New upstream version 3.1.1

This commit is contained in:
billchenchina 2022-11-15 08:50:35 +08:00
parent 4e9934e5ec
commit e7b41df57b
229 changed files with 57000 additions and 12055 deletions

42
debian/README.Debian vendored
View file

@ -1,42 +0,0 @@
QUICKSTART
----------
To establish a VPN you need to run the edge binary on all the client computers
you want to participate. n2n has another binary called supernode which enables
the clients to talk to each other. Even a compromised supernode cannot sniff
the traffic or the passwords for clients that are connected to it so most users
will not need to bother with running their own but can simply rely on
publically available supernodes.
public n2n supernodes:
- bytemark.leggewie.org:1234 (sponsored by www.bytemark.co.uk)
- gandi.leggewie.org:1234 (sponsored by www.gandi.net)
- remoteqth.com:82
Go through the rest of the configuration file in /etc/default/n2n and run
"/etc/init.d/n2n start" as root when you are ready. Ping your local and a
remote address to test your network
For more info check http://www.ntop.org/n2n
SECURITY
--------
n2n was abandoned upstream many years ago. It is also a leaf package in use by
only a limited number of users. Therefore, users should take into account the
possibility of security vulnerabilities in the VPNs it creates. n2n is probably
not the best solution for you if you need a very high level of security for your
communications going over the VPN. Consider one of the alternatives like
freelan, another p2p VPN solution available in Debian and its derivatives.
That being said, n2n is still in use on an almost daily basis by the Debian
maintainer who is not aware of any exploits. He likes n2n for its availability
on a number of platforms including routers (OpenWRT, Freetz), low footprint,
simple configuration and independence from a trusted central relay.
TROUBLESHOOTING
---------------
This package depends on the kernel having the TUN/TAP driver configured in using
CONFIG_TUN=yes. Check "grep CONFIG_TUN /boot/config-*" for the kernel you want
to run.

71
debian/changelog vendored
View file

@ -1,71 +0,0 @@
n2n (1.3.1~svn3789-6) unstable; urgency=medium
* control:
- bump to Debian Standard 4.1.4
- add run-time dependency on lsb-base
- update git URIs
- change priority from extra to optional
- drop inactive co-maintainer
Thank you for your work. Welcome back anytime!
* copyright: update to 2018
* default: change default supernode to bytemark.leggewie.org
* init: merge two N2N_SUPERNODE* variables into one
* README:
- improve some botched wording
- add information about two new public supernodes
-- Rolf Leggewie <foss@rolf.leggewie.biz> Sun, 15 Apr 2018 15:03:20 +0800
n2n (1.3.1~svn3789-5) unstable; urgency=medium
* ship init script for controlling the n2n VPN. Closes: #742098
* make the README more userfriendly and relevant to ordinary users
* control: bump to Standard 3.9.6. No further changes.
-- Rolf Leggewie <foss@rolf.leggewie.biz> Sun, 26 Oct 2014 13:27:55 +0900
n2n (1.3.1~svn3789-4) unstable; urgency=low
* move the updated package from experimental to unstable now
* copyright: Update copyright information.
* control: Update to policy 3.9.4. No further changes.
-- Rolf Leggewie <foss@rolf.leggewie.biz> Wed, 29 May 2013 17:55:10 +0800
n2n (1.3.1~svn3789-3) experimental; urgency=low
* update build process from dh7 to dh9
* backport upstream-svn4235.patch to fix compile error
* patch Makefile to import $LDFLAGS and $CPPFLAGS into $CFLAGS
-- Rolf Leggewie <foss@rolf.leggewie.biz> Fri, 28 Dec 2012 03:09:08 +0100
n2n (1.3.1~svn3789-2) experimental; urgency=low
* debian/control:
- add myself to Uploaders
- add ${misc:Depends} to run-time dependencies
- add Homepage and VCS fields
- bump standards version to 3.9.3 (no further changes)
* debian/rules: radically simplify and rely on dh7 build intelligence
* debian/source/format: use DebSrc3 format
* debian/README.Debian: add information about public supernode
-- Rolf Leggewie <foss@rolf.leggewie.biz> Fri, 14 Dec 2012 13:01:40 +0100
n2n (1.3.1~svn3789-1) unstable; urgency=low
* Update package to version 1.3 from upstream cvs
* Removed "libc6-dev (>= 2.0)" build dependency (closes: Bug#533881)
* DH compatibility level is 7
* Run dh_prep instead of dh_clean -k
* Standards Version is 3.8.2
-- cristian paul peñaranda rojas <kristian.paul@gmail.com> Sun, 22 Jun 2009 21:19:58 -0500
n2n (1.2.2~svn3653) unstable; urgency=low
* Initial release (closes: Bug#507750)
-- cristian paul peñaranda rojas <kristian.paul@gmail.com> Sat, 29 Nov 2008 00:31:58 -0500

1
debian/compat vendored
View file

@ -1 +0,0 @@
9

18
debian/control vendored
View file

@ -1,18 +0,0 @@
Source: n2n
Section: net
Priority: optional
Maintainer: Rolf Leggewie <foss@rolf.leggewie.biz>
Build-Depends: debhelper (>= 9)
Standards-Version: 4.1.4
Homepage: http://www.ntop.org/products/n2n/
Vcs-Browser: https://github.com/leggewie-DM/n2n
Vcs-Git: https://github.com/leggewie-DM/n2n.git
Package: n2n
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends},
lsb-base (>= 3.0-6), net-tools
Description: Peer-to-Peer VPN network daemon
n2n is an open source VPN application which utilizes
a Peer-to-peer architecture for network membership
and routing.

112
debian/copyright vendored
View file

@ -1,112 +0,0 @@
This package was debianized by cristian paul peñaranda rojas
<kristian.paul@gmail.com> on Sat, 29 Nov 2008 00:31:58 -0500.
It was downloaded from https://svn.ntop.org/svn/ntop/trunk/n2n
The current Debian packaging is © 2008-2009 cristian paul peñaranda rojas
and © 2012-2018 Rolf Leggewie and is licensed under the GNU General
Public License (GPL) version 3. A copy of the GNU GPL version 3 can be
found in `/usr/share/common-licenses/GPL-3'.
The current Debian maintainer is cristian paul peñaranda rojas <kristian.paul@gmail.com>
with Rolf Leggewie <foss@rolf.leggewie.biz> as co-maintainer.
Upstream Author: Luca Deri deri@ntop.org
Copyright:
Copyright (C) 2008 Luca Deri
Copyright (C) 2008 Richard Andrews
License:
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License with
the Debian GNU/Linux distribution in file /usr/share/common-licenses/GPL;
if not, write to the Free Software Foundation, Inc., 51 Franklin St,
Fifth Floor, Boston, MA 02110-1301, USA.
On Debian systems, the complete text of the GNU General Public
License, version 3, can be found in /usr/share/common-licenses/GPL-3.
The Files:
twofish.c
twofish.h
Copyright (C) 1997-2000 The Cryptix Foundation Limited.
Copyright (C) 2000 Farm9.
Copyright (C) 2001 Frank Knobbe.
All rights reserved.
For Cryptix code:
Use, modification, copying and distribution of this software is subject
the terms and conditions of the Cryptix General Licence.
Cryptix General License
Copyright (c) 1995 -2005 The Cryptix Foundation Limited.
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
1. Redistributions of source code must retain the copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the
distribution.
THIS SOFTWARE IS PROVIDED BY THE CRYPTIX FOUNDATION LIMITED AND
CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE CRYPTIX FOUNDATION LIMITED OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
The Files:
minilzo.c
minilzo.h
lzodefs.h
Copyright (C) 1996 - 2005 Markus Franz Xaver Johannes Oberhumer
These files are part of the LZO real-time data compression library.
All Rights Reserved.
The LZO library is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
published by the Free Software Foundation; either version 2 of
the License, or (at your option) any later version.
The LZO library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with the LZO library; see the file COPYING.
If not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

28
debian/default vendored
View file

@ -1,28 +0,0 @@
# Config file for the n2n edge node daemon.
# Sets the n2n community name. All edges within the same community appear on
# the same LAN (layer 2 network segment). Community name is 16 bytes in length.
N2N_COMMUNITY="DEBIAN_n2n_Testers"
# Sets the twofish encryption key from ASCII text. All edges communicating must
# use the same key and community name.
N2N_KEY="SuperSecurePassword"
# Sets the n2n supernode IP address and port to register to.
N2N_SUPERNODE="bytemark.leggewie.org:1234"
#N2N_SUPERNODE="gandi.leggewie.org:1234"
#N2N_SUPERNODE="remoteqth.com:82"
# Sets the n2n virtual LAN IP address being claimed. This is a private IP
# address. All IP addresses in an n2n community typical belong to the same /24
# net work (ie. only the last octet of the IP addresses varies).
N2N_IP="10.1.2.3"
N2N_DAEMON_OPTS=""
# Uncomment this to get edge node started.
#N2N_EDGE_CONFIG_DONE="yes"
#TODO
# add routing option
# sudo ip route add 192.168.1.0/24 via 10.1.2.1

2
debian/dirs vendored
View file

@ -1,2 +0,0 @@
usr/bin
usr/sbin

1
debian/docs vendored
View file

@ -1 +0,0 @@
README

172
debian/init vendored
View file

@ -1,172 +0,0 @@
#!/bin/sh
### BEGIN INIT INFO
# Provides: n2n
# Required-Start: $network $remote_fs $local_fs
# Required-Stop: $remote_fs $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start or stop the n2n VPN
# Description: This script controls the n2n VPN service.
# It is called from the boot, halt and reboot scripts.
# So far, only 1 PVN is supported by this script.
# More can be started via the command line.
### END INIT INFO
#
# Author: Rolf Leggewie <foss@rolf.leggewie.biz>
set -e
# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC='n2n P2P VPN'
NAME=n2n
DAEMON=/usr/sbin/edge
DAEMON_ARGS="" # Arguments to run the daemon with
#PIDFILE=/var/run/$NAME-edge.pid
SCRIPTNAME=/etc/init.d/$NAME
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
# Check config
if [ -z "$N2N_EDGE_CONFIG_DONE" ]
then
echo "Warning: n2n VPN client is not configured, edit config file in /etc/default/$NAME." 1>&2
exit 0
fi
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
. /lib/lsb/init-functions
## Make sure /var/run/n2n exists.
#if [ ! -e /var/run/$NAME ] ; then
# mkdir -p /var/run/$NAME
# chown proxy:proxy /var/run/$NAME
# chmod 755 /var/run/$NAME
#fi
# Function that starts the daemon/service
#
do_start()
{
if [ -r /sys/class/net/edge0 ]; then
echo edge node is already running.
exit 0
fi
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
start-stop-daemon --start --quiet --user nobody --exec $DAEMON --test > /dev/null \
|| return 1
export N2N_KEY
start-stop-daemon --start --quiet --user nobody --exec $DAEMON -- \
-f -a $N2N_IP -c $N2N_COMMUNITY -l $N2N_SUPERNODE \
-u $(id -u nobody) -g $(id -g nobody) $DAEMON_ARGS \
|| return 2
}
#
# Function that stops the daemon/service
#
do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --user nobody --exec $DAEMON
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
# Wait for children to finish too if this is a daemon that forks
# and if the daemon is only ever run from this initscript.
# If the above conditions are not satisfied then add some other code
# that waits for the process to drop all resources that could be
# needed by services started subsequently. A last resort is to
# sleep for some time.
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
[ "$?" = 2 ] && return 2
# Many daemons don't delete their pidfiles when they exit.
rm -f $PIDFILE
return "$RETVAL"
}
#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
#
# If the daemon can reload its configuration without
# restarting (for example, when it is sent a SIGHUP),
# then implement that here.
#
start-stop-daemon --stop --signal 1 --quiet --name $NAME
return 0
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC " "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
status)
status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
;;
#reload|force-reload)
#
# If do_reload() is not implemented then leave this commented out
# and leave 'force-reload' as an alias for 'restart'.
#
#log_daemon_msg "Reloading $DESC" "$NAME"
#do_reload
#log_end_msg $?
#;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
N=/etc/init.d/$NAME
#echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac
exit 0

View file

@ -1,8 +0,0 @@
--- a/edge.8.old 2008-12-02 20:33:54.000000000 -0500
+++ b/edge.8 2008-12-02 20:34:13.000000000 -0500
@@ -1,4 +1,4 @@
-.TH edge 1 "Jan 3, 2009" "revision 3679" "SUPERUSER COMMANDS"
+.TH edge 8 "Jan 3, 2009" "revision 3679" "SUPERUSER COMMANDS"
.SH NAME
edge \- n2n edge node daemon
.SH SYNOPSIS

View file

@ -1,22 +0,0 @@
Description: Make the build reproducible
Author: Chris Lamb <lamby@debian.org>
Last-Update: 2016-08-08
X-Bug: https://bugs.debian.org/833819
Make the build reproducible:
https://wiki.debian.org/ReproducibleBuilds
--- n2n-1.3.1~svn3789.orig/Makefile
+++ n2n-1.3.1~svn3789/Makefile
@@ -57,7 +57,11 @@ $(N2N_LIB): $(N2N_OBJS)
version.c:
@echo $(N2N_VERSION) | sed -e 's/.*/const char * version = "&";/' > version.c
@uname -p | sed -e 's/.*/const char * osName = "&";/' >> version.c
+ifdef SOURCE_DATE_EPOCH
+ @LC_ALL=C date --utc --date="@$(SOURCE_DATE_EPOCH)" +"%D %r" | sed -e 's/.*/const char * buildDate = "&";/' >> version.c
+else
@date +"%D %r" | sed -e 's/.*/const char * buildDate = "&";/' >> version.c
+endif
clean:
rm -rf $(N2N_OBJS) $(N2N_LIB) $(APPS) $(DOCS) *.dSYM *~ version.c

View file

@ -1,13 +0,0 @@
diff --git a/Makefile b/Makefile
index 485adc3..191845a 100644
--- a/Makefile
+++ b/Makefile
@@ -12,7 +12,7 @@ WARN?=-Wall -Wshadow -Wpointer-arith -Wmissing-declarations -Wnested-externs
PLATOPTS_SPARC64=-mcpu=ultrasparc -pipe -fomit-frame-pointer -ffast-math -finline-functions -fweb -frename-registers -mapp-regs
-CFLAGS+=$(DEBUG) $(WARN) $(OPTIONS) $(PLATOPTS)
+CFLAGS+=$(DEBUG) $(WARN) $(LDFLAGS) $(CPPFLAGS) $(OPTIONS) $(PLATOPTS)
INSTALL=install
MKDIR=mkdir -p

View file

@ -1,4 +0,0 @@
01-edge.8.diff
upstream-svn4235.patch
makefile.patch
02-reproducible-build.diff

View file

@ -1,13 +0,0 @@
diff --git a/n2n.c b/n2n.c
index cfcfb74..ac98ad6 100644
--- a/n2n.c
+++ b/n2n.c
@@ -120,7 +120,7 @@ void traceEvent(int eventTraceLevel, char* file, int line, char * format, ...) {
}
snprintf(out_buf, sizeof(out_buf), "%s%s", extra_msg, buf);
- syslog(LOG_INFO, out_buf);
+ syslog(LOG_INFO, "%s", out_buf);
} else {
snprintf(out_buf, sizeof(out_buf), "%s [%11s:%4d] %s%s", theDate, file, line, extra_msg, buf);
printf("%s\n", out_buf);

4
debian/rules vendored
View file

@ -1,4 +0,0 @@
#!/usr/bin/make -f
%:
dh $@

View file

@ -1 +0,0 @@
3.0 (quilt)