net-proxy/tayga: adopt the package and support RFC 7757.

Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Benda Xu <[email protected]>
johu · Feb 3, 2019 · 037b300 · 037b300
1 parent 2d564b5
commit 037b300
Show file tree

Hide file tree

Showing 5 changed files with 224 additions and 1 deletion.
diff --git a/net-proxy/tayga/files/tayga-0.9.2-manpage-RFC.patch b/net-proxy/tayga/files/tayga-0.9.2-manpage-RFC.patch
@@ -0,0 +1,57 @@
+--- a/tayga.8
++++ b/tayga.8
+@@ -1,4 +1,4 @@
+-.TH TAYGA "8" "June 2011" "TAYGA 0.9.2" ""
++.TH TAYGA "8" "Dec 2018" "TAYGA 0.9.2" ""
+
+ .SH NAME
+ tayga \- stateless NAT64 daemon
+@@ -19,10 +19,10 @@
+ translates them to the other protocol, and then sends the translated packets
+ back to the host using the same TUN interface.
+ .P
+-Translation is compliant with IETF Internet-Draft
+-draft-ietf-behave-v6v4-xlate-23, and address mapping is performed in
+-accordance with RFC 6052.  Optionally, TAYGA may be configured to dynamically
+-map IPv6 hosts to addresses drawn from a configured IPv4 address pool.
++Translation is compliant with IETF RFC 6145, and address mapping is
++performed in accordance with RFC 6052 or RFC 7757.  Optionally, TAYGA may be
++configured to dynamically map IPv6 hosts to addresses drawn from a
++configured IPv4 address pool.
+ .P
+ As a stateless NAT, TAYGA requires a one-to-one mapping between IPv4 addresses
+ and IPv6 addresses.  Mapping multiple IPv6 addresses onto a single IPv4
+--- a/tayga.conf.5
++++ b/tayga.conf.5
+@@ -1,4 +1,4 @@
+-.TH TAYGA.CONF "5" "June 2011" "TAYGA 0.9.2" ""
++.TH TAYGA.CONF "5" "Dec 2018" "TAYGA 0.9.2" ""
+ .SH NAME
+ tayga.conf \- configuration file of the TAYGA stateless NAT64 daemon
+ .SH DESCRIPTION
+@@ -75,12 +75,21 @@
+ .B map
+ directive.
+ .TP
+-.BI "map " "ipv4_address ipv6_address"
+-Creates a static mapping between
+-.I ipv4_address
++.BI "map " "ipv4_address[/length] ipv6_address[/length]"
++Creates a static mapping between RFC 7577 compliant hosts or subnets
++.I ipv4_address[/length]
+ and
+-.I ipv6_address
++.I ipv6_address[/length]
+ to be used when translating IPv4 packets to IPv6 or IPv6 packets to IPv4.
++If
++.I /length
++is not present, the
++.I /length
++after
++.I ipv4_address
++is treated as "/32" and that of
++.I ipv6_address
++as "/128".
+ Multiple
+ .B map
+ directives are permitted in the tayga.conf file.
diff --git a/net-proxy/tayga/files/tayga-0.9.2-release-reserved-addr.patch b/net-proxy/tayga/files/tayga-0.9.2-release-reserved-addr.patch
@@ -0,0 +1,13 @@
+--- a/addrmap.c
++++ b/addrmap.c
+@@ -22,10 +22,6 @@
+
+ int validate_ip4_addr(const struct in_addr *a)
+ {
+-	/* First octet == 0 */
+-	if (!(a->s_addr & htonl(0xff000000)))
+-		return -1;
+-
+ 	/* First octet == 127 */
+ 	if ((a->s_addr & htonl(0xff000000)) == htonl(0x7f000000))
+ 		return -1;
diff --git a/net-proxy/tayga/files/tayga-0.9.2-static-EAM.patch b/net-proxy/tayga/files/tayga-0.9.2-static-EAM.patch
@@ -0,0 +1,119 @@
+Description: Support SIIT-DC styled EAM static maps
+ Introduce Explicit Address Mapping as defined in RFC7757.  This extends the
+ `map <ipv4> <ipv6>` into `map <ipv4 subnet> <ipv6 subnet>`.
+ .
+Author: Benda Xu <[email protected]>
+Forwarded: Nathan Lutchansky <[email protected]>
+Last-Update: 2018-12-28
+
+--- a/conffile.c
++++ b/conffile.c
+@@ -217,16 +217,43 @@
+
+ 	m = alloc_map_static(ln);
+
++	char *slash;
++	slash = strchr(args[0], '/');
++	unsigned int prefix4 = 32;
++	if (slash) {
++		prefix4 = atoi(slash+1);
++		slash[0] = NULL;
++	}
++
+ 	if (!inet_pton(AF_INET, args[0], &m->map4.addr)) {
+-		slog(LOG_CRIT, "Expected an IPv4 address but found \"%s\" on "
++		slog(LOG_CRIT, "Expected an IPv4 subnet but found \"%s\" on "
+ 				"line %d\n", args[0], ln);
+ 		exit(1);
+ 	}
++	m->map4.prefix_len = prefix4;
++	calc_ip4_mask(&m->map4.mask, NULL, prefix4);
++
++	unsigned int prefix6 = 128;
++	slash = strchr(args[1], '/');
++	if (slash) {
++		prefix6 = atoi(slash+1);
++		slash[0] = NULL;
++	}
++
++	if ((32 - prefix4) != (128 - prefix6)) {
++		slog(LOG_CRIT, "IPv4 and IPv6 subnet must be of the same size, but found"
++				" %s and %s on line %d\n", args[0], args[1], ln);
++		exit(1);
++	}
++
+ 	if (!inet_pton(AF_INET6, args[1], &m->map6.addr)) {
+-		slog(LOG_CRIT, "Expected an IPv6 address but found \"%s\" on "
++		slog(LOG_CRIT, "Expected an IPv6 subnet but found \"%s\" on "
+ 				"line %d\n", args[1], ln);
+ 		exit(1);
+ 	}
++	m->map6.prefix_len = prefix6;
++	calc_ip6_mask(&m->map6.mask, NULL, prefix6);
++        
+ 	if (validate_ip4_addr(&m->map4.addr) < 0) {
+ 		slog(LOG_CRIT, "Cannot use reserved address %s in map "
+ 				"directive, aborting...\n", args[0]);
+@@ -490,3 +517,10 @@
+ 	slog(LOG_CRIT, "Unable to allocate config memory\n");
+ 	exit(1);
+ }
++
++/*
++Local Variables:
++c-basic-offset: 8
++indent-tabs-mode: t
++End:
++*/
+--- a/addrmap.c
++++ b/addrmap.c
+@@ -97,7 +97,12 @@
+
+ int calc_ip4_mask(struct in_addr *mask, const struct in_addr *addr, int len)
+ {
+-	mask->s_addr = htonl(~((1 << (32 - len)) - 1));
++	if (len) {
++		mask->s_addr = htonl(~((1 << (32 - len)) - 1));
++	} else {
++		/* len==0 */
++		mask->s_addr = 0;
++	}
+ 	if (addr && (addr->s_addr & ~mask->s_addr))
+ 		return -1;
+ 	return 0;
+@@ -422,6 +427,9 @@
+ 	case MAP_TYPE_STATIC:
+ 		s = container_of(map4, struct map_static, map4);
+ 		*addr6 = s->map6.addr;
++		if (map4->prefix_len < 32) {
++			addr6->s6_addr32[3] = s->map6.addr.s6_addr32[3] | (addr4->s_addr & ~map4->mask.s_addr);
++		}
+ 		break;
+ 	case MAP_TYPE_RFC6052:
+ 		s = container_of(map4, struct map_static, map4);
+@@ -564,7 +572,13 @@
+ 	switch (map6->type) {
+ 	case MAP_TYPE_STATIC:
+ 		s = container_of(map6, struct map_static, map6);
+-		*addr4 = s->map4.addr;
++		
++		if (map6->prefix_len < 128) {
++			addr4->s_addr = s->map4.addr.s_addr | (addr6->s6_addr32[3] & ~map6->mask.s6_addr32[3]);
++		} else {
++			*addr4 = s->map4.addr;
++		}
++
+ 		break;
+ 	case MAP_TYPE_RFC6052:
+ 		if (extract_from_prefix(addr4, addr6, map6->prefix_len) < 0)
+@@ -629,3 +643,10 @@
+ 		}
+ 	}
+ }
++
++/*
++Local Variables:
++c-basic-offset: 8
++indent-tabs-mode: t
++End:
++*/
diff --git a/net-proxy/tayga/metadata.xml b/net-proxy/tayga/metadata.xml
@@ -1,5 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-<!-- maintainer-needed -->
+<maintainer type="person">
+<email>[email protected]</email>
+<name>Benda Xu</name>
+</maintainer>
 </pkgmetadata>
diff --git a/net-proxy/tayga/tayga-0.9.2-r2.ebuild b/net-proxy/tayga/tayga-0.9.2-r2.ebuild
@@ -0,0 +1,31 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit autotools
+
+DESCRIPTION="out-of-kernel stateless NAT64 implementation based on TUN"
+HOMEPAGE="http://www.litech.org/tayga/"
+SRC_URI="http://www.litech.org/${PN}/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE=""
+
+DEPEND=""
+RDEPEND="${DEPEND}"
+
+PATCHES=(
+	"${FILESDIR}"/${P}-static-EAM.patch
+	"${FILESDIR}"/${P}-manpage-RFC.patch
+	"${FILESDIR}"/${P}-release-reserved-addr.patch
+)
+
+src_prepare() {
+	default
+	sed -e '/^CFLAGS/d' \
+		-i configure.ac || die "sed failed"
+	eautoreconf
+}