softether: require libopenssl

softether tries to use SSLv3 functionality as a fallback. LibreSSL
doesn't support SSLv3 anymore. Two main issues prevent a patch:

- Trying to wrap the sslv3 functionality from the source with a guard
  clause results in linking errors after compiling is done.
- There are multiple security vulnerabilities with using sslv3.
- There are multiple security issues in github pertaining to using
  sslv3.
- This project seems to not be updated very often, and the security
  issues are being ignored it seems.

For people who still want to use softether, they will have to use
libopenssl.

Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit is contained in:
Adam Duskett 2017-10-17 22:38:27 -04:00 committed by Thomas Petazzoni
parent 9f145e4957
commit ae1cf0f3b8
2 changed files with 3 additions and 2 deletions

View File

@ -5,6 +5,7 @@ config BR2_PACKAGE_SOFTETHER
depends on BR2_USE_WCHAR
select BR2_PACKAGE_LIBICONV if !BR2_ENABLE_LOCALE
select BR2_PACKAGE_OPENSSL
select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
select BR2_PACKAGE_READLINE
help
The SoftEther Server is a fully integrated implementation of the SSTP,

View File

@ -8,7 +8,7 @@ SOFTETHER_VERSION = v4.22-9634-beta
SOFTETHER_SITE = $(call github,SoftEtherVPN,SoftEtherVPN,$(SOFTETHER_VERSION))
SOFTETHER_LICENSE = GPL-2.0
SOFTETHER_LICENSE_FILES = LICENSE
SOFTETHER_DEPENDENCIES = host-softether openssl readline
SOFTETHER_DEPENDENCIES = host-softether libopenssl readline
SOFTETHER_AUTORECONF = YES
ifeq ($(BR2_ENABLE_LOCALE),)
@ -26,7 +26,7 @@ SOFTETHER_CONF_OPTS = \
--with-zlib="$(STAGING_DIR)/usr"
# host-libiconv does not exist, therefore we need this extra line
HOST_SOFTETHER_DEPENDENCIES = host-pkgconf host-openssl host-readline
HOST_SOFTETHER_DEPENDENCIES = host-pkgconf host-libopenssl host-readline
# target build creates the file hamcore.se2 which needs the host variant of
# hamcorebuilder, for details see http://www.vpnusers.com/viewtopic.php?p=5426