From owner-svn-ports-head@freebsd.org  Wed Jul 10 01:10:04 2019
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 31DF815EA8DF;
 Wed, 10 Jul 2019 01:10:04 +0000 (UTC)
 (envelope-from meta@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id C88B98F726;
 Wed, 10 Jul 2019 01:10:03 +0000 (UTC)
 (envelope-from meta@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A18A97D30;
 Wed, 10 Jul 2019 01:10:03 +0000 (UTC)
 (envelope-from meta@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x6A1A3NM097633;
 Wed, 10 Jul 2019 01:10:03 GMT (envelope-from meta@FreeBSD.org)
Received: (from meta@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x6A1A3Yv097631;
 Wed, 10 Jul 2019 01:10:03 GMT (envelope-from meta@FreeBSD.org)
Message-Id: <201907100110.x6A1A3Yv097631@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: meta set sender to
 meta@FreeBSD.org using -f
From: Koichiro Iwao <meta@FreeBSD.org>
Date: Wed, 10 Jul 2019 01:10:03 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r506327 - in head/security/softether-devel: . files
X-SVN-Group: ports-head
X-SVN-Commit-Author: meta
X-SVN-Commit-Paths: in head/security/softether-devel: . files
X-SVN-Commit-Revision: 506327
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: C88B98F726
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.94 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 NEURAL_HAM_SHORT(-0.95)[-0.945,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jul 2019 01:10:04 -0000

Author: meta
Date: Wed Jul 10 01:10:02 2019
New Revision: 506327
URL: https://svnweb.freebsd.org/changeset/ports/506327

Log:
  security/softether-devel: Update to v4.30-9696-beta
  
  The biggest topics of this version are JSON-RPC API and HTML5 based admin console.
  
  Here's the summary of changes:
  * Added the SoftEther VPN Server JSON-RPC API Suite implementation
  * Added the Embedded HTML5-based Modern Admin Console
  * Fixed the problem occurs when RPC messages between Cluster Members exceed 64Kbytes
  * Fixed the RADIUS PEAP client to use the standard TLS versioning
  * Added the support of ChaCha20-Poly1305-IETF AEAD for RUDP
  * Added the function to display the protocol details about the VPN session
  * Fixed the bug that the language switching function was disabled. (Build 9695 -> Build 9696)
  
  Relnotes:	https://www.softether.org/5-download/history
  Sponsored by:	HAW International, Inc.

Deleted:
  head/security/softether-devel/files/patch-src__Mayaqua__Network.c
Modified:
  head/security/softether-devel/Makefile
  head/security/softether-devel/distinfo
  head/security/softether-devel/files/patch-fix-build-openssl111

Modified: head/security/softether-devel/Makefile
==============================================================================
--- head/security/softether-devel/Makefile	Wed Jul 10 00:46:30 2019	(r506326)
+++ head/security/softether-devel/Makefile	Wed Jul 10 01:10:02 2019	(r506327)
@@ -1,22 +1,22 @@
 # $FreeBSD$
 
 PORTNAME=	softether
-DISTVERSION=	4.28-9669-beta
-PORTREVISION=	2
+DISTVERSION=	4.30-9696-beta
+#PORTREVISION=	0
 CATEGORIES=	security
-MASTER_SITES=	https://www.softether-download.com/files/softether/v${DISTVERSION}-2018.09.11-tree/Source_Code/
+MASTER_SITES=	https://www.softether-download.com/files/softether/v${DISTVERSION}-2019.07.08-tree/Source_Code/
 PKGNAMESUFFIX=	-devel
 DISTNAME=	${PORTNAME}-src-v${DISTVERSION}
 
 MAINTAINER=	meta@FreeBSD.org
 COMMENT=	Softether VPN 4 (stable beta version)
 
-LICENSE=	GPLv2
+LICENSE=	APACHE20
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
 ONLY_FOR_ARCHS=	amd64 i386
 ONLY_FOR_ARCHS_REASON=	Upstream only supports amd64 and i386: https://www.softether.org/3-spec
-IGNORE=		no beta version available right now, use security/softether instead
+#IGNORE=		no beta version available right now, use security/softether instead
 
 USES=		dos2unix gmake iconv:wchar_t localbase:ldflags ncurses \
 		readline ssl

Modified: head/security/softether-devel/distinfo
==============================================================================
--- head/security/softether-devel/distinfo	Wed Jul 10 00:46:30 2019	(r506326)
+++ head/security/softether-devel/distinfo	Wed Jul 10 01:10:02 2019	(r506327)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1542201488
-SHA256 (softether-src-v4.28-9669-beta.tar.gz) = 1e641fa227a732b3eec3fe8bdcf4d4fd2b1d0b0a5084119126c1216d2ec1b545
-SIZE (softether-src-v4.28-9669-beta.tar.gz) = 33795085
+TIMESTAMP = 1562582908
+SHA256 (softether-src-v4.30-9696-beta.tar.gz) = 07b6fb3a677ab9eef42fc5a6abee414904552bcdc66baa56ebd3896bf2a8b490
+SIZE (softether-src-v4.30-9696-beta.tar.gz) = 34687742

Modified: head/security/softether-devel/files/patch-fix-build-openssl111
==============================================================================
--- head/security/softether-devel/files/patch-fix-build-openssl111	Wed Jul 10 00:46:30 2019	(r506326)
+++ head/security/softether-devel/files/patch-fix-build-openssl111	Wed Jul 10 01:10:02 2019	(r506327)
@@ -1,22 +1,47 @@
---- src/Mayaqua/Encrypt.c.orig	2018-11-06 08:15:31 UTC
-+++ src/Mayaqua/Encrypt.c
-@@ -2684,7 +2684,7 @@ bool RsaCheck()
- 	BIO *bio;
- 	char errbuf[MAX_SIZE];
- 	UINT size = 0;
--	UINT bit = 32;
-+	UINT bit = RSA_KEY_SIZE;
- 	// Validate arguments
+--- src/Mayaqua/Network.c.orig	2019-07-09 22:00:31.540606000 +0900
++++ src/Mayaqua/Network.c	2019-07-09 22:00:37.550748000 +0900
+@@ -5946,6 +5946,10 @@
+ 	return 1;
+ }
  
- 	// Key generation
---- src/Mayaqua/Encrypt.h.orig	2018-11-06 08:15:31 UTC
-+++ src/Mayaqua/Encrypt.h
-@@ -128,7 +128,7 @@ void RAND_Free_For_SoftEther();
- #define	DES_IV_SIZE					8			// DES IV size
- #define DES_BLOCK_SIZE				8			// DES block size
- #define DES3_KEY_SIZE				(8 * 3)		// 3DES key size
--#define RSA_KEY_SIZE				128			// RSA key size
-+#define RSA_KEY_SIZE				4096			// RSA key size
- #define DH_KEY_SIZE					128			// DH key size
- #define	RSA_MIN_SIGN_HASH_SIZE		(15 + SHA1_HASH_SIZE)	// Minimum RSA hash size
- #define	RSA_SIGN_HASH_SIZE			(RSA_MIN_SIGN_HASH_SIZE)	// RSA hash size
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#define X509_STORE_CTX_get0_cert(o) ((o)->cert)
++#endif
++
+ // Verify client SSL certificate during TLS handshake.
+ //
+ // (actually, only save the certificate for later authentication in Protocol.c)
+@@ -5953,27 +5957,27 @@
+ {
+ 	SSL *ssl;
+ 	struct SslClientCertInfo *clientcert;
++	X509 *cert;
+ 
+ 	ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+ 	clientcert = SSL_get_ex_data(ssl, GetSslClientCertIndex());
+ 
+ 	if (clientcert != NULL)
+ 	{
+-		clientcert->PreverifyErr = 0;
++		clientcert->PreverifyErr = X509_STORE_CTX_get_error(ctx);
+ 		clientcert->PreverifyErrMessage[0] = '\0';
+ 		if (!preverify_ok)
+ 		{
+-			char *msg;
+-			clientcert->PreverifyErr = X509_STORE_CTX_get_error(ctx);
+-			msg = (char *)X509_verify_cert_error_string(clientcert->PreverifyErr);
++			const char *msg = X509_verify_cert_error_string(clientcert->PreverifyErr);
+ 			StrCpy(clientcert->PreverifyErrMessage, PREVERIFY_ERR_MESSAGE_SIZE, msg);
+ 			Debug("SslCertVerifyCallback preverify error: '%s'\n", msg);
+ 		}
+ 		else
+ 		{
+-			if (ctx->cert != NULL)
++			cert = X509_STORE_CTX_get0_cert(ctx);
++			if (cert != NULL)
+ 			{
+-				X *tmpX = X509ToX(ctx->cert); // this only wraps ctx->cert, but we need to make a copy
++				X *tmpX = X509ToX(cert); // this only wraps cert, but we need to make a copy
+ 				X *copyX = CloneX(tmpX);
+ 				tmpX->do_not_free = true; // do not release inner X509 object
+ 				FreeX(tmpX);