svn commit: r465716 - head/security/openssl-devel
Bernard Spil
brnrd at FreeBSD.org
Tue Mar 27 15:23:12 UTC 2018
Author: brnrd
Date: Tue Mar 27 15:23:11 2018
New Revision: 465716
URL: https://svnweb.freebsd.org/changeset/ports/465716
Log:
security/openssl-devel: Security update to 1.1.0h
- Update to 1.1.0h
- Fix PREFIX [1]
- Add DH option (default enabled)
- Set EC default regardless (no-op if no EC option)
- Upstream properly creates the symlinks, simplify strip
PR: 226967 [1]
Reported by: demon [1]
MFH: 2018Q1
Security: b7cff5a9-31cc-11e8-8f07-b499baebfeaf
Modified:
head/security/openssl-devel/Makefile
head/security/openssl-devel/distinfo
head/security/openssl-devel/pkg-plist
Modified: head/security/openssl-devel/Makefile
==============================================================================
--- head/security/openssl-devel/Makefile Tue Mar 27 15:10:53 2018 (r465715)
+++ head/security/openssl-devel/Makefile Tue Mar 27 15:23:11 2018 (r465716)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= openssl
-PORTVERSION= 1.1.0g
+PORTVERSION= 1.1.0h
CATEGORIES= security devel
MASTER_SITES= https://www.openssl.org/source/ \
ftp://ftp.cert.dfn.de/pub/tools/net/openssl/source/
@@ -21,29 +21,29 @@ CONFLICTS_INSTALL= libressl-[0-9]* \
HAS_CONFIGURE= yes
CONFIGURE_SCRIPT= config
CONFIGURE_ENV= PERL="${PERL}"
-CONFIGURE_ARGS= --openssldir=${OPENSSLDIR}
+CONFIGURE_ARGS= --openssldir=${OPENSSLDIR} \
+ --prefix=${PREFIX}
OPTIONS_GROUP= CIPHERS HASHES OPTIMIZE PROTOCOLS
OPTIONS_GROUP_CIPHERS= IDEA JPAKE RC2 RC4 RC5
OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160
OPTIONS_GROUP_OPTIMIZE= ASM SSE2 THREADS
OPTIONS_DEFINE_i386= I386
-OPTIONS_GROUP_PROTOCOLS= NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1
+OPTIONS_GROUP_PROTOCOLS= DH NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1
OPTIONS_DEFINE= ASYNC MAN3 RFC3779 SHARED ZLIB
.if ${MACHINE_ARCH} == "amd64"
OPTIONS_GROUP_OPTIMIZE+= EC
-OPTIONS_DEFAULT+= EC
.elif ${MACHINE_ARCH} == "mips64el"
OPTIONS_GROUP_OPTIMIZE+= EC
-OPTIONS_DEFAULT+= EC
.endif
-OPTIONS_DEFAULT= ASM ASYNC MAN3 MD4 RC2 RC4 RMD160 SCTP SHARED SSE2 THREADS TLS1 TLS1_1
+OPTIONS_DEFAULT= ASM ASYNC DH EC MAN3 MD4 RC2 RC4 RMD160 SCTP SHARED SSE2 THREADS TLS1 TLS1_1
ASM_DESC= Assembler code
ASYNC_DESC= Asynchronous mode
CIPHERS_DESC= Cipher Suite Support
+DH_DESC= Diffie-Helmann protocol Support
EC_DESC= Optimize NIST elliptic curves
HASHES_DESC= Hash Function Support
I386_DESC= i386 (instead of i486+)
@@ -84,7 +84,7 @@ ${_option:tu}_CONFIGURE_ON= enable-${_option}
.endfor
# Upstream default enabled options
-.for _option in asm async idea md4 mdc2 md_ghost94 nextprotoneg rfc3779 \
+.for _option in asm async dh idea md4 mdc2 md_ghost94 nextprotoneg rfc3779 \
rmd160 sse2 threads tls1 tls1_1 zlib
${_option:tu}_CONFIGURE_OFF= no-${_option}
.endfor
@@ -131,14 +131,8 @@ post-configure:
${WRKSRC}/include/openssl/opensslv.h
post-install-SHARED-on:
-.for i in libcrypto libssl
- ${INSTALL_DATA} ${WRKSRC}/$i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib
- ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/$i.so.${OPENSSL_SHLIBVER}
- ${LN} -sf $i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib/$i.so
-.endfor
-.for i in capi padlock
- ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/engines-1.1/${i}.so
-.endfor
+ ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/lib*.so.${OPENSSL_SHLIBVER} \
+ ${STAGEDIR}${PREFIX}/lib/engines-1.1/*.so
post-install:
${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/openssl
Modified: head/security/openssl-devel/distinfo
==============================================================================
--- head/security/openssl-devel/distinfo Tue Mar 27 15:10:53 2018 (r465715)
+++ head/security/openssl-devel/distinfo Tue Mar 27 15:23:11 2018 (r465716)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1509656735
-SHA256 (openssl-1.1.0g.tar.gz) = de4d501267da39310905cb6dc8c6121f7a2cad45a7707f76df828fe1b85073af
-SIZE (openssl-1.1.0g.tar.gz) = 5404748
+TIMESTAMP = 1522162483
+SHA256 (openssl-1.1.0h.tar.gz) = 5835626cde9e99656585fc7aaa2302a73a7e1340bf8c14fd635a62c66802a517
+SIZE (openssl-1.1.0h.tar.gz) = 5422717
Modified: head/security/openssl-devel/pkg-plist
==============================================================================
--- head/security/openssl-devel/pkg-plist Tue Mar 27 15:10:53 2018 (r465715)
+++ head/security/openssl-devel/pkg-plist Tue Mar 27 15:23:11 2018 (r465716)
@@ -357,6 +357,7 @@ man/man1/x509.1.gz
%%MAN3%%man/man3/BIO_get_write_guarantee.3.gz
%%MAN3%%man/man3/BIO_gets.3.gz
%%MAN3%%man/man3/BIO_hostserv_priorities.3.gz
+%%MAN3%%man/man3/BIO_info_cb.3.gz
%%MAN3%%man/man3/BIO_int_ctrl.3.gz
%%MAN3%%man/man3/BIO_listen.3.gz
%%MAN3%%man/man3/BIO_lookup.3.gz
@@ -1273,7 +1274,6 @@ man/man1/x509.1.gz
%%MAN3%%man/man3/EVP_MD_CTX_copy_ex.3.gz
%%MAN3%%man/man3/EVP_MD_CTX_free.3.gz
%%MAN3%%man/man3/EVP_MD_CTX_md.3.gz
-%%MAN3%%man/man3/EVP_MD_CTX_md_data.3.gz
%%MAN3%%man/man3/EVP_MD_CTX_new.3.gz
%%MAN3%%man/man3/EVP_MD_CTX_reset.3.gz
%%MAN3%%man/man3/EVP_MD_CTX_size.3.gz
@@ -1634,6 +1634,7 @@ man/man1/x509.1.gz
%%MAN3%%man/man3/OCSP_resp_get0_certs.3.gz
%%MAN3%%man/man3/OCSP_resp_get0_id.3.gz
%%MAN3%%man/man3/OCSP_resp_get0_produced_at.3.gz
+%%MAN3%%man/man3/OCSP_resp_get0_signer.3.gz
%%MAN3%%man/man3/OCSP_response_create.3.gz
%%MAN3%%man/man3/OCSP_response_get1_basic.3.gz
%%MAN3%%man/man3/OCSP_response_status.3.gz
@@ -2840,6 +2841,7 @@ man/man1/x509.1.gz
%%MAN3%%man/man3/X509_digest.3.gz
%%MAN3%%man/man3/X509_dup.3.gz
%%MAN3%%man/man3/X509_free.3.gz
+%%MAN3%%man/man3/X509_get0_authority_key_id.3.gz
%%MAN3%%man/man3/X509_get0_extensions.3.gz
%%MAN3%%man/man3/X509_get0_notAfter.3.gz
%%MAN3%%man/man3/X509_get0_notBefore.3.gz
@@ -2900,7 +2902,6 @@ man/man1/x509.1.gz
%%MAN3%%man/man3/X509v3_get_ext_by_critical.3.gz
%%MAN3%%man/man3/X509v3_get_ext_count.3.gz
%%MAN3%%man/man3/bio.3.gz
-%%MAN3%%man/man3/bio_info_cb.3.gz
%%MAN3%%man/man3/custom_ext_add_cb.3.gz
%%MAN3%%man/man3/custom_ext_free_cb.3.gz
%%MAN3%%man/man3/custom_ext_parse_cb.3.gz
More information about the svn-ports-all
mailing list