diff --git a/net/shadowsocks-client/patches/100-fortify-source-compat.patch b/net/shadowsocks-client/patches/100-fortify-source-compat.patch
new file mode 100644
index 000000000..e4e1538ee
--- /dev/null
+++ b/net/shadowsocks-client/patches/100-fortify-source-compat.patch
@@ -0,0 +1,72 @@
+--- a/client.c
++++ b/client.c
+@@ -111,7 +111,7 @@ int client_do_local_read(int sockfd, str
+ 			goto out;
+ 	}
+ 
+-	if (encrypt(sockfd, ln) == -1)
++	if (crypto_encrypt(sockfd, ln) == -1)
+ 		goto out;
+ 
+ 	ret = do_send(ln->server_sockfd, ln, "cipher", 0);
+@@ -172,7 +172,7 @@ int client_do_server_read(int sockfd, st
+ 		}
+ 	}
+ 
+-	if (decrypt(sockfd, ln) == -1)
++	if (crypto_decrypt(sockfd, ln) == -1)
+ 		goto out;
+ 
+ 	if (ln->state & SS_UDP) {
+--- a/crypto.c
++++ b/crypto.c
+@@ -185,7 +185,7 @@ err:
+ 	return -1;
+ }
+ 
+-int encrypt(int sockfd, struct link *ln)
++int crypto_encrypt(int sockfd, struct link *ln)
+ {
+ 	int len, cipher_len;
+ 	EVP_CIPHER_CTX *ctx_p;
+@@ -223,7 +223,7 @@ err:
+ 	return -1;
+ }
+ 
+-int decrypt(int sockfd, struct link *ln)
++int crypto_decrypt(int sockfd, struct link *ln)
+ {
+ 	int len, text_len;
+ 	EVP_CIPHER_CTX *ctx_p;
+--- a/crypto.h
++++ b/crypto.h
+@@ -15,7 +15,7 @@ extern int iv_len;
+ 
+ int crypto_init(char *key, char *method);
+ void crypto_exit(void);
+-int encrypt(int sockfd, struct link *ln);
+-int decrypt(int sockfd, struct link *ln);
++int crypto_encrypt(int sockfd, struct link *ln);
++int crypto_decrypt(int sockfd, struct link *ln);
+ 
+ #endif
+--- a/server.c
++++ b/server.c
+@@ -36,7 +36,7 @@ int server_do_remote_read(int sockfd, st
+ 			goto out;
+ 	}
+ 
+-	if (encrypt(sockfd, ln) == -1)
++	if (crypto_encrypt(sockfd, ln) == -1)
+ 		goto out;
+ 
+ 	ret = do_send(ln->local_sockfd, ln, "cipher", 0);
+@@ -91,7 +91,7 @@ int server_do_local_read(int sockfd, str
+ 		}
+ 	}
+ 
+-	if (decrypt(sockfd, ln) == -1)
++	if (crypto_decrypt(sockfd, ln) == -1)
+ 		goto out;
+ 
+ 	if (ln->state & SS_UDP) {