Date: Sat, 27 Aug 2016 11:00:44 +0000 (UTC) From: Mathieu Arnold <mat@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r420968 - in head/security/openssl: . files Message-ID: <201608271100.u7RB0iWc007420@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mat Date: Sat Aug 27 11:00:44 2016 New Revision: 420968 URL: https://svnweb.freebsd.org/changeset/ports/420968 Log: Revert the OpenSSL 1.1.0 update, it was not tested. With hat: portmgr Sponsored by: Absolight Added: head/security/openssl/files/patch-Configure - copied unchanged from r420966, head/security/openssl/files/patch-Configure head/security/openssl/files/patch-Makefile - copied unchanged from r420966, head/security/openssl/files/patch-Makefile head/security/openssl/files/patch-RFC-5705 - copied unchanged from r420966, head/security/openssl/files/patch-RFC-5705 head/security/openssl/files/patch-dsa_ossl.c - copied unchanged from r420966, head/security/openssl/files/patch-dsa_ossl.c head/security/openssl/files/patch-md5.c - copied unchanged from r420966, head/security/openssl/files/patch-md5.c head/security/openssl/files/patch-openbsd__hw.c - copied unchanged from r420966, head/security/openssl/files/patch-openbsd__hw.c head/security/openssl/files/patch-s3_srvr.c - copied unchanged from r420966, head/security/openssl/files/patch-s3_srvr.c head/security/openssl/files/patch-srtp.h - copied unchanged from r420966, head/security/openssl/files/patch-srtp.h head/security/openssl/files/patch-ssl_sess.c - copied unchanged from r420966, head/security/openssl/files/patch-ssl_sess.c head/security/openssl/files/patch-t1_lib.c - copied unchanged from r420966, head/security/openssl/files/patch-t1_lib.c head/security/openssl/files/patch-testssl - copied unchanged from r420966, head/security/openssl/files/patch-testssl Modified: head/security/openssl/Makefile head/security/openssl/distinfo head/security/openssl/files/patch-config head/security/openssl/pkg-plist head/security/openssl/version.mk Modified: head/security/openssl/Makefile ============================================================================== --- head/security/openssl/Makefile Sat Aug 27 09:59:48 2016 (r420967) +++ head/security/openssl/Makefile Sat Aug 27 11:00:44 2016 (r420968) @@ -2,8 +2,10 @@ # $FreeBSD$ PORTNAME= openssl -PORTVERSION= 1.1.0 -#DISTVERSIONSUFFIX= a +PORTVERSION= 1.0.2 +DISTVERSIONSUFFIX= h +PORTREVISION= 14 +PORTEPOCH= 1 CATEGORIES= security devel MASTER_SITES= http://www.openssl.org/source/ \ ftp://ftp.openssl.org/source/ \ @@ -22,13 +24,8 @@ CONFLICTS= libressl-[0-9]* \ libressl-devel-[0-9]* \ openssl-devel-[0-9]* -HAS_CONFIGURE= yes -CONFIGURE_SCRIPT= config -CONFIGURE_ENV= PERL="${PERL}" -CONFIGURE_ARGS= --openssldir=${OPENSSLDIR} ${EXTRACONFIGURE} - -OPTIONS_DEFINE= SHARED THREADS SSE2 ASM ZLIB SCTP SSL3 RFC3779 RC5 DOCS MAN3 -OPTIONS_DEFAULT=SHARED THREADS SSE2 SCTP MAN3 +OPTIONS_DEFINE= SHARED THREADS SSE2 ASM PADLOCK ZLIB GMP SCTP SSL2 SSL3 RFC3779 MD2 RC5 EXPCIPHERS DOCS MAN3 +OPTIONS_DEFAULT=SHARED THREADS SSE2 SCTP SSL2 SSL3 MD2 MAN3 OPTIONS_DEFINE_i386= I386 .for a in amd64 ia64 OPTIONS_DEFINE_${a}= EC @@ -44,43 +41,28 @@ OPTIONS_SUB= yes I386_DESC?= Optimize for i386 (instead of i486+) SSE2_DESC?= runtime SSE2 detection ASM_DESC?= optimized Assembler code +PADLOCK_DESC?= VIA Padlock support SHARED_DESC?= build of shared libs ZLIB_DESC?= zlib compression support GMP_DESC?= gmp support (LGPLv3) SCTP_DESC?= SCTP protocol support +SSL2_DESC?= SSLv2 protocol support SSL3_DESC?= SSLv3 protocol support RFC3779_DESC?= RFC3779 support (BGP) +MD2_DESC?= MD2 hash (obsolete) RC5_DESC?= RC5 cipher (patented) +EXPCIPHERS_DESC?= Include experimental ciphers EC_DESC?= Optimize NIST elliptic curves MAN3_DESC?= Install API manpages (section 3) -USES= cpe perl5 +GMP_LIB_DEPENDS= libgmp.so:math/gmp + +USES= perl5 cpe USE_PERL5= build MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS= SUB_FILES= pkg-message -SHARED_CONFIGURE_ON= shared -SHARED_PLIST_SUB= SHLIBVER=${OPENSSL_SHLIBVER} -THREADS_CONFIGURE_ON= threads -THREADS_CONFIGURE_OFF= no-threads -ZLIB_CONFIGURE_ON= zlib zlib-dynamic -ZLIB_CONFIGURE_OFF= no-zlib no-zlib-dynamic -SCTP_CONFIGURE_ON= sctp -SCTP_CONFIGURE_OFF= no-sctp -SSE2_CONFIGURE_OFF= no-sse2 -ASM_CONFIGURE_ON= asm -ASM_CONFIGURE_OFF= no-asm -SSL3_CONFIGURE_ON= enable-ssl3 -SSL3_CONFIGURE_OFF= no-ssl3 no-ssl3-method -RFC3779_CONFIGURE_ON= enable-rfc3779 -RFC3779_CONFIGURE_OFF= no-rfc3779 -RC5_CONFIGURE_ON= enable-rc5 -RC5_CONFIGURE_OFF= no-rc5 -I386_CONFIGURE_ON= 386 -EC_CONFIGURE_ON= enable-ec_nistp_64_gcc_128 -EC_CONFIGURE_OFF= no-ec_nistp_64_gcc_128 - .include <bsd.port.pre.mk> .if ${PREFIX} == /usr @@ -93,17 +75,103 @@ PLIST_SUB+= OPENSSLDIR=${OPENSSLDIR:S=^$ OPENSSL_BASE_SONAME!= readlink ${DESTDIR}/usr/lib/libcrypto.so || true OPENSSL_SHLIBVER_BASE= ${OPENSSL_BASE_SONAME:E} OPENSSL_BASE_SOPATH= ${OPENSSL_BASE_SONAME:H} +OPENSSL_SHLIBVER?= 8 + +.if ${PORT_OPTIONS:MI386} +.if ${ARCH} == "i386" +EXTRACONFIGURE+= 386 +.endif +.endif -.include "version.mk" +.if empty(PORT_OPTIONS:MSSE2) +# disable runtime SSE2 detection +EXTRACONFIGURE+= no-sse2 +.endif .if ${PORT_OPTIONS:MASM} BROKEN_sparc64= option ASM generates illegal instructions +EXTRACONFIGURE+= enable-asm +.else +EXTRACONFIGURE+= no-asm +.endif + +.if ${PORT_OPTIONS:MTHREADS} +EXTRACONFIGURE+= threads +.else +EXTRACONFIGURE+= no-threads .endif .if ${PORT_OPTIONS:MSHARED} +EXTRACONFIGURE+= shared +MAKE_ENV+= SHLIBVER=${OPENSSL_SHLIBVER} +PLIST_SUB+= SHLIBVER=${OPENSSL_SHLIBVER} USE_LDCONFIG= yes .endif +.if ${PORT_OPTIONS:MZLIB} +EXTRACONFIGURE+= zlib zlib-dynamic +.else +EXTRACONFIGURE+= no-zlib no-zlib-dynamic +.endif + +.if ${PORT_OPTIONS:MSCTP} +EXTRACONFIGURE+= sctp +.else +EXTRACONFIGURE+= no-sctp +.endif + +.if ${PORT_OPTIONS:MSSL2} +EXTRACONFIGURE+= enable-ssl2 +.else +EXTRACONFIGURE+= no-ssl2 +.endif + +.if ${PORT_OPTIONS:MSSL3} +EXTRACONFIGURE+= enable-ssl3 +.else +EXTRACONFIGURE+= no-ssl3 no-ssl3-method +.endif + +.if ${PORT_OPTIONS:MMD2} +EXTRACONFIGURE+= enable-md2 +.else +EXTRACONFIGURE+= no-md2 +.endif + +.if ${PORT_OPTIONS:MRC5} +EXTRACONFIGURE+= enable-rc5 +.else +EXTRACONFIGURE+= no-rc5 +.endif + +.if ${PORT_OPTIONS:MPADLOCK} +PATCH_DIST_STRIP= -p1 +PATCH_SITES+= http://git.alpinelinux.org/cgit/aports/plain/main/openssl/:padlock +PATCHFILES+= 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch:padlock \ + 1002-backport-changes-from-upstream-padlock-module.patch:padlock \ + 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch:padlock \ + 1004-crypto-engine-autoload-padlock-dynamic-engine.patch:padlock +.endif + +.if ${PORT_OPTIONS:MGMP} +EXTRACONFIGURE+= enable-gmp -I${LOCALBASE}/include +IGNORE= can not be linked because GMP is LGPLv3 +.else +EXTRACONFIGURE+= no-gmp +.endif + +.if ${PORT_OPTIONS:MRFC3779} +EXTRACONFIGURE+= enable-rfc3779 +.else +EXTRACONFIGURE+= no-rfc3779 +.endif + +.if ${PORT_OPTIONS:MEC} +EXTRACONFIGURE+= enable-ec_nistp_64_gcc_128 +.else +EXTRACONFIGURE+= no-ec_nistp_64_gcc_128 +.endif + .if ${OPENSSL_SHLIBVER_BASE} > ${OPENSSL_SHLIBVER} pre-everything:: @${ECHO_CMD} "#" @@ -116,30 +184,47 @@ pre-everything:: .endif post-patch: + ${REINPLACE_CMD} -e 's|m4 -B 8192|m4|g' \ + ${WRKSRC}/crypto/des/Makefile + ${REINPLACE_CMD} -e 's|SHLIB_VERSION_NUMBER "1.0.0"|SHLIB_VERSION_NUMBER "${OPENSSL_SHLIBVER}"|' \ + ${WRKSRC}/crypto/opensslv.h + ${REINPLACE_CMD} -e 's|ERR_R_MALLOC_ERROR|ERR_R_MALLOC_FAILURE|' \ + ${WRKSRC}/crypto/bio/bss_dgram.c +.if ${PORT_OPTIONS:MEXPCIPHERS} + ${REINPLACE_CMD} -e 's|TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0|TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1|' \ + ${WRKSRC}/ssl/tls1.h +.endif + +do-configure: + ${REINPLACE_CMD} -e "s|options 386|options|" \ + ${WRKSRC}/config + cd ${WRKSRC} \ + && ${SETENV} CC="${CC}" FREEBSDCC="${CC}" CFLAGS="${CFLAGS}" PERL="${PERL}" \ + ./config --prefix=${PREFIX} --openssldir=${OPENSSLDIR} \ + --install_prefix=${STAGEDIR} \ + -L${PREFIX}/lib ${EXTRACONFIGURE} ${REINPLACE_CMD} \ - -e 's|^MANDIR=.*$$|MANDIR=$$(INSTALLTOP)/man|' \ - -e 's| install_html_docs$$||' \ + -e 's|^MANDIR=.*$$|MANDIR=$$(PREFIX)/man|' \ -e 's|$$(LIBDIR)/pkgconfig|libdata/pkgconfig|g' \ - ${WRKSRC}/Configurations/unix-Makefile.tmpl - -post-configure: - ${REINPLACE_CMD} \ - -e 's|.(SHLIB_MAJOR)[.].(SHLIB_MINOR)|${OPENSSL_SHLIBVER}|g' \ + -e 's|LIBVERSION=[^ ]* |LIBVERSION=${OPENSSL_SHLIBVER} |' \ ${WRKSRC}/Makefile - ${REINPLACE_CMD} \ - -e 's|SHLIB_VERSION_NUMBER "1.1"|SHLIB_VERSION_NUMBER "${OPENSSL_SHLIBVER}"|' \ - ${WRKSRC}/include/openssl/opensslv.h post-install: - ${RM} -f ${STAGEDIR}${OPENSSLDIR}/openssl.cnf - ${RM} -f ${STAGEDIR}${PREFIX}/man/man7/ct.7.gz - -post-install-MAN3-off: +.if ${PORT_OPTIONS:MSHARED} +.for i in libcrypto libssl + ${INSTALL_DATA} ${WRKSRC}/$i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib + ${LN} -sf $i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib/$i.so +.endfor +.endif .if empty(PORT_OPTIONS:MMAN3) ${RM} -rf ${STAGEDIR}/${PREFIX}/man/man3 ${REINPLACE_CMD} -e 's|^man/man3/.*||' ${TMPPLIST} .endif +post-install-DOCS-on: + ${MKDIR} ${STAGEDIR}${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}/doc/openssl.txt ${STAGEDIR}${DOCSDIR}/ + test: build cd ${WRKSRC} && ${MAKE} test Modified: head/security/openssl/distinfo ============================================================================== --- head/security/openssl/distinfo Sat Aug 27 09:59:48 2016 (r420967) +++ head/security/openssl/distinfo Sat Aug 27 11:00:44 2016 (r420968) @@ -1,3 +1,10 @@ -TIMESTAMP = 1472208347 -SHA256 (openssl-1.1.0/openssl-1.1.0.tar.gz) = f5c69ff9ac1472c80b868efc1c1c0d8dcfc746d29ebe563de2365dd56dbd8c82 -SIZE (openssl-1.1.0/openssl-1.1.0.tar.gz) = 5146831 +SHA256 (openssl-1.0.2h/openssl-1.0.2h.tar.gz) = 1d4007e53aad94a5b2002fe045ee7bb0b3d98f1a47f8b2bc851dcd1c74332919 +SIZE (openssl-1.0.2h/openssl-1.0.2h.tar.gz) = 5274412 +SHA256 (openssl-1.0.2h/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 2eddcb7ab342285cb637ce6b6be143cca835f449f35dd9bb8c7b9167ba2117a7 +SIZE (openssl-1.0.2h/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 3717 +SHA256 (openssl-1.0.2h/1002-backport-changes-from-upstream-padlock-module.patch) = aee88a24622ce9d71e38deeb874e58435dcf8ff5690f56194f0e4a00fb09b260 +SIZE (openssl-1.0.2h/1002-backport-changes-from-upstream-padlock-module.patch) = 5770 +SHA256 (openssl-1.0.2h/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = c10b8aaf56a4f4f79ca195fc587e0bb533f643e777d7a3e6fb0350399a6060ea +SIZE (openssl-1.0.2h/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = 20935 +SHA256 (openssl-1.0.2h/1004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 97eb4411d0fc0890e94bc7c2d682f68b71135da782af769ca73914b37da2b1fd +SIZE (openssl-1.0.2h/1004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 832 Copied: head/security/openssl/files/patch-Configure (from r420966, head/security/openssl/files/patch-Configure) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-Configure Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-Configure) @@ -0,0 +1,45 @@ +--- Configure.orig 2015-06-11 15:50:11.000000000 +0200 ++++ Configure 2015-06-12 16:20:39.000000000 +0200 +@@ -467,19 +467,20 @@ + "android-mips","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + + #### *BSD [do see comment about ${BSDthreads} above!] +-"BSD-generic32","gcc:-O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"BSD-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"BSD-sparcv8", "gcc:-DB_ENDIAN -O3 -mcpu=v8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"BSD-generic32","$ENV{'FREEBSDCC'}:-O3 -fomit-frame-pointer -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", ++"BSD-x86", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIBVER)", ++"BSD-x86-elf", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIBVER)", ++"debug-BSD-x86-elf", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -Wall -g $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIBVER)", ++"BSD-sparcv8", "$ENV{'FREEBSDCC'}:-DB_ENDIAN -O3 -mcpu=v8 -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", + +-"BSD-generic64","gcc:-O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"BSD-generic64","$ENV{'FREEBSDCC'}:-O3 -Wall $ENV{'CFLAGS'}::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", + # -DMD32_REG_T=int doesn't actually belong in sparc64 target, it + # simply *happens* to work around a compiler bug in gcc 3.3.3, + # triggered by RIPEMD160 code. +-"BSD-sparc64", "gcc:-DB_ENDIAN -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"BSD-ia64", "gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"BSD-x86_64", "cc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"BSD-sparc64", "$ENV{'FREEBSDCC'}:-DB_ENDIAN -O3 -DMD32_REG_T=int -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", ++"BSD-ia64", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -Wall $ENV{'CFLAGS'}::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", ++"BSD-x86_64", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -Wall $ENV{'CFLAGS'}::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", ++"BSD-alpha", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O -Wall $ENV{'CFLAGS'}::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)", + + "bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + +@@ -2019,10 +2020,12 @@ + if ( $perl =~ m@^/@) { + &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";'); + &dofile("apps/CA.pl",$perl,'^#!/', '#!%s'); ++ &dofile("apps/tsget",$perl,'^#!/', '#!%s'); + } else { + # No path for Perl known ... + &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";'); + &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s'); ++ &dofile("apps/tsget",'/usr/local/bin/perl',,'^#!/', '#!%s'); + } + if ($depflags ne $default_depflags && !$make_depend) { + print <<EOF; Copied: head/security/openssl/files/patch-Makefile (from r420966, head/security/openssl/files/patch-Makefile) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-Makefile Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-Makefile) @@ -0,0 +1,11 @@ +--- apps/Makefile.orig Tue Aug 10 11:09:07 2004 ++++ apps/Makefile Tue Oct 26 07:00:51 2004 +@@ -112,7 +112,7 @@ + done + @cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \ + chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \ +- mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf ++ mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.sample + + tags: + ctags $(SRC) Copied: head/security/openssl/files/patch-RFC-5705 (from r420966, head/security/openssl/files/patch-RFC-5705) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-RFC-5705 Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-RFC-5705) @@ -0,0 +1,38 @@ +--- ssl/ssl.h 6 Jan 2010 17:37:38 -0000 1.221.2.24 ++++ ssl/ssl.h 17 Jun 2010 12:25:35 -0000 +@@ -1806,6 +1806,10 @@ + /* Pre-shared secret session resumption functions */ + int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); + ++void SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len, ++ unsigned char *context, int context_len, ++ unsigned char *out, int olen); ++ + /* BEGIN ERROR CODES */ + /* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + +--- ssl/t1_enc.c.orig 2015-01-22 15:58:32.000000000 +0100 ++++ ssl/t1_enc.c 2015-03-10 07:21:12.000000000 +0100 +@@ -1261,6 +1261,21 @@ + return (rv); + } + ++void SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len, ++ unsigned char *context, int context_len, ++ unsigned char *out, int olen) ++ { ++ unsigned char tmp[olen]; ++ ++ tls1_PRF(s->s3->tmp.new_cipher->algorithm2, ++ label, label_len, ++ s->s3->client_random,SSL3_RANDOM_SIZE, ++ s->s3->server_random,SSL3_RANDOM_SIZE, ++ context, context_len, NULL, 0, ++ s->session->master_key, s->session->master_key_length, ++ out, tmp, olen); ++ } ++ + int tls1_alert_code(int code) + { + switch (code) { Modified: head/security/openssl/files/patch-config ============================================================================== --- head/security/openssl/files/patch-config Sat Aug 27 09:59:48 2016 (r420967) +++ head/security/openssl/files/patch-config Sat Aug 27 11:00:44 2016 (r420968) @@ -1,6 +1,6 @@ ---- config.orig 2016-03-16 18:21:18.000000000 +0100 -+++ config 2016-04-09 13:25:19.138246000 +0200 -@@ -713,14 +713,8 @@ +--- config.orig 2013-06-16 07:01:13.038797248 -0500 ++++ config 2013-06-16 07:01:18.138794838 -0500 +@@ -734,14 +734,8 @@ sparc64-*-*bsd*) OUT="BSD-sparc64" ;; ia64-*-*bsd*) OUT="BSD-ia64" ;; amd64-*-*bsd*) OUT="BSD-x86_64" ;; Copied: head/security/openssl/files/patch-dsa_ossl.c (from r420966, head/security/openssl/files/patch-dsa_ossl.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-dsa_ossl.c Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-dsa_ossl.c) @@ -0,0 +1,35 @@ + +Fix DSA, preserve BN_FLG_CONSTTIME + +Operations in the DSA signing algorithm should run in constant time in +order to avoid side channel attacks. A flaw in the OpenSSL DSA +implementation means that a non-constant time codepath is followed for +certain operations. This has been demonstrated through a cache-timing +attack to be sufficient for an attacker to recover the private DSA key. + +CVE-2016-2178 + +--- crypto/dsa/dsa_ossl.c.orig 2016-05-03 15:44:42.000000000 +0200 ++++ crypto/dsa/dsa_ossl.c 2016-06-12 22:57:49.000000000 +0200 +@@ -248,9 +248,6 @@ + if (!BN_rand_range(&k, dsa->q)) + goto err; + while (BN_is_zero(&k)) ; +- if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { +- BN_set_flags(&k, BN_FLG_CONSTTIME); +- } + + if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { + if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, +@@ -282,6 +279,11 @@ + } else { + K = &k; + } ++ ++ if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { ++ BN_set_flags(&k, BN_FLG_CONSTTIME); ++ } ++ + DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx, + dsa->method_mont_p); + if (!BN_mod(r, r, dsa->q, ctx)) Copied: head/security/openssl/files/patch-md5.c (from r420966, head/security/openssl/files/patch-md5.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-md5.c Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-md5.c) @@ -0,0 +1,11 @@ +--- crypto/md5/md5.c.orig 2015-01-22 15:58:32.000000000 +0100 ++++ crypto/md5/md5.c 2015-03-10 07:02:19.000000000 +0100 +@@ -83,7 +83,7 @@ + err++; + continue; + } +- printf("MD5(%s)= ", argv[i]); ++ printf("MD5 (%s) = ", argv[i]); + do_fp(IN); + fclose(IN); + } Copied: head/security/openssl/files/patch-openbsd__hw.c (from r420966, head/security/openssl/files/patch-openbsd__hw.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-openbsd__hw.c Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-openbsd__hw.c) @@ -0,0 +1,14 @@ +--- crypto/evp/openbsd_hw.c.orig 2015-01-22 15:58:32.000000000 +0100 ++++ crypto/evp/openbsd_hw.c 2015-03-10 07:08:45.000000000 +0100 +@@ -108,7 +108,10 @@ + dev_failed = 1; + return 0; + } +- close(cryptodev_fd); ++ if (fd == -1) ++ fd = cryptodev_fd; ++ else ++ close(cryptodev_fd); + } + assert(ses); + memset(ses, '\0', sizeof *ses); Copied: head/security/openssl/files/patch-s3_srvr.c (from r420966, head/security/openssl/files/patch-s3_srvr.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-s3_srvr.c Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-s3_srvr.c) @@ -0,0 +1,66 @@ +CVE-2016-2177 + +--- ssl/s3_srvr.c.orig ++++ ssl/s3_srvr.c +@@ -980,7 +980,7 @@ int ssl3_get_client_hello(SSL *s) + + session_length = *(p + SSL3_RANDOM_SIZE); + +- if (p + SSL3_RANDOM_SIZE + session_length + 1 >= d + n) { ++ if (SSL3_RANDOM_SIZE + session_length + 1 >= (d + n) - p) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); + goto f_err; +@@ -998,7 +998,7 @@ int ssl3_get_client_hello(SSL *s) + /* get the session-id */ + j = *(p++); + +- if (p + j > d + n) { ++ if ((d + n) - p < j) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); + goto f_err; +@@ -1054,14 +1054,14 @@ int ssl3_get_client_hello(SSL *s) + + if (SSL_IS_DTLS(s)) { + /* cookie stuff */ +- if (p + 1 > d + n) { ++ if ((d + n) - p < 1) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + cookie_len = *(p++); + +- if (p + cookie_len > d + n) { ++ if ((d + n ) - p < cookie_len) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); + goto f_err; +@@ -1131,7 +1131,7 @@ int ssl3_get_client_hello(SSL *s) + } + } + +- if (p + 2 > d + n) { ++ if ((d + n ) - p < 2) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); + goto f_err; +@@ -1145,7 +1145,7 @@ int ssl3_get_client_hello(SSL *s) + } + + /* i bytes of cipher data + 1 byte for compression length later */ +- if ((p + i + 1) > (d + n)) { ++ if ((d + n) - p < i + 1) { + /* not enough data */ + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); +@@ -1211,7 +1211,7 @@ int ssl3_get_client_hello(SSL *s) + + /* compression */ + i = *(p++); +- if ((p + i) > (d + n)) { ++ if ((d + n) - p < i) { + /* not enough data */ + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); Copied: head/security/openssl/files/patch-srtp.h (from r420966, head/security/openssl/files/patch-srtp.h) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-srtp.h Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-srtp.h) @@ -0,0 +1,10 @@ +--- ssl/srtp.h.orig 2015-03-19 14:30:36.000000000 +0100 ++++ ssl/srtp.h 2015-03-19 21:12:51.000000000 +0100 +@@ -136,7 +136,6 @@ + int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles); + + STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl); +-SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); + + # endif + Copied: head/security/openssl/files/patch-ssl_sess.c (from r420966, head/security/openssl/files/patch-ssl_sess.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-ssl_sess.c Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-ssl_sess.c) @@ -0,0 +1,13 @@ +CVE-2016-2177 + +--- ssl/ssl_sess.c.orig ++++ ssl/ssl_sess.c +@@ -573,7 +573,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, + int r; + #endif + +- if (session_id + len > limit) { ++ if (limit - session_id < len) { + fatal = 1; + goto err; + } Copied: head/security/openssl/files/patch-t1_lib.c (from r420966, head/security/openssl/files/patch-t1_lib.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-t1_lib.c Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-t1_lib.c) @@ -0,0 +1,163 @@ +CVE-2016-2177 + +--- ssl/t1_lib.c.orig ++++ ssl/t1_lib.c +@@ -1867,11 +1867,11 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, + 0x02, 0x03, /* SHA-1/ECDSA */ + }; + +- if (data >= (limit - 2)) ++ if (limit - data <= 2) + return; + data += 2; + +- if (data > (limit - 4)) ++ if (limit - data < 4) + return; + n2s(data, type); + n2s(data, size); +@@ -1879,7 +1879,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, + if (type != TLSEXT_TYPE_server_name) + return; + +- if (data + size > limit) ++ if (limit - data < size) + return; + data += size; + +@@ -1887,7 +1887,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, + const size_t len1 = sizeof(kSafariExtensionsBlock); + const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock); + +- if (data + len1 + len2 != limit) ++ if (limit - data != (int)(len1 + len2)) + return; + if (memcmp(data, kSafariExtensionsBlock, len1) != 0) + return; +@@ -1896,7 +1896,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, + } else { + const size_t len = sizeof(kSafariExtensionsBlock); + +- if (data + len != limit) ++ if (limit - data != (int)(len)) + return; + if (memcmp(data, kSafariExtensionsBlock, len) != 0) + return; +@@ -2053,19 +2053,19 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, + if (data == limit) + goto ri_check; + +- if (data > (limit - 2)) ++ if (limit - data < 2) + goto err; + + n2s(data, len); + +- if (data + len != limit) ++ if (limit - data != len) + goto err; + +- while (data <= (limit - 4)) { ++ while (limit - data >= 4) { + n2s(data, type); + n2s(data, size); + +- if (data + size > (limit)) ++ if (limit - data < size) + goto err; + # if 0 + fprintf(stderr, "Received extension type %d size %d\n", type, size); +@@ -2472,18 +2472,18 @@ static int ssl_scan_clienthello_custom_tlsext(SSL *s, + if (s->hit || s->cert->srv_ext.meths_count == 0) + return 1; + +- if (data >= limit - 2) ++ if (limit - data <= 2) + return 1; + n2s(data, len); + +- if (data > limit - len) ++ if (limit - data < len) + return 1; + +- while (data <= limit - 4) { ++ while (limit - data >= 4) { + n2s(data, type); + n2s(data, size); + +- if (data + size > limit) ++ if (limit - data < size) + return 1; + if (custom_ext_parse(s, 1 /* server */ , type, data, size, al) <= 0) + return 0; +@@ -2569,20 +2569,20 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, + SSL_TLSEXT_HB_DONT_SEND_REQUESTS); + # endif + +- if (data >= (d + n - 2)) ++ if ((d + n) - data <= 2) + goto ri_check; + + n2s(data, length); +- if (data + length != d + n) { ++ if ((d + n) - data != length) { + *al = SSL_AD_DECODE_ERROR; + return 0; + } + +- while (data <= (d + n - 4)) { ++ while ((d + n) - data >= 4) { + n2s(data, type); + n2s(data, size); + +- if (data + size > (d + n)) ++ if ((d + n) - data < size) + goto ri_check; + + if (s->tlsext_debug_cb) +@@ -3307,29 +3307,33 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, + /* Skip past DTLS cookie */ + if (SSL_IS_DTLS(s)) { + i = *(p++); +- p += i; +- if (p >= limit) ++ ++ if (limit - p <= i) + return -1; ++ ++ p += i; + } + /* Skip past cipher list */ + n2s(p, i); +- p += i; +- if (p >= limit) ++ if (limit - p <= i) + return -1; ++ p += i; ++ + /* Skip past compression algorithm list */ + i = *(p++); +- p += i; +- if (p > limit) ++ if (limit - p < i) + return -1; ++ p += i; ++ + /* Now at start of extensions */ +- if ((p + 2) >= limit) ++ if (limit - p <= 2) + return 0; + n2s(p, i); +- while ((p + 4) <= limit) { ++ while (limit - p >= 4) { + unsigned short type, size; + n2s(p, type); + n2s(p, size); +- if (p + size > limit) ++ if (limit - p < size) + return 0; + if (type == TLSEXT_TYPE_session_ticket) { + int r; +-- +1.9.1 + Copied: head/security/openssl/files/patch-testssl (from r420966, head/security/openssl/files/patch-testssl) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-testssl Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-testssl) @@ -0,0 +1,39 @@ +--- test/testssl.orig 2015-06-11 15:50:11.000000000 +0200 ++++ test/testssl 2015-06-12 13:43:32.000000000 +0200 +@@ -102,28 +102,28 @@ + $ssltest $extra || exit 1 + + echo test dtlsv1 +-$ssltest -dtls1 $extra || exit 1 ++#$ssltest -dtls1 $extra || exit 1 + + echo test dtlsv1 with server authentication +-$ssltest -dtls1 -server_auth $CA $extra || exit 1 ++#$ssltest -dtls1 -server_auth $CA $extra || exit 1 + + echo test dtlsv1 with client authentication +-$ssltest -dtls1 -client_auth $CA $extra || exit 1 ++#$ssltest -dtls1 -client_auth $CA $extra || exit 1 + + echo test dtlsv1 with both client and server authentication +-$ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1 ++#$ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1 + + echo test dtlsv1.2 +-$ssltest -dtls12 $extra || exit 1 ++#$ssltest -dtls12 $extra || exit 1 + + echo test dtlsv1.2 with server authentication +-$ssltest -dtls12 -server_auth $CA $extra || exit 1 ++#$ssltest -dtls12 -server_auth $CA $extra || exit 1 + + echo test dtlsv1.2 with client authentication +-$ssltest -dtls12 -client_auth $CA $extra || exit 1 ++#$ssltest -dtls12 -client_auth $CA $extra || exit 1 + + echo test dtlsv1.2 with both client and server authentication +-$ssltest -dtls12 -server_auth -client_auth $CA $extra || exit 1 ++#$ssltest -dtls12 -server_auth -client_auth $CA $extra || exit 1 + + if [ $dsa_cert = NO ]; then + echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair' Modified: head/security/openssl/pkg-plist ============================================================================== --- head/security/openssl/pkg-plist Sat Aug 27 09:59:48 2016 (r420967) +++ head/security/openssl/pkg-plist Sat Aug 27 11:00:44 2016 (r420968) @@ -4,7 +4,6 @@ include/openssl/aes.h include/openssl/asn1.h include/openssl/asn1_mac.h include/openssl/asn1t.h -include/openssl/async.h include/openssl/bio.h include/openssl/blowfish.h include/openssl/bn.h @@ -17,10 +16,11 @@ include/openssl/comp.h include/openssl/conf.h include/openssl/conf_api.h include/openssl/crypto.h -include/openssl/ct.h include/openssl/des.h +include/openssl/des_old.h include/openssl/dh.h include/openssl/dsa.h +include/openssl/dso.h include/openssl/dtls1.h include/openssl/e_os2.h include/openssl/ebcdic.h @@ -32,9 +32,10 @@ include/openssl/err.h include/openssl/evp.h include/openssl/hmac.h include/openssl/idea.h -include/openssl/kdf.h +include/openssl/krb5_asn.h +include/openssl/kssl.h include/openssl/lhash.h -include/openssl/md2.h +%%MD2%%include/openssl/md2.h include/openssl/md4.h include/openssl/md5.h include/openssl/mdc2.h @@ -49,6 +50,7 @@ include/openssl/pem.h include/openssl/pem2.h include/openssl/pkcs12.h include/openssl/pkcs7.h +include/openssl/pqueue.h include/openssl/rand.h include/openssl/rc2.h include/openssl/rc4.h @@ -62,6 +64,7 @@ include/openssl/srp.h include/openssl/srtp.h include/openssl/ssl.h include/openssl/ssl2.h +include/openssl/ssl23.h include/openssl/ssl3.h include/openssl/stack.h include/openssl/symhacks.h @@ -69,12 +72,23 @@ include/openssl/tls1.h include/openssl/ts.h include/openssl/txt_db.h include/openssl/ui.h +include/openssl/ui_compat.h include/openssl/whrlpool.h include/openssl/x509.h include/openssl/x509_vfy.h include/openssl/x509v3.h -%%SHARED%%lib/engines-1.1/capi.so -%%SHARED%%lib/engines-1.1/padlock.so +%%SHARED%%lib/engines/lib4758cca.so +%%SHARED%%lib/engines/libaep.so +%%SHARED%%lib/engines/libatalla.so +%%SHARED%%lib/engines/libcapi.so +%%SHARED%%lib/engines/libchil.so +%%SHARED%%lib/engines/libcswift.so +%%SHARED%%lib/engines/libgmp.so +%%SHARED%%lib/engines/libgost.so +%%SHARED%%lib/engines/libnuron.so +%%SHARED%%lib/engines/libpadlock.so +%%SHARED%%lib/engines/libsureware.so +%%SHARED%%lib/engines/libubsec.so lib/libcrypto.a %%SHARED%%lib/libcrypto.so %%SHARED%%lib/libcrypto.so.%%SHLIBVER%% @@ -86,8 +100,6 @@ libdata/pkgconfig/libssl.pc libdata/pkgconfig/openssl.pc man/man1/CA.pl.1.gz man/man1/asn1parse.1.gz -man/man1/blake2b.1.gz -man/man1/blake2s.1.gz man/man1/c_rehash.1.gz man/man1/ca.1.gz man/man1/ciphers.1.gz @@ -98,15 +110,15 @@ man/man1/dgst.1.gz man/man1/dhparam.1.gz man/man1/dsa.1.gz man/man1/dsaparam.1.gz +man/man1/dss1.1.gz man/man1/ec.1.gz man/man1/ecparam.1.gz man/man1/enc.1.gz -man/man1/engine.1.gz man/man1/errstr.1.gz man/man1/gendsa.1.gz man/man1/genpkey.1.gz man/man1/genrsa.1.gz -man/man1/list.1.gz +man/man1/md2.1.gz man/man1/md4.1.gz man/man1/md5.1.gz man/man1/mdc2.1.gz @@ -121,7 +133,6 @@ man/man1/pkey.1.gz man/man1/pkeyparam.1.gz man/man1/pkeyutl.1.gz man/man1/rand.1.gz -man/man1/rehash.1.gz man/man1/req.1.gz man/man1/ripemd160.1.gz man/man1/rsa.1.gz @@ -144,35 +155,14 @@ man/man1/tsget.1.gz man/man1/verify.1.gz man/man1/version.1.gz man/man1/x509.1.gz -man/man3/ACCESS_DESCRIPTION_free.3.gz -man/man3/ACCESS_DESCRIPTION_new.3.gz -man/man3/ASIdOrRange_free.3.gz -man/man3/ASIdOrRange_new.3.gz -man/man3/ASIdentifierChoice_free.3.gz -man/man3/ASIdentifierChoice_new.3.gz -man/man3/ASIdentifiers_free.3.gz -man/man3/ASIdentifiers_new.3.gz -man/man3/ASN1_ENUMERATED_get.3.gz -man/man3/ASN1_ENUMERATED_get_int64.3.gz -man/man3/ASN1_ENUMERATED_set.3.gz -man/man3/ASN1_ENUMERATED_set_int64.3.gz -man/man3/ASN1_ENUMERATED_to_BN.3.gz -man/man3/ASN1_INTEGER_get.3.gz -man/man3/ASN1_INTEGER_get_int64.3.gz -man/man3/ASN1_INTEGER_get_uint64.3.gz -man/man3/ASN1_INTEGER_set.3.gz -man/man3/ASN1_INTEGER_set_int64.3.gz -man/man3/ASN1_INTEGER_set_uint64.3.gz -man/man3/ASN1_INTEGER_to_BN.3.gz -man/man3/ASN1_ITEM.3.gz man/man3/ASN1_OBJECT_free.3.gz man/man3/ASN1_OBJECT_new.3.gz man/man3/ASN1_STRING_cmp.3.gz man/man3/ASN1_STRING_data.3.gz man/man3/ASN1_STRING_dup.3.gz man/man3/ASN1_STRING_free.3.gz -man/man3/ASN1_STRING_get0_data.3.gz man/man3/ASN1_STRING_length.3.gz +man/man3/ASN1_STRING_length_set.3.gz man/man3/ASN1_STRING_new.3.gz man/man3/ASN1_STRING_print.3.gz man/man3/ASN1_STRING_print_ex.3.gz @@ -187,39 +177,9 @@ man/man3/ASN1_TIME_diff.3.gz man/man3/ASN1_TIME_print.3.gz man/man3/ASN1_TIME_set.3.gz man/man3/ASN1_TIME_set_string.3.gz -man/man3/ASN1_TYPE_cmp.3.gz -man/man3/ASN1_TYPE_get.3.gz -man/man3/ASN1_TYPE_pack_sequence.3.gz -man/man3/ASN1_TYPE_set.3.gz -man/man3/ASN1_TYPE_set1.3.gz -man/man3/ASN1_TYPE_unpack_sequence.3.gz man/man3/ASN1_add_oid_module.3.gz man/man3/ASN1_generate_nconf.3.gz man/man3/ASN1_generate_v3.3.gz -man/man3/ASRange_free.3.gz -man/man3/ASRange_new.3.gz -man/man3/ASYNC_WAIT_CTX_clear_fd.3.gz -man/man3/ASYNC_WAIT_CTX_free.3.gz -man/man3/ASYNC_WAIT_CTX_get_all_fds.3.gz -man/man3/ASYNC_WAIT_CTX_get_changed_fds.3.gz -man/man3/ASYNC_WAIT_CTX_get_fd.3.gz -man/man3/ASYNC_WAIT_CTX_new.3.gz -man/man3/ASYNC_WAIT_CTX_set_wait_fd.3.gz -man/man3/ASYNC_block_pause.3.gz -man/man3/ASYNC_cleanup_thread.3.gz -man/man3/ASYNC_get_current_job.3.gz -man/man3/ASYNC_get_wait_ctx.3.gz -man/man3/ASYNC_init_thread.3.gz -man/man3/ASYNC_is_capable.3.gz -man/man3/ASYNC_pause_job.3.gz -man/man3/ASYNC_start_job.3.gz -man/man3/ASYNC_unblock_pause.3.gz -man/man3/AUTHORITY_INFO_ACCESS_free.3.gz -man/man3/AUTHORITY_INFO_ACCESS_new.3.gz -man/man3/AUTHORITY_KEYID_free.3.gz -man/man3/AUTHORITY_KEYID_new.3.gz -man/man3/BASIC_CONSTRAINTS_free.3.gz -man/man3/BASIC_CONSTRAINTS_new.3.gz man/man3/BF_cbc_encrypt.3.gz man/man3/BF_cfb64_encrypt.3.gz man/man3/BF_decrypt.3.gz @@ -228,29 +188,8 @@ man/man3/BF_encrypt.3.gz man/man3/BF_ofb64_encrypt.3.gz man/man3/BF_options.3.gz man/man3/BF_set_key.3.gz -man/man3/BIO_ADDR.3.gz -man/man3/BIO_ADDRINFO.3.gz -man/man3/BIO_ADDRINFO_address.3.gz -man/man3/BIO_ADDRINFO_family.3.gz -man/man3/BIO_ADDRINFO_free.3.gz -man/man3/BIO_ADDRINFO_next.3.gz -man/man3/BIO_ADDRINFO_protocol.3.gz -man/man3/BIO_ADDRINFO_socktype.3.gz -man/man3/BIO_ADDR_clear.3.gz -man/man3/BIO_ADDR_family.3.gz -man/man3/BIO_ADDR_free.3.gz -man/man3/BIO_ADDR_hostname_string.3.gz -man/man3/BIO_ADDR_new.3.gz -man/man3/BIO_ADDR_path_string.3.gz -man/man3/BIO_ADDR_rawaddress.3.gz -man/man3/BIO_ADDR_rawmake.3.gz -man/man3/BIO_ADDR_rawport.3.gz -man/man3/BIO_ADDR_service_string.3.gz -man/man3/BIO_accept_ex.3.gz man/man3/BIO_append_filename.3.gz man/man3/BIO_callback_ctrl.3.gz -man/man3/BIO_closesocket.3.gz -man/man3/BIO_connect.3.gz man/man3/BIO_ctrl.3.gz man/man3/BIO_ctrl_get_read_request.3.gz man/man3/BIO_ctrl_get_write_guarantee.3.gz @@ -261,7 +200,6 @@ man/man3/BIO_debug_callback.3.gz man/man3/BIO_destroy_bio_pair.3.gz man/man3/BIO_do_accept.3.gz man/man3/BIO_do_connect.3.gz -man/man3/BIO_do_handshake.3.gz man/man3/BIO_eof.3.gz man/man3/BIO_f_base64.3.gz man/man3/BIO_f_buffer.3.gz @@ -275,22 +213,18 @@ man/man3/BIO_free.3.gz man/man3/BIO_free_all.3.gz man/man3/BIO_get_accept_port.3.gz man/man3/BIO_get_bind_mode.3.gz -man/man3/BIO_get_buffer_num_lines.3.gz man/man3/BIO_get_callback.3.gz man/man3/BIO_get_callback_arg.3.gz man/man3/BIO_get_cipher_ctx.3.gz man/man3/BIO_get_cipher_status.3.gz man/man3/BIO_get_close.3.gz -man/man3/BIO_get_conn_address.3.gz man/man3/BIO_get_conn_hostname.3.gz +man/man3/BIO_get_conn_int_port.3.gz +man/man3/BIO_get_conn_ip.3.gz man/man3/BIO_get_conn_port.3.gz -man/man3/BIO_get_data.3.gz -man/man3/BIO_get_ex_data.3.gz *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608271100.u7RB0iWc007420>