softethervpn: Update to rtm version 4.29-9680

Update SoftEther VPN to the latest rtm version 4.29-9680 Compile tested: Atheros AR7xxx/AR9xxx, TP-LINK Archer C7 v2, 18.06.4 Signed-off-by: Philipp Schuster <philippschuster@gmx.com> (rebased and refreshed patches). Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years ago · 34db38520b
--- a/net/softethervpn/Makefile
+++ b/net/softethervpn/Makefile
@ -9,14 +9,14 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=softethervpn
 PKG_VERSION:=4.28-9669
 PKG_VERREL:=beta
 PKG_VERDATE:=2018.09.11
 PKG_RELEASE:=4
 PKG_VERSION:=4.29-9680
 PKG_VERREL:=rtm
 PKG_VERDATE:=2019.02.28
 PKG_RELEASE:=1

 PKG_SOURCE:=softether-src-v$(PKG_VERSION)-$(PKG_VERREL).tar.gz
 PKG_SOURCE_URL:=http://www.softether-download.com/files/softether/v$(PKG_VERSION)-$(PKG_VERREL)-$(PKG_VERDATE)-tree/Source_Code/
 PKG_HASH:=1e641fa227a732b3eec3fe8bdcf4d4fd2b1d0b0a5084119126c1216d2ec1b545
 PKG_HASH:=e6035fa7d9aaf59bdb342cd7ab5ecfdff89811a875f62a3230208cdc8a4e26e4

 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)/v$(PKG_VERSION)
 HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_NAME)/v$(PKG_VERSION)
--- a/net/softethervpn/patches/001-Encrypt_set_default_RSA.patch
+++ b/net/softethervpn/patches/001-Encrypt_set_default_RSA.patch
@ -1,61 +0,0 @@
 From 1fad008e1adba5cb596da6f9ec6a244d49a585cf Mon Sep 17 00:00:00 2001
 From: Davide Beatrici <davidebeatrici@gmail.com>
 Date: Mon, 9 Apr 2018 22:02:34 +0200
 Subject: [PATCH] Encrypt: set default RSA key size to 1024 everywhere, using
 the RSA_KEY_SIZE macro

 This commit also fixes the problem described in #31, which was caused by the test key generated in RsaCheck() being too small for newer OpenSSL versions.
 ---
 src/Mayaqua/Encrypt.c | 8 ++++----
 src/Mayaqua/Encrypt.h | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

 --- a/src/Mayaqua/Encrypt.c
 +++ b/src/Mayaqua/Encrypt.c
@@ -2458,7 +2458,7 @@ bool RsaVerifyEx(void *data, UINT data_s
 	}
 	if (bits == 0)
 	{
 -		bits = 1024;
 +		bits = RSA_KEY_SIZE;
 	}
 
 	// Hash the data
@@ -2497,7 +2497,7 @@ bool RsaSignEx(void *dst, void *src, UIN
 	}
 	if (bits == 0)
 	{
 -		bits = 1024;
 +		bits = RSA_KEY_SIZE;
 	}
 
 	Zero(dst, bits / 8);
@@ -2684,7 +2684,7 @@ bool RsaCheck()
 	BIO *bio;
 	char errbuf[MAX_SIZE];
 	UINT size = 0;
 -	UINT bit = 32;
 +	UINT bit = RSA_KEY_SIZE;
 	// Validate arguments
 
 	// Key generation
@@ -2754,7 +2754,7 @@ bool RsaGen(K **priv, K **pub, UINT bit)
 	}
 	if (bit == 0)
 	{
 -		bit = 1024;
 +		bit = RSA_KEY_SIZE;
 	}
 
 	// Key generation
 --- a/src/Mayaqua/Encrypt.h
 +++ b/src/Mayaqua/Encrypt.h
@@ -128,7 +128,7 @@ void RAND_Free_For_SoftEther();
 #define	DES_IV_SIZE					8			// DES IV size
 #define DES_BLOCK_SIZE				8			// DES block size
 #define DES3_KEY_SIZE				(8 * 3)		// 3DES key size
 -#define RSA_KEY_SIZE				128			// RSA key size
 +#define RSA_KEY_SIZE				1024		// RSA key size
 #define DH_KEY_SIZE					128			// DH key size
 #define	RSA_MIN_SIGN_HASH_SIZE		(15 + SHA1_HASH_SIZE)	// Minimum RSA hash size
 #define	RSA_SIGN_HASH_SIZE			(RSA_MIN_SIGN_HASH_SIZE)	// RSA hash size
--- a/net/softethervpn/patches/103-noeucjp.patch
+++ b/net/softethervpn/patches/103-noeucjp.patch
@ -1,6 +1,6 @@
 --- a/src/Mayaqua/Internat.c
 +++ b/src/Mayaqua/Internat.c
@@ -123,7 +123,7 @@
@@ -114,7 +114,7 @@
 #include <Mayaqua/Mayaqua.h>
 
 extern LOCK *token_lock;
@ -9,7 +9,7 @@
 static LOCK *iconv_lock = NULL;
 void *iconv_cache_wide_to_str = 0;
 void *iconv_cache_str_to_wide = 0;
@@ -938,7 +938,7 @@ void InitInternational()
@@ -929,7 +929,7 @@ void InitInternational()
 #ifdef	UNIX_MACOS
 		StrCpy(charset, sizeof(charset), "utf-8");
 #else	// UNIX_MACOS
@ -18,7 +18,7 @@
 #endif	// UNIX_MACOS
 		d = IconvWideToStrInternal();
 		if (d == (void *)-1)
@@ -1198,7 +1198,7 @@ void GetCurrentCharSet(char *name, UINT
@@ -1189,7 +1189,7 @@ void GetCurrentCharSet(char *name, UINT
 		}
 		else
 		{
--- a/net/softethervpn/patches/110-no-m64.patch
+++ b/net/softethervpn/patches/110-no-m64.patch
@ -1,6 +1,6 @@
 --- a/src/makefiles/linux_64bit.mak
 +++ b/src/makefiles/linux_64bit.mak
@@ -29,9 +29,9 @@ OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT
@@ -66,9 +66,9 @@ OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT
 
 OPTIONS_LINK_DEBUG=-g -fsigned-char -m64 -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz
 
--- a/net/softethervpn/patches/120-openssl-deprecated.patch
+++ b/net/softethervpn/patches/120-openssl-deprecated.patch
@ -2,7 +2,7 @@ diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c
 index f3b3908..06b7fea 100644
 --- a/src/Mayaqua/Encrypt.c
 +++ b/src/Mayaqua/Encrypt.c
@@ -129,6 +129,7 @@
@@ -120,6 +120,7 @@
 #include <openssl/rand.h>
 #include <openssl/engine.h>
 #include <openssl/bio.h>
@ -10,7 +10,7 @@ index f3b3908..06b7fea 100644
 #include <openssl/x509.h>
 #include <openssl/pkcs7.h>
 #include <openssl/pkcs12.h>
@@ -137,6 +138,7 @@
@@ -128,6 +129,7 @@
 #include <openssl/md4.h>
 #include <openssl/hmac.h>
 #include <openssl/sha.h>
@ -18,7 +18,7 @@ index f3b3908..06b7fea 100644
 #include <openssl/des.h>
 #include <openssl/aes.h>
 #include <openssl/dh.h>
@@ -634,7 +636,7 @@ UINT CipherProcess(CIPHER *c, void *iv, void *dest, void *src, UINT size)
@@ -625,7 +627,7 @@ UINT CipherProcess(CIPHER *c, void *iv, void *dest, void *src, UINT size)
 		return 0;
 	}
 
@ -27,7 +27,7 @@ index f3b3908..06b7fea 100644
 	{
 		return 0;
 	}
@@ -933,6 +935,7 @@ BUF *BigNumToBuf(const BIGNUM *bn)
@@ -924,6 +926,7 @@ BUF *BigNumToBuf(const BIGNUM *bn)
 // Initialization of the lock of OpenSSL
 void OpenSSL_InitLock()
 {
@ -35,7 +35,7 @@ index f3b3908..06b7fea 100644
 	UINT i;
 
 	// Initialization of the lock object
@@ -946,11 +949,13 @@ void OpenSSL_InitLock()
@@ -937,11 +940,13 @@ void OpenSSL_InitLock()
 	// Setting the lock function
 	CRYPTO_set_locking_callback(OpenSSL_Lock);
 	CRYPTO_set_id_callback(OpenSSL_Id);
@ -49,7 +49,7 @@ index f3b3908..06b7fea 100644
 	UINT i;
 
 	for (i = 0;i < ssl_lock_num;i++)
@@ -962,11 +967,13 @@ void OpenSSL_FreeLock()
@@ -953,11 +958,13 @@ void OpenSSL_FreeLock()
 
 	CRYPTO_set_locking_callback(NULL);
 	CRYPTO_set_id_callback(NULL);
@ -63,7 +63,7 @@ index f3b3908..06b7fea 100644
 	LOCK *lock = ssl_lock_obj[n];
 
 	if (mode & CRYPTO_LOCK)
@@ -979,12 +986,15 @@ void OpenSSL_Lock(int mode, int n, const char *file, int line)
@@ -970,12 +977,15 @@ void OpenSSL_Lock(int mode, int n, const char *file, int line)
 		// Unlock
 		Unlock(lock);
 	}
@ -79,7 +79,7 @@ index f3b3908..06b7fea 100644
 }
 
 // Get the display name of the certificate
@@ -1908,8 +1918,8 @@ X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial)
@@ -1899,8 +1909,8 @@ X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial)
 	X509_set_version(x509, 2L);
 
 	// Set the Expiration
@ -90,7 +90,7 @@ index f3b3908..06b7fea 100644
 	if (!UINT64ToAsn1Time(t1, notBefore))
 	{
 		FreeX509(x509);
@@ -2050,8 +2060,8 @@ X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial)
@@ -2041,8 +2051,8 @@ X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial)
 	X509_set_version(x509, 2L);
 
 	// Set the Expiration
@ -101,7 +101,7 @@ index f3b3908..06b7fea 100644
 	if (!UINT64ToAsn1Time(t1, notBefore))
 	{
 		FreeX509(x509);
@@ -2677,6 +2687,43 @@ bool RsaCheckEx()
@@ -2697,6 +2707,43 @@ bool RsaCheckEx()
 
 	return false;
 }
@ -145,7 +145,7 @@ index f3b3908..06b7fea 100644
 bool RsaCheck()
 {
 	RSA *rsa;
@@ -2690,12 +2737,11 @@ bool RsaCheck()
@@ -2710,12 +2757,11 @@ bool RsaCheck()
 	// Key generation
 	Lock(openssl_lock);
 	{
@ -159,7 +159,7 @@ index f3b3908..06b7fea 100644
 		return false;
 	}
 
@@ -2760,12 +2806,11 @@ bool RsaGen(K **priv, K **pub, UINT bit)
@@ -2780,12 +2826,11 @@ bool RsaGen(K **priv, K **pub, UINT bit)
 	// Key generation
 	Lock(openssl_lock);
 	{
@ -173,7 +173,7 @@ index f3b3908..06b7fea 100644
 		return false;
 	}
 
@@ -3875,7 +3920,7 @@ X *X509ToX(X509 *x509)
@@ -3895,7 +3940,7 @@ X *X509ToX(X509 *x509)
 				{
 					if (OBJ_obj2nid(ad->method) == NID_ad_ca_issuers && ad->location->type == GEN_URI)
 					{
@ -182,7 +182,7 @@ index f3b3908..06b7fea 100644
 
 						if (IsEmptyStr(uri) == false)
 						{
@@ -4088,7 +4133,9 @@ void Rand(void *buf, UINT size)
@@ -4108,7 +4153,9 @@ void Rand(void *buf, UINT size)
 // Delete a thread-specific information that OpenSSL has holded
 void FreeOpenSSLThreadState()
 {
@ -192,7 +192,7 @@ index f3b3908..06b7fea 100644
 }
 
 // Release the Crypt library
@@ -4110,13 +4157,16 @@ void InitCryptLibrary()
@@ -4130,13 +4177,16 @@ void InitCryptLibrary()
 	CheckIfIntelAesNiSupportedInit();
 //	RAND_Init_For_SoftEther()
 	openssl_lock = NewLock();
--- a/net/softethervpn/patches/130-iconv.patch
+++ b/net/softethervpn/patches/130-iconv.patch
@ -2,7 +2,7 @@ diff --git a/src/Mayaqua/Mayaqua.h b/src/Mayaqua/Mayaqua.h
 index 194f8e6..177129e 100644
 --- a/src/Mayaqua/Mayaqua.h
 +++ b/src/Mayaqua/Mayaqua.h
@@ -292,7 +292,7 @@ int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
@@ -283,7 +283,7 @@ int PASCAL WinMain(HINSTANCE hInst, HINSTANCE hPrev, char *CmdLine, int CmdShow)
 #include <ifaddrs.h>
 #endif	// MAYAQUA_SUPPORTS_GETIFADDRS
 
@ -15,7 +15,7 @@ diff --git a/src/makefiles/linux_32bit.mak b/src/makefiles/linux_32bit.mak
 index 8219d5d..8020290 100644
 --- a/src/makefiles/linux_32bit.mak
 +++ b/src/makefiles/linux_32bit.mak
@@ -31,7 +31,7 @@ OPTIONS_LINK_DEBUG=-g -fsigned-char -lm -ldl -lrt -lpthread -lssl -lcrypto -lrea
@@ -68,7 +68,7 @@ OPTIONS_LINK_DEBUG=-g -fsigned-char -lm -ldl -lrt -lpthread -lssl -lcrypto -lrea
 
 OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_LINUX -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -O2 -fsigned-char
 
@ -28,7 +28,7 @@ diff --git a/src/makefiles/linux_64bit.mak b/src/makefiles/linux_64bit.mak
 index 7f81b58..a36e0de 100644
 --- a/src/makefiles/linux_64bit.mak
 +++ b/src/makefiles/linux_64bit.mak
@@ -31,7 +31,7 @@ OPTIONS_LINK_DEBUG=-g -fsigned-char -m64 -lm -ldl -lrt -lpthread -lssl -lcrypto
@@ -68,7 +68,7 @@ OPTIONS_LINK_DEBUG=-g -fsigned-char -m64 -lm -ldl -lrt -lpthread -lssl -lcrypto
 
 OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -O2 -fsigned-char