tinc: rework

packages/addons/addon-depends/tinc-depends/miniupnpc/package.mk

@@ -0,0 +1,28 @@
+################################################################################
+#      This file is part of LibreELEC - https://libreelec.tv
+#      Copyright (C) 2018-present Team LibreELEC
+#
+#  LibreELEC is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  LibreELEC is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with LibreELEC.  If not, see <http://www.gnu.org/licenses/>.
+################################################################################
+
+PKG_NAME="miniupnpc"
+PKG_VERSION="2.0.20180222"
+PKG_ARCH="any"
+PKG_LICENSE="BSD"
+PKG_SITE="http://miniupnp.free.fr"
+PKG_URL="http://miniupnp.free.fr/files/$PKG_NAME-$PKG_VERSION.tar.gz"
+PKG_DEPENDS_TARGET="toolchain"
+PKG_LONGDESC="The MiniUPnP project offers software which supports the UPnP Internet Gateway Device (IGD) specifications"
+
+PKG_CMAKE_OPTS_TARGET="-DUPNPC_BUILD_SHARED=OFF -DUPNPC_BUILD_STATIC=ON"

packages/addons/service/tinc/changelog.txt

@@ -1,5 +1,12 @@
+103
+- Update to tinc-1.1pre15
+- Rework
+
+102
+- Enable clean building
+
 101
-- Bump to tinc-1.1pre14
+- Update to tinc-1.1pre14
 
 100
 - Initial addon

packages/addons/service/tinc/package.mk

@@ -17,13 +17,14 @@
 ################################################################################
 
 PKG_NAME="tinc"
-PKG_VERSION="1.1pre14"
-PKG_REV="101"
+PKG_VERSION="1.1pre15"
+PKG_REV="103"
 PKG_ARCH="any"
 PKG_LICENSE="GPLv2"
 PKG_SITE="http://www.tinc-vpn.org/"
-PKG_URL="${PKG_SITE}/packages/$PKG_NAME-$PKG_VERSION.tar.gz"
-PKG_DEPENDS_TARGET="toolchain openssl lzo zlib"
+PKG_URL="https://github.com/gsliepen/tinc/archive/release-$PKG_VERSION.tar.gz"
+PKG_SOURCE_DIR="tinc-release-$PKG_VERSION"
+PKG_DEPENDS_TARGET="toolchain lzo miniupnpc openssl zlib"
 PKG_SECTION="service/system"
 PKG_SHORTDESC="tinc: a Virtual Private Network daemon"
 PKG_LONGDESC="tinc ($PKG_VERSION) is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet. Because the VPN appears to the IP level network code as a normal network device, there is no need to adapt any existing software. This allows VPN sites to share information with each other over the Internet without exposing any information to others."
@@ -34,23 +35,22 @@ PKG_ADDON_NAME="tinc"
 PKG_ADDON_TYPE="xbmc.service"
 PKG_MAINTAINER="Anton Voyl (awiouy)"
 
-PKG_CONFIGURE_OPTS_TARGET="--disable-curses   \
+PKG_CONFIGURE_OPTS_TARGET="--disable-curses \
                            --disable-readline \
-                           --sysconfdir=/storage/.cache"
+                           --enable-miniupnpc \
+                           --sysconfdir=/run"
 
 pre_configure_target() {
-  # tinc fails to build in subdirs
   cd $PKG_BUILD
   rm -rf .$TARGET_NAME
 }
 
-makeinstall_target() {
+make_target() {
   :
 }
 
 addon() {
   mkdir -p $ADDON_BUILD/$PKG_ADDON_ID/bin
-  cp $PKG_BUILD/src/tinc \
-     $PKG_BUILD/src/tincd \
+  cp $PKG_BUILD/.install_pkg/usr/sbin/* \
      $ADDON_BUILD/$PKG_ADDON_ID/bin
 }

packages/addons/service/tinc/source/bin/subnet-up

@@ -1,18 +0,0 @@
-#!/bin/sh
-. /etc/profile
-oe_setup_addon service.system.tinc
-
-case "$SUBNET" in
-   ??:??:??:??:??:??)
-      :
-      ;;
-   *)
-      if [ "$NAME" == "$NODE" ]
-      then
-         ip addr replace "$SUBNET/$tinc_mask" dev "$INTERFACE"
-      elif [ "$tinc_mask" == "32" ]
-      then
-         ip route replace "$SUBNET" dev "$INTERFACE"
-      fi
-      ;;
-esac

packages/addons/service/tinc/source/bin/tinc-service

@@ -1,81 +0,0 @@
-#!/bin/sh
-################################################################################
-#      This file is part of LibreELEC - https://libreelec.tv
-#      Copyright (C) 2016 Team LibreELEC
-#
-#  LibreELEC is free software: you can redistribute it and/or modify
-#  it under the terms of the GNU General Public License as published by
-#  the Free Software Foundation, either version 2 of the License, or
-#  (at your option) any later version.
-#
-#  LibreELEC is distributed in the hope that it will be useful,
-#  but WITHOUT ANY WARRANTY; without even the implied warranty of
-#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#  GNU General Public License for more details.
-#
-#  You should have received a copy of the GNU General Public License
-#  along with LibreELEC.  If not, see <http://www.gnu.org/licenses/>.
-################################################################################
-
-. /etc/profile
-oe_setup_addon service.system.tinc
-
-config="$ADDON_HOME/.config"
-dev="vmnetz"
-host="$ADDON_HOME/Host"
-hosts="$ADDON_HOME/Hosts"
-
-rm -rf "$host"
-rm -f "$hosts"
-
-if [ -z "$tinc_name" ]
-then
-   rm -rf "$config"
-   exit 0
-fi
-
-read_name="$(tinc -c $config get name)"
-
-if [ "$read_name" != "$tinc_name" ]
-then
-   rm -rf "$config"
-   tinc -c "$config" init "$tinc_name"
-fi
-
-mkdir -p "$host"
-ln -s "$config/hosts/$tinc_name" "$host/$tinc_name"
-ln -nsf "$config/hosts" "$hosts"
-
-for var in address port subnet
-do
-   eval "tinc_var=\$tinc_$var"
-   if [ -z "$tinc_var" ]
-   then
-      tinc -c "$config" del "$var"
-   else
-      tinc -c "$config" set "$var" "$tinc_var"
-   fi
-done
-
-cp "$ADDON_DIR/bin/subnet-up" \
-   "$ADDON_DIR/bin/tinc-up"   \
-   "$config"
-
-case "$tinc_subnets" in
-   "default")
-      subnets=""
-      ;;
-   "strict subnets")
-      subnets="-o StrictSubnets=yes"
-      ;;
-   "tunnel server")
-      subnets="-o TunnelServer=yes"
-      ;;
-esac
-
-tincd -c "$config"          \
-      -n "$dev"             \
-      -o AutoConnect=yes    \
-      -o LocalDiscovery=yes \
-      -o mode="$tinc_mode"  \
-      $subnets

packages/addons/service/tinc/source/bin/tinc.start

@@ -0,0 +1,83 @@
+#!/bin/sh
+################################################################################
+#      This file is part of LibreELEC - https://libreelec.tv
+#      Copyright (C) 2016-present Team LibreELEC
+#
+#  LibreELEC is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  LibreELEC is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with LibreELEC.  If not, see <http://www.gnu.org/licenses/>.
+################################################################################
+
+. /etc/profile
+oe_setup_addon service.system.tinc
+
+DIR_LEGACY="$ADDON_HOME/.config"
+if [ -d "$DIR_LEGACY" ]; then
+  echo "Warning: using legacy configuration $DIR_LEGACY, ignoring Kodi settings"
+  tincd --config "$DIR_LEGACY" --no-detach
+  exit $?
+fi
+
+[ -z "$tinc_loglevel" ] && tinc_loglevel="3"
+
+NET="vmnet_le"
+NAME="${tinc_subnet//./_}"
+CONF_KEYS="/storage/.cache/tinc.$NET"
+CONF_TINC="/run/tinc/$NET"
+DATA_LOCAL="$ADDON_HOME/Local"
+DATA_REMOTES="$ADDON_HOME/Remotes"
+
+rm -fr "$CONF_TINC" "$DATA_LOCAL" &> /dev/null
+
+if [ ! -d "$CONF_KEYS" ]; then
+  rm -fr "$CONF_KEYS" &> /dev/null
+  mkdir -p "$CONF_KEYS"
+  tinc --batch --config "$CONF_KEYS" generate-ed25519-keys
+fi
+
+if [ ! -d "$DATA_REMOTES" ]; then
+  rm -fr "$DATA_REMOTES" &> /dev/null
+  mkdir -p "$DATA_REMOTES"
+fi
+
+if [ "$tinc_subnet" == "0.0.0.0" ]; then
+  echo "Warning: default subnet $tinc_subnet, aborting"
+  exit
+fi
+
+if [ -e "$DATA_REMOTES/$NAME" ]; then
+  echo "Error: $NAME in $DATA_REMOTES, aborting"
+  exit
+fi
+
+mkdir -p "$CONF_TINC"
+cp -RT "$ADDON_DIR/config" "$CONF_TINC"
+chmod +x "$CONF_TINC"/*-*
+ln -sf "$DATA_REMOTES" "$CONF_TINC/hosts"
+tee >> "$CONF_TINC/tinc.conf" << EOF
+Ed25519PrivateKeyFile = $CONF_KEYS/ed25519_key.priv
+LogLevel              = $tinc_loglevel
+Name                  = $NAME
+EOF
+
+mkdir -p "$DATA_LOCAL"
+if [ -n "$tinc_address" ]; then
+  echo "Address          = $tinc_address" >> "$DATA_LOCAL/$NAME"
+fi
+cat "$CONF_KEYS/ed25519_key.pub" >> "$DATA_LOCAL/$NAME"
+
+tee -a "$CONF_TINC/tinc.conf" >> "$DATA_LOCAL/$NAME" << EOF
+Port             = $tinc_port
+Subnet           = $tinc_subnet
+EOF
+
+tincd --net "$NET" --no-detach

packages/addons/service/tinc/source/config/subnet-down

@@ -0,0 +1,4 @@
+#!/bin/sh
+if [ "$NAME" != "$NODE" ]; then
+  ip route del "$SUBNET" dev "$INTERFACE"
+fi

packages/addons/service/tinc/source/config/subnet-up

@@ -0,0 +1,6 @@
+#!/bin/sh
+if [ "$NAME" == "$NODE" ]; then
+  ip addr replace "$SUBNET" dev "$INTERFACE"
+else
+  ip route replace "$SUBNET" dev "$INTERFACE"
+fi

packages/addons/service/tinc/source/config/tinc.conf

@@ -0,0 +1,6 @@
+AutoConnect           = yes
+ExperimentalProtocol  = yes
+LocalDiscovery        = yes
+Mode                  = Router
+TunnelServer          = yes
+UPnP                  = yes

packages/addons/service/tinc/source/default.py

@@ -1,6 +1,6 @@
 ################################################################################
 #      This file is part of LibreELEC - https://libreelec.tv
-#      Copyright (C) 2016 Team LibreELEC
+#      Copyright (C) 2016-present Team LibreELEC
 #
 #  LibreELEC is free software: you can redistribute it and/or modify
 #  it under the terms of the GNU General Public License as published by
@@ -15,74 +15,21 @@
 #  You should have received a copy of the GNU General Public License
 #  along with LibreELEC.  If not, see <http://www.gnu.org/licenses/>.
 ################################################################################
-import os.path
-import random
-import socket
-import struct
+
 import subprocess
-import urllib2
 import xbmc
 import xbmcaddon
 
 
-ADDON   = xbmcaddon.Addon()
-ID      = ADDON.getAddonInfo('id')
-PATH    = ADDON.getAddonInfo('path')
-TINC    = os.path.join(PATH, 'bin', 'tinc')
-
-def run_code(cmd, *argv):
-   return subprocess.call(cmd.format(*argv).split())
-
-def run_lines(cmd, *argv):
-   try:
-      return subprocess.check_output(cmd.format(*argv).split()).splitlines()
-   except subprocess.CalledProcessError:
-      return []
-
-
 class Monitor(xbmc.Monitor):
 
-   def __init__(self, *args, **kwargs):
-      xbmc.Monitor.__init__(self)
+    def __init__(self, *args, **kwargs):
+        xbmc.Monitor.__init__(self)
+        self.id = xbmcaddon.Addon().getAddonInfo('id')
 
-   def onSettingsChanged(self):
-     run_code('systemctl restart {}'.format(ID))
+    def onSettingsChanged(self):
+        subprocess.call(['systemctl', 'restart', self.id])
 
 
 if __name__ == '__main__':
-   for network in run_lines('{} network', TINC):
-      run_code('{} -n {} start', TINC, network)
-
-   if ADDON.getSetting('tinc_wizard') == 'true':
-      try:
-         ip = urllib2.urlopen('http://ip.42.pl/raw').read()
-         address = socket.gethostbyaddr(ip)[0]
-         ADDON.setSetting('tinc_address', address)
-      except:
-         pass
-
-      network, mask = '10.0.0.0/8'.split('/')
-      mask = 2 ** (32 - int(mask)) - 1
-      network = struct.unpack('!L', socket.inet_aton(network))[0] & -mask
-      ip = network + random.randint(1, mask - 1)
-      name = format(ip, '08x')
-      subnet = socket.inet_ntoa(struct.pack('!L', ip))
-      ADDON.setSetting('tinc_name', name)
-      ADDON.setSetting('tinc_subnet', subnet)
-
-      port = int(ADDON.getSetting('tinc_port'))
-      s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-      try:
-         s.bind(('', port))
-         s.close()
-      except socket.error:
-         s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-         s.bind(('', 0))
-         a, port = s.getsockname()
-         s.close()
-         ADDON.setSetting('tinc_port', str(port))
-
-      ADDON.setSetting('tinc_wizard', 'false')
-      run_code('systemctl restart {}'.format(ID))
-
-   Monitor().waitForAbort()
+    Monitor().waitForAbort()

packages/addons/service/tinc/source/resources/language/English/strings.po

@@ -1,70 +1,30 @@
 # Kodi Media Center language file
 # Addon Name: tinc
 # Addon id: service.system.tinc
-# Addon Provider: awiouy at gmail dot com
+# Addon Provider: Team LibreELEC
 msgid ""
 msgstr ""
 
 msgctxt "#30000"
-msgid "Configuration"
+msgid "Host"
 msgstr ""
 
 msgctxt "#30001"
-msgid "Virtual Private Network"
+msgid "Subnet (private IP address)"
 msgstr ""
 
 msgctxt "#30002"
-msgid "Name"
-msgstr ""
-
-msgctxt "#30003"
-msgid "Subnet"
-msgstr ""
-
-msgctxt "#30004"
-msgid "Mask"
-msgstr ""
-
-msgctxt "#30005"
-msgid "Mode"
-msgstr ""
-
-msgctxt "#30006"
-msgid "Subnet Discovery"
-msgstr ""
-
-msgctxt "#30007"
-msgid "Public Network"
-msgstr ""
-
-msgctxt "#30008"
-msgid "Address"
-msgstr ""
-
-msgctxt "#30009"
 msgid "Port"
 msgstr ""
 
-msgctxt "#30010"
-msgid "Instructions"
+msgctxt "#30003"
+msgid "Address (public DNS name)"
 msgstr ""
 
-msgctxt "#30011"
-msgid "1. Configure local node (see tinc-vpn.org/documentation-1.1)"
+msgctxt "#30004"
+msgid "Debug"
 msgstr ""
 
-msgctxt "#30012"
-msgid "2. Enable port forwarding on your router (see e.g. portforward.com)"
-msgstr ""
-
-msgctxt "#30013"
-msgid "3. Distribute local host file from userdata/addon_data/service.system.tinc/Host"
-msgstr ""
-
-msgctxt "#30014"
-msgid "4. Collect remote host files in userdata/addon_data/service.system.tinc/Hosts"
-msgstr ""
-
-msgctxt "#30015"
-msgid "5. Restart tinc to load remote host files"
+msgctxt "#30005"
+msgid "LogLevel"
 msgstr ""

packages/addons/service/tinc/source/resources/settings.xml

@@ -1,24 +1,11 @@
 <?xml version="1.0" encoding="utf-8" standalone="yes" ?>
 <settings>
-   <category label="30000">
-      <setting label="30001" type="lsep" />
-      <setting id="tinc_name" label="30002" type="text" />
-      <setting id="tinc_subnet" label="30003" type="ipaddress" />
-      <setting id="tinc_mask" label="30004" type="labelenum"
-         values="32|1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31" />
-      <setting id="tinc_mode" label="30005" type="labelenum"
-         values="router|hub|switch" />
-      <setting id="tinc_subnets" label="30006" type="labelenum"
-         values="default|strict subnets|tunnel server" />
-      <setting label="30007" type="lsep" />
-      <setting id="tinc_address" label="30008" type="text" />
-      <setting id="tinc_port" label="30009" type="number" default="6555" />
-   </category>
-   <category label="30010">
-      <setting label="30011" type="lsep" />
-      <setting label="30012" type="lsep" />
-      <setting label="30013" type="lsep" />
-      <setting label="30014" type="lsep" />
-      <setting label="30015" type="lsep" />
-   </category>
+  <category  label="30000">
+    <setting label="30001" type="ipaddress" id="tinc_subnet"   default="0.0.0.0"/>
+    <setting label="30002" type="number"    id="tinc_port"     default="6550"/>
+    <setting label="30003" type="text"      id="tinc_address"  default=""/>
+  </category>
+  <category  label="30004">
+    <setting label="30005" type="select"    id="tinc_loglevel" values="0|1|2|3|4|5"/>
+  </category>
 </settings>

packages/addons/service/tinc/source/settings-default.xml

@@ -1,11 +1,6 @@
-<settings>
-    <setting id="tinc_address" value="" />
-    <setting id="tinc_mask" value="32" />
-    <setting id="tinc_mode" value="router" />
-    <setting id="tinc_name" value="" />
-    <setting id="tinc_port" value="6555" />
-    <setting id="tinc_subnet" value="" />
-    <setting id="tinc_subnets" value="default" />
-    <setting id="tinc_wizard" value="true" />
+<settings version="2">
+    <setting id="tinc_address" default="true"></setting>
+    <setting id="tinc_loglevel" default="true">3</setting>
+    <setting id="tinc_port" default="true">6550</setting>
+    <setting id="tinc_subnet" default="true">0.0.0.0</setting>
 </settings>
-

packages/addons/service/tinc/source/system.d/service.system.tinc.service

@@ -5,8 +5,7 @@ After=network-online.target
 Requires=network-online.target
 
 [Service]
-Type=forking
-ExecStart=/bin/sh /storage/.kodi/addons/service.system.tinc/bin/tinc-service
+ExecStart=/bin/sh /storage/.kodi/addons/service.system.tinc/bin/tinc.start
 Restart=on-failure
 
 [Install]