debian/0000755000000000000000000000000012027024401007156 5ustar debian/curvecpmessage.sgml0000644000000000000000000001531311703032412013062 0ustar manpage.1'. You may view the manual page with: `docbook-to-man manpage.sgml | nroff -man | less'. A typical entry in a Makefile or Makefile.am is: manpage.1: manpage.sgml docbook-to-man $< > $@ The docbook-to-man binary is found in the docbook-to-man package. Please remember that if you create the nroff version in one of the debian/rules file targets (such as build), you will need to include docbook-to-man in your Build-Depends control field. --> Sergiusz"> Pawlowicz"> January 9, 2012"> 1"> debian@pawlowicz.name"> NaCl"> Debian"> ]>
&dhemail;
&dhfirstname; &dhsurname; 2012 &dhusername; &dhdate; &dhucpackage; &dhsection; &dhpackage; Message-handling programs curvecpmessage prog DESCRIPTION This manual page documents briefly the &dhpackage; commands. A traditional UNIX-style server such as ftpd handles just one network connection, reading input from stdin and writing output to stdout. A "superserver" such as inetd or tcpserver listens for network connections and starts a separate server process for each connection. The &dhpackage; command-line tools have an extra level of modularity. The curvecpserver superserver listens for network connections. For each connection, curvecpserver starts the curvecpmessage message handler; curvecpmessage then starts a server such as ftpd. Then ftpd sends a stream of data to curvecpmessage, which in turn sends messages to curvecpserver, which encrypts and authenticates the messages and sends them inside network packets. At the same time curvecpclient receives network packets, verifies and decrypts messages inside the packets, and passes the messages to curvecpmessage; curvecpmessage sends a stream of data to ftpd. The same curvecpmessage tool is also used by curvecpclient. curvecpserver and curvecpclient can use programs other than curvecpmessage. Those programs can directly generate messages in the CurveCP message format without talking to separate tools such as ftpd; or they can support a completely different protocol that reuses CurveCP's cryptographic layer but transmits different kinds of messages. OPTIONS How to use curvecpmessage: no error messages print error messages (default) print extra information program is a client; server starts first program is a client that starts first program is a server (default) run this server SEE ALSO curvecpserver (1), curvecpclient (1), inetd (8), tcpserver (1). AUTHOR This manual page was written by &dhusername; &dhemail; for the &debian; system (and may be used by others). The source of this page is a webpage http://curvecp.org/messageapi.html . Permission is granted to copy, distribute and/or modify this document under public domain. This manual page was rewritten for the &debian; distribution because the original program does not have a manual page. debian/nacl-tools.manpages0000644000000000000000000000024111702723010012744 0ustar debian/nacl-sha256.1 debian/nacl-sha512.1 debian/curvecpclient.1 debian/curvecpserver.1 debian/curvecpmessage.1 debian/curvecpprintkey.1 debian/curvecpmakekey.1 debian/copyright0000644000000000000000000000220611702500054011113 0ustar Format: http://dep.debian.net/deps/dep5 Upstream-Name: nacl Source: http://nacl.cace-project.eu/ Files: * Copyright: 2008-2011, Daniel J. Bernstein (University of Illinois at Chicago) License: All of the NaCl software is in the public domain, see more at: http://nacl.cace-project.eu/features.html Files: debian/* Copyright: 2012, Sergiusz Pawlowicz License: GPL-2+ This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. . This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. . You should have received a copy of the GNU General Public License along with this program. If not, see . On Debian systems, the complete text of the GNU General Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". debian/curvecpmessage.10000644000000000000000000000573711704167575012315 0ustar .TH "NaCl" "1" .SH "NAME" CurveCP \(em Message-handling programs .SH "SYNOPSIS" .PP \fBcurvecpmessage\fR [\fB-q \fI(optional)\fR\fP] [\fB-Q \fI(optional)\fR\fP] [\fB-v \fI(optional)\fR\fP] [\fB-c \fI(optional)\fR\fP] [\fB-C \fI(optional)\fR\fP] [\fB-s \fI(optional)\fR\fP] [prog] .SH "DESCRIPTION" .PP This manual page documents briefly the \fBCurveCP\fR commands. .PP A traditional UNIX-style server such as ftpd handles just one network connection, reading input from stdin and writing output to stdout. A "superserver" such as inetd or tcpserver listens for network connections and starts a separate server process for each connection. .PP The \fBCurveCP\fR command-line tools have an extra level of modularity. The \fBcurvecpserver\fR superserver listens for network connections. For each connection, \fBcurvecpserver\fR starts the \fBcurvecpmessage\fR message handler; \fBcurvecpmessage\fR then starts a server such as ftpd. Then ftpd sends a stream of data to \fBcurvecpmessage\fR, which in turn sends messages to \fBcurvecpserver\fR, which encrypts and authenticates the messages and sends them inside network packets. At the same time \fBcurvecpclient\fR receives network packets, verifies and decrypts messages inside the packets, and passes the messages to \fBcurvecpmessage\fR; \fBcurvecpmessage\fR sends a stream of data to ftpd. The same curvecpmessage tool is also used by \fBcurvecpclient\fR. .PP \fBcurvecpserver\fR and \fBcurvecpclient\fR can use programs other than \fBcurvecpmessage\fR. Those programs can directly generate messages in the CurveCP message format without talking to separate tools such as ftpd; or they can support a completely different protocol that reuses CurveCP's cryptographic layer but transmits different kinds of messages. .SH "OPTIONS" .PP How to use \fBcurvecpmessage\fR: .IP "\fB-q\fP \fBoptional\fP " 10 no error messages .IP "\fB-Q\fP \fBoptional\fP " 10 print error messages (default) .IP "\fB-v\fP \fBoptional\fP " 10 print extra information .IP "\fB-c\fP \fBoptional\fP " 10 program is a client; server starts first .IP "\fB-C\fP \fBoptional\fP " 10 program is a client that starts first .IP "\fB-s\fP \fBoptional\fP " 10 program is a server (default) .IP "\fBprog\fP " 10 run this server .SH "SEE ALSO" .PP curvecpserver (1), curvecpclient (1), inetd (8), tcpserver (1). .SH "AUTHOR" .PP This manual page was written by Sergiusz Pawlowicz debian@pawlowicz.name for the \fBDebian\fP system (and may be used by others). The source of this page is a webpage http://curvecp.org/messageapi.html . Permission is granted to copy, distribute and/or modify this document under public domain. .PP This manual page was rewritten for the \fBDebian\fP distribution because the original program does not have a manual page. .\" created by instant / docbook-to-man, Sat 14 Jan 2012, 02:59 debian/nacl-sha256.10000644000000000000000000000230411704167575011207 0ustar .TH "NaCl" "1" .SH "NAME" nacl-sha256 \(em program to calculate the sha256 hash .SH "SYNOPSIS" .PP \fBnacl-sha256\fR .SH "DESCRIPTION" .PP This manual page documents briefly the \fBnacl-sha256\fR command. .PP This manual page was written for the \fBDebian\fP distribution because the original program does not have a manual page. Instead, it has documentation in the GNU. .PP \fBnacl-sha256\fR is a program that uses NaCl to calculate the sha256 hash of the first 4096 bytes of input. .SH "OPTIONS" .PP These program expects input on standard input and prints the sha256 hash of the first 4096 bytes on standard output. .SH "SEE ALSO" .PP nacl-sha512 (1). .SH "AUTHOR" .PP This manual page was written by Sergiusz Pawlowicz debian@pawlowicz.name for the \fBDebian\fP system (and may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 any later version published by the Free Software Foundation. .PP On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL. .\" created by instant / docbook-to-man, Sat 14 Jan 2012, 02:59 debian/nacl-sha512.10000644000000000000000000000230411704167575011202 0ustar .TH "NaCl" "1" .SH "NAME" nacl-sha512 \(em program to calculate the sha512 hash .SH "SYNOPSIS" .PP \fBnacl-sha512\fR .SH "DESCRIPTION" .PP This manual page documents briefly the \fBnacl-sha512\fR command. .PP This manual page was written for the \fBDebian\fP distribution because the original program does not have a manual page. Instead, it has documentation in the GNU. .PP \fBnacl-sha512\fR is a program that uses NaCl to calculate the sha512 hash of the first 4096 bytes of input. .SH "OPTIONS" .PP These program expects input on standard input and prints the sha512 hash of the first 4096 bytes on standard output. .SH "SEE ALSO" .PP nacl-sha256 (1). .SH "AUTHOR" .PP This manual page was written by Sergiusz Pawlowicz debian@pawlowicz.name for the \fBDebian\fP system (and may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 any later version published by the Free Software Foundation. .PP On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL. .\" created by instant / docbook-to-man, Sat 14 Jan 2012, 02:59 debian/nacl-sha512.sgml0000644000000000000000000000722011703032457011773 0ustar manpage.1'. You may view the manual page with: `docbook-to-man manpage.sgml | nroff -man | less'. A typical entry in a Makefile or Makefile.am is: manpage.1: manpage.sgml docbook-to-man $< > $@ The docbook-to-man binary is found in the docbook-to-man package. Please remember that if you create the nroff version in one of the debian/rules file targets (such as build), you will need to include docbook-to-man in your Build-Depends control field. --> Sergiusz"> Pawlowicz"> January 9, 2012"> 1"> debian@pawlowicz.name"> NaCl"> Debian"> GNU"> GPL"> ]>
&dhemail;
&dhfirstname; &dhsurname; 2012 &dhusername; &dhdate; &dhucpackage; &dhsection; &dhpackage; program to calculate the sha512 hash &dhpackage; DESCRIPTION This manual page documents briefly the &dhpackage; command. This manual page was written for the &debian; distribution because the original program does not have a manual page. Instead, it has documentation in the &gnu;. &dhpackage; is a program that uses NaCl to calculate the sha512 hash of the first 4096 bytes of input. OPTIONS These program expects input on standard input and prints the sha512 hash of the first 4096 bytes on standard output. SEE ALSO nacl-sha256 (1). AUTHOR This manual page was written by &dhusername; &dhemail; for the &debian; system (and may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the &gnu; General Public License, Version 2 any later version published by the Free Software Foundation. On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL. debian/curvecpclient.10000644000000000000000000001127411704167575012140 0ustar .TH "NaCl" "1" .SH "NAME" CurveCP \(em Message-handling programs .SH "SYNOPSIS" .PP \fBcurvecpclient\fR [\fB-q \fI(optional)\fR\fP] [\fB-Q \fI(optional)\fR\fP] [\fB-v \fI(optional)\fR\fP] [\fB-c keydir\fI(optional)\fR\fP] [sname] [pk] [ip] [port] [ext] [prog] .SH "DESCRIPTION" .PP This manual page documents briefly the \fBCurveCP\fR commands. .PP A traditional UNIX-style server such as ftpd handles just one network connection, reading input from stdin and writing output to stdout. A "superserver" such as inetd or tcpserver listens for network connections and starts a separate server process for each connection. .PP The \fBCurveCP\fR command-line tools have an extra level of modularity. The \fBcurvecpserver\fR superserver listens for network connections. For each connection, \fBcurvecpserver\fR starts the \fBcurvecpmessage\fR message handler; \fBcurvecpmessage\fR then starts a server such as ftpd. Then ftpd sends a stream of data to \fBcurvecpmessage\fR, which in turn sends messages to \fBcurvecpserver\fR, which encrypts and authenticates the messages and sends them inside network packets. At the same time \fBcurvecpclient\fR receives network packets, verifies and decrypts messages inside the packets, and passes the messages to \fBcurvecpmessage\fR; \fBcurvecpmessage\fR sends a stream of data to ftpd. The same curvecpmessage tool is also used by \fBcurvecpclient\fR. .PP \fBcurvecpserver\fR and \fBcurvecpclient\fR can use programs other than \fBcurvecpmessage\fR. Those programs can directly generate messages in the CurveCP message format without talking to separate tools such as ftpd; or they can support a completely different protocol that reuses CurveCP's cryptographic layer but transmits different kinds of messages. .PP This page explains what programmers have to do to write \fBcurvecpmessage\fR replacements that talk to \fBcurvecpserver\fR and \fBcurvecpclient.\fR .SH "Incoming messagess" .PP File descriptor 8 is a pipe. Read from this pipe a length byte n, between 1 and 68, and a 16*n-byte message. Repeat. The pipe is set to non-blocking mode; be prepared for EAGAIN and EWOULDBLOCK, even in the middle of a message. .PP This pipe reading must always be active. The \fBcurvecpclient\fR and \fBcurvecpserver\fR programs assume that every message is read immediately. If you can't handle a message immediately, read it and put it onto a queue. If you don't have queue space, throw the message away; this shouldn't cause trouble, since you have to be able to handle missing messages in any case. .SH "Outgoing messagess" .PP File descriptor 9 is a pipe. Write to this pipe a length byte n, between 1 and 68, and a 16*n-byte message. Repeat. The pipe is set to non-blocking mode; be prepared for EAGAIN and EWOULDBLOCK, even in the middle of a message. .PP As a client, do not use length bytes above 40 until a message has arrived from the server. (The messages inside CurveCP Initiate packets are limited to 640 bytes.) .PP The CurveCP server does not start until it has received a message from the client. Furthermore, the CurveCP server must receive this message within 60 seconds of the client starting up. (The CurveCP Initiate packet is valid for only 60 seconds after the corresponding CurveCP Cookie packet.) This does not mean that the client must start sending messages immediately, but it does mean that waiting for more than a second to send a message is a bad idea. .SH "OPTIONS" .PP How to use \fBcurvecpclient\fR: .IP "\fB-q\fP \fBoptional\fP " 10 no error messages .IP "\fB-Q\fP \fBoptional\fP " 10 print error messages (default) .IP "\fB-v\fP \fBoptional\fP " 10 print extra information .IP "\fB-c keydir\fP \fBoptional\fP " 10 use this public-key directory .IP "\fBsname\fP " 10 server's name .IP "\fBpk\fP " 10 server's public key .IP "\fBip\fP " 10 server's IP address .IP "\fBport\fP " 10 server's UDP port .IP "\fBext\fP " 10 server's extension .IP "\fBprog\fP " 10 run this client .SH "SEE ALSO" .PP curvecpserver (1), curvecpmessage (1), inetd (8), tcpserver (1). .SH "AUTHOR" .PP This manual page was written by Sergiusz Pawlowicz debian@pawlowicz.name for the \fBDebian\fP system (and may be used by others). The source of this page is a webpage http://curvecp.org/messageapi.html . Permission is granted to copy, distribute and/or modify this document under public domain. .PP This manual page was rewritten for the \fBDebian\fP distribution because the original program does not have a manual page. .\" created by instant / docbook-to-man, Sat 14 Jan 2012, 02:59 debian/nacl-tools.install0000644000000000000000000000001611702632536012633 0ustar bin/* usr/bin debian/changelog0000644000000000000000000000220012027024400011021 0ustar nacl (20110221-4.1) unstable; urgency=low * Modify the build system to echo stuff to standard output during the build rather than only at the end. Hopefully this should prevent the timeout on mips. * Add some tests for the state of /sys before starting the build to help debug failures related to being unable to determine CPU frequency -- Peter Michael Green Fri, 21 Sep 2012 08:43:21 +0000 nacl (20110221-4) unstable; urgency=low * Move to unstable. -- Bartosz Fenski Thu, 5 Apr 2012 09:23:19 +0200 nacl (20110221-3) experimental; urgency=low * Remove superflous compiler flags not available on all archs. -- Bartosz Fenski Fri, 27 Jan 2012 10:04:19 +0100 nacl (20110221-2) experimental; urgency=low * Added verbosity to the build process, it will help debugging on builders. -- Sergiusz Pawlowicz Sat, 14 Jan 2012 03:05:09 +0000 nacl (20110221-1) experimental; urgency=low * 20110221 NaCl package prepared from scratch (Closes: #655187) -- Sergiusz Pawlowicz Tue, 11 Jan 2012 01:11:12 +0000 debian/source/0000755000000000000000000000000011702460657010476 5ustar debian/source/format0000644000000000000000000000001411702460657011704 0ustar 3.0 (quilt) debian/curvecpmakekey.sgml0000644000000000000000000000767711703032367013113 0ustar manpage.1'. You may view the manual page with: `docbook-to-man manpage.sgml | nroff -man | less'. A typical entry in a Makefile or Makefile.am is: manpage.1: manpage.sgml docbook-to-man $< > $@ The docbook-to-man binary is found in the docbook-to-man package. Please remember that if you create the nroff version in one of the debian/rules file targets (such as build), you will need to include docbook-to-man in your Build-Depends control field. --> Sergiusz"> Pawlowicz"> January 9, 2012"> 1"> debian@pawlowicz.name"> NaCl"> Debian"> ]>
&dhemail;
&dhfirstname; &dhsurname; 2012 &dhusername; &dhdate; &dhucpackage; &dhsection; &dhpackage; Message-handling programs curvecpmakekey DESCRIPTION This manual page documents briefly the &dhpackage; commands. A traditional UNIX-style server such as ftpd handles just one network connection, reading input from stdin and writing output to stdout. A "superserver" such as inetd or tcpserver listens for network connections and starts a separate server process for each connection. curvecpmakekey creates keys needed for curvecpclient can use programs other than curvecpserver. OPTIONS How to use curvecpmakekey: a directory where &dhpackage; keys are going to be created. The direcoty must not exists before keys creation. SEE ALSO curvecpserver (1), curvecpclient (1), curvecpprintkey (1), inetd (8), tcpserver (1). AUTHOR This manual page was written by &dhusername; &dhemail; for the &debian; system (and may be used by others). The source of this page is a webpage http://curvecp.org/ . Permission is granted to copy, distribute and/or modify this document under public domain. This manual page was rewritten for the &debian; distribution because the original program does not have a manual page. debian/README.Debian0000644000000000000000000000025711702724711011235 0ustar More about NaCl and CurveCP projects: * http://nacl.cace-project.eu/ * http://curvecp.org/ -- Sergiusz Pawlowicz Tue, 10 Jan 2012 02:21:38 +0000 debian/curvecpserver.sgml0000644000000000000000000002172611703032441012753 0ustar manpage.1'. You may view the manual page with: `docbook-to-man manpage.sgml | nroff -man | less'. A typical entry in a Makefile or Makefile.am is: manpage.1: manpage.sgml docbook-to-man $< > $@ The docbook-to-man binary is found in the docbook-to-man package. Please remember that if you create the nroff version in one of the debian/rules file targets (such as build), you will need to include docbook-to-man in your Build-Depends control field. --> Sergiusz"> Pawlowicz"> January 9, 2012"> 1"> debian@pawlowicz.name"> NaCl"> Debian"> ]>
&dhemail;
&dhfirstname; &dhsurname; 2012 &dhusername; &dhdate; &dhucpackage; &dhsection; &dhpackage; Message-handling programs curvecpserver sname keydir ip port ext prog DESCRIPTION This manual page documents briefly the &dhpackage; commands. A traditional UNIX-style server such as ftpd handles just one network connection, reading input from stdin and writing output to stdout. A "superserver" such as inetd or tcpserver listens for network connections and starts a separate server process for each connection. The &dhpackage; command-line tools have an extra level of modularity. The curvecpserver superserver listens for network connections. For each connection, curvecpserver starts the curvecpmessage message handler; curvecpmessage then starts a server such as ftpd. Then ftpd sends a stream of data to curvecpmessage, which in turn sends messages to curvecpserver, which encrypts and authenticates the messages and sends them inside network packets. At the same time curvecpclient receives network packets, verifies and decrypts messages inside the packets, and passes the messages to curvecpmessage; curvecpmessage sends a stream of data to ftpd. The same curvecpmessage tool is also used by curvecpclient. curvecpserver and curvecpclient can use programs other than curvecpmessage. Those programs can directly generate messages in the CurveCP message format without talking to separate tools such as ftpd; or they can support a completely different protocol that reuses CurveCP's cryptographic layer but transmits different kinds of messages. This page explains what programmers have to do to write curvecpmessage replacements that talk to curvecpserver and curvecpclient. Incoming messagess File descriptor 8 is a pipe. Read from this pipe a length byte n, between 1 and 68, and a 16*n-byte message. Repeat. The pipe is set to non-blocking mode; be prepared for EAGAIN and EWOULDBLOCK, even in the middle of a message. This pipe reading must always be active. The curvecpclient and curvecpserver programs assume that every message is read immediately. If you can't handle a message immediately, read it and put it onto a queue. If you don't have queue space, throw the message away; this shouldn't cause trouble, since you have to be able to handle missing messages in any case. Outgoing messagess File descriptor 9 is a pipe. Write to this pipe a length byte n, between 1 and 68, and a 16*n-byte message. Repeat. The pipe is set to non-blocking mode; be prepared for EAGAIN and EWOULDBLOCK, even in the middle of a message. As a client, do not use length bytes above 40 until a message has arrived from the server. (The messages inside CurveCP Initiate packets are limited to 640 bytes.) The CurveCP server does not start until it has received a message from the client. Furthermore, the CurveCP server must receive this message within 60 seconds of the client starting up. (The CurveCP Initiate packet is valid for only 60 seconds after the corresponding CurveCP Cookie packet.) This does not mean that the client must start sending messages immediately, but it does mean that waiting for more than a second to send a message is a bad idea. OPTIONS How to use curvecpserver: no error messages print error messages (default) print extra information allow at most n clients at once (default 100) server's name use this public-key directory server's IP address server's UDP port server's extension run this server SEE ALSO curvecpmessage (1), curvecpclient (1), inetd (8), tcpserver (1). AUTHOR This manual page was written by &dhusername; &dhemail; for the &debian; system (and may be used by others). The source of this page is a webpage http://curvecp.org/messageapi.html . Permission is granted to copy, distribute and/or modify this document under public domain. This manual page was rewritten for the &debian; distribution because the original program does not have a manual page. debian/nacl-sha256.sgml0000644000000000000000000000722011702706054012000 0ustar manpage.1'. You may view the manual page with: `docbook-to-man manpage.sgml | nroff -man | less'. A typical entry in a Makefile or Makefile.am is: manpage.1: manpage.sgml docbook-to-man $< > $@ The docbook-to-man binary is found in the docbook-to-man package. Please remember that if you create the nroff version in one of the debian/rules file targets (such as build), you will need to include docbook-to-man in your Build-Depends control field. --> Sergiusz"> Pawlowicz"> January 9, 2012"> 1"> debian@pawlowicz.name"> NaCl"> Debian"> GNU"> GPL"> ]>
&dhemail;
&dhfirstname; &dhsurname; 2012 &dhusername; &dhdate; &dhucpackage; &dhsection; &dhpackage; program to calculate the sha256 hash &dhpackage; DESCRIPTION This manual page documents briefly the &dhpackage; command. This manual page was written for the &debian; distribution because the original program does not have a manual page. Instead, it has documentation in the &gnu;. &dhpackage; is a program that uses NaCl to calculate the sha256 hash of the first 4096 bytes of input. OPTIONS These program expects input on standard input and prints the sha256 hash of the first 4096 bytes on standard output. SEE ALSO nacl-sha512 (1). AUTHOR This manual page was written by &dhusername; &dhemail; for the &debian; system (and may be used by others). Permission is granted to copy, distribute and/or modify this document under the terms of the &gnu; General Public License, Version 2 any later version published by the Free Software Foundation. On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL. debian/control0000644000000000000000000000223611703032105010564 0ustar Source: nacl Maintainer: Sergiusz Pawlowicz Priority: extra Standards-Version: 3.9.2.0 Section: libs Homepage: http://nacl.cace-project.eu/ Build-Depends: debhelper (>= 7.3.8), docbook-to-man Package: nacl-tools Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Description: NaCl and CurveCP tools NaCl (pronounced "salt") is a new easy-to-use high-speed software library for network communication, encryption, decryption, signatures, etc. NaCl's goal is to provide all of the core operations needed to build higher-level cryptographic tools. Tools include basic programs to deploy CurveCP message-handling. Package: libnacl-dev Section: libdevel Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Description: High-speed software library for network communication NaCl (pronounced "salt") is a new easy-to-use high-speed software library for network communication, encryption, decryption, signatures, etc. NaCl's goal is to provide all of the core operations needed to build higher-level cryptographic tools. This package contains header and library files needed for software development that makes use of NaCl. debian/curvecpserver.10000644000000000000000000001132411704167575012164 0ustar .TH "NaCl" "1" .SH "NAME" CurveCP \(em Message-handling programs .SH "SYNOPSIS" .PP \fBcurvecpserver\fR [\fB-q \fI(optional)\fR\fP] [\fB-Q \fI(optional)\fR\fP] [\fB-v \fI(optional)\fR\fP] [\fB-c n\fI(optional)\fR\fP] [sname] [keydir] [ip] [port] [ext] [prog] .SH "DESCRIPTION" .PP This manual page documents briefly the \fBCurveCP\fR commands. .PP A traditional UNIX-style server such as ftpd handles just one network connection, reading input from stdin and writing output to stdout. A "superserver" such as inetd or tcpserver listens for network connections and starts a separate server process for each connection. .PP The \fBCurveCP\fR command-line tools have an extra level of modularity. The \fBcurvecpserver\fR superserver listens for network connections. For each connection, \fBcurvecpserver\fR starts the \fBcurvecpmessage\fR message handler; \fBcurvecpmessage\fR then starts a server such as ftpd. Then ftpd sends a stream of data to \fBcurvecpmessage\fR, which in turn sends messages to \fBcurvecpserver\fR, which encrypts and authenticates the messages and sends them inside network packets. At the same time \fBcurvecpclient\fR receives network packets, verifies and decrypts messages inside the packets, and passes the messages to \fBcurvecpmessage\fR; \fBcurvecpmessage\fR sends a stream of data to ftpd. The same curvecpmessage tool is also used by \fBcurvecpclient\fR. .PP \fBcurvecpserver\fR and \fBcurvecpclient\fR can use programs other than \fBcurvecpmessage\fR. Those programs can directly generate messages in the CurveCP message format without talking to separate tools such as ftpd; or they can support a completely different protocol that reuses CurveCP's cryptographic layer but transmits different kinds of messages. .PP This page explains what programmers have to do to write \fBcurvecpmessage\fR replacements that talk to \fBcurvecpserver\fR and \fBcurvecpclient.\fR .SH "Incoming messagess" .PP File descriptor 8 is a pipe. Read from this pipe a length byte n, between 1 and 68, and a 16*n-byte message. Repeat. The pipe is set to non-blocking mode; be prepared for EAGAIN and EWOULDBLOCK, even in the middle of a message. .PP This pipe reading must always be active. The \fBcurvecpclient\fR and \fBcurvecpserver\fR programs assume that every message is read immediately. If you can't handle a message immediately, read it and put it onto a queue. If you don't have queue space, throw the message away; this shouldn't cause trouble, since you have to be able to handle missing messages in any case. .SH "Outgoing messagess" .PP File descriptor 9 is a pipe. Write to this pipe a length byte n, between 1 and 68, and a 16*n-byte message. Repeat. The pipe is set to non-blocking mode; be prepared for EAGAIN and EWOULDBLOCK, even in the middle of a message. .PP As a client, do not use length bytes above 40 until a message has arrived from the server. (The messages inside CurveCP Initiate packets are limited to 640 bytes.) .PP The CurveCP server does not start until it has received a message from the client. Furthermore, the CurveCP server must receive this message within 60 seconds of the client starting up. (The CurveCP Initiate packet is valid for only 60 seconds after the corresponding CurveCP Cookie packet.) This does not mean that the client must start sending messages immediately, but it does mean that waiting for more than a second to send a message is a bad idea. .SH "OPTIONS" .PP How to use \fBcurvecpserver\fR: .IP "\fB-q\fP \fBoptional\fP " 10 no error messages .IP "\fB-Q\fP \fBoptional\fP " 10 print error messages (default) .IP "\fB-v\fP \fBoptional\fP " 10 print extra information .IP "\fB-c n\fP \fBoptional\fP " 10 allow at most n clients at once (default 100) .IP "\fBsname\fP " 10 server's name .IP "\fBkeydir\fP " 10 use this public-key directory .IP "\fBip\fP " 10 server's IP address .IP "\fBport\fP " 10 server's UDP port .IP "\fBext\fP " 10 server's extension .IP "\fBprog\fP " 10 run this server .SH "SEE ALSO" .PP curvecpmessage (1), curvecpclient (1), inetd (8), tcpserver (1). .SH "AUTHOR" .PP This manual page was written by Sergiusz Pawlowicz debian@pawlowicz.name for the \fBDebian\fP system (and may be used by others). The source of this page is a webpage http://curvecp.org/messageapi.html . Permission is granted to copy, distribute and/or modify this document under public domain. .PP This manual page was rewritten for the \fBDebian\fP distribution because the original program does not have a manual page. .\" created by instant / docbook-to-man, Sat 14 Jan 2012, 02:59 debian/curvecpprintkey.sgml0000644000000000000000000000771511703032430013312 0ustar manpage.1'. You may view the manual page with: `docbook-to-man manpage.sgml | nroff -man | less'. A typical entry in a Makefile or Makefile.am is: manpage.1: manpage.sgml docbook-to-man $< > $@ The docbook-to-man binary is found in the docbook-to-man package. Please remember that if you create the nroff version in one of the debian/rules file targets (such as build), you will need to include docbook-to-man in your Build-Depends control field. --> Sergiusz"> Pawlowicz"> January 9, 2012"> 1"> debian@pawlowicz.name"> NaCl"> Debian"> ]>
&dhemail;
&dhfirstname; &dhsurname; 2012 &dhusername; &dhdate; &dhucpackage; &dhsection; &dhpackage; Message-handling programs curvecpmakekey DESCRIPTION This manual page documents briefly the &dhpackage; commands. A traditional UNIX-style server such as ftpd handles just one network connection, reading input from stdin and writing output to stdout. A "superserver" such as inetd or tcpserver listens for network connections and starts a separate server process for each connection. curvecpprintkey prints ascii version of binary keys needed for curvecpclient and curvecpserver and created using curvecpmakekey command before. OPTIONS How to use curvecpprintkey: a directory where &dhpackage; binary keys were created. SEE ALSO curvecpserver (1), curvecpclient (1), curvecpmakekey (1), inetd (8), tcpserver (1). AUTHOR This manual page was written by &dhusername; &dhemail; for the &debian; system (and may be used by others). The source of this page is a webpage http://curvecp.org/ . Permission is granted to copy, distribute and/or modify this document under public domain. This manual page was rewritten for the &debian; distribution because the original program does not have a manual page. debian/compat0000644000000000000000000000000211702454433010367 0ustar 7 debian/curvecpmakekey.10000644000000000000000000000263011704167575012304 0ustar .TH "NaCl" "1" .SH "NAME" CurveCP \(em Message-handling programs .SH "SYNOPSIS" .PP \fBcurvecpmakekey\fR [\fBkeydir\fP] .SH "DESCRIPTION" .PP This manual page documents briefly the \fBCurveCP\fR commands. .PP A traditional UNIX-style server such as ftpd handles just one network connection, reading input from stdin and writing output to stdout. A "superserver" such as inetd or tcpserver listens for network connections and starts a separate server process for each connection. .PP \fBcurvecpmakekey\fR creates keys needed for \fBcurvecpclient\fR can use programs other than \fBcurvecpserver\fR. .SH "OPTIONS" .PP How to use \fBcurvecpmakekey\fR: .IP "\fBkeydir\fP " 10 a directory where \fBCurveCP\fR keys are going to be created. The direcoty must not exists before keys creation. .SH "SEE ALSO" .PP curvecpserver (1), curvecpclient (1), curvecpprintkey (1), inetd (8), tcpserver (1). .SH "AUTHOR" .PP This manual page was written by Sergiusz Pawlowicz debian@pawlowicz.name for the \fBDebian\fP system (and may be used by others). The source of this page is a webpage http://curvecp.org/ . Permission is granted to copy, distribute and/or modify this document under public domain. .PP This manual page was rewritten for the \fBDebian\fP distribution because the original program does not have a manual page. .\" created by instant / docbook-to-man, Sat 14 Jan 2012, 02:59 debian/curvecpclient.sgml0000644000000000000000000002167211703032347012730 0ustar manpage.1'. You may view the manual page with: `docbook-to-man manpage.sgml | nroff -man | less'. A typical entry in a Makefile or Makefile.am is: manpage.1: manpage.sgml docbook-to-man $< > $@ The docbook-to-man binary is found in the docbook-to-man package. Please remember that if you create the nroff version in one of the debian/rules file targets (such as build), you will need to include docbook-to-man in your Build-Depends control field. --> Sergiusz"> Pawlowicz"> January 9, 2012"> 1"> debian@pawlowicz.name"> NaCl"> Debian"> ]>
&dhemail;
&dhfirstname; &dhsurname; 2012 &dhusername; &dhdate; &dhucpackage; &dhsection; &dhpackage; Message-handling programs curvecpclient sname pk ip port ext prog DESCRIPTION This manual page documents briefly the &dhpackage; commands. A traditional UNIX-style server such as ftpd handles just one network connection, reading input from stdin and writing output to stdout. A "superserver" such as inetd or tcpserver listens for network connections and starts a separate server process for each connection. The &dhpackage; command-line tools have an extra level of modularity. The curvecpserver superserver listens for network connections. For each connection, curvecpserver starts the curvecpmessage message handler; curvecpmessage then starts a server such as ftpd. Then ftpd sends a stream of data to curvecpmessage, which in turn sends messages to curvecpserver, which encrypts and authenticates the messages and sends them inside network packets. At the same time curvecpclient receives network packets, verifies and decrypts messages inside the packets, and passes the messages to curvecpmessage; curvecpmessage sends a stream of data to ftpd. The same curvecpmessage tool is also used by curvecpclient. curvecpserver and curvecpclient can use programs other than curvecpmessage. Those programs can directly generate messages in the CurveCP message format without talking to separate tools such as ftpd; or they can support a completely different protocol that reuses CurveCP's cryptographic layer but transmits different kinds of messages. This page explains what programmers have to do to write curvecpmessage replacements that talk to curvecpserver and curvecpclient. Incoming messagess File descriptor 8 is a pipe. Read from this pipe a length byte n, between 1 and 68, and a 16*n-byte message. Repeat. The pipe is set to non-blocking mode; be prepared for EAGAIN and EWOULDBLOCK, even in the middle of a message. This pipe reading must always be active. The curvecpclient and curvecpserver programs assume that every message is read immediately. If you can't handle a message immediately, read it and put it onto a queue. If you don't have queue space, throw the message away; this shouldn't cause trouble, since you have to be able to handle missing messages in any case. Outgoing messagess File descriptor 9 is a pipe. Write to this pipe a length byte n, between 1 and 68, and a 16*n-byte message. Repeat. The pipe is set to non-blocking mode; be prepared for EAGAIN and EWOULDBLOCK, even in the middle of a message. As a client, do not use length bytes above 40 until a message has arrived from the server. (The messages inside CurveCP Initiate packets are limited to 640 bytes.) The CurveCP server does not start until it has received a message from the client. Furthermore, the CurveCP server must receive this message within 60 seconds of the client starting up. (The CurveCP Initiate packet is valid for only 60 seconds after the corresponding CurveCP Cookie packet.) This does not mean that the client must start sending messages immediately, but it does mean that waiting for more than a second to send a message is a bad idea. OPTIONS How to use curvecpclient: no error messages print error messages (default) print extra information use this public-key directory server's name server's public key server's IP address server's UDP port server's extension run this client SEE ALSO curvecpserver (1), curvecpmessage (1), inetd (8), tcpserver (1). AUTHOR This manual page was written by &dhusername; &dhemail; for the &debian; system (and may be used by others). The source of this page is a webpage http://curvecp.org/messageapi.html . Permission is granted to copy, distribute and/or modify this document under public domain. This manual page was rewritten for the &debian; distribution because the original program does not have a manual page. debian/curvecpprintkey.10000644000000000000000000000262711704167576012532 0ustar .TH "NaCl" "1" .SH "NAME" CurveCP \(em Message-handling programs .SH "SYNOPSIS" .PP \fBcurvecpmakekey\fR [\fBkeydir\fP] .SH "DESCRIPTION" .PP This manual page documents briefly the \fBCurveCP\fR commands. .PP A traditional UNIX-style server such as ftpd handles just one network connection, reading input from stdin and writing output to stdout. A "superserver" such as inetd or tcpserver listens for network connections and starts a separate server process for each connection. .PP \fBcurvecpprintkey\fR prints ascii version of binary keys needed for \fBcurvecpclient\fR and \fBcurvecpserver\fR and created using \fBcurvecpmakekey\fR command before. .SH "OPTIONS" .PP How to use \fBcurvecpprintkey\fR: .IP "\fBkeydir\fP " 10 a directory where \fBCurveCP\fR binary keys were created. .SH "SEE ALSO" .PP curvecpserver (1), curvecpclient (1), curvecpmakekey (1), inetd (8), tcpserver (1). .SH "AUTHOR" .PP This manual page was written by Sergiusz Pawlowicz debian@pawlowicz.name for the \fBDebian\fP system (and may be used by others). The source of this page is a webpage http://curvecp.org/ . Permission is granted to copy, distribute and/or modify this document under public domain. .PP This manual page was rewritten for the \fBDebian\fP distribution because the original program does not have a manual page. .\" created by instant / docbook-to-man, Sat 14 Jan 2012, 02:59 debian/watch0000644000000000000000000000032111702675012010214 0ustar # watch cannot be deployed: # # uscan warning: In watchfile debian/watch, reading webpage # http://hyperelliptic.org/nacl/ failed: 403 Forbidden # #version=3 #http://hyperelliptic.org/nacl/nacl-(.+)\.tar\.bz2 debian/patches/0000755000000000000000000000000012027024677010624 5ustar debian/patches/fix-build-hostname.patch0000644000000000000000000000051511702501073015332 0ustar A hostname should be fixed to allow easier build process. by Sergiusz Pawlowicz --- a/do +++ b/do @@ -6,7 +6,7 @@ version=`cat version` project=nacl -shorthostname=`hostname | sed 's/\..*//' | tr -cd '[a-z][A-Z][0-9]'` +shorthostname="debianbuildhost" top="`pwd`/build/$shorthostname" bin="$top/bin" debian/patches/compiler_flags0000644000000000000000000000266111710473101013526 0ustar Description: remove superfluous compiler flags Since we build on target architecture we don't need -m32/-m64 feature of gcc compiler, especially since it isn't supported on all archs. Author: Bartosz Fenski Forwarded: not-needed --- nacl-20110221.orig/okcompilers/c +++ nacl-20110221/okcompilers/c @@ -1,8 +1,5 @@ -gcc -m64 -O3 -fomit-frame-pointer -funroll-loops -gcc -m64 -O -fomit-frame-pointer -gcc -m64 -fomit-frame-pointer -gcc -m32 -O3 -fomit-frame-pointer -funroll-loops -gcc -m32 -O -fomit-frame-pointer -gcc -m32 -fomit-frame-pointer +gcc -O3 -fomit-frame-pointer -funroll-loops +gcc -O -fomit-frame-pointer +gcc -fomit-frame-pointer spu-gcc -mstdmain -march=cell -O3 -funroll-loops -fomit-frame-pointer -Drandom=rand -Dsrandom=srand spu-gcc -mstdmain -march=cell -O -fomit-frame-pointer -Drandom=rand -Dsrandom=srand --- nacl-20110221.orig/okcompilers/cpp +++ nacl-20110221/okcompilers/cpp @@ -1,8 +1,5 @@ -g++ -m64 -O3 -fomit-frame-pointer -funroll-loops -g++ -m64 -O -fomit-frame-pointer -g++ -m64 -fomit-frame-pointer -g++ -m32 -O3 -fomit-frame-pointer -funroll-loops -g++ -m32 -O -fomit-frame-pointer -g++ -m32 -fomit-frame-pointer +g++ -O3 -fomit-frame-pointer -funroll-loops +g++ -O -fomit-frame-pointer +g++ -fomit-frame-pointer spu-g++ -mstdmain -march=cell -O3 -funroll-loops -fomit-frame-pointer -Drandom=rand -Dsrandom=srand spu-g++ -mstdmain -march=cell -O -fomit-frame-pointer -Drandom=rand -Dsrandom=srand debian/patches/series0000644000000000000000000000007612027024517012035 0ustar fix-build-hostname.patch compiler_flags output-while-building debian/patches/output-while-building0000644000000000000000000000222712027024677015013 0ustar Description: output to standard output while building. The upstream build system puts all output in a log file rather than to standard output. This can cause build timeouts on slow architectures and if the build truely hangs makes it difficult to determine where it hung. Modify the build system to output to standard output as it goes along. Author: Peter Michael Green --- The information above should follow the Patch Tagging Guidelines, please checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here are templates for supplementary fields that you might want to add: Origin: , Bug: Bug-Debian: http://bugs.debian.org/ Bug-Ubuntu: https://launchpad.net/bugs/ Forwarded: Reviewed-By: Last-Update: --- nacl-20110221.orig/do +++ nacl-20110221/do @@ -38,7 +38,7 @@ mkdir -p "$bin" mkdir -p "$lib" mkdir -p "$include" -exec >"$top/log" +exec | tee "$top/log" exec 2>&1 exec 5>"$top/data" exec debian/nacl-sha256.1 docbook-to-man debian/nacl-sha512.sgml > debian/nacl-sha512.1 docbook-to-man debian/curvecpmessage.sgml > debian/curvecpmessage.1 docbook-to-man debian/curvecpserver.sgml > debian/curvecpserver.1 docbook-to-man debian/curvecpclient.sgml > debian/curvecpclient.1 docbook-to-man debian/curvecpmakekey.sgml > debian/curvecpmakekey.1 docbook-to-man debian/curvecpprintkey.sgml > debian/curvecpprintkey.1 touch $@ clean: dh_testdir rm -f configure-stamp rm -rf build/ dh_auto_clean dh_clean install-arch: dh_testdir dh_testroot dh_prep -s dh_installdirs -s mv build/$(SHORTHOSTNAME)/include/*/* build/$(SHORTHOSTNAME)/include/ mkdir build/$(SHORTHOSTNAME)/include/nacl mv build/$(SHORTHOSTNAME)/include/*.h build/$(SHORTHOSTNAME)/include/nacl/ mv build/$(SHORTHOSTNAME)/lib/*/* build/$(SHORTHOSTNAME)/lib/ rm -rf $(CURDIR)/build/$(SHORTHOSTNAME)/log rm -rf $(CURDIR)/build/$(SHORTHOSTNAME)/work rm -rf $(CURDIR)/build/$(SHORTHOSTNAME)/data rm -rf $(CURDIR)/build/$(SHORTHOSTNAME)/include/x86 rm -rf $(CURDIR)/build/$(SHORTHOSTNAME)/include/amd64 rm -rf $(CURDIR)/build/$(SHORTHOSTNAME)/include/lpia rm -rf $(CURDIR)/build/$(SHORTHOSTNAME)/lib/x86 rm -rf $(CURDIR)/build/$(SHORTHOSTNAME)/lib/amd64 rm -rf $(CURDIR)/build/$(SHORTHOSTNAME)/lib/lpia rm -f $(CURDIR)/build/$(SHORTHOSTNAME)/bin/ok* rm -f $(CURDIR)/build/$(SHORTHOSTNAME)/lib/*.o rm build/$(SHORTHOSTNAME)/include/nacl/cpuid.h dh_install --sourcedir=$(CURDIR)/build/$(SHORTHOSTNAME) install-indep: dh_testdir dh_testroot binary: binary-arch binary-indep binary-arch: build-arch install-arch $(MAKE) -f debian/rules DH_OPTIONS=-s binary-common binary-indep: build-arch install-arch binary-common: dh_testdir dh_testroot dh_installchangelogs dh_installdocs dh_installman -s dh_link dh_strip dh_compress dh_fixperms dh_makeshlibs dh_installdeb dh_shlibdeps dh_gencontrol dh_md5sums dh_builddeb .PHONY: build clean binary install configure