From: Sergey Matveev <stargrave@stargrave.org>
Date: Tue, 4 Apr 2017 20:30:42 +0000 (+0300)
Subject: Merge branch 'develop'
X-Git-Tag: 7.3^0
X-Git-Url: http://www.git.cypherpunks.ru/?p=govpn.git;a=commitdiff_plain;h=8b1de1c28a4ef7b651d0196cac4d63eca35b93d1;hp=8699e7d19344ad654e18e24381e660717609bbba

Merge branch 'develop'
---

diff --git a/VERSION b/VERSION
index 5904f7a..f994162 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-7.2
+7.3
diff --git a/doc/download.texi b/doc/download.texi
index a9ee391..f12e40e 100644
--- a/doc/download.texi
+++ b/doc/download.texi
@@ -18,6 +18,10 @@ Tarballs include all necessary required libraries:
 @multitable {XXXXX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}
 @headitem Version @tab Size @tab Tarball @tab SHA256 checksum
 
+@item @ref{Release 7.2, 7.2} @tab 289 KiB
+@tab @url{download/govpn-7.2.tar.xz, link} @url{download/govpn-7.2.tar.xz.sig, sign}
+@tab @code{8C787DCD 6FFB718E 850F287E 959FCB45 7880A8A1 1C417BCA 17A86346 AC9BAAEE}
+
 @item @ref{Release 7.1, 7.1} @tab 289 KiB
 @tab @url{download/govpn-7.1.tar.xz, link} @url{download/govpn-7.1.tar.xz.sig, sign}
 @tab @code{DB656A87 508D6902 B9C8964D C20937BF C95E1E78 1998311F F8F85A95 F64862BB}
diff --git a/doc/news.ru.texi b/doc/news.ru.texi
index 3c76464..f00c3b1 100644
--- a/doc/news.ru.texi
+++ b/doc/news.ru.texi
@@ -1,6 +1,14 @@
 @node ÐÐ¾Ð²Ð¾ÑÑÐ¸
 @section ÐÐ¾Ð²Ð¾ÑÑÐ¸
 
+@node Ð ÐµÐ»Ð¸Ð· 7.3
+@subsection Ð ÐµÐ»Ð¸Ð· 7.3
+@itemize
+@item ÐÑÐ¿ÑÐ°Ð²Ð»ÐµÐ½Ð° ÑÐµÐ´ÐºÐ°Ñ Ð²Ð¾Ð·Ð¼Ð¾Ð¶Ð½Ð°Ñ Ð¾ÑÐ¸Ð±ÐºÐ° Ð¿Ð°Ð´ÐµÐ½Ð¸Ñ ÑÐµÑÐ²ÐµÑÐ° Ð²Ð¾ Ð²ÑÐµÐ¼Ñ
+rehandshake Ð¿ÑÐ¾ÑÐµÐ´ÑÑÑ.
+@item ÐÐ±Ð½Ð¾Ð²Ð»ÐµÐ½Ñ Ð·Ð°Ð²Ð¸ÑÐ¸Ð¼ÑÐµ ÐºÑÐ¸Ð¿ÑÐ¾Ð³ÑÐ°ÑÐ¸ÑÐµÑÐºÐ¸Ðµ Ð±Ð¸Ð±Ð»Ð¸Ð¾ÑÐµÐºÐ¸.
+@end itemize
+
 @node Ð ÐµÐ»Ð¸Ð· 7.2
 @subsection Ð ÐµÐ»Ð¸Ð· 7.2
 @itemize
diff --git a/doc/news.texi b/doc/news.texi
index 861004d..cb119e2 100644
--- a/doc/news.texi
+++ b/doc/news.texi
@@ -3,6 +3,14 @@
 
 See also this page @ref{ÐÐ¾Ð²Ð¾ÑÑÐ¸, on russian}.
 
+@node Release 7.3
+@section Release 7.3
+@itemize
+@item Fixed seldom possible segmentation fault on the server during
+rehandshake.
+@item Dependant cryptographic libraries are updated.
+@end itemize
+
 @node Release 7.2
 @section Release 7.2
 @itemize
diff --git a/ports/govpn/Makefile b/ports/govpn/Makefile
new file mode 100644
index 0000000..5d78be6
--- /dev/null
+++ b/ports/govpn/Makefile
@@ -0,0 +1,27 @@
+# $FreeBSD$
+
+PORTNAME=	govpn
+PORTVERSION=	7.3
+CATEGORIES=	security
+MASTER_SITES=	http://www.govpn.info/download/ \
+		http://sourceforge.net/projects/govpn/files/
+
+MAINTAINER=	stargrave@stargrave.org
+COMMENT=	Simple secure, DPI-resistant VPN daemon
+
+LICENSE=	GPLv3+
+LICENSE_FILE=	${WRKSRC}/COPYING
+
+BUILD_DEPENDS=	go:lang/go
+
+USES=		tar:xz
+MAKEFILE=	BSDmakefile
+
+PORTDOCS=	AUTHORS INSTALL NEWS README THANKS README.RU
+INFO=		govpn
+INSTALL_TARGET=	install-strip
+
+PLIST_FILES=	bin/govpn-server bin/govpn-client bin/govpn-verifier \
+		share/govpn/newclient.sh
+
+.include <bsd.port.mk>
diff --git a/ports/govpn/pkg-descr b/ports/govpn/pkg-descr
new file mode 100644
index 0000000..0981883
--- /dev/null
+++ b/ports/govpn/pkg-descr
@@ -0,0 +1,14 @@
+GoVPN is simple secure free software virtual private network daemon,
+aimed to be reviewable, secure, DPI/censorship-resistant, written on Go.
+
+It uses fast strong passphrase authenticated key agreement protocol with
+augmented zero-knowledge mutual peers authentication (PAKE DH A-EKE).
+Encrypted, authenticated data transport that hides message's length and
+timestamps. Optional encryptionless mode, that still preserves data
+confidentiality. Perfect forward secrecy property. Resistance to:
+offline dictionary attacks, replay attacks, client's passphrases
+compromising and dictionary attacks on the server side. Built-in
+heartbeating, rehandshaking, real-time statistics. Ability to work
+through UDP, TCP and HTTP proxies. IPv4/IPv6-compatibility.
+
+WWW: http://www.govpn.info/
diff --git a/src/cypherpunks.ru/govpn/cmd/govpn-server/main.go b/src/cypherpunks.ru/govpn/cmd/govpn-server/main.go
index 2beb396..3e80975 100644
--- a/src/cypherpunks.ru/govpn/cmd/govpn-server/main.go
+++ b/src/cypherpunks.ru/govpn/cmd/govpn-server/main.go
@@ -132,7 +132,11 @@ MainCycle:
 				needsDeletion = ps.peer.LastPing.Add(timeout).Before(now)
 				ps.peer.BusyR.Unlock()
 				if needsDeletion {
-					govpn.Printf(`[peer-delete bind="%s" peer="%s"]`, *bindAddr, ps.peer)
+					govpn.Printf(
+						`[peer-delete bind="%s" peer="%s"]`,
+						*bindAddr,
+						ps.peer.ID.String(),
+					)
 					delete(peers, addr)
 					delete(knownPeers, addr)
 					delete(peersByID, *ps.peer.ID)
diff --git a/src/cypherpunks.ru/govpn/cmd/govpn-server/tcp.go b/src/cypherpunks.ru/govpn/cmd/govpn-server/tcp.go
index c36da3f..61eb1e0 100644
--- a/src/cypherpunks.ru/govpn/cmd/govpn-server/tcp.go
+++ b/src/cypherpunks.ru/govpn/cmd/govpn-server/tcp.go
@@ -99,10 +99,18 @@ func handleTCP(conn net.Conn) {
 		peersByIDLock.RLock()
 		addrPrev, exists := peersByID[*peer.ID]
 		peersByIDLock.RUnlock()
+		var peerPrev *PeerState
 		if exists {
 			peersLock.Lock()
-			peers[addrPrev].terminator <- struct{}{}
-			tap = peers[addrPrev].tap
+			peerPrev = peers[addrPrev]
+			if peerPrev == nil {
+				exists = false
+				peersLock.Unlock()
+			}
+		}
+		if exists {
+			peerPrev.terminator <- struct{}{}
+			tap = peerPrev.tap
 			ps = &PeerState{
 				peer:       peer,
 				tap:        tap,
diff --git a/src/cypherpunks.ru/govpn/cmd/govpn-server/udp.go b/src/cypherpunks.ru/govpn/cmd/govpn-server/udp.go
index cdcfb56..0373517 100644
--- a/src/cypherpunks.ru/govpn/cmd/govpn-server/udp.go
+++ b/src/cypherpunks.ru/govpn/cmd/govpn-server/udp.go
@@ -136,12 +136,20 @@ func startUDP() {
 			peersByIDLock.RLock()
 			addrPrev, exists = peersByID[*peer.ID]
 			peersByIDLock.RUnlock()
+			var peerPrev *PeerState
 			if exists {
 				peersLock.Lock()
-				peers[addrPrev].terminator <- struct{}{}
+				peerPrev = peers[addrPrev]
+				if peerPrev == nil {
+					exists = false
+					peersLock.Unlock()
+				}
+			}
+			if exists {
+				peerPrev.terminator <- struct{}{}
 				psNew := &PeerState{
 					peer:       peer,
-					tap:        peers[addrPrev].tap,
+					tap:        peerPrev.tap,
 					terminator: make(chan struct{}),
 				}
 				go func(peer *govpn.Peer, tap *govpn.TAP, terminator chan struct{}) {
@@ -196,7 +204,11 @@ func startUDP() {
 					peersLock.Unlock()
 					peersByIDLock.Unlock()
 					kpLock.Unlock()
-					govpn.Printf(`[peer-created bind="%s" peer="%s"]`, *bindAddr, peer.ID.String())
+					govpn.Printf(
+						`[peer-created bind="%s" peer="%s"]`,
+						*bindAddr,
+						peer.ID.String(),
+					)
 				}(addr, peer)
 			}
 			udpBufs <- buf
diff --git a/src/golang.org/x/crypto b/src/golang.org/x/crypto
index 41d678d..573951c 160000
--- a/src/golang.org/x/crypto
+++ b/src/golang.org/x/crypto
@@ -1 +1 @@
-Subproject commit 41d678d1df78cd0410143162dff954e6dc09300f
+Subproject commit 573951cbe80bb6352881271bb276f48749eab6f4
diff --git a/utils/makedist.sh b/utils/makedist.sh
index deff778..3deab39 100755
--- a/utils/makedist.sh
+++ b/utils/makedist.sh
@@ -44,13 +44,14 @@ You can obtain releases source code prepared tarballs on
 @url{http://www.govpn.info/}.
 EOF
 make -C doc
-./utils/news.sh
+/bin/sh utils/news.sh
 rm -r doc/.well-known doc/govpn.html/.well-known utils/news.sh
 
 rm utils/makedist.sh
 find . -name .git -type d | xargs rm -fr
 find . -name .gitignore -delete
 rm .gitmodules
+rm -r ports
 
 cd ..
 tar cvf govpn-"$release".tar govpn-"$release"