update 2025-02-05 00:30:31

zerotier/Config.in

@@ -0,0 +1,14 @@
+menu "Configuration"
+	depends on PACKAGE_zerotier
+
+config ZEROTIER_ENABLE_DEBUG
+	bool "Build in debug mode"
+	depends on PACKAGE_zerotier
+	default n
+
+config ZEROTIER_ENABLE_SELFTEST
+	bool "Build a self test program"
+	depends on PACKAGE_zerotier
+	default n
+
+endmenu

zerotier/Makefile

@@ -0,0 +1,82 @@
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=zerotier
+PKG_VERSION:=1.14.2
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/zerotier/ZeroTierOne/tar.gz/$(PKG_VERSION)?
+PKG_HASH:=c2f64339fccf5148a7af089b896678d655fbfccac52ddce7714314a59d7bddbb
+PKG_BUILD_DIR:=$(BUILD_DIR)/ZeroTierOne-$(PKG_VERSION)
+
+PKG_MAINTAINER:=Moritz Warning <moritzwarning@web.de>
+PKG_LICENSE:=BSL 1.1
+PKG_LICENSE_FILES:=LICENSE.txt
+
+PKG_ASLR_PIE:=0
+PKG_BUILD_PARALLEL:=1
+PKG_BUILD_FLAGS:=gc-sections
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/zerotier
+  SECTION:=net
+  CATEGORY:=Network
+  DEPENDS:=+libpthread +libstdcpp +kmod-tun +ip +libminiupnpc +libnatpmp +libatomic
+  TITLE:=Create flat virtual Ethernet networks of almost unlimited size
+  URL:=https://www.zerotier.com
+  SUBMENU:=VPN
+endef
+
+define Package/zerotier/description
+	ZeroTier creates a global provider-independent virtual private cloud network.
+endef
+
+define Package/zerotier/config
+	source "$(SOURCE)/Config.in"
+endef
+
+ifeq ($(CONFIG_ZEROTIER_ENABLE_DEBUG),y)
+MAKE_FLAGS += ZT_DEBUG=1
+endif
+
+MAKE_FLAGS += \
+	ZT_EMBEDDED=1 \
+	ZT_SSO_SUPPORTED=0 \
+	DEFS="" \
+	OSTYPE="Linux" \
+
+define Build/Compile
+	$(call Build/Compile/Default,one)
+ifeq ($(CONFIG_ZEROTIER_ENABLE_SELFTEST),y)
+	$(call Build/Compile/Default,selftest)
+endif
+endef
+
+# Make binary smaller
+TARGET_CFLAGS += -Wl,-z,noexecstack
+TARGET_LDFLAGS += -Wl,--as-needed -Wl,-z,noexecstack
+
+define Package/zerotier/conffiles
+/etc/config/zerotier
+endef
+
+define Package/zerotier/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/zerotier-one $(1)/usr/bin/
+	$(LN) zerotier-one $(1)/usr/bin/zerotier-cli
+	$(LN) zerotier-one $(1)/usr/bin/zerotier-idtool
+
+ifeq ($(CONFIG_ZEROTIER_ENABLE_SELFTEST),y)
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/zerotier-selftest $(1)/usr/bin/
+endif
+
+	$(CP) ./files/* $(1)/
+endef
+
+$(eval $(call BuildPackage,zerotier))

zerotier/files/etc/config/zerotier

@@ -0,0 +1,20 @@
+
+config zerotier sample_config
+	option enabled 0
+
+	# persistent configuration folder (for ZT controller mode)
+	#option config_path '/etc/zerotier'
+	# copy <config_path> to RAM to prevent writing to flash (for ZT controller mode)
+	#option copy_config_path '1'
+
+	#option port '9993'
+
+	# path to the local.conf
+	#option local_conf '/etc/zerotier.conf'
+
+	# Generate secret on first start
+	option secret ''
+
+	# Join a public network called Earth
+	list join '8056c2e21c000001'
+	#list join '<other_network>'

zerotier/files/etc/init.d/zerotier

@@ -0,0 +1,130 @@
+#!/bin/sh /etc/rc.common
+
+START=90
+
+USE_PROCD=1
+
+PROG=/usr/bin/zerotier-one
+CONFIG_PATH=/var/lib/zerotier-one
+
+section_enabled() {
+	config_get_bool enabled "$1" 'enabled' 0
+	[ $enabled -ne 0 ]
+}
+
+start_instance() {
+	local cfg="$1"
+	local port secret config_path local_conf copy_config_path path
+	local args=""
+
+	if ! section_enabled "$cfg"; then
+		echo "disabled in /etc/config/zerotier"
+		return 1
+	fi
+
+	config_get config_path $cfg 'config_path'
+	config_get port $cfg 'port'
+	config_get secret $cfg 'secret'
+	config_get local_conf $cfg 'local_conf'
+	config_get_bool copy_config_path $cfg 'copy_config_path' 0
+
+	path=${CONFIG_PATH}_$cfg
+
+	# Remove existing link or folder
+	rm -rf $path
+
+	# Create link or copy files from CONFIG_PATH to config_path
+	if [ -n "$config_path" -a "$config_path" != "$path" ]; then
+		# Create the config path to init and persist
+		if [ ! -d "$config_path" ]; then
+			echo "ZeroTier config_path does not exist: $config_path, create..."
+			mkdir -p $config_path
+		fi
+
+		# ensure that the target exists
+		mkdir -p $(dirname $path)
+
+		if [ "$copy_config_path" = "1" ]; then
+			cp -r $config_path $path
+		else
+			ln -s $config_path $path
+		fi
+	fi
+
+	mkdir -p $path/networks.d
+
+	# link latest default config path to latest config path
+	rm -f $CONFIG_PATH
+	ln -s $path $CONFIG_PATH
+
+	if [ -n "$port" ]; then
+		args="$args -p${port}"
+	fi
+
+	if [ -z "$secret" -a ! -f $path/identity.secret ]; then
+		echo "Generate secret - please wait..."
+		local sf="/tmp/zt.$cfg.secret"
+
+		zerotier-idtool generate "$sf" > /dev/null
+		[ $? -ne 0 ] && return 1
+
+		secret="$(cat $sf)"
+		rm "$sf"
+
+		uci set zerotier.$cfg.secret="$secret"
+		uci commit zerotier
+	fi
+
+	if [ -n "$secret" ]; then
+		echo "$secret" > $path/identity.secret
+		# make sure there is not previous identity.public
+		rm -f $path/identity.public
+	fi
+
+	if [ -f "$local_conf" ]; then
+		ln -s "$local_conf" $path/local.conf
+	fi
+
+	add_join() {
+		# an (empty) config file will cause ZT to join a network
+		touch $path/networks.d/$1.conf
+	}
+
+	config_list_foreach $cfg 'join' add_join
+
+	procd_open_instance
+	procd_set_param command $PROG $args $path
+	procd_set_param stderr 1
+	procd_set_param respawn
+	procd_close_instance
+}
+
+start_service() {
+	config_load 'zerotier'
+	config_foreach start_instance 'zerotier'
+}
+
+stop_instance() {
+	local cfg="$1"
+
+	# Remove existing networks
+	rm -f ${CONFIG_PATH}_${cfg}/networks.d/*.conf
+
+	# Remove existing link or folder
+	rm -rf ${CONFIG_PATH}_${cfg}
+}
+
+stop_service() {
+	config_load 'zerotier'
+	config_foreach stop_instance 'zerotier'
+	rm -f ${CONFIG_PATH}
+}
+
+reload_service() {
+	stop
+	start
+}
+
+service_triggers() {
+	procd_add_reload_trigger 'zerotier'
+}

zerotier/patches/0001-fix-miniupnpc-natpmp-include-paths.patch

@@ -0,0 +1,32 @@
+From f53004bd22365900a1dbb120dae62ce8b614d31d Mon Sep 17 00:00:00 2001
+From: Moritz Warning <moritzwarning@web.de>
+Date: Mon, 6 May 2024 22:31:57 +0200
+Subject: [PATCH 1/5] fix miniupnpc/natpmp include paths
+
+Signed-off-by: Moritz Warning <moritzwarning@web.de>
+---
+ make-linux.mk | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/make-linux.mk
++++ b/make-linux.mk
+@@ -26,8 +26,8 @@ TIMESTAMP=$(shell date +"%Y%m%d%H%M")
+ # otherwise build into binary as done on Mac and Windows.
+ ONE_OBJS+=osdep/PortMapper.o
+ override DEFS+=-DZT_USE_MINIUPNPC
+-MINIUPNPC_IS_NEW_ENOUGH=$(shell grep -sqr '.*define.*MINIUPNPC_VERSION.*"2..*"' /usr/include/miniupnpc/miniupnpc.h && echo 1)
+-#MINIUPNPC_IS_NEW_ENOUGH=$(shell grep -sqr '.*define.*MINIUPNPC_VERSION.*"2.."' /usr/include/miniupnpc/miniupnpc.h && echo 1)
++MINIUPNPC_IS_NEW_ENOUGH=$(shell grep -sqr '.*define.*MINIUPNPC_VERSION.*"2..*"' $(STAGING_DIR)/usr/include/miniupnpc/miniupnpc.h && echo 1)
++#MINIUPNPC_IS_NEW_ENOUGH=$(shell grep -sqr '.*define.*MINIUPNPC_VERSION.*"2.."' $(STAGING_DIR)/usr/include/miniupnpc/miniupnpc.h && echo 1)
+ ifeq ($(MINIUPNPC_IS_NEW_ENOUGH),1)
+ 	override DEFS+=-DZT_USE_SYSTEM_MINIUPNPC
+ 	LDLIBS+=-lminiupnpc
+@@ -35,7 +35,7 @@ else
+ 	override DEFS+=-DMINIUPNP_STATICLIB -DMINIUPNPC_SET_SOCKET_TIMEOUT -DMINIUPNPC_GET_SRC_ADDR -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600 -DOS_STRING="\"Linux\"" -DMINIUPNPC_VERSION_STRING="\"2.0\"" -DUPNP_VERSION_STRING="\"UPnP/1.1\"" -DENABLE_STRNATPMPERR
+ 	ONE_OBJS+=ext/miniupnpc/connecthostport.o ext/miniupnpc/igd_desc_parse.o ext/miniupnpc/minisoap.o ext/miniupnpc/minissdpc.o ext/miniupnpc/miniupnpc.o ext/miniupnpc/miniwget.o ext/miniupnpc/minixml.o ext/miniupnpc/portlistingparse.o ext/miniupnpc/receivedata.o ext/miniupnpc/upnpcommands.o ext/miniupnpc/upnpdev.o ext/miniupnpc/upnperrors.o ext/miniupnpc/upnpreplyparse.o
+ endif
+-ifeq ($(wildcard /usr/include/natpmp.h),)
++ifeq ($(wildcard $(STAGING_DIR)/usr/include/natpmp.h),)
+ 	ONE_OBJS+=ext/libnatpmp/natpmp.o ext/libnatpmp/getgateway.o
+ else
+ 	LDLIBS+=-lnatpmp

zerotier/patches/0002-remove-PIE-options.patch

@@ -0,0 +1,41 @@
+From c10b5ed4c6c44e36178b0a5a82da9e8eaa957008 Mon Sep 17 00:00:00 2001
+From: Moritz Warning <moritzwarning@web.de>
+Date: Mon, 6 May 2024 22:34:15 +0200
+Subject: [PATCH 2/5] remove PIE options
+
+Signed-off-by: Moritz Warning <moritzwarning@web.de>
+---
+ make-linux.mk | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+--- a/make-linux.mk
++++ b/make-linux.mk
+@@ -71,7 +71,7 @@ else
+ 	override CFLAGS+=-Wall -Wno-deprecated -pthread $(INCLUDES) -DNDEBUG $(DEFS)
+ 	CXXFLAGS?=-O3 -fstack-protector
+ 	override CXXFLAGS+=-Wall -Wno-deprecated -std=c++17 -pthread $(INCLUDES) -DNDEBUG $(DEFS)
+-	LDFLAGS?=-pie -Wl,-z,relro,-z,now
++	LDFLAGS?=-Wl,-z,relro,-z,now
+ 	ZT_CARGO_FLAGS=--release
+ endif
+ 
+@@ -333,7 +333,7 @@ ifeq ($(ZT_CONTROLLER),1)
+ endif
+ 
+ # ARM32 hell -- use conservative CFLAGS
+-ifeq ($(ZT_ARCHITECTURE),3)
++ifeq (0,3)
+ 	ifeq ($(shell if [ -e /usr/bin/dpkg ]; then dpkg --print-architecture; fi),armel)
+ 		override CFLAGS+=-march=armv5t -mfloat-abi=soft -msoft-float -mno-unaligned-access -marm
+ 		override CXXFLAGS+=-march=armv5t -mfloat-abi=soft -msoft-float -mno-unaligned-access -marm
+@@ -360,8 +360,8 @@ ifeq ($(ZT_USE_ARM32_NEON_ASM_CRYPTO),1)
+ endif
+ 
+ # Position Independence
+-override CFLAGS+=-fPIC -fPIE
+-override CXXFLAGS+=-fPIC -fPIE
++#override CFLAGS+=-fPIC -fPIE
++#override CXXFLAGS+=-fPIC -fPIE
+ 
+ # Non-executable stack
+ override LDFLAGS+=-Wl,-z,noexecstack

zerotier/patches/0003-fix-compilation-for-arm_cortex-a7-neon.patch

@@ -0,0 +1,23 @@
+From fee674d5a5c7cc847d7e1925ddf41eea89d915c4 Mon Sep 17 00:00:00 2001
+From: Moritz Warning <moritzwarning@web.de>
+Date: Mon, 4 Jul 2022 00:10:52 +0200
+Subject: [PATCH 3/5] fix compilation for arm_cortex-a7+neon
+
+Fixes "error: 'vrbitq_u8' was not declared in this scope"
+
+Signed-off-by: Rosen Penev <rosenp@gmail.com>
+---
+ node/Constants.hpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/node/Constants.hpp
++++ b/node/Constants.hpp
+@@ -123,7 +123,7 @@
+ #include <immintrin.h>
+ #endif
+ 
+-#if (defined(__ARM_NEON) || defined(__ARM_NEON__) || defined(ZT_ARCH_ARM_HAS_NEON))
++#if (defined(__aarch64__) || defined(ZT_ARCH_ARM_HAS_NEON))
+ #if (defined(__APPLE__) && !defined(__LP64__)) || (defined(__ANDROID__) && defined(__arm__))
+ #ifdef ZT_ARCH_ARM_HAS_NEON
+ #undef ZT_ARCH_ARM_HAS_NEON

zerotier/patches/0004-add-missing-libatomic.patch

@@ -0,0 +1,21 @@
+From f8b4c4a045a9711c316a5c48b238c24cc0948da1 Mon Sep 17 00:00:00 2001
+From: Moritz Warning <moritzwarning@web.de>
+Date: Mon, 6 May 2024 22:35:41 +0200
+Subject: [PATCH 4/5] add missing libatomic
+
+Signed-off-by: Moritz Warning <moritzwarning@web.de>
+---
+ make-linux.mk | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/make-linux.mk
++++ b/make-linux.mk
+@@ -11,7 +11,7 @@ endif
+ 
+ INCLUDES?=-Irustybits/target -isystem ext -Iext/prometheus-cpp-lite-1.0/core/include -Iext-prometheus-cpp-lite-1.0/3rdparty/http-client-lite/include -Iext/prometheus-cpp-lite-1.0/simpleapi/include
+ DEFS?=
+-LDLIBS?=
++LDLIBS?=-latomic
+ DESTDIR?=
+ EXTRA_DEPS?=
+ 

zerotier/patches/0005-remove-noexecstack.patch

@@ -0,0 +1,21 @@
+From 2a5a279ac0192bc444cd1c3059169f576817d8b9 Mon Sep 17 00:00:00 2001
+From: Moritz Warning <moritzwarning@web.de>
+Date: Mon, 28 Aug 2023 09:48:28 +0200
+Subject: [PATCH 5/5] remove noexecstack
+
+The compilers for arm_cortex-a9 do not recognize this argument.
+---
+ make-linux.mk | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/make-linux.mk
++++ b/make-linux.mk
+@@ -364,7 +364,7 @@ endif
+ #override CXXFLAGS+=-fPIC -fPIE
+ 
+ # Non-executable stack
+-override LDFLAGS+=-Wl,-z,noexecstack
++# override LDFLAGS+=-Wl,-z,noexecstack
+ 
+ .PHONY: all
+ all:	one