summarylogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.SRCINFO14
-rw-r--r--08-gcc5-inline.patch20
-rw-r--r--09-client-uses-lot-of-CPU-after-a-SIGHUP.patch26
-rw-r--r--11-libssl-1.1.patch235
-rw-r--r--PKGBUILD53
5 files changed, 330 insertions, 18 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 49421ce2816..f8ddb42dcb3 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,9 +1,9 @@
# Generated by mksrcinfo v8
-# Sun May 14 10:19:45 UTC 2017
+# Wed Jan 10 19:35:56 UTC 2018
pkgbase = vtun
pkgdesc = The easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, encryption and IPv6 support.
pkgver = 3.0.3.2013.d
- pkgrel = 9
+ pkgrel = 11
url = http://vtun.sourceforge.net/
install = vtun.install
arch = i686
@@ -11,13 +11,12 @@ pkgbase = vtun
arch = armv7h
arch = armv6h
license = GPL
- depends = openssl-1.0
+ depends = openssl
depends = zlib
depends = lzo
backup = etc/vtund.conf
backup = etc/tun-cfg.conf
source = http://downloads.sourceforge.net/project/vtun/vtun/3.0.3/vtun-3.0.3.tar.gz
- source = https://gist.githubusercontent.com/Mic92/f2d0980682a3ad2247b7/raw/9c2045facaa1f82420b84c581aeeef9ba96fd0c7/0001-fix-bison-compile-error.patch
source = cvs-2013.patch
source = openlog.patch
source = 00-sslauth.patch
@@ -28,6 +27,9 @@ pkgbase = vtun
source = 05-unix98pty.patch
source = 06-ipv6.patch
source = 07-dual-family-transport.patch
+ source = 08-gcc5-inline.patch
+ source = 09-client-uses-lot-of-CPU-after-a-SIGHUP.patch
+ source = 11-libssl-1.1.patch
source = vtund-ipv6-client.conf
source = vtund-ipv6-server.conf
source = android-dev.patch
@@ -36,7 +38,9 @@ pkgbase = vtun
source = tun-cfg.conf
source = README.tun-cfg
sha512sums = 5fa789d08b556f97492b89515a89c2322c4b0a8fa95bd1035f5ed19061b3654a6a36a9911792096ac872ae9ae5451848cab87d0343dc0ffc064affea1f7d0d54
- sha512sums = 178f8cfc67f5de4b893bd0790f637c8e6988c4a317428330a7690d01ede0368920de8bcf8a1a08ad74300b772571d7e3d7a063cbfc685bf55dd4651f64d56558
+ sha512sums = SKIP
+ sha512sums = SKIP
+ sha512sums = SKIP
sha512sums = SKIP
sha512sums = SKIP
sha512sums = SKIP
diff --git a/08-gcc5-inline.patch b/08-gcc5-inline.patch
new file mode 100644
index 00000000000..c9a00900df7
--- /dev/null
+++ b/08-gcc5-inline.patch
@@ -0,0 +1,20 @@
+Description: fix gcc5 build failure:
+ The visibility of one of the functions in the yacc grammar is increased so
+ the program links without error now.
+Origin: vendor
+Bug-Debian: https://bugs.debian.org/778164
+Author: "Potter, Tim (Cloud Services)" <timothy.potter@hp.com>
+Reviewed-by: gregor herrmann <gregoa@debian.org>
+Last-Update: 2015-07-23
+
+--- a/cfg_file.y
++++ b/cfg_file.y
+@@ -624,7 +624,7 @@
+ }
+
+ /* Clear the VTUN_NAT_HACK flag which are not relevant to the current operation mode */
+-inline void clear_nat_hack_flags(int svr)
++extern inline void clear_nat_hack_flags(int svr)
+ {
+ if (svr)
+ llist_trav(&host_list,clear_nat_hack_server,NULL);
diff --git a/09-client-uses-lot-of-CPU-after-a-SIGHUP.patch b/09-client-uses-lot-of-CPU-after-a-SIGHUP.patch
new file mode 100644
index 00000000000..b92815a5963
--- /dev/null
+++ b/09-client-uses-lot-of-CPU-after-a-SIGHUP.patch
@@ -0,0 +1,26 @@
+Description: vtun client uses lot of CPU after a SIGHUP
+Origin: vendor
+Bug-Debian: https://bugs.debian.org/818489
+Forwarded: no
+Author: Jérôme Arzel <jerome.arzel@netcat.io>
+Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
+Last-Update: 2016-04-30
+
+--- a/client.c
++++ b/client.c
+@@ -133,6 +133,7 @@ void client(struct vtun_host *host)
+ if (!vtun.quiet || errno != ETIMEDOUT)
+ vtun_syslog(LOG_INFO,"Connect to %s failed. %s(%d)", vtun.svr_name,
+ strerror(errno), errno);
++ client_term = 0;
+ } else {
+ if( auth_client(s, host) ){
+ vtun_syslog(LOG_INFO,"Session %s[%s] opened",host->host,vtun.svr_name);
+@@ -143,6 +144,7 @@ void client(struct vtun_host *host)
+ vtun_syslog(LOG_INFO,"Session %s[%s] closed",host->host,vtun.svr_name);
+ } else {
+ vtun_syslog(LOG_INFO,"Connection denied by %s",vtun.svr_name);
++ client_term = 0;
+ }
+ }
+ close(s);
diff --git a/11-libssl-1.1.patch b/11-libssl-1.1.patch
new file mode 100644
index 00000000000..ae5262c7b11
--- /dev/null
+++ b/11-libssl-1.1.patch
@@ -0,0 +1,235 @@
+commit c5a5b27e4d48d0c588f02041b3324d5a1cbaf327
+Author: Chris West (Faux) <git@goeswhere.com>
+Date: Sun May 28 14:44:55 2017 +0000
+
+ fix lfd_encrypt.c for openssl 1.1
+
+--- vtun-3.0.3.orig/lfd_encrypt.c
++++ vtun-3.0.3/lfd_encrypt.c
+@@ -96,11 +96,11 @@ static unsigned long sequence_num;
+ static char * pkey;
+ static char * iv_buf;
+
+-static EVP_CIPHER_CTX ctx_enc; /* encrypt */
+-static EVP_CIPHER_CTX ctx_dec; /* decrypt */
++static EVP_CIPHER_CTX *ctx_enc; /* encrypt */
++static EVP_CIPHER_CTX *ctx_dec; /* decrypt */
+
+-static EVP_CIPHER_CTX ctx_enc_ecb; /* sideband ecb encrypt */
+-static EVP_CIPHER_CTX ctx_dec_ecb; /* sideband ecb decrypt */
++static EVP_CIPHER_CTX *ctx_enc_ecb; /* sideband ecb encrypt */
++static EVP_CIPHER_CTX *ctx_dec_ecb; /* sideband ecb decrypt */
+
+ static int send_msg(int len, char *in, char **out);
+ static int send_ib_mesg(int *len, char **in);
+@@ -157,6 +157,11 @@ int alloc_encrypt(struct vtun_host *host
+ EVP_CIPHER_CTX *pctx_enc;
+ EVP_CIPHER_CTX *pctx_dec;
+
++ ctx_enc = EVP_CIPHER_CTX_new();
++ ctx_dec = EVP_CIPHER_CTX_new();
++ ctx_enc_ecb = EVP_CIPHER_CTX_new();
++ ctx_dec_ecb = EVP_CIPHER_CTX_new();
++
+ enc_init_first_time = 1;
+ dec_init_first_time = 1;
+
+@@ -183,15 +188,15 @@ int alloc_encrypt(struct vtun_host *host
+ keysize = 32;
+ sb_init = 1;
+ cipher_type = EVP_aes_256_ecb();
+- pctx_enc = &ctx_enc_ecb;
+- pctx_dec = &ctx_dec_ecb;
++ pctx_enc = ctx_enc_ecb;
++ pctx_dec = ctx_dec_ecb;
+ break;
+
+ case VTUN_ENC_AES256ECB:
+ blocksize = 16;
+ keysize = 32;
+- pctx_enc = &ctx_enc;
+- pctx_dec = &ctx_dec;
++ pctx_enc = ctx_enc;
++ pctx_dec = ctx_dec;
+ cipher_type = EVP_aes_256_ecb();
+ strcpy(cipher_name,"AES-256-ECB");
+ break;
+@@ -202,14 +207,14 @@ int alloc_encrypt(struct vtun_host *host
+ keysize = 16;
+ sb_init=1;
+ cipher_type = EVP_aes_128_ecb();
+- pctx_enc = &ctx_enc_ecb;
+- pctx_dec = &ctx_dec_ecb;
++ pctx_enc = ctx_enc_ecb;
++ pctx_dec = ctx_dec_ecb;
+ break;
+ case VTUN_ENC_AES128ECB:
+ blocksize = 16;
+ keysize = 16;
+- pctx_enc = &ctx_enc;
+- pctx_dec = &ctx_dec;
++ pctx_enc = ctx_enc;
++ pctx_dec = ctx_dec;
+ cipher_type = EVP_aes_128_ecb();
+ strcpy(cipher_name,"AES-128-ECB");
+ break;
+@@ -222,16 +227,16 @@ int alloc_encrypt(struct vtun_host *host
+ var_key = 1;
+ sb_init = 1;
+ cipher_type = EVP_bf_ecb();
+- pctx_enc = &ctx_enc_ecb;
+- pctx_dec = &ctx_dec_ecb;
++ pctx_enc = ctx_enc_ecb;
++ pctx_dec = ctx_dec_ecb;
+ break;
+
+ case VTUN_ENC_BF256ECB:
+ blocksize = 8;
+ keysize = 32;
+ var_key = 1;
+- pctx_enc = &ctx_enc;
+- pctx_dec = &ctx_dec;
++ pctx_enc = ctx_enc;
++ pctx_dec = ctx_dec;
+ cipher_type = EVP_bf_ecb();
+ strcpy(cipher_name,"Blowfish-256-ECB");
+ break;
+@@ -244,16 +249,16 @@ int alloc_encrypt(struct vtun_host *host
+ var_key = 1;
+ sb_init = 1;
+ cipher_type = EVP_bf_ecb();
+- pctx_enc = &ctx_enc_ecb;
+- pctx_dec = &ctx_dec_ecb;
++ pctx_enc = ctx_enc_ecb;
++ pctx_dec = ctx_dec_ecb;
+ break;
+ case VTUN_ENC_BF128ECB: /* blowfish 128 ecb is the default */
+ default:
+ blocksize = 8;
+ keysize = 16;
+ var_key = 1;
+- pctx_enc = &ctx_enc;
+- pctx_dec = &ctx_dec;
++ pctx_enc = ctx_enc;
++ pctx_dec = ctx_dec;
+ cipher_type = EVP_bf_ecb();
+ strcpy(cipher_name,"Blowfish-128-ECB");
+ break;
+@@ -295,10 +300,10 @@ int free_encrypt()
+ lfd_free(enc_buf); enc_buf = NULL;
+ lfd_free(dec_buf); dec_buf = NULL;
+
+- EVP_CIPHER_CTX_cleanup(&ctx_enc);
+- EVP_CIPHER_CTX_cleanup(&ctx_dec);
+- EVP_CIPHER_CTX_cleanup(&ctx_enc_ecb);
+- EVP_CIPHER_CTX_cleanup(&ctx_dec_ecb);
++ EVP_CIPHER_CTX_free(ctx_enc);
++ EVP_CIPHER_CTX_free(ctx_dec);
++ EVP_CIPHER_CTX_free(ctx_enc_ecb);
++ EVP_CIPHER_CTX_free(ctx_dec_ecb);
+
+ return 0;
+ }
+@@ -324,7 +329,7 @@ int encrypt_buf(int len, char *in, char
+ outlen=len+pad;
+ if (pad == blocksize)
+ RAND_bytes((unsigned char *)in_ptr+len, blocksize-1);
+- EVP_EncryptUpdate(&ctx_enc, (unsigned char *)out_ptr, &outlen, (unsigned char *)in_ptr, len+pad);
++ EVP_EncryptUpdate(ctx_enc, (unsigned char *)out_ptr, &outlen, (unsigned char *)in_ptr, len+pad);
+ *out = enc_buf;
+
+ sequence_num++;
+@@ -344,7 +349,7 @@ int decrypt_buf(int len, char *in, char
+
+ outlen=len;
+ if (!len) return 0;
+- EVP_DecryptUpdate(&ctx_dec, (unsigned char *)out_ptr, &outlen, (unsigned char *)in_ptr, len);
++ EVP_DecryptUpdate(ctx_dec, (unsigned char *)out_ptr, &outlen, (unsigned char *)in_ptr, len);
+ recv_ib_mesg(&outlen, &out_ptr);
+ if (!outlen) return 0;
+ tmp_ptr = out_ptr + outlen; tmp_ptr--;
+@@ -432,13 +437,13 @@ int cipher_enc_init(char * iv)
+ break;
+ } /* switch(cipher) */
+
+- EVP_CIPHER_CTX_init(&ctx_enc);
+- EVP_EncryptInit_ex(&ctx_enc, cipher_type, NULL, NULL, NULL);
++ EVP_CIPHER_CTX_init(ctx_enc);
++ EVP_EncryptInit_ex(ctx_enc, cipher_type, NULL, NULL, NULL);
+ if (var_key)
+- EVP_CIPHER_CTX_set_key_length(&ctx_enc, keysize);
+- EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, (unsigned char *)pkey, NULL);
+- EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, NULL, (unsigned char *)iv);
+- EVP_CIPHER_CTX_set_padding(&ctx_enc, 0);
++ EVP_CIPHER_CTX_set_key_length(ctx_enc, keysize);
++ EVP_EncryptInit_ex(ctx_enc, NULL, NULL, (unsigned char *)pkey, NULL);
++ EVP_EncryptInit_ex(ctx_enc, NULL, NULL, NULL, (unsigned char *)iv);
++ EVP_CIPHER_CTX_set_padding(ctx_enc, 0);
+ if (enc_init_first_time)
+ {
+ sprintf(tmpstr,"%s encryption initialized", cipher_name);
+@@ -522,13 +527,13 @@ int cipher_dec_init(char * iv)
+ break;
+ } /* switch(cipher) */
+
+- EVP_CIPHER_CTX_init(&ctx_dec);
+- EVP_DecryptInit_ex(&ctx_dec, cipher_type, NULL, NULL, NULL);
++ EVP_CIPHER_CTX_init(ctx_dec);
++ EVP_DecryptInit_ex(ctx_dec, cipher_type, NULL, NULL, NULL);
+ if (var_key)
+- EVP_CIPHER_CTX_set_key_length(&ctx_dec, keysize);
+- EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, (unsigned char *)pkey, NULL);
+- EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, NULL, (unsigned char *)iv);
+- EVP_CIPHER_CTX_set_padding(&ctx_dec, 0);
++ EVP_CIPHER_CTX_set_key_length(ctx_dec, keysize);
++ EVP_DecryptInit_ex(ctx_dec, NULL, NULL, (unsigned char *)pkey, NULL);
++ EVP_DecryptInit_ex(ctx_dec, NULL, NULL, NULL, (unsigned char *)iv);
++ EVP_CIPHER_CTX_set_padding(ctx_dec, 0);
+ if (dec_init_first_time)
+ {
+ sprintf(tmpstr,"%s decryption initialized", cipher_name);
+@@ -560,7 +565,7 @@ int send_msg(int len, char *in, char **o
+
+ in_ptr = in - blocksize*2;
+ outlen = blocksize*2;
+- EVP_EncryptUpdate(&ctx_enc_ecb, (unsigned char *)in_ptr,
++ EVP_EncryptUpdate(ctx_enc_ecb, (unsigned char *)in_ptr,
+ &outlen, (unsigned char *)in_ptr, blocksize*2);
+ *out = in_ptr;
+ len = outlen;
+@@ -587,7 +592,7 @@ int recv_msg(int len, char *in, char **o
+ in_ptr = in;
+ iv = malloc(blocksize);
+ outlen = blocksize*2;
+- EVP_DecryptUpdate(&ctx_dec_ecb, (unsigned char *)in_ptr, &outlen, (unsigned char *)in_ptr, blocksize*2);
++ EVP_DecryptUpdate(ctx_dec_ecb, (unsigned char *)in_ptr, &outlen, (unsigned char *)in_ptr, blocksize*2);
+
+ if ( !strncmp(in_ptr, "ivec", 4) )
+ {
+@@ -630,7 +635,7 @@ int recv_msg(int len, char *in, char **o
+ if (cipher_enc_state != CIPHER_INIT)
+ {
+ cipher_enc_state = CIPHER_INIT;
+- EVP_CIPHER_CTX_cleanup(&ctx_enc);
++ EVP_CIPHER_CTX_cleanup(ctx_enc);
+ #ifdef LFD_ENCRYPT_DEBUG
+ vtun_syslog(LOG_INFO,
+ "Forcing local encryptor re-init");
+@@ -711,7 +716,7 @@ int recv_ib_mesg(int *len, char **in)
+ if (cipher_enc_state != CIPHER_INIT)
+ {
+ cipher_enc_state = CIPHER_INIT;
+- EVP_CIPHER_CTX_cleanup(&ctx_enc);
++ EVP_CIPHER_CTX_cleanup(ctx_enc);
+ }
+ #ifdef LFD_ENCRYPT_DEBUG
+ vtun_syslog(LOG_INFO, "Remote requests encryptor re-init");
+@@ -725,7 +730,7 @@ int recv_ib_mesg(int *len, char **in)
+ cipher_enc_state != CIPHER_REQ_INIT &&
+ cipher_enc_state != CIPHER_INIT)
+ {
+- EVP_CIPHER_CTX_cleanup (&ctx_dec);
++ EVP_CIPHER_CTX_cleanup (ctx_dec);
+ cipher_dec_state = CIPHER_INIT;
+ cipher_enc_state = CIPHER_REQ_INIT;
+ }
diff --git a/PKGBUILD b/PKGBUILD
index 39413ea1ac0..7b83bc19d45 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -4,27 +4,59 @@
pkgname=vtun
pkgver=3.0.3.2013.d
_pkgver=3.0.3
-pkgrel=9
+pkgrel=11
pkgdesc="The easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, encryption and IPv6 support."
arch=('i686' 'x86_64' 'armv7h' 'armv6h')
url="http://vtun.sourceforge.net/"
license=('GPL')
-depends=('openssl-1.0' 'zlib' 'lzo')
+depends=('openssl' 'zlib' 'lzo')
backup=('etc/vtund.conf' 'etc/tun-cfg.conf')
source=("http://downloads.sourceforge.net/project/${pkgname}/${pkgname}/${_pkgver}/${pkgname}-${_pkgver}.tar.gz"
-"https://gist.githubusercontent.com/Mic92/f2d0980682a3ad2247b7/raw/9c2045facaa1f82420b84c581aeeef9ba96fd0c7/0001-fix-bison-compile-error.patch"
- cvs-2013.patch openlog.patch 00-sslauth.patch 01-pidfile.patch 02-dumpfile.patch 03-signedness-warnings.patch 04-implicit-pointer-conversions.patch 05-unix98pty.patch 06-ipv6.patch 07-dual-family-transport.patch vtund-ipv6-client.conf vtund-ipv6-server.conf android-dev.patch tun-cat.c tun-cfg tun-cfg.conf README.tun-cfg)
+ cvs-2013.patch
+ openlog.patch
+ 00-sslauth.patch
+ 01-pidfile.patch
+ 02-dumpfile.patch
+ 03-signedness-warnings.patch
+ 04-implicit-pointer-conversions.patch
+ 05-unix98pty.patch
+ 06-ipv6.patch
+ 07-dual-family-transport.patch
+ 08-gcc5-inline.patch
+ 09-client-uses-lot-of-CPU-after-a-SIGHUP.patch
+ 11-libssl-1.1.patch
+ vtund-ipv6-client.conf
+ vtund-ipv6-server.conf
+ android-dev.patch
+ tun-cat.c
+ tun-cfg
+ tun-cfg.conf
+ README.tun-cfg)
sha512sums=('5fa789d08b556f97492b89515a89c2322c4b0a8fa95bd1035f5ed19061b3654a6a36a9911792096ac872ae9ae5451848cab87d0343dc0ffc064affea1f7d0d54'
-'178f8cfc67f5de4b893bd0790f637c8e6988c4a317428330a7690d01ede0368920de8bcf8a1a08ad74300b772571d7e3d7a063cbfc685bf55dd4651f64d56558'
- SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP)
+ SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP SKIP
+ SKIP)
install=vtun.install
prepare() {
cd "${srcdir}"
HELPSTR=/usr/bin/tun-cfg ./tun-cfg --help > README.tun-cfg
cd "${srcdir}/${pkgname}-${_pkgver}"
- # adding latest CVS 3_X2 branch changes and patches ported from Debian Jessie
- for p in cvs-2013.patch openlog.patch 00-sslauth.patch 01-pidfile.patch 02-dumpfile.patch 03-signedness-warnings.patch 04-implicit-pointer-conversions.patch 05-unix98pty.patch 06-ipv6.patch 07-dual-family-transport.patch 0001-fix-bison-compile-error.patch; do
+ # latest CVS 3_X2 branch changes, openlog bugfix and patches ported from Debian
+ for p in \
+ cvs-2013.patch \
+ openlog.patch \
+ 00-sslauth.patch \
+ 01-pidfile.patch \
+ 02-dumpfile.patch \
+ 03-signedness-warnings.patch \
+ 04-implicit-pointer-conversions.patch \
+ 05-unix98pty.patch \
+ 06-ipv6.patch \
+ 07-dual-family-transport.patch \
+ 08-gcc5-inline.patch \
+ 09-client-uses-lot-of-CPU-after-a-SIGHUP.patch \
+ 11-libssl-1.1.patch \
+ ; do
patch -p1 -i "${srcdir}/$p" || exit 1
done
[[ "$CARCH" =~ ^arm ]] && patch -p1 -i "${srcdir}/android-dev.patch"
@@ -35,12 +67,7 @@ prepare() {
build() {
cd "${srcdir}/${pkgname}-${_pkgver}"
- export CFLAGS="$CFLASG -I/usr/include/openssl-1.0"
- export LDFLAGS="$LDFLAGS -L/usr/lib/openssl-1.0"
- export PKG_CONFIG_PATH=/usr/lib/openssl-1.0/pkgconfig
./configure \
- --with-ssl-headers=/usr/include/openssl-1.0/openssl \
- --with-blowfish-headers=/usr/include/openssl-1.0/openssl \
--prefix=/usr \
--sbindir=/usr/bin \
--sysconfdir=/etc \