Merge pull request #42 from equinox0815/uanytun

import uanytun, upgrade to latest version
2014-06-22 04:06:57 +02:00 · 2014-06-22 04:06:57 +02:00 · b2d942a8ef
parent 80cd200d2a 1f60e90a9d
commit b2d942a8ef
4 changed files with 462 additions and 0 deletions
--- a/net/uanytun/Makefile
+++ b/net/uanytun/Makefile
@ -0,0 +1,154 @@
+#
+# Copyright (C) 2008-2014 Christian Pointner,
+#                         <equinox@anytun.org>
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+# This Makefile builds uAnytun Package for OpenWRT
+#
+# $Id: $
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=uanytun
+PKG_VERSION:=0.3.5
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://www.anytun.org/download/
+PKG_MD5SUM:=ce47ad45003ff1d84eaf5276941b9ddf
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+
+
+define Package/uanytun/template
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=VPN
+  DEPENDS:=+kmod-tun
+  TITLE:=micro anycast tunneling daemon
+  URL:=http://www.anytun.org/
+  MAINTAINER:=Christian Pointner <equinox@spreadspace.org>
+endef
+
+
+define Package/uanytun
+  $(call Package/uanytun/template)
+  TITLE+= (nettle)
+  VARIANT:=nettle
+  DEPENDS+=+libnettle
+endef
+
+define Package/uanytun/conffiles
+/etc/config/uanytun
+endef
+
+define Package/uanytun/description
+uAnytun is a tiny implementation of SATP the secure anycast tunneling protocol.
+  SATP defines a protocol used for communication between any combination of
+  unicast and anycast tunnel endpoints.  It has less protocol overhead than
+  IPSec in Tunnel mode and allows tunneling of every ETHER TYPE protocol (e.g.
+  ethernet, ip, arp ...). SATP directly includes cryptography and message
+  authentication based on the methods used by SRTP.  It is intended to deliver
+  a generic, scaleable and secure solution for tunneling and relaying of packets
+  of any protocol.
+  Unlike Anytun which is a full featured implementation uAnytun has no support
+  for multiple connections or synchronisation. It is a small single threaded
+  implementation intended to act as a client on small platforms.
+endef
+
+
+define Package/uanytun-sslcrypt
+  $(call Package/uanytun/template)
+  TITLE+= (openssl)
+  VARIANT:=sslcrypt
+  DEPENDS+=+libopenssl
+endef
+
+Package/uanytun-sslcrypt/conffiles=$(Package/uanytun/conffiles)
+Package/uanytun-sslcrypt/description=$(Package/uanytun/description)
+
+
+define Package/uanytun-nocrypt
+  $(call Package/uanytun/template)
+  TITLE+= (no crypt)
+  VARIANT:=nocrypt
+endef
+
+Package/uanytun-nocrypt/conffiles=$(Package/uanytun/conffiles)
+Package/uanytun-nocrypt/description=$(Package/uanytun/description)
+
+
+
+define Build/Configure
+	(cd $(PKG_BUILD_DIR)/src; \
+    touch include.mk; \
+    ln -s linux/tun.c .; \
+    echo '#ifndef UANYTUN_version_h_INCLUDED' > version.h; \
+    echo '#define UANYTUN_version_h_INCLUDED' >> version.h; \
+    echo '' >> version.h; \
+    echo '#define VERSION_STRING_0 "uanytun version '`cat $(PKG_BUILD_DIR)/version`'"' >> version.h; \
+    echo '#define VERSION_STRING_1 "built on '`hostname`', '`date +"%d.%m.%Y %H:%M:%S %Z"`'"' >> version.h; \
+    echo '' >> version.h; \
+    echo '#endif' >> version.h \
+  )
+endef
+
+VARIANT_CFLAGS:=
+VARIANT_LDFLAGS:=-ldl
+VARIANT_MAKE_OPTS:=
+
+ifeq ($(BUILD_VARIANT),nettle)
+VARIANT_CFLAGS+=-DUSE_NETTLE
+VARIANT_LDFLAGS+=-lnettle
+endif
+
+ifeq ($(BUILD_VARIANT),sslcrypt)
+VARIANT_CFLAGS+=-DUSE_SSL_CRYPTO
+VARIANT_LDFLAGS+=-lcrypto
+endif
+
+ifeq ($(BUILD_VARIANT),nocrypt)
+VARIANT_CFLAGS+=-DNO_CRYPT
+VARIANT_MAKE_OPTS+=NO_CRYPT_OBJ=1
+endif
+
+define Build/Compile
+	$(MAKE) -C $(PKG_BUILD_DIR)/src \
+    $(TARGET_CONFIGURE_OPTS) \
+    $(VARIANT_MAKE_OPTS) \
+    TARGET=Linux \
+    CFLAGS="$(TARGET_CFLAGS) $(VARIANT_CFLAGS)" \
+    LDFLAGS="$(TARGET_LDFLAGS) $(VARIANT_LDFLAGS)"
+	$(STRIP) $(PKG_BUILD_DIR)/src/uanytun
+endef
+
+
+define Package/uanytun/install-generic
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DATA) ./files/$(2) $(1)/etc/config/$(PKG_NAME)
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/uanytun $(1)/usr/sbin/$(PKG_NAME)
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/uanytun.init $(1)/etc/init.d/$(PKG_NAME)
+endef
+
+define Package/uanytun/install
+  $(call Package/uanytun/install-generic,$(1),uanytun.config)
+endef
+
+define Package/uanytun-sslcrypt/install
+  $(call Package/uanytun/install-generic,$(1),uanytun.config)
+endef
+
+define Package/uanytun-nocrypt/install
+  $(call Package/uanytun/install-generic,$(1),uanytun-nocrypt.config)
+endef
+
+
+$(eval $(call BuildPackage,uanytun))
+$(eval $(call BuildPackage,uanytun-sslcrypt))
+$(eval $(call BuildPackage,uanytun-nocrypt))
--- a/net/uanytun/files/uanytun-nocrypt.config
+++ b/net/uanytun/files/uanytun-nocrypt.config
@ -0,0 +1,88 @@
+config "client1"
+  option disabled 0
+  option username 'nobody'
+  option groupname 'nogroup'
+#  option chroot "/var/run/uanytun"
+
+#  option interface '<ip-address>'
+#  option port '4444'
+#  option sender_id '1'
+
+#  option dev 'anytun0'
+  option type 'tun'
+  option ifconfig '192.168.123.1/24'
+#  option post-up-script '/etc/uanytun/client1-post-up.sh'
+
+  option remote_host 'example.com'
+  option remote_port '4444'
+
+  option window_size 0
+  option mux 1
+
+  option log 'syslog:3,anytun-client1,daemon'
+
+
+config "client2"
+  option disabled 1
+  option username 'nobody'
+  option groupname 'nogroup'
+
+  option type 'tun'
+  option ifconfig '192.168.123.2/24'
+
+  option remote_host 'example.com'
+  option remote_port '4444'
+
+  option window_size 0
+  option mux 2
+
+  option log 'syslog:3,anytun-client2,daemon'
+
+
+config "client3"
+  option disabled 1
+  option username 'nobody'
+  option groupname 'nogroup'
+
+  option type 'tun'
+  option ifconfig '192.168.123.3/24'
+
+  option remote_host 'example.com'
+  option remote_port '4444'
+
+  option window_size 0
+  option mux 3
+
+  option log 'syslog:3,anytun-client3,daemon'
+
+
+config "p2p-a"
+  option disabled 1
+  option username 'nobody'
+  option groupname 'nogroup'
+
+  option type 'tun'
+  option ifconfig '192.168.223.1/24'
+
+  option remote_host 'p2p-b.example.com'
+  option remote_port '4444'
+
+  option window_size 0
+
+  option log 'syslog:3,anytun-p2p-a,daemon'
+
+
+config "p2p-b"
+  option disabled 1
+  option username 'nobody'
+  option groupname 'nogroup'
+
+  option type 'tun'
+  option ifconfig '192.168.223.2/24'
+
+  option remote_host 'p2p-a.example.com'
+  option remote_port '4444'
+
+  option window_size 0
+
+  option log 'syslog:3,anytun-p2p-b,daemon'
--- a/net/uanytun/files/uanytun.config
+++ b/net/uanytun/files/uanytun.config
@ -0,0 +1,116 @@
+config "client1"
+  option disabled 0
+#  option username 'nobody'
+#  option groupname 'nogroup'
+#  option chroot "/var/run/uanytun"
+
+#  option interface '<ip-address>'
+#  option port '4444'
+#  option sender_id '1'
+
+  option cipher 'aes-ctr'
+#  option cipher 'null'
+#  option cipher 'aes-ctr-128'
+#  option cipher 'aes-ctr-192'
+#  option cipher 'aes-ctr-256'
+  option auth_algo 'sha1'
+#  option auth_algo 'null'
+#  option auth_tag_length 10
+
+#  option dev 'anytun0'
+  option type 'tun'
+  option ifconfig '192.168.123.1/24'
+#  option post-up-script '/etc/uanytun/client1-post-up.sh'
+
+  option remote_host 'example.com'
+  option remote_port '4444'
+
+  option window_size 0
+  option mux 1
+
+  option role 'client'
+#  option kd_prf 'null'
+#  option kd_prf 'aes-ctr'
+#  option kd_prf 'aes-ctr-128'
+#  option kd_prf 'aes-ctr-192'
+#  option kd_prf 'aes-ctr-256'
+#  option ld_kdr '0'
+#  option key '0123456789ABCDEF0123456789ABCDEF'
+#  option salt '0123456789ABCD0123456789ABCD'
+  option passphrase 'Creating_VPN_Tunnels_With_Anytun_Is_Easy'
+
+  option log 'syslog:3,anytun-client1,daemon'
+
+
+config "client2"
+  option disabled 1
+
+  option cipher 'aes-ctr'
+  option auth_algo 'sha1'
+  option type 'tun'
+  option ifconfig '192.168.123.2/24'
+
+  option remote_host 'example.com'
+  option remote_port '4444'
+
+  option window_size 0
+  option mux 2
+  option role 'client'
+  option passphrase 'Creating_VPN_Tunnels_With_Anytun_Is_Easy'
+
+  option log 'syslog:3,anytun-client2,daemon'
+
+
+config "client3"
+  option disabled 1
+
+  option cipher 'aes-ctr'
+  option auth_algo 'sha1'
+  option type 'tun'
+  option ifconfig '192.168.123.3/24'
+
+  option remote_host 'example.com'
+  option remote_port '4444'
+
+  option window_size 0
+  option mux 3
+  option role 'client'
+  option passphrase 'Creating_VPN_Tunnels_With_Anytun_Is_Easy'
+
+  option log 'syslog:3,anytun-client3,daemon'
+
+
+config "p2p-a"
+  option disabled 1
+
+  option cipher 'aes-ctr'
+  option auth_algo 'sha1'
+  option type 'tun'
+  option ifconfig '192.168.223.1/24'
+
+  option remote_host 'p2p-b.example.com'
+  option remote_port '4444'
+
+  option window_size 0
+  option role 'alice'
+  option passphrase 'Creating_P2P_VPN_Tunnels_With_Anytun_Is_Easy'
+
+  option log 'syslog:3,anytun-p2p-a,daemon'
+
+
+config "p2p-b"
+  option disabled 1
+
+  option cipher 'aes-ctr'
+  option auth_algo 'sha1'
+  option type 'tun'
+  option ifconfig '192.168.223.2/24'
+
+  option remote_host 'p2p-a.example.com'
+  option remote_port '4444'
+
+  option window_size 0
+  option role 'bob'
+  option passphrase 'Creating_P2P_VPN_Tunnels_With_Anytun_Is_Easy'
+
+  option log 'syslog:3,anytun-p2p-b,daemon'
--- a/net/uanytun/files/uanytun.init
+++ b/net/uanytun/files/uanytun.init
@ -0,0 +1,104 @@
+#!/bin/sh /etc/rc.common
+START=50
+
+BIN=uanytun
+DAEMON=/usr/sbin/$BIN
+DESC=$BIN
+RUN_D=/var/run
+
+
+option_cb() {
+  local varname="$1"
+  local value="$2"
+
+  if ! echo "$CONFIG_OPTIONS" | grep " $varname " > /dev/null; then
+    CONFIG_OPTIONS="$CONFIG_OPTIONS $varname "
+  fi
+}
+
+foreach_config_forced() {
+  foreach_config $1 "forced"
+}
+
+foreach_config() {
+  local cfg="$1"
+  local name
+  local option
+  local value
+  local args=""
+  local forced=0
+
+  if [ -n "$2" ] && [ "x$2" == "xforced" ]; then
+    forced=1
+  fi
+
+  config_get name "$cfg" TYPE
+  for option in $CONFIG_OPTIONS
+  do
+    config_get value "$cfg" "$option"
+    if [ "x$option" == "xdisabled" ]; then
+      if [ $forced -eq 0 ] && [ $value -eq 1 ]; then
+        echo -n " $name(disabled)"
+        return
+      fi
+      continue
+    fi
+
+    option=`echo $option | tr '_' '-'`
+    if [ -n "$value" ]; then
+      args="$args --$option $value"
+    fi
+  done
+  echo -n " $name"
+  local status="OK"
+  $DAEMON --write-pid "$RUN_D/$BIN.$name.pid" $args || status="failed"
+  echo -n "($status)"
+}
+
+stop_vpn() {
+  local name=$1
+  local pidfile=$RUN_D/$BIN.$name.pid
+  echo -n " $name"
+  local status="OK"
+  if [ ! -f "$pidfile" ]; then
+    status="tunnel not active"
+  else
+    kill `cat $pidfile` > /dev/null 2>&1 || status="failed"
+    rm -f $pidfile
+  fi
+  echo -n "($status)"
+}
+
+start() {
+  echo -n "Starting $DESC:"
+  config_load $BIN
+  if [ $# -gt 0 ]; then
+    while [ $# -gt 0 ]; do
+      config_foreach foreach_config_forced "$1"
+      shift
+    done
+  else
+    config_foreach foreach_config ""
+  fi
+  echo "."
+}
+
+stop() {
+  echo -n "Stopping $DESC:"
+  local name
+  local pidfile
+
+  if [ $# -gt 0 ]; then
+    while [ $# -gt 0 ]; do
+      stop_vpn $1
+      shift
+    done
+  else
+    for pidfile in `ls $RUN_D/$BIN.*.pid 2> /dev/null`; do
+      name=${pidfile%%.pid}
+      name=${name##$RUN_D/$BIN.}
+      stop_vpn $name
+    done
+  fi
+  echo "."
+}