security/softether: update 4.20.9608 -> 4.25.9656

- There are 11 vulnerabilities on SoftEther VPN. There vulnerabilities
  are found by the source code audit process conducted by Max Planck
  Institute for Molecular Genetics and Mr. Guido Vranken in late 2017.
  This build fixes all of these vulnerabilities.

PR:		225618
Submitted by:	net@arrishq.net (maintainer)
MFH:		2018Q1
Relnotes:	http://www.softether.org/5-download/history

4 files changed, 15 insertions, 16 deletions

diff --git a/security/softether/Makefile b/security/softether/Makefile
index 46126da07cc1..1fb8255d8af1 100644
--- a/security/softether/Makefile
+++ b/security/softether/Makefile
@@ -1,11 +1,10 @@
 # $FreeBSD$
 
 PORTNAME=	softether
-PORTVERSION=	4.20.9608
-PORTREVISION=	1
+PORTVERSION=	4.25.9656
 CATEGORIES=	security
-MASTER_SITES=	http://www.softether-download.com/files/softether/v4.20-9608-rtm-2016.04.17-tree/Source_Code/
-DISTNAME=	${PORTNAME}-src-v4.20-9608-rtm
+MASTER_SITES=	http://www.softether-download.com/files/softether/v4.25-9656-rtm-2018.01.15-tree/Source_Code/
+DISTNAME=	${PORTNAME}-src-v4.25-9656-rtm
 
 MAINTAINER=	net@arrishq.net
 COMMENT=	Softether VPN solution
@@ -51,7 +50,7 @@ PLIST_SUB+=	LOGDIR="${LOGDIR}"
 SUB_LIST=	LOGDIR="${LOGDIR}"
 
 # a pity the source directory has such a naming scheme, but well
-WRKSRC=		${WRKDIR}/v4.20-9608
+WRKSRC=		${WRKDIR}/v4.25-9656
 
 ALL_TARGET=	build
 
diff --git a/security/softether/distinfo b/security/softether/distinfo
index 00c0dfef2ce9..c3c6f8c0dc02 100644
--- a/security/softether/distinfo
+++ b/security/softether/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1488228971
-SHA256 (softether-src-v4.20-9608-rtm.tar.gz) = e559644e34ec6feba43d99f4083f77f9b082dd0574d0bb1e416a65f32ccbc51e
-SIZE (softether-src-v4.20-9608-rtm.tar.gz) = 33691945
+TIMESTAMP = 1517525651
+SHA256 (softether-src-v4.25-9656-rtm.tar.gz) = b946dec3da5833ad2be69125224784b8a8e2a4149297d0c0a907ba0e1c4535f8
+SIZE (softether-src-v4.25-9656-rtm.tar.gz) = 33743898
diff --git a/security/softether/files/patch-src__Mayaqua__Network.c b/security/softether/files/patch-src__Mayaqua__Network.c
index d4c761b71a28..21cc6ec639e5 100644
--- a/security/softether/files/patch-src__Mayaqua__Network.c
+++ b/security/softether/files/patch-src__Mayaqua__Network.c
@@ -1,19 +1,19 @@
 --- src/Mayaqua/Network.c.orig	2016-05-03 06:16:53 UTC
 +++ src/Mayaqua/Network.c
-@@ -12983,7 +12983,16 @@ bool StartSSLEx(SOCK *sock, X *x, K *pri
+@@ -13025,10 +13025,15 @@
  		{
  			if (client_tls == false)
  			{
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
 +#ifndef OPENSSL_NO_SSL3
  				SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method());
-+#else
-+				SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
+ #else
+ 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
 +				SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_TLSv1
 +#ifdef SSL_OP_NO_TLSv1_2
 +				| SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2
 +#endif
 +				);
-+#endif
+ #endif
  			}
  			else
- 			{
diff --git a/security/softether/files/patch-src__Mayaqua__Table.h b/security/softether/files/patch-src__Mayaqua__Table.h
index 14c9ff7abc4b..beb87352dd9e 100644
--- a/security/softether/files/patch-src__Mayaqua__Table.h
+++ b/security/softether/files/patch-src__Mayaqua__Table.h
@@ -1,9 +1,9 @@
 --- src/Mayaqua/Table.h.orig	2016-05-03 06:16:53 UTC
 +++ src/Mayaqua/Table.h
-@@ -117,7 +117,7 @@
- #define	UNICODE_CACHE_FILE		L".unicode_cache_%s.dat"
- 
+@@ -119,7 +119,7 @@
  #define	LANGLIST_FILENAME		"|languages.txt"
+ #define	LANGLIST_FILENAME_WINE	"|languages_wine.txt"
+ 
 -#define	LANG_CONFIG_FILENAME	L"@lang.config"
 +#define	LANG_CONFIG_FILENAME	L"/var/db/softether/lang.config"
  #define	LANG_CONFIG_TEMPLETE	"|lang.config"