commit: ce831f8c08bc53e1d1cd6af329f7bcd902aa7b9d Author: Hans de Graaff <graaff <AT> gentoo <DOT> org> AuthorDate: Sun Jul 14 07:18:16 2019 +0000 Commit: Hans de Graaff <graaff <AT> gentoo <DOT> org> CommitDate: Sun Jul 14 07:18:32 2019 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ce831f8c
net-vpn/vtun: fix openssl 1.1 compatibility Fixes: https://bugs.gentoo.org/674280 Signed-off-by: Hans de Graaff <graaff <AT> gentoo.org> Package-Manager: Portage-2.3.66, Repoman-2.3.11 net-vpn/vtun/files/vtun-libssl-1.1.patch | 229 +++++++++++++++++++++++++++++++ net-vpn/vtun/vtun-3.0.3-r1.ebuild | 59 ++++++++ 2 files changed, 288 insertions(+) diff --git a/net-vpn/vtun/files/vtun-libssl-1.1.patch b/net-vpn/vtun/files/vtun-libssl-1.1.patch new file mode 100644 index 00000000000..76a3c027d88 --- /dev/null +++ b/net-vpn/vtun/files/vtun-libssl-1.1.patch @@ -0,0 +1,229 @@ +--- vtun-3.0.3/lfd_encrypt.c.orig 2019-02-25 18:43:39.310480427 -0500 ++++ vtun-3.0.3/lfd_encrypt.c 2019-02-25 18:55:26.956441285 -0500 +@@ -96,11 +96,11 @@ + char * pkey; + char * iv_buf; + +-EVP_CIPHER_CTX ctx_enc; /* encrypt */ +-EVP_CIPHER_CTX ctx_dec; /* decrypt */ ++EVP_CIPHER_CTX *ctx_enc; /* encrypt */ ++EVP_CIPHER_CTX *ctx_dec; /* decrypt */ + +-EVP_CIPHER_CTX ctx_enc_ecb; /* sideband ecb encrypt */ +-EVP_CIPHER_CTX ctx_dec_ecb; /* sideband ecb decrypt */ ++EVP_CIPHER_CTX *ctx_enc_ecb; /* sideband ecb encrypt */ ++EVP_CIPHER_CTX *ctx_dec_ecb; /* sideband ecb decrypt */ + + int prep_key(char **key, int size, struct vtun_host *host) + { +@@ -152,6 +152,11 @@ + EVP_CIPHER_CTX *pctx_enc; + EVP_CIPHER_CTX *pctx_dec; + ++ ctx_enc = EVP_CIPHER_CTX_new(); ++ ctx_dec = EVP_CIPHER_CTX_new(); ++ ctx_enc_ecb = EVP_CIPHER_CTX_new(); ++ ctx_dec_ecb = EVP_CIPHER_CTX_new(); ++ + enc_init_first_time = 1; + dec_init_first_time = 1; + +@@ -178,15 +183,15 @@ + keysize = 32; + sb_init = 1; + cipher_type = EVP_aes_256_ecb(); +- pctx_enc = &ctx_enc_ecb; +- pctx_dec = &ctx_dec_ecb; ++ pctx_enc = ctx_enc_ecb; ++ pctx_dec = ctx_dec_ecb; + break; + + case VTUN_ENC_AES256ECB: + blocksize = 16; + keysize = 32; +- pctx_enc = &ctx_enc; +- pctx_dec = &ctx_dec; ++ pctx_enc = ctx_enc; ++ pctx_dec = ctx_dec; + cipher_type = EVP_aes_256_ecb(); + strcpy(cipher_name,"AES-256-ECB"); + break; +@@ -197,14 +202,14 @@ + keysize = 16; + sb_init=1; + cipher_type = EVP_aes_128_ecb(); +- pctx_enc = &ctx_enc_ecb; +- pctx_dec = &ctx_dec_ecb; ++ pctx_enc = ctx_enc_ecb; ++ pctx_dec = ctx_dec_ecb; + break; + case VTUN_ENC_AES128ECB: + blocksize = 16; + keysize = 16; +- pctx_enc = &ctx_enc; +- pctx_dec = &ctx_dec; ++ pctx_enc = ctx_enc; ++ pctx_dec = ctx_dec; + cipher_type = EVP_aes_128_ecb(); + strcpy(cipher_name,"AES-128-ECB"); + break; +@@ -217,16 +222,16 @@ + var_key = 1; + sb_init = 1; + cipher_type = EVP_bf_ecb(); +- pctx_enc = &ctx_enc_ecb; +- pctx_dec = &ctx_dec_ecb; ++ pctx_enc = ctx_enc_ecb; ++ pctx_dec = ctx_dec_ecb; + break; + + case VTUN_ENC_BF256ECB: + blocksize = 8; + keysize = 32; + var_key = 1; +- pctx_enc = &ctx_enc; +- pctx_dec = &ctx_dec; ++ pctx_enc = ctx_enc; ++ pctx_dec = ctx_dec; + cipher_type = EVP_bf_ecb(); + strcpy(cipher_name,"Blowfish-256-ECB"); + break; +@@ -239,16 +244,16 @@ + var_key = 1; + sb_init = 1; + cipher_type = EVP_bf_ecb(); +- pctx_enc = &ctx_enc_ecb; +- pctx_dec = &ctx_dec_ecb; ++ pctx_enc = ctx_enc_ecb; ++ pctx_dec = ctx_dec_ecb; + break; + case VTUN_ENC_BF128ECB: /* blowfish 128 ecb is the default */ + default: + blocksize = 8; + keysize = 16; + var_key = 1; +- pctx_enc = &ctx_enc; +- pctx_dec = &ctx_dec; ++ pctx_enc = ctx_enc; ++ pctx_dec = ctx_dec; + cipher_type = EVP_bf_ecb(); + strcpy(cipher_name,"Blowfish-128-ECB"); + break; +@@ -290,10 +295,10 @@ + lfd_free(enc_buf); enc_buf = NULL; + lfd_free(dec_buf); dec_buf = NULL; + +- EVP_CIPHER_CTX_cleanup(&ctx_enc); +- EVP_CIPHER_CTX_cleanup(&ctx_dec); +- EVP_CIPHER_CTX_cleanup(&ctx_enc_ecb); +- EVP_CIPHER_CTX_cleanup(&ctx_dec_ecb); ++ EVP_CIPHER_CTX_free(ctx_enc); ++ EVP_CIPHER_CTX_free(ctx_dec); ++ EVP_CIPHER_CTX_free(ctx_enc_ecb); ++ EVP_CIPHER_CTX_free(ctx_dec_ecb); + + return 0; + } +@@ -319,7 +324,7 @@ + outlen=len+pad; + if (pad == blocksize) + RAND_bytes(in_ptr+len, blocksize-1); +- EVP_EncryptUpdate(&ctx_enc, out_ptr, &outlen, in_ptr, len+pad); ++ EVP_EncryptUpdate(ctx_enc, out_ptr, &outlen, in_ptr, len+pad); + *out = enc_buf; + + sequence_num++; +@@ -339,7 +344,7 @@ + + outlen=len; + if (!len) return 0; +- EVP_DecryptUpdate(&ctx_dec, out_ptr, &outlen, in_ptr, len); ++ EVP_DecryptUpdate(ctx_dec, out_ptr, &outlen, in_ptr, len); + recv_ib_mesg(&outlen, &out_ptr); + if (!outlen) return 0; + tmp_ptr = out_ptr + outlen; tmp_ptr--; +@@ -427,13 +432,13 @@ + break; + } /* switch(cipher) */ + +- EVP_CIPHER_CTX_init(&ctx_enc); +- EVP_EncryptInit_ex(&ctx_enc, cipher_type, NULL, NULL, NULL); ++ EVP_CIPHER_CTX_init(ctx_enc); ++ EVP_EncryptInit_ex(ctx_enc, cipher_type, NULL, NULL, NULL); + if (var_key) +- EVP_CIPHER_CTX_set_key_length(&ctx_enc, keysize); +- EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, pkey, NULL); +- EVP_EncryptInit_ex(&ctx_enc, NULL, NULL, NULL, iv); +- EVP_CIPHER_CTX_set_padding(&ctx_enc, 0); ++ EVP_CIPHER_CTX_set_key_length(ctx_enc, keysize); ++ EVP_EncryptInit_ex(ctx_enc, NULL, NULL, pkey, NULL); ++ EVP_EncryptInit_ex(ctx_enc, NULL, NULL, NULL, iv); ++ EVP_CIPHER_CTX_set_padding(ctx_enc, 0); + if (enc_init_first_time) + { + sprintf(tmpstr,"%s encryption initialized", cipher_name); +@@ -517,13 +522,13 @@ + break; + } /* switch(cipher) */ + +- EVP_CIPHER_CTX_init(&ctx_dec); +- EVP_DecryptInit_ex(&ctx_dec, cipher_type, NULL, NULL, NULL); ++ EVP_CIPHER_CTX_init(ctx_dec); ++ EVP_DecryptInit_ex(ctx_dec, cipher_type, NULL, NULL, NULL); + if (var_key) +- EVP_CIPHER_CTX_set_key_length(&ctx_dec, keysize); +- EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, pkey, NULL); +- EVP_DecryptInit_ex(&ctx_dec, NULL, NULL, NULL, iv); +- EVP_CIPHER_CTX_set_padding(&ctx_dec, 0); ++ EVP_CIPHER_CTX_set_key_length(ctx_dec, keysize); ++ EVP_DecryptInit_ex(ctx_dec, NULL, NULL, pkey, NULL); ++ EVP_DecryptInit_ex(ctx_dec, NULL, NULL, NULL, iv); ++ EVP_CIPHER_CTX_set_padding(ctx_dec, 0); + if (dec_init_first_time) + { + sprintf(tmpstr,"%s decryption initialized", cipher_name); +@@ -555,7 +560,7 @@ + + in_ptr = in - blocksize*2; + outlen = blocksize*2; +- EVP_EncryptUpdate(&ctx_enc_ecb, in_ptr, ++ EVP_EncryptUpdate(ctx_enc_ecb, in_ptr, + &outlen, in_ptr, blocksize*2); + *out = in_ptr; + len = outlen; +@@ -582,7 +587,7 @@ + in_ptr = in; + iv = malloc(blocksize); + outlen = blocksize*2; +- EVP_DecryptUpdate(&ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2); ++ EVP_DecryptUpdate(ctx_dec_ecb, in_ptr, &outlen, in_ptr, blocksize*2); + + if ( !strncmp(in_ptr, "ivec", 4) ) + { +@@ -625,7 +630,7 @@ + if (cipher_enc_state != CIPHER_INIT) + { + cipher_enc_state = CIPHER_INIT; +- EVP_CIPHER_CTX_cleanup(&ctx_enc); ++ EVP_CIPHER_CTX_cleanup(ctx_enc); + #ifdef LFD_ENCRYPT_DEBUG + vtun_syslog(LOG_INFO, + "Forcing local encryptor re-init"); +@@ -706,7 +711,7 @@ + if (cipher_enc_state != CIPHER_INIT) + { + cipher_enc_state = CIPHER_INIT; +- EVP_CIPHER_CTX_cleanup(&ctx_enc); ++ EVP_CIPHER_CTX_cleanup(ctx_enc); + } + #ifdef LFD_ENCRYPT_DEBUG + vtun_syslog(LOG_INFO, "Remote requests encryptor re-init"); +@@ -720,7 +725,7 @@ + cipher_enc_state != CIPHER_REQ_INIT && + cipher_enc_state != CIPHER_INIT) + { +- EVP_CIPHER_CTX_cleanup (&ctx_dec); ++ EVP_CIPHER_CTX_cleanup (ctx_dec); + cipher_dec_state = CIPHER_INIT; + cipher_enc_state = CIPHER_REQ_INIT; + } diff --git a/net-vpn/vtun/vtun-3.0.3-r1.ebuild b/net-vpn/vtun/vtun-3.0.3-r1.ebuild new file mode 100644 index 00000000000..d56bcd52fbd --- /dev/null +++ b/net-vpn/vtun/vtun-3.0.3-r1.ebuild @@ -0,0 +1,59 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit linux-info + +DESCRIPTION="Create tunnels over TCP/IP networks with shaping, encryption, and compression" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" +HOMEPAGE="http://vtun.sourceforge.net/"; + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~ppc ~sparc ~x86" +IUSE="lzo socks5 ssl zlib" + +RDEPEND="ssl? ( dev-libs/openssl:0 ) + lzo? ( dev-libs/lzo:2 ) + zlib? ( sys-libs/zlib ) + socks5? ( net-proxy/dante )" +DEPEND="${RDEPEND} + sys-devel/bison" + +DOCS="ChangeLog Credits FAQ README README.Setup README.Shaper TODO" + +CONFIG_CHECK="~TUN" + +src_prepare() { + sed -i Makefile.in \ + -e '/^LDFLAGS/s|=|+=|g' \ + || die "sed Makefile" + eapply "${FILESDIR}"/${P}-includes.patch + # remove unneeded checking for /etc/vtund.conf + eapply -p0 "${FILESDIR}"/${PN}-3.0.2-remove-config-presence-check.patch + # GCC 5 compatibility, patch from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778164 + eapply "${FILESDIR}"/${P}-gcc5.patch + # openssl 1.1 compatibility, bug 674280 + eapply -l "${FILESDIR}"/${PN}-libssl-1.1.patch + # portage takes care about striping binaries itself + sed -i 's:$(BIN_DIR)/strip $(DESTDIR)$(SBIN_DIR)/vtund::' Makefile.in || die + + eapply_user +} + +src_configure() { + econf \ + $(use_enable ssl) \ + $(use_enable zlib) \ + $(use_enable lzo) \ + $(use_enable socks5 socks) \ + --enable-shaper +} + +src_install() { + default + newinitd "${FILESDIR}"/vtun.rc vtun + insinto etc + doins "${FILESDIR}"/vtund-start.conf +}
