Latest upstream release: 20 Current version/release in rawhide: 19.1-4.fc27 URL: https://github.com/cjdelisle/cjdns Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/10117/
The difficulty with cjdns-20 is the new function in crypto/Sign.c: void Sign_signingKeyPairFromCurve25519(uint8_t keypairOut[64], uint8_t secretCryptoKey[32]); It is implemented using private functions in the embedded nacl source. There is no equivalent in libsodium, or in the public nacl interface (so I can't just switch to Fedora supplied nacl package). The only way to get cjdns-20 up quickly is to switch to the embedded nacl library, which I am reluctant to do. One idea I had is to copy just enough of the embedded nacl to implement the above function. Bits_memcpy(keypairOut, secretCryptoKey, 32); keypairOut[0] &= 248; keypairOut[31] &= 63; keypairOut[31] |= 64; ge_p3 A; ge_scalarmult_base(&A, keypairOut); ge_p3_tobytes(&keypairOut[32], &A); There are only the last two functions to copy. I don't know how many internal dependencies they will have.
It turns out that the Fedora nacl package exports the ge25519 scalar functions - even though they are not defined in the public headers. I tested copying the definitions from nacl private headers and linking against nacl after sodium. It works. That's kind of funky (and would break horribly if the internal API changes). But I could link against the Fedora nacl lib (only) and get v20 out there. There is a feature request on libsodium for exporting the scalar operations: https://github.com/jedisct1/libsodium/issues/236 That would also resolve the issue. That issue mentions that TweetNaCl exports ed25519 scalar operations.
Latest upstream release: 20.1 Current version/release in rawhide: 19.1-4.fc27 URL: https://github.com/cjdelisle/cjdns Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/10117/
I've pushed commits for release 20.1. I reverted to using embedded cnacl - but that fails for os390x because the embedded cnacl needs a "plan" to build for that ABI. node_build/dependencies/cnacl/node_build/plans I think I'll punt for now by excluding os390x arch when embedded cnacl is selected. Still working on patching crypto/Sign.c to work with libsodium.
Latest upstream release: 20.2 Current version/release in rawhide: 20.1-3.fc29 URL: https://github.com/cjdelisle/cjdns Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/10117/
cjdns-20.2-2.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-ed28eecbd9
cjdns-20.2-2.fc28 has been pushed to the Fedora 28 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-ed28eecbd9
cjdns-20.2-2.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.