Date: Wed, 10 Jul 2019 01:10:03 +0000 (UTC) From: Koichiro Iwao <meta@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r506327 - in head/security/softether-devel: . files Message-ID: <201907100110.x6A1A3Yv097631@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: meta Date: Wed Jul 10 01:10:02 2019 New Revision: 506327 URL: https://svnweb.freebsd.org/changeset/ports/506327 Log: security/softether-devel: Update to v4.30-9696-beta The biggest topics of this version are JSON-RPC API and HTML5 based admin console. Here's the summary of changes: * Added the SoftEther VPN Server JSON-RPC API Suite implementation * Added the Embedded HTML5-based Modern Admin Console * Fixed the problem occurs when RPC messages between Cluster Members exceed 64Kbytes * Fixed the RADIUS PEAP client to use the standard TLS versioning * Added the support of ChaCha20-Poly1305-IETF AEAD for RUDP * Added the function to display the protocol details about the VPN session * Fixed the bug that the language switching function was disabled. (Build 9695 -> Build 9696) Relnotes: https://www.softether.org/5-download/history Sponsored by: HAW International, Inc. Deleted: head/security/softether-devel/files/patch-src__Mayaqua__Network.c Modified: head/security/softether-devel/Makefile head/security/softether-devel/distinfo head/security/softether-devel/files/patch-fix-build-openssl111 Modified: head/security/softether-devel/Makefile ============================================================================== --- head/security/softether-devel/Makefile Wed Jul 10 00:46:30 2019 (r506326) +++ head/security/softether-devel/Makefile Wed Jul 10 01:10:02 2019 (r506327) @@ -1,22 +1,22 @@ # $FreeBSD$ PORTNAME= softether -DISTVERSION= 4.28-9669-beta -PORTREVISION= 2 +DISTVERSION= 4.30-9696-beta +#PORTREVISION= 0 CATEGORIES= security -MASTER_SITES= https://www.softether-download.com/files/softether/v${DISTVERSION}-2018.09.11-tree/Source_Code/ +MASTER_SITES= https://www.softether-download.com/files/softether/v${DISTVERSION}-2019.07.08-tree/Source_Code/ PKGNAMESUFFIX= -devel DISTNAME= ${PORTNAME}-src-v${DISTVERSION} MAINTAINER= meta@FreeBSD.org COMMENT= Softether VPN 4 (stable beta version) -LICENSE= GPLv2 +LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE ONLY_FOR_ARCHS= amd64 i386 ONLY_FOR_ARCHS_REASON= Upstream only supports amd64 and i386: https://www.softether.org/3-spec -IGNORE= no beta version available right now, use security/softether instead +#IGNORE= no beta version available right now, use security/softether instead USES= dos2unix gmake iconv:wchar_t localbase:ldflags ncurses \ readline ssl Modified: head/security/softether-devel/distinfo ============================================================================== --- head/security/softether-devel/distinfo Wed Jul 10 00:46:30 2019 (r506326) +++ head/security/softether-devel/distinfo Wed Jul 10 01:10:02 2019 (r506327) @@ -1,3 +1,3 @@ -TIMESTAMP = 1542201488 -SHA256 (softether-src-v4.28-9669-beta.tar.gz) = 1e641fa227a732b3eec3fe8bdcf4d4fd2b1d0b0a5084119126c1216d2ec1b545 -SIZE (softether-src-v4.28-9669-beta.tar.gz) = 33795085 +TIMESTAMP = 1562582908 +SHA256 (softether-src-v4.30-9696-beta.tar.gz) = 07b6fb3a677ab9eef42fc5a6abee414904552bcdc66baa56ebd3896bf2a8b490 +SIZE (softether-src-v4.30-9696-beta.tar.gz) = 34687742 Modified: head/security/softether-devel/files/patch-fix-build-openssl111 ============================================================================== --- head/security/softether-devel/files/patch-fix-build-openssl111 Wed Jul 10 00:46:30 2019 (r506326) +++ head/security/softether-devel/files/patch-fix-build-openssl111 Wed Jul 10 01:10:02 2019 (r506327) @@ -1,22 +1,47 @@ ---- src/Mayaqua/Encrypt.c.orig 2018-11-06 08:15:31 UTC -+++ src/Mayaqua/Encrypt.c -@@ -2684,7 +2684,7 @@ bool RsaCheck() - BIO *bio; - char errbuf[MAX_SIZE]; - UINT size = 0; -- UINT bit = 32; -+ UINT bit = RSA_KEY_SIZE; - // Validate arguments +--- src/Mayaqua/Network.c.orig 2019-07-09 22:00:31.540606000 +0900 ++++ src/Mayaqua/Network.c 2019-07-09 22:00:37.550748000 +0900 +@@ -5946,6 +5946,10 @@ + return 1; + } - // Key generation ---- src/Mayaqua/Encrypt.h.orig 2018-11-06 08:15:31 UTC -+++ src/Mayaqua/Encrypt.h -@@ -128,7 +128,7 @@ void RAND_Free_For_SoftEther(); - #define DES_IV_SIZE 8 // DES IV size - #define DES_BLOCK_SIZE 8 // DES block size - #define DES3_KEY_SIZE (8 * 3) // 3DES key size --#define RSA_KEY_SIZE 128 // RSA key size -+#define RSA_KEY_SIZE 4096 // RSA key size - #define DH_KEY_SIZE 128 // DH key size - #define RSA_MIN_SIGN_HASH_SIZE (15 + SHA1_HASH_SIZE) // Minimum RSA hash size - #define RSA_SIGN_HASH_SIZE (RSA_MIN_SIGN_HASH_SIZE) // RSA hash size ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#define X509_STORE_CTX_get0_cert(o) ((o)->cert) ++#endif ++ + // Verify client SSL certificate during TLS handshake. + // + // (actually, only save the certificate for later authentication in Protocol.c) +@@ -5953,27 +5957,27 @@ + { + SSL *ssl; + struct SslClientCertInfo *clientcert; ++ X509 *cert; + + ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); + clientcert = SSL_get_ex_data(ssl, GetSslClientCertIndex()); + + if (clientcert != NULL) + { +- clientcert->PreverifyErr = 0; ++ clientcert->PreverifyErr = X509_STORE_CTX_get_error(ctx); + clientcert->PreverifyErrMessage[0] = '\0'; + if (!preverify_ok) + { +- char *msg; +- clientcert->PreverifyErr = X509_STORE_CTX_get_error(ctx); +- msg = (char *)X509_verify_cert_error_string(clientcert->PreverifyErr); ++ const char *msg = X509_verify_cert_error_string(clientcert->PreverifyErr); + StrCpy(clientcert->PreverifyErrMessage, PREVERIFY_ERR_MESSAGE_SIZE, msg); + Debug("SslCertVerifyCallback preverify error: '%s'\n", msg); + } + else + { +- if (ctx->cert != NULL) ++ cert = X509_STORE_CTX_get0_cert(ctx); ++ if (cert != NULL) + { +- X *tmpX = X509ToX(ctx->cert); // this only wraps ctx->cert, but we need to make a copy ++ X *tmpX = X509ToX(cert); // this only wraps cert, but we need to make a copy + X *copyX = CloneX(tmpX); + tmpX->do_not_free = true; // do not release inner X509 object + FreeX(tmpX);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201907100110.x6A1A3Yv097631>