mirror of
https://github.com/xiaorouji/openwrt-passwall-packages.git
synced 2025-05-01 13:01:54 +08:00
shadowsocks-libev: Update to the commit as of 2025-1-20
This commit is contained in:
lwb1978
parent
8d8bf70fc9
commit
ca2a23db88
@ -18,9 +18,9 @@ PKG_RELEASE:=13
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev.git
|
||||
PKG_SOURCE_DATE:=2022-11-30
|
||||
PKG_SOURCE_VERSION:=d83ace0f0d9c05656c13d66aa4a449bf70143254
|
||||
PKG_MIRROR_HASH:=6ff973af37c20cf0430f106d360b94b8b91df6dd8d7be3908ee84b5a86c3319f
|
||||
PKG_SOURCE_DATE:=2025-1-20
|
||||
PKG_SOURCE_VERSION:=9afa3cacf947f910be46b69fc5a7a1fdd02fd5e6
|
||||
PKG_MIRROR_HASH:=720955484ea5f6b53d90519a7c6e828eec080a819efce18fc6fb64f1c4c086dd
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz
|
||||
|
||||
PKG_MAINTAINER:=Yousong Zhou <yszhou4tech@gmail.com>
|
||||
|
||||
@ -1,232 +0,0 @@
|
||||
From 2b33e8e6778db08624dbf8ec6fe1e8f7b1a4bee8 Mon Sep 17 00:00:00 2001
|
||||
From: Lu jicong <jiconglu58@gmail.com>
|
||||
Date: Fri, 10 Jan 2025 22:05:31 +0800
|
||||
Subject: [PATCH] Fix in 'mbedtls 3.6.0 ver' compilation failure issue
|
||||
|
||||
Fix mbedtls 3.6 compatibility
|
||||
|
||||
Co-authored-by: Zxl hhyccc <zxlhhy@gmail.com>
|
||||
Signed-off-by: Lu jicong <jiconglu58@gmail.com>
|
||||
---
|
||||
m4/mbedtls.m4 | 20 ++++++++++++++++++++
|
||||
src/aead.c | 23 +++++++++++------------
|
||||
src/crypto.c | 2 +-
|
||||
src/crypto.h | 1 -
|
||||
src/stream.c | 51 ++++++---------------------------------------------
|
||||
5 files changed, 38 insertions(+), 59 deletions(-)
|
||||
|
||||
diff --git a/m4/mbedtls.m4 b/m4/mbedtls.m4
|
||||
index 2c478b9..a795790 100644
|
||||
--- a/m4/mbedtls.m4
|
||||
+++ b/m4/mbedtls.m4
|
||||
@@ -31,7 +31,12 @@ AC_DEFUN([ss_MBEDTLS],
|
||||
AC_COMPILE_IFELSE(
|
||||
[AC_LANG_PROGRAM(
|
||||
[[
|
||||
+#include <mbedtls/version.h>
|
||||
+#if MBEDTLS_VERSION_NUMBER >= 0x03000000
|
||||
+#include <mbedtls/mbedtls_config.h>
|
||||
+#else
|
||||
#include <mbedtls/config.h>
|
||||
+#endif
|
||||
]],
|
||||
[[
|
||||
#ifndef MBEDTLS_CIPHER_MODE_CFB
|
||||
@@ -48,7 +53,12 @@ AC_DEFUN([ss_MBEDTLS],
|
||||
AC_COMPILE_IFELSE(
|
||||
[AC_LANG_PROGRAM(
|
||||
[[
|
||||
+#include <mbedtls/version.h>
|
||||
+#if MBEDTLS_VERSION_NUMBER >= 0x03000000
|
||||
+#include <mbedtls/mbedtls_config.h>
|
||||
+#else
|
||||
#include <mbedtls/config.h>
|
||||
+#endif
|
||||
]],
|
||||
[[
|
||||
#ifndef MBEDTLS_ARC4_C
|
||||
@@ -64,7 +74,12 @@ AC_DEFUN([ss_MBEDTLS],
|
||||
AC_COMPILE_IFELSE(
|
||||
[AC_LANG_PROGRAM(
|
||||
[[
|
||||
+#include <mbedtls/version.h>
|
||||
+#if MBEDTLS_VERSION_NUMBER >= 0x03000000
|
||||
+#include <mbedtls/mbedtls_config.h>
|
||||
+#else
|
||||
#include <mbedtls/config.h>
|
||||
+#endif
|
||||
]],
|
||||
[[
|
||||
#ifndef MBEDTLS_BLOWFISH_C
|
||||
@@ -80,7 +95,12 @@ AC_DEFUN([ss_MBEDTLS],
|
||||
AC_COMPILE_IFELSE(
|
||||
[AC_LANG_PROGRAM(
|
||||
[[
|
||||
+#include <mbedtls/version.h>
|
||||
+#if MBEDTLS_VERSION_NUMBER >= 0x03000000
|
||||
+#include <mbedtls/mbedtls_config.h>
|
||||
+#else
|
||||
#include <mbedtls/config.h>
|
||||
+#endif
|
||||
]],
|
||||
[[
|
||||
#ifndef MBEDTLS_CAMELLIA_C
|
||||
diff --git a/src/aead.c b/src/aead.c
|
||||
index 358ec93..73349da 100644
|
||||
--- a/src/aead.c
|
||||
+++ b/src/aead.c
|
||||
@@ -177,9 +177,13 @@ aead_cipher_encrypt(cipher_ctx_t *cipher_ctx,
|
||||
// Otherwise, just use the mbedTLS one with crappy AES-NI.
|
||||
case AES192GCM:
|
||||
case AES128GCM:
|
||||
-
|
||||
+#if MBEDTLS_VERSION_NUMBER < 0x03000000
|
||||
err = mbedtls_cipher_auth_encrypt(cipher_ctx->evp, n, nlen, ad, adlen,
|
||||
m, mlen, c, clen, c + mlen, tlen);
|
||||
+#else
|
||||
+ err = mbedtls_cipher_auth_encrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen,
|
||||
+ m, mlen, c, mlen + tlen, clen, tlen);
|
||||
+#endif
|
||||
*clen += tlen;
|
||||
break;
|
||||
case CHACHA20POLY1305IETF:
|
||||
@@ -226,8 +230,13 @@ aead_cipher_decrypt(cipher_ctx_t *cipher_ctx,
|
||||
// Otherwise, just use the mbedTLS one with crappy AES-NI.
|
||||
case AES192GCM:
|
||||
case AES128GCM:
|
||||
+#if MBEDTLS_VERSION_NUMBER < 0x03000000
|
||||
err = mbedtls_cipher_auth_decrypt(cipher_ctx->evp, n, nlen, ad, adlen,
|
||||
m, mlen - tlen, p, plen, m + mlen - tlen, tlen);
|
||||
+#else
|
||||
+ err = mbedtls_cipher_auth_decrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen,
|
||||
+ m, mlen, p, mlen - tlen, plen, tlen);
|
||||
+#endif
|
||||
break;
|
||||
case CHACHA20POLY1305IETF:
|
||||
err = crypto_aead_chacha20poly1305_ietf_decrypt(p, &long_plen, NULL, m, mlen,
|
||||
@@ -721,17 +730,7 @@ aead_key_init(int method, const char *pass, const char *key)
|
||||
cipher_t *cipher = (cipher_t *)ss_malloc(sizeof(cipher_t));
|
||||
memset(cipher, 0, sizeof(cipher_t));
|
||||
|
||||
- if (method >= CHACHA20POLY1305IETF) {
|
||||
- cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t));
|
||||
- cipher->info = cipher_info;
|
||||
- cipher->info->base = NULL;
|
||||
- cipher->info->key_bitlen = supported_aead_ciphers_key_size[method] * 8;
|
||||
- cipher->info->iv_size = supported_aead_ciphers_nonce_size[method];
|
||||
- } else {
|
||||
- cipher->info = (cipher_kt_t *)aead_get_cipher_type(method);
|
||||
- }
|
||||
-
|
||||
- if (cipher->info == NULL && cipher->key_len == 0) {
|
||||
+ if (method < CHACHA20POLY1305IETF && aead_get_cipher_type(method) == NULL) {
|
||||
LOGE("Cipher %s not found in crypto library", supported_aead_ciphers[method]);
|
||||
FATAL("Cannot initialize cipher");
|
||||
}
|
||||
diff --git a/src/crypto.c b/src/crypto.c
|
||||
index b44d867..76c426b 100644
|
||||
--- a/src/crypto.c
|
||||
+++ b/src/crypto.c
|
||||
@@ -103,7 +103,7 @@ crypto_md5(const unsigned char *d, size_t n, unsigned char *md)
|
||||
if (md == NULL) {
|
||||
md = m;
|
||||
}
|
||||
-#if MBEDTLS_VERSION_NUMBER >= 0x02070000
|
||||
+#if MBEDTLS_VERSION_NUMBER < 0x03000000 && MBEDTLS_VERSION_NUMBER >= 0x02070000
|
||||
if (mbedtls_md5_ret(d, n, md) != 0)
|
||||
FATAL("Failed to calculate MD5");
|
||||
#else
|
||||
diff --git a/src/crypto.h b/src/crypto.h
|
||||
index 1791551..7070793 100644
|
||||
--- a/src/crypto.h
|
||||
+++ b/src/crypto.h
|
||||
@@ -97,7 +97,6 @@ typedef struct buffer {
|
||||
typedef struct {
|
||||
int method;
|
||||
int skey;
|
||||
- cipher_kt_t *info;
|
||||
size_t nonce_len;
|
||||
size_t key_len;
|
||||
size_t tag_len;
|
||||
diff --git a/src/stream.c b/src/stream.c
|
||||
index 35d9050..b2e2cea 100644
|
||||
--- a/src/stream.c
|
||||
+++ b/src/stream.c
|
||||
@@ -168,33 +168,6 @@ crypto_stream_xor_ic(uint8_t *c, const uint8_t *m, uint64_t mlen,
|
||||
return 0;
|
||||
}
|
||||
|
||||
-int
|
||||
-cipher_nonce_size(const cipher_t *cipher)
|
||||
-{
|
||||
- if (cipher == NULL) {
|
||||
- return 0;
|
||||
- }
|
||||
- return cipher->info->iv_size;
|
||||
-}
|
||||
-
|
||||
-int
|
||||
-cipher_key_size(const cipher_t *cipher)
|
||||
-{
|
||||
- /*
|
||||
- * Semi-API changes (technically public, morally prnonceate)
|
||||
- * Renamed a few headers to include _internal in the name. Those headers are
|
||||
- * not supposed to be included by users.
|
||||
- * Changed md_info_t into an opaque structure (use md_get_xxx() accessors).
|
||||
- * Changed pk_info_t into an opaque structure.
|
||||
- * Changed cipher_base_t into an opaque structure.
|
||||
- */
|
||||
- if (cipher == NULL) {
|
||||
- return 0;
|
||||
- }
|
||||
- /* From Version 1.2.7 released 2013-04-13 Default Blowfish keysize is now 128-bits */
|
||||
- return cipher->info->key_bitlen / 8;
|
||||
-}
|
||||
-
|
||||
const cipher_kt_t *
|
||||
stream_get_cipher_type(int method)
|
||||
{
|
||||
@@ -642,34 +615,22 @@ stream_key_init(int method, const char *pass, const char *key)
|
||||
cipher_t *cipher = (cipher_t *)ss_malloc(sizeof(cipher_t));
|
||||
memset(cipher, 0, sizeof(cipher_t));
|
||||
|
||||
- if (method == SALSA20 || method == CHACHA20 || method == CHACHA20IETF) {
|
||||
- cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t));
|
||||
- cipher->info = cipher_info;
|
||||
- cipher->info->base = NULL;
|
||||
- cipher->info->key_bitlen = supported_stream_ciphers_key_size[method] * 8;
|
||||
- cipher->info->iv_size = supported_stream_ciphers_nonce_size[method];
|
||||
- } else {
|
||||
- cipher->info = (cipher_kt_t *)stream_get_cipher_type(method);
|
||||
- }
|
||||
-
|
||||
- if (cipher->info == NULL && cipher->key_len == 0) {
|
||||
+ if (method < SALSA20 && stream_get_cipher_type(method) == NULL) {
|
||||
LOGE("Cipher %s not found in crypto library", supported_stream_ciphers[method]);
|
||||
FATAL("Cannot initialize cipher");
|
||||
}
|
||||
|
||||
if (key != NULL)
|
||||
- cipher->key_len = crypto_parse_key(key, cipher->key, cipher_key_size(cipher));
|
||||
+ cipher->key_len = crypto_parse_key(key, cipher->key,
|
||||
+ supported_stream_ciphers_key_size[method]);
|
||||
else
|
||||
- cipher->key_len = crypto_derive_key(pass, cipher->key, cipher_key_size(cipher));
|
||||
+ cipher->key_len = crypto_derive_key(pass, cipher->key,
|
||||
+ supported_stream_ciphers_key_size[method]);
|
||||
|
||||
if (cipher->key_len == 0) {
|
||||
FATAL("Cannot generate key and NONCE");
|
||||
}
|
||||
- if (method == RC4_MD5) {
|
||||
- cipher->nonce_len = 16;
|
||||
- } else {
|
||||
- cipher->nonce_len = cipher_nonce_size(cipher);
|
||||
- }
|
||||
+ cipher->nonce_len = supported_stream_ciphers_nonce_size[method];
|
||||
cipher->method = method;
|
||||
|
||||
return cipher;
|
||||
--
|
||||
2.39.5
|
||||
|
||||
Loading…
Reference in New Issue
Block a user