Build for Netgear R7800

Well, I made a 5.10 test build for you:
Test-kernel510-(noDSA)-master-r17322-8b7517465b-20210812

Kinda my thoughts too. Those were one reason why I waited for the openwrt to provide stable rc build.
Would it be possible to change openssl based hostapd/wpad to wolfssl wpad after flashing? (is this a package thing or something baked into the image).

I don't mind performing a few tests in the spare time.

Sure.

 OpenWrt SNAPSHOT, r17323-0530c490ee
 -----------------------------------------------------
root@router1:~# opkg update
Downloading https://downloads.openwrt.org/snapshots/targets/ipq806x/generic/pack                                         ages/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_core
Downloading https://downloads.openwrt.org/snapshots/targets/ipq806x/generic/pack                                         ages/Packages.sig
...
Signature check passed.

root@router1:~# opkg list-installed | grep openssl
libopenssl-conf - 1.1.1k-1
libopenssl1.1 - 1.1.1k-1
libustream-openssl20201210 - 2020-12-10-68d09243-2
luci-ssl-openssl - git-17.031.53232-b6341bd
openssl-util - 1.1.1k-1
wpad-openssl - 2021-05-22-b102f19b-31

root@router1:~# opkg remove --force-depends libustream-openssl20201210
Removing package libustream-openssl20201210 from root...

root@router1:~# opkg remove --force-depends wpad-openssl
Removing package wpad-openssl from root...

root@router1:~# opkg install wpad-wolfssl
Installing wpad-wolfssl (2021-05-22-b102f19b-31) to root...
Downloading https://downloads.openwrt.org/snapshots/packages/arm_cortex-a15_neon-vfpv4/base/wpad-wolfssl_2021-05-22-b102f19b-31_arm_cortex-a15_neon-vfpv4.ipk
Installing libwolfssl4.7.0.ba20a816 (4.7.0-stable-2) to root...
Downloading https://downloads.openwrt.org/snapshots/packages/arm_cortex-a15_neon-vfpv4/base/libwolfssl4.7.0.ba20a816_4.7.0-stable-2_arm_cortex-a15_neon-vfpv4.ipk
Configuring libwolfssl4.7.0.ba20a816.
Configuring wpad-wolfssl.

root@router1:~# opkg install libustream-wolfssl
Installing libustream-wolfssl20201210 (2020-12-10-68d09243-2) to root...
Downloading https://downloads.openwrt.org/snapshots/packages/arm_cortex-a15_neon-vfpv4/base/libustream-wolfssl20201210_2020-12-10-68d09243-2_arm_cortex-a15_neon-vfpv4.ipk
Configuring libustream-wolfssl20201210.

root@router1:~# opkg list-installed | grep wolf
libustream-wolfssl20201210 - 2020-12-10-68d09243-2
libwolfssl4.7.0.ba20a816 - 4.7.0-stable-2
wpad-wolfssl - 2021-05-22-b102f19b-31

Note that I changed also the libustream, which handles the SSL lib selection for many OpenWrt tools like uhttpd, opkg etc.

And now I'm interested
Have you done it on some test-machine-router or special vm?

I'm tempted to flash your build and test if it changes anything in regards to hostapd_cli but I'm weighting how much I'd piss my wife using internet right now...

Main main router. Live. Just now.

It might actually change something:

Thu Aug 12 22:59:18 2021 user.notice hostapd_cli: event:, device:, interface:
root@router1:~# logread -f
Thu Aug 12 22:59:30 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 IEEE 802.11: authenticated
Thu Aug 12 22:59:30 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 IEEE 802.11: associated (aid 1)
Thu Aug 12 22:59:31 2021 daemon.notice hostapd: wlan0: AP-STA-CONNECTED 7c:46:85:53:89:44
Thu Aug 12 22:59:31 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 RADIUS: starting accounting session 14444B9E14294A64
Thu Aug 12 22:59:31 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 WPA: pairwise key handshake completed (RSN)
Thu Aug 12 22:59:31 2021 daemon.notice hostapd: wlan0: EAPOL-4WAY-HS-COMPLETED 7c:46:85:53:89:44
Thu Aug 12 22:59:31 2021 user.notice hostapd_cli: event:AP-STA-CONNECTED, device:7c:46:85:53:89:44, interface:wlan0
Thu Aug 12 22:59:31 2021 user.notice hostapd_cli: event:EAPOL-4WAY-HS-COMPLETED, device:7c:46:85:53:89:44, interface:wlan0

Script

root@router1:~# cat /root/eventHandler.sh
#!/bin/sh

# Script handles hostapd events

# hotapd_cli event vars
# $1 = interface
# $2 = action
# $3 = MAC Addr

MSG="event:$2, device:$3, interface:$1"
logger -t hostapd_cli "$MSG"

Processes:

root@router1:~# ps | grep hostapd
 1211 root      3816 S    /usr/sbin/hostapd -s -g /var/run/hostapd/global
 5780 root       736 S    /usr/sbin/hostapd_cli -a /root/eventHandler.sh -B -i wlan0
 5782 root       736 S    /usr/sbin/hostapd_cli -a /root/eventHandler.sh -B -i wlan1
 5794 root      1104 S    grep hostapd

I can confirm that
Flashed your build, followed the same steps as you did and the script works just fine.
Now the question is...what gives...

Interesting, now I again replaced just the wpad-wolfssl with wpad-openssl, and I still get a working script:

Thu Aug 12 23:12:47 2021 daemon.notice hostapd: wlan0: AP-STA-DISCONNECTED 7c:46:85:53:89:44
Thu Aug 12 23:12:47 2021 user.notice hostapd_cli: event:AP-STA-DISCONNECTED, device:7c:46:85:53:89:44, interface:wlan0
root@router1:~# logread -f
Thu Aug 12 23:13:00 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 IEEE 802.11: authenticated
Thu Aug 12 23:13:00 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 IEEE 802.11: associated (aid 1)
Thu Aug 12 23:13:00 2021 daemon.notice hostapd: wlan0: AP-STA-CONNECTED 7c:46:85:53:89:44
Thu Aug 12 23:13:00 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 RADIUS: starting accounting session 1064182EA5779E5B
Thu Aug 12 23:13:00 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 WPA: pairwise key handshake completed (RSN)
Thu Aug 12 23:13:00 2021 daemon.notice hostapd: wlan0: EAPOL-4WAY-HS-COMPLETED 7c:46:85:53:89:44
Thu Aug 12 23:13:00 2021 user.notice hostapd_cli: event:AP-STA-CONNECTED, device:7c:46:85:53:89:44, interface:wlan0
Thu Aug 12 23:13:00 2021 user.notice hostapd_cli: event:EAPOL-4WAY-HS-COMPLETED, device:7c:46:85:53:89:44, interface:wlan0

root@router1:~# opkg list-installed  | grep wpad
wpad-openssl - 2021-05-22-b102f19b-31

"interesting", you tell me:
I did a bit more testing:

1. followed all your steps regarding changing to "wolf"

2. opkg remove libustream-wolfssl20201210

3. opkg install libustream-openssl

4. reboot (libustream from openssl, wpad from wolf)

5. script works fine

6. opkg remove wpad-wolfssl

7. opkg install wpad-openssl

8. reboot (libustream from openssl, wpad from openssl - "vanilla")

9. script still works

I did not use --force-depends though and if I do

opkg list-installed | grep wolf

I receive this:

libwolfssl4.7.0.66253b90 - 4.7.0-stable-2

Might do another flash and then change the wpad only...

It shouldn't matter that you have several SSL libs installed. wpad uses just one of them.

I removed also the libwolfssl, and still works...

root@router1:~# opkg list-installed | grep wolf
root@router1:~# /usr/sbin/hostapd_cli -a /root/eventHandler.sh -B -i wlan0
root@router1:~# /usr/sbin/hostapd_cli -a /root/eventHandler.sh -B -i wlan1
root@router1:~# ps |grep hosta
 1211 root      4604 S    /usr/sbin/hostapd -s -g /var/run/hostapd/global
 5801 root       736 S    /usr/sbin/hostapd_cli -a /root/eventHandler.sh -B -i wlan0
 5803 root       736 S    /usr/sbin/hostapd_cli -a /root/eventHandler.sh -B -i wlan1
 5805 root      1104 S    grep hosta
root@router1:~# logread -f
Thu Aug 12 23:24:02 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 IEEE 802.11: authenticated
Thu Aug 12 23:24:02 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 IEEE 802.11: associated (aid 1)
Thu Aug 12 23:24:02 2021 daemon.notice hostapd: wlan0: AP-STA-CONNECTED 7c:46:85:53:89:44
Thu Aug 12 23:24:02 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 RADIUS: starting accounting session 2A101D571685A9AB
Thu Aug 12 23:24:02 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 WPA: pairwise key handshake completed (RSN)
Thu Aug 12 23:24:02 2021 daemon.notice hostapd: wlan0: EAPOL-4WAY-HS-COMPLETED 7c:46:85:53:89:44
Thu Aug 12 23:24:02 2021 user.notice hostapd_cli: event:AP-STA-CONNECTED, device:7c:46:85:53:89:44, interface:wlan0
Thu Aug 12 23:24:02 2021 user.notice hostapd_cli: event:EAPOL-4WAY-HS-COMPLETED, device:7c:46:85:53:89:44, interface:wlan0
Thu Aug 12 23:24:03 2021 daemon.notice hostapd: wlan0: AP-STA-DISCONNECTED 7c:46:85:53:89:44
Thu Aug 12 23:24:03 2021 user.notice hostapd_cli: event:AP-STA-DISCONNECTED, device:7c:46:85:53:89:44, interface:wlan0
Thu Aug 12 23:24:13 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 IEEE 802.11: authenticated
Thu Aug 12 23:24:13 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 IEEE 802.11: associated (aid 1)
Thu Aug 12 23:24:13 2021 daemon.notice hostapd: wlan0: AP-STA-CONNECTED 7c:46:85:53:89:44
Thu Aug 12 23:24:13 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 RADIUS: starting accounting session A30AC255D400B262
Thu Aug 12 23:24:13 2021 daemon.info hostapd: wlan0: STA 7c:46:85:53:89:44 WPA: pairwise key handshake completed (RSN)
Thu Aug 12 23:24:13 2021 daemon.notice hostapd: wlan0: EAPOL-4WAY-HS-COMPLETED 7c:46:85:53:89:44
Thu Aug 12 23:24:13 2021 user.notice hostapd_cli: event:AP-STA-CONNECTED, device:7c:46:85:53:89:44, interface:wlan0
Thu Aug 12 23:24:13 2021 user.notice hostapd_cli: event:EAPOL-4WAY-HS-COMPLETED, device:7c:46:85:53:89:44, interface:wlan0

No idea why it did not originally work, but right now it works. Strange.

Ok, another test:

1. "clean flash" (configuration was preserved), script setup
2. reboot
3. script does not work
4. opkg remove --force-depends wpad-openssl
5. opkg install wpad-wolfssl
6. reboot
7. script does work

OK THEN

8. opkg remove --force-depends wpad-wolfssl
9. opkg install wpad-openssl
10. script still works

I thing I'm going to pour myself some drink...
Jokes aside, I'm already switching to ath10k from ath10k-ct since the -ct version does not like esps when there are more than one WiFi SSIDs on one radio (packets taking ages to get through and huge packet loss) so another 2 commands won't be so bad.

There is one more test I need to make before giving up keyboard, reflash and reinstall of default openssl packages.

@Edit
I'm going to add some tags here for uncle google to pick up regarding the esp problem if you don't mind. Maybe someone won't have to go through the pain I had to go to figure it out: esp8266, packet loss, lag, ath10k, ath10-ct, tasmota lag

Final test:

1. "clean flash" (configuration was preserved), script setup
2. reboot
3. script does not work
4. opkg remove --force-depends wpad-openssl
5. opkg install wpad-openssl
6. script works

That finalises the topic of getting a drink xD
Reinstalling seemingly the same package causes it to start working just fine...its...baffling to say at least.

The question stays the same:
"What gives?"

No idea, so far.
But your final test was on my agenda.

There is one difference: we are replacing the (non-working) wpad compiled by me with the version compiled with the buildbot and that works.

I am just thinking if the debug logging detail selection in my build config causes this. "CONFIG_WPA_MSG_MIN_PRIORITY"

# WLAN/WPS support                            
CONFIG_PACKAGE_hostapd-utils=y                
#CONFIG_WPA_MSG_MIN_PRIORITY=2                
CONFIG_WPA_MSG_MIN_PRIORITY=4                 
CONFIG_PACKAGE_wpad-openssl=y                 
# CONFIG_PACKAGE_wpad-basic-wolfssl is not set
# CONFIG_PACKAGE_libustream-wolfssl is not set

That is the only real config change that I do for the wpad compilation. Default is 3 and I cut down the messages a bit by setting it to 4.
Maybe that prevents the cli messaging, too.

I will have to test tomorrow compiling a new version.

Thank you, for the help and investigation, it was actually quite fun
Since we have a workaround for now I'm switching to ath10k-mainline to get tasmotas working and staying on your build.

If you need any help tomorrow feel free to ping me, I'll be glad to assist after work

Note that the wpad built by me is in /rom/usr/sbin, so we can easily rename the buildbot wpad in /usr/sbin than copy the original my wpad from /rom/usr/sbin for testing

Thanks hynman - you are most kind and considerate. I am going to install this build straight way - get both DSA and no-DSA up and running ( I have 2 - two R7800's ) - then I will report back - especially WireGuard speed and throughput. Once again - thanks for the build - Peace

I compiled a new firmware version (master-r17328-5181af5585-20210813 ) with the default debug logging level 3, and now the user script gets triggered ok with the wpad-openssl in the image.

Apparently that OpenWrt-specific debug level setting in hostapd also changes some other behaviour, although it shouldn't. Possibly hostapd has changed somewhat since @nbd introduced that debug level setting in 2012 with https://github.com/openwrt/openwrt/commit/a77cf0cd624f23237a3d40ae737fc607d7e03a5c , and e.g. communication with hostapd_cli gets affected in some cases. Interesting.

Hey Hnyman,
I promised to report back to you regarding 5.10 kernel build. My technical knowledge, skills and experience are nowhere near as replete as many who contribute and comment here. However, I do have extensive history of running all types of open source router distributions. Your build I would term as " elegant " - meaning that everything just works seamlessly well together. I have not checked WireGuard yet - and I have installed DSA first. Peace

Dear @hnyman ,

I have also tested a bit DSA build with 5.10 kernel and here are my comments:

LAN port numbers are fixed compared to June test build and now lan1 corresponds to label on the device
With June test build I had a problem with DHCP over Ethernet while VLANs are enabled. Now I have an impression (not verified thoroughly) whole switch functionality is breaking once both VLANs and routing are on.
Trying to build own image based on your config results with huge samba4 package size even though DEBUG is set to n.
Without VLANs enabled everything seams to work fine and is running stable.