From owner-svn-ports-all@freebsd.org  Fri Feb  2 18:01:37 2018
Return-Path: <owner-svn-ports-all@freebsd.org>
Delivered-To: svn-ports-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3A7ACEE6DBF;
 Fri,  2 Feb 2018 18:01:37 +0000 (UTC) (envelope-from pi@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id E10C377782;
 Fri,  2 Feb 2018 18:01:36 +0000 (UTC) (envelope-from pi@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D9BB11F07E;
 Fri,  2 Feb 2018 18:01:36 +0000 (UTC) (envelope-from pi@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w12I1aCT010562;
 Fri, 2 Feb 2018 18:01:36 GMT (envelope-from pi@FreeBSD.org)
Received: (from pi@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id w12I1aOZ010558;
 Fri, 2 Feb 2018 18:01:36 GMT (envelope-from pi@FreeBSD.org)
Message-Id: <201802021801.w12I1aOZ010558@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: pi set sender to pi@FreeBSD.org
 using -f
From: Kurt Jaeger <pi@FreeBSD.org>
Date: Fri, 2 Feb 2018 18:01:36 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r460718 - in head/security/softether: . files
X-SVN-Group: ports-head
X-SVN-Commit-Author: pi
X-SVN-Commit-Paths: in head/security/softether: . files
X-SVN-Commit-Revision: 460718
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Feb 2018 18:01:37 -0000

Author: pi
Date: Fri Feb  2 18:01:36 2018
New Revision: 460718
URL: https://svnweb.freebsd.org/changeset/ports/460718

Log:
  security/softether: update 4.20.9608 -> 4.25.9656
  
  - There are 11 vulnerabilities on SoftEther VPN. There vulnerabilities
    are found by the source code audit process conducted by Max Planck
    Institute for Molecular Genetics and Mr. Guido Vranken in late 2017.
    This build fixes all of these vulnerabilities.
  
  PR:		225618
  Submitted by:	net@arrishq.net (maintainer)
  MFH:		2018Q1
  Relnotes:	http://www.softether.org/5-download/history

Modified:
  head/security/softether/Makefile
  head/security/softether/distinfo
  head/security/softether/files/patch-src__Mayaqua__Network.c
  head/security/softether/files/patch-src__Mayaqua__Table.h

Modified: head/security/softether/Makefile
==============================================================================
--- head/security/softether/Makefile	Fri Feb  2 17:37:28 2018	(r460717)
+++ head/security/softether/Makefile	Fri Feb  2 18:01:36 2018	(r460718)
@@ -1,11 +1,10 @@
 # $FreeBSD$
 
 PORTNAME=	softether
-PORTVERSION=	4.20.9608
-PORTREVISION=	1
+PORTVERSION=	4.25.9656
 CATEGORIES=	security
-MASTER_SITES=	http://www.softether-download.com/files/softether/v4.20-9608-rtm-2016.04.17-tree/Source_Code/
-DISTNAME=	${PORTNAME}-src-v4.20-9608-rtm
+MASTER_SITES=	http://www.softether-download.com/files/softether/v4.25-9656-rtm-2018.01.15-tree/Source_Code/
+DISTNAME=	${PORTNAME}-src-v4.25-9656-rtm
 
 MAINTAINER=	net@arrishq.net
 COMMENT=	Softether VPN solution
@@ -51,7 +50,7 @@ PLIST_SUB+=	LOGDIR="${LOGDIR}"
 SUB_LIST=	LOGDIR="${LOGDIR}"
 
 # a pity the source directory has such a naming scheme, but well
-WRKSRC=		${WRKDIR}/v4.20-9608
+WRKSRC=		${WRKDIR}/v4.25-9656
 
 ALL_TARGET=	build
 

Modified: head/security/softether/distinfo
==============================================================================
--- head/security/softether/distinfo	Fri Feb  2 17:37:28 2018	(r460717)
+++ head/security/softether/distinfo	Fri Feb  2 18:01:36 2018	(r460718)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1488228971
-SHA256 (softether-src-v4.20-9608-rtm.tar.gz) = e559644e34ec6feba43d99f4083f77f9b082dd0574d0bb1e416a65f32ccbc51e
-SIZE (softether-src-v4.20-9608-rtm.tar.gz) = 33691945
+TIMESTAMP = 1517525651
+SHA256 (softether-src-v4.25-9656-rtm.tar.gz) = b946dec3da5833ad2be69125224784b8a8e2a4149297d0c0a907ba0e1c4535f8
+SIZE (softether-src-v4.25-9656-rtm.tar.gz) = 33743898

Modified: head/security/softether/files/patch-src__Mayaqua__Network.c
==============================================================================
--- head/security/softether/files/patch-src__Mayaqua__Network.c	Fri Feb  2 17:37:28 2018	(r460717)
+++ head/security/softether/files/patch-src__Mayaqua__Network.c	Fri Feb  2 18:01:36 2018	(r460718)
@@ -1,19 +1,19 @@
 --- src/Mayaqua/Network.c.orig	2016-05-03 06:16:53 UTC
 +++ src/Mayaqua/Network.c
-@@ -12983,7 +12983,16 @@ bool StartSSLEx(SOCK *sock, X *x, K *pri
+@@ -13025,10 +13025,15 @@
  		{
  			if (client_tls == false)
  			{
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
 +#ifndef OPENSSL_NO_SSL3
  				SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method());
-+#else
-+				SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
+ #else
+ 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
 +				SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_TLSv1
 +#ifdef SSL_OP_NO_TLSv1_2
 +				| SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2
 +#endif
 +				);
-+#endif
+ #endif
  			}
  			else
- 			{

Modified: head/security/softether/files/patch-src__Mayaqua__Table.h
==============================================================================
--- head/security/softether/files/patch-src__Mayaqua__Table.h	Fri Feb  2 17:37:28 2018	(r460717)
+++ head/security/softether/files/patch-src__Mayaqua__Table.h	Fri Feb  2 18:01:36 2018	(r460718)
@@ -1,9 +1,9 @@
 --- src/Mayaqua/Table.h.orig	2016-05-03 06:16:53 UTC
 +++ src/Mayaqua/Table.h
-@@ -117,7 +117,7 @@
- #define	UNICODE_CACHE_FILE		L".unicode_cache_%s.dat"
- 
+@@ -119,7 +119,7 @@
  #define	LANGLIST_FILENAME		"|languages.txt"
+ #define	LANGLIST_FILENAME_WINE	"|languages_wine.txt"
+ 
 -#define	LANG_CONFIG_FILENAME	L"@lang.config"
 +#define	LANG_CONFIG_FILENAME	L"/var/db/softether/lang.config"
  #define	LANG_CONFIG_TEMPLETE	"|lang.config"