Add nstx

git-svn-id: svn://svn.openwrt.org/openwrt/packages@5897 3c298f89-4303-0410-b956-a3cf2f4a3e73
2006-12-24 12:05:30 +00:00 · 2006-12-24 12:05:30 +00:00 · 431772b1eb
commit 431772b1eb
parent cffaabb916
3 changed files with 461 additions and 0 deletions
--- a/net/nstx/Makefile
+++ b/net/nstx/Makefile
@ -0,0 +1,64 @@
+# 
+# Copyright (C) 2006 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+# $Id: $
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=nstx
+PKG_VERSION:=1.1-beta6
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).orig.tar.gz
+PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/n/nstx/
+PKG_MD5SUM:=275abd75a856b07a798b1f2360088cf5
+PKG_CAT:=zcat
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/nstx/Default
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=allows you to pass IP packets via DNS queries
+  URL:=http://savannah.nongnu.org/projects/nstx/
+endef
+
+define Package/nstx
+  $(call Package/nstx/Default)
+  TITLE+= client version
+  DESCRIPTION:=\
+	nstx client version
+endef
+
+define Package/nstxd
+  $(call Package/nstx/Default)
+  TITLE+= server version
+  DESCRIPTION:=\
+	nstx server version
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+	$(MAKE) -C $(PKG_BUILD_DIR) CC="$(TARGET_CC)"
+endef
+
+define Package/nstx/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/nstxcd $(1)/usr/sbin/
+endef
+
+define Package/nstxd/install
+	$(INSTALL_DIR) $(1)/etc/init.d $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/nstxd $(1)/usr/sbin
+	$(INSTALL_BIN) ./files/nstx.init $(1)/etc/init.d/nstxd
+endef
+
+$(eval $(call BuildPackage,nstx))
+$(eval $(call BuildPackage,nstxd))
--- a/net/nstx/files/nstx.init
+++ b/net/nstx/files/nstx.init
@ -0,0 +1,15 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2006 OpenWrt.org
+
+START=60
+start() {
+	include /lib/network
+	scan_interfaces
+	config_get domain "$domain" domain
+	config_get dns_next_server "$dns_next_server" dns_next_server
+	nstxcd $domain $dns_next_server
+}
+
+stop() {
+	killall nstxcd
+}
--- a/net/nstx/patches/01-debian_changes.patch
+++ b/net/nstx/patches/01-debian_changes.patch
@ -0,0 +1,382 @@
+diff -urN nstx-1.1-beta6/Makefile nstx-1.1-beta6.new/Makefile
+--- nstx-1.1-beta6/Makefile	2004-06-27 23:46:38.000000000 +0200
+++ nstx-1.1-beta6.new/Makefile	2006-12-24 12:15:23.000000000 +0100
+@@ -1,4 +1,4 @@
+-CFLAGS += -ggdb -Wall -Werror
+CFLAGS += -ggdb -Wall -Werror -Wsign-compare 
+ 
+ NSTXD_SRCS = nstxd.c nstx_encode.c nstx_pstack.c nstx_dns.c nstx_tuntap.c nstx_queue.c
+ NSTXD_OBJS = ${NSTXD_SRCS:.c=.o}
+diff -urN nstx-1.1-beta6/nstx_dns.c nstx-1.1-beta6.new/nstx_dns.c
+--- nstx-1.1-beta6/nstx_dns.c	2004-06-27 23:43:34.000000000 +0200
+++ nstx-1.1-beta6.new/nstx_dns.c	2006-12-24 12:15:23.000000000 +0100
+@@ -6,6 +6,7 @@
+ #include <fcntl.h>
+ #include <syslog.h>
+ #include <unistd.h>
+#include <assert.h>
+ 
+ #include "nstxfun.h"
+ #include "nstxdns.h"
+@@ -58,7 +59,7 @@
+  * DNS-packet 'msg'. */
+ 
+ static char *
+-decompress_label(const char *msg, int msglen, const char *lbl)
+decompress_label(const char *msg, unsigned int msglen, const char *lbl)
+ {
+    const char *ptr = lbl;
+    char *buf;
+@@ -69,7 +70,7 @@
+    
+    while ((chunklen = *ptr)) {
+       if (chunklen > 63) {
+-	 if ((ptr-msg) >= (msglen-1)) {
+	 if ((ptr-msg) >= ((signed int)msglen-1)) {
+ 	    DEBUG("Bad pointer at end of msg");
+ 	    if (buf)
+ 	      free(buf);
+@@ -104,13 +105,15 @@
+ 	 ptr += chunklen + 1;
+       }
+    }
+-   buf[buflen] = 0;
+-   buflen++;
+   if (buf) {
+     buf[buflen] = 0;
+     buflen++;
+   }
+    return buf;
+ }
+ 
+ static const unsigned char *
+-_cstringify(const unsigned char *data, int *dlen, int clen)
+_cstringify(const unsigned char *data, int *dlen, unsigned int clen)
+ {
+    static unsigned char *buf;
+    
+@@ -143,7 +146,7 @@
+ {
+    int len;
+    
+-   len = strlen(data);
+   len = strlen((char*)data);
+    return _cstringify(data, &len, 63);
+ }
+ 
+@@ -183,24 +186,24 @@
+ static const unsigned char *
+ lbl2data (const unsigned char *data, size_t len)
+ {
+-   static unsigned char *buf;
+-   
+   static signed char *buf = NULL;
+    const unsigned char *s = data;
+-   unsigned char *d;
+-   unsigned int llen;
+   signed char *d;
+   signed int llen;
+    
+    d = buf = realloc(buf, len);
+   assert(d);
+    do
+      {
+ 	llen = *s++;
+-	if ((llen > 63) || (llen > len - (s - data)))
+-	  return NULL;
+	if ((llen > 63) || (llen > (signed int)(len - (s - data))))
+	  break;
+ 	memcpy(d, s, llen);
+ 	s += llen;
+ 	d += llen;
+      } while (llen);
+    *d = '\0';
+-   return buf;
+   return (const unsigned char*)buf;
+ }
+ 
+ /* New DNS-Code */
+@@ -318,7 +321,7 @@
+    const char *ptr;
+    static char *fqdn;
+    
+-   ptr = data2lbl(data);
+   ptr = (char*)data2lbl((unsigned char*)data);
+    fqdn = realloc(fqdn, strlen(ptr)+strlen(suffix)+1);
+    strcpy(fqdn, ptr);
+    strcat(fqdn, suffix);
+@@ -336,8 +339,9 @@
+      free(buf);
+    
+    off = strstr(fqdn, suffix);
+-   if (off)
+-	buf = strdup(lbl2data(fqdn, off - fqdn));
+   /* only parse if the fqdn was found, and there is more than the fqdn */
+   if (off && off != fqdn)
+	buf = strdup((char*)lbl2data((unsigned char*)fqdn, off - fqdn));
+    else
+ 	/* Our suffix not found... */
+   	buf = NULL; 
+@@ -364,7 +368,7 @@
+    const char *ptr;
+    char *buf;
+    
+-   ptr = data2txt(data, &len);
+   ptr = (char*)data2txt((unsigned char*)data, &len);
+    buf = malloc(len);
+    memcpy(buf, ptr, len);
+    
+@@ -477,7 +481,7 @@
+      {
+ 	offsets[i++] = ptr - buf;
+ 	rrp = _new_listitem(&pkt->query);
+-	rrp->data = decompress_label(buf, len, ptr);
+	rrp->data = decompress_label((char*)buf, len, (char*)ptr);
+ 	if (!rrp->data)
+ 	  {
+ 	     syslog(LOG_ERR, "dns_extractpkt: decompress_label choked in qd\n");
+@@ -517,8 +521,9 @@
+ 	     if (j < i)
+ 	       rrp->link = j;
+ 	  }
+-	ptr = _skip_lbl(ptr, &remain);
+-	rrp->len = ptr[8]*256+ptr[9];
+	//	ptr = _skip_lbl(ptr, &remain);
+	//	rrp->len = ptr[8]*256+ptr[9];
+	rrp->len = ptr[10]*256+ptr[11];
+ 	ptr += 12;
+ 	remain -= 12;
+ 	if (remain < rrp->len)
+diff -urN nstx-1.1-beta6/nstx_encode.c nstx-1.1-beta6.new/nstx_encode.c
+--- nstx-1.1-beta6/nstx_encode.c	2004-06-27 23:43:34.000000000 +0200
+++ nstx-1.1-beta6.new/nstx_encode.c	2006-12-24 12:15:23.000000000 +0100
+@@ -30,11 +30,11 @@
+ 
+ void init_revmap (void)
+ {
+-   int i;
+   unsigned int i;
+    
+    revmap = malloc(256);
+    
+-   for (i = 0; i < strlen(map); i++)
+   for (i = 0; i < strlen((char*)map); i++)
+      revmap[map[i]] = i;
+ }
+    
+@@ -70,11 +70,11 @@
+    if (!revmap)
+      init_revmap();
+    
+-   len = strlen(data)-1;
+-   
+   len = strlen((char*)data);
+
+    buf = realloc(buf, ((len+3)/4)*3);
+    
+-   while (off < len) {
+   while (off+3 < len) {
+       buf[i+0] = (revmap[data[off]]<<2)|((revmap[data[off+1]]&48)>>4);
+       buf[i+1] = ((revmap[data[off+1]]&15)<<4)|((revmap[data[off+2]]&60)>>2);
+       buf[i+2] = ((revmap[data[off+2]]&3)<<6)|(revmap[data[off+3]]);
+diff -urN nstx-1.1-beta6/nstx_pstack.c nstx-1.1-beta6.new/nstx_pstack.c
+--- nstx-1.1-beta6/nstx_pstack.c	2004-06-27 23:43:34.000000000 +0200
+++ nstx-1.1-beta6.new/nstx_pstack.c	2006-12-24 12:15:23.000000000 +0100
+@@ -49,7 +49,7 @@
+    char *netpacket;
+    int netpacketlen;
+    
+-   if ((!ptr) || len < sizeof(struct nstxhdr))
+   if ((!ptr) || (signed int) len < (signed int) sizeof(struct nstxhdr))
+      return;
+ 
+    if (!nstxpkt->id)
+diff -urN nstx-1.1-beta6/nstx_tuntap.c nstx-1.1-beta6.new/nstx_tuntap.c
+--- nstx-1.1-beta6/nstx_tuntap.c	2004-06-27 23:43:34.000000000 +0200
+++ nstx-1.1-beta6.new/nstx_tuntap.c	2006-12-24 12:15:23.000000000 +0100
+@@ -215,7 +215,7 @@
+ 
+ struct nstxmsg *nstx_select (int timeout)
+ {
+-   int peerlen;
+   unsigned peerlen;
+    fd_set set;
+    struct timeval tv;
+    static struct nstxmsg *ret = NULL;
+diff -urN nstx-1.1-beta6/nstxcd.8 nstx-1.1-beta6.new/nstxcd.8
+--- nstx-1.1-beta6/nstxcd.8	1970-01-01 01:00:00.000000000 +0100
+++ nstx-1.1-beta6.new/nstxcd.8	2006-12-24 12:15:23.000000000 +0100
+@@ -0,0 +1,36 @@
+.TH NSTXCD "8" "May 2004" "nstx 1.1-beta4" "User Commands"
+.SH NAME
+nstxcd \- IP over DNS tunneling client
+
+.SH SYNOPSIS
+.B "nstxcd \fIDOMAIN\fR \fIIPADDRESS\fR"
+
+.SH DESCRIPTION
+.B nstxcd
+tunnels IP packets over DNS, allowing them to be sent to a server without
+any protocols other than DNS being used.
+
+.SH OPTIONS
+.B nstxcd
+takes the following options:
+.IP "domain"
+The domain that nstxcd will send requests to. This domain must be delegated
+to a machine that is running nstxd.
+.IP "IP address"
+The IP address of a DNS server that can be reached from the current machine.
+
+.SH USAGE
+.Bnstxcd
+should be run against a domain that has been delegated to a machine running
+nstxd. It will then take any packets that are sent to the tun0 interface and
+send them over DNS to the other tunnel endpoint. Responses will appear on 
+the tun0 interface.
+
+.SH AUTHORS
+
+.IP 
+Florian Heinz <sky@sysv.de>
+.IP 
+Julien Oster <frodo@sysv.de>
+.IP 
+http://nstx.dereference.de/nstx/
+diff -urN nstx-1.1-beta6/nstxcd.c nstx-1.1-beta6.new/nstxcd.c
+--- nstx-1.1-beta6/nstxcd.c	2004-06-27 23:43:34.000000000 +0200
+++ nstx-1.1-beta6.new/nstxcd.c	2006-12-24 12:15:23.000000000 +0100
+@@ -63,7 +63,7 @@
+ int main (int argc, char * argv[]) {
+   struct nstxmsg *msg;
+   const char	*device = NULL;
+-  char		 ch;
+  int 		 ch;
+ 
+   nsid = time(NULL);
+  
+@@ -110,11 +110,11 @@
+    const char *data;
+    int datalen;
+    
+-   pkt = dns_extractpkt (reply, len);
+   pkt = dns_extractpkt ((unsigned char*)reply, len);
+    if (!pkt)
+      return;
+    while ((data = dns_getanswerdata(pkt, &datalen))) {
+-      data = txt2data(data, &datalen);
+      data = (char*)txt2data((unsigned char*)data, &datalen);
+       nstx_handlepacket (data, datalen, &sendtun);
+    }
+    dequeueitem(pkt->id);
+@@ -159,9 +159,9 @@
+     data += l;
+     datalen -= l;
+     
+-    dns_addquery(pkt, dns_data2fqdn(nstx_encode(p, sizeof(nh)+l)));
+    dns_addquery(pkt, dns_data2fqdn(nstx_encode((unsigned char*)p, sizeof(nh)+l)));
+     free(p);
+-    p = dns_constructpacket(pkt, &l);
+    p = (char*)dns_constructpacket(pkt, &l);
+     sendns(p, l, NULL);
+     free(p);
+ 
+diff -urN nstx-1.1-beta6/nstxd.8 nstx-1.1-beta6.new/nstxd.8
+--- nstx-1.1-beta6/nstxd.8	1970-01-01 01:00:00.000000000 +0100
+++ nstx-1.1-beta6.new/nstxd.8	2006-12-24 12:15:23.000000000 +0100
+@@ -0,0 +1,47 @@
+.TH NSTXD "7" "Mar 2005" "nstx 1.1-beta6" "User Commands"
+.SH NAME
+nstxd \- IP over DNS tunneling daemon
+
+.SH SYNOPSIS
+.B "nstxd \fIOPTION\fR \fIDOMAIN\fR"
+
+.SH DESCRIPTION
+.B nstxd
+listens for well formed DNS requests and translates them into IP packets.
+Responses are sent in the form of DNS replies. This allows clients to
+tunnel IP packets over the DNS protocol.
+
+.SH OPTIONS
+.B nstxd
+takes the following option:
+.IP \-d tun-device
+Use this tun device instead of tun0
+.IP \-i ipaddr
+Bind to this IP address rather than every available address
+.IP \-C dir
+Chroot to this directory on startup
+.IP \-D
+Daemonize on startup
+.IP \-g
+Switch on debug messages
+.IP \-u user
+Run as the following user
+.IP "domain"
+The domain that nstxd will listen to requests for. This should be a domain
+that is delegated to the machine running nstxd.
+
+.SH USAGE
+A domain should be delegated to the machine that will run nstxd. nstxd should
+then be run giving that domain as the only argument. nstxd will then listen
+for requests and translate them into IP packets that will appear on the tun0
+interface. Packets sent to the tun0 interface will be transferred back to
+the client as DNS answers.
+
+.SH AUTHORS
+
+.IP 
+Florian Heinz <sky@sysv.de>
+.IP 
+Julien Oster <frodo@sysv.de>
+.IP 
+http://nstx.dereference.de/nstx/
+diff -urN nstx-1.1-beta6/nstxd.c nstx-1.1-beta6.new/nstxd.c
+--- nstx-1.1-beta6/nstxd.c	2004-06-27 23:55:17.000000000 +0200
+++ nstx-1.1-beta6.new/nstxd.c	2006-12-24 12:15:23.000000000 +0100
+@@ -67,7 +67,7 @@
+ }
+ 
+ int main (int argc, char *argv[]) {
+-   char		 ch;
+   signed char	 ch;
+    const char	*device = NULL, *dir = NULL;
+    in_addr_t	 bindto = INADDR_ANY;
+    uid_t	 uid = 0;
+@@ -172,7 +172,7 @@
+    dns_setid(pkt, q->id);
+    dns_settype(pkt, DNS_RESPONSE);
+    dns_addanswer(pkt, "\xb4\x00\x00\x00", 4, dns_addquery(pkt, q->name));
+-   buf = dns_constructpacket (pkt, &len);
+   buf = (char*)dns_constructpacket (pkt, &len);
+    sendns(buf, len, &q->peer);
+    free(buf);
+ }  
+@@ -188,7 +188,7 @@
+    
+    if (msg) {
+      if (msg->src == FROMNS) {
+-	pkt = dns_extractpkt(msg->data, msg->len);
+	pkt = dns_extractpkt((unsigned char*)msg->data, msg->len);
+ 	if (pkt)
+ 	  {
+ 	     name = dns_getquerydata(pkt);
+@@ -198,7 +198,7 @@
+ 			name);
+ 		  queueitem(pkt->id, name, &msg->peer);
+ 		  if ((data = dns_fqdn2data(name)) &&
+-		      (buf = nstx_decode(data, &len)))
+		      (buf = nstx_decode((unsigned char*)data, &len)))
+ 		    {
+ 		       nstx_handlepacket(buf, len, &sendtun);
+ 		    }
+@@ -220,7 +220,7 @@
+       len = dns_getfreespace(pkt, DNS_RESPONSE);
+       buf = dequeue_senditem(&len);
+       dns_addanswer(pkt, buf, len, link);
+-      buf = dns_constructpacket(pkt, &len);
+      buf = (char*)dns_constructpacket(pkt, &len);
+       sendns(buf, len, &qitem->peer);
+    }
+    timeoutqueue(do_timeout);