From e8438eb67ab8f44dedadee43a80f5b3bdb0161b2 Mon Sep 17 00:00:00 2001 From: Rosen Penev Date: Sun, 8 Sep 2019 18:39:33 -0700 Subject: [PATCH] transmission: Fix tracker issue with some firewalls Some firewalls mandate a minimum size of 4k for SYN packets, which transmission does not do by default. Upstream issue here: https://github.com/transmission/transmission/issues/964 Cleanup: Fixed license info. Removed two unnecessary patches. Ran shell script through shellcheck. Signed-off-by: Rosen Penev (cherry-picked from 730a1697fed07269a3cca7c90878b50d3ef26465) --- net/transmission/Makefile | 10 ++-- net/transmission/files/transmission.init | 49 ++++++++++--------- net/transmission/files/transmission.sysctl | 4 ++ .../patches/050-https-portcheck.patch | 26 ---------- .../patches/060-fix-tls-verify.patch | 28 ----------- 5 files changed, 34 insertions(+), 83 deletions(-) delete mode 100644 net/transmission/patches/050-https-portcheck.patch delete mode 100644 net/transmission/patches/060-fix-tls-verify.patch diff --git a/net/transmission/Makefile b/net/transmission/Makefile index 917739313d..23efd920b6 100644 --- a/net/transmission/Makefile +++ b/net/transmission/Makefile @@ -9,19 +9,17 @@ include $(TOPDIR)/rules.mk PKG_NAME:=transmission PKG_VERSION:=2.94 -PKG_RELEASE:=5 +PKG_RELEASE:=6 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@GITHUB/transmission/transmission-releases/master PKG_HASH:=35442cc849f91f8df982c3d0d479d650c6ca19310a994eccdaa79a4af3916b7d -PKG_MAINTAINER:=Rosen Penev -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) +PKG_MAINTAINER:=Rosen Penev PKG_LICENSE:=GPL-2.0-or-later PKG_LICENSE_FILES:=COPYING PKG_CPE_ID:=cpe:/a:transmissionbt:transmission -PKG_FIXUP:=autoreconf PKG_INSTALL:=1 PKG_BUILD_PARALLEL:=1 @@ -32,7 +30,7 @@ define Package/transmission/template SECTION:=net CATEGORY:=Network TITLE:=BitTorrent client - URL:=http://www.transmissionbt.com + URL:=https://www.transmissionbt.com DEPENDS:=+libcurl +libevent2 +libminiupnpc +libnatpmp +libpthread +librt +zlib endef @@ -121,7 +119,7 @@ define Package/transmission-daemon-openssl/conffiles endef Package/transmission-daemon-mbedtls/conffiles = $(Package/transmission-daemon-openssl/conffiles) -TARGET_CFLAGS += -flto +TARGET_CFLAGS += -ffunction-sections -fdata-sections -flto TARGET_LDFLAGS += -Wl,--gc-sections -Wl,--as-needed CONFIGURE_ARGS += \ diff --git a/net/transmission/files/transmission.init b/net/transmission/files/transmission.init index 2a25214a7d..900b185d5e 100644 --- a/net/transmission/files/transmission.init +++ b/net/transmission/files/transmission.init @@ -14,8 +14,8 @@ append_params() { IFS="$LIST_SEP" for v in $v; do [ -n "$v" ] && ( - echo "\"$p\": $v," | sed -e 's|_|-|g' >> $config_file - ) + echo "\"$p\": $v," | sed -e 's|_|-|g' + ) >> "$config_file" done unset IFS done @@ -28,9 +28,9 @@ append_params_quotes() { IFS="$LIST_SEP" for v in $v; do [ -n "$v" ] && ( - echo -n "\"$p" | sed -e 's|/|\\/|g;s|_|-|g' >> $config_file; \ - echo "\": \"$v\"," >> $config_file - ) + printf "\"%s" "$p" | sed -e 's|/|\\/|g;s|_|-|g'; \ + echo "\": \"$v\"," + ) >> "$config_file" done unset IFS done @@ -51,7 +51,6 @@ transmission() { local download_dir config_dir local mem_percentage local nice - local cmdline local web_home section_enabled "$section" || return 1 @@ -73,16 +72,16 @@ transmission() { fi config_file="$config_dir/settings.json" - [ -d $config_dir ] || { - mkdir -p $config_dir - chmod 0755 $config_dir - touch $config_file - [ -z "$user" ] || chown -R "$user:$group" $config_dir + [ -d "$config_dir" ] || { + mkdir -p "$config_dir" + chmod 0755 "$config_dir" + touch "$config_file" + [ -z "$user" ] || chown -R "$user:$group" "$config_dir" } [ "$config_overwrite" = 0 ] || { - echo "{" > $config_file + echo "{" > "$config_file" append_params "$cfg" \ alt_speed_down alt_speed_enabled alt_speed_time_begin alt_speed_time_day \ @@ -107,20 +106,24 @@ transmission() { peer_congestion_algorithm peer_socket_tos rpc_bind_address rpc_password rpc_url \ rpc_username rpc_host_whitelist rpc_whitelist script_torrent_done_filename watch_dir - echo "\"invalid-key\": false" >> $config_file - echo "}" >> $config_file - + { + echo "\"invalid-key\": false" + echo "}" + } >> "$config_file" } - cmdline="transmission-daemon -g $config_dir -f" procd_open_instance - procd_set_param command $cmdline - procd_set_param user $user - procd_set_param group $group - procd_set_param nice $nice + procd_set_param command "/usr/bin/transmission-daemon" + procd_append_param -f + procd_append_param --log-error + procd_append_param -g $config_dir + procd_set_param user "$user" + procd_set_param group "$group" + procd_set_param nice "$nice" + procd_set_param stderr 1 procd_set_param respawn retry=60 - if test -z $USE; then + if [ -z "$USE" ]; then procd_set_param limits core="0 0" else procd_set_param limits core="0 0" as="$USE $USE" @@ -132,8 +135,8 @@ transmission() { fi procd_add_jail transmission log - procd_add_jail_mount $config_file - procd_add_jail_mount_rw $download_dir + procd_add_jail_mount "$config_file" + procd_add_jail_mount_rw "$download_dir" procd_close_instance } diff --git a/net/transmission/files/transmission.sysctl b/net/transmission/files/transmission.sysctl index bdf0de2064..7d81b736af 100644 --- a/net/transmission/files/transmission.sysctl +++ b/net/transmission/files/transmission.sysctl @@ -1,2 +1,6 @@ +# Transmission requests large buffers by default net.core.rmem_max = 4194304 net.core.wmem_max = 1048576 + +# Some firewalls block SYN packets that are too small +net.ipv4.tcp_adv_win_scale = 4 diff --git a/net/transmission/patches/050-https-portcheck.patch b/net/transmission/patches/050-https-portcheck.patch deleted file mode 100644 index 73a6c1d56c..0000000000 --- a/net/transmission/patches/050-https-portcheck.patch +++ /dev/null @@ -1,26 +0,0 @@ -From a2991e22434352a3114bf437674070a135b723fd Mon Sep 17 00:00:00 2001 -From: Rosen Penev -Date: Sun, 27 May 2018 13:38:27 -0700 -Subject: [PATCH] portcheck: Switch to HTTPS - -Useful for testing TLS verification. ---- - libtransmission/rpcimpl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/libtransmission/rpcimpl.c b/libtransmission/rpcimpl.c -index 46fd3192c..dcd96df59 100644 ---- a/libtransmission/rpcimpl.c -+++ b/libtransmission/rpcimpl.c -@@ -1455,7 +1455,7 @@ portTest (tr_session * session, - struct tr_rpc_idle_data * idle_data) - { - const int port = tr_sessionGetPeerPort (session); -- char * url = tr_strdup_printf ("http://portcheck.transmissionbt.com/%d", port); -+ char * url = tr_strdup_printf ("https://portcheck.transmissionbt.com/%d", port); - tr_webRun (session, url, portTested, idle_data); - tr_free (url); - return NULL; --- -2.17.0 - diff --git a/net/transmission/patches/060-fix-tls-verify.patch b/net/transmission/patches/060-fix-tls-verify.patch deleted file mode 100644 index 1a9a1207b4..0000000000 --- a/net/transmission/patches/060-fix-tls-verify.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 81d584b9027b2b2ddd3209c1582c9ec73c26cc3e Mon Sep 17 00:00:00 2001 -From: Simon Wells -Date: Sun, 27 May 2018 13:44:41 -0700 -Subject: [PATCH] Change TR_CURL_SSL_VERIFY to TR_CURL_SSL_NO_VERIFY - -use secure by default and change the env var to match curl -k behaviour - -Closes: #179 ---- - libtransmission/web.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/libtransmission/web.c b/libtransmission/web.c -index 997a151b5..ce41e342a 100644 ---- a/libtransmission/web.c -+++ b/libtransmission/web.c -@@ -392,7 +392,7 @@ tr_webThreadFunc (void * vsession) - web->taskLock = tr_lockNew (); - web->tasks = NULL; - web->curl_verbose = tr_env_key_exists ("TR_CURL_VERBOSE"); -- web->curl_ssl_verify = tr_env_key_exists ("TR_CURL_SSL_VERIFY"); -+ web->curl_ssl_verify = !tr_env_key_exists ("TR_CURL_SSL_NO_VERIFY"); - web->curl_ca_bundle = tr_env_get_string ("CURL_CA_BUNDLE", NULL); - if (web->curl_ssl_verify) - { --- -2.17.0 - -- 2.30.2