svn commit: r420968 - in head/security/openssl: . files
Mathieu Arnold
mat at FreeBSD.org
Sat Aug 27 11:00:46 UTC 2016
Author: mat
Date: Sat Aug 27 11:00:44 2016
New Revision: 420968
URL: https://svnweb.freebsd.org/changeset/ports/420968
Log:
Revert the OpenSSL 1.1.0 update, it was not tested.
With hat: portmgr
Sponsored by: Absolight
Added:
head/security/openssl/files/patch-Configure
- copied unchanged from r420966, head/security/openssl/files/patch-Configure
head/security/openssl/files/patch-Makefile
- copied unchanged from r420966, head/security/openssl/files/patch-Makefile
head/security/openssl/files/patch-RFC-5705
- copied unchanged from r420966, head/security/openssl/files/patch-RFC-5705
head/security/openssl/files/patch-dsa_ossl.c
- copied unchanged from r420966, head/security/openssl/files/patch-dsa_ossl.c
head/security/openssl/files/patch-md5.c
- copied unchanged from r420966, head/security/openssl/files/patch-md5.c
head/security/openssl/files/patch-openbsd__hw.c
- copied unchanged from r420966, head/security/openssl/files/patch-openbsd__hw.c
head/security/openssl/files/patch-s3_srvr.c
- copied unchanged from r420966, head/security/openssl/files/patch-s3_srvr.c
head/security/openssl/files/patch-srtp.h
- copied unchanged from r420966, head/security/openssl/files/patch-srtp.h
head/security/openssl/files/patch-ssl_sess.c
- copied unchanged from r420966, head/security/openssl/files/patch-ssl_sess.c
head/security/openssl/files/patch-t1_lib.c
- copied unchanged from r420966, head/security/openssl/files/patch-t1_lib.c
head/security/openssl/files/patch-testssl
- copied unchanged from r420966, head/security/openssl/files/patch-testssl
Modified:
head/security/openssl/Makefile
head/security/openssl/distinfo
head/security/openssl/files/patch-config
head/security/openssl/pkg-plist
head/security/openssl/version.mk
Modified: head/security/openssl/Makefile
==============================================================================
--- head/security/openssl/Makefile Sat Aug 27 09:59:48 2016 (r420967)
+++ head/security/openssl/Makefile Sat Aug 27 11:00:44 2016 (r420968)
@@ -2,8 +2,10 @@
# $FreeBSD$
PORTNAME= openssl
-PORTVERSION= 1.1.0
-#DISTVERSIONSUFFIX= a
+PORTVERSION= 1.0.2
+DISTVERSIONSUFFIX= h
+PORTREVISION= 14
+PORTEPOCH= 1
CATEGORIES= security devel
MASTER_SITES= http://www.openssl.org/source/ \
ftp://ftp.openssl.org/source/ \
@@ -22,13 +24,8 @@ CONFLICTS= libressl-[0-9]* \
libressl-devel-[0-9]* \
openssl-devel-[0-9]*
-HAS_CONFIGURE= yes
-CONFIGURE_SCRIPT= config
-CONFIGURE_ENV= PERL="${PERL}"
-CONFIGURE_ARGS= --openssldir=${OPENSSLDIR} ${EXTRACONFIGURE}
-
-OPTIONS_DEFINE= SHARED THREADS SSE2 ASM ZLIB SCTP SSL3 RFC3779 RC5 DOCS MAN3
-OPTIONS_DEFAULT=SHARED THREADS SSE2 SCTP MAN3
+OPTIONS_DEFINE= SHARED THREADS SSE2 ASM PADLOCK ZLIB GMP SCTP SSL2 SSL3 RFC3779 MD2 RC5 EXPCIPHERS DOCS MAN3
+OPTIONS_DEFAULT=SHARED THREADS SSE2 SCTP SSL2 SSL3 MD2 MAN3
OPTIONS_DEFINE_i386= I386
.for a in amd64 ia64
OPTIONS_DEFINE_${a}= EC
@@ -44,43 +41,28 @@ OPTIONS_SUB= yes
I386_DESC?= Optimize for i386 (instead of i486+)
SSE2_DESC?= runtime SSE2 detection
ASM_DESC?= optimized Assembler code
+PADLOCK_DESC?= VIA Padlock support
SHARED_DESC?= build of shared libs
ZLIB_DESC?= zlib compression support
GMP_DESC?= gmp support (LGPLv3)
SCTP_DESC?= SCTP protocol support
+SSL2_DESC?= SSLv2 protocol support
SSL3_DESC?= SSLv3 protocol support
RFC3779_DESC?= RFC3779 support (BGP)
+MD2_DESC?= MD2 hash (obsolete)
RC5_DESC?= RC5 cipher (patented)
+EXPCIPHERS_DESC?= Include experimental ciphers
EC_DESC?= Optimize NIST elliptic curves
MAN3_DESC?= Install API manpages (section 3)
-USES= cpe perl5
+GMP_LIB_DEPENDS= libgmp.so:math/gmp
+
+USES= perl5 cpe
USE_PERL5= build
MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive
MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS=
SUB_FILES= pkg-message
-SHARED_CONFIGURE_ON= shared
-SHARED_PLIST_SUB= SHLIBVER=${OPENSSL_SHLIBVER}
-THREADS_CONFIGURE_ON= threads
-THREADS_CONFIGURE_OFF= no-threads
-ZLIB_CONFIGURE_ON= zlib zlib-dynamic
-ZLIB_CONFIGURE_OFF= no-zlib no-zlib-dynamic
-SCTP_CONFIGURE_ON= sctp
-SCTP_CONFIGURE_OFF= no-sctp
-SSE2_CONFIGURE_OFF= no-sse2
-ASM_CONFIGURE_ON= asm
-ASM_CONFIGURE_OFF= no-asm
-SSL3_CONFIGURE_ON= enable-ssl3
-SSL3_CONFIGURE_OFF= no-ssl3 no-ssl3-method
-RFC3779_CONFIGURE_ON= enable-rfc3779
-RFC3779_CONFIGURE_OFF= no-rfc3779
-RC5_CONFIGURE_ON= enable-rc5
-RC5_CONFIGURE_OFF= no-rc5
-I386_CONFIGURE_ON= 386
-EC_CONFIGURE_ON= enable-ec_nistp_64_gcc_128
-EC_CONFIGURE_OFF= no-ec_nistp_64_gcc_128
-
.include <bsd.port.pre.mk>
.if ${PREFIX} == /usr
@@ -93,17 +75,103 @@ PLIST_SUB+= OPENSSLDIR=${OPENSSLDIR:S=^$
OPENSSL_BASE_SONAME!= readlink ${DESTDIR}/usr/lib/libcrypto.so || true
OPENSSL_SHLIBVER_BASE= ${OPENSSL_BASE_SONAME:E}
OPENSSL_BASE_SOPATH= ${OPENSSL_BASE_SONAME:H}
+OPENSSL_SHLIBVER?= 8
+
+.if ${PORT_OPTIONS:MI386}
+.if ${ARCH} == "i386"
+EXTRACONFIGURE+= 386
+.endif
+.endif
-.include "version.mk"
+.if empty(PORT_OPTIONS:MSSE2)
+# disable runtime SSE2 detection
+EXTRACONFIGURE+= no-sse2
+.endif
.if ${PORT_OPTIONS:MASM}
BROKEN_sparc64= option ASM generates illegal instructions
+EXTRACONFIGURE+= enable-asm
+.else
+EXTRACONFIGURE+= no-asm
+.endif
+
+.if ${PORT_OPTIONS:MTHREADS}
+EXTRACONFIGURE+= threads
+.else
+EXTRACONFIGURE+= no-threads
.endif
.if ${PORT_OPTIONS:MSHARED}
+EXTRACONFIGURE+= shared
+MAKE_ENV+= SHLIBVER=${OPENSSL_SHLIBVER}
+PLIST_SUB+= SHLIBVER=${OPENSSL_SHLIBVER}
USE_LDCONFIG= yes
.endif
+.if ${PORT_OPTIONS:MZLIB}
+EXTRACONFIGURE+= zlib zlib-dynamic
+.else
+EXTRACONFIGURE+= no-zlib no-zlib-dynamic
+.endif
+
+.if ${PORT_OPTIONS:MSCTP}
+EXTRACONFIGURE+= sctp
+.else
+EXTRACONFIGURE+= no-sctp
+.endif
+
+.if ${PORT_OPTIONS:MSSL2}
+EXTRACONFIGURE+= enable-ssl2
+.else
+EXTRACONFIGURE+= no-ssl2
+.endif
+
+.if ${PORT_OPTIONS:MSSL3}
+EXTRACONFIGURE+= enable-ssl3
+.else
+EXTRACONFIGURE+= no-ssl3 no-ssl3-method
+.endif
+
+.if ${PORT_OPTIONS:MMD2}
+EXTRACONFIGURE+= enable-md2
+.else
+EXTRACONFIGURE+= no-md2
+.endif
+
+.if ${PORT_OPTIONS:MRC5}
+EXTRACONFIGURE+= enable-rc5
+.else
+EXTRACONFIGURE+= no-rc5
+.endif
+
+.if ${PORT_OPTIONS:MPADLOCK}
+PATCH_DIST_STRIP= -p1
+PATCH_SITES+= http://git.alpinelinux.org/cgit/aports/plain/main/openssl/:padlock
+PATCHFILES+= 1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch:padlock \
+ 1002-backport-changes-from-upstream-padlock-module.patch:padlock \
+ 1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch:padlock \
+ 1004-crypto-engine-autoload-padlock-dynamic-engine.patch:padlock
+.endif
+
+.if ${PORT_OPTIONS:MGMP}
+EXTRACONFIGURE+= enable-gmp -I${LOCALBASE}/include
+IGNORE= can not be linked because GMP is LGPLv3
+.else
+EXTRACONFIGURE+= no-gmp
+.endif
+
+.if ${PORT_OPTIONS:MRFC3779}
+EXTRACONFIGURE+= enable-rfc3779
+.else
+EXTRACONFIGURE+= no-rfc3779
+.endif
+
+.if ${PORT_OPTIONS:MEC}
+EXTRACONFIGURE+= enable-ec_nistp_64_gcc_128
+.else
+EXTRACONFIGURE+= no-ec_nistp_64_gcc_128
+.endif
+
.if ${OPENSSL_SHLIBVER_BASE} > ${OPENSSL_SHLIBVER}
pre-everything::
@${ECHO_CMD} "#"
@@ -116,30 +184,47 @@ pre-everything::
.endif
post-patch:
+ ${REINPLACE_CMD} -e 's|m4 -B 8192|m4|g' \
+ ${WRKSRC}/crypto/des/Makefile
+ ${REINPLACE_CMD} -e 's|SHLIB_VERSION_NUMBER "1.0.0"|SHLIB_VERSION_NUMBER "${OPENSSL_SHLIBVER}"|' \
+ ${WRKSRC}/crypto/opensslv.h
+ ${REINPLACE_CMD} -e 's|ERR_R_MALLOC_ERROR|ERR_R_MALLOC_FAILURE|' \
+ ${WRKSRC}/crypto/bio/bss_dgram.c
+.if ${PORT_OPTIONS:MEXPCIPHERS}
+ ${REINPLACE_CMD} -e 's|TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0|TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1|' \
+ ${WRKSRC}/ssl/tls1.h
+.endif
+
+do-configure:
+ ${REINPLACE_CMD} -e "s|options 386|options|" \
+ ${WRKSRC}/config
+ cd ${WRKSRC} \
+ && ${SETENV} CC="${CC}" FREEBSDCC="${CC}" CFLAGS="${CFLAGS}" PERL="${PERL}" \
+ ./config --prefix=${PREFIX} --openssldir=${OPENSSLDIR} \
+ --install_prefix=${STAGEDIR} \
+ -L${PREFIX}/lib ${EXTRACONFIGURE}
${REINPLACE_CMD} \
- -e 's|^MANDIR=.*$$|MANDIR=$$(INSTALLTOP)/man|' \
- -e 's| install_html_docs$$||' \
+ -e 's|^MANDIR=.*$$|MANDIR=$$(PREFIX)/man|' \
-e 's|$$(LIBDIR)/pkgconfig|libdata/pkgconfig|g' \
- ${WRKSRC}/Configurations/unix-Makefile.tmpl
-
-post-configure:
- ${REINPLACE_CMD} \
- -e 's|.(SHLIB_MAJOR)[.].(SHLIB_MINOR)|${OPENSSL_SHLIBVER}|g' \
+ -e 's|LIBVERSION=[^ ]* |LIBVERSION=${OPENSSL_SHLIBVER} |' \
${WRKSRC}/Makefile
- ${REINPLACE_CMD} \
- -e 's|SHLIB_VERSION_NUMBER "1.1"|SHLIB_VERSION_NUMBER "${OPENSSL_SHLIBVER}"|' \
- ${WRKSRC}/include/openssl/opensslv.h
post-install:
- ${RM} -f ${STAGEDIR}${OPENSSLDIR}/openssl.cnf
- ${RM} -f ${STAGEDIR}${PREFIX}/man/man7/ct.7.gz
-
-post-install-MAN3-off:
+.if ${PORT_OPTIONS:MSHARED}
+.for i in libcrypto libssl
+ ${INSTALL_DATA} ${WRKSRC}/$i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib
+ ${LN} -sf $i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib/$i.so
+.endfor
+.endif
.if empty(PORT_OPTIONS:MMAN3)
${RM} -rf ${STAGEDIR}/${PREFIX}/man/man3
${REINPLACE_CMD} -e 's|^man/man3/.*||' ${TMPPLIST}
.endif
+post-install-DOCS-on:
+ ${MKDIR} ${STAGEDIR}${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/doc/openssl.txt ${STAGEDIR}${DOCSDIR}/
+
test: build
cd ${WRKSRC} && ${MAKE} test
Modified: head/security/openssl/distinfo
==============================================================================
--- head/security/openssl/distinfo Sat Aug 27 09:59:48 2016 (r420967)
+++ head/security/openssl/distinfo Sat Aug 27 11:00:44 2016 (r420968)
@@ -1,3 +1,10 @@
-TIMESTAMP = 1472208347
-SHA256 (openssl-1.1.0/openssl-1.1.0.tar.gz) = f5c69ff9ac1472c80b868efc1c1c0d8dcfc746d29ebe563de2365dd56dbd8c82
-SIZE (openssl-1.1.0/openssl-1.1.0.tar.gz) = 5146831
+SHA256 (openssl-1.0.2h/openssl-1.0.2h.tar.gz) = 1d4007e53aad94a5b2002fe045ee7bb0b3d98f1a47f8b2bc851dcd1c74332919
+SIZE (openssl-1.0.2h/openssl-1.0.2h.tar.gz) = 5274412
+SHA256 (openssl-1.0.2h/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 2eddcb7ab342285cb637ce6b6be143cca835f449f35dd9bb8c7b9167ba2117a7
+SIZE (openssl-1.0.2h/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 3717
+SHA256 (openssl-1.0.2h/1002-backport-changes-from-upstream-padlock-module.patch) = aee88a24622ce9d71e38deeb874e58435dcf8ff5690f56194f0e4a00fb09b260
+SIZE (openssl-1.0.2h/1002-backport-changes-from-upstream-padlock-module.patch) = 5770
+SHA256 (openssl-1.0.2h/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = c10b8aaf56a4f4f79ca195fc587e0bb533f643e777d7a3e6fb0350399a6060ea
+SIZE (openssl-1.0.2h/1003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = 20935
+SHA256 (openssl-1.0.2h/1004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 97eb4411d0fc0890e94bc7c2d682f68b71135da782af769ca73914b37da2b1fd
+SIZE (openssl-1.0.2h/1004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 832
Copied: head/security/openssl/files/patch-Configure (from r420966, head/security/openssl/files/patch-Configure)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openssl/files/patch-Configure Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-Configure)
@@ -0,0 +1,45 @@
+--- Configure.orig 2015-06-11 15:50:11.000000000 +0200
++++ Configure 2015-06-12 16:20:39.000000000 +0200
+@@ -467,19 +467,20 @@
+ "android-mips","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ #### *BSD [do see comment about ${BSDthreads} above!]
+-"BSD-generic32","gcc:-O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"BSD-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"BSD-sparcv8", "gcc:-DB_ENDIAN -O3 -mcpu=v8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"BSD-generic32","$ENV{'FREEBSDCC'}:-O3 -fomit-frame-pointer -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)",
++"BSD-x86", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIBVER)",
++"BSD-x86-elf", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIBVER)",
++"debug-BSD-x86-elf", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -Wall -g $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIBVER)",
++"BSD-sparcv8", "$ENV{'FREEBSDCC'}:-DB_ENDIAN -O3 -mcpu=v8 -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)",
+
+-"BSD-generic64","gcc:-O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"BSD-generic64","$ENV{'FREEBSDCC'}:-O3 -Wall $ENV{'CFLAGS'}::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)",
+ # -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
+ # simply *happens* to work around a compiler bug in gcc 3.3.3,
+ # triggered by RIPEMD160 code.
+-"BSD-sparc64", "gcc:-DB_ENDIAN -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"BSD-ia64", "gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"BSD-x86_64", "cc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"BSD-sparc64", "$ENV{'FREEBSDCC'}:-DB_ENDIAN -O3 -DMD32_REG_T=int -Wall $ENV{'CFLAGS'}::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)",
++"BSD-ia64", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -Wall $ENV{'CFLAGS'}::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)",
++"BSD-x86_64", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O3 -Wall $ENV{'CFLAGS'}::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)",
++"BSD-alpha", "$ENV{'FREEBSDCC'}:-DL_ENDIAN -O -Wall $ENV{'CFLAGS'}::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIBVER)",
+
+ "bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+@@ -2019,10 +2020,12 @@
+ if ( $perl =~ m@^/@) {
+ &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
+ &dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
++ &dofile("apps/tsget",$perl,'^#!/', '#!%s');
+ } else {
+ # No path for Perl known ...
+ &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
+ &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
++ &dofile("apps/tsget",'/usr/local/bin/perl',,'^#!/', '#!%s');
+ }
+ if ($depflags ne $default_depflags && !$make_depend) {
+ print <<EOF;
Copied: head/security/openssl/files/patch-Makefile (from r420966, head/security/openssl/files/patch-Makefile)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openssl/files/patch-Makefile Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-Makefile)
@@ -0,0 +1,11 @@
+--- apps/Makefile.orig Tue Aug 10 11:09:07 2004
++++ apps/Makefile Tue Oct 26 07:00:51 2004
+@@ -112,7 +112,7 @@
+ done
+ @cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
+ chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
+- mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
++ mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.sample
+
+ tags:
+ ctags $(SRC)
Copied: head/security/openssl/files/patch-RFC-5705 (from r420966, head/security/openssl/files/patch-RFC-5705)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openssl/files/patch-RFC-5705 Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-RFC-5705)
@@ -0,0 +1,38 @@
+--- ssl/ssl.h 6 Jan 2010 17:37:38 -0000 1.221.2.24
++++ ssl/ssl.h 17 Jun 2010 12:25:35 -0000
+@@ -1806,6 +1806,10 @@
+ /* Pre-shared secret session resumption functions */
+ int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
+
++void SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len,
++ unsigned char *context, int context_len,
++ unsigned char *out, int olen);
++
+ /* BEGIN ERROR CODES */
+ /* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+
+--- ssl/t1_enc.c.orig 2015-01-22 15:58:32.000000000 +0100
++++ ssl/t1_enc.c 2015-03-10 07:21:12.000000000 +0100
+@@ -1261,6 +1261,21 @@
+ return (rv);
+ }
+
++void SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len,
++ unsigned char *context, int context_len,
++ unsigned char *out, int olen)
++ {
++ unsigned char tmp[olen];
++
++ tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
++ label, label_len,
++ s->s3->client_random,SSL3_RANDOM_SIZE,
++ s->s3->server_random,SSL3_RANDOM_SIZE,
++ context, context_len, NULL, 0,
++ s->session->master_key, s->session->master_key_length,
++ out, tmp, olen);
++ }
++
+ int tls1_alert_code(int code)
+ {
+ switch (code) {
Modified: head/security/openssl/files/patch-config
==============================================================================
--- head/security/openssl/files/patch-config Sat Aug 27 09:59:48 2016 (r420967)
+++ head/security/openssl/files/patch-config Sat Aug 27 11:00:44 2016 (r420968)
@@ -1,6 +1,6 @@
---- config.orig 2016-03-16 18:21:18.000000000 +0100
-+++ config 2016-04-09 13:25:19.138246000 +0200
-@@ -713,14 +713,8 @@
+--- config.orig 2013-06-16 07:01:13.038797248 -0500
++++ config 2013-06-16 07:01:18.138794838 -0500
+@@ -734,14 +734,8 @@
sparc64-*-*bsd*) OUT="BSD-sparc64" ;;
ia64-*-*bsd*) OUT="BSD-ia64" ;;
amd64-*-*bsd*) OUT="BSD-x86_64" ;;
Copied: head/security/openssl/files/patch-dsa_ossl.c (from r420966, head/security/openssl/files/patch-dsa_ossl.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openssl/files/patch-dsa_ossl.c Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-dsa_ossl.c)
@@ -0,0 +1,35 @@
+
+Fix DSA, preserve BN_FLG_CONSTTIME
+
+Operations in the DSA signing algorithm should run in constant time in
+order to avoid side channel attacks. A flaw in the OpenSSL DSA
+implementation means that a non-constant time codepath is followed for
+certain operations. This has been demonstrated through a cache-timing
+attack to be sufficient for an attacker to recover the private DSA key.
+
+CVE-2016-2178
+
+--- crypto/dsa/dsa_ossl.c.orig 2016-05-03 15:44:42.000000000 +0200
++++ crypto/dsa/dsa_ossl.c 2016-06-12 22:57:49.000000000 +0200
+@@ -248,9 +248,6 @@
+ if (!BN_rand_range(&k, dsa->q))
+ goto err;
+ while (BN_is_zero(&k)) ;
+- if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
+- BN_set_flags(&k, BN_FLG_CONSTTIME);
+- }
+
+ if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
+ if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
+@@ -282,6 +279,11 @@
+ } else {
+ K = &k;
+ }
++
++ if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
++ BN_set_flags(&k, BN_FLG_CONSTTIME);
++ }
++
+ DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
+ dsa->method_mont_p);
+ if (!BN_mod(r, r, dsa->q, ctx))
Copied: head/security/openssl/files/patch-md5.c (from r420966, head/security/openssl/files/patch-md5.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openssl/files/patch-md5.c Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-md5.c)
@@ -0,0 +1,11 @@
+--- crypto/md5/md5.c.orig 2015-01-22 15:58:32.000000000 +0100
++++ crypto/md5/md5.c 2015-03-10 07:02:19.000000000 +0100
+@@ -83,7 +83,7 @@
+ err++;
+ continue;
+ }
+- printf("MD5(%s)= ", argv[i]);
++ printf("MD5 (%s) = ", argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
Copied: head/security/openssl/files/patch-openbsd__hw.c (from r420966, head/security/openssl/files/patch-openbsd__hw.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openssl/files/patch-openbsd__hw.c Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-openbsd__hw.c)
@@ -0,0 +1,14 @@
+--- crypto/evp/openbsd_hw.c.orig 2015-01-22 15:58:32.000000000 +0100
++++ crypto/evp/openbsd_hw.c 2015-03-10 07:08:45.000000000 +0100
+@@ -108,7 +108,10 @@
+ dev_failed = 1;
+ return 0;
+ }
+- close(cryptodev_fd);
++ if (fd == -1)
++ fd = cryptodev_fd;
++ else
++ close(cryptodev_fd);
+ }
+ assert(ses);
+ memset(ses, '\0', sizeof *ses);
Copied: head/security/openssl/files/patch-s3_srvr.c (from r420966, head/security/openssl/files/patch-s3_srvr.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openssl/files/patch-s3_srvr.c Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-s3_srvr.c)
@@ -0,0 +1,66 @@
+CVE-2016-2177
+
+--- ssl/s3_srvr.c.orig
++++ ssl/s3_srvr.c
+@@ -980,7 +980,7 @@ int ssl3_get_client_hello(SSL *s)
+
+ session_length = *(p + SSL3_RANDOM_SIZE);
+
+- if (p + SSL3_RANDOM_SIZE + session_length + 1 >= d + n) {
++ if (SSL3_RANDOM_SIZE + session_length + 1 >= (d + n) - p) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+@@ -998,7 +998,7 @@ int ssl3_get_client_hello(SSL *s)
+ /* get the session-id */
+ j = *(p++);
+
+- if (p + j > d + n) {
++ if ((d + n) - p < j) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+@@ -1054,14 +1054,14 @@ int ssl3_get_client_hello(SSL *s)
+
+ if (SSL_IS_DTLS(s)) {
+ /* cookie stuff */
+- if (p + 1 > d + n) {
++ if ((d + n) - p < 1) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ cookie_len = *(p++);
+
+- if (p + cookie_len > d + n) {
++ if ((d + n ) - p < cookie_len) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+@@ -1131,7 +1131,7 @@ int ssl3_get_client_hello(SSL *s)
+ }
+ }
+
+- if (p + 2 > d + n) {
++ if ((d + n ) - p < 2) {
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+@@ -1145,7 +1145,7 @@ int ssl3_get_client_hello(SSL *s)
+ }
+
+ /* i bytes of cipher data + 1 byte for compression length later */
+- if ((p + i + 1) > (d + n)) {
++ if ((d + n) - p < i + 1) {
+ /* not enough data */
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
+@@ -1211,7 +1211,7 @@ int ssl3_get_client_hello(SSL *s)
+
+ /* compression */
+ i = *(p++);
+- if ((p + i) > (d + n)) {
++ if ((d + n) - p < i) {
+ /* not enough data */
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
Copied: head/security/openssl/files/patch-srtp.h (from r420966, head/security/openssl/files/patch-srtp.h)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openssl/files/patch-srtp.h Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-srtp.h)
@@ -0,0 +1,10 @@
+--- ssl/srtp.h.orig 2015-03-19 14:30:36.000000000 +0100
++++ ssl/srtp.h 2015-03-19 21:12:51.000000000 +0100
+@@ -136,7 +136,6 @@
+ int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
+
+ STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
+-SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
+
+ # endif
+
Copied: head/security/openssl/files/patch-ssl_sess.c (from r420966, head/security/openssl/files/patch-ssl_sess.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openssl/files/patch-ssl_sess.c Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-ssl_sess.c)
@@ -0,0 +1,13 @@
+CVE-2016-2177
+
+--- ssl/ssl_sess.c.orig
++++ ssl/ssl_sess.c
+@@ -573,7 +573,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
+ int r;
+ #endif
+
+- if (session_id + len > limit) {
++ if (limit - session_id < len) {
+ fatal = 1;
+ goto err;
+ }
Copied: head/security/openssl/files/patch-t1_lib.c (from r420966, head/security/openssl/files/patch-t1_lib.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openssl/files/patch-t1_lib.c Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-t1_lib.c)
@@ -0,0 +1,163 @@
+CVE-2016-2177
+
+--- ssl/t1_lib.c.orig
++++ ssl/t1_lib.c
+@@ -1867,11 +1867,11 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data,
+ 0x02, 0x03, /* SHA-1/ECDSA */
+ };
+
+- if (data >= (limit - 2))
++ if (limit - data <= 2)
+ return;
+ data += 2;
+
+- if (data > (limit - 4))
++ if (limit - data < 4)
+ return;
+ n2s(data, type);
+ n2s(data, size);
+@@ -1879,7 +1879,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data,
+ if (type != TLSEXT_TYPE_server_name)
+ return;
+
+- if (data + size > limit)
++ if (limit - data < size)
+ return;
+ data += size;
+
+@@ -1887,7 +1887,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data,
+ const size_t len1 = sizeof(kSafariExtensionsBlock);
+ const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock);
+
+- if (data + len1 + len2 != limit)
++ if (limit - data != (int)(len1 + len2))
+ return;
+ if (memcmp(data, kSafariExtensionsBlock, len1) != 0)
+ return;
+@@ -1896,7 +1896,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data,
+ } else {
+ const size_t len = sizeof(kSafariExtensionsBlock);
+
+- if (data + len != limit)
++ if (limit - data != (int)(len))
+ return;
+ if (memcmp(data, kSafariExtensionsBlock, len) != 0)
+ return;
+@@ -2053,19 +2053,19 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
+ if (data == limit)
+ goto ri_check;
+
+- if (data > (limit - 2))
++ if (limit - data < 2)
+ goto err;
+
+ n2s(data, len);
+
+- if (data + len != limit)
++ if (limit - data != len)
+ goto err;
+
+- while (data <= (limit - 4)) {
++ while (limit - data >= 4) {
+ n2s(data, type);
+ n2s(data, size);
+
+- if (data + size > (limit))
++ if (limit - data < size)
+ goto err;
+ # if 0
+ fprintf(stderr, "Received extension type %d size %d\n", type, size);
+@@ -2472,18 +2472,18 @@ static int ssl_scan_clienthello_custom_tlsext(SSL *s,
+ if (s->hit || s->cert->srv_ext.meths_count == 0)
+ return 1;
+
+- if (data >= limit - 2)
++ if (limit - data <= 2)
+ return 1;
+ n2s(data, len);
+
+- if (data > limit - len)
++ if (limit - data < len)
+ return 1;
+
+- while (data <= limit - 4) {
++ while (limit - data >= 4) {
+ n2s(data, type);
+ n2s(data, size);
+
+- if (data + size > limit)
++ if (limit - data < size)
+ return 1;
+ if (custom_ext_parse(s, 1 /* server */ , type, data, size, al) <= 0)
+ return 0;
+@@ -2569,20 +2569,20 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p,
+ SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
+ # endif
+
+- if (data >= (d + n - 2))
++ if ((d + n) - data <= 2)
+ goto ri_check;
+
+ n2s(data, length);
+- if (data + length != d + n) {
++ if ((d + n) - data != length) {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
+
+- while (data <= (d + n - 4)) {
++ while ((d + n) - data >= 4) {
+ n2s(data, type);
+ n2s(data, size);
+
+- if (data + size > (d + n))
++ if ((d + n) - data < size)
+ goto ri_check;
+
+ if (s->tlsext_debug_cb)
+@@ -3307,29 +3307,33 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
+ /* Skip past DTLS cookie */
+ if (SSL_IS_DTLS(s)) {
+ i = *(p++);
+- p += i;
+- if (p >= limit)
++
++ if (limit - p <= i)
+ return -1;
++
++ p += i;
+ }
+ /* Skip past cipher list */
+ n2s(p, i);
+- p += i;
+- if (p >= limit)
++ if (limit - p <= i)
+ return -1;
++ p += i;
++
+ /* Skip past compression algorithm list */
+ i = *(p++);
+- p += i;
+- if (p > limit)
++ if (limit - p < i)
+ return -1;
++ p += i;
++
+ /* Now at start of extensions */
+- if ((p + 2) >= limit)
++ if (limit - p <= 2)
+ return 0;
+ n2s(p, i);
+- while ((p + 4) <= limit) {
++ while (limit - p >= 4) {
+ unsigned short type, size;
+ n2s(p, type);
+ n2s(p, size);
+- if (p + size > limit)
++ if (limit - p < size)
+ return 0;
+ if (type == TLSEXT_TYPE_session_ticket) {
+ int r;
+--
+1.9.1
+
Copied: head/security/openssl/files/patch-testssl (from r420966, head/security/openssl/files/patch-testssl)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/openssl/files/patch-testssl Sat Aug 27 11:00:44 2016 (r420968, copy of r420966, head/security/openssl/files/patch-testssl)
@@ -0,0 +1,39 @@
+--- test/testssl.orig 2015-06-11 15:50:11.000000000 +0200
++++ test/testssl 2015-06-12 13:43:32.000000000 +0200
+@@ -102,28 +102,28 @@
+ $ssltest $extra || exit 1
+
+ echo test dtlsv1
+-$ssltest -dtls1 $extra || exit 1
++#$ssltest -dtls1 $extra || exit 1
+
+ echo test dtlsv1 with server authentication
+-$ssltest -dtls1 -server_auth $CA $extra || exit 1
++#$ssltest -dtls1 -server_auth $CA $extra || exit 1
+
+ echo test dtlsv1 with client authentication
+-$ssltest -dtls1 -client_auth $CA $extra || exit 1
++#$ssltest -dtls1 -client_auth $CA $extra || exit 1
+
+ echo test dtlsv1 with both client and server authentication
+-$ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1
++#$ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1
+
+ echo test dtlsv1.2
+-$ssltest -dtls12 $extra || exit 1
++#$ssltest -dtls12 $extra || exit 1
+
+ echo test dtlsv1.2 with server authentication
+-$ssltest -dtls12 -server_auth $CA $extra || exit 1
++#$ssltest -dtls12 -server_auth $CA $extra || exit 1
+
+ echo test dtlsv1.2 with client authentication
+-$ssltest -dtls12 -client_auth $CA $extra || exit 1
++#$ssltest -dtls12 -client_auth $CA $extra || exit 1
+
+ echo test dtlsv1.2 with both client and server authentication
+-$ssltest -dtls12 -server_auth -client_auth $CA $extra || exit 1
++#$ssltest -dtls12 -server_auth -client_auth $CA $extra || exit 1
+
+ if [ $dsa_cert = NO ]; then
+ echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
Modified: head/security/openssl/pkg-plist
==============================================================================
--- head/security/openssl/pkg-plist Sat Aug 27 09:59:48 2016 (r420967)
+++ head/security/openssl/pkg-plist Sat Aug 27 11:00:44 2016 (r420968)
@@ -4,7 +4,6 @@ include/openssl/aes.h
include/openssl/asn1.h
include/openssl/asn1_mac.h
include/openssl/asn1t.h
-include/openssl/async.h
include/openssl/bio.h
include/openssl/blowfish.h
include/openssl/bn.h
@@ -17,10 +16,11 @@ include/openssl/comp.h
include/openssl/conf.h
include/openssl/conf_api.h
include/openssl/crypto.h
-include/openssl/ct.h
include/openssl/des.h
+include/openssl/des_old.h
include/openssl/dh.h
include/openssl/dsa.h
+include/openssl/dso.h
include/openssl/dtls1.h
include/openssl/e_os2.h
include/openssl/ebcdic.h
@@ -32,9 +32,10 @@ include/openssl/err.h
include/openssl/evp.h
include/openssl/hmac.h
include/openssl/idea.h
-include/openssl/kdf.h
+include/openssl/krb5_asn.h
+include/openssl/kssl.h
include/openssl/lhash.h
-include/openssl/md2.h
+%%MD2%%include/openssl/md2.h
include/openssl/md4.h
include/openssl/md5.h
include/openssl/mdc2.h
@@ -49,6 +50,7 @@ include/openssl/pem.h
include/openssl/pem2.h
include/openssl/pkcs12.h
include/openssl/pkcs7.h
+include/openssl/pqueue.h
include/openssl/rand.h
include/openssl/rc2.h
include/openssl/rc4.h
@@ -62,6 +64,7 @@ include/openssl/srp.h
include/openssl/srtp.h
include/openssl/ssl.h
include/openssl/ssl2.h
+include/openssl/ssl23.h
include/openssl/ssl3.h
include/openssl/stack.h
include/openssl/symhacks.h
@@ -69,12 +72,23 @@ include/openssl/tls1.h
include/openssl/ts.h
include/openssl/txt_db.h
include/openssl/ui.h
+include/openssl/ui_compat.h
include/openssl/whrlpool.h
include/openssl/x509.h
include/openssl/x509_vfy.h
include/openssl/x509v3.h
-%%SHARED%%lib/engines-1.1/capi.so
-%%SHARED%%lib/engines-1.1/padlock.so
+%%SHARED%%lib/engines/lib4758cca.so
+%%SHARED%%lib/engines/libaep.so
+%%SHARED%%lib/engines/libatalla.so
+%%SHARED%%lib/engines/libcapi.so
+%%SHARED%%lib/engines/libchil.so
+%%SHARED%%lib/engines/libcswift.so
+%%SHARED%%lib/engines/libgmp.so
+%%SHARED%%lib/engines/libgost.so
+%%SHARED%%lib/engines/libnuron.so
+%%SHARED%%lib/engines/libpadlock.so
+%%SHARED%%lib/engines/libsureware.so
+%%SHARED%%lib/engines/libubsec.so
lib/libcrypto.a
%%SHARED%%lib/libcrypto.so
%%SHARED%%lib/libcrypto.so.%%SHLIBVER%%
@@ -86,8 +100,6 @@ libdata/pkgconfig/libssl.pc
libdata/pkgconfig/openssl.pc
man/man1/CA.pl.1.gz
man/man1/asn1parse.1.gz
-man/man1/blake2b.1.gz
-man/man1/blake2s.1.gz
man/man1/c_rehash.1.gz
man/man1/ca.1.gz
man/man1/ciphers.1.gz
@@ -98,15 +110,15 @@ man/man1/dgst.1.gz
man/man1/dhparam.1.gz
man/man1/dsa.1.gz
man/man1/dsaparam.1.gz
+man/man1/dss1.1.gz
man/man1/ec.1.gz
man/man1/ecparam.1.gz
man/man1/enc.1.gz
-man/man1/engine.1.gz
man/man1/errstr.1.gz
man/man1/gendsa.1.gz
man/man1/genpkey.1.gz
man/man1/genrsa.1.gz
-man/man1/list.1.gz
+man/man1/md2.1.gz
man/man1/md4.1.gz
man/man1/md5.1.gz
man/man1/mdc2.1.gz
@@ -121,7 +133,6 @@ man/man1/pkey.1.gz
man/man1/pkeyparam.1.gz
man/man1/pkeyutl.1.gz
man/man1/rand.1.gz
-man/man1/rehash.1.gz
man/man1/req.1.gz
man/man1/ripemd160.1.gz
man/man1/rsa.1.gz
@@ -144,35 +155,14 @@ man/man1/tsget.1.gz
man/man1/verify.1.gz
man/man1/version.1.gz
man/man1/x509.1.gz
-man/man3/ACCESS_DESCRIPTION_free.3.gz
-man/man3/ACCESS_DESCRIPTION_new.3.gz
-man/man3/ASIdOrRange_free.3.gz
-man/man3/ASIdOrRange_new.3.gz
-man/man3/ASIdentifierChoice_free.3.gz
-man/man3/ASIdentifierChoice_new.3.gz
-man/man3/ASIdentifiers_free.3.gz
-man/man3/ASIdentifiers_new.3.gz
-man/man3/ASN1_ENUMERATED_get.3.gz
-man/man3/ASN1_ENUMERATED_get_int64.3.gz
-man/man3/ASN1_ENUMERATED_set.3.gz
-man/man3/ASN1_ENUMERATED_set_int64.3.gz
-man/man3/ASN1_ENUMERATED_to_BN.3.gz
-man/man3/ASN1_INTEGER_get.3.gz
-man/man3/ASN1_INTEGER_get_int64.3.gz
-man/man3/ASN1_INTEGER_get_uint64.3.gz
-man/man3/ASN1_INTEGER_set.3.gz
-man/man3/ASN1_INTEGER_set_int64.3.gz
-man/man3/ASN1_INTEGER_set_uint64.3.gz
-man/man3/ASN1_INTEGER_to_BN.3.gz
-man/man3/ASN1_ITEM.3.gz
man/man3/ASN1_OBJECT_free.3.gz
man/man3/ASN1_OBJECT_new.3.gz
man/man3/ASN1_STRING_cmp.3.gz
man/man3/ASN1_STRING_data.3.gz
man/man3/ASN1_STRING_dup.3.gz
man/man3/ASN1_STRING_free.3.gz
-man/man3/ASN1_STRING_get0_data.3.gz
man/man3/ASN1_STRING_length.3.gz
+man/man3/ASN1_STRING_length_set.3.gz
man/man3/ASN1_STRING_new.3.gz
man/man3/ASN1_STRING_print.3.gz
man/man3/ASN1_STRING_print_ex.3.gz
@@ -187,39 +177,9 @@ man/man3/ASN1_TIME_diff.3.gz
man/man3/ASN1_TIME_print.3.gz
man/man3/ASN1_TIME_set.3.gz
man/man3/ASN1_TIME_set_string.3.gz
-man/man3/ASN1_TYPE_cmp.3.gz
-man/man3/ASN1_TYPE_get.3.gz
-man/man3/ASN1_TYPE_pack_sequence.3.gz
-man/man3/ASN1_TYPE_set.3.gz
-man/man3/ASN1_TYPE_set1.3.gz
-man/man3/ASN1_TYPE_unpack_sequence.3.gz
man/man3/ASN1_add_oid_module.3.gz
man/man3/ASN1_generate_nconf.3.gz
man/man3/ASN1_generate_v3.3.gz
-man/man3/ASRange_free.3.gz
-man/man3/ASRange_new.3.gz
-man/man3/ASYNC_WAIT_CTX_clear_fd.3.gz
-man/man3/ASYNC_WAIT_CTX_free.3.gz
-man/man3/ASYNC_WAIT_CTX_get_all_fds.3.gz
-man/man3/ASYNC_WAIT_CTX_get_changed_fds.3.gz
-man/man3/ASYNC_WAIT_CTX_get_fd.3.gz
-man/man3/ASYNC_WAIT_CTX_new.3.gz
-man/man3/ASYNC_WAIT_CTX_set_wait_fd.3.gz
-man/man3/ASYNC_block_pause.3.gz
-man/man3/ASYNC_cleanup_thread.3.gz
-man/man3/ASYNC_get_current_job.3.gz
-man/man3/ASYNC_get_wait_ctx.3.gz
-man/man3/ASYNC_init_thread.3.gz
-man/man3/ASYNC_is_capable.3.gz
-man/man3/ASYNC_pause_job.3.gz
-man/man3/ASYNC_start_job.3.gz
-man/man3/ASYNC_unblock_pause.3.gz
-man/man3/AUTHORITY_INFO_ACCESS_free.3.gz
-man/man3/AUTHORITY_INFO_ACCESS_new.3.gz
-man/man3/AUTHORITY_KEYID_free.3.gz
-man/man3/AUTHORITY_KEYID_new.3.gz
-man/man3/BASIC_CONSTRAINTS_free.3.gz
-man/man3/BASIC_CONSTRAINTS_new.3.gz
man/man3/BF_cbc_encrypt.3.gz
man/man3/BF_cfb64_encrypt.3.gz
man/man3/BF_decrypt.3.gz
@@ -228,29 +188,8 @@ man/man3/BF_encrypt.3.gz
man/man3/BF_ofb64_encrypt.3.gz
man/man3/BF_options.3.gz
man/man3/BF_set_key.3.gz
-man/man3/BIO_ADDR.3.gz
-man/man3/BIO_ADDRINFO.3.gz
-man/man3/BIO_ADDRINFO_address.3.gz
-man/man3/BIO_ADDRINFO_family.3.gz
-man/man3/BIO_ADDRINFO_free.3.gz
-man/man3/BIO_ADDRINFO_next.3.gz
-man/man3/BIO_ADDRINFO_protocol.3.gz
-man/man3/BIO_ADDRINFO_socktype.3.gz
-man/man3/BIO_ADDR_clear.3.gz
-man/man3/BIO_ADDR_family.3.gz
-man/man3/BIO_ADDR_free.3.gz
-man/man3/BIO_ADDR_hostname_string.3.gz
-man/man3/BIO_ADDR_new.3.gz
-man/man3/BIO_ADDR_path_string.3.gz
-man/man3/BIO_ADDR_rawaddress.3.gz
-man/man3/BIO_ADDR_rawmake.3.gz
-man/man3/BIO_ADDR_rawport.3.gz
-man/man3/BIO_ADDR_service_string.3.gz
-man/man3/BIO_accept_ex.3.gz
man/man3/BIO_append_filename.3.gz
man/man3/BIO_callback_ctrl.3.gz
-man/man3/BIO_closesocket.3.gz
-man/man3/BIO_connect.3.gz
man/man3/BIO_ctrl.3.gz
man/man3/BIO_ctrl_get_read_request.3.gz
man/man3/BIO_ctrl_get_write_guarantee.3.gz
@@ -261,7 +200,6 @@ man/man3/BIO_debug_callback.3.gz
man/man3/BIO_destroy_bio_pair.3.gz
man/man3/BIO_do_accept.3.gz
man/man3/BIO_do_connect.3.gz
-man/man3/BIO_do_handshake.3.gz
man/man3/BIO_eof.3.gz
man/man3/BIO_f_base64.3.gz
man/man3/BIO_f_buffer.3.gz
@@ -275,22 +213,18 @@ man/man3/BIO_free.3.gz
man/man3/BIO_free_all.3.gz
man/man3/BIO_get_accept_port.3.gz
man/man3/BIO_get_bind_mode.3.gz
-man/man3/BIO_get_buffer_num_lines.3.gz
man/man3/BIO_get_callback.3.gz
man/man3/BIO_get_callback_arg.3.gz
man/man3/BIO_get_cipher_ctx.3.gz
man/man3/BIO_get_cipher_status.3.gz
man/man3/BIO_get_close.3.gz
-man/man3/BIO_get_conn_address.3.gz
man/man3/BIO_get_conn_hostname.3.gz
+man/man3/BIO_get_conn_int_port.3.gz
+man/man3/BIO_get_conn_ip.3.gz
man/man3/BIO_get_conn_port.3.gz
-man/man3/BIO_get_data.3.gz
-man/man3/BIO_get_ex_data.3.gz
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-ports-all
mailing list