gnunet: update to version 0.25.1

GNUnet 0.25 dropped the autotools based build system and now requires being built with Meson. As expected there are some cross-compiling related issues which have been fixed using downstream patches by now. v0.25.1: - transport: hotfix incorrect communicator key derivations - tests: make failing tests work again - util: Change to assigned HPKE codepoint for DHKEM+Elligator. See https://www.iana.org/assignments/hpke/ - fs: service failed to start because of PILS addition v0.25.0: - util: Removed authkem from HPKE implementation as it is going to be removed from the RFC9180bis spec and is unused in GNUnet anyway. - core: New AKE implementation. - pils: New service. - gns: Various improvements to performance and DNS migration tooling. - build: Retired autotools. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2025-12-21 19:14:30 +04:00 · 2025-10-10 02:15:39 +01:00
parent 261d1b0948
commit f24c97fff8
10 changed files with 356 additions and 50 deletions
--- a/net/gnunet/Makefile
+++ b/net/gnunet/Makefile
@@ -2,11 +2,11 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=gnunet

-PKG_VERSION:=0.24.3
+PKG_VERSION:=0.25.1
 PKG_RELEASE:=1
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=@GNU/gnunet
-PKG_HASH:=5b06897b0e84489bbb438278ec73e4362442b2e05a63e40023ec1d0cccc6c576
+PKG_HASH:=21336c16cd57f91f9d5fd5359482d9151a7cdf0d6396f8b61828c17ccc668f5c

 PKG_LICENSE:=AGPL-3.0
 PKG_LICENSE_FILES:=COPYING
@@ -21,32 +21,13 @@ PKG_INSTALL:=1
 PKG_BUILD_DEPENDS:=sqlite3

 include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/meson.mk
 include $(INCLUDE_DIR)/nls.mk

-# always pass --with-sqlite3 as configure fails when trying --without-sqlite3
-CONFIGURE_ARGS+= \
-	--with-libiconv-prefix="$(ICONV_PREFIX)" \
-	--with-libintl-prefix="$(INTL_PREFIX)" \
-	--with-ltdl \
-	$(if $(CONFIG_PACKAGE_$(PKG_NAME)-pgsql),--with-postgresql="$(STAGING_DIR)/usr/bin/pg_config",--without-postgresql) \
-	--with-sqlite3="$(STAGING_DIR)/usr" \
-	--disable-testruns \
-	--disable-documentation \
-	--enable-experimental \
-	--with-extractor="$(STAGING_DIR)/usr" \
-	--with-libgcrypt-prefix="$(STAGING_DIR)/usr" \
-	--with-gnutls="$(STAGING_DIR)/usr" \
-	--with-jose="$(STAGING_DIR)/usr" \
-	--with-libcurl="$(STAGING_DIR)/usr" \
-	--with-ogg="$(STAGING_DIR)/usr" \
-	--with-opus="$(STAGING_DIR)/usr" \
-	--with-pabc="$(STAGING_DIR)/usr" \
-	--with-png="$(STAGING_DIR)/usr" \
-	--with-pulse="$(STAGING_DIR)/usr" \
-	--with-microhttpd="$(STAGING_DIR)/usr"
-
-CONFIGURE_VARS+= \
-	GPGRT_CONFIG="$(STAGING_DIR)/host/bin/gpgrt-config"
+MESON_ARGS += \
+	-Dexclude-manpages=true \
+	-Dexclude-handbook=true \
+	-Dexperimental=true

 # upstream now provides --with-pulse= but doesn't detect rpath
 TARGET_LDFLAGS+= -Wl,-rpath-link=$(STAGING_DIR)/usr/lib/pulseaudio
@@ -153,13 +134,13 @@ define Package/gnunet/install
 	$(INSTALL_DIR) $(1)/usr/share/gnunet/config.d $(1)/usr/share/gnunet/hellos

 	( for bin in arm cadet core config ecc identity nat nat-auto nat-server nse \
-	    scalarproduct scrypt statistics uri; do \
+	    pils scalarproduct scrypt statistics uri; do \
 		$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gnunet-$$$$bin $(1)/usr/bin/ || exit 1; \
 	done )

 	( for lib in arm block blockgroup cadet \
 	    core datacache dht dns hello \
-	    identity natauto natnew nse peerstore regexblock regex \
+	    identity natauto natnew nse peerstore pils regexblock regex \
 	    scalarproduct set seti setu statistics transportapplication \
 	    transportcommunicator transportcore transportmonitor util; do \
 		$(CP) $(PKG_INSTALL_DIR)/usr/lib/libgnunet$$$$lib.so* $(1)/usr/lib/ || exit 1; \
@@ -172,7 +153,7 @@ define Package/gnunet/install
 	( for lex in communicator-unix daemon-topology helper-nat-client \
 	    helper-nat-server service-arm service-cadet service-core \
 	    service-dht service-identity service-nat service-nat-auto service-nse \
-	    service-peerstore service-regex \
+	    service-peerstore service-pils service-regex \
 	    service-scalarproduct-alice service-scalarproduct-bob service-scalarproduct-ecc-alice \
 	    service-scalarproduct-ecc-bob service-set service-seti service-setu service-statistics \
 	    service-transport timeout; do \
@@ -180,7 +161,7 @@ define Package/gnunet/install
 	done )

 	( for conf in arm cadet core datacache dht dhtu identity \
-	    nat nat-auto nse peerstore regex \
+	    nat nat-auto nse peerstore pils regex \
 	    scalarproduct set seti setu statistics tlds topology transport util; do \
 		$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/gnunet/config.d/$$$$conf.conf $(1)/usr/share/gnunet/config.d || exit 1; \
 	done )
@@ -198,14 +179,13 @@ endef

 define Build/InstallDev
 	$(INSTALL_DIR) $(1)/usr/include/gnunet $(1)/usr/lib/pkgconfig
-	$(CP) $(PKG_INSTALL_DIR)/usr/lib/*.{la,so}* $(1)/usr/lib/
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/*.{a,so}* $(1)/usr/lib/
 	$(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/*.pc $(1)/usr/lib/pkgconfig
 	$(CP) $(PKG_INSTALL_DIR)/usr/include/gnunet/*.h $(1)/usr/include/gnunet
 endef

 BIN_abd:=abd
 LIB_abd:=abd
-PLUGIN_abd:=gnsrecord_abd
 LIBEXEC_abd:=service-abd
 CONF_abd:=abd
 DEPENDS_abd:=+gnunet-gns
@@ -274,6 +254,7 @@ LIB_datastore:=datastore
 LIBEXEC_datastore:=service-datastore
 CONF_datastore:=datastore

+DEPENDS_messenger:=+gnunet-gns
 BIN_messenger:=messenger
 LIB_messenger:=messenger
 LIBEXEC_messenger:=service-messenger
@@ -333,7 +314,6 @@ PLUGIN_gns-sqlite:=namecache_sqlite namestore_sqlite

 DEPENDS_peerstore-sqlite:=+gnunet-sqlite
 PLUGIN_peerstore-sqlite:=peerstore_sqlite
-CONFLICTS_peerstore-sqlite:=gnunet-peerstore-flat

 DEPENDS_dhtcache-sqlite:=+gnunet-sqlite
 PLUGIN_dhtcache-sqlite:=datacache_sqlite
@@ -395,7 +375,7 @@ $(eval $(call PostInstFixSUIDPerms,gnunet-vpn))

 $(eval $(call BuildPackage,gnunet))
 $(eval $(call BuildComponent,abd,credential service components,))
-$(eval $(call BuildComponent,auction,auction components,))
+#$(eval $(call BuildComponent,auction,auction components,))
 $(eval $(call BuildComponent,conversation,conversation component,))
 $(eval $(call BuildComponent,curl,cURL wrapper component,))
 $(eval $(call BuildComponent,datastore,data storage components,))
--- a/net/gnunet/patches/0001-meson-convert-SQLite-version-detection-to-compile-ti.patch
+++ b/net/gnunet/patches/0001-meson-convert-SQLite-version-detection-to-compile-ti.patch
@@ -0,0 +1,35 @@
+From 05ec421a2f72f4fd63702959d677e9a7ac538d80 Mon Sep 17 00:00:00 2001
+From: Daniel Golle <daniel@makrotopia.org>
+Date: Fri, 10 Oct 2025 00:44:56 +0100
+Subject: [PATCH 1/8] meson: convert SQLite version detection to compile-time
+ test
+
+Use compile-time test instead of relying on testing the SQLite version
+at runtime. This is done to make cross-compilation possible again.
+---
+ meson.build | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+--- a/meson.build
+++ b/meson.build
+@@ -175,14 +175,17 @@ if not sqlite_dep.found()
+     sqlite_dep = cc.find_library('sqlite3', required: true)
+     sqlite_version_check = '''#include <sqlite3.h>
+   int main(int argc, char **argv) {
+-    return (SQLITE_VERSION_NUMBER >= 3035000) ? 0 : 1;
+    #if SQLITE_VERSION_NUMBER < 3035000
+      #error "SQLite version >= 3.35.0 required"
+    #endif
+    return 0;
+   }
+   '''
+-    if cc.run(
+    if not cc.compiles(
+         sqlite_version_check,
+         name: 'sqlite version check',
+         dependencies: sqlite_dep,
+-    ).returncode() != 0
+    )
+         error('Sqlite version >= 3.35.0 requried')
+     endif
+ endif
--- a/net/gnunet/patches/0002-meson-convert-cURL-version-detection-to-compile-time.patch
+++ b/net/gnunet/patches/0002-meson-convert-cURL-version-detection-to-compile-time.patch
@@ -0,0 +1,35 @@
+From 473009abbdbc1dbee86a049ef55955da56952cc8 Mon Sep 17 00:00:00 2001
+From: Daniel Golle <daniel@makrotopia.org>
+Date: Fri, 10 Oct 2025 00:50:32 +0100
+Subject: [PATCH 2/8] meson: convert cURL version detection to compile-time
+ test
+
+Use compile-time test instead of relying on testing the cURL version
+at runtime. This is done to make cross-compilation possible again.
+---
+ meson.build | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+--- a/meson.build
+++ b/meson.build
+@@ -194,14 +194,17 @@ if not curl_dep.found()
+     curl_dep = cc.find_library('curl', required: true)
+     curl_version_check = '''#include <curl/curl.h>
+   int main(int argc, char **argv) {
+-    return (LIBCURL_VERSION_NUM >= 0x075500) ? 0 : 1;
+    #if LIBCURL_VERSION_NUM < 0x075500
+      #error "cURL version >= 7.85.0 required"
+    #endif
+    return 0;
+     }
+   '''
+-    if cc.run(
+    if not cc.compiles(
+         curl_version_check,
+         name: 'cURL version check',
+         dependencies: curl_dep,
+-    ).returncode() != 0
+    )
+         error('cURL version >=7.85.0 required')
+     endif
+ endif
--- a/net/gnunet/patches/0003-meson-convert-libsodium-version-detection-to-compile.patch
+++ b/net/gnunet/patches/0003-meson-convert-libsodium-version-detection-to-compile.patch
@@ -0,0 +1,39 @@
+From 8ed32eb1d705ee1838ac1da81ca8f1f821493c94 Mon Sep 17 00:00:00 2001
+From: Daniel Golle <daniel@makrotopia.org>
+Date: Fri, 10 Oct 2025 00:53:51 +0100
+Subject: [PATCH 3/8] meson: convert libsodium version detection to
+ compile-time test
+
+Use compile-time test instead of relying on testing the libsodium version
+at runtime. This is done to make cross-compilation possible again.
+---
+ meson.build | 13 ++++++++-----
+ 1 file changed, 8 insertions(+), 5 deletions(-)
+
+--- a/meson.build
+++ b/meson.build
+@@ -244,16 +244,19 @@ if not sodium_dep.found()
+     sodium_dep = cc.find_library('sodium', required: true)
+     sodium_version_check = '''#include <sodium.h>
+   int main(int argc, char **argv) {
+-    return ((SODIUM_LIBRARY_VERSION_MAJOR > 10) ||
+-            ((SODIUM_LIBRARY_VERSION_MAJOR == 10) &&
+-             (SODIUM_LIBRARY_VERSION_MINOR >= 3))) ? 0 : 1;
+    #if !((SODIUM_LIBRARY_VERSION_MAJOR > 10) || \
+         ((SODIUM_LIBRARY_VERSION_MAJOR == 10) && \
+         (SODIUM_LIBRARY_VERSION_MINOR >= 3)))
+      #error "libsodium version >= 1.0.18 required"
+    #endif
+    return 0
+     }
+   '''
+-    if cc.run(
+    if not cc.compiles(
+         sodium_version_check,
+         name: 'sodium version check',
+         dependencies: sodium_dep,
+-    ).returncode() != 0
+    )
+         error('libsodium version >=1.0.18 required')
+     endif
+ endif
--- a/net/gnunet/patches/0004-meson-convert-cURL-SSL-library-detection-to-compile-.patch
+++ b/net/gnunet/patches/0004-meson-convert-cURL-SSL-library-detection-to-compile-.patch
@@ -0,0 +1,41 @@
+From 642fa9ac91c8c1d1cac835550fe5421358e048c1 Mon Sep 17 00:00:00 2001
+From: Daniel Golle <daniel@makrotopia.org>
+Date: Fri, 10 Oct 2025 00:55:57 +0100
+Subject: [PATCH 4/8] meson: convert cURL SSL library detection to compile-time
+ test
+
+Use compile-time test instead of relying on testing the cURL SSL library
+at runtime. This is done to make cross-compilation possible again.
+---
+ meson.build | 12 +++++++++---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
+
+--- a/meson.build
+++ b/meson.build
+@@ -477,17 +477,23 @@ if cc.check_header('gnutls/dane.h')
+ endif
+ curl_ssl_check = '''#include <curl/curl.h>
+   int main(int argc, char **argv) {
+-    return (CURLSSLSET_OK != curl_global_sslset(CURLSSLBACKEND_GNUTLS, NULL, NULL));
+    #ifndef CURLSSLSET_OK
+      #error "cURL SSL backend configuration not supported"
+    #endif
+    #ifndef CURLSSLBACKEND_GNUTLS
+      #error "cURL GnuTLS backend not available"
+    #endif
+    return 0;
+     }
+   '''
+ 
+-result = cc.run(
+curl_gnutls_available = cc.compiles(
+     curl_ssl_check,
+     name: 'cURL gnutls check',
+     dependencies: curl_dep,
+ )
+ private_config.set('curl_gnutls', 0)
+-if result.returncode() == 0
+if curl_gnutls_available
+     private_config.set('curl_gnutls', 1)
+ endif
+ 
--- a/net/gnunet/patches/0005-meson-detect-libcurl-gnutls.patch
+++ b/net/gnunet/patches/0005-meson-detect-libcurl-gnutls.patch
@@ -0,0 +1,101 @@
+From a4a4f5e02ac1cc396bbd1fb8e0c0c460a833512e Mon Sep 17 00:00:00 2001
+From: Daniel Golle <daniel@makrotopia.org>
+Date: Fri, 10 Oct 2025 01:15:11 +0100
+Subject: [PATCH 5/8] meson: detect libcurl-gnutls
+
+Instead of only checking if cURL is built against gnuTLS, also test of
+there is a dedicated libcurl-gnutls library and favor using it.
+---
+ meson.build | 67 +++++++++++++++++++++++++++++++++++++++++------------
+ 1 file changed, 52 insertions(+), 15 deletions(-)
+
+--- a/meson.build
+++ b/meson.build
+@@ -189,10 +189,17 @@ if not sqlite_dep.found()
+         error('Sqlite version >= 3.35.0 requried')
+     endif
+ endif
+-curl_dep = dependency('libcurl', version: '>=7.85.0', required: false)
+-if not curl_dep.found()
+-    curl_dep = cc.find_library('curl', required: true)
+-    curl_version_check = '''#include <curl/curl.h>
+
+curl_gnutls_dep = dependency(
+    'libcurl-gnutls',
+    version: '>=7.85.0',
+    required: false,
+)
+if not curl_gnutls_dep.found()
+    curl_gnutls_dep = cc.find_library('curl-gnutls', required: false)
+endif
+
+curl_version_check = '''#include <curl/curl.h>
+   int main(int argc, char **argv) {
+     #if LIBCURL_VERSION_NUM < 0x075500
+       #error "cURL version >= 7.85.0 required"
+@@ -200,12 +207,34 @@ if not curl_dep.found()
+     return 0;
+     }
+   '''
+-    if not cc.compiles(
+-        curl_version_check,
+-        name: 'cURL version check',
+-        dependencies: curl_dep,
+-    )
+-        error('cURL version >=7.85.0 required')
+
+# If libcurl-gnutls found, use it and we know it has gnutls support
+curl_is_gnutls = false
+if curl_gnutls_dep.found()
+    curl_dep = curl_gnutls_dep
+    curl_is_gnutls = true
+    # Check version for libcurl-gnutls if it was found via find_library
+    if curl_gnutls_dep.type_name() != 'pkgconfig'
+        if not cc.compiles(
+            curl_version_check,
+            name: 'cURL-gnutls version check',
+            dependencies: curl_dep,
+        )
+            error('libcurl-gnutls version >=7.85.0 required')
+        endif
+    endif
+else
+    # Fall back to regular libcurl
+    curl_dep = dependency('libcurl', version: '>=7.85.0', required: false)
+    if not curl_dep.found()
+        curl_dep = cc.find_library('curl', required: true)
+        if not cc.compiles(
+            curl_version_check,
+            name: 'cURL version check',
+            dependencies: curl_dep,
+        )
+            error('cURL version >=7.85.0 required')
+        endif
+     endif
+ endif
+ zlib_dep = dependency('zlib', required: false)
+@@ -487,11 +516,19 @@ curl_ssl_check = '''#include <curl/curl.
+     }
+   '''
+ 
+-curl_gnutls_available = cc.compiles(
+-    curl_ssl_check,
+-    name: 'cURL gnutls check',
+-    dependencies: curl_dep,
+-)
+# Check if we found libcurl-gnutls (has gnutls support by definition)
+curl_gnutls_available = false
+if curl_is_gnutls
+    curl_gnutls_available = true
+else
+    # Fall back to compile-time check for regular libcurl with gnutls support
+    curl_gnutls_available = cc.compiles(
+        curl_ssl_check,
+        name: 'cURL gnutls check',
+        dependencies: curl_dep,
+    )
+endif
+
+ private_config.set('curl_gnutls', 0)
+ if curl_gnutls_available
+     private_config.set('curl_gnutls', 1)
--- a/net/gnunet/patches/0006-meson-allow-not-building-and-installing-handbook.patch
+++ b/net/gnunet/patches/0006-meson-allow-not-building-and-installing-handbook.patch
@@ -0,0 +1,32 @@
+From 15f0efab1c95eafa76e960b64f11df2d18a10ea6 Mon Sep 17 00:00:00 2001
+From: Daniel Golle <daniel@makrotopia.org>
+Date: Fri, 10 Oct 2025 01:19:01 +0100
+Subject: [PATCH 6/8] meson: allow not building and installing handbook
+
+Introduce meson option exclude-handbook to not build and install the
+GNUnet handbook.
+---
+ doc/meson.build | 4 +++-
+ meson.options   | 1 +
+ 2 files changed, 4 insertions(+), 1 deletion(-)
+
+--- a/doc/meson.build
+++ b/doc/meson.build
+@@ -1,4 +1,6 @@
+-subdir('handbook')
+if false == get_option('exclude-handbook')
+    subdir('handbook')
+endif
+ if false == get_option('exclude-manpages')
+     subdir('man')
+ endif
+--- a/meson.options
+++ b/meson.options
+@@ -2,6 +2,7 @@
+ option('monolith', type : 'boolean', value : false, description: 'Build a single, monolithic libgnunet shlib')
+ option('testbed', type : 'boolean', value : false, description: 'Build the testbed')
+ option('exclude-manpages', type : 'boolean', value : false, description: 'Do not install manpages')
+option('exclude-handbook', type : 'boolean', value : false, description: 'Do not install handbook')
+ option('experimental', type : 'boolean', value : false, description: 'Build experimental components')
+ option('malicious', type : 'boolean', value : false, description: 'Enable malicious code paths')
+ option('benchmarks', type : 'boolean', value : false, description: 'Enable benchmarking')
--- a/net/gnunet/patches/0007-namecache-install-sql-files.patch
+++ b/net/gnunet/patches/0007-namecache-install-sql-files.patch
@@ -0,0 +1,31 @@
+From 94aa64ed0363e8c62f126cfe42843468cc775132 Mon Sep 17 00:00:00 2001
+From: Daniel Golle <daniel@makrotopia.org>
+Date: Fri, 10 Oct 2025 01:33:41 +0100
+Subject: [PATCH 7/8] namecache: install sql files
+
+---
+ src/plugin/namecache/meson.build | 16 ++++++++++++++++
+ 1 file changed, 16 insertions(+)
+
+--- a/src/plugin/namecache/meson.build
+++ b/src/plugin/namecache/meson.build
+@@ -1,3 +1,19 @@
+configure_file(
+    input: 'namecache-0001.sql',
+    output: 'namecache-0001.sql',
+    configuration: cdata,
+    install: true,
+    install_dir: get_option('datadir') / 'gnunet' / 'sql',
+)
+
+configure_file(
+    input: 'namecache-drop.sql',
+    output: 'namecache-drop.sql',
+    configuration: cdata,
+    install: true,
+    install_dir: get_option('datadir') / 'gnunet' / 'sql',
+)
+
+ shared_module(
+     'gnunet_plugin_namecache_sqlite',
+     ['plugin_namecache_sqlite.c'],
--- a/net/gnunet/patches/0008-namecache-build-flat-namecache-plugin.patch
+++ b/net/gnunet/patches/0008-namecache-build-flat-namecache-plugin.patch
@@ -0,0 +1,28 @@
+From 87de1cfe4d7f306d25ed12505f188203874dd9b6 Mon Sep 17 00:00:00 2001
+From: Daniel Golle <daniel@makrotopia.org>
+Date: Fri, 10 Oct 2025 01:34:17 +0100
+Subject: [PATCH 8/8] namecache: build flat namecache plugin
+
+---
+ src/plugin/namecache/meson.build | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+--- a/src/plugin/namecache/meson.build
+++ b/src/plugin/namecache/meson.build
+@@ -29,6 +29,16 @@ shared_module(
+     install_dir: get_option('libdir') / 'gnunet',
+ )
+ 
+shared_module(
+    'gnunet_plugin_namecache_flat',
+    ['plugin_namecache_flat.c'],
+    install_rpath: rpath_option,
+    dependencies: [libgnunetutil_dep, libgnunetgnsrecord_dep],
+    include_directories: [incdir, configuration_inc],
+    install: true,
+    install_dir: get_option('libdir') / 'gnunet',
+)
+
+ if pq_dep.found()
+     shared_module(
+         'gnunet_plugin_namecache_postgres',
--- a/net/gnunet/patches/020-curl-no-runtime-test.patch
+++ b/net/gnunet/patches/020-curl-no-runtime-test.patch
@@ -1,16 +0,0 @@
--- a/configure.ac
-+++ b/configure.ac
-@@ -727,12 +727,7 @@ LIBCURL_CHECK_CONFIG([], [7.85.0], [],
- 
- OLD_LIBS=$LIBS
- LIBS="$LIBS $LIBCURL"
-AC_RUN_IFELSE(
-     [AC_LANG_PROGRAM([[#include <curl/curl.h>]],
-                      [[return (CURLSSLSET_OK != curl_global_sslset(CURLSSLBACKEND_GNUTLS, NULL, NULL));]])],
-                    [curl_gnutls=1],
-                    [AC_MSG_WARN([cURL does not have GnuTLS backend])
-                     curl_gnutls=0])
-+curl_gnutls=1
- LIBS=$OLD_LIBS
- AM_CONDITIONAL([HAVE_GNUTLS_CURL], [test "x$curl_gnutls" = "x1"])
- AC_SUBST([curl_gnutls])