diff options
author | Natrio | 2018-01-10 22:36:08 +0300 |
---|---|---|
committer | Natrio | 2018-01-10 22:36:08 +0300 |
commit | f5d0e162ff85ee8104ebbd441ecadbe2e1300b0f (patch) | |
tree | a2b4d42bfc31e2db2d36e6c04d01df9e0644e97a | |
parent | 09d2f7927e095b531a273ab5ce8bfdce75087508 (diff) | |
download | aur-f5d0e162ff85ee8104ebbd441ecadbe2e1300b0f.tar.gz |
Release-11, 2 latest Debian paches added, 1 replaced, switch to openssl-1.1
-rw-r--r-- | .SRCINFO | 14 | ||||
-rw-r--r-- | 08-gcc5-inline.patch | 20 | ||||
-rw-r--r-- | 09-client-uses-lot-of-CPU-after-a-SIGHUP.patch | 26 | ||||
-rw-r--r-- | 11-libssl-1.1.patch | 235 | ||||
-rw-r--r-- | PKGBUILD | 53 |
5 files changed, 330 insertions, 18 deletions
@@ -1,9 +1,9 @@ # Generated by mksrcinfo v8 -# Sun May 14 10:19:45 UTC 2017 +# Wed Jan 10 19:35:56 UTC 2018 pkgbase = vtun pkgdesc = The easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, encryption and IPv6 support. pkgver = 3.0.3.2013.d - pkgrel = 9 + pkgrel = 11 url = http://vtun.sourceforge.net/ install = vtun.install arch = i686 @@ -11,13 +11,12 @@ pkgbase = vtun arch = armv7h arch = armv6h license = GPL - depends = openssl-1.0 + depends = openssl depends = zlib depends = lzo backup = etc/vtund.conf backup = etc/tun-cfg.conf source = http://downloads.sourceforge.net/project/vtun/vtun/3.0.3/vtun-3.0.3.tar.gz - source = https://gist.githubusercontent.com/Mic92/f2d0980682a3ad2247b7/raw/9c2045facaa1f82420b84c581aeeef9ba96fd0c7/0001-fix-bison-compile-error.patch source = cvs-2013.patch source = openlog.patch source = 00-sslauth.patch @@ -28,6 +27,9 @@ pkgbase = vtun source = 05-unix98pty.patch source = 06-ipv6.patch source = 07-dual-family-transport.patch + source = 08-gcc5-inline.patch + source = 09-client-uses-lot-of-CPU-after-a-SIGHUP.patch + source = 11-libssl-1.1.patch source = vtund-ipv6-client.conf source = vtund-ipv6-server.conf source = android-dev.patch @@ -36,7 +38,9 @@ pkgbase = vtun source = tun-cfg.conf source = README.tun-cfg sha512sums = 5fa789d08b556f97492b89515a89c2322c4b0a8fa95bd1035f5ed19061b3654a6a36a9911792096ac872ae9ae5451848cab87d0343dc0ffc064affea1f7d0d54 - sha512sums = 178f8cfc67f5de4b893bd0790f637c8e6988c4a317428330a7690d01ede0368920de8bcf8a1a08ad74300b772571d7e3d7a063cbfc685bf55dd4651f64d56558 + sha512sums = SKIP + sha512sums = SKIP + sha512sums = SKIP sha512sums = SKIP sha512sums = SKIP sha512sums = SKIP diff --git a/08-gcc5-inline.patch b/08-gcc5-inline.patch new file mode 100644 index 000000000000..c9a00900df7a --- /dev/null +++ b/08-gcc5-inline.patch @@ -0,0 +1,20 @@ +Description: fix gcc5 build failure: + The visibility of one of the functions in the yacc grammar is increased so + the program links without error now. +Origin: vendor +Bug-Debian: https://bugs.debian.org/778164 +Author: "Potter, Tim (Cloud Services)" <timothy.potter@hp.com> +Reviewed-by: gregor herrmann <gregoa@debian.org> +Last-Update: 2015-07-23 + +--- a/cfg_file.y ++++ b/cfg_file.y +@@ -624,7 +624,7 @@ + } + + /* Clear the VTUN_NAT_HACK flag which are not relevant to the current operation mode */ +-inline void clear_nat_hack_flags(int svr) ++extern inline void clear_nat_hack_flags(int svr) + { + if (svr) + llist_trav(&host_list,clear_nat_hack_server,NULL); diff --git a/09-client-uses-lot-of-CPU-after-a-SIGHUP.patch b/09-client-uses-lot-of-CPU-after-a-SIGHUP.patch new file mode 100644 index 000000000000..b92815a59639 --- /dev/null +++ b/09-client-uses-lot-of-CPU-after-a-SIGHUP.patch @@ -0,0 +1,26 @@ +Description: vtun client uses lot of CPU after a SIGHUP +Origin: vendor +Bug-Debian: https://bugs.debian.org/818489 +Forwarded: no +Author: Jérôme Arzel <jerome.arzel@netcat.io> +Reviewed-by: Salvatore Bonaccorso <carnil@debian.org> +Last-Update: 2016-04-30 + +--- a/client.c ++++ b/client.c +@@ -133,6 +133,7 @@ void client(struct vtun_host *host) + if (!vtun.quiet || errno != ETIMEDOUT) + vtun_syslog(LOG_INFO,"Connect to %s failed. %s(%d)", vtun.svr_name, + strerror(errno), errno); ++ client_term = 0; + } else { + if( auth_client(s, host) ){ + vtun_syslog(LOG_INFO,"Session %s[%s] opened",host->host,vtun.svr_name); +@@ -143,6 +144,7 @@ void client(struct vtun_host *host) + vtun_syslog(LOG_INFO,"Session %s[%s] closed",host->host,vtun.svr_name); + } else { + vtun_syslog(LOG_INFO,"Connection denied by %s",vtun.svr_name); ++ client_term = 0; + } + } + close(s); diff --git a/11-libssl-1.1.patch b/11-libssl-1.1.patch new file mode 100644 index 000000000000..ae5262c7b117 --- /dev/null +++ b/11-libssl-1.1.patch @@ -0,0 +1,235 @@ +commit c5a5b27e4d48d0c588f02041b3324d5a1cbaf327 +Author: Chris West (Faux) <git@goeswhere.com> +Date: Sun May 28 14:44:55 2017 +0000 + + fix lfd_encrypt.c for openssl 1.1 + +--- vtun-3.0.3.orig/lfd_encrypt.c ++++ vtun-3.0.3/lfd_encrypt.c +@@ -96,11 +96,11 @@ static unsigned long sequence_num; + static char * pkey; + static char * iv_buf; + +-static EVP_CIPHER_CTX ctx_enc; /* encrypt */ +-static EVP_CIPHER_CTX ctx_dec; /* decrypt */ ++static EVP_CIPHER_CTX *ctx_enc; /* encrypt */ ++static EVP_CIPHER_CTX *ctx_dec; /* decrypt */ + +-static EVP_CIPHER_CTX ctx_enc_ecb; /* sideband ecb encrypt */ +-static EVP_CIPHER_CTX ctx_dec_ecb; /* sideband ecb decrypt */ ++static EVP_CIPHER_CTX *ctx_enc_ecb; /* sideband ecb encrypt */ ++static EVP_CIPHER_CTX *ctx_dec_ecb; /* sideband ecb decrypt */ + + static int send_msg(int len, char *in, char **out); + static int send_ib_mesg(int *len, char **in); +@@ -157,6 +157,11 @@ int alloc_encrypt(struct vtun_host *host + EVP_CIPHER_CTX *pctx_enc; + EVP_CIPHER_CTX *pctx_dec; + ++ ctx_enc = EVP_CIPHER_CTX_new(); ++ ctx_dec = EVP_CIPHER_CTX_new(); ++ ctx_enc_ecb = EVP_CIPHER_CTX_new(); ++ ctx_dec_ecb = EVP_CIPHER_CTX_new(); ++ + enc_init_first_time = 1; + dec_init_first_time = 1; + +@@ -183,15 +188,15 @@ int alloc_encrypt(struct vtun_host *host + keysize = 32; + sb_init = 1; + cipher_type = EVP_aes_256_ecb(); +- pctx_enc = &ctx_enc_ecb; +- pctx_dec = &ctx_dec_ecb; ++ pctx_enc = ctx_enc_ecb; ++ pctx_dec = ctx_dec_ecb; + break; + + case VTUN_ENC_AES256ECB: + blocksize = 16; + keysize = 32; +- pctx_enc = &ctx_enc; +- pctx_dec = &ctx_dec; ++ pctx_enc = ctx_enc; ++ pctx_dec = ctx_dec; + cipher_type = EVP_aes_256_ecb(); + strcpy(cipher_name,"AES-256-ECB"); + break; +@@ -202,14 +207,14 @@ int alloc_encrypt(struct vtun_host *host + keysize = 16; + sb_init=1; + cipher_type = EVP_aes_128_ecb(); +- pctx_enc = &ctx_enc_ecb; +- pctx_dec = &ctx_dec_ecb; ++ pctx_enc = ctx_enc_ecb; ++ pctx_dec = ctx_dec_ecb; + break; + case VTUN_ENC_AES128ECB: + blocksize = 16; + keysize = 16; +- pctx_enc = &ctx_enc; +- pctx_dec = &ctx_dec; ++ pctx_enc = ctx_enc; ++ pctx_dec = ctx_dec; + cipher_type = EVP_aes_128_ecb(); + strcpy(cipher_name,"AES-128-ECB"); + break; +@@ -222,16 +227,16 @@ int alloc_encrypt(struct vtun_host *host + var_key = 1; + sb_init = 1; + cipher_type = EVP_bf_ecb(); +- pctx_enc = &ctx_enc_ecb; +- pctx_dec = &ctx_dec_ecb; ++ pctx_enc = ctx_enc_ecb; ++ pctx_dec = ctx_dec_ecb; + break; + + case VTUN_ENC_BF256ECB: + blocksize = 8; + keysize = 32; + var_key = 1; +- pctx_enc = &ctx_enc; +- pctx_dec = &ctx_dec; ++ pctx_enc = ctx_enc; ++ pctx_dec = ctx_dec; + cipher_type = EVP_bf_ecb(); + strcpy(cipher_name,"Blowfish-256-ECB"); + break; +@@ -244,16 +249,16 @@ int alloc_encrypt(struct vtun_host *host + var_key = 1; + sb_init = 1; + cipher_type = EVP_bf_ecb(); +- pctx_enc = &ctx_enc_ecb; +- pctx_dec = &ctx_dec_ecb; ++ pctx_enc = ctx_enc_ecb; ++ pctx_dec = ctx_dec_ecb; + break; + case VTUN_ENC_BF128ECB: /* blowfish 128 ecb is the default */ + default: + blocksize = 8; + keysize = 16; + var_key = 1; +- pctx_enc = &ctx_enc; +- pctx_dec = &ctx_dec; ++ pctx_enc = ctx_enc; ++ pctx_dec = ctx_dec; + cipher_type = EVP_bf_ecb(); + strcpy(cipher_name,"Blowfish-128-ECB"); + break; +@@ -295,10 +300,10 @@ int free_encrypt() + lfd_free(enc_buf); enc_buf = NULL; + lfd_free(dec_buf); dec_buf = NULL; + +- EVP_CIPHER_CTX_cleanup(&ctx_enc); +- EVP_CIPHER_CTX_cleanup(&ctx_dec); +- EVP_CIPHER_CTX_cleanup(&ctx_enc_ecb); +- EVP_CIPHER_CTX_cleanup(&ctx_dec_ecb); ++ EVP_CIPHER_CTX_free(ctx_enc); ++ EVP_CIPHER_CTX_free(ctx_dec); ++ EVP_CIPHER_CTX_free(ctx_enc_ecb); ++ EVP_CIPHER_CTX_free(ctx_dec_ecb); + + return 0; + } +@@ -324,7 +329,7 @@ int encrypt_buf(int len, char *in, char + outlen=len+pad; + if (pad == blocksize) + RAND_bytes((unsigned char *)in_ptr+len, blocksize-1); +- EVP_EncryptUpdate(&ctx_enc, (unsigned char *)out_ptr, &outlen, (unsigned char *)in_ptr, len+pad); ++ EVP_EncryptUpdate(ctx_enc, (unsigned char *)out_ptr, &outlen, (unsigned char *)in_ptr, len+pad); + *out = enc_buf; + + sequence_num++; +@@ -344,7 +349,7 @@ int decrypt_buf(int len, char *in, char + + outlen=len; + if (!len) return 0; +- EVP_DecryptUpdate(&ctx_dec, (unsigned char *)out_ptr, &outlen, (unsigned char *)in_ptr, len); ++ EVP_DecryptUpdate(ctx_dec, (unsigned char *)out_ptr, &outlen, (unsigned char *)in_ptr, len); + recv_ib_mesg(&outlen, &out_ptr); + if (!outlen) return 0; + tmp_ptr = out_ptr + outlen; tmp_ptr--; +@@ -432,13 +437,13 @@ int cipher_enc_init(char * iv) + break; + } /* switch(cipher) */ + +- EVP_CIPHER_CTX_init(&ctx_enc); +- EVP_EncryptInit_ex(&ctx_enc, cipher_type, NULL, NULL, NULL); ++ EVP_CIPHER_CTX_init(ctx_enc); ++ EVP_EncryptInit_ex(ctx_enc, cipher_type, NULL, NULL, NULL); + if (var_key) +- EVP_CIPHER_CTX_set_key_length(&ctx_enc, keysize); +- EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, (unsigned char *)pkey, NULL); +- EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, NULL, (unsigned char *)iv); +- EVP_CIPHER_CTX_set_padding(&ctx_enc, 0); ++ EVP_CIPHER_CTX_set_key_length(ctx_enc, keysize); ++ EVP_EncryptInit_ex(ctx_enc, NULL, NULL, (unsigned char *)pkey, NULL); ++ EVP_EncryptInit_ex(ctx_enc, NULL, NULL, NULL, (unsigned char *)iv); ++ EVP_CIPHER_CTX_set_padding(ctx_enc, 0); + if (enc_init_first_time) + { + sprintf(tmpstr,"%s encryption initialized", cipher_name); +@@ -522,13 +527,13 @@ int cipher_dec_init(char * iv) + break; + } /* switch(cipher) */ + +- EVP_CIPHER_CTX_init(&ctx_dec); +- EVP_DecryptInit_ex(&ctx_dec, cipher_type, NULL, NULL, NULL); ++ EVP_CIPHER_CTX_init(ctx_dec); ++ EVP_DecryptInit_ex(ctx_dec, cipher_type, NULL, NULL, NULL); + if (var_key) +- EVP_CIPHER_CTX_set_key_length(&ctx_dec, keysize); +- EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, (unsigned char *)pkey, NULL); +- EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, NULL, (unsigned char *)iv); +- EVP_CIPHER_CTX_set_padding(&ctx_dec, 0); ++ EVP_CIPHER_CTX_set_key_length(ctx_dec, keysize); ++ EVP_DecryptInit_ex(ctx_dec, NULL, NULL, (unsigned char *)pkey, NULL); ++ EVP_DecryptInit_ex(ctx_dec, NULL, NULL, NULL, (unsigned char *)iv); ++ EVP_CIPHER_CTX_set_padding(ctx_dec, 0); + if (dec_init_first_time) + { + sprintf(tmpstr,"%s decryption initialized", cipher_name); +@@ -560,7 +565,7 @@ int send_msg(int len, char *in, char **o + + in_ptr = in - blocksize*2; + outlen = blocksize*2; +- EVP_EncryptUpdate(&ctx_enc_ecb, (unsigned char *)in_ptr, ++ EVP_EncryptUpdate(ctx_enc_ecb, (unsigned char *)in_ptr, + &outlen, (unsigned char *)in_ptr, blocksize*2); + *out = in_ptr; + len = outlen; +@@ -587,7 +592,7 @@ int recv_msg(int len, char *in, char **o + in_ptr = in; + iv = malloc(blocksize); + outlen = blocksize*2; +- EVP_DecryptUpdate(&ctx_dec_ecb, (unsigned char *)in_ptr, &outlen, (unsigned char *)in_ptr, blocksize*2); ++ EVP_DecryptUpdate(ctx_dec_ecb, (unsigned char *)in_ptr, &outlen, (unsigned char *)in_ptr, blocksize*2); + + if ( !strncmp(in_ptr, "ivec", 4) ) + { +@@ -630,7 +635,7 @@ int recv_msg(int len, char *in, char **o + if (cipher_enc_state != CIPHER_INIT) + { + cipher_enc_state = CIPHER_INIT; +- EVP_CIPHER_CTX_cleanup(&ctx_enc); ++ EVP_CIPHER_CTX_cleanup(ctx_enc); + #ifdef LFD_ENCRYPT_DEBUG + vtun_syslog(LOG_INFO, + "Forcing local encryptor re-init"); +@@ -711,7 +716,7 @@ int recv_ib_mesg(int *len, char **in) + if (cipher_enc_state != CIPHER_INIT) + { + cipher_enc_state = CIPHER_INIT; +- EVP_CIPHER_CTX_cleanup(&ctx_enc); ++ EVP_CIPHER_CTX_cleanup(ctx_enc); + } + #ifdef LFD_ENCRYPT_DEBUG + vtun_syslog(LOG_INFO, "Remote requests encryptor re-init"); +@@ -725,7 +730,7 @@ int recv_ib_mesg(int *len, char **in) + cipher_enc_state != CIPHER_REQ_INIT && + cipher_enc_state != CIPHER_INIT) + { +- EVP_CIPHER_CTX_cleanup (&ctx_dec); ++ EVP_CIPHER_CTX_cleanup (ctx_dec); + cipher_dec_state = CIPHER_INIT; + cipher_enc_state = CIPHER_REQ_INIT; + } @@ -4,27 +4,59 @@ pkgname=vtun pkgver=3.0.3.2013.d _pkgver=3.0.3 -pkgrel=9 +pkgrel=11 pkgdesc="The easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, encryption and IPv6 support." arch=('i686' 'x86_64' 'armv7h' 'armv6h') url="http://vtun.sourceforge.net/" license=('GPL') -depends=('openssl-1.0' 'zlib' 'lzo') +depends=('openssl' 'zlib' 'lzo') backup=('etc/vtund.conf' 'etc/tun-cfg.conf') source=("http://downloads.sourceforge.net/project/${pkgname}/${pkgname}/${_pkgver}/${pkgname}-${_pkgver}.tar.gz" -"https://gist.githubusercontent.com/Mic92/f2d0980682a3ad2247b7/raw/9c2045facaa1f82420b84c581aeeef9ba96fd0c7/0001-fix-bison-compile-error.patch" - cvs-2013.patch openlog.patch 00-sslauth.patch 01-pidfile.patch 02-dumpfile.patch 03-signedness-warnings.patch 04-implicit-pointer-conversions.patch 05-unix98pty.patch 06-ipv6.patch 07-dual-family-transport.patch vtund-ipv6-client.conf vtund-ipv6-server.conf android-dev.patch tun-cat.c tun-cfg tun-cfg.conf README.tun-cfg) + cvs-2013.patch + openlog.patch + 00-sslauth.patch + 01-pidfile.patch + 02-dumpfile.patch + 03-signedness-warnings.patch + 04-implicit-pointer-conversions.patch + 05-unix98pty.patch + 06-ipv6.patch + 07-dual-family-transport.patch + 08-gcc5-inline.patch + 09-client-uses-lot-of-CPU-after-a-SIGHUP.patch + 11-libssl-1.1.patch + vtund-ipv6-client.conf + vtund-ipv6-server.conf + android-dev.patch + tun-cat.c + tun-cfg + tun-cfg.conf + README.tun-cfg) sha512sums=('5fa789d08b556f97492b89515a89c2322c4b0a8fa95bd1035f5ed19061b3654a6a36a9911792096ac872ae9ae5451848cab87d0343dc0ffc064affea1f7d0d54' -'178f8cfc67f5de4b893bd0790f637c8e6988c4a317428330a7690d01ede0368920de8bcf8a1a08ad74300b772571d7e3d7a063cbfc685bf55dd4651f64d56558' - SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP) + SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP + SKIP) install=vtun.install prepare() { cd "${srcdir}" HELPSTR=/usr/bin/tun-cfg ./tun-cfg --help > README.tun-cfg cd "${srcdir}/${pkgname}-${_pkgver}" - # adding latest CVS 3_X2 branch changes and patches ported from Debian Jessie - for p in cvs-2013.patch openlog.patch 00-sslauth.patch 01-pidfile.patch 02-dumpfile.patch 03-signedness-warnings.patch 04-implicit-pointer-conversions.patch 05-unix98pty.patch 06-ipv6.patch 07-dual-family-transport.patch 0001-fix-bison-compile-error.patch; do + # latest CVS 3_X2 branch changes, openlog bugfix and patches ported from Debian + for p in \ + cvs-2013.patch \ + openlog.patch \ + 00-sslauth.patch \ + 01-pidfile.patch \ + 02-dumpfile.patch \ + 03-signedness-warnings.patch \ + 04-implicit-pointer-conversions.patch \ + 05-unix98pty.patch \ + 06-ipv6.patch \ + 07-dual-family-transport.patch \ + 08-gcc5-inline.patch \ + 09-client-uses-lot-of-CPU-after-a-SIGHUP.patch \ + 11-libssl-1.1.patch \ + ; do patch -p1 -i "${srcdir}/$p" || exit 1 done [[ "$CARCH" =~ ^arm ]] && patch -p1 -i "${srcdir}/android-dev.patch" @@ -35,12 +67,7 @@ prepare() { build() { cd "${srcdir}/${pkgname}-${_pkgver}" - export CFLAGS="$CFLASG -I/usr/include/openssl-1.0" - export LDFLAGS="$LDFLAGS -L/usr/lib/openssl-1.0" - export PKG_CONFIG_PATH=/usr/lib/openssl-1.0/pkgconfig ./configure \ - --with-ssl-headers=/usr/include/openssl-1.0/openssl \ - --with-blowfish-headers=/usr/include/openssl-1.0/openssl \ --prefix=/usr \ --sbindir=/usr/bin \ --sysconfdir=/etc \ |