h index 6b9ae880..141e43e6 100644 --- a/source/firewall/firewall.h +++ b/source/firewall/firewall.h @@ -115,6 +115,7 @@ extern int sysevent_fd; extern char sysevent_ip[19]; extern unsigned short sysevent_port; #define PSM_VALUE_GET_STRING(name, str) PSM_Get_Record_Value2(bus_handle, CCSP_SUBSYS, name, NULL, &(str)) +#define PSM_HOTSPOT_WAN_IFNAME "dmsb.wanmanager.if.3.Name" int get_ip6address (char * ifname, char ipArry[][40], int * p_num, unsigned int scope_in); @@ -210,6 +211,7 @@ void do_forwardPorts(FILE *fp); int IsValidIPv6Addr(char* ip_addr_string); #ifdef WAN_FAILOVER_SUPPORTED int checkIfULAEnabled(void); +void applyHotspotPostRoutingRules(FILE *fp); #endif void getIpv6Interfaces(char Interface[MAX_NO_IPV6_INF][MAX_LEN_IPV6_INF], int *len); void prepare_hotspot_gre_ipv6_rule(FILE *filter_fp); diff --git a/source/firewall/firewall_ipv6.c b/source/firewall/firewall_ipv6.c index be0e81d6..de1962d6 100644 --- a/source/firewall/firewall_ipv6.c +++ b/source/firewall/firewall_ipv6.c @@ -2108,22 +2108,53 @@ int checkIfULAEnabled() void applyIpv6ULARules(FILE* fp) { - #ifdef RDKB_EXTENDER_ENABLED + #if defined (RDKB_EXTENDER_ENABLED) if(strlen(current_wan_ipv6[0]) > 0) { - FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ipv6); - - fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n",current_wan_ifname); + FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ipv6); + fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n",current_wan_ifname); } #else + FIREWALL_DEBUG("Applying applyIpv6ULARules \n"); applyRoutingRules(fp,GLOBAL_IPV6); applyRoutingRules(fp,ULA_IPV6); #endif } + +void applyHotspotIpv6PostRoutingRules(FILE *fp) +{ + FIREWALL_DEBUG("60736: Entering applyHotspotIpv6PostRoutingRules \n"); + int rc; + char *pStr = NULL; + errno_t safec_rc = -1; + char hotspot_wan_ifname[32]; + memset(hotspot_wan_ifname,0,sizeof(hotspot_wan_ifname)); + rc = PSM_VALUE_GET_STRING(PSM_HOTSPOT_WAN_IFNAME, pStr); + if(rc == CCSP_SUCCESS && pStr != NULL){ + FIREWALL_DEBUG("HotSpot wan interface fetched \n"); + safec_rc = strcpy_s(hotspot_wan_ifname, sizeof(hotspot_wan_ifname),pStr); + ERR_CHK(safec_rc); + Ansc_FreeMemory_Callback(pStr); + pStr = NULL; + } + FIREWALL_DEBUG(" line:%d current_wan_ifname:%s hotspot_wan_ifname %s \n" COMMA __LINE__ COMMA current_wan_ifname COMMA hotspot_wan_ifname); + memset(current_wan_ip6_addr, 0, sizeof(current_wan_ip6_addr)); + sysevent_get(sysevent_fd, sysevent_token, "tr_brww0_dhcpv6_client_v6addr", current_wan_ip6_addr, sizeof(current_wan_ip6_addr)); + + if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) + { + FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ip6_addr); + fprintf(fp, "-t nat -I POSTROUTING -o %s -j SNAT --to-source %s\n" COMMA current_wan_ifname COMMA current_wan_ip6_addr); + fprintf(fp, "-A INPUT -s %s -i %s -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m limit --limit 100/sec -j ACCEPT\n" , current_wan_ip6_addr , current_wan_ifname); + } + FIREWALL_DEBUG("60736: Exiting applyHotspotIpv6PostRoutingRules \n"); +} + #endif void do_ipv6_nat_table(FILE* fp) { + FIREWALL_DEBUG("Entering do_ipv6_nat_table \n"); char IPv6[INET6_ADDRSTRLEN] = "0"; fprintf(fp, "*nat\n"); fprintf(fp, ":%s - [0:0]\n", "prerouting_devices"); @@ -2224,6 +2255,12 @@ void do_ipv6_nat_table(FILE* fp) fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n", current_wan_ifname); #endif + #if defined (WAN_FAILOVER_SUPPORTED) + if (0 == checkIfULAEnabled()) + { + applyHotspotIpv6PostRoutingRules(fp); + } + #endif FIREWALL_DEBUG("Exiting do_ipv6_nat_table \n"); } From 24b812e7e7d3f9853cb15943621698bfb644fc5f Mon Sep 17 00:00:00 2001 From: yashwanthkumar-hm_comcast Date: Tue, 9 Sep 2025 17:31:24 +0100 Subject: [PATCH 02/63] RDKB-61372: Handling recovery cases of Unknown/Invalid syscfg PartnerID Reason for change: Add retry mechanism for PartnerID Unknown Test Procedure: 1. Set PartnerID via TR181 DMs a. Set the DM Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.PartnerId with one of following values : "Unknown", "known", "sky-", "" b. Set the DM dmcli eRT setv Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.RDKB_Control.ActivatePartnerId bool true c. CPE goes for reboot and after reboot, Check if the PartnerID recovers with respective PartnerID configurations applied d. After Recovery Reboot Reason should be Reboot-DueTo-InvalidPartnerID 2. Set PartnerID DB param via syscfg a. set PartnerID with following values : "Unknown", "known", "sky-", "" b. syscfg commit c. Reboot CPE and Check if the PartnerID recovers with respective PartnerID configurations applied d. After Recovery Reboot Reason should be Reboot-DueTo-InvalidPartnerID 3. Upgrade scenario a. Flash image without the fix, check Partner ID - sky-uk b. Set Partner ID to "Unknown" using Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.PartnerId c. Activate PartnerID using Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.RDKB_Control.ActivatePartnerId d. CPE goes for reboot and after reboot, check the DMs if the partner_defaults.json loaded for Unknown in the image without the fix. e. Flash the image with the fix and check if the partner ID is recovered and valid config is loaded f. After Recovery Reboot Reason should be Reboot-DueTo-InvalidPartnerID 4. Retry failure: If recovery fails after retry mechanism, then the PartnerID must be set to Unknown Priority: P1 Risks: Low Signed-off-by: Yashwanth Kumar H M --- .../apply_system_defaults.c | 115 +++++++++++++++++- .../apply_system_defaults_syscfg.c | 4 + .../init/src/apply_system_defaults_helper.c | 109 ++++++++++++++++- .../init/src/apply_system_defaults_helper.h | 8 ++ .../apply_system_defaults_psm.c | 4 + source/scripts/init/system/utopia_init.sh | 5 + .../scripts/init/system/utopia_init_hub4.sh | 13 +- source/scripts/init/system/utopia_init_xb6.sh | 5 + 8 files changed, 256 insertions(+), 7 deletions(-) diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c index 7739b39b..284ddb66 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c @@ -80,6 +80,8 @@ #define STATIC #endif +#define PARTNER_ID_MAX_RETRY 5 + static int syscfg_dirty; #define DEFAULT_FILE "/etc/utopia/system_defaults" @@ -689,7 +691,7 @@ static int GetDevicePropertiesEntry (char *pOutput, int size, char *sDevicePropC static int getFactoryPartnerId (char *pValue) { -#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) if(0 == platform_hal_getFactoryPartnerId(pValue)) { APPLY_PRINT("%s:%d - %s\n",__FUNCTION__, __LINE__,pValue); @@ -746,6 +748,111 @@ static int validatePartnerId (char *PartnerID) return result; } +#if defined (_RDKB_GLOBAL_PRODUCT_REQ_) +static int PartnerId_FetchWithRetry(char *PartnerID ) { + int retries = 0; + char buf[PARTNER_ID_LEN] = {0}; + + for(retries = 0; retries < PARTNER_ID_MAX_RETRY; retries++) { + memset(PartnerID, 0, PARTNER_ID_LEN); + + if((0 == getFactoryPartnerId(PartnerID)) && (PartnerID[0] != '\0') && + validatePartnerId(PartnerID) && (0 != strcasecmp (PartnerID, "Unknown"))) { + return 0; + } + else { + memset(buf, 0, sizeof(buf)); + + if ( 0 == GetDevicePropertiesEntry(buf, sizeof(buf), "PARTNER_ID")) { + if(buf[0] != '\0') { + strncpy(PartnerID, buf, strlen(buf)); + PartnerID[strlen(buf)] = '\0'; + + if(validatePartnerId(PartnerID) && (0 != strcasecmp(PartnerID, "Unknown") )) { + return 0; + } + } + } + } + + if((retries + 1) < PARTNER_ID_MAX_RETRY) { + APPLY_PRINT("%s - Still obtaining invalid PartnerID value from various sources so Retrying, Iteration: <%d>\n", __FUNCTION__, retries); + sleep(2); + } + } + + return 1; +} + +int WritePartnerIDToFile(char* PartnerID) { + FILE *fp = NULL; + + fp = fopen(PARTNERID_FILE, "w"); + if(NULL == fp) { + APPLY_PRINT("%s - Failed to open file %s\n", __FUNCTION__, PARTNERID_FILE); + return 1; + } + + if( (NULL != PartnerID) && (strlen(PartnerID) > 0) ) { + fwrite(PartnerID, strlen(PartnerID), 1, fp); + APPLY_PRINT("%s - PartnerID %s written to file %s\n", __FUNCTION__, PartnerID, PARTNERID_FILE); + } + else { + APPLY_PRINT("%s - PartnerID is NULL\n", __FUNCTION__); + if(fp) { + fclose(fp); + } + + return 1; + } + + if(fp) { + fclose(fp); + } + + return 0; +} + +void CheckAndHandleInvalidPartnerIDRecoveryProcess(char *PartnerID) { + if( '\0' == PartnerID[0] || (0 == validatePartnerId(PartnerID)) || (0 == strcasecmp (PartnerID, "Unknown")) ) { + memset(PartnerID, 0, PARTNER_ID_LEN); + + APPLY_PRINT("%s - Current PartnerID value is Unknown/Invalid, So retrying to obtain valid PartnerID values. \n", __FUNCTION__); + t2_event_d("SYS_ERROR_INVALID_PARTNER_ID_DETECTED", 1); + if( 0 == PartnerId_FetchWithRetry(PartnerID) ) { + APPLY_PRINT("%s - INVALID_PARTNER_ID_RECOVERY_SUCCESS - Obtained Valid PartnerID is %s\n", __FUNCTION__, PartnerID ); + t2_event_d("SYS_INVALID_PARTNER_ID_RECOVERY_SUCCESS", 1); + + if (syscfg_set_commit(NULL, "PartnerID", PartnerID) != 0) { + APPLY_PRINT("%s - PartnerID syscfg_set failed\n", __FUNCTION__); + } + + WritePartnerIDToFile(PartnerID); + + if (syscfg_set_commit(NULL, "factory_reset", "y") != 0) { + APPLY_PRINT("%s - syscfg_set failed\n", __FUNCTION__); + } + + creat("/nvram/.Invalid_PartnerID", 0644); + v_secure_system("/rdklogger/backupLogs.sh"); + + } + else { + if (syscfg_set_commit(NULL, "PartnerID", "Unknown") != 0) { + APPLY_PRINT("%s - syscfg_set failed\n", __FUNCTION__); + } + + APPLY_PRINT("%s - INVALID_PARTNER_ID_RECOVERY_FAILURE - PartnerID is %s\n", __FUNCTION__, PartnerID ); + t2_event_d("SYS_ERROR_INVALID_PARTNER_ID_RECOVERY_FAILURE", 1); + } + } + else { + APPLY_PRINT("%s - Current PartnerID : %s value is Valid \n", __FUNCTION__, PartnerID ); + } +} + +#endif // (_RDKB_GLOBAL_PRODUCT_REQ_) + static int get_PartnerID (char *PartnerID) { char buf[PARTNER_ID_LEN]; @@ -3138,7 +3245,7 @@ if ( paramObjVal != NULL ) } return 0; } -#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) +#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) static void getPartnerIdWithRetry(char* buf, char* PartnerID) { int i; @@ -3293,6 +3400,10 @@ static void getPartnerIdWithRetry(char* buf, char* PartnerID) get_PartnerID ( PartnerID ); } +#if defined (_RDKB_GLOBAL_PRODUCT_REQ_) + CheckAndHandleInvalidPartnerIDRecoveryProcess(PartnerID); +#endif // (_RDKB_GLOBAL_PRODUCT_REQ_) + APPLY_PRINT("%s - PartnerID :%s\n", __FUNCTION__, PartnerID ); unsigned int flags = 0; diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults_syscfg.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults_syscfg.c index 58054822..09b03f85 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults_syscfg.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults_syscfg.c @@ -228,6 +228,10 @@ int main( int argc, char **argv ) get_PartnerID ( PartnerID ); } +#if defined (_RDKB_GLOBAL_PRODUCT_REQ_) + CheckAndHandleInvalidPartnerIDRecoveryProcess(PartnerID); +#endif // (_RDKB_GLOBAL_PRODUCT_REQ_) + APPLY_PRINT("%s - PartnerID :%s\n", __FUNCTION__, PartnerID ); ptr_etc_json = json_file_parse( PARTNERS_INFO_FILE_ETC ); diff --git a/source/scripts/init/src/apply_system_defaults_helper.c b/source/scripts/init/src/apply_system_defaults_helper.c index cf567d8c..b4e983ec 100644 --- a/source/scripts/init/src/apply_system_defaults_helper.c +++ b/source/scripts/init/src/apply_system_defaults_helper.c @@ -733,9 +733,9 @@ static int GetDevicePropertiesEntry (char *pOutput, int size, char *sDevicePropC return ret; } -static int getFactoryPartnerId (char *pValue) +int getFactoryPartnerId (char *pValue) { -#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) +#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) if(0 == platform_hal_getFactoryPartnerId(pValue)) { APPLY_PRINT("%s:%d - %s\n",__FUNCTION__, __LINE__,pValue); @@ -1016,6 +1016,111 @@ static void ValidateAndUpdatePartnerVersionParam (cJSON *root_etc_json, cJSON *r } } +#if defined (_RDKB_GLOBAL_PRODUCT_REQ_) +int PartnerId_FetchWithRetry(char *PartnerID ) { + int retries = 0; + char buf[PARTNER_ID_LEN] = {0}; + + for(retries = 0; retries < PARTNER_ID_MAX_RETRY; retries++) { + memset(PartnerID, 0, PARTNER_ID_LEN); + + if((0 == getFactoryPartnerId(PartnerID)) && (PartnerID[0] != '\0') && + validatePartnerId(PartnerID) && (0 != strcasecmp (PartnerID, "Unknown"))) { + return 0; + } + else { + memset(buf, 0, sizeof(buf)); + + if ( 0 == GetDevicePropertiesEntry(buf, sizeof(buf), "PARTNER_ID")) { + if(buf[0] != '\0') { + strncpy(PartnerID, buf, strlen(buf)); + PartnerID[strlen(buf)] = '\0'; + + if(validatePartnerId(PartnerID) && (0 != strcasecmp(PartnerID, "Unknown") )) { + return 0; + } + } + } + } + + if((retries + 1) < PARTNER_ID_MAX_RETRY) { + APPLY_PRINT("%s - Still obtaining invalid PartnerID value from various sources so Retrying, Iteration: <%d>\n", __FUNCTION__, retries); + sleep(2); + } + } + + return 1; +} + +int WritePartnerIDToFile(char* PartnerID) { + FILE *fp = NULL; + + fp = fopen(PARTNERID_FILE, "w"); + if(NULL == fp) { + APPLY_PRINT("%s - Failed to open file %s\n", __FUNCTION__, PARTNERID_FILE); + return 1; + } + + if( (NULL != PartnerID) && (strlen(PartnerID) > 0) ) { + fwrite(PartnerID, strlen(PartnerID), 1, fp); + APPLY_PRINT("%s - PartnerID %s written to file %s\n", __FUNCTION__, PartnerID, PARTNERID_FILE); + } + else { + APPLY_PRINT("%s - PartnerID is NULL\n", __FUNCTION__); + if(fp) { + fclose(fp); + } + + return 1; + } + + if(fp) { + fclose(fp); + } + + return 0; +} + +void CheckAndHandleInvalidPartnerIDRecoveryProcess(char *PartnerID) { + if( '\0' == PartnerID[0] || (0 == validatePartnerId(PartnerID)) || (0 == strcasecmp (PartnerID, "Unknown")) ) { + memset(PartnerID, 0, PARTNER_ID_LEN); + + APPLY_PRINT("%s - Current PartnerID value is Unknown/Invalid, So retrying to obtain valid PartnerID values. \n", __FUNCTION__); + t2_event_d("SYS_ERROR_INVALID_PARTNER_ID_DETECTED", 1); + if( 0 == PartnerId_FetchWithRetry(PartnerID) ) { + APPLY_PRINT("%s - INVALID_PARTNER_ID_RECOVERY_SUCCESS - Obtained Valid PartnerID is %s\n", __FUNCTION__, PartnerID ); + t2_event_d("SYS_INVALID_PARTNER_ID_RECOVERY_SUCCESS", 1); + + if (syscfg_set_commit(NULL, "PartnerID", PartnerID) != 0) { + APPLY_PRINT("%s - PartnerID syscfg_set failed\n", __FUNCTION__); + } + + WritePartnerIDToFile(PartnerID); + + if (syscfg_set_commit(NULL, "factory_reset", "y") != 0) { + APPLY_PRINT("%s - syscfg_set failed\n", __FUNCTION__); + } + + creat("/nvram/.Invalid_PartnerID", 0644); + v_secure_system("/rdklogger/backupLogs.sh"); + + } + else { + if (syscfg_set_commit(NULL, "PartnerID", "Unknown") != 0) { + APPLY_PRINT("%s - syscfg_set failed\n", __FUNCTION__); + } + + APPLY_PRINT("%s - INVALID_PARTNER_ID_RECOVERY_FAILURE - PartnerID is %s\n", __FUNCTION__, PartnerID ); + t2_event_d("SYS_ERROR_INVALID_PARTNER_ID_RECOVERY_FAILURE", 1); + } + } + else { + APPLY_PRINT("%s - Current PartnerID : %s value is Valid \n", __FUNCTION__, PartnerID ); + } +} + +#endif // (_RDKB_GLOBAL_PRODUCT_REQ_) + static char *getBuildTime (void) { static char buildTime[50] = {0}; diff --git a/source/scripts/init/src/apply_system_defaults_helper.h b/source/scripts/init/src/apply_system_defaults_helper.h index 136ee411..4be5bc15 100644 --- a/source/scripts/init/src/apply_system_defaults_helper.h +++ b/source/scripts/init/src/apply_system_defaults_helper.h @@ -27,7 +27,15 @@ #define APPLY_DEFAULTS_FACTORY_RESET "/tmp/.apply_defaults_factory_reset" +#if defined (_RDKB_GLOBAL_PRODUCT_REQ_) +#define PARTNER_ID_MAX_RETRY 5 +int PartnerId_FetchWithRetry(char *PartnerID ); +int WritePartnerIDToFile(char* PartnerID); +void CheckAndHandleInvalidPartnerIDRecoveryProcess(char *PartnerID); +#endif // (_RDKB_GLOBAL_PRODUCT_REQ_) + int get_PartnerID( char *PartnerID); +int getFactoryPartnerId (char *pValue); int parse_command_line(int argc, char **argv); int set_defaults(void); int set_syscfg_partner_values (char *pValue, char *param); diff --git a/source/scripts/init/src/apply_system_defaults_psm/apply_system_defaults_psm.c b/source/scripts/init/src/apply_system_defaults_psm/apply_system_defaults_psm.c index 1bdc19b4..114671ce 100644 --- a/source/scripts/init/src/apply_system_defaults_psm/apply_system_defaults_psm.c +++ b/source/scripts/init/src/apply_system_defaults_psm/apply_system_defaults_psm.c @@ -221,6 +221,10 @@ int main( int argc, char **argv ) get_PartnerID ( PartnerID ); } +#if defined (_RDKB_GLOBAL_PRODUCT_REQ_) + CheckAndHandleInvalidPartnerIDRecoveryProcess(PartnerID); +#endif // (_RDKB_GLOBAL_PRODUCT_REQ_) + APPLY_PRINT("%s - PartnerID :%s\n", __FUNCTION__, PartnerID ); ptr_etc_json = json_file_parse( PARTNERS_INFO_FILE_ETC ); diff --git a/source/scripts/init/system/utopia_init.sh b/source/scripts/init/system/utopia_init.sh index e8620a00..05bb09c3 100755 --- a/source/scripts/init/system/utopia_init.sh +++ b/source/scripts/init/system/utopia_init.sh @@ -655,6 +655,11 @@ if [ "$FACTORY_RESET_REASON" = "true" ]; then syscfg set X_RDKCENTRAL-COM_LastRebootReason "FirmwareDownloadAndFactoryReset" syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" rm -f /nvram/.image_upgrade_and_FR_done + elif [ -f "/nvram/.Invalid_PartnerID" ]; then + echo "[utopia][init] Detected last reboot reason as Reboot-DueTo-InvalidPartnerID" + syscfg set X_RDKCENTRAL-COM_LastRebootReason "Reboot-DueTo-InvalidPartnerID" + syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" + rm -f /nvram/.Invalid_PartnerID else echo_t "[utopia][init] Detected last reboot reason as factory-reset" if [ -e "/usr/bin/onboarding_log" ]; then diff --git a/source/scripts/init/system/utopia_init_hub4.sh b/source/scripts/init/system/utopia_init_hub4.sh index 6e191e15..9239aa45 100755 --- a/source/scripts/init/system/utopia_init_hub4.sh +++ b/source/scripts/init/system/utopia_init_hub4.sh @@ -542,10 +542,17 @@ echo "[utopia][init] Detected last reboot reason from driver as $LastRebootReaso echo "" > /proc/skyrbd if [ "$FACTORY_RESET_REASON" = "true" ]; then - echo "[utopia][init] Detected last reboot reason as factory-reset" + if [ -f "/nvram/.Invalid_PartnerID" ]; then + echo "[utopia][init] Detected last reboot reason as Reboot-DueTo-InvalidPartnerID" + syscfg set X_RDKCENTRAL-COM_LastRebootReason "Reboot-DueTo-InvalidPartnerID" + syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" + rm -f /nvram/.Invalid_PartnerID + else + echo "[utopia][init] Detected last reboot reason as factory-reset" - syscfg set X_RDKCENTRAL-COM_LastRebootReason "factory-reset" - syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" + syscfg set X_RDKCENTRAL-COM_LastRebootReason "factory-reset" + syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" + fi else #Check last reboot reasons case "$LastRebootReason" in diff --git a/source/scripts/init/system/utopia_init_xb6.sh b/source/scripts/init/system/utopia_init_xb6.sh index ac64af33..d899a82c 100755 --- a/source/scripts/init/system/utopia_init_xb6.sh +++ b/source/scripts/init/system/utopia_init_xb6.sh @@ -791,6 +791,11 @@ if [ "$FACTORY_RESET_REASON" = "true" ]; then syscfg set X_RDKCENTRAL-COM_LastRebootReason "FirmwareDownloadAndFactoryReset" syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" rm -f /nvram/.image_upgrade_and_FR_done + elif [ -f "/nvram/.Invalid_PartnerID" ]; then + echo "[utopia][init] Detected last reboot reason as Reboot-DueTo-InvalidPartnerID" + syscfg set X_RDKCENTRAL-COM_LastRebootReason "Reboot-DueTo-InvalidPartnerID" + syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" + rm -f /nvram/.Invalid_PartnerID else echo "[utopia][init] Detected last reboot reason as factory-reset" if [ -e "/usr/bin/onboarding_log" ]; then From bd239f5fa72d65c24e3b48a1b6532d36505dedc1 Mon Sep 17 00:00:00 2001 From: rirfha948 Date: Fri, 5 Sep 2025 11:58:46 +0000 Subject: [PATCH 03/63] RDKB-6079800: IPv6 Support for WiFi Hotspot Reason for change: Added appropriate Firewall changes Test Procedure: - TBD Risks: None Priority: P3 Change-Id: I21e345f281f9db6a3f28ac9f22c9103d1f22f93c Signed-off-by: rirfha948 --- source/firewall/firewall.c | 4 ++-- source/firewall/firewall_ipv6.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index f10e6aee..a30d9060 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -5250,7 +5250,7 @@ static int do_nat_ephemeral(FILE *fp) void applyHotspotPostRoutingRules(FILE *fp) { - FIREWALL_DEBUG("60736: Entering applyHotspotPostRoutingRules \n"); + FIREWALL_DEBUG(" Entering applyHotspotPostRoutingRules \n"); int rc; char *pStr = NULL; errno_t safec_rc = -1; @@ -5270,7 +5270,7 @@ void applyHotspotPostRoutingRules(FILE *fp) { fprintf(fp, "-A postrouting_towan -j MASQUERADE\n"); } - FIREWALL_DEBUG("60736: Exiting applyHotspotPostRoutingRules \n"); + FIREWALL_DEBUG(" Exiting applyHotspotPostRoutingRules \n"); } #if defined(_BWG_PRODUCT_REQ_) diff --git a/source/firewall/firewall_ipv6.c b/source/firewall/firewall_ipv6.c index de1962d6..142ce37f 100644 --- a/source/firewall/firewall_ipv6.c +++ b/source/firewall/firewall_ipv6.c @@ -2124,7 +2124,7 @@ void applyIpv6ULARules(FILE* fp) void applyHotspotIpv6PostRoutingRules(FILE *fp) { - FIREWALL_DEBUG("60736: Entering applyHotspotIpv6PostRoutingRules \n"); + FIREWALL_DEBUG(" Entering applyHotspotIpv6PostRoutingRules \n"); int rc; char *pStr = NULL; errno_t safec_rc = -1; @@ -2148,7 +2148,7 @@ void applyHotspotIpv6PostRoutingRules(FILE *fp) fprintf(fp, "-t nat -I POSTROUTING -o %s -j SNAT --to-source %s\n" COMMA current_wan_ifname COMMA current_wan_ip6_addr); fprintf(fp, "-A INPUT -s %s -i %s -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m limit --limit 100/sec -j ACCEPT\n" , current_wan_ip6_addr , current_wan_ifname); } - FIREWALL_DEBUG("60736: Exiting applyHotspotIpv6PostRoutingRules \n"); + FIREWALL_DEBUG(" Exiting applyHotspotIpv6PostRoutingRules \n"); } #endif From dd4746fea89c0326bd2e4e014570cdbd167801a5 Mon Sep 17 00:00:00 2001 From: Arun R Date: Thu, 11 Sep 2025 12:15:02 +0000 Subject: [PATCH 04/63] RDKB-58679: Add PSM changes for vlan Reason for change: 1. Set values in syscfg.db from json file Test Procedure: 1. Check if default PSM values are showing Risks: Low Signed-off-by: Arun R --- .../init/src/apply_system_defaults/apply_system_defaults.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c index 7739b39b..e111c1cf 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c @@ -1222,6 +1222,10 @@ static int ApplyPartnersObjectItemsIntoSysevents( char *pcPartnerID ) { sysevent_set (global_fd, global_id, "HotSpotSupport", value, 0); } + else if ( 0 == strcmp ( key, "Device.X_RDK_Features.VlanDiscovery.Enable") ) + { + sysevent_set (global_fd, global_id, "VlanDiscoverySupport", value, 0); + } pCJsonChildParam = pCJsonChildParam->next; } From 84cef1e0f31ca84f4d1396fb549a05be460b2e6b Mon Sep 17 00:00:00 2001 From: Vijayaragavalu S Date: Tue, 16 Sep 2025 16:02:28 +0530 Subject: [PATCH 05/63] RDKB-60232 : Option 82 rules for Amenity bridges Reason for change: Option 82 handling related rules for Amenity bridges Queue number is used 61 to 63 which is not used for any other service Test Procedure: option82 related firewall rules for tcp and udp should be applied for respective interface queue number Risks: Low Priority: P1 Signed-off-by: vijayaragavalu_sundaresan2@comcast.com --- source/firewall/firewall.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 387202ee..4a77fe25 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -3119,6 +3119,7 @@ static int prepare_globals_from_configuration(void) #if defined (AMENITIES_NETWORK_ENABLED) +#define AMENITY_QUEUE_NUM_START 61 void updateAmenityNetworkRules(FILE *filter_fp , FILE *mangle_fp , int iptype ) { char query[MAX_QUERY]; @@ -3166,13 +3167,12 @@ void updateAmenityNetworkRules(FILE *filter_fp , FILE *mangle_fp , int iptype ) FIREWALL_DEBUG(" Applying Amenity network IPv%d rules for %s \n" COMMA iptype COMMA bridgename); if(iptype == AF_INET) { - //will be enabling option 82 rules once prod team confirms - //fprintf(filter_fp, "-A FORWARD -o %s -p udp --dport=67:68 -j NFQUEUE --queue-bypass --queue-num %d\n", bridgename, idx+1); + //DHCP option 82 handling rule for Amenity bridge interfaces + fprintf(filter_fp, "-A FORWARD -o %s -p udp --dport=67:68 -j NFQUEUE --queue-bypass --queue-num %d\n", bridgename, AMENITY_QUEUE_NUM_START+idx); fprintf(mangle_fp, "-A POSTROUTING -o %s -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1360 \n" , bridgename); } else { - // Adding Accept rule for Amenity interface fprintf(filter_fp, "-A INPUT -i %s -j ACCEPT \n" , bridgename ); // Allow forward within same Amenity network interface fprintf(filter_fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", bridgename, bridgename); From 1074c4438b0686647008fd2e67cc10e4d6a424ab Mon Sep 17 00:00:00 2001 From: ap934 Date: Tue, 9 Sep 2025 18:23:50 +0530 Subject: [PATCH 06/63] RDKDEV-1132, RDKBACCL-846: Migrate scripts from RPI to BPI Reason for change: Migrate scripts from RPI to BPI Test Procedure: Image should bootup and all functionality should work Risks: Low Signed-off-by: ap934 --- source/scripts/init/service.d/lan_handler.sh | 10 +++++----- source/scripts/init/service.d/service_dhcp_server.sh | 8 ++++---- .../service_dhcp_server/dhcp_server_functions.sh | 2 +- source/scripts/init/service.d/service_forwarding.sh | 6 +++--- source/scripts/init/service.d/service_ipv4.sh | 2 +- source/scripts/init/service.d/service_mcastproxy.sh | 2 +- source/scripts/init/service.d/service_sshd.sh | 2 +- 7 files changed, 16 insertions(+), 16 deletions(-) diff --git a/source/scripts/init/service.d/lan_handler.sh b/source/scripts/init/service.d/lan_handler.sh index 5067f14d..6c020d9a 100755 --- a/source/scripts/init/service.d/lan_handler.sh +++ b/source/scripts/init/service.d/lan_handler.sh @@ -349,7 +349,7 @@ case "$1" in echo_t "THE INSTANT=$INST" echo_t "THE INSTANT=$INST" #(use a simpler test than this -- but Hacky, since it assumes everything we want is not XB3!!)if [ "$BOX_TYPE" = "TCCBR" ] || [ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Technicolor" ] || [ "$BOX_TYPE" = "XB7" -a "$MANUFACTURE" = "Technicolor" ] ; then - if ( [ "$BOX_TYPE" != "XB3" ] && ( [ "$MANUFACTURE" = "Technicolor" ] || [ "$MANUFACTURE" = "Sercomm" ] ) ) || [ "$BOX_TYPE" = "rpi" ] ; then + if ( [ "$BOX_TYPE" != "XB3" ] && ( [ "$MANUFACTURE" = "Technicolor" ] || [ "$MANUFACTURE" = "Sercomm" ] ) ) || [ "$BOX_TYPE" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ]; then COUNTER=1 while [ $COUNTER -lt 10 ]; do echo_t "RDKB_SYSTEM_BOOT_UP_LOG : INST returned null , retrying $COUNTER" @@ -393,7 +393,7 @@ case "$1" in sysevent set homesecurity_lan_l3net ${HSINST} sysevent set primary_lan_l3net ${INST} #BRLAN0 ISSUE : Manually invoking lan-start to fix brlan0 failure during intial booting. Root cause for event has to be identified - if [ "$RPI_SPECIFIC" = "rpi" ]; then + if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ]; then sleep 2 L3NET=`sysevent get primary_lan_l3net` if [ -z "$L3NET" ]; then @@ -418,7 +418,7 @@ case "$1" in # Laninit complete happens as part of the service_dhcp_server.sh itself.Firewall restart happens as part of service_ip4 itself.In the above code we #are setting many sysevents related to LAN hence adding the lan_init complete logs here.Also as oer the logs , we moving to bring the eth interface after this.Hence lan in # compelte can brought in here. - if [ "$RPI_SPECIFIC" = "rpi" ]; then + if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ]; then if [ -e "/usr/bin/print_uptime" ]; then /usr/bin/print_uptime "Laninit_complete" fi @@ -502,11 +502,11 @@ case "$1" in ;; lan-start) - if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then + if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then L3Net=`sysevent get primary_lan_l3net` if [ -z "$L3Net" ]; then echo_t "RDKB_SYSTEM_BOOT_UP_LOG : L3Net is null" - if [ "$RPI_SPECIFIC" = "rpi" ]; then + if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ]; then L3Net=4 sysevent set primary_lan_l3net $L3Net else diff --git a/source/scripts/init/service.d/service_dhcp_server.sh b/source/scripts/init/service.d/service_dhcp_server.sh index 5c5dac0a..95ba8b86 100755 --- a/source/scripts/init/service.d/service_dhcp_server.sh +++ b/source/scripts/init/service.d/service_dhcp_server.sh @@ -451,7 +451,7 @@ dhcp_server_start () return 1 fi - if [ "$BOX_TYPE" != "rpi" ] && [ "$BOX_TYPE" != "turris" ]; then + if [ "$BOX_TYPE" != "rpi" ] && [ "$BOX_TYPE" != "bpi" ] && [ "$BOX_TYPE" != "turris" ]; then DHCP_STATE=`sysevent get lan_status-dhcp` #if [ "started" != "$CURRENT_LAN_STATE" ] ; then if [ "started" != "$DHCP_STATE" ] ; then @@ -591,7 +591,7 @@ dhcp_server_start () if [ $? -eq 0 ]; then echo_t "$SERVER process started successfully" else - if [ "$BOX_TYPE" = "XB6" ] || [ "$BOX_TYPE" = "PUMA7_CGP" ] || [ "$BOX_TYPE" = "rpi" ] || [ "$BOX_TYPE" = "turris" ] ; then + if [ "$BOX_TYPE" = "XB6" ] || [ "$BOX_TYPE" = "PUMA7_CGP" ] || [ "$BOX_TYPE" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ] || [ "$BOX_TYPE" = "turris" ] ; then COUNTER=0 while [ $COUNTER -lt 5 ]; do @@ -622,7 +622,7 @@ dhcp_server_start () if [ "$PSM_MODE" != "1" ]; then if [ -f "/var/tmp/.refreshlan" ];then echo_t "RDKB_SYSTEM_BOOT_UP_LOG : Call gw_lan_refresh_from_dhcpscript:`uptime | cut -d "," -f1 | tr -d " \t\n\r"`" - if [ "$BOX_TYPE" = "rpi" ]; then + if [ "$BOX_TYPE" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ]; then reset_eth_usb_ports else gw_lan_refresh & @@ -631,7 +631,7 @@ dhcp_server_start () elif [ ! -f "/var/tmp/lan_not_restart" ] && [ "$1" != "lan_not_restart" ]; then if [ x"ready" = x`sysevent get start-misc` ]; then echo_t "RDKB_SYSTEM_BOOT_UP_LOG : Call gw_lan_refresh_from_dhcpscript:`uptime | cut -d "," -f1 | tr -d " \t\n\r"`" - if [ "$BOX_TYPE" = "rpi" ]; then + if [ "$BOX_TYPE" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ]; then reset_eth_usb_ports else gw_lan_refresh & diff --git a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh index b77ddbd2..94761641 100755 --- a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh +++ b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh @@ -1097,7 +1097,7 @@ fi fi fi - if [ "$BOX_TYPE" = "rpi" ] || [ "$BOX_TYPE" = "turris" ]; then + if [ "$BOX_TYPE" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ] || [ "$BOX_TYPE" = "turris" ]; then LAN_STATUS=`sysevent get lan-status` BRIDGE_MODE=`syscfg get bridge_mode` if [ "$LAN_STATUS" = "stopped" ] && [ $BRIDGE_MODE == 0 ]; then diff --git a/source/scripts/init/service.d/service_forwarding.sh b/source/scripts/init/service.d/service_forwarding.sh index a2aa1669..e62ac5f8 100755 --- a/source/scripts/init/service.d/service_forwarding.sh +++ b/source/scripts/init/service.d/service_forwarding.sh @@ -125,7 +125,7 @@ service_start () STATUS=`sysevent get wan-status` if [ "stopped" != "$STATUS" ] ; then ulog forwarding status "stopping wan" - if [ "$RPI_SPECIFIC" != "rpi" ] ; then + if [ "$RPI_SPECIFIC" != "rpi" ] && [ "$BOX_TYPE" != "bpi" ] ; then sysevent set wan-stop fi wait_till_state wan stopped @@ -146,7 +146,7 @@ service_start () done fi - if [ "$RPI_SPECIFIC" = "rpi" ] ; then + if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ]; then LAN_STATUS=`sysevent get lan-status` if [ "$LAN_STATUS" = "stopped" ] ; then router_mode @@ -175,7 +175,7 @@ service_start () sysevent set firewall-restart else ulog forwarding status "starting wan" - if [ "$RPI_SPECIFIC" = "rpi" ] ; then + if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ]; then STATUS=`sysevent get wan-status` if [ "started" != "$STATUS" ] ; then sysevent set wan-start diff --git a/source/scripts/init/service.d/service_ipv4.sh b/source/scripts/init/service.d/service_ipv4.sh index d41797bd..f3004e1c 100755 --- a/source/scripts/init/service.d/service_ipv4.sh +++ b/source/scripts/init/service.d/service_ipv4.sh @@ -129,7 +129,7 @@ handle_l2_status () { fi fi fi - if [ "$BOX_TYPE" = "rpi" ]; then + if [ "$BOX_TYPE" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ]; then LAN_STATUS=`sysevent get lan-status` if [ "$LAN_STATUS" = "stopped" ]; then echo_t "service_ipv4 : Starting lan-status" diff --git a/source/scripts/init/service.d/service_mcastproxy.sh b/source/scripts/init/service.d/service_mcastproxy.sh index a5e78523..1185bd79 100755 --- a/source/scripts/init/service.d/service_mcastproxy.sh +++ b/source/scripts/init/service.d/service_mcastproxy.sh @@ -113,7 +113,7 @@ fi else cat $LOCAL_CONF_FILE > $CONF_FILE rm -f $LOCAL_CONF_FILE - if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "rpi" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then + if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "rpi" ] || [ "$BOX_TYPE" == "bpi" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then $BIN $CONF_FILE & else $BIN -c $CONF_FILE & diff --git a/source/scripts/init/service.d/service_sshd.sh b/source/scripts/init/service.d/service_sshd.sh index 287a99d3..e67deee0 100755 --- a/source/scripts/init/service.d/service_sshd.sh +++ b/source/scripts/init/service.d/service_sshd.sh @@ -209,7 +209,7 @@ do_start() { fi else CM_IP="" - if ([ "$BOX_TYPE" = "rpi" ]) ;then + if ([ "$BOX_TYPE" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ]) ;then #for Raspberry-pi, use the ipv4 address as default for ssh CM_IP=`ip -4 addr show dev $CMINTERFACE scope global | awk '/inet/{print $2}' | cut -d '/' -f1` else From 953b717f70c5090f235ab9238d9c381c16bca40f Mon Sep 17 00:00:00 2001 From: Vijayaragavalu S Date: Wed, 17 Sep 2025 17:46:37 +0530 Subject: [PATCH 07/63] RDKB-60813 : Webui attack handling in Firewall Reason for change: Webui attack handling in Firewall Test Procedure: firewall functionality and webui launch on multiple browser check the CPU load ave works fine and no more reported in the ticket. Risks: Low Priority: P0 Signed-off-by: vijayaragavalu_sundaresan2@comcast.com --- source/firewall/firewall.c | 45 +++++++++++++++++++++++++++++++++++--- source/firewall/firewall.h | 2 ++ 2 files changed, 44 insertions(+), 3 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 387202ee..3d6744ca 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -1455,7 +1455,23 @@ static int do_wan_nat_lan_clients_mapt(FILE *fp) return 0; } #endif //FEATURE_MAPT - +void do_webui_attack_filter(FILE *filter_fp) +{ + FIREWALL_DEBUG("Entering do_webui_attack_filter\n"); + fprintf(filter_fp, ":%s - [0:0]\n", "UPLOAD_ATTACK_FILTER"); + fprintf(filter_fp, "-A UPLOAD_ATTACK_FILTER -m string --algo bm --string \"%s\" -j DROP \n", " Date: Wed, 17 Sep 2025 18:27:25 +0530 Subject: [PATCH 08/63] Update firewall.h --- source/firewall/firewall.h | 1 - 1 file changed, 1 deletion(-) diff --git a/source/firewall/firewall.h b/source/firewall/firewall.h index aaae6520..a89ec934 100644 --- a/source/firewall/firewall.h +++ b/source/firewall/firewall.h @@ -148,7 +148,6 @@ int do_ipflooddetectv4(FILE *fp); void do_webui_attack_filter(FILE *filter_fp); int wan_lan_webui_attack(FILE *fp, const char *interface); - // Rule preparation functions int prepare_rabid_rules(FILE *filter_fp, FILE *mangle_fp, ip_ver_t ver); int prepare_rabid_rules_v2020Q3B(FILE *filter_fp, FILE *mangle_fp, ip_ver_t ver); From 265deb0690cb4bfa5b2879e1296c4988b1a74939 Mon Sep 17 00:00:00 2001 From: Mannoppilly Hassan Date: Wed, 17 Sep 2025 11:00:19 -0700 Subject: [PATCH 09/63] RDKB-61412 : Add RDKBPOD generic vendor name for all extender devices Reason for change: This fix will response with option 43 when a dhcp request or discover is received with vendor name RDKBPOD. Test Procedure: Make sure pod is connecting in wifi and eth backhaul Risks: None Signed-off-by: Mannoppilly Hassan --- .../init/service.d/service_dhcp_server/dhcp_server_functions.sh | 1 + source/service_dhcp/dhcp_server_functions.c | 1 + 2 files changed, 2 insertions(+) diff --git a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh index 94761641..40a6bcba 100755 --- a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh +++ b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh @@ -1082,6 +1082,7 @@ fi echo "dhcp-option=vendor:HIXE12AWR,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:WNXE12AWR,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:WNXL11BWL,43,tag=123" >> $LOCAL_DHCP_CONF + echo "dhcp-option=vendor:RDKBPOD,43,tag=123" >> $LOCAL_DHCP_CONF fi if [ "dns_only" != "$3" ] ; then diff --git a/source/service_dhcp/dhcp_server_functions.c b/source/service_dhcp/dhcp_server_functions.c index a2ac340f..2a2017aa 100644 --- a/source/service_dhcp/dhcp_server_functions.c +++ b/source/service_dhcp/dhcp_server_functions.c @@ -1568,6 +1568,7 @@ int prepare_dhcp_conf (char *input) fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-option=vendor:WNXE12AWR,43,tag=123\n"); fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-option=vendor:SE401,43,tag=123\n"); fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-option=vendor:WNXL11BWL,43,tag=123\n"); + fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-option=vendor:RDKBPOD,43,tag=123\n"); // Set dnsmasq tag for XLE as "extender". fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-vendorclass=set:extender,WNXL11BWL\n"); From f2f202b4f1b1298aa028336b2d3638108768d47c Mon Sep 17 00:00:00 2001 From: Suresh babu Palamangalam Date: Fri, 19 Sep 2025 12:04:48 +0100 Subject: [PATCH 10/63] SHARMAN-1210:Add telemetry support to report FW info from both banks on Hub6 Reason for change: Enable the crontab job entry to execute the FwBankInfo binary on Hub6 Test Procedure: NA Priority:P1 Risks:Low Signed-off-by: Suresh babu Palamangalam --- source/scripts/init/service.d/service_crond.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/scripts/init/service.d/service_crond.sh b/source/scripts/init/service.d/service_crond.sh index cd78c2fa..be1c8493 100755 --- a/source/scripts/init/service.d/service_crond.sh +++ b/source/scripts/init/service.d/service_crond.sh @@ -190,7 +190,7 @@ service_start () addCron "48 * * * * sh /etc/sky/monitor_dhd_dump.sh &" fi - if [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then + if [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then #RDKB-43895 log the firmware bank informations in selfheal log echo "5 */12 * * * /usr/bin/FwBankInfo" >> $CRONTAB_FILE fi From 317ac47e56e892901587e20d5ffd5ab54202e4ad Mon Sep 17 00:00:00 2001 From: mkorav871 Date: Sun, 21 Sep 2025 19:36:01 +0530 Subject: [PATCH 11/63] RDKB-61777: [utopia] Code development to remove _64BIT_ARCH_SUPPORT_ macro Reason for change: [COPILOT] remove 64BIT_ARCH_SUPPORT macro from utopia module Test Procedure: No build warning or errors. basic sanity Priority: P1 Risks: Low Change-Id: Ie04210b44a0c874ac17d083153f0ecf76cd880b8 Signed-off-by: mkorav871 --- source/sysevent/lib/sysevent.h | 6 +----- source/sysevent/server/syseventd.h | 7 ++----- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/source/sysevent/lib/sysevent.h b/source/sysevent/lib/sysevent.h index 87d1aa43..56feea9f 100644 --- a/source/sysevent/lib/sysevent.h +++ b/source/sysevent/lib/sysevent.h @@ -93,11 +93,7 @@ extern "C" { * as is commonly done for reading from an fd into a buffer * and then using that buffer as a structure */ -#ifdef _64BIT_ARCH_SUPPORT_ -typedef char se_buffer[SE_MAX_MSG_SIZE+1] __attribute__ ((aligned(8))); -#else -typedef char se_buffer[SE_MAX_MSG_SIZE+1] __attribute__ ((aligned(4))); -#endif +typedef char se_buffer[SE_MAX_MSG_SIZE+1] __attribute__ ((aligned(sizeof(void*)))); /* * Errors diff --git a/source/sysevent/server/syseventd.h b/source/sysevent/server/syseventd.h index 1c68469c..8c126dab 100644 --- a/source/sysevent/server/syseventd.h +++ b/source/sysevent/server/syseventd.h @@ -96,11 +96,8 @@ extern sem_t worker_sem; // e.g Multinet process is taking more time to finish in some of the field units. #define MAX_ACTIVATION_BLOCKING_SECS 300 -#if defined (_64BIT_ARCH_SUPPORT_) -#define WORKER_THREAD_STACK_SIZE 8192*1024 /* the default stack size per process is 8MB */ -#else -#define WORKER_THREAD_STACK_SIZE 65536 -#endif +/* Scale stack size based on pointer size - larger for 64-bit architectures */ +#define WORKER_THREAD_STACK_SIZE (sizeof(void*) == 8 ? 8192*1024 : 65536) #define SANITY_THREAD_STACK_SIZE 65536 From f80ebbad541038be18810aa934aaf52ddff5d116 Mon Sep 17 00:00:00 2001 From: NetajiPanigrahi Date: Mon, 22 Sep 2025 22:32:14 +0200 Subject: [PATCH 12/63] RDKB-59938 : Observing SYSCFG DB stored with junk values Reason for change: Using buffer without memset in commit_to_file Test Procedure: sanity Risks: Low Signed-off-by: Netaji Panigrahi Netaji_Panigrahi@comcast.com --- source/syscfg/lib/syscfg_lib.c | 310 +++++++++++++++++++++++++++++---- 1 file changed, 274 insertions(+), 36 deletions(-) diff --git a/source/syscfg/lib/syscfg_lib.c b/source/syscfg/lib/syscfg_lib.c index c036575a..8b0d6466 100644 --- a/source/syscfg/lib/syscfg_lib.c +++ b/source/syscfg/lib/syscfg_lib.c @@ -58,6 +58,7 @@ #include "syscfg_lib.h" // internal interface #include "syscfg.h" // external interface used by users #include "safec_lib_common.h" +#include //#define VERBOSE_DEBUG @@ -74,6 +75,122 @@ static int syscfg_init_internal (void); static int load_from_file (const char *fname); static int commit_to_file (const char *fname); +#define DEFAULT_FILE "/etc/utopia/system_defaults" + +typedef struct { + char key[MAX_NAME_LEN]; + char value[MAX_NAME_LEN]; +} ConfigEntry; + +typedef struct ConfigNode { + ConfigEntry entry; + struct ConfigNode *next; +} ConfigNode; + +typedef struct { + const char *name; + unsigned int len; +} KeyEntry; + +void _syscfg_find_corrupted_keys(); + +ConfigNode **syscfg_default_ht = NULL; + +static char *trim(char *in) +{ + while (isspace((unsigned char)*in)) in++; + char *end = in + strlen(in) - 1; + while (end > in && isspace((unsigned char)*end)) *end-- = '\0'; + return in; +} + +static int parse_line(char *in, char **name, char **value) { + char *tok = strchr(in, '='); + if (!tok) return -1; + *tok = '\0'; + *name = in; + *value = tok + 1; + return 0; +} + +static unsigned int hash_index (const char *str) +{ + unsigned int hash = 5381 % SYSCFG_SZ; + int c; + + while ((c = *str++)) { + hash = ((hash << 5) + hash) + c; + } + + return hash % SYSCFG_SZ; +} + +static int _syscfg_add_default_entry(const char *key, const char *value) +{ + unsigned int index = hash_index(key); + ConfigNode *new_node = malloc(sizeof(ConfigNode)); + if (!new_node) { + ulog_LOG_Err("Memory allocation failed"); + return ERR_MEM_ALLOC; + } + + strncpy(new_node->entry.key, key, MAX_NAME_LEN - 1); + new_node->entry.key[MAX_NAME_LEN - 1] = '\0'; + strncpy(new_node->entry.value, value, MAX_NAME_LEN - 1); + new_node->entry.value[MAX_NAME_LEN - 1] = '\0'; + new_node->next = syscfg_default_ht[index]; + syscfg_default_ht[index] = new_node; + + return 0; +} + +static int _syscfg_getall_defaults(void) +{ + char buf[1024]; + char *line; + char *name; + char *value; + FILE *fp = NULL; + + fp = fopen (DEFAULT_FILE, "r"); + if (fp == NULL) + { + ulog_LOG_Err("[utopia] no system default file (%s) found\n", DEFAULT_FILE); + return -1; + } + + size_t size = SYSCFG_SZ * sizeof(ConfigNode *); + syscfg_default_ht = (ConfigNode **)mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + + if (syscfg_default_ht == MAP_FAILED) + { + perror("mmap failed"); + syscfg_default_ht = NULL; + return -1; + } + + while (fgets (buf, sizeof(buf), fp) != NULL) + { + line = trim (buf); + + if (line[0] == '$') + { + int offset = (line[1] == '$') ? 2 : 1; + if (parse_line(line + offset, &name, &value) == 0) + { + _syscfg_add_default_entry(trim(name), trim(value)); + } + else + { + ulog_LOG_Err("[utopia] [error] set_syscfg_defaults failed to parse line (%s)\n", line); + } + } + } + fclose (fp); + return 0; +} + + /****************************************************************************** * External syscfg library access apis *****************************************************************************/ @@ -377,7 +494,7 @@ void syscfg_destroy (void) syscfg_initialized = 0; } } - +static int _syscfg_getall_defaults(void); /* * Procedure : syscfg_create * Purpose : SYSCFG initialization from persistent storage @@ -421,6 +538,8 @@ int syscfg_create (const char *file, long int max_file_sz) if (0 != rc) { ulog_LOG_Err("Error loading from store"); } + /* Getting all system defaults & validate with current configurations */ + _syscfg_find_corrupted_keys(); shmdt(syscfg_ctx); @@ -507,8 +626,9 @@ static int syscfg_init_internal (void) */ static char *syscfg_parse (const char *str, char **name, char **value) { - char *n, *p; - int len; + char *n = NULL; + char *p = NULL; + int len = 0; if (NULL == str || NULL == name || NULL == value) { return NULL; @@ -523,7 +643,7 @@ static char *syscfg_parse (const char *str, char **name, char **value) memcpy(*name, str, len); (*name)[len] = '\0'; n++; - p = strchrnul(n,'\n'); + p = strchrnul(n,'\0'); if (p) { len = p - n; *value = malloc(len+1); @@ -865,8 +985,10 @@ static int make_ht_entry (const char *name, int namelen, const char *value, shmo entry->value_sz = valuelen + 1; entry->next = 0; p_entry_name = HT_ENTRY_NAME(ctx,ht_entry_offset); + memset(p_entry_name, 0, namelen + 1); memcpy(p_entry_name, name, namelen + 1); p_entry_value = HT_ENTRY_VALUE(ctx,ht_entry_offset); + memset(p_entry_value, 0, valuelen + 1); memcpy(p_entry_value, value, valuelen + 1); } @@ -1189,6 +1311,122 @@ static size_t _syscfg_getall2 (char *buf, size_t bufsz, int nolock) return (bufsz - len); /* size does not include final nul terminator */ } +static int _syscfg_find_in_defaults (const char *name) +{ + unsigned int index = hash_index(name); + if (index) + { + ConfigNode *new_node = syscfg_default_ht[index]; + + if ( new_node && (strcmp(new_node->entry.key, name) == 0)) + { + return 1; + } + } + + return 0; +} + +static void _syscfg_default_ht_destroy(void) +{ + if (!syscfg_default_ht) + { + return; + } + + for (size_t i = 0; i < SYSCFG_SZ; ++i) + { + ConfigNode *n = syscfg_default_ht[i]; + while (n) + { + ConfigNode *next = n->next; + free(n); + n = next; + } + syscfg_default_ht[i] = NULL; + } + + size_t size = SYSCFG_SZ * sizeof(ConfigNode *); + if (munmap(syscfg_default_ht, size) == -1) + { + perror("munmap syscfg_default_ht"); + } + syscfg_default_ht = NULL; +} + +void _syscfg_find_corrupted_keys() +{ + int key_count = 0; + unsigned int max_key_len = 0; + + if (_syscfg_getall_defaults() < 0) + { + printf("_syscfg_getall_defaults failed!\n"); + } + + size_t keys_size = SYSCFG_SZ * sizeof(KeyEntry); + KeyEntry *keys = (KeyEntry *)mmap(NULL, keys_size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + + if (keys == MAP_FAILED) + { + perror("mmap failed"); + _syscfg_default_ht_destroy(); + return; + } + + syscfg_shm_ctx *ctx = syscfg_ctx; + rw_lock(ctx); + + /* find max string length */ + for (int i = 0; i < SYSCFG_HASH_TABLE_SZ; i++) { + for (shmoff_t entry = ctx->ht[i]; entry; entry = HT_ENTRY_NEXT(ctx, entry)) { + const char *key = HT_ENTRY_NAME(ctx, entry); + unsigned int len = strlen(key); + keys[key_count].name = key; + keys[key_count].len = len; + if (len > max_key_len) + max_key_len = len; + key_count++; + } + } + + for (int i = 0; i < key_count; i++) + { + const char *query = keys[i].name; + unsigned int query_len = keys[i].len; + unsigned int longest_len = 0; + const char *longest_super = NULL; + + for (int j = 0; j < key_count; j++) { + if (i == j || keys[j].len < query_len) continue; + + if (strstr(keys[j].name, query) && + (strcmp(keys[j].name + strlen(keys[j].name) - strlen(query), query) == 0)) + { + if (keys[j].len > longest_len) + { + longest_len = keys[j].len; + longest_super = keys[j].name; + if (longest_len == max_key_len) break; + } + } + } + + if (longest_super) { + if (!_syscfg_find_in_defaults(query)) + printf("[utopia] - [%s] May be a corrupted key of [%s]\n", query, longest_super); + } + } + + _syscfg_default_ht_destroy(); + + if (munmap(keys, keys_size) == -1) + { + perror("munmap failed"); + } + + rw_unlock(ctx); +} /****************************************************************************** * shared-memory create, initialize and attach/detach APIs @@ -1603,49 +1841,38 @@ static void _syscfg_file_unlock (int fd) static int load_from_file (const char *fname) { - int fd; - ssize_t count; - char *inbuf = NULL, *buf = NULL; + char *inbuf = NULL; char *name = NULL, *value = NULL; - fd = open(fname, O_RDONLY); - if (-1 == fd) { + FILE *fd = fopen(fname, "r"); + if (NULL == fd) { return ERR_IO_FILE_OPEN; } inbuf = malloc(SYSCFG_SZ); if (NULL == inbuf) { - close(fd); /*RDKB-7135, CID-33110, free unused resources before exit*/ + fclose(fd); /*RDKB-7135, CID-33110, free unused resources before exit*/ return ERR_MEM_ALLOC; } - count = read(fd, inbuf, SYSCFG_SZ); - close(fd); - - if (count <= 0) { - free(inbuf); - return 1; - } - - buf = inbuf; - /*CID 135472 String not null terminated */ - buf[count] = '\0'; - do { - buf = syscfg_parse(buf, &name, &value); + memset(inbuf, 0, SYSCFG_SZ); + while (fgets(inbuf, SYSCFG_SZ, fd) != NULL) + { + // Remove trailing newline, if any + inbuf[strcspn(inbuf, "\r\n")] = '\0'; + syscfg_parse(inbuf, &name, &value); if (name && value) { - syscfg_set(NULL, name, value); + if (name[0] != '\0') + syscfg_set(NULL, name, value); free(name); - name = NULL; /*RDKB-7135, CID-33405, set null after free*/ + name = NULL; free(value); - value = NULL; /*RDKB-7135, CID-33137, set null after free*/ + value = NULL; } - - // skip any special chars leftover - if (buf && *buf == '\n') { - buf++; - } - } while (buf); + memset(inbuf, 0, SYSCFG_SZ); + } free(inbuf); + fclose(fd); return 0; } @@ -1746,19 +1973,30 @@ static int commit_to_file (const char *fname) _syscfg_file_lock(fd); shmoff_t entry; + off_t file_offset = 0; for (i = 0; i < SYSCFG_HASH_TABLE_SZ; i++) { entry = ctx->ht[i]; while (entry) { + memset(buf, 0, sizeof(buf)); ct = snprintf(buf, sizeof(buf), "%s=%s\n", HT_ENTRY_NAME(ctx,entry), HT_ENTRY_VALUE(ctx,entry)); - write(fd, buf, ct); - entry = HT_ENTRY_NEXT(ctx,entry); + if (ct > 0) { + ssize_t written = write(fd, buf, ct); + if (written < 0) { + ret = ERR_IO_FILE_WRITE; + goto end; + } + file_offset += written; + } + entry = HT_ENTRY_NEXT(ctx, entry); } } - _syscfg_file_unlock(fd); + ftruncate(fd, file_offset); - close(fd); + end: + _syscfg_file_unlock(fd); + close(fd); ret = access(SYSCFG_BKUP_FILE, F_OK); if ( ret == 0 ) { From c0d98df6734f4bed4b71b5c84b91d3a42f895c1b Mon Sep 17 00:00:00 2001 From: MonekaLakshmi <101797473+MonekaLakshmi@users.noreply.github.com> Date: Tue, 23 Sep 2025 16:49:17 +0530 Subject: [PATCH 13/63] RDKB-60956: Default OAUTH AuthMode feature to SSO in firmware Reason for change: Added logline to indicate SSO is defaulted Test Procedure: As mentioned in the ticket Risks: Medium --- .../init/src/apply_system_defaults/apply_system_defaults.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c index 284ddb66..b29ed600 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c @@ -2757,6 +2757,10 @@ static int apply_partnerId_default_values (char *data, char *PartnerID) if( pcAuthMode != NULL ) { set_syscfg_partner_values( pcAuthMode, "OAUTHAuthMode" ); + if (strcmp(pcAuthMode, "sso") == 0) + { + APPLY_PRINT("%s - OAuth AuthMode defaulted to SSO\n", __FUNCTION__); + } pcAuthMode = NULL; } else From 4a8b4e5d925b218cb999906114e5fff893dad0ae Mon Sep 17 00:00:00 2001 From: Sreehari Ramanjula <220073682+RAMANJULASREEHARI@users.noreply.github.com> Date: Tue, 23 Sep 2025 16:23:12 +0100 Subject: [PATCH 14/63] Add the XF10 product common flag Signed-off-by: Sreehari Ramanjula <220073682+RAMANJULASREEHARI@users.noreply.github.com> --- source/service_routed/service_routed.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/service_routed/service_routed.c b/source/service_routed/service_routed.c index 070ec3e2..1e51dad3 100644 --- a/source/service_routed/service_routed.c +++ b/source/service_routed/service_routed.c @@ -197,7 +197,7 @@ int GetDeviceNetworkMode() } #endif -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_RDKB_GLOBAL_PRODUCT_REQ_) /** IsThisCurrentPartnerID() */ static unsigned char IsThisCurrentPartnerID( const char* pcPartnerID ) { @@ -215,7 +215,7 @@ static unsigned char IsThisCurrentPartnerID( const char* pcPartnerID ) return FALSE; } -#endif /** _SCER11BEL_PRODUCT_REQ_ */ +#endif /** _RDKB_GLOBAL_PRODUCT_REQ_ */ STATIC int fw_restart(struct serv_routed *sr) { From ec5aee089ccb093d9d746995bfe22bebf9112de5 Mon Sep 17 00:00:00 2001 From: Michael Amal Anand Date: Tue, 23 Sep 2025 16:22:23 +0000 Subject: [PATCH 15/63] XF10-18 : XF10 Model support in Utopia Scripts Reason for change: XF10 Model support in Utopia Scripts Test Procedure: build procedure Risks: Medium Priority: P1 Signed-off-by: Michael_AmalAnand@comcast.com --- source/firewall/firewall.c | 16 +++---- source/firewall/firewall_ext.c | 2 +- .../igd/src/inc/igd_platform_dependent_inf.h | 5 ++- .../init/c_registration/15_dhcp_server.c | 2 +- source/scripts/init/service.d/lan_handler.sh | 2 +- source/scripts/init/service.d/logrotate.sh | 4 +- .../scripts/init/service.d/service_crond.sh | 4 +- .../dhcp_server_functions.sh | 6 +-- source/scripts/init/service.d/service_igd.sh | 2 +- source/scripts/init/service.d/service_ipv4.sh | 2 +- .../init/service.d/service_mcastproxy.sh | 2 +- .../service.d/service_multinet/handle_gre.sh | 6 +-- source/scripts/init/service.d/service_ntpd.sh | 4 +- source/scripts/init/service.d/service_sshd.sh | 16 +++---- .../service_sshd/service_dropbearssh.sh | 2 +- .../apply_system_defaults.c | 6 +-- source/scripts/init/system/utopia_init.sh | 6 +-- source/service_dhcp/dhcp_server_functions.c | 2 +- source/service_routed/service_routed.c | 44 +++++++++---------- 19 files changed, 68 insertions(+), 65 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 7dd4f5e4..52bb96df 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -5946,7 +5946,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) fprintf(fp, "-A INPUT -j wanattack\n"); //Smurf attack, actually the below rules are to prevent us from being the middle-man host -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) fprintf(fp, "-A SmurfAttack -p icmp -m icmp --icmp-type address-mask-request %s -j LOG --log-prefix \"DoS Attack - Smurf Attack\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -5966,7 +5966,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) #endif /*_HUB4_PRODUCT_REQ_*/ fprintf(fp, "-A SmurfAttack -p icmp -m icmp --icmp-type address-mask-request -j xlog_drop_wanattack\n"); // ICMP Smurf Attack (timestamp) -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A ICMPSmurfAttack -p icmp -m icmp --icmp-type timestamp-request %s -j LOG --log-prefix \"DoS Attack - Smurf Attack\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -5988,7 +5988,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) //ICMP Flooding. Mark traffic bit rate > 5/s as attack and limit 6 log entries per hour fprintf(fp, "-A ICMPFlooding -p icmp -m limit --limit 5/s --limit-burst 10 -j RETURN\n"); -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A ICMPFlooding -p icmp %s -j LOG --log-prefix \"DoS Attack - ICMP Flooding\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -6010,7 +6010,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) //TCP SYN Flooding fprintf(fp, "-A TCPSYNFlooding -p tcp --syn -m limit --limit 10/s --limit-burst 20 -j RETURN\n"); -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_)/* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A TCPSYNFlooding -p tcp --syn %s -j LOG --log-prefix \"DoS Attack - TCP SYN Flooding\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -6034,7 +6034,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) if(isWanReady) { /* Allow multicast packet through */ fprintf(fp, "-A LANDAttack -p udp -s %s -d 224.0.0.0/8 -j RETURN\n", wan_ip); -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A LANDAttack -s %s %s -j LOG --log-prefix \"DoS Attack - LAND Attack\" --log-level 7\n", wan_ip, logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -9994,7 +9994,7 @@ static void do_add_TCP_MSS_rules(FILE *mangle_fp) static int do_lan2wan(FILE *mangle_fp, FILE *filter_fp, FILE *nat_fp) { FIREWALL_DEBUG("Entering do_lan2wan\n"); -#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) +#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_) if (isNatReady) { FILE *f = NULL; @@ -13642,7 +13642,7 @@ WAN_FAILOVER_SUPPORT_CHECk_END prepare_MoCA_bridge_firewall(raw_fp, mangle_fp, nat_fp, filter_fp); #endif -#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) +#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_) /* To avoid open ssh connection to CM IP TCXB6-2879*/ if (!isBridgeMode) { @@ -14000,7 +14000,7 @@ static int prepare_disabled_ipv4_firewall(FILE *raw_fp, FILE *mangle_fp, FILE *n lan_http_access(filter_fp); #endif -#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) +#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_) if (isBridgeMode) { FILE *f = NULL; diff --git a/source/firewall/firewall_ext.c b/source/firewall/firewall_ext.c index b603603b..a887f5b2 100644 --- a/source/firewall/firewall_ext.c +++ b/source/firewall/firewall_ext.c @@ -211,7 +211,7 @@ int prepare_ipv4_rule_ex_mode(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE do_wan2self_attack(filter_fp,cellular_ipaddr); fprintf(filter_fp, "-A INPUT -i %s -p tcp -m tcp --dport 22 -j SSH_FILTER\n",cellular_ifname); -#if defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) +#if defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) fprintf(filter_fp, "-A INPUT -i brlan112 -d 169.254.70.0/24 -j ACCEPT\n"); fprintf(filter_fp, "-A INPUT -i brlan112 -m pkttype ! --pkt-type unicast -j ACCEPT\n"); fprintf(filter_fp, "-A INPUT -i brlan113 -d 169.254.71.0/24 -j ACCEPT\n"); diff --git a/source/igd/src/inc/igd_platform_dependent_inf.h b/source/igd/src/inc/igd_platform_dependent_inf.h index 380c17b8..f580163e 100644 --- a/source/igd/src/inc/igd_platform_dependent_inf.h +++ b/source/igd/src/inc/igd_platform_dependent_inf.h @@ -81,7 +81,10 @@ #define UPC "RDKB_ARM" #endif -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCXF11BFL_PRODUCT_REQ_) + #undef CONFIG_VENDOR_MODEL + #define CONFIG_VENDOR_MODEL "SCXF11BFL" +#elif defined(_SCER11BEL_PRODUCT_REQ_) #undef CONFIG_VENDOR_MODEL #define CONFIG_VENDOR_MODEL "SCER11BEL" #elif defined(_XER5_PRODUCT_REQ_) diff --git a/source/scripts/init/c_registration/15_dhcp_server.c b/source/scripts/init/c_registration/15_dhcp_server.c index be64b31a..2aee6edd 100644 --- a/source/scripts/init/c_registration/15_dhcp_server.c +++ b/source/scripts/init/c_registration/15_dhcp_server.c @@ -57,7 +57,7 @@ const char* SERVICE_CUSTOM_EVENTS[] = { NULL }; #elif defined(CORE_NET_LIB) && \ - ((defined(_XB6_PRODUCT_REQ_) && !defined (_XB8_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_)) || (defined(_WNXL11BWL_PRODUCT_REQ_)) || \ + ((defined(_XB6_PRODUCT_REQ_) && !defined (_XB8_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_)) && !defined(_SCXF11BFL_PRODUCT_REQ_) || (defined(_WNXL11BWL_PRODUCT_REQ_)) || \ (defined(_CBR_PRODUCT_REQ_) && !defined(_CBR2_PRODUCT_REQ_))) const char* SERVICE_CUSTOM_EVENTS[] = { "syslog-status|/usr/bin/service_dhcp", diff --git a/source/scripts/init/service.d/lan_handler.sh b/source/scripts/init/service.d/lan_handler.sh index 6c020d9a..1ed07d97 100755 --- a/source/scripts/init/service.d/lan_handler.sh +++ b/source/scripts/init/service.d/lan_handler.sh @@ -502,7 +502,7 @@ case "$1" in ;; lan-start) - if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then + if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then L3Net=`sysevent get primary_lan_l3net` if [ -z "$L3Net" ]; then echo_t "RDKB_SYSTEM_BOOT_UP_LOG : L3Net is null" diff --git a/source/scripts/init/service.d/logrotate.sh b/source/scripts/init/service.d/logrotate.sh index 56623cb2..581ac859 100644 --- a/source/scripts/init/service.d/logrotate.sh +++ b/source/scripts/init/service.d/logrotate.sh @@ -2,7 +2,7 @@ source /etc/device.properties -if [ "$BOX_TYPE" == "HUB4" ] || [ "$BOX_TYPE" == "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then +if [ "$BOX_TYPE" == "HUB4" ] || [ "$BOX_TYPE" == "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then source /etc/utopia/service.d/log_capture_path.sh VARLOG_DIR_THRESHOLD=3000 VAR_TMP_FILE_THRESHOLD=1000 @@ -86,7 +86,7 @@ if [ $dir -gt $VARLOG_DIR_THRESHOLD ]; then fi # If any file reaches 1MB inside /var/tmp, empty the file. -if [ "$BOX_TYPE" == "HUB4" ] || [ "$BOX_TYPE" == "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then +if [ "$BOX_TYPE" == "HUB4" ] || [ "$BOX_TYPE" == "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ] ||[ "$BOX_TYPE" == "SCXF11BFL" ]; then var_tmp_files=`ls /var/tmp/` for tmp_file in $var_tmp_files; do tmp_file_size=`du /var/tmp/$tmp_file | awk -v sum=0 '{print sum+=$1}' | tail -1` diff --git a/source/scripts/init/service.d/service_crond.sh b/source/scripts/init/service.d/service_crond.sh index cd78c2fa..9bf96344 100755 --- a/source/scripts/init/service.d/service_crond.sh +++ b/source/scripts/init/service.d/service_crond.sh @@ -124,7 +124,7 @@ service_start () #RDKB-45059 log the zebra.conf status for every 12 hours echo "0 */12 * * * /usr/ccsp/tad/Zebra_conf_status.sh" >> $CRONTAB_FILE - if [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "XB6" ] || [ "$BOX_TYPE" == "VNTXER5" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then + if [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "XB6" ] || [ "$BOX_TYPE" == "VNTXER5" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then #run idm recovery for each 10 minutes echo "*/10 * * * * /etc/idm/idm_recovery.sh" >> $CRONTAB_FILE fi @@ -190,7 +190,7 @@ service_start () addCron "48 * * * * sh /etc/sky/monitor_dhd_dump.sh &" fi - if [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then + if [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then #RDKB-43895 log the firmware bank informations in selfheal log echo "5 */12 * * * /usr/bin/FwBankInfo" >> $CRONTAB_FILE fi diff --git a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh index 40a6bcba..1a05bbf0 100755 --- a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh +++ b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh @@ -1075,7 +1075,7 @@ fi #fi #Option for parsing plume vendor code - if [ "$BOX_TYPE" = "XB6" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "VNTXER5" ] ; then + if [ "$BOX_TYPE" = "XB6" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then echo "dhcp-option=vendor:Plume,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:PP203X,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:SE401,43,tag=123" >> $LOCAL_DHCP_CONF @@ -1202,7 +1202,7 @@ fi echo "${PREFIX}""dhcp-option=l2sd0.4090,6,$WAN_DHCP_NS" >> $LOCAL_DHCP_CONF fi - elif [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "$MODEL_NUM" = "CGM601TCOM" ] || [ "$MODEL_NUM" = "SG417DBCT" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "VNTXER5" ]; then + elif [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "$MODEL_NUM" = "CGM601TCOM" ] || [ "$MODEL_NUM" = "SG417DBCT" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ] || [ "$BOX_TYPE" = "VNTXER5" ]; then echo "interface=brlan112" >> $LOCAL_DHCP_CONF if [ "$BOX_TYPE" = "WNXL11BWL" ]; then echo "dhcp-range=169.254.70.5,169.254.70.253,255.255.255.0,infinite" >> $LOCAL_DHCP_CONF @@ -1300,7 +1300,7 @@ fi echo "${PREFIX}""dhcp-option=br403,6,$WAN_DHCP_NS" >> $LOCAL_DHCP_CONF fi - elif [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [[ "$BOX_TYPE" = "SCER11BEL" ]]; then + elif [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [[ "$BOX_TYPE" = "SCER11BEL" ]] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then echo "interface=brlan6" >> $LOCAL_DHCP_CONF echo "dhcp-range=169.254.0.5,169.254.0.253,255.255.255.0,infinite" >> $LOCAL_DHCP_CONF diff --git a/source/scripts/init/service.d/service_igd.sh b/source/scripts/init/service.d/service_igd.sh index 8f50557b..5f8018b6 100755 --- a/source/scripts/init/service.d/service_igd.sh +++ b/source/scripts/init/service.d/service_igd.sh @@ -133,7 +133,7 @@ handle_ipv4_status() { IGD `sysevent get ipv4_${1}-ifname` & sysevent set ${SERVICE_NAME}_${1}-pid $! #RDKB-44364:To avoid IGD process init failure due to UPNP_E_SOCKET_BIND [-203] error - if [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then + if [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then check_IGD_is_up ${1} fi fi diff --git a/source/scripts/init/service.d/service_ipv4.sh b/source/scripts/init/service.d/service_ipv4.sh index f3004e1c..ba62cf17 100755 --- a/source/scripts/init/service.d/service_ipv4.sh +++ b/source/scripts/init/service.d/service_ipv4.sh @@ -113,7 +113,7 @@ handle_l2_status () { echo_t "service_ipv4 : Triggering RDKB_FIREWALL_RESTART" t2CountNotify "RF_INFO_RDKB_FIREWALL_RESTART" sysevent set firewall-restart - if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then + if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then uptime=$(cut -d. -f1 /proc/uptime) if [ -e "/usr/bin/onboarding_log" ]; then /usr/bin/onboarding_log "RDKB_FIREWALL_RESTART:$uptime" diff --git a/source/scripts/init/service.d/service_mcastproxy.sh b/source/scripts/init/service.d/service_mcastproxy.sh index 1185bd79..5b923378 100755 --- a/source/scripts/init/service.d/service_mcastproxy.sh +++ b/source/scripts/init/service.d/service_mcastproxy.sh @@ -113,7 +113,7 @@ fi else cat $LOCAL_CONF_FILE > $CONF_FILE rm -f $LOCAL_CONF_FILE - if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "rpi" ] || [ "$BOX_TYPE" == "bpi" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then + if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "rpi" ] || [ "$BOX_TYPE" == "bpi" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then $BIN $CONF_FILE & else $BIN -c $CONF_FILE & diff --git a/source/scripts/init/service.d/service_multinet/handle_gre.sh b/source/scripts/init/service.d/service_multinet/handle_gre.sh index 7eed8365..68f810b3 100755 --- a/source/scripts/init/service.d/service_multinet/handle_gre.sh +++ b/source/scripts/init/service.d/service_multinet/handle_gre.sh @@ -265,12 +265,12 @@ create_tunnel () { fi fi ifconfig $2 up - if [ ! -f /tmp/.gre_flowmanager_enable ] && [ "$BOX_TYPE" != "VNTXER5" ] && [ "$BOX_TYPE" != "SCER11BEL" ] + if [ ! -f /tmp/.gre_flowmanager_enable ] && [ "$BOX_TYPE" != "VNTXER5" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ] then echo addif $2 wan > /proc/driver/flowmgr/cmd touch /tmp/.gre_flowmanager_enable fi - if [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then + if [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then INST=`psmcli getallinst dmsb.l2net.` for i in $INST; do GRE=`psmcli get dmsb.l2net.$i.Members.Gre | grep $2` @@ -303,7 +303,7 @@ destroy_tunnel () { touch "/tmp/destroy_tunnel_lock" fi echo "Destroying tunnel... remote" - if [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then + if [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then INST=`psmcli getallinst dmsb.l2net.` for i in $INST; do STAT=`sysevent get gre_"$i"_inst` diff --git a/source/scripts/init/service.d/service_ntpd.sh b/source/scripts/init/service.d/service_ntpd.sh index bd8859d6..68167f87 100644 --- a/source/scripts/init/service.d/service_ntpd.sh +++ b/source/scripts/init/service.d/service_ntpd.sh @@ -550,7 +550,7 @@ service_start () fi #if [ -n "$QUICK_SYNC_WAN_IP" ]; then if [ -n "$PEER_INTERFACE_IP" ]; then - if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$NTPD_IMMED_PEER_SYNC" != "true" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then + if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$NTPD_IMMED_PEER_SYNC" != "true" ] && [ "$BOX_TYPE" != "SCER11BEL" ] || && [ "$BOX_TYPE" != "SCXF11BFL" ]; then if [ -z "$SOURCE_PING_INTF" ]; then MASK="255.255.255.0" else @@ -655,7 +655,7 @@ service_start () echo_t "SERVICE_NTPD : Starting NTP Daemon" >> $NTPD_LOG_NAME systemctl start $BIN ret_val=$? ### To ensure proper ret_val is obtained - if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then + if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then sysevent set firewall-restart fi fi diff --git a/source/scripts/init/service.d/service_sshd.sh b/source/scripts/init/service.d/service_sshd.sh index e67deee0..096680ac 100755 --- a/source/scripts/init/service.d/service_sshd.sh +++ b/source/scripts/init/service.d/service_sshd.sh @@ -56,7 +56,7 @@ else echo_t "[utopia]: dropbear using prod authorization keys" fi -if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then +if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then CMINTERFACE=$WAN_INTERFACE elif ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ]); then CMINTERFACE=$WAN_INTERFACE @@ -92,7 +92,7 @@ fi get_listen_params() { LISTEN_PARAMS="" #Get IPv4 address of wan0 - if ([ "$WAN_INTERFACE" = "$DEFAULT_WAN_INTERFACE" ] && [ "$BOX_TYPE" != "VNTXER5" ] && [ "$BOX_TYPE" != "SCER11BEL" ]) ; then + if ([ "$WAN_INTERFACE" = "$DEFAULT_WAN_INTERFACE" ] && [ "$BOX_TYPE" != "VNTXER5" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]) ; then if [ "$WAN0_IS_DUMMY" = "true" ]; then CM_IPV4=`ifconfig privbr:0 | grep "inet addr" | awk '/inet/{print $2}' | cut -f2 -d:` #Get IPv6 address of wan0 @@ -145,7 +145,7 @@ do_start() { #chmod 755 $DIR_NAME #fi - if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ]) ;then + if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ;then get_listen_params CMINTERFACE=$WAN_INTERFACE fi @@ -195,7 +195,7 @@ do_start() { commandString="$commandString -p [$CM_IPV6]:22" fi fi - elif ([ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ]) ; then + elif ([ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ; then # In IPv6 only case (MAP-T), and if IPv6 GUA on LAN enabled case, use brlan0 interface to get v6 global address. CM_IPV6=`ip -6 addr show dev brlan0 scope global | awk '/inet/{print $2}' | cut -d '/' -f1 | head -n1` if [ ! -z "$CM_IPV6" ]; then @@ -236,7 +236,7 @@ do_start() { getConfigFile $DROPBEAR_PARAMS_1 getConfigFile $DROPBEAR_PARAMS_2 - if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ]) ;then + if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ;then dropbear -E -s -b /etc/sshbanner.txt -a -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 $LISTEN_PARAMS -P $PID_FILE $USE_DEVKEYS 2>>$CONSOLEFILE if [ -z "$LISTEN_PARAMS" ] ; then echo_t "[utopia]: dropbear was not started for erouter0 interface with valid params." @@ -257,7 +257,7 @@ do_start() { if ([ "$MANUFACTURE" = "Technicolor" ] || [ "$MODEL_NUM" = "SG417DBCT" ]) ; then echo dropbear -E -s -K 60 -b /etc/sshbanner.txt ${commandString} -r ${DROPBEAR_PARAMS_1} -r ${DROPBEAR_PARAMS_2} -a -P ${PID_FILE} dropbear -E -s -b /etc/sshbanner.txt $commandString -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -a -P $PID_FILE -K 60 $USE_DEVKEYS 2>>$CONSOLEFILE - elif ([ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ]) ; then + elif ([ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ; then dropbear -E -s -b /etc/sshbanner.txt $commandString -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -a -P $PID_FILE -K 60 $USE_DEVKEYS 2>>$CONSOLEFILE else dropbear -E -s -b /etc/sshbanner.txt -a -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -p [$CM_IP]:22 -P $PID_FILE $USE_DEVKEYS 2>>$CONSOLEFILE @@ -302,7 +302,7 @@ service_start() { echo_t "[utopia] starting ${SERVICE_NAME} service" ulog ${SERVICE_NAME} status "starting ${SERVICE_NAME} service" - if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ]) ;then + if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ;then CMINTERFACE=$WAN_INTERFACE ifconfig $CMINTERFACE | grep Global ret=$? @@ -341,7 +341,7 @@ service_start() { fi #Disable monitoring dropbear as we don't have a seperate dropbear process running always #dropbear process would be running on demand basis - if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then + if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then $PMON setproc ssh dropbear $PID_FILE "/etc/utopia/service.d/service_sshd.sh sshd-restart" fi diff --git a/source/scripts/init/service.d/service_sshd/service_dropbearssh.sh b/source/scripts/init/service.d/service_sshd/service_dropbearssh.sh index c845daa4..6bb62256 100755 --- a/source/scripts/init/service.d/service_sshd/service_dropbearssh.sh +++ b/source/scripts/init/service.d/service_sshd/service_dropbearssh.sh @@ -44,7 +44,7 @@ source /etc/utopia/service.d/log_capture_path.sh source /etc/device.properties -if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then +if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then CMINTERFACE="erouter0" else if [ "$WAN0_IS_DUMMY" = "true" ]; then diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c index b29ed600..3da7e007 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c @@ -51,7 +51,7 @@ #include "time.h" #include "secure_wrapper.h" #include -#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) +#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) #include "platform_hal.h" #endif #include @@ -691,7 +691,7 @@ static int GetDevicePropertiesEntry (char *pOutput, int size, char *sDevicePropC static int getFactoryPartnerId (char *pValue) { -#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) +#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) if(0 == platform_hal_getFactoryPartnerId(pValue)) { APPLY_PRINT("%s:%d - %s\n",__FUNCTION__, __LINE__,pValue); @@ -2406,7 +2406,7 @@ static int apply_partnerId_default_values (char *data, char *PartnerID) // For Sky, we need to pull the default login from the /tmp/serial.txt file. FILE *fp = NULL; char DefaultPassword[25] = {0}; - #if defined (_SCER11BEL_PRODUCT_REQ_) + #if defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) fp = popen("grep 'WIFI_PASSWORD' /tmp/serial.txt | cut -d '=' -f 2 | tr -d [:space:]", "r"); #else fp = popen("grep 'WIFIPASSWORD' /tmp/serial.txt | cut -d '=' -f 2 | tr -d [:space:]", "r"); diff --git a/source/scripts/init/system/utopia_init.sh b/source/scripts/init/system/utopia_init.sh index 05bb09c3..fca35332 100755 --- a/source/scripts/init/system/utopia_init.sh +++ b/source/scripts/init/system/utopia_init.sh @@ -122,7 +122,7 @@ MWO_PATH="/nvram/mwo" CHANNEL_KEEPOUT_PATH="/nvram/mesh" ENCRYPT_SYSCFG=false -if [ "$MODEL_NUM" = "VTER11QEL" ] || [ "$MODEL_NUM" = "SCER11BEL" ]; then +if [ "$MODEL_NUM" = "VTER11QEL" ] || [ "$MODEL_NUM" = "SCER11BEL" ] || [ "$MODEL_NUM" = "SCXF11BFL" ]; then ENCRYPT_SYSCFG=true fi @@ -136,7 +136,7 @@ if [ -d $SYSCFG_ENCRYPTED_PATH ]; then fi fi -if [ "$MODEL_NUM" = "SCER11BEL" ]; then +if [ "$MODEL_NUM" = "SCER11BEL" ] || [ "$MODEL_NUM" = "SCXF11BFL" ]; then if [ "$ENCRYPT_SYSCFG" = false ]; then if [ ! -f $SYSCFG_BKUP_FILE ] && [ -f $SYSCFG_NEW_FILE ]; then echo_t "[utopia][init] DOWNGRADE to unsecured syscfg.db" @@ -852,6 +852,6 @@ if [ "$BOX_TYPE" = "VNTXER5" ]; then fi fi -if [ "$BOX_TYPE" = "SCER11BEL" ]; then +if [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$MODEL_NUM" = "SCXF11BFL" ]; then /etc/reset_reason_log.sh & fi diff --git a/source/service_dhcp/dhcp_server_functions.c b/source/service_dhcp/dhcp_server_functions.c index 2a2017aa..0c34285b 100644 --- a/source/service_dhcp/dhcp_server_functions.c +++ b/source/service_dhcp/dhcp_server_functions.c @@ -1927,7 +1927,7 @@ int prepare_dhcp_conf (char *input) #endif /*WIFI_MANAGE_SUPPORTED*/ } -#if defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) +#if defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined (_SCXF11BFL_PRODUCT_REQ_) fprintf(l_fLocal_Dhcp_ConfFile, "interface=brlan112\n"); fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-range=169.254.70.5,169.254.70.253,255.255.255.0,infinite\n"); diff --git a/source/service_routed/service_routed.c b/source/service_routed/service_routed.c index 070ec3e2..8ecdbf8e 100644 --- a/source/service_routed/service_routed.c +++ b/source/service_routed/service_routed.c @@ -197,7 +197,7 @@ int GetDeviceNetworkMode() } #endif -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /** IsThisCurrentPartnerID() */ static unsigned char IsThisCurrentPartnerID( const char* pcPartnerID ) { @@ -562,8 +562,8 @@ STATIC int route_set(struct serv_routed *sr) } #endif -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) ||defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) if ( TRUE == IsThisCurrentPartnerID("sky-") ) #endif /* _SCER11BEL_PRODUCT_REQ_ */ { @@ -1019,8 +1019,8 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) else { #endif - #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) - #if defined(_SCER11BEL_PRODUCT_REQ_) + #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) + #if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) if ( FALSE == IsThisCurrentPartnerID("sky-") ) { sysevent_get(sefd, setok, "lan_prefix", prefix, sizeof(prefix)); @@ -1038,8 +1038,8 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) if (gModeSwitched == ULA_IPV6) { - #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) - #if defined(_SCER11BEL_PRODUCT_REQ_) + #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) + #if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) if ( FALSE == IsThisCurrentPartnerID("sky-") ) { sysevent_get(sefd, setok, "lan_prefix", last_broadcasted_prefix, sizeof(last_broadcasted_prefix)); @@ -1191,8 +1191,8 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) { char val_DNSServersEnabled[ 32 ]; -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) if ( TRUE == IsThisCurrentPartnerID("sky-") ) #endif /** _SCER11BEL_PRODUCT_REQ_ */ { @@ -1330,10 +1330,10 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) fprintf(fp, " ipv6 nd ra-interval 30\n"); //Set ra-interval to default 30 secs as per Erouter Specs. } #else -#if (!defined (_HUB4_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_)) || defined (_WNXL11BWL_PRODUCT_REQ_) +#if (!defined (_HUB4_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_)) || defined (_WNXL11BWL_PRODUCT_REQ_) fprintf(fp, " ipv6 nd ra-interval 3\n"); #else -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) if ( FALSE == IsThisCurrentPartnerID("sky-") ) { fprintf(fp, " ipv6 nd ra-interval 3\n"); @@ -1347,7 +1347,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) #endif #if !defined (_HUB4_PRODUCT_REQ_) || defined (_WNXL11BWL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) if ( TRUE == IsThisCurrentPartnerID("sky-") ) { /* SKYH4-5324 : Selfheal is not working from IPv6 only client. @@ -1392,8 +1392,8 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) syscfg_get(NULL, "router_managed_flag", m_flag, sizeof(m_flag)); if (strcmp(m_flag, "1") == 0) fprintf(fp, " ipv6 nd managed-config-flag\n"); -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) else if ((strcmp(m_flag, "0") == 0) && ( TRUE == IsThisCurrentPartnerID("sky-") )) #else else if (strcmp(m_flag, "0") == 0) @@ -1404,8 +1404,8 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) syscfg_get(NULL, "router_other_flag", o_flag, sizeof(o_flag)); if (strcmp(o_flag, "1") == 0) fprintf(fp, " ipv6 nd other-config-flag\n"); -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) else if ((strcmp(o_flag, "0") == 0) && ( TRUE == IsThisCurrentPartnerID("sky-") )) #else else if (strcmp(o_flag, "0") == 0) @@ -1664,8 +1664,8 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) for (start = name_servs; (tok = strtok_r(start, " ", &sp)); start = NULL) { // Modifying rdnss value to fix the zebra config. -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) if( TRUE == IsThisCurrentPartnerID("sky-") ) { if (0 == strncmp(lan_addr, tok, strlen(lan_addr))) @@ -2079,8 +2079,8 @@ STATIC int radv_start(struct serv_routed *sr) return -1; } -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) ||defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) if( TRUE == IsThisCurrentPartnerID("sky-") ) #endif /** _SCER11BEL_PRODUCT_REQ_ */ { @@ -2136,7 +2136,7 @@ STATIC int rip_start(struct serv_routed *sr) if (!serv_can_start(sr->sefd, sr->setok, "rip")) return -1; #if !defined (_HUB4_PRODUCT_REQ_) || defined (_WNXL11BWL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) if( TRUE == IsThisCurrentPartnerID("sky-") ) { if (!sr->lan_ready) { @@ -2241,7 +2241,7 @@ STATIC int serv_routed_start(struct serv_routed *sr) return -1; } #if !defined (_HUB4_PRODUCT_REQ_) || defined (_WNXL11BWL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) if( FALSE == IsThisCurrentPartnerID("sky-") ) #endif /** */ { From 0e8f962741151679d2de25c255e792dc99d025f5 Mon Sep 17 00:00:00 2001 From: MonekaLakshmi <101797473+MonekaLakshmi@users.noreply.github.com> Date: Wed, 24 Sep 2025 11:32:16 +0530 Subject: [PATCH 16/63] RDKB-61786: Revert the changes of RDKB-60131 Reason for change: Revert the changes from develop Test Procedure: As mentioned in the ticket Risks: Medium --- .../init/src/apply_system_defaults/apply_system_defaults.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c index 18ebe98f..c4c45a91 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c @@ -2761,10 +2761,6 @@ static int apply_partnerId_default_values (char *data, char *PartnerID) if( pcAuthMode != NULL ) { set_syscfg_partner_values( pcAuthMode, "OAUTHAuthMode" ); - if (strcmp(pcAuthMode, "sso") == 0) - { - APPLY_PRINT("%s - OAuth AuthMode defaulted to SSO\n", __FUNCTION__); - } pcAuthMode = NULL; } else From 21eca34566e46c53dfffcbed7186dd4ce0728a65 Mon Sep 17 00:00:00 2001 From: smp960 Date: Wed, 24 Sep 2025 10:23:49 +0000 Subject: [PATCH 17/63] RDKB-61612 : WAN Failover Utility is required in Ethwan mode similar to DOCSIS Reason for change: Enable WAN Failover simulation in EthWAN mode Test Procedure: Set this "Device.X_RDKCENTRAL-COM_EthernetWAN.LinkDown" TR181 param to true for verifying the WAN failover simulation is happening or not when device is in EthWAN mode. Risks: Low Priority: P1 Signed-off-by: Suriyanarayanan_MP@comcast.com --- source/scripts/init/defaults/system_defaults_arm | 3 +++ 1 file changed, 3 insertions(+) diff --git a/source/scripts/init/defaults/system_defaults_arm b/source/scripts/init/defaults/system_defaults_arm index a3a7ad25..01dc730f 100755 --- a/source/scripts/init/defaults/system_defaults_arm +++ b/source/scripts/init/defaults/system_defaults_arm @@ -1429,6 +1429,9 @@ $DscpSleepInterval_2=0 #Ccsp CMagent Docsis linkdown timeout default value is 900sec $DocsisLinkDownTimeOut=900 +#Ccsp Ethagent EWAN linkdown timeout default value is 900sec +$EWanLinkDownTimeout=900 + #LLDEnable default value is false $LldEnable=false From a3baf10901f136401d834b5e3f07b18ec1480588 Mon Sep 17 00:00:00 2001 From: SanthoshGujulvajagadeesh Date: Thu, 25 Sep 2025 12:26:41 +0530 Subject: [PATCH 18/63] Add CHANGELOG.md for Release 1.1.3 --- CHANGELOG.md | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 483067b9..602916a7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,12 +4,28 @@ All notable changes to this project will be documented in this file. Dates are d Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). +#### [1.1.3](https://github.com/rdkcentral/utopia/compare/1.1.2...1.1.3) + +- RDKB-61786: Revert the changes of RDKB-60131 [`#77`](https://github.com/rdkcentral/utopia/pull/77) +- Rebase with develop [`#75`](https://github.com/rdkcentral/utopia/pull/75) +- RDKB-58679: Add PSM changes for vlan [`#56`](https://github.com/rdkcentral/utopia/pull/56) +- RDKB-60956: Default OAUTH AuthMode feature to SSO in firmware [`#71`](https://github.com/rdkcentral/utopia/pull/71) +- RDKB-61412 : Add RDKBPOD generic vendor name for all extender devices [`#68`](https://github.com/rdkcentral/utopia/pull/68) +- RDKB-60813 : Webui attack handling in Firewall [`#66`](https://github.com/rdkcentral/utopia/pull/66) +- RDKB-60232 : Option 82 rules for Amenity bridges [`#65`](https://github.com/rdkcentral/utopia/pull/65) +- RDKDEV-1132, RDKBACCL-846: Migrate scripts from RPI to BPI [`#49`](https://github.com/rdkcentral/utopia/pull/49) +- RDKB-61372: Handling recovery cases of Unknown/Invalid syscfg PartnerID [`#51`](https://github.com/rdkcentral/utopia/pull/51) +- Merge branch 'release/1.1.2' [`#59`](https://github.com/rdkcentral/utopia/pull/59) +- Update firewall.h [`7c2b6ab`](https://github.com/rdkcentral/utopia/commit/7c2b6ab093e0c66d53261357995b407f65287233) + #### [1.1.2](https://github.com/rdkcentral/utopia/compare/1.1.1...1.1.2) +> 12 September 2025 + - RDKB-60957: Add Utopia RFC defaults for xmeminsight Tool [`#48`](https://github.com/rdkcentral/utopia/pull/48) +- Add CHANGELOG.md for release 1.1.2 [`7d54a7b`](https://github.com/rdkcentral/utopia/commit/7d54a7b302b870e3d4366d0bdbbb93510f8a8e51) - Update system_defaults_xd4 [`c37af2a`](https://github.com/rdkcentral/utopia/commit/c37af2a17733f4acdfd422354d0d261b8bccee5b) - Update system_defaults_bci [`201f075`](https://github.com/rdkcentral/utopia/commit/201f075ca07729b955ce0af67df480867ea039ab) -- Update system_defaults_arm [`956c7ac`](https://github.com/rdkcentral/utopia/commit/956c7ac5565d709181b3d7f28ef7761c1e37278f) #### [1.1.1](https://github.com/rdkcentral/utopia/compare/1.1.0...1.1.1) From b2681d33f70cbd923582ee86ff0960a2a133a57d Mon Sep 17 00:00:00 2001 From: Stephen Barrett Date: Thu, 25 Sep 2025 16:43:15 +0100 Subject: [PATCH 19/63] Update CODEOWNERS --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 0f5f5932..710b2583 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -2,4 +2,4 @@ # the repo. Unless a later match takes precedence, # @global-owner1 and @global-owner2 will be requested for # review when someone opens a pull request. -* @rdkcentral/advsecurity-maintainers +* @rdkcentral/utopia-maintainers From f3ee7d4b1d1a37761fe3af3c96d7db807df23c71 Mon Sep 17 00:00:00 2001 From: rdkcmf Date: Thu, 25 Sep 2025 17:19:10 +0100 Subject: [PATCH 20/63] Deploy cla action --- .github/workflows/cla.yml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 05504793..c58b1b0b 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -1,13 +1,20 @@ name: "CLA" + +permissions: + contents: read + pull-requests: write + actions: write + statuses: write + on: issue_comment: types: [created] pull_request_target: - types: [opened,closed,synchronize] + types: [opened, closed, synchronize] jobs: CLA-Lite: name: "Signature" - uses: rdkcentral/cmf-actions/.github/workflows/cla.yml@main + uses: rdkcentral/cmf-actions/.github/workflows/cla.yml@v1 secrets: - PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_ASSISTANT }} \ No newline at end of file + PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_ASSISTANT }} From 57bf6d4e89c940e3b5ca5a18fd6d173cc96fbe0a Mon Sep 17 00:00:00 2001 From: rirfha948 Date: Fri, 5 Sep 2025 11:58:46 +0000 Subject: [PATCH 21/63] RDKB-6079800: IPv6 Support for WiFi Hotspot Reason for change: Added appropriate Firewall changes Test Procedure: - TBD Risks: None Priority: P3 Change-Id: I21e345f281f9db6a3f28ac9f22c9103d1f22f93c Signed-off-by: rirfha948 --- source/firewall/firewall.c | 61 +++++++++++++++++++++------------ source/firewall/firewall.h | 2 ++ source/firewall/firewall_ipv6.c | 35 +++---------------- 3 files changed, 47 insertions(+), 51 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index f10e6aee..e23ef148 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -697,6 +697,7 @@ char current_wan_ip6_addr[128]; bool isDefHttpsPortUsed = FALSE ; int current_wan_ipv6_num = 0; char default_wan_ifname[50]; // name of the regular wan interface +char hotspot_wan_ifname[50]; int rfstatus; /* * For timed internet access rules we use cron @@ -2452,6 +2453,19 @@ static int prepare_globals_from_configuration(void) pStr = NULL; } } + + // Update WIFI hotspot interface name -> from PSM + memset(hotspot_wan_ifname,0,sizeof(hotspot_wan_ifname)); + rc = PSM_VALUE_GET_STRING(PSM_HOTSPOT_WAN_IFNAME, pStr); + if(rc == CCSP_SUCCESS && pStr != NULL){ + FIREWALL_DEBUG("HotSpot wan interface fetched \n"); + safec_rc = strcpy_s(hotspot_wan_ifname, sizeof(hotspot_wan_ifname),pStr); + ERR_CHK(safec_rc); + Ansc_FreeMemory_Callback(pStr); + pStr = NULL; + } + FIREWALL_DEBUG(" line:%d current_wan_ifname:%s hotspot_wan_ifname %s \n" COMMA __LINE__ COMMA current_wan_ifname COMMA hotspot_wan_ifname); + memset(mesh_wan_ipv6addr,0,sizeof(mesh_wan_ipv6addr)); get_ip6address(mesh_wan_ifname, mesh_wan_ipv6addr, &mesh_wan_ipv6_num,IPV6_ADDR_SCOPE_GLOBAL); #endif @@ -5248,29 +5262,35 @@ static int do_nat_ephemeral(FILE *fp) return(0); } -void applyHotspotPostRoutingRules(FILE *fp) +void applyHotspotPostRoutingRules(FILE *fp, bool isIpv4) { - FIREWALL_DEBUG("60736: Entering applyHotspotPostRoutingRules \n"); - int rc; - char *pStr = NULL; - errno_t safec_rc = -1; - char hotspot_wan_ifname[32]; - memset(hotspot_wan_ifname,0,sizeof(hotspot_wan_ifname)); - rc = PSM_VALUE_GET_STRING(PSM_HOTSPOT_WAN_IFNAME, pStr); - if(rc == CCSP_SUCCESS && pStr != NULL){ - FIREWALL_DEBUG("HotSpot wan interface fetched \n"); - safec_rc = strcpy_s(hotspot_wan_ifname, sizeof(hotspot_wan_ifname),pStr); - ERR_CHK(safec_rc); - Ansc_FreeMemory_Callback(pStr); - pStr = NULL; + FIREWALL_DEBUG(" Entering applyHotspotPostRoutingRules \n"); + char sysEventName[256]; + if (isIpv4 == true) + { + if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) + { + FIREWALL_DEBUG("Apply Post Routing Rules for IPv4\n"); + FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ipaddr); + fprintf(fp, "-A postrouting_towan -o %s -j SNAT --to-source %s\n" COMMA current_wan_ifname COMMA current_wan_ipaddr); + } } - FIREWALL_DEBUG(" line:%d current_wan_ifname:%s hotspot_wan_ifname %s \n" COMMA __LINE__ COMMA current_wan_ifname COMMA hotspot_wan_ifname); - - if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) + else { - fprintf(fp, "-A postrouting_towan -j MASQUERADE\n"); + memset(current_wan_ip6_addr, 0, sizeof(current_wan_ip6_addr)); + memset(sysEventName, 0, sizeof(sysEventName)); + snprintf(sysEventName, sizeof(sysEventName),"tr_%s_dhcpv6_client_v6addr", hotspot_wan_ifname); + sysevent_get(sysevent_fd, sysevent_token, sysEventName, current_wan_ip6_addr, sizeof(current_wan_ip6_addr)); + + if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) + { + FIREWALL_DEBUG("Apply Post Routing Rules for IPv6\n"); + FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ip6_addr); + fprintf(fp, "-A POSTROUTING -o %s -j SNAT --to-source %s\n" COMMA current_wan_ifname COMMA current_wan_ip6_addr); + } + } - FIREWALL_DEBUG("60736: Exiting applyHotspotPostRoutingRules \n"); + FIREWALL_DEBUG(" Exiting applyHotspotPostRoutingRules \n"); } #if defined(_BWG_PRODUCT_REQ_) @@ -5427,8 +5447,7 @@ static int do_wan_nat_lan_clients(FILE *fp) #else if (0 == checkIfULAEnabled()) { - FIREWALL_DEBUG("Applying applyHotspotPostRoutingRules \n"); - applyHotspotPostRoutingRules(fp); + applyHotspotPostRoutingRules(fp, true); } else { fprintf(fp, "-A postrouting_towan -j SNAT --to-source %s\n", natip4); } diff --git a/source/firewall/firewall.h b/source/firewall/firewall.h index 141e43e6..51ea3d11 100644 --- a/source/firewall/firewall.h +++ b/source/firewall/firewall.h @@ -348,6 +348,8 @@ extern char dev_type[20]; extern char mesh_wan_ifname[32]; #endif +void applyHotspotPostRoutingRules(FILE *fp, bool isIpv4); +extern char hotspot_wan_ifname[32]; extern int current_wan_ipv6_num; extern char default_wan_ifname[50]; // name of the regular wan interface extern char current_wan_ipv6[IF_IPV6ADDR_MAX][40]; diff --git a/source/firewall/firewall_ipv6.c b/source/firewall/firewall_ipv6.c index de1962d6..6501bfb8 100644 --- a/source/firewall/firewall_ipv6.c +++ b/source/firewall/firewall_ipv6.c @@ -1959,6 +1959,10 @@ void do_ipv6_sn_filter(FILE* fp) { fprintf(fp, "-A PREROUTING -i %s -d %s -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m limit --limit 20/sec -j ACCEPT\n", ifnames[i], mcastAddrStr); /* NS Throttling rules for WAN and LAN */ fprintf(fp, "-A PREROUTING -i %s -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m limit --limit 20/sec -j ACCEPT\n", ifnames[i]); + if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) + { + fprintf(fp, "-A INPUT -s %s -i %s -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m limit --limit 100/sec -j ACCEPT\n" , current_wan_ip6_addr , current_wan_ifname); + } fprintf(fp, "-A PREROUTING -i %s -p ipv6-icmp -m icmp6 --icmpv6-type 135 -j DROP\n", ifnames[i]); } @@ -2122,35 +2126,6 @@ void applyIpv6ULARules(FILE* fp) #endif } -void applyHotspotIpv6PostRoutingRules(FILE *fp) -{ - FIREWALL_DEBUG("60736: Entering applyHotspotIpv6PostRoutingRules \n"); - int rc; - char *pStr = NULL; - errno_t safec_rc = -1; - char hotspot_wan_ifname[32]; - memset(hotspot_wan_ifname,0,sizeof(hotspot_wan_ifname)); - rc = PSM_VALUE_GET_STRING(PSM_HOTSPOT_WAN_IFNAME, pStr); - if(rc == CCSP_SUCCESS && pStr != NULL){ - FIREWALL_DEBUG("HotSpot wan interface fetched \n"); - safec_rc = strcpy_s(hotspot_wan_ifname, sizeof(hotspot_wan_ifname),pStr); - ERR_CHK(safec_rc); - Ansc_FreeMemory_Callback(pStr); - pStr = NULL; - } - FIREWALL_DEBUG(" line:%d current_wan_ifname:%s hotspot_wan_ifname %s \n" COMMA __LINE__ COMMA current_wan_ifname COMMA hotspot_wan_ifname); - memset(current_wan_ip6_addr, 0, sizeof(current_wan_ip6_addr)); - sysevent_get(sysevent_fd, sysevent_token, "tr_brww0_dhcpv6_client_v6addr", current_wan_ip6_addr, sizeof(current_wan_ip6_addr)); - - if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) - { - FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ip6_addr); - fprintf(fp, "-t nat -I POSTROUTING -o %s -j SNAT --to-source %s\n" COMMA current_wan_ifname COMMA current_wan_ip6_addr); - fprintf(fp, "-A INPUT -s %s -i %s -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m limit --limit 100/sec -j ACCEPT\n" , current_wan_ip6_addr , current_wan_ifname); - } - FIREWALL_DEBUG("60736: Exiting applyHotspotIpv6PostRoutingRules \n"); -} - #endif void do_ipv6_nat_table(FILE* fp) { @@ -2258,7 +2233,7 @@ void do_ipv6_nat_table(FILE* fp) #if defined (WAN_FAILOVER_SUPPORTED) if (0 == checkIfULAEnabled()) { - applyHotspotIpv6PostRoutingRules(fp); + applyHotspotPostRoutingRules(fp, false); } #endif FIREWALL_DEBUG("Exiting do_ipv6_nat_table \n"); From b480b3410be6dc41dc1453bd3c8fca6fa5efbdfe Mon Sep 17 00:00:00 2001 From: rirfha948 Date: Fri, 26 Sep 2025 05:37:43 +0000 Subject: [PATCH 22/63] RDKB-6079800: IPv6 Support for WiFi Hotspot Reason for change: Added appropriate Firewall changes Test Procedure: - TBD Risks: None Priority: P3 Change-Id: I21e345f281f9db6a3f28ac9f22c9103d1f22f93c Signed-off-by: rirfha948 --- source/firewall/firewall.h | 1 - 1 file changed, 1 deletion(-) diff --git a/source/firewall/firewall.h b/source/firewall/firewall.h index 51ea3d11..06e8db29 100644 --- a/source/firewall/firewall.h +++ b/source/firewall/firewall.h @@ -211,7 +211,6 @@ void do_forwardPorts(FILE *fp); int IsValidIPv6Addr(char* ip_addr_string); #ifdef WAN_FAILOVER_SUPPORTED int checkIfULAEnabled(void); -void applyHotspotPostRoutingRules(FILE *fp); #endif void getIpv6Interfaces(char Interface[MAX_NO_IPV6_INF][MAX_LEN_IPV6_INF], int *len); void prepare_hotspot_gre_ipv6_rule(FILE *filter_fp); From 7fc0ea649de6fb302ba75c62dd2c67e340fc4602 Mon Sep 17 00:00:00 2001 From: rirfha948 Date: Fri, 26 Sep 2025 05:37:43 +0000 Subject: [PATCH 23/63] RDKB-6079800: IPv6 Support for WiFi Hotspot Reason for change: Added appropriate Firewall changes Test Procedure: - TBD Risks: None Priority: P3 Change-Id: I21e345f281f9db6a3f28ac9f22c9103d1f22f93c Signed-off-by: rirfha948 --- source/firewall/firewall.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/source/firewall/firewall.h b/source/firewall/firewall.h index 51ea3d11..bbfabae5 100644 --- a/source/firewall/firewall.h +++ b/source/firewall/firewall.h @@ -211,7 +211,6 @@ void do_forwardPorts(FILE *fp); int IsValidIPv6Addr(char* ip_addr_string); #ifdef WAN_FAILOVER_SUPPORTED int checkIfULAEnabled(void); -void applyHotspotPostRoutingRules(FILE *fp); #endif void getIpv6Interfaces(char Interface[MAX_NO_IPV6_INF][MAX_LEN_IPV6_INF], int *len); void prepare_hotspot_gre_ipv6_rule(FILE *filter_fp); @@ -349,7 +348,7 @@ extern char mesh_wan_ifname[32]; #endif void applyHotspotPostRoutingRules(FILE *fp, bool isIpv4); -extern char hotspot_wan_ifname[32]; +extern char hotspot_wan_ifname[50]; extern int current_wan_ipv6_num; extern char default_wan_ifname[50]; // name of the regular wan interface extern char current_wan_ipv6[IF_IPV6ADDR_MAX][40]; From f14d3c510365033a15b8f5f1e0a09c15fa634996 Mon Sep 17 00:00:00 2001 From: rdkcmf Date: Mon, 29 Sep 2025 14:10:30 +0100 Subject: [PATCH 24/63] Deploy fossid_integration_stateless_diffscan_target_repo action --- ...d_integration_stateless_diffscan_target_repo.yml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/.github/workflows/fossid_integration_stateless_diffscan_target_repo.yml b/.github/workflows/fossid_integration_stateless_diffscan_target_repo.yml index da02b8b4..7b8c1cba 100644 --- a/.github/workflows/fossid_integration_stateless_diffscan_target_repo.yml +++ b/.github/workflows/fossid_integration_stateless_diffscan_target_repo.yml @@ -1,11 +1,18 @@ name: Fossid Stateless Diff Scan -on: pull_request +on: + pull_request: + types: [opened, synchronize, reopened] + +permissions: + contents: read + pull-requests: read jobs: call-fossid-workflow: - uses: rdkcentral/build_tools_workflows/.github/workflows/fossid_integration_stateless_diffscan.yml@develop - secrets: + if: ${{ ! github.event.pull_request.head.repo.fork }} + uses: rdkcentral/build_tools_workflows/.github/workflows/fossid_integration_stateless_diffscan.yml@1.0.0 + secrets: FOSSID_CONTAINER_USERNAME: ${{ secrets.FOSSID_CONTAINER_USERNAME }} FOSSID_CONTAINER_PASSWORD: ${{ secrets.FOSSID_CONTAINER_PASSWORD }} FOSSID_HOST_USERNAME: ${{ secrets.FOSSID_HOST_USERNAME }} From ecbc955deca94a68305d53eaf0f5387179142b28 Mon Sep 17 00:00:00 2001 From: Michael Amal Anand <73233797+michaelamal@users.noreply.github.com> Date: Thu, 2 Oct 2025 15:14:41 -0400 Subject: [PATCH 25/63] Update service_routed.c --- source/service_routed/service_routed.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/service_routed/service_routed.c b/source/service_routed/service_routed.c index 8ecdbf8e..5ac8d2ab 100644 --- a/source/service_routed/service_routed.c +++ b/source/service_routed/service_routed.c @@ -197,7 +197,7 @@ int GetDeviceNetworkMode() } #endif -#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_RDKB_GLOBAL_PRODUCT_REQ_) /** IsThisCurrentPartnerID() */ static unsigned char IsThisCurrentPartnerID( const char* pcPartnerID ) { @@ -215,7 +215,7 @@ static unsigned char IsThisCurrentPartnerID( const char* pcPartnerID ) return FALSE; } -#endif /** _SCER11BEL_PRODUCT_REQ_ */ +#endif /** _RDKB_GLOBAL_PRODUCT_REQ_ */ STATIC int fw_restart(struct serv_routed *sr) { From 6bc01ff11ba325b4591c7e7c9cf5f69a8835d86f Mon Sep 17 00:00:00 2001 From: Michael Amal Anand <73233797+michaelamal@users.noreply.github.com> Date: Thu, 2 Oct 2025 15:16:10 -0400 Subject: [PATCH 26/63] Update service_routed.c --- source/service_routed/service_routed.c | 1 + 1 file changed, 1 insertion(+) diff --git a/source/service_routed/service_routed.c b/source/service_routed/service_routed.c index 5ac8d2ab..5bd79e1e 100644 --- a/source/service_routed/service_routed.c +++ b/source/service_routed/service_routed.c @@ -198,6 +198,7 @@ int GetDeviceNetworkMode() #endif #if defined(_RDKB_GLOBAL_PRODUCT_REQ_) + /** IsThisCurrentPartnerID() */ static unsigned char IsThisCurrentPartnerID( const char* pcPartnerID ) { From a2bd29588b1536bde849710ec04f908cbf525996 Mon Sep 17 00:00:00 2001 From: aprasad Date: Fri, 3 Oct 2025 04:32:19 -0700 Subject: [PATCH 27/63] RDKBDEV-3294 : Fix open port 21515 by default on unexpected interfaces. Reason for change: During NMAP scan for TCP open ports in MXL platform, we noticed that port 21515 seem to be open by default on wan0 and mta0 interfaces. This will be fixed here. Risks: Low Signed-off-by: Aiswarya Prasad --- source/firewall/firewall.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 7dd4f5e4..163550e7 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -13121,7 +13121,7 @@ int do_block_ports(FILE *filter_fp) fprintf(filter_fp, "-A INPUT ! -i brlan0 -p tcp -m tcp --dport 49152:49153 -j DROP\n"); fprintf(filter_fp, "-A INPUT ! -i brlan0 -p udp -m udp --dport 1900 -j DROP\n"); - fprintf(filter_fp, "-A INPUT ! -i brlan0 -p tcp -m tcp --dport 21515 -j DROP\n"); + fprintf(filter_fp, "-I INPUT ! -i brlan0 -p tcp -m tcp --dport 21515 -j DROP\n"); fprintf(filter_fp, "-A INPUT ! -i brlan0 -p udp -m udp --dport 21515 -j DROP\n"); /* RDKB-22836 : From ad4f5b0b26fef32342ac3d6011ddd13e38f8dd1c Mon Sep 17 00:00:00 2001 From: smp960 <224775237+suriya-prem@users.noreply.github.com> Date: Mon, 6 Oct 2025 06:09:12 +0000 Subject: [PATCH 28/63] RDKB-61612 : WAN Failover Utility is required in Ethwan mode similar to DOCSIS Reason for change: Enable WAN Failover simulation in EthWAN mode Test Procedure: Set this "Device.X_RDKCENTRAL-COM_EthernetWAN.LinkDown" TR181 param to true for verifying the WAN failover simulation is happening or not when device is in EthWAN mode. Risks: Low Priority: P1 --- source/scripts/init/defaults/system_defaults_arm | 1 - 1 file changed, 1 deletion(-) diff --git a/source/scripts/init/defaults/system_defaults_arm b/source/scripts/init/defaults/system_defaults_arm index 01dc730f..ace916f5 100755 --- a/source/scripts/init/defaults/system_defaults_arm +++ b/source/scripts/init/defaults/system_defaults_arm @@ -1431,7 +1431,6 @@ $DocsisLinkDownTimeOut=900 #Ccsp Ethagent EWAN linkdown timeout default value is 900sec $EWanLinkDownTimeout=900 - #LLDEnable default value is false $LldEnable=false From 0c2c13c413d913e8210434d56d9f724c091eea47 Mon Sep 17 00:00:00 2001 From: Stephen Barrett Date: Wed, 8 Oct 2025 13:28:21 +0100 Subject: [PATCH 29/63] Update CODEOWNERS --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 710b2583..bbbaa1df 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -2,4 +2,4 @@ # the repo. Unless a later match takes precedence, # @global-owner1 and @global-owner2 will be requested for # review when someone opens a pull request. -* @rdkcentral/utopia-maintainers +* @rdkcentral/utopia-maintainers @rdkcentral/rdkb-maintainers From 29800ce8221a3251b5bab5fb0b43ded3ff82fab8 Mon Sep 17 00:00:00 2001 From: SanthoshGujulvajagadeesh Date: Thu, 9 Oct 2025 12:34:34 +0530 Subject: [PATCH 30/63] Add CHANGELOG.md for Release 1.2.0 --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 602916a7..9ffd1c33 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,8 +4,19 @@ All notable changes to this project will be documented in this file. Dates are d Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). +#### [1.2.0](https://github.com/rdkcentral/utopia/compare/1.1.3...1.2.0) + +- Update CODEOWNERS [`#100`](https://github.com/rdkcentral/utopia/pull/100) +- Add the XF10 product common flag [`#72`](https://github.com/rdkcentral/utopia/pull/72) +- RDKB-59938 : Observing SYSCFG DB stored with junk values [`#61`](https://github.com/rdkcentral/utopia/pull/61) +- Deploy fossid_integration_stateless_diffscan_target_repo action [`#93`](https://github.com/rdkcentral/utopia/pull/93) +- Update CODEOWNERS [`#81`](https://github.com/rdkcentral/utopia/pull/81) +- Deploy cla action [`#82`](https://github.com/rdkcentral/utopia/pull/82) + #### [1.1.3](https://github.com/rdkcentral/utopia/compare/1.1.2...1.1.3) +> 25 September 2025 + - RDKB-61786: Revert the changes of RDKB-60131 [`#77`](https://github.com/rdkcentral/utopia/pull/77) - Rebase with develop [`#75`](https://github.com/rdkcentral/utopia/pull/75) - RDKB-58679: Add PSM changes for vlan [`#56`](https://github.com/rdkcentral/utopia/pull/56) @@ -16,6 +27,7 @@ Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). - RDKDEV-1132, RDKBACCL-846: Migrate scripts from RPI to BPI [`#49`](https://github.com/rdkcentral/utopia/pull/49) - RDKB-61372: Handling recovery cases of Unknown/Invalid syscfg PartnerID [`#51`](https://github.com/rdkcentral/utopia/pull/51) - Merge branch 'release/1.1.2' [`#59`](https://github.com/rdkcentral/utopia/pull/59) +- Add CHANGELOG.md for Release 1.1.3 [`a3baf10`](https://github.com/rdkcentral/utopia/commit/a3baf10901f136401d834b5e3f07b18ec1480588) - Update firewall.h [`7c2b6ab`](https://github.com/rdkcentral/utopia/commit/7c2b6ab093e0c66d53261357995b407f65287233) #### [1.1.2](https://github.com/rdkcentral/utopia/compare/1.1.1...1.1.2) From 9eedf983fbc74a4701b7e15226f2efea11040e8f Mon Sep 17 00:00:00 2001 From: Michael Amal Anand <73233797+michaelamal@users.noreply.github.com> Date: Thu, 9 Oct 2025 13:48:38 -0400 Subject: [PATCH 31/63] Update service_routed.c --- source/service_routed/service_routed.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/source/service_routed/service_routed.c b/source/service_routed/service_routed.c index 5bd79e1e..a93c486f 100644 --- a/source/service_routed/service_routed.c +++ b/source/service_routed/service_routed.c @@ -564,7 +564,7 @@ STATIC int route_set(struct serv_routed *sr) #endif #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) ||defined(_SCXF11BFL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if ( TRUE == IsThisCurrentPartnerID("sky-") ) #endif /* _SCER11BEL_PRODUCT_REQ_ */ { @@ -1021,7 +1021,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) { #endif #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) - #if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) + #if defined(_SCER11BEL_PRODUCT_REQ_) if ( FALSE == IsThisCurrentPartnerID("sky-") ) { sysevent_get(sefd, setok, "lan_prefix", prefix, sizeof(prefix)); @@ -1040,7 +1040,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) if (gModeSwitched == ULA_IPV6) { #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) - #if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) + #if defined(_SCER11BEL_PRODUCT_REQ_) if ( FALSE == IsThisCurrentPartnerID("sky-") ) { sysevent_get(sefd, setok, "lan_prefix", last_broadcasted_prefix, sizeof(last_broadcasted_prefix)); @@ -1665,8 +1665,8 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) for (start = name_servs; (tok = strtok_r(start, " ", &sp)); start = NULL) { // Modifying rdnss value to fix the zebra config. -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if( TRUE == IsThisCurrentPartnerID("sky-") ) { if (0 == strncmp(lan_addr, tok, strlen(lan_addr))) @@ -2080,8 +2080,8 @@ STATIC int radv_start(struct serv_routed *sr) return -1; } -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) ||defined(_SCXF11BFL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if( TRUE == IsThisCurrentPartnerID("sky-") ) #endif /** _SCER11BEL_PRODUCT_REQ_ */ { @@ -2137,7 +2137,7 @@ STATIC int rip_start(struct serv_routed *sr) if (!serv_can_start(sr->sefd, sr->setok, "rip")) return -1; #if !defined (_HUB4_PRODUCT_REQ_) || defined (_WNXL11BWL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if( TRUE == IsThisCurrentPartnerID("sky-") ) { if (!sr->lan_ready) { From a346d30167651e88aad77ed6afe48bd72768df7f Mon Sep 17 00:00:00 2001 From: Michael Amal Anand <73233797+michaelamal@users.noreply.github.com> Date: Thu, 9 Oct 2025 13:50:01 -0400 Subject: [PATCH 32/63] Update apply_system_defaults.c --- .../init/src/apply_system_defaults/apply_system_defaults.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c index 3da7e007..faf0c7a8 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c @@ -691,7 +691,7 @@ static int GetDevicePropertiesEntry (char *pOutput, int size, char *sDevicePropC static int getFactoryPartnerId (char *pValue) { -#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) if(0 == platform_hal_getFactoryPartnerId(pValue)) { APPLY_PRINT("%s:%d - %s\n",__FUNCTION__, __LINE__,pValue); From 047892c48432099394e531436bc614d8d1b2afa2 Mon Sep 17 00:00:00 2001 From: Michael Amal Anand <73233797+michaelamal@users.noreply.github.com> Date: Thu, 9 Oct 2025 13:54:17 -0400 Subject: [PATCH 33/63] Update service_sshd.sh --- source/scripts/init/service.d/service_sshd.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/scripts/init/service.d/service_sshd.sh b/source/scripts/init/service.d/service_sshd.sh index 096680ac..c6b0d4c3 100755 --- a/source/scripts/init/service.d/service_sshd.sh +++ b/source/scripts/init/service.d/service_sshd.sh @@ -195,7 +195,7 @@ do_start() { commandString="$commandString -p [$CM_IPV6]:22" fi fi - elif ([ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ; then + elif [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ]; then # In IPv6 only case (MAP-T), and if IPv6 GUA on LAN enabled case, use brlan0 interface to get v6 global address. CM_IPV6=`ip -6 addr show dev brlan0 scope global | awk '/inet/{print $2}' | cut -d '/' -f1 | head -n1` if [ ! -z "$CM_IPV6" ]; then @@ -257,7 +257,7 @@ do_start() { if ([ "$MANUFACTURE" = "Technicolor" ] || [ "$MODEL_NUM" = "SG417DBCT" ]) ; then echo dropbear -E -s -K 60 -b /etc/sshbanner.txt ${commandString} -r ${DROPBEAR_PARAMS_1} -r ${DROPBEAR_PARAMS_2} -a -P ${PID_FILE} dropbear -E -s -b /etc/sshbanner.txt $commandString -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -a -P $PID_FILE -K 60 $USE_DEVKEYS 2>>$CONSOLEFILE - elif ([ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ; then + elif [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ]; then dropbear -E -s -b /etc/sshbanner.txt $commandString -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -a -P $PID_FILE -K 60 $USE_DEVKEYS 2>>$CONSOLEFILE else dropbear -E -s -b /etc/sshbanner.txt -a -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -p [$CM_IP]:22 -P $PID_FILE $USE_DEVKEYS 2>>$CONSOLEFILE From a4be7d17bee970215bb791bb336731350145a460 Mon Sep 17 00:00:00 2001 From: Michael Amal Anand <73233797+michaelamal@users.noreply.github.com> Date: Fri, 10 Oct 2025 10:53:31 -0400 Subject: [PATCH 34/63] Update service_routed.c --- source/service_routed/service_routed.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/source/service_routed/service_routed.c b/source/service_routed/service_routed.c index a93c486f..0cb37164 100644 --- a/source/service_routed/service_routed.c +++ b/source/service_routed/service_routed.c @@ -563,7 +563,7 @@ STATIC int route_set(struct serv_routed *sr) } #endif -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) ||defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) #if defined(_SCER11BEL_PRODUCT_REQ_) if ( TRUE == IsThisCurrentPartnerID("sky-") ) #endif /* _SCER11BEL_PRODUCT_REQ_ */ @@ -1020,7 +1020,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) else { #endif - #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) + #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) #if defined(_SCER11BEL_PRODUCT_REQ_) if ( FALSE == IsThisCurrentPartnerID("sky-") ) { @@ -1039,7 +1039,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) if (gModeSwitched == ULA_IPV6) { - #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) + #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) #if defined(_SCER11BEL_PRODUCT_REQ_) if ( FALSE == IsThisCurrentPartnerID("sky-") ) { From 89980cfa2786cb1fb78f3ccdd42707c6e9e9726a Mon Sep 17 00:00:00 2001 From: "keerthana.p" Date: Fri, 5 Sep 2025 12:23:14 +0100 Subject: [PATCH 35/63] RDKDEV-1143,RDKBACCL-1052 : fynecli connection was not established from remote ubuntu pc via 49153 port Reason for change: To allow 49153 port for bpi target to access the fynecli GUI from remote pc to bpi ctrl target Test procedure: Able to make successful connection Risks: None Signed-off-by: keerthana.p --- source/firewall/firewall.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 387202ee..325c12fa 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -12045,6 +12045,10 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * #endif fprintf(filter_fp, "-A OUTPUT -o lo -p tcp -m tcp --sport 49152:49153 -j ACCEPT\n"); fprintf(filter_fp, "-A OUTPUT ! -o brlan0 -p tcp -m tcp --sport 49152:49153 -j DROP\n"); + /* For EasyMesh Controller Communication */ +#if defined(_PLATFORM_BANANAPI_R4_) + fprintf(filter_fp, "-I OUTPUT -o %s -p tcp --sport 49153 -j ACCEPT\n",get_current_wan_ifname()); +#endif #ifdef CONFIG_CISCO_FEATURE_CISCOCONNECT fprintf(filter_fp, ":%s - [0:0]\n", "pp_disabled"); if(isGuestNetworkEnabled) { @@ -13082,6 +13086,10 @@ int do_block_ports(FILE *filter_fp) fprintf(filter_fp, "-A INPUT -i lo -p udp -m udp --dport 1900 -j ACCEPT\n"); fprintf(filter_fp, "-A INPUT ! -i brlan0 -p tcp -m tcp --dport 49152:49153 -j DROP\n"); + /* For EasyMesh Controller Communication */ +#if defined(_PLATFORM_BANANAPI_R4_) + fprintf(filter_fp, "-I INPUT -i %s -p tcp --dport 49153 -j ACCEPT\n",get_current_wan_ifname()); +#endif fprintf(filter_fp, "-A INPUT ! -i brlan0 -p udp -m udp --dport 1900 -j DROP\n"); fprintf(filter_fp, "-A INPUT ! -i brlan0 -p tcp -m tcp --dport 21515 -j DROP\n"); fprintf(filter_fp, "-A INPUT ! -i brlan0 -p udp -m udp --dport 21515 -j DROP\n"); From 92feb43e4b9528b801ada6c7b6c5be286ba9329a Mon Sep 17 00:00:00 2001 From: Michael Amal Anand <73233797+michaelamal@users.noreply.github.com> Date: Mon, 13 Oct 2025 11:12:48 -0400 Subject: [PATCH 36/63] Update service_routed.c --- source/service_routed/service_routed.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/source/service_routed/service_routed.c b/source/service_routed/service_routed.c index 0cb37164..4a4e8f26 100644 --- a/source/service_routed/service_routed.c +++ b/source/service_routed/service_routed.c @@ -1192,8 +1192,8 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) { char val_DNSServersEnabled[ 32 ]; -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if ( TRUE == IsThisCurrentPartnerID("sky-") ) #endif /** _SCER11BEL_PRODUCT_REQ_ */ { @@ -1331,10 +1331,10 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) fprintf(fp, " ipv6 nd ra-interval 30\n"); //Set ra-interval to default 30 secs as per Erouter Specs. } #else -#if (!defined (_HUB4_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_)) || defined (_WNXL11BWL_PRODUCT_REQ_) +#if (!defined (_HUB4_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_) ) || defined (_WNXL11BWL_PRODUCT_REQ_) fprintf(fp, " ipv6 nd ra-interval 3\n"); #else -#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if ( FALSE == IsThisCurrentPartnerID("sky-") ) { fprintf(fp, " ipv6 nd ra-interval 3\n"); @@ -1348,7 +1348,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) #endif #if !defined (_HUB4_PRODUCT_REQ_) || defined (_WNXL11BWL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if ( TRUE == IsThisCurrentPartnerID("sky-") ) { /* SKYH4-5324 : Selfheal is not working from IPv6 only client. @@ -1393,8 +1393,8 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) syscfg_get(NULL, "router_managed_flag", m_flag, sizeof(m_flag)); if (strcmp(m_flag, "1") == 0) fprintf(fp, " ipv6 nd managed-config-flag\n"); -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) else if ((strcmp(m_flag, "0") == 0) && ( TRUE == IsThisCurrentPartnerID("sky-") )) #else else if (strcmp(m_flag, "0") == 0) @@ -1405,8 +1405,8 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) syscfg_get(NULL, "router_other_flag", o_flag, sizeof(o_flag)); if (strcmp(o_flag, "1") == 0) fprintf(fp, " ipv6 nd other-config-flag\n"); -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) else if ((strcmp(o_flag, "0") == 0) && ( TRUE == IsThisCurrentPartnerID("sky-") )) #else else if (strcmp(o_flag, "0") == 0) @@ -2242,7 +2242,7 @@ STATIC int serv_routed_start(struct serv_routed *sr) return -1; } #if !defined (_HUB4_PRODUCT_REQ_) || defined (_WNXL11BWL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if( FALSE == IsThisCurrentPartnerID("sky-") ) #endif /** */ { From 96b729335b1470b85e3b571c8e018b018715ccdb Mon Sep 17 00:00:00 2001 From: Michael Amal Anand <73233797+michaelamal@users.noreply.github.com> Date: Mon, 13 Oct 2025 13:54:36 -0400 Subject: [PATCH 37/63] Update apply_system_defaults.c --- .../init/src/apply_system_defaults/apply_system_defaults.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c index 2c286076..306ab561 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c @@ -3380,7 +3380,7 @@ static void getPartnerIdWithRetry(char* buf, char* PartnerID) else { -#if !defined (_XB6_PRODUCT_REQ_) && !defined(_HUB4_PRODUCT_REQ_) && !defined(_SR300_PRODUCT_REQ_) +#if !defined (_XB6_PRODUCT_REQ_) && !defined(_HUB4_PRODUCT_REQ_) && !defined(_SR300_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_) //Partner ID is null so need to set default partner ID as "comcast" memset( PartnerID, 0, sizeof( PartnerID ) ); #if defined (_RDK_REF_PLATFORM_) From 064fa249b8c3b0499db5fdc150eace7c838479e9 Mon Sep 17 00:00:00 2001 From: Gowthami K Date: Wed, 10 Sep 2025 18:01:18 +0530 Subject: [PATCH 38/63] XB9-375 : [XB9] Upstream Utopia layer changes Reason for change: Added XB9 model number support in utopia module Test Procedure: Build and verify Risks: None Priority: P1 Signed-off-by: Gowthami Kanthasamy --- source/igd/src/inc/igd_platform_dependent_inf.h | 3 +++ .../service.d/service_dhcp_server/dhcp_server_functions.sh | 2 +- source/scripts/init/system/utopia_init_xb6.sh | 4 ++-- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/source/igd/src/inc/igd_platform_dependent_inf.h b/source/igd/src/inc/igd_platform_dependent_inf.h index 380c17b8..97a4c78a 100644 --- a/source/igd/src/inc/igd_platform_dependent_inf.h +++ b/source/igd/src/inc/igd_platform_dependent_inf.h @@ -87,6 +87,9 @@ #elif defined(_XER5_PRODUCT_REQ_) #undef CONFIG_VENDOR_MODEL #define CONFIG_VENDOR_MODEL "VTER11QEL" +#elif defined(_XB9_PRODUCT_REQ_) + #undef CONFIG_VENDOR_MODEL + #define CONFIG_VENDOR_MODEL "CWA438TCOM" #elif defined(_XB10_PRODUCT_REQ_) #undef CONFIG_VENDOR_MODEL #if defined (IGD_SERCOMMXB10_INFO) diff --git a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh index 40a6bcba..95d6b7ec 100755 --- a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh +++ b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh @@ -1202,7 +1202,7 @@ fi echo "${PREFIX}""dhcp-option=l2sd0.4090,6,$WAN_DHCP_NS" >> $LOCAL_DHCP_CONF fi - elif [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "$MODEL_NUM" = "CGM601TCOM" ] || [ "$MODEL_NUM" = "SG417DBCT" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "VNTXER5" ]; then + elif [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "$MODEL_NUM" = "CGM601TCOM" ] || [ "$MODEL_NUM" = "SG417DBCT" ] || [ "$MODEL_NUM" = "CWA438TCOM" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "VNTXER5" ]; then echo "interface=brlan112" >> $LOCAL_DHCP_CONF if [ "$BOX_TYPE" = "WNXL11BWL" ]; then echo "dhcp-range=169.254.70.5,169.254.70.253,255.255.255.0,infinite" >> $LOCAL_DHCP_CONF diff --git a/source/scripts/init/system/utopia_init_xb6.sh b/source/scripts/init/system/utopia_init_xb6.sh index d899a82c..f21e3c78 100755 --- a/source/scripts/init/system/utopia_init_xb6.sh +++ b/source/scripts/init/system/utopia_init_xb6.sh @@ -771,7 +771,7 @@ if [ "$FACTORY_RESET_REASON" = "true" ]; then fi syscfg set X_RDKCENTRAL-COM_LastRebootReason "factory-reset" syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" - if [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "${MODEL_NUM}" = "CGM601TCOM" ] || [ "${MODEL_NUM}" = "SG417DBCT" ] || [ "$MODEL_NUM" = "CGM4140COM" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ]; then + if [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "${MODEL_NUM}" = "CGM601TCOM" ] || [ "${MODEL_NUM}" = "SG417DBCT" ] || [ "${MODEL_NUM}" = "CWA438TCOM" ] || [ "$MODEL_NUM" = "CGM4140COM" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ]; then # Enable AUTOWAN by default for XB7, change is made here so that it will take effect only after FR syscfg set selected_wan_mode "0" fi @@ -783,7 +783,7 @@ if [ "$FACTORY_RESET_REASON" = "true" ]; then #syscfg set X_RDKCENTRAL-COM_LastRebootReason "WPS-Factory-Reset" #syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" rm -f /nvram/WPS_Factory_Reset - elif ([ "${MODEL_NUM}" = "CGM601TCOM" ] || [ "${MODEL_NUM}" = "SG417DBCT" ] || [ "${MODEL_NUM}" = "CVA601ZCOM" ]) && [ -f /nvram/.image_upgrade_and_FR_done ]; then + elif ([ "${MODEL_NUM}" = "CGM601TCOM" ] || [ "${MODEL_NUM}" = "SG417DBCT" ] || [ "${MODEL_NUM}" = "CWA438TCOM" ] || [ "${MODEL_NUM}" = "CVA601ZCOM" ]) && [ -f /nvram/.image_upgrade_and_FR_done ]; then echo "[utopia][init] Detected last reboot reason as FirmwareDownloadAndFactoryReset" if [ -e "/usr/bin/onboarding_log" ]; then /usr/bin/onboarding_log "[utopia][init] Detected last reboot reason as FirmwareDownloadAndFactoryReset" From 64f30d585b900be3e560e3588be5555842f6c547 Mon Sep 17 00:00:00 2001 From: rirfha948 Date: Fri, 17 Oct 2025 04:27:31 +0000 Subject: [PATCH 39/63] RDKB-6079800: IPv6 Support for WiFi Hotspot Reason for change: Added appropriate Firewall changes Test Procedure: - TBD Risks: None Priority: P3 Change-Id: I21e345f281f9db6a3f28ac9f22c9103d1f22f93c Signed-off-by: rirfha948 --- source/firewall/firewall_ipv6.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/source/firewall/firewall_ipv6.c b/source/firewall/firewall_ipv6.c index 6501bfb8..fb1f7907 100644 --- a/source/firewall/firewall_ipv6.c +++ b/source/firewall/firewall_ipv6.c @@ -2223,19 +2223,25 @@ void do_ipv6_nat_table(FILE* fp) } } #ifdef _PLATFORM_RASPBERRYPI_ - fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n", current_wan_ifname); + if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) + { + #if defined (WAN_FAILOVER_SUPPORTED) + if (0 == checkIfULAEnabled()) + { + applyHotspotPostRoutingRules(fp, false); + } + #endif + } + else + { + fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n", current_wan_ifname); + } #endif #ifdef _PLATFORM_BANANAPI_R4_ fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n", current_wan_ifname); #endif - #if defined (WAN_FAILOVER_SUPPORTED) - if (0 == checkIfULAEnabled()) - { - applyHotspotPostRoutingRules(fp, false); - } - #endif FIREWALL_DEBUG("Exiting do_ipv6_nat_table \n"); } From 86278821c1fc53f7276a726294e1cfa72a548686 Mon Sep 17 00:00:00 2001 From: nvenka781 Date: Wed, 22 Oct 2025 20:38:40 +0000 Subject: [PATCH 40/63] Adding rule for handling https keyword filtering --- source/firewall/firewall.c | 46 +++++++++++++++++++++++++++++++++++--- 1 file changed, 43 insertions(+), 3 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 0cb72caf..4b9dd1d4 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -9311,9 +9311,49 @@ static int do_parcon_mgmt_site_keywd(FILE *fp, FILE *nat_fp, int iptype, FILE *c } else if (strncasecmp(method, "KEYWD", 5)==0) { - // consider the case that user input whole url. - if(strstr(query, "://") != 0) { - fprintf(fp, "-A lan2wan_pc_site -m string --string \"%s\" --algo kmp --icase -j %s\n", strstr(query, "://") + 3, drop_log); + const char *keyword = NULL; + char hostStr[] = "Host:"; + int range_max = 1024; //max payload bytes to filter + int range_incr = 64; //byte ranges to filter + + // Extract keyword if user input is a full URL + if (strstr(query, "://") != NULL) { + keyword = strstr(query, "://") + 3; + } else { + keyword = query; + } + + if (keyword == NULL || strlen(keyword) == 0) { + fprintf(stderr, "Warning: Empty keyword, skipping rule generation.\n"); + return(0); + } + + // Create rules for various ranges of payload to filter + int from; + for (from = 0; from < range_max; from += range_incr) { + int to = from + range_incr; + char chainName[64]; + + // Create new chain LOG_SiteBlocked_check_kw__ + snprintf(chainName, sizeof(chainName), "LOG_SiteBlocked_check_kw_%d_%d", from, to); + fprintf(fp, "-N %s\n", chainName); + + // Add rule to jump to private chain if "Host:" is found in this offset range + fprintf(fp, "-A lan2wan_pc_site -p tcp --dport 80 -m string --string \"%s\" --algo kmp --from %d --to %d --icase -j %s\n", + hostStr, from, to, chainName); + + // Add rule to match keyword in private chain within same offset range + fprintf(fp, "-A %s -m string --string \"%s\" --algo kmp --from %d --to %d --icase -j %s\n", + chainName, keyword, from, to, drop_log); + + // Default rule to return if not matched + fprintf(fp, "-A %s -j RETURN\n", chainName); + } + + // Add rule for https filter + fprintf(fp, "-A lan2wan_pc_site -p tcp --dport 443 -m string --string \"%s\" --algo kmp --icase -j %s\n", + keyword, drop_log); + #if defined(_HUB4_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) #if defined (_RDKB_GLOBAL_PRODUCT_REQ_) if( 0 == strncmp( devicePartnerId, "sky-", 4 ) ) From 77fe72633adb46f47963bdfdd5eb6b901e9168a4 Mon Sep 17 00:00:00 2001 From: nvenka781 Date: Wed, 22 Oct 2025 22:07:24 +0000 Subject: [PATCH 41/63] Corrected cherry-pick rebase --- source/firewall/firewall.c | 23 ++++++----------------- 1 file changed, 6 insertions(+), 17 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 4b9dd1d4..2a7adf26 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -9356,25 +9356,14 @@ static int do_parcon_mgmt_site_keywd(FILE *fp, FILE *nat_fp, int iptype, FILE *c #if defined(_HUB4_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) #if defined (_RDKB_GLOBAL_PRODUCT_REQ_) - if( 0 == strncmp( devicePartnerId, "sky-", 4 ) ) + if( 0 == strncmp( devicePartnerId, "sky-", 4 ) ) #endif - { - //In Hub4 keyword blocking feature is not working with FORWARD chain rules as CPE (dnsmasq) acts as DNS Proxy. - //Add rules in INPUT chain to resolve this issue. - fprintf(fp, "-I INPUT -i %s -j lan2wan_pc_site \n", lan_ifname); - } -#endif - } else { - fprintf(fp, "-A lan2wan_pc_site -m string --string \"%s\" --algo kmp --icase -j %s\n", query, drop_log); -#if defined(_HUB4_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) -#if defined (_RDKB_GLOBAL_PRODUCT_REQ_) - if( 0 == strncmp( devicePartnerId, "sky-", 4 ) ) -#endif - { - fprintf(fp, "-I INPUT -i %s -j lan2wan_pc_site \n", lan_ifname); - } + { + //In Hub4 keyword blocking feature is not working with FORWARD chain rules as CPE (dnsmasq) acts as DNS Proxy. + //Add rules in INPUT chain to resolve this issue. + fprintf(fp, "-I INPUT -i %s -j lan2wan_pc_site \n", lan_ifname); + } #endif - } } } } From 9715e7f5b7df31507f69a2e29e556b2baf5964d3 Mon Sep 17 00:00:00 2001 From: SanthoshGujulvajagadeesh Date: Thu, 23 Oct 2025 15:55:41 +0530 Subject: [PATCH 42/63] Add CHANGELOG.md for Release 1.2.1 --- CHANGELOG.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9ffd1c33..e8d21c57 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,14 +4,27 @@ All notable changes to this project will be documented in this file. Dates are d Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). +#### [1.2.1](https://github.com/rdkcentral/utopia/compare/1.2.0...1.2.1) + +- RDKB-61777: [utopia] Code development to remove _64BIT_ARCH_SUPPORT_ macro [`#99`](https://github.com/rdkcentral/utopia/pull/99) +- XB9-429 : Upstream xb9 specific changes to github repo [`#53`](https://github.com/rdkcentral/utopia/pull/53) +- XF10-18 : XF10 Model support in Utopia Scripts [`#73`](https://github.com/rdkcentral/utopia/pull/73) +- RDKCOM-5434: RDKBDEV-3290,RDKBACCL-1052 fynecli connection was not established from remote ubuntu pc via 49153 port [`#47`](https://github.com/rdkcentral/utopia/pull/47) +- Update service_routed.c [`92feb43`](https://github.com/rdkcentral/utopia/commit/92feb43e4b9528b801ada6c7b6c5be286ba9329a) +- Update service_routed.c [`9eedf98`](https://github.com/rdkcentral/utopia/commit/9eedf983fbc74a4701b7e15226f2efea11040e8f) +- XB9-375 : [XB9] Upstream Utopia layer changes [`064fa24`](https://github.com/rdkcentral/utopia/commit/064fa249b8c3b0499db5fdc150eace7c838479e9) + #### [1.2.0](https://github.com/rdkcentral/utopia/compare/1.1.3...1.2.0) +> 9 October 2025 + - Update CODEOWNERS [`#100`](https://github.com/rdkcentral/utopia/pull/100) - Add the XF10 product common flag [`#72`](https://github.com/rdkcentral/utopia/pull/72) - RDKB-59938 : Observing SYSCFG DB stored with junk values [`#61`](https://github.com/rdkcentral/utopia/pull/61) - Deploy fossid_integration_stateless_diffscan_target_repo action [`#93`](https://github.com/rdkcentral/utopia/pull/93) - Update CODEOWNERS [`#81`](https://github.com/rdkcentral/utopia/pull/81) - Deploy cla action [`#82`](https://github.com/rdkcentral/utopia/pull/82) +- Add CHANGELOG.md for Release 1.2.0 [`29800ce`](https://github.com/rdkcentral/utopia/commit/29800ce8221a3251b5bab5fb0b43ded3ff82fab8) #### [1.1.3](https://github.com/rdkcentral/utopia/compare/1.1.2...1.1.3) From 7837da6db83a2336a84b59dbab3903a5d69882c2 Mon Sep 17 00:00:00 2001 From: roushan-tel Date: Mon, 27 Oct 2025 17:43:50 +0530 Subject: [PATCH 43/63] RDKB-62232: Syntax error in /etc/utopia/service.d/service_ntpd.sh RDKB-62232: Syntax error in /etc/utopia/service.d/service_ntpd.sh Reason for change: Syntax error in /etc/utopia/service.d/service_ntpd.sh Test Procedure: systemctl status ntpd Risks: Low Priority: P0 --- source/scripts/init/service.d/service_ntpd.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/scripts/init/service.d/service_ntpd.sh b/source/scripts/init/service.d/service_ntpd.sh index 68167f87..6e68b819 100644 --- a/source/scripts/init/service.d/service_ntpd.sh +++ b/source/scripts/init/service.d/service_ntpd.sh @@ -550,7 +550,7 @@ service_start () fi #if [ -n "$QUICK_SYNC_WAN_IP" ]; then if [ -n "$PEER_INTERFACE_IP" ]; then - if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$NTPD_IMMED_PEER_SYNC" != "true" ] && [ "$BOX_TYPE" != "SCER11BEL" ] || && [ "$BOX_TYPE" != "SCXF11BFL" ]; then + if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$NTPD_IMMED_PEER_SYNC" != "true" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then if [ -z "$SOURCE_PING_INTF" ]; then MASK="255.255.255.0" else From 71f62ac3e8601aaa4bb3147488bd40d49c127dfc Mon Sep 17 00:00:00 2001 From: roushan-tel Date: Mon, 27 Oct 2025 17:43:50 +0530 Subject: [PATCH 44/63] RDKB-62232: Syntax error in /etc/utopia/service.d/service_ntpd.sh RDKB-62232: Syntax error in /etc/utopia/service.d/service_ntpd.sh Reason for change: Syntax error in /etc/utopia/service.d/service_ntpd.sh Test Procedure: systemctl status ntpd Risks: Low Priority: P0 (cherry picked from commit 7837da6db83a2336a84b59dbab3903a5d69882c2) --- source/scripts/init/service.d/service_ntpd.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/scripts/init/service.d/service_ntpd.sh b/source/scripts/init/service.d/service_ntpd.sh index 68167f87..6e68b819 100644 --- a/source/scripts/init/service.d/service_ntpd.sh +++ b/source/scripts/init/service.d/service_ntpd.sh @@ -550,7 +550,7 @@ service_start () fi #if [ -n "$QUICK_SYNC_WAN_IP" ]; then if [ -n "$PEER_INTERFACE_IP" ]; then - if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$NTPD_IMMED_PEER_SYNC" != "true" ] && [ "$BOX_TYPE" != "SCER11BEL" ] || && [ "$BOX_TYPE" != "SCXF11BFL" ]; then + if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$NTPD_IMMED_PEER_SYNC" != "true" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then if [ -z "$SOURCE_PING_INTF" ]; then MASK="255.255.255.0" else From d1013350a35701126277638f15726ada20e84ad9 Mon Sep 17 00:00:00 2001 From: SanthoshGujulvajagadeesh Date: Tue, 28 Oct 2025 14:04:50 +0530 Subject: [PATCH 45/63] Add CHANGELOG.md for hotfix 1.2.2 --- CHANGELOG.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e8d21c57..940f33ba 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,15 +4,21 @@ All notable changes to this project will be documented in this file. Dates are d Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). +#### [1.2.2](https://github.com/rdkcentral/utopia/compare/1.2.1...1.2.2) + +- RDKB-62232: Syntax error in /etc/utopia/service.d/service_ntpd.sh [`71f62ac`](https://github.com/rdkcentral/utopia/commit/71f62ac3e8601aaa4bb3147488bd40d49c127dfc) + #### [1.2.1](https://github.com/rdkcentral/utopia/compare/1.2.0...1.2.1) +> 23 October 2025 + - RDKB-61777: [utopia] Code development to remove _64BIT_ARCH_SUPPORT_ macro [`#99`](https://github.com/rdkcentral/utopia/pull/99) - XB9-429 : Upstream xb9 specific changes to github repo [`#53`](https://github.com/rdkcentral/utopia/pull/53) - XF10-18 : XF10 Model support in Utopia Scripts [`#73`](https://github.com/rdkcentral/utopia/pull/73) - RDKCOM-5434: RDKBDEV-3290,RDKBACCL-1052 fynecli connection was not established from remote ubuntu pc via 49153 port [`#47`](https://github.com/rdkcentral/utopia/pull/47) - Update service_routed.c [`92feb43`](https://github.com/rdkcentral/utopia/commit/92feb43e4b9528b801ada6c7b6c5be286ba9329a) - Update service_routed.c [`9eedf98`](https://github.com/rdkcentral/utopia/commit/9eedf983fbc74a4701b7e15226f2efea11040e8f) -- XB9-375 : [XB9] Upstream Utopia layer changes [`064fa24`](https://github.com/rdkcentral/utopia/commit/064fa249b8c3b0499db5fdc150eace7c838479e9) +- Add CHANGELOG.md for Release 1.2.1 [`9715e7f`](https://github.com/rdkcentral/utopia/commit/9715e7f5b7df31507f69a2e29e556b2baf5964d3) #### [1.2.0](https://github.com/rdkcentral/utopia/compare/1.1.3...1.2.0) From 015405e1fb33219115a51f5ebcdd1ac4fe545416 Mon Sep 17 00:00:00 2001 From: nvenka781 Date: Wed, 29 Oct 2025 04:46:27 +0000 Subject: [PATCH 46/63] Change add new chain to iptables-save file format --- source/firewall/firewall.c | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 2a7adf26..8bb56285 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -9312,15 +9312,14 @@ static int do_parcon_mgmt_site_keywd(FILE *fp, FILE *nat_fp, int iptype, FILE *c else if (strncasecmp(method, "KEYWD", 5)==0) { const char *keyword = NULL; - char hostStr[] = "Host:"; int range_max = 1024; //max payload bytes to filter - int range_incr = 64; //byte ranges to filter + int range_multiplier = 2; // Extract keyword if user input is a full URL if (strstr(query, "://") != NULL) { keyword = strstr(query, "://") + 3; } else { - keyword = query; + keyword = query; } if (keyword == NULL || strlen(keyword) == 0) { @@ -9329,18 +9328,18 @@ static int do_parcon_mgmt_site_keywd(FILE *fp, FILE *nat_fp, int iptype, FILE *c } // Create rules for various ranges of payload to filter - int from; - for (from = 0; from < range_max; from += range_incr) { - int to = from + range_incr; - char chainName[64]; + int from,to; + for ( from = 0, to = 64; from < range_max; from = to, to *= range_multiplier ) + { + char chainName[30]; // linux chainname length is max 29 chars - // Create new chain LOG_SiteBlocked_check_kw__ - snprintf(chainName, sizeof(chainName), "LOG_SiteBlocked_check_kw_%d_%d", from, to); - fprintf(fp, "-N %s\n", chainName); + // Create new chain + snprintf(chainName, sizeof(chainName), "LOG_SiteBlk_KW_%d_%d", from, to); + fprintf(fp, ":%s - [0:0]\n", chainName); // Add rule to jump to private chain if "Host:" is found in this offset range - fprintf(fp, "-A lan2wan_pc_site -p tcp --dport 80 -m string --string \"%s\" --algo kmp --from %d --to %d --icase -j %s\n", - hostStr, from, to, chainName); + fprintf(fp, "-A lan2wan_pc_site -p tcp --dport 80 -m string --string \"Host:\" --algo kmp --from %d --to %d --icase -j %s\n", + from, to, chainName); // Add rule to match keyword in private chain within same offset range fprintf(fp, "-A %s -m string --string \"%s\" --algo kmp --from %d --to %d --icase -j %s\n", @@ -9358,11 +9357,11 @@ static int do_parcon_mgmt_site_keywd(FILE *fp, FILE *nat_fp, int iptype, FILE *c #if defined (_RDKB_GLOBAL_PRODUCT_REQ_) if( 0 == strncmp( devicePartnerId, "sky-", 4 ) ) #endif - { + { //In Hub4 keyword blocking feature is not working with FORWARD chain rules as CPE (dnsmasq) acts as DNS Proxy. //Add rules in INPUT chain to resolve this issue. fprintf(fp, "-I INPUT -i %s -j lan2wan_pc_site \n", lan_ifname); - } + } #endif } } From f56857d00b72d0268b63818c29527aae9c26a9b8 Mon Sep 17 00:00:00 2001 From: nvenka781 Date: Wed, 29 Oct 2025 05:01:01 +0000 Subject: [PATCH 47/63] Corrected chainname initializer --- source/firewall/firewall.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 8bb56285..01d179ce 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -9329,9 +9329,9 @@ static int do_parcon_mgmt_site_keywd(FILE *fp, FILE *nat_fp, int iptype, FILE *c // Create rules for various ranges of payload to filter int from,to; - for ( from = 0, to = 64; from < range_max; from = to, to *= range_multiplier ) + for (from = 0, to = 64; from < range_max; from = to, to = (to * range_multiplier > range_max) ? range_max : to * range_multiplier) { - char chainName[30]; // linux chainname length is max 29 chars + char chainName[30] = {'\0'}; // linux chainname length is max 29 chars // Create new chain snprintf(chainName, sizeof(chainName), "LOG_SiteBlk_KW_%d_%d", from, to); From 1033dd0541953eb3dd671bb3a99d5d4430f7a0a7 Mon Sep 17 00:00:00 2001 From: nvenka781 Date: Wed, 29 Oct 2025 05:05:51 +0000 Subject: [PATCH 48/63] Fixed snprintf %d directive length issue --- source/firewall/firewall.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 01d179ce..4e8a2463 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -9331,9 +9331,10 @@ static int do_parcon_mgmt_site_keywd(FILE *fp, FILE *nat_fp, int iptype, FILE *c int from,to; for (from = 0, to = 64; from < range_max; from = to, to = (to * range_multiplier > range_max) ? range_max : to * range_multiplier) { - char chainName[30] = {'\0'}; // linux chainname length is max 29 chars + char chainName[64] = {'\0'}; // Create new chain + // linux iptables chainname length is max 29 chars snprintf(chainName, sizeof(chainName), "LOG_SiteBlk_KW_%d_%d", from, to); fprintf(fp, ":%s - [0:0]\n", chainName); From 04d5da34148680adce639b27d63f790a5438832a Mon Sep 17 00:00:00 2001 From: rirfha948 Date: Thu, 30 Oct 2025 06:24:24 +0000 Subject: [PATCH 49/63] Presence Notification --- source/firewall/firewall.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index d3b8fe1d..c7181ea4 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -5288,7 +5288,7 @@ void applyHotspotPostRoutingRules(FILE *fp, bool isIpv4) { FIREWALL_DEBUG("Apply Post Routing Rules for IPv4\n"); FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ipaddr); - fprintf(fp, "-A postrouting_towan -o %s -j SNAT --to-source %s\n" COMMA current_wan_ifname COMMA current_wan_ipaddr); + fprintf(fp, "-A postrouting_towan -o %s -j SNAT --to-source %s\n" , current_wan_ifname, current_wan_ipaddr); } } else @@ -5302,7 +5302,7 @@ void applyHotspotPostRoutingRules(FILE *fp, bool isIpv4) { FIREWALL_DEBUG("Apply Post Routing Rules for IPv6\n"); FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ip6_addr); - fprintf(fp, "-A POSTROUTING -o %s -j SNAT --to-source %s\n" COMMA current_wan_ifname COMMA current_wan_ip6_addr); + fprintf(fp, "-A POSTROUTING -o %s -j SNAT --to-source %s\n", current_wan_ifname, current_wan_ip6_addr); } } @@ -5461,12 +5461,14 @@ static int do_wan_nat_lan_clients(FILE *fp) #ifdef RDKB_EXTENDER_ENABLED fprintf(fp, "-A postrouting_towan -j MASQUERADE\n"); #else + #ifdef WAN_FAILOVER_SUPPORTED if (0 == checkIfULAEnabled()) { applyHotspotPostRoutingRules(fp, true); } else { fprintf(fp, "-A postrouting_towan -j SNAT --to-source %s\n", natip4); } + #endif #endif #if defined (FEATURE_MAPT) || defined (FEATURE_SUPPORT_MAPT_NAT46) } From 497e06f90837201fa938b74a974a777b90d8b4e5 Mon Sep 17 00:00:00 2001 From: srasu759 Date: Thu, 30 Oct 2025 07:19:58 +0000 Subject: [PATCH 50/63] XER10-1687-Observing intermittent ovsh crash Reason for change: Not connecting properly to the CMS / NVRAM communication bus properly due to PID issues Reducing the max_pid to 32k. --- source/scripts/init/system/utopia_init.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/source/scripts/init/system/utopia_init.sh b/source/scripts/init/system/utopia_init.sh index fca35332..07a306df 100755 --- a/source/scripts/init/system/utopia_init.sh +++ b/source/scripts/init/system/utopia_init.sh @@ -855,3 +855,7 @@ fi if [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$MODEL_NUM" = "SCXF11BFL" ]; then /etc/reset_reason_log.sh & fi + +if [ "$BOX_TYPE" = "SCER11BEL" ]; then + sysctl -w kernel.pid_max=32768 +fi From 03425756b437ce58e18bd397853a084a90310344 Mon Sep 17 00:00:00 2001 From: srasu759 Date: Mon, 3 Nov 2025 07:39:12 +0000 Subject: [PATCH 51/63] revert of kernel_pid.max val set from utopia_init.sh file --- source/scripts/init/system/utopia_init.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/source/scripts/init/system/utopia_init.sh b/source/scripts/init/system/utopia_init.sh index 07a306df..fca35332 100755 --- a/source/scripts/init/system/utopia_init.sh +++ b/source/scripts/init/system/utopia_init.sh @@ -855,7 +855,3 @@ fi if [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$MODEL_NUM" = "SCXF11BFL" ]; then /etc/reset_reason_log.sh & fi - -if [ "$BOX_TYPE" = "SCER11BEL" ]; then - sysctl -w kernel.pid_max=32768 -fi From 089401e336411bcb62eb2a8ad3f9c84e0deed4c1 Mon Sep 17 00:00:00 2001 From: Vedhavalli Loganathan Date: Tue, 30 Sep 2025 09:29:33 +0530 Subject: [PATCH 52/63] Description : Bringup of IPQ Platforms Signed-off-by: Vedhavalli Loganathan --- source/firewall/firewall.c | 10 +++++----- source/firewall/firewall_ipv6.c | 2 +- source/service_dhcp/dhcp_server_functions.c | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index c7181ea4..9df80e20 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -5998,7 +5998,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) fprintf(fp, "-A INPUT -j wanattack\n"); //Smurf attack, actually the below rules are to prevent us from being the middle-man host -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) || defined(_COSA_QCA_ARM_) fprintf(fp, "-A SmurfAttack -p icmp -m icmp --icmp-type address-mask-request %s -j LOG --log-prefix \"DoS Attack - Smurf Attack\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -6040,7 +6040,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) //ICMP Flooding. Mark traffic bit rate > 5/s as attack and limit 6 log entries per hour fprintf(fp, "-A ICMPFlooding -p icmp -m limit --limit 5/s --limit-burst 10 -j RETURN\n"); -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) || defined(_COSA_QCA_ARM_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A ICMPFlooding -p icmp %s -j LOG --log-prefix \"DoS Attack - ICMP Flooding\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -6062,7 +6062,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) //TCP SYN Flooding fprintf(fp, "-A TCPSYNFlooding -p tcp --syn -m limit --limit 10/s --limit-burst 20 -j RETURN\n"); -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_)/* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) || defined(_COSA_QCA_ARM_)/* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A TCPSYNFlooding -p tcp --syn %s -j LOG --log-prefix \"DoS Attack - TCP SYN Flooding\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -6086,7 +6086,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) if(isWanReady) { /* Allow multicast packet through */ fprintf(fp, "-A LANDAttack -p udp -s %s -d 224.0.0.0/8 -j RETURN\n", wan_ip); -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) || defined(_COSA_QCA_ARM_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A LANDAttack -s %s %s -j LOG --log-prefix \"DoS Attack - LAND Attack\" --log-level 7\n", wan_ip, logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -9339,7 +9339,7 @@ static int do_parcon_mgmt_site_keywd(FILE *fp, FILE *nat_fp, int iptype, FILE *c //Intel Proposed RDKB Generic Bug Fix from XB6 SDK fprintf(fp, "-A lan2wan_pc_site -p tcp -m tcp --dport 80 -m webstr --host \"%s\" -j LOG_SiteBlocked_%d_DROP\n", query + host_name_offset, idx); fprintf(fp, "-A lan2wan_pc_site -p tcp -m tcp --dport 443 -m webstr --host \"%s\" -j LOG_SiteBlocked_%d_DROP\n", query + host_name_offset, idx); -#elif defined(_PLATFORM_RASPBERRYPI_) || defined(_PLATFORM_TURRIS_) || defined(_PLATFORM_BANANAPI_R4_) +#elif defined(_PLATFORM_RASPBERRYPI_) || defined(_PLATFORM_TURRIS_) || defined(_PLATFORM_BANANAPI_R4_) || defined(_COSA_QCA_ARM_) fprintf(fp, "-A lan2wan_pc_site -p tcp -m tcp --dport 80 -d \"%s\" -j LOG_SiteBlocked_%d_DROP\n", query + host_name_offset, idx); fprintf(fp, "-A lan2wan_pc_site -p tcp -m tcp --dport 443 -d \"%s\" -j LOG_SiteBlocked_%d_DROP\n", query + host_name_offset, idx); #elif !defined(_XER5_PRODUCT_REQ_) diff --git a/source/firewall/firewall_ipv6.c b/source/firewall/firewall_ipv6.c index fb1f7907..a1b028e6 100644 --- a/source/firewall/firewall_ipv6.c +++ b/source/firewall/firewall_ipv6.c @@ -862,7 +862,7 @@ void do_ipv6_filter_table(FILE *fp){ * exclude primary lan*/ prepare_ipv6_multinet(fp); #endif - #if !defined(_XER5_PRODUCT_REQ_) && !defined (_SCER11BEL_PRODUCT_REQ_) //wan0 is not applicable for XER5 + #if !defined(_XER5_PRODUCT_REQ_) && !defined (_SCER11BEL_PRODUCT_REQ_) && !defined(_COSA_QCA_ARM_) //wan0 is not applicable for XER5 /* not allow ping wan0 from brlan0 */ int i; for(i = 0; i < ecm_wan_ipv6_num; i++){ diff --git a/source/service_dhcp/dhcp_server_functions.c b/source/service_dhcp/dhcp_server_functions.c index 0c34285b..c254a0fd 100644 --- a/source/service_dhcp/dhcp_server_functions.c +++ b/source/service_dhcp/dhcp_server_functions.c @@ -1738,7 +1738,7 @@ int prepare_dhcp_conf (char *input) fprintf(g_fArmConsoleLog, "DHCP server configuring for Mesh network\n"); fprintf(g_fArmConsoleLog, "%s:%d [ABHIDEBUG] - Utopia.c\n", __FUNCTION__,__LINE__); -#if defined (_COSA_INTEL_XB3_ARM_) +#if defined (_COSA_INTEL_XB3_ARM_) && !defined(_COSA_QCA_ARM_) fprintf(l_fLocal_Dhcp_ConfFile, "interface=l2sd0.112\n"); fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-range=169.254.0.5,169.254.0.253,255.255.255.0,infinite\n"); @@ -1789,7 +1789,7 @@ int prepare_dhcp_conf (char *input) fprintf(g_fArmConsoleLog, "DHCP_SERVER : [brebhaul] dhcp-option=brebhaul,6,%s\n", l_cWan_Dhcp_Dns); } -#elif defined (INTEL_PUMA7) || (defined (_COSA_BCM_ARM_) && !defined(_CBR_PRODUCT_REQ_)) && !defined(MODEM_ONLY_SUPPORT) || defined(_COSA_QCA_ARM_) // ARRIS XB6 ATOM, TCXB6 +#elif defined (INTEL_PUMA7) || (defined (_COSA_BCM_ARM_) && !defined(_CBR_PRODUCT_REQ_)) && !defined(MODEM_ONLY_SUPPORT) // ARRIS XB6 ATOM, TCXB6 fprintf(l_fLocal_Dhcp_ConfFile, "interface=ath12\n"); fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-range=169.254.0.5,169.254.0.253,255.255.255.0,infinite\n"); From 99e8eafe797929860af24ee64a2f8570943a3bad Mon Sep 17 00:00:00 2001 From: Vedhavalli Loganathan Date: Tue, 30 Sep 2025 09:29:33 +0530 Subject: [PATCH 53/63] Description : Bringup of IPQ Platforms Signed-off-by: Vedhavalli Loganathan --- source/firewall/firewall.c | 2 +- .../scripts/init/c_registration/02_multinet.c | 30 +++++++++++++++++++ 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 9df80e20..5f0d687b 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -6018,7 +6018,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) #endif /*_HUB4_PRODUCT_REQ_*/ fprintf(fp, "-A SmurfAttack -p icmp -m icmp --icmp-type address-mask-request -j xlog_drop_wanattack\n"); // ICMP Smurf Attack (timestamp) -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) || defined(_COSA_QCA_ARM_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A ICMPSmurfAttack -p icmp -m icmp --icmp-type timestamp-request %s -j LOG --log-prefix \"DoS Attack - Smurf Attack\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) diff --git a/source/scripts/init/c_registration/02_multinet.c b/source/scripts/init/c_registration/02_multinet.c index 772392b3..f37b6cd5 100644 --- a/source/scripts/init/c_registration/02_multinet.c +++ b/source/scripts/init/c_registration/02_multinet.c @@ -47,6 +47,8 @@ const char* SERVICE_NAME = "multinet"; #ifdef MULTILAN_FEATURE #if defined (_CBR_PRODUCT_REQ_) const char* SERVICE_DEFAULT_HANDLER = "/etc/utopia/service.d/vlan_util_tchcbr.sh"; +#elif defined (_COSA_QCA_ARM_) +const char* SERVICE_DEFAULT_HANDLER = "/etc/utopia/service.d/service_multinet.sh"; #elif (_COSA_BCM_ARM_) const char* SERVICE_DEFAULT_HANDLER = "/etc/utopia/service.d/vlan_util_tchxb6.sh"; #else @@ -75,6 +77,8 @@ const char* SERVICE_DEFAULT_HANDLER = "/etc/utopia/service.d/bridgeutil_sr300.sh const char* SERVICE_DEFAULT_HANDLER = "/etc/utopia/service.d/bridgeutil_hub4.sh"; #elif defined (_COSA_BCM_ARM_) && ! defined (_PLATFORM_RASPBERRYPI_) && ! defined(_PLATFORM_BANANAPI_R4_) const char* SERVICE_DEFAULT_HANDLER = "/etc/utopia/service.d/vlan_util_tchxb6.sh"; +#elif defined (_COSA_QCA_ARM_) +const char* SERVICE_DEFAULT_HANDLER = "/etc/utopia/service.d/service_multinet.sh"; #else const char* SERVICE_DEFAULT_HANDLER = "/etc/utopia/service.d/service_multinet_exec"; #endif @@ -114,6 +118,19 @@ const char* SERVICE_CUSTOM_EVENTS[] = { "multinet-down|/etc/utopia/service.d/vlan_util_tchcbr.sh|NULL|"TUPLE_FLAG_EVENT, "multinet-up|/etc/utopia/service.d/vlan_util_tchcbr.sh|NULL|"TUPLE_FLAG_EVENT, NULL }; +#elif defined (_COSA_QCA_ARM_) +const char* SERVICE_CUSTOM_EVENTS[] = { + "multinet-syncNets|/etc/utopia/service.d/service_multinet.sh|NULL|"TUPLE_FLAG_EVENT, + "multinet-syncMembers|/etc/utopia/service.d/service_multinet.sh|NULL|"TUPLE_FLAG_EVENT, + "multinet-down|/etc/utopia/service.d/service_multinet.sh|NULL|"TUPLE_FLAG_EVENT, + "multinet-up|/etc/utopia/service.d/service_multinet.sh|NULL|"TUPLE_FLAG_EVENT, + "lnf-setup|/etc/utopia/service.d/service_multinet.sh|NULL|"TUPLE_FLAG_EVENT, + "meshbhaul-setup|/etc/utopia/service.d/service_multinet.sh|NULL|"TUPLE_FLAG_EVENT, +#if defined(MESH_ETH_BHAUL) + "meshethbhaul-up|/etc/utopia/service.d/service_multinet_exec|NULL|"TUPLE_FLAG_EVENT, + "meshethbhaul-down|/etc/utopia/service.d/service_multinet_exec|NULL|"TUPLE_FLAG_EVENT, +#endif + NULL }; #elif (_COSA_BCM_ARM_) const char* SERVICE_CUSTOM_EVENTS[] = { "multinet-syncNets|/etc/utopia/service.d/vlan_util_tchxb6.sh|NULL|"TUPLE_FLAG_EVENT, @@ -178,6 +195,19 @@ const char* SERVICE_CUSTOM_EVENTS[] = { "meshethbhaul-down|/etc/utopia/service.d/vlan_util_xb6.sh|"ACTION_FLAG_NOT_THREADSAFE"|"TUPLE_FLAG_EVENT, NULL }; #endif +#elif defined (_COSA_QCA_ARM_) +const char* SERVICE_CUSTOM_EVENTS[] = { + "multinet-syncNets|/etc/utopia/service.d/service_multinet.sh|NULL|"TUPLE_FLAG_EVENT, + "multinet-syncMembers|/etc/utopia/service.d/service_multinet.sh|NULL|"TUPLE_FLAG_EVENT, + "multinet-down|/etc/utopia/service.d/service_multinet.sh|NULL|"TUPLE_FLAG_EVENT, + "multinet-up|/etc/utopia/service.d/service_multinet.sh|NULL|"TUPLE_FLAG_EVENT, + "lnf-setup|/etc/utopia/service.d/service_multinet.sh|NULL|"TUPLE_FLAG_EVENT, + "meshbhaul-setup|/etc/utopia/service.d/service_multinet.sh|NULL|"TUPLE_FLAG_EVENT, +#if defined(MESH_ETH_BHAUL) + "meshethbhaul-up|/etc/utopia/service.d/service_multinet_exec|NULL|"TUPLE_FLAG_EVENT, + "meshethbhaul-down|/etc/utopia/service.d/service_multinet_exec|NULL|"TUPLE_FLAG_EVENT, +#endif + NULL }; #elif defined (_CBR_PRODUCT_REQ_) const char* SERVICE_CUSTOM_EVENTS[] = { "multinet-syncNets|/etc/utopia/service.d/vlan_util_tchcbr.sh|"ACTION_FLAG_NOT_THREADSAFE"|"TUPLE_FLAG_EVENT, From f7b2573bc544385dc5aa2165405afabda0990c33 Mon Sep 17 00:00:00 2001 From: Yashwaanth S V Date: Tue, 4 Nov 2025 11:51:02 +0000 Subject: [PATCH 54/63] XB10-2198: SYS_SH_dnsmasq_restart is continuous with 8.2p5s1 upgrade Reason for change: Syseventd crash happened due to incorrect FD value, Adding check to avoid invalid FD's. Test Procedure: systemd crash should not be seen. Risks: High Priority: P1 Signed-off-by: Yashwaanth S V --- source/sysevent/server/worker_threads.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/source/sysevent/server/worker_threads.c b/source/sysevent/server/worker_threads.c index c5b58094..d3165ef1 100644 --- a/source/sysevent/server/worker_threads.c +++ b/source/sysevent/server/worker_threads.c @@ -2950,6 +2950,10 @@ static int handle_message_from_trigger_thread(int fd) return(rc); } +static int is_valid_fd(int fd) +{ + return fd >= 0 && fcntl(fd, F_GETFD) != -1; +} /* * Procedure : worker_thread_main * Purpose : Thread start routine for worker @@ -3021,9 +3025,9 @@ void *worker_thread_main(void *arg) if ((global_clients.clients)[i].used) { int cur_fd; cur_fd = (global_clients.clients)[i].fd; - if (-1 == cur_fd) { + if (0 == is_valid_fd(cur_fd)) { SE_INC_LOG(ERROR, - printf("main select got used client with a bad fd. Ignoring\n"); + printf("Thread id %d line %d main select got used client with a bad fd. Ignoring cur_fd = %d\n",thread_get_id(worker_data_key), __LINE__, cur_fd); ) incr_stat_info(STAT_WORKER_MAIN_SELECT_BAD_FD); } else { From f098983d0ae5480baa788dda25a8b8676004cfc2 Mon Sep 17 00:00:00 2001 From: SanthoshGujulvajagadeesh Date: Thu, 6 Nov 2025 12:29:45 +0530 Subject: [PATCH 55/63] Add CHANGELOG.md for Release 1.3.0 --- CHANGELOG.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 940f33ba..def893ae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,8 +4,25 @@ All notable changes to this project will be documented in this file. Dates are d Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). +#### [1.3.0](https://github.com/rdkcentral/utopia/compare/1.2.2...1.3.0) + +- XB10-2198: SYS_SH_dnsmasq_restart is continuous with 8.2p5s1 upgrade [`#119`](https://github.com/rdkcentral/utopia/pull/119) +- revert of kernel_pid.max val set from utopia_init.sh file [`#117`](https://github.com/rdkcentral/utopia/pull/117) +- RDKB-60798-IPv6 Support for WiFi Hotspot [`#115`](https://github.com/rdkcentral/utopia/pull/115) +- XER10-1687-Observing intermittent ovsh crash [`#114`](https://github.com/rdkcentral/utopia/pull/114) +- RDKB-61612 : WAN Failover Utility is required in Ethwan mode similar to DOCSIS [`#97`](https://github.com/rdkcentral/utopia/pull/97) +- RDKB-62232: Syntax error in /etc/utopia/service.d/service_ntpd.sh [`#111`](https://github.com/rdkcentral/utopia/pull/111) +- SHARMAN-1210:Add telemetry support to report FW info from both banks [`#70`](https://github.com/rdkcentral/utopia/pull/70) +- IPv6 support for WIFI hotspot [`#52`](https://github.com/rdkcentral/utopia/pull/52) +- Presence Notification [`04d5da3`](https://github.com/rdkcentral/utopia/commit/04d5da34148680adce639b27d63f790a5438832a) +- Merge tag '1.2.2' into develop [`3b14a92`](https://github.com/rdkcentral/utopia/commit/3b14a92d8a532ec9e34064eb5b0ddc861fe1c88f) +- Merge tag '1.2.1' into develop [`d652c3a`](https://github.com/rdkcentral/utopia/commit/d652c3a4266e78d843c330383c334f79a3e051ea) + #### [1.2.2](https://github.com/rdkcentral/utopia/compare/1.2.1...1.2.2) +> 28 October 2025 + +- Add CHANGELOG.md for hotfix 1.2.2 [`d101335`](https://github.com/rdkcentral/utopia/commit/d1013350a35701126277638f15726ada20e84ad9) - RDKB-62232: Syntax error in /etc/utopia/service.d/service_ntpd.sh [`71f62ac`](https://github.com/rdkcentral/utopia/commit/71f62ac3e8601aaa4bb3147488bd40d49c127dfc) #### [1.2.1](https://github.com/rdkcentral/utopia/compare/1.2.0...1.2.1) From 11c8f66d7acc6364737efddb85fc62394c40e2fb Mon Sep 17 00:00:00 2001 From: Amaresh-Kotekal Date: Wed, 5 Nov 2025 19:30:29 +0000 Subject: [PATCH 56/63] RDKB-777777: Debugging the lan-status is not set to started issue Reason for change:Added the debug logs Test Procedure: Reproduce the issue Risks: Low Priority: P1 --- source/scripts/init/service.d/lan_handler.sh | 30 ++++++++++++++++---- 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/source/scripts/init/service.d/lan_handler.sh b/source/scripts/init/service.d/lan_handler.sh index 1ed07d97..1bd53e74 100755 --- a/source/scripts/init/service.d/lan_handler.sh +++ b/source/scripts/init/service.d/lan_handler.sh @@ -386,12 +386,30 @@ case "$1" in fi if [ x != x$INST ]; then echo_t "SO FAR SO GOOD ALL IS WELL SENDING L3 NET EVENT" - async="`sysevent async ipv4_${INST}-status $THIS`" - sysevent set lan_handler_async "$async" - sysevent set primary_lan_l2net ${L2INST} - sysevent set primary_lan_brport ${BRPORT} - sysevent set homesecurity_lan_l3net ${HSINST} - sysevent set primary_lan_l3net ${INST} + + echo_t "Running: sysevent async ipv4_${INST}-status $THIS" + async="$(sysevent async ipv4_${INST}-status $THIS 2>&1)" + ret=$? + echo_t "sysevent async return value: $ret" + echo_t "async value: '$async'" + + if [ $ret -ne 0 ] || [ -z "$async" ]; then + echo_t "Retrying sysevent async ipv4_${INST}-status $THIS" + async="$(sysevent async ipv4_${INST}-status $THIS 2>&1)" + ret=$? + echo_t "sysevent async retry return value: $ret" + echo_t "async retry value: '$async'" + if [ $ret -ne 0 ] || [ -z "$async" ]; then + echo_t "ERROR: sysevent async ipv4_${INST}-status $THIS failed again" + fi + fi + sysevent set lan_handler_async "$async" + lan_handler_asyncValSet=`sysevent get lan_handler_async` + echo_t "lan_handler_async:$lan_handler_asyncValSet" + sysevent set primary_lan_l2net ${L2INST} + sysevent set primary_lan_brport ${BRPORT} + sysevent set homesecurity_lan_l3net ${HSINST} + sysevent set primary_lan_l3net ${INST} #BRLAN0 ISSUE : Manually invoking lan-start to fix brlan0 failure during intial booting. Root cause for event has to be identified if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ]; then sleep 2 From 5bba90a759d397da82d14117fd708a3fa39a73a0 Mon Sep 17 00:00:00 2001 From: abhishek-kumaracee2 Date: Fri, 7 Nov 2025 00:10:43 -0500 Subject: [PATCH 57/63] TCXB8-3706 : SYS_SH_Syseventd_restart marker (#116) Reason for change: syseventd must not be started, even if sysevent_open() fails Test Procedure: refer to jira Risks: Low Priority:P1 Signed-off-by: abhishek_kumaracee2@comcast.com Signed-off-by: abhishek_kumaracee2@comcast.com --- source/scripts/init/service.d/pmon.sh | 4 ++-- source/sysevent/server/syseventd_main.c | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/source/scripts/init/service.d/pmon.sh b/source/scripts/init/service.d/pmon.sh index 8f8852f5..6674c713 100755 --- a/source/scripts/init/service.d/pmon.sh +++ b/source/scripts/init/service.d/pmon.sh @@ -93,8 +93,8 @@ do_check_process() { LOCAL_CONF_FILE=/tmp/pmon.conf$$ - # Add static pmon entries - echo "syseventd /var/run/syseventd.pid /etc/utopia/service.d/syseventd_restart.sh" > $LOCAL_CONF_FILE + # Add static pmon entries - commented-out below line - selfheal takes care of it. + # echo "syseventd /var/run/syseventd.pid /etc/utopia/service.d/syseventd_restart.sh" > $LOCAL_CONF_FILE # Add dynamic pmon entries stashed in sysevent # by various modules diff --git a/source/sysevent/server/syseventd_main.c b/source/sysevent/server/syseventd_main.c index 4cc1c071..08e2fabf 100644 --- a/source/sysevent/server/syseventd_main.c +++ b/source/sysevent/server/syseventd_main.c @@ -1388,6 +1388,8 @@ int main (int argc, char **argv) clilen = sizeof(cli_addr); int rc = select(maxfd, &rd_set, NULL, NULL, NULL); if (-1 == rc) { + // stop hogging processor in case of error + sleep(1); continue; } From 5c19b839ff2fbad226e51792e68edc984e0e88d3 Mon Sep 17 00:00:00 2001 From: Rajkamal CV Date: Fri, 7 Nov 2025 11:00:45 +0530 Subject: [PATCH 58/63] RDKB-61914: XB,XLE and Client online in NOC and connected to each other without internet Reason for change: Update brlan0 IP in resolv.conf when loop back address is present Test Procedure: Check resolv.conf without RF and ensure brlan0 IP is updated Risks: Low Priority: P1 --- .../dhcp_server_functions.sh | 61 +++++++++++++++++++ 1 file changed, 61 insertions(+) diff --git a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh index cd10fa2b..bc8adebc 100755 --- a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh +++ b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh @@ -773,6 +773,63 @@ updateManageWifiBridgeDetails () fi fi } + +is_valid_private_ipv4() { + local ip="$1" + + # Basic format check + [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]] || return 1 + + # Split into octets + local IFS='.' + local octets=($ip) + + # Check each octet is 0-255 + for octet in "${octets[@]}"; do + [[ $octet -le 255 ]] || return 1 + done + + # Check if it's in private IP ranges (RFC 1918) + local first=${octets[0]} + local second=${octets[1]} + + # 10.0.0.0/8 (10.0.0.0 - 10.255.255.255) + if [[ $first -eq 10 ]]; then + return 0 + fi + + # 172.16.0.0/12 (172.16.0.0 - 172.31.255.255) + if [[ $first -eq 172 && $second -ge 16 && $second -le 31 ]]; then + return 0 + fi + + # 192.168.0.0/16 (192.168.0.0 - 192.168.255.255) + if [[ $first -eq 192 && $second -eq 168 ]]; then + return 0 + fi + + # Not a private IP + return 1 +} + +replace_localhost_with_lan_ip() { + local lan_ip=$(syscfg get lan_ipaddr 2>/dev/null) + + if ! is_valid_private_ipv4 "$lan_ip"; then + echo "REPLACE_LOCALHOST_DNS : Warning: Invalid or non-private LAN IP: '$lan_ip'" >&2 + return + fi + + # Check if 127.0.0.1 exists and replace directly + if grep -q "127\.0\.0\.1" /etc/resolv.conf; then + if echo "nameserver $lan_ip" > /etc/resolv.conf 2>/dev/null; then + echo "REPLACE_LOCALHOST_DNS : Successfully updated resolv.conf with private LAN IP: $lan_ip" + else + echo "REPLACE_LOCALHOST_DNS : Error: Failed to write to resolv.conf" >&2 + fi + fi +} + #----------------------------------------------------------------- # set the dhcp config file which is also the dns forwarders file # Parameters: @@ -1391,6 +1448,10 @@ fi rm -f $LOCAL_DHCP_CONF echo "DHCP SERVER : Completed preparing DHCP configuration" + + if [ "$WanFailOverSupportEnable" = true ] && [ "$rdkb_extender" != "true" ] ; then + replace_localhost_with_lan_ip + fi } do_static_resolution() { From bee527bf3ab059cbe011ba2692110ddda5035c63 Mon Sep 17 00:00:00 2001 From: Rajkamal CV Date: Mon, 10 Nov 2025 16:02:43 +0530 Subject: [PATCH 59/63] RDKB-61914: Replace localhost DNS with LAN IP Reason for change: Address the code review comments Test Procedure: Check resolv.conf without RF and ensure brlan0 IP is updated Risks: Low Priority: P1 --- .../dhcp_server_functions.sh | 47 +++++-------------- 1 file changed, 12 insertions(+), 35 deletions(-) diff --git a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh index bc8adebc..50548ee9 100755 --- a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh +++ b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh @@ -774,55 +774,32 @@ updateManageWifiBridgeDetails () fi } -is_valid_private_ipv4() { +is_valid_ipv4() { local ip="$1" - # Basic format check - [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]] || return 1 + local valid_octet='(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)' - # Split into octets - local IFS='.' - local octets=($ip) - - # Check each octet is 0-255 - for octet in "${octets[@]}"; do - [[ $octet -le 255 ]] || return 1 - done - - # Check if it's in private IP ranges (RFC 1918) - local first=${octets[0]} - local second=${octets[1]} - - # 10.0.0.0/8 (10.0.0.0 - 10.255.255.255) - if [[ $first -eq 10 ]]; then - return 0 - fi - - # 172.16.0.0/12 (172.16.0.0 - 172.31.255.255) - if [[ $first -eq 172 && $second -ge 16 && $second -le 31 ]]; then - return 0 - fi - - # 192.168.0.0/16 (192.168.0.0 - 192.168.255.255) - if [[ $first -eq 192 && $second -eq 168 ]]; then - return 0 + # Basic IPv4 format and octet vaidation + if [[ ! $ip =~ ^${valid_octet}\.${valid_octet}\.${valid_octet}\.${valid_octet}$ ]]; then + return 1 fi - # Not a private IP - return 1 + return 0 } replace_localhost_with_lan_ip() { local lan_ip=$(syscfg get lan_ipaddr 2>/dev/null) - if ! is_valid_private_ipv4 "$lan_ip"; then + if ! is_valid_ipv4 "$lan_ip"; then echo "REPLACE_LOCALHOST_DNS : Warning: Invalid or non-private LAN IP: '$lan_ip'" >&2 return fi - # Check if 127.0.0.1 exists and replace directly + # Check if 127.0.0.1 exists and replace if grep -q "127\.0\.0\.1" /etc/resolv.conf; then - if echo "nameserver $lan_ip" > /etc/resolv.conf 2>/dev/null; then + local temp=$(cat /etc/resolv.conf) + temp="${temp//127.0.0.1/$lan_ip}" + if echo "$temp" > /etc/resolv.conf 2>/dev/null; then echo "REPLACE_LOCALHOST_DNS : Successfully updated resolv.conf with private LAN IP: $lan_ip" else echo "REPLACE_LOCALHOST_DNS : Error: Failed to write to resolv.conf" >&2 @@ -1450,7 +1427,7 @@ fi echo "DHCP SERVER : Completed preparing DHCP configuration" if [ "$WanFailOverSupportEnable" = true ] && [ "$rdkb_extender" != "true" ] ; then - replace_localhost_with_lan_ip + replace_localhost_with_lan_ip fi } From 3c3b18f9b978c206e43ef0a534a3bc3add4a49f9 Mon Sep 17 00:00:00 2001 From: Rajkamal CV Date: Thu, 13 Nov 2025 15:01:09 +0530 Subject: [PATCH 60/63] RDKB-61914: Replace localhost DNS with LAN IP Reason for change: Made the log message generic Test Procedure: Check resolv.conf without RF and ensure brlan0 IP is updated Risks: Low Priority: P1 --- .../init/service.d/service_dhcp_server/dhcp_server_functions.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh index 50548ee9..a0548fb6 100755 --- a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh +++ b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh @@ -791,7 +791,7 @@ replace_localhost_with_lan_ip() { local lan_ip=$(syscfg get lan_ipaddr 2>/dev/null) if ! is_valid_ipv4 "$lan_ip"; then - echo "REPLACE_LOCALHOST_DNS : Warning: Invalid or non-private LAN IP: '$lan_ip'" >&2 + echo "REPLACE_LOCALHOST_DNS : Warning: Invalid LAN IP: '$lan_ip'" >&2 return fi From 37b269d719bb5ec17f1f93a4a8b6447457798b9c Mon Sep 17 00:00:00 2001 From: Gowthami Kanthasamy Date: Tue, 18 Nov 2025 08:27:24 +0530 Subject: [PATCH 61/63] XB9-668 : Upstream xb9 specific changes to github repo (#118) * XB9-668 : Upstream xb9 specific changes to github repo Reason for change: Remove mta dependency from utopia Test Procedure: Build and verify Risks: None Priority: P1 Signed-off-by: Gowthami Kanthasamy * XB9-668 : Upstream xb9 specific changes to github repo Reason for change: Remove mta dependency from utopia Test Procedure: Build and verify Risks: None Priority: P1 Signed-off-by: Gowthami Kanthasamy * Update apply_system_defaults.c --------- Signed-off-by: Gowthami Kanthasamy --- source/firewall/firewall.c | 12 +++++++-- source/firewall/firewall_ipv6.c | 21 ++++++++++++--- .../scripts/init/service.d/ebtable_rules.sh | 4 +++ .../apply_system_defaults.c | 26 ++++++++++++++----- .../init/src/apply_system_defaults_helper.c | 6 +++++ source/service_udhcpc/service_udhcpc.c | 5 +++- 6 files changed, 61 insertions(+), 13 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index eff8ea68..8b143e30 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -2381,7 +2381,9 @@ static int prepare_globals_from_configuration(void) syscfg_get(NULL, "firewall_levelv6", firewall_levelv6, sizeof(firewall_levelv6)); syscfg_get(NULL, "ecm_wan_ifname", ecm_wan_ifname, sizeof(ecm_wan_ifname)); +#if !defined (NO_MTA_FEATURE_SUPPORT) syscfg_get(NULL, "emta_wan_ifname", emta_wan_ifname, sizeof(emta_wan_ifname)); +#endif syscfg_get(NULL, "eth_wan_enabled", eth_wan_enabled, sizeof(eth_wan_enabled)); if (0 == strcmp("true", eth_wan_enabled)) bEthWANEnable = TRUE; @@ -6697,6 +6699,7 @@ int do_remote_access_control(FILE *nat_fp, FILE *filter_fp, int family) remote_access_set_proto(filter_fp, nat_fp, port, iprangeAddr[i], family, ecm_wan_ifname); } +#if !defined (NO_MTA_FEATURE_SUPPORT) /* eMTA SSH access */ rc = syscfg_get(NULL, "mgmt_mta_sshaccess", query, sizeof(query)); rc |= syscfg_get(NULL, "mgmt_wan_sshport", port, sizeof(port)); @@ -6718,6 +6721,7 @@ int do_remote_access_control(FILE *nat_fp, FILE *filter_fp, int family) for(i = 0; i < count && family == AF_INET && srcany == 0; i++) remote_access_set_proto(filter_fp, nat_fp, port, iprangeAddr[i], family, emta_wan_ifname); } +#endif #if defined(_COSA_BCM_ARM_) || defined(_PLATFORM_TURRIS_) || defined(_PLATFORM_BANANAPI_R4_) // RDKB-21814 @@ -12471,7 +12475,7 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * } #endif /*_HUB4_PRODUCT_REQ_*/ fprintf(filter_fp, "-A INPUT -i %s -j wan2self_mgmt\n", current_wan_ifname); -#if !defined(_HUB4_PRODUCT_REQ_) && !defined(_PLATFORM_RASPBERRYPI_) && !defined(_PLATFORM_TURRIS_) && !defined(_PLATFORM_BANANAPI_R4_) +#if !defined(_HUB4_PRODUCT_REQ_) && !defined(_PLATFORM_RASPBERRYPI_) && !defined(_PLATFORM_TURRIS_) && !defined(_PLATFORM_BANANAPI_R4_) && !defined (NO_MTA_FEATURE_SUPPORT) #if defined (_RDKB_GLOBAL_PRODUCT_REQ_) if( 0 != strncmp( devicePartnerId, "sky-", 4 ) ) #endif @@ -12507,8 +12511,10 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * { fprintf(filter_fp, "-A INPUT -i %s -p icmp --icmp-type 8 -m limit --limit 3/second -j %s\n", ecm_wan_ifname, "xlog_accept_wan2self"); // ICMP PING fprintf(filter_fp, "-A INPUT -i %s -j wan2self_ports\n", ecm_wan_ifname); +#if !defined (NO_MTA_FEATURE_SUPPORT) fprintf(filter_fp, "-A INPUT -i %s -p icmp --icmp-type 8 -m limit --limit 3/second -j %s\n", emta_wan_ifname, "xlog_accept_wan2self"); // ICMP PING fprintf(filter_fp, "-A INPUT -i %s -j wan2self_ports\n", emta_wan_ifname); +#endif } #endif /*_HUB4_PRODUCT_REQ_*/ fprintf(filter_fp, "-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT\n"); @@ -12588,7 +12594,7 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * fprintf(filter_fp, "-A INPUT -i %s -j ACCEPT\n", ecm_wan_ifname); } -#if !defined(_PLATFORM_RASPBERRYPI_) && !defined(_PLATFORM_TURRIS_) && !defined(_PLATFORM_BANANAPI_R4_) +#if !defined(_PLATFORM_RASPBERRYPI_) && !defined(_PLATFORM_TURRIS_) && !defined(_PLATFORM_BANANAPI_R4_) && !defined (NO_MTA_FEATURE_SUPPORT) if (emta_wan_ifname[0]) // spare eMTA wan interface from Utopia firewall { fprintf(filter_fp, "-A INPUT -i %s -p udp --dport 80 -j DROP\n", emta_wan_ifname); @@ -12830,7 +12836,9 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * #endif { fprintf(filter_fp, "-A general_input -i %s -p udp --dport 68 -j ACCEPT\n", ecm_wan_ifname); +#if !defined (NO_MTA_FEATURE_SUPPORT) fprintf(filter_fp, "-A general_input -i %s -p udp --dport 68 -j ACCEPT\n", emta_wan_ifname); +#endif } #endif /*_HUB4_PRODUCT_REQ_*/ } diff --git a/source/firewall/firewall_ipv6.c b/source/firewall/firewall_ipv6.c index fb1f7907..d7c7eeff 100644 --- a/source/firewall/firewall_ipv6.c +++ b/source/firewall/firewall_ipv6.c @@ -110,7 +110,9 @@ char wan6_ifname[50]; char ecm_wan_ifname[20]; char lan_ifname[50]; char cmdiag_ifname[20]; +#if !defined (NO_MTA_FEATURE_SUPPORT) char emta_wan_ifname[20]; +#endif token_t sysevent_token; int syslog_level; char firewall_levelv6[20]; @@ -170,6 +172,8 @@ char devicePartnerId[255] = {'\0'}; //Hardcoded support for cm and erouter should be generalized. #if defined(_HUB4_PRODUCT_REQ_) || defined(_TELCO_PRODUCT_REQ_) char * ifnames[] = { wan6_ifname, lan_ifname}; +#elif defined (NO_MTA_FEATURE_SUPPORT) +char * ifnames[] = { wan6_ifname, ecm_wan_ifname, lan_ifname}; #else char * ifnames[] = { wan6_ifname, ecm_wan_ifname, emta_wan_ifname, lan_ifname}; #endif /* * _HUB4_PRODUCT_REQ_ */ @@ -851,9 +855,10 @@ void do_ipv6_filter_table(FILE *fp){ { fprintf(fp, "-A INPUT -i %s -p icmpv6 -m icmp6 --icmpv6-type 128 -j PING_FLOOD\n", ecm_wan_ifname); // Echo request fprintf(fp, "-A INPUT -i %s -p icmpv6 -m icmp6 --icmpv6-type 129 -m limit --limit 10/sec -j ACCEPT\n", ecm_wan_ifname); // Echo reply - +#if !defined (NO_MTA_FEATURE_SUPPORT) fprintf(fp, "-A INPUT -i %s -p icmpv6 -m icmp6 --icmpv6-type 128 -j PING_FLOOD\n", emta_wan_ifname); // Echo request fprintf(fp, "-A INPUT -i %s -p icmpv6 -m icmp6 --icmpv6-type 129 -m limit --limit 10/sec -j ACCEPT\n", emta_wan_ifname); // Echo reply +#endif } #endif /*_HUB4_PRODUCT_REQ_*/ @@ -1324,7 +1329,9 @@ void do_ipv6_filter_table(FILE *fp){ #endif /** _RDKB_GLOBAL_PRODUCT_REQ_ */ { fprintf(fp, "-A FORWARD -i %s -o %s -j lan2wan\n", lan_ifname, ecm_wan_ifname); +#if !defined (NO_MTA_FEATURE_SUPPORT) fprintf(fp, "-A FORWARD -i %s -o %s -j lan2wan\n", lan_ifname, emta_wan_ifname); +#endif } #endif /*_HUB4_PRODUCT_REQ_*/ if(inf_num!= 0) @@ -1395,7 +1402,9 @@ void do_ipv6_filter_table(FILE *fp){ #endif /** _RDKB_GLOBAL_PRODUCT_REQ_ */ { fprintf(fp, "-A FORWARD -i %s -o %s -j lan2wan\n", Interface[cnt], ecm_wan_ifname); - fprintf(fp, "-A FORWARD -i %s -o %s -j lan2wan\n", Interface[cnt], emta_wan_ifname); +#if !defined (NO_MTA_FEATURE_SUPPORT) + fprintf(fp, "-A FORWARD -i %s -o %s -j lan2wan\n", Interface[cnt], emta_wan_ifname); +#endif } #endif } @@ -1453,7 +1462,9 @@ void do_ipv6_filter_table(FILE *fp){ #endif /** _RDKB_GLOBAL_PRODUCT_REQ_ */ { fprintf(fp, "-A FORWARD -i %s -m state --state ESTABLISHED,RELATED -j ACCEPT\n", ecm_wan_ifname); +#if !defined (NO_MTA_FEATURE_SUPPORT) fprintf(fp, "-A FORWARD -i %s -m state --state ESTABLISHED,RELATED -j ACCEPT\n", emta_wan_ifname); +#endif } #endif /*_HUB4_PRODUCT_REQ_*/ @@ -1491,7 +1502,9 @@ void do_ipv6_filter_table(FILE *fp){ #endif /** _RDKB_GLOBAL_PRODUCT_REQ_ */ { fprintf(fp, "-A FORWARD -i %s -o %s -j wan2lan\n", ecm_wan_ifname, lan_ifname); +#if !defined (NO_MTA_FEATURE_SUPPORT) fprintf(fp, "-A FORWARD -i %s -o %s -j wan2lan\n", emta_wan_ifname, lan_ifname); +#endif } #endif /*_HUB4_PRODUCT_REQ_*/ if(inf_num!= 0) @@ -1506,7 +1519,9 @@ void do_ipv6_filter_table(FILE *fp){ #endif /** _RDKB_GLOBAL_PRODUCT_REQ_ */ { fprintf(fp, "-A FORWARD -i %s -o %s -j wan2lan\n", ecm_wan_ifname, Interface[cnt]); +#if !defined (NO_MTA_FEATURE_SUPPORT) fprintf(fp, "-A FORWARD -i %s -o %s -j wan2lan\n", emta_wan_ifname, Interface[cnt]); +#endif } #endif } @@ -1996,7 +2011,7 @@ void do_ipv6_sn_filter(FILE* fp) { #ifdef _COSA_INTEL_XB3_ARM_ fprintf(fp, "-A PREROUTING -i %s -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j DROP\n",current_wan_ifname); fprintf(fp, "-A PREROUTING -i %s -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j DROP\n",ecm_wan_ifname); - fprintf(fp, "-A PREROUTING -i %s -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j DROP\n",emta_wan_ifname); + fprintf(fp, "-A PREROUTING -i %s -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j DROP\n",emta_wan_ifname); #endif FIREWALL_DEBUG("Exiting do_ipv6_sn_filter \n"); } diff --git a/source/scripts/init/service.d/ebtable_rules.sh b/source/scripts/init/service.d/ebtable_rules.sh index 318bc444..20212d41 100755 --- a/source/scripts/init/service.d/ebtable_rules.sh +++ b/source/scripts/init/service.d/ebtable_rules.sh @@ -36,6 +36,8 @@ # setting all ebtables rules here. +source /etc/device.properties + do_block_lan_to_wanip() { lan_if=$1 wan_if=$2 @@ -70,7 +72,9 @@ do_block_lan_to_wanip() { # block_lan_to_wanip_all() { lan_ifs=`syscfg get lan_ethernet_physical_ifnames` +if [ "$VOICE_SUPPORTED" != "false" ]; then wan_ifs=`syscfg get emta_wan_ifname` +fi wan_ifs="$wan_ifs `syscfg get ecm_wan_ifname`" wan_ifs="$wan_ifs `syscfg get wan_physical_ifname`" diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c index 306ab561..6e3fa8a2 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c @@ -1391,6 +1391,7 @@ STATIC void addInSysCfgdDB (char *key, char *value) set_syscfg_partner_values( value,"DSCP_InitialOutputMark" ); } } +#if !defined (NO_MTA_FEATURE_SUPPORT) if ( 0 == strcmp ( key, "Device.X_RDKCENTRAL-COM_EthernetWAN_MTA.StartupIPMode") ) { if ( 0 == IsValuePresentinSyscfgDB( "StartupIPMode" ) ) @@ -1419,6 +1420,7 @@ STATIC void addInSysCfgdDB (char *key, char *value) set_syscfg_partner_values( value,"IPv6PrimaryDhcpServerOptions" ); } } +#endif if ( 0 == strcmp ( key, "Device.X_RDK_WebConfig.URL") ) { if ( 0 == IsValuePresentinSyscfgDB( "WEBCONFIG_INIT_URL" ) ) @@ -1483,6 +1485,7 @@ STATIC void addInSysCfgdDB (char *key, char *value) IsPSMMigrationNeeded = 1; } } +#if !defined (NO_MTA_FEATURE_SUPPORT) if ( 0 == strcmp ( key, "Device.X_RDKCENTRAL-COM_EthernetWAN_MTA.IPv6SecondaryDhcpServerOptions") ) { if ( 0 == IsValuePresentinSyscfgDB( "IPv6SecondaryDhcpServerOptions" ) ) @@ -1490,11 +1493,13 @@ STATIC void addInSysCfgdDB (char *key, char *value) set_syscfg_partner_values( value,"IPv6SecondaryDhcpServerOptions" ); } } +#endif if ( 0 == strcmp ( key, "Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.HomeSec.SSIDprefix") ) { set_syscfg_partner_values( value,"XHS_SSIDprefix" ); IsPSMMigrationNeeded = 1; } +#if !defined (NO_MTA_FEATURE_SUPPORT) if ( 0 == strcmp ( key, "Default_VoIP_Configuration_FileName") ) { if ( 0 == IsValuePresentinSyscfgDB( "Default_VoIP_Configuration_FileName" ) ) @@ -1502,7 +1507,7 @@ STATIC void addInSysCfgdDB (char *key, char *value) set_syscfg_partner_values( value,"Default_VoIP_Configuration_FileName" ); } } - +#endif #if defined (SPEED_BOOST_SUPPORTED) if ( 0 == strcmp ( key, "Device.RouterAdvertisement.X_RDK_PvD.FQDN") ) @@ -1667,6 +1672,7 @@ STATIC void updateSysCfgdDB (char *key, char *value) { set_syscfg_partner_values( value,"DSCP_InitialOutputMark" ); } +#if !defined (NO_MTA_FEATURE_SUPPORT) if ( 0 == strcmp ( key, "Device.X_RDKCENTRAL-COM_EthernetWAN_MTA.StartupIPMode") ) { set_syscfg_partner_values( value,"StartupIPMode" ); @@ -1679,6 +1685,7 @@ STATIC void updateSysCfgdDB (char *key, char *value) { set_syscfg_partner_values( value,"IPv4SecondaryDhcpServerOptions" ); } +#endif if ( 0 == strcmp ( key, "Device.X_RDK_WebConfig.URL") ) { set_syscfg_partner_values( value,"WEBCONFIG_INIT_URL" ); @@ -1718,7 +1725,8 @@ STATIC void updateSysCfgdDB (char *key, char *value) { set_syscfg_partner_values( value,"DNS_TEXT_URL" ); IsPSMMigrationNeeded = 1; - } + } +#if !defined (NO_MTA_FEATURE_SUPPORT) if ( 0 == strcmp ( key, "Device.X_RDKCENTRAL-COM_EthernetWAN_MTA.IPv6PrimaryDhcpServerOptions") ) { set_syscfg_partner_values( value,"IPv6PrimaryDhcpServerOptions" ); @@ -1727,6 +1735,7 @@ STATIC void updateSysCfgdDB (char *key, char *value) { set_syscfg_partner_values( value,"IPv6SecondaryDhcpServerOptions" ); } +#endif if ( 0 == strcmp ( key, "Device.ManagementServer.EnableCWMP") ) { set_syscfg_partner_values( value,"Syndication_EnableCWMP" ); @@ -1750,10 +1759,12 @@ STATIC void updateSysCfgdDB (char *key, char *value) { set_syscfg_partner_values( value,"AllowEthernetWAN" ); } +#if !defined (NO_MTA_FEATURE_SUPPORT) if ( 0 == strcmp ( key, "Default_VoIP_Configuration_FileName") ) { set_syscfg_partner_values( value,"Default_VoIP_Configuration_FileName" ); } +#endif #if defined (SPEED_BOOST_SUPPORTED) @@ -2304,11 +2315,13 @@ static int apply_partnerId_default_values (char *data, char *PartnerID) *maxAddress = NULL, *allow_ethernet_wan = NULL, *initialForwardedMark = NULL, - *initialOutputMark = NULL, - *startupipmode = NULL, + *initialOutputMark = NULL; +#if !defined (NO_MTA_FEATURE_SUPPORT) + char *startupipmode = NULL, *pridhcpoption = NULL, *secdhcpoption = NULL, *voiceDefaultConfigFile = NULL; +#endif int isNeedToApplyPartnersDefault = 1; int isNeedToApplyPartnersPSMDefault = 0; char ntpServer[64] = {0}; @@ -2956,7 +2969,7 @@ static int apply_partnerId_default_values (char *data, char *PartnerID) { APPLY_PRINT("%s - Default Value of InitialOutputMark is NULL\n", __FUNCTION__ ); } - +#if !defined (NO_MTA_FEATURE_SUPPORT) paramObjVal = cJSON_GetObjectItem(cJSON_GetObjectItem( partnerObj, "Device.X_RDKCENTRAL-COM_EthernetWAN_MTA.StartupIPMode"), "ActiveValue"); if ( paramObjVal != NULL ) { @@ -2972,7 +2985,6 @@ static int apply_partnerId_default_values (char *data, char *PartnerID) APPLY_PRINT("%s - Default Value of StartupIPMode is NULL\n", __FUNCTION__ ); } - paramObjVal = cJSON_GetObjectItem(cJSON_GetObjectItem( partnerObj, "Default_VoIP_Configuration_FileName"), "ActiveValue"); if ( paramObjVal != NULL ) { @@ -3047,7 +3059,7 @@ if ( paramObjVal != NULL ) { APPLY_PRINT("%s - Default Value of Secondary dhcp server option is NULL\n", __FUNCTION__ ); } - +#endif paramObjVal = cJSON_GetObjectItem(cJSON_GetObjectItem( partnerObj, "Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.WANsideSSH.Enable"), "ActiveValue"); if ( paramObjVal != NULL ) { diff --git a/source/scripts/init/src/apply_system_defaults_helper.c b/source/scripts/init/src/apply_system_defaults_helper.c index b4e983ec..c96eff55 100644 --- a/source/scripts/init/src/apply_system_defaults_helper.c +++ b/source/scripts/init/src/apply_system_defaults_helper.c @@ -1423,6 +1423,7 @@ static void addInSysCfgdDB (char *key, char *value) set_syscfg_partner_values( value,"DSCP_InitialOutputMark" ); } } +#if !defined (NO_MTA_FEATURE_SUPPORT) if ( 0 == strcmp ( key, "Device.X_RDKCENTRAL-COM_EthernetWAN_MTA.StartupIPMode") ) { if ( 0 == IsValuePresentinSyscfgDB( "StartupIPMode" ) ) @@ -1451,6 +1452,7 @@ static void addInSysCfgdDB (char *key, char *value) set_syscfg_partner_values( value,"IPv6PrimaryDhcpServerOptions" ); } } +#endif if ( 0 == strcmp ( key, "Device.X_RDK_WebConfig.URL") ) { if ( 0 == IsValuePresentinSyscfgDB( "WEBCONFIG_INIT_URL" ) ) @@ -1515,6 +1517,7 @@ static void addInSysCfgdDB (char *key, char *value) IsPSMMigrationNeeded = 1; } } +#if !defined (NO_MTA_FEATURE_SUPPORT) if ( 0 == strcmp ( key, "Device.X_RDKCENTRAL-COM_EthernetWAN_MTA.IPv6SecondaryDhcpServerOptions") ) { if ( 0 == IsValuePresentinSyscfgDB( "IPv6SecondaryDhcpServerOptions" ) ) @@ -1522,6 +1525,7 @@ static void addInSysCfgdDB (char *key, char *value) set_syscfg_partner_values( value,"IPv6SecondaryDhcpServerOptions" ); } } +#endif if ( 0 == strcmp ( key, "Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.HomeSec.SSIDprefix") ) { set_syscfg_partner_values( value,"XHS_SSIDprefix" ); @@ -2915,6 +2919,7 @@ int apply_partnerId_default_values (char *data, char *PartnerID) APPLY_PRINT("%s - Default Value of InitialOutputMark is NULL\n", __FUNCTION__ ); } +#if !defined (NO_MTA_FEATURE_SUPPORT) paramObjVal = cJSON_GetObjectItem(cJSON_GetObjectItem( partnerObj, "Device.X_RDKCENTRAL-COM_EthernetWAN_MTA.StartupIPMode"), "ActiveValue"); if ( paramObjVal != NULL ) { @@ -2989,6 +2994,7 @@ if ( paramObjVal != NULL ) { APPLY_PRINT("%s - Default Value of Secondary dhcp server option is NULL\n", __FUNCTION__ ); } +#endif paramObjVal = cJSON_GetObjectItem(cJSON_GetObjectItem( partnerObj, "Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.WANsideSSH.Enable"), "ActiveValue"); if ( paramObjVal != NULL ) diff --git a/source/service_udhcpc/service_udhcpc.c b/source/service_udhcpc/service_udhcpc.c index 03ddb7b2..cc40679c 100644 --- a/source/service_udhcpc/service_udhcpc.c +++ b/source/service_udhcpc/service_udhcpc.c @@ -99,6 +99,7 @@ #define RESOLV_CONF_TMP "/tmp/resolv_temp.conf" #define BUFSIZE 4196 +#if !defined (NO_MTA_FEATURE_SUPPORT) #define MTA_DHCPV4_PRIMARY_ADDR "MTA_DHCPv4_PrimaryAddress" #define MTA_DHCPV4_SECONDARY_ADDR "MTA_DHCPv4_SecondaryAddress" #define MTA_DHCPV6_PRIMARY_ADDR "MTA_DHCPv6_PrimaryAddress" @@ -106,6 +107,7 @@ #define MTA_IP_PREF "MTA_IP_PREF" #define DHCP_MTA_OPTION "dhcp_mta_option" #define RECEIVED "received" +#endif #ifdef UNIT_TEST_DOCKER_SUPPORT #define STATIC @@ -231,6 +233,7 @@ STATIC char *GetDeviceProperties (char *param) return valPtr; } +#if !defined(NO_MTA_FEATURE_SUPPORT) #if defined (EROUTER_DHCP_OPTION_MTA) && defined (FEATURE_RDKB_WAN_MANAGER) STATIC void clear_mta_params () { @@ -295,7 +298,7 @@ STATIC void set_mta_config () } } - +#endif #endif STATIC int handle_defconfig (udhcpc_script_t *pinfo) From 251c470ae906159d064a31a75a0725cd8a053920 Mon Sep 17 00:00:00 2001 From: Suganya-Sugumar <222150366+Suganya-Sugumar@users.noreply.github.com> Date: Thu, 20 Nov 2025 07:29:10 +0000 Subject: [PATCH 62/63] Add changelog for release --- CHANGELOG.md | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index def893ae..8bc45ea5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,8 +4,21 @@ All notable changes to this project will be documented in this file. Dates are d Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). +#### [1.3.1](https://github.com/rdkcentral/utopia/compare/1.3.0...1.3.1) + +- CBR2-2216:Observing SYS_SH_Zebra_restart marker during stability testing [`#129`](https://github.com/rdkcentral/utopia/pull/129) +- RDKCOM-5457: RDKBDEV-3301 Bringup of Utopia on QCOM Platform [`#94`](https://github.com/rdkcentral/utopia/pull/94) +- XB9-668 : Upstream xb9 specific changes to github repo [`#118`](https://github.com/rdkcentral/utopia/pull/118) +- TCXB8-3707: Parental Controls blocks false positives [`#107`](https://github.com/rdkcentral/utopia/pull/107) +- TCXB8-3706 : SYS_SH_Syseventd_restart marker [`#116`](https://github.com/rdkcentral/utopia/pull/116) +- RDKB-777777: Debugging the lan-status is not set to started issue [`11c8f66`](https://github.com/rdkcentral/utopia/commit/11c8f66d7acc6364737efddb85fc62394c40e2fb) +- Merge tag '1.3.0' into develop [`c866914`](https://github.com/rdkcentral/utopia/commit/c86691486474e6156fd8243cd55299fa778021e9) +- Adding rule for handling https keyword filtering [`8627882`](https://github.com/rdkcentral/utopia/commit/86278821c1fc53f7276a726294e1cfa72a548686) + #### [1.3.0](https://github.com/rdkcentral/utopia/compare/1.2.2...1.3.0) +> 6 November 2025 + - XB10-2198: SYS_SH_dnsmasq_restart is continuous with 8.2p5s1 upgrade [`#119`](https://github.com/rdkcentral/utopia/pull/119) - revert of kernel_pid.max val set from utopia_init.sh file [`#117`](https://github.com/rdkcentral/utopia/pull/117) - RDKB-60798-IPv6 Support for WiFi Hotspot [`#115`](https://github.com/rdkcentral/utopia/pull/115) @@ -14,9 +27,9 @@ Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). - RDKB-62232: Syntax error in /etc/utopia/service.d/service_ntpd.sh [`#111`](https://github.com/rdkcentral/utopia/pull/111) - SHARMAN-1210:Add telemetry support to report FW info from both banks [`#70`](https://github.com/rdkcentral/utopia/pull/70) - IPv6 support for WIFI hotspot [`#52`](https://github.com/rdkcentral/utopia/pull/52) +- Add CHANGELOG.md for Release 1.3.0 [`f098983`](https://github.com/rdkcentral/utopia/commit/f098983d0ae5480baa788dda25a8b8676004cfc2) - Presence Notification [`04d5da3`](https://github.com/rdkcentral/utopia/commit/04d5da34148680adce639b27d63f790a5438832a) - Merge tag '1.2.2' into develop [`3b14a92`](https://github.com/rdkcentral/utopia/commit/3b14a92d8a532ec9e34064eb5b0ddc861fe1c88f) -- Merge tag '1.2.1' into develop [`d652c3a`](https://github.com/rdkcentral/utopia/commit/d652c3a4266e78d843c330383c334f79a3e051ea) #### [1.2.2](https://github.com/rdkcentral/utopia/compare/1.2.1...1.2.2) From 34620183193ef62ad2ef43f33ecdbae4bfe530b2 Mon Sep 17 00:00:00 2001 From: abhishek-kumaracee2 Date: Mon, 24 Nov 2025 00:16:34 -0500 Subject: [PATCH 63/63] RDKB-61944 : [Coverity] Various issues in utopia component (#132) Reason for change: Fix coverity issues Test Procedure: Run coverity and check for errors in utopia Risks: Low Priority:P1 Signed-off-by: abhishek_kumaracee2@comcast.com Signed-off-by: abhishek_kumaracee2@comcast.com --- source/firewall/firewall.c | 78 ++-- source/firewall_log/GenFWLog.c | 40 +- source/igd/src/igd_action_port_mapping.c | 2 +- source/igd/src/igd_platform_independent_inf.c | 4 +- source/igd/src/igd_utility.c | 7 +- .../apply_system_defaults.c | 366 +++++++++--------- source/service_dhcp/dhcp_server_functions.c | 18 +- source/service_dhcp/service_dhcp_server.c | 170 ++++---- .../service_dhcpv6_client.c | 30 +- source/service_ipv6/service_ipv6.c | 7 +- source/service_routed/service_routed.c | 18 +- source/syscfg/cmd/syscfgcmd.c | 11 +- source/syscfg/lib/syscfg_lib.c | 1 + source/sysevent/fork_helper/fork_helper.c | 2 +- source/sysevent/lib/libsysevent.c | 9 +- source/sysevent/lib/libsysevent_internal.h | 2 +- source/sysevent/server/clientsMgr.c | 32 +- source/sysevent/server/dataMgr.c | 24 +- source/sysevent/server/syseventd_main.c | 67 ++-- source/sysevent/server/triggerMgr.c | 4 +- source/utapi/lib/tr181_util.c | 4 +- source/utapi/lib/utapi.c | 76 ++-- source/utapi/lib/utapi_moca.c | 77 ++-- source/utapi/lib/utapi_tr_dhcp.c | 41 +- source/utapi/lib/utapi_tr_wlan.c | 117 +++--- source/utapi/lib/utapi_util.h | 17 + source/utctx/lib/utctx.c | 7 +- 27 files changed, 698 insertions(+), 533 deletions(-) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 1b805c62..475d0d0b 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -522,7 +522,6 @@ enum{ NAT_DISABLE_STATICIP, }; #define PCMD_LIST "/tmp/.pcmd" - typedef struct _decMacs_ { char mac[19]; @@ -2158,7 +2157,7 @@ static int bIsContainerEnabled( void) deviceFilePtr = fopen( DEVICE_PROPERTIES, "r" ); if (deviceFilePtr) { - while (fscanf(deviceFilePtr , "%s", fileContent) != EOF ) { + while (fscanf(deviceFilePtr , "%254s", fileContent) != EOF ) { if ((pContainerSupport = strstr(fileContent, "CONTAINER_SUPPORT")) != NULL) { offsetValue = strlen("CONTAINER_SUPPORT="); pContainerSupport = pContainerSupport + offsetValue; @@ -8139,39 +8138,37 @@ static int determine_enforcement_schedule2(FILE *cron_fp, const char *namespace) int today_bits = 0; today_bits = (1 << local_now.tm_wday); - if(!(today_bits & policy_days)) { - } else { - if (1 == h24) { - within_policy_start_stop = 1; - } else { - int startPassedHours, startPassedMins; - int stopPassedHours, stopPassedMins; - int startPass, stopPass; - int sh, sm, eh, em; + if(!(today_bits & policy_days)) + { + } + else + { + int startPassedHours, startPassedMins; + int stopPassedHours, stopPassedMins; + int startPass, stopPass; + int sh, sm, eh, em; + sscanf(policy_time_start, "%d:%d", &sh, &sm); + sscanf(policy_time_stop, "%d:%d", &eh, &em); - sscanf(policy_time_start, "%d:%d", &sh, &sm); - sscanf(policy_time_stop, "%d:%d", &eh, &em); + startPass = time_delta(&local_now, policy_time_start, &startPassedHours, &startPassedMins); + stopPass = time_delta(&local_now, policy_time_stop, &stopPassedHours, &stopPassedMins); - startPass = time_delta(&local_now, policy_time_start, &startPassedHours, &startPassedMins); - stopPass = time_delta(&local_now, policy_time_stop, &stopPassedHours, &stopPassedMins); - - //start time > stop time - if(sh > eh || (sh == eh && sm >= em)) { - if(!((stopPass == -1 || (stopPass == 0 && stopPassedHours == 0 && stopPassedMins == 0)) - && startPass == 0)) + //start time > stop time + if(sh > eh || (sh == eh && sm >= em)) { + if(!((stopPass == -1 || (stopPass == 0 && stopPassedHours == 0 && stopPassedMins == 0)) + && startPass == 0)) within_policy_start_stop = 1; - } - else { //start time < stop time - //printf("today is %d, start time is %d, stop time is %d\n", today_bits, sh, eh); - if((startPass == -1 || (startPass == 0 && startPassedHours == 0 && startPassedMins == 0)) - && stopPass == 0) { + } + else { //start time < stop time + //printf("today is %d, start time is %d, stop time is %d\n", today_bits, sh, eh); + if((startPass == -1 || (startPass == 0 && startPassedHours == 0 && startPassedMins == 0)) + && stopPass == 0) { within_policy_start_stop = 1; - } - } + } } } - FIREWALL_DEBUG("Exiting determine_enforcement_schedule2\n"); + FIREWALL_DEBUG("Exiting determine_enforcement_schedule2\n"); return within_policy_start_stop; } @@ -8948,9 +8945,10 @@ static int do_parcon_mgmt_device(FILE *fp, int iptype, FILE *cron_fp) devMacSt * getPcmdList(int *devCount) { int count = 0; -int numDev = 0; +long numDev = 0; FILE * fp; char buf[19]; +char *endptr = NULL; devMacSt *devMacs = NULL; devMacSt *dev = NULL; memset(buf, 0, sizeof(buf)); @@ -8961,11 +8959,23 @@ memset(buf, 0, sizeof(buf)); FIREWALL_DEBUG("Error while locking file\n"); while( fgets ( buf, sizeof(buf), fp ) != NULL ) { - if(count == 0){ - numDev = atoi(buf); - printf("numDev = %d \n" COMMA numDev); - *devCount = numDev; - devMacs = (devMacSt *)calloc(numDev,sizeof(devMacSt)); + if(count == 0) + { + errno = 0; + numDev = strtol(buf, &endptr, 10); + if (endptr == buf || *endptr != '\0' || errno == ERANGE) + { + FIREWALL_DEBUG("invalid data\n"); + break; + } + if (numDev < INT_MIN || numDev > INT_MAX) + { + FIREWALL_DEBUG("invalid integer\n"); + break; + } + + *devCount = (int)numDev; + devMacs = (devMacSt *)calloc(*devCount,sizeof(devMacSt)); dev = devMacs; } else diff --git a/source/firewall_log/GenFWLog.c b/source/firewall_log/GenFWLog.c index df74919f..5232f449 100644 --- a/source/firewall_log/GenFWLog.c +++ b/source/firewall_log/GenFWLog.c @@ -745,7 +745,10 @@ void get_rule_time(int count){ end = line; } OUT: - munmap(start, statbuf.st_size); + if(-1 == munmap(start, statbuf.st_size)) + { + perror("munmap failed"); + } // close(fd); #endif @@ -810,20 +813,20 @@ int main(int argc, char** argv){ } } - if(access(FIREWALL_LOG_DIR, F_OK) == -1) + errno = 0; + if(mkdir(FIREWALL_LOG_DIR, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) == -1) { - if(mkdir(FIREWALL_LOG_DIR, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) == -1) - { - printf("Error Creating Directory"); - } - else - { - printf("Directory Created Successfully"); - } + if (errno == EEXIST) { + printf("Directory already exists"); + } + else + { + printf("Error Creating Directory"); + } } else { - printf("Directory already exists"); + printf("Directory Created Successfully"); } g_p_rule_tbl = NULL; @@ -888,7 +891,10 @@ int main(int argc, char** argv){ if( i == 0 ){ fclose(ipt); - remove(TEMP_FILE); + if(0 != remove(TEMP_FILE)) + { + perror("remove failed"); + } fUnlock(lock); exit(0); } @@ -897,7 +903,10 @@ int main(int argc, char** argv){ if(log == NULL){ if(NULL == (log = fopen(fName, "w+"))){ fclose(ipt); - remove(TEMP_FILE); + if (0 != remove(TEMP_FILE)) + { + perror("remove failed"); + } fUnlock(lock); exit(1); } @@ -920,7 +929,10 @@ int main(int argc, char** argv){ fclose(log); fclose(ipt); clean_log(); - remove(TEMP_FILE); + if (0 != remove(TEMP_FILE)) + { + perror("remove failed"); + } fUnlock(lock); if(g_rule_tlb_len != 0) free(g_p_rule_tbl); diff --git a/source/igd/src/igd_action_port_mapping.c b/source/igd/src/igd_action_port_mapping.c index 64eb034d..f6741275 100644 --- a/source/igd/src/igd_action_port_mapping.c +++ b/source/igd/src/igd_action_port_mapping.c @@ -356,7 +356,7 @@ INT32 IGD_get_GenericPortMapping_entry(INOUT struct action_event *event) ret = PAL_UPNP_SOAP_E_ACTION_FAILED; event->request->error_code = ret; - strncpy(event->request->error_str, PAL_upnp_get_error_message(PAL_UPNP_SOAP_E_ACTION_FAILED), PAL_UPNP_LINE_SIZE); + snprintf(event->request->error_str,sizeof(event->request->error_str),"%s",PAL_upnp_get_error_message(PAL_UPNP_SOAP_E_ACTION_FAILED)); } } // end if (portmapIndex.portMapIndex >= entryNum) } else { //IGD_pii_get_portmapping_entry_num error diff --git a/source/igd/src/igd_platform_independent_inf.c b/source/igd/src/igd_platform_independent_inf.c index 9da960c0..50832136 100755 --- a/source/igd/src/igd_platform_independent_inf.c +++ b/source/igd/src/igd_platform_independent_inf.c @@ -896,11 +896,11 @@ INT32 IGD_pii_add_portmapping_entry( IN INT32 WanDeviceIndex, snprintf(pmap.name,sizeof(pmap.name),"%s",portmapEntry->description); } pmap.external_port = portmapEntry->externalPort; - if (portmapEntry->remoteHost != NULL) { + if (portmapEntry->remoteHost[0] != '\0') { snprintf(pmap.external_host,sizeof(pmap.external_host),"%s",portmapEntry->remoteHost); } pmap.internal_port = portmapEntry->internalPort; - if (portmapEntry->internalClient != NULL) { + if (portmapEntry->internalClient[0] != '\0') { snprintf(pmap.internal_host,sizeof(pmap.internal_host),"%s",portmapEntry->internalClient); } pmap.lease = portmapEntry->leaseTime; diff --git a/source/igd/src/igd_utility.c b/source/igd/src/igd_utility.c index c4d0f4b7..62df34a0 100644 --- a/source/igd/src/igd_utility.c +++ b/source/igd/src/igd_utility.c @@ -464,7 +464,12 @@ BOOL chkPortMappingClient(char* client) return FALSE; } - Utopia_GetLanSettings(&Ctx, &lan); + //CHECKED_RETURN + if (SUCCESS != Utopia_GetLanSettings(&Ctx, &lan)) + { + printf("%s Error failed to get LAN params\n", __FUNCTION__); + } + inet_pton(AF_INET, lan.ipaddr, &ipaddr); inet_pton(AF_INET, lan.netmask, &netmask); inet_pton(AF_INET, client, &clientaddr); diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c index 6e3fa8a2..1430afbc 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c @@ -128,6 +128,17 @@ static int convert = 0; }\ }\ +static inline void create_file_644(const char *path) +{ + int fd = open(path, + O_WRONLY | O_CREAT | O_TRUNC, + S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); + if (fd == -1) + { + perror("open failed"); + } + close(fd); +} static char *trim (char *in) { @@ -833,7 +844,7 @@ void CheckAndHandleInvalidPartnerIDRecoveryProcess(char *PartnerID) { APPLY_PRINT("%s - syscfg_set failed\n", __FUNCTION__); } - creat("/nvram/.Invalid_PartnerID", 0644); + create_file_644("/nvram/.Invalid_PartnerID"); v_secure_system("/rdklogger/backupLogs.sh"); } @@ -855,107 +866,100 @@ void CheckAndHandleInvalidPartnerIDRecoveryProcess(char *PartnerID) { static int get_PartnerID (char *PartnerID) { - char buf[PARTNER_ID_LEN]; - memset(buf, 0, sizeof(buf)); - //int isValidPartner = 0; - - /* - * Check whether /nvram/.partner_ID file is available or not. - * If available then read it and apply defaults based on new partnerID - * If not available then read it from HAL and create the /nvram/.partner_ID file - * then apply defaults based on current partnerID - */ - if ( access( PARTNERID_FILE , F_OK ) != 0 ) - { + char buf[PARTNER_ID_LEN]; + FILE *FilePtr = NULL; + + memset(buf, 0, sizeof(buf)); + //int isValidPartner = 0; + + /* + * Check whether /nvram/.partner_ID file is available or not. + * If available then read it and apply defaults based on new partnerID + * If not available then read it from HAL and create the /nvram/.partner_ID file + * then apply defaults based on current partnerID + */ + + FilePtr = fopen( PARTNERID_FILE, "r" ); + if ( NULL == FilePtr ) + { + APPLY_PRINT("%s - %s is not there\n", __FUNCTION__, PARTNERID_FILE ); + if( ( 0 == getFactoryPartnerId( PartnerID ) ) && ( PartnerID [ 0 ] != '\0' ) ) + { + APPLY_PRINT("%s - PartnerID from HAL: %s\n",__FUNCTION__,PartnerID ); + validatePartnerId ( PartnerID ); + } + else + { + if ( 0 == GetDevicePropertiesEntry( buf, sizeof( buf ),"PARTNER_ID" ) ) + { + if(buf[0] != '\0') // CID 73353: Array compared against 0 (NO_EFFECT) + { + strncpy(PartnerID,buf,strlen(buf)); + PartnerID[strlen(buf)] = '\0'; // CID 340497: String not null terminated (STRING_NULL) + APPLY_PRINT("%s - PartnerID from device.properties: %s\n",__FUNCTION__,PartnerID ); + } + } + else + { + APPLY_PRINT("%s:ERROR.....partnerId from factory also NULL setting it to unknown\n",__FUNCTION__); - APPLY_PRINT("%s - %s is not there\n", __FUNCTION__, PARTNERID_FILE ); - if( ( 0 == getFactoryPartnerId( PartnerID ) ) && ( PartnerID [ 0 ] != '\0' ) ) - { - APPLY_PRINT("%s - PartnerID from HAL: %s\n",__FUNCTION__,PartnerID ); - validatePartnerId ( PartnerID ); - } - else - { - if ( 0 == GetDevicePropertiesEntry( buf, sizeof( buf ),"PARTNER_ID" ) ) - { - if(buf[0] != '\0') // CID 73353: Array compared against 0 (NO_EFFECT) - { - strncpy(PartnerID,buf,strlen(buf)); - PartnerID[strlen(buf)] = '\0'; // CID 340497: String not null terminated (STRING_NULL) - APPLY_PRINT("%s - PartnerID from device.properties: %s\n",__FUNCTION__,PartnerID ); - } - } - else - { - APPLY_PRINT("%s:ERROR.....partnerId from factory also NULL setting it to unknown\n",__FUNCTION__); - #if defined (_XB6_PRODUCT_REQ_) - sprintf( PartnerID, "%s", "unknown" ); + sprintf( PartnerID, "%s", "unknown" ); #elif defined (_RDK_REF_PLATFORM_) - sprintf( PartnerID, "%s", "RDKM"); + sprintf( PartnerID, "%s", "RDKM"); #elif defined (_SR300_PRODUCT_REQ_) /* Default fall back option for ADA devices SKYH4-4946 */ - sprintf( PartnerID, "%s", "sky-uk"); + sprintf( PartnerID, "%s", "sky-uk"); #elif defined (_HUB4_PRODUCT_REQ_) /* Default fall back option for HUB4 devices SKYH4-4946 */ - sprintf( PartnerID, "%s", "sky-italia"); + sprintf( PartnerID, "%s", "sky-italia"); #else - sprintf( PartnerID, "%s", "comcast" ); + sprintf( PartnerID, "%s", "comcast" ); #endif - APPLY_PRINT("%s - Failed Get factoryPartnerId so set it PartnerID as: %s\n", __FUNCTION__, PartnerID ); - t2_event_d("SYS_ERROR_Factorypartner_fetch_failed", 1); + APPLY_PRINT("%s - Failed Get factoryPartnerId so set it PartnerID as: %s\n", __FUNCTION__, PartnerID ); + t2_event_d("SYS_ERROR_Factorypartner_fetch_failed", 1); - if (strncmp(PartnerID, "comcast", strlen("comcast")) == 0) - t2_event_d("SYS_ERROR_Factory_partner_set_comcast", 1); - } - } - } - else - { - FILE *FilePtr = NULL; - char fileContent[ 256 ] = { 0 }; - - /* TODO CID 135527: Time of check time of use - * As per code flow either access() or fopen() will be invoked - * so we could not hit the TOCTOU issue. It could be a false positive.*/ - FilePtr = fopen( PARTNERID_FILE, "r" ); - - if ( FilePtr ) - { - char *pos; - - fgets( fileContent, 256, FilePtr ); - fclose( FilePtr ); - FilePtr = NULL; - - // Remove line \n charecter from string - if ( ( pos = strchr( fileContent, '\n' ) ) != NULL ) - *pos = '\0'; + if (strncmp(PartnerID, "comcast", strlen("comcast")) == 0) + t2_event_d("SYS_ERROR_Factory_partner_set_comcast", 1); + } + } + } + else + { + char *pos; + char fileContent[ 256 ] = { 0 }; - sprintf( PartnerID, "%s", fileContent ); + fgets( fileContent, 256, FilePtr ); + fclose( FilePtr ); + FilePtr = NULL; - APPLY_PRINT("%s - PartnerID from File: %s\n",__FUNCTION__,PartnerID ); - validatePartnerId ( PartnerID ); - } - unlink("/nvram/.partner_ID"); - } - set_syscfg_partner_values(PartnerID,"PartnerID"); + // Remove line \n charecter from string + if ( ( pos = strchr( fileContent, '\n' ) ) != NULL ) + *pos = '\0'; - //To print Facgtory PartnerID on every boot-up - memset(buf, 0, sizeof(buf)); - if( 0 == getFactoryPartnerId( buf ) ) - { - APPLY_PRINT("[GET-PARTNERID] Factory_PartnerID:%s\n", buf ); - t2_event_s("getfactorypartner_split", buf); - } - else + sprintf( PartnerID, "%s", fileContent ); + + APPLY_PRINT("%s - PartnerID from File: %s\n",__FUNCTION__,PartnerID ); + validatePartnerId ( PartnerID ); + unlink("/nvram/.partner_ID"); + } + set_syscfg_partner_values(PartnerID,"PartnerID"); + + //To print Facgtory PartnerID on every boot-up + memset(buf, 0, sizeof(buf)); + if( 0 == getFactoryPartnerId( buf ) ) { - APPLY_PRINT("[GET-PARTNERID] Factory_PartnerID:NULL\n" ); - t2_event_s("getfactorypartner_split", NULL); - } + APPLY_PRINT("[GET-PARTNERID] Factory_PartnerID:%s\n", buf ); + t2_event_s("getfactorypartner_split", buf); + } + else + { + APPLY_PRINT("[GET-PARTNERID] Factory_PartnerID:NULL\n" ); + t2_event_s("getfactorypartner_split", NULL); + } - APPLY_PRINT("[GET-PARTNERID] Current_PartnerID:%s\n", PartnerID ); - t2_event_s("getcurrentpartner_split", PartnerID); - - return 0; + APPLY_PRINT("[GET-PARTNERID] Current_PartnerID:%s\n", PartnerID ); + t2_event_s("getcurrentpartner_split", PartnerID); + + return 0; } static void ValidateAndUpdatePartnerVersionParam (cJSON *root_etc_json, cJSON *root_nvram_json, bool *do_compare, char *PartnerID) @@ -965,17 +969,17 @@ static void ValidateAndUpdatePartnerVersionParam (cJSON *root_etc_json, cJSON *r char *version_etc = NULL; char *version_nvram = NULL; cJSON *version_nvram_key = NULL; - + if (!do_compare || !root_etc_json || !root_nvram_json) return; /* Check if entire parameters need to be compared based on version number */ properties_etc = cJSON_GetObjectItem(root_etc_json,"properties"); - + if (!properties_etc) *do_compare = true; - + if (properties_etc) { properties_nvram = cJSON_GetObjectItem(root_nvram_json,"properties"); @@ -988,7 +992,7 @@ static void ValidateAndUpdatePartnerVersionParam (cJSON *root_etc_json, cJSON *r int nvram_minor = 0; if (version_etc) - { + { sscanf(version_etc,"%d.%d",&etc_major,&etc_minor); printf ("\n READ version ######## etc: major %d minor %d \n",etc_major, etc_minor); } @@ -1019,33 +1023,32 @@ static void ValidateAndUpdatePartnerVersionParam (cJSON *root_etc_json, cJSON *r { printf ("\n VERSION MISMATCH ######## nvram %s etc %s \n", version_nvram, version_etc); } - else - { - /* A rare corner case, were version is getting updated,but key and value not added to the - * bootstrap file, this will make the newly added key not available until there is a new - * update version in partner json file, so handling here this case also as compare needed - * case*/ - cJSON * subitem_etc = cJSON_GetObjectItem(root_etc_json,PartnerID); - cJSON * subitem_nvram_bs = cJSON_GetObjectItem(root_nvram_json,PartnerID); - int subitem_etc_count = cJSON_GetArraySize(subitem_etc); - int subitem_nvram_bs_count = cJSON_GetArraySize(subitem_nvram_bs); - APPLY_PRINT ("\nversion:%d.%d KEY COUNT in nvram %d and etc %d\n", nvram_major, nvram_minor, - subitem_nvram_bs_count,subitem_etc_count); - if (subitem_etc_count != subitem_nvram_bs_count) - { - APPLY_PRINT ("\nversion:%d.%d KEY COUNT MISMATCH in nvram %d and etc %d,do compare\n", nvram_major, nvram_minor, - subitem_nvram_bs_count,subitem_etc_count); - *do_compare = true; - } - - } - } + else + { + /* A rare corner case, were version is getting updated,but key and value not added to the + * bootstrap file, this will make the newly added key not available until there is a new + * update version in partner json file, so handling here this case also as compare needed + * case*/ + cJSON * subitem_etc = cJSON_GetObjectItem(root_etc_json,PartnerID); + cJSON * subitem_nvram_bs = cJSON_GetObjectItem(root_nvram_json,PartnerID); + int subitem_etc_count = cJSON_GetArraySize(subitem_etc); + int subitem_nvram_bs_count = cJSON_GetArraySize(subitem_nvram_bs); + APPLY_PRINT ("\nversion:%d.%d KEY COUNT in nvram %d and etc %d\n", nvram_major, nvram_minor, + subitem_nvram_bs_count,subitem_etc_count); + if (subitem_etc_count != subitem_nvram_bs_count) + { + APPLY_PRINT ("\nversion:%d.%d KEY COUNT MISMATCH in nvram %d and etc %d,do compare\n", nvram_major, nvram_minor, + subitem_nvram_bs_count,subitem_etc_count); + *do_compare = true; + } + } + } } else { *do_compare = true; } - } + } if (version_etc) { @@ -1071,7 +1074,10 @@ static void ValidateAndUpdatePartnerVersionParam (cJSON *root_etc_json, cJSON *r FILE *fp = fopen(CLEAR_TRACK_FILE, "r"); if (fp) { - fscanf(fp, "%u", &flags); + if(1 != fscanf(fp, "%u", &flags)) + { + printf("%s: failed to read file %s", __FUNCTION__, CLEAR_TRACK_FILE); + } fclose(fp); } if ((flags & NVRAM_BOOTSTRAP_CLEARED) == 0) @@ -1640,7 +1646,7 @@ STATIC void addInSysCfgdDB (char *key, char *value) APPLY_PRINT("%s - PSM Migration needed for %s param so touching %s file\n", __FUNCTION__, key, PARTNER_DEFAULT_MIGRATE_FOR_NEW_PSM_MEMBER ); //Need to touch /tmp/.apply_partner_defaults_new_psm_member for PSM migration handling - creat(PARTNER_DEFAULT_MIGRATE_FOR_NEW_PSM_MEMBER,S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); + create_file_644(PARTNER_DEFAULT_MIGRATE_FOR_NEW_PSM_MEMBER); } } @@ -1856,7 +1862,7 @@ STATIC void updateSysCfgdDB (char *key, char *value) APPLY_PRINT("%s - PSM Migration needed for %s param so touching %s file\n", __FUNCTION__, key, PARTNER_DEFAULT_MIGRATE_FOR_NEW_PSM_MEMBER ); //Need to touch /tmp/.apply_partner_defaults_new_psm_member for PSM migration handling - creat(PARTNER_DEFAULT_MIGRATE_FOR_NEW_PSM_MEMBER,S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); + create_file_644(PARTNER_DEFAULT_MIGRATE_FOR_NEW_PSM_MEMBER); } } @@ -1978,7 +1984,10 @@ static int init_bootstrap_json (char *partner_nvram_obj, char *partner_etc_obj, FILE *fp = fopen(CLEAR_TRACK_FILE, "r"); if (fp) { - fscanf(fp, "%u", &flags); + if(1 != fscanf(fp, "%u", &flags)) + { + printf("%s: failed to read file %s", __FUNCTION__, CLEAR_TRACK_FILE); + } fclose(fp); } if ((flags & NVRAM_BOOTSTRAP_CLEARED) == 0) @@ -2047,7 +2056,10 @@ STATIC int compare_partner_json_param (char *partner_nvram_bs_obj, char *partner FILE *fp = fopen(CLEAR_TRACK_FILE, "r"); if (fp) { - fscanf(fp, "%u", &flags); + if (1 != fscanf(fp, "%u", &flags)) + { + printf("%s: failed to read file %s", __FUNCTION__, CLEAR_TRACK_FILE); + } fclose(fp); } if ((flags & NVRAM_BOOTSTRAP_CLEARED) == 0) @@ -2283,7 +2295,10 @@ STATIC int compare_partner_json_param (char *partner_nvram_bs_obj, char *partner FILE *fp = fopen(CLEAR_TRACK_FILE, "r"); if (fp) { - fscanf(fp, "%u", &flags); + if (1 != fscanf(fp, "%u", &flags)) + { + printf("%s: failed to read file %s", __FUNCTION__, CLEAR_TRACK_FILE); + } fclose(fp); } if ((flags & NVRAM_BOOTSTRAP_CLEARED) == 0) @@ -3426,69 +3441,72 @@ static void getPartnerIdWithRetry(char* buf, char* PartnerID) FILE *fp = fopen(CLEAR_TRACK_FILE, "r"); if (fp) { - fscanf(fp, "%u", &flags); - fclose(fp); + if(1 != fscanf(fp, "%u", &flags)) + { + printf("%s: failed to read file %s", __FUNCTION__, CLEAR_TRACK_FILE); + } + fclose(fp); } ptr_etc_json = json_file_parse( PARTNERS_INFO_FILE_ETC ); if ( ptr_etc_json ) { - ptr_nvram_bs_json = json_file_parse( BOOTSTRAP_INFO_FILE ); - if ( ptr_nvram_bs_json == NULL ) - { - if (access(BOOTSTRAP_INFO_FILE_BACKUP, F_OK) == 0) - { - //If backup file exists, compare and copy it to /opt/secure/bootstrap.json - if ((flags & NVRAM_BOOTSTRAP_CLEARED) == 0) - { + ptr_nvram_bs_json = json_file_parse( BOOTSTRAP_INFO_FILE ); + if ( ptr_nvram_bs_json == NULL ) + { + if (access(BOOTSTRAP_INFO_FILE_BACKUP, F_OK) == 0) + { + //If backup file exists, compare and copy it to /opt/secure/bootstrap.json + if ((flags & NVRAM_BOOTSTRAP_CLEARED) == 0) + { + char *ptr_nvram_bkup_json = NULL; + ptr_nvram_bkup_json = json_file_parse(BOOTSTRAP_INFO_FILE_BACKUP); + if (ptr_nvram_bkup_json) + { + APPLY_PRINT("%s-%d Comparing %s and %s\n", __FUNCTION__, __LINE__, BOOTSTRAP_INFO_FILE_BACKUP, PARTNERS_INFO_FILE_ETC); + compare_partner_json_param( ptr_nvram_bkup_json, ptr_etc_json, PartnerID ); + free(ptr_nvram_bkup_json); + } + } + } + else + { + ptr_nvram_json = json_file_parse( PARTNERS_INFO_FILE ); // nvram/partners_defaults.json can be removed after a few sprints. + init_bootstrap_json( ptr_nvram_json, ptr_etc_json, PartnerID ); + if ( ptr_nvram_json == NULL ) + { + APPLY_PRINT("cp %s %s", PARTNERS_INFO_FILE_ETC, PARTNERS_INFO_FILE); + v_secure_system("cp "PARTNERS_INFO_FILE_ETC " " PARTNERS_INFO_FILE); + + //Need to touch /tmp/.apply_partner_defaults_psm for PSM migration handling + create_file_644(PARTNER_DEFAULT_MIGRATE_PSM); // FIX: RDKB-20566 to handle migration + } + else + free( ptr_nvram_json ); + } + } + else + { + //If backup file exist, then compare with /etc/partners_defaults.json and update /opt/secure/bootstrap.json + if ((flags & NVRAM_BOOTSTRAP_CLEARED) == 0) + { char *ptr_nvram_bkup_json = NULL; ptr_nvram_bkup_json = json_file_parse(BOOTSTRAP_INFO_FILE_BACKUP); if (ptr_nvram_bkup_json) { - APPLY_PRINT("%s-%d Comparing %s and %s\n", __FUNCTION__, __LINE__, BOOTSTRAP_INFO_FILE_BACKUP, PARTNERS_INFO_FILE_ETC); - compare_partner_json_param( ptr_nvram_bkup_json, ptr_etc_json, PartnerID ); - free(ptr_nvram_bkup_json); + APPLY_PRINT("%s-%d - Comparing %s and %s\n", __FUNCTION__, __LINE__, BOOTSTRAP_INFO_FILE_BACKUP, PARTNERS_INFO_FILE_ETC); + compare_partner_json_param( ptr_nvram_bkup_json, ptr_etc_json, PartnerID ); + free(ptr_nvram_bkup_json); } - } - } - else - { - ptr_nvram_json = json_file_parse( PARTNERS_INFO_FILE ); // nvram/partners_defaults.json can be removed after a few sprints. - init_bootstrap_json( ptr_nvram_json, ptr_etc_json, PartnerID ); - if ( ptr_nvram_json == NULL ) - { - APPLY_PRINT("cp %s %s", PARTNERS_INFO_FILE_ETC, PARTNERS_INFO_FILE); - v_secure_system("cp "PARTNERS_INFO_FILE_ETC " " PARTNERS_INFO_FILE); - - //Need to touch /tmp/.apply_partner_defaults_psm for PSM migration handling - creat(PARTNER_DEFAULT_MIGRATE_PSM,S_IRUSR |S_IWUSR |S_IRGRP |S_IROTH); // FIX: RDKB-20566 to handle migration - } - else - free( ptr_nvram_json ); - } - } - else - { - //If backup file exist, then compare with /etc/partners_defaults.json and update /opt/secure/bootstrap.json - if ((flags & NVRAM_BOOTSTRAP_CLEARED) == 0) - { - char *ptr_nvram_bkup_json = NULL; - ptr_nvram_bkup_json = json_file_parse(BOOTSTRAP_INFO_FILE_BACKUP); - if (ptr_nvram_bkup_json) - { - APPLY_PRINT("%s-%d - Comparing %s and %s\n", __FUNCTION__, __LINE__, BOOTSTRAP_INFO_FILE_BACKUP, PARTNERS_INFO_FILE_ETC); - compare_partner_json_param( ptr_nvram_bkup_json, ptr_etc_json, PartnerID ); - free(ptr_nvram_bkup_json); - } - } - else - { - APPLY_PRINT("%s-%d - Comparing %s and %s\n", __FUNCTION__, __LINE__, BOOTSTRAP_INFO_FILE, PARTNERS_INFO_FILE_ETC); - compare_partner_json_param( ptr_nvram_bs_json, ptr_etc_json, PartnerID ); - } - free( ptr_nvram_bs_json ); - } - free( ptr_etc_json ); + } + else + { + APPLY_PRINT("%s-%d - Comparing %s and %s\n", __FUNCTION__, __LINE__, BOOTSTRAP_INFO_FILE, PARTNERS_INFO_FILE_ETC); + compare_partner_json_param( ptr_nvram_bs_json, ptr_etc_json, PartnerID ); + } + free( ptr_nvram_bs_json ); + } + free( ptr_etc_json ); } //Apply partner default values during FR/partner FR case diff --git a/source/service_dhcp/dhcp_server_functions.c b/source/service_dhcp/dhcp_server_functions.c index c254a0fd..df3adb37 100644 --- a/source/service_dhcp/dhcp_server_functions.c +++ b/source/service_dhcp/dhcp_server_functions.c @@ -1304,18 +1304,18 @@ int prepare_dhcp_conf (char *input) l_fNetRes = fopen(NETWORK_RES_FILE, "r"); if (NULL == l_fNetRes) { - fprintf(g_fArmConsoleLog, "%s file is not present \n", NETWORK_RES_FILE); + fprintf(g_fArmConsoleLog, "%s file is not present \n", NETWORK_RES_FILE); } else - { - /* CID 60600: Unchecked return value from library */ - if ((ret = fscanf(l_fNetRes,"%s", l_cNetwork_Res)) != 1) - { - fprintf(g_fArmConsoleLog, "read error of %s \n",NETWORK_RES_FILE); - } + { + /* CID 60600: Unchecked return value from library */ + if ((ret = fscanf(l_fNetRes,"%7s", l_cNetwork_Res)) != 1) + { + fprintf(g_fArmConsoleLog, "read error of %s \n",NETWORK_RES_FILE); + } - fclose(l_fNetRes); - } + fclose(l_fNetRes); + } l_iRet_Val = PSM_VALUE_GET_STRING(PSM_NAME_NOTIFY_WIFI_CHANGES, l_cpPsm_Get); diff --git a/source/service_dhcp/service_dhcp_server.c b/source/service_dhcp/service_dhcp_server.c index 92fe926b..a24375da 100644 --- a/source/service_dhcp/service_dhcp_server.c +++ b/source/service_dhcp/service_dhcp_server.c @@ -139,8 +139,15 @@ STATIC int getValueFromDevicePropsFile(char *str, char **value) { buf[strcspn( buf, "\r\n" )] = 0; // Strip off any carriage returns tempStr = strstr( buf, "=" ); - tempStr++; - *value = tempStr; + if (NULL != tempStr) + { + tempStr++; + *value = strdup(tempStr); + } + else + { + *value = NULL; + } ret = 0; break; } @@ -197,7 +204,7 @@ int get_PSM_VALUES_FOR_POOL(char *cmd,char *arr) { if (l_cpPsm_Get != NULL) { - strncpy(arr, l_cpPsm_Get, 16); + snprintf(arr, 16, "%s", l_cpPsm_Get); Ansc_FreeMemory_Callback(l_cpPsm_Get); l_cpPsm_Get = NULL; } @@ -252,22 +259,22 @@ int dnsmasq_server_start() if (!strncasecmp(g_cXdns_Enabled, "true", 4)) //If XDNS is ENABLED { char l_cXdnsRefacCodeEnable[8] = {0}; - char l_cXdnsEnable[8] = {0}; + char l_cXdnsEnable[8] = {0}; syscfg_get(NULL, "XDNS_RefacCodeEnable", l_cXdnsRefacCodeEnable, sizeof(l_cXdnsRefacCodeEnable)); syscfg_get(NULL, "X_RDKCENTRAL-COM_XDNS", l_cXdnsEnable, sizeof(l_cXdnsEnable)); if (!strncmp(l_cXdnsRefacCodeEnable, "1", 1) && !strncmp(l_cXdnsEnable, "1", 1)){ - safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -q --clear-on-reload --bind-dynamic --add-mac --add-cpe-id=abcdefgh -P 4096 -C %s %s --xdns-refac-code", - SERVER, DHCP_CONF,dnsOption); - if(safec_rc < EOK){ - ERR_CHK(safec_rc); - } + safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -q --clear-on-reload --bind-dynamic --add-mac --add-cpe-id=abcdefgh -P 4096 -C %s %s --xdns-refac-code", + SERVER, DHCP_CONF,dnsOption); + if(safec_rc < EOK){ + ERR_CHK(safec_rc); + } }else{ - safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -q --clear-on-reload --bind-dynamic --add-mac --add-cpe-id=abcdefgh -P 4096 -C %s %s", - SERVER, DHCP_CONF,dnsOption); - if(safec_rc < EOK){ - ERR_CHK(safec_rc); - } + safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -q --clear-on-reload --bind-dynamic --add-mac --add-cpe-id=abcdefgh -P 4096 -C %s %s", + SERVER, DHCP_CONF,dnsOption); + if(safec_rc < EOK){ + ERR_CHK(safec_rc); + } } } else //If XDNS is not enabled @@ -275,68 +282,82 @@ int dnsmasq_server_start() { safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -P 4096 -C %s %s", SERVER, DHCP_CONF,dnsOption); if(safec_rc < EOK){ - ERR_CHK(safec_rc); + ERR_CHK(safec_rc); } } #else #ifdef XDNS_ENABLE char *XDNS_Enable=NULL; - char *Box_Type=NULL; getValueFromDevicePropsFile("XDNS_ENABLE", &XDNS_Enable); - getValueFromDevicePropsFile("MODEL_NUM", &Box_Type); - fprintf(g_fArmConsoleLog, "\n%s Inside non XB3 block g_cXdns_Enabled=%s XDNS_Enable=%s Box_Type=%s.......\n",__FUNCTION__,g_cXdns_Enabled,XDNS_Enable,Box_Type); - if (!strncasecmp(g_cXdns_Enabled, "true", 4) || !strncasecmp(XDNS_Enable, "true", 4)) //If XDNS is ENABLED + if (NULL != XDNS_Enable) { - char DNSSEC_FLAG[8]={0}; - syscfg_get(NULL, "XDNS_DNSSecEnable", DNSSEC_FLAG, sizeof(DNSSEC_FLAG)); - if ((!strncmp(Box_Type, "CGA4332COM", 10) || !strncmp(Box_Type, "CGA4131COM", 10)) && !strncasecmp(l_cXdnsEnable, "1", 1) && !strncasecmp(DNSSEC_FLAG, "1", 1)) - { - if(!strncmp(l_cXdnsRefacCodeEnable, "1", 1)) - { - safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -q --clear-on-reload --bind-dynamic --add-mac --add-cpe-id=abcdefgh -P 4096 -C %s %s --dhcp-authoritative --proxy-dnssec --cache-size=0 --xdns-refac-code",SERVER, DHCP_CONF,dnsOption); - if(safec_rc < EOK) - { - ERR_CHK(safec_rc); - } - } - else - { - safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -q --clear-on-reload --bind-dynamic --add-mac --add-cpe-id=abcdefgh -P 4096 -C %s %s --dhcp-authoritative --proxy-dnssec --cache-size=0 --stop-dns-rebind --log-facility=/rdklogs/logs/dnsmasq.log",SERVER, DHCP_CONF,dnsOption); - if(safec_rc < EOK) - { - ERR_CHK(safec_rc); - } - } - } - else - { - if(!strncmp(l_cXdnsRefacCodeEnable, "1", 1) && !strncasecmp(l_cXdnsEnable, "1", 1)) - { - safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -q --clear-on-reload --bind-dynamic --add-mac --add-cpe-id=abcdefgh -P 4096 -C %s %s --dhcp-authoritative --xdns-refac-code --stop-dns-rebind --log-facility=/rdklogs/logs/dnsmasq.log",SERVER, DHCP_CONF,dnsOption); - if(safec_rc < EOK) - { - ERR_CHK(safec_rc); - } - } - else - { - safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -q --clear-on-reload --bind-dynamic --add-mac --add-cpe-id=abcdefgh -P 4096 -C %s %s --dhcp-authoritative --stop-dns-rebind --log-facility=/rdklogs/logs/dnsmasq.log ",SERVER, DHCP_CONF,dnsOption); - if(safec_rc < EOK) - { - ERR_CHK(safec_rc); - } - } - } - } - else // XDNS not enabled + fprintf(g_fArmConsoleLog, "\n%s Inside non XB3 block g_cXdns_Enabled=%s XDNS_Enable=%s.......\n",__FUNCTION__,g_cXdns_Enabled,XDNS_Enable); + if (!strncasecmp(g_cXdns_Enabled, "true", 4) || !strncasecmp(XDNS_Enable, "true", 4)) //If XDNS is ENABLED + { + char DNSSEC_FLAG[8]={0}; + char *Box_Type=NULL; + getValueFromDevicePropsFile("MODEL_NUM", &Box_Type); + if (NULL != Box_Type) + { + fprintf(g_fArmConsoleLog, "\n%s Inside non XB3 block Box_Type=%s.......\n",__FUNCTION__, Box_Type); + syscfg_get(NULL, "XDNS_DNSSecEnable", DNSSEC_FLAG, sizeof(DNSSEC_FLAG)); + if ((!strncmp(Box_Type, "CGA4332COM", 10) || !strncmp(Box_Type, "CGA4131COM", 10)) && !strncasecmp(l_cXdnsEnable, "1", 1) && !strncasecmp(DNSSEC_FLAG, "1", 1)) + { + if(!strncmp(l_cXdnsRefacCodeEnable, "1", 1)) + { + safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -q --clear-on-reload --bind-dynamic --add-mac --add-cpe-id=abcdefgh -P 4096 -C %s %s --dhcp-authoritative --proxy-dnssec --cache-size=0 --xdns-refac-code",SERVER, DHCP_CONF,dnsOption); + if(safec_rc < EOK) + { + ERR_CHK(safec_rc); + } + } + else + { + safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -q --clear-on-reload --bind-dynamic --add-mac --add-cpe-id=abcdefgh -P 4096 -C %s %s --dhcp-authoritative --proxy-dnssec --cache-size=0 --stop-dns-rebind --log-facility=/rdklogs/logs/dnsmasq.log",SERVER, DHCP_CONF,dnsOption); + if(safec_rc < EOK) + { + ERR_CHK(safec_rc); + } + } + } + else + { + if(!strncmp(l_cXdnsRefacCodeEnable, "1", 1) && !strncasecmp(l_cXdnsEnable, "1", 1)) + { + safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -q --clear-on-reload --bind-dynamic --add-mac --add-cpe-id=abcdefgh -P 4096 -C %s %s --dhcp-authoritative --xdns-refac-code --stop-dns-rebind --log-facility=/rdklogs/logs/dnsmasq.log",SERVER, DHCP_CONF,dnsOption); + if(safec_rc < EOK) + { + ERR_CHK(safec_rc); + } + } + else + { + safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -q --clear-on-reload --bind-dynamic --add-mac --add-cpe-id=abcdefgh -P 4096 -C %s %s --dhcp-authoritative --stop-dns-rebind --log-facility=/rdklogs/logs/dnsmasq.log ",SERVER, DHCP_CONF,dnsOption); + if(safec_rc < EOK) + { + ERR_CHK(safec_rc); + } + } + } + + free(Box_Type); + Box_Type = NULL; + } // if (NULL != Box_Type) + } + else // XDNS not enabled #endif - { - safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -P 4096 -C %s",SERVER, DHCP_CONF); - if(safec_rc < EOK) { - ERR_CHK(safec_rc); + safec_rc = sprintf_s(l_cSystemCmd, sizeof(l_cSystemCmd),"%s -P 4096 -C %s",SERVER, DHCP_CONF); + if(safec_rc < EOK) + { + ERR_CHK(safec_rc); + } } - } +#ifdef XDNS_ENABLE + free(XDNS_Enable); + XDNS_Enable = NULL; + } // if (NULL != XDNS_Enable) +#endif #endif return executeCmd(l_cSystemCmd); } @@ -794,7 +815,7 @@ int dhcp_server_start (char *input) } l_cBuf[strlen(l_cBuf)] = '\0'; - if ('\0' != l_cBuf[0] && 0 != l_cBuf[0]) + if ('\0' != l_cBuf[0]) { fprintf(g_fArmConsoleLog, "kill dnsmasq with SIGKILL if its still running \n"); v_secure_system("kill -KILL `pidof dnsmasq`"); @@ -1239,7 +1260,7 @@ void resync_to_nonvol(char *RemPools) memset(tmp_buff,0,sizeof(tmp_buff[0][0])*15*2); CURRENT_POOLS_cnt=tmp_cnt; //Remove LOAD_POOLS and REM_POOLS from CURRENT_POOLS ENDS - char psm_tmp_buff[2]; + char psm_tmp_buff[16] = {0}; // fixed OVERRUN char *l_cParam[1] = {0}; for(iter=0;itervalue, prefix); + if (1 != inet_pton(AF_INET6, p_prefix->value, prefix)) + { + fprintf(stderr, "inet_pton failed\n"); + } memcpy((void *)&tmp_prefix, (void *)prefix, 8); //the first 64 bits of the first sub-prefix #ifdef _CBR_PRODUCT_REQ_ tmp_prefix = helper_ntoh64(&tmp_prefix); // The memcpy is copying in reverse order due to LEndianess @@ -2000,7 +2003,7 @@ STATIC int gen_dibbler_conf(struct serv_ipv6 *si6) } } fprintf(fp, "}\n"); - } //closing bracket of if (strcmp(bridge_mode, "2") || strcmp(dhcpv6s_pool_cfg.interface, "brlan0")) { + } //closing bracket of if (strcmp(bridge_mode, "2") || strcmp(dhcpv6s_pool_cfg.interface, "brlan0")) if (dhcpv6s_pool_cfg.opts != NULL) { free(dhcpv6s_pool_cfg.opts); diff --git a/source/service_routed/service_routed.c b/source/service_routed/service_routed.c index 4a4e8f26..97b22971 100644 --- a/source/service_routed/service_routed.c +++ b/source/service_routed/service_routed.c @@ -935,7 +935,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) char *pStr = NULL; int return_status = PSM_VALUE_GET_STRING(PSM_MESH_WAN_IFNAME,pStr); if(return_status == CCSP_SUCCESS && pStr != NULL){ - strncpy(mesh_wan_ifname,pStr ,sizeof(mesh_wan_ifname)); + snprintf(mesh_wan_ifname, sizeof(mesh_wan_ifname), "%s", pStr); Ansc_FreeMemory_Callback(pStr); pStr = NULL; } @@ -1436,22 +1436,20 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) responsefd = NULL; } syscfg_get( NULL, "redirection_flag", buf, sizeof(buf)); - if( buf != NULL ) - { - if ((strncmp(buf,"true",4) == 0) && iresCode == 204) - { + + if ((strncmp(buf,"true",4) == 0) && iresCode == 204) + { #if defined (_COSA_BCM_MIPS_) #ifdef CISCO_CONFIG_DHCPV6_PREFIX_DELEGATION - // For CBR platform, the captive portal redirection feature was removed - // inWifiCp = 1; + // For CBR platform, the captive portal redirection feature was removed + // inWifiCp = 1; #else - inWifiCp = 1; + inWifiCp = 1; #endif #else inWifiCp = 1; #endif - } - } + } #if defined (_XB6_PROD_REQ_) syscfg_get(NULL, "enableRFCaptivePortal", rfCpEnable, sizeof(rfCpEnable)); if(rfCpEnable != NULL) diff --git a/source/syscfg/cmd/syscfgcmd.c b/source/syscfg/cmd/syscfgcmd.c index 2c33dc7b..9d8aa3c9 100644 --- a/source/syscfg/cmd/syscfgcmd.c +++ b/source/syscfg/cmd/syscfgcmd.c @@ -167,9 +167,15 @@ int main (int argc, char **argv) { size_t sz; long int used_sz = 0, max_sz = 0; - char buf[SYSCFG_SZ]; + char *buf = NULL; - if (syscfg_getall2(buf, sizeof(buf), &sz) == 0) { + buf = malloc(SYSCFG_SZ); + if (NULL == buf) { + printf("Error:Memory allocation failed\n"); + return -1; + } + + if (syscfg_getall2(buf, SYSCFG_SZ, &sz) == 0) { fwrite(buf, 1, sz, stdout); } else { @@ -179,6 +185,7 @@ int main (int argc, char **argv) syscfg_getsz(&used_sz, &max_sz); printf("Used: %ld of %ld\n", used_sz, max_sz); + free(buf); return 0; } diff --git a/source/syscfg/lib/syscfg_lib.c b/source/syscfg/lib/syscfg_lib.c index 8b0d6466..8aea0ff5 100644 --- a/source/syscfg/lib/syscfg_lib.c +++ b/source/syscfg/lib/syscfg_lib.c @@ -166,6 +166,7 @@ static int _syscfg_getall_defaults(void) { perror("mmap failed"); syscfg_default_ht = NULL; + fclose (fp); return -1; } diff --git a/source/sysevent/fork_helper/fork_helper.c b/source/sysevent/fork_helper/fork_helper.c index a983cf26..73aa1bdb 100644 --- a/source/sysevent/fork_helper/fork_helper.c +++ b/source/sysevent/fork_helper/fork_helper.c @@ -752,6 +752,6 @@ int main(int argc, char **argv) } } - deinitialize_system(); + //deinitialize_system(); UNREACHABLE return(0); } diff --git a/source/sysevent/lib/libsysevent.c b/source/sysevent/lib/libsysevent.c index 2ee58baf..9e8d0ca9 100644 --- a/source/sysevent/lib/libsysevent.c +++ b/source/sysevent/lib/libsysevent.c @@ -1781,7 +1781,7 @@ int SE_msg_send (int fd, char *sendmsg) } } -int SE_msg_send_data (int fd, char *sendmsg,int msgsize) +int SE_msg_send_data (int fd, char *sendmsg, unsigned int msgsize) { se_msg_hdr *msg_hdr = (se_msg_hdr *)sendmsg; int fileread = access("/tmp/sysevent_debug", F_OK); @@ -1890,7 +1890,7 @@ int SE_msg_send_receive (int fd, char *sendmsg, char *replymsg, unsigned int *re return(msgtype); } -int SE_msg_send_receive_data (int fd, char *sendmsg, int sendmsg_size, char *replymsg, unsigned int *replymsg_size) +int SE_msg_send_receive_data (int fd, char *sendmsg, unsigned int sendmsg_size, char *replymsg, unsigned int *replymsg_size) { int rc = SE_msg_send_data(fd, sendmsg,sendmsg_size); if (0 != rc) { @@ -3337,14 +3337,15 @@ unsigned int sysevent_get_binmsg_maxsize() if (NULL != fp) { unsigned int value = 0; - if (fscanf(fp, "%u",&value) <= 0) + if (fscanf(fp, "%5u",&value) <= 0) { printf("read error of %s \n",SE_MAX_MSG_DATA_SIZE_READ_FILE); //CID -160978 fclose(fp); return SE_MAX_MSG_DATA_SIZE + 1024; } fclose(fp); - if (value > 0) + // TAINTED_SCALAR value + if ((value > 0) && (value < SE_MAX_MSG_DATA_SIZE)) { return value + 1024 /* additional 1k is headermsg*/; } diff --git a/source/sysevent/lib/libsysevent_internal.h b/source/sysevent/lib/libsysevent_internal.h index 73c3f767..9021127f 100644 --- a/source/sysevent/lib/libsysevent_internal.h +++ b/source/sysevent/lib/libsysevent_internal.h @@ -181,6 +181,6 @@ int SE_msg_send_receive (int fd, char *sendmsg, char *replymsg, unsigned int *re */ char *SE_msg_prepare(char *buf, const unsigned int bufsize, const int mtype, const token_t sender); char *SE_msg_get_data(char *msg, int *size); -int SE_msg_send_data (int fd, char *sendmsg,int msgsize); +int SE_msg_send_data (int fd, char *sendmsg, unsigned int msgsize); int SE_msg_add_data(char *msg, unsigned int size, const char *data, const int data_length); #endif /* __LIB_SYSEVENT_INTERNAL */ diff --git a/source/sysevent/server/clientsMgr.c b/source/sysevent/server/clientsMgr.c index 0d305c7b..6c0b3ee1 100644 --- a/source/sysevent/server/clientsMgr.c +++ b/source/sysevent/server/clientsMgr.c @@ -246,13 +246,13 @@ int CLI_MGR_remove_client_by_fd (const int fd, const token_t id, const int force return(ERR_NOT_INITED); } SE_INC_LOG(MUTEX, - int id = thread_get_id(worker_data_key); - printf("Thread %d Attempting to get mutex: clients\n", id); + int thread_id = thread_get_id(worker_data_key); + printf("Thread %d Attempting to get mutex: clients\n", thread_id); ) pthread_mutex_lock(&global_clients.mutex); SE_INC_LOG(MUTEX, - int id = thread_get_id(worker_data_key); - printf("Thread %d Got mutex: clients\n", id); + int thread_id = thread_get_id(worker_data_key); + printf("Thread %d Got mutex: clients\n", thread_id); ) unsigned int i; @@ -275,8 +275,8 @@ int CLI_MGR_remove_client_by_fd (const int fd, const token_t id, const int force close(fd); SE_INC_LOG(MUTEX, - int id = thread_get_id(worker_data_key); - printf("Thread %d Releasing mutex: clients\n", id); + int thread_id = thread_get_id(worker_data_key); + printf("Thread %d Releasing mutex: clients\n", thread_id); ) pthread_mutex_unlock(&global_clients.mutex); return(0); @@ -286,8 +286,8 @@ int CLI_MGR_remove_client_by_fd (const int fd, const token_t id, const int force // client not found SE_INC_LOG(MUTEX, - int id = thread_get_id(worker_data_key); - printf("Thread %d Releasing mutex: clients\n", id); + int thread_id = thread_get_id(worker_data_key); + printf("Thread %d Releasing mutex: clients\n", thread_id); ) pthread_mutex_unlock(&global_clients.mutex); return(ERR_UNKNOWN_CLIENT); @@ -309,13 +309,13 @@ int CLI_MGR_id2fd (token_t id) return(ERR_NOT_INITED); } SE_INC_LOG(MUTEX, - int id = thread_get_id(worker_data_key); - printf("Thread %d Attempting to get mutex: clients\n", id); + int thread_id = thread_get_id(worker_data_key); + printf("Thread %d Attempting to get mutex: clients\n", thread_id); ) pthread_mutex_lock(&global_clients.mutex); SE_INC_LOG(MUTEX, - int id = thread_get_id(worker_data_key); - printf("Thread %d Got mutex: clients\n", id); + int thread_id = thread_get_id(worker_data_key); + printf("Thread %d Got mutex: clients\n", thread_id); ) unsigned int i; @@ -323,8 +323,8 @@ int CLI_MGR_id2fd (token_t id) if (0 != (global_clients.clients[i]).used) { if (id == (global_clients.clients[i]).id) { SE_INC_LOG(MUTEX, - int id = thread_get_id(worker_data_key); - printf("Thread %d Releasing mutex: clients\n", id); + int thread_id = thread_get_id(worker_data_key); + printf("Thread %d Releasing mutex: clients\n", thread_id); ) pthread_mutex_unlock(&global_clients.mutex); return((global_clients.clients[i]).fd); @@ -332,8 +332,8 @@ int CLI_MGR_id2fd (token_t id) } } SE_INC_LOG(MUTEX, - int id = thread_get_id(worker_data_key); - printf("Thread %d Releasing mutex: clients\n", id); + int thread_id = thread_get_id(worker_data_key); + printf("Thread %d Releasing mutex: clients\n", thread_id); ) pthread_mutex_unlock(&global_clients.mutex); return(0); diff --git a/source/sysevent/server/dataMgr.c b/source/sysevent/server/dataMgr.c index 7a8fd722..0b46972a 100644 --- a/source/sysevent/server/dataMgr.c +++ b/source/sysevent/server/dataMgr.c @@ -352,9 +352,6 @@ static data_element_t *get_data_element(const char *name) } } // take possession of the new data element - if (NULL == de_ptr) { - return(NULL); - } de_ptr->used = 1; de_ptr->name = sysevent_strdup(local_name, __FILE__, __LINE__); if (NULL == de_ptr->name) { @@ -488,9 +485,6 @@ static data_element_t *set_unique_data_element(const char *name) } // take possession of the new data element - if (NULL == de_ptr) { - return(NULL); - } de_ptr->used = 1; char unique_name_buf[512]; unique_counter++; @@ -602,14 +596,17 @@ static int get_next_unique_data_element_iterator(const char *name, unsigned int } unsigned int i; - for (i=iterator+1; iused && NULL != cur_element->name && 0 == strncasecmp(local_name, cur_element->name, strlen(local_name))) { - return(i); - } + if (0 != cur_element->used && NULL != cur_element->name && 0 == strncasecmp(local_name, cur_element->name, strlen(local_name))) { + return(i); + } + } } // not found @@ -1126,9 +1123,6 @@ int DATA_MGR_set_bin(char *name, char *value, int val_length, int source, int ti local_value = NULL; } else { local_value = value; - if (NULL == local_value) { - return(ERR_ALLOC_MEM); - } } if (0 == fileret) diff --git a/source/sysevent/server/syseventd_main.c b/source/sysevent/server/syseventd_main.c index 08e2fabf..e8c8d0d8 100644 --- a/source/sysevent/server/syseventd_main.c +++ b/source/sysevent/server/syseventd_main.c @@ -1221,36 +1221,36 @@ int main (int argc, char **argv) */ FILE *fp = fopen(SE_SERVER_PID_FILE, "r"); if (NULL != fp) { - int old_pid; - /* CID 60917:Unchecked return value from library */ - if((ret = fscanf(fp, "%d", &old_pid)) <= 0 ) - { - printf("read error of %s\n",SE_SERVER_PID_FILE); - } - fclose(fp); - - // see if the process is still alive - char filename[500]; - snprintf(filename, sizeof(filename), "/proc/%d/cmdline", old_pid); - fp = fopen(filename, "r"); - if (NULL == fp) { - printf("We are dead but have an old pid file. Cleaning up\n"); - unlink(SE_SERVER_PID_FILE); - } else { - char cmdline[500]; - if ((ret = fscanf(fp, "%s", cmdline)) <= 0) - { - printf("read error of %s\n",filename); - } - fclose(fp); - if (NULL == strstr(cmdline, argv[0])) { - printf("Our pid has been taken over. We are dead. Cleaning up\n"); - unlink(SE_SERVER_PID_FILE); - } else { - printf("We are alive and well. Ignoring start command\n"); - return(0); - } - } + int old_pid; + /* CID 60917:Unchecked return value from library */ + if((ret = fscanf(fp, "%d", &old_pid)) <= 0 ) + { + printf("read error of %s\n",SE_SERVER_PID_FILE); + } + fclose(fp); + + // see if the process is still alive + char filename[500]; + snprintf(filename, sizeof(filename), "/proc/%d/cmdline", old_pid); + fp = fopen(filename, "r"); + if (NULL == fp) { + printf("We are dead but have an old pid file. Cleaning up\n"); + unlink(SE_SERVER_PID_FILE); + } else { + char cmdline[500]; + if ((ret = fscanf(fp, "%499s", cmdline)) <= 0) + { + printf("read error of %s\n",filename); + } + fclose(fp); + if (NULL == strstr(cmdline, argv[0])) { + printf("Our pid has been taken over. We are dead. Cleaning up\n"); + unlink(SE_SERVER_PID_FILE); + } else { + printf("We are alive and well. Ignoring start command\n"); + return(0); + } + } } @@ -1360,7 +1360,12 @@ int main (int argc, char **argv) // start the sanity thread pthread_t sanity_thread_id; pthread_attr_setstacksize(&thread_attr, SANITY_THREAD_STACK_SIZE); - pthread_create(&sanity_thread_id, &thread_attr, sanity_thread_main, (void *)NULL); + if (0 != pthread_create(&sanity_thread_id, &thread_attr, sanity_thread_main, (void *)NULL)) + { + SE_INC_LOG(ERROR, + printf("Unable to create sanity thread. (%d) %s. ", errno, strerror(errno)); + ) + } // all that this main thread does is listen on a well known port for // clients to register. And when they do, set them up in the clients diff --git a/source/sysevent/server/triggerMgr.c b/source/sysevent/server/triggerMgr.c index 9f30da61..9f09774e 100644 --- a/source/sysevent/server/triggerMgr.c +++ b/source/sysevent/server/triggerMgr.c @@ -334,7 +334,7 @@ static int prepare_action_type_function_msg (se_buffer buffer, int trigger_id, t return(0); } -static int prepare_action_type_function_msg_data (char *buffer, int buf_length, int trigger_id, trigger_action_t *action, +static int prepare_action_type_function_msg_data (char *buffer, unsigned int buf_length, int trigger_id, trigger_action_t *action, const char* const name, const char* const value,const int value_length) { // figure out how much space the se_msg_strings will take @@ -469,7 +469,7 @@ static int prepare_action_type_message_msg (se_buffer buffer, const int trigger_ return(0); } -static int prepare_action_type_message_msg_data (char* buffer, const int buf_length, const int trigger_id, trigger_action_t *action, const char* const name, const char* const value, const int value_length, const int source, const int tid) +static int prepare_action_type_message_msg_data (char* buffer, const unsigned int buf_length, const int trigger_id, trigger_action_t *action, const char* const name, const char* const value, const int value_length, const int source, const int tid) { // if the action owner has disconnected, then there is no need to send this message diff --git a/source/utapi/lib/tr181_util.c b/source/utapi/lib/tr181_util.c index 0af51999..c7939dca 100644 --- a/source/utapi/lib/tr181_util.c +++ b/source/utapi/lib/tr181_util.c @@ -100,9 +100,9 @@ int file_parse(char* file_name, param_node **head) } if(name&& val){ - strncpy(node->param_name, name, strlen(name)); + strncpy(node->param_name, name, strlen(name)); // no STRING_OVERFLOW name points to line that is of 1024 length node->param_name[strlen(name)] = '\0'; - strncpy(node->param_val, val, strlen(val)); + strncpy(node->param_val, val, strlen(val)); // no STRING_OVERFLOW val points to line that is of 1024 length node->param_val[strlen(val)] = '\0'; }else{ free(node); diff --git a/source/utapi/lib/utapi.c b/source/utapi/lib/utapi.c index e94c64e0..8581419a 100644 --- a/source/utapi/lib/utapi.c +++ b/source/utapi/lib/utapi.c @@ -494,7 +494,7 @@ int Utopia_UnsetDHCPServerStaticHosts (UtopiaContext *ctx) if (count > 0) { int i; for (i = 0; i < count; i++) { - Utopia_UnsetIndexed(ctx, UtopiaValue_DHCP_StaticHost, i + 1); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_DHCP_StaticHost, i + 1); } UTOPIA_SETINT(ctx, UtopiaValue_DHCP_NumStaticHosts, 0); } @@ -1878,13 +1878,12 @@ int Utopia_GetStaticRouteTable (int *count, routeStatic_t **out_sroute) return UT_SUCCESS; } - sroute = (routeStatic_t *) malloc(sizeof(routeStatic_t) * (*count)); + sroute = (routeStatic_t *) calloc((size_t)(*count), sizeof(routeStatic_t)); if (NULL == sroute) { fclose(fp);/*RDKB-7128, CID-33470, free unused resources before exit*/ return ERR_INSUFFICIENT_MEM; } - bzero(sroute, sizeof(routeStatic_t) * (*count)); - + memset(sroute, 0, (size_t)(*count) * sizeof(routeStatic_t)); // Seek to beginning of file fseek(fp, 0, SEEK_SET); @@ -1979,9 +1978,9 @@ static const char *s_blockssl = "blockssl"; static int setFWBlockingRule (UtopiaContext *ctx, int w2l_rule_index, const char *ns, const char *name, const char *result) { - Utopia_SetIndexed(ctx, UtopiaValue_FW_W2LWellKnown, w2l_rule_index, (char *) ns); - Utopia_SetIndexed(ctx, UtopiaValue_FW_W2LWK_Name, w2l_rule_index, (char *) name); - Utopia_SetIndexed(ctx, UtopiaValue_FW_W2LWK_Result, w2l_rule_index, (char *) result); + UTOPIA_SETINDEXED_NORETURN(ctx, UtopiaValue_FW_W2LWellKnown, w2l_rule_index, (char *) ns); + UTOPIA_SETINDEXED_NORETURN(ctx, UtopiaValue_FW_W2LWK_Name, w2l_rule_index, (char *) name); + UTOPIA_SETINDEXED_NORETURN(ctx, UtopiaValue_FW_W2LWK_Result, w2l_rule_index, (char *) result); return SUCCESS; } @@ -1989,9 +1988,9 @@ static int setFWBlockingRule (UtopiaContext *ctx, int w2l_rule_index, #if 0 static int unsetFWBlockingRule (UtopiaContext *ctx, int w2l_rule_index) { - Utopia_UnsetIndexed(ctx, UtopiaValue_FW_W2LWK_Name, w2l_rule_index); - Utopia_UnsetIndexed(ctx, UtopiaValue_FW_W2LWK_Result, w2l_rule_index); - Utopia_UnsetIndexed(ctx, UtopiaValue_FW_W2LWellKnown, w2l_rule_index); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_FW_W2LWK_Name, w2l_rule_index); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_FW_W2LWK_Result, w2l_rule_index); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_FW_W2LWellKnown, w2l_rule_index); return SUCCESS; } @@ -4411,7 +4410,7 @@ static int s_setiap (UtopiaContext *ctx, int index, iap_entry_t *iap) int wkappcount = 0, appcount = 0; - Utopia_UnsetIndexed(ctx, UtopiaValue_IAP_BlockPing, index); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_IAP_BlockPing, index); if (iap->block.app_count > 0) { appentry_t *app = iap->block.app_list; if (app) { @@ -6733,8 +6732,15 @@ int Utopia_Get_BYOI_Current_Provider(UtopiaContext *ctx, hsdStatus_t *hsdStatus sysevent_get(se_fd, se_token, "current_hsd_mode", buf, sizeof(buf)); int status = s_StrToEnum(g_hsdStatus, buf); - *hsdStatus = status; - + if( -1 == status ) + { + *hsdStatus = NONE; + } + else + { + *hsdStatus = status; + } + return UT_SUCCESS; } @@ -6913,7 +6919,7 @@ int Utopia_Set_DeviceTime_Enable(UtopiaContext *ctx, unsigned char enable) return ERR_UTCTX_INIT; } val = (FALSE == enable) ? 0 : 1 ; - Utopia_SetInt(ctx,UtopiaValue_NTP_Enabled,val); + UTOPIA_SETINT_NORETURN(ctx,UtopiaValue_NTP_Enabled,val); return SUCCESS; } @@ -6938,7 +6944,7 @@ int Utopia_Set_DeviceTime_DaylightEnable(UtopiaContext *ctx, unsigned char enabl return ERR_UTCTX_INIT; } val = (FALSE == enable) ? 0 : 1 ; - Utopia_SetInt(ctx,UtopiaValue_NTP_DaylightEnable,val); + UTOPIA_SETINT_NORETURN(ctx,UtopiaValue_NTP_DaylightEnable,val); return SUCCESS; } @@ -7343,7 +7349,7 @@ int Utopia_set_lan_host_comments(UtopiaContext *ctx, unsigned char *pMac, unsign } if(index1 == count){ Utopia_UnsetNamed(ctx, UtopiaValue_USGv2_Lan_Clients_Mac, macStr1); - Utopia_UnsetIndexed(ctx, UtopiaValue_USGv2_Lan_Clients, index1); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_USGv2_Lan_Clients, index1); }else{/*user the last one to replace index1*/ macStr2[0] = 0; Utopia_GetIndexedKey(ctx, UtopiaValue_USGv2_Lan_Clients, count, macStr2, sizeof(macStr2)); @@ -7358,22 +7364,22 @@ int Utopia_set_lan_host_comments(UtopiaContext *ctx, unsigned char *pMac, unsign if (0 == Utopia_SetNamed(ctx, UtopiaValue_USGv2_Lan_Clients_Mac, macStr2, (char *)buffer)) { ulogf(ULOG_CONFIG, UL_UTAPI, "%s: Utopia_SetNamed failed:%d ", __FUNCTION__,index1); } - Utopia_SetIndexed(ctx, UtopiaValue_USGv2_Lan_Clients, index1, macStr2); - Utopia_UnsetIndexed(ctx, UtopiaValue_USGv2_Lan_Clients, count); + UTOPIA_SETINDEXED_NORETURN(ctx, UtopiaValue_USGv2_Lan_Clients, index1, macStr2); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_USGv2_Lan_Clients, count); } - Utopia_SetInt(ctx, UtopiaValue_USGv2_Lan_Clients_Count, count-1); + UTOPIA_SETINT_NORETURN(ctx, UtopiaValue_USGv2_Lan_Clients_Count, count-1); }else{ if(strlen(pComments) >= 64) return(ERR_INVALID_ARGS); if(index1 <= 0){/*a new one*/ - Utopia_SetIndexed(ctx, UtopiaValue_USGv2_Lan_Clients, count+1, macStr1); + UTOPIA_SETINDEXED_NORETURN(ctx, UtopiaValue_USGv2_Lan_Clients, count+1, macStr1); snprintf(buffer, sizeof(buffer),"%d+%s",count+1,pComments); /* CID 62086: Unchecked return value */ if (0 == Utopia_SetNamed(ctx, UtopiaValue_USGv2_Lan_Clients_Mac, macStr1, (char *)buffer)) { ulogf(ULOG_CONFIG, UL_UTAPI, "%s: Utopia_SetNamed failed:%d ", __FUNCTION__, index1); } - Utopia_SetInt(ctx, UtopiaValue_USGv2_Lan_Clients_Count, count+1); + UTOPIA_SETINT_NORETURN(ctx, UtopiaValue_USGv2_Lan_Clients_Count, count+1); }else{ snprintf(buffer, sizeof(buffer),"%d+%s",index1,pComments); /* CID 62086: Unchecked return value */ @@ -7696,14 +7702,14 @@ int Utopia_SetDynamicDnsClientByIndex(UtopiaContext *ctx, unsigned long ulIndex, int index = ulIndex + 1; snprintf(tokenbuf, sizeof(tokenbuf), "arddnsclient_%d", index); - Utopia_SetIndexed(ctx, UtopiaValue_DynamicDnsClient, index, tokenbuf); + UTOPIA_SETINDEXED_NORETURN(ctx, UtopiaValue_DynamicDnsClient, index, tokenbuf); Utopia_SetIndexedInt(ctx, UtopiaValue_DynamicDnsClient_InsNum, index, DynamicDnsClient->InstanceNumber); - Utopia_SetIndexed(ctx, UtopiaValue_DynamicDnsClient_Alias, index, (char*)DynamicDnsClient->Alias); + UTOPIA_SETINDEXED_NORETURN(ctx, UtopiaValue_DynamicDnsClient_Alias, index, (char*)DynamicDnsClient->Alias); Utopia_SetIndexedBool(ctx, UtopiaValue_DynamicDnsClient_Enable, index, DynamicDnsClient->Enable); - Utopia_SetIndexed(ctx, UtopiaValue_DynamicDnsClient_Username, index, (char *)DynamicDnsClient->Username); - Utopia_SetIndexed(ctx, UtopiaValue_DynamicDnsClient_Password, index, (char *)DynamicDnsClient->Password); - Utopia_SetIndexed(ctx, UtopiaValue_DynamicDnsClient_Server, index, (char *)DynamicDnsClient->Server); + UTOPIA_SETINDEXED_NORETURN(ctx, UtopiaValue_DynamicDnsClient_Username, index, (char *)DynamicDnsClient->Username); + UTOPIA_SETINDEXED_NORETURN(ctx, UtopiaValue_DynamicDnsClient_Password, index, (char *)DynamicDnsClient->Password); + UTOPIA_SETINDEXED_NORETURN(ctx, UtopiaValue_DynamicDnsClient_Server, index, (char *)DynamicDnsClient->Server); return 0; } @@ -7712,7 +7718,7 @@ int Utopia_SetDynamicDnsClientInsAndAliasByIndex(UtopiaContext *ctx, unsigned lo { int index = ulIndex+1; Utopia_SetIndexedInt(ctx, UtopiaValue_DynamicDnsClient_InsNum, index, ins); - Utopia_SetIndexed(ctx, UtopiaValue_DynamicDnsClient_Alias, index, (char*)alias); + UTOPIA_SETINDEXED_NORETURN(ctx, UtopiaValue_DynamicDnsClient_Alias, index, (char*)alias); return 0; } @@ -7723,7 +7729,7 @@ int Utopia_AddDynamicDnsClient(UtopiaContext *ctx, const DynamicDnsClient_t *Dyn Utopia_GetNumberOfDynamicDnsClient(ctx, &index); g_DynamicDnsClientCount++; - Utopia_SetInt(ctx, UtopiaValue_DynamicDnsClientCount, g_DynamicDnsClientCount); + UTOPIA_SETINT_NORETURN(ctx, UtopiaValue_DynamicDnsClientCount, g_DynamicDnsClientCount); Utopia_SetDynamicDnsClientByIndex(ctx, index, DynamicDnsClient); @@ -7759,14 +7765,14 @@ int Utopia_DelDynamicDnsClient(UtopiaContext *ctx, unsigned long ins) Utopia_SetDynamicDnsClientByIndex(ctx, index, &DynamicDnsClient); } } - Utopia_UnsetIndexed(ctx, UtopiaValue_DynamicDnsClient_InsNum, count); - Utopia_UnsetIndexed(ctx, UtopiaValue_DynamicDnsClient_Enable, count); - Utopia_UnsetIndexed(ctx, UtopiaValue_DynamicDnsClient_Alias, count); - Utopia_UnsetIndexed(ctx, UtopiaValue_DynamicDnsClient_Username, count); - Utopia_UnsetIndexed(ctx, UtopiaValue_DynamicDnsClient_Password, count); - Utopia_UnsetIndexed(ctx, UtopiaValue_DynamicDnsClient_Server, count); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_DynamicDnsClient_InsNum, count); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_DynamicDnsClient_Enable, count); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_DynamicDnsClient_Alias, count); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_DynamicDnsClient_Username, count); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_DynamicDnsClient_Password, count); + UTOPIA_UNSETINDEXED_NORETURN(ctx, UtopiaValue_DynamicDnsClient_Server, count); g_DynamicDnsClientCount--; - Utopia_SetInt(ctx, UtopiaValue_DynamicDnsClientCount, g_DynamicDnsClientCount); + UTOPIA_SETINT_NORETURN(ctx, UtopiaValue_DynamicDnsClientCount, g_DynamicDnsClientCount); return 0; } diff --git a/source/utapi/lib/utapi_moca.c b/source/utapi/lib/utapi_moca.c index a31ae9c8..cc3e042c 100644 --- a/source/utapi/lib/utapi_moca.c +++ b/source/utapi/lib/utapi_moca.c @@ -141,7 +141,7 @@ int Utopia_SetMocaIntf_Cfg(UtopiaContext *pCtx, void *str_handle) char buf[64] = {'\0'}; char key_val[64] = {'\0'}; errno_t rc = -1; - + if (!pCtx || !str_handle) { ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: Invalid Input Parameter", __FUNCTION__); return ERR_INVALID_ARGS; @@ -151,10 +151,16 @@ int Utopia_SetMocaIntf_Cfg(UtopiaContext *pCtx, void *str_handle) iVal = (deviceMocaIntfCfg->Enable == FALSE)? 0:1; if(iVal == 1){ v_secure_system("mocacfg moca up"); - Utopia_Set(pCtx, UtopiaValue_Moca_Enable, "up"); + if(0 == Utopia_Set(pCtx, UtopiaValue_Moca_Enable, "up")) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: failed to set up", __FUNCTION__); + } }else{ - v_secure_system("mocacfg moca down"); - Utopia_Set(pCtx, UtopiaValue_Moca_Enable, "down"); + v_secure_system("mocacfg moca down"); + if(0 == Utopia_Set(pCtx, UtopiaValue_Moca_Enable, "down")) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: failed to set down", __FUNCTION__); + } } if(deviceMocaIntfCfg->PreferredNC == FALSE) @@ -167,7 +173,10 @@ int Utopia_SetMocaIntf_Cfg(UtopiaContext *pCtx, void *str_handle) rc = strcpy_s(buf, sizeof(buf), "master"); ERR_CHK(rc); } - Utopia_Set(pCtx, UtopiaValue_Moca_PreferredNC, buf); + if(0 == Utopia_Set(pCtx, UtopiaValue_Moca_PreferredNC, buf)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: failed to set preferredNC", __FUNCTION__); + } v_secure_system("mocacfg -s moca nc %s", buf); if(deviceMocaIntfCfg->PrivacyEnabledSetting == FALSE) @@ -180,43 +189,61 @@ int Utopia_SetMocaIntf_Cfg(UtopiaContext *pCtx, void *str_handle) rc = strcpy_s(buf, sizeof(buf), "enable"); ERR_CHK(rc); } - Utopia_Set(pCtx, UtopiaValue_Moca_PrivEnabledSet, buf); + if(0 == Utopia_Set(pCtx, UtopiaValue_Moca_PrivEnabledSet, buf)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: failed to set privacyEn", __FUNCTION__); + } v_secure_system("mocacfg -s moca privacy %s", buf); - Utopia_Set(pCtx, UtopiaValue_Moca_Alias, deviceMocaIntfCfg->Alias); + if(0 == Utopia_Set(pCtx, UtopiaValue_Moca_Alias, deviceMocaIntfCfg->Alias)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: failed to set Alias", __FUNCTION__); + } rc = sprintf_s(buf, sizeof(buf), "%02X%02X%02X%02X%02X%02X%02X%02X", - deviceMocaIntfCfg->FreqCurrentMaskSetting[0], - deviceMocaIntfCfg->FreqCurrentMaskSetting[1], - deviceMocaIntfCfg->FreqCurrentMaskSetting[2], - deviceMocaIntfCfg->FreqCurrentMaskSetting[3], - deviceMocaIntfCfg->FreqCurrentMaskSetting[4], - deviceMocaIntfCfg->FreqCurrentMaskSetting[5], - deviceMocaIntfCfg->FreqCurrentMaskSetting[6], - deviceMocaIntfCfg->FreqCurrentMaskSetting[7]); + deviceMocaIntfCfg->FreqCurrentMaskSetting[0], + deviceMocaIntfCfg->FreqCurrentMaskSetting[1], + deviceMocaIntfCfg->FreqCurrentMaskSetting[2], + deviceMocaIntfCfg->FreqCurrentMaskSetting[3], + deviceMocaIntfCfg->FreqCurrentMaskSetting[4], + deviceMocaIntfCfg->FreqCurrentMaskSetting[5], + deviceMocaIntfCfg->FreqCurrentMaskSetting[6], + deviceMocaIntfCfg->FreqCurrentMaskSetting[7]); if(rc < EOK) { ERR_CHK(rc); } buf[16] = '\0'; - Utopia_Set(pCtx, UtopiaValue_Moca_FreqCurMaskSet, buf); + if(0 == Utopia_Set(pCtx, UtopiaValue_Moca_FreqCurMaskSet, buf)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: failed to set freq mask", __FUNCTION__); + } Utopia_RawSet(pCtx, NULL, "FreqMode", "manual"); v_secure_system("mocacfg -s moca fmode manual"); v_secure_system("mocacfg -s moca fplan 0x%s", buf); - Utopia_Set(pCtx, UtopiaValue_Moca_KeyPassPhrase, deviceMocaIntfCfg->KeyPassphrase); + if (0 == Utopia_Set(pCtx, UtopiaValue_Moca_KeyPassPhrase, deviceMocaIntfCfg->KeyPassphrase)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: failed to set keyPassPhrase", __FUNCTION__); + } v_secure_system("mocacfg -s moca ppassword %s", deviceMocaIntfCfg->KeyPassphrase); - - Utopia_SetInt(pCtx, UtopiaValue_Moca_TxPowerLimit, deviceMocaIntfCfg->TxPowerLimit); + + if(0 != Utopia_SetInt(pCtx, UtopiaValue_Moca_TxPowerLimit, deviceMocaIntfCfg->TxPowerLimit)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: failed Utopia_SetInt", __FUNCTION__); + } rc = sprintf_s(key_val, sizeof(key_val), "%lu", deviceMocaIntfCfg->TxPowerLimit); if(rc < EOK) { ERR_CHK(rc); } - + v_secure_system("mocacfg -s moca maxtxpower %s", key_val); - Utopia_SetInt(pCtx, UtopiaValue_Moca_PwrCntlPhyTarget, deviceMocaIntfCfg->PowerCntlPhyTarget); + if (SUCCESS != Utopia_SetInt(pCtx, UtopiaValue_Moca_PwrCntlPhyTarget, deviceMocaIntfCfg->PowerCntlPhyTarget)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: failed Utopia_SetInt", __FUNCTION__); + } rc = sprintf_s(key_val, sizeof(key_val), "%lu", deviceMocaIntfCfg->PowerCntlPhyTarget); if(rc < EOK) { @@ -224,13 +251,17 @@ int Utopia_SetMocaIntf_Cfg(UtopiaContext *pCtx, void *str_handle) } v_secure_system("mocacfg -s moca phyrate %s", key_val); - Utopia_SetInt(pCtx, UtopiaValue_Moca_BeaconPwrLimit, deviceMocaIntfCfg->BeaconPowerLimit); + if (SUCCESS != Utopia_SetInt(pCtx, UtopiaValue_Moca_BeaconPwrLimit, deviceMocaIntfCfg->BeaconPowerLimit)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: failed Utopia_SetInt", __FUNCTION__); + } + rc = sprintf_s(key_val, sizeof(key_val), "%lu", deviceMocaIntfCfg->BeaconPowerLimit); if(rc < EOK) { ERR_CHK(rc); } - + v_secure_system("mocacfg -s moca bbackoff %s", key_val); return UT_SUCCESS; diff --git a/source/utapi/lib/utapi_tr_dhcp.c b/source/utapi/lib/utapi_tr_dhcp.c index 33638f32..087947db 100644 --- a/source/utapi/lib/utapi_tr_dhcp.c +++ b/source/utapi/lib/utapi_tr_dhcp.c @@ -388,7 +388,7 @@ int Utopia_ValidateLanDhcpPoolRange(UtopiaContext *ctx, const unsigned long mina IsBroadcast(maxaddr, lan_ip, lan_netmask) || IsNetworkAddr(maxaddr, lan_ip, lan_netmask)|| !IsSameNetwork(maxaddr, lan_ip, lan_netmask)|| - minaddr == lan_ip){ + maxaddr == lan_ip){ return ERR_INVALID_PORT_RANGE; } @@ -782,23 +782,29 @@ int Utopia_DelDhcp4SPool_SAddress(UtopiaContext *ctx, unsigned long ulPoolInstan count = count - 1; /* InstanceNumber deletion */ UTOPIA_SETINT(ctx, UtopiaValue_DHCP_NumStaticHosts, count); - Utopia_UnsetIndexed(ctx, UtopiaValue_DHCP_StaticHost, ulIndex + 1); + if(0 == Utopia_UnsetIndexed(ctx, UtopiaValue_DHCP_StaticHost, ulIndex + 1)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: Utopia_UnsetIndexed failed !!!", __FUNCTION__); + } if(count != 0) { - ulIndex++; - for(;ulIndex <= count; ulIndex++) - { - Utopia_GetDhcpV4SPool_SAddressByIndex(ctx,ulIndex,&sAddr); - Utopia_GetIndexedInt(ctx,UtopiaValue_DHCP_StaticHost_InsNum,ulIndex + 1, (int *)&sAddr.InstanceNumber); - Utopia_GetIndexed(ctx,UtopiaValue_DHCP_StaticHost_Alias,ulIndex + 1, (char *)&sAddr.Alias, sizeof(sAddr.Alias)); - - g_IndexMapStaticAddr[sAddr.InstanceNumber] = ulIndex - 1; - - Utopia_SetDhcpV4SPool_SAddress(ctx,ulPoolInstanceNumber,&sAddr); - Utopia_SetIndexedInt(ctx, UtopiaValue_DHCP_StaticHost_InsNum, ulIndex ,sAddr.InstanceNumber); - UTOPIA_SETINDEXED(ctx, UtopiaValue_DHCP_StaticHost_Alias, ulIndex , sAddr.Alias); + ulIndex++; + for(;ulIndex <= count; ulIndex++) + { + Utopia_GetDhcpV4SPool_SAddressByIndex(ctx,ulIndex,&sAddr); + Utopia_GetIndexedInt(ctx,UtopiaValue_DHCP_StaticHost_InsNum,ulIndex + 1, (int *)&sAddr.InstanceNumber); + Utopia_GetIndexed(ctx,UtopiaValue_DHCP_StaticHost_Alias,ulIndex + 1, (char *)&sAddr.Alias, sizeof(sAddr.Alias)); + + g_IndexMapStaticAddr[sAddr.InstanceNumber] = ulIndex - 1; + + Utopia_SetDhcpV4SPool_SAddress(ctx,ulPoolInstanceNumber,&sAddr); + Utopia_SetIndexedInt(ctx, UtopiaValue_DHCP_StaticHost_InsNum, ulIndex ,sAddr.InstanceNumber); + UTOPIA_SETINDEXED(ctx, UtopiaValue_DHCP_StaticHost_Alias, ulIndex , sAddr.Alias); + } + if (0 == Utopia_UnsetIndexed(ctx, UtopiaValue_DHCP_StaticHost,ulIndex)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: Utopia_UnsetIndexed failed !!!", __FUNCTION__); } - Utopia_UnsetIndexed(ctx, UtopiaValue_DHCP_StaticHost,ulIndex); } return SUCCESS; } @@ -825,7 +831,10 @@ int Utopia_SetDhcpV4SPool_SAddress(UtopiaContext *ctx, unsigned long ulPoolInsta if(0 == pSAddr_t->InstanceNumber) return ERR_INVALID_ARGS; ulIndex = g_IndexMapStaticAddr[pSAddr_t->InstanceNumber]; - Utopia_UnsetIndexed(ctx, UtopiaValue_DHCP_StaticHost, ulIndex + 1); + if (0 == Utopia_UnsetIndexed(ctx, UtopiaValue_DHCP_StaticHost, ulIndex + 1)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: Utopia_UnsetIndexed failed !!!", __FUNCTION__); + } addrVal.s_addr = pSAddr_t->Yiaddr.Value; rc = strcpy_s(strVal,sizeof(strVal),inet_ntoa(addrVal)); ERR_CHK(rc); diff --git a/source/utapi/lib/utapi_tr_wlan.c b/source/utapi/lib/utapi_tr_wlan.c index 8f8cdb6e..e980a1d8 100755 --- a/source/utapi/lib/utapi_tr_wlan.c +++ b/source/utapi/lib/utapi_tr_wlan.c @@ -1340,39 +1340,45 @@ int Utopia_AddWifiSSID(UtopiaContext *ctx, void *entry) if(i == count){ /* We found an empty SSID */ g_IndexMapSSID[cfg_t.InstanceNumber] = count; count += 1; /* Increment the count */ - Utopia_SetInt(ctx,UtopiaValue_WLAN_SSID_Num,count); + if(SUCCESS != Utopia_SetInt(ctx,UtopiaValue_WLAN_SSID_Num,count)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: Utopia_SetInt failed !!!", __FUNCTION__); + } allocateMultiSSID_Struct(i); /* Fill in the wifiTRPlatform_multiSSID */ if( 0 == strncmp(cfg_t.WiFiRadioName,"wl0",3)) { - wifiTRPlatform_multiSSID[i].interface = FREQ_2_4_GHZ; - safec_rc = strcpy_s(wifiTRPlatform_multiSSID[i].ifconfig_interface, STR_SZ,"eth0"); - ERR_CHK(safec_rc); - }else if (0 == strncmp(cfg_t.WiFiRadioName,"wl1",3)) { - wifiTRPlatform_multiSSID[i].interface = FREQ_5_GHZ; - safec_rc = strcpy_s(wifiTRPlatform_multiSSID[i].ifconfig_interface, STR_SZ,"eth1"); - ERR_CHK(safec_rc); - } - safec_rc = strcpy_s(wifiTRPlatform_multiSSID[i].syscfg_namespace_prefix, STR_SZ,cfg_t.WiFiRadioName); - ERR_CHK(safec_rc); - safec_rc = sprintf_s(wifiTRPlatform_multiSSID[i].ssid_name, STR_SZ,"SSID%d",i); - if(safec_rc < EOK){ - ERR_CHK(safec_rc); - } - safec_rc = sprintf_s(wifiTRPlatform_multiSSID[i].ap_name, STR_SZ,"ap%d",i); - if(safec_rc < EOK){ - ERR_CHK(safec_rc); - } - /* Set the Instance Number in syscfg */ - Utopia_SetNamedInt(ctx,UtopiaValue_WLAN_SSID_Instance_Num,wifiTRPlatform_multiSSID[i].ssid_name,cfg_t.InstanceNumber); - /* Set Radio for this index */ - Utopia_SetIndexed(ctx,UtopiaValue_WLAN_SSID_Radio,i,cfg_t.WiFiRadioName); - /* Call SetCfg to set other parameters */ - Utopia_SetWifiSSIDCfg(ctx,&cfg_t); - /* Get the static and dynamic info */ - Utopia_GetWifiSSIDSInfo(i, &(entry_t->StaticInfo)); - Utopia_GetIndexedWifiSSIDDInfo(ctx, i, &(entry_t->DynamicInfo)); - - return SUCCESS; + wifiTRPlatform_multiSSID[i].interface = FREQ_2_4_GHZ; + safec_rc = strcpy_s(wifiTRPlatform_multiSSID[i].ifconfig_interface, STR_SZ,"eth0"); + ERR_CHK(safec_rc); + }else if (0 == strncmp(cfg_t.WiFiRadioName,"wl1",3)) { + wifiTRPlatform_multiSSID[i].interface = FREQ_5_GHZ; + safec_rc = strcpy_s(wifiTRPlatform_multiSSID[i].ifconfig_interface, STR_SZ,"eth1"); + ERR_CHK(safec_rc); + } + safec_rc = strcpy_s(wifiTRPlatform_multiSSID[i].syscfg_namespace_prefix, STR_SZ,cfg_t.WiFiRadioName); + ERR_CHK(safec_rc); + safec_rc = sprintf_s(wifiTRPlatform_multiSSID[i].ssid_name, STR_SZ,"SSID%d",i); + if(safec_rc < EOK){ + ERR_CHK(safec_rc); + } + safec_rc = sprintf_s(wifiTRPlatform_multiSSID[i].ap_name, STR_SZ,"ap%d",i); + if(safec_rc < EOK){ + ERR_CHK(safec_rc); + } + /* Set the Instance Number in syscfg */ + Utopia_SetNamedInt(ctx,UtopiaValue_WLAN_SSID_Instance_Num,wifiTRPlatform_multiSSID[i].ssid_name,cfg_t.InstanceNumber); + /* Set Radio for this index */ + if(0 == Utopia_SetIndexed(ctx,UtopiaValue_WLAN_SSID_Radio,i,cfg_t.WiFiRadioName)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: Utopia_SetIndexed failed !!!", __FUNCTION__); + } + /* Call SetCfg to set other parameters */ + Utopia_SetWifiSSIDCfg(ctx,&cfg_t); + /* Get the static and dynamic info */ + Utopia_GetWifiSSIDSInfo(i, &(entry_t->StaticInfo)); + Utopia_GetIndexedWifiSSIDDInfo(ctx, i, &(entry_t->DynamicInfo)); + + return SUCCESS; } append[0] = '\0'; /* Reset the RadioName to original value */ @@ -1416,24 +1422,27 @@ int Utopia_DelWifiSSID(UtopiaContext *ctx, unsigned long ulInstanceNumber) if(count > STATIC_SSID_COUNT) /* Required only if we have dynamic SSIDs */ { - for(;ulIndex < count; ulIndex++) - { - /* Move the array forward */ - wifiTRPlatform_multiSSID[ulIndex].interface = wifiTRPlatform_multiSSID[ulIndex+1].interface; - safec_rc = strcpy_s(wifiTRPlatform_multiSSID[ulIndex].syscfg_namespace_prefix, STR_SZ,wifiTRPlatform_multiSSID[ulIndex+1].syscfg_namespace_prefix); - ERR_CHK(safec_rc); - safec_rc = strcpy_s(wifiTRPlatform_multiSSID[ulIndex].ifconfig_interface, STR_SZ,wifiTRPlatform_multiSSID[ulIndex+1].ifconfig_interface); - ERR_CHK(safec_rc); - safec_rc = strcpy_s(wifiTRPlatform_multiSSID[ulIndex].ssid_name, STR_SZ,wifiTRPlatform_multiSSID[ulIndex+1].ssid_name); - ERR_CHK(safec_rc); - safec_rc = strcpy_s(wifiTRPlatform_multiSSID[ulIndex].ap_name, STR_SZ,wifiTRPlatform_multiSSID[ulIndex+1].ap_name ); - ERR_CHK(safec_rc); - Utopia_GetIndexed(ctx,UtopiaValue_WLAN_SSID_Radio,(ulIndex + 1),ifCfg,sizeof(ifCfg)); - Utopia_SetIndexed(ctx,UtopiaValue_WLAN_SSID_Radio,ulIndex,ifCfg); - Utopia_GetNamedInt(ctx,UtopiaValue_WLAN_SSID_Instance_Num,wifiTRPlatform_multiSSID[ulIndex+1].ssid_name,(int *)&ulInsNum); - g_IndexMapSSID[ulInsNum] = ulIndex; /* Point the instance number to correct index */ - } - freeMultiSSID_Struct(ulIndex); + for(;ulIndex < count; ulIndex++) + { + /* Move the array forward */ + wifiTRPlatform_multiSSID[ulIndex].interface = wifiTRPlatform_multiSSID[ulIndex+1].interface; + safec_rc = strcpy_s(wifiTRPlatform_multiSSID[ulIndex].syscfg_namespace_prefix, STR_SZ,wifiTRPlatform_multiSSID[ulIndex+1].syscfg_namespace_prefix); + ERR_CHK(safec_rc); + safec_rc = strcpy_s(wifiTRPlatform_multiSSID[ulIndex].ifconfig_interface, STR_SZ,wifiTRPlatform_multiSSID[ulIndex+1].ifconfig_interface); + ERR_CHK(safec_rc); + safec_rc = strcpy_s(wifiTRPlatform_multiSSID[ulIndex].ssid_name, STR_SZ,wifiTRPlatform_multiSSID[ulIndex+1].ssid_name); + ERR_CHK(safec_rc); + safec_rc = strcpy_s(wifiTRPlatform_multiSSID[ulIndex].ap_name, STR_SZ,wifiTRPlatform_multiSSID[ulIndex+1].ap_name ); + ERR_CHK(safec_rc); + Utopia_GetIndexed(ctx,UtopiaValue_WLAN_SSID_Radio,(ulIndex + 1),ifCfg,sizeof(ifCfg)); + if( 0 == Utopia_SetIndexed(ctx,UtopiaValue_WLAN_SSID_Radio,ulIndex,ifCfg)) + { + ulog_errorf(ULOG_CONFIG, UL_UTAPI, "%s: Utopia_SetIndexed failed !!!", __FUNCTION__); + } + Utopia_GetNamedInt(ctx,UtopiaValue_WLAN_SSID_Instance_Num,wifiTRPlatform_multiSSID[ulIndex+1].ssid_name,(int *)&ulInsNum); + g_IndexMapSSID[ulInsNum] = ulIndex; /* Point the instance number to correct index */ + } + freeMultiSSID_Struct(ulIndex); } return SUCCESS; } @@ -1973,7 +1982,7 @@ int Utopia_GetWifiAPSecCfg(UtopiaContext *ctx,char *pSSID, void *cfg) cfg_t->RekeyingInterval = atol(ptr->param_val); }else if(!strcasecmp(ptr->param_name,"WEPKey")) { cfg_t->WEPKeyp[0] = '\0' ; /*Default Empty */ - if(ptr->param_val) + if(ptr->param_val[0] != '\0') { if (WIFI_SECURITY_WEP_64 == cfg_t->ModeEnabled) getHexGeneric(ptr->param_val,cfg_t->WEPKeyp,5); @@ -1983,23 +1992,23 @@ int Utopia_GetWifiAPSecCfg(UtopiaContext *ctx,char *pSSID, void *cfg) }else if(!strcasecmp(ptr->param_name,"KeyPassphrase")) { safec_rc = strcpy_s(cfg_t->KeyPassphrase, sizeof(cfg_t->KeyPassphrase),"wpa2psk"); /*Default Value */ ERR_CHK(safec_rc); - if(ptr->param_val){ + if(ptr->param_val[0] != '\0'){ safec_rc = strcpy_s(cfg_t->KeyPassphrase, sizeof(cfg_t->KeyPassphrase),ptr->param_val); ERR_CHK(safec_rc); } }else if(!strcasecmp(ptr->param_name,"EncryptionMethod")) { cfg_t->EncryptionMethod = WIFI_SECURITY_AES_TKIP; /*Default Value */ - if(ptr->param_val) + if(ptr->param_val[0] != '\0') cfg_t->EncryptionMethod = atoi(ptr->param_val); }else if(!strcasecmp(ptr->param_name,"RadiusServerIP")) { - if(ptr->param_val) + if(ptr->param_val[0] != '\0') cfg_t->RadiusServerIPAddr.Value = inet_addr(ptr->param_val); }else if(!strcasecmp(ptr->param_name,"RadiusServerPort")) { cfg_t->RadiusServerPort = 1812; /* Default Value */ - if(ptr->param_val) + if(ptr->param_val[0] != '\0') cfg_t->RadiusServerPort = atoi(ptr->param_val); }else if (!strcasecmp(ptr->param_name,"RadiusSharedSecret")) { - if(ptr->param_val){ + if(ptr->param_val[0] != '\0'){ safec_rc = strcpy_s(cfg_t->RadiusSecret, sizeof(cfg_t->RadiusSecret),ptr->param_val); ERR_CHK(safec_rc); } diff --git a/source/utapi/lib/utapi_util.h b/source/utapi/lib/utapi_util.h index 431c1f03..dc5e398d 100644 --- a/source/utapi/lib/utapi_util.h +++ b/source/utapi/lib/utapi_util.h @@ -61,6 +61,11 @@ typedef struct _EnumString_Map return (ERR_UTCTX_OP); \ } \ +#define UTOPIA_SETINDEXED_NORETURN(ctx,name,index,value) \ + if (0 == Utopia_SetIndexed((ctx),(name),(index),(value))) { \ + ulogf(ULOG_CONFIG, UL_UTAPI, "Error: Utopia_SetIndexed failed\n"); \ + } \ + #define UTOPIA_SETNAMED(ctx,name,prefix,value) \ if (0 == Utopia_SetNamed((ctx),(name),(prefix),(value))) { \ ulogf(ULOG_CONFIG, UL_UTAPI, "Error: setting %s_[%d] to %s", prefix, name, value); \ @@ -94,6 +99,11 @@ typedef struct _EnumString_Map return (ERR_UTCTX_OP); \ } \ +#define UTOPIA_UNSETINDEXED_NORETURN(ctx,name,index) \ + if (0 == Utopia_UnsetIndexed((ctx),(name),(index))) { \ + ulogf(ULOG_CONFIG, UL_UTAPI, "Error: failed Utopia_UnsetIndexed\n"); \ + } \ + /* * Integer sets */ @@ -104,6 +114,13 @@ typedef struct _EnumString_Map return err_rc; \ } +#define UTOPIA_SETINT_NORETURN(ctx,name,intvalue) \ + { \ + int err_rc = Utopia_SetInt((ctx),(name),(intvalue)); \ + if (err_rc != SUCCESS) \ + ulogf(ULOG_CONFIG, UL_UTAPI, "Error: failed Utopia_SetInt\n"); \ + } + #define UTOPIA_SETINDEXEDINT(ctx,name,index,intvalue) \ { \ int err_rc = Utopia_SetIndexedInt((ctx),(name),(index),(intvalue)); \ diff --git a/source/utctx/lib/utctx.c b/source/utctx/lib/utctx.c index 3dcba4b6..3237b370 100755 --- a/source/utctx/lib/utctx.c +++ b/source/utctx/lib/utctx.c @@ -1502,7 +1502,7 @@ static int s_UtopiaTransact_GetAll(UtopiaContext* pUtopiaCtx, char* pszBuffer, u } /* Next, call syscfg get all */ - if (SysCfg_GetAll(pState, sizeof(pState), &iSize) == 0) + if (SysCfg_GetAll(pState, UTOPIA_STATE_SIZE, &iSize) == 0) { free(pState); return 0; @@ -2089,7 +2089,10 @@ void Utopia_Free(UtopiaContext* pUtopiaCtx, int fCommit) if (pNode->pszValue == 0) { - SysCfg_Unset(pNode->pszNamespace, pNode->pszKey); + if(0 != SysCfg_Unset(pNode->pszNamespace, pNode->pszKey)) + { + UTCTX_LOG_DBG1("%s: SysCfg_Unset failed\n",__FUNCTION__); + } } else {