openwrt · 1715173329 · Dec 18, 2024 · Nov 1, 2024 · Nov 7, 2024 · Jul 25, 2024
diff --git a/lang/python/micropython-lib/Makefile b/lang/python/micropython-lib/Makefile
@@ -12,9 +12,9 @@ PKG_RELEASE:=1
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/micropython/micropython-lib.git
-PKG_SOURCE_VERSION:=d8e163bb5f3ef45e71e145c27bc4f207beaad70f
-PKG_SOURCE_DATE:=20231031
-PKG_MIRROR_HASH:=311651a719ae645d3e40c3c8ebf706fa2e964ac1455d84bee73606ec6d7c13a2
+PKG_SOURCE_VERSION:=68e3e07bc7ab63931cead3854b2a114e9a084248
+PKG_SOURCE_DATE:=20241017
+PKG_MIRROR_HASH:=7ed2c1b4a5af1b00364e2e017b2b416865713dc82d94737a3ea605f9aeaed54a
 
 PKG_MAINTAINER:=Jeffery To <[email protected]>
 PKG_LICENSE:=MIT Python-2.0.1

diff --git a/lang/python/micropython-lib/patches/001-build-unix-ffi.patch b/lang/python/micropython-lib/patches/001-build-unix-ffi.patch
@@ -1,32 +1,35 @@
 --- a/tools/build.py
 +++ b/tools/build.py
-@@ -284,7 +284,7 @@ def _update_index_package_metadata(index
-                 index_package_json["versions"][v].append(metadata.version)
+@@ -289,7 +289,7 @@ def _update_index_package_metadata(index
+     index_package_json["path"] = package_path
 
 
 -def build(output_path, hash_prefix_len, mpy_cross_path):
 +def build(output_path, unix_ffi, hash_prefix_len, mpy_cross_path):
      import manifestfile
      import mpy_cross
 
-@@ -310,7 +310,7 @@ def build(output_path, hash_prefix_len,
+@@ -315,7 +315,10 @@ def build(output_path, hash_prefix_len,
 
      # For now, don't process unix-ffi. In the future this can be extended to
      # allow a way to request unix-ffi packages via mip.
 -    lib_dirs = ["micropython", "python-stdlib", "python-ecosys"]
 +    lib_dirs = ["unix-ffi"] if unix_ffi else ["micropython", "python-stdlib", "python-ecosys"]
++
++    if unix_ffi:
++        manifestfile.BASE_LIBRARY_NAMES = ("unix-ffi",) + manifestfile.BASE_LIBRARY_NAMES
 
      mpy_version, _mpy_sub_version = mpy_cross.mpy_version(mpy_cross=mpy_cross_path)
      mpy_version = str(mpy_version)
-@@ -438,6 +438,7 @@ def main():
+@@ -446,6 +449,7 @@ def main():
 
      cmd_parser = argparse.ArgumentParser(description="Compile micropython-lib for serving to mip.")
      cmd_parser.add_argument("--output", required=True, help="output directory")
 +    cmd_parser.add_argument("--unix-ffi", action="store_true", help="process unix-ffi packages")
      cmd_parser.add_argument("--hash-prefix", default=8, type=int, help="hash prefix length")
      cmd_parser.add_argument("--mpy-cross", default=None, help="optional path to mpy-cross binary")
      cmd_parser.add_argument("--micropython", default=None, help="path to micropython repo")
-@@ -447,7 +448,7 @@ def main():
+@@ -455,7 +459,7 @@ def main():
          sys.path.append(os.path.join(args.micropython, "tools"))  # for manifestfile
          sys.path.append(os.path.join(args.micropython, "mpy-cross"))  # for mpy_cross
 

diff --git a/lang/python/micropython-lib/patches/002-add-unix-ffi-os-path.patch b/lang/python/micropython-lib/patches/002-add-unix-ffi-os-path.patch
diff --git a/lang/python/micropython-lib/patches/003-add-unix-ffi-uu.patch b/lang/python/micropython-lib/patches/003-add-unix-ffi-uu.patch
diff --git a/net/kadnode/Makefile b/net/kadnode/Makefile
@@ -2,13 +2,13 @@ include $(TOPDIR)/rules.mk
 
 
 PKG_NAME:=kadnode
-PKG_VERSION:=2.3.0
-PKG_RELEASE:=4
+PKG_VERSION:=2.4.0
+PKG_RELEASE:=1
 
-PKG_SOURCE_URL:=https://codeload.github.com/mwarning/KadNode/tar.gz/v$(PKG_VERSION)?
-PKG_SOURCE:=kadnode-$(PKG_VERSION).tar.gz
-PKG_HASH:=abb2ca66fb525fab53157d5486bbb43e3a522a4bdc9280a3dcb8cb403ee08583
-PKG_BUILD_DIR:=$(BUILD_DIR)/KadNode-$(PKG_VERSION)
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/mwarning/KadNode
+PKG_SOURCE_VERSION:=v$(PKG_VERSION)
+PKG_MIRROR_HASH:=9e5f503785f5f894f951c747c00586233b75254e91d2555f83b14ee2f07214c9
 
 PKG_MAINTAINER:=Moritz Warning <[email protected]>
 PKG_LICENSE:=MIT

diff --git a/net/kadnode/files/kadnode.init b/net/kadnode/files/kadnode.init
@@ -15,7 +15,7 @@ boot()
 
 xappend() {
 	local name="$2" value="$1"
-	OPTS="\n$OPTS--${name//_/-} ${value//'/\\'}"
+	OPTS="$OPTS\n--${name//_/-} ${value//'/\\'}"
 }
 
 append_opts_list() {
@@ -55,7 +55,7 @@ start_instance() {
 	OPTS=""
 
 	append_opts "$cfg" lpd_addr dns_server dns_port verbosity peerfile config \
-		query_tld user port ifname cmd_port
+		query_tld user port ifname cmd_port dht_isolation_prefix
 
 	append_opts_list "$cfg" announce peer tls_client_cert tls_server_cert bob_load_key
 

diff --git a/net/umurmur/patches/100-Add-support-for-mbedtls-3.x.patch b/net/umurmur/patches/100-Add-support-for-mbedtls-3.x.patch
@@ -0,0 +1,177 @@
+From fa75e4ca000fc41af0eefd60ac06223c573e0ae4 Mon Sep 17 00:00:00 2001
+From: Glenn Strauss <[email protected]>
+Date: Thu, 24 Oct 2024 10:07:10 -0400
+Subject: [PATCH] Add support for mbedtls-3.x
+
+Signed-off-by: Glenn Strauss <[email protected]>
+---
+ src/crypt.h        |  1 -
+ src/ssl.h          |  4 +++
+ src/ssli_mbedtls.c | 65 +++++++++++++++++++++++++++++++++++++++++++---
+ 3 files changed, 66 insertions(+), 4 deletions(-)
+
+--- a/src/crypt.h
++++ b/src/crypt.h
+@@ -36,7 +36,6 @@
+
+ #if defined(USE_MBEDTLS)
+
+-#include <mbedtls/havege.h>
+ #include <mbedtls/aes.h>
+
+ #define CRYPT_AES_KEY mbedtls_aes_context
+--- a/src/ssl.h
++++ b/src/ssl.h
+@@ -53,6 +53,10 @@
+ #include <mbedtls/net.h>
+ #endif
+
++#if (MBEDTLS_VERSION_MAJOR >= 3)
++#undef USE_MBEDTLS_HAVEGE
++#endif
++
+ #if defined(USE_MBEDTLS_HAVEGE)
+ #include <mbedtls/havege.h>
+ #define HAVEGE_RAND (mbedtls_havege_random)
+--- a/src/ssli_mbedtls.c
++++ b/src/ssli_mbedtls.c
+@@ -37,10 +37,16 @@
+ #include <stdlib.h>
+ #include <fcntl.h>
+
+-#include <mbedtls/config.h>
+ #include <mbedtls/version.h>
+-#include <mbedtls/havege.h>
++#if defined(MBEDTLS_USE_PSA_CRYPTO)
++#include <mbedtls/psa_util.h>
++#else
++#include <mbedtls/ctr_drbg.h>
++#include <mbedtls/entropy.h>
++#endif
++#if MBEDTLS_VERSION_MAJOR < 3
+ #include <mbedtls/certs.h>
++#endif
+ #include <mbedtls/x509.h>
+ #include <mbedtls/ssl.h>
+
+@@ -64,13 +70,32 @@ const int ciphers[] =
+     0
+ };
+
++#if MBEDTLS_VERSION_NUMBER >= 0x03000000
++#if !defined(MBEDTLS_USE_PSA_CRYPTO)
++#ifdef MBEDTLS_ENTROPY_C
++static mbedtls_entropy_context entropy;
++#ifdef MBEDTLS_CTR_DRBG_C
++static mbedtls_ctr_drbg_context ctr_drbg;
++#endif
++#endif
++#endif
++#endif
++
+ static mbedtls_x509_crt certificate;
+ static inline int x509parse_keyfile(mbedtls_pk_context *pk, const char *path, const char *pwd)
+ {
+     int ret;
+
+     mbedtls_pk_init(pk);
++#if MBEDTLS_VERSION_NUMBER >= 0x03000000
++#if defined(MBEDTLS_USE_PSA_CRYPTO)
++    ret = mbedtls_pk_parse_keyfile(pk, path, pwd, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE);
++#else
++    ret = mbedtls_pk_parse_keyfile(pk, path, pwd, mbedtls_ctr_drbg_random, &ctr_drbg);
++#endif
++#else
+     ret = mbedtls_pk_parse_keyfile(pk, path, pwd);
++#endif
+     if (ret == 0 && !mbedtls_pk_can_do(pk, MBEDTLS_PK_ECDSA) && !mbedtls_pk_can_do(pk, MBEDTLS_PK_RSA))
+ 	{
+         ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
+@@ -127,6 +152,13 @@ static void initKey()
+ #ifndef USE_MBEDTLS_HAVEGE
+ int urandom_bytes(void *ctx, unsigned char *dest, size_t len)
+ {
++#if (MBEDTLS_VERSION_MAJOR >= 3)
++#if defined(MBEDTLS_USE_PSA_CRYPTO)
++	mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, dest, len);
++#else
++	mbedtls_ctr_drbg_random(&ctr_drbg, dest, len);
++#endif
++#else
+ 	int cur;
+
+ 	while (len) {
+@@ -135,6 +167,7 @@ int urandom_bytes(void *ctx, unsigned ch
+ 			continue;
+ 		len -= cur;
+ 	}
++#endif
+ 	return 0;
+ }
+ #endif
+@@ -160,10 +193,20 @@ void SSLi_init(void)
+ #ifdef USE_MBEDTLS_HAVEGE
+ 	mbedtls_havege_init(&hs);
+ #else
++#if MBEDTLS_VERSION_NUMBER >= 0x03000000
++#if defined(MBEDTLS_USE_PSA_CRYPTO)
++	psa_crypto_init();
++#else
++	mbedtls_ctr_drbg_init(&ctr_drbg);
++	mbedtls_entropy_init(&entropy);
++	mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0);
++#endif
++#else
+ 	urandom_fd = open("/dev/urandom", O_RDONLY);
+ 	if (urandom_fd < 0)
+ 		Log_fatal("Cannot open /dev/urandom");
+ #endif
++#endif
+
+ 	/* Initialize config */
+ 	conf = Memory_safeCalloc(1, sizeof(mbedtls_ssl_config));
+@@ -187,7 +230,11 @@ void SSLi_init(void)
+ #endif
+ 	mbedtls_ssl_conf_dbg(conf, pssl_debug, NULL);
+
++#if MBEDTLS_VERSION_NUMBER >= 0x03000000
++	mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
++#else
+ 	mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1);
++#endif
+
+ 	mbedtls_ssl_conf_ciphersuites(conf, (const int*)&ciphers);
+
+@@ -209,8 +256,15 @@ void SSLi_deinit(void)
+ #ifdef USE_MBEDTLS_HAVEGE
+ 	mbedtls_havege_free(&hs);
+ #else
++#if MBEDTLS_VERSION_NUMBER >= 0x03000000
++#if !defined(MBEDTLS_USE_PSA_CRYPTO)
++	mbedtls_ctr_drbg_free(&ctr_drbg);
++	mbedtls_entropy_free(&entropy);
++#endif
++#else
+ 	close(urandom_fd);
+ #endif
++#endif
+ }
+
+ bool_t SSLi_getSHA1Hash(SSL_handle_t *ssl, uint8_t *hash)
+@@ -223,8 +277,15 @@ bool_t SSLi_getSHA1Hash(SSL_handle_t *ss
+ 	}
+ #if MBEDTLS_VERSION_NUMBER < 0x02070000L
+ 	mbedtls_sha1(cert->raw.p, cert->raw.len, hash);
+-#else
++#elif MBEDTLS_VERSION_NUMBER < 0x03000000L
+ 	mbedtls_sha1_ret(cert->raw.p, cert->raw.len, hash);
++#elif !defined(MBEDTLS_USE_PSA_CRYPTO)
++	mbedtls_sha1(cert->raw.p, cert->raw.len, hash);
++#else
++	size_t hash_length;
++	mbedtls_psa_hash_compute(
++		PSA_ALG_SHA_1, cert->raw.p, cert->raw.len, hash,
++		20 /* client_t member uint8_t hash[20] */, &hash_length);
+ #endif
+ 	return true;
+ }