rpms/cjdns
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into epel7

Browse Source
This commit is contained in:
Stuart D. Gathman 2017-02-24 21:24:35 -05:00
commit 831e5fb3c1
11 changed files with 303 additions and 447 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -2,3 +2,4 @@
/cjdns-v17.4.tar.gz
/cjdns-v18.tar.gz
/*.src.rpm
/cjdns-v19.1.tar.gz

22
cjdns.benc.patch Normal file
View File

@ -0,0 +1,22 @@
diff -up ./benc/serialization/json/JsonBencSerializer.c.benc ./benc/serialization/json/JsonBencSerializer.c
--- ./benc/serialization/json/JsonBencSerializer.c.benc 2017-02-18 13:07:19.840276161 -0500
+++ ./benc/serialization/json/JsonBencSerializer.c 2017-02-18 13:08:31.044121936 -0500
@@ -72,15 +72,15 @@ static int32_t serializeString(struct Wr
Writer_write(writer, "\"", 1);
size_t i;
uint8_t chr;
- char buffer[4];
+ char buffer[5];
for (i = 0; i < string->len; i++) {
chr = (uint8_t) string->bytes[i] & 0xFF;
/* Nonprinting chars, \ and " are hex'd */
if (chr < 126 && chr > 31 && chr != '\\' && chr != '"') {
- snprintf(buffer, 4, "%c", chr);
+ snprintf(buffer, 5, "%c", chr);
Writer_write(writer, buffer, 1);
} else {
- snprintf(buffer, 4, "\\x%.2X", chr);
+ snprintf(buffer, 5, "\\x%.2X", chr);
Writer_write(writer, buffer, 4);
}
}

15
cjdns.entropy.patch Normal file
View File

@ -0,0 +1,15 @@
diff -up ./crypto/random/seed/GetEntropyRandomSeed.c.entropy ./crypto/random/seed/GetEntropyRandomSeed.c
--- ./crypto/random/seed/GetEntropyRandomSeed.c.entropy 2017-02-24 00:23:48.994554470 -0500
+++ ./crypto/random/seed/GetEntropyRandomSeed.c 2017-02-24 00:28:07.022641392 -0500
@@ -23,8 +23,9 @@
#define GetEntropyRandomSeed_GLIBC_HAS_IT \
(defined(__GNU_LIBRARY__) && defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2, 25))
-
-#if !defined(__OPENBSD__) && !GetEntropyRandomSeed_GLIBC_HAS_IT
+/* gcc warns against using defined() inside #define, so just copy definition */
+#if !defined(__OPENBSD__) && \
+!(defined(__GNU_LIBRARY__) && defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2, 25))
static int getentropy(void *buf, size_t buflen)
{
int ret;

426
cjdns.man.patch
View File

@ -1,415 +1,13 @@
diff -up ./contrib/doc/cjdnslog.md.man ./contrib/doc/cjdnslog.md
--- ./contrib/doc/cjdnslog.md.man 2016-05-10 18:55:17.289488599 -0400
+++ ./contrib/doc/cjdnslog.md 2016-05-10 18:55:17.289488599 -0400
@@ -0,0 +1,43 @@
+cjdnslog(1) -- display cjdroute log messages
+=============================================
+
+## SYNOPSIS
+
+`/usr/bin/cjdnslog` [<options>...]
+
+## DESCRIPTION
+
+Cjdroute sends continuous log messages to the bit bucket. Cjdnslog
+captures that information in real time and sends it to stdout.
+
+##OPTIONS
+
+With no options, cjdnslog logs everything.
+
+ * `--help`
+ Print usage summary.
+
+ * `-f source_file.c`
+ Restrict output to log messages generated in source_file.c.
+
+ * `-v log_level`
+ Restrict output to messages at log_level or higher. Log levels
+ include DEBUG, INFO, WARN, ERROR.
+
+ * `-l lineno`
+ Restrict output to message generated on source line lineno. Normally
+ used in conjunction with `-f`.
+
+##USAGE
+
+Running cjdnslog requires admin privilege. The cjdnsadmin lib will
+try to read `/etc/cjdroute.conf` for the admin password. This will
+normally succeed only for root. Otherwise, it tries `~/.cjdnsadmin`
+
+##FILES
+
+`~/.cjdnsadmin`
+
+## SEE ALSO
+
+cjdroute(1)
diff -up ./contrib/doc/cjdns-online.md.man ./contrib/doc/cjdns-online.md
--- ./contrib/doc/cjdns-online.md.man 2016-05-10 18:55:17.289488599 -0400
+++ ./contrib/doc/cjdns-online.md 2016-05-10 18:55:17.289488599 -0400
@@ -0,0 +1,33 @@
+cjdns-online(1) -- check whether cjdns tunnel devices are available
+=============================================
+
+## SYNOPSIS
+
+`cjdns-online` [<options>...]
+
+## DESCRIPTION
+
+Cjdns-online waits for cjdns to make its tunnel device available so
+that services that listen on the cjdns IP can start. If you have
+configured services to listen on the cjdns IP, then you can use:
+
+ systemctl enable cjdns-wait-online
+
+to wait until this IP is available before starting network services.
+This will increase your boot time somewhat, but is needed to launch
+thttpd at boot, for example.
+
+##OPTIONS
+
+ * `-t`, `--timeout` <timeout_value>:
+ time to wait in seconds, default 30
+
+ * `-x`, `--exit`:
+ Exit immediately if cjdns is not online
+
+ * `-q`, `--quiet`:
+ Don't print anything
+
+ * `-s`, `--wait-for-startup`:
+ Wait for full startup instead of just tun dev. This is not implemented.
+
diff -up ./contrib/doc/cjdroute.md.man ./contrib/doc/cjdroute.md
--- ./contrib/doc/cjdroute.md.man 2016-05-10 18:55:17.289488599 -0400
+++ ./contrib/doc/cjdroute.md 2016-05-10 18:55:17.289488599 -0400
@@ -0,0 +1,76 @@
+cjdroute(1) -- Cjdns packet switch
+=============================================
+
+## SYNOPSIS
+
+`/usr/sbin/cjdroute` [<options>...]
+
+## DESCRIPTION
+
+Cjdns implements an encrypted IPv6 network using public-key cryptography for
+address allocation and a distributed hash table for routing. This provides
+near-zero-configuration networking, and prevents many of the security and
+scalability issues that plague existing networks.
+
+cjdroute runs in the background and either decrypts packets addressed to
+this node, or sends them on to the next node in the route.
+
+##OPTIONS
+
+ * `--help`:
+ Print usage summary.
+
+ * `--genconf` [--no-eth]:
+ Generate a configuration file, write it to stdout.
+ If --no-eth is specified then ethernet beaconing will be disabled.
+
+ * `--bench`:
+ Run some cryptography performance benchmarks.
+
+ * `--version`:
+ Print cjdroute version and the protocol version which this node speaks.
+
+ * `--cleanconf` < conf:
+ Print a clean (valid json) version of the config.
+
+ * `--nobg`
+ Never fork to the background no matter the config.
+
+##USAGE
+
+To get the router up and running:
+
+ * Step 1:
+ Generate a new configuration file if one doesn't already exist.
+
+ cjdroute --genconf > /etc/cjdroute.conf
+
+ You can also simply:
+
+ systemctl start cjdns
+
+ which will tell cjdroute to generate a new config if needed.
+
+ * Step 2:
+ Find somebody to connect to.
+ Check out the IRC channel or http://hyperboria.net/
+ for information about how to meet new people and make connect to them.
+ Read more here: https://github.com/cjdelisle/cjdns/#2-find-a-friend
+
+ By default, cjdroute will find any cjdns nodes on your local LAN
+ without any configuration.
+
+ * Step 3:
+ Add that somebody's node to your cjdroute.conf file.
+ https://github.com/cjdelisle/cjdns/#3-connect-your-node-to-your-friends-node
+
+ * Step 4:
+ Fire it up!
+
+ systemctl start cjdns
+
+ Or if you had already started cjdns:
+
+ systemctl restart cjdns
+
+For more information about other functions and non-standard setups, see README.md
diff -up ./contrib/doc/makekeys.md.man ./contrib/doc/makekeys.md
--- ./contrib/doc/makekeys.md.man 2016-05-10 18:55:17.289488599 -0400
+++ ./contrib/doc/makekeys.md 2016-05-10 18:58:51.521907178 -0400
@@ -0,0 +1,24 @@
+makekeys(1) -- write cjdns keys generated via libnacl to stdout
+=============================================
+
+## SYNOPSIS
+
+`makekeys`
+
+## DESCRIPTION
+
+Generates cjdns private keys and writes them to stdout forever with
+corresponding IP6 address and public key. Sample:
+
+ 9b5520e11b4e1aac4e54cf8382ca219b6942f75519dbe7cc71fc6c4bb636a2db fca1:43dc:9e20:68dc:df3f:6bf1:fbf9:37ab x70u0x6sfh0yuushlq7wvcdxj8rgb8lvss9t6f42zp60ftq71cm0.k
+ 579db68cfdeaeda1ff7f365c73e620bedb0f68cb443a0cd7ef6bae16d0e1e12e fc68:b272:3aa3:cb4a:a686:dab0:7df5:2fb5 fmurp2qrb0yqmcjmbjtuhuxuf6v3rgmdn9hgsfh47k20h68y2lz0.k
+
+##USAGE
+
+Example use:
+
+ makekeys | head -20 >keys.txt
+
+## SEE ALSO
+
+publictoip6(1)
diff -up ./contrib/doc/peerStats.md.man ./contrib/doc/peerStats.md
--- ./contrib/doc/peerStats.md.man 2016-05-10 18:55:17.289488599 -0400
+++ ./contrib/doc/peerStats.md 2016-05-10 18:55:17.289488599 -0400
@@ -0,0 +1,25 @@
+peerStats(1) -- show cjdns peers
+=============================================
+
+## SYNOPSIS
+
+`peerStats`
+
+## DESCRIPTION
+
+Cjdroute talks to a number of immediate peers configured in
+`/etc/cjdroute.conf`. These can be discovered dynamically on local
+networks if "beacon" is enabled. Peers are enabled to connect
+to cjdroute by adding a login in "authorizedPasswords". Connecting
+out to peers is configured in "connectTo" in either the IPv4 or IPv6 section.
+
+No admin privilege is needed to run peerStats, but it looks in `~/.cjdnsadmin`
+for the IP and admin port of cjdroute.
+
+##FILES
+
+`~/.cjdnsadmin`
+
+## SEE ALSO
+
+cjdroute(1), sessionStats(1)
diff -up ./contrib/doc/privatetopublic.md.man ./contrib/doc/privatetopublic.md
--- ./contrib/doc/privatetopublic.md.man 2016-05-10 18:55:17.290488610 -0400
+++ ./contrib/doc/privatetopublic.md 2016-05-10 18:55:17.290488610 -0400
@@ -0,0 +1,25 @@
+privatetopublic(8) -- convert cjdns private keys to public keys and IP6
+=============================================
+
+## SYNOPSIS
+
+`/usr/libexec/cjdns/privatetopublic`
+
+## DESCRIPTION
+
+As private keys are very sensitive, /usr/libexec/cjdns/privatetopublic reads
+them from stdin. If your shell, terminal, or other program keeps history,
+please avoid `echo 'key' | /usr/libexec/cjdns/privatetopublic`, or similar
+constructs. A heredoc is suitable for use in scripts, and will avoid
+unwanted revealing of the key in process lists, like so:
+
+ /usr/libexec/cjdns/privatetopublic <<EOF
+ key
+ EOF
+
+Key should be in hex form, maximum 64 characters. Extra characters will be
+silently ignored.
+
+## SEE ALSO
+
+publictoip6(1)
diff -up ./contrib/doc/publictoip6.md.man ./contrib/doc/publictoip6.md
--- ./contrib/doc/publictoip6.md.man 2016-05-10 18:55:17.290488610 -0400
+++ ./contrib/doc/publictoip6.md 2016-05-10 18:59:01.906033221 -0400
@@ -0,0 +1,14 @@
+publictoip6(1) -- Derive cjdns IP6 address from a public key
+=============================================
+
+## SYNOPSIS
+
+`publictoip6` <public key>
+
+## DESCRIPTION
+Get a cjdns IPv6 address from a public key and write to stdout.
+The key should be in Base32 and end in '.k'.
+
+## SEE ALSO
+
+randombytes(1)
diff -up ./contrib/doc/randombytes.md.man ./contrib/doc/randombytes.md
--- ./contrib/doc/randombytes.md.man 2016-05-10 18:55:17.290488610 -0400
+++ ./contrib/doc/randombytes.md 2016-05-10 18:55:17.290488610 -0400
@@ -0,0 +1,16 @@
+randombytes(1) -- write random bytes generated via libnacl to stdout
+=============================================
+
+## SYNOPSIS
+
+`randombytes`
+
+## DESCRIPTION
+
+Writes random bytes to stdout forever using the cryptographically secure
+random generator in libnacl. In practice, the output is piped
+to a program like dd(1) or base64(1).
+
+## SEE ALSO
+
+makekeys(1)
diff -up ./contrib/doc/sessionStats.md.man ./contrib/doc/sessionStats.md
--- ./contrib/doc/sessionStats.md.man 2016-05-10 18:55:17.290488610 -0400
+++ ./contrib/doc/sessionStats.md 2016-05-10 18:55:17.290488610 -0400
@@ -0,0 +1,39 @@
+sessionStats(1) -- show cjdns crypto sessions
+=============================================
+
+## SYNOPSIS
+
+`sessionStats`
+
+## DESCRIPTION
+
+Cjdroute always talks to other nodes over a "session" similar to
+a TLS session. A session is required not only to talk to each peer,
+but also when talking to intermediate nodes to ask them about their peers
+when planning a route.
+
+The cjdns protocol offers Perfect Forward Secrecy. Each session has a random
+symmetric key that encrypts that session. If a node is compromised,
+the attacker can get the session keys and read current and future sessions.
+However, the session keys are securely erased when a session is destroyed,
+so that past sessions (before the compromise) cannot be read. The lifetime
+of a session is somewhat random. Cjdroute caches recently active sessions,
+and destroys sessions that have not been used for a while.
+
+##USAGE
+
+Running sessionStats requires admin privilege. The cjdnsadmin lib will
+try to read `/etc/cjdroute.conf` for the admin password. This will
+normally succeed only for root. Otherwise, it tries `~/.cjdnsadmin`
+
+##FILES
+
+`~/.cjdnsadmin`
+`/etc/cjdroute.conf`
+
+##BUGS
+If you get a TypeError, you probably have the wrong admin password.
+
+## SEE ALSO
+
+cjdroute(1), peerStats(1)
diff -up ./contrib/doc/sybilsim.md.man ./contrib/doc/sybilsim.md
--- ./contrib/doc/sybilsim.md.man 2016-05-10 18:55:17.290488610 -0400
+++ ./contrib/doc/sybilsim.md 2016-05-10 18:55:17.290488610 -0400
@@ -0,0 +1,43 @@
+sybilsim(8) -- Cjdns packet switch
+=============================================
+
+## SYNOPSIS
+
+`/usr/libexec/cjdns/sybilsim < config.json`
+
+## DESCRIPTION
+
+Sybilsim reads a list of nodes and peers from stdin and simulates the
+corresponding mesh without any actual networking using the same code
+as cjdroute. This is useful for testing and optimizing cjdroute.
+Every node must have a valid cjdns private key. The makekeys(1) utility can be
+useful for scripts that generate the config.
+
+##USAGE
+
+Example config:
+
+ {
+ "nodes": {
+ "alice": {
+ "privateKey":
+ "5e2295679394e5e1db67c238abbc10292ad9b127904394c52cc5fff39383e920",
+ "peers": []
+ },
+ "bob": {
+ "privateKey":
+ "6569bf3f0d168faa6dfb2912f8ee5ee9b938319e97618fdf06caed73b1aad1cc",
+ "peers": [ "alice" ]
+ }
+ }
+ }
+
+Example use:
+
+ makekeys | head -20 >keys.txt
+ node /usr/libexec/cjdns/tools/lib/makesim.js keys.txt |
+ /usr/libexec/cjdns/sybilsim
+
+## SEE ALSO
+
+makekeys(1), cjdroute(1)
diff -up ./contrib/doc/traceroute.md.man ./contrib/doc/traceroute.md
--- ./contrib/doc/traceroute.md.man 2016-05-10 18:55:17.290488610 -0400
+++ ./contrib/doc/traceroute.md 2016-05-10 18:55:17.290488610 -0400
@@ -0,0 +1,33 @@
+cjdns-traceroute(1) -- trace cjdns packet routing
+=============================================
+
+## SYNOPSIS
+
+`cjdns-traceroute` <host_or_ip>
+
+## DESCRIPTION
+
+Because cjdns is end to end encrypted, the standard traceroute always
+shows a direct connection. Cjdns-traceroute queries cjdroute to discover
+what route would be used to send a packet to the destination IP.
+Note that just as with the standard traceroute, there is no guarantee
+that that precise route will actually be used with the next packet.
+
+Cjdns-traceroute requires admin privilege. The cjdnsadmin lib will
+try to read `/etc/cjdroute.conf` for the admin password. This will
+normally succeed only for root. Otherwise, it tries `~/.cjdnsadmin`
+
+##USAGE
+
+##FILES
+
+`~/.cjdnsadmin`
+`/etc/cjdroute.conf`
+
+##BUGS
+Cjdns-traceroute throws an ugly exception if you forget
+to pass an IP or have the wrong admin password.
+
+## SEE ALSO
+
+cjdroute(1)
--- ./contrib/doc/cjdns-online.md.man 2016-10-11 17:39:44.000000000 -0400
+++ ./contrib/doc/cjdns-online.md 2016-11-06 23:15:32.528962680 -0500
@@ -25,6 +25,9 @@ thttpd at boot, for example.
* `-x`, `--exit`:
Exit immediately if cjdns is not online
+ * `-i`, `--interface`:
+ Output interface name instead of IP
+
* `-q`, `--quiet`:
Don't print anything

98
cjdns.ppc64.patch Normal file
View File

@ -0,0 +1,98 @@
diff -up ./crypto/random/Random.c.ppc64 ./crypto/random/Random.c
--- ./crypto/random/Random.c.ppc64 2016-12-05 00:06:42.586930523 -0500
+++ ./crypto/random/Random.c 2016-12-05 00:07:36.524592652 -0500
@@ -20,6 +20,7 @@
#include "util/Assert.h"
#include "util/Base32.h"
#include "util/Identity.h"
+#include "util/Endian.h"
#include <crypto_hash_sha256.h>
#include <crypto_stream_salsa20.h>
@@ -163,10 +164,11 @@ void Random_addRandom(struct Random* ran
static void stir(struct Random* rand)
{
+ uint64_t nonce = Endian_hostToLittleEndian64(rand->nonce);
crypto_stream_salsa20_xor((uint8_t*)rand->buff,
(uint8_t*)rand->buff,
BUFFSIZE,
- (uint8_t*)&rand->nonce,
+ (uint8_t*)&nonce,
(uint8_t*)rand->tempSeed);
rand->nonce++;
rand->nextByte = 0;
diff -up ./util/ArchInfo.c.ppc64 ./util/ArchInfo.c
--- ./util/ArchInfo.c.ppc64 2016-10-11 17:39:44.000000000 -0400
+++ ./util/ArchInfo.c 2016-12-05 00:05:56.482360588 -0500
@@ -98,8 +98,15 @@ gcc arch.c
#error unknown endian
#endif
#elif defined(__powerpc64__) || defined(__ppc64__) || defined(__PPC64__) || defined(_ARCH_PPC64)
- #define ARCH ArchInfo_AUDIT_ARCH_PPC64
- #define ARCHSTR "ppc64"
+ #if defined(Endian_BIG)
+ #define ARCH ArchInfo_AUDIT_ARCH_PPC64
+ #define ARCHSTR "ppc64"
+ #elif defined(Endian_LITTLE)
+ #define ARCH ArchInfo_AUDIT_ARCH_PPC64LE
+ #define ARCHSTR "ppc64le"
+ #else
+ #error unknown endian
+ #endif
#elif defined(__powerpc__) || defined(__ppc__) || defined(__PPC__) || defined(_ARCH_PPC)
#define ARCH ArchInfo_AUDIT_ARCH_PPC
#define ARCHSTR "ppc"
@@ -145,6 +152,9 @@ gcc arch.c
#else
#error unknown bit width
#endif
+#elif defined(__s390x__)
+ #define ARCH ArchInfo_AUDIT_ARCH_S390X
+ #define ARCHSTR "s390x"
#else
#error architecture unknown
#endif
diff -up ./util/test/Endian_test.c.ppc64 ./util/test/Endian_test.c
--- ./util/test/Endian_test.c.ppc64 2016-12-05 10:48:46.767433986 -0500
+++ ./util/test/Endian_test.c 2016-12-05 10:50:23.116623515 -0500
@@ -40,32 +40,32 @@ int main()
Assert_true(c == Endian_bigEndianToHost16(sc));
Assert_true(c == Endian_hostToBigEndian16(sc));
Assert_true(c == Endian_hostToLittleEndian16(c));
- Assert_true(c == Endian_hostToLittleEndian16(c));
+ Assert_true(c == Endian_littleEndianToHost16(c));
Assert_true(a == Endian_bigEndianToHost32(sa));
Assert_true(a == Endian_hostToBigEndian32(sa));
Assert_true(a == Endian_hostToLittleEndian32(a));
- Assert_true(a == Endian_hostToLittleEndian32(a));
+ Assert_true(a == Endian_littleEndianToHost32(a));
Assert_true(b == Endian_bigEndianToHost64(sb));
Assert_true(b == Endian_hostToBigEndian64(sb));
Assert_true(b == Endian_hostToLittleEndian64(b));
- Assert_true(b == Endian_hostToLittleEndian64(b));
+ Assert_true(b == Endian_littleEndianToHost64(b));
} else {
Assert_true(c == Endian_bigEndianToHost16(c));
Assert_true(c == Endian_hostToBigEndian16(c));
Assert_true(c == Endian_hostToLittleEndian16(sc));
- Assert_true(c == Endian_hostToLittleEndian16(sc));
+ Assert_true(c == Endian_littleEndianToHost16(sc));
Assert_true(a == Endian_bigEndianToHost32(a));
Assert_true(a == Endian_hostToBigEndian32(a));
Assert_true(a == Endian_hostToLittleEndian32(sa));
- Assert_true(a == Endian_hostToLittleEndian32(sa));
+ Assert_true(a == Endian_littleEndianToHost32(sa));
Assert_true(b == Endian_bigEndianToHost64(b));
Assert_true(b == Endian_hostToBigEndian64(b));
Assert_true(b == Endian_hostToLittleEndian64(sb));
- Assert_true(b == Endian_hostToLittleEndian64(sb));
+ Assert_true(b == Endian_littleEndianToHost64(sb));
}
Assert_true(b == Endian_byteSwap64(sb));

17
cjdns.python3.patch Normal file
View File

@ -0,0 +1,17 @@
diff -up ./node_build/dependencies/libuv/gyp_uv.py.python3 ./node_build/dependencies/libuv/gyp_uv.py
--- ./node_build/dependencies/libuv/gyp_uv.py.python3 2017-02-18 15:19:22.280061575 -0500
+++ ./node_build/dependencies/libuv/gyp_uv.py 2017-02-18 15:32:37.090478242 -0500
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python2
import glob
import platform
@@ -34,6 +34,7 @@ def compiler_version():
proc = subprocess.Popen(CC.split() + ['-dumpversion'], stdout=subprocess.PIPE)
version = proc.communicate()[0].split('.')
version = map(int, version[:2])
+ if len(version) < 2: version.append(0)
version = tuple(version)
return (version, is_clang)

33
cjdns.sbin.patch
View File

@ -1,6 +1,6 @@
diff -up ./contrib/systemd/cjdns-loadmodules.service.sbin ./contrib/systemd/cjdns-loadmodules.service
--- ./contrib/systemd/cjdns-loadmodules.service.sbin 2016-08-15 13:39:48.892573194 -0400
+++ ./contrib/systemd/cjdns-loadmodules.service 2016-08-15 13:47:24.336772295 -0400
--- ./contrib/systemd/cjdns-loadmodules.service.sbin 2017-01-13 21:43:05.413731242 -0500
+++ ./contrib/systemd/cjdns-loadmodules.service 2017-01-13 21:43:05.413731242 -0500
@@ -0,0 +1,13 @@
+[Unit]
+Description=Load cjdns kernel modules
@ -16,8 +16,8 @@ diff -up ./contrib/systemd/cjdns-loadmodules.service.sbin ./contrib/systemd/cjdn
+[Install]
+WantedBy=multi-user.target
diff -up ./contrib/systemd/cjdns-online.sh.sbin ./contrib/systemd/cjdns-online.sh
--- ./contrib/systemd/cjdns-online.sh.sbin 2016-08-15 13:33:11.356021398 -0400
+++ ./contrib/systemd/cjdns-online.sh 2016-08-15 13:33:11.356021398 -0400
--- ./contrib/systemd/cjdns-online.sh.sbin 2017-01-13 21:43:05.414731254 -0500
+++ ./contrib/systemd/cjdns-online.sh 2017-01-13 21:43:05.414731254 -0500
@@ -0,0 +1,90 @@
+#!/bin/sh
+# Check whether cjdns IPs are available
@ -110,9 +110,9 @@ diff -up ./contrib/systemd/cjdns-online.sh.sbin ./contrib/systemd/cjdns-online.s
+ fi
+fi
diff -up ./contrib/systemd/cjdns.service.sbin ./contrib/systemd/cjdns.service
--- ./contrib/systemd/cjdns.service.sbin 2016-06-14 17:58:54.000000000 -0400
+++ ./contrib/systemd/cjdns.service 2016-08-15 13:56:20.198792714 -0400
@@ -1,18 +1,20 @@
--- ./contrib/systemd/cjdns.service.sbin 2016-10-11 17:39:44.000000000 -0400
+++ ./contrib/systemd/cjdns.service 2017-01-13 22:07:35.128118775 -0500
@@ -1,18 +1,21 @@
[Unit]
Description=cjdns: routing engine designed for security, scalability, speed and ease of use
Wants=network.target
@ -133,12 +133,13 @@ diff -up ./contrib/systemd/cjdns.service.sbin ./contrib/systemd/cjdns.service
fi"
-ExecStart=/bin/sh -c "exec cjdroute --nobg < /etc/cjdroute.conf"
+ExecStart=/bin/sh -c "exec /usr/sbin/cjdroute --nobg < /etc/cjdroute.conf"
+ExecStartPost=/bin/sh /usr/libexec/cjdns/cjdns-up
Restart=always
[Install]
diff -up ./contrib/systemd/cjdns-wait-online.service.sbin ./contrib/systemd/cjdns-wait-online.service
--- ./contrib/systemd/cjdns-wait-online.service.sbin 2016-08-15 13:33:11.356021398 -0400
+++ ./contrib/systemd/cjdns-wait-online.service 2016-08-15 13:33:11.356021398 -0400
--- ./contrib/systemd/cjdns-wait-online.service.sbin 2017-01-13 21:43:05.414731254 -0500
+++ ./contrib/systemd/cjdns-wait-online.service 2017-01-13 21:43:05.414731254 -0500
@@ -0,0 +1,13 @@
+[Unit]
+Description=CJDNS Wait Online
@ -154,8 +155,8 @@ diff -up ./contrib/systemd/cjdns-wait-online.service.sbin ./contrib/systemd/cjdn
+[Install]
+WantedBy=multi-user.target
diff -up ./contrib/upstart/cjdns.conf.sbin ./contrib/upstart/cjdns.conf
--- ./contrib/upstart/cjdns.conf.sbin 2016-06-14 17:58:54.000000000 -0400
+++ ./contrib/upstart/cjdns.conf 2016-08-15 13:33:11.356021398 -0400
--- ./contrib/upstart/cjdns.conf.sbin 2016-10-11 17:39:44.000000000 -0400
+++ ./contrib/upstart/cjdns.conf 2017-01-13 21:45:35.268491363 -0500
@@ -13,10 +13,16 @@ pre-start script
if ! [ -s /etc/cjdroute.conf ]; then
( # start a subshell to avoid side effects of umask later on
@ -174,9 +175,15 @@ diff -up ./contrib/upstart/cjdns.conf.sbin ./contrib/upstart/cjdns.conf
# If you need a non-standard setup, as described in
# https://github.com/cjdelisle/cjdns#non-standard-setups,
@@ -25,4 +31,4 @@ pre-start script
@@ -25,4 +31,10 @@ pre-start script
# see http://upstart.ubuntu.com/cookbook/#setuid
end script
-exec /usr/bin/cjdroute --nobg < /etc/cjdroute.conf
+exec /usr/sbin/cjdroute --nobg < /etc/cjdroute.conf
+script
+ exec /usr/sbin/cjdroute --nobg < /etc/cjdroute.conf
+end script
+
+post-start script
+ . /usr/libexec/cjdns/cjdns-up
+end script

2
cjdns.sign.patch
View File

@ -2,7 +2,7 @@ diff -up ./crypto/Sign.c.sign ./crypto/Sign.c
--- ./crypto/Sign.c.sign 2016-10-11 17:39:44.000000000 -0400
+++ ./crypto/Sign.c 2016-10-14 20:59:49.143754098 -0400
@@ -13,6 +13,7 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>.
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
+#ifdef SUBNODE

58
cjdns.spec
View File

@ -42,8 +42,8 @@
Name: cjdns
# major version is cjdns protocol version:
Version: 18
Release: 3%{?dist}
Version: 19.1
Release: 2%{?dist}
Summary: The privacy-friendly network without borders
Group: System Environment/Base
# cjdns is all GPLv3 except libuv which is MIT and BSD and ISC
@ -78,7 +78,7 @@ Patch4: cjdns.genconf.patch
Patch5: cjdns.sbin.patch
# Patch make.js to use dynamic nacl library
Patch6: cjdns.dyn.patch
# Patch to use _LINUX_CAPABILITY_3
# Patch to use _LINUX_CAPABILITY_3 (cjdns < 18)
#Patch7: cjdns.cap3.patch
# Patch some source files to ignore selected warnings that break gcc6 builds
Patch8: cjdns.warnings.patch
@ -90,8 +90,16 @@ Patch10: cjdns.tools.patch
Patch11: cjdns.sodium.patch
# Disable WIP subnode code when SUBNODE not enabled
Patch12: cjdns.sign.patch
# Recognize ppc64, ppc64le, and s390x arches
Patch13: cjdns.ppc64.patch
# getentropy(2) added to glibc in Fedora 26
Patch14: cjdns.entropy.patch
# Fix buffer overrun in JsonBencSerializer.c
Patch15: cjdns.benc.patch
# Specify python2 for systems that default to python3
Patch16: cjdns.python3.patch
BuildRequires: nodejs, nodejs-ronn
BuildRequires: nodejs, nodejs-ronn, python2
# Automated package review hates explicit BR on make, but it *is* needed
BuildRequires: make
@ -203,6 +211,10 @@ fi
%patch9 -b .man
%patch10 -b .tools
#patch13 -b .ppc64
%patch14 -b .entropy
%patch15 -b .benc
%patch16 -b .python3
cp %{SOURCE1} README_Fedora.md
@ -223,6 +235,20 @@ rm -rf contrib/nodejs # GPLv3 and ASL 2.0
%endif
rm -rf contrib/http # GPLv2 and MIT
cat >cjdns-up.sh <<'EOF'
#!/bin/sh
cjdev="$(cjdns-online -i)" || exit 1
for s in %{_sysconfdir}/cjdns/up.d/*.sh; do
if test -x "$s"; then
"$s" up $cjdev
fi
done
EOF
chmod a+x cjdns-up.sh
# FIXME: grep Version_CURRENT_PROTOCOL util/version/Version.h and
# check that it matches major %%{version}
@ -261,6 +287,7 @@ install -pm 644 contrib/upstart/cjdns.conf %{buildroot}%{_sysconfdir}/init
mkdir -p %{buildroot}%{_unitdir}
install -pm 644 contrib/systemd/cjdns*.service %{buildroot}%{_unitdir}
%endif
mkdir -p %{buildroot}%{_sysconfdir}/cjdns/up.d
# chroot
mkdir -p %{buildroot}/var/empty/cjdns
@ -283,6 +310,8 @@ rm -f contrib/nodejs/admin/.gitignore
cp -pr contrib/nodejs/admin %{buildroot}%{_libexecdir}/cjdns
%endif
cp -p cjdns-up.sh %{buildroot}%{_libexecdir}/cjdns/cjdns-up
# symlinks for selected nodejs tools
mkdir -p %{buildroot}%{_bindir}
for t in peerStats sessionStats cjdnslog search dumpLinks dumptable \
@ -357,6 +386,8 @@ done
%if %{use_systemd}
%{_unitdir}/*
%endif
%dir %{_sysconfdir}/cjdns/up.d
%{_libexecdir}/cjdns/cjdns-up
%{_libexecdir}/cjdns/randombytes
%{_libexecdir}/cjdns/publictoip6
%{_libexecdir}/cjdns/privatetopublic
@ -482,6 +513,25 @@ fi
%{_bindir}/graphStats
%changelog
* Fri Feb 24 2017 Stuart D. Gathman <stuart@gathman.org> 19.1-2
- Adjust for moving in6_ifreq to linux/ipv6.h in kernel-headers-4.11
* Fri Feb 24 2017 Stuart D. Gathman <stuart@gathman.org> 19.1-1
- New upstream release
* Sat Feb 18 2017 Stuart D. Gathman <stuart@gathman.org> 18-7
- Fix errors and document nits found by gcc7
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 18-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Sat Jan 7 2017 Stuart D. Gathman <stuart@gathman.org> 18-5
- Run scripts in %{sysconfdir}/cjdns/up.d when cjdns comes up.
* Sun Nov 6 2016 Stuart D. Gathman <stuart@gathman.org> 18-4
- update cjdns-online man page
- Support ppc64, ppc64le, s390x
* Fri Oct 14 2016 Stuart D. Gathman <stuart@gathman.org> 18-3
- libstdc++ not needed with libsodium

75
cjdns.warnings.patch
View File

@ -1,7 +1,7 @@
diff -up ./crypto/CryptoAuth.c.warnings ./crypto/CryptoAuth.c
--- ./crypto/CryptoAuth.c.warnings 2016-01-27 03:07:49.000000000 -0500
+++ ./crypto/CryptoAuth.c 2016-05-03 22:06:45.842528947 -0400
@@ -77,6 +77,8 @@ static inline void getSharedSecret(uint8
--- ./crypto/CryptoAuth.c.warnings 2017-02-21 17:56:22.000000000 -0500
+++ ./crypto/CryptoAuth.c 2017-02-24 12:36:55.762819179 -0500
@@ -85,6 +85,8 @@ static inline void getSharedSecret(uint8
uint8_t passwordHash[32],
struct Log* logger)
{
@ -10,7 +10,7 @@ diff -up ./crypto/CryptoAuth.c.warnings ./crypto/CryptoAuth.c
if (passwordHash == NULL) {
crypto_box_curve25519xsalsa20poly1305_beforenm(outputSecret, herPublicKey, myPrivateKey);
} else {
@@ -92,6 +94,7 @@ static inline void getSharedSecret(uint8
@@ -100,6 +102,7 @@ static inline void getSharedSecret(uint8
Bits_memcpy(buff.components.passwd, passwordHash, 32);
crypto_hash_sha256(outputSecret, buff.bytes, 64);
}
@ -19,8 +19,8 @@ diff -up ./crypto/CryptoAuth.c.warnings ./crypto/CryptoAuth.c
uint8_t myPublicKeyHex[65];
printHexPubKey(myPublicKeyHex, myPrivateKey);
diff -up ./dht/CJDHTConstants.h.warnings ./dht/CJDHTConstants.h
--- ./dht/CJDHTConstants.h.warnings 2016-01-27 03:07:49.000000000 -0500
+++ ./dht/CJDHTConstants.h 2016-05-03 22:06:45.842528947 -0400
--- ./dht/CJDHTConstants.h.warnings 2017-02-21 17:56:22.000000000 -0500
+++ ./dht/CJDHTConstants.h 2017-02-24 12:36:55.762819179 -0500
@@ -17,7 +17,9 @@
#include "benc/String.h"
@ -39,9 +39,23 @@ diff -up ./dht/CJDHTConstants.h.warnings ./dht/CJDHTConstants.h
-
+#pragma GCC diagnostic pop
#endif
diff -up ./dht/dhtcore/NodeStore.c.warnings ./dht/dhtcore/NodeStore.c
--- ./dht/dhtcore/NodeStore.c.warnings 2017-02-21 17:56:22.000000000 -0500
+++ ./dht/dhtcore/NodeStore.c 2017-02-24 12:44:19.822328184 -0500
@@ -1770,7 +1770,9 @@ struct NodeList* NodeStore_getPeers(uint
break;
}
switch (j) {
- default: Bits_memmove(out->nodes, &out->nodes[1], (j - 1) * sizeof(char*));
+ default:
+ Bits_memmove(out->nodes, &out->nodes[1], (j - 1) * sizeof(char*));
+ Gcc_FALLTHROUGH;
case 1: out->nodes[j - 1] = next->child;
case 0:;
}
diff -up ./node_build/dependencies/libuv/test/test-getsockname.c.warnings ./node_build/dependencies/libuv/test/test-getsockname.c
--- ./node_build/dependencies/libuv/test/test-getsockname.c.warnings 2016-01-27 03:07:49.000000000 -0500
+++ ./node_build/dependencies/libuv/test/test-getsockname.c 2016-05-03 22:06:45.842528947 -0400
--- ./node_build/dependencies/libuv/test/test-getsockname.c.warnings 2017-02-21 17:56:22.000000000 -0500
+++ ./node_build/dependencies/libuv/test/test-getsockname.c 2017-02-24 12:36:55.763819191 -0500
@@ -18,7 +18,7 @@
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
@ -51,10 +65,43 @@ diff -up ./node_build/dependencies/libuv/test/test-getsockname.c.warnings ./node
#include "uv.h"
#include "task.h"
diff -up ./util/Gcc.h.warnings ./util/Gcc.h
--- ./util/Gcc.h.warnings 2017-02-24 12:41:36.926182554 -0500
+++ ./util/Gcc.h 2017-02-24 13:06:44.166644855 -0500
@@ -40,6 +40,11 @@
#define Gcc_USE_RET \
__attribute__ ((warn_unused_result))
+#if __GNUC__ >= 7
+#define Gcc_FALLTHROUGH \
+ __attribute__ ((fallthrough))
+#endif
+
#elif defined(__clang__)
#define Gcc_NORETURN \
@@ -50,6 +55,9 @@
#endif
+#ifndef Gcc_FALLTHROUGH
+ #define Gcc_FALLTHROUGH (void)0
+#endif
#ifndef Gcc_PRINTF
#define Gcc_PRINTF( format_idx, arg_idx )
#endif
diff -up ./util/platform/netdev/NetPlatform_linux.c.warnings ./util/platform/netdev/NetPlatform_linux.c
--- ./util/platform/netdev/NetPlatform_linux.c.warnings 2016-01-27 03:07:49.000000000 -0500
+++ ./util/platform/netdev/NetPlatform_linux.c 2016-05-03 22:06:45.842528947 -0400
@@ -142,7 +142,7 @@ void NetPlatform_addAddress(const char*
--- ./util/platform/netdev/NetPlatform_linux.c.warnings 2017-02-21 17:56:22.000000000 -0500
+++ ./util/platform/netdev/NetPlatform_linux.c 2017-02-24 14:55:11.354136283 -0500
@@ -36,6 +36,7 @@
#include <linux/route.h>
#if ! defined(android)
#include <linux/ipv6_route.h>
+ #include <linux/ipv6.h>
#endif
#include <linux/netlink.h>
#include <linux/rtnetlink.h>
@@ -165,7 +166,7 @@ void NetPlatform_addAddress(const char*
Except_throw(eh, "ioctl(SIOCSIFADDR) failed: [%s]", strerror(err));
}
@ -64,11 +111,11 @@ diff -up ./util/platform/netdev/NetPlatform_linux.c.warnings ./util/platform/net
memcpy(&sin.sin_addr, &x, 4);
memcpy(&ifRequest.ifr_addr, &sin, sizeof(struct sockaddr_in));
diff -up ./util/platform/Sockaddr.c.warnings ./util/platform/Sockaddr.c
--- ./util/platform/Sockaddr.c.warnings 2016-01-27 03:07:49.000000000 -0500
+++ ./util/platform/Sockaddr.c 2016-05-03 22:06:45.842528947 -0400
--- ./util/platform/Sockaddr.c.warnings 2017-02-21 17:56:22.000000000 -0500
+++ ./util/platform/Sockaddr.c 2017-02-24 12:36:55.763819191 -0500
@@ -12,6 +12,7 @@
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
+#pragma GCC diagnostic ignored "-Wstrict-aliasing"
#include "util/events/libuv/UvWrapper.h"

3
sources
View File

@ -1 +1,2 @@
9f6600d9ed0d87d4e17fbc9155ff0368 cjdns-v18.tar.gz
SHA512 (cjdns-v18.tar.gz) = 3b7ed50c81ed51f8deea3999aa0b820f78de53da3d3937c13f572e35bb7c2a6f963d3779c2f0b7b4afc64e6a45ae98c4a6958a0c31d43d4309a47ae3ccbb709b
SHA512 (cjdns-v19.1.tar.gz) = 9c29bf1d136237bd60e125718bdd2c6d7f5a651d51af50aea3173eed1626a402dac5a2a72f9fb129fc9af24c3b67472a1dfe7b2b6a09bb28d01a120fc667b206