From patchwork Tue Feb 5 11:47:52 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matt Weber X-Patchwork-Id: 1036666 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=rockwellcollins.com Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 43v2rp6RGvz9sDr for ; Tue, 5 Feb 2019 22:48:10 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 79A3087C30; Tue, 5 Feb 2019 11:48:06 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V8rBcnUwGBrI; Tue, 5 Feb 2019 11:48:03 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by whitealder.osuosl.org (Postfix) with ESMTP id 02DC787912; Tue, 5 Feb 2019 11:48:03 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id C50051BF398 for ; Tue, 5 Feb 2019 11:48:01 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id C289886AE4 for ; Tue, 5 Feb 2019 11:48:01 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3_cE_0iTsUcE for ; Tue, 5 Feb 2019 11:47:54 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from da1vs04.rockwellcollins.com (da1vs04.rockwellcollins.com [205.175.227.52]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 7F375867DF for ; Tue, 5 Feb 2019 11:47:54 +0000 (UTC) Received: from ofwda1n02.rockwellcollins.com (HELO ciulimr01.rockwellcollins.com) ([205.175.227.14]) by da1vs04.rockwellcollins.com with ESMTP; 05 Feb 2019 05:47:53 -0600 X-Received: from largo.rockwellcollins.com (unknown [192.168.140.76]) by ciulimr01.rockwellcollins.com (Postfix) with ESMTP id 4642960046; Tue, 5 Feb 2019 05:47:53 -0600 (CST) From: Matt Weber To: buildroot@buildroot.org Date: Tue, 5 Feb 2019 05:47:52 -0600 Message-Id: <1549367272-15431-1-git-send-email-matthew.weber@rockwellcollins.com> X-Mailer: git-send-email 1.9.1 Subject: [Buildroot] [PATCH v2] package/softether: bump to v4.28-9669-beta X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Source code is now compatible with OpenSSL 1.1.x. Fixes http://autobuild.buildroot.net/results/a6f/a6f1f326ce2525ee0f9d423f1b6d989a89e6b87e/build-end.log Signed-off-by: Matthew Weber --- Changes v1 -> v2 - Added patch to fix RSA key size needing to be larger then 32bits for new openssl - Tested both host and target build --- .../0003-use-fhs-install-directories.patch | 19 ++---- ...-default-RSA-key-size-to-1024-everywhere-.patch | 78 ++++++++++++++++++++++ package/softether/softether.hash | 4 +- package/softether/softether.mk | 4 +- 4 files changed, 86 insertions(+), 19 deletions(-) create mode 100644 package/softether/0010-Encrypt-set-default-RSA-key-size-to-1024-everywhere-.patch diff --git a/package/softether/0003-use-fhs-install-directories.patch b/package/softether/0003-use-fhs-install-directories.patch index c489cc1..ba00d9b 100644 --- a/package/softether/0003-use-fhs-install-directories.patch +++ b/package/softether/0003-use-fhs-install-directories.patch @@ -15,20 +15,22 @@ https://github.com/dajhorn/SoftEtherVPN/commit/b9420c3bfc2a8b9d35d0c8e5f6849007c Signed-off-by: Bernd Kuhls Signed-off-by: Thomas Petazzoni + +[Updated for 4.28 build 9669 beta - src/Mayaqua/Encrypt.c dropped IsXRevoked() +Signed-off-by: Matthew Weber --- autotools/softether.am | 1 + src/Cedar/Admin.c | 2 +- src/Cedar/Command.c | 6 +++++- src/Cedar/Logging.c | 2 +- src/Cedar/Server.c | 4 ++-- - src/Mayaqua/Encrypt.c | 2 +- src/Mayaqua/FileIO.c | 39 ++++++++++++++++++++++++++++++++++++--- src/Mayaqua/FileIO.h | 2 ++ src/Mayaqua/Mayaqua.c | 4 ++++ src/Mayaqua/Table.c | 6 +++++- src/Mayaqua/Unix.c | 6 +++--- src/bin/hamcore/Makefile.am | 8 ++++++-- - 12 files changed, 67 insertions(+), 15 deletions(-) + 11 files changed, 66 insertions(+), 14 deletions(-) Index: b/autotools/softether.am =================================================================== @@ -115,19 +117,6 @@ Index: b/src/Cedar/Server.c Format(dir_full_path, sizeof(dir_full_path), "%s/%s", exe_dir, dirname); dir = EnumDir(dir_full_path); -Index: b/src/Mayaqua/Encrypt.c -=================================================================== ---- a/src/Mayaqua/Encrypt.c -+++ b/src/Mayaqua/Encrypt.c -@@ -579,7 +579,7 @@ - return false; - } - -- GetExeDir(dirname, sizeof(dirname)); -+ GetStateDir(dirname, sizeof(dirname)); - - // Search the CRL file - t = EnumDir(dirname); Index: b/src/Mayaqua/FileIO.c =================================================================== --- a/src/Mayaqua/FileIO.c diff --git a/package/softether/0010-Encrypt-set-default-RSA-key-size-to-1024-everywhere-.patch b/package/softether/0010-Encrypt-set-default-RSA-key-size-to-1024-everywhere-.patch new file mode 100644 index 0000000..20a1f06 --- /dev/null +++ b/package/softether/0010-Encrypt-set-default-RSA-key-size-to-1024-everywhere-.patch @@ -0,0 +1,78 @@ +From 1fad008e1adba5cb596da6f9ec6a244d49a585cf Mon Sep 17 00:00:00 2001 +From: Davide Beatrici +Date: Mon, 9 Apr 2018 22:02:34 +0200 +Subject: [PATCH] Encrypt: set default RSA key size to 1024 everywhere, using + the RSA_KEY_SIZE macro + +This commit also fixes the problem described in #31, which was caused by the test key generated in RsaCheck() being too small for newer OpenSSL versions. + +Failure looks like +-- Alert: RsaCheck() -- +OpenSSL Library Init Failed. (too old?) +Please install the latest version of OpenSSL. + +Upstream: https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/commit/1fad008e1adba5cb596da6f9ec6a244d49a585cf +(Currently still on an active pull request https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/pull/1) + +Signed-off-by: Matthew Weber +--- + src/Mayaqua/Encrypt.c | 8 ++++---- + src/Mayaqua/Encrypt.h | 2 +- + 2 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c +index 381d1c5..a557052 100644 +--- a/src/Mayaqua/Encrypt.c ++++ b/src/Mayaqua/Encrypt.c +@@ -2194,7 +2194,7 @@ bool RsaVerifyEx(void *data, UINT data_size, void *sign, K *k, UINT bits) + } + if (bits == 0) + { +- bits = 1024; ++ bits = RSA_KEY_SIZE; + } + + // Hash the data +@@ -2233,7 +2233,7 @@ bool RsaSignEx(void *dst, void *src, UINT size, K *k, UINT bits) + } + if (bits == 0) + { +- bits = 1024; ++ bits = RSA_KEY_SIZE; + } + + Zero(dst, bits / 8); +@@ -2302,7 +2302,7 @@ bool RsaCheck() + BIO *bio; + char errbuf[MAX_SIZE]; + UINT size = 0; +- UINT bit = 32; ++ UINT bit = RSA_KEY_SIZE; + // Validate arguments + + // Key generation +@@ -2372,7 +2372,7 @@ bool RsaGen(K **priv, K **pub, UINT bit) + } + if (bit == 0) + { +- bit = 1024; ++ bit = RSA_KEY_SIZE; + } + + // Key generation +diff --git a/src/Mayaqua/Encrypt.h b/src/Mayaqua/Encrypt.h +index d795d2d..0c48161 100644 +--- a/src/Mayaqua/Encrypt.h ++++ b/src/Mayaqua/Encrypt.h +@@ -128,7 +128,7 @@ void RAND_Free_For_SoftEther(); + #define DES_IV_SIZE 8 // DES IV size + #define DES_BLOCK_SIZE 8 // DES block size + #define DES3_KEY_SIZE (8 * 3) // 3DES key size +-#define RSA_KEY_SIZE 128 // RSA key size ++#define RSA_KEY_SIZE 1024 // RSA key size + #define DH_KEY_SIZE 128 // DH key size + #define RSA_MIN_SIGN_HASH_SIZE (15 + SHA1_HASH_SIZE) // Minimum RSA hash size + #define RSA_SIGN_HASH_SIZE (RSA_MIN_SIGN_HASH_SIZE) // RSA hash size +-- +1.9.1 + diff --git a/package/softether/softether.hash b/package/softether/softether.hash index ec6e060..fdbbbca 100644 --- a/package/softether/softether.hash +++ b/package/softether/softether.hash @@ -1,3 +1,3 @@ # Locally computed -sha256 8e6310d36e579ea07171ce5fcb9ebe31235d218444c4e4836ca6c32aa49c1f93 softether-v4.22-9634-beta.tar.gz -sha256 7aeb873293fa0e44425dabf68a8e46e26c848fe58efcfd3ac7c90a3386f3edd1 LICENSE +sha256 fbf6e04c4451d0cb1555c3a53c178b5453c7d761119f82fd693538c9f115fecb softether-v4.28-9669-beta.tar.gz +sha256 0a889e7e7a277397d0a2d56c37814eefd8c6b6129d8b74ee2d27fc3415fad561 LICENSE diff --git a/package/softether/softether.mk b/package/softether/softether.mk index 05d2f20..31378e8 100644 --- a/package/softether/softether.mk +++ b/package/softether/softether.mk @@ -4,8 +4,8 @@ # ################################################################################ -SOFTETHER_VERSION = v4.22-9634-beta -SOFTETHER_SITE = $(call github,SoftEtherVPN,SoftEtherVPN,$(SOFTETHER_VERSION)) +SOFTETHER_VERSION = v4.28-9669-beta +SOFTETHER_SITE = $(call github,SoftEtherVPN,SoftEtherVPN_stable,$(SOFTETHER_VERSION)) SOFTETHER_LICENSE = GPL-2.0 SOFTETHER_LICENSE_FILES = LICENSE SOFTETHER_DEPENDENCIES = host-softether libopenssl readline