From dece5df38061f839bc810a4da80bca24318bee98 Mon Sep 17 00:00:00 2001
From: bgme <i@bgme.me>
Date: Tue, 29 Apr 2025 17:18:42 +0800
Subject: [PATCH] add naiveproxy

---
 README.md                          |   6 ++
 naiveproxy/Makefile                | 122 +++++++++++++++++++++++++++
 naiveproxy/files/naiveproxy.config |   6 ++
 naiveproxy/files/naiveproxy.init   |  47 +++++++++++
 naiveproxy/src/init_env.sh         | 128 +++++++++++++++++++++++++++++
 5 files changed, 309 insertions(+)
 create mode 100644 naiveproxy/Makefile
 create mode 100644 naiveproxy/files/naiveproxy.config
 create mode 100644 naiveproxy/files/naiveproxy.init
 create mode 100644 naiveproxy/src/init_env.sh

diff --git a/README.md b/README.md
index e262880..165bbac 100644
--- a/README.md
+++ b/README.md
@@ -19,3 +19,9 @@ src-git bgme https://git.bgme.bid/bgme/openwrt-bgme-feed.git
 ./scripts/feeds install -a
 ```
 
+## LICENSE
+
+- einat-ebpf: https://github.com/muink/openwrt-einat-ebpf
+- luci-app-einat: https://github.com/muink/luci-app-einat.git
+- naiveproxy: https://github.com/immortalwrt/packages/tree/master/net/naiveproxy
+- smartdns: https://github.com/openwrt/packages/tree/master/net/smartdns
diff --git a/naiveproxy/Makefile b/naiveproxy/Makefile
new file mode 100644
index 0000000..467334d
--- /dev/null
+++ b/naiveproxy/Makefile
@@ -0,0 +1,122 @@
+# SPDX-License-Identifier: GPL-3.0-only
+#
+# Copyright (C) 2021 ImmortalWrt.org
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=naiveproxy
+PKG_REAL_VERSION:=135.0.7049.38-2
+PKG_VERSION:=$(subst -,.,$(PKG_REAL_VERSION))
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_REAL_VERSION).tar.gz
+PKG_SOURCE_URL:=https://codeload.github.com/klzgrad/naiveproxy/tar.gz/v$(PKG_REAL_VERSION)?
+PKG_HASH:=c06fc41ec61f444a9e12da6dee07b22eec0a848de1f7d580a39d0095e5286342
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_REAL_VERSION)
+
+PKG_LICENSE:=BSD 3-Clause
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
+
+PKG_BUILD_DEPENDS:=gn/host
+PKG_BUILD_PARALLEL:=1
+PKG_BUILD_FLAGS:=no-mips16
+
+ifneq ($(CONFIG_CPU_TYPE)," ")
+  CPU_TYPE:=$(word 1, $(subst +," ,$(CONFIG_CPU_TYPE)))
+  CPU_SUBTYPE:=$(word 2, $(subst +, ",$(CONFIG_CPU_TYPE)))
+  ifeq ($(CPU_SUBTYPE),)
+    CPU_SUBTYPE:=""
+  endif
+else
+  CPU_TYPE:=""
+  CPU_SUBTYPE:=""
+endif
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/naiveproxy
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=Web Servers/Proxies
+  TITLE:=Make a fortune quietly
+  URL:=https://github.com/klzgrad/naiveproxy
+  DEPENDS:=@!(arc||armeb||loongarch64||mips||mips64||powerpc||TARGET_gemini) +libatomic
+endef
+
+define Package/naiveproxy/description
+  NaïveProxy uses Chrome's network stack to camouflage traffic with strong
+  censorship resistance and low detectability. Reusing Chrome's stack also
+  ensures best practices in performance and security.
+endef
+
+ifneq ($(CONFIG_CCACHE),)
+  export CCACHE_SLOPPINESS=time_macros
+  export CCACHE_BASEDIR=$(PKG_BUILD_DIR)/src
+  export CCACHE_CPP2=yes
+  export naive_ccache_flags=cc_wrapper="$(CCACHE)"
+endif
+
+CLANG_VER:=21-init-1655-g7b473dfe-1
+CLANG_FILE:=clang-llvmorg-$(CLANG_VER).tar.xz
+define Download/CLANG
+	URL:=https://commondatastorage.googleapis.com/chromium-browser-clang/Linux_x64
+	URL_FILE:=$(CLANG_FILE)
+	FILE:=$(CLANG_FILE)
+	HASH:=5d94230fdb20386df002b32046139c05a1f0f9f98451b202abacdaf918fb3fe8
+endef
+
+PGO_VER:=7049-1742902334-660df08dc89b79c863466eae026b99254081ab9d-96ef988d106b9eef4526027fbfdd54a082b5d5e2
+PGO_FILE:=chrome-linux-$(PGO_VER).profdata
+define Download/PGO_PROF
+	URL:=https://storage.googleapis.com/chromium-optimization-profiles/pgo_profiles
+	URL_FILE:=$(PGO_FILE)
+	FILE:=$(PGO_FILE)
+	HASH:=b974d2e68a55b7b952253233d00a5f543f9f053ec567ff0ee6e98eec403afbc0
+endef
+
+define Build/Prepare
+	$(call Build/Prepare/Default)
+
+	( \
+		pushd $(PKG_BUILD_DIR)/src ; \
+		mkdir -p "chrome/build/pgo_profiles" ; \
+		$(CP) "$(DL_DIR)/$(PGO_FILE)" "chrome/build/pgo_profiles" ; \
+		mkdir -p "third_party/llvm-build/Release+Asserts" ; \
+		$(TAR) -xJf "$(DL_DIR)/$(CLANG_FILE)" -C "third_party/llvm-build/Release+Asserts" ; \
+		echo -e "llvmorg-$(CLANG_VER)" > "third_party/llvm-build/Release+Asserts/cr_build_revision" ; \
+		popd ; \
+	)
+endef
+
+define Build/Configure
+	( \
+		pushd "$(PKG_BUILD_DIR)/src" ; \
+		. ../init_env.sh "$(ARCH)" $(CPU_TYPE) $(CPU_SUBTYPE) "$(TOOLCHAIN_ROOT_DIR)" ; \
+		export naive_flags+=" $$$${naive_ccache_flags}" ; \
+		mkdir -p "out" ; \
+		gn gen "out/Release" --args="$$$${naive_flags}" --script-executable="$(PYTHON)" ; \
+		popd ; \
+	)
+endef
+
+define Build/Compile
+	+$(NINJA) -C "$(PKG_BUILD_DIR)/src/out/Release" naive
+endef
+
+define Package/naiveproxy/conffiles
+/etc/config/naiveproxy
+endef
+
+define Package/naiveproxy/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/out/Release/naive $(1)/usr/bin/naive
+	$(INSTALL_DIR) $(1)/etc/config $(1)/etc/init.d
+	$(INSTALL_CONF) $(CURDIR)/files/naiveproxy.config $(1)/etc/config/naiveproxy
+	$(INSTALL_BIN) $(CURDIR)/files/naiveproxy.init $(1)/etc/init.d/naiveproxy
+endef
+
+$(eval $(call Download,CLANG))
+$(eval $(call Download,PGO_PROF))
+
+$(eval $(call BuildPackage,naiveproxy))
diff --git a/naiveproxy/files/naiveproxy.config b/naiveproxy/files/naiveproxy.config
new file mode 100644
index 0000000..439e30b
--- /dev/null
+++ b/naiveproxy/files/naiveproxy.config
@@ -0,0 +1,6 @@
+
+config naiveproxy 'config'
+	option enable '0'
+	option listen_addr ''
+	option server_addr ''
+	option extra_argument ''
diff --git a/naiveproxy/files/naiveproxy.init b/naiveproxy/files/naiveproxy.init
new file mode 100644
index 0000000..e483b48
--- /dev/null
+++ b/naiveproxy/files/naiveproxy.init
@@ -0,0 +1,47 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2021 ImmortalWrt
+
+. /lib/functions.sh
+. /lib/functions/procd.sh
+
+USE_PROCD=1
+
+START=99
+STOP=10
+
+init_conf() {
+	config_load "naiveproxy"
+	config_get "enable" "config" "enable" "0"
+	config_get "listen_addr" "config" "listen_addr"
+	config_get "server_addr" "config" "server_addr"
+	config_get "extra_argument" "config" "extra_argument"
+}
+
+start_service() {
+	init_conf
+	[ "${enable}" == "1" ] || return 0
+
+	procd_open_instance naiveproxy
+
+	procd_set_param command naive
+	procd_append_param command --listen="${listen_addr}"
+	procd_append_param command --proxy="${server_addr}"
+	[ -n "${extra_argument}" ] && procd_append_param command "${extra_argument}"
+
+	procd_set_param respawn ${respawn_threshold:-3600} ${respawn_timeout:-5} ${respawn_retry:-5}
+	procd_set_param limits core="unlimited"
+	procd_set_param stdout 1
+	procd_set_param stderr 1
+
+	procd_close_instance
+}
+
+reload_service()
+{
+	stop
+	start
+}
+
+service_triggers() {
+        procd_add_reload_trigger "naiveproxy"
+}
diff --git a/naiveproxy/src/init_env.sh b/naiveproxy/src/init_env.sh
new file mode 100644
index 0000000..f174b1d
--- /dev/null
+++ b/naiveproxy/src/init_env.sh
@@ -0,0 +1,128 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-3.0-only
+#
+# Copyright (C) 2021 ImmortalWrt.org
+# --------------------------------------------------------
+# Init build dependencies for naiveproxy
+
+# Read args from shell
+target_arch="$1"
+cpu_type="$2"
+cpu_subtype="$3"
+toolchain_dir="$4"
+
+# Set arch info
+case "${target_arch}" in
+"aarch64")
+	naive_arch="arm64"
+	;;
+"i386")
+	naive_arch="x86"
+	;;
+"loongarch64")
+	naive_arch="loong64"
+	;;
+"x86_64")
+	naive_arch="x64"
+	;;
+*)
+	naive_arch="${target_arch}"
+	;;
+esac
+
+# OS detection
+[ "$(uname)" != "Linux" -o "$(uname -m)" != "x86_64" ] && { echo -e "Support Linux AMD64 only."; exit 1; }
+
+# Create TMP dir
+mkdir -p "$PWD/tmp"
+export TMPDIR="$PWD/tmp"
+
+# Set ENV
+export DEPOT_TOOLS_WIN_TOOLCHAIN=0
+export naive_flags="
+is_official_build=true
+exclude_unwind_tables=true
+enable_resource_allowlist_generation=false
+symbol_level=0
+
+is_clang=true
+use_sysroot=false
+
+fatal_linker_warnings=false
+treat_warnings_as_errors=false
+
+is_cronet_build=true
+chrome_pgo_phase=2
+
+enable_base_tracing=false
+use_udev=false
+use_aura=false
+use_ozone=false
+use_gio=false
+use_platform_icu_alternatives=true
+use_glib=false
+
+disable_file_support=true
+enable_websockets=false
+use_kerberos=false
+disable_file_support=true
+disable_zstd_filter=false
+enable_mdns=false
+enable_reporting=false
+include_transport_security_state_preload_list=false
+enable_device_bound_sessions=false
+enable_bracketed_proxy_uris=true
+enable_quic_proxy_support=true
+
+use_nss_certs=false
+
+enable_backup_ref_ptr_support=false
+enable_dangling_raw_ptr_checks=false
+enable_shadow_metadata=false
+
+target_os=\"openwrt\"
+target_cpu=\"${naive_arch}\"
+target_sysroot=\"${toolchain_dir}\""
+
+case "${target_arch}" in
+"arm")
+	naive_flags+=" arm_version=0 arm_cpu=\"${cpu_type}\""
+	case "${cpu_type}" in "arm1176jzf-s"|"arm926ej-s"|"mpcore"|"xscale") naive_flags+=" arm_use_thumb=false" ;; esac
+	if [ -n "${cpu_subtype}" ]; then
+		if grep -q "neon" <<< "${cpu_subtype}"; then
+			neon_flag="arm_use_neon=true"
+		else
+			neon_flag="arm_use_neon=false"
+		fi
+		naive_flags+=" arm_fpu=\"${cpu_subtype}\" arm_float_abi=\"hard\" ${neon_flag}"
+	else
+		naive_flags+=" arm_float_abi=\"soft\" arm_use_neon=false"
+	fi
+
+	# LLVM does not accept muslgnueabi as the target triple environment
+	if [ -d "$toolchain_dir/lib/gcc/arm-openwrt-linux-muslgnueabi" ] && [ ! -d "$toolchain_dir/lib/gcc/arm-openwrt-linux-musleabi" ]; then
+		ln -sf "$toolchain_dir/lib/gcc/arm-openwrt-linux-muslgnueabi" "$toolchain_dir/lib/gcc/arm-openwrt-linux-musleabi"
+	fi
+	;;
+"arm64")
+	[ -n "${cpu_type}" ] && naive_flags+=" arm_cpu=\"${cpu_type}\""
+	;;
+"mipsel"|"mips64el")
+	naive_flags+=" use_thin_lto=false chrome_pgo_phase=0"
+	if [ -z "${cpu_type}" ] || [ "${cpu_type}" == "mips32" ]; then
+		naive_flags+=" mips_arch_variant=\"r1\""
+	else
+		naive_flags+=" mips_arch_variant=\"r2\""
+	fi
+	if [ "${target_arch}" == "mipsel" ]; then
+		if [ "${cpu_subtype}" == "24kf" ]; then
+			naive_flags+=" mips_float_abi=\"hard\""
+		else
+			naive_flags+=" mips_float_abi=\"soft\""
+		fi
+	fi
+	;;
+"x86_64")
+	naive_flags+=" use_cfi_icall=false"
+	;;
+esac