Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 27 Mar 2018 15:23:11 +0000 (UTC)
From:      Bernard Spil <brnrd@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r465716 - head/security/openssl-devel
Message-ID:  <201803271523.w2RFNB8a096149@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: brnrd
Date: Tue Mar 27 15:23:11 2018
New Revision: 465716
URL: https://svnweb.freebsd.org/changeset/ports/465716

Log:
  security/openssl-devel: Security update to 1.1.0h
  
   - Update to 1.1.0h
   - Fix PREFIX [1]
   - Add DH option (default enabled)
   - Set EC default regardless (no-op if no EC option)
   - Upstream properly creates the symlinks, simplify strip
  
  PR:		226967 [1]
  Reported by:	demon [1]
  MFH:		2018Q1
  Security:	b7cff5a9-31cc-11e8-8f07-b499baebfeaf

Modified:
  head/security/openssl-devel/Makefile
  head/security/openssl-devel/distinfo
  head/security/openssl-devel/pkg-plist

Modified: head/security/openssl-devel/Makefile
==============================================================================
--- head/security/openssl-devel/Makefile	Tue Mar 27 15:10:53 2018	(r465715)
+++ head/security/openssl-devel/Makefile	Tue Mar 27 15:23:11 2018	(r465716)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	openssl
-PORTVERSION=	1.1.0g
+PORTVERSION=	1.1.0h
 CATEGORIES=	security devel
 MASTER_SITES=	https://www.openssl.org/source/ \
 		ftp://ftp.cert.dfn.de/pub/tools/net/openssl/source/
@@ -21,29 +21,29 @@ CONFLICTS_INSTALL=	libressl-[0-9]* \
 HAS_CONFIGURE=	yes
 CONFIGURE_SCRIPT=	config
 CONFIGURE_ENV=	PERL="${PERL}"
-CONFIGURE_ARGS=	--openssldir=${OPENSSLDIR}
+CONFIGURE_ARGS=	--openssldir=${OPENSSLDIR} \
+		--prefix=${PREFIX}
 
 OPTIONS_GROUP=	CIPHERS HASHES OPTIMIZE PROTOCOLS
 OPTIONS_GROUP_CIPHERS=	IDEA JPAKE RC2 RC4 RC5
 OPTIONS_GROUP_HASHES=	MD2 MD4 MDC2 RMD160
 OPTIONS_GROUP_OPTIMIZE=	ASM SSE2 THREADS
 OPTIONS_DEFINE_i386=	I386
-OPTIONS_GROUP_PROTOCOLS=	NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1
+OPTIONS_GROUP_PROTOCOLS=	DH NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1
 
 OPTIONS_DEFINE=	ASYNC MAN3 RFC3779 SHARED ZLIB
 
 .if ${MACHINE_ARCH} == "amd64"
 OPTIONS_GROUP_OPTIMIZE+=	EC
-OPTIONS_DEFAULT+=		EC
 .elif ${MACHINE_ARCH} == "mips64el"
 OPTIONS_GROUP_OPTIMIZE+=	EC
-OPTIONS_DEFAULT+=		EC
 .endif
-OPTIONS_DEFAULT=	ASM ASYNC MAN3 MD4 RC2 RC4 RMD160 SCTP SHARED SSE2 THREADS TLS1 TLS1_1
+OPTIONS_DEFAULT=	ASM ASYNC DH EC MAN3 MD4 RC2 RC4 RMD160 SCTP SHARED SSE2 THREADS TLS1 TLS1_1
 
 ASM_DESC=	Assembler code
 ASYNC_DESC=	Asynchronous mode
 CIPHERS_DESC=	Cipher Suite Support
+DH_DESC=	Diffie-Helmann protocol Support
 EC_DESC=	Optimize NIST elliptic curves
 HASHES_DESC=	Hash Function Support
 I386_DESC=	i386 (instead of i486+)
@@ -84,7 +84,7 @@ ${_option:tu}_CONFIGURE_ON=	enable-${_option}
 .endfor
 
 # Upstream default enabled options
-.for _option in asm async idea md4 mdc2 md_ghost94 nextprotoneg rfc3779 \
+.for _option in asm async dh idea md4 mdc2 md_ghost94 nextprotoneg rfc3779 \
 	rmd160 sse2 threads tls1 tls1_1 zlib
 ${_option:tu}_CONFIGURE_OFF=	no-${_option}
 .endfor
@@ -131,14 +131,8 @@ post-configure:
 		${WRKSRC}/include/openssl/opensslv.h
 
 post-install-SHARED-on:
-.for i in libcrypto libssl
-	${INSTALL_DATA} ${WRKSRC}/$i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib
-	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/$i.so.${OPENSSL_SHLIBVER}
-	${LN} -sf $i.so.${OPENSSL_SHLIBVER} ${STAGEDIR}${PREFIX}/lib/$i.so
-.endfor
-.for i in capi padlock
-	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/engines-1.1/${i}.so
-.endfor
+	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/lib*.so.${OPENSSL_SHLIBVER} \
+		${STAGEDIR}${PREFIX}/lib/engines-1.1/*.so
 
 post-install:
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/openssl

Modified: head/security/openssl-devel/distinfo
==============================================================================
--- head/security/openssl-devel/distinfo	Tue Mar 27 15:10:53 2018	(r465715)
+++ head/security/openssl-devel/distinfo	Tue Mar 27 15:23:11 2018	(r465716)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1509656735
-SHA256 (openssl-1.1.0g.tar.gz) = de4d501267da39310905cb6dc8c6121f7a2cad45a7707f76df828fe1b85073af
-SIZE (openssl-1.1.0g.tar.gz) = 5404748
+TIMESTAMP = 1522162483
+SHA256 (openssl-1.1.0h.tar.gz) = 5835626cde9e99656585fc7aaa2302a73a7e1340bf8c14fd635a62c66802a517
+SIZE (openssl-1.1.0h.tar.gz) = 5422717

Modified: head/security/openssl-devel/pkg-plist
==============================================================================
--- head/security/openssl-devel/pkg-plist	Tue Mar 27 15:10:53 2018	(r465715)
+++ head/security/openssl-devel/pkg-plist	Tue Mar 27 15:23:11 2018	(r465716)
@@ -357,6 +357,7 @@ man/man1/x509.1.gz
 %%MAN3%%man/man3/BIO_get_write_guarantee.3.gz
 %%MAN3%%man/man3/BIO_gets.3.gz
 %%MAN3%%man/man3/BIO_hostserv_priorities.3.gz
+%%MAN3%%man/man3/BIO_info_cb.3.gz
 %%MAN3%%man/man3/BIO_int_ctrl.3.gz
 %%MAN3%%man/man3/BIO_listen.3.gz
 %%MAN3%%man/man3/BIO_lookup.3.gz
@@ -1273,7 +1274,6 @@ man/man1/x509.1.gz
 %%MAN3%%man/man3/EVP_MD_CTX_copy_ex.3.gz
 %%MAN3%%man/man3/EVP_MD_CTX_free.3.gz
 %%MAN3%%man/man3/EVP_MD_CTX_md.3.gz
-%%MAN3%%man/man3/EVP_MD_CTX_md_data.3.gz
 %%MAN3%%man/man3/EVP_MD_CTX_new.3.gz
 %%MAN3%%man/man3/EVP_MD_CTX_reset.3.gz
 %%MAN3%%man/man3/EVP_MD_CTX_size.3.gz
@@ -1634,6 +1634,7 @@ man/man1/x509.1.gz
 %%MAN3%%man/man3/OCSP_resp_get0_certs.3.gz
 %%MAN3%%man/man3/OCSP_resp_get0_id.3.gz
 %%MAN3%%man/man3/OCSP_resp_get0_produced_at.3.gz
+%%MAN3%%man/man3/OCSP_resp_get0_signer.3.gz
 %%MAN3%%man/man3/OCSP_response_create.3.gz
 %%MAN3%%man/man3/OCSP_response_get1_basic.3.gz
 %%MAN3%%man/man3/OCSP_response_status.3.gz
@@ -2840,6 +2841,7 @@ man/man1/x509.1.gz
 %%MAN3%%man/man3/X509_digest.3.gz
 %%MAN3%%man/man3/X509_dup.3.gz
 %%MAN3%%man/man3/X509_free.3.gz
+%%MAN3%%man/man3/X509_get0_authority_key_id.3.gz
 %%MAN3%%man/man3/X509_get0_extensions.3.gz
 %%MAN3%%man/man3/X509_get0_notAfter.3.gz
 %%MAN3%%man/man3/X509_get0_notBefore.3.gz
@@ -2900,7 +2902,6 @@ man/man1/x509.1.gz
 %%MAN3%%man/man3/X509v3_get_ext_by_critical.3.gz
 %%MAN3%%man/man3/X509v3_get_ext_count.3.gz
 %%MAN3%%man/man3/bio.3.gz
-%%MAN3%%man/man3/bio_info_cb.3.gz
 %%MAN3%%man/man3/custom_ext_add_cb.3.gz
 %%MAN3%%man/man3/custom_ext_free_cb.3.gz
 %%MAN3%%man/man3/custom_ext_parse_cb.3.gz



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201803271523.w2RFNB8a096149>