diff --git a/shadowsocks-libev/Makefile b/shadowsocks-libev/Makefile index 0647c8f..d97b628 100644 --- a/shadowsocks-libev/Makefile +++ b/shadowsocks-libev/Makefile @@ -18,9 +18,9 @@ PKG_RELEASE:=13 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev.git -PKG_SOURCE_DATE:=2022-11-30 -PKG_SOURCE_VERSION:=d83ace0f0d9c05656c13d66aa4a449bf70143254 -PKG_MIRROR_HASH:=6ff973af37c20cf0430f106d360b94b8b91df6dd8d7be3908ee84b5a86c3319f +PKG_SOURCE_DATE:=2025-1-20 +PKG_SOURCE_VERSION:=9afa3cacf947f910be46b69fc5a7a1fdd02fd5e6 +PKG_MIRROR_HASH:=720955484ea5f6b53d90519a7c6e828eec080a819efce18fc6fb64f1c4c086dd PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz PKG_MAINTAINER:=Yousong Zhou diff --git a/shadowsocks-libev/patches/102-Fix-in-mbedtls-3.6.0-ver-compilation-failure-issue.patch b/shadowsocks-libev/patches/102-Fix-in-mbedtls-3.6.0-ver-compilation-failure-issue.patch deleted file mode 100644 index 9616ee9..0000000 --- a/shadowsocks-libev/patches/102-Fix-in-mbedtls-3.6.0-ver-compilation-failure-issue.patch +++ /dev/null @@ -1,232 +0,0 @@ -From 2b33e8e6778db08624dbf8ec6fe1e8f7b1a4bee8 Mon Sep 17 00:00:00 2001 -From: Lu jicong -Date: Fri, 10 Jan 2025 22:05:31 +0800 -Subject: [PATCH] Fix in 'mbedtls 3.6.0 ver' compilation failure issue - -Fix mbedtls 3.6 compatibility - -Co-authored-by: Zxl hhyccc -Signed-off-by: Lu jicong ---- - m4/mbedtls.m4 | 20 ++++++++++++++++++++ - src/aead.c | 23 +++++++++++------------ - src/crypto.c | 2 +- - src/crypto.h | 1 - - src/stream.c | 51 ++++++--------------------------------------------- - 5 files changed, 38 insertions(+), 59 deletions(-) - -diff --git a/m4/mbedtls.m4 b/m4/mbedtls.m4 -index 2c478b9..a795790 100644 ---- a/m4/mbedtls.m4 -+++ b/m4/mbedtls.m4 -@@ -31,7 +31,12 @@ AC_DEFUN([ss_MBEDTLS], - AC_COMPILE_IFELSE( - [AC_LANG_PROGRAM( - [[ -+#include -+#if MBEDTLS_VERSION_NUMBER >= 0x03000000 -+#include -+#else - #include -+#endif - ]], - [[ - #ifndef MBEDTLS_CIPHER_MODE_CFB -@@ -48,7 +53,12 @@ AC_DEFUN([ss_MBEDTLS], - AC_COMPILE_IFELSE( - [AC_LANG_PROGRAM( - [[ -+#include -+#if MBEDTLS_VERSION_NUMBER >= 0x03000000 -+#include -+#else - #include -+#endif - ]], - [[ - #ifndef MBEDTLS_ARC4_C -@@ -64,7 +74,12 @@ AC_DEFUN([ss_MBEDTLS], - AC_COMPILE_IFELSE( - [AC_LANG_PROGRAM( - [[ -+#include -+#if MBEDTLS_VERSION_NUMBER >= 0x03000000 -+#include -+#else - #include -+#endif - ]], - [[ - #ifndef MBEDTLS_BLOWFISH_C -@@ -80,7 +95,12 @@ AC_DEFUN([ss_MBEDTLS], - AC_COMPILE_IFELSE( - [AC_LANG_PROGRAM( - [[ -+#include -+#if MBEDTLS_VERSION_NUMBER >= 0x03000000 -+#include -+#else - #include -+#endif - ]], - [[ - #ifndef MBEDTLS_CAMELLIA_C -diff --git a/src/aead.c b/src/aead.c -index 358ec93..73349da 100644 ---- a/src/aead.c -+++ b/src/aead.c -@@ -177,9 +177,13 @@ aead_cipher_encrypt(cipher_ctx_t *cipher_ctx, - // Otherwise, just use the mbedTLS one with crappy AES-NI. - case AES192GCM: - case AES128GCM: -- -+#if MBEDTLS_VERSION_NUMBER < 0x03000000 - err = mbedtls_cipher_auth_encrypt(cipher_ctx->evp, n, nlen, ad, adlen, - m, mlen, c, clen, c + mlen, tlen); -+#else -+ err = mbedtls_cipher_auth_encrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen, -+ m, mlen, c, mlen + tlen, clen, tlen); -+#endif - *clen += tlen; - break; - case CHACHA20POLY1305IETF: -@@ -226,8 +230,13 @@ aead_cipher_decrypt(cipher_ctx_t *cipher_ctx, - // Otherwise, just use the mbedTLS one with crappy AES-NI. - case AES192GCM: - case AES128GCM: -+#if MBEDTLS_VERSION_NUMBER < 0x03000000 - err = mbedtls_cipher_auth_decrypt(cipher_ctx->evp, n, nlen, ad, adlen, - m, mlen - tlen, p, plen, m + mlen - tlen, tlen); -+#else -+ err = mbedtls_cipher_auth_decrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen, -+ m, mlen, p, mlen - tlen, plen, tlen); -+#endif - break; - case CHACHA20POLY1305IETF: - err = crypto_aead_chacha20poly1305_ietf_decrypt(p, &long_plen, NULL, m, mlen, -@@ -721,17 +730,7 @@ aead_key_init(int method, const char *pass, const char *key) - cipher_t *cipher = (cipher_t *)ss_malloc(sizeof(cipher_t)); - memset(cipher, 0, sizeof(cipher_t)); - -- if (method >= CHACHA20POLY1305IETF) { -- cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t)); -- cipher->info = cipher_info; -- cipher->info->base = NULL; -- cipher->info->key_bitlen = supported_aead_ciphers_key_size[method] * 8; -- cipher->info->iv_size = supported_aead_ciphers_nonce_size[method]; -- } else { -- cipher->info = (cipher_kt_t *)aead_get_cipher_type(method); -- } -- -- if (cipher->info == NULL && cipher->key_len == 0) { -+ if (method < CHACHA20POLY1305IETF && aead_get_cipher_type(method) == NULL) { - LOGE("Cipher %s not found in crypto library", supported_aead_ciphers[method]); - FATAL("Cannot initialize cipher"); - } -diff --git a/src/crypto.c b/src/crypto.c -index b44d867..76c426b 100644 ---- a/src/crypto.c -+++ b/src/crypto.c -@@ -103,7 +103,7 @@ crypto_md5(const unsigned char *d, size_t n, unsigned char *md) - if (md == NULL) { - md = m; - } --#if MBEDTLS_VERSION_NUMBER >= 0x02070000 -+#if MBEDTLS_VERSION_NUMBER < 0x03000000 && MBEDTLS_VERSION_NUMBER >= 0x02070000 - if (mbedtls_md5_ret(d, n, md) != 0) - FATAL("Failed to calculate MD5"); - #else -diff --git a/src/crypto.h b/src/crypto.h -index 1791551..7070793 100644 ---- a/src/crypto.h -+++ b/src/crypto.h -@@ -97,7 +97,6 @@ typedef struct buffer { - typedef struct { - int method; - int skey; -- cipher_kt_t *info; - size_t nonce_len; - size_t key_len; - size_t tag_len; -diff --git a/src/stream.c b/src/stream.c -index 35d9050..b2e2cea 100644 ---- a/src/stream.c -+++ b/src/stream.c -@@ -168,33 +168,6 @@ crypto_stream_xor_ic(uint8_t *c, const uint8_t *m, uint64_t mlen, - return 0; - } - --int --cipher_nonce_size(const cipher_t *cipher) --{ -- if (cipher == NULL) { -- return 0; -- } -- return cipher->info->iv_size; --} -- --int --cipher_key_size(const cipher_t *cipher) --{ -- /* -- * Semi-API changes (technically public, morally prnonceate) -- * Renamed a few headers to include _internal in the name. Those headers are -- * not supposed to be included by users. -- * Changed md_info_t into an opaque structure (use md_get_xxx() accessors). -- * Changed pk_info_t into an opaque structure. -- * Changed cipher_base_t into an opaque structure. -- */ -- if (cipher == NULL) { -- return 0; -- } -- /* From Version 1.2.7 released 2013-04-13 Default Blowfish keysize is now 128-bits */ -- return cipher->info->key_bitlen / 8; --} -- - const cipher_kt_t * - stream_get_cipher_type(int method) - { -@@ -642,34 +615,22 @@ stream_key_init(int method, const char *pass, const char *key) - cipher_t *cipher = (cipher_t *)ss_malloc(sizeof(cipher_t)); - memset(cipher, 0, sizeof(cipher_t)); - -- if (method == SALSA20 || method == CHACHA20 || method == CHACHA20IETF) { -- cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t)); -- cipher->info = cipher_info; -- cipher->info->base = NULL; -- cipher->info->key_bitlen = supported_stream_ciphers_key_size[method] * 8; -- cipher->info->iv_size = supported_stream_ciphers_nonce_size[method]; -- } else { -- cipher->info = (cipher_kt_t *)stream_get_cipher_type(method); -- } -- -- if (cipher->info == NULL && cipher->key_len == 0) { -+ if (method < SALSA20 && stream_get_cipher_type(method) == NULL) { - LOGE("Cipher %s not found in crypto library", supported_stream_ciphers[method]); - FATAL("Cannot initialize cipher"); - } - - if (key != NULL) -- cipher->key_len = crypto_parse_key(key, cipher->key, cipher_key_size(cipher)); -+ cipher->key_len = crypto_parse_key(key, cipher->key, -+ supported_stream_ciphers_key_size[method]); - else -- cipher->key_len = crypto_derive_key(pass, cipher->key, cipher_key_size(cipher)); -+ cipher->key_len = crypto_derive_key(pass, cipher->key, -+ supported_stream_ciphers_key_size[method]); - - if (cipher->key_len == 0) { - FATAL("Cannot generate key and NONCE"); - } -- if (method == RC4_MD5) { -- cipher->nonce_len = 16; -- } else { -- cipher->nonce_len = cipher_nonce_size(cipher); -- } -+ cipher->nonce_len = supported_stream_ciphers_nonce_size[method]; - cipher->method = method; - - return cipher; --- -2.39.5 -