patches from Benda Xu <heroxbd@gentoo.org>

3 files changed, 166 insertions, 0 deletions

diff --git a/debian/patches/07-static-EAM.patch b/debian/patches/07-static-EAM.patch
new file mode 100644
index 0000000..8ff87df
--- /dev/null
+++ b/debian/patches/07-static-EAM.patch
@@ -0,0 +1,107 @@
+Description: Support SIIT-DC styled EAM static maps
+ Introduce Explicit Address Mapping as defined in RFC7757.  This extends the
+ `map <ipv4> <ipv6>` into `map <ipv4 subnet> <ipv6 subnet>`.
+ .
+Author: Benda Xu <heroxbd@gentoo.org>
+Bug-Debian: https://bugs.debian.org/<bugnumber>
+Forwarded: Nathan Lutchansky <lutchann@litech.org>
+Last-Update: 2018-12-28
+
+--- a/conffile.c
++++ b/conffile.c
+@@ -217,16 +217,43 @@
+ 
+ 	m = alloc_map_static(ln);
+ 
++	char *slash;
++	slash = strchr(args[0], '/');
++	unsigned int prefix4 = 32;
++	if (slash) {
++		prefix4 = atoi(slash+1);
++		slash[0] = NULL;
++	}
++
+ 	if (!inet_pton(AF_INET, args[0], &m->map4.addr)) {
+-		slog(LOG_CRIT, "Expected an IPv4 address but found \"%s\" on "
+-				"line %d\n", args[0], ln);
++		slog(LOG_CRIT, "Expected an IPv4 subnet but found \"%s\" on "
++		     "line %d\n", args[0], ln);
++		exit(1);
++	}
++	m->map4.prefix_len = prefix4;
++	calc_ip4_mask(&m->map4.mask, NULL, prefix4);
++
++	unsigned int prefix6 = 128;
++	slash = strchr(args[1], '/');
++	if (slash) {
++		prefix6 = atoi(slash+1);
++		slash[0] = NULL;
++	}
++
++	if ((32 - prefix4) != (128 - prefix6)) {
++		slog(LOG_CRIT, "IPv4 and IPv6 subnet must be of the same size, but found"
++				" %s and %s line %d\n", args[0], args[1], ln);
+ 		exit(1);
+ 	}
++
+ 	if (!inet_pton(AF_INET6, args[1], &m->map6.addr)) {
+-		slog(LOG_CRIT, "Expected an IPv6 address but found \"%s\" on "
++		slog(LOG_CRIT, "Expected an IPv6 subnet but found \"%s\" on "
+ 				"line %d\n", args[1], ln);
+ 		exit(1);
+ 	}
++	m->map6.prefix_len = prefix6;
++	calc_ip6_mask(&m->map6.mask, NULL, prefix6);
++        
+ 	if (validate_ip4_addr(&m->map4.addr) < 0) {
+ 		slog(LOG_CRIT, "Cannot use reserved address %s in map "
+ 				"directive, aborting...\n", args[0]);
+@@ -490,3 +517,10 @@
+ 	slog(LOG_CRIT, "Unable to allocate config memory\n");
+ 	exit(1);
+ }
++
++/*
++Local Variables:
++c-basic-offset: 8
++indent-tabs-mode: t
++End:
++*/
+--- a/addrmap.c
++++ b/addrmap.c
+@@ -422,6 +422,9 @@
+ 	case MAP_TYPE_STATIC:
+ 		s = container_of(map4, struct map_static, map4);
+ 		*addr6 = s->map6.addr;
++		if (map4->prefix_len < 32) {
++			addr6->s6_addr32[3] = s->map6.addr.s6_addr32[3] | (addr4->s_addr & ~map4->mask.s_addr);
++		}
+ 		break;
+ 	case MAP_TYPE_RFC6052:
+ 		s = container_of(map4, struct map_static, map4);
+@@ -564,7 +567,13 @@
+ 	switch (map6->type) {
+ 	case MAP_TYPE_STATIC:
+ 		s = container_of(map6, struct map_static, map6);
+-		*addr4 = s->map4.addr;
++		
++		if (map6->prefix_len < 128) {
++			addr4->s_addr = s->map4.addr.s_addr | (addr6->s6_addr32[3] & ~map6->mask.s6_addr32[3]);
++		} else {
++			*addr4 = s->map4.addr;
++		}
++
+ 		break;
+ 	case MAP_TYPE_RFC6052:
+ 		if (extract_from_prefix(addr4, addr6, map6->prefix_len) < 0)
+@@ -629,3 +638,10 @@
+ 		}
+ 	}
+ }
++
++/*
++Local Variables:
++c-basic-offset: 8
++indent-tabs-mode: t
++End:
++*/
diff --git a/debian/patches/08-manpage-RFC.patch b/debian/patches/08-manpage-RFC.patch
new file mode 100644
index 0000000..86adda2
--- /dev/null
+++ b/debian/patches/08-manpage-RFC.patch
@@ -0,0 +1,57 @@
+--- a/tayga.8
++++ b/tayga.8
+@@ -1,4 +1,4 @@
+-.TH TAYGA "8" "June 2011" "TAYGA 0.9.2" ""
++.TH TAYGA "8" "Dec 2018" "TAYGA 0.9.2" ""
+ 
+ .SH NAME
+ tayga \- stateless NAT64 daemon
+@@ -19,10 +19,10 @@
+ translates them to the other protocol, and then sends the translated packets
+ back to the host using the same TUN interface.
+ .P
+-Translation is compliant with IETF Internet-Draft
+-draft-ietf-behave-v6v4-xlate-23, and address mapping is performed in
+-accordance with RFC 6052.  Optionally, TAYGA may be configured to dynamically
+-map IPv6 hosts to addresses drawn from a configured IPv4 address pool.
++Translation is compliant with IETF RFC 6145, and address mapping is
++performed in accordance with RFC 6052 or RFC 7757.  Optionally, TAYGA may be
++configured to dynamically map IPv6 hosts to addresses drawn from a
++configured IPv4 address pool.
+ .P
+ As a stateless NAT, TAYGA requires a one-to-one mapping between IPv4 addresses
+ and IPv6 addresses.  Mapping multiple IPv6 addresses onto a single IPv4
+--- a/tayga.conf.5
++++ b/tayga.conf.5
+@@ -1,4 +1,4 @@
+-.TH TAYGA.CONF "5" "June 2011" "TAYGA 0.9.2" ""
++.TH TAYGA.CONF "5" "Dec 2018" "TAYGA 0.9.2" ""
+ .SH NAME
+ tayga.conf \- configuration file of the TAYGA stateless NAT64 daemon
+ .SH DESCRIPTION
+@@ -75,12 +75,21 @@
+ .B map
+ directive.
+ .TP
+-.BI "map " "ipv4_address ipv6_address"
+-Creates a static mapping between
+-.I ipv4_address
++.BI "map " "ipv4_address[/length] ipv6_address[/length]"
++Creates a static mapping between RFC 7577 compliant hosts or subnets
++.I ipv4_address[/length]
+ and
+-.I ipv6_address
++.I ipv6_address[/length]
+ to be used when translating IPv4 packets to IPv6 or IPv6 packets to IPv4.
++If
++.I /length
++is not present,
++.I /length
++after
++.I ipv4_address
++is treated as "/32" and that of
++.I ipv6_address
++as "/128".
+ Multiple
+ .B map
+ directives are permitted in the tayga.conf file.
diff --git a/debian/patches/series b/debian/patches/series
index 6948b50..2ae3195 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,5 @@
 04-quote-make-var.patch
 05-guard-chdir.patch
 06-guard-write.patch
+07-static-EAM.patch
+08-manpage-RFC.patch