diff options
| author | Adam Duskett <aduskett@gmail.com> | 2017-10-17 22:38:27 -0400 |
|---|---|---|
| committer | Thomas Petazzoni <thomas.petazzoni@free-electrons.com> | 2017-10-21 21:28:13 +0200 |
| commit | ae1cf0f3b850f785b86690bcf102db4703108593 (patch) | |
| tree | ca40d1541c273257ba5ba502851e42b0265258e7 /package/softether | |
| parent | 9f145e4957fa562ed8df89527433fccd438b3502 (diff) | |
| download | buildroot-ae1cf0f3b850f785b86690bcf102db4703108593.tar.gz buildroot-ae1cf0f3b850f785b86690bcf102db4703108593.zip | |
softether: require libopenssl
softether tries to use SSLv3 functionality as a fallback. LibreSSL
doesn't support SSLv3 anymore. Two main issues prevent a patch:
- Trying to wrap the sslv3 functionality from the source with a guard
clause results in linking errors after compiling is done.
- There are multiple security vulnerabilities with using sslv3.
- There are multiple security issues in github pertaining to using
sslv3.
- This project seems to not be updated very often, and the security
issues are being ignored it seems.
For people who still want to use softether, they will have to use
libopenssl.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'package/softether')
| -rw-r--r-- | package/softether/Config.in | 1 | ||||
| -rw-r--r-- | package/softether/softether.mk | 4 |
2 files changed, 3 insertions, 2 deletions
diff --git a/package/softether/Config.in b/package/softether/Config.in index 55e5426775..8fda3158f2 100644 --- a/package/softether/Config.in +++ b/package/softether/Config.in @@ -5,6 +5,7 @@ config BR2_PACKAGE_SOFTETHER depends on BR2_USE_WCHAR select BR2_PACKAGE_LIBICONV if !BR2_ENABLE_LOCALE select BR2_PACKAGE_OPENSSL + select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL select BR2_PACKAGE_READLINE help The SoftEther Server is a fully integrated implementation of the SSTP, diff --git a/package/softether/softether.mk b/package/softether/softether.mk index 77ce408462..05d2f20fe5 100644 --- a/package/softether/softether.mk +++ b/package/softether/softether.mk @@ -8,7 +8,7 @@ SOFTETHER_VERSION = v4.22-9634-beta SOFTETHER_SITE = $(call github,SoftEtherVPN,SoftEtherVPN,$(SOFTETHER_VERSION)) SOFTETHER_LICENSE = GPL-2.0 SOFTETHER_LICENSE_FILES = LICENSE -SOFTETHER_DEPENDENCIES = host-softether openssl readline +SOFTETHER_DEPENDENCIES = host-softether libopenssl readline SOFTETHER_AUTORECONF = YES ifeq ($(BR2_ENABLE_LOCALE),) @@ -26,7 +26,7 @@ SOFTETHER_CONF_OPTS = \ --with-zlib="$(STAGING_DIR)/usr" # host-libiconv does not exist, therefore we need this extra line -HOST_SOFTETHER_DEPENDENCIES = host-pkgconf host-openssl host-readline +HOST_SOFTETHER_DEPENDENCIES = host-pkgconf host-libopenssl host-readline # target build creates the file hamcore.se2 which needs the host variant of # hamcorebuilder, for details see http://www.vpnusers.com/viewtopic.php?p=5426 |
