From owner-svn-ports-all@freebsd.org Thu Dec 7 19:59:12 2017 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BB6E5E8FA08; Thu, 7 Dec 2017 19:59:12 +0000 (UTC) (envelope-from brnrd@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9540473662; Thu, 7 Dec 2017 19:59:12 +0000 (UTC) (envelope-from brnrd@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id vB7JxBx0092428; Thu, 7 Dec 2017 19:59:11 GMT (envelope-from brnrd@FreeBSD.org) Received: (from brnrd@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id vB7JxBPV092425; Thu, 7 Dec 2017 19:59:11 GMT (envelope-from brnrd@FreeBSD.org) Message-Id: <201712071959.vB7JxBPV092425@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: brnrd set sender to brnrd@FreeBSD.org using -f From: Bernard Spil Date: Thu, 7 Dec 2017 19:59:11 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r455752 - in branches/2017Q4/security/openssl: . files X-SVN-Group: ports-branches X-SVN-Commit-Author: brnrd X-SVN-Commit-Paths: in branches/2017Q4/security/openssl: . files X-SVN-Commit-Revision: 455752 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Dec 2017 19:59:12 -0000 Author: brnrd Date: Thu Dec 7 19:59:11 2017 New Revision: 455752 URL: https://svnweb.freebsd.org/changeset/ports/455752 Log: MFH: r453409 r455706 security/openssl: Unbreak build with No-SSLv3 - Importing patch from upstream PR: 223388 Submitted by: tijl Reported by: Laurence Parry security/openssl: Update to 1.0.2n - Remove patch now included upstream - Include post-release patch for clang build error Security: 3bb451fc-db64-11e7-ac58-b499baebfeaf Approved by: ports-secteam (feld) Added: branches/2017Q4/security/openssl/files/patch-ssl_fatalerrtest.c - copied unchanged from r455706, head/security/openssl/files/patch-ssl_fatalerrtest.c Modified: branches/2017Q4/security/openssl/Makefile branches/2017Q4/security/openssl/distinfo Directory Properties: branches/2017Q4/ (props changed) Modified: branches/2017Q4/security/openssl/Makefile ============================================================================== --- branches/2017Q4/security/openssl/Makefile Thu Dec 7 19:52:17 2017 (r455751) +++ branches/2017Q4/security/openssl/Makefile Thu Dec 7 19:59:11 2017 (r455752) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= openssl -PORTVERSION= 1.0.2m +PORTVERSION= 1.0.2n PORTEPOCH= 1 CATEGORIES= security devel MASTER_SITES= http://www.openssl.org/source/ \ Modified: branches/2017Q4/security/openssl/distinfo ============================================================================== --- branches/2017Q4/security/openssl/distinfo Thu Dec 7 19:52:17 2017 (r455751) +++ branches/2017Q4/security/openssl/distinfo Thu Dec 7 19:59:11 2017 (r455752) @@ -1,6 +1,6 @@ -TIMESTAMP = 1509655985 -SHA256 (openssl-1.0.2/openssl-1.0.2m.tar.gz) = 8c6ff15ec6b319b50788f42c7abc2890c08ba5a1cdcd3810eb9092deada37b0f -SIZE (openssl-1.0.2/openssl-1.0.2m.tar.gz) = 5373776 +TIMESTAMP = 1512655797 +SHA256 (openssl-1.0.2/openssl-1.0.2n.tar.gz) = 370babb75f278c39e0c50e8c4e7493bc0f18db6867478341a832a982fd15a8fe +SIZE (openssl-1.0.2/openssl-1.0.2n.tar.gz) = 5375802 SHA256 (openssl-1.0.2/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 2eddcb7ab342285cb637ce6b6be143cca835f449f35dd9bb8c7b9167ba2117a7 SIZE (openssl-1.0.2/1001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 3717 SHA256 (openssl-1.0.2/1002-backport-changes-from-upstream-padlock-module.patch) = aee88a24622ce9d71e38deeb874e58435dcf8ff5690f56194f0e4a00fb09b260 Copied: branches/2017Q4/security/openssl/files/patch-ssl_fatalerrtest.c (from r455706, head/security/openssl/files/patch-ssl_fatalerrtest.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/security/openssl/files/patch-ssl_fatalerrtest.c Thu Dec 7 19:59:11 2017 (r455752, copy of r455706, head/security/openssl/files/patch-ssl_fatalerrtest.c) @@ -0,0 +1,48 @@ +From a4597f079bf2662e06d505538f83b6b610c41c7c Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Thu, 7 Dec 2017 14:40:49 +0000 +Subject: [PATCH] Fix initialisation in fatalerrtest + +--- + ssl/fatalerrtest.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/ssl/fatalerrtest.c b/ssl/fatalerrtest.c +index 0288c33fa2e..749bc3697ea 100644 +--- ssl/fatalerrtest.c.orig ++++ ssl/fatalerrtest.c +@@ -13,8 +13,8 @@ + + int main(int argc, char *argv[]) + { +- SSL_CTX *sctx, *cctx; +- SSL *sssl, *cssl; ++ SSL_CTX *sctx = NULL, *cctx = NULL; ++ SSL *sssl = NULL, *cssl = NULL; + const char *msg = "Dummy"; + BIO *err = NULL, *wbio = NULL; + int ret = 1, len; +From b24e0573c6838e8d726fb16d558c562ce4e8f025 Mon Sep 17 00:00:00 2001 +From: Matt Caswell +Date: Thu, 7 Dec 2017 14:41:21 +0000 +Subject: [PATCH] Fix the buffer sizing in the fatalerrtest + +Fixes #4865 +--- + ssl/fatalerrtest.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssl/fatalerrtest.c b/ssl/fatalerrtest.c +index 749bc3697ea..f9d66e27b30 100644 +--- ssl/fatalerrtest.c.orig ++++ ssl/fatalerrtest.c +@@ -76,7 +76,7 @@ int main(int argc, char *argv[]) + } + + /* SSL_read()/SSL_write should fail because of a previous fatal error */ +- if ((len = SSL_read(sssl, buf, sizeof(buf - 1))) > 0) { ++ if ((len = SSL_read(sssl, buf, sizeof(buf) - 1)) > 0) { + buf[len] = '\0'; + printf("Unexpected success reading data: %s\n", buf); + goto err; +