From 69a5a8000b03e756f636b1b2fce4ef1e9f04f5eb Mon Sep 17 00:00:00 2001
From: "Remy D. Farley" <one-d-wide@protonmail.com>
Date: Wed, 10 Jan 2024 17:25:32 +0000
Subject: [PATCH] yggdrasil: move `yggdrasil-jumper` setup/shutdown logic to
 `netifd`

Signed-off-by: Remy D. Farley <one-d-wide@protonmail.com>
---
 net/yggdrasil-jumper/Makefile                 |  50 +++-----
 .../files/yggdrasil-jumper.defaults           |  47 --------
 .../files/yggdrasil-jumper.init               | 112 ------------------
 net/yggdrasil/Makefile                        |   2 +-
 net/yggdrasil/files/yggdrasil.sh              |  75 +++++++++++-
 5 files changed, 91 insertions(+), 195 deletions(-)
 delete mode 100644 net/yggdrasil-jumper/files/yggdrasil-jumper.defaults
 delete mode 100755 net/yggdrasil-jumper/files/yggdrasil-jumper.init

diff --git a/net/yggdrasil-jumper/Makefile b/net/yggdrasil-jumper/Makefile
index d8e40b889b..7b69ee3ed7 100644
--- a/net/yggdrasil-jumper/Makefile
+++ b/net/yggdrasil-jumper/Makefile
@@ -1,15 +1,16 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=yggdrasil-jumper
-PKG_VERSION:=0.2.0
+PKG_VERSION:=0.3.0
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/one-d-wide/yggdrasil-jumper/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=1660eca235f3f7f21a632355fa3ed9961d7c180c3d2d3d486ddd76642905d450
+PKG_HASH:=d0fd59e9f7a110094c9189b49b812fb0014c6c45535b4d30effd7cf602961454
 
-PKG_MAINTAINER:=William Fleurant <meshnet@protonmail.com>
+PKG_MAINTAINER:=Remy D. Farley <one-d-wide@protonmail.com>
 PKG_LICENSE:=LGPL-3.0-only
+PKG_LICENSE_FILES:=LICENSE
 
 PKG_BUILD_DEPENDS:=rust/host
 PKG_BUILD_PARALLEL:=1
@@ -17,46 +18,27 @@ PKG_BUILD_PARALLEL:=1
 include $(INCLUDE_DIR)/package.mk
 include ../../lang/rust/rust-package.mk
 
-
 define Package/yggdrasil-jumper
-	SECTION:=net
-	CATEGORY:=Network
-	SUBMENU:=Routing and Redirection
-	TITLE:=Yggdrasil peer-to-peer firewall stun
-	URL:=https://github.com/one-d-wide/yggdrasil-jumper
-	DEPENDS:=$(RUST_ARCH_DEPENDS) @!arc @IPV6 +kmod-tun
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=Routing and Redirection
+  TITLE:=Yggdrasil peer-to-peer firewall stun
+  URL:=https://github.com/one-d-wide/yggdrasil-jumper
+  DEPENDS:=$(RUST_ARCH_DEPENDS) @!arc @IPV6 +kmod-tun
 endef
 
-
 define Package/yggdrasil-jumper/description
-  Yggdrasil-Jumper utilizes NAT traversal for latency reduction within the Yggdrasil network by
-  creating direct peer-to-peer connections. It offers self-activating NAT/Firewall traversal,
-  eliminating the necessity for firewall or port configuration. It probles for Yggdrasil-Jumper
-  of routers found in active sessions to leverage NAT traversal for constructing direct internet
-  bridges.
+  Yggdrasil Jumper is independent project that aims to transparently reduce latency of
+  a connection over Yggdrasil network, utilizing NAT traversal to bypass intermediary
+  nodes. It periodically probes for active sessions and automatically establishes direct
+  peerings over internet with remote nodes running Yggdrasil Jumper without requiring
+  firewall or port configuration.
 endef
 
-
 define Package/yggdrasil-jumper/install
-	$(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/uci-defaults $(1)/etc/init.d
-
+	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/bin/yggdrasil-jumper $(1)/usr/sbin
-
-	$(INSTALL_BIN) ./files/yggdrasil-jumper.defaults $(1)/etc/uci-defaults/yggdrasil-jumper
-
-	$(INSTALL_BIN) ./files/yggdrasil-jumper.init $(1)/etc/init.d/yggdrasil-jumper
 endef
 
-
-define Package/cjdns/postinst
-#!/bin/sh
-if [ -z $${IPKG_INSTROOT} ] ; then
-	( . /etc/uci-defaults/yggdrasil-jumper ) && rm -f /etc/uci-defaults/yggdrasil-jumper
-	/etc/init.d/yggdrasil-jumper enabled || /etc/init.d/yggdrasil-jumper enable
-	exit 0
-fi
-endef
-
-
 $(eval $(call RustBinPackage,yggdrasil-jumper))
 $(eval $(call BuildPackage,yggdrasil-jumper))
diff --git a/net/yggdrasil-jumper/files/yggdrasil-jumper.defaults b/net/yggdrasil-jumper/files/yggdrasil-jumper.defaults
deleted file mode 100644
index 5954370cba..0000000000
--- a/net/yggdrasil-jumper/files/yggdrasil-jumper.defaults
+++ /dev/null
@@ -1,47 +0,0 @@
-#!/bin/sh
-
-# if there is an existing config, our work is already done
-uci -q get yggdrasil-jumper.config.stun_server >/dev/null 2>&1
-
-if [ $? -ne 0 ]; then
-
-    # register commit handler
-    uci -q batch <<-EOF >/dev/null
-        delete ucitrack.@yggdrasil-jumper[-1]
-        add ucitrack yggdrasil-jumper
-        set ucitrack.@yggdrasil-jumper[-1].init=yggdrasil-jumper
-        commit ucitrack
-EOF
-
-    # generate configuration
-    touch /etc/config/yggdrasil-jumper
-
-    uci batch <<-EOF
-        set yggdrasil-jumper.config=yggdrasil-jumper
-        set yggdrasil-jumper.config.listen_port=4701
-        set yggdrasil-jumper.config.allow_ipv4=1
-        set yggdrasil-jumper.config.allow_ipv6=0
-        add_list yggdrasil-jumper.config.stun_server='stunserver.stunprotocol.org:3478'
-        add_list yggdrasil-jumper.config.stun_server='136.243.59.79:3478'
-        add_list yggdrasil-jumper.config.stun_server='34.192.137.246:3478'
-        add_list yggdrasil-jumper.config.stun_server='94.130.130.49:3478'
-        add_list yggdrasil-jumper.config.stun_server='192.172.233.145:3478'
-        add_list yggdrasil-jumper.config.stun_server='185.125.180.70:3478'
-        add_list yggdrasil-jumper.config.stun_server='95.216.78.222:3478'
-        add_list yggdrasil-jumper.config.stun_server='88.99.67.241:3478'
-        add_list yggdrasil-jumper.config.stun_server='88.218.220.40:3478'
-        add_list yggdrasil-jumper.config.stun_server='54.177.85.190:3478'
-        add_list yggdrasil-jumper.config.stun_server='88.198.151.128:3478'
-        add_list yggdrasil-jumper.config.stun_server='83.64.250.246:3478'
-        add_list yggdrasil-jumper.config.stun_server='62.72.83.10:3478'
-        add_list yggdrasil-jumper.config.stun_server='202.1.117.2:3478'
-        add_list yggdrasil-jumper.config.stun_server='188.118.52.172:3478'
-        add_list yggdrasil-jumper.config.stun_server='51.83.201.84:3478'
-        add_list yggdrasil-jumper.config.stun_server='34.206.168.53:3478'
-        add_list yggdrasil-jumper.config.stun_server='157.161.10.32:3478'
-        add_list yggdrasil-jumper.config.stun_server='91.213.98.54:3478'
-        set yggdrasil-jumper.config.stun_randomize=1
-        commit yggdrasil-jumper
-EOF
-
-fi
diff --git a/net/yggdrasil-jumper/files/yggdrasil-jumper.init b/net/yggdrasil-jumper/files/yggdrasil-jumper.init
deleted file mode 100755
index b1e6acb6f5..0000000000
--- a/net/yggdrasil-jumper/files/yggdrasil-jumper.init
+++ /dev/null
@@ -1,112 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=98
-STOP=98
-
-USE_PROCD=1
-
-YGG_JUMPER_INTERFACES=""
-
-
-envset_jumper_interfaces() {
-
-    all_ygg_interfaces=$(uci show network | grep ".proto='yggdrasil'" | awk -F '.' '{print $2}')
-
-    for interface in ${all_ygg_interfaces}; do
-
-        is_started_on_boot="$(uci -q get network.${interface}.auto)"
-
-        if [ "${is_started_on_boot}" == "0" ]; then
-            : # Skip interface is is disabled
-        else
-
-            is_yggdrasil_jumper_enabled="$(uci -q get network.${interface}.jumper)"
-
-            YGG_JUMPER_INTERFACES=" $YGG_JUMPER_INTERFACES ${interface} "
-
-            ## - [ ] add jumper flag support in luci-proto-yggdrasil
-            # if [ "${is_yggdrasil_jumper_enabled}" == "1" ]; then
-            #     : # Append yggdrasil + jumper interface to the global
-            #     YGG_JUMPER_INTERFACES=" $YGG_JUMPER_INTERFACES ${interface} "
-            # fi
-        fi
-
-    done
-
-    : # Strip leading/trailing space
-    YGG_JUMPER_INTERFACES="$(echo ${YGG_JUMPER_INTERFACES} | xargs)"
-
-
-}
-
-
-uci_to_jumper_configs() {
-    # remove stale not used configs avoiding confusion
-    cfgs="/tmp/yggdrasil/*-jumper.conf"
-    rm $cfgs
-
-    # scoop up uci details from /etc/config/yggdrasil-jumper
-    admin_listen=$(uci -q get yggdrasil-jumper.config.admin_listen)
-    listen_port=$(uci -q get yggdrasil-jumper.config.listen_port)
-    allow_ipv4=$(uci -q get yggdrasil-jumper.config.allow_ipv4)
-    allow_ipv6=$(uci -q get yggdrasil-jumper.config.allow_ipv6)
-    stun_server=$(uci -q get yggdrasil-jumper.config.stun_server)
-    stun_randomize=$(uci -q get yggdrasil-jumper.config.stun_randomize)
-
-    for interface in $YGG_JUMPER_INTERFACES; do
-        ali="unix:///tmp/yggdrasil/${interface}.sock"
-        cfg="/tmp/yggdrasil/${interface}-jumper.conf"
-: # write a interface-jumper.conf file for yggdrasil interface
-        cat <<EOF > "${cfg}"
-yggdrasil_admin_listen = [ "${ali}" ]
-yggdrasil_listen = [ ]
-listen_port = $listen_port
-allow_ipv4 = $( [ "$allow_ipv4" = "1" ] && echo true || echo false )
-allow_ipv6 = $( [ "$allow_ipv6" = "1" ] && echo true || echo false )
-whitelist = [ ]
-stun_servers = [ "${stun_server// /\",\"}" ]
-stun_randomize = $( [ "$stun_randomize" = "1" ] && echo true || echo false )
-EOF
-    done
-
-
-}
-
-
-start_service() {
-    [ -f /etc/uci-defaults/yggdrasil-jumper ] && ( . /etc/uci-defaults/yggdrasil-jumper )
-
-    envset_jumper_interfaces
-
-    uci_to_jumper_configs
-
-    for interface in $YGG_JUMPER_INTERFACES; do
-        jumper_cfg="/tmp/yggdrasil/${interface}-jumper.conf"
-        procd_open_instance ${interface}
-        procd_set_param respawn
-        procd_set_param command yggdrasil-jumper --config "${jumper_cfg}"
-        procd_set_param facility "yggdrasil-jumper-${interface}"
-        procd_set_param stdout 1
-        procd_set_param stderr 1
-        procd_close_instance
-    done
-
-}
-
-
-stop_service() {
-    killall yggdrasil-jumper
-}
-
-
-x_reload_service() {
-    :
-    # cat /tmp/etc/cjdroute.conf | cjdrouteconf reload
-}
-
-
-service_triggers() {
-    procd_add_reload_trigger yggdrasil-jumper
-}
-
-
diff --git a/net/yggdrasil/Makefile b/net/yggdrasil/Makefile
index 44457247bd..f7458504a3 100644
--- a/net/yggdrasil/Makefile
+++ b/net/yggdrasil/Makefile
@@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=yggdrasil
 PKG_VERSION:=0.5.5
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/yggdrasil-network/yggdrasil-go/tar.gz/v$(PKG_VERSION)?
diff --git a/net/yggdrasil/files/yggdrasil.sh b/net/yggdrasil/files/yggdrasil.sh
index 9d3c6c3b74..3185f204d8 100755
--- a/net/yggdrasil/files/yggdrasil.sh
+++ b/net/yggdrasil/files/yggdrasil.sh
@@ -8,8 +8,17 @@
 }
 
 proto_yggdrasil_init_config() {
-	proto_config_add_string "private_key"
 	available=1
+
+	# Yggdrasil
+	proto_config_add_string "private_key"
+	proto_config_add_boolean "allocate_listen_addresses"
+
+	# Jumper
+	proto_config_add_boolean "jumper_enable"
+	proto_config_add_string "jumper_loglevel"
+	proto_config_add_boolean "jumper_autofill_listen_addresses"
+	proto_config_add_string "jumper_config"
 }
 
 proto_yggdrasil_setup_peer_if_non_interface() {
@@ -97,6 +106,52 @@ proto_yggdrasil_generate_keypair() {
 	public_key=${PrivateKey:64}
 }
 
+proto_yggdrasil_allocate_listen_addresses() {
+	local config="$1"
+
+	# Collect already defined protocols
+	protocols=""
+	_add_address_protocol() {
+		protocols="${protocols}$(echo $1 | cut -d "://" -f1) "
+	}
+	config_list_foreach "$config" listen_address _add_address_protocol
+
+	# Add new address for each previously unspecified protocol
+	for protocol in "tls" "quic"; do
+		if ! echo "$protocols" | grep "$protocol" &>/dev/null; then
+			# By default linux dynamically alocates ports in the range 32768..60999
+			# `sysctl net.ipv4.ip_local_port_range`
+			random_port=$(( ($RANDOM + $RANDOM) % 22767 + 10000 ))
+			proto_yggdrasil_add_string "${protocol}://127.0.0.1:${random_port}"
+		fi
+	done
+}
+
+proto_yggdrasil_generate_jumper_config() {
+	local config="$1"
+	local ygg_sock="$2"
+	local ygg_cfg="$3"
+
+	# Autofill Yggdrasil listeners
+	config_get is_autofill_listeners "$config" "jumper_autofill_listen_addresses"
+	if [ "$is_autofill_listeners" == "1" ]; then
+		echo "yggdrasil_listen = ["
+		_print_address() {
+			echo "\"${1}\","
+		}
+		json_load_file "${ygg_cfg}"
+		json_for_each_item _print_address "Listen"
+		echo "]"
+	fi
+
+	# Print admin api socket
+	echo "yggdrasil_admin_listen = [ \"${ygg_sock}\" ]"
+
+	# Print extra config
+	config_get jumper_config "$config" "jumper_config"
+	echo "${jumper_config}"
+}
+
 proto_yggdrasil_setup() {
 	local config="$1"
 	local device="$2"
@@ -178,6 +233,14 @@ EOF
 
 	json_add_array "Listen"
 	config_list_foreach "$config" listen_address proto_yggdrasil_add_string
+
+	# If needed, add new address for each previously unspecified protocol
+	config_get is_jumper_enabled "$config" "jumper_enable"
+	config_get allocate_listen_addresses "$config" "allocate_listen_addresses"
+	if [ "$is_jumper_enabled" == "1" ] && [ "$allocate_listen_addresses" == "1" ]; then
+		proto_yggdrasil_allocate_listen_addresses "$config"
+	fi
+
 	json_close_array
 
 	json_add_array "MulticastInterfaces"
@@ -193,6 +256,16 @@ EOF
 	proto_add_ipv6_address "$(yggdrasil -useconffile "${ygg_cfg}" -address)" "7"
 	proto_add_ipv6_prefix "$(yggdrasil -useconffile "${ygg_cfg}" -subnet)"
 	proto_send_update "$config"
+
+	# Start jumper if needed
+	config_get is_jumper_enabled "$config" "jumper_enable"
+	if [ "$is_jumper_enabled" == "1" ] && [ -f /usr/sbin/yggdrasil-jumper ]; then
+		jumper_cfg="${ygg_dir}/${config}-jumper.conf"
+		proto_yggdrasil_generate_jumper_config "$config" "$ygg_sock" "$ygg_cfg" > "$jumper_cfg"
+
+		config_get jumper_loglevel "$config" "jumper_loglevel"
+		sh -c "sleep 2 && exec /usr/sbin/yggdrasil-jumper --loglevel \"${jumper_loglevel:-info}\" --config \"$jumper_cfg\" 2&>1 | logger -t \"${config}-jumper\"" &
+	fi
 }
 
 proto_yggdrasil_teardown() {