Browse Source

softethervpn: Update to rtm version 4.29-9680

Update SoftEther VPN to the latest rtm version 4.29-9680

Compile tested: Atheros AR7xxx/AR9xxx, TP-LINK Archer C7 v2, 18.06.4

Signed-off-by: Philipp Schuster <philippschuster@gmx.com>
(rebased and refreshed patches).
Signed-off-by: Rosen Penev <rosenp@gmail.com>
lilik-openwrt-22.03
Philipp Schuster 5 years ago
committed by Rosen Penev
parent
commit
34db38520b
No known key found for this signature in database GPG Key ID: 36D31CFA845F0E3B
6 changed files with 27 additions and 88 deletions
  1. +5
    -5
      net/softethervpn/Makefile
  2. +0
    -61
      net/softethervpn/patches/001-Encrypt_set_default_RSA.patch
  3. +3
    -3
      net/softethervpn/patches/103-noeucjp.patch
  4. +1
    -1
      net/softethervpn/patches/110-no-m64.patch
  5. +15
    -15
      net/softethervpn/patches/120-openssl-deprecated.patch
  6. +3
    -3
      net/softethervpn/patches/130-iconv.patch

+ 5
- 5
net/softethervpn/Makefile View File

@ -9,14 +9,14 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=softethervpn
PKG_VERSION:=4.28-9669
PKG_VERREL:=beta
PKG_VERDATE:=2018.09.11
PKG_RELEASE:=4
PKG_VERSION:=4.29-9680
PKG_VERREL:=rtm
PKG_VERDATE:=2019.02.28
PKG_RELEASE:=1
PKG_SOURCE:=softether-src-v$(PKG_VERSION)-$(PKG_VERREL).tar.gz
PKG_SOURCE_URL:=http://www.softether-download.com/files/softether/v$(PKG_VERSION)-$(PKG_VERREL)-$(PKG_VERDATE)-tree/Source_Code/
PKG_HASH:=1e641fa227a732b3eec3fe8bdcf4d4fd2b1d0b0a5084119126c1216d2ec1b545
PKG_HASH:=e6035fa7d9aaf59bdb342cd7ab5ecfdff89811a875f62a3230208cdc8a4e26e4
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/v$(PKG_VERSION)
HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_NAME)/v$(PKG_VERSION)


+ 0
- 61
net/softethervpn/patches/001-Encrypt_set_default_RSA.patch View File

@ -1,61 +0,0 @@
From 1fad008e1adba5cb596da6f9ec6a244d49a585cf Mon Sep 17 00:00:00 2001
From: Davide Beatrici <davidebeatrici@gmail.com>
Date: Mon, 9 Apr 2018 22:02:34 +0200
Subject: [PATCH] Encrypt: set default RSA key size to 1024 everywhere, using
the RSA_KEY_SIZE macro
This commit also fixes the problem described in #31, which was caused by the test key generated in RsaCheck() being too small for newer OpenSSL versions.
---
src/Mayaqua/Encrypt.c | 8 ++++----
src/Mayaqua/Encrypt.h | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
--- a/src/Mayaqua/Encrypt.c
+++ b/src/Mayaqua/Encrypt.c
@@ -2458,7 +2458,7 @@ bool RsaVerifyEx(void *data, UINT data_s
}
if (bits == 0)
{
- bits = 1024;
+ bits = RSA_KEY_SIZE;
}
// Hash the data
@@ -2497,7 +2497,7 @@ bool RsaSignEx(void *dst, void *src, UIN
}
if (bits == 0)
{
- bits = 1024;
+ bits = RSA_KEY_SIZE;
}
Zero(dst, bits / 8);
@@ -2684,7 +2684,7 @@ bool RsaCheck()
BIO *bio;
char errbuf[MAX_SIZE];
UINT size = 0;
- UINT bit = 32;
+ UINT bit = RSA_KEY_SIZE;
// Validate arguments
// Key generation
@@ -2754,7 +2754,7 @@ bool RsaGen(K **priv, K **pub, UINT bit)
}
if (bit == 0)
{
- bit = 1024;
+ bit = RSA_KEY_SIZE;
}
// Key generation
--- a/src/Mayaqua/Encrypt.h
+++ b/src/Mayaqua/Encrypt.h
@@ -128,7 +128,7 @@ void RAND_Free_For_SoftEther();
#define DES_IV_SIZE 8 // DES IV size
#define DES_BLOCK_SIZE 8 // DES block size
#define DES3_KEY_SIZE (8 * 3) // 3DES key size
-#define RSA_KEY_SIZE 128 // RSA key size
+#define RSA_KEY_SIZE 1024 // RSA key size
#define DH_KEY_SIZE 128 // DH key size
#define RSA_MIN_SIGN_HASH_SIZE (15 + SHA1_HASH_SIZE) // Minimum RSA hash size
#define RSA_SIGN_HASH_SIZE (RSA_MIN_SIGN_HASH_SIZE) // RSA hash size

+ 3
- 3
net/softethervpn/patches/103-noeucjp.patch View File

@ -1,6 +1,6 @@
--- a/src/Mayaqua/Internat.c
+++ b/src/Mayaqua/Internat.c
@@ -123,7 +123,7 @@
@@ -114,7 +114,7 @@
#include <Mayaqua/Mayaqua.h>
extern LOCK *token_lock;
@ -9,7 +9,7 @@
static LOCK *iconv_lock = NULL;
void *iconv_cache_wide_to_str = 0;
void *iconv_cache_str_to_wide = 0;
@@ -938,7 +938,7 @@ void InitInternational()
@@ -929,7 +929,7 @@ void InitInternational()
#ifdef UNIX_MACOS
StrCpy(charset, sizeof(charset), "utf-8");
#else // UNIX_MACOS
@ -18,7 +18,7 @@
#endif // UNIX_MACOS
d = IconvWideToStrInternal();
if (d == (void *)-1)
@@ -1198,7 +1198,7 @@ void GetCurrentCharSet(char *name, UINT
@@ -1189,7 +1189,7 @@ void GetCurrentCharSet(char *name, UINT
}
else
{


+ 1
- 1
net/softethervpn/patches/110-no-m64.patch View File

@ -1,6 +1,6 @@
--- a/src/makefiles/linux_64bit.mak
+++ b/src/makefiles/linux_64bit.mak
@@ -29,9 +29,9 @@ OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT
@@ -66,9 +66,9 @@ OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT
OPTIONS_LINK_DEBUG=-g -fsigned-char -m64 -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz


+ 15
- 15
net/softethervpn/patches/120-openssl-deprecated.patch View File

@ -2,7 +2,7 @@ diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c
index f3b3908..06b7fea 100644
--- a/src/Mayaqua/Encrypt.c
+++ b/src/Mayaqua/Encrypt.c
@@ -129,6 +129,7 @@
@@ -120,6 +120,7 @@
#include <openssl/rand.h>
#include <openssl/engine.h>
#include <openssl/bio.h>
@ -10,7 +10,7 @@ index f3b3908..06b7fea 100644
#include <openssl/x509.h>
#include <openssl/pkcs7.h>
#include <openssl/pkcs12.h>
@@ -137,6 +138,7 @@
@@ -128,6 +129,7 @@
#include <openssl/md4.h>
#include <openssl/hmac.h>
#include <openssl/sha.h>
@ -18,7 +18,7 @@ index f3b3908..06b7fea 100644
#include <openssl/des.h>
#include <openssl/aes.h>
#include <openssl/dh.h>
@@ -634,7 +636,7 @@ UINT CipherProcess(CIPHER *c, void *iv, void *dest, void *src, UINT size)
@@ -625,7 +627,7 @@ UINT CipherProcess(CIPHER *c, void *iv, void *dest, void *src, UINT size)
return 0;
}
@ -27,7 +27,7 @@ index f3b3908..06b7fea 100644
{
return 0;
}
@@ -933,6 +935,7 @@ BUF *BigNumToBuf(const BIGNUM *bn)
@@ -924,6 +926,7 @@ BUF *BigNumToBuf(const BIGNUM *bn)
// Initialization of the lock of OpenSSL
void OpenSSL_InitLock()
{
@ -35,7 +35,7 @@ index f3b3908..06b7fea 100644
UINT i;
// Initialization of the lock object
@@ -946,11 +949,13 @@ void OpenSSL_InitLock()
@@ -937,11 +940,13 @@ void OpenSSL_InitLock()
// Setting the lock function
CRYPTO_set_locking_callback(OpenSSL_Lock);
CRYPTO_set_id_callback(OpenSSL_Id);
@ -49,7 +49,7 @@ index f3b3908..06b7fea 100644
UINT i;
for (i = 0;i < ssl_lock_num;i++)
@@ -962,11 +967,13 @@ void OpenSSL_FreeLock()
@@ -953,11 +958,13 @@ void OpenSSL_FreeLock()
CRYPTO_set_locking_callback(NULL);
CRYPTO_set_id_callback(NULL);
@ -63,7 +63,7 @@ index f3b3908..06b7fea 100644
LOCK *lock = ssl_lock_obj[n];
if (mode & CRYPTO_LOCK)
@@ -979,12 +986,15 @@ void OpenSSL_Lock(int mode, int n, const char *file, int line)
@@ -970,12 +977,15 @@ void OpenSSL_Lock(int mode, int n, const char *file, int line)
// Unlock
Unlock(lock);
}
@ -79,7 +79,7 @@ index f3b3908..06b7fea 100644
}
// Get the display name of the certificate
@@ -1908,8 +1918,8 @@ X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial)
@@ -1899,8 +1909,8 @@ X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial)
X509_set_version(x509, 2L);
// Set the Expiration
@ -90,7 +90,7 @@ index f3b3908..06b7fea 100644
if (!UINT64ToAsn1Time(t1, notBefore))
{
FreeX509(x509);
@@ -2050,8 +2060,8 @@ X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial)
@@ -2041,8 +2051,8 @@ X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial)
X509_set_version(x509, 2L);
// Set the Expiration
@ -101,7 +101,7 @@ index f3b3908..06b7fea 100644
if (!UINT64ToAsn1Time(t1, notBefore))
{
FreeX509(x509);
@@ -2677,6 +2687,43 @@ bool RsaCheckEx()
@@ -2697,6 +2707,43 @@ bool RsaCheckEx()
return false;
}
@ -145,7 +145,7 @@ index f3b3908..06b7fea 100644
bool RsaCheck()
{
RSA *rsa;
@@ -2690,12 +2737,11 @@ bool RsaCheck()
@@ -2710,12 +2757,11 @@ bool RsaCheck()
// Key generation
Lock(openssl_lock);
{
@ -159,7 +159,7 @@ index f3b3908..06b7fea 100644
return false;
}
@@ -2760,12 +2806,11 @@ bool RsaGen(K **priv, K **pub, UINT bit)
@@ -2780,12 +2826,11 @@ bool RsaGen(K **priv, K **pub, UINT bit)
// Key generation
Lock(openssl_lock);
{
@ -173,7 +173,7 @@ index f3b3908..06b7fea 100644
return false;
}
@@ -3875,7 +3920,7 @@ X *X509ToX(X509 *x509)
@@ -3895,7 +3940,7 @@ X *X509ToX(X509 *x509)
{
if (OBJ_obj2nid(ad->method) == NID_ad_ca_issuers && ad->location->type == GEN_URI)
{
@ -182,7 +182,7 @@ index f3b3908..06b7fea 100644
if (IsEmptyStr(uri) == false)
{
@@ -4088,7 +4133,9 @@ void Rand(void *buf, UINT size)
@@ -4108,7 +4153,9 @@ void Rand(void *buf, UINT size)
// Delete a thread-specific information that OpenSSL has holded
void FreeOpenSSLThreadState()
{
@ -192,7 +192,7 @@ index f3b3908..06b7fea 100644
}
// Release the Crypt library
@@ -4110,13 +4157,16 @@ void InitCryptLibrary()
@@ -4130,13 +4177,16 @@ void InitCryptLibrary()
CheckIfIntelAesNiSupportedInit();
// RAND_Init_For_SoftEther()
openssl_lock = NewLock();


+ 3
- 3
net/softethervpn/patches/130-iconv.patch View File

@ -2,7 +2,7 @@ diff --git a/src/Mayaqua/Mayaqua.h b/src/Mayaqua/Mayaqua.h
index 194f8e6..177129e 100644
--- a/src/Mayaqua/Mayaqua.h
+++ b/src/Mayaqua/Mayaqua.h
@@ -292,7 +292,7 @@ int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
@@ -283,7 +283,7 @@ int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
#include <ifaddrs.h>
#endif // MAYAQUA_SUPPORTS_GETIFADDRS
@ -15,7 +15,7 @@ diff --git a/src/makefiles/linux_32bit.mak b/src/makefiles/linux_32bit.mak
index 8219d5d..8020290 100644
--- a/src/makefiles/linux_32bit.mak
+++ b/src/makefiles/linux_32bit.mak
@@ -31,7 +31,7 @@ OPTIONS_LINK_DEBUG=-g -fsigned-char -lm -ldl -lrt -lpthread -lssl -lcrypto -lrea
@@ -68,7 +68,7 @@ OPTIONS_LINK_DEBUG=-g -fsigned-char -lm -ldl -lrt -lpthread -lssl -lcrypto -lrea
OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_LINUX -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -O2 -fsigned-char
@ -28,7 +28,7 @@ diff --git a/src/makefiles/linux_64bit.mak b/src/makefiles/linux_64bit.mak
index 7f81b58..a36e0de 100644
--- a/src/makefiles/linux_64bit.mak
+++ b/src/makefiles/linux_64bit.mak
@@ -31,7 +31,7 @@ OPTIONS_LINK_DEBUG=-g -fsigned-char -m64 -lm -ldl -lrt -lpthread -lssl -lcrypto
@@ -68,7 +68,7 @@ OPTIONS_LINK_DEBUG=-g -fsigned-char -m64 -lm -ldl -lrt -lpthread -lssl -lcrypto
OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -O2 -fsigned-char


Loading…
Cancel
Save