vtun: update to 3.0.4

3.0.4
	bug53 - Race condition in socket() vs syslog (AH)
	patch23 - check for fork and work around lack (AM)
	patch22 - static declarations where possible (AM)
	patch21 - fix up configure.in for newer autoheader (AM)

5 files changed, 72 insertions, 113 deletions

diff --git a/net/vtun/Makefile b/net/vtun/Makefile
index 3a8c926c611..ddbe2ca2582 100644
--- a/net/vtun/Makefile
+++ b/net/vtun/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.57 2020/03/20 11:58:12 nia Exp $
+# $NetBSD: Makefile,v 1.58 2021/04/21 07:36:24 nia Exp $
 
-DISTNAME=	vtun-3.0.3
-PKGREVISION=	4
+DISTNAME=	vtun-3.0.4
 CATEGORIES=	net
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=vtun/}
 
@@ -10,6 +9,10 @@ HOMEPAGE=	http://vtun.sourceforge.net/
 COMMENT=	Virtual Tunnels over TCP/IP networks with traffic shaping
 LICENSE=	gnu-gpl-v2
 
+.include "../../mk/bsd.prefs.mk"
+
+BUILD_DEFS+=	VARBASE
+
 GNU_CONFIGURE=		yes
 CONFIGURE_ARGS+=	--localstatedir=${VARBASE}
 CONFIGURE_ARGS+=	--sysconfdir=${PKG_SYSCONFDIR}
@@ -35,9 +38,10 @@ INSTALLATION_DIRS+=	${EGDIR} ${DOCDIR}
 
 SUBST_CLASSES+=		fix-man
 SUBST_STAGE.fix-man=	pre-configure
-SUBST_MESSAGE.fix-man=	Fixing man pages.
+SUBST_MESSAGE.fix-man=	Fixing paths in man pages.
 SUBST_FILES.fix-man=	vtund.8
-SUBST_VARS.fix-man=	PKG_SYSCONFDIR
+SUBST_VARS.fix-man+=	PKG_SYSCONFDIR
+SUBST_VARS.fix-man+=	VARBASE
 
 do-install:
 	${INSTALL_PROGRAM} ${WRKSRC}/vtund ${DESTDIR}${PREFIX}/sbin
@@ -48,7 +52,6 @@ do-install:
 	${INSTALL_MAN} ${WRKSRC}/vtund.conf.5 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man5
 	${INSTALL_MAN} ${WRKSRC}/vtund.8 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man8
 
-.include "../../mk/bsd.prefs.mk"
 .if ${OPSYS} == "SunOS"
 .include "../../net/solaris-tap/buildlink3.mk"
 .endif
diff --git a/net/vtun/distinfo b/net/vtun/distinfo
index 950a1f02162..82a6c620783 100644
--- a/net/vtun/distinfo
+++ b/net/vtun/distinfo
@@ -1,12 +1,12 @@
-$NetBSD: distinfo,v 1.15 2019/10/03 12:11:43 kardel Exp $
+$NetBSD: distinfo,v 1.16 2021/04/21 07:36:24 nia Exp $
 
-SHA1 (vtun-3.0.3.tar.gz) = 7937e46420b5c2323f36774ab22e75e11c12da6c
-RMD160 (vtun-3.0.3.tar.gz) = 4df179b523798930927103a4d91b428f941e25ed
-SHA512 (vtun-3.0.3.tar.gz) = 5fa789d08b556f97492b89515a89c2322c4b0a8fa95bd1035f5ed19061b3654a6a36a9911792096ac872ae9ae5451848cab87d0343dc0ffc064affea1f7d0d54
-Size (vtun-3.0.3.tar.gz) = 130051 bytes
+SHA1 (vtun-3.0.4.tar.gz) = 2335c21b56fadf9ce851dd7f342fb0ed4f522c47
+RMD160 (vtun-3.0.4.tar.gz) = 004f2fa3a583b579706a1bc8728108ce9e4bca6e
+SHA512 (vtun-3.0.4.tar.gz) = b1bb7294bd745c2ca888704e2b0f8e05447b5e01bec0f921648afe363d61a19508dea9e26663993cd69c506aa92621e76f36045bddf7c3723d13a72741ca6781
+Size (vtun-3.0.4.tar.gz) = 132691 bytes
 SHA1 (patch-aa) = 2f570c4599923edeef31c6a2e7153f1fe05887c9
-SHA1 (patch-ab) = 0af65f6b6d061d8beb8b2ac6a676ca095c057ccf
 SHA1 (patch-ac) = 0f39700ab729d9481fe29e2d7e53566eff6add96
-SHA1 (patch-configure) = 591ecb4242b0d3bb2eb0087a37315a322222312d
-SHA1 (patch-lfd__encrypt.c) = dfe926ec896cfe913f3a2c75045bb9f3441b0569
+SHA1 (patch-configure) = 61931fea19255c00749b1f768e4657ce8088328a
+SHA1 (patch-lfd__encrypt.c) = d5268b00487ba9da897893eef4a643c82938b76a
 SHA1 (patch-vtun.h) = 832d3b97094885c8a10e752c7c8f5c86e08de967
+SHA1 (patch-vtund.8) = 4082c4e724b4edb5a6d6f7c456d160f86e717f56
diff --git a/net/vtun/patches/patch-configure b/net/vtun/patches/patch-configure
index f42ff62499a..110719e9f7a 100644
--- a/net/vtun/patches/patch-configure
+++ b/net/vtun/patches/patch-configure
@@ -1,6 +1,7 @@
-$NetBSD: patch-configure,v 1.1 2015/01/19 16:10:23 wiedi Exp $
+$NetBSD: patch-configure,v 1.2 2021/04/21 07:36:24 nia Exp $
 
 help configure find blowfish headers from openssl
+
 --- configure.orig	2009-03-29 10:08:48.000000000 +0000
 +++ configure
 @@ -5680,7 +5680,7 @@ echo "$as_me: checking for blowfish Libr
diff --git a/net/vtun/patches/patch-lfd__encrypt.c b/net/vtun/patches/patch-lfd__encrypt.c
index cb68a3d61d1..91cf503c065 100644
--- a/net/vtun/patches/patch-lfd__encrypt.c
+++ b/net/vtun/patches/patch-lfd__encrypt.c
@@ -1,53 +1,38 @@
-$NetBSD: patch-lfd__encrypt.c,v 1.1 2019/10/03 12:11:43 kardel Exp $
+$NetBSD: patch-lfd__encrypt.c,v 1.2 2021/04/21 07:36:24 nia Exp $
 
 Adjust to compile also with openssl>=1.1
 
---- lfd_encrypt.c.orig	2019-08-23 08:37:39.608971418 +0000
+--- lfd_encrypt.c.orig	2016-10-01 21:27:51.000000000 +0000
 +++ lfd_encrypt.c
-@@ -77,6 +77,11 @@ struct vtun_host *phost;
- 
- extern int send_a_packet;
- 
-+static int send_msg(int len, char *in, char **out);
-+static int send_ib_mesg(int *len, char **in);
-+static int recv_msg(int len, char *in, char **out);
-+static int recv_ib_mesg(int *len, char **in);
+@@ -95,11 +95,11 @@ static unsigned long sequence_num;
+ static char * pkey;
+ static char * iv_buf;
+ 
+-static EVP_CIPHER_CTX ctx_enc;	/* encrypt */
+-static EVP_CIPHER_CTX ctx_dec;	/* decrypt */
++static EVP_CIPHER_CTX *ctx_enc;	/* encrypt */
++static EVP_CIPHER_CTX *ctx_dec;	/* decrypt */
+ 
+-static EVP_CIPHER_CTX ctx_enc_ecb;	/* sideband ecb encrypt */
+-static EVP_CIPHER_CTX ctx_dec_ecb;	/* sideband ecb decrypt */
++static EVP_CIPHER_CTX *ctx_enc_ecb;	/* sideband ecb encrypt */
++static EVP_CIPHER_CTX *ctx_dec_ecb;	/* sideband ecb decrypt */
+ 
+ static int send_msg(int len, char *in, char **out);
+ static int recv_msg(int len, char *in, char **out);
+@@ -156,6 +156,11 @@ static int alloc_encrypt(struct vtun_hos
+    EVP_CIPHER_CTX *pctx_enc;
+    EVP_CIPHER_CTX *pctx_dec;
+ 
++   ctx_enc = EVP_CIPHER_CTX_new();
++   ctx_dec = EVP_CIPHER_CTX_new();
++   ctx_enc_ecb = EVP_CIPHER_CTX_new();
++   ctx_dec_ecb = EVP_CIPHER_CTX_new();
 +
- /* out of sync packet threshold before forcing a re-init */ 
- #define MAX_GIBBERISH	10
- #define MIN_GIBBERISH   1
-@@ -95,11 +100,11 @@ unsigned long sequence_num;
- char * pkey;
- char * iv_buf;
- 
--EVP_CIPHER_CTX ctx_enc;	/* encrypt */
--EVP_CIPHER_CTX ctx_dec;	/* decrypt */
-+EVP_CIPHER_CTX *ctx_enc = NULL;	/* encrypt */
-+EVP_CIPHER_CTX *ctx_dec = NULL;	/* decrypt */
- 
--EVP_CIPHER_CTX ctx_enc_ecb;	/* sideband ecb encrypt */
--EVP_CIPHER_CTX ctx_dec_ecb;	/* sideband ecb decrypt */
-+EVP_CIPHER_CTX *ctx_enc_ecb = NULL;	/* sideband ecb encrypt */
-+EVP_CIPHER_CTX *ctx_dec_ecb = NULL;	/* sideband ecb decrypt */
- 
- int prep_key(char **key, int size, struct vtun_host *host)
- {
-@@ -154,6 +159,14 @@ int alloc_encrypt(struct vtun_host *host
     enc_init_first_time = 1;   
     dec_init_first_time = 1;   
  
-+   if (ctx_enc == NULL) {
-+	ctx_enc = EVP_CIPHER_CTX_new();	/* encrypt */
-+	ctx_dec = EVP_CIPHER_CTX_new();	/* decrypt */
-+
-+	ctx_enc_ecb = EVP_CIPHER_CTX_new();	/* sideband ecb encrypt */
-+	ctx_dec_ecb = EVP_CIPHER_CTX_new();	/* sideband ecb decrypt */
-+   }
-+
-    if( !(enc_buf = lfd_alloc(ENC_BUF_SIZE)) ){
-       vtun_syslog(LOG_ERR,"Can't allocate buffer for encryptor");
-       return -1;
-@@ -177,15 +190,15 @@ int alloc_encrypt(struct vtun_host *host
+@@ -182,15 +187,15 @@ static int alloc_encrypt(struct vtun_hos
           keysize = 32;
           sb_init = 1;
           cipher_type = EVP_aes_256_ecb();
@@ -67,7 +52,7 @@ Adjust to compile also with openssl>=1.1
           cipher_type = EVP_aes_256_ecb();
           strcpy(cipher_name,"AES-256-ECB");
        break;      
-@@ -196,14 +209,14 @@ int alloc_encrypt(struct vtun_host *host
+@@ -201,14 +206,14 @@ static int alloc_encrypt(struct vtun_hos
           keysize = 16;
           sb_init=1;
           cipher_type = EVP_aes_128_ecb();
@@ -86,7 +71,7 @@ Adjust to compile also with openssl>=1.1
           cipher_type = EVP_aes_128_ecb();
           strcpy(cipher_name,"AES-128-ECB");
        break;
-@@ -216,16 +229,16 @@ int alloc_encrypt(struct vtun_host *host
+@@ -221,16 +226,16 @@ static int alloc_encrypt(struct vtun_hos
           var_key = 1;
           sb_init = 1;
           cipher_type = EVP_bf_ecb();
@@ -107,7 +92,7 @@ Adjust to compile also with openssl>=1.1
           cipher_type = EVP_bf_ecb();
           strcpy(cipher_name,"Blowfish-256-ECB");
        break;
-@@ -238,16 +251,16 @@ int alloc_encrypt(struct vtun_host *host
+@@ -243,16 +248,16 @@ static int alloc_encrypt(struct vtun_hos
           var_key = 1;
           sb_init = 1;
           cipher_type = EVP_bf_ecb();
@@ -128,7 +113,7 @@ Adjust to compile also with openssl>=1.1
           cipher_type = EVP_bf_ecb();
           strcpy(cipher_name,"Blowfish-128-ECB");
        break;
-@@ -289,10 +302,10 @@ int free_encrypt()
+@@ -294,10 +299,10 @@ static int free_encrypt()
     lfd_free(enc_buf); enc_buf = NULL;
     lfd_free(dec_buf); dec_buf = NULL;
  
@@ -143,7 +128,7 @@ Adjust to compile also with openssl>=1.1
  
     return 0;
  }
-@@ -318,7 +331,7 @@ int encrypt_buf(int len, char *in, char 
+@@ -323,7 +328,7 @@ static int encrypt_buf(int len, char *in
     outlen=len+pad;
     if (pad == blocksize)
        RAND_bytes(in_ptr+len, blocksize-1);
@@ -152,7 +137,7 @@ Adjust to compile also with openssl>=1.1
     *out = enc_buf;
  
     sequence_num++;
-@@ -338,7 +351,7 @@ int decrypt_buf(int len, char *in, char 
+@@ -343,7 +348,7 @@ static int decrypt_buf(int len, char *in
  
     outlen=len;
     if (!len) return 0;
@@ -161,7 +146,7 @@ Adjust to compile also with openssl>=1.1
     recv_ib_mesg(&outlen, &out_ptr);
     if (!outlen) return 0;
     tmp_ptr = out_ptr + outlen; tmp_ptr--;
-@@ -426,13 +439,13 @@ int cipher_enc_init(char * iv)
+@@ -431,13 +436,13 @@ static int cipher_enc_init(char * iv)
        break;
     } /* switch(cipher) */
  
@@ -181,7 +166,7 @@ Adjust to compile also with openssl>=1.1
     if (enc_init_first_time)
     {
        sprintf(tmpstr,"%s encryption initialized", cipher_name);
-@@ -516,13 +529,13 @@ int cipher_dec_init(char * iv)
+@@ -521,13 +526,13 @@ static int cipher_dec_init(char * iv)
        break;
     } /* switch(cipher) */
  
@@ -201,16 +186,7 @@ Adjust to compile also with openssl>=1.1
     if (dec_init_first_time)
     {
        sprintf(tmpstr,"%s decryption initialized", cipher_name);
-@@ -532,7 +545,7 @@ int cipher_dec_init(char * iv)
-    return 0;
- }
- 
--int send_msg(int len, char *in, char **out)
-+static int send_msg(int len, char *in, char **out)
- {
-    char * iv; char * in_ptr;
-    int outlen;
-@@ -554,7 +567,7 @@ int send_msg(int len, char *in, char **o
+@@ -559,7 +564,7 @@ static int send_msg(int len, char *in, c
  
           in_ptr = in - blocksize*2;
           outlen = blocksize*2;
@@ -219,16 +195,7 @@ Adjust to compile also with openssl>=1.1
              &outlen, in_ptr, blocksize*2);
           *out = in_ptr;
           len = outlen;
-@@ -570,7 +583,7 @@ int send_msg(int len, char *in, char **o
-    return len;
- }
- 
--int recv_msg(int len, char *in, char **out)
-+static int recv_msg(int len, char *in, char **out)
- {
-    char * iv; char * in_ptr;
-    int outlen;
-@@ -581,7 +594,7 @@ int recv_msg(int len, char *in, char **o
+@@ -586,7 +591,7 @@ static int recv_msg(int len, char *in, c
           in_ptr = in;
           iv = malloc(blocksize);
           outlen = blocksize*2;
@@ -237,7 +204,7 @@ Adjust to compile also with openssl>=1.1
           
           if ( !strncmp(in_ptr, "ivec", 4) )
           {
-@@ -624,7 +637,7 @@ int recv_msg(int len, char *in, char **o
+@@ -629,7 +634,7 @@ static int recv_msg(int len, char *in, c
                 if (cipher_enc_state != CIPHER_INIT)
                 {
                    cipher_enc_state = CIPHER_INIT;
@@ -246,25 +213,7 @@ Adjust to compile also with openssl>=1.1
  #ifdef LFD_ENCRYPT_DEBUG
                    vtun_syslog(LOG_INFO, 
                       "Forcing local encryptor re-init");
-@@ -645,7 +658,7 @@ int recv_msg(int len, char *in, char **o
- }
- 
- /* Send In-Band Message */
--int send_ib_mesg(int *len, char **in)
-+static int send_ib_mesg(int *len, char **in)
- {
-    char *in_ptr = *in;
- 
-@@ -684,7 +697,7 @@ int send_ib_mesg(int *len, char **in)
- }
- 
- /* Receive In-Band Message */
--int recv_ib_mesg(int *len, char **in)
-+static int recv_ib_mesg(int *len, char **in)
- {
-    char *in_ptr = *in;
- 
-@@ -705,7 +718,7 @@ int recv_ib_mesg(int *len, char **in)
+@@ -710,7 +715,7 @@ static int recv_ib_mesg(int *len, char *
           if (cipher_enc_state != CIPHER_INIT)
           {
              cipher_enc_state = CIPHER_INIT;
@@ -273,7 +222,7 @@ Adjust to compile also with openssl>=1.1
           }
  #ifdef LFD_ENCRYPT_DEBUG
           vtun_syslog(LOG_INFO, "Remote requests encryptor re-init");
-@@ -719,7 +732,7 @@ int recv_ib_mesg(int *len, char **in)
+@@ -724,7 +729,7 @@ static int recv_ib_mesg(int *len, char *
               cipher_enc_state != CIPHER_REQ_INIT &&
               cipher_enc_state != CIPHER_INIT)
           {
diff --git a/net/vtun/patches/patch-ab b/net/vtun/patches/patch-vtund.8
index 1b51329ae66..92ee8ae79e7 100644
--- a/net/vtun/patches/patch-ab
+++ b/net/vtun/patches/patch-vtund.8
@@ -1,8 +1,10 @@
-$NetBSD: patch-ab,v 1.2 2011/03/18 10:39:08 adam Exp $
+$NetBSD: patch-vtund.8,v 1.1 2021/04/21 07:36:24 nia Exp $
 
---- vtund.8.orig	2007-06-29 05:26:43.000000000 +0000
+Allow pkgsrc to substitute actual paths.
+
+--- vtund.8.orig	2016-09-17 20:01:21.000000000 +0000
 +++ vtund.8
-@@ -71,7 +71,7 @@ to any kernel parts. 
+@@ -74,7 +74,7 @@ to any kernel parts. 
  .I -f file 
  Read config information from the
  .I file
@@ -10,8 +12,8 @@ $NetBSD: patch-ab,v 1.2 2011/03/18 10:39:08 adam Exp $
 +(full path required). By default vtund uses @PKG_SYSCONFDIR@/vtund.conf
  .TP
  .I -n 
- Do not become daemon.
-@@ -118,12 +118,12 @@ Address of the server to connect to. Eit
+ Do not become daemon (required on no-MMU systems).
+@@ -124,15 +124,15 @@ Address of the server to connect to. Eit
  specified.
  .SH FILES
  .TP
@@ -22,7 +24,11 @@ $NetBSD: patch-ab,v 1.2 2011/03/18 10:39:08 adam Exp $
  for more information.
  .TP
 -.B /var/lock/vtund/
-+.B /var/run/vtund/
++.B @VARBASE@/run/vtund/
  Session lock files. 
  .TP
- .B /var/log/vtund/
+-.B /var/log/vtund/
++.B @VARBASE@/log/vtund/
+ Connection statistic log files.
+ .br
+ Format: