diff options
| author | Nicholas Wang | 2018-09-26 03:28:17 -0500 |
|---|---|---|
| committer | Nicholas Wang | 2018-09-26 03:28:17 -0500 |
| commit | 4f757d9ee0fba92a77f2108eab2a15621fe7189a (patch) | |
| tree | c0382fe03ed6029226f6f721cef0c6a8762b1472 | |
| parent | 676758e0627632fa4b463b01ecd4c3b7dff15575 (diff) | |
| download | aur-softethervpn-beta.tar.gz | |
add openssl patch and update
patch and pkgbuild thanks to Tun Win Naing and Jonathan Liu
| -rw-r--r-- | .SRCINFO | 18 | ||||
| -rw-r--r-- | PKGBUILD | 62 | ||||
| -rw-r--r-- | aarch64.patch | 37 | ||||
| -rw-r--r-- | disable_sslv3.patch | 24 | ||||
| -rw-r--r-- | openssl.patch | 65 |
5 files changed, 165 insertions, 41 deletions
@@ -1,21 +1,25 @@ pkgbase = softethervpn-beta - pkgdesc = Multi-protocol VPN software from University of Tsukuba build with source code from official website's download center. - pkgver = v4.27.9668.beta + pkgdesc = Multi-protocol VPN Program from University of Tsukuba + pkgver = v4.28_9669 pkgrel = 1 url = http://www.softether.org/ arch = i686 arch = x86_64 - license = GPL2 - makedepends = tar - makedepends = wget + arch = aarch64 + arch = armv7h + license = GPL depends = bash depends = openssl depends = zlib - conflicts = softethervpn - conflicts = softethervpn-git + source = https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.28-9669-beta/softether-src-v4.28-9669-beta.tar.gz + source = aarch64.patch + source = openssl.patch source = softethervpn-bridge.service source = softethervpn-client.service source = softethervpn-server.service + sha1sums = 7de3577791830d656956cd694b60f803ab4ba055 + sha1sums = 75d351833c41ee4c54d4ad18dde678e6df47e220 + sha1sums = 59565cedebeb65452aed776b582bc3b833872686 sha1sums = 12a3919aabcdd7531320056a4b43072892232925 sha1sums = ba594c7defb52548369726c56e2cad633019abef sha1sums = 06cd320553daf0dffdf6a81a22d630fbe211fc33 @@ -1,57 +1,52 @@ # Maintainer: Nicholas Wang <me@nicho1as.wang> -# Contributor: ava1ar <mail(at)ava1ar(dot)me> - +# PKGBUILD Credit: Jonathan Liu <net147@gmail.com> +# Revised based on softethervpn package pkgname=softethervpn-beta -pkgver=v4.27.9668.beta +pkgver=v4.28_9669 pkgrel=1 -pkgdesc="Multi-protocol VPN software from University of Tsukuba build with source code from -official website's download center." -url="http://www.softether.org/" -arch=('i686' 'x86_64') -source=('softethervpn-bridge.service' - 'softethervpn-client.service' +pkgdesc="Multi-protocol VPN Program from University of Tsukuba" +arch=('i686' 'x86_64' 'aarch64' 'armv7h') +source=('https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.28-9669-beta/softether-src-v4.28-9669-beta.tar.gz' + 'aarch64.patch' + 'openssl.patch' + 'softethervpn-bridge.service' + 'softethervpn-client.service' 'softethervpn-server.service') -sha1sums=('12a3919aabcdd7531320056a4b43072892232925' +sha1sums=('7de3577791830d656956cd694b60f803ab4ba055' + '75d351833c41ee4c54d4ad18dde678e6df47e220' + '59565cedebeb65452aed776b582bc3b833872686' + '12a3919aabcdd7531320056a4b43072892232925' 'ba594c7defb52548369726c56e2cad633019abef' '06cd320553daf0dffdf6a81a22d630fbe211fc33') -license=('GPL2') +license=('GPL') depends=('bash' 'openssl' 'zlib') -makedepends=('tar' 'wget') -conflicts=('softethervpn' 'softethervpn-git') - -prepare() { - # clean existing sources if any - rm -rf "${srcdir}"/SoftEtherVPN - wget http://www.softether-download.com/files/softether/v4.27-9668-beta-2018.05.29-tree/Source_Code/softether-src-v4.27-9668-beta.tar.gz - tar xzvf softether-src-v4.27-9668-beta.tar.gz - mv v4.27-9668 SoftEtherVPN -} +url="http://www.softether.org/" -build() { - cd "${srcdir}"/SoftEtherVPN +build(){ + cd "${srcdir}/${pkgver//_/-}" + patch -Np1 -i "${srcdir}/aarch64.patch" + patch -Np1 -i "${srcdir}/openssl.patch" - if [ "${CARCH}" == "i686" ]; then + if [ "${CARCH}" == "i686" ]; then cp src/makefiles/linux_32bit.mak Makefile - elif [ "${CARCH}" == "x86_64" ]; then + elif [ "${CARCH}" == "x86_64" ]; then cp src/makefiles/linux_64bit.mak Makefile + elif [ "${CARCH}" == "aarch64" ]; then + cp src/makefiles/linux_64bit.mak Makefile + elif [ "${CARCH}" == "armv7h" ]; then + cp src/makefiles/linux_32bit.mak Makefile fi - # Patches - - # Disable client SSLv3 - #patch --binary -p1 < "${srcdir}"/disable_client_sslv3.patch - make } package(){ - cd "${srcdir}"/SoftEtherVPN + cd "${srcdir}/${pkgver//_/-}" install -Dm444 bin/vpnserver/hamcore.se2 "${pkgdir}"/usr/lib/softethervpn/hamcore.se2 install -d "${pkgdir}"/usr/bin - for inst in vpnclient vpnserver vpnbridge vpncmd - do + for inst in vpnclient vpnserver vpnbridge vpncmd; do install -Dm755 bin/${inst}/${inst} "${pkgdir}"/usr/lib/softethervpn/${inst}/${inst} ln -s /usr/lib/softethervpn/hamcore.se2 "${pkgdir}"/usr/lib/softethervpn/${inst}/hamcore.se2 echo "#!/bin/sh" > "${pkgdir}"/usr/bin/${inst} @@ -63,4 +58,3 @@ package(){ install -d "${pkgdir}"/usr/lib/systemd/system install -Dm644 "${srcdir}"/*.service "${pkgdir}"/usr/lib/systemd/system } - diff --git a/aarch64.patch b/aarch64.patch new file mode 100644 index 000000000000..cc11ba468b74 --- /dev/null +++ b/aarch64.patch @@ -0,0 +1,37 @@ +From 1d4d7f538065462a76cfe258ee5151dee03ae85f Mon Sep 17 00:00:00 2001 +From: Denis Lesnov <den.lesnov@gmail.com> +Date: Thu, 22 Dec 2016 18:10:52 +0300 +Subject: [PATCH] fix aarch64 build + +--- + src/makefiles/linux_64bit.mak | 14 ++++++++++---- + 1 file changed, 10 insertions(+), 4 deletions(-) + +diff --git a/src/makefiles/linux_64bit.mak b/src/makefiles/linux_64bit.mak +index 0fd8c018..1f81ab7f 100644 +--- a/src/makefiles/linux_64bit.mak ++++ b/src/makefiles/linux_64bit.mak +@@ -25,13 +25,19 @@ + + #CC=gcc + +-OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -g -fsigned-char -m64 ++ifeq ($(shell uname -m),aarch64) ++ M64:= ++else ++ M64:=-m64 ++endif ++ ++OPTIONS_COMPILE_DEBUG=-D_DEBUG -DDEBUG -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -g -fsigned-char $(M64) + +-OPTIONS_LINK_DEBUG=-g -fsigned-char -m64 -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz ++OPTIONS_LINK_DEBUG=-g -fsigned-char $(M64) -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz + +-OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -O2 -fsigned-char -m64 ++OPTIONS_COMPILE_RELEASE=-DNDEBUG -DVPN_SPEED -DUNIX -DUNIX_LINUX -DCPU_64 -D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64 -I./src/ -I./src/Cedar/ -I./src/Mayaqua/ -O2 -fsigned-char $(M64) + +-OPTIONS_LINK_RELEASE=-O2 -fsigned-char -m64 -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz ++OPTIONS_LINK_RELEASE=-O2 -fsigned-char $(M64) -lm -ldl -lrt -lpthread -lssl -lcrypto -lreadline -lncurses -lz + + INSTALL_BINDIR=/usr/bin/ + INSTALL_VPNSERVER_DIR=/usr/vpnserver/ diff --git a/disable_sslv3.patch b/disable_sslv3.patch new file mode 100644 index 000000000000..fffbda998e7e --- /dev/null +++ b/disable_sslv3.patch @@ -0,0 +1,24 @@ +--- a/src/Mayaqua/Network.c 2016-03-20 13:37:38.829534634 -0400 ++++ b/src/Mayaqua/Network.c 2016-03-20 13:37:28.079218703 -0400 +@@ -12981,14 +12981,14 @@ + } + else + { +- if (client_tls == false) +- { +- SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method()); +- } +- else +- { ++ //if (client_tls == false) ++ //{ ++ // SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method()); ++ //} ++ //else ++ //{ + SSL_CTX_set_ssl_version(ssl_ctx, TLSv1_client_method()); +- } ++ //} + } + sock->ssl = SSL_new(ssl_ctx); + SSL_set_fd(sock->ssl, (int)sock->socket); diff --git a/openssl.patch b/openssl.patch new file mode 100644 index 000000000000..b42be512d63b --- /dev/null +++ b/openssl.patch @@ -0,0 +1,65 @@ +From 1fad008e1adba5cb596da6f9ec6a244d49a585cf Mon Sep 17 00:00:00 2001 +From: Davide Beatrici <davidebeatrici@gmail.com> +Date: Mon, 9 Apr 2018 22:02:34 +0200 +Subject: [PATCH] Encrypt: set default RSA key size to 1024 everywhere, using + the RSA_KEY_SIZE macro + +This commit also fixes the problem described in #31, which was caused by the test key generated in RsaCheck() being too small for newer OpenSSL versions. +--- + src/Mayaqua/Encrypt.c | 8 ++++---- + src/Mayaqua/Encrypt.h | 2 +- + 2 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c +index 381d1c57..a5570520 100644 +--- a/src/Mayaqua/Encrypt.c ++++ b/src/Mayaqua/Encrypt.c +@@ -2194,7 +2194,7 @@ bool RsaVerifyEx(void *data, UINT data_size, void *sign, K *k, UINT bits) + } + if (bits == 0) + { +- bits = 1024; ++ bits = RSA_KEY_SIZE; + } + + // Hash the data +@@ -2233,7 +2233,7 @@ bool RsaSignEx(void *dst, void *src, UINT size, K *k, UINT bits) + } + if (bits == 0) + { +- bits = 1024; ++ bits = RSA_KEY_SIZE; + } + + Zero(dst, bits / 8); +@@ -2302,7 +2302,7 @@ bool RsaCheck() + BIO *bio; + char errbuf[MAX_SIZE]; + UINT size = 0; +- UINT bit = 32; ++ UINT bit = RSA_KEY_SIZE; + // Validate arguments + + // Key generation +@@ -2372,7 +2372,7 @@ bool RsaGen(K **priv, K **pub, UINT bit) + } + if (bit == 0) + { +- bit = 1024; ++ bit = RSA_KEY_SIZE; + } + + // Key generation +diff --git a/src/Mayaqua/Encrypt.h b/src/Mayaqua/Encrypt.h +index d795d2d6..0c481610 100644 +--- a/src/Mayaqua/Encrypt.h ++++ b/src/Mayaqua/Encrypt.h +@@ -128,7 +128,7 @@ void RAND_Free_For_SoftEther(); + #define DES_IV_SIZE 8 // DES IV size + #define DES_BLOCK_SIZE 8 // DES block size + #define DES3_KEY_SIZE (8 * 3) // 3DES key size +-#define RSA_KEY_SIZE 128 // RSA key size ++#define RSA_KEY_SIZE 1024 // RSA key size + #define DH_KEY_SIZE 128 // DH key size + #define RSA_MIN_SIGN_HASH_SIZE (15 + SHA1_HASH_SIZE) // Minimum RSA hash size + #define RSA_SIGN_HASH_SIZE (RSA_MIN_SIGN_HASH_SIZE) // RSA hash size |