Merge pull request #857 from MilesPoupart/zerotier-update

zerotier: referesh patches and merge other upstream changes

net/zerotier/Makefile

@@ -71,6 +71,7 @@ define Package/zerotier/install
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/zerotier-one $(1)/usr/bin/
 	$(LN) zerotier-one $(1)/usr/bin/zerotier-cli
 	$(LN) zerotier-one $(1)/usr/bin/zerotier-idtool
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
 
 ifeq ($(CONFIG_ZEROTIER_ENABLE_SELFTEST),y)
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/zerotier-selftest $(1)/usr/bin/

net/zerotier/files/etc/config/zerotier

@@ -1,20 +1,39 @@
 
-config zerotier sample_config
+config zerotier 'global'
+	# Sets whether ZeroTier is enabled or not
 	option enabled 0
-
+	# Sets the ZeroTier listening port (default 9993; set to 0 for random)
-	# persistent configuration folder (for ZT controller mode)
+	#option port '9993'
+	# Client secret (leave blank to generate a secret on first run)
+	option secret ''
+	# Path of the optional file local.conf (see documentation at
+	# https://docs.zerotier.com/config#local-configuration-options)
+	#option local_conf_path '/etc/zerotier.conf'
+	# Persistent configuration directory (to perform other configurations such
+	# as controller mode or moons, etc.)
 	#option config_path '/etc/zerotier'
-	# copy <config_path> to RAM to prevent writing to flash (for ZT controller mode)
+	# Copy the contents of the persistent configuration directory to memory
+	# instead of linking it, this avoids writing to flash
 	#option copy_config_path '1'
 
-	#option port '9993'
+# Network configuration, you can have as many configurations as networks you
+# want to join (the network name is optional)
+config network 'earth'
+	# Identifier of the network you wish to join
+	option id '8056c2e21c000001'
+	# Network configuration parameters (all are optional, if not indicated the
+	# default values are set, see documentation at
+	# https://docs.zerotier.com/config/#network-specific-configuration)
+	option allow_managed '1'
+	option allow_global '0'
+	option allow_default '0'
+	option allow_dns '0'
 
-	# path to the local.conf
+# Example of a second network (unnamed as it is optional)
-	#option local_conf '/etc/zerotier.conf'
+#config network
+#	option id '1234567890123456'
+#	option allow_managed '1'
+#	option allow_global '0'
+#	option allow_default '0'
+#	option allow_dns '0'
 
-	# Generate secret on first start
-	option secret ''
-
-	# Join a public network called Earth
-	list join '8056c2e21c000001'
-	#list join '<other_network>'

net/zerotier/files/etc/init.d/zerotier

@@ -7,117 +7,95 @@ USE_PROCD=1
 PROG=/usr/bin/zerotier-one
 CONFIG_PATH=/var/lib/zerotier-one
 
-section_enabled() {
+join_network() {
-	config_get_bool enabled "$1" 'enabled' 0
+	local section="${1}"
-	[ $enabled -ne 0 ]
+	local id allow_managed allow_global allow_default allow_dns
+
+	config_get id "${section}" 'id'
+	config_get_bool allow_managed "${section}" 'allow_managed' 1
+	config_get_bool allow_global "${section}" 'allow_global' 0
+	config_get_bool allow_default "${section}" 'allow_default' 0
+	config_get_bool allow_dns "${section}" 'allow_dns' 0
+
+	if [ -n "${id}" ]; then
+		# an (empty) config file will cause ZT to join a network
+		touch "${CONFIG_PATH}"/networks.d/"${id}".conf
+		echo "allowManaged=${allow_managed}" > "${CONFIG_PATH}"/networks.d/"${id}".local.conf
+		echo "allowGlobal=${allow_global}" >> "${CONFIG_PATH}"/networks.d/"${id}".local.conf
+		echo "allowDefault=${allow_default}" >> "${CONFIG_PATH}"/networks.d/"${id}".local.conf
+		echo "allowDNS=${allow_dns}" >> "${CONFIG_PATH}"/networks.d/"${id}".local.conf
+	fi
 }
 
-start_instance() {
+start_service() {
-	local cfg="$1"
+	config_load zerotier
-	local port secret config_path local_conf copy_config_path path
+	local enabled port secret local_conf_path config_path copy_config_path
 	local args=""
 
-	if ! section_enabled "$cfg"; then
+	config_get_bool enabled 'global' 'enabled' 0
+	config_get port 'global' 'port'
+	config_get secret 'global' 'secret'
+	config_get local_conf_path 'global' 'local_conf_path'
+	config_get config_path 'global' 'config_path'
+	config_get_bool copy_config_path 'global' 'copy_config_path' 0
+
+	if [ ${enabled} -eq 0 ]; then
 		echo "disabled in /etc/config/zerotier"
-		return 1
+		return
 	fi
 
-	config_get config_path $cfg 'config_path'
-	config_get port $cfg 'port'
-	config_get secret $cfg 'secret'
-	config_get local_conf $cfg 'local_conf'
-	config_get_bool copy_config_path $cfg 'copy_config_path' 0
-
-	path=${CONFIG_PATH}_$cfg
-
 	# Remove existing link or folder
-	rm -rf $path
+	rm -rf "${CONFIG_PATH}"
 
-	# Create link or copy files from CONFIG_PATH to config_path
+	# Create link or copy files from config_path to CONFIG_PATH
-	if [ -n "$config_path" -a "$config_path" != "$path" ]; then
+	if [ -n "${config_path}" ]; then
-		# Create the config path to init and persist
+		if [ ! -d "${config_path}" ]; then
-		if [ ! -d "$config_path" ]; then
+			echo "ZeroTier config_path does not exist: ${config_path}" 1>&2
-			echo "ZeroTier config_path does not exist: $config_path, create..."
+			return
-			mkdir -p $config_path
 		fi
 
-		# ensure that the target exists
+		if [ ${copy_config_path} -eq 1 ]; then
-		mkdir -p $(dirname $path)
+			cp -r "${config_path}" "${CONFIG_PATH}"
-
-		if [ "$copy_config_path" = "1" ]; then
-			cp -r $config_path $path
 		else
-			ln -s $config_path $path
+			ln -s "${config_path}" "${CONFIG_PATH}"
 		fi
 	fi
 
-	mkdir -p $path/networks.d
+	mkdir -p "${CONFIG_PATH}"/networks.d
+	config_foreach join_network network
 
-	# link latest default config path to latest config path
+	if [ -f "${local_conf_path}" ]; then
-	rm -f $CONFIG_PATH
+		ln -s "${local_conf_path}" "${CONFIG_PATH}"/local.conf
-	ln -s $path $CONFIG_PATH
-
-	if [ -n "$port" ]; then
-		args="$args -p${port}"
 	fi
 
-	if [ -z "$secret" -a ! -f $path/identity.secret ]; then
+	if [ -n "${port}" ]; then
-		echo "Generate secret - please wait..."
+		args="${args} -p${port}"
-		local sf="/tmp/zt.$cfg.secret"
+	fi
 
-		zerotier-idtool generate "$sf" > /dev/null
+	if [ -z "${secret}" ]; then
-		[ $? -ne 0 ] && return 1
+		echo -n "Generating secret - please wait... "
-
+		secret="$(zerotier-idtool generate)"
-		secret="$(cat $sf)"
+		[ ${?} -ne 0 ] && return 1
-		rm "$sf"
+		uci set zerotier.global.secret="${secret}"
-
-		uci set zerotier.$cfg.secret="$secret"
 		uci commit zerotier
+		echo "done."
 	fi
 
-	if [ -n "$secret" ]; then
+	if [ -n "${secret}" ]; then
-		echo "$secret" > $path/identity.secret
+		echo "${secret}" > "${CONFIG_PATH}"/identity.secret
 		# make sure there is not previous identity.public
-		rm -f $path/identity.public
+		rm -f "${CONFIG_PATH}"/identity.public
 	fi
 
-	if [ -f "$local_conf" ]; then
-		ln -s "$local_conf" $path/local.conf
-	fi
-
-	add_join() {
-		# an (empty) config file will cause ZT to join a network
-		touch $path/networks.d/$1.conf
-	}
-
-	config_list_foreach $cfg 'join' add_join
-
 	procd_open_instance
-	procd_set_param command $PROG $args $path
+	procd_set_param command ${PROG} ${args}
 	procd_set_param stderr 1
 	procd_set_param respawn
 	procd_close_instance
 }
 
-start_service() {
-	config_load 'zerotier'
-	config_foreach start_instance 'zerotier'
-}
-
-stop_instance() {
-	local cfg="$1"
-
-	# Remove existing networks
-	rm -f ${CONFIG_PATH}_${cfg}/networks.d/*.conf
-
-	# Remove existing link or folder
-	rm -rf ${CONFIG_PATH}_${cfg}
-}
-
 stop_service() {
-	config_load 'zerotier'
+	rm -rf "${CONFIG_PATH}"
-	config_foreach stop_instance 'zerotier'
-	rm -f ${CONFIG_PATH}
 }
 
 reload_service() {

net/zerotier/files/etc/uci-defaults/80-zt-migration

@@ -0,0 +1,19 @@
+# Convert the join list into networks
+nets=$(uci -q get zerotier.@zerotier[0].join)
+
+if [ -n "$nets" ]; then
+  for net in ${nets}; do
+    sid=$(uci add zerotier network)
+    uci set zerotier.${sid}.id=${net}
+  done
+  uci delete zerotier.@zerotier[0].join
+
+  # Rename local conf (only if defined)
+  uci -q rename zerotier.@zerotier[0].local_conf='local_conf_path' || true
+
+  # Rename configuration to global
+  uci rename zerotier.@zerotier[0]='global'
+
+  # Commit all changes
+  uci commit zerotier
+fi

net/zerotier/patches/0001-fix-miniupnpc-natpmp-include-path.patch

@@ -1,9 +1,8 @@
-From f53004bd22365900a1dbb120dae62ce8b614d31d Mon Sep 17 00:00:00 2001
+From ec02787ae7c5b6e906ab50bcebcd676d4219c812 Mon Sep 17 00:00:00 2001
 From: Moritz Warning <moritzwarning@web.de>
-Date: Mon, 6 May 2024 22:31:57 +0200
+Date: Tue, 17 Sep 2024 14:17:08 +0200
-Subject: [PATCH 1/5] fix miniupnpc/natpmp include paths
+Subject: [PATCH 1/5] fix miniupnpc natpmp include path
 
-Signed-off-by: Moritz Warning <moritzwarning@web.de>
 ---
  make-linux.mk | 6 +++---
  1 file changed, 3 insertions(+), 3 deletions(-)

net/zerotier/patches/0002-remove-PIE-options.patch

@@ -1,24 +1,14 @@
-From c10b5ed4c6c44e36178b0a5a82da9e8eaa957008 Mon Sep 17 00:00:00 2001
+From 81a632c99b581790344729ad327eb473c4c05260 Mon Sep 17 00:00:00 2001
 From: Moritz Warning <moritzwarning@web.de>
-Date: Mon, 6 May 2024 22:34:15 +0200
+Date: Tue, 17 Sep 2024 15:36:36 +0200
 Subject: [PATCH 2/5] remove PIE options
 
-Signed-off-by: Moritz Warning <moritzwarning@web.de>
 ---
- make-linux.mk | 8 ++++----
+ make-linux.mk | 6 +++---
- 1 file changed, 4 insertions(+), 4 deletions(-)
+ 1 file changed, 3 insertions(+), 3 deletions(-)
 
 --- a/make-linux.mk
 +++ b/make-linux.mk
-@@ -71,7 +71,7 @@ else
- 	override CFLAGS+=-Wall -Wno-deprecated -pthread $(INCLUDES) -DNDEBUG $(DEFS)
- 	CXXFLAGS?=-O3 -fstack-protector
- 	override CXXFLAGS+=-Wall -Wno-deprecated -std=c++17 -pthread $(INCLUDES) -DNDEBUG $(DEFS)
--	LDFLAGS?=-pie -Wl,-z,relro,-z,now
-+	LDFLAGS?=-Wl,-z,relro,-z,now
- 	ZT_CARGO_FLAGS=--release
- endif
- 
 @@ -333,7 +333,7 @@ ifeq ($(ZT_CONTROLLER),1)
  endif
  

net/zerotier/patches/0003-fix-compilation-for-arm_cortex-a7-neon.patch

@@ -1,11 +1,8 @@
-From fee674d5a5c7cc847d7e1925ddf41eea89d915c4 Mon Sep 17 00:00:00 2001
+From 71ed5b791fb0f7bfe1f564726fdc979b71313fbe Mon Sep 17 00:00:00 2001
 From: Moritz Warning <moritzwarning@web.de>
-Date: Mon, 4 Jul 2022 00:10:52 +0200
+Date: Tue, 17 Sep 2024 15:38:01 +0200
-Subject: [PATCH 3/5] fix compilation for arm_cortex-a7+neon
+Subject: [PATCH 3/5] fix compilation for arm_cortex a7 neon
 
-Fixes "error: 'vrbitq_u8' was not declared in this scope"
-
-Signed-off-by: Rosen Penev <rosenp@gmail.com>
 ---
  node/Constants.hpp | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

net/zerotier/patches/0004-add-missing-libatomic.patch

@@ -1,9 +1,8 @@
-From f8b4c4a045a9711c316a5c48b238c24cc0948da1 Mon Sep 17 00:00:00 2001
+From d6197554b3f52ee9d8d81374141aa82014b4fc7b Mon Sep 17 00:00:00 2001
 From: Moritz Warning <moritzwarning@web.de>
-Date: Mon, 6 May 2024 22:35:41 +0200
+Date: Tue, 17 Sep 2024 15:38:34 +0200
 Subject: [PATCH 4/5] add missing libatomic
 
-Signed-off-by: Moritz Warning <moritzwarning@web.de>
 ---
  make-linux.mk | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

net/zerotier/patches/0005-remove-noexecstack.patch

@@ -1,9 +1,8 @@
-From 2a5a279ac0192bc444cd1c3059169f576817d8b9 Mon Sep 17 00:00:00 2001
+From 8e89af98ac00b1c9c019865faca7479fa0de6084 Mon Sep 17 00:00:00 2001
 From: Moritz Warning <moritzwarning@web.de>
-Date: Mon, 28 Aug 2023 09:48:28 +0200
+Date: Tue, 17 Sep 2024 21:26:08 +0200
 Subject: [PATCH 5/5] remove noexecstack
 
-The compilers for arm_cortex-a9 do not recognize this argument.
 ---
  make-linux.mk | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
@@ -15,7 +14,7 @@ The compilers for arm_cortex-a9 do not recognize this argument.
  
  # Non-executable stack
 -override LDFLAGS+=-Wl,-z,noexecstack
-+# override LDFLAGS+=-Wl,-z,noexecstack
++#override LDFLAGS+=-Wl,-z,noexecstack
  
  .PHONY: all
  all:	one