Update to v4.25-9656-5
This commit is contained in:
parent
96f8c61e69
commit
3b33e93066
3 changed files with 72 additions and 42 deletions
4
.SRCINFO
4
.SRCINFO
|
@ -1,7 +1,7 @@
|
||||||
pkgbase = softethervpn
|
pkgbase = softethervpn
|
||||||
pkgdesc = Multi-protocol VPN Program from University of Tsukuba
|
pkgdesc = Multi-protocol VPN Program from University of Tsukuba
|
||||||
pkgver = v4.25_9656
|
pkgver = v4.25_9656
|
||||||
pkgrel = 4
|
pkgrel = 5
|
||||||
url = http://www.softether.org/
|
url = http://www.softether.org/
|
||||||
arch = i686
|
arch = i686
|
||||||
arch = x86_64
|
arch = x86_64
|
||||||
|
@ -13,11 +13,13 @@ pkgbase = softethervpn
|
||||||
depends = zlib
|
depends = zlib
|
||||||
source = http://www.softether-download.com/files/softether/v4.25-9656-rtm-2018.01.15-tree/Source_Code/softether-src-v4.25-9656-rtm.tar.gz
|
source = http://www.softether-download.com/files/softether/v4.25-9656-rtm-2018.01.15-tree/Source_Code/softether-src-v4.25-9656-rtm.tar.gz
|
||||||
source = aarch64.patch
|
source = aarch64.patch
|
||||||
|
source = openssl.patch
|
||||||
source = softethervpn-bridge.service
|
source = softethervpn-bridge.service
|
||||||
source = softethervpn-client.service
|
source = softethervpn-client.service
|
||||||
source = softethervpn-server.service
|
source = softethervpn-server.service
|
||||||
sha1sums = 5ceb11866af212278c8a151bb40a2a048bdd7fea
|
sha1sums = 5ceb11866af212278c8a151bb40a2a048bdd7fea
|
||||||
sha1sums = 75d351833c41ee4c54d4ad18dde678e6df47e220
|
sha1sums = 75d351833c41ee4c54d4ad18dde678e6df47e220
|
||||||
|
sha1sums = 59565cedebeb65452aed776b582bc3b833872686
|
||||||
sha1sums = 12a3919aabcdd7531320056a4b43072892232925
|
sha1sums = 12a3919aabcdd7531320056a4b43072892232925
|
||||||
sha1sums = ba594c7defb52548369726c56e2cad633019abef
|
sha1sums = ba594c7defb52548369726c56e2cad633019abef
|
||||||
sha1sums = 06cd320553daf0dffdf6a81a22d630fbe211fc33
|
sha1sums = 06cd320553daf0dffdf6a81a22d630fbe211fc33
|
||||||
|
|
5
PKGBUILD
5
PKGBUILD
|
@ -2,16 +2,18 @@
|
||||||
# Maintainer: Jonathan Liu <net147@gmail.com>
|
# Maintainer: Jonathan Liu <net147@gmail.com>
|
||||||
pkgname=softethervpn
|
pkgname=softethervpn
|
||||||
pkgver=v4.25_9656
|
pkgver=v4.25_9656
|
||||||
pkgrel=4
|
pkgrel=5
|
||||||
pkgdesc="Multi-protocol VPN Program from University of Tsukuba"
|
pkgdesc="Multi-protocol VPN Program from University of Tsukuba"
|
||||||
arch=('i686' 'x86_64' 'aarch64' 'armv7h')
|
arch=('i686' 'x86_64' 'aarch64' 'armv7h')
|
||||||
source=('http://www.softether-download.com/files/softether/v4.25-9656-rtm-2018.01.15-tree/Source_Code/softether-src-v4.25-9656-rtm.tar.gz'
|
source=('http://www.softether-download.com/files/softether/v4.25-9656-rtm-2018.01.15-tree/Source_Code/softether-src-v4.25-9656-rtm.tar.gz'
|
||||||
'aarch64.patch'
|
'aarch64.patch'
|
||||||
|
'openssl.patch'
|
||||||
'softethervpn-bridge.service'
|
'softethervpn-bridge.service'
|
||||||
'softethervpn-client.service'
|
'softethervpn-client.service'
|
||||||
'softethervpn-server.service')
|
'softethervpn-server.service')
|
||||||
sha1sums=('5ceb11866af212278c8a151bb40a2a048bdd7fea'
|
sha1sums=('5ceb11866af212278c8a151bb40a2a048bdd7fea'
|
||||||
'75d351833c41ee4c54d4ad18dde678e6df47e220'
|
'75d351833c41ee4c54d4ad18dde678e6df47e220'
|
||||||
|
'59565cedebeb65452aed776b582bc3b833872686'
|
||||||
'12a3919aabcdd7531320056a4b43072892232925'
|
'12a3919aabcdd7531320056a4b43072892232925'
|
||||||
'ba594c7defb52548369726c56e2cad633019abef'
|
'ba594c7defb52548369726c56e2cad633019abef'
|
||||||
'06cd320553daf0dffdf6a81a22d630fbe211fc33')
|
'06cd320553daf0dffdf6a81a22d630fbe211fc33')
|
||||||
|
@ -22,6 +24,7 @@ url="http://www.softether.org/"
|
||||||
build(){
|
build(){
|
||||||
cd "${srcdir}/${pkgver//_/-}"
|
cd "${srcdir}/${pkgver//_/-}"
|
||||||
patch -Np1 -i "${srcdir}/aarch64.patch"
|
patch -Np1 -i "${srcdir}/aarch64.patch"
|
||||||
|
patch -Np1 -i "${srcdir}/openssl.patch"
|
||||||
|
|
||||||
if [ "${CARCH}" == "i686" ]; then
|
if [ "${CARCH}" == "i686" ]; then
|
||||||
cp src/makefiles/linux_32bit.mak Makefile
|
cp src/makefiles/linux_32bit.mak Makefile
|
||||||
|
|
105
openssl.patch
105
openssl.patch
|
@ -1,40 +1,65 @@
|
||||||
--- a/src/makefiles/linux_32bit.mak 2016-04-17 23:59:46.000000000 +1000
|
From 1fad008e1adba5cb596da6f9ec6a244d49a585cf Mon Sep 17 00:00:00 2001
|
||||||
+++ b/src/makefiles/linux_32bit.mak 2017-05-02 10:41:47.582983436 +1000
|
From: Davide Beatrici <davidebeatrici@gmail.com>
|
||||||
@@ -25,13 +25,13 @@
|
Date: Mon, 9 Apr 2018 22:02:34 +0200
|
||||||
|
Subject: [PATCH] Encrypt: set default RSA key size to 1024 everywhere, using
|
||||||
#CC=gcc
|
the RSA_KEY_SIZE macro
|
||||||
|
|
||||||
-OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_LINUX -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -g -fsigned-char
|
This commit also fixes the problem described in #31, which was caused by the test key generated in RsaCheck() being too small for newer OpenSSL versions.
|
||||||
+OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_LINUX -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I/usr/include/openssl-1.0 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -g -fsigned-char
|
---
|
||||||
|
src/Mayaqua/Encrypt.c | 8 ++++----
|
||||||
-OPTIONS_LINK_DEBUG=-g -fsigned-char -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz
|
src/Mayaqua/Encrypt.h | 2 +-
|
||||||
+OPTIONS_LINK_DEBUG=-g -fsigned-char -L/usr/lib/openssl-1.0 -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz
|
2 files changed, 5 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
-OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_LINUX -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -O2 -fsigned-char
|
diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c
|
||||||
+OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_LINUX -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I/usr/include/openssl-1.0 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -O2 -fsigned-char
|
index 381d1c57..a5570520 100644
|
||||||
|
--- a/src/Mayaqua/Encrypt.c
|
||||||
-OPTIONS_LINK_RELEASE=-O2 -fsigned-char -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz
|
+++ b/src/Mayaqua/Encrypt.c
|
||||||
+OPTIONS_LINK_RELEASE=-O2 -fsigned-char -L/usr/lib/openssl-1.0 -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz
|
@@ -2194,7 +2194,7 @@ bool RsaVerifyEx(void *data, UINT data_size, void *sign, K *k, UINT bits)
|
||||||
|
}
|
||||||
INSTALL_BINDIR=/usr/bin/
|
if (bits == 0)
|
||||||
INSTALL_VPNSERVER_DIR=/usr/vpnserver/
|
{
|
||||||
--- a/src/makefiles/linux_64bit.mak 2016-04-17 23:59:46.000000000 +1000
|
- bits = 1024;
|
||||||
+++ b/src/makefiles/linux_64bit.mak 2017-05-02 10:40:56.609323070 +1000
|
+ bits = RSA_KEY_SIZE;
|
||||||
@@ -25,13 +25,13 @@
|
}
|
||||||
|
|
||||||
#CC=gcc
|
// Hash the data
|
||||||
|
@@ -2233,7 +2233,7 @@ bool RsaSignEx(void *dst, void *src, UINT size, K *k, UINT bits)
|
||||||
-OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -g -fsigned-char -m64
|
}
|
||||||
+OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I/usr/include/openssl-1.0 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -g -fsigned-char -m64
|
if (bits == 0)
|
||||||
|
{
|
||||||
-OPTIONS_LINK_DEBUG=-g -fsigned-char -m64 -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz
|
- bits = 1024;
|
||||||
+OPTIONS_LINK_DEBUG=-g -fsigned-char -m64 -L/usr/lib/openssl-1.0 -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz
|
+ bits = RSA_KEY_SIZE;
|
||||||
|
}
|
||||||
-OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -O2 -fsigned-char -m64
|
|
||||||
+OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I/usr/include/openssl-1.0 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -O2 -fsigned-char -m64
|
Zero(dst, bits / 8);
|
||||||
|
@@ -2302,7 +2302,7 @@ bool RsaCheck()
|
||||||
-OPTIONS_LINK_RELEASE=-O2 -fsigned-char -m64 -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz
|
BIO *bio;
|
||||||
+OPTIONS_LINK_RELEASE=-O2 -fsigned-char -m64 -L/usr/lib/openssl-1.0 -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz
|
char errbuf[MAX_SIZE];
|
||||||
|
UINT size = 0;
|
||||||
INSTALL_BINDIR=/usr/bin/
|
- UINT bit = 32;
|
||||||
INSTALL_VPNSERVER_DIR=/usr/vpnserver/
|
+ UINT bit = RSA_KEY_SIZE;
|
||||||
|
// Validate arguments
|
||||||
|
|
||||||
|
// Key generation
|
||||||
|
@@ -2372,7 +2372,7 @@ bool RsaGen(K **priv, K **pub, UINT bit)
|
||||||
|
}
|
||||||
|
if (bit == 0)
|
||||||
|
{
|
||||||
|
- bit = 1024;
|
||||||
|
+ bit = RSA_KEY_SIZE;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Key generation
|
||||||
|
diff --git a/src/Mayaqua/Encrypt.h b/src/Mayaqua/Encrypt.h
|
||||||
|
index d795d2d6..0c481610 100644
|
||||||
|
--- a/src/Mayaqua/Encrypt.h
|
||||||
|
+++ b/src/Mayaqua/Encrypt.h
|
||||||
|
@@ -128,7 +128,7 @@ void RAND_Free_For_SoftEther();
|
||||||
|
#define DES_IV_SIZE 8 // DES IV size
|
||||||
|
#define DES_BLOCK_SIZE 8 // DES block size
|
||||||
|
#define DES3_KEY_SIZE (8 * 3) // 3DES key size
|
||||||
|
-#define RSA_KEY_SIZE 128 // RSA key size
|
||||||
|
+#define RSA_KEY_SIZE 1024 // RSA key size
|
||||||
|
#define DH_KEY_SIZE 128 // DH key size
|
||||||
|
#define RSA_MIN_SIGN_HASH_SIZE (15 + SHA1_HASH_SIZE) // Minimum RSA hash size
|
||||||
|
#define RSA_SIGN_HASH_SIZE (RSA_MIN_SIGN_HASH_SIZE) // RSA hash size
|
||||||
|
|
Loading…
Reference in a new issue