Add libsodium + dnscrypt-proxylilik-openwrt-22.03
@ -0,0 +1,64 @@ | |||
# | |||
# Copyright (C) 2009-2014 OpenWrt.org | |||
# | |||
# This is free software, licensed under the GNU General Public License v2. | |||
# See /LICENSE for more information. | |||
# | |||
include $(TOPDIR)/rules.mk | |||
PKG_NAME:=libsodium | |||
PKG_VERSION:=0.7.0 | |||
PKG_RELEASE:=1 | |||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) | |||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz | |||
PKG_SOURCE_URL:=https://download.libsodium.org/libsodium/releases | |||
PKG_MD5SUM:=b9029bf810c4b5a8acc3afec1286a36a | |||
PKG_CAT:=zcat | |||
PKG_FIXUP:=libtool autoreconf | |||
PKG_USE_MIPS16:=0 | |||
PKG_INSTALL:=1 | |||
PKG_MAINTAINER:=Damiano Renfer <damiano.renfer@gmail.com> | |||
PKG_LICENSE:=ISC | |||
include $(INCLUDE_DIR)/package.mk | |||
define Package/libsodium | |||
SECTION:=libs | |||
CATEGORY:=Libraries | |||
DEFAULT:=y | |||
TITLE:=P(ortable|ackageable) NaCl-based crypto library | |||
URL:=https://github.com/jedisct1/libsodium | |||
MAINTAINER:=Damiano Renfer <damiano.renfer@gmail.com> | |||
endef | |||
define Package/libsodium/description | |||
NaCl (pronounced "salt") is a new easy-to-use high-speed software library for network communication, encryption, decryption, signatures, etc. | |||
NaCl's goal is to provide all of the core operations needed to build higher-level cryptographic tools. | |||
Sodium is a portable, cross-compilable, installable, packageable fork of NaCl (based on the latest released upstream version nacl-20110221), with a compatible API. | |||
The design choices, particularly in regard to the Curve25519 Diffie-Hellman function, emphasize security (whereas NIST curves emphasize "performance" at the cost of security), and "magic constants" in NaCl/Sodium have clear rationales. | |||
The same cannot be said of NIST curves, where the specific origins of certain constants are not described by the standards. | |||
And despite the emphasis on higher security, primitives are faster across-the-board than most implementations of the NIST standards. | |||
endef | |||
define Build/Configure | |||
$(call Build/Configure/Default, --disable-ssp) | |||
endef | |||
define Build/InstallDev | |||
$(INSTALL_DIR) $(1)/usr/include/sodium | |||
$(CP) $(PKG_INSTALL_DIR)/usr/include/sodium.h $(1)/usr/include | |||
$(CP) $(PKG_INSTALL_DIR)/usr/include/sodium/*.h $(1)/usr/include/sodium | |||
$(INSTALL_DIR) $(1)/usr/lib | |||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libsodium.{a,so*} $(1)/usr/lib | |||
endef | |||
define Package/libsodium/install | |||
$(INSTALL_DIR) $(1)/usr/lib | |||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libsodium.so.* $(1)/usr/lib/ | |||
endef | |||
$(eval $(call BuildPackage,libsodium)) |
@ -0,0 +1,121 @@ | |||
# | |||
# Copyright (C) 2009-2014 OpenWrt.org | |||
# | |||
# This is free software, licensed under the GNU General Public License v2. | |||
# See /LICENSE for more information. | |||
# | |||
include $(TOPDIR)/rules.mk | |||
PKG_NAME:=dnscrypt-proxy | |||
PKG_VERSION:=1.4.0 | |||
PKG_RELEASE:=1 | |||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) | |||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz | |||
PKG_SOURCE_URL:=http://download.dnscrypt.org/dnscrypt-proxy | |||
PKG_MD5SUM:=c31d14d8de2123e9f2ddf26216577841 | |||
PKG_CAT:=zcat | |||
PKG_FIXUP:=autoreconf | |||
PKG_INSTALL:=1 | |||
PKG_MAINTAINER:=Damiano Renfer <damiano.renfer@gmail.com> | |||
PKG_LICENSE:=ISC | |||
include $(INCLUDE_DIR)/package.mk | |||
define Package/dnscrypt-proxy/Default | |||
SECTION:=net | |||
CATEGORY:=Network | |||
SUBMENU:=IP Addresses and Names | |||
DEPENDS:=+libsodium | |||
URL:=http://dnscrypt.org/ | |||
MAINTAINER:=Damiano Renfer <damiano.renfer@gmail.com> | |||
endef | |||
define Package/dnscrypt-proxy | |||
$(call Package/dnscrypt-proxy/Default) | |||
TITLE:=A tool for securing communications between a client and a DNS resolver | |||
endef | |||
define Package/dnscrypt-proxy/description | |||
dnscrypt-proxy provides local service which can be used directly as your | |||
local resolver or as a DNS forwarder, encrypting and authenticating requests | |||
using the DNSCrypt protocol and passing them to an upstream server. | |||
The DNSCrypt protocol uses high-speed high-security elliptic-curve cryptography | |||
and is very similar to DNSCurve, but focuses on securing communications between | |||
a client and its first-level resolver. | |||
endef | |||
define Package/hostip | |||
$(call Package/dnscrypt-proxy/Default) | |||
TITLE:=Resolver to IPv4 or IPv6 addresses | |||
endef | |||
define Package/hostip/description | |||
The DNSCrypt proxy ships with a simple tool named hostip that resolves a name | |||
to IPv4 or IPv6 addresses. | |||
endef | |||
define Build/Configure | |||
$(call Build/Configure/Default, \ | |||
--prefix=/usr \ | |||
--disable-ssp \ | |||
) | |||
endef | |||
TARGET_CFLAGS += \ | |||
-fomit-frame-pointer \ | |||
-fdata-sections \ | |||
-ffunction-sections | |||
TARGET_LDFLAGS += \ | |||
-Wl,-gc-sections | |||
MAKE_FLAGS += \ | |||
CFLAGS="$(TARGET_CFLAGS)" \ | |||
LDFLAGS="$(TARGET_LDFLAGS)" | |||
define Package/dnscrypt-proxy/install | |||
$(INSTALL_DIR) $(1)/usr/sbin | |||
$(CP) $(PKG_INSTALL_DIR)/usr/sbin/dnscrypt-proxy $(1)/usr/sbin/ | |||
$(INSTALL_DIR) $(1)/usr/share/dnscrypt-proxy | |||
$(CP) $(PKG_INSTALL_DIR)/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv $(1)/usr/share/dnscrypt-proxy/ | |||
$(INSTALL_DIR) $(1)/etc/init.d | |||
$(INSTALL_BIN) ./files/dnscrypt-proxy.init $(1)/etc/init.d/dnscrypt-proxy | |||
$(INSTALL_DIR) $(1)/etc/config | |||
$(INSTALL_CONF) ./files/dnscrypt-proxy.config $(1)/etc/config/dnscrypt-proxy | |||
endef | |||
define Package/dnscrypt-proxy/postinst | |||
#!/bin/sh | |||
# check if we are on real system | |||
if [ -z "$${IPKG_INSTROOT}" ]; then | |||
echo "Enabling rc.d symlink for dnscrypt-proxy" | |||
/etc/init.d/dnscrypt-proxy enable | |||
fi | |||
exit 0 | |||
endef | |||
define Package/dnscrypt-proxy/prerm | |||
#!/bin/sh | |||
# check if we are on real system | |||
if [ -z "$${IPKG_INSTROOT}" ]; then | |||
echo "Removing rc.d symlink for dnscrypt-proxy" | |||
/etc/init.d/dnscrypt-proxy disable | |||
fi | |||
exit 0 | |||
endef | |||
define Package/dnscrypt-proxy/conffiles | |||
/etc/config/dnscrypt-proxy | |||
endef | |||
define Package/hostip/install | |||
$(INSTALL_DIR) $(1)/usr/bin | |||
$(CP) $(PKG_INSTALL_DIR)/usr/bin/hostip $(1)/usr/bin/ | |||
endef | |||
$(eval $(call BuildPackage,dnscrypt-proxy)) | |||
$(eval $(call BuildPackage,hostip)) |
@ -0,0 +1,5 @@ | |||
config dnscrypt-proxy | |||
option address '127.0.0.1' | |||
option port '5353' | |||
# option resolver 'opendns' | |||
# option resolvers_list '/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv' |
@ -0,0 +1,27 @@ | |||
#!/bin/sh /etc/rc.common | |||
START=50 | |||
start_instance () { | |||
local section="$1" | |||
config_get address "$section" 'address' | |||
config_get port "$section" 'port' | |||
config_get resolver "$section" 'resolver' | |||
config_get resolvers_list "$section" 'resolvers_list' | |||
service_start /usr/sbin/dnscrypt-proxy -d \ | |||
-a ${address}:${port} \ | |||
-u nobody \ | |||
-L ${resolvers_list:-'/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv'} \ | |||
-R ${resolver:-'opendns'} | |||
} | |||
start() { | |||
config_load 'dnscrypt-proxy' | |||
config_foreach start_instance 'dnscrypt-proxy' | |||
} | |||
stop() { | |||
service_stop /usr/sbin/dnscrypt-proxy | |||
} | |||