diff options
| author | Daniel Golle <daniel@makrotopia.org> | 2016-04-28 03:04:55 +0200 |
|---|---|---|
| committer | Daniel Golle <daniel@makrotopia.org> | 2016-05-02 15:54:33 +0100 |
| commit | ca3dfcfec29b4919073efb2fbc0962cf4841259d (patch) | |
| tree | 3bd41666f845f61cc5050386785fda9c29488024 /net | |
| parent | 9227efaa1e7370201cac1dc0d1df31a1afe69c74 (diff) | |
gnunet: use uci-defaults and further break core into components
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Diffstat (limited to 'net')
| -rw-r--r-- | net/gnunet/Makefile | 141 | ||||
| -rwxr-xr-x | net/gnunet/files/gnunet-dns.fw | 7 | ||||
| -rw-r--r-- | net/gnunet/files/gnunet-flat.defaults | 13 | ||||
| -rw-r--r-- | net/gnunet/files/gnunet-gns.defaults | 50 | ||||
| -rw-r--r-- | net/gnunet/files/gnunet-sqlite.defaults | 16 | ||||
| -rw-r--r-- | net/gnunet/files/gnunet-vpn.defaults | 34 | ||||
| -rwxr-xr-x | net/gnunet/files/gnunet.init | 3 |
7 files changed, 152 insertions, 112 deletions
diff --git a/net/gnunet/Makefile b/net/gnunet/Makefile index 93d40930c..7f6117a76 100644 --- a/net/gnunet/Makefile +++ b/net/gnunet/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=gnunet PKG_SOURCE_VERSION:=37051 PKG_VERSION:=0.10.1-svn$(PKG_SOURCE_VERSION) -PKG_RELEASE:=2 +PKG_RELEASE:=3 # ToDo: # - break-out {peer,name,data}store for each backend @@ -59,8 +59,9 @@ endef define Package/gnunet $(call Package/gnunet/Default) TITLE+= - a peer-to-peer framework focusing on security - DEPENDS:=+ca-certificates +libgnurl +libgnutls +libidn +libltdl \ - +libmicrohttpd +libunistring +librt $(ICONV_DEPENDS) $(INTL_DEPENDS) + DEPENDS:=+ca-certificates +libgcrypt +libgpg-error +libgnurl \ + +libgnutls +libidn +libltdl +libunistring +librt \ + $(ICONV_DEPENDS) $(INTL_DEPENDS) USERID:=gnunet=400:gnunet=400 MENU:=1 endef @@ -123,6 +124,11 @@ define BuildComponent $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/gnunet/config.d/$$$$$$$$conf.conf $$(1)/usr/share/gnunet/config.d ; \ done \ fi ) + + ( if [ -e ./files/gnunet-$(1).defaults ]; then \ + $(INSTALL_DIR) $$(1)/etc/uci-defaults ; \ + $(INSTALL_BIN) ./files/gnunet-$(1).defaults $$(1)/etc/uci-defaults/gnunet-$(1) ; \ + fi ) endef $$(eval $$(call BuildPackage,gnunet-$(1))) @@ -149,7 +155,7 @@ define Package/gnunet/install $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/gnunet/libgnunet_plugin_$$$$plug*.so $(1)/usr/lib/gnunet ; \ done ) - ( for lex in daemon-hostlist daemon-topology helper-nat-client \ + ( for lex in daemon-topology helper-nat-client \ helper-nat-server service-arm service-ats service-cadet \ service-core service-dht service-identity service-nse \ service-peerinfo service-regex \ @@ -160,7 +166,7 @@ define Package/gnunet/install $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/gnunet/libexec/gnunet-$$$$lex $(1)/usr/lib/gnunet/libexec ; \ done ) - ( for conf in arm ats cadet core datacache dht hostlist identity \ + ( for conf in arm ats cadet core datacache dht identity \ nat nse peerinfo regex revocation scalarproduct \ set statistics topology transport util; do \ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/gnunet/config.d/$$$$conf.conf $(1)/usr/share/gnunet/config.d ; \ @@ -173,7 +179,6 @@ define Package/gnunet/install $(INSTALL_DATA) ./files/gnunet.upgrade $(1)/lib/upgrade/keep.d/gnunet $(INSTALL_DIR) $(1)/etc/uci-defaults $(INSTALL_BIN) ./files/gnunet.defaults $(1)/etc/uci-defaults/gnunet - $(INSTALL_BIN) ./files/gnunet-dns.fw $(1)/usr/lib/gnunet/libexec/gnunet-dns.fw $(INSTALL_DIR) $(1)/lib/netifd/proto $(INSTALL_BIN) ./files/gnunet-proto.sh $(1)/lib/netifd/proto endef @@ -196,6 +201,10 @@ PLUGIN_conversation:=gnsrecord_conversation LIBEXEC_conversation:=helper-audio-playback helper-audio-record service-conversation CONF_conversation:=conversation +DEPENDS_hostlist:=+libmicrohttpd +LIBEXEC_hostlist:=daemon-hostlist +CONF_hostlist:=hostlist + DEPENDS_transport-http_client:=+libgnurl PLUGIN_transport-http_client:=transport_http_client transport_https_client @@ -227,9 +236,15 @@ USERID_gns:=gnunet=400:gnunetdns=401 BIN_gns:=gns gns-import.sh namecache namestore resolver LIB_gns:=gns gnsrecord namecache namestore PLUGIN_gns:=block_dns block_gns gnsrecord_dns gnsrecord_gns -LIBEXEC_gns:=dns2gns gns-proxy helper-dns namestore-fcfsd service-dns service-gns service-namecache service-namestore service-resolver +LIBEXEC_gns:=dns2gns helper-dns service-dns service-gns service-namecache service-namestore service-resolver CONF_gns:=dns gns namecache namestore resolver +DEPENDS_namestore-fcfsd:=+gnunet-gns +libmicrohttpd +LIBEXEC_namestore-fcfsd:=namestore-fcfsd + +DEPENDS_gns-proxy:=+gnunet-gns +libmicrohttpd +LIBEXEC_gns-proxy:=gns-proxy + DEPENDS_datastore:=+gnunet-gns +libsqlite3 BIN_datastore:=datastore LIB_datastore:=datastore @@ -253,7 +268,7 @@ DEPENDS_pgsql:=+gnunet-gns +gnunet-datastore +libpq LIB_pgsql:=postgres pq PLUGIN_pgsql:=datacache_postgres datastore_postgres namecache_postgres namestore_postgres -DEPENDS_rest:=+gnunet-gns +gnunet-social +jansson +DEPENDS_rest:=+gnunet-gns +gnunet-social +libmicrohttpd +jansson LIB_rest:=rest PLUGIN_rest:=rest_gns rest_identity rest_identity_provider rest_namestore LIBEXEC_rest:=rest-server @@ -264,7 +279,7 @@ LIB_rps:=rps LIBEXEC_rps:=service-rps CONF_rps:=rps -DEPENDS_social:=+gnunet-sqlite +jansson +DEPENDS_social:=+gnunet-sqlite +libmicrohttpd +jansson BIN_social:=identity-token multicast LIB_social:=consensus identityprovider multicast psyc psycstore psycutil secretsharing social PLUGIN_social:=psycstore_sqlite @@ -281,59 +296,12 @@ LIBEXEC_transport-bluetooth:=helper-transport-bluetooth DEPENDS_utils:=+certtool +openssl-util BIN_utils:=gns-proxy-setup-ca transport-certificate-creation scrypt -DEPENDS_vpn:=+kmod-tun +iptables +DEPENDS_vpn:=+kmod-tun +iptables +firewall BIN_vpn:=vpn LIB_vpn:=tun vpn LIBEXEC_vpn:=daemon-exit daemon-pt helper-exit helper-vpn service-vpn CONF_vpn:=exit pt vpn -define PostInstFixSUIDPerms - define Package/$(1)/postinst - #!/bin/sh - [ -e /usr/share/gnunet/.permfix ] && rm /usr/share/gnunet/.permfix - endef -endef - -define Package/gnunet-gns/postinst -#!/bin/sh - -[ -e /usr/share/gnunet/.permfix ] && rm /usr/share/gnunet/.permfix - -uci -q batch <<EOF -del network.gnunetdns -set network.gnunetdns=interface -set network.gnunetdns.ifname='gnunet-dns' -set network.gnunetdns.proto='gnunet' - -del network.gndnsrtt -set network.gndnsrtt=route -set network.gndnsrtt.interface='gnunetdns' -set network.gndnsrtt.table='53' -set network.gndnsrtt.target='0.0.0.0/0' - -del network.gndnsrl -set network.gndnsrl=rule -set network.gndnsrl.mark='0x8260035' -set network.gndnsrl.lookup='53' - -commit network - -del firewall.gnunetdns -set firewall.gnunetdns=zone -set firewall.gnunetdns.name='gnunetdns' -set firewall.gnunetdns.network='gnunetdns' -set firewall.gnunetdns.input='ACCEPT' -set firewall.gnunetdns.output='ACCEPT' -set firewall.gnunetdns.forward='ACCEPT' - -del firewall.gndnsinc -set firewall.gndnsinc=include -set firewall.gndnsinc.path='/usr/lib/gnunet/libexec/gnunet-dns.fw' - -commit firewall -EOF - -endef define Package/gnunet-gns/prerm #!/bin/sh @@ -348,69 +316,36 @@ del firewall.gnunetdns del firewall.gndnsinc commit firewall EOF - endef - -define Package/gnunet-vpn/postinst +define Package/gnunet-vpn/prerm #!/bin/sh -[ -e /usr/share/gnunet/.permfix ] && rm /usr/share/gnunet/.permfix - uci -q batch <<EOF del network.gnunetvpn -set network.gnunetvpn=interface -set network.gnunetvpn.ifname='vpn-gnunet' -set network.gnunetvpn.proto='gnunet' - del network.gnunetexit -set network.gnunetexit=interface -set network.gnunetexit.ifname='exit-gnunet' -set network.gnunetexit.proto='gnunet' - commit network - del firewall.gnunetvpn -set firewall.gnunetvpn=zone -set firewall.gnunetvpn.name='gnunetvpn' -set firewall.gnunetvpn.network='gnunetvpn' -set firewall.gnunetvpn.input='ACCEPT' -set firewall.gnunetvpn.output='ACCEPT' -set firewall.gnunetvpn.forward='REJECT' - del firewall.gnunetexit -set firewall.gnunetexit=zone -set firewall.gnunetexit.name='gnunetexit' -set firewall.gnunetexit.network='gnunetexit' -set firewall.gnunetexit.input='ACCEPT' -set firewall.gnunetexit.output='ACCEPT' -set firewall.gnunetexit.forward='REJECT' - del firewall.gnexitfwd -set firewall.gnexitfwd=forwarding -set firewall.gnexitfwd.src='gnunetexit' -set firewall.gnexitfwd.dest='wan' - commit firewall EOF - endef -define Package/gnunet-vpn/prerm +define PostInstFixSUIDPerms + define Package/$(1)/postinst #!/bin/sh - -uci -q batch <<EOF -del network.gnunetvpn -del network.gnunetexit -del firewall.gnunetvpn -del firewall.gnunetexit -del firewall.gnexitfwd -EOF - +[ -e /usr/share/gnunet/.permfix ] && rm /usr/share/gnunet/.permfix + endef endef -$(eval $(call BuildPackage,gnunet)) $(eval $(call PostInstFixSUIDPerms,gnunet)) +$(eval $(call PostInstFixSUIDPerms,gnunet-gns)) +$(eval $(call PostInstFixSUIDPerms,gnunet-transport-bluetooth)) +$(eval $(call PostInstFixSUIDPerms,gnunet-transport-wlan)) +$(eval $(call PostInstFixSUIDPerms,gnunet-vpn)) + +$(eval $(call BuildPackage,gnunet)) $(eval $(call BuildComponent,conversation,conversation component,)) $(eval $(call BuildComponent,datastore,data storage components,)) $(eval $(call BuildComponent,dv,distance-vector routing component,)) @@ -418,7 +353,9 @@ $(eval $(call BuildComponent,experiments,experimental components,)) $(eval $(call BuildComponent,flat,flat storage backends,)) $(eval $(call BuildComponent,fs,file-sharing components,)) $(eval $(call BuildComponent,gns,name resolution components,y)) +$(eval $(call BuildComponent,gns-proxy,gns-proxy component,)) $(eval $(call BuildComponent,mysql,mySQL datastore backend,)) +$(eval $(call BuildComponent,namestore-fcfsd,fist-come-first-serve registration server,)) $(eval $(call BuildComponent,pgsql,PostgreSQL storage backends,)) $(eval $(call BuildComponent,peerstore,peerstore local persistency component,)) $(eval $(call BuildComponent,rest,REST interface,)) @@ -426,10 +363,8 @@ $(eval $(call BuildComponent,rps,RPS routing component,)) $(eval $(call BuildComponent,social,social components,)) $(eval $(call BuildComponent,sqlite,libsqlite3 storage backends,y)) $(eval $(call BuildComponent,transport-bluetooth,bluetooth transport,)) -$(eval $(call PostInstFixSUIDPerms,gnunet-transport-bluetooth)) $(eval $(call BuildComponent,transport-http_client,HTTP/HTTPS client transport,y)) $(eval $(call BuildComponent,transport-http_server,HTTP/HTTPS server transport,)) $(eval $(call BuildComponent,transport-wlan,WLAN transport,)) -$(eval $(call PostInstFixSUIDPerms,gnunet-transport-wlan)) $(eval $(call BuildComponent,utils,administration utililties,)) $(eval $(call BuildComponent,vpn,vpn components,y)) diff --git a/net/gnunet/files/gnunet-dns.fw b/net/gnunet/files/gnunet-dns.fw deleted file mode 100755 index fb5316723..000000000 --- a/net/gnunet/files/gnunet-dns.fw +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -ip link show gnunet-dns 1>/dev/null 2>/dev/null || exit 0 - -iptables -t mangle -I OUTPUT 1 -p udp -m owner --gid-owner gnunetdns --dport 53 -j ACCEPT -iptables -t mangle -I OUTPUT 2 -p udp --dport 53 -j MARK --set-mark 136708149 - diff --git a/net/gnunet/files/gnunet-flat.defaults b/net/gnunet/files/gnunet-flat.defaults new file mode 100644 index 000000000..e00a7e376 --- /dev/null +++ b/net/gnunet/files/gnunet-flat.defaults @@ -0,0 +1,13 @@ +#!/bin/sh + +uci -q get gnunet.namestore || uci set gnunet.namestore=gnunet-config +uci -q get gnunet.namecache || uci set gnunet.namecache=gnunet-config + +uci -q batch <<EOF + del gnunet.namestore_flat + set gnunet.namestore_flat=gnunet.config + set gnunet.namestore_flat.FILENAME=/etc/gnunet/namestore.flat + set gnunet.namestore.DATABASE=flat + set gnunet.namecache.DATABASE=flat + commit gnunet +EOF diff --git a/net/gnunet/files/gnunet-gns.defaults b/net/gnunet/files/gnunet-gns.defaults new file mode 100644 index 000000000..424045017 --- /dev/null +++ b/net/gnunet/files/gnunet-gns.defaults @@ -0,0 +1,50 @@ +#!/bin/sh + +uci -q batch <<EOF +del network.gnunetdns +set network.gnunetdns=interface +set network.gnunetdns.ifname='gnunet-dns' +set network.gnunetdns.proto='gnunet' + +del network.gndnsrtt +set network.gndnsrtt=route +set network.gndnsrtt.interface='gnunetdns' +set network.gndnsrtt.table='53' +set network.gndnsrtt.target='0.0.0.0/0' + +del network.gndnsrl +set network.gndnsrl=rule +set network.gndnsrl.mark='0x8260035' +set network.gndnsrl.lookup='53' + +commit network + +del firewall.gnunetdns +set firewall.gnunetdns=zone +set firewall.gnunetdns.name='gnunetdns' +set firewall.gnunetdns.network='gnunetdns' +set firewall.gnunetdns.input='ACCEPT' +set firewall.gnunetdns.output='ACCEPT' +set firewall.gnunetdns.forward='ACCEPT' + +del firewall.gndnsrl +set firewall.gndnsrl=rule +set firewall.gndnsrl.name='Mark-local-DNS-for-GNUnet' +set firewall.gndnsrl.proto='udp' +set firewall.gndnsrl.dest_port='53' +set firewall.gndnsrl.extra='-m owner ! --gid-owner gnunetdns' +set firewall.gndnsrl.target='MARK' +set firewall.gndnsrl.set_mark='136708149' + +del firewall.gndnsrl2 +set firewall.gndnsrl2=rule +set firewall.gndnsrl2.name='Mark-forwarded-DNS-for-GNUnet' +set firewall.gndnsrl2.enabled='0' +set firewall.gndnsrl2.src='*' +set firewall.gndnsrl2.proto='udp' +set firewall.gndnsrl2.dest_port='53' +set firewall.gndnsrl2.target='MARK' +set firewall.gndnsrl2.set_mark='136708149' + +commit firewall +EOF diff --git a/net/gnunet/files/gnunet-sqlite.defaults b/net/gnunet/files/gnunet-sqlite.defaults new file mode 100644 index 000000000..ba4eaf223 --- /dev/null +++ b/net/gnunet/files/gnunet-sqlite.defaults @@ -0,0 +1,16 @@ +#!/bin/sh + +uci -q get gnunet.namestore || uci set gnunet.namestore=gnunet-config +uci -q get gnunet.namecache || uci set gnunet.namecache=gnunet-config + +uci -q batch <<EOF + del gnunet.namestore_sqlite + set gnunet.namestore_sqlite=gnunet-config + set gnunet.namestore_sqlite.FILENAME=/etc/gnunet/namestore.sqlite + set gnunet.namestore.DATABASE=sqlite + set gnunet.namecache.DATABASE=sqlite + del gnunet.peerstore_sqlite + set gnunet.peerstore_sqlite=gnunet-config + set gnunet.peerstore_sqlite.FILENAME=/etc/gnunet/peerstore.sqlite + commit gnunet +EOF diff --git a/net/gnunet/files/gnunet-vpn.defaults b/net/gnunet/files/gnunet-vpn.defaults new file mode 100644 index 000000000..efc9d7b6d --- /dev/null +++ b/net/gnunet/files/gnunet-vpn.defaults @@ -0,0 +1,34 @@ +#!/bin/sh + +uci -q batch <<EOF +del network.gnunetvpn +set network.gnunetvpn=interface +set network.gnunetvpn.ifname='vpn-gnunet' +set network.gnunetvpn.proto='gnunet' +del network.gnunetexit +set network.gnunetexit=interface +set network.gnunetexit.ifname='exit-gnunet' +set network.gnunetexit.proto='gnunet' +commit network + +del firewall.gnunetvpn +set firewall.gnunetvpn=zone +set firewall.gnunetvpn.name='gnunetvpn' +set firewall.gnunetvpn.network='gnunetvpn' +set firewall.gnunetvpn.input='ACCEPT' +set firewall.gnunetvpn.output='ACCEPT' +set firewall.gnunetvpn.forward='REJECT' +del firewall.gnunetexit +set firewall.gnunetexit=zone +set firewall.gnunetexit.name='gnunetexit' +set firewall.gnunetexit.network='gnunetexit' +set firewall.gnunetexit.input='ACCEPT' +set firewall.gnunetexit.output='ACCEPT' +set firewall.gnunetexit.forward='REJECT' + +del firewall.gnexitfwd +set firewall.gnexitfwd=forwarding +set firewall.gnexitfwd.src='gnunetexit' +set firewall.gnexitfwd.dest='wan' +commit firewall +EOF diff --git a/net/gnunet/files/gnunet.init b/net/gnunet/files/gnunet.init index 81ecaf2ee..e2f9eee49 100755 --- a/net/gnunet/files/gnunet.init +++ b/net/gnunet/files/gnunet.init @@ -48,13 +48,12 @@ prepare_config() { chown gnunet:gnunet /etc/gnunet } - # defaults paths + # defaults paths for persistent files gnunet-config -c $CONFIGFILE -s PATHS -o GNUNET_CONFIG_HOME -V /etc/gnunet gnunet-config -c $CONFIGFILE -s PEER -o PRIVATE_KEY -V /etc/gnunet/private_key.ecc gnunet-config -c $CONFIGFILE -s identity -o EGODIR -V /etc/gnunet/identity/egos gnunet-config -c $CONFIGFILE -s revocation -o DATABASE -V /etc/gnunet/revocation.dat gnunet-config -c $CONFIGFILE -s nse -o PROOFFILE -V /etc/gnunet/proof.dat - gnunet-config -c $CONFIGFILE -s namestore-sqlite -o FILENAME -V /etc/gnunet/namestore.sqlite # enable all installed transport plugins transport_plugins=$(gnunet-config -c $CONFIGFILE -s transport -o PLUGINS) |