rpms
/
cjdns
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Work in progress for 21.2 with hybrid cargo-rust / nodejs build

This commit is contained in:
Stuart D. Gathman 2022-10-06 18:42:23 -04:00
parent 7685129fbc
commit 6d773f2359
12 changed files with 96 additions and 798 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
cjdns.benc.patch
View File

@ -1,22 +0,0 @@
diff -up ./benc/serialization/json/JsonBencSerializer.c.benc ./benc/serialization/json/JsonBencSerializer.c
--- ./benc/serialization/json/JsonBencSerializer.c.benc 2017-02-18 13:07:19.840276161 -0500
+++ ./benc/serialization/json/JsonBencSerializer.c 2017-02-18 13:08:31.044121936 -0500
@@ -72,15 +72,15 @@ static int32_t serializeString(struct Wr
Writer_write(writer, "\"", 1);
size_t i;
uint8_t chr;
- char buffer[4];
+ char buffer[5];
for (i = 0; i < string->len; i++) {
chr = (uint8_t) string->bytes[i] & 0xFF;
/* Nonprinting chars, \ and " are hex'd */
if (chr < 126 && chr > 31 && chr != '\\' && chr != '"') {
- snprintf(buffer, 4, "%c", chr);
+ snprintf(buffer, 5, "%c", chr);
Writer_write(writer, buffer, 1);
} else {
- snprintf(buffer, 4, "\\x%.2X", chr);
+ snprintf(buffer, 5, "\\x%.2X", chr);
Writer_write(writer, buffer, 4);
}
}

27
cjdns.cap3.patch
View File

@ -1,27 +0,0 @@
diff -up ./util/Setuid_linux.c.cap3 ./util/Setuid_linux.c
--- ./util/Setuid_linux.c.cap3 2016-01-31 22:04:56.591743457 -0500
+++ ./util/Setuid_linux.c 2016-01-31 22:05:42.699060985 -0500
@@ -50,9 +50,9 @@ static inline int capGet(cap_user_header
void Setuid_preSetuid(struct Allocator* alloc, struct Except* eh)
{
cap_user_header_t hdr = Allocator_calloc(alloc, sizeof(*hdr), 1);
- cap_user_data_t data = Allocator_calloc(alloc, sizeof(*data), 1);
+ cap_user_data_t data = Allocator_calloc(alloc, sizeof(*data), 2);
- hdr->version = _LINUX_CAPABILITY_VERSION;
+ hdr->version = _LINUX_CAPABILITY_VERSION_3;
hdr->pid = 0;
if (capGet(hdr, data)) {
Except_throw(eh, "Error getting capabilities: [errno:%d (%s)]", errno, strerror(errno));
@@ -73,9 +73,9 @@ void Setuid_preSetuid(struct Allocator*
void Setuid_postSetuid(struct Allocator* alloc, struct Except* eh)
{
cap_user_header_t hdr = Allocator_calloc(alloc, sizeof(*hdr), 1);
- cap_user_data_t data = Allocator_calloc(alloc, sizeof(*data), 1);
+ cap_user_data_t data = Allocator_calloc(alloc, sizeof(*data), 2);
- hdr->version = _LINUX_CAPABILITY_VERSION;
+ hdr->version = _LINUX_CAPABILITY_VERSION_3;
hdr->pid = 0;
if (capGet(hdr, data)) {
Except_throw(eh, "Error getting capabilities (post-setuid): [errno:%d (%s)]",

15
cjdns.entropy.patch
View File

@ -1,15 +0,0 @@
diff -up ./crypto/random/seed/GetEntropyRandomSeed.c.entropy ./crypto/random/seed/GetEntropyRandomSeed.c
--- ./crypto/random/seed/GetEntropyRandomSeed.c.entropy 2017-02-24 00:23:48.994554470 -0500
+++ ./crypto/random/seed/GetEntropyRandomSeed.c 2017-02-24 00:28:07.022641392 -0500
@@ -23,8 +23,9 @@
#define GetEntropyRandomSeed_GLIBC_HAS_IT \
(defined(__GNU_LIBRARY__) && defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2, 25))
-
-#if !defined(__OPENBSD__) && !GetEntropyRandomSeed_GLIBC_HAS_IT
+/* gcc warns against using defined() inside #define, so just copy definition */
+#if !defined(__OPENBSD__) && \
+!(defined(__GNU_LIBRARY__) && defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2, 25))
static int getentropy(void *buf, size_t buflen)
{
int ret;

46
cjdns.fuzz.patch
View File

@ -1,46 +0,0 @@
diff -up ./test/Main_fuzz_test.c.fuzz ./test/Main_fuzz_test.c
--- ./test/Main_fuzz_test.c.fuzz 2020-04-09 14:01:51.000000000 -0400
+++ ./test/Main_fuzz_test.c 2020-04-14 17:17:24.101260879 -0400
@@ -60,8 +60,8 @@ static Iface_DEFUN incomingTun(struct Me
static void notLinkedYet(struct Context* ctx)
{
uint64_t now = Time_currentTimeMilliseconds(ctx->base);
- if ((now - ctx->startTime) > 5000) {
- Assert_failure("Failed to link in 5 seconds");
+ if ((now - ctx->startTime) > 200000) {
+ Assert_failure("Failed to link in 100 seconds");
}
}
diff -up ./util/test/Seccomp_test.c.fuzz ./util/test/Seccomp_test.c
--- ./util/test/Seccomp_test.c.fuzz 2020-04-15 20:21:02.563170274 -0400
+++ ./util/test/Seccomp_test.c 2020-04-15 22:32:21.633653339 -0400
@@ -61,6 +61,10 @@ static void timeout(void* vNULL)
{
Assert_true(!"timed out");
}
+static void timeout2(void* vNULL)
+{
+ Assert_true(!"time out 2");
+}
static int child(char* pipeName, struct Allocator* alloc, struct Log* logger)
{
@@ -70,7 +74,7 @@ static int child(char* pipeName, struct
pipe->logger = logger;
pipe->userData = alloc;
- Timeout_setTimeout(timeout, eb, 2000, eb, alloc);
+ Timeout_setTimeout(timeout, eb, 8000, eb, alloc);
EventBase_beginLoop(eb);
return 0;
@@ -120,7 +124,7 @@ int main(int argc, char** argv)
Assert_true(!Process_spawn(path, args, eb, alloc, NULL));
- Timeout_setTimeout(timeout, NULL, 2000, eb, alloc);
+ Timeout_setTimeout(timeout2, NULL, 160000, eb, alloc);
EventBase_beginLoop(eb);
return 0;

50
cjdns.nprocs.patch
View File

@ -1,50 +0,0 @@
diff -up ./util/Security.c.nprocs ./util/Security.c
--- ./util/Security.c.nprocs 2016-01-27 03:07:49.000000000 -0500
+++ ./util/Security.c 2016-02-22 20:30:06.153297256 -0500
@@ -31,6 +31,7 @@
#include <unistd.h>
#include <errno.h>
#include <stdlib.h>
+#include <grp.h>
#include <string.h>
#include <sys/mman.h>
#include <stdio.h>
@@ -66,12 +67,17 @@ void Security_setUser(int uid,
{
int gidErrno = 0;
int uidErrno = 0;
+ int setGroupErrno = 0;
+ pid_t groups[1];
if (keepNetAdmin) {
Setuid_preSetuid(alloc, eh);
}
if (gid && setgid(gid)) {
gidErrno = errno;
}
+ if (setgroups(0,groups)) {
+ setGroupErrno = errno;
+ }
if (setuid(uid)) {
// errno is global and could get overwritten by Setuid_postSetuid()
uidErrno = errno;
@@ -85,6 +91,9 @@ void Security_setUser(int uid,
if (uid != (int) getuid()) {
Except_throw(eh, "Failed to set UID but seemed to succeed");
}
+ if (setGroupErrno > 0) {
+ Except_throw(eh, "Failed to setgroups [%s]", strerror(setGroupErrno));
+ }
if (gidErrno > 0) {
Except_throw(eh, "Failed to set GID [%s]", strerror(gidErrno));
}
@@ -119,8 +128,8 @@ void Security_nofiles(struct Except* eh)
void Security_noforks(struct Except* eh)
{
- if (setrlimit(RLIMIT_NPROC, &(struct rlimit){ 0, 0 })) {
- Except_throw(eh, "Failed to set fork limit to 0 [%s]", strerror(errno));
+ if (setrlimit(RLIMIT_NPROC, &(struct rlimit){ 1, 1 })) {
+ Except_throw(eh, "Failed to set process limit to 1 [%s]", strerror(errno));
}
}

98
cjdns.ppc64.patch
View File

@ -1,98 +0,0 @@
diff -up ./crypto/random/Random.c.ppc64 ./crypto/random/Random.c
--- ./crypto/random/Random.c.ppc64 2016-12-05 00:06:42.586930523 -0500
+++ ./crypto/random/Random.c 2016-12-05 00:07:36.524592652 -0500
@@ -20,6 +20,7 @@
#include "util/Assert.h"
#include "util/Base32.h"
#include "util/Identity.h"
+#include "util/Endian.h"
#include <crypto_hash_sha256.h>
#include <crypto_stream_salsa20.h>
@@ -163,10 +164,11 @@ void Random_addRandom(struct Random* ran
static void stir(struct Random* rand)
{
+ uint64_t nonce = Endian_hostToLittleEndian64(rand->nonce);
crypto_stream_salsa20_xor((uint8_t*)rand->buff,
(uint8_t*)rand->buff,
BUFFSIZE,
- (uint8_t*)&rand->nonce,
+ (uint8_t*)&nonce,
(uint8_t*)rand->tempSeed);
rand->nonce++;
rand->nextByte = 0;
diff -up ./util/ArchInfo.c.ppc64 ./util/ArchInfo.c
--- ./util/ArchInfo.c.ppc64 2016-10-11 17:39:44.000000000 -0400
+++ ./util/ArchInfo.c 2016-12-05 00:05:56.482360588 -0500
@@ -98,8 +98,15 @@ gcc arch.c
#error unknown endian
#endif
#elif defined(__powerpc64__) || defined(__ppc64__) || defined(__PPC64__) || defined(_ARCH_PPC64)
- #define ARCH ArchInfo_AUDIT_ARCH_PPC64
- #define ARCHSTR "ppc64"
+ #if defined(Endian_BIG)
+ #define ARCH ArchInfo_AUDIT_ARCH_PPC64
+ #define ARCHSTR "ppc64"
+ #elif defined(Endian_LITTLE)
+ #define ARCH ArchInfo_AUDIT_ARCH_PPC64LE
+ #define ARCHSTR "ppc64le"
+ #else
+ #error unknown endian
+ #endif
#elif defined(__powerpc__) || defined(__ppc__) || defined(__PPC__) || defined(_ARCH_PPC)
#define ARCH ArchInfo_AUDIT_ARCH_PPC
#define ARCHSTR "ppc"
@@ -145,6 +152,9 @@ gcc arch.c
#else
#error unknown bit width
#endif
+#elif defined(__s390x__)
+ #define ARCH ArchInfo_AUDIT_ARCH_S390X
+ #define ARCHSTR "s390x"
#else
#error architecture unknown
#endif
diff -up ./util/test/Endian_test.c.ppc64 ./util/test/Endian_test.c
--- ./util/test/Endian_test.c.ppc64 2016-12-05 10:48:46.767433986 -0500
+++ ./util/test/Endian_test.c 2016-12-05 10:50:23.116623515 -0500
@@ -40,32 +40,32 @@ int main()
Assert_true(c == Endian_bigEndianToHost16(sc));
Assert_true(c == Endian_hostToBigEndian16(sc));
Assert_true(c == Endian_hostToLittleEndian16(c));
- Assert_true(c == Endian_hostToLittleEndian16(c));
+ Assert_true(c == Endian_littleEndianToHost16(c));
Assert_true(a == Endian_bigEndianToHost32(sa));
Assert_true(a == Endian_hostToBigEndian32(sa));
Assert_true(a == Endian_hostToLittleEndian32(a));
- Assert_true(a == Endian_hostToLittleEndian32(a));
+ Assert_true(a == Endian_littleEndianToHost32(a));
Assert_true(b == Endian_bigEndianToHost64(sb));
Assert_true(b == Endian_hostToBigEndian64(sb));
Assert_true(b == Endian_hostToLittleEndian64(b));
- Assert_true(b == Endian_hostToLittleEndian64(b));
+ Assert_true(b == Endian_littleEndianToHost64(b));
} else {
Assert_true(c == Endian_bigEndianToHost16(c));
Assert_true(c == Endian_hostToBigEndian16(c));
Assert_true(c == Endian_hostToLittleEndian16(sc));
- Assert_true(c == Endian_hostToLittleEndian16(sc));
+ Assert_true(c == Endian_littleEndianToHost16(sc));
Assert_true(a == Endian_bigEndianToHost32(a));
Assert_true(a == Endian_hostToBigEndian32(a));
Assert_true(a == Endian_hostToLittleEndian32(sa));
- Assert_true(a == Endian_hostToLittleEndian32(sa));
+ Assert_true(a == Endian_littleEndianToHost32(sa));
Assert_true(b == Endian_bigEndianToHost64(b));
Assert_true(b == Endian_hostToBigEndian64(b));
Assert_true(b == Endian_hostToLittleEndian64(sb));
- Assert_true(b == Endian_hostToLittleEndian64(sb));
+ Assert_true(b == Endian_littleEndianToHost64(sb));
}
Assert_true(b == Endian_byteSwap64(sb));

26
cjdns.puts.patch
View File

@ -1,26 +0,0 @@
diff -up ./node_modules/ronn/bin/ronn.js.puts ./node_modules/ronn/bin/ronn.js
--- ./node_modules/ronn/bin/ronn.js.puts 2019-08-03 18:32:03.560415945 -0400
+++ ./node_modules/ronn/bin/ronn.js 2019-08-03 18:33:18.600372936 -0400
@@ -2,7 +2,8 @@
var RONN_VERSION = "0.4.0";
-var sys = require('util');
+var console = require('console');
+var sys = { 'puts': console.log, 'debug': console.error };
var fs = require('fs');
var path = require('path');
var opts = require('opts');
diff -up ./node_modules/ronn/lib/ronn.js.puts ./node_modules/ronn/lib/ronn.js
--- ./node_modules/ronn/lib/ronn.js.puts 2019-08-03 18:32:11.703523935 -0400
+++ ./node_modules/ronn/lib/ronn.js 2019-08-03 18:33:02.578184733 -0400
@@ -4,7 +4,8 @@
*/
var md = require('markdown').markdown;
-var sys = require('util');
+var console = require('console');
+var sys = { 'puts': console.log, 'debug': console.error };
/* exports Ronn class
* usage :

25
cjdns.python3.patch
View File

@ -1,25 +0,0 @@
diff -up ./node_build/dependencies/libuv/gyp_uv.py.python3 ./node_build/dependencies/libuv/gyp_uv.py
--- ./node_build/dependencies/libuv/gyp_uv.py.python3 2019-08-06 18:58:48.000000000 -0400
+++ ./node_build/dependencies/libuv/gyp_uv.py 2019-09-19 13:11:51.125240959 -0400
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/python3
import os
import platform
@@ -29,7 +29,7 @@ def host_arch():
def run_gyp(args):
rc = gyp.main(args)
if rc != 0:
- print 'Error running GYP'
+ print('Error running GYP')
sys.exit(rc)
@@ -80,5 +80,5 @@ if __name__ == '__main__':
args.append('-Dcomponent=static_library')
gyp_args = list(args)
- print gyp_args
+ print(gyp_args)
run_gyp(gyp_args)

64
cjdns.rust.patch Normal file
View File

@ -0,0 +1,64 @@
diff -up ./do.rust ./do
--- ./do.rust 2020-12-16 13:31:23.000000000 -0500
+++ ./do 2022-09-21 06:50:01.049995426 -0400
@@ -7,7 +7,7 @@ if test "x$CARGO" = "x"; then
printf "See https://rustup.rs/ for install instructions\n"
exit 1
fi
-$CARGO build --release
+$CARGO build --offline --release
./target/release/testcjdroute all >/dev/null
mv ./target/release/cjdroute ./
mv ./target/release/makekeys ./
diff -up ./node_build/make.js.rust ./node_build/make.js
--- ./node_build/make.js.rust 2022-09-21 06:56:53.965596649 -0400
+++ ./node_build/make.js 2022-09-21 09:43:15.585812097 -0400
@@ -41,7 +41,6 @@ Builder.configure({
'-std=c99',
'-Wall',
'-Wextra',
- '-Werror',
'-Wno-pointer-sign',
'-Wmissing-prototypes',
'-pedantic',
@@ -273,7 +272,7 @@ Builder.configure({
}).nThen(function (waitFor) {
if (!foundSodium) {
- throw new Error("Unable to find a path to libsodium headers");
+ builder.config.includeDirs.push('/usr/include/sodium');
}
builder.config.libs.push(libuvLib);
@@ -447,4 +446,4 @@ Builder.configure({
console.log('\x1b[1;31mFailed to build cjdns.\x1b[0m');
process.exit(1);
-});
\ No newline at end of file
+});
diff -up ./rust/cjdns_sys/Cargo.toml.rust ./rust/cjdns_sys/Cargo.toml
--- ./rust/cjdns_sys/Cargo.toml.rust 2020-12-16 13:31:23.000000000 -0500
+++ ./rust/cjdns_sys/Cargo.toml 2022-09-21 10:58:29.763774705 -0400
@@ -6,16 +6,16 @@ edition = "2018"
build = "build.rs"
[dependencies]
-sodiumoxide = { git = "https://github.com/cjdelisle/sodiumoxide", rev = "3aa7e8e21b9cd61ad64f4a0ed125d5b1af2cf38d", version = "0.2", default-features = false, features = ["std"] }
+sodiumoxide = { version = "0.2", default-features = false, features = ["std"] }
thiserror = "1.0"
anyhow = "1.0"
[build_dependencies]
cc = "1.0"
anyhow = "1.0"
-cbindgen = { version = "0.15", optional = true }
-bindgen = { version = "0.55", optional = true }
+cbindgen = { version = "0.24", optional = true }
+bindgen = { version = "0.59", optional = true }
[features]
generate-rffi = ["cbindgen"]
-generate-cffi = ["bindgen"]
\ No newline at end of file
+generate-cffi = ["bindgen"]

182
cjdns.s390x.patch
View File

@ -1,182 +0,0 @@
--- cjdns-cjdns-v20.2/node_build/dependencies/cnacl/cpucycles/osfreq.c.s390x 2018-05-31 12:03:56.321045469 +0200
+++ cjdns-cjdns-v20.2/node_build/dependencies/cnacl/cpucycles/osfreq.c 2018-05-31 12:04:07.901045469 +0200
@@ -33,6 +33,18 @@ static double osfreq(void)
f = fopen("/proc/cpuinfo","r");
if (f) {
for (;;) {
+ s = fscanf(f,"cpu MHz dynamic : %lf",&result);
+ if (s > 0) break;
+ if (s == 0) s = fscanf(f,"%*[^\n]\n");
+ if (s < 0) { result = 0; break; }
+ }
+ fclose(f);
+ if (result) return 1000000.0 * result;
+ }
+
+ f = fopen("/proc/cpuinfo","r");
+ if (f) {
+ for (;;) {
s = fscanf(f,"clock : %lf",&result);
if (s > 0) break;
if (s == 0) s = fscanf(f,"%*[^\n]\n");
--- cjdns-cjdns-v20.2/node_build/dependencies/cnacl/do.s390x 2018-04-18 09:35:41.000000000 +0200
+++ cjdns-cjdns-v20.2/node_build/dependencies/cnacl/do 2018-05-31 11:56:41.881045469 +0200
@@ -418,7 +418,7 @@ echo "=== `date` === starting curvecp"
okabi \
| awk '
- { if ($1=="amd64" || $1=="ia64" || $1=="ppc64" || $1=="sparcv9" || $1=="mips64") print 1,$1
+ { if ($1=="amd64" || $1=="ia64" || $1=="ppc64" || $1=="sparcv9" || $1=="mips64" || $1=="s390x") print 1,$1
else if ($1 == "mips32") print 2,$1
else print 3,$1
}
--- cjdns-cjdns-v20.2/node_build/dependencies/cnacl/node_build/plans/s390x_plan.json.s390x 2018-05-31 11:56:41.881045469 +0200
+++ cjdns-cjdns-v20.2/node_build/dependencies/cnacl/node_build/plans/s390x_plan.json 2018-05-31 11:56:41.881045469 +0200
@@ -0,0 +1,124 @@
+{
+ "PLAN_IMPLEMENTATIONS": [
+ [
+ "crypto_sign",
+ "ed25519",
+ "ref10"
+ ],
+ [
+ "crypto_stream",
+ "aes128ctr",
+ "portable"
+ ],
+ [
+ "crypto_auth",
+ "hmacsha256",
+ "ref"
+ ],
+ [
+ "crypto_core",
+ "hsalsa20",
+ "ref"
+ ],
+ [
+ "crypto_scalarmult",
+ "curve25519",
+ "ref"
+ ],
+ [
+ "crypto_core",
+ "salsa20",
+ "ref"
+ ],
+ [
+ "crypto_verify",
+ "16",
+ "ref"
+ ],
+ [
+ "crypto_onetimeauth",
+ "poly1305",
+ "donna"
+ ],
+ [
+ "crypto_core",
+ "salsa208",
+ "ref"
+ ],
+ [
+ "crypto_hashblocks",
+ "sha512",
+ "inplace"
+ ],
+ [
+ "crypto_stream",
+ "salsa2012",
+ "ref"
+ ],
+ [
+ "crypto_stream",
+ "xsalsa20",
+ "ref"
+ ],
+ [
+ "crypto_secretbox",
+ "xsalsa20poly1305",
+ "ref"
+ ],
+ [
+ "crypto_core",
+ "salsa2012",
+ "ref"
+ ],
+ [
+ "crypto_verify",
+ "32",
+ "ref"
+ ],
+ [
+ "crypto_stream",
+ "salsa208",
+ "ref"
+ ],
+ [
+ "crypto_hash",
+ "sha256",
+ "ref"
+ ],
+ [
+ "crypto_hashblocks",
+ "sha256",
+ "ref"
+ ],
+ [
+ "crypto_hash",
+ "sha512",
+ "ref"
+ ],
+ [
+ "crypto_box",
+ "curve25519xsalsa20poly1305",
+ "ref"
+ ],
+ [
+ "crypto_auth",
+ "hmacsha512256",
+ "ref"
+ ],
+ [
+ "crypto_stream",
+ "salsa20",
+ "ref"
+ ]
+ ],
+ "PLAN_TYPES": [
+ "typedef short crypto_int16;",
+ "typedef unsigned int crypto_uint32;",
+ "typedef unsigned short crypto_uint16;",
+ "typedef long long crypto_int64;",
+ "typedef int crypto_int32;",
+ "typedef unsigned char crypto_uint8;",
+ "typedef signed char crypto_int8;",
+ "typedef unsigned long long crypto_uint64;"
+ ]
+}
--- cjdns-cjdns-v20.2/node_build/dependencies/cnacl/okcompilers/abiname.c.s390x 2018-04-18 09:35:41.000000000 +0200
+++ cjdns-cjdns-v20.2/node_build/dependencies/cnacl/okcompilers/abiname.c 2018-05-31 11:56:41.881045469 +0200
@@ -14,6 +14,8 @@ const char *abi(void)
return "ppc64";
#elif defined(__powerpc__) || defined(__ppc__) || defined(__PPC__) || defined(_ARCH_PPC)
return "ppc32";
+#elif defined(__s390x__)
+ return "s390x"
#elif defined(__sparcv9__) || defined(__sparcv9)
return "sparcv9";
#elif defined(__sparc_v8__)
--- cjdns-cjdns-v20.2/node_build/dependencies/cnacl/okcompilers/abiname_xcompile.c.s390x 2018-04-18 09:35:41.000000000 +0200
+++ cjdns-cjdns-v20.2/node_build/dependencies/cnacl/okcompilers/abiname_xcompile.c 2018-05-31 11:56:41.881045469 +0200
@@ -20,6 +20,8 @@
#error ABI_IS_ppc64__
#elif defined(__powerpc__) || defined(__ppc__) || defined(__PPC__) || defined(_ARCH_PPC)
#error ABI_IS_ppc32__
+#elif defined(__s390x__)
+ #error ABI_IS_s390x__
#elif defined(__sparcv9__) || defined(__sparcv9)
#error ABI_IS_sparcv9__
#elif defined(__sparc_v8__)

231
cjdns.sodium.patch
View File

@ -1,231 +0,0 @@
diff -up ./client/cjdroute2.c.sodium ./client/cjdroute2.c
--- ./client/cjdroute2.c.sodium 2020-12-16 14:14:51.140783237 -0500
+++ ./client/cjdroute2.c 2020-12-16 14:14:51.146783327 -0500
@@ -64,6 +64,7 @@
#include <string.h>
#include <time.h>
#include <stdlib.h>
+#include <sodium.h>
#define DEFAULT_TUN_DEV "tun0"
@@ -597,6 +598,9 @@ static String* getPipePath(Dict* config,
int main(int argc, char** argv)
{
+ if (sodium_init() == -1) {
+ return 1;
+ }
#ifdef Log_KEYS
fprintf(stderr, "Log_LEVEL = KEYS, EXPECT TO SEE PRIVATE KEYS IN YOUR LOGS!\n");
#endif
diff -up ./contrib/c/makekeys.c.sodium ./contrib/c/makekeys.c
--- ./contrib/c/makekeys.c.sodium 2020-10-05 17:46:19.000000000 -0400
+++ ./contrib/c/makekeys.c 2020-12-16 14:14:51.147783342 -0500
@@ -22,9 +22,13 @@
#include <signal.h>
#include <stdio.h>
+#include <sodium.h>
int main(int argc, char** argv)
{
+ if (sodium_init() == -1) {
+ return 1;
+ }
struct Allocator* alloc = MallocAllocator_new(1<<22);
struct Random* rand = Random_new(alloc, NULL, NULL);
diff -up ./contrib/c/mkpasswd.c.sodium ./contrib/c/mkpasswd.c
--- ./contrib/c/mkpasswd.c.sodium 2020-10-05 17:46:19.000000000 -0400
+++ ./contrib/c/mkpasswd.c 2020-12-16 14:14:51.147783342 -0500
@@ -18,9 +18,13 @@
#include <stdio.h>
#include <unistd.h>
+#include <sodium.h>
int main()
{
+ if (sodium_init() == -1) {
+ return 1;
+ }
struct Allocator* alloc = MallocAllocator_new(1<<22);
struct Random* rand = Random_new(alloc, NULL, NULL);
diff -up ./contrib/c/privatetopublic.c.sodium ./contrib/c/privatetopublic.c
--- ./contrib/c/privatetopublic.c.sodium 2020-10-05 17:46:19.000000000 -0400
+++ ./contrib/c/privatetopublic.c 2020-12-16 14:14:51.147783342 -0500
@@ -23,6 +23,7 @@
#include <stdio.h>
#include <errno.h>
#include <string.h>
+#include <sodium.h>
static int usage(char* appName)
{
@@ -67,6 +68,9 @@ int main(int argc, char** argv)
break;
}
}
+ if (sodium_init() == -1) {
+ return 1;
+ }
Hex_decode(privateKey, 32, privateKeyHexIn, 64);
crypto_scalarmult_curve25519_base(address.key, privateKey);
diff -up ./contrib/c/publictoip6.c.sodium ./contrib/c/publictoip6.c
--- ./contrib/c/publictoip6.c.sodium 2020-10-05 17:46:19.000000000 -0400
+++ ./contrib/c/publictoip6.c 2020-12-16 14:14:51.147783342 -0500
@@ -16,6 +16,7 @@
#include "util/AddrTools.h"
#include "util/CString.h"
#include <stdio.h>
+#include <sodium.h>
static int usage(char* appName)
{
@@ -36,6 +37,9 @@ int main(int argc, char** argv)
uint8_t keyBytes[32];
uint8_t ip6Bytes[16];
String key = { .bytes = argv[1], .len = CString_strlen(argv[1]) };
+ if (sodium_init() == -1) {
+ return 1;
+ }
int ret = Key_parse(&key, keyBytes, ip6Bytes);
switch (ret) {
diff -up ./contrib/c/sybilsim.c.sodium ./contrib/c/sybilsim.c
--- ./contrib/c/sybilsim.c.sodium 2020-10-05 17:46:19.000000000 -0400
+++ ./contrib/c/sybilsim.c 2020-12-16 14:14:51.148783357 -0500
@@ -42,6 +42,7 @@
#include "crypto_scalarmult_curve25519.h"
#include <unistd.h> // isatty()
+#include <sodium.h> // isatty()
struct NodeContext {
struct Sockaddr* boundAddr;
@@ -441,6 +442,9 @@ int main(int argc, char** argv)
if (isatty(STDIN_FILENO)) {
return usage(argv[0]);
}
+ if (sodium_init() == -1) {
+ return 1;
+ }
struct Allocator* alloc = MallocAllocator_new(1LL<<31);
diff -up ./crypto/random/randombytes.c.sodium ./crypto/random/randombytes.c
--- ./crypto/random/randombytes.c.sodium 2020-10-05 17:46:19.000000000 -0400
+++ ./crypto/random/randombytes.c 2020-12-16 14:14:51.148783357 -0500
@@ -17,6 +17,7 @@
#include "memory/MallocAllocator.h"
#include <unistd.h>
+#include <sodium.h>
int main()
{
@@ -29,6 +30,9 @@ int main()
} str;
size_t out = 0;
+ if (sodium_init() == -1) {
+ return 1;
+ }
for (;;) {
Random_bytes(rand, str.buff, 4096);
out = write(STDOUT_FILENO, str.buff, 4096);
diff -up ./node_build/make.js.sodium ./node_build/make.js
--- ./node_build/make.js.sodium 2020-10-05 17:46:19.000000000 -0400
+++ ./node_build/make.js 2020-12-16 14:15:59.646810621 -0500
@@ -251,49 +251,8 @@ Builder.configure({
}).nThen(function (waitFor) {
- builder.config.libs.push(dependencyDir + '/cnacl/jsbuild/libnacl.a');
- builder.config.includeDirs.push(dependencyDir + '/cnacl/jsbuild/include/');
-
- // needed for Sign.c which pulls in crypto_int32.h
- builder.config.includeDirs.push(dependencyDir + '/cnacl/jsbuild/include_internal/');
-
- Fs.exists(dependencyDir + '/cnacl/jsbuild/libnacl.a', waitFor(function (exists) {
- if (exists) { return; }
-
- console.log("Build NaCl");
- var cwd = process.cwd();
- process.chdir(dependencyDir + '/cnacl/');
-
- // $FlowFixMe non-static require
- var NaCl = require(process.cwd() + '/node_build/make.js');
- NaCl.build(function (args, callback) {
- if (builder.config.systemName !== 'win32') {
- args.unshift('-fPIC');
- }
-
- args.unshift(optimizeLevel, '-fomit-frame-pointer');
-
- if (!/^\-O0$/.test(optimizeLevel)) {
- args.unshift('-D_FORTIFY_SOURCE=2');
- }
-
- if (CFLAGS) {
- [].push.apply(args, CFLAGS.split(' '));
- }
-
- if (!builder.config.crossCompiling) {
- if (NO_MARCH_FLAG.indexOf(process.arch) == -1) {
- args.unshift('-march=native');
- }
- }
-
- builder.cc(args, callback);
- },
- builder.config,
- waitFor(function () {
- process.chdir(cwd);
- }));
- }));
+ builder.config.libs.push('-lsodium');
+ builder.config.includeDirs.push('/usr/include/sodium/');
}).nThen(function (waitFor) {
@@ -440,7 +399,7 @@ Builder.configure({
builder.buildExecutable('crypto/random/randombytes.c');
builder.lintFiles(function (fileName, file, callback) {
- if (/dependencies/.test(fileName) || /crypto\/sign/.test(fileName)) {
+ if (/(dependencies|\/usr\/include)/.test(fileName) || /crypto\/sign/.test(fileName)) {
callback('', false);
return;
}
@@ -471,4 +430,4 @@ Builder.configure({
console.log('\x1b[1;31mFailed to build cjdns.\x1b[0m');
process.exit(1);
-});
\ No newline at end of file
+});
diff -up ./test/testcjdroute.c.sodium ./test/testcjdroute.c
--- ./test/testcjdroute.c.sodium 2020-10-05 17:46:19.000000000 -0400
+++ ./test/testcjdroute.c 2020-12-16 14:14:51.148783357 -0500
@@ -26,6 +26,7 @@
#include <stdio.h>
#include <unistd.h>
#include <fcntl.h>
+#include <sodium.h>
#ifdef SUBNODE
#define testcjdroute_SUBNODE 1
@@ -269,6 +270,9 @@ static int main2(int argc, char** argv,
int main(int argc, char** argv)
{
+ if (sodium_init() == -1) {
+ return 1;
+ }
struct Allocator* alloc = MallocAllocator_new(1<<24);
struct RandomSeed* rs = DeterminentRandomSeed_new(alloc, RANDOM_SEED);
struct Random* detRand = Random_newWithSeed(alloc, NULL, rs, NULL);

108
cjdns.spec
View File

@ -4,14 +4,9 @@
# Option to enable SUBNODE mode (WIP)
# Fedora generally runs on systems that easily support a full node
%bcond_with subnode
# Option to use the optimized libnacl embedded with cjdns
# Required since v20 due to use of private cnacl APIs
%bcond_with embedded
# Option to enable CPU specific optimization
# Default to generic for distro builds
%bcond_without generic
# Option to use libsodium instead of nacl (broken since v20, fixed v21)
%bcond_without libsodium
# Option to disable SECCOMP: confusing backward logic
# Needed to run on openvz and other container systems
%bcond_without seccomp
@ -22,12 +17,6 @@
%bcond_with python2
%bcond_without python3
%if %{with embedded}
%global use_embedded 1
%else
%global use_embedded 0
%endif
%if %{with libuv}
%global use_libuv 1
%else
@ -40,18 +29,6 @@
%global generic_build 0
%endif
%if %{with libsodium}
%global use_libsodium 1
%global nacl_name libsodium
%global nacl_version 1.0.14
%global nacl_lib %{_libdir}/libsodium.so
%else
%global use_libsodium 0
%global nacl_name nacl
%global nacl_version 20110221
%global nacl_lib %{_libdir}/libnacl.so
%endif
%global use_systemd 1
%global use_upstart 0
@ -71,11 +48,10 @@
Name: cjdns
# major version is cjdns protocol version:
Version: 21.1
Release: 10%{?dist}
Version: 21.2
Release: 1%{?dist}
Summary: The privacy-friendly network without borders
# cjdns is all GPLv3 except libuv which is MIT and BSD and ISC
# cnacl is unused except when use_embedded is true
License: GPLv3 and MIT and BSD and ISC
URL: http://hyperboria.net/
Source0: https://github.com/cjdelisle/cjdns/archive/%{name}-v%{version}.tar.gz
@ -89,6 +65,8 @@ Source3: https://github.com/kapouer/marked-man/archive/0.7.0.tar.gz#/marked-man-
Source4: python-cjdns-0.2.tar.gz
# Add targeted selinux policy
Patch0: cjdns.selinux.patch
# Add --offline flag to cargo
Patch1: cjdns.rust.patch
# Patch warnings detected by gcc-11
Patch2: cjdns.warnings.patch
# Fix RLIMIT_NPROC - setuid() bug. In its low priv process, cjdroute calls
@ -113,8 +91,6 @@ Patch6: cjdns.dyn.patch
Patch9: cjdns.man.patch
# Patch some bugs in nodejs tools
Patch10: cjdns.tools.patch
# Alternate dynamic library patch to use libsodium
Patch11: cjdns.sodium.patch
# Disable WIP subnode code when SUBNODE not enabled
Patch12: cjdns.sign.patch
# Recognize ppc64, ppc64le, and s390x arches
@ -127,7 +103,6 @@ Patch12: cjdns.sign.patch
#Patch15: cjdns.benc.patch
# Specify python2 for systems that default to python3
#Patch16: cjdns.python3.patch
# s390x support for embedded cnacl library from Dan Horák <dan@danny.cz>
# Included upstream since 20.3
#Patch17: cjdns.s390x.patch
# patch build to use system libuv
@ -145,12 +120,15 @@ BuildRequires: nodejs, pandoc, python3
%endif
# Automated package review hates explicit BR on make, but it *is* needed
BuildRequires: make gcc
BuildRequires: make gcc rust-packaging >= 21
BuildRequires: cargo
BuildRequires: libsodium-devel
BuildRequires: rust-sodiumoxide+default-devel
BuildRequires: rust-anyhow+default-devel
BuildRequires: rust-thiserror+default-devel
BuildRequires: rust-cbindgen+default-devel
BuildRequires: rust-bindgen+default-devel
%if !0%{use_embedded}
# x86_64 and ARM libnacl are not compiled with -fPIC before Fedora release 11.
BuildRequires: %{nacl_name}-devel >= %{nacl_version}
%endif
%if %{use_systemd}
# systemd macros are not defined unless systemd is present
BuildRequires: systemd
@ -168,9 +146,6 @@ BuildRequires: gyp
Provides: bundled(libuv) = 0.11.19
%endif
%if 0%{use_embedded}
Provides: bundled(nacl) = 20110221
%endif
# build system requires nodejs, unfortunately
ExclusiveArch: %{nodejs_arches}
# Seccomp_test is too slow on koji for this arch
@ -261,7 +236,7 @@ Python peer graph tools for cjdns.
%prep
%setup -qn cjdns-%{name}-v%{version}
%patch0 -b .selinux
%patch1 -b .rust
%patch4 -b .genconf
%patch5 -b .sbin
@ -271,32 +246,6 @@ cp %{SOURCE2} contrib/systemd
tar xvfz %{SOURCE3}
%endif
%if 0%{use_embedded}
# disable CPU opt
%else
# use system nacl library if provided.
if test -x %{nacl_lib}; then
%if 0%{use_libsodium}
%patch11 -b .sodium
%else
%patch6 -b .dyn
%endif
rm -rf node_build/dependencies/cnacl
# use static library if system nacl doesn't provide dynamic
elif test -d %{_includedir}/nacl && test -r %{_libdir}/libnacl.a; then
cd node_build/dependencies
rm -rf cnacl
mkdir -p cnacl/jsbuild
ln -s %{_libdir}/libnacl.a cnacl/jsbuild
ln -s %{_includedir}/nacl cnacl/jsbuild/include
cd -
fi
%patch12 -b .sign
cd crypto/sign
sed -i -e'/^#include / s,[<>],",g' crypto*int*.h
cd -
%endif
%patch9 -b .man
%patch10 -b .tools
#patch13 -b .ppc64
@ -317,7 +266,7 @@ sed -i -e '/optimizeLevel:/ s/-O0/-O3/' node_build/make.js
#patch19 -p1 -b .fuzz
#patch20 -p1 -b .sysctl
#patch22 -b .gcc10
%patch2 -b .warn
#patch2 -b .warn
cp %{SOURCE1} README_Fedora.md
@ -343,6 +292,8 @@ rm -rf contrib/nodejs # GPLv3 and ASL 2.0
%endif
rm -rf contrib/http # GPLv2 and MIT
%cargo_prep
cat >cjdns-up.sh <<'EOF'
#!/bin/sh
@ -411,7 +362,18 @@ export Seccomp_NO=1
%if %{with subnode}
export SUBNODE=1
%endif
NO_TEST=1 CJDNS_RELEASE_VERSION="%{name}-%{version}-%{release}" ./do
export CJDNS_RELEASE_VERSION="%{name}-%{version}-%{release}"
%cargo_build
./target/release/testcjdroute all >/dev/null
mv ./target/release/cjdroute ./
mv ./target/release/makekeys ./
mv ./target/release/mkpasswd ./
mv ./target/release/privatetopublic ./
mv ./target/release/publictoip6 ./
mv ./target/release/randombytes ./
mv ./target/release/sybilsim ./
# FIXME: use system libuv on compatible systems
# bundled libuv is 0.11.19 with changes:
@ -721,19 +683,13 @@ fi
%{_bindir}/graphStats
%changelog
* Tue Sep 6 2022 Stuart D. Gathman <stuart@gathman.org> - 21.1-10
* Fri Mar 25 2022 Stuart D. Gathman <stuart@gathman.org> - 21.2-1
- New upstream release
* Fri Mar 25 2022 Stuart D. Gathman <stuart@gathman.org> - 21.1-7
- Log scripts run by cjdns-up
- Very helpful when one gets RTNETLINK answers: File exists running one ...
* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 21.1-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Jun 15 2022 Python Maint <python-maint@redhat.com> - 21.1-8
- Rebuilt for Python 3.11
* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 21.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 21.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild