babeld: bump to version 1.11

30 March 2022: babeld-1.11

  * Implemented MAC authentication (RFC 8967).  Thanks to Clara Dô,
    Weronika Kołodziejak and Antonin Décimo.
  * Changed the interface of the add_filter function in order to simplify
    integration in OpenWRT.  Thanks to Nick Hainke.

Detailed List:
7c053fe Export add_filters and simplify interface.
91c44f8 Rename blake2s to blake2s128.
dda8d63 Update CHANGES.
43a0066 Allow Blake2s keys up to 32 bytes.
375ea5f Rename interface option hmac to key.
1b9abc4 Replace hmac-verify with accept-bad-signatures.
3777eb4 Ignore .gitmodules when releasing an archive.
3551b45 Simplify and fix preparse phase.
ba8f116 Add rate limitations for challenges.
6d44238 Show PC number.
ceda3a0 Expire Index and challenge timer.
d66a4d2 Ignore a Challenge Request received on multicast.
024c17a Fix confusion between INDEX_LEN and NONCE_LEN when sending PC TLV.
ceb021f Fix double-free in error path.
1e08aed Change no_hmac_verify to hmac-verify.
c7ad387 Use 'hmac-sha256' and not 'sha256'.
5a15957 Fix nodes incorrectly rejecting packets.
af02039 Append a PC message if Babel-MAC is enabled.
46fc7da Follow the spec closely for the preparse phase.
87f39d0 Rename MAC functions and constants to match the spec.
02b14e3 Helpful error messages in key configuration.
d763f3e Error if configured key can't be found.
3cb0ab7 Use RFC3542 for IPv6 on macOS.
69df1cb Use _GNU_SOURCE instead of __USE_GNU.
ef3a113 Don't copy nonce, suppress VLA.
c243769 Move key validation in parse_key.
b06b2fc Constify source argument of fromhex.
9529941 Use AUTH_TYPE_NONE consistently.
d922b64 Document the HMAC options in manual page.
0c4afc2 Only allow keys configured on a given interface.
7de6715 Create neighbour after checking HMAC.
ecd1f42 Fix typo in compare_hmac.
9a5de34 Fix HMAC-SHA-256 computation.
f1051fd Fix constants to be consistent with SHA-256.
9688b68 Fix memory leaks in error-handling paths in configuration parser.
4d8a831 Fix some more (read-only) buffer overflows.
ebda926 Fix potential memory leaks.
d53fec0 Use AUTH_TYPE_* consistently.
a1afd51 Add no_hmac_verify flag.
b4e28f2 Fix ordering of fields in pseudo-header.
c8ace8b Use IANA-assigned TLV numbers.
739f76a Implement HMAC authentication.
e3adf47 Compile with SHA-256 and Blake2s.
ca0a512 Add SHA-2 and Blake2 submodules.
756783e Untabify

Remove upstreamed patches:
- 000-export-add-filters-and-simplify-interface.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit dbff012a2ff5b8a75f3f5e9d3ccd72ee5c91b575)

diff --git a/babeld/Makefile b/babeld/Makefile
index 056ce43d5ddb461ba94e51a5b18ffac0ef971468..ca1f3db65b0a237897d4cb196ca194a6891a8781 100644 (file)
--- a/babeld/Makefile
+++ b/babeld/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=babeld
-PKG_VERSION:=1.10
+PKG_VERSION:=1.11
 PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://www.irif.fr/~jch/software/files/
-PKG_HASH:=a5f54a08322640e97399bf4d1411a34319e6e277fbb6fc4966f38a17d72a8dea
+PKG_HASH:=99315aeaf2ea207f177c16855ffa34fc354af1b5988c070e0f2fca3a0d4d0fa5
 
 PKG_MAINTAINER:=Gabriel Kerneis <gabriel@kerneis.info>, \
        Baptiste Jonglez <openwrt-pkg@bitsofnetworks.org>, \

diff --git a/babeld/patches/000-export-add-filters-and-simplify-interface.patch b/babeld/patches/000-export-add-filters-and-simplify-interface.patch
deleted file mode 100644 (file)
index 90bee74..0000000
--- a/babeld/patches/000-export-add-filters-and-simplify-interface.patch
+++ /dev/null
@@ -1,116 +0,0 @@
-From 7c053fe7584b7b4fe4effc09624ae620304d6717 Mon Sep 17 00:00:00 2001
-From: Juliusz Chroboczek <jch@irif.fr>
-Date: Tue, 29 Mar 2022 19:26:50 +0200
-Subject: [PATCH] Export add_filters and simplify interface.
-
----
- configuration.c | 32 +++++++++++++++++++++++++-------
- configuration.h |  6 ++++++
- 2 files changed, 31 insertions(+), 7 deletions(-)
-
---- a/configuration.c
-+++ b/configuration.c
-@@ -693,9 +693,26 @@ parse_ifconf(int c, gnc_t gnc, void *clo
-     return -2;
- }
- 
--static void
--add_filter(struct filter *filter, struct filter **filters)
-+int
-+add_filter(struct filter *filter, int type)
- {
-+    struct filter **filters;
-+    switch(type) {
-+    case FILTER_TYPE_INPUT:
-+        filters = &input_filters;
-+        break;
-+    case FILTER_TYPE_OUTPUT:
-+        filters = &output_filters;
-+        break;
-+    case FILTER_TYPE_REDISTRIBUTE:
-+        filters = &redistribute_filters;
-+        break;
-+    case FILTER_TYPE_INSTALL:
-+        filters = &install_filters;
-+        break;
-+    default:
-+        return -1;
-+    }
-     if(*filters == NULL) {
-         filter->next = NULL;
-         *filters = filter;
-@@ -707,6 +724,7 @@ add_filter(struct filter *filter, struct
-         filter->next = NULL;
-         f->next = filter;
-     }
-+    return 1;
- }
- 
- static void
-@@ -1012,7 +1030,7 @@ parse_config_line(int c, gnc_t gnc, void
-         c = parse_filter(c, gnc, closure, &filter);
-         if(c < -1)
-             goto fail;
--        add_filter(filter, &input_filters);
-+        add_filter(filter, FILTER_TYPE_INPUT);
-     } else if(strcmp(token, "out") == 0) {
-         struct filter *filter;
-         if(config_finalised)
-@@ -1020,7 +1038,7 @@ parse_config_line(int c, gnc_t gnc, void
-         c = parse_filter(c, gnc, closure, &filter);
-         if(c < -1)
-             goto fail;
--        add_filter(filter, &output_filters);
-+        add_filter(filter, FILTER_TYPE_OUTPUT);
-     } else if(strcmp(token, "redistribute") == 0) {
-         struct filter *filter;
-         if(config_finalised)
-@@ -1028,7 +1046,7 @@ parse_config_line(int c, gnc_t gnc, void
-         c = parse_filter(c, gnc, closure, &filter);
-         if(c < -1)
-             goto fail;
--        add_filter(filter, &redistribute_filters);
-+        add_filter(filter, FILTER_TYPE_REDISTRIBUTE);
-     } else if(strcmp(token, "install") == 0) {
-         struct filter *filter;
-         if(config_finalised)
-@@ -1036,7 +1054,7 @@ parse_config_line(int c, gnc_t gnc, void
-         c = parse_filter(c, gnc, closure, &filter);
-         if(c < -1)
-             goto fail;
--        add_filter(filter, &install_filters);
-+        add_filter(filter, FILTER_TYPE_INSTALL);
-     } else if(strcmp(token, "interface") == 0) {
-         struct interface_conf *if_conf;
-         c = parse_ifconf(c, gnc, closure, &if_conf);
-@@ -1360,7 +1378,7 @@ finalise_config()
-     filter->proto = RTPROT_BABEL_LOCAL;
-     filter->plen_le = 128;
-     filter->src_plen_le = 128;
--    add_filter(filter, &redistribute_filters);
-+    add_filter(filter, FILTER_TYPE_REDISTRIBUTE);
- 
-     while(interface_confs) {
-         struct interface_conf *if_conf;
---- a/configuration.h
-+++ b/configuration.h
-@@ -29,6 +29,11 @@ THE SOFTWARE.
- #define CONFIG_ACTION_UNMONITOR 4
- #define CONFIG_ACTION_NO 5
- 
-+#define FILTER_TYPE_INPUT 0
-+#define FILTER_TYPE_OUTPUT 1
-+#define FILTER_TYPE_REDISTRIBUTE 2
-+#define FILTER_TYPE_INSTALL 3
-+
- struct filter_result {
-     unsigned int add_metric; /* allow = 0, deny = INF, metric = <0..INF> */
-     unsigned char *src_prefix;
-@@ -60,6 +65,7 @@ void flush_ifconf(struct interface_conf
- 
- int parse_config_from_file(const char *filename, int *line_return);
- int parse_config_from_string(char *string, int n, const char **message_return);
-+int add_filter(struct filter *filter, int type);
- void renumber_filters(void);
- 
- int input_filter(const unsigned char *id,

diff --git a/babeld/patches/600-add-ubus.patch b/babeld/patches/600-add-ubus.patch
index 351d55986ab2636d5653177521d63e3d1e4cd6cb..e285ecfb3d91fa3e4febde165e94d53dcc6b2a6b 100644 (file)
--- a/babeld/patches/600-add-ubus.patch
+++ b/babeld/patches/600-add-ubus.patch
@@ -28,7 +28,7 @@
              rc = select(maxfd + 1, &readfds, NULL, NULL, &tv);
              if(rc < 0) {
                  if(errno != EINTR) {
-@@ -680,6 +687,9 @@ main(int argc, char **argv)
+@@ -681,6 +688,9 @@ main(int argc, char **argv)
              i++;
          }
  
@@ -48,8 +48,8 @@
 +echo "#define BABELD_VERSION \"$version-ubus-mod\""
 --- a/configuration.c
 +++ b/configuration.c
-@@ -41,6 +41,8 @@ THE SOFTWARE.
- #include "kernel.h"
+@@ -42,6 +42,8 @@ THE SOFTWARE.
+ #include "hmac.h"
  #include "configuration.h"
  
 +#include "ubus.h"
@@ -57,7 +57,7 @@
  static struct filter *input_filters = NULL;
  static struct filter *output_filters = NULL;
  static struct filter *redistribute_filters = NULL;
-@@ -867,7 +869,8 @@ parse_option(int c, gnc_t gnc, void *clo
+@@ -1029,7 +1031,8 @@ parse_option(int c, gnc_t gnc, void *clo
                strcmp(token, "daemonise") == 0 ||
                strcmp(token, "skip-kernel-setup") == 0 ||
                strcmp(token, "ipv6-subtrees") == 0 ||
@@ -67,7 +67,7 @@
          int b;
          c = getbool(c, &b, gnc, closure);
          if(c < -1)
-@@ -885,6 +888,8 @@ parse_option(int c, gnc_t gnc, void *clo
+@@ -1047,6 +1050,8 @@ parse_option(int c, gnc_t gnc, void *clo
              has_ipv6_subtrees = b;
          else if(strcmp(token, "reflect-kernel-metric") == 0)
              reflect_kernel_metric = b;
@@ -116,16 +116,17 @@
  static void
 --- a/Makefile
 +++ b/Makefile
-@@ -10,10 +10,10 @@ CFLAGS = $(CDEBUGFLAGS) $(DEFINES) $(EXT
- LDLIBS = -lrt
+@@ -11,11 +11,11 @@ LDLIBS = -lrt
  
  SRCS = babeld.c net.c kernel.c util.c interface.c source.c neighbour.c \
--       route.c xroute.c message.c resend.c configuration.c local.c
-+       route.c xroute.c message.c resend.c configuration.c local.c ubus.c
+        route.c xroute.c message.c resend.c configuration.c local.c \
+-       hmac.c rfc6234/sha224-256.c BLAKE2/ref/blake2s-ref.c
++       hmac.c ubus.c rfc6234/sha224-256.c BLAKE2/ref/blake2s-ref.c
  
  OBJS = babeld.o net.o kernel.o util.o interface.o source.o neighbour.o \
--       route.o xroute.o message.o resend.o configuration.o local.o
-+       route.o xroute.o message.o resend.o configuration.o local.o ubus.o
+        route.o xroute.o message.o resend.o configuration.o local.o \
+-       hmac.o rfc6234/sha224-256.o BLAKE2/ref/blake2s-ref.o
++       hmac.o ubus.o rfc6234/sha224-256.o BLAKE2/ref/blake2s-ref.o
  
  babeld: $(OBJS)
        $(CC) $(CFLAGS) $(LDFLAGS) -o babeld $(OBJS) $(LDLIBS)