**** BEGIN LOGGING AT Sun Nov 18 02:59:59 2018 Nov 18 03:00:01 afaik ath6kl also comes in sdio based flavours, I haven't heard anything too good about those though Nov 18 03:00:03 good enough for me, as long as I'm not overlooking something easy :) Nov 18 03:31:31 test Nov 18 03:31:58 (it works) Nov 18 13:19:45 jow: thanks for the snapshot build link Nov 18 13:45:11 greearb: have you tried the different (legacy coreboot 4.0 vs. current coreboot 4.8) releases for the apu boards? They have different bugs in each version, so maybe switching between them helps somewhat? https://pcengines.github.io/ Nov 18 14:38:44 I am running OpenWrt and wish it to connect as a client to a hotel network. The Hotel network is UNENCRYPTED and uses a password that I know (I am staying here), is there any kind of script to allow the router to authenticate with Wandering WiFi's page and "programmatically submit the password"? Nov 18 14:48:55 linux_user: so essentially it's a captive portal? Nov 18 14:50:05 I don't know what a captive portal means, but, I am legit staying at the hotel, I have the password, when I login from a computer it asks me for the password I enter it and away I go, but, the network is fully unencrypted. that said, I want to automate the process for openwork to do that on my openwrt routeer Nov 18 14:50:09 does that make more sense to you? Nov 18 14:50:26 linux_user: in that case, I'm afraid each captive portal is different, so you'll either have to find some existing script which can authenticate, or you'll have to log the packets, analyze them, and replay the authentication sequence Nov 18 14:51:01 linux_user: there is no standard I'm aware of for such login pages (called captive portal) Nov 18 14:51:02 it uses Wandering WiFi which is a huge company that many hotels use, so I figured someone had something already Nov 18 14:51:59 last time I had to do that, I wrote my own scripts, but it didn't even occur to me that someone else might have done that already Nov 18 14:53:47 heh Nov 18 14:54:02 well wandering wifi is used by like many rest stops and restaurants and hotels Nov 18 14:54:21 that's why I was thinking surely someone saw it as a large enough target to say, its worth making this Nov 18 14:54:38 can you tell me how you captured the send back from the web page? Nov 18 14:56:49 linux_user: https://jimshaver.net/2015/02/11/decrypting-tls-browser-traffic-with-wireshark-the-easy-way/ Nov 18 14:57:21 does "TLS" mean it's using https? If so, this portal is fully HTTP only Nov 18 15:00:01 brew is installing wireshark as we speak Nov 18 15:00:06 linux_user: heh, even easier Nov 18 15:00:14 yeah, I have a Mac Nov 18 15:00:23 a "UNIX workstation" I call it! Nov 18 15:00:28 but everyone else says its a Mac Nov 18 15:01:08 linux_user: just do "follow tcp connection" for each connection to the authentication web server, and then you'll soon see everything you need Nov 18 15:01:37 linux_user: it's usually a right-click on one of the packets of a tcp connection Nov 18 15:01:55 but I though HTTPS is not TCP its a different protocol? Nov 18 15:02:02 ah Nov 18 15:02:33 hang on lemme see if wireshark is done installing Nov 18 15:03:07 well, both HTTP and HTTPS are used over TCP (at least the classic stuff, QUIC and HTTP/2 are special) Nov 18 15:04:47 linux_user: some of those captive portals are evil: they inject cookies into http connections to any server you're connecting to, and then they check if you're still submitting that cookie, so you get logged out after some timeout if you're only using https afterwards Nov 18 15:05:02 linux_user: let's hope your portal is not that evil Nov 18 15:08:54 one sec having trouble getting brew to install wireshark Nov 18 15:11:02 need to upgrade my router, bbl Nov 18 15:17:50 ok Nov 18 16:15:16 I am running OpenWRT and am using my router at a hotel. The Hotel’s network has a captive portal, and as far as I can tell it uses HTTP (not HTTPS) to get into it and only requires a 4 digit password (that I have, they gave it to me) that changes each week and must be re-entered every 24 hours. Is there a way I can programmatically automate this? The Captive Portal is being presented by the company “Wandering Wifi Nov 18 16:15:16 ” who provides internet services like this to many hotels and restaurants and such. Nov 18 17:48:22 updated openwrt/upstream, https://sdwalker.github.io/uscan/index.html Nov 18 20:53:14 anyone know why make download would hang on mkimage download - tcpdump says its trying to get u-boot-2018.03.tar.bz2 from mirror2.openwrt.org (which is a 404, as its not there) Nov 18 21:19:52 Is https://openwrt.org/docs/guide-developer/security still relevant? I noticed that 3 of the first 4 links give me a 404 not found error Nov 18 21:22:33 I may be wrong, but sounds a bit like the ramblings of a one man show Nov 18 21:23:51 Hm... I'm unsure how to report a security bug in the 18.06 branch of the openwrt packages repo. Nov 18 21:24:01 (single auther), that doesn't mean that it would be necessarily wrong, but maybe a bit extreme Nov 18 21:24:30 Github doesn't offer any option "mark as security bug" Nov 18 21:25:31 a security bug is just a bug like any other, if you think that it would be very critical, it might be better to contact the package maintainer directly (via private mail) - but in most cases that shouldn't be necessary Nov 18 21:29:04 I mostly agree with the "security bug is just a bug like any other" sentiment, but from an inverted perspective: If you're patching your software, treat all bugs like security bugs. Nov 18 21:29:52 Then again, the vuln is already public, the package in question is just missing the fix for the bug. Nov 18 21:30:47 in that case I'd go the normal way or reporting an issue at the package repository for feed packages (or bugs.openwrt.org for packages of the main repo) Nov 18 21:31:18 will do. Nov 18 21:40:28 done Nov 18 21:56:45 carldani: which package/CVE? Nov 18 22:04:27 swalker: apparently https://github.com/openwrt/packages/issues/7470 Nov 18 22:23:27 no cpe strings from nvd for cvechecker to match on Nov 18 22:44:21 hi. is there any list of supported usb wifi adapters? (no ath9k-htc please, these don't seem to work with my lantiq xrx200 device) Nov 18 22:50:10 I might slightly sound like a broken record, but imho the answer to that would be an empty list, there aren't really any USB wlan cards that offer reliable and usable AP functionality Nov 18 22:56:38 pkgadd: hm, ok... the ath9k-htc ones work OK on ar71xx though, just with this lantiq device there seems to be some incompatibility Nov 18 22:57:45 rotanid: I've made different experiences (with ar9271 on ar71xx and ath79/ tl-wdr3600) Nov 18 22:58:06 it worked, but very unreliably, often freezing up for seconds or longer Nov 18 23:22:43 hi Nov 18 23:27:17 i want to use a 2.4ghz and 5ghz wifi connection as my wan interface. how to make openwrt prefer the better link? (2.4ghz or 5ghz) Nov 18 23:35:30 I may be wrong, but I don't think OpenWrt currently has a means to decide that dynamically Nov 18 23:36:15 especially if you have two single-band radios, which each are handled individually, using dedicated wpa_supplicant instances Nov 18 23:57:59 okay ty pkgadd **** ENDING LOGGING AT Mon Nov 19 03:00:00 2018