Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 7 Jan 2014 20:40:22 +0000 (UTC)
From:      Dirk Meyer <dinoex@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r339031 - in head/security/openssl: . files
Message-ID:  <201401072040.s07KeN7v084781@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: dinoex
Date: Tue Jan  7 20:40:22 2014
New Revision: 339031
URL: http://svnweb.freebsd.org/changeset/ports/339031

Log:
  - Security update to openssl-1.0.1f
  - remove broken patches
  - new fix for perl5.18
  - fix option GMP
  
  Security: http://www.openssl.org/news/vulnerabilities.html
  Security: CVE-2013-4353
  Security: CVE-2013-6449
  Security: CVE-2013-6450
  Security: 5aaa257e-772d-11e3-a65a-3c970e169bc2

Modified:
  head/security/openssl/Makefile
  head/security/openssl/distinfo
  head/security/openssl/files/patch-config

Modified: head/security/openssl/Makefile
==============================================================================
--- head/security/openssl/Makefile	Tue Jan  7 20:33:10 2014	(r339030)
+++ head/security/openssl/Makefile	Tue Jan  7 20:40:22 2014	(r339031)
@@ -3,22 +3,18 @@
 
 PORTNAME=	openssl
 PORTVERSION=	1.0.1
-DISTVERSIONSUFFIX=	e
-PORTREVISION=	8
+DISTVERSIONSUFFIX=	f
+PORTREVISION=	9
 CATEGORIES=	security devel
 MASTER_SITES=	http://www.openssl.org/%SUBDIR%/ \
 		ftp://ftp.openssl.org/%SUBDIR%/ \
 		ftp://ftp.cert.dfn.de/pub/tools/net/openssl/%SUBDIR%/
 MASTER_SITE_SUBDIR=	source
-DIST_SUBDIR=	${DISTNAME}2
+DIST_SUBDIR=	${DISTNAME}
 
 MAINTAINER=	dinoex@FreeBSD.org
 COMMENT=	SSL and crypto library
 
-PATCH_SITES+=	http://www.linuxfromscratch.org/patches/blfs/svn/:pod
-PATCHFILES+=	openssl-1.0.1e-fix_pod_syntax-1.patch:pod
-PATCH_DIST_STRIP=	-p1
-
 .ifdef USE_OPENSSL
 .error You have `USE_OPENSSL' variable defined either in environment or in make(1) arguments. Please undefine and try again.
 .endif
@@ -60,6 +56,24 @@ SUB_FILES=	pkg-message
 OPENSSLDIR=	${PREFIX}/openssl
 MANPREFIX=	${PREFIX}
 
+FIX_POD=apps/cms.pod \
+	apps/smime.pod \
+	ssl/SSL_accept.pod \
+	ssl/SSL_clear.pod \
+	ssl/SSL_COMP_add_compression_method.pod ssl/SSL_connect.pod \
+	ssl/SSL_CTX_add_session.pod ssl/SSL_CTX_load_verify_locations.pod \
+	ssl/SSL_CTX_set_client_CA_list.pod \
+	ssl/SSL_CTX_set_session_id_context.pod \
+	ssl/SSL_CTX_set_ssl_version.pod \
+	ssl/SSL_CTX_use_psk_identity_hint.pod \
+	ssl/SSL_do_handshake.pod \
+	ssl/SSL_read.pod \
+	ssl/SSL_session_reused.pod \
+	ssl/SSL_set_fd.pod \
+	ssl/SSL_set_session.pod \
+	ssl/SSL_shutdown.pod \
+	ssl/SSL_write.pod
+
 MAN1=	CA.pl.1 asn1parse.1 ca.1 ciphers.1 cms.1 crl.1 crl2pkcs7.1 dgst.1 \
 	dhparam.1 dsa.1 dsaparam.1 ec.1 ecparam.1 enc.1 errstr.1 gendsa.1 \
 	genpkey.1 genrsa.1 nseq.1 ocsp.1 openssl.1 passwd.1 pkcs12.1 pkcs7.1 \
@@ -1123,6 +1137,8 @@ PLIST_SUB+=	WITH_RC5="@comment "
 .endif
 
 .if ${PORT_OPTIONS:MPADLOCK}
+BROKEN=		does not build with openssl-1.0.1f
+PATCH_DIST_STRIP=	-p1
 PATCH_SITES+=	http://git.alpinelinux.org/cgit/aports/plain/main/openssl/:padlock
 PATCHFILES+=	0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch:padlock \
 		0002-engines-e_padlock-backport-cvs-head-changes.patch:padlock \
@@ -1131,7 +1147,7 @@ PATCHFILES+=	0001-crypto-hmac-support-EV
 .endif
 
 .if ${PORT_OPTIONS:MGMP}
-EXTRACONFIGURE+=	enable-gmp
+EXTRACONFIGURE+=	enable-gmp -I${LOCALBASE}/include
 IGNORE=	GMP is LGPLv3 and can not be linked
 .else
 EXTRACONFIGURE+=	no-gmp
@@ -1160,6 +1176,10 @@ pre-everything::
 
 .endif
 
+pre-patch:
+	${REINPLACE_CMD} -e 's|^=item \([0-9]\)$$|=item C<\1>|' \
+		${FIX_POD:S,^,${WRKSRC}/doc/,}
+
 post-patch:
 	@${REINPLACE_CMD} -e 's|m4 -B 8192|m4|g' \
 		${WRKSRC}/crypto/des/Makefile

Modified: head/security/openssl/distinfo
==============================================================================
--- head/security/openssl/distinfo	Tue Jan  7 20:33:10 2014	(r339030)
+++ head/security/openssl/distinfo	Tue Jan  7 20:40:22 2014	(r339031)
@@ -1,12 +1,2 @@
-SHA256 (openssl-1.0.1e2/openssl-1.0.1e.tar.gz) = f74f15e8c8ff11aa3d5bb5f276d202ec18d7246e95f961db76054199c69c1ae3
-SIZE (openssl-1.0.1e2/openssl-1.0.1e.tar.gz) = 4459777
-SHA256 (openssl-1.0.1e2/openssl-1.0.1e-fix_pod_syntax-1.patch) = 748fd906d6d50b0183d4795aec4857c5b1e53de1155aaa8512fc775f2c04dbe9
-SIZE (openssl-1.0.1e2/openssl-1.0.1e-fix_pod_syntax-1.patch) = 11743
-SHA256 (openssl-1.0.1e2/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 18dd81fefb39b3328a444774ed10871ed50348ca171d2da9f826f916127b2dae
-SIZE (openssl-1.0.1e2/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 3512
-SHA256 (openssl-1.0.1e2/0002-engines-e_padlock-backport-cvs-head-changes.patch) = 39c31c2e33cded09543a2d1fd2e3238e9d11c672ba71a14d13095baad3ec9696
-SIZE (openssl-1.0.1e2/0002-engines-e_padlock-backport-cvs-head-changes.patch) = 5867
-SHA256 (openssl-1.0.1e2/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = cbb2493ec9157e78035e9cc02be17655996ee9cd0a71b79507fc19f3862f452b
-SIZE (openssl-1.0.1e2/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = 20625
-SHA256 (openssl-1.0.1e2/0004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 157ec6d17add25b96956abc7c44259c91eebe8a6c1026cdb976b895bf42ec56f
-SIZE (openssl-1.0.1e2/0004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 777
+SHA256 (openssl-1.0.1f/openssl-1.0.1f.tar.gz) = 6cc2a80b17d64de6b7bac985745fdaba971d54ffd7d38d3556f998d7c0c9cb5a
+SIZE (openssl-1.0.1f/openssl-1.0.1f.tar.gz) = 4509212

Modified: head/security/openssl/files/patch-config
==============================================================================
--- head/security/openssl/files/patch-config	Tue Jan  7 20:33:10 2014	(r339030)
+++ head/security/openssl/files/patch-config	Tue Jan  7 20:40:22 2014	(r339031)
@@ -9,7 +9,7 @@
 -			    libc=/usr/lib/libc.so
 -			else					# OpenBSD
 -			    # ld searches for highest libc.so.* and so do we
--			    libc=`(ls /usr/lib/libc.so.* | tail -1) 2>/dev/null`
+-			    libc=`(ls /usr/lib/libc.so.* /lib/libc.so.* | tail -1) 2>/dev/null`
 -			fi
 -			case "`(file -L $libc) 2>/dev/null`" in
 +  *86*-*-*bsd*)	



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201401072040.s07KeN7v084781>