Release-11, 2 latest Debian paches added, 1 replaced, switch to openssl-1.1

author: Natrio 2018-01-10 22:36:08 +0300
committer: Natrio 2018-01-10 22:36:08 +0300
commit: f5d0e162ff85ee8104ebbd441ecadbe2e1300b0f (patch)
tree: a2b4d42bfc31e2db2d36e6c04d01df9e0644e97a
parent: 09d2f7927e095b531a273ab5ce8bfdce75087508 (diff)
download: aur-f5d0e162ff85ee8104ebbd441ecadbe2e1300b0f.tar.gz
5 files changed, 330 insertions, 18 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 49421ce28161..f8ddb42dcb3b 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,9 +1,9 @@
 # Generated by mksrcinfo v8
-# Sun May 14 10:19:45 UTC 2017
+# Wed Jan 10 19:35:56 UTC 2018
 pkgbase = vtun
 	pkgdesc = The easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, encryption and IPv6 support.
 	pkgver = 3.0.3.2013.d
-	pkgrel = 9
+	pkgrel = 11
 	url = http://vtun.sourceforge.net/
 	install = vtun.install
 	arch = i686
@@ -11,13 +11,12 @@ pkgbase = vtun
 	arch = armv7h
 	arch = armv6h
 	license = GPL
-	depends = openssl-1.0
+	depends = openssl
 	depends = zlib
 	depends = lzo
 	backup = etc/vtund.conf
 	backup = etc/tun-cfg.conf
 	source = http://downloads.sourceforge.net/project/vtun/vtun/3.0.3/vtun-3.0.3.tar.gz
-	source = https://gist.githubusercontent.com/Mic92/f2d0980682a3ad2247b7/raw/9c2045facaa1f82420b84c581aeeef9ba96fd0c7/0001-fix-bison-compile-error.patch
 	source = cvs-2013.patch
 	source = openlog.patch
 	source = 00-sslauth.patch
@@ -28,6 +27,9 @@ pkgbase = vtun
 	source = 05-unix98pty.patch
 	source = 06-ipv6.patch
 	source = 07-dual-family-transport.patch
+	source = 08-gcc5-inline.patch
+	source = 09-client-uses-lot-of-CPU-after-a-SIGHUP.patch
+	source = 11-libssl-1.1.patch
 	source = vtund-ipv6-client.conf
 	source = vtund-ipv6-server.conf
 	source = android-dev.patch
@@ -36,7 +38,9 @@ pkgbase = vtun
 	source = tun-cfg.conf
 	source = README.tun-cfg
 	sha512sums = 5fa789d08b556f97492b89515a89c2322c4b0a8fa95bd1035f5ed19061b3654a6a36a9911792096ac872ae9ae5451848cab87d0343dc0ffc064affea1f7d0d54
-	sha512sums = 178f8cfc67f5de4b893bd0790f637c8e6988c4a317428330a7690d01ede0368920de8bcf8a1a08ad74300b772571d7e3d7a063cbfc685bf55dd4651f64d56558
+	sha512sums = SKIP
+	sha512sums = SKIP
+	sha512sums = SKIP
 	sha512sums = SKIP
 	sha512sums = SKIP
 	sha512sums = SKIP
diff --git a/08-gcc5-inline.patch b/08-gcc5-inline.patch
new file mode 100644
index 000000000000..c9a00900df7a
--- /dev/null
+++ b/08-gcc5-inline.patch
@@ -0,0 +1,20 @@
+Description: fix gcc5 build failure:
+ The visibility of one of the functions in the yacc grammar is increased so
+ the program links without error now.
+Origin: vendor
+Bug-Debian: https://bugs.debian.org/778164
+Author: "Potter, Tim (Cloud Services)" <timothy.potter@hp.com>
+Reviewed-by: gregor herrmann <gregoa@debian.org>
+Last-Update: 2015-07-23
+
+--- a/cfg_file.y
++++ b/cfg_file.y
+@@ -624,7 +624,7 @@
+ }
+ 
+ /* Clear the VTUN_NAT_HACK flag which are not relevant to the current operation mode */
+-inline void clear_nat_hack_flags(int svr)
++extern inline void clear_nat_hack_flags(int svr)
+ {
+ 	if (svr)
+ 		llist_trav(&host_list,clear_nat_hack_server,NULL);
diff --git a/09-client-uses-lot-of-CPU-after-a-SIGHUP.patch b/09-client-uses-lot-of-CPU-after-a-SIGHUP.patch
new file mode 100644
index 000000000000..b92815a59639
--- /dev/null
+++ b/09-client-uses-lot-of-CPU-after-a-SIGHUP.patch
@@ -0,0 +1,26 @@
+Description: vtun client uses lot of CPU after a SIGHUP
+Origin: vendor
+Bug-Debian: https://bugs.debian.org/818489
+Forwarded: no
+Author: Jérôme Arzel <jerome.arzel@netcat.io>
+Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
+Last-Update: 2016-04-30
+
+--- a/client.c
++++ b/client.c
+@@ -133,6 +133,7 @@ void client(struct vtun_host *host)
+ 	   if (!vtun.quiet || errno != ETIMEDOUT)
+ 	      vtun_syslog(LOG_INFO,"Connect to %s failed. %s(%d)", vtun.svr_name,
+ 					strerror(errno), errno);
++	      client_term = 0;
+         } else {
+ 	   if( auth_client(s, host) ){   
+ 	      vtun_syslog(LOG_INFO,"Session %s[%s] opened",host->host,vtun.svr_name);
+@@ -143,6 +144,7 @@ void client(struct vtun_host *host)
+ 	      vtun_syslog(LOG_INFO,"Session %s[%s] closed",host->host,vtun.svr_name);
+ 	   } else {
+ 	      vtun_syslog(LOG_INFO,"Connection denied by %s",vtun.svr_name);
++	      client_term = 0;
+ 	   }
+ 	}
+ 	close(s);
diff --git a/11-libssl-1.1.patch b/11-libssl-1.1.patch
new file mode 100644
index 000000000000..ae5262c7b117
--- /dev/null
+++ b/11-libssl-1.1.patch
@@ -0,0 +1,235 @@
+commit c5a5b27e4d48d0c588f02041b3324d5a1cbaf327
+Author: Chris West (Faux) <git@goeswhere.com>
+Date:   Sun May 28 14:44:55 2017 +0000
+
+    fix lfd_encrypt.c for openssl 1.1
+
+--- vtun-3.0.3.orig/lfd_encrypt.c
++++ vtun-3.0.3/lfd_encrypt.c
+@@ -96,11 +96,11 @@ static unsigned long sequence_num;
+ static char * pkey;
+ static char * iv_buf;
+ 
+-static EVP_CIPHER_CTX ctx_enc;	/* encrypt */
+-static EVP_CIPHER_CTX ctx_dec;	/* decrypt */
++static EVP_CIPHER_CTX *ctx_enc;	/* encrypt */
++static EVP_CIPHER_CTX *ctx_dec;	/* decrypt */
+ 
+-static EVP_CIPHER_CTX ctx_enc_ecb;	/* sideband ecb encrypt */
+-static EVP_CIPHER_CTX ctx_dec_ecb;	/* sideband ecb decrypt */
++static EVP_CIPHER_CTX *ctx_enc_ecb;	/* sideband ecb encrypt */
++static EVP_CIPHER_CTX *ctx_dec_ecb;	/* sideband ecb decrypt */
+ 
+ static int send_msg(int len, char *in, char **out);
+ static int send_ib_mesg(int *len, char **in);
+@@ -157,6 +157,11 @@ int alloc_encrypt(struct vtun_host *host
+    EVP_CIPHER_CTX *pctx_enc;
+    EVP_CIPHER_CTX *pctx_dec;
+ 
++   ctx_enc = EVP_CIPHER_CTX_new();
++   ctx_dec = EVP_CIPHER_CTX_new();
++   ctx_enc_ecb = EVP_CIPHER_CTX_new();
++   ctx_dec_ecb = EVP_CIPHER_CTX_new();
++
+    enc_init_first_time = 1;   
+    dec_init_first_time = 1;   
+ 
+@@ -183,15 +188,15 @@ int alloc_encrypt(struct vtun_host *host
+          keysize = 32;
+          sb_init = 1;
+          cipher_type = EVP_aes_256_ecb();
+-         pctx_enc = &ctx_enc_ecb;
+-         pctx_dec = &ctx_dec_ecb;
++         pctx_enc = ctx_enc_ecb;
++         pctx_dec = ctx_dec_ecb;
+       break;
+       
+       case VTUN_ENC_AES256ECB:
+          blocksize = 16;
+          keysize = 32;
+-         pctx_enc = &ctx_enc;
+-         pctx_dec = &ctx_dec;
++         pctx_enc = ctx_enc;
++         pctx_dec = ctx_dec;
+          cipher_type = EVP_aes_256_ecb();
+          strcpy(cipher_name,"AES-256-ECB");
+       break;      
+@@ -202,14 +207,14 @@ int alloc_encrypt(struct vtun_host *host
+          keysize = 16;
+          sb_init=1;
+          cipher_type = EVP_aes_128_ecb();
+-         pctx_enc = &ctx_enc_ecb;
+-         pctx_dec = &ctx_dec_ecb;
++         pctx_enc = ctx_enc_ecb;
++         pctx_dec = ctx_dec_ecb;
+       break;
+       case VTUN_ENC_AES128ECB:
+          blocksize = 16;
+          keysize = 16;
+-         pctx_enc = &ctx_enc;
+-         pctx_dec = &ctx_dec;
++         pctx_enc = ctx_enc;
++         pctx_dec = ctx_dec;
+          cipher_type = EVP_aes_128_ecb();
+          strcpy(cipher_name,"AES-128-ECB");
+       break;
+@@ -222,16 +227,16 @@ int alloc_encrypt(struct vtun_host *host
+          var_key = 1;
+          sb_init = 1;
+          cipher_type = EVP_bf_ecb();
+-         pctx_enc = &ctx_enc_ecb;
+-         pctx_dec = &ctx_dec_ecb;
++         pctx_enc = ctx_enc_ecb;
++         pctx_dec = ctx_dec_ecb;
+       break;
+ 
+       case VTUN_ENC_BF256ECB:
+          blocksize = 8;
+          keysize = 32;
+          var_key = 1;
+-         pctx_enc = &ctx_enc;
+-         pctx_dec = &ctx_dec;
++         pctx_enc = ctx_enc;
++         pctx_dec = ctx_dec;
+          cipher_type = EVP_bf_ecb();
+          strcpy(cipher_name,"Blowfish-256-ECB");
+       break;
+@@ -244,16 +249,16 @@ int alloc_encrypt(struct vtun_host *host
+          var_key = 1;
+          sb_init = 1;
+          cipher_type = EVP_bf_ecb();
+-         pctx_enc = &ctx_enc_ecb;
+-         pctx_dec = &ctx_dec_ecb;
++         pctx_enc = ctx_enc_ecb;
++         pctx_dec = ctx_dec_ecb;
+       break;
+       case VTUN_ENC_BF128ECB: /* blowfish 128 ecb is the default */
+       default:
+          blocksize = 8;
+          keysize = 16;
+          var_key = 1;
+-         pctx_enc = &ctx_enc;
+-         pctx_dec = &ctx_dec;
++         pctx_enc = ctx_enc;
++         pctx_dec = ctx_dec;
+          cipher_type = EVP_bf_ecb();
+          strcpy(cipher_name,"Blowfish-128-ECB");
+       break;
+@@ -295,10 +300,10 @@ int free_encrypt()
+    lfd_free(enc_buf); enc_buf = NULL;
+    lfd_free(dec_buf); dec_buf = NULL;
+ 
+-   EVP_CIPHER_CTX_cleanup(&ctx_enc);
+-   EVP_CIPHER_CTX_cleanup(&ctx_dec);
+-   EVP_CIPHER_CTX_cleanup(&ctx_enc_ecb);
+-   EVP_CIPHER_CTX_cleanup(&ctx_dec_ecb);
++   EVP_CIPHER_CTX_free(ctx_enc);
++   EVP_CIPHER_CTX_free(ctx_dec);
++   EVP_CIPHER_CTX_free(ctx_enc_ecb);
++   EVP_CIPHER_CTX_free(ctx_dec_ecb);
+ 
+    return 0;
+ }
+@@ -324,7 +329,7 @@ int encrypt_buf(int len, char *in, char
+    outlen=len+pad;
+    if (pad == blocksize)
+       RAND_bytes((unsigned char *)in_ptr+len, blocksize-1);
+-   EVP_EncryptUpdate(&ctx_enc, (unsigned char *)out_ptr, &outlen, (unsigned char *)in_ptr, len+pad);
++   EVP_EncryptUpdate(ctx_enc, (unsigned char *)out_ptr, &outlen, (unsigned char *)in_ptr, len+pad);
+    *out = enc_buf;
+ 
+    sequence_num++;
+@@ -344,7 +349,7 @@ int decrypt_buf(int len, char *in, char
+ 
+    outlen=len;
+    if (!len) return 0;
+-   EVP_DecryptUpdate(&ctx_dec, (unsigned char *)out_ptr, &outlen, (unsigned char *)in_ptr, len);
++   EVP_DecryptUpdate(ctx_dec, (unsigned char *)out_ptr, &outlen, (unsigned char *)in_ptr, len);
+    recv_ib_mesg(&outlen, &out_ptr);
+    if (!outlen) return 0;
+    tmp_ptr = out_ptr + outlen; tmp_ptr--;
+@@ -432,13 +437,13 @@ int cipher_enc_init(char * iv)
+       break;
+    } /* switch(cipher) */
+ 
+-   EVP_CIPHER_CTX_init(&ctx_enc);
+-   EVP_EncryptInit_ex(&ctx_enc, cipher_type, NULL, NULL, NULL);
++   EVP_CIPHER_CTX_init(ctx_enc);
++   EVP_EncryptInit_ex(ctx_enc, cipher_type, NULL, NULL, NULL);
+    if (var_key)
+-      EVP_CIPHER_CTX_set_key_length(&ctx_enc, keysize);
+-   EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, (unsigned char *)pkey, NULL);
+-   EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, NULL, (unsigned char *)iv);
+-   EVP_CIPHER_CTX_set_padding(&ctx_enc, 0);
++      EVP_CIPHER_CTX_set_key_length(ctx_enc, keysize);
++   EVP_EncryptInit_ex(ctx_enc, NULL, NULL, (unsigned char *)pkey, NULL);
++   EVP_EncryptInit_ex(ctx_enc, NULL, NULL, NULL, (unsigned char *)iv);
++   EVP_CIPHER_CTX_set_padding(ctx_enc, 0);
+    if (enc_init_first_time)
+    {
+       sprintf(tmpstr,"%s encryption initialized", cipher_name);
+@@ -522,13 +527,13 @@ int cipher_dec_init(char * iv)
+       break;
+    } /* switch(cipher) */
+ 
+-   EVP_CIPHER_CTX_init(&ctx_dec);
+-   EVP_DecryptInit_ex(&ctx_dec, cipher_type, NULL, NULL, NULL);
++   EVP_CIPHER_CTX_init(ctx_dec);
++   EVP_DecryptInit_ex(ctx_dec, cipher_type, NULL, NULL, NULL);
+    if (var_key)
+-      EVP_CIPHER_CTX_set_key_length(&ctx_dec, keysize);
+-   EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, (unsigned char *)pkey, NULL);
+-   EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, NULL, (unsigned char *)iv);
+-   EVP_CIPHER_CTX_set_padding(&ctx_dec, 0);
++      EVP_CIPHER_CTX_set_key_length(ctx_dec, keysize);
++   EVP_DecryptInit_ex(ctx_dec, NULL, NULL, (unsigned char *)pkey, NULL);
++   EVP_DecryptInit_ex(ctx_dec, NULL, NULL, NULL, (unsigned char *)iv);
++   EVP_CIPHER_CTX_set_padding(ctx_dec, 0);
+    if (dec_init_first_time)
+    {
+       sprintf(tmpstr,"%s decryption initialized", cipher_name);
+@@ -560,7 +565,7 @@ int send_msg(int len, char *in, char **o
+ 
+          in_ptr = in - blocksize*2;
+          outlen = blocksize*2;
+-         EVP_EncryptUpdate(&ctx_enc_ecb, (unsigned char *)in_ptr, 
++         EVP_EncryptUpdate(ctx_enc_ecb, (unsigned char *)in_ptr, 
+             &outlen, (unsigned char *)in_ptr, blocksize*2);
+          *out = in_ptr;
+          len = outlen;
+@@ -587,7 +592,7 @@ int recv_msg(int len, char *in, char **o
+          in_ptr = in;
+          iv = malloc(blocksize);
+          outlen = blocksize*2;
+-         EVP_DecryptUpdate(&ctx_dec_ecb, (unsigned char *)in_ptr, &outlen, (unsigned char *)in_ptr, blocksize*2);
++         EVP_DecryptUpdate(ctx_dec_ecb, (unsigned char *)in_ptr, &outlen, (unsigned char *)in_ptr, blocksize*2);
+          
+          if ( !strncmp(in_ptr, "ivec", 4) )
+          {
+@@ -630,7 +635,7 @@ int recv_msg(int len, char *in, char **o
+                if (cipher_enc_state != CIPHER_INIT)
+                {
+                   cipher_enc_state = CIPHER_INIT;
+-                  EVP_CIPHER_CTX_cleanup(&ctx_enc);
++                  EVP_CIPHER_CTX_cleanup(ctx_enc);
+ #ifdef LFD_ENCRYPT_DEBUG
+                   vtun_syslog(LOG_INFO, 
+                      "Forcing local encryptor re-init");
+@@ -711,7 +716,7 @@ int recv_ib_mesg(int *len, char **in)
+          if (cipher_enc_state != CIPHER_INIT)
+          {
+             cipher_enc_state = CIPHER_INIT;
+-            EVP_CIPHER_CTX_cleanup(&ctx_enc);
++            EVP_CIPHER_CTX_cleanup(ctx_enc);
+          }
+ #ifdef LFD_ENCRYPT_DEBUG
+          vtun_syslog(LOG_INFO, "Remote requests encryptor re-init");
+@@ -725,7 +730,7 @@ int recv_ib_mesg(int *len, char **in)
+              cipher_enc_state != CIPHER_REQ_INIT &&
+              cipher_enc_state != CIPHER_INIT)
+          {
+-            EVP_CIPHER_CTX_cleanup (&ctx_dec);
++            EVP_CIPHER_CTX_cleanup (ctx_dec);
+             cipher_dec_state = CIPHER_INIT;
+             cipher_enc_state = CIPHER_REQ_INIT;
+          }
diff --git a/PKGBUILD b/PKGBUILD
index 39413ea1ac04..7b83bc19d451 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -4,27 +4,59 @@
 pkgname=vtun
 pkgver=3.0.3.2013.d
 _pkgver=3.0.3
-pkgrel=9
+pkgrel=11
 pkgdesc="The easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, encryption and IPv6 support."
 arch=('i686' 'x86_64' 'armv7h' 'armv6h')
 url="http://vtun.sourceforge.net/"
 license=('GPL')
-depends=('openssl-1.0' 'zlib' 'lzo')
+depends=('openssl' 'zlib' 'lzo')
 backup=('etc/vtund.conf' 'etc/tun-cfg.conf')
 source=("http://downloads.sourceforge.net/project/${pkgname}/${pkgname}/${_pkgver}/${pkgname}-${_pkgver}.tar.gz"
-"https://gist.githubusercontent.com/Mic92/f2d0980682a3ad2247b7/raw/9c2045facaa1f82420b84c581aeeef9ba96fd0c7/0001-fix-bison-compile-error.patch"
- cvs-2013.patch openlog.patch 00-sslauth.patch 01-pidfile.patch 02-dumpfile.patch 03-signedness-warnings.patch 04-implicit-pointer-conversions.patch 05-unix98pty.patch 06-ipv6.patch 07-dual-family-transport.patch vtund-ipv6-client.conf vtund-ipv6-server.conf android-dev.patch tun-cat.c tun-cfg tun-cfg.conf README.tun-cfg)
+ cvs-2013.patch
+ openlog.patch
+ 00-sslauth.patch
+ 01-pidfile.patch
+ 02-dumpfile.patch
+ 03-signedness-warnings.patch
+ 04-implicit-pointer-conversions.patch
+ 05-unix98pty.patch
+ 06-ipv6.patch
+ 07-dual-family-transport.patch
+ 08-gcc5-inline.patch
+ 09-client-uses-lot-of-CPU-after-a-SIGHUP.patch
+ 11-libssl-1.1.patch
+ vtund-ipv6-client.conf
+ vtund-ipv6-server.conf
+ android-dev.patch
+ tun-cat.c
+ tun-cfg
+ tun-cfg.conf
+ README.tun-cfg)
 sha512sums=('5fa789d08b556f97492b89515a89c2322c4b0a8fa95bd1035f5ed19061b3654a6a36a9911792096ac872ae9ae5451848cab87d0343dc0ffc064affea1f7d0d54'
-'178f8cfc67f5de4b893bd0790f637c8e6988c4a317428330a7690d01ede0368920de8bcf8a1a08ad74300b772571d7e3d7a063cbfc685bf55dd4651f64d56558'
- SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP)
+ SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP
+ SKIP)
 install=vtun.install
 
 prepare() {
   cd "${srcdir}"
   HELPSTR=/usr/bin/tun-cfg ./tun-cfg --help > README.tun-cfg
   cd "${srcdir}/${pkgname}-${_pkgver}"
-  # adding latest CVS 3_X2 branch changes and patches ported from Debian Jessie
-  for p in cvs-2013.patch openlog.patch 00-sslauth.patch 01-pidfile.patch 02-dumpfile.patch 03-signedness-warnings.patch 04-implicit-pointer-conversions.patch 05-unix98pty.patch 06-ipv6.patch 07-dual-family-transport.patch 0001-fix-bison-compile-error.patch; do
+  # latest CVS 3_X2 branch changes, openlog bugfix and patches ported from Debian
+  for p in \
+    cvs-2013.patch \
+    openlog.patch \
+    00-sslauth.patch \
+    01-pidfile.patch \
+    02-dumpfile.patch \
+    03-signedness-warnings.patch \
+    04-implicit-pointer-conversions.patch \
+    05-unix98pty.patch \
+    06-ipv6.patch \
+    07-dual-family-transport.patch \
+    08-gcc5-inline.patch \
+    09-client-uses-lot-of-CPU-after-a-SIGHUP.patch \
+    11-libssl-1.1.patch \
+    ; do
    patch -p1 -i "${srcdir}/$p" || exit 1
   done
   [[ "$CARCH" =~ ^arm ]] && patch -p1 -i "${srcdir}/android-dev.patch"
@@ -35,12 +67,7 @@ prepare() {
 
 build() {
   cd "${srcdir}/${pkgname}-${_pkgver}"
-  export CFLAGS="$CFLASG -I/usr/include/openssl-1.0"
-  export LDFLAGS="$LDFLAGS -L/usr/lib/openssl-1.0"
-  export PKG_CONFIG_PATH=/usr/lib/openssl-1.0/pkgconfig
   ./configure \
-    --with-ssl-headers=/usr/include/openssl-1.0/openssl \
-    --with-blowfish-headers=/usr/include/openssl-1.0/openssl \
     --prefix=/usr \
     --sbindir=/usr/bin \
     --sysconfdir=/etc \
author	Natrio	2018-01-10 22:36:08 +0300
committer	Natrio	2018-01-10 22:36:08 +0300
commit	f5d0e162ff85ee8104ebbd441ecadbe2e1300b0f (patch)
tree	a2b4d42bfc31e2db2d36e6c04d01df9e0644e97a
parent	09d2f7927e095b531a273ab5ce8bfdce75087508 (diff)
download	aur-f5d0e162ff85ee8104ebbd441ecadbe2e1300b0f.tar.gz