Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-vpn
diff options
context:
space:
mode:
authorHans de Graaff <graaff@gentoo.org>2019-07-14 09:18:16 +0200
committerHans de Graaff <graaff@gentoo.org>2019-07-14 09:18:32 +0200
commitce831f8c08bc53e1d1cd6af329f7bcd902aa7b9d (patch)
tree357cdb00c85260f4a097cdceaf578e7b6c693824 /net-vpn
parentdev-ruby/gruff: avoid git dependency (diff)
downloadgentoo-ce831f8c08bc53e1d1cd6af329f7bcd902aa7b9d.tar.gz
gentoo-ce831f8c08bc53e1d1cd6af329f7bcd902aa7b9d.tar.bz2
gentoo-ce831f8c08bc53e1d1cd6af329f7bcd902aa7b9d.zip
net-vpn/vtun: fix openssl 1.1 compatibility
Fixes: https://bugs.gentoo.org/674280 Signed-off-by: Hans de Graaff <graaff@gentoo.org> Package-Manager: Portage-2.3.66, Repoman-2.3.11
Diffstat (limited to 'net-vpn')
-rw-r--r--net-vpn/vtun/files/vtun-libssl-1.1.patch229
-rw-r--r--net-vpn/vtun/vtun-3.0.3-r1.ebuild59
2 files changed, 288 insertions, 0 deletions
diff --git a/net-vpn/vtun/files/vtun-libssl-1.1.patch b/net-vpn/vtun/files/vtun-libssl-1.1.patch
new file mode 100644
index 000000000000..76a3c027d889
--- /dev/null
+++ b/net-vpn/vtun/files/vtun-libssl-1.1.patch
@@ -0,0 +1,229 @@
+--- vtun-3.0.3/lfd_encrypt.c.orig 2019-02-25 18:43:39.310480427 -0500
++++ vtun-3.0.3/lfd_encrypt.c 2019-02-25 18:55:26.956441285 -0500
+@@ -96,11 +96,11 @@
+ char * pkey;
+ char * iv_buf;
+
+-EVP_CIPHER_CTX ctx_enc; /* encrypt */
+-EVP_CIPHER_CTX ctx_dec; /* decrypt */
++EVP_CIPHER_CTX *ctx_enc; /* encrypt */
++EVP_CIPHER_CTX *ctx_dec; /* decrypt */
+
+-EVP_CIPHER_CTX ctx_enc_ecb; /* sideband ecb encrypt */
+-EVP_CIPHER_CTX ctx_dec_ecb; /* sideband ecb decrypt */
++EVP_CIPHER_CTX *ctx_enc_ecb; /* sideband ecb encrypt */
++EVP_CIPHER_CTX *ctx_dec_ecb; /* sideband ecb decrypt */
+
+ int prep_key(char **key, int size, struct vtun_host *host)
+ {
+@@ -152,6 +152,11 @@
+ EVP_CIPHER_CTX *pctx_enc;
+ EVP_CIPHER_CTX *pctx_dec;
+
++ ctx_enc = EVP_CIPHER_CTX_new();
++ ctx_dec = EVP_CIPHER_CTX_new();
++ ctx_enc_ecb = EVP_CIPHER_CTX_new();
++ ctx_dec_ecb = EVP_CIPHER_CTX_new();
++
+ enc_init_first_time = 1;
+ dec_init_first_time = 1;
+
+@@ -178,15 +183,15 @@
+ keysize = 32;
+ sb_init = 1;
+ cipher_type = EVP_aes_256_ecb();
+- pctx_enc = &ctx_enc_ecb;
+- pctx_dec = &ctx_dec_ecb;
++ pctx_enc = ctx_enc_ecb;
++ pctx_dec = ctx_dec_ecb;
+ break;
+
+ case VTUN_ENC_AES256ECB:
+ blocksize = 16;
+ keysize = 32;
+- pctx_enc = &ctx_enc;
+- pctx_dec = &ctx_dec;
++ pctx_enc = ctx_enc;
++ pctx_dec = ctx_dec;
+ cipher_type = EVP_aes_256_ecb();
+ strcpy(cipher_name,"AES-256-ECB");
+ break;
+@@ -197,14 +202,14 @@
+ keysize = 16;
+ sb_init=1;
+ cipher_type = EVP_aes_128_ecb();
+- pctx_enc = &ctx_enc_ecb;
+- pctx_dec = &ctx_dec_ecb;
++ pctx_enc = ctx_enc_ecb;
++ pctx_dec = ctx_dec_ecb;
+ break;
+ case VTUN_ENC_AES128ECB:
+ blocksize = 16;
+ keysize = 16;
+- pctx_enc = &ctx_enc;
+- pctx_dec = &ctx_dec;
++ pctx_enc = ctx_enc;
++ pctx_dec = ctx_dec;
+ cipher_type = EVP_aes_128_ecb();
+ strcpy(cipher_name,"AES-128-ECB");
+ break;
+@@ -217,16 +222,16 @@
+ var_key = 1;
+ sb_init = 1;
+ cipher_type = EVP_bf_ecb();
+- pctx_enc = &ctx_enc_ecb;
+- pctx_dec = &ctx_dec_ecb;
++ pctx_enc = ctx_enc_ecb;
++ pctx_dec = ctx_dec_ecb;
+ break;
+
+ case VTUN_ENC_BF256ECB:
+ blocksize = 8;
+ keysize = 32;
+ var_key = 1;
+- pctx_enc = &ctx_enc;
+- pctx_dec = &ctx_dec;
++ pctx_enc = ctx_enc;
++ pctx_dec = ctx_dec;
+ cipher_type = EVP_bf_ecb();
+ strcpy(cipher_name,"Blowfish-256-ECB");
+ break;
+@@ -239,16 +244,16 @@
+ var_key = 1;
+ sb_init = 1;
+ cipher_type = EVP_bf_ecb();
+- pctx_enc = &ctx_enc_ecb;
+- pctx_dec = &ctx_dec_ecb;
++ pctx_enc = ctx_enc_ecb;
++ pctx_dec = ctx_dec_ecb;
+ break;
+ case VTUN_ENC_BF128ECB: /* blowfish 128 ecb is the default */
+ default:
+ blocksize = 8;
+ keysize = 16;
+ var_key = 1;
+- pctx_enc = &ctx_enc;
+- pctx_dec = &ctx_dec;
++ pctx_enc = ctx_enc;
++ pctx_dec = ctx_dec;
+ cipher_type = EVP_bf_ecb();
+ strcpy(cipher_name,"Blowfish-128-ECB");
+ break;
+@@ -290,10 +295,10 @@
+ lfd_free(enc_buf); enc_buf = NULL;
+ lfd_free(dec_buf); dec_buf = NULL;
+
+- EVP_CIPHER_CTX_cleanup(&ctx_enc);
+- EVP_CIPHER_CTX_cleanup(&ctx_dec);
+- EVP_CIPHER_CTX_cleanup(&ctx_enc_ecb);
+- EVP_CIPHER_CTX_cleanup(&ctx_dec_ecb);
++ EVP_CIPHER_CTX_free(ctx_enc);
++ EVP_CIPHER_CTX_free(ctx_dec);
++ EVP_CIPHER_CTX_free(ctx_enc_ecb);
++ EVP_CIPHER_CTX_free(ctx_dec_ecb);
+
+ return 0;
+ }
+@@ -319,7 +324,7 @@
+ outlen=len+pad;
+ if (pad == blocksize)
+ RAND_bytes(in_ptr+len, blocksize-1);
+- EVP_EncryptUpdate(&ctx_enc, out_ptr, &outlen, in_ptr, len+pad);
++ EVP_EncryptUpdate(ctx_enc, out_ptr, &outlen, in_ptr, len+pad);
+ *out = enc_buf;
+
+ sequence_num++;
+@@ -339,7 +344,7 @@
+
+ outlen=len;
+ if (!len) return 0;
+- EVP_DecryptUpdate(&ctx_dec, out_ptr, &outlen, in_ptr, len);
++ EVP_DecryptUpdate(ctx_dec, out_ptr, &outlen, in_ptr, len);
+ recv_ib_mesg(&outlen, &out_ptr);
+ if (!outlen) return 0;
+ tmp_ptr = out_ptr + outlen; tmp_ptr--;
+@@ -427,13 +432,13 @@
+ break;
+ } /* switch(cipher) */
+
+- EVP_CIPHER_CTX_init(&ctx_enc);
+- EVP_EncryptInit_ex(&ctx_enc, cipher_type, NULL, NULL, NULL);
++ EVP_CIPHER_CTX_init(ctx_enc);
++ EVP_EncryptInit_ex(ctx_enc, cipher_type, NULL, NULL, NULL);
+ if (var_key)
+- EVP_CIPHER_CTX_set_key_length(&ctx_enc, keysize);
+- EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, pkey, NULL);
+- EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, NULL, iv);
+- EVP_CIPHER_CTX_set_padding(&ctx_enc, 0);
++ EVP_CIPHER_CTX_set_key_length(ctx_enc, keysize);
++ EVP_EncryptInit_ex(ctx_enc, NULL, NULL, pkey, NULL);
++ EVP_EncryptInit_ex(ctx_enc, NULL, NULL, NULL, iv);
++ EVP_CIPHER_CTX_set_padding(ctx_enc, 0);
+ if (enc_init_first_time)
+ {
+ sprintf(tmpstr,"%s encryption initialized", cipher_name);
+@@ -517,13 +522,13 @@
+ break;
+ } /* switch(cipher) */
+
+- EVP_CIPHER_CTX_init(&ctx_dec);
+- EVP_DecryptInit_ex(&ctx_dec, cipher_type, NULL, NULL, NULL);
++ EVP_CIPHER_CTX_init(ctx_dec);
++ EVP_DecryptInit_ex(ctx_dec, cipher_type, NULL, NULL, NULL);
+ if (var_key)
+- EVP_CIPHER_CTX_set_key_length(&ctx_dec, keysize);
+- EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, pkey, NULL);
+- EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, NULL, iv);
+- EVP_CIPHER_CTX_set_padding(&ctx_dec, 0);
++ EVP_CIPHER_CTX_set_key_length(ctx_dec, keysize);
++ EVP_DecryptInit_ex(ctx_dec, NULL, NULL, pkey, NULL);
++ EVP_DecryptInit_ex(ctx_dec, NULL, NULL, NULL, iv);
++ EVP_CIPHER_CTX_set_padding(ctx_dec, 0);
+ if (dec_init_first_time)
+ {
+ sprintf(tmpstr,"%s decryption initialized", cipher_name);
+@@ -555,7 +560,7 @@
+
+ in_ptr = in - blocksize*2;
+ outlen = blocksize*2;
+- EVP_EncryptUpdate(&ctx_enc_ecb, in_ptr,
++ EVP_EncryptUpdate(ctx_enc_ecb, in_ptr,
+ &outlen, in_ptr, blocksize*2);
+ *out = in_ptr;
+ len = outlen;
+@@ -582,7 +587,7 @@
+ in_ptr = in;
+ iv = malloc(blocksize);
+ outlen = blocksize*2;
+- EVP_DecryptUpdate(&ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2);
++ EVP_DecryptUpdate(ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2);
+
+ if ( !strncmp(in_ptr, "ivec", 4) )
+ {
+@@ -625,7 +630,7 @@
+ if (cipher_enc_state != CIPHER_INIT)
+ {
+ cipher_enc_state = CIPHER_INIT;
+- EVP_CIPHER_CTX_cleanup(&ctx_enc);
++ EVP_CIPHER_CTX_cleanup(ctx_enc);
+ #ifdef LFD_ENCRYPT_DEBUG
+ vtun_syslog(LOG_INFO,
+ "Forcing local encryptor re-init");
+@@ -706,7 +711,7 @@
+ if (cipher_enc_state != CIPHER_INIT)
+ {
+ cipher_enc_state = CIPHER_INIT;
+- EVP_CIPHER_CTX_cleanup(&ctx_enc);
++ EVP_CIPHER_CTX_cleanup(ctx_enc);
+ }
+ #ifdef LFD_ENCRYPT_DEBUG
+ vtun_syslog(LOG_INFO, "Remote requests encryptor re-init");
+@@ -720,7 +725,7 @@
+ cipher_enc_state != CIPHER_REQ_INIT &&
+ cipher_enc_state != CIPHER_INIT)
+ {
+- EVP_CIPHER_CTX_cleanup (&ctx_dec);
++ EVP_CIPHER_CTX_cleanup (ctx_dec);
+ cipher_dec_state = CIPHER_INIT;
+ cipher_enc_state = CIPHER_REQ_INIT;
+ }
diff --git a/net-vpn/vtun/vtun-3.0.3-r1.ebuild b/net-vpn/vtun/vtun-3.0.3-r1.ebuild
new file mode 100644
index 000000000000..d56bcd52fbdb
--- /dev/null
+++ b/net-vpn/vtun/vtun-3.0.3-r1.ebuild
@@ -0,0 +1,59 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit linux-info
+
+DESCRIPTION="Create tunnels over TCP/IP networks with shaping, encryption, and compression"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+HOMEPAGE="http://vtun.sourceforge.net/"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~ppc ~sparc ~x86"
+IUSE="lzo socks5 ssl zlib"
+
+RDEPEND="ssl? ( dev-libs/openssl:0 )
+ lzo? ( dev-libs/lzo:2 )
+ zlib? ( sys-libs/zlib )
+ socks5? ( net-proxy/dante )"
+DEPEND="${RDEPEND}
+ sys-devel/bison"
+
+DOCS="ChangeLog Credits FAQ README README.Setup README.Shaper TODO"
+
+CONFIG_CHECK="~TUN"
+
+src_prepare() {
+ sed -i Makefile.in \
+ -e '/^LDFLAGS/s|=|+=|g' \
+ || die "sed Makefile"
+ eapply "${FILESDIR}"/${P}-includes.patch
+ # remove unneeded checking for /etc/vtund.conf
+ eapply -p0 "${FILESDIR}"/${PN}-3.0.2-remove-config-presence-check.patch
+ # GCC 5 compatibility, patch from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778164
+ eapply "${FILESDIR}"/${P}-gcc5.patch
+ # openssl 1.1 compatibility, bug 674280
+ eapply -l "${FILESDIR}"/${PN}-libssl-1.1.patch
+ # portage takes care about striping binaries itself
+ sed -i 's:$(BIN_DIR)/strip $(DESTDIR)$(SBIN_DIR)/vtund::' Makefile.in || die
+
+ eapply_user
+}
+
+src_configure() {
+ econf \
+ $(use_enable ssl) \
+ $(use_enable zlib) \
+ $(use_enable lzo) \
+ $(use_enable socks5 socks) \
+ --enable-shaper
+}
+
+src_install() {
+ default
+ newinitd "${FILESDIR}"/vtun.rc vtun
+ insinto etc
+ doins "${FILESDIR}"/vtund-start.conf
+}