From owner-svn-ports-branches@freebsd.org  Sat Feb  3 06:56:48 2018
Return-Path: <owner-svn-ports-branches@freebsd.org>
Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id C60D5EC78CE;
 Sat,  3 Feb 2018 06:56:48 +0000 (UTC) (envelope-from pi@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 7AC837827A;
 Sat,  3 Feb 2018 06:56:48 +0000 (UTC) (envelope-from pi@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 752B6273B2;
 Sat,  3 Feb 2018 06:56:48 +0000 (UTC) (envelope-from pi@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w136umVu002343;
 Sat, 3 Feb 2018 06:56:48 GMT (envelope-from pi@FreeBSD.org)
Received: (from pi@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id w136umfL002339;
 Sat, 3 Feb 2018 06:56:48 GMT (envelope-from pi@FreeBSD.org)
Message-Id: <201802030656.w136umfL002339@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: pi set sender to pi@FreeBSD.org
 using -f
From: Kurt Jaeger <pi@FreeBSD.org>
Date: Sat, 3 Feb 2018 06:56:48 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-branches@freebsd.org
Subject: svn commit: r460792 - in branches/2018Q1/security/softether: . files
X-SVN-Group: ports-branches
X-SVN-Commit-Author: pi
X-SVN-Commit-Paths: in branches/2018Q1/security/softether: . files
X-SVN-Commit-Revision: 460792
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-branches@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: SVN commit messages for all the branches of the ports tree
 <svn-ports-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-branches>, 
 <mailto:svn-ports-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-branches/>
List-Post: <mailto:svn-ports-branches@freebsd.org>
List-Help: <mailto:svn-ports-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-branches>, 
 <mailto:svn-ports-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Feb 2018 06:56:49 -0000

Author: pi
Date: Sat Feb  3 06:56:47 2018
New Revision: 460792
URL: https://svnweb.freebsd.org/changeset/ports/460792

Log:
  MFH: r460718
  
  security/softether: update 4.20.9608 -> 4.25.9656
  
  - There are 11 vulnerabilities on SoftEther VPN. There vulnerabilities
    are found by the source code audit process conducted by Max Planck
    Institute for Molecular Genetics and Mr. Guido Vranken in late 2017.
    This build fixes all of these vulnerabilities.
  
  PR:		225618
  Submitted by:	net@arrishq.net (maintainer)
  Relnotes:	http://www.softether.org/5-download/history
  Approved by:	portmgr (swills)

Modified:
  branches/2018Q1/security/softether/Makefile
  branches/2018Q1/security/softether/distinfo
  branches/2018Q1/security/softether/files/patch-src__Mayaqua__Network.c
  branches/2018Q1/security/softether/files/patch-src__Mayaqua__Table.h
Directory Properties:
  branches/2018Q1/   (props changed)

Modified: branches/2018Q1/security/softether/Makefile
==============================================================================
--- branches/2018Q1/security/softether/Makefile	Sat Feb  3 06:41:30 2018	(r460791)
+++ branches/2018Q1/security/softether/Makefile	Sat Feb  3 06:56:47 2018	(r460792)
@@ -1,11 +1,10 @@
 # $FreeBSD$
 
 PORTNAME=	softether
-PORTVERSION=	4.20.9608
-PORTREVISION=	1
+PORTVERSION=	4.25.9656
 CATEGORIES=	security
-MASTER_SITES=	http://www.softether-download.com/files/softether/v4.20-9608-rtm-2016.04.17-tree/Source_Code/
-DISTNAME=	${PORTNAME}-src-v4.20-9608-rtm
+MASTER_SITES=	http://www.softether-download.com/files/softether/v4.25-9656-rtm-2018.01.15-tree/Source_Code/
+DISTNAME=	${PORTNAME}-src-v4.25-9656-rtm
 
 MAINTAINER=	net@arrishq.net
 COMMENT=	Softether VPN solution
@@ -51,7 +50,7 @@ PLIST_SUB+=	LOGDIR="${LOGDIR}"
 SUB_LIST=	LOGDIR="${LOGDIR}"
 
 # a pity the source directory has such a naming scheme, but well
-WRKSRC=		${WRKDIR}/v4.20-9608
+WRKSRC=		${WRKDIR}/v4.25-9656
 
 ALL_TARGET=	build
 

Modified: branches/2018Q1/security/softether/distinfo
==============================================================================
--- branches/2018Q1/security/softether/distinfo	Sat Feb  3 06:41:30 2018	(r460791)
+++ branches/2018Q1/security/softether/distinfo	Sat Feb  3 06:56:47 2018	(r460792)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1488228971
-SHA256 (softether-src-v4.20-9608-rtm.tar.gz) = e559644e34ec6feba43d99f4083f77f9b082dd0574d0bb1e416a65f32ccbc51e
-SIZE (softether-src-v4.20-9608-rtm.tar.gz) = 33691945
+TIMESTAMP = 1517525651
+SHA256 (softether-src-v4.25-9656-rtm.tar.gz) = b946dec3da5833ad2be69125224784b8a8e2a4149297d0c0a907ba0e1c4535f8
+SIZE (softether-src-v4.25-9656-rtm.tar.gz) = 33743898

Modified: branches/2018Q1/security/softether/files/patch-src__Mayaqua__Network.c
==============================================================================
--- branches/2018Q1/security/softether/files/patch-src__Mayaqua__Network.c	Sat Feb  3 06:41:30 2018	(r460791)
+++ branches/2018Q1/security/softether/files/patch-src__Mayaqua__Network.c	Sat Feb  3 06:56:47 2018	(r460792)
@@ -1,19 +1,19 @@
 --- src/Mayaqua/Network.c.orig	2016-05-03 06:16:53 UTC
 +++ src/Mayaqua/Network.c
-@@ -12983,7 +12983,16 @@ bool StartSSLEx(SOCK *sock, X *x, K *pri
+@@ -13025,10 +13025,15 @@
  		{
  			if (client_tls == false)
  			{
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
 +#ifndef OPENSSL_NO_SSL3
  				SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method());
-+#else
-+				SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
+ #else
+ 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
 +				SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_TLSv1
 +#ifdef SSL_OP_NO_TLSv1_2
 +				| SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2
 +#endif
 +				);
-+#endif
+ #endif
  			}
  			else
- 			{

Modified: branches/2018Q1/security/softether/files/patch-src__Mayaqua__Table.h
==============================================================================
--- branches/2018Q1/security/softether/files/patch-src__Mayaqua__Table.h	Sat Feb  3 06:41:30 2018	(r460791)
+++ branches/2018Q1/security/softether/files/patch-src__Mayaqua__Table.h	Sat Feb  3 06:56:47 2018	(r460792)
@@ -1,9 +1,9 @@
 --- src/Mayaqua/Table.h.orig	2016-05-03 06:16:53 UTC
 +++ src/Mayaqua/Table.h
-@@ -117,7 +117,7 @@
- #define	UNICODE_CACHE_FILE		L".unicode_cache_%s.dat"
- 
+@@ -119,7 +119,7 @@
  #define	LANGLIST_FILENAME		"|languages.txt"
+ #define	LANGLIST_FILENAME_WINE	"|languages_wine.txt"
+ 
 -#define	LANG_CONFIG_FILENAME	L"@lang.config"
 +#define	LANG_CONFIG_FILENAME	L"/var/db/softether/lang.config"
  #define	LANG_CONFIG_TEMPLETE	"|lang.config"