Date: Tue, 17 Mar 2020 20:02:38 +0000 (UTC) From: Bernard Spil <brnrd@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r528600 - head/security/openssl Message-ID: <202003172002.02HK2cLO002201@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: brnrd Date: Tue Mar 17 20:02:38 2020 New Revision: 528600 URL: https://svnweb.freebsd.org/changeset/ports/528600 Log: security/openssl: Update to 1.1.1e - SM2/SM3 not a cipher [1] - Add weak-ciphers option [2] PR: 237056 [1] Reported by: dewayne heuristicsystems com.au> [1], mat [2] Modified: head/security/openssl/Makefile head/security/openssl/distinfo head/security/openssl/pkg-plist Modified: head/security/openssl/Makefile ============================================================================== --- head/security/openssl/Makefile Tue Mar 17 19:25:19 2020 (r528599) +++ head/security/openssl/Makefile Tue Mar 17 20:02:38 2020 (r528600) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= openssl -PORTVERSION= 1.1.1d +PORTVERSION= 1.1.1e PORTEPOCH= 1 CATEGORIES= security devel MASTER_SITES= https://www.openssl.org/source/ \ @@ -33,8 +33,8 @@ MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive CNF_LDF MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS= OPTIONS_GROUP= CIPHERS HASHES OPTIMIZE PROTOCOLS -OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM2 SM3 SM4 RC2 RC4 RC5 -OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160 +OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM4 RC2 RC4 RC5 WEAK-SSL-CIPHERS +OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160 SM2 SM3 OPTIONS_GROUP_OPTIMIZE= ASM SSE2 THREADS OPTIONS_DEFINE_i386= I386 OPTIONS_GROUP_PROTOCOLS=NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1 TLS1_2 @@ -79,9 +79,9 @@ RMD160_DESC= RIPEMD-160 RFC3779_DESC= RFC3779 support (BGP) SCTP_DESC= SCTP (Stream Control Transmission) SHARED_DESC= Build shared libraries -SM2_DESC= SM2 (Chinese standard) -SM3_DESC= SM3 (Chinese standard) -SM4_DESC= SM4 (Chinese standard) +SM2_DESC= SM2 Elliptic Curve DH (Chinese standard) +SM3_DESC= SM3 256bit (Chinese standard) +SM4_DESC= SM4 128bit (Chinese standard) SSE2_DESC= Runtime SSE2 detection SSL3_DESC= SSLv3 (unsafe) TLS1_DESC= TLSv1.0 (requires TLS1_1, TLS1_2) @@ -90,7 +90,7 @@ TLS1_2_DESC= TLSv1.2 ZLIB_DESC= zlib compression support # Upstream default disabled options -.for _option in md2 rc5 sctp ssl3 zlib +.for _option in md2 rc5 sctp ssl3 zlib weak-ssl-ciphers ${_option:tu}_CONFIGURE_ON= enable-${_option} .endfor Modified: head/security/openssl/distinfo ============================================================================== --- head/security/openssl/distinfo Tue Mar 17 19:25:19 2020 (r528599) +++ head/security/openssl/distinfo Tue Mar 17 20:02:38 2020 (r528600) @@ -1,3 +1,3 @@ -TIMESTAMP = 1568189063 -SHA256 (openssl-1.1.1d.tar.gz) = 1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2 -SIZE (openssl-1.1.1d.tar.gz) = 8845861 +TIMESTAMP = 1584471416 +SHA256 (openssl-1.1.1e.tar.gz) = 694f61ac11cb51c9bf73f54e771ff6022b0327a43bbdfa1b2f19de1662a6dcbe +SIZE (openssl-1.1.1e.tar.gz) = 9792634 Modified: head/security/openssl/pkg-plist ============================================================================== --- head/security/openssl/pkg-plist Tue Mar 17 19:25:19 2020 (r528599) +++ head/security/openssl/pkg-plist Tue Mar 17 20:02:38 2020 (r528600) @@ -770,6 +770,7 @@ man/man1/x509.1.gz %%MAN3%%man/man3/CRYPTO_memcmp.3.gz %%MAN3%%man/man3/CRYPTO_new_ex_data.3.gz %%MAN3%%man/man3/CRYPTO_realloc.3.gz +%%MAN3%%man/man3/CRYPTO_secure_allocated.3.gz %%MAN3%%man/man3/CRYPTO_secure_clear_free.3.gz %%MAN3%%man/man3/CRYPTO_secure_free.3.gz %%MAN3%%man/man3/CRYPTO_secure_malloc.3.gz @@ -1343,6 +1344,7 @@ man/man1/x509.1.gz %%MAN3%%man/man3/EVP_DecryptInit.3.gz %%MAN3%%man/man3/EVP_DecryptInit_ex.3.gz %%MAN3%%man/man3/EVP_DecryptUpdate.3.gz +%%MAN3%%man/man3/EVP_Digest.3.gz %%MAN3%%man/man3/EVP_DigestFinal.3.gz %%MAN3%%man/man3/EVP_DigestFinalXOF.3.gz %%MAN3%%man/man3/EVP_DigestFinal_ex.3.gz @@ -1379,13 +1381,17 @@ man/man1/x509.1.gz %%MAN3%%man/man3/EVP_MD_CTX_md.3.gz %%MAN3%%man/man3/EVP_MD_CTX_md_data.3.gz %%MAN3%%man/man3/EVP_MD_CTX_new.3.gz +%%MAN3%%man/man3/EVP_MD_CTX_pkey_ctx.3.gz %%MAN3%%man/man3/EVP_MD_CTX_reset.3.gz %%MAN3%%man/man3/EVP_MD_CTX_set_flags.3.gz %%MAN3%%man/man3/EVP_MD_CTX_set_pkey_ctx.3.gz +%%MAN3%%man/man3/EVP_MD_CTX_set_update_fn.3.gz %%MAN3%%man/man3/EVP_MD_CTX_size.3.gz %%MAN3%%man/man3/EVP_MD_CTX_test_flags.3.gz %%MAN3%%man/man3/EVP_MD_CTX_type.3.gz +%%MAN3%%man/man3/EVP_MD_CTX_update_fn.3.gz %%MAN3%%man/man3/EVP_MD_block_size.3.gz +%%MAN3%%man/man3/EVP_MD_flags.3.gz %%MAN3%%man/man3/EVP_MD_meth_dup.3.gz %%MAN3%%man/man3/EVP_MD_meth_free.3.gz %%MAN3%%man/man3/EVP_MD_meth_get_app_datasize.3.gz @@ -1472,6 +1478,8 @@ man/man1/x509.1.gz %%MAN3%%man/man3/EVP_PKEY_CTX_set_dh_rfc5114.3.gz %%MAN3%%man/man3/EVP_PKEY_CTX_set_dhx_rfc5114.3.gz %%MAN3%%man/man3/EVP_PKEY_CTX_set_dsa_paramgen_bits.3.gz +%%MAN3%%man/man3/EVP_PKEY_CTX_set_dsa_paramgen_md.3.gz +%%MAN3%%man/man3/EVP_PKEY_CTX_set_dsa_paramgen_q_bits.3.gz %%MAN3%%man/man3/EVP_PKEY_CTX_set_ec_param_enc.3.gz %%MAN3%%man/man3/EVP_PKEY_CTX_set_ec_paramgen_curve_nid.3.gz %%MAN3%%man/man3/EVP_PKEY_CTX_set_ecdh_cofactor_mode.3.gz @@ -1529,6 +1537,7 @@ man/man1/x509.1.gz %%MAN3%%man/man3/EVP_PKEY_assign_RSA.3.gz %%MAN3%%man/man3/EVP_PKEY_assign_SIPHASH.3.gz %%MAN3%%man/man3/EVP_PKEY_base_id.3.gz +%%MAN3%%man/man3/EVP_PKEY_bits.3.gz %%MAN3%%man/man3/EVP_PKEY_check.3.gz %%MAN3%%man/man3/EVP_PKEY_cmp.3.gz %%MAN3%%man/man3/EVP_PKEY_cmp_parameters.3.gz @@ -1575,6 +1584,8 @@ man/man1/x509.1.gz %%MAN3%%man/man3/EVP_PKEY_meth_get_decrypt.3.gz %%MAN3%%man/man3/EVP_PKEY_meth_get_derive.3.gz %%MAN3%%man/man3/EVP_PKEY_meth_get_digest_custom.3.gz +%%MAN3%%man/man3/EVP_PKEY_meth_get_digestsign.3.gz +%%MAN3%%man/man3/EVP_PKEY_meth_get_digestverify.3.gz %%MAN3%%man/man3/EVP_PKEY_meth_get_encrypt.3.gz %%MAN3%%man/man3/EVP_PKEY_meth_get_init.3.gz %%MAN3%%man/man3/EVP_PKEY_meth_get_keygen.3.gz @@ -1595,6 +1606,8 @@ man/man1/x509.1.gz %%MAN3%%man/man3/EVP_PKEY_meth_set_decrypt.3.gz %%MAN3%%man/man3/EVP_PKEY_meth_set_derive.3.gz %%MAN3%%man/man3/EVP_PKEY_meth_set_digest_custom.3.gz +%%MAN3%%man/man3/EVP_PKEY_meth_set_digestsign.3.gz +%%MAN3%%man/man3/EVP_PKEY_meth_set_digestverify.3.gz %%MAN3%%man/man3/EVP_PKEY_meth_set_encrypt.3.gz %%MAN3%%man/man3/EVP_PKEY_meth_set_init.3.gz %%MAN3%%man/man3/EVP_PKEY_meth_set_keygen.3.gz @@ -2192,6 +2205,7 @@ man/man1/x509.1.gz %%MAN3%%man/man3/PEM_read_bio_PKCS8.3.gz %%MAN3%%man/man3/PEM_read_bio_PKCS8_PRIV_KEY_INFO.3.gz %%MAN3%%man/man3/PEM_read_bio_PUBKEY.3.gz +%%MAN3%%man/man3/PEM_read_bio_Parameters.3.gz %%MAN3%%man/man3/PEM_read_bio_PrivateKey.3.gz %%MAN3%%man/man3/PEM_read_bio_RSAPrivateKey.3.gz %%MAN3%%man/man3/PEM_read_bio_RSAPublicKey.3.gz @@ -2248,6 +2262,7 @@ man/man1/x509.1.gz %%MAN3%%man/man3/PEM_write_bio_PKCS8PrivateKey_nid.3.gz %%MAN3%%man/man3/PEM_write_bio_PKCS8_PRIV_KEY_INFO.3.gz %%MAN3%%man/man3/PEM_write_bio_PUBKEY.3.gz +%%MAN3%%man/man3/PEM_write_bio_Parameters.3.gz %%MAN3%%man/man3/PEM_write_bio_PrivateKey.3.gz %%MAN3%%man/man3/PEM_write_bio_PrivateKey_traditional.3.gz %%MAN3%%man/man3/PEM_write_bio_RSAPrivateKey.3.gz @@ -2414,6 +2429,7 @@ man/man1/x509.1.gz %%MAN3%%man/man3/RSA_get0_multi_prime_factors.3.gz %%MAN3%%man/man3/RSA_get0_n.3.gz %%MAN3%%man/man3/RSA_get0_p.3.gz +%%MAN3%%man/man3/RSA_get0_pss_params.3.gz %%MAN3%%man/man3/RSA_get0_q.3.gz %%MAN3%%man/man3/RSA_get_default_method.3.gz %%MAN3%%man/man3/RSA_get_ex_data.3.gz @@ -2694,6 +2710,8 @@ man/man1/x509.1.gz %%MAN3%%man/man3/SSL_CTX_set_client_CA_list.3.gz %%MAN3%%man/man3/SSL_CTX_set_client_cert_cb.3.gz %%MAN3%%man/man3/SSL_CTX_set_client_hello_cb.3.gz +%%MAN3%%man/man3/SSL_CTX_set_cookie_generate_cb.3.gz +%%MAN3%%man/man3/SSL_CTX_set_cookie_verify_cb.3.gz %%MAN3%%man/man3/SSL_CTX_set_ct_validation_callback.3.gz %%MAN3%%man/man3/SSL_CTX_set_ctlog_list_file.3.gz %%MAN3%%man/man3/SSL_CTX_set_current_cert.3.gz @@ -2813,6 +2831,8 @@ man/man1/x509.1.gz %%MAN3%%man/man3/SSL_add1_host.3.gz %%MAN3%%man/man3/SSL_add1_to_CA_list.3.gz %%MAN3%%man/man3/SSL_add_client_CA.3.gz +%%MAN3%%man/man3/SSL_add_dir_cert_subjects_to_stack.3.gz +%%MAN3%%man/man3/SSL_add_file_cert_subjects_to_stack.3.gz %%MAN3%%man/man3/SSL_alert_desc_string.3.gz %%MAN3%%man/man3/SSL_alert_desc_string_long.3.gz %%MAN3%%man/man3/SSL_alert_type_string.3.gz @@ -3271,8 +3291,18 @@ man/man1/x509.1.gz %%MAN3%%man/man3/X509_EXTENSION_set_critical.3.gz %%MAN3%%man/man3/X509_EXTENSION_set_data.3.gz %%MAN3%%man/man3/X509_EXTENSION_set_object.3.gz +%%MAN3%%man/man3/X509_LOOKUP.3.gz +%%MAN3%%man/man3/X509_LOOKUP_METHOD.3.gz +%%MAN3%%man/man3/X509_LOOKUP_TYPE.3.gz +%%MAN3%%man/man3/X509_LOOKUP_add_dir.3.gz +%%MAN3%%man/man3/X509_LOOKUP_by_alias.3.gz +%%MAN3%%man/man3/X509_LOOKUP_by_fingerprint.3.gz +%%MAN3%%man/man3/X509_LOOKUP_by_issuer_serial.3.gz +%%MAN3%%man/man3/X509_LOOKUP_by_subject.3.gz +%%MAN3%%man/man3/X509_LOOKUP_ctrl.3.gz %%MAN3%%man/man3/X509_LOOKUP_ctrl_fn.3.gz %%MAN3%%man/man3/X509_LOOKUP_file.3.gz +%%MAN3%%man/man3/X509_LOOKUP_free.3.gz %%MAN3%%man/man3/X509_LOOKUP_get_by_alias_fn.3.gz %%MAN3%%man/man3/X509_LOOKUP_get_by_fingerprint_fn.3.gz %%MAN3%%man/man3/X509_LOOKUP_get_by_issuer_serial_fn.3.gz @@ -3280,6 +3310,8 @@ man/man1/x509.1.gz %%MAN3%%man/man3/X509_LOOKUP_get_method_data.3.gz %%MAN3%%man/man3/X509_LOOKUP_get_store.3.gz %%MAN3%%man/man3/X509_LOOKUP_hash_dir.3.gz +%%MAN3%%man/man3/X509_LOOKUP_init.3.gz +%%MAN3%%man/man3/X509_LOOKUP_load_file.3.gz %%MAN3%%man/man3/X509_LOOKUP_meth_free.3.gz %%MAN3%%man/man3/X509_LOOKUP_meth_get_ctrl.3.gz %%MAN3%%man/man3/X509_LOOKUP_meth_get_free.3.gz @@ -3300,7 +3332,9 @@ man/man1/x509.1.gz %%MAN3%%man/man3/X509_LOOKUP_meth_set_init.3.gz %%MAN3%%man/man3/X509_LOOKUP_meth_set_new_item.3.gz %%MAN3%%man/man3/X509_LOOKUP_meth_set_shutdown.3.gz +%%MAN3%%man/man3/X509_LOOKUP_new.3.gz %%MAN3%%man/man3/X509_LOOKUP_set_method_data.3.gz +%%MAN3%%man/man3/X509_LOOKUP_shutdown.3.gz %%MAN3%%man/man3/X509_NAME_ENTRY_create_by_NID.3.gz %%MAN3%%man/man3/X509_NAME_ENTRY_create_by_OBJ.3.gz %%MAN3%%man/man3/X509_NAME_ENTRY_create_by_txt.3.gz @@ -3384,6 +3418,7 @@ man/man1/x509.1.gz %%MAN3%%man/man3/X509_SIG_get0.3.gz %%MAN3%%man/man3/X509_SIG_getm.3.gz %%MAN3%%man/man3/X509_SIG_new.3.gz +%%MAN3%%man/man3/X509_STORE.3.gz %%MAN3%%man/man3/X509_STORE_CTX_cert_crl_fn.3.gz %%MAN3%%man/man3/X509_STORE_CTX_check_crl_fn.3.gz %%MAN3%%man/man3/X509_STORE_CTX_check_issued_fn.3.gz @@ -3438,6 +3473,7 @@ man/man1/x509.1.gz %%MAN3%%man/man3/X509_STORE_CTX_verify_fn.3.gz %%MAN3%%man/man3/X509_STORE_add_cert.3.gz %%MAN3%%man/man3/X509_STORE_add_crl.3.gz +%%MAN3%%man/man3/X509_STORE_add_lookup.3.gz %%MAN3%%man/man3/X509_STORE_free.3.gz %%MAN3%%man/man3/X509_STORE_get0_objects.3.gz %%MAN3%%man/man3/X509_STORE_get0_param.3.gz @@ -3516,8 +3552,8 @@ man/man1/x509.1.gz %%MAN3%%man/man3/X509_check_ip_asc.3.gz %%MAN3%%man/man3/X509_check_issued.3.gz %%MAN3%%man/man3/X509_check_private_key.3.gz -%%MAN3%%man/man3/X509_cmp_current_time.3.gz %%MAN3%%man/man3/X509_cmp.3.gz +%%MAN3%%man/man3/X509_cmp_current_time.3.gz %%MAN3%%man/man3/X509_cmp_time.3.gz %%MAN3%%man/man3/X509_delete_ext.3.gz %%MAN3%%man/man3/X509_digest.3.gz @@ -4035,9 +4071,10 @@ man/man5/x509v3_config.5.gz %%MAN3%%man/man7/ct.7.gz %%MAN3%%man/man7/des_modes.7.gz %%MAN3%%man/man7/evp.7.gz -%%MAN3%%man/man7/ossl_store.7.gz %%MAN3%%man/man7/ossl_store-file.7.gz +%%MAN3%%man/man7/ossl_store.7.gz %%MAN3%%man/man7/passphrase-encoding.7.gz +%%MAN3%%man/man7/proxy-certificates.7.gz %%MAN3%%man/man7/scrypt.7.gz %%MAN3%%man/man7/ssl.7.gz %%MAN3%%man/man7/x509.7.gz
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202003172002.02HK2cLO002201>