Merge b834df4d12 into 2c0f8292c6
				
					
				
			This commit is contained in:
		
						commit
						123ef3223f
					
				| @ -16,7 +16,7 @@ when(_'web-wizard' and _'autoupdater', { | ||||
| 	'gluon-config-mode-autoupdater', | ||||
| }) | ||||
| 
 | ||||
| when(_'web-wizard' and (_'mesh-vpn-fastd' or _'mesh-vpn-tunneldigger'), { | ||||
| when(_'web-wizard' and (_'mesh-vpn-fastd' or _'mesh-vpn-fastd-l2tp' or _'mesh-vpn-tunneldigger'), { | ||||
| 	'gluon-config-mode-mesh-vpn', | ||||
| }) | ||||
| 
 | ||||
|  | ||||
							
								
								
									
										13
									
								
								package/gluon-mesh-vpn-fastd-l2tp/Makefile
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										13
									
								
								package/gluon-mesh-vpn-fastd-l2tp/Makefile
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,13 @@ | ||||
| include $(TOPDIR)/rules.mk | ||||
| 
 | ||||
| PKG_NAME:=gluon-mesh-vpn-fastd-l2tp | ||||
| PKG_VERSION:=1 | ||||
| 
 | ||||
| include ../gluon.mk | ||||
| 
 | ||||
| define Package/gluon-mesh-vpn-fastd-l2tp | ||||
|   TITLE:=Support for connecting meshes via fastd (with L2TP kernel offloading) | ||||
|   DEPENDS:=+gluon-core +gluon-mesh-vpn-fastd +fastd-l2tp +@GLUON_SPECIALIZE_KERNEL:KERNEL_L2TP | ||||
| endef | ||||
| 
 | ||||
| $(eval $(call BuildPackageGluon,gluon-mesh-vpn-fastd-l2tp)) | ||||
| @ -1,4 +1,4 @@ | ||||
| local fastd_methods = {'salsa2012+gmac', 'salsa2012+umac', 'null+salsa2012+gmac', 'null+salsa2012+umac', 'null'} | ||||
| local fastd_methods = {'salsa2012+umac', 'null+salsa2012+umac', 'null@l2tp', 'null'} | ||||
| need_array_of({'mesh_vpn', 'fastd', 'methods'}, fastd_methods) | ||||
| need_boolean(in_site({'mesh_vpn', 'fastd', 'configurable'}), false) | ||||
| 
 | ||||
|  | ||||
| @ -4,6 +4,7 @@ local site = require 'gluon.site' | ||||
| local util = require 'gluon.util' | ||||
| 
 | ||||
| local uci = require('simple-uci').cursor() | ||||
| local unistd = require 'posix.unistd' | ||||
| 
 | ||||
| 
 | ||||
| local syslog_level = uci:get('fastd', 'mesh_vpn', 'syslog_level') or 'verbose' | ||||
| @ -11,20 +12,22 @@ local syslog_level = uci:get('fastd', 'mesh_vpn', 'syslog_level') or 'verbose' | ||||
| local methods | ||||
| 
 | ||||
| if site.mesh_vpn.fastd.configurable(false) then | ||||
| 	local has_null = util.contains(site.mesh_vpn.fastd.methods(), 'null') | ||||
| 	local site_methods = site.mesh_vpn.fastd.methods() | ||||
| 	local has_null = util.contains(site_methods, 'null@l2tp') or util.contains(site_methods, 'null') | ||||
| 
 | ||||
| 	local old_methods = uci:get('fastd', 'mesh_vpn', 'method') | ||||
| 	if old_methods then | ||||
| 		has_null = util.contains(old_methods, 'null') | ||||
| 		has_null = util.contains(old_methods, 'null@l2tp') or util.contains(old_methods, 'null') | ||||
| 	end | ||||
| 
 | ||||
| 	methods = {} | ||||
| 	if has_null then | ||||
| 		table.insert(methods, 'null@l2tp') | ||||
| 		table.insert(methods, 'null') | ||||
| 	end | ||||
| 
 | ||||
| 	for _, method in ipairs(site.mesh_vpn.fastd.methods()) do | ||||
| 		if method ~= 'null' then | ||||
| 	for _, method in ipairs(site_methods) do | ||||
| 		if method ~= 'null@l2tp' and method ~= 'null' then | ||||
| 			table.insert(methods, method) | ||||
| 		end | ||||
| 	end | ||||
| @ -43,9 +46,20 @@ uci:section('fastd', 'fastd', 'mesh_vpn', { | ||||
| 	secure_handshakes = true, | ||||
| 	method = methods, | ||||
| 	packet_mark = 1, | ||||
| 	persist_interface = true, | ||||
| 	offload_l2tp = false, | ||||
| 	status_socket = '/var/run/fastd.mesh_vpn.socket', | ||||
| }) | ||||
| uci:delete('fastd', 'mesh_vpn', 'user') | ||||
| uci:delete('fastd', 'mesh_vpn', 'peer_limit') | ||||
| 
 | ||||
| -- L2TP offload support | ||||
| if unistd.access('/lib/gluon/mesh-vpn/fastd/l2tp') then | ||||
| 	uci:set('fastd', 'mesh_vpn', 'mode', 'multitap') | ||||
| 	uci:set('fastd', 'mesh_vpn', 'persist_interface', false) | ||||
| 	uci:set('fastd', 'mesh_vpn', 'offload_l2tp', true) | ||||
| 	uci:set('fastd', 'mesh_vpn', 'peer_limit', 1) | ||||
| end | ||||
| 
 | ||||
| 
 | ||||
| -- Collect list of groups that have peers with 'preserve' flag | ||||
| @ -88,6 +102,7 @@ local function add_peer(group, name, config) | ||||
| 		enabled = true, | ||||
| 		net = 'mesh_vpn', | ||||
| 		group = group, | ||||
| 		interface = 'mesh-vpn', | ||||
| 		key = config.key, | ||||
| 		remote = config.remotes, | ||||
| 	}) | ||||
| @ -117,5 +132,11 @@ end | ||||
| 
 | ||||
| add_groups('mesh_vpn', site.mesh_vpn.fastd.groups()) | ||||
| 
 | ||||
| -- Update preserved peers as well | ||||
| uci:foreach('fastd', 'peer', function(peer) | ||||
| 	if peer.net == 'mesh_vpn' then | ||||
| 		uci:set('fastd', peer['.name'], 'interface', 'mesh-vpn') | ||||
| 	end | ||||
| end) | ||||
| 
 | ||||
| uci:save('fastd') | ||||
|  | ||||
| @ -10,7 +10,7 @@ mode.package = "gluon-web-mesh-vpn-fastd" | ||||
| mode.template = "mesh-vpn-fastd" | ||||
| 
 | ||||
| local methods = uci:get('fastd', 'mesh_vpn', 'method') | ||||
| if util.contains(methods, 'null') then | ||||
| if util.contains(methods, 'null@l2tp') or util.contains(methods, 'null') then | ||||
| 	-- performance mode will only be used as default, if it is present in site.mesh_vpn.fastd.methods | ||||
| 	mode.default = 'performance' | ||||
| else | ||||
| @ -24,11 +24,12 @@ function mode:write(data) | ||||
| 	-- if performance mode was selected, and the method 'null' was not present in the original table, it will be added | ||||
| 	local site_methods = {} | ||||
| 	if data == 'performance' then | ||||
| 		table.insert(site_methods, 'null@l2tp') | ||||
| 		table.insert(site_methods, 'null') | ||||
| 	end | ||||
| 
 | ||||
| 	for _, method in ipairs(site.mesh_vpn.fastd.methods()) do | ||||
| 		if method ~= 'null' then | ||||
| 		if method ~= 'null@l2tp' and method ~= 'null' then | ||||
| 			table.insert(site_methods, method) | ||||
| 		end | ||||
| 	end | ||||
|  | ||||
| @ -0,0 +1,66 @@ | ||||
| From: Matthias Schiffer <mschiffer@universe-factory.net> | ||||
| Date: Sat, 13 Mar 2021 09:10:31 +0100 | ||||
| Subject: opkg: libopkg: pkg_hash: prefer original packages to satisfy dependencies | ||||
| 
 | ||||
| Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> | ||||
| 
 | ||||
| diff --git a/package/system/opkg/patches/0001-libopkg-pkg_hash-prefer-original-packages-to-satisfy.patch b/package/system/opkg/patches/0001-libopkg-pkg_hash-prefer-original-packages-to-satisfy.patch
 | ||||
| new file mode 100644 | ||||
| index 0000000000000000000000000000000000000000..a06c9974ea66efb5d577a481f2fe28a8be9175fd
 | ||||
| --- /dev/null
 | ||||
| +++ b/package/system/opkg/patches/0001-libopkg-pkg_hash-prefer-original-packages-to-satisfy.patch
 | ||||
| @@ -0,0 +1,54 @@
 | ||||
| +From 9c1e3dd3bf12684c67d7da433594bfb7e3f40f82 Mon Sep 17 00:00:00 2001
 | ||||
| +Message-Id: <9c1e3dd3bf12684c67d7da433594bfb7e3f40f82.1615622873.git.mschiffer@universe-factory.net>
 | ||||
| +From: Matthias Schiffer <mschiffer@universe-factory.net>
 | ||||
| +Date: Sat, 13 Mar 2021 02:00:40 +0100
 | ||||
| +Subject: [PATCH] libopkg: pkg_hash: prefer original packages to satisfy
 | ||||
| + dependencies
 | ||||
| +
 | ||||
| +When one package "provides" another non-virtual package, prefer to use
 | ||||
| +the original package instead of the providing package.
 | ||||
| +
 | ||||
| +Example:
 | ||||
| +
 | ||||
| +Consider packages "foo" and "bar", where "foo" provides "bar".
 | ||||
| +The current code will sort all candidates by name and use the last entry
 | ||||
| +by default, so "foo" would be used to satisfy a dependency on "bar".
 | ||||
| +Change the logic to prefer the actual package "bar" in this case.
 | ||||
| +
 | ||||
| +Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
 | ||||
| +Reviewed-by: Daniel Golle <daniel@makrotopia.org>
 | ||||
| +---
 | ||||
| + libopkg/pkg_hash.c | 14 ++++++++++++--
 | ||||
| + 1 file changed, 12 insertions(+), 2 deletions(-)
 | ||||
| +
 | ||||
| +--- a/libopkg/pkg_hash.c
 | ||||
| ++++ b/libopkg/pkg_hash.c
 | ||||
| +@@ -285,6 +285,7 @@ pkg_t *pkg_hash_fetch_best_installation_
 | ||||
| + 	int nmatching = 0;
 | ||||
| + 	int wrong_arch_found = 0;
 | ||||
| + 	int arch_priority;
 | ||||
| ++	int good_pkg_score = 0;
 | ||||
| + 	pkg_vec_t *matching_pkgs;
 | ||||
| + 	abstract_pkg_vec_t *matching_apkgs;
 | ||||
| + 	abstract_pkg_vec_t *provided_apkg_vec;
 | ||||
| +@@ -408,9 +409,18 @@ pkg_t *pkg_hash_fetch_best_installation_
 | ||||
| + 	for (i = 0; i < matching_pkgs->len; i++) {
 | ||||
| + 		pkg_t *matching = matching_pkgs->pkgs[i];
 | ||||
| + 		if (constraint_fcn(matching, cdata)) {
 | ||||
| +-			opkg_msg(DEBUG, "Candidate: %s %s.\n",
 | ||||
| +-				 matching->name, pkg_get_string(matching, PKG_VERSION));
 | ||||
| ++			int score = 1;
 | ||||
| ++			if (strcmp(matching->name, apkg->name) == 0)
 | ||||
| ++				score++;
 | ||||
| ++
 | ||||
| ++			opkg_msg(DEBUG, "Candidate: %s %s (score %d).\n",
 | ||||
| ++				 matching->name, pkg_get_string(matching, PKG_VERSION),
 | ||||
| ++				 score);
 | ||||
| ++			if (score < good_pkg_score)
 | ||||
| ++				continue;
 | ||||
| ++
 | ||||
| + 			good_pkg_by_name = matching;
 | ||||
| ++			good_pkg_score = score;
 | ||||
| + 			/* It has been provided by hand, so it is what user want */
 | ||||
| + 			if (matching->provided_by_hand == 1)
 | ||||
| + 				break;
 | ||||
							
								
								
									
										123
									
								
								patches/packages/packages/0003-fastd-simplify-Config.in.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										123
									
								
								patches/packages/packages/0003-fastd-simplify-Config.in.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,123 @@ | ||||
| From: Matthias Schiffer <mschiffer@universe-factory.net> | ||||
| Date: Sun, 7 Mar 2021 11:48:32 +0100 | ||||
| Subject: fastd: simplify Config.in | ||||
| 
 | ||||
| Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> | ||||
| 
 | ||||
| diff --git a/net/fastd/Config.in b/net/fastd/Config.in
 | ||||
| index 8302f7ee4dac874b1303ebeeb836551ef202c261..89ff6850aa5ab4ad0e762d8fb9473d5e5c820089 100644
 | ||||
| --- a/net/fastd/Config.in
 | ||||
| +++ b/net/fastd/Config.in
 | ||||
| @@ -1,102 +1,79 @@
 | ||||
| +if PACKAGE_fastd
 | ||||
| +
 | ||||
|  menu "Configuration" | ||||
| -	depends on PACKAGE_fastd
 | ||||
|   | ||||
|  config FASTD_ENABLE_METHOD_CIPHER_TEST | ||||
|  	bool "Enable cipher-test method provider" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| -	default n
 | ||||
|   | ||||
|  config FASTD_ENABLE_METHOD_COMPOSED_GMAC | ||||
|  	bool "Enable composed-gmac method provider" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| +	select FASTD_ENABLE_MAC_GHASH
 | ||||
|  	default y | ||||
|   | ||||
|  config FASTD_ENABLE_METHOD_COMPOSED_UMAC | ||||
|  	bool "Enable composed-umac method provider" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| +	select FASTD_ENABLE_MAC_UHASH
 | ||||
|  	default y | ||||
|   | ||||
|  config FASTD_ENABLE_METHOD_GENERIC_GMAC | ||||
|  	bool "Enable generic-gmac method provider" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| +	select FASTD_ENABLE_MAC_GHASH
 | ||||
|  	default y | ||||
|   | ||||
|  config FASTD_ENABLE_METHOD_GENERIC_POLY1305 | ||||
|  	bool "Enable generic-poly1305 method provider" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| -	default n
 | ||||
|   | ||||
|  config FASTD_ENABLE_METHOD_GENERIC_UMAC | ||||
|  	bool "Enable generic-umac method provider" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| +	select FASTD_ENABLE_MAC_UHASH
 | ||||
|  	default y | ||||
|   | ||||
|  config FASTD_ENABLE_METHOD_NULL | ||||
|  	bool "Enable null method" | ||||
| -	depends on PACKAGE_fastd
 | ||||
|  	default y | ||||
|   | ||||
|   | ||||
|  config FASTD_ENABLE_CIPHER_NULL | ||||
|  	bool "Enable the null cipher" | ||||
| -	depends on PACKAGE_fastd
 | ||||
|  	default y | ||||
|   | ||||
|  config FASTD_ENABLE_CIPHER_SALSA20 | ||||
|  	bool "Enable the Salsa20 cipher" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| -	default n
 | ||||
|   | ||||
|  config FASTD_ENABLE_CIPHER_SALSA2012 | ||||
|  	bool "Enable the Salsa20/12 cipher" | ||||
| -	depends on PACKAGE_fastd
 | ||||
|  	default y | ||||
|   | ||||
|   | ||||
|  config FASTD_ENABLE_MAC_GHASH | ||||
| -	bool "Enable the GHASH message authentication code"
 | ||||
| -	depends on PACKAGE_fastd
 | ||||
| -	default y
 | ||||
| +	bool
 | ||||
|   | ||||
|  config FASTD_ENABLE_MAC_UHASH | ||||
| -	bool "Enable the UHASH message authentication code"
 | ||||
| -	depends on PACKAGE_fastd
 | ||||
| -	default y
 | ||||
| +	bool
 | ||||
|   | ||||
|   | ||||
|  config FASTD_WITH_CAPABILITIES | ||||
|  	bool "Enable POSIX capability support" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| -	default n
 | ||||
|   | ||||
|  config FASTD_WITH_CMDLINE_USER | ||||
|  	bool "Include support for setting user/group related options on the command line" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| -	default n
 | ||||
|   | ||||
|  config FASTD_WITH_CMDLINE_LOGGING | ||||
|  	bool "Include support for setting logging related options on the command line" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| -	default n
 | ||||
|   | ||||
|  config FASTD_WITH_CMDLINE_OPERATION | ||||
|  	bool "Include support for setting options related to the VPN operation (like mode, interface, encryption method) on the command line" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| -	default n
 | ||||
|   | ||||
|  config FASTD_WITH_CMDLINE_COMMANDS | ||||
|  	bool "Include support for setting handler scripts (e.g. --on-up) on the command line" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| -	default n
 | ||||
|   | ||||
|  config FASTD_WITH_DYNAMIC_PEERS | ||||
|  	bool "Include support for dynamic peers (using on-verify handlers)" | ||||
| -	depends on PACKAGE_fastd
 | ||||
| -	default n
 | ||||
|   | ||||
|  config FASTD_WITH_STATUS_SOCKET | ||||
|  	bool "Include support for status sockets" | ||||
| -	depends on PACKAGE_fastd
 | ||||
|  	default y | ||||
|   | ||||
|  endmenu | ||||
| +
 | ||||
| +endif
 | ||||
| @ -0,0 +1,31 @@ | ||||
| From: Matthias Schiffer <mschiffer@universe-factory.net> | ||||
| Date: Sun, 7 Mar 2021 11:50:04 +0100 | ||||
| Subject: fastd: disable GMAC-based methods by default | ||||
| 
 | ||||
| The UMAC-based methods provide higher performance than GMAC and aren't | ||||
| suspectible to timing attacks when implemented in software (which is | ||||
| always the case on OpenWrt, as OpenSSL support is disabled). Disable | ||||
| GMAC by default to save a few KiB. | ||||
| 
 | ||||
| Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> | ||||
| 
 | ||||
| diff --git a/net/fastd/Config.in b/net/fastd/Config.in
 | ||||
| index 89ff6850aa5ab4ad0e762d8fb9473d5e5c820089..b6d46246e53516cdb7fc6e4857ea62481b4e8276 100644
 | ||||
| --- a/net/fastd/Config.in
 | ||||
| +++ b/net/fastd/Config.in
 | ||||
| @@ -8,7 +8,6 @@ config FASTD_ENABLE_METHOD_CIPHER_TEST
 | ||||
|  config FASTD_ENABLE_METHOD_COMPOSED_GMAC | ||||
|  	bool "Enable composed-gmac method provider" | ||||
|  	select FASTD_ENABLE_MAC_GHASH | ||||
| -	default y
 | ||||
|   | ||||
|  config FASTD_ENABLE_METHOD_COMPOSED_UMAC | ||||
|  	bool "Enable composed-umac method provider" | ||||
| @@ -18,7 +17,6 @@ config FASTD_ENABLE_METHOD_COMPOSED_UMAC
 | ||||
|  config FASTD_ENABLE_METHOD_GENERIC_GMAC | ||||
|  	bool "Enable generic-gmac method provider" | ||||
|  	select FASTD_ENABLE_MAC_GHASH | ||||
| -	default y
 | ||||
|   | ||||
|  config FASTD_ENABLE_METHOD_GENERIC_POLY1305 | ||||
|  	bool "Enable generic-poly1305 method provider" | ||||
| @ -0,0 +1,61 @@ | ||||
| From: Matthias Schiffer <mschiffer@universe-factory.net> | ||||
| Date: Sun, 7 Mar 2021 11:56:31 +0100 | ||||
| Subject: fastd: update to main branch snapshot | ||||
| 
 | ||||
| Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> | ||||
| 
 | ||||
| diff --git a/net/fastd/Config.in b/net/fastd/Config.in
 | ||||
| index b6d46246e53516cdb7fc6e4857ea62481b4e8276..157d1e39931cc0163785212cb5eea7d8af4f46f2 100644
 | ||||
| --- a/net/fastd/Config.in
 | ||||
| +++ b/net/fastd/Config.in
 | ||||
| @@ -30,6 +30,10 @@ config FASTD_ENABLE_METHOD_NULL
 | ||||
|  	bool "Enable null method" | ||||
|  	default y | ||||
|   | ||||
| +config FASTD_ENABLE_METHOD_NULL_L2TP
 | ||||
| +	bool "Enable null@l2tp method"
 | ||||
| +	default y
 | ||||
| +
 | ||||
|   | ||||
|  config FASTD_ENABLE_CIPHER_NULL | ||||
|  	bool "Enable the null cipher" | ||||
| diff --git a/net/fastd/Makefile b/net/fastd/Makefile
 | ||||
| index c7ab056a9ae005a75a75911658607e64d6228aac..12c9dbc73a9a57d9518cf243674a4104cbacab5b 100644
 | ||||
| --- a/net/fastd/Makefile
 | ||||
| +++ b/net/fastd/Makefile
 | ||||
| @@ -8,12 +8,14 @@
 | ||||
|  include $(TOPDIR)/rules.mk | ||||
|   | ||||
|  PKG_NAME:=fastd | ||||
| -PKG_VERSION:=21
 | ||||
| +PKG_VERSION:=21.37.g7dc53ab69e49
 | ||||
|   | ||||
|  PKG_MAINTAINER:=Matthias Schiffer <mschiffer@universe-factory.net> | ||||
|  PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz | ||||
| -PKG_SOURCE_URL:=https://github.com/NeoRaider/fastd/releases/download/v$(PKG_VERSION)
 | ||||
| -PKG_HASH:=942f33bcd794bcb8e19da4c30c875bdfd4d0f1c24ec4dcdf51237791bbfb0d4c
 | ||||
| +PKG_SOURCE_VERSION:=7dc53ab69e494b9bfb982f729d9f2c510b3629ec
 | ||||
| +PKG_SOURCE_PROTO:=git
 | ||||
| +PKG_SOURCE_URL:=https://github.com/NeoRaider/fastd.git
 | ||||
| +PKG_MIRROR_HASH:=cae8b5d76305617c7946a67e1d21136d53b60a7fea67d45258ff566e1b787a90
 | ||||
|   | ||||
|  PKG_LICENSE:=BSD-2-Clause | ||||
|  PKG_LICENSE_FILES:=COPYRIGHT | ||||
| @@ -26,6 +28,7 @@ PKG_CONFIG_DEPENDS:=\
 | ||||
|  	CONFIG_FASTD_ENABLE_METHOD_GENERIC_POLY1305 \ | ||||
|  	CONFIG_FASTD_ENABLE_METHOD_GENERIC_UMAC \ | ||||
|  	CONFIG_FASTD_ENABLE_METHOD_NULL \ | ||||
| +	CONFIG_FASTD_ENABLE_METHOD_NULL_L2TP \
 | ||||
|  	CONFIG_FASTD_ENABLE_CIPHER_NULL \ | ||||
|  	CONFIG_FASTD_ENABLE_CIPHER_SALSA20 \ | ||||
|  	CONFIG_FASTD_ENABLE_CIPHER_SALSA2012 \ | ||||
| @@ -81,7 +84,9 @@ MESON_ARGS += \
 | ||||
|  	-Dmethod_generic-poly1305=$(call feature,ENABLE_METHOD_GENERIC_POLY1305) \ | ||||
|  	-Dmethod_generic-umac=$(call feature,ENABLE_METHOD_GENERIC_UMAC) \ | ||||
|  	-Dmethod_null=$(call feature,ENABLE_METHOD_NULL) \ | ||||
| +	-Dmethod_null_l2tp=$(call feature,ENABLE_METHOD_NULL_L2TP) \
 | ||||
|  	-Dstatus_socket=$(call feature,WITH_STATUS_SOCKET) \ | ||||
| +	-Doffload_l2tp=disabled \
 | ||||
|  	-Dsystemd=disabled \ | ||||
|  	-Duse_nacl=true \ | ||||
|  	-Db_lto=true \ | ||||
							
								
								
									
										87
									
								
								patches/packages/packages/0006-fastd-add-L2TP-variant.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										87
									
								
								patches/packages/packages/0006-fastd-add-L2TP-variant.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,87 @@ | ||||
| From: Matthias Schiffer <mschiffer@universe-factory.net> | ||||
| Date: Sun, 7 Mar 2021 12:05:28 +0100 | ||||
| Subject: fastd: add L2TP variant | ||||
| 
 | ||||
| Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> | ||||
| 
 | ||||
| diff --git a/net/fastd/Config.in b/net/fastd/Config.in
 | ||||
| index 157d1e39931cc0163785212cb5eea7d8af4f46f2..3da5e1f183c5400cc38650efad39edf31c6f18d0 100644
 | ||||
| --- a/net/fastd/Config.in
 | ||||
| +++ b/net/fastd/Config.in
 | ||||
| @@ -1,4 +1,4 @@
 | ||||
| -if PACKAGE_fastd
 | ||||
| +if PACKAGE_fastd || PACKAGE_fastd-l2tp
 | ||||
|   | ||||
|  menu "Configuration" | ||||
|   | ||||
| diff --git a/net/fastd/Makefile b/net/fastd/Makefile
 | ||||
| index 12c9dbc73a9a57d9518cf243674a4104cbacab5b..a9280562cb139418b21ecf72cc2c31a5893c3380 100644
 | ||||
| --- a/net/fastd/Makefile
 | ||||
| +++ b/net/fastd/Makefile
 | ||||
| @@ -17,8 +17,8 @@ PKG_SOURCE_PROTO:=git
 | ||||
|  PKG_SOURCE_URL:=https://github.com/NeoRaider/fastd.git | ||||
|  PKG_MIRROR_HASH:=cae8b5d76305617c7946a67e1d21136d53b60a7fea67d45258ff566e1b787a90 | ||||
|   | ||||
| -PKG_LICENSE:=BSD-2-Clause
 | ||||
| -PKG_LICENSE_FILES:=COPYRIGHT
 | ||||
| +PKG_LICENSE:=BSD-2-Clause LGPL-2.1-or-later
 | ||||
| +PKG_LICENSE_FILES:=COPYRIGHT src/dep/libmnl/COPYING
 | ||||
|   | ||||
|  PKG_CONFIG_DEPENDS:=\ | ||||
|  	CONFIG_FASTD_ENABLE_METHOD_CIPHER_TEST \ | ||||
| @@ -56,6 +56,14 @@ define Package/fastd
 | ||||
|    TITLE:=Fast and Secure Tunneling Daemon | ||||
|    URL:=https://github.com/NeoRaider/fastd/ | ||||
|    SUBMENU:=VPN | ||||
| +  VARIANT:=default
 | ||||
| +endef
 | ||||
| +define Package/fastd-l2tp
 | ||||
| +$(Package/fastd)
 | ||||
| +  DEPENDS+=+kmod-l2tp +kmod-l2tp-eth
 | ||||
| +  TITLE+=(L2TP kernel offloading)
 | ||||
| +  VARIANT:=l2tp
 | ||||
| +  PROVIDES:=fastd
 | ||||
|  endef | ||||
|   | ||||
|  define Package/fastd/config | ||||
| @@ -87,18 +95,31 @@ MESON_ARGS += \
 | ||||
|  	-Dmethod_null_l2tp=$(call feature,ENABLE_METHOD_NULL_L2TP) \ | ||||
|  	-Dstatus_socket=$(call feature,WITH_STATUS_SOCKET) \ | ||||
|  	-Doffload_l2tp=disabled \ | ||||
| +	-Dlibmnl_builtin=true \
 | ||||
|  	-Dsystemd=disabled \ | ||||
|  	-Duse_nacl=true \ | ||||
|  	-Db_lto=true \ | ||||
|  	-Dprefix=/usr | ||||
|   | ||||
| +ifeq ($(BUILD_VARIANT),l2tp)
 | ||||
| +  MESON_ARGS += \
 | ||||
| +	-Dmethod_null_l2tp=enabled \
 | ||||
| +	-Doffload_l2tp=enabled
 | ||||
| +endif
 | ||||
| +
 | ||||
|  define Package/fastd/description | ||||
| - Fast and secure tunneling daemon, which is optimized on small code size and few dependencies
 | ||||
| +Fast and secure tunneling daemon, which is optimized on small code size and few dependencies
 | ||||
| +endef
 | ||||
| +define Package/fastd-l2tp/description
 | ||||
| +$(Package/fastd/description)
 | ||||
| +
 | ||||
| +This variant enables L2TP kernel offloadig support.
 | ||||
|  endef | ||||
|   | ||||
|  define Package/fastd/conffiles | ||||
|  /etc/config/fastd | ||||
|  endef | ||||
| +Package/fastd-l2tp/conffiles = $(Package/fastd/conffiles)
 | ||||
|   | ||||
|  define Package/fastd/install | ||||
|  	$(INSTALL_DIR) $(1)/usr/bin | ||||
| @@ -112,5 +133,7 @@ define Package/fastd/install
 | ||||
|  	$(INSTALL_DIR) $(1)/lib/upgrade/keep.d | ||||
|  	$(INSTALL_DATA) files/fastd.upgrade $(1)/lib/upgrade/keep.d/fastd | ||||
|  endef | ||||
| +Package/fastd-l2tp/install = $(Package/fastd/install)
 | ||||
|   | ||||
|  $(eval $(call BuildPackage,fastd)) | ||||
| +$(eval $(call BuildPackage,fastd-l2tp))
 | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user