+++ /dev/null
-#
-# Copyright (C) 2012-2014 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=hnetd
-PKG_SOURCE_DATE:=2018-12-21
-PKG_SOURCE_VERSION:=c43766610ed30194b048bc070a3c433aec731c40
-PKG_RELEASE:=1
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/sbyx/hnetd
-PKG_MIRROR_HASH:=3b3bfff16b99dfd23b74932ac6a74af18cb9f8fd029980f1bd3788ddfb0414bb
-
-PKG_LICENSE:=GPL-2.0-only
-PKG_LICENSE_FILES:=LICENSE
-
-PKG_BUILD_PARALLEL:=1
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/cmake.mk
-
-# Spammy debug builds for now
-CMAKE_OPTIONS += -DL_LEVEL=7
-
-# OpenWRT target
-CMAKE_OPTIONS += -DBACKEND=openwrt
-
-ifeq ($(BUILD_VARIANT),openssl)
-CMAKE_OPTIONS += -DDTLS_OPENSSL=1
-endif
-
-define Package/hnetd/Default
- SECTION:=net
- CATEGORY:=Network
- TITLE:=HNCP Homenet daemon - $(2)
- URL:=https://github.com/sbyx/hnetd
- DEPENDS:=+odhcpd +odhcp6c +netifd $(3)
- DEPENDS+=@IPV6
- VARIANT:=$1
-endef
-
-Package/hnetd-nossl=$(call Package/hnetd/Default,nossl,no authentication)
-Package/hnetd-openssl=$(call Package/hnetd/Default,openssl,authentication via OpenSSL,+libopenssl)
-
-define Package/hnet-full
- SECTION:=net
- CATEGORY:=Network
- TITLE:=HNCP Homenet metapackage
- URL:=https://github.com/sbyx/hnetd
- DEPENDS:=+hnetd-nossl +luci-app-hnet +ip
- # Routing
- DEPENDS+=+babeld
- # Service discovery
- DEPENDS+=+ohybridproxy +zonestitcher
- # Distributed PCP support
- DEPENDS+=+miniupnpd +minimalist-pcproxy
-endef
-
-define Package/hnet-full-secure
- SECTION:=net
- CATEGORY:=Network
- TITLE:=HNCP Homenet metapackage (w/ SSL)
- URL:=https://github.com/sbyx/hnetd
- DEPENDS:=+hnetd-openssl +luci-app-hnet +ip
- # Routing
- DEPENDS+=+babeld
- # Service discovery
- DEPENDS+=+ohybridproxy +zonestitcher
- # Distributed PCP support
- DEPENDS+=+miniupnpd +minimalist-pcproxy
-endef
-
-define Package/hnet-full-l2tp
- SECTION:=net
- CATEGORY:=Network
- TITLE:=HNCP Homenet metapackage (w/ L2TP)
- URL:=https://github.com/sbyx/hnetd
- DEPENDS:=+hnetd-nossl +luci-app-hnet +ip-full +kmod-l2tp-eth
- # Routing
- DEPENDS+=+babeld
- # Service discovery
- DEPENDS+=+ohybridproxy +zonestitcher
- # Distributed PCP support
- DEPENDS+=+miniupnpd +minimalist-pcproxy
-endef
-
-define Package/luci-app-hnet
- SECTION:=luci
- CATEGORY:=LuCI
- SUBMENU:=3. Applications
- TITLE:=HNCP Homenet configuration and visualization
-# DEPENDS:=+hnetd
-# TBD - how to express dependency on 'some' hnetd?
-endef
-
-define Package/hnetd-$(BUILD_VARIANT)/description
-This package provides a daemon which implementats distributed prefix assignment
-and service discovery for a home network consisting of multiple routers
-connected to multiple service providers. It provides a netifd protocol "hnet"
-for use in /etc/config/network.
-endef
-
-define Package/hnetd-$(BUILD_VARIANT)/install
- $(INSTALL_DIR) $(1)/usr/sbin/
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/hnetd $(1)/usr/sbin/
- $(INSTALL_DIR) $(1)/lib/netifd/proto
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/openwrt/hnet.sh $(1)/lib/netifd/proto
- ln -s hnetd $(1)/usr/sbin/hnet-ifresolve
- ln -s hnetd $(1)/usr/sbin/hnet-trust
- ln -s hnetd $(1)/usr/sbin/hnet-dump
- $(INSTALL_DIR) $(1)/etc/init.d
- $(INSTALL_BIN) ./files/hnetd.init $(1)/etc/init.d/hnetd
- $(INSTALL_DIR) $(1)/etc/config
- $(INSTALL_DATA) ./files/hnet.config $(1)/etc/config/hnet
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/generic/ohp.script $(1)/usr/sbin/hnetd-ohp-script
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/generic/ddz.script $(1)/usr/sbin/hnetd-ddz-script
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/generic/pcp.script $(1)/usr/sbin/hnetd-pcp-script
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/generic/hnetd-routing $(1)/usr/sbin/hnetd-routing
- $(INSTALL_DIR) $(1)/etc/uci-defaults
- $(INSTALL_BIN) ./files/hnetd.defaults $(1)/etc/uci-defaults/x-hnetd.defaults
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/generic/multicast.script $(1)/usr/sbin/hnet-multicast
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/openwrt/autowifi.script $(1)/usr/sbin/autowifi
-endef
-
-define Package/hnet-full/install
- true
-endef
-
-define Package/hnet-full-secure/install
- true
-endef
-
-define Package/hnet-full-l2tp/install
- $(INSTALL_DIR) $(1)/usr/sbin/
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/generic/tunnel.script $(1)/usr/sbin/hnetd-tunnel
-endef
-
-define Package/luci-app-hnet/install
- $(INSTALL_DIR) $(1)/usr/lib/lua/luci
- $(INSTALL_DIR) $(1)/www
- $(CP) -R $(PKG_BUILD_DIR)/openwrt/luci/luasrc/* $(1)/usr/lib/lua/luci/
- $(CP) -R $(PKG_BUILD_DIR)/openwrt/luci/htdocs/* $(1)/www/
-endef
-
-define Package/hnetd-$(BUILD_VARIANT)/postinst
-#!/bin/sh
-[ -n "$${IPKG_INSTROOT}" ] || {
- (. /etc/uci-defaults/x-hnetd.defaults) && rm -f /etc/uci-defaults/x-hnetd.defaults
- [ -x /etc/init.d/dnsmasq ] && /etc/init.d/dnsmasq restart
- /etc/init.d/hnetd enable
- /etc/init.d/hnetd start
-}
-endef
-
-$(eval $(call BuildPackage,hnetd-nossl))
-$(eval $(call BuildPackage,hnetd-openssl))
-$(eval $(call BuildPackage,hnet-full))
-$(eval $(call BuildPackage,hnet-full-secure))
-$(eval $(call BuildPackage,hnet-full-l2tp))
-$(eval $(call BuildPackage,luci-app-hnet))
+++ /dev/null
-config security security
-# Simplest security mode:
-# option password foo
-# Trust consensus and CA-based share these options:
-# option certificate_file /etc/hnetd-cert.pem
-# option private_key_file /etc/hnetd-key.pem
-# Then to enable trust consensus:
-# option trust_store /etc/hnetd-trust.dat
-# Or CA-based authentication:
-# option trust_certificate_file /etc/ca-cert.pem
-
-config pa pa
-# option ip4prefix 10.0.0.0/8
-# option ip4mode ifuplink
-# option ulaprefix fd12:3456:789A::/48
-# option ulamode off
- option persistent_store /etc/hnet-pa.store
-
-config sd sd
-# option router_name openwrt
-# option domain_name home.
-
-
-# Wifi allows for very basic wifi autoconfiguration
-# Warning: This feature is unstable
-config wifi wifi
-# option enable 0
-# option ssid ssidtest
-# option password test
+++ /dev/null
-#!/bin/sh
-
-# Why we tune dnsmasq?
-# localservice=0 => other hnetd instances can query for local names
-# boguspriv=0 => allow reverse resolution of RFC1918 w/o local hosts entries
-
-uci batch <<EOF
-set dhcp.odhcpd.maindhcp=1
-set dhcp.@dnsmasq[0].localservice=0
-set dhcp.@dnsmasq[0].boguspriv=0
-commit dhcp
-EOF
+++ /dev/null
-#!/bin/sh /etc/rc.common
-
-# XXX - is there something that should cause reload? or can we just
-# use info from netifd and let it handle dynamic changes? let's hope
-# so..
-
-START=90
-STOP=10
-USE_PROCD=1
-
-DNSMASQ_DIR=/tmp/dnsmasq.d
-DNSMASQ_SCRIPT=/etc/init.d/dnsmasq
-OHP_SCRIPT=/usr/sbin/hnetd-ohp-script
-OHP_BINARY=/usr/sbin/ohybridproxy
-DDZ_SCRIPT=/usr/sbin/hnetd-ddz-script
-DDZ_BINARY=/usr/sbin/zonestitcher
-PCP_SCRIPT=/usr/sbin/hnetd-pcp-script
-PCP_BINARY=/usr/sbin/minimalist-pcproxy
-MULTICAST_SCRIPT=/usr/sbin/hnet-multicast
-WIFI_SCRIPT=/usr/sbin/autowifi
-
-start_service() {
- . /lib/functions.sh
- . /lib/functions/network.sh
- config_load hnet
-
- mkdir -p $DNSMASQ_DIR
- procd_open_instance
- procd_set_param command /usr/sbin/hnetd
-
- # SD parts are here (make configurable?)
- if [ -f $OHP_BINARY -a -f $DNSMASQ_SCRIPT ]
- then
- mkdir -p $DNSMASQ_DIR
- procd_append_param command -d $DNSMASQ_SCRIPT
- procd_append_param command -f $DNSMASQ_DIR/hnet.conf
- procd_append_param command -o $OHP_SCRIPT
- HOSTNAME=`cat /proc/sys/kernel/hostname`
- if [ -n "$HOSTNAME" ]
- then
- procd_append_param command -n "$HOSTNAME"
- fi
- if [ -f $DDZ_BINARY ]
- then
- procd_append_param command -z $DDZ_SCRIPT
- fi
- fi
-
- # Enable multicast if present and installed
- if [ -f "$MULTICAST_SCRIPT" ]
- then
- $MULTICAST_SCRIPT status && procd_append_param command -M "$MULTICAST_SCRIPT"
- fi
-
- config_get enableval wifi enable
- if [ -f "$WIFI_SCRIPT" -a "$enableval" = "1" ]; then
- wifiopt=$WIFI_SCRIPT
- config_get ssidval wifi ssid
- config_get passval wifi password
- if [ -n "$ssidval" -a -n "$passval" ]; then
- wifiopt=${wifiopt},${ssidval}:${passval}
- fi
- procd_append_param command -w "$wifiopt"
- fi
-
- # Enable PCP, if it's present
- if [ -f $PCP_BINARY -a -f $PCP_SCRIPT ]
- then
- procd_append_param command -c $PCP_SCRIPT
- fi
-
- # State file
- config_get val pa persistent_store
- procd_append_param command -s ${val:-/tmp/hnetd.pa_state}
-
- # Routing script
- procd_append_param command -r /usr/sbin/hnetd-routing
-
- [ -x /usr/sbin/hnetd-tunnel ] && \
- procd_append_param command -t /usr/sbin/hnetd-tunnel
-
- # Prefix assignment (pa)
- config_get val pa ip4prefix
- [ -n "$val" ] && procd_append_param command --ip4prefix $val
-
- config_get val pa ip4mode
- [ -n "$val" ] && procd_append_param command --ip4mode $val
-
- config_get val pa ulaprefix
- [ -n "$val" ] && procd_append_param command --ulaprefix $val
-
- config_get val pa ulamode
- [ -n "$val" ] && procd_append_param command --ulamode $val
-
- # Service discovery (sd)
- config_get val sd router_name
- [ -n "$val" ] && procd_append_param command -n $val
-
- config_get val sd domain_name
- [ -n "$val" ] && procd_append_param command -m $val
-
- # Security (needs security-enabled build)
- config_get val security password
- [ -n "$val" ] && procd_append_param command --password $val
-
- config_get val security certificate_file
- [ -n "$val" ] && procd_append_param command --certificate $val
-
- config_get val security private_key_file
- [ -n "$val" ] && procd_append_param command --privatekey $val
-
- config_get val security trust_store
- [ -n "$val" ] && procd_append_param command --trust $val
-
- config_get val security trust_certificate_file
- [ -n "$val" ] && procd_append_param command --verify-path $val
-
- # For more verbose logging, uncomment this:
- #procd_append_param command --loglevel 7
-
- procd_set_param respawn
- procd_close_instance
-}
-
-service_triggers() {
- procd_add_reload_trigger "hnet"
-}
+++ /dev/null
---- a/src/dtls.c
-+++ b/src/dtls.c
-@@ -698,8 +698,10 @@ dtls dtls_create(uint16_t port)
- if (!_ssl_initialized)
- {
- _ssl_initialized = true;
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- SSL_load_error_strings();
- SSL_library_init();
-+#endif
- }
- if (!d)
- goto fail;
-@@ -711,9 +713,9 @@ dtls dtls_create(uint16_t port)
- goto fail;
-
- #ifdef USE_ONE_CONTEXT
-- SSL_CTX *ctx = SSL_CTX_new(DTLSv1_method());
-+ SSL_CTX *ctx = SSL_CTX_new(DTLS_method());
- #else
-- SSL_CTX *ctx = SSL_CTX_new(DTLSv1_server_method());
-+ SSL_CTX *ctx = SSL_CTX_new(DTLS_server_method());
- #endif /* USE_ONE_CONTEXT */
- if (!ctx)
- {
-@@ -1002,6 +1004,7 @@ _client_psk(SSL *ssl,
-
- bool dtls_set_psk(dtls d, const char *psk, size_t psk_len)
- {
-+#ifndef OPENSSL_NO_PSK
- free(d->psk);
- d->psk = malloc(psk_len);
- if (!d->psk)
-@@ -1011,6 +1014,9 @@ bool dtls_set_psk(dtls d, const char *ps
- SSL_CTX_set_psk_client_callback(d->ssl_client_ctx, _client_psk);
- SSL_CTX_set_psk_server_callback(d->ssl_server_ctx, _server_psk);
- return true;
-+#else
-+ return false;
-+#endif
- }
-
- bool dtls_cert_to_pem_buf(dtls_cert cert, char *buf, int buf_len)
+++ /dev/null
---- a/src/hnetd.h
-+++ b/src/hnetd.h
-@@ -39,6 +39,7 @@
-
- #endif /* __APPLE__ */
-
-+#undef __unused
- #include <stddef.h>
- #include <stdint.h>
- #include <time.h>
projects / feed / routing.git / commitdiff