Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 3 May 2016 21:15:44 +0000 (UTC)
From:      Bernard Spil <brnrd@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r414560 - head/security/libressl
Message-ID:  <201605032115.u43LFite089350@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: brnrd
Date: Tue May  3 21:15:43 2016
New Revision: 414560
URL: https://svnweb.freebsd.org/changeset/ports/414560

Log:
  security/libressl: Update to 2.3.4
  
    - Upstream marked the 2.3 branch as stable
    - Bump SHLIB_VERSION in bsd.openssl.mk
    - Note SHLIB_VERSION bump and SSLv3 removal in UPDATING
    - Add TLS-enabled netcat binary
    - Fix linking issues with MySQL 5.7 [1]
    - Includes vulnerability fixes [2]
  
  PR:		208759 [1]
  Security:	01d729ca-1143-11e6-b55e-b499baebfeaf [2]
  Reviewed_by:	feld (mentor), koobs (mentor)
  Approved by:	feld (mentor, ports-secteam)
  Differential Revision:	D5902

Modified:
  head/security/libressl/Makefile
  head/security/libressl/distinfo
  head/security/libressl/pkg-plist

Modified: head/security/libressl/Makefile
==============================================================================
--- head/security/libressl/Makefile	Tue May  3 21:13:13 2016	(r414559)
+++ head/security/libressl/Makefile	Tue May  3 21:15:43 2016	(r414560)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	libressl
-PORTVERSION=	2.2.6
+PORTVERSION=	2.3.4
 CATEGORIES=	security devel
 MASTER_SITES=	OPENBSD/LibreSSL
 
@@ -14,26 +14,28 @@ LICENSE_FILE=	${WRKSRC}/COPYING
 
 CPE_VENDOR=	openbsd
 
-OPTIONS_DEFINE=	MAN3
-OPTIONS_DEFAULT=	MAN3
+OPTIONS_DEFINE=	MAN3 NC
+OPTIONS_DEFAULT=	MAN3 NC
 MAN3_DESC=	Install API manpages (section 3)
+NC_DESC=	Install TLS-enabled netcat
 
 CONFLICTS?=	libressl-devel-[0-9]* \
 		openssl-[0-9]* \
 		openssl-devel-[0-9]*
+MAKE_JOBS_UNSAFE=	yes
 
 GNU_CONFIGURE=	yes
 USES=		cpe libtool pathfix pkgconfig
 USE_LDCONFIG=	yes
+OPTIONS_SUB=	yes
+CFLAGS+=	-fpic -DPIC
 
 INSTALL_TARGET=	install-strip
 TEST_TARGET=	check
 
-.include <bsd.port.pre.mk>
-
-.if ${ARCH} == "amd64"
-CONFIGURE_TARGET=	x86_64-portbld-${OPSYS:tl}${OSREL}
-.endif
+post-install-NC-on:
+	${INSTALL_PROGRAM} ${WRKSRC}/apps/nc/.libs/nc ${STAGEDIR}/${PREFIX}/bin/nc
+	${INSTALL_MAN} ${WRKSRC}/apps/nc/nc.1 ${STAGEDIR}/${PREFIX}/man/man1/nc.1
 
 post-install-MAN3-off:
 	${RM} -rf ${STAGEDIR}/${PREFIX}/man/man3
@@ -42,4 +44,4 @@ post-install-MAN3-off:
 post-install:
 	${RM} -rf ${STAGEDIR}/${PREFIX}/etc/ssl/cert.pem
 
-.include <bsd.port.post.mk>
+.include <bsd.port.mk>

Modified: head/security/libressl/distinfo
==============================================================================
--- head/security/libressl/distinfo	Tue May  3 21:13:13 2016	(r414559)
+++ head/security/libressl/distinfo	Tue May  3 21:15:43 2016	(r414560)
@@ -1,2 +1,2 @@
-SHA256 (libressl-2.2.6.tar.gz) = 1ee19994cffd047d40f63ba149115dba18a681b0cc923beec301bf424b58d64f
-SIZE (libressl-2.2.6.tar.gz) = 2965531
+SHA256 (libressl-2.3.4.tar.gz) = 7a1135b2620f78928e89538c211a4df1d9415994001d1e7c9178c6b6d72de6a9
+SIZE (libressl-2.3.4.tar.gz) = 3013286

Modified: head/security/libressl/pkg-plist
==============================================================================
--- head/security/libressl/pkg-plist	Tue May  3 21:13:13 2016	(r414559)
+++ head/security/libressl/pkg-plist	Tue May  3 21:15:43 2016	(r414560)
@@ -1,3 +1,4 @@
+%%NC%%bin/nc
 bin/openssl
 etc/ssl/openssl.cnf
 etc/ssl/x509v3.cnf
@@ -23,7 +24,6 @@ include/openssl/dh.h
 include/openssl/dsa.h
 include/openssl/dso.h
 include/openssl/dtls1.h
-include/openssl/e_os2.h
 include/openssl/ec.h
 include/openssl/ecdh.h
 include/openssl/ecdsa.h
@@ -75,20 +75,21 @@ include/openssl/x509v3.h
 include/tls.h
 lib/libcrypto.a
 lib/libcrypto.so
-lib/libcrypto.so.35
-lib/libcrypto.so.35.0.0
+lib/libcrypto.so.37
+lib/libcrypto.so.37.0.0
 lib/libssl.a
 lib/libssl.so
-lib/libssl.so.35
-lib/libssl.so.35.0.0
+lib/libssl.so.38
+lib/libssl.so.38.0.0
 lib/libtls.a
 lib/libtls.so
-lib/libtls.so.6
-lib/libtls.so.6.0.0
+lib/libtls.so.10
+lib/libtls.so.10.0.0
 libdata/pkgconfig/libcrypto.pc
 libdata/pkgconfig/libssl.pc
 libdata/pkgconfig/libtls.pc
 libdata/pkgconfig/openssl.pc
+%%NC%%man/man1/nc.1.gz
 man/man1/openssl.1.gz
 man/man3/ASN1_OBJECT_free.3.gz
 man/man3/ASN1_OBJECT_new.3.gz
@@ -358,6 +359,7 @@ man/man3/BUF_MEM_new.3.gz
 man/man3/BUF_strdup.3.gz
 man/man3/CMS_add0_cert.3.gz
 man/man3/CMS_add1_recipient_cert.3.gz
+man/man3/CMS_add1_signer.3.gz
 man/man3/CMS_compress.3.gz
 man/man3/CMS_decrypt.3.gz
 man/man3/CMS_encrypt.3.gz
@@ -367,7 +369,6 @@ man/man3/CMS_get0_SignerInfos.3.gz
 man/man3/CMS_get0_type.3.gz
 man/man3/CMS_get1_ReceiptRequest.3.gz
 man/man3/CMS_sign.3.gz
-man/man3/CMS_sign_add1_signer.3.gz
 man/man3/CMS_sign_receipt.3.gz
 man/man3/CMS_uncompress.3.gz
 man/man3/CMS_verify.3.gz
@@ -383,6 +384,8 @@ man/man3/CRYPTO_THREADID_current.3.gz
 man/man3/CRYPTO_THREADID_get_callback.3.gz
 man/man3/CRYPTO_THREADID_hash.3.gz
 man/man3/CRYPTO_THREADID_set_callback.3.gz
+man/man3/CRYPTO_THREADID_set_numeric.3.gz
+man/man3/CRYPTO_THREADID_set_pointer.3.gz
 man/man3/CRYPTO_add.3.gz
 man/man3/CRYPTO_add_lock.3.gz
 man/man3/CRYPTO_destroy_dynlockid.3.gz
@@ -400,6 +403,7 @@ man/man3/CRYPTO_set_id_callback.3.gz
 man/man3/CRYPTO_set_locking_callback.3.gz
 man/man3/CRYPTO_w_lock.3.gz
 man/man3/CRYPTO_w_unlock.3.gz
+man/man3/DECLARE_LHASH_OF.3.gz
 man/man3/DES_cbc_cksum.3.gz
 man/man3/DES_cfb64_encrypt.3.gz
 man/man3/DES_cfb_encrypt.3.gz
@@ -645,6 +649,14 @@ man/man3/ERR_remove_state.3.gz
 man/man3/ERR_remove_thread_state.3.gz
 man/man3/ERR_set_mark.3.gz
 man/man3/EVP_BytesToKey.3.gz
+man/man3/EVP_AEAD_CTX_cleanup.3.gz
+man/man3/EVP_AEAD_CTX_init.3.gz
+man/man3/EVP_AEAD_CTX_open.3.gz
+man/man3/EVP_AEAD_CTX_seal.3.gz
+man/man3/EVP_AEAD_key_length.3.gz
+man/man3/EVP_AEAD_max_overhead.3.gz
+man/man3/EVP_AEAD_max_tag_len.3.gz
+man/man3/EVP_AEAD_nonce_length.3.gz
 man/man3/EVP_CIPHER_CTX_block_size.3.gz
 man/man3/EVP_CIPHER_CTX_cipher.3.gz
 man/man3/EVP_CIPHER_CTX_cleanup.3.gz
@@ -713,7 +725,6 @@ man/man3/EVP_MD_type.3.gz
 man/man3/EVP_OpenFinal.3.gz
 man/man3/EVP_OpenInit.3.gz
 man/man3/EVP_OpenUpdate.3.gz
-man/man3/EVP_PKEVP_PKEY_CTX_set_app_data.3.gz
 man/man3/EVP_PKEY_CTX_ctrl.3.gz
 man/man3/EVP_PKEY_CTX_ctrl_str.3.gz
 man/man3/EVP_PKEY_CTX_dup.3.gz
@@ -741,7 +752,6 @@ man/man3/EVP_PKEY_assign_RSA.3.gz
 man/man3/EVP_PKEY_cmp.3.gz
 man/man3/EVP_PKEY_cmp_parameters.3.gz
 man/man3/EVP_PKEY_copy_parameters.3.gz
-man/man3/EVP_PKEY_ctrl_str.3.gz
 man/man3/EVP_PKEY_decrypt.3.gz
 man/man3/EVP_PKEY_decrypt_init.3.gz
 man/man3/EVP_PKEY_derive.3.gz
@@ -786,6 +796,10 @@ man/man3/EVP_SignUpdate.3.gz
 man/man3/EVP_VerifyFinal.3.gz
 man/man3/EVP_VerifyInit.3.gz
 man/man3/EVP_VerifyUpdate.3.gz
+man/man3/EVP_aead_aes_128_gcm.3.gz
+man/man3/EVP_aead_aes_256_gcm.3.gz
+man/man3/EVP_aead_chacha20_poly1305.3.gz
+man/man3/EVP_aead_chacha20_poly1305_ietf.3.gz
 man/man3/EVP_aes_128_ccm.3.gz
 man/man3/EVP_aes_128_gcm.3.gz
 man/man3/EVP_aes_192_ccm.3.gz
@@ -843,7 +857,6 @@ man/man3/EVP_rc5_32_12_16_cfb.3.gz
 man/man3/EVP_rc5_32_12_16_ecb.3.gz
 man/man3/EVP_rc5_32_12_16_ofb.3.gz
 man/man3/EVP_ripemd160.3.gz
-man/man3/EVP_sha.3.gz
 man/man3/EVP_sha1.3.gz
 man/man3/EVP_sha224.3.gz
 man/man3/EVP_sha256.3.gz
@@ -854,6 +867,10 @@ man/man3/HMAC_Final.3.gz
 man/man3/HMAC_Init.3.gz
 man/man3/HMAC_Update.3.gz
 man/man3/HMAC_cleanup.3.gz
+man/man3/LHASH_COMP_FN_TYPE.3.gz
+man/man3/LHASH_DOALL_ARG_FN_TYPE.3.gz
+man/man3/LHASH_DOALL_FN_TYPE.3.gz
+man/man3/LHASH_HASH_FN_TYPE.3.gz
 man/man3/MD2.3.gz
 man/man3/MD2_Final.3.gz
 man/man3/MD2_Init.3.gz
@@ -985,7 +1002,6 @@ man/man3/RIPEMD160.3.gz
 man/man3/RIPEMD160_Final.3.gz
 man/man3/RIPEMD160_Init.3.gz
 man/man3/RIPEMD160_Update.3.gz
-man/man3/RSA_PKCS1_RSAref.3.gz
 man/man3/RSA_PKCS1_SSLeay.3.gz
 man/man3/RSA_blinding_off.3.gz
 man/man3/RSA_blinding_on.3.gz
@@ -1086,7 +1102,6 @@ man/man3/SSL_CTX_sess_number.3.gz
 man/man3/SSL_CTX_sess_set_cache_size.3.gz
 man/man3/SSL_CTX_sess_set_get_cb.3.gz
 man/man3/SSL_CTX_sess_set_new_cb.3.gz
-man/man3/SSL_CTX_sess_set_remove.3.gz
 man/man3/SSL_CTX_sess_set_remove_cb.3.gz
 man/man3/SSL_CTX_sess_timeouts.3.gz
 man/man3/SSL_CTX_sessions.3.gz
@@ -1157,7 +1172,6 @@ man/man3/SSL_free.3.gz
 man/man3/SSL_get0_session.3.gz
 man/man3/SSL_get1_session.3.gz
 man/man3/SSL_get_SSL_CTX.3.gz
-man/man3/SSL_get_accept_state.3.gz
 man/man3/SSL_get_cipher.3.gz
 man/man3/SSL_get_cipher_bits.3.gz
 man/man3/SSL_get_cipher_list.3.gz
@@ -1175,7 +1189,6 @@ man/man3/SSL_get_fd.3.gz
 man/man3/SSL_get_info_callback.3.gz
 man/man3/SSL_get_max_cert_list.3.gz
 man/man3/SSL_get_mode.3.gz
-man/man3/SSL_get_msg_callback_arg.3.gz
 man/man3/SSL_get_options.3.gz
 man/man3/SSL_get_peer_cert_chain.3.gz
 man/man3/SSL_get_peer_certificate.3.gz
@@ -1367,7 +1380,6 @@ man/man3/bn_dump.3.gz
 man/man3/bn_expand.3.gz
 man/man3/bn_expand2.3.gz
 man/man3/bn_fix_top.3.gz
-man/man3/bn_internal.3.gz
 man/man3/bn_mul_add_words.3.gz
 man/man3/bn_mul_comba4.3.gz
 man/man3/bn_mul_comba8.3.gz
@@ -1413,7 +1425,6 @@ man/man3/d2i_ECPKParameters.3.gz
 man/man3/d2i_ECPKParameters_bio.3.gz
 man/man3/d2i_ECPKParameters_fp.3.gz
 man/man3/d2i_Netscape_RSA.3.gz
-man/man3/d2i_PKCS8PrivateKey.3.gz
 man/man3/d2i_PKCS8PrivateKey_bio.3.gz
 man/man3/d2i_PKCS8PrivateKey_fp.3.gz
 man/man3/d2i_RSAPrivateKey.3.gz
@@ -1439,7 +1450,6 @@ man/man3/des_read_pw_string.3.gz
 man/man3/dh.3.gz
 man/man3/dsa.3.gz
 man/man3/ec.3.gz
-man/man3/ecdsa.3.gz
 man/man3/engine.3.gz
 man/man3/evp.3.gz
 man/man3/get_session_cb.3.gz
@@ -1491,7 +1501,6 @@ man/man3/lh_node_usage_stats_bio.3.gz
 man/man3/lh_retrieve.3.gz
 man/man3/lh_stats.3.gz
 man/man3/lh_stats_bio.3.gz
-man/man3/lhash.3.gz
 man/man3/mul.3.gz
 man/man3/mul_add.3.gz
 man/man3/new_session_cb.3.gz
@@ -1508,6 +1517,7 @@ man/man3/tls_config_clear_keys.3.gz
 man/man3/tls_config_free.3.gz
 man/man3/tls_config_insecure_noverifycert.3.gz
 man/man3/tls_config_insecure_noverifyname.3.gz
+man/man3/tls_config_insecure_noverifytime.3.gz
 man/man3/tls_config_new.3.gz
 man/man3/tls_config_parse_protocols.3.gz
 man/man3/tls_config_set_ca_file.3.gz
@@ -1528,17 +1538,29 @@ man/man3/tls_connect.3.gz
 man/man3/tls_connect_fds.3.gz
 man/man3/tls_connect_servername.3.gz
 man/man3/tls_connect_socket.3.gz
+man/man3/tls_conn_cipher.3.gz
+man/man3/tls_conn_version.3.gz
 man/man3/tls_error.3.gz
 man/man3/tls_free.3.gz
 man/man3/tls_init.3.gz
 man/man3/tls_load_file.3.gz
+man/man3/tls_peer_cert_notafter.3.gz
+man/man3/tls_peer_cert_notbefore.3.gz
 man/man3/tls_read.3.gz
 man/man3/tls_reset.3.gz
 man/man3/tls_server.3.gz
 man/man3/tls_write.3.gz
+man/man3/tls_config_prefer_ciphers_client.3.gz
+man/man3/tls_config_prefer_ciphers_server.3.gz
+man/man3/tls_config_verify_client.3.gz
+man/man3/tls_config_verify_client_optional.3.gz
+man/man3/tls_handshake.3.gz
+man/man3/tls_peer_cert_contains_name.3.gz
+man/man3/tls_peer_cert_hash.3.gz
+man/man3/tls_peer_cert_issuer.3.gz
+man/man3/tls_peer_cert_provided.3.gz
+man/man3/tls_peer_cert_subject.3.gz
 man/man3/tmp_rsa_callback.3.gz
-man/man3/ui.3.gz
-man/man3/ui_compat.3.gz
 man/man3/verify_callback.3.gz
 man/man3/x509.3.gz
 @dir etc/ssl/certs



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201605032115.u43LFite089350>