security/softether-devel: Update to v4.30-9696-beta

The biggest topics of this version are JSON-RPC API and HTML5 based admin console.

Here's the summary of changes:
* Added the SoftEther VPN Server JSON-RPC API Suite implementation
* Added the Embedded HTML5-based Modern Admin Console
* Fixed the problem occurs when RPC messages between Cluster Members exceed 64Kbytes
* Fixed the RADIUS PEAP client to use the standard TLS versioning
* Added the support of ChaCha20-Poly1305-IETF AEAD for RUDP
* Added the function to display the protocol details about the VPN session
* Fixed the bug that the language switching function was disabled. (Build 9695 -> Build 9696)

Relnotes:	https://www.softether.org/5-download/history
Sponsored by:	HAW International, Inc.

4 files changed, 54 insertions, 48 deletions

diff --git a/security/softether-devel/Makefile b/security/softether-devel/Makefile
index 4b236dab49e1..1b9d1333368f 100644
--- a/security/softether-devel/Makefile
+++ b/security/softether-devel/Makefile
@@ -1,22 +1,22 @@
 # $FreeBSD$
 
 PORTNAME=	softether
-DISTVERSION=	4.28-9669-beta
-PORTREVISION=	2
+DISTVERSION=	4.30-9696-beta
+#PORTREVISION=	0
 CATEGORIES=	security
-MASTER_SITES=	https://www.softether-download.com/files/softether/v${DISTVERSION}-2018.09.11-tree/Source_Code/
+MASTER_SITES=	https://www.softether-download.com/files/softether/v${DISTVERSION}-2019.07.08-tree/Source_Code/
 PKGNAMESUFFIX=	-devel
 DISTNAME=	${PORTNAME}-src-v${DISTVERSION}
 
 MAINTAINER=	meta@FreeBSD.org
 COMMENT=	Softether VPN 4 (stable beta version)
 
-LICENSE=	GPLv2
+LICENSE=	APACHE20
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
 ONLY_FOR_ARCHS=	amd64 i386
 ONLY_FOR_ARCHS_REASON=	Upstream only supports amd64 and i386: https://www.softether.org/3-spec
-IGNORE=		no beta version available right now, use security/softether instead
+#IGNORE=		no beta version available right now, use security/softether instead
 
 USES=		dos2unix gmake iconv:wchar_t localbase:ldflags ncurses \
 		readline ssl
diff --git a/security/softether-devel/distinfo b/security/softether-devel/distinfo
index 2611a24b7501..e4476186e8e7 100644
--- a/security/softether-devel/distinfo
+++ b/security/softether-devel/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1542201488
-SHA256 (softether-src-v4.28-9669-beta.tar.gz) = 1e641fa227a732b3eec3fe8bdcf4d4fd2b1d0b0a5084119126c1216d2ec1b545
-SIZE (softether-src-v4.28-9669-beta.tar.gz) = 33795085
+TIMESTAMP = 1562582908
+SHA256 (softether-src-v4.30-9696-beta.tar.gz) = 07b6fb3a677ab9eef42fc5a6abee414904552bcdc66baa56ebd3896bf2a8b490
+SIZE (softether-src-v4.30-9696-beta.tar.gz) = 34687742
diff --git a/security/softether-devel/files/patch-fix-build-openssl111 b/security/softether-devel/files/patch-fix-build-openssl111
index a7a9608c576f..29b0ce358702 100644
--- a/security/softether-devel/files/patch-fix-build-openssl111
+++ b/security/softether-devel/files/patch-fix-build-openssl111
@@ -1,22 +1,47 @@
---- src/Mayaqua/Encrypt.c.orig	2018-11-06 08:15:31 UTC
-+++ src/Mayaqua/Encrypt.c
-@@ -2684,7 +2684,7 @@ bool RsaCheck()
- 	BIO *bio;
- 	char errbuf[MAX_SIZE];
- 	UINT size = 0;
--	UINT bit = 32;
-+	UINT bit = RSA_KEY_SIZE;
- 	// Validate arguments
+--- src/Mayaqua/Network.c.orig	2019-07-09 22:00:31.540606000 +0900
++++ src/Mayaqua/Network.c	2019-07-09 22:00:37.550748000 +0900
+@@ -5946,6 +5946,10 @@
+ 	return 1;
+ }
  
- 	// Key generation
---- src/Mayaqua/Encrypt.h.orig	2018-11-06 08:15:31 UTC
-+++ src/Mayaqua/Encrypt.h
-@@ -128,7 +128,7 @@ void RAND_Free_For_SoftEther();
- #define	DES_IV_SIZE					8			// DES IV size
- #define DES_BLOCK_SIZE				8			// DES block size
- #define DES3_KEY_SIZE				(8 * 3)		// 3DES key size
--#define RSA_KEY_SIZE				128			// RSA key size
-+#define RSA_KEY_SIZE				4096			// RSA key size
- #define DH_KEY_SIZE					128			// DH key size
- #define	RSA_MIN_SIGN_HASH_SIZE		(15 + SHA1_HASH_SIZE)	// Minimum RSA hash size
- #define	RSA_SIGN_HASH_SIZE			(RSA_MIN_SIGN_HASH_SIZE)	// RSA hash size
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#define X509_STORE_CTX_get0_cert(o) ((o)->cert)
++#endif
++
+ // Verify client SSL certificate during TLS handshake.
+ //
+ // (actually, only save the certificate for later authentication in Protocol.c)
+@@ -5953,27 +5957,27 @@
+ {
+ 	SSL *ssl;
+ 	struct SslClientCertInfo *clientcert;
++	X509 *cert;
+ 
+ 	ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+ 	clientcert = SSL_get_ex_data(ssl, GetSslClientCertIndex());
+ 
+ 	if (clientcert != NULL)
+ 	{
+-		clientcert->PreverifyErr = 0;
++		clientcert->PreverifyErr = X509_STORE_CTX_get_error(ctx);
+ 		clientcert->PreverifyErrMessage[0] = '\0';
+ 		if (!preverify_ok)
+ 		{
+-			char *msg;
+-			clientcert->PreverifyErr = X509_STORE_CTX_get_error(ctx);
+-			msg = (char *)X509_verify_cert_error_string(clientcert->PreverifyErr);
++			const char *msg = X509_verify_cert_error_string(clientcert->PreverifyErr);
+ 			StrCpy(clientcert->PreverifyErrMessage, PREVERIFY_ERR_MESSAGE_SIZE, msg);
+ 			Debug("SslCertVerifyCallback preverify error: '%s'\n", msg);
+ 		}
+ 		else
+ 		{
+-			if (ctx->cert != NULL)
++			cert = X509_STORE_CTX_get0_cert(ctx);
++			if (cert != NULL)
+ 			{
+-				X *tmpX = X509ToX(ctx->cert); // this only wraps ctx->cert, but we need to make a copy
++				X *tmpX = X509ToX(cert); // this only wraps cert, but we need to make a copy
+ 				X *copyX = CloneX(tmpX);
+ 				tmpX->do_not_free = true; // do not release inner X509 object
+ 				FreeX(tmpX);
diff --git a/security/softether-devel/files/patch-src__Mayaqua__Network.c b/security/softether-devel/files/patch-src__Mayaqua__Network.c
deleted file mode 100644
index 21cc6ec639e5..000000000000
--- a/security/softether-devel/files/patch-src__Mayaqua__Network.c
+++ /dev/null
@@ -1,19 +0,0 @@
---- src/Mayaqua/Network.c.orig	2016-05-03 06:16:53 UTC
-+++ src/Mayaqua/Network.c
-@@ -13025,10 +13025,15 @@
- 		{
- 			if (client_tls == false)
- 			{
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#ifndef OPENSSL_NO_SSL3
- 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method());
- #else
- 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
-+				SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_TLSv1
-+#ifdef SSL_OP_NO_TLSv1_2
-+				| SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2
-+#endif
-+				);
- #endif
- 			}
- 			else