From owner-svn-ports-head@freebsd.org Thu Dec 7 15:48:59 2017 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 07247E8A9C2; Thu, 7 Dec 2017 15:48:59 +0000 (UTC) (envelope-from brnrd@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D5912692C5; Thu, 7 Dec 2017 15:48:58 +0000 (UTC) (envelope-from brnrd@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id vB7Fmvwi082870; Thu, 7 Dec 2017 15:48:57 GMT (envelope-from brnrd@FreeBSD.org) Received: (from brnrd@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id vB7Fmvql082867; Thu, 7 Dec 2017 15:48:57 GMT (envelope-from brnrd@FreeBSD.org) Message-Id: <201712071548.vB7Fmvql082867@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: brnrd set sender to brnrd@FreeBSD.org using -f From: Bernard Spil Date: Thu, 7 Dec 2017 15:48:57 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r455706 - in head/security/openssl: . files X-SVN-Group: ports-head X-SVN-Commit-Author: brnrd X-SVN-Commit-Paths: in head/security/openssl: . files X-SVN-Commit-Revision: 455706 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Dec 2017 15:48:59 -0000 Author: brnrd Date: Thu Dec 7 15:48:57 2017 New Revision: 455706 URL: https://svnweb.freebsd.org/changeset/ports/455706 Log: security/openssl: Update to 1.0.2m - Remove patch now included upstream - Include post-release patch for clang build error MFH: 2017Q4 Security: 3bb451fc-db64-11e7-ac58-b499baebfeaf Added: head/security/openssl/files/patch-ssl_fatalerrtest.c (contents, props changed) Deleted: head/security/openssl/files/patch-ssl_s23__clnt.c Modified: head/security/openssl/Makefile head/security/openssl/distinfo Modified: head/security/openssl/Makefile ============================================================================== --- head/security/openssl/Makefile Thu Dec 7 15:47:32 2017 (r455705) +++ head/security/openssl/Makefile Thu Dec 7 15:48:57 2017 (r455706) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= openssl -PORTVERSION= 1.0.2m +PORTVERSION= 1.0.2n PORTEPOCH= 1 CATEGORIES= security devel MASTER_SITES= http://www.openssl.org/source/ \ Modified: head/security/openssl/distinfo ============================================================================== --- head/security/openssl/distinfo Thu Dec 7 15:47:32 2017 (r455705) +++ head/security/openssl/distinfo Thu Dec 7 15:48:57 2017 (r455706) @@ -1,6 +1,6 @@ -TIMESTAMP = 1509655985 -SHA256 (openssl-1.0.2/openssl-1.0.2m.tar.gz) = 8c6ff15ec6b319b50788f42c7abc2890c08ba5a1cdcd3810eb9092deada37b0f -SIZE (openssl-1.0.2/openssl-1.0.2m.tar.gz) = 5373776 +TIMESTAMP = 1512655797 +SHA256 (openssl-1.0.2/openssl-1.0.2n.tar.gz) = 370babb75f278c39e0c50e8c4e7493bc0f18db6867478341a832a982fd15a8fe +SIZE (openssl-1.0.2/openssl-1.0.2n.tar.gz) = 5375802 SHA256 (openssl-1.0.2/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 2eddcb7ab342285cb637ce6b6be143cca835f449f35dd9bb8c7b9167ba2117a7 SIZE (openssl-1.0.2/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 3717 SHA256 (openssl-1.0.2/1002-backport-changes-from-upstream-padlock-module.patch) = aee88a24622ce9d71e38deeb874e58435dcf8ff5690f56194f0e4a00fb09b260 Added: head/security/openssl/files/patch-ssl_fatalerrtest.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssl/files/patch-ssl_fatalerrtest.c Thu Dec 7 15:48:57 2017 (r455706) @@ -0,0 +1,48 @@ +From a4597f079bf2662e06d505538f83b6b610c41c7c Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Thu, 7 Dec 2017 14:40:49 +0000 +Subject: [PATCH] Fix initialisation in fatalerrtest + +--- + ssl/fatalerrtest.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/ssl/fatalerrtest.c b/ssl/fatalerrtest.c +index 0288c33fa2e..749bc3697ea 100644 +--- ssl/fatalerrtest.c.orig ++++ ssl/fatalerrtest.c +@@ -13,8 +13,8 @@ + + int main(int argc, char *argv[]) + { +- SSL_CTX *sctx, *cctx; +- SSL *sssl, *cssl; ++ SSL_CTX *sctx = NULL, *cctx = NULL; ++ SSL *sssl = NULL, *cssl = NULL; + const char *msg = "Dummy"; + BIO *err = NULL, *wbio = NULL; + int ret = 1, len; +From b24e0573c6838e8d726fb16d558c562ce4e8f025 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Thu, 7 Dec 2017 14:41:21 +0000 +Subject: [PATCH] Fix the buffer sizing in the fatalerrtest + +Fixes #4865 +--- + ssl/fatalerrtest.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssl/fatalerrtest.c b/ssl/fatalerrtest.c +index 749bc3697ea..f9d66e27b30 100644 +--- ssl/fatalerrtest.c.orig ++++ ssl/fatalerrtest.c +@@ -76,7 +76,7 @@ int main(int argc, char *argv[]) + } + + /* SSL_read()/SSL_write should fail because of a previous fatal error */ +- if ((len = SSL_read(sssl, buf, sizeof(buf - 1))) > 0) { ++ if ((len = SSL_read(sssl, buf, sizeof(buf) - 1)) > 0) { + buf[len] = '\0'; + printf("Unexpected success reading data: %s\n", buf); + goto err; +