Merge branch 'master' into epel7

2016-04-18 23:09:53 -04:00 · 2016-04-18 23:09:53 -04:00 · 862adfcc2c
commit 862adfcc2c
parent 59db84d2dc 7134b1a210
7 changed files with 306 additions and 39 deletions
--- a/cjdns.dyn.patch
+++ b/cjdns.dyn.patch
@ -1,7 +1,7 @@
 diff -up ./node_build/make.js.dyn ./node_build/make.js
--- ./node_build/make.js.dyn	2015-11-02 17:59:41.000000000 -0500
+--- ./node_build/make.js.dyn	2016-01-27 03:07:49.000000000 -0500
-+++ ./node_build/make.js	2015-11-04 19:57:49.961155943 -0500
+++ ./node_build/make.js	2016-04-18 16:17:04.052719207 -0400
-@@ -238,41 +238,9 @@ Builder.configure({
+@@ -250,41 +250,9 @@ Builder.configure({
     }).nThen(function (waitFor) {
@ -46,7 +46,7 @@ diff -up ./node_build/make.js.dyn ./node_build/make.js
     }).nThen(function (waitFor) {
-@@ -411,7 +379,7 @@ Builder.configure({
+@@ -423,7 +391,7 @@ Builder.configure({
     builder.buildExecutable('crypto/random/randombytes.c');
     builder.lintFiles(function (fileName, file, callback) {
--- a/cjdns.man.patch
+++ b/cjdns.man.patch
@ -1,6 +1,6 @@
 diff -up ./contrib/doc/cjdns-online.md.man ./contrib/doc/cjdns-online.md
--- ./contrib/doc/cjdns-online.md.man	2016-03-08 18:57:49.297123587 -0500
+--- ./contrib/doc/cjdns-online.md.man	2016-04-18 15:53:17.346245693 -0400
-+++ ./contrib/doc/cjdns-online.md	2016-03-08 18:56:28.344871576 -0500
+++ ./contrib/doc/cjdns-online.md	2016-04-18 15:53:17.346245693 -0400
@@ -0,0 +1,33 @@
 +cjdns-online(1) -- check whether cjdns tunnel devices are available
 +=============================================
@ -36,8 +36,8 @@ diff -up ./contrib/doc/cjdns-online.md.man ./contrib/doc/cjdns-online.md
 +    Wait for full startup instead of just tun dev.  This is not implemented.
 +
 diff -up ./contrib/doc/cjdroute.md.man ./contrib/doc/cjdroute.md
--- ./contrib/doc/cjdroute.md.man	2016-03-08 18:47:02.960143140 -0500
+--- ./contrib/doc/cjdroute.md.man	2016-04-18 15:53:17.346245693 -0400
-+++ ./contrib/doc/cjdroute.md	2016-03-08 18:47:02.960143140 -0500
+++ ./contrib/doc/cjdroute.md	2016-04-18 15:53:17.346245693 -0400
@@ -0,0 +1,76 @@
 +cjdroute(1) -- Cjdns packet switch
 +=============================================
@ -116,8 +116,8 @@ diff -up ./contrib/doc/cjdroute.md.man ./contrib/doc/cjdroute.md
 +
 +For more information about other functions and non-standard setups, see README.md
 diff -up ./contrib/doc/makekeys.md.man ./contrib/doc/makekeys.md
--- ./contrib/doc/makekeys.md.man	2016-03-08 18:47:02.960143140 -0500
+--- ./contrib/doc/makekeys.md.man	2016-04-18 15:53:17.346245693 -0400
-+++ ./contrib/doc/makekeys.md	2016-03-08 18:47:02.960143140 -0500
+++ ./contrib/doc/makekeys.md	2016-04-18 15:53:17.346245693 -0400
@@ -0,0 +1,18 @@
 +makekeys(1) -- write cjdns keys generated via libnacl to stdout
 +=============================================
@ -137,9 +137,38 @@ diff -up ./contrib/doc/makekeys.md.man ./contrib/doc/makekeys.md
 +## SEE ALSO
 +
 +publictoip6(1)
 diff -up ./contrib/doc/peerStats.md.man ./contrib/doc/peerStats.md
 --- ./contrib/doc/peerStats.md.man	2016-04-18 16:56:16.630871236 -0400
 +++ ./contrib/doc/peerStats.md	2016-04-18 17:05:51.504311727 -0400
@@ -0,0 +1,25 @@
 +peerStats(1) -- show cjdns peers
 +=============================================
 +
 +## SYNOPSIS
 +
 +`peerStats`
 +
 +## DESCRIPTION
 +
 +Cjdroute talks to a number of immediate peers configured in
 +`/etc/cjdroute.conf`.  These can be discovered dynamically on local
 +networks if "beacon" is enabled.  Peers are enabled to connect
 +to cjdroute by adding a login in "authorizedPasswords".  Connecting
 +out to peers is configured in "connectTo" in either the IPv4 or IPv6 section.
 +
 +No admin privilege is needed to run peerStats, but it looks in `~/.cjdnsadmin`
 +for the IP and admin port of cjdroute.
 +
 +##FILES
 +
 +`~/.cjdnsadmin`
 +
 +## SEE ALSO
 +
 +cjdroute(1), sessionStats(1)
 diff -up ./contrib/doc/privatetopublic.md.man ./contrib/doc/privatetopublic.md
--- ./contrib/doc/privatetopublic.md.man	2016-03-08 18:47:02.961143168 -0500
+--- ./contrib/doc/privatetopublic.md.man	2016-04-18 15:53:17.346245693 -0400
-+++ ./contrib/doc/privatetopublic.md	2016-03-08 22:34:30.532757463 -0500
+++ ./contrib/doc/privatetopublic.md	2016-04-18 15:53:17.346245693 -0400
@@ -0,0 +1,25 @@
 +privatetopublic(8) -- convert cjdns private keys to public keys and IP6
 +=============================================
@ -167,8 +196,8 @@ diff -up ./contrib/doc/privatetopublic.md.man ./contrib/doc/privatetopublic.md
 +
 +publictoip6(1)
 diff -up ./contrib/doc/publictoip6.md.man ./contrib/doc/publictoip6.md
--- ./contrib/doc/publictoip6.md.man	2016-03-08 18:47:02.961143168 -0500
+--- ./contrib/doc/publictoip6.md.man	2016-04-18 15:53:17.346245693 -0400
-+++ ./contrib/doc/publictoip6.md	2016-03-08 18:47:02.961143168 -0500
+++ ./contrib/doc/publictoip6.md	2016-04-18 15:53:17.346245693 -0400
@@ -0,0 +1,14 @@
 +publictoip6(1) -- write random bytes generated via libnacl to stdout
 +=============================================
@ -185,8 +214,8 @@ diff -up ./contrib/doc/publictoip6.md.man ./contrib/doc/publictoip6.md
 +
 +randombytes(1)
 diff -up ./contrib/doc/randombytes.md.man ./contrib/doc/randombytes.md
--- ./contrib/doc/randombytes.md.man	2016-03-08 18:47:02.961143168 -0500
+--- ./contrib/doc/randombytes.md.man	2016-04-18 15:53:17.346245693 -0400
-+++ ./contrib/doc/randombytes.md	2016-03-08 18:47:02.961143168 -0500
+++ ./contrib/doc/randombytes.md	2016-04-18 15:53:17.346245693 -0400
@@ -0,0 +1,16 @@
 +randombytes(1) -- write random bytes generated via libnacl to stdout
 +=============================================
@ -204,9 +233,52 @@ diff -up ./contrib/doc/randombytes.md.man ./contrib/doc/randombytes.md
 +## SEE ALSO
 +
 +makekeys(1)
 diff -up ./contrib/doc/sessionStats.md.man ./contrib/doc/sessionStats.md
 --- ./contrib/doc/sessionStats.md.man	2016-04-18 15:53:17.347245712 -0400
 +++ ./contrib/doc/sessionStats.md	2016-04-18 15:53:17.347245712 -0400
@@ -0,0 +1,39 @@
 +sessionStats(1) -- show cjdns crypto sessions
 +=============================================
 +
 +## SYNOPSIS
 +
 +`sessionStats`
 +
 +## DESCRIPTION
 +
 +Cjdroute always talks to other nodes over a "session" similar to
 +a TLS session.  A session is required not only to talk to each peer,
 +but also when talking to intermediate nodes to ask them about their peers
 +when planning a route.  
 +
 +The Cjdns protocol offers Perfect Forward Secrecy.  Each session has a random
 +symmetric key that encrypts that session.  If a node is compromised, 
 +the attacker can get the session keys and read current and future sessions.
 +However, the session keys are securely erased when a session is destroyed,
 +so that past sessions (before the compromise) cannot be read.  The lifetime
 +of a session is somewhat random.  Cjdroute caches recently active sessions,
 +and destroys sessions that have not been used for a while.
 +
 +##USAGE
 +
 +Running sessionStats requires admin privilege.  The cjdnsadmin lib will 
 +try to read `/etc/cjdroute.conf` for the admin password.  This will 
 +normally succeed only for root.  Otherwise, it tries `~/.cjdnsadmin`
 +
 +##FILES
 +
 +`~/.cjdnsadmin`
 +`/etc/cjdroute.conf`
 +
 +##BUGS
 +If you get a TypeError, you probably have the wrong admin password.
 +
 +## SEE ALSO
 +
 +cjdroute(1), peerStats(1)
 diff -up ./contrib/doc/sybilsim.md.man ./contrib/doc/sybilsim.md
--- ./contrib/doc/sybilsim.md.man	2016-03-08 18:47:02.962143196 -0500
+--- ./contrib/doc/sybilsim.md.man	2016-04-18 15:53:17.347245712 -0400
-+++ ./contrib/doc/sybilsim.md	2016-03-08 18:47:02.962143196 -0500
+++ ./contrib/doc/sybilsim.md	2016-04-18 15:53:17.347245712 -0400
@@ -0,0 +1,43 @@
 +sybilsim(8) -- Cjdns packet switch
 +=============================================
@ -251,3 +323,40 @@ diff -up ./contrib/doc/sybilsim.md.man ./contrib/doc/sybilsim.md
 +## SEE ALSO
 +
 +makekeys(1), cjdroute(1)
 diff -up ./contrib/doc/traceroute.md.man ./contrib/doc/traceroute.md
 --- ./contrib/doc/traceroute.md.man	2016-04-18 15:53:17.347245712 -0400
 +++ ./contrib/doc/traceroute.md	2016-04-18 15:53:17.347245712 -0400
@@ -0,0 +1,33 @@
 +cjdns-traceroute(1) -- trace Cjdns packet routing
 +=============================================
 +
 +## SYNOPSIS
 +
 +`cjdns-traceroute` <host_or_ip>
 +
 +## DESCRIPTION
 +
 +Because CJDNS is end to end encrypted, the standard traceroute always
 +shows a direct connection.  Cjdns-traceroute queries cjdroute to discover
 +what route would be used to send a packet to the destination IP.
 +Note that just as with the standard traceroute, there is no guarantee
 +that that precise route will actually be used with the next packet.
 +
 +Cjdns-traceroute requires admin privilege.  The cjdnsadmin lib will 
 +try to read `/etc/cjdroute.conf` for the admin password.  This will 
 +normally succeed only for root.  Otherwise, it tries `~/.cjdnsadmin`
 +
 +##USAGE
 +
 +##FILES
 +
 +`~/.cjdnsadmin`
 +`/etc/cjdroute.conf`
 +
 +##BUGS
 +Cjdns-traceroute throws an ugly exception if you forget
 +to pass an IP or have the wrong admin password.
 +
 +## SEE ALSO
 +
 +cjdroute(1)
--- a/cjdns.sbin.patch
+++ b/cjdns.sbin.patch
@ -1,6 +1,6 @@
 diff -up ./contrib/systemd/cjdns-online.sh.sbin ./contrib/systemd/cjdns-online.sh
--- ./contrib/systemd/cjdns-online.sh.sbin	2016-03-08 18:47:02.883140998 -0500
+--- ./contrib/systemd/cjdns-online.sh.sbin	2016-04-18 15:53:17.316245094 -0400
-+++ ./contrib/systemd/cjdns-online.sh	2016-03-10 17:16:45.909853618 -0500
+++ ./contrib/systemd/cjdns-online.sh	2016-04-18 15:53:17.316245094 -0400
@@ -0,0 +1,75 @@
 +#!/bin/sh
 +#   Check whether cjdns IPs are available
@ -78,8 +78,8 @@ diff -up ./contrib/systemd/cjdns-online.sh.sbin ./contrib/systemd/cjdns-online.s
 +  cjdns_ips
 +fi
 diff -up ./contrib/systemd/cjdns-resume.service.sbin ./contrib/systemd/cjdns-resume.service
--- ./contrib/systemd/cjdns-resume.service.sbin	2016-03-08 18:47:02.883140998 -0500
+--- ./contrib/systemd/cjdns-resume.service.sbin	2016-04-18 15:53:17.316245094 -0400
-+++ ./contrib/systemd/cjdns-resume.service	2016-03-08 18:47:02.883140998 -0500
+++ ./contrib/systemd/cjdns-resume.service	2016-04-18 15:53:17.316245094 -0400
@@ -0,0 +1,10 @@
 +[Unit]
 +Description=Restart cjdns on resume from sleep
@ -93,7 +93,7 @@ diff -up ./contrib/systemd/cjdns-resume.service.sbin ./contrib/systemd/cjdns-res
 +WantedBy=sleep.target
 diff -up ./contrib/systemd/cjdns.service.sbin ./contrib/systemd/cjdns.service
 --- ./contrib/systemd/cjdns.service.sbin	2016-01-27 03:07:49.000000000 -0500
-+++ ./contrib/systemd/cjdns.service	2016-03-08 18:47:02.884141026 -0500
+++ ./contrib/systemd/cjdns.service	2016-04-18 15:55:59.579483155 -0400
@@ -9,10 +9,10 @@ ProtectSystem=true
 SyslogIdentifier=cjdroute
 ExecStartPre=/bin/sh -ec "if ! test -s /etc/cjdroute.conf; \
@ -103,14 +103,14 @@ diff -up ./contrib/systemd/cjdns.service.sbin ./contrib/systemd/cjdns.service
                 echo 'WARNING: A new /etc/cjdroute.conf file has been generated.'; \
 -            fi"
 -ExecStart=/bin/sh -c "exec cjdroute --nobg < /etc/cjdroute.conf"
-+            fi; /usr/sbin/modprobe tun"
+            fi; test -c /dev/net/tun || /usr/sbin/modprobe tun"
 +ExecStart=/bin/sh -c "exec /usr/sbin/cjdroute --nobg < /etc/cjdroute.conf"
 Restart=always
 [Install]
 diff -up ./contrib/systemd/cjdns-wait-online.service.sbin ./contrib/systemd/cjdns-wait-online.service
--- ./contrib/systemd/cjdns-wait-online.service.sbin	2016-03-08 18:47:02.885141054 -0500
+--- ./contrib/systemd/cjdns-wait-online.service.sbin	2016-04-18 15:53:17.317245114 -0400
-+++ ./contrib/systemd/cjdns-wait-online.service	2016-03-08 23:49:38.996469685 -0500
+++ ./contrib/systemd/cjdns-wait-online.service	2016-04-18 15:53:17.317245114 -0400
@@ -0,0 +1,13 @@
 +[Unit]
 +Description=CJDNS Wait Online
@ -127,7 +127,7 @@ diff -up ./contrib/systemd/cjdns-wait-online.service.sbin ./contrib/systemd/cjdn
 +WantedBy=multi-user.target
 diff -up ./contrib/upstart/cjdns.conf.sbin ./contrib/upstart/cjdns.conf
 --- ./contrib/upstart/cjdns.conf.sbin	2016-01-27 03:07:49.000000000 -0500
-+++ ./contrib/upstart/cjdns.conf	2016-03-08 18:47:02.885141054 -0500
+++ ./contrib/upstart/cjdns.conf	2016-04-18 15:55:07.845450771 -0400
@@ -13,10 +13,13 @@ pre-start script
     if ! [ -s /etc/cjdroute.conf ]; then
         ( # start a subshell to avoid side effects of umask later on
@ -139,7 +139,7 @@ diff -up ./contrib/upstart/cjdns.conf.sbin ./contrib/upstart/cjdns.conf
         echo 'WARNING: A new cjdns cjdroute.conf file has been generated.'
     fi
 +    # preload tun driver, since we prevent module_request
-+    /sbin/modprobe tun
+    test -c /dev/net/tun || /sbin/modprobe tun
     # If you need a non-standard setup, as described in
     # https://github.com/cjdelisle/cjdns#non-standard-setups,
--- a/cjdns.sodium.patch
+++ b/cjdns.sodium.patch
@ -0,0 +1,57 @@
 diff -up ./node_build/make.js.dyn ./node_build/make.js
 --- ./node_build/make.js.dyn	2015-11-02 17:59:41.000000000 -0500
 +++ ./node_build/make.js	2015-11-04 19:57:49.961155943 -0500
@@ -238,41 +238,9 @@ Builder.configure({
     }).nThen(function (waitFor) {
 -        builder.config.libs.push(dependencyDir + '/cnacl/jsbuild/libnacl.a');
 -        builder.config.includeDirs.push(dependencyDir + '/cnacl/jsbuild/include/');
 -
 -        Fs.exists(dependencyDir + '/cnacl/jsbuild/libnacl.a', waitFor(function (exists) {
 -            if (exists) { return; }
 -
 -            console.log("Build NaCl");
 -            var cwd = process.cwd();
 -            process.chdir(dependencyDir + '/cnacl/');
 -
 -            var NaCl = require(process.cwd() + '/node_build/make.js');
 -            NaCl.build(function (args, callback) {
 -                if (builder.config.systemName !== 'win32') {
 -                    args.unshift('-fPIC');
 -                }
 -
 -                args.unshift(builder.config.optimizeLevel, '-fomit-frame-pointer');
 -
 -                if (CFLAGS) {
 -                    [].push.apply(args, CFLAGS.split(' '));
 -                }
 -
 -                if (!builder.config.crossCompiling) {
 -                    if (NO_MARCH_FLAG.indexOf(process.arch) < -1) {
 -                        builder.config.cflags.push('-march=native');
 -                    }
 -                }
 -
 -                builder.cc(args, callback);
 -            },
 -            builder.config,
 -            waitFor(function () {
 -                process.chdir(cwd);
 -            }));
 -        }));
 +        builder.config.libs.push('-lsodium');
 +        builder.config.libs.push('-lstdc++');
 +        builder.config.includeDirs.push('/usr/include/sodium/');
     }).nThen(function (waitFor) {
@@ -411,7 +379,7 @@ Builder.configure({
     builder.buildExecutable('crypto/random/randombytes.c');
     builder.lintFiles(function (fileName, file, callback) {
 -        if (/dependencies/.test(fileName)) {
 +        if (/(dependencies|\/usr\/include)/.test(fileName)) {
             callback('', false);
             return;
         }
--- a/cjdns.spec
+++ b/cjdns.spec
@ -3,6 +3,18 @@
 # Use the optimized libnacl embedded with cjdns
 %global use_embedded 0
 # Use libsodium instead of nacl
 %global use_libsodium 0
 %if 0%{use_libsodium}
 %global nacl_name libsodium
 %global nacl_version 1.0.5
 %global nacl_lib %{_libdir}/libsodium.so
 %else
 %global nacl_name nacl
 %global nacl_version 20110221
 %global nacl_lib %{_libdir}/libnacl.so
 %endif
 %if 0%{?rhel} >= 5 && 0%{?rhel} < 7
 %global use_systemd 0
@ -27,7 +39,7 @@
 Name:           cjdns
 # major version is cjdns protocol version:
 Version:        17.3
-Release:        10%{?dist}
+Release:        12%{?dist}
 Summary:        The privacy-friendly network without borders
 Group:          System Environment/Base
 # cjdns is all GPLv3 except libuv which is MIT and BSD and ISC
@ -68,6 +80,10 @@ Patch7:  cjdns.cap3.patch
 Patch8:  cjdns.warnings.patch
 # Man pages
 Patch9:  cjdns.man.patch
 # Patch some bugs in nodejs tools
 Patch10: cjdns.tools.patch
 # Alternate dynamic library patch to use libsodium
 Patch11: cjdns.sodium.patch
 BuildRequires:  nodejs, nodejs-ronn
@ -76,7 +92,7 @@ BuildRequires:  make
 %if !%{use_embedded}
 # x86_64 and ARM libnacl are not compiled with -fPIC before Fedora release 11.
-BuildRequires:  nacl-devel >= 20110221-11
+BuildRequires:  %{nacl_name}-devel >= %{nacl_version}
 %endif
 %if %{use_systemd}
 # systemd macros are not defined unless systemd is present
@ -110,13 +126,17 @@ Targeted SELinux policy module for cjdns.
 # FIXME: keep C tools separate?
 %package tools
-Summary: nodejs tools for cjdns
+Summary: Nodejs tools for cjdns
 Group: System Environment/Base
 Requires: nodejs, %{name} = %{version}-%{release}
 BuildArch: noarch
 %description tools
-C language and nodejs tools for cjdns.
+Nodejs tools for cjdns. Highlights:
 peerStats          show current peer status
 cjdnslog           display cjdroute log
 cjdns-traceroute   trace route to cjdns IP
 sessionStats       show current crypto sessions
 %package python
 Summary: Python tools for cjdns
@ -149,8 +169,12 @@ Python graphing tools for cjdns.
 %if !%{use_embedded}
 # use system nacl library if provided.  
-if test -x %{_libdir}/libnacl.so; then
+if test -x %{nacl_lib}; then
 %if 0%{use_libsodium}
 %patch11 -b .sodium
 %else
 %patch6 -b .dyn
 %endif
  rm -rf node_build/dependencies/cnacl
 # use static library if system nacl doesn't provide dynamic
 elif test -d %{_includedir}/nacl && test -r %{_libdir}/libnacl.a; then
@ -170,6 +194,7 @@ fi
 %endif
 %patch9 -b .man
 %patch10 -b .tools
 cp %{SOURCE1} README_Fedora.md
@ -251,6 +276,9 @@ for t in peerStats sessionStats cjdnslog search dumpLinks dumptable \
         dumpRumorMill pathfinderTree pingAll; do
  ln -sf %{_libexecdir}/cjdns/tools/$t %{buildroot}%{_bindir}
 done
 for t in traceroute; do
  ln -sf %{_libexecdir}/cjdns/tools/$t %{buildroot}%{_bindir}/cjdns-$t
 done
 # symlinks for selected C tools
 for t in publictoip6 randombytes makekeys; do
@ -269,8 +297,11 @@ install -pm 644 doc/man/cjdroute.conf.5 %{buildroot}%{_mandir}/man5
 cd contrib/doc
 for m in *.md; do
  case ${m%.md} in
-  cjdroute|publictoip6|randombytes|makekeys|cjdns-online) M="1" ;;
+  traceroute) M="1"
-  *) M="8" ;;
+    ronn-nodejs $m >%{buildroot}%{_mandir}/man$M/cjdns-${m%.md}.$M
    continue ;;
  privatetopublic|sybilsim) M="8" ;;
  *) M="1" ;;
  esac
  ronn-nodejs $m >%{buildroot}%{_mandir}/man$M/${m%.md}.$M
 done
@ -325,6 +356,11 @@ done
 %{_mandir}/man1/*
 %{_mandir}/man5/*
 %{_mandir}/man8/*
 %{_mandir}/man1/cjdns-online.1.gz
 %{_mandir}/man1/cjdroute.1.gz
 %{_mandir}/man1/makekeys.1.gz
 %{_mandir}/man1/publictoip6.1.gz
 %{_mandir}/man1/randombytes.1.gz
 %pre
 getent group cjdns > /dev/null || groupadd -r cjdns
@ -390,6 +426,10 @@ fi
 %{_bindir}/dumptable
 %{_bindir}/pingAll
 %{_bindir}/search
 %{_bindir}/cjdns-traceroute
 %{_mandir}/man1/cjdns-traceroute.1.gz
 %{_mandir}/man1/sessionStats.1.gz
 %{_mandir}/man1/peerStats.1.gz
 %files python
 %doc contrib/python/README.md contrib/python/cjdns-dynamic.conf
@ -429,6 +469,17 @@ fi
 %{_bindir}/graphStats
 %changelog
 * Mon Apr 18 2016 Stuart D. Gathman <stuart@gathman.org> 17.3-12
 - Run modprobe only if /dev/tun not present - fixes running on openVZ
 - Select nacl/libsodium with a macro
 - Switch back to nacl for platforms that support it
 - man page for peerStats
 * Tue Apr  5 2016 Stuart D. Gathman <stuart@gathman.org> 17.3-11
 - Patch some bugs in traceroute and symlink to /usr/bin/cjdns-traceroute
 - man page for cjdns-traceroute, sessionStats
 - switch to libsodium instead of nacl
 * Thu Mar 10 2016 Stuart D. Gathman <stuart@gathman.org> 17.3-10
 - Mark nodejs and selinux noarch
 - Remove _isa from noarch subpackages.
--- a/cjdns.tools.patch
+++ b/cjdns.tools.patch
@ -0,0 +1,30 @@
 diff -up ./tools/traceroute.tools ./tools/traceroute
 --- ./tools/traceroute.tools	2016-03-13 21:23:01.529922250 -0400
 +++ ./tools/traceroute	2016-03-13 21:27:38.006631098 -0400
@@ -83,6 +83,11 @@ var main = function (target) {
         cjdns.RouterModule_getPeers("0000.0000.0000.0001", waitFor(function (err, ret) {
             if (err) { throw err; }
 +	    if (!ret.peers) {
 +                console.error('missing CJDNS admin password');
 +                cjdns.disconnect();
 +                process.exit(0);
 +            }
             self = ret.peers[0];
         }));
@@ -101,12 +106,13 @@ var main = function (target) {
     }).nThen(function (waitFor) {
 -        if (!lastRet || lastRet.nodes[0] !== lastRet.from) { return; }
 +        if (!lastRet || !lastRet.nodes || lastRet.nodes[0] !== lastRet.from) { return; }
         console.log('success, trying reverse trace');
         process.stdout.write(lastRet.from);
         tracePath(nodeToIP6(self), lastRet.from, cjdns, function (ret) {
             lastRet = ret;
             process.stdout.write('  ' + ret.ms + 'ms\n');
 +            if (!ret || !ret.nodes) { return; }
             if (ret.nodes.length === 0) {
                 console.log('cornered');
             } else if (ret.nodes[0] !== ret.from) {
--- a/cjdns.warnings.patch
+++ b/cjdns.warnings.patch
@ -1,6 +1,26 @@
 diff -up ./crypto/CryptoAuth.c.warnings ./crypto/CryptoAuth.c
 --- ./crypto/CryptoAuth.c.warnings	2016-04-06 00:40:48.537753854 -0400
 +++ ./crypto/CryptoAuth.c	2016-04-06 00:52:00.506042569 -0400
@@ -77,6 +77,8 @@ static inline void getSharedSecret(uint8
                                    uint8_t passwordHash[32],
                                    struct Log* logger)
 {
 +#pragma GCC diagnostic push
 +#pragma GCC diagnostic ignored "-Wunused-result"
     if (passwordHash == NULL) {
         crypto_box_curve25519xsalsa20poly1305_beforenm(outputSecret, herPublicKey, myPrivateKey);
     } else {
@@ -92,6 +94,7 @@ static inline void getSharedSecret(uint8
         Bits_memcpy(buff.components.passwd, passwordHash, 32);
         crypto_hash_sha256(outputSecret, buff.bytes, 64);
     }
 +#pragma GCC diagnostic pop
     if (Defined(Log_KEYS)) {
         uint8_t myPublicKeyHex[65];
         printHexPubKey(myPublicKeyHex, myPrivateKey);
 diff -up ./dht/CJDHTConstants.h.warnings ./dht/CJDHTConstants.h
 --- ./dht/CJDHTConstants.h.warnings	2016-01-27 03:07:49.000000000 -0500
-+++ ./dht/CJDHTConstants.h	2016-02-02 21:42:27.810535881 -0500
+++ ./dht/CJDHTConstants.h	2016-04-06 00:23:39.784334020 -0400
@@ -17,7 +17,9 @@
 #include "benc/String.h"
@ -21,7 +41,7 @@ diff -up ./dht/CJDHTConstants.h.warnings ./dht/CJDHTConstants.h
 #endif
 diff -up ./node_build/dependencies/libuv/test/test-getsockname.c.warnings ./node_build/dependencies/libuv/test/test-getsockname.c
 --- ./node_build/dependencies/libuv/test/test-getsockname.c.warnings	2016-01-27 03:07:49.000000000 -0500
-+++ ./node_build/dependencies/libuv/test/test-getsockname.c	2016-02-02 19:53:49.293769496 -0500
+++ ./node_build/dependencies/libuv/test/test-getsockname.c	2016-04-06 00:23:39.784334020 -0400
@@ -18,7 +18,7 @@
  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
  * IN THE SOFTWARE.
@ -33,7 +53,7 @@ diff -up ./node_build/dependencies/libuv/test/test-getsockname.c.warnings ./node
 diff -up ./util/platform/netdev/NetPlatform_linux.c.warnings ./util/platform/netdev/NetPlatform_linux.c
 --- ./util/platform/netdev/NetPlatform_linux.c.warnings	2016-01-27 03:07:49.000000000 -0500
-+++ ./util/platform/netdev/NetPlatform_linux.c	2016-02-02 19:53:49.293769496 -0500
+++ ./util/platform/netdev/NetPlatform_linux.c	2016-04-06 00:23:39.784334020 -0400
@@ -142,7 +142,7 @@ void NetPlatform_addAddress(const char*
             Except_throw(eh, "ioctl(SIOCSIFADDR) failed: [%s]", strerror(err));
         }
@ -54,7 +74,7 @@ diff -up ./util/platform/netdev/NetPlatform_linux.c.warnings ./util/platform/net
 diff -up ./util/platform/Sockaddr.c.warnings ./util/platform/Sockaddr.c
 --- ./util/platform/Sockaddr.c.warnings	2016-01-27 03:07:49.000000000 -0500
-+++ ./util/platform/Sockaddr.c	2016-02-02 19:53:49.294769524 -0500
+++ ./util/platform/Sockaddr.c	2016-04-06 00:23:39.785334040 -0400
@@ -12,6 +12,7 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.