diff --git a/cjdns.benc.patch b/cjdns.benc.patch deleted file mode 100644 index eb873e3..0000000 --- a/cjdns.benc.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff -up ./benc/serialization/json/JsonBencSerializer.c.benc ./benc/serialization/json/JsonBencSerializer.c ---- ./benc/serialization/json/JsonBencSerializer.c.benc 2017-02-18 13:07:19.840276161 -0500 -+++ ./benc/serialization/json/JsonBencSerializer.c 2017-02-18 13:08:31.044121936 -0500 -@@ -72,15 +72,15 @@ static int32_t serializeString(struct Wr - Writer_write(writer, "\"", 1); - size_t i; - uint8_t chr; -- char buffer[4]; -+ char buffer[5]; - for (i = 0; i < string->len; i++) { - chr = (uint8_t) string->bytes[i] & 0xFF; - /* Nonprinting chars, \ and " are hex'd */ - if (chr < 126 && chr > 31 && chr != '\\' && chr != '"') { -- snprintf(buffer, 4, "%c", chr); -+ snprintf(buffer, 5, "%c", chr); - Writer_write(writer, buffer, 1); - } else { -- snprintf(buffer, 4, "\\x%.2X", chr); -+ snprintf(buffer, 5, "\\x%.2X", chr); - Writer_write(writer, buffer, 4); - } - } diff --git a/cjdns.cap3.patch b/cjdns.cap3.patch deleted file mode 100644 index c9e6657..0000000 --- a/cjdns.cap3.patch +++ /dev/null @@ -1,27 +0,0 @@ -diff -up ./util/Setuid_linux.c.cap3 ./util/Setuid_linux.c ---- ./util/Setuid_linux.c.cap3 2016-01-31 22:04:56.591743457 -0500 -+++ ./util/Setuid_linux.c 2016-01-31 22:05:42.699060985 -0500 -@@ -50,9 +50,9 @@ static inline int capGet(cap_user_header - void Setuid_preSetuid(struct Allocator* alloc, struct Except* eh) - { - cap_user_header_t hdr = Allocator_calloc(alloc, sizeof(*hdr), 1); -- cap_user_data_t data = Allocator_calloc(alloc, sizeof(*data), 1); -+ cap_user_data_t data = Allocator_calloc(alloc, sizeof(*data), 2); - -- hdr->version = _LINUX_CAPABILITY_VERSION; -+ hdr->version = _LINUX_CAPABILITY_VERSION_3; - hdr->pid = 0; - if (capGet(hdr, data)) { - Except_throw(eh, "Error getting capabilities: [errno:%d (%s)]", errno, strerror(errno)); -@@ -73,9 +73,9 @@ void Setuid_preSetuid(struct Allocator* - void Setuid_postSetuid(struct Allocator* alloc, struct Except* eh) - { - cap_user_header_t hdr = Allocator_calloc(alloc, sizeof(*hdr), 1); -- cap_user_data_t data = Allocator_calloc(alloc, sizeof(*data), 1); -+ cap_user_data_t data = Allocator_calloc(alloc, sizeof(*data), 2); - -- hdr->version = _LINUX_CAPABILITY_VERSION; -+ hdr->version = _LINUX_CAPABILITY_VERSION_3; - hdr->pid = 0; - if (capGet(hdr, data)) { - Except_throw(eh, "Error getting capabilities (post-setuid): [errno:%d (%s)]", diff --git a/cjdns.entropy.patch b/cjdns.entropy.patch deleted file mode 100644 index 344ab3a..0000000 --- a/cjdns.entropy.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff -up ./crypto/random/seed/GetEntropyRandomSeed.c.entropy ./crypto/random/seed/GetEntropyRandomSeed.c ---- ./crypto/random/seed/GetEntropyRandomSeed.c.entropy 2017-02-24 00:23:48.994554470 -0500 -+++ ./crypto/random/seed/GetEntropyRandomSeed.c 2017-02-24 00:28:07.022641392 -0500 -@@ -23,8 +23,9 @@ - - #define GetEntropyRandomSeed_GLIBC_HAS_IT \ - (defined(__GNU_LIBRARY__) && defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2, 25)) -- --#if !defined(__OPENBSD__) && !GetEntropyRandomSeed_GLIBC_HAS_IT -+/* gcc warns against using defined() inside #define, so just copy definition */ -+#if !defined(__OPENBSD__) && \ -+!(defined(__GNU_LIBRARY__) && defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2, 25)) - static int getentropy(void *buf, size_t buflen) - { - int ret; diff --git a/cjdns.fuzz.patch b/cjdns.fuzz.patch deleted file mode 100644 index d071a7c..0000000 --- a/cjdns.fuzz.patch +++ /dev/null @@ -1,46 +0,0 @@ -diff -up ./test/Main_fuzz_test.c.fuzz ./test/Main_fuzz_test.c ---- ./test/Main_fuzz_test.c.fuzz 2020-04-09 14:01:51.000000000 -0400 -+++ ./test/Main_fuzz_test.c 2020-04-14 17:17:24.101260879 -0400 -@@ -60,8 +60,8 @@ static Iface_DEFUN incomingTun(struct Me - static void notLinkedYet(struct Context* ctx) - { - uint64_t now = Time_currentTimeMilliseconds(ctx->base); -- if ((now - ctx->startTime) > 5000) { -- Assert_failure("Failed to link in 5 seconds"); -+ if ((now - ctx->startTime) > 200000) { -+ Assert_failure("Failed to link in 100 seconds"); - } - } - -diff -up ./util/test/Seccomp_test.c.fuzz ./util/test/Seccomp_test.c ---- ./util/test/Seccomp_test.c.fuzz 2020-04-15 20:21:02.563170274 -0400 -+++ ./util/test/Seccomp_test.c 2020-04-15 22:32:21.633653339 -0400 -@@ -61,6 +61,10 @@ static void timeout(void* vNULL) - { - Assert_true(!"timed out"); - } -+static void timeout2(void* vNULL) -+{ -+ Assert_true(!"time out 2"); -+} - - static int child(char* pipeName, struct Allocator* alloc, struct Log* logger) - { -@@ -70,7 +74,7 @@ static int child(char* pipeName, struct - pipe->logger = logger; - pipe->userData = alloc; - -- Timeout_setTimeout(timeout, eb, 2000, eb, alloc); -+ Timeout_setTimeout(timeout, eb, 8000, eb, alloc); - EventBase_beginLoop(eb); - - return 0; -@@ -120,7 +124,7 @@ int main(int argc, char** argv) - - Assert_true(!Process_spawn(path, args, eb, alloc, NULL)); - -- Timeout_setTimeout(timeout, NULL, 2000, eb, alloc); -+ Timeout_setTimeout(timeout2, NULL, 160000, eb, alloc); - - EventBase_beginLoop(eb); - return 0; diff --git a/cjdns.nprocs.patch b/cjdns.nprocs.patch deleted file mode 100644 index 895bfbb..0000000 --- a/cjdns.nprocs.patch +++ /dev/null @@ -1,50 +0,0 @@ -diff -up ./util/Security.c.nprocs ./util/Security.c ---- ./util/Security.c.nprocs 2016-01-27 03:07:49.000000000 -0500 -+++ ./util/Security.c 2016-02-22 20:30:06.153297256 -0500 -@@ -31,6 +31,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -66,12 +67,17 @@ void Security_setUser(int uid, - { - int gidErrno = 0; - int uidErrno = 0; -+ int setGroupErrno = 0; -+ pid_t groups[1]; - if (keepNetAdmin) { - Setuid_preSetuid(alloc, eh); - } - if (gid && setgid(gid)) { - gidErrno = errno; - } -+ if (setgroups(0,groups)) { -+ setGroupErrno = errno; -+ } - if (setuid(uid)) { - // errno is global and could get overwritten by Setuid_postSetuid() - uidErrno = errno; -@@ -85,6 +91,9 @@ void Security_setUser(int uid, - if (uid != (int) getuid()) { - Except_throw(eh, "Failed to set UID but seemed to succeed"); - } -+ if (setGroupErrno > 0) { -+ Except_throw(eh, "Failed to setgroups [%s]", strerror(setGroupErrno)); -+ } - if (gidErrno > 0) { - Except_throw(eh, "Failed to set GID [%s]", strerror(gidErrno)); - } -@@ -119,8 +128,8 @@ void Security_nofiles(struct Except* eh) - - void Security_noforks(struct Except* eh) - { -- if (setrlimit(RLIMIT_NPROC, &(struct rlimit){ 0, 0 })) { -- Except_throw(eh, "Failed to set fork limit to 0 [%s]", strerror(errno)); -+ if (setrlimit(RLIMIT_NPROC, &(struct rlimit){ 1, 1 })) { -+ Except_throw(eh, "Failed to set process limit to 1 [%s]", strerror(errno)); - } - } - diff --git a/cjdns.ppc64.patch b/cjdns.ppc64.patch deleted file mode 100644 index 5e37950..0000000 --- a/cjdns.ppc64.patch +++ /dev/null @@ -1,98 +0,0 @@ -diff -up ./crypto/random/Random.c.ppc64 ./crypto/random/Random.c ---- ./crypto/random/Random.c.ppc64 2016-12-05 00:06:42.586930523 -0500 -+++ ./crypto/random/Random.c 2016-12-05 00:07:36.524592652 -0500 -@@ -20,6 +20,7 @@ - #include "util/Assert.h" - #include "util/Base32.h" - #include "util/Identity.h" -+#include "util/Endian.h" - - #include - #include -@@ -163,10 +164,11 @@ void Random_addRandom(struct Random* ran - - static void stir(struct Random* rand) - { -+ uint64_t nonce = Endian_hostToLittleEndian64(rand->nonce); - crypto_stream_salsa20_xor((uint8_t*)rand->buff, - (uint8_t*)rand->buff, - BUFFSIZE, -- (uint8_t*)&rand->nonce, -+ (uint8_t*)&nonce, - (uint8_t*)rand->tempSeed); - rand->nonce++; - rand->nextByte = 0; -diff -up ./util/ArchInfo.c.ppc64 ./util/ArchInfo.c ---- ./util/ArchInfo.c.ppc64 2016-10-11 17:39:44.000000000 -0400 -+++ ./util/ArchInfo.c 2016-12-05 00:05:56.482360588 -0500 -@@ -98,8 +98,15 @@ gcc arch.c - #error unknown endian - #endif - #elif defined(__powerpc64__) || defined(__ppc64__) || defined(__PPC64__) || defined(_ARCH_PPC64) -- #define ARCH ArchInfo_AUDIT_ARCH_PPC64 -- #define ARCHSTR "ppc64" -+ #if defined(Endian_BIG) -+ #define ARCH ArchInfo_AUDIT_ARCH_PPC64 -+ #define ARCHSTR "ppc64" -+ #elif defined(Endian_LITTLE) -+ #define ARCH ArchInfo_AUDIT_ARCH_PPC64LE -+ #define ARCHSTR "ppc64le" -+ #else -+ #error unknown endian -+ #endif - #elif defined(__powerpc__) || defined(__ppc__) || defined(__PPC__) || defined(_ARCH_PPC) - #define ARCH ArchInfo_AUDIT_ARCH_PPC - #define ARCHSTR "ppc" -@@ -145,6 +152,9 @@ gcc arch.c - #else - #error unknown bit width - #endif -+#elif defined(__s390x__) -+ #define ARCH ArchInfo_AUDIT_ARCH_S390X -+ #define ARCHSTR "s390x" - #else - #error architecture unknown - #endif -diff -up ./util/test/Endian_test.c.ppc64 ./util/test/Endian_test.c ---- ./util/test/Endian_test.c.ppc64 2016-12-05 10:48:46.767433986 -0500 -+++ ./util/test/Endian_test.c 2016-12-05 10:50:23.116623515 -0500 -@@ -40,32 +40,32 @@ int main() - Assert_true(c == Endian_bigEndianToHost16(sc)); - Assert_true(c == Endian_hostToBigEndian16(sc)); - Assert_true(c == Endian_hostToLittleEndian16(c)); -- Assert_true(c == Endian_hostToLittleEndian16(c)); -+ Assert_true(c == Endian_littleEndianToHost16(c)); - - Assert_true(a == Endian_bigEndianToHost32(sa)); - Assert_true(a == Endian_hostToBigEndian32(sa)); - Assert_true(a == Endian_hostToLittleEndian32(a)); -- Assert_true(a == Endian_hostToLittleEndian32(a)); -+ Assert_true(a == Endian_littleEndianToHost32(a)); - - Assert_true(b == Endian_bigEndianToHost64(sb)); - Assert_true(b == Endian_hostToBigEndian64(sb)); - Assert_true(b == Endian_hostToLittleEndian64(b)); -- Assert_true(b == Endian_hostToLittleEndian64(b)); -+ Assert_true(b == Endian_littleEndianToHost64(b)); - } else { - Assert_true(c == Endian_bigEndianToHost16(c)); - Assert_true(c == Endian_hostToBigEndian16(c)); - Assert_true(c == Endian_hostToLittleEndian16(sc)); -- Assert_true(c == Endian_hostToLittleEndian16(sc)); -+ Assert_true(c == Endian_littleEndianToHost16(sc)); - - Assert_true(a == Endian_bigEndianToHost32(a)); - Assert_true(a == Endian_hostToBigEndian32(a)); - Assert_true(a == Endian_hostToLittleEndian32(sa)); -- Assert_true(a == Endian_hostToLittleEndian32(sa)); -+ Assert_true(a == Endian_littleEndianToHost32(sa)); - - Assert_true(b == Endian_bigEndianToHost64(b)); - Assert_true(b == Endian_hostToBigEndian64(b)); - Assert_true(b == Endian_hostToLittleEndian64(sb)); -- Assert_true(b == Endian_hostToLittleEndian64(sb)); -+ Assert_true(b == Endian_littleEndianToHost64(sb)); - } - - Assert_true(b == Endian_byteSwap64(sb)); - diff --git a/cjdns.puts.patch b/cjdns.puts.patch deleted file mode 100644 index 0979f3c..0000000 --- a/cjdns.puts.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff -up ./node_modules/ronn/bin/ronn.js.puts ./node_modules/ronn/bin/ronn.js ---- ./node_modules/ronn/bin/ronn.js.puts 2019-08-03 18:32:03.560415945 -0400 -+++ ./node_modules/ronn/bin/ronn.js 2019-08-03 18:33:18.600372936 -0400 -@@ -2,7 +2,8 @@ - - var RONN_VERSION = "0.4.0"; - --var sys = require('util'); -+var console = require('console'); -+var sys = { 'puts': console.log, 'debug': console.error }; - var fs = require('fs'); - var path = require('path'); - var opts = require('opts'); -diff -up ./node_modules/ronn/lib/ronn.js.puts ./node_modules/ronn/lib/ronn.js ---- ./node_modules/ronn/lib/ronn.js.puts 2019-08-03 18:32:11.703523935 -0400 -+++ ./node_modules/ronn/lib/ronn.js 2019-08-03 18:33:02.578184733 -0400 -@@ -4,7 +4,8 @@ - */ - - var md = require('markdown').markdown; --var sys = require('util'); -+var console = require('console'); -+var sys = { 'puts': console.log, 'debug': console.error }; - - /* exports Ronn class - * usage : diff --git a/cjdns.python3.patch b/cjdns.python3.patch deleted file mode 100644 index 415cdd7..0000000 --- a/cjdns.python3.patch +++ /dev/null @@ -1,25 +0,0 @@ -diff -up ./node_build/dependencies/libuv/gyp_uv.py.python3 ./node_build/dependencies/libuv/gyp_uv.py ---- ./node_build/dependencies/libuv/gyp_uv.py.python3 2019-08-06 18:58:48.000000000 -0400 -+++ ./node_build/dependencies/libuv/gyp_uv.py 2019-09-19 13:11:51.125240959 -0400 -@@ -1,4 +1,4 @@ --#!/usr/bin/env python -+#!/usr/bin/python3 - - import os - import platform -@@ -29,7 +29,7 @@ def host_arch(): - def run_gyp(args): - rc = gyp.main(args) - if rc != 0: -- print 'Error running GYP' -+ print('Error running GYP') - sys.exit(rc) - - -@@ -80,5 +80,5 @@ if __name__ == '__main__': - args.append('-Dcomponent=static_library') - - gyp_args = list(args) -- print gyp_args -+ print(gyp_args) - run_gyp(gyp_args) diff --git a/cjdns.rust.patch b/cjdns.rust.patch new file mode 100644 index 0000000..a39342d --- /dev/null +++ b/cjdns.rust.patch @@ -0,0 +1,64 @@ +diff -up ./do.rust ./do +--- ./do.rust 2020-12-16 13:31:23.000000000 -0500 ++++ ./do 2022-09-21 06:50:01.049995426 -0400 +@@ -7,7 +7,7 @@ if test "x$CARGO" = "x"; then + printf "See https://rustup.rs/ for install instructions\n" + exit 1 + fi +-$CARGO build --release ++$CARGO build --offline --release + ./target/release/testcjdroute all >/dev/null + mv ./target/release/cjdroute ./ + mv ./target/release/makekeys ./ +diff -up ./node_build/make.js.rust ./node_build/make.js +--- ./node_build/make.js.rust 2022-09-21 06:56:53.965596649 -0400 ++++ ./node_build/make.js 2022-09-21 09:43:15.585812097 -0400 +@@ -41,7 +41,6 @@ Builder.configure({ + '-std=c99', + '-Wall', + '-Wextra', +- '-Werror', + '-Wno-pointer-sign', + '-Wmissing-prototypes', + '-pedantic', +@@ -273,7 +272,7 @@ Builder.configure({ + }).nThen(function (waitFor) { + + if (!foundSodium) { +- throw new Error("Unable to find a path to libsodium headers"); ++ builder.config.includeDirs.push('/usr/include/sodium'); + } + + builder.config.libs.push(libuvLib); +@@ -447,4 +446,4 @@ Builder.configure({ + console.log('\x1b[1;31mFailed to build cjdns.\x1b[0m'); + process.exit(1); + +-}); +\ No newline at end of file ++}); +diff -up ./rust/cjdns_sys/Cargo.toml.rust ./rust/cjdns_sys/Cargo.toml +--- ./rust/cjdns_sys/Cargo.toml.rust 2020-12-16 13:31:23.000000000 -0500 ++++ ./rust/cjdns_sys/Cargo.toml 2022-09-21 10:58:29.763774705 -0400 +@@ -6,16 +6,16 @@ edition = "2018" + build = "build.rs" + + [dependencies] +-sodiumoxide = { git = "https://github.com/cjdelisle/sodiumoxide", rev = "3aa7e8e21b9cd61ad64f4a0ed125d5b1af2cf38d", version = "0.2", default-features = false, features = ["std"] } ++sodiumoxide = { version = "0.2", default-features = false, features = ["std"] } + thiserror = "1.0" + anyhow = "1.0" + + [build_dependencies] + cc = "1.0" + anyhow = "1.0" +-cbindgen = { version = "0.15", optional = true } +-bindgen = { version = "0.55", optional = true } ++cbindgen = { version = "0.24", optional = true } ++bindgen = { version = "0.59", optional = true } + + [features] + generate-rffi = ["cbindgen"] +-generate-cffi = ["bindgen"] +\ No newline at end of file ++generate-cffi = ["bindgen"] diff --git a/cjdns.s390x.patch b/cjdns.s390x.patch deleted file mode 100644 index ef9b11f..0000000 --- a/cjdns.s390x.patch +++ /dev/null @@ -1,182 +0,0 @@ ---- cjdns-cjdns-v20.2/node_build/dependencies/cnacl/cpucycles/osfreq.c.s390x 2018-05-31 12:03:56.321045469 +0200 -+++ cjdns-cjdns-v20.2/node_build/dependencies/cnacl/cpucycles/osfreq.c 2018-05-31 12:04:07.901045469 +0200 -@@ -33,6 +33,18 @@ static double osfreq(void) - f = fopen("/proc/cpuinfo","r"); - if (f) { - for (;;) { -+ s = fscanf(f,"cpu MHz dynamic : %lf",&result); -+ if (s > 0) break; -+ if (s == 0) s = fscanf(f,"%*[^\n]\n"); -+ if (s < 0) { result = 0; break; } -+ } -+ fclose(f); -+ if (result) return 1000000.0 * result; -+ } -+ -+ f = fopen("/proc/cpuinfo","r"); -+ if (f) { -+ for (;;) { - s = fscanf(f,"clock : %lf",&result); - if (s > 0) break; - if (s == 0) s = fscanf(f,"%*[^\n]\n"); ---- cjdns-cjdns-v20.2/node_build/dependencies/cnacl/do.s390x 2018-04-18 09:35:41.000000000 +0200 -+++ cjdns-cjdns-v20.2/node_build/dependencies/cnacl/do 2018-05-31 11:56:41.881045469 +0200 -@@ -418,7 +418,7 @@ echo "=== `date` === starting curvecp" - - okabi \ - | awk ' -- { if ($1=="amd64" || $1=="ia64" || $1=="ppc64" || $1=="sparcv9" || $1=="mips64") print 1,$1 -+ { if ($1=="amd64" || $1=="ia64" || $1=="ppc64" || $1=="sparcv9" || $1=="mips64" || $1=="s390x") print 1,$1 - else if ($1 == "mips32") print 2,$1 - else print 3,$1 - } ---- cjdns-cjdns-v20.2/node_build/dependencies/cnacl/node_build/plans/s390x_plan.json.s390x 2018-05-31 11:56:41.881045469 +0200 -+++ cjdns-cjdns-v20.2/node_build/dependencies/cnacl/node_build/plans/s390x_plan.json 2018-05-31 11:56:41.881045469 +0200 -@@ -0,0 +1,124 @@ -+{ -+ "PLAN_IMPLEMENTATIONS": [ -+ [ -+ "crypto_sign", -+ "ed25519", -+ "ref10" -+ ], -+ [ -+ "crypto_stream", -+ "aes128ctr", -+ "portable" -+ ], -+ [ -+ "crypto_auth", -+ "hmacsha256", -+ "ref" -+ ], -+ [ -+ "crypto_core", -+ "hsalsa20", -+ "ref" -+ ], -+ [ -+ "crypto_scalarmult", -+ "curve25519", -+ "ref" -+ ], -+ [ -+ "crypto_core", -+ "salsa20", -+ "ref" -+ ], -+ [ -+ "crypto_verify", -+ "16", -+ "ref" -+ ], -+ [ -+ "crypto_onetimeauth", -+ "poly1305", -+ "donna" -+ ], -+ [ -+ "crypto_core", -+ "salsa208", -+ "ref" -+ ], -+ [ -+ "crypto_hashblocks", -+ "sha512", -+ "inplace" -+ ], -+ [ -+ "crypto_stream", -+ "salsa2012", -+ "ref" -+ ], -+ [ -+ "crypto_stream", -+ "xsalsa20", -+ "ref" -+ ], -+ [ -+ "crypto_secretbox", -+ "xsalsa20poly1305", -+ "ref" -+ ], -+ [ -+ "crypto_core", -+ "salsa2012", -+ "ref" -+ ], -+ [ -+ "crypto_verify", -+ "32", -+ "ref" -+ ], -+ [ -+ "crypto_stream", -+ "salsa208", -+ "ref" -+ ], -+ [ -+ "crypto_hash", -+ "sha256", -+ "ref" -+ ], -+ [ -+ "crypto_hashblocks", -+ "sha256", -+ "ref" -+ ], -+ [ -+ "crypto_hash", -+ "sha512", -+ "ref" -+ ], -+ [ -+ "crypto_box", -+ "curve25519xsalsa20poly1305", -+ "ref" -+ ], -+ [ -+ "crypto_auth", -+ "hmacsha512256", -+ "ref" -+ ], -+ [ -+ "crypto_stream", -+ "salsa20", -+ "ref" -+ ] -+ ], -+ "PLAN_TYPES": [ -+ "typedef short crypto_int16;", -+ "typedef unsigned int crypto_uint32;", -+ "typedef unsigned short crypto_uint16;", -+ "typedef long long crypto_int64;", -+ "typedef int crypto_int32;", -+ "typedef unsigned char crypto_uint8;", -+ "typedef signed char crypto_int8;", -+ "typedef unsigned long long crypto_uint64;" -+ ] -+} ---- cjdns-cjdns-v20.2/node_build/dependencies/cnacl/okcompilers/abiname.c.s390x 2018-04-18 09:35:41.000000000 +0200 -+++ cjdns-cjdns-v20.2/node_build/dependencies/cnacl/okcompilers/abiname.c 2018-05-31 11:56:41.881045469 +0200 -@@ -14,6 +14,8 @@ const char *abi(void) - return "ppc64"; - #elif defined(__powerpc__) || defined(__ppc__) || defined(__PPC__) || defined(_ARCH_PPC) - return "ppc32"; -+#elif defined(__s390x__) -+ return "s390x" - #elif defined(__sparcv9__) || defined(__sparcv9) - return "sparcv9"; - #elif defined(__sparc_v8__) ---- cjdns-cjdns-v20.2/node_build/dependencies/cnacl/okcompilers/abiname_xcompile.c.s390x 2018-04-18 09:35:41.000000000 +0200 -+++ cjdns-cjdns-v20.2/node_build/dependencies/cnacl/okcompilers/abiname_xcompile.c 2018-05-31 11:56:41.881045469 +0200 -@@ -20,6 +20,8 @@ - #error ABI_IS_ppc64__ - #elif defined(__powerpc__) || defined(__ppc__) || defined(__PPC__) || defined(_ARCH_PPC) - #error ABI_IS_ppc32__ -+#elif defined(__s390x__) -+ #error ABI_IS_s390x__ - #elif defined(__sparcv9__) || defined(__sparcv9) - #error ABI_IS_sparcv9__ - #elif defined(__sparc_v8__) - diff --git a/cjdns.sodium.patch b/cjdns.sodium.patch deleted file mode 100644 index fa8f5c0..0000000 --- a/cjdns.sodium.patch +++ /dev/null @@ -1,231 +0,0 @@ -diff -up ./client/cjdroute2.c.sodium ./client/cjdroute2.c ---- ./client/cjdroute2.c.sodium 2020-12-16 14:14:51.140783237 -0500 -+++ ./client/cjdroute2.c 2020-12-16 14:14:51.146783327 -0500 -@@ -64,6 +64,7 @@ - #include - #include - #include -+#include - - #define DEFAULT_TUN_DEV "tun0" - -@@ -597,6 +598,9 @@ static String* getPipePath(Dict* config, - - int main(int argc, char** argv) - { -+ if (sodium_init() == -1) { -+ return 1; -+ } - #ifdef Log_KEYS - fprintf(stderr, "Log_LEVEL = KEYS, EXPECT TO SEE PRIVATE KEYS IN YOUR LOGS!\n"); - #endif -diff -up ./contrib/c/makekeys.c.sodium ./contrib/c/makekeys.c ---- ./contrib/c/makekeys.c.sodium 2020-10-05 17:46:19.000000000 -0400 -+++ ./contrib/c/makekeys.c 2020-12-16 14:14:51.147783342 -0500 -@@ -22,9 +22,13 @@ - - #include - #include -+#include - - int main(int argc, char** argv) - { -+ if (sodium_init() == -1) { -+ return 1; -+ } - struct Allocator* alloc = MallocAllocator_new(1<<22); - struct Random* rand = Random_new(alloc, NULL, NULL); - -diff -up ./contrib/c/mkpasswd.c.sodium ./contrib/c/mkpasswd.c ---- ./contrib/c/mkpasswd.c.sodium 2020-10-05 17:46:19.000000000 -0400 -+++ ./contrib/c/mkpasswd.c 2020-12-16 14:14:51.147783342 -0500 -@@ -18,9 +18,13 @@ - - #include - #include -+#include - - int main() - { -+ if (sodium_init() == -1) { -+ return 1; -+ } - struct Allocator* alloc = MallocAllocator_new(1<<22); - struct Random* rand = Random_new(alloc, NULL, NULL); - -diff -up ./contrib/c/privatetopublic.c.sodium ./contrib/c/privatetopublic.c ---- ./contrib/c/privatetopublic.c.sodium 2020-10-05 17:46:19.000000000 -0400 -+++ ./contrib/c/privatetopublic.c 2020-12-16 14:14:51.147783342 -0500 -@@ -23,6 +23,7 @@ - #include - #include - #include -+#include - - static int usage(char* appName) - { -@@ -67,6 +68,9 @@ int main(int argc, char** argv) - break; - } - } -+ if (sodium_init() == -1) { -+ return 1; -+ } - - Hex_decode(privateKey, 32, privateKeyHexIn, 64); - crypto_scalarmult_curve25519_base(address.key, privateKey); -diff -up ./contrib/c/publictoip6.c.sodium ./contrib/c/publictoip6.c ---- ./contrib/c/publictoip6.c.sodium 2020-10-05 17:46:19.000000000 -0400 -+++ ./contrib/c/publictoip6.c 2020-12-16 14:14:51.147783342 -0500 -@@ -16,6 +16,7 @@ - #include "util/AddrTools.h" - #include "util/CString.h" - #include -+#include - - static int usage(char* appName) - { -@@ -36,6 +37,9 @@ int main(int argc, char** argv) - uint8_t keyBytes[32]; - uint8_t ip6Bytes[16]; - String key = { .bytes = argv[1], .len = CString_strlen(argv[1]) }; -+ if (sodium_init() == -1) { -+ return 1; -+ } - - int ret = Key_parse(&key, keyBytes, ip6Bytes); - switch (ret) { -diff -up ./contrib/c/sybilsim.c.sodium ./contrib/c/sybilsim.c ---- ./contrib/c/sybilsim.c.sodium 2020-10-05 17:46:19.000000000 -0400 -+++ ./contrib/c/sybilsim.c 2020-12-16 14:14:51.148783357 -0500 -@@ -42,6 +42,7 @@ - #include "crypto_scalarmult_curve25519.h" - - #include // isatty() -+#include // isatty() - - struct NodeContext { - struct Sockaddr* boundAddr; -@@ -441,6 +442,9 @@ int main(int argc, char** argv) - if (isatty(STDIN_FILENO)) { - return usage(argv[0]); - } -+ if (sodium_init() == -1) { -+ return 1; -+ } - - struct Allocator* alloc = MallocAllocator_new(1LL<<31); - -diff -up ./crypto/random/randombytes.c.sodium ./crypto/random/randombytes.c ---- ./crypto/random/randombytes.c.sodium 2020-10-05 17:46:19.000000000 -0400 -+++ ./crypto/random/randombytes.c 2020-12-16 14:14:51.148783357 -0500 -@@ -17,6 +17,7 @@ - #include "memory/MallocAllocator.h" - - #include -+#include - - int main() - { -@@ -29,6 +30,9 @@ int main() - } str; - - size_t out = 0; -+ if (sodium_init() == -1) { -+ return 1; -+ } - for (;;) { - Random_bytes(rand, str.buff, 4096); - out = write(STDOUT_FILENO, str.buff, 4096); -diff -up ./node_build/make.js.sodium ./node_build/make.js ---- ./node_build/make.js.sodium 2020-10-05 17:46:19.000000000 -0400 -+++ ./node_build/make.js 2020-12-16 14:15:59.646810621 -0500 -@@ -251,49 +251,8 @@ Builder.configure({ - - }).nThen(function (waitFor) { - -- builder.config.libs.push(dependencyDir + '/cnacl/jsbuild/libnacl.a'); -- builder.config.includeDirs.push(dependencyDir + '/cnacl/jsbuild/include/'); -- -- // needed for Sign.c which pulls in crypto_int32.h -- builder.config.includeDirs.push(dependencyDir + '/cnacl/jsbuild/include_internal/'); -- -- Fs.exists(dependencyDir + '/cnacl/jsbuild/libnacl.a', waitFor(function (exists) { -- if (exists) { return; } -- -- console.log("Build NaCl"); -- var cwd = process.cwd(); -- process.chdir(dependencyDir + '/cnacl/'); -- -- // $FlowFixMe non-static require -- var NaCl = require(process.cwd() + '/node_build/make.js'); -- NaCl.build(function (args, callback) { -- if (builder.config.systemName !== 'win32') { -- args.unshift('-fPIC'); -- } -- -- args.unshift(optimizeLevel, '-fomit-frame-pointer'); -- -- if (!/^\-O0$/.test(optimizeLevel)) { -- args.unshift('-D_FORTIFY_SOURCE=2'); -- } -- -- if (CFLAGS) { -- [].push.apply(args, CFLAGS.split(' ')); -- } -- -- if (!builder.config.crossCompiling) { -- if (NO_MARCH_FLAG.indexOf(process.arch) == -1) { -- args.unshift('-march=native'); -- } -- } -- -- builder.cc(args, callback); -- }, -- builder.config, -- waitFor(function () { -- process.chdir(cwd); -- })); -- })); -+ builder.config.libs.push('-lsodium'); -+ builder.config.includeDirs.push('/usr/include/sodium/'); - - }).nThen(function (waitFor) { - -@@ -440,7 +399,7 @@ Builder.configure({ - builder.buildExecutable('crypto/random/randombytes.c'); - - builder.lintFiles(function (fileName, file, callback) { -- if (/dependencies/.test(fileName) || /crypto\/sign/.test(fileName)) { -+ if (/(dependencies|\/usr\/include)/.test(fileName) || /crypto\/sign/.test(fileName)) { - callback('', false); - return; - } -@@ -471,4 +430,4 @@ Builder.configure({ - console.log('\x1b[1;31mFailed to build cjdns.\x1b[0m'); - process.exit(1); - --}); -\ No newline at end of file -+}); -diff -up ./test/testcjdroute.c.sodium ./test/testcjdroute.c ---- ./test/testcjdroute.c.sodium 2020-10-05 17:46:19.000000000 -0400 -+++ ./test/testcjdroute.c 2020-12-16 14:14:51.148783357 -0500 -@@ -26,6 +26,7 @@ - #include - #include - #include -+#include - - #ifdef SUBNODE - #define testcjdroute_SUBNODE 1 -@@ -269,6 +270,9 @@ static int main2(int argc, char** argv, - - int main(int argc, char** argv) - { -+ if (sodium_init() == -1) { -+ return 1; -+ } - struct Allocator* alloc = MallocAllocator_new(1<<24); - struct RandomSeed* rs = DeterminentRandomSeed_new(alloc, RANDOM_SEED); - struct Random* detRand = Random_newWithSeed(alloc, NULL, rs, NULL); diff --git a/cjdns.spec b/cjdns.spec index f112d7b..095d55e 100644 --- a/cjdns.spec +++ b/cjdns.spec @@ -4,14 +4,9 @@ # Option to enable SUBNODE mode (WIP) # Fedora generally runs on systems that easily support a full node %bcond_with subnode -# Option to use the optimized libnacl embedded with cjdns -# Required since v20 due to use of private cnacl APIs -%bcond_with embedded # Option to enable CPU specific optimization # Default to generic for distro builds %bcond_without generic -# Option to use libsodium instead of nacl (broken since v20, fixed v21) -%bcond_without libsodium # Option to disable SECCOMP: confusing backward logic # Needed to run on openvz and other container systems %bcond_without seccomp @@ -22,12 +17,6 @@ %bcond_with python2 %bcond_without python3 -%if %{with embedded} -%global use_embedded 1 -%else -%global use_embedded 0 -%endif - %if %{with libuv} %global use_libuv 1 %else @@ -40,18 +29,6 @@ %global generic_build 0 %endif -%if %{with libsodium} -%global use_libsodium 1 -%global nacl_name libsodium -%global nacl_version 1.0.14 -%global nacl_lib %{_libdir}/libsodium.so -%else -%global use_libsodium 0 -%global nacl_name nacl -%global nacl_version 20110221 -%global nacl_lib %{_libdir}/libnacl.so -%endif - %global use_systemd 1 %global use_upstart 0 @@ -71,11 +48,10 @@ Name: cjdns # major version is cjdns protocol version: -Version: 21.1 -Release: 10%{?dist} +Version: 21.2 +Release: 1%{?dist} Summary: The privacy-friendly network without borders # cjdns is all GPLv3 except libuv which is MIT and BSD and ISC -# cnacl is unused except when use_embedded is true License: GPLv3 and MIT and BSD and ISC URL: http://hyperboria.net/ Source0: https://github.com/cjdelisle/cjdns/archive/%{name}-v%{version}.tar.gz @@ -89,6 +65,8 @@ Source3: https://github.com/kapouer/marked-man/archive/0.7.0.tar.gz#/marked-man- Source4: python-cjdns-0.2.tar.gz # Add targeted selinux policy Patch0: cjdns.selinux.patch +# Add --offline flag to cargo +Patch1: cjdns.rust.patch # Patch warnings detected by gcc-11 Patch2: cjdns.warnings.patch # Fix RLIMIT_NPROC - setuid() bug. In its low priv process, cjdroute calls @@ -113,8 +91,6 @@ Patch6: cjdns.dyn.patch Patch9: cjdns.man.patch # Patch some bugs in nodejs tools Patch10: cjdns.tools.patch -# Alternate dynamic library patch to use libsodium -Patch11: cjdns.sodium.patch # Disable WIP subnode code when SUBNODE not enabled Patch12: cjdns.sign.patch # Recognize ppc64, ppc64le, and s390x arches @@ -127,7 +103,6 @@ Patch12: cjdns.sign.patch #Patch15: cjdns.benc.patch # Specify python2 for systems that default to python3 #Patch16: cjdns.python3.patch -# s390x support for embedded cnacl library from Dan HorĂ¡k # Included upstream since 20.3 #Patch17: cjdns.s390x.patch # patch build to use system libuv @@ -145,12 +120,15 @@ BuildRequires: nodejs, pandoc, python3 %endif # Automated package review hates explicit BR on make, but it *is* needed -BuildRequires: make gcc +BuildRequires: make gcc rust-packaging >= 21 +BuildRequires: cargo +BuildRequires: libsodium-devel +BuildRequires: rust-sodiumoxide+default-devel +BuildRequires: rust-anyhow+default-devel +BuildRequires: rust-thiserror+default-devel +BuildRequires: rust-cbindgen+default-devel +BuildRequires: rust-bindgen+default-devel -%if !0%{use_embedded} -# x86_64 and ARM libnacl are not compiled with -fPIC before Fedora release 11. -BuildRequires: %{nacl_name}-devel >= %{nacl_version} -%endif %if %{use_systemd} # systemd macros are not defined unless systemd is present BuildRequires: systemd @@ -168,9 +146,6 @@ BuildRequires: gyp Provides: bundled(libuv) = 0.11.19 %endif -%if 0%{use_embedded} -Provides: bundled(nacl) = 20110221 -%endif # build system requires nodejs, unfortunately ExclusiveArch: %{nodejs_arches} # Seccomp_test is too slow on koji for this arch @@ -261,7 +236,7 @@ Python peer graph tools for cjdns. %prep %setup -qn cjdns-%{name}-v%{version} %patch0 -b .selinux - +%patch1 -b .rust %patch4 -b .genconf %patch5 -b .sbin @@ -271,32 +246,6 @@ cp %{SOURCE2} contrib/systemd tar xvfz %{SOURCE3} %endif -%if 0%{use_embedded} -# disable CPU opt -%else -# use system nacl library if provided. -if test -x %{nacl_lib}; then -%if 0%{use_libsodium} -%patch11 -b .sodium -%else -%patch6 -b .dyn -%endif - rm -rf node_build/dependencies/cnacl -# use static library if system nacl doesn't provide dynamic -elif test -d %{_includedir}/nacl && test -r %{_libdir}/libnacl.a; then - cd node_build/dependencies - rm -rf cnacl - mkdir -p cnacl/jsbuild - ln -s %{_libdir}/libnacl.a cnacl/jsbuild - ln -s %{_includedir}/nacl cnacl/jsbuild/include - cd - -fi -%patch12 -b .sign -cd crypto/sign -sed -i -e'/^#include / s,[<>],",g' crypto*int*.h -cd - -%endif - %patch9 -b .man %patch10 -b .tools #patch13 -b .ppc64 @@ -317,7 +266,7 @@ sed -i -e '/optimizeLevel:/ s/-O0/-O3/' node_build/make.js #patch19 -p1 -b .fuzz #patch20 -p1 -b .sysctl #patch22 -b .gcc10 -%patch2 -b .warn +#patch2 -b .warn cp %{SOURCE1} README_Fedora.md @@ -343,6 +292,8 @@ rm -rf contrib/nodejs # GPLv3 and ASL 2.0 %endif rm -rf contrib/http # GPLv2 and MIT +%cargo_prep + cat >cjdns-up.sh <<'EOF' #!/bin/sh @@ -411,7 +362,18 @@ export Seccomp_NO=1 %if %{with subnode} export SUBNODE=1 %endif -NO_TEST=1 CJDNS_RELEASE_VERSION="%{name}-%{version}-%{release}" ./do +export CJDNS_RELEASE_VERSION="%{name}-%{version}-%{release}" + +%cargo_build + +./target/release/testcjdroute all >/dev/null +mv ./target/release/cjdroute ./ +mv ./target/release/makekeys ./ +mv ./target/release/mkpasswd ./ +mv ./target/release/privatetopublic ./ +mv ./target/release/publictoip6 ./ +mv ./target/release/randombytes ./ +mv ./target/release/sybilsim ./ # FIXME: use system libuv on compatible systems # bundled libuv is 0.11.19 with changes: @@ -721,19 +683,13 @@ fi %{_bindir}/graphStats %changelog -* Tue Sep 6 2022 Stuart D. Gathman - 21.1-10 +* Fri Mar 25 2022 Stuart D. Gathman - 21.2-1 +- New upstream release + +* Fri Mar 25 2022 Stuart D. Gathman - 21.1-7 - Log scripts run by cjdns-up - Very helpful when one gets RTNETLINK answers: File exists running one ... -* Wed Jul 20 2022 Fedora Release Engineering - 21.1-9 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild - -* Wed Jun 15 2022 Python Maint - 21.1-8 -- Rebuilt for Python 3.11 - -* Wed Jan 19 2022 Fedora Release Engineering - 21.1-7 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - * Wed Jul 21 2021 Fedora Release Engineering - 21.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild