Index: head/security/softether/Makefile
===================================================================
--- head/security/softether/Makefile	(revision 494159)
+++ head/security/softether/Makefile	(revision 494160)
@@ -1,134 +1,133 @@
 # $FreeBSD$
 
 PORTNAME=	softether
-DISTVERSION=	4.25-9656
-PORTREVISION=	2
+DISTVERSION=	4.29-9680
 CATEGORIES=	security
-MASTER_SITES=	https://www.softether-download.com/files/softether/v${DISTVERSION}-rtm-2018.01.15-tree/Source_Code/
+MASTER_SITES=	https://www.softether-download.com/files/softether/v${DISTVERSION}-rtm-2019.02.28-tree/Source_Code/
 DISTNAME=	${PORTNAME}-src-v${DISTVERSION}-rtm
 
 MAINTAINER=	meta@FreeBSD.org
 COMMENT=	Softether VPN solution
 
 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
 ONLY_FOR_ARCHS=	amd64 i386
 ONLY_FOR_ARCHS_REASON=	Upstream only supports amd64 and i386: https://www.softether.org/3-spec
 
 USES=		dos2unix gmake iconv:wchar_t localbase:ldflags ncurses \
 		readline ssl
 USE_RC_SUBR=	softether_bridge softether_client softether_server
 
 DOS2UNIX_FILES=	ChangeLog LICENSE README *.TXT \
 		src/Cedar/*.* src/Mayaqua/*.*
 
 OPTIONS_DEFINE=	DOCS UNLOCK
 
 # Use of some functions in Japan and China is restricted.
 # This option Unlocks regional lockout following functions:
 #  - RADIUS / NT Domain user authentication function
 #  - RSA certificate user authentication function
 #  - Deep-inspect packet logging function
 #  - Source IP address control list function
 #  - syslog transfer function
 UNLOCK_DESC=	Unlock regional lockout (JP and CN)
 UNLOCK_EXTRA_PATCHES=	${FILESDIR}/extra-patch-unrestrict-enterprise-functions
 
 CONFLICTS_INSTALL=	softether-devel-4.* softether5
 PORTDOCS=	AUTHORS.TXT ChangeLog LICENSE README THIRD_PARTY.TXT WARNING.TXT
 
 SE_DBDIR?=	/var/db/${PORTNAME}
 SE_LOGDIR?=	/var/log/${PORTNAME}
 PLIST_SUB=	SE_DBDIR="${SE_DBDIR}" SE_LOGDIR="${SE_LOGDIR}"
 SUB_LIST=	SE_DBDIR="${SE_DBDIR}" SE_LOGDIR="${SE_LOGDIR}"
 SUB_FILES=	pkg-message vpncmd
 
 CPPFLAGS+=	-I${LOCALBASE}/include
 LDFLAGS+=	-L${LOCALBASE}/lib
 
 # a pity the source directory has such a naming scheme, but well
 WRKSRC=		${WRKDIR}/v${DISTVERSION}
 
 ALL_TARGET=	build
 
 .include <bsd.port.options.mk>
 
 post-patch:
 	# SoftEther scatters logs, config files and PID files in PREFIX/libexec
 	# directory. To write them in the right place, replace it.
 	${REINPLACE_CMD} \
 		-e "s|@vpn_server_template|${SE_DBDIR}/vpn_server_template|" \
 		-e "s|@vpn_server|${SE_DBDIR}/vpn_server|" \
 		-e "s|@vpn_bridge|${SE_DBDIR}/vpn_bridge|" \
 		-e "s|@vpn_gate_svc|${SE_DBDIR}/vpn_gate_svc|" \
 		-e "s|@vpn_gate_relay|${SE_DBDIR}/vpn_gate_relay|" \
 		${WRKSRC}/src/Cedar/Server.c
 
 	${REINPLACE_CMD} \
 		-e "s|@adminip|${SE_DBDIR}/adminip|" \
 		-e "s|@etherlogger|${SE_DBDIR}/etherlogger|" \
 		-e "s|@vpn_client|${SE_DBDIR}/vpn_client|" \
 		-e "s|@vpn_router|${SE_DBDIR}/vpn_router|" \
 		-e "s|@custom|${SE_DBDIR}/custom|" \
 		-e "s|@backup|${SE_DBDIR}/backup|" \
 		-e "s|@save_binary|${SE_DBDIR}/save_binary|" \
 		-e "s|@lang|${SE_DBDIR}/lang|" \
 		-e "s|@azureserver|${SE_DBDIR}/azureserver|" \
 		-e "s|@server_log|${SE_DIR}/server|" \
 		-e "s|@security_log|${SE_LOGDIR}/security|" \
 		-e "s|@packet_log|${SE_LOGDIR}/packet|" \
 		-e "s|@secure_nat_log|${SE_LOGDIR}/secure_nat|" \
 		-e "s|@client_log|${SE_LOGDIR}/client|" \
 		-e "s|@tiny_log|${SE_LOGDIR}/tiny|" \
 		-e "s|@carrier_log|${SE_LOGDIR}/carrier|" \
 		-e "s|@etherlogger_log|${SE_LOGDIR}/etherlogger|" \
 		${WRKSRC}/src/Cedar/Cedar.h \
 		${WRKSRC}/src/Cedar/Client.h \
 		${WRKSRC}/src/Cedar/Nat.h \
 		${WRKSRC}/src/Cedar/Server.c \
 		${WRKSRC}/src/Mayaqua/Cfg.c \
 		${WRKSRC}/src/Mayaqua/Cfg.h \
 		${WRKSRC}/src/Mayaqua/Table.h
 
 	${REINPLACE_CMD} \
 		-e "s|abort_error_log\.txt|${SE_LOGDIR}/abort_error_log.txt|" \
 		${WRKSRC}/src/Mayaqua/Kernel.c
 
 	${REINPLACE_CMD} \
 		-e "s|%%SE_DBDIR%%|${SE_DBDIR}|g" \
 		${WRKSRC}/src/Cedar/Protocol.c \
 		${WRKSRC}/src/Mayaqua/Unix.c \
 		${WRKSRC}/src/Mayaqua/Network.c
 
 	# skip configure at all and copy the corresponding Makefile in place
 .if ${ARCH} != "amd64"
 	@${CP} ${WRKSRC}/src/makefiles/freebsd_32bit.mak ${WRKSRC}/Makefile
 .else
 	@${CP} ${WRKSRC}/src/makefiles/freebsd_64bit.mak ${WRKSRC}/Makefile
 .endif
 	# pull in user specific CFLAGS and LDFLAGS
 	@${REINPLACE_CMD} -e "s|OPTIONS_COMPILE_RELEASE=|OPTIONS_COMPILE_RELEASE=${CFLAGS} |g" ${WRKSRC}/Makefile
 	@${REINPLACE_CMD} -e "s|OPTIONS_LINK_RELEASE=|OPTIONS_LINK_RELEASE=${LDFLAGS} |g" ${WRKSRC}/Makefile
 
 # manually install to ${PREFIX}/libexec/softether, then the final install will copy scripts
 # into ${PREFIX}/sbin
 do-install:
 	${MKDIR} ${STAGEDIR}/${PREFIX}/libexec/softether
 	${INSTALL_SCRIPT} ${WRKSRC}/bin/vpnbridge/vpnbridge ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/vpnbridge
 	${INSTALL_SCRIPT} ${WRKSRC}/bin/vpnclient/vpnclient ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/vpnclient
 	${INSTALL_SCRIPT} ${WRKSRC}/bin/vpncmd/vpncmd ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/vpncmd
 	${INSTALL_SCRIPT} ${WRKSRC}/bin/vpnserver/vpnserver ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/vpnserver
 	${INSTALL_DATA} ${WRKSRC}/bin/vpnserver/hamcore.se2 ${STAGEDIR}/${PREFIX}/libexec/${PORTNAME}/hamcore.se2
 	${INSTALL_SCRIPT} ${WRKDIR}/vpncmd ${STAGEDIR}/${PREFIX}/sbin/vpncmd
 .for i in vpnbridge vpnclient vpncmd vpnserver
 	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/${PORTNAME}/${i}
 .endfor
 	@${MKDIR} ${STAGEDIR}${DOCSDIR}
 	@${MKDIR} ${STAGEDIR}${SE_DBDIR}
 	@${MKDIR} ${STAGEDIR}${SE_LOGDIR}
 .for doc in ${PORTDOCS}
 	${INSTALL_DATA} ${WRKSRC}/${doc} ${STAGEDIR}${DOCSDIR}
 .endfor
 
 .include <bsd.port.mk>
Index: head/security/softether/distinfo
===================================================================
--- head/security/softether/distinfo	(revision 494159)
+++ head/security/softether/distinfo	(revision 494160)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1517525651
-SHA256 (softether-src-v4.25-9656-rtm.tar.gz) = b946dec3da5833ad2be69125224784b8a8e2a4149297d0c0a907ba0e1c4535f8
-SIZE (softether-src-v4.25-9656-rtm.tar.gz) = 33743898
+TIMESTAMP = 1551353603
+SHA256 (softether-src-v4.29-9680-rtm.tar.gz) = e6035fa7d9aaf59bdb342cd7ab5ecfdff89811a875f62a3230208cdc8a4e26e4
+SIZE (softether-src-v4.29-9680-rtm.tar.gz) = 33759397
Index: head/security/softether/files/patch-src__Mayaqua__Network.c
===================================================================
--- head/security/softether/files/patch-src__Mayaqua__Network.c	(revision 494159)
+++ head/security/softether/files/patch-src__Mayaqua__Network.c	(nonexistent)
@@ -1,19 +0,0 @@
---- src/Mayaqua/Network.c.orig	2016-05-03 06:16:53 UTC
-+++ src/Mayaqua/Network.c
-@@ -13025,10 +13025,15 @@
- 		{
- 			if (client_tls == false)
- 			{
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#ifndef OPENSSL_NO_SSL3
- 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method());
- #else
- 				SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
-+				SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_TLSv1
-+#ifdef SSL_OP_NO_TLSv1_2
-+				| SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2
-+#endif
-+				);
- #endif
- 			}
- 			else

Property changes on: head/security/softether/files/patch-src__Mayaqua__Network.c
___________________________________________________________________
Deleted: fbsd:nokeywords
## -1 +0,0 ##
-yes
\ No newline at end of property
Deleted: svn:eol-style
## -1 +0,0 ##
-native
\ No newline at end of property
Deleted: svn:mime-type
## -1 +0,0 ##
-text/plain
\ No newline at end of property
Index: head/security/softether/files/patch-fix-build-openssl111
===================================================================
--- head/security/softether/files/patch-fix-build-openssl111	(revision 494159)
+++ head/security/softether/files/patch-fix-build-openssl111	(nonexistent)
@@ -1,22 +0,0 @@
---- src/Mayaqua/Encrypt.c.orig	2018-11-06 08:15:31 UTC
-+++ src/Mayaqua/Encrypt.c
-@@ -2684,7 +2684,7 @@ bool RsaCheck()
- 	BIO *bio;
- 	char errbuf[MAX_SIZE];
- 	UINT size = 0;
--	UINT bit = 32;
-+	UINT bit = RSA_KEY_SIZE;
- 	// Validate arguments
- 
- 	// Key generation
---- src/Mayaqua/Encrypt.h.orig	2018-11-06 08:15:31 UTC
-+++ src/Mayaqua/Encrypt.h
-@@ -128,7 +128,7 @@ void RAND_Free_For_SoftEther();
- #define	DES_IV_SIZE					8			// DES IV size
- #define DES_BLOCK_SIZE				8			// DES block size
- #define DES3_KEY_SIZE				(8 * 3)		// 3DES key size
--#define RSA_KEY_SIZE				128			// RSA key size
-+#define RSA_KEY_SIZE				4096			// RSA key size
- #define DH_KEY_SIZE					128			// DH key size
- #define	RSA_MIN_SIGN_HASH_SIZE		(15 + SHA1_HASH_SIZE)	// Minimum RSA hash size
- #define	RSA_SIGN_HASH_SIZE			(RSA_MIN_SIGN_HASH_SIZE)	// RSA hash size

Property changes on: head/security/softether/files/patch-fix-build-openssl111
___________________________________________________________________
Deleted: fbsd:nokeywords
## -1 +0,0 ##
-yes
\ No newline at end of property
Deleted: svn:eol-style
## -1 +0,0 ##
-native
\ No newline at end of property
Deleted: svn:mime-type
## -1 +0,0 ##
-text/plain
\ No newline at end of property
Index: head/security/softether/files/patch-chain-certs-dir
===================================================================
--- head/security/softether/files/patch-chain-certs-dir	(revision 494159)
+++ head/security/softether/files/patch-chain-certs-dir	(revision 494160)
@@ -1,31 +1,31 @@
---- src/Cedar/Protocol.c.orig	2019-02-03 19:43:50 UTC
+--- src/Cedar/Protocol.c.orig	2019-02-28 08:10:54 UTC
 +++ src/Cedar/Protocol.c
-@@ -58,7 +58,7 @@ bool TryGetRootCertChain(LIST *o, X *x, bool auto_save
+@@ -164,7 +164,7 @@ bool TryGetRootCertChain(LIST *o, X *x, bool auto_save
  		wchar_t exedir[MAX_SIZE];
  
  		GetExeDirW(exedir, sizeof(exedir));
 -		CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
 +		CombinePathW(dirname, sizeof(dirname), L"%%SE_DBDIR%%", L"chain_certs");
  		MakeDirExW(dirname);
  
  		if (auto_save)
-@@ -365,7 +365,7 @@ void AddAllChainCertsToCertList(LIST *o)
+@@ -471,7 +471,7 @@ void AddAllChainCertsToCertList(LIST *o)
  
  	GetExeDirW(exedir, sizeof(exedir));
  
 -	CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
 +	CombinePathW(dirname, sizeof(dirname), L"%%SE_DBDIR%%", L"chain_certs");
  
  	MakeDirExW(dirname);
  
---- src/Mayaqua/Network.c.orig	2019-02-03 19:43:50 UTC
+--- src/Mayaqua/Network.c.orig	2019-02-28 08:10:54 UTC
 +++ src/Mayaqua/Network.c
-@@ -11520,7 +11520,7 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx
+@@ -12821,7 +12821,7 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx
  
  	GetExeDirW(exedir, sizeof(exedir));
  
 -	CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs");
 +	CombinePathW(dirname, sizeof(dirname), L"%%SE_DBDIR%%", L"chain_certs");
  
  	MakeDirExW(dirname);
  
Index: head/security/softether/files/patch-piddir
===================================================================
--- head/security/softether/files/patch-piddir	(revision 494159)
+++ head/security/softether/files/patch-piddir	(revision 494160)
@@ -1,29 +1,29 @@
---- src/Mayaqua/Unix.c.orig	2019-02-03 19:43:50 UTC
+--- src/Mayaqua/Unix.c.orig	2019-02-28 08:10:54 UTC
 +++ src/Mayaqua/Unix.c
-@@ -774,7 +774,7 @@ void *UnixNewSingleInstance(char *instance_name)
+@@ -927,7 +927,7 @@ void *UnixNewSingleInstance(char *instance_name)
  	GetExeDir(dir, sizeof(dir));
  
  	// File name generation
 -	Format(name, sizeof(name), "%s/.%s", dir, tmp);
 +	Format(name, sizeof(name), "%%SE_DBDIR%%/.%s", tmp);
  
  	fd = open(name, O_WRONLY);
  	if (fd == -1)
-@@ -2194,7 +2194,7 @@ void UnixGenPidFileName(char *name, UINT size)
- 	Md5(hash, exe_name, StrLen(exe_name));
+@@ -2385,7 +2385,7 @@ void UnixGenPidFileName(char *name, UINT size)
+ 	Hash(hash, exe_name, StrLen(exe_name), false);
  	BinToStr(tmp1, sizeof(tmp1), hash, sizeof(hash));
  
 -	Format(name, size, "%s/.pid_%s", dir, tmp1);
 +	Format(name, size, "%%SE_DBDIR%%/.pid_%s", tmp1);
  }
  
  // Delete the PID file
-@@ -2239,7 +2239,7 @@ void UnixGenCtlFileName(char *name, UINT size)
- 	Md5(hash, exe_name, StrLen(exe_name));
+@@ -2430,7 +2430,7 @@ void UnixGenCtlFileName(char *name, UINT size)
+ 	Hash(hash, exe_name, StrLen(exe_name), false);
  	BinToStr(tmp1, sizeof(tmp1), hash, sizeof(hash));
  
 -	Format(name, size, "%s/.ctl_%s", dir, tmp1);
 +	Format(name, size, "%%SE_DBDIR%%/.ctl_%s", tmp1);
  }
  
  // Write the CTL file