From 975debfed4413464492f5d93b016abeb67be1126 Mon Sep 17 00:00:00 2001 From: You Xiaojie Date: Sat, 21 Oct 2017 16:19:20 +0800 Subject: [PATCH 1/5] Resolve "Implicit declaration of function warning" when compiling Console.c and BridgeUnix.c --- src/Cedar/BridgeUnix.h | 1 + src/Cedar/Console.c | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/src/Cedar/BridgeUnix.h b/src/Cedar/BridgeUnix.h index 7f9b0890..4ba495d1 100644 --- a/src/Cedar/BridgeUnix.h +++ b/src/Cedar/BridgeUnix.h @@ -186,6 +186,7 @@ struct CAPTUREBLOCK{ // Function prototype +void FreeTap(VLAN *v); void InitEth(); void FreeEth(); bool IsEthSupported(); diff --git a/src/Cedar/Console.c b/src/Cedar/Console.c index ba2ec285..21c5e2a5 100644 --- a/src/Cedar/Console.c +++ b/src/Cedar/Console.c @@ -2048,7 +2048,13 @@ bool PasswordPrompt(char *password, UINT size) else if (c == 0xE0) { // Read one more character + +#ifdef OS_WIN32 c = getch(); +#else // OS_WIN32 + c = getc(stdin); +#endif // OS_WIN32 + if (c == 0x4B || c == 0x53) { // Backspace From de665ddde566fb7e36606c4f550709fefac06383 Mon Sep 17 00:00:00 2001 From: You Xiaojie Date: Wed, 27 Dec 2017 22:03:15 +0800 Subject: [PATCH 2/5] Correct Debian package name libssl-dev NOT openssl-dev --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 6e7166ff..20b66281 100644 --- a/README.md +++ b/README.md @@ -143,7 +143,7 @@ from GitHub. You may make your own fork project from our project. - libncurses-dev - libreadline-dev - make -- openssl-dev +- libssl-dev ### 2. Redhat/CentOS - gcc From 09c0de502e0b9b972cf032111accfcff929e0fe2 Mon Sep 17 00:00:00 2001 From: You Xiaojie Date: Wed, 27 Dec 2017 22:33:44 +0800 Subject: [PATCH 3/5] add zlib1g-dev --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 20b66281..2bdb90f0 100644 --- a/README.md +++ b/README.md @@ -140,10 +140,11 @@ from GitHub. You may make your own fork project from our project. ### 1. Debian/Ubuntu - gcc -- libncurses-dev -- libreadline-dev - make +- libreadline-dev - libssl-dev +- libncurses-dev +- zlib1g-dev ### 2. Redhat/CentOS - gcc From 957653542cb0c588db401e058581127b657eef3d Mon Sep 17 00:00:00 2001 From: You Xiaojie Date: Wed, 27 Dec 2017 22:03:15 +0800 Subject: [PATCH 4/5] Modify README.Correct Deb package name to libssl-dev.Add zlib1g-dev. Add instruction to build deb packages.Modify debian/changlog --- README.md | 23 +++++++++++++++++------ debian/changelog | 25 ++++++++++++++++++++++--- 2 files changed, 39 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 6e7166ff..d3ee3ad1 100644 --- a/README.md +++ b/README.md @@ -140,17 +140,19 @@ from GitHub. You may make your own fork project from our project. ### 1. Debian/Ubuntu - gcc -- libncurses-dev -- libreadline-dev - make -- openssl-dev +- libreadline-dev +- libssl-dev +- libncurses-dev +- zlib1g-dev ### 2. Redhat/CentOS - gcc -- openssl-devel - make -- ncurses-devel - readline-devel +- openssl-devel +- ncurses-devel + ## Compile and install The download and build instruction is following: @@ -163,8 +165,17 @@ $ make $ make install ``` +## Build Deb packages +Dependencies: +- debhelper +- dh-exec - +Command line: +```sh +$ ./configure +$ dpkg-buildpackage -b -us -uc +``` +The Deb packages will locate in parent dirctory. # TO CIRCUMVENT YOUR GOVERNMENT'S FIREWALL RESTRICTION diff --git a/debian/changelog b/debian/changelog index fc27eb06..c4106e3f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,24 @@ -softether-vpn (0:4.04.9412-rtm) unstable; urgency=low +softether-vpn (4.23.9647-beta) unstable; urgency=low - * Testing debianization + * Upgraded OpenSSL to 1.0.2l. + * Source code is now compatible with OpenSSL 1.1.x. Supports DHE-RSA-CHACHA 20-POLY 1305 and ECDHE-RSA-CHACHA 20-POLY 1305, which are new encryption methods of TLS 1.2. (In order to use this new function, you need to recompile yourself using OpenSSL 1.1.x.) + * TrafficServer / TrafficClient function (The traffic throughput measurement function) is now multithreaded and compatible with about 10 Gbps using NIC with the RSS feature. + * Changed the default algorithm for SSL from RC4-MD5 to AES128-SHA. + * Fixed a bug that occurr wrong checksum recalculation in special case of the TCP-MSS clamp processing. + * Fixed the calculation interval of update interval of DHCP client packet issued by kernel mode virtual NAT function of SecureNAT function. + * Driver upgrade and DLL name change with Crypto ID support of USB security token. + * Fixed a problem that CPU sleep processing was not performed when the wait time of the Select () function was INFINITE on Mac OS X. + * Added the StrictSyslogDatetimeFormat flag onto the ServerConfiguration section on the VPN Server configuration file, which sets Syslog date format to RFC3164. + * Fixed wrong English in the UI. + * Using client parameter in function CtConnect + * Remove blank line at the start from init file (Debian) + * Stop Radius Delay from counting to next_resend + * Add DH groups 2048,3072,4096 to IPSec_IKE + * Add HMAC SHA2-256, HMAC SHA2-384, HMAC SHA2-512 support + * Openvpn extend ciphers + * Fixed RSA key bits wrong calculation for certain x509 certificate + * Added support for RuToken USB key PKCS#11 - -- Dmitry Orlov Tue, 4 Feb 2014 20:24:43 +0000 + + + -- You Xiaojie Wed, 18 Oct 2017 00:00:00 +0000 From 7abdb6d1181c0a26cd2d453b5c6e570e14f793f7 Mon Sep 17 00:00:00 2001 From: You Xiaojie Date: Fri, 29 Dec 2017 00:41:54 +0800 Subject: [PATCH 5/5] Modify softethervpn.spec for build RPM --- centos/SPECS/softethervpn.spec | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/centos/SPECS/softethervpn.spec b/centos/SPECS/softethervpn.spec index ba8e1f73..fbf81d8e 100644 --- a/centos/SPECS/softethervpn.spec +++ b/centos/SPECS/softethervpn.spec @@ -1,7 +1,7 @@ %define majorversion 4 -%define minorversion 19 -%define buildversion 9582 -%define dateversion 2015.10.06 +%define minorversion 23 +%define buildversion 9647 +%define dateversion 2017.10.18 %define buildrelease beta Name: softethervpn @@ -87,6 +87,25 @@ if [ $1 -eq 0 ]; then fi %changelog +* Wed Dec 18 2017 You Xiaojie - 4.23.9647-1 +- Upgraded OpenSSL to 1.0.2l. +- Source code is now compatible with OpenSSL 1.1.x. Supports DHE-RSA-CHACHA 20-POLY 1305 and ECDHE-RSA-CHACHA 20-POLY 1305, which are new encryption methods of TLS 1.2. (In order to use this new function, you need to recompile yourself using OpenSSL 1.1.x.) +- TrafficServer / TrafficClient function (The traffic throughput measurement function) is now multithreaded and compatible with about 10 Gbps using NIC with the RSS feature. +- Changed the default algorithm for SSL from RC4-MD5 to AES128-SHA. +- Fixed a bug that occurr wrong checksum recalculation in special case of the TCP-MSS clamp processing. +- Fixed the calculation interval of update interval of DHCP client packet issued by kernel mode virtual NAT function of SecureNAT function. +- Driver upgrade and DLL name change with Crypto ID support of USB security token. +- Fixed a problem that CPU sleep processing was not performed when the wait time of the Select () function was INFINITE on Mac OS X. +- Added the StrictSyslogDatetimeFormat flag onto the ServerConfiguration section on the VPN Server configuration file, which sets Syslog date format to RFC3164. +- Fixed wrong English in the UI. +- Using client parameter in function CtConnect +- Stop Radius Delay from counting to next_resend +- Add DH groups 2048,3072,4096 to IPSec_IKE +- Add HMAC SHA2-256, HMAC SHA2-384, HMAC SHA2-512 support +- Openvpn extend ciphers +- Fixed RSA key bits wrong calculation for certain x509 certificate +- Added support for RuToken USB key PKCS#11 + * Wed Sep 30 2015 Jeff Tang - 4.19.9582-1 - Update upstream to 4.19.9582-beta