Date: Thu, 13 Oct 2005 19:34:00 -0600 (MDT) From: Phil Oleson <oz@nixil.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/87419: [patch] openssl-0.9.7h ABI fix Message-ID: <200510140134.j9E1Y0Ku093887@nixil.net> Resent-Message-ID: <200510140140.j9E1eHue002924@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 87419 >Category: ports >Synopsis: [patch] openssl-0.9.7h ABI fix >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Fri Oct 14 01:40:17 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Phil Oleson >Release: FreeBSD 4.7-RELEASE-p28 i386 >Organization: N/A >Environment: System: FreeBSD nixil.net 4.7-RELEASE-p28 FreeBSD 4.7-RELEASE-p28 #42: Tue Jun 21 10:33:20 MDT 2005 root@fc2:/usr/src/sys/compile/nixil i386 >Description: 0.9.7h broke binary compatability with 0.9.7g ref: http://groups.google.com/group/mailing.openssl.users/browse_thread/thread/48de55e291a4e605/df8aa5dfec5a3f50#df8aa5dfec5a3f50 >How-To-Repeat: N/A >Fix: Patch from openssl's CVS. --- patch-openssl begins here --- diff -ruN openssl.orig/Makefile openssl/Makefile --- openssl.orig/Makefile Wed Oct 12 05:14:14 2005 +++ openssl/Makefile Thu Oct 13 18:51:37 2005 @@ -887,6 +887,11 @@ .include <bsd.port.pre.mk> +.if defined(WITH_OPENSSL_097) +EXTRA_PATCHES= ${PATCHDIR}/097-patch-crypto-evp-evp.h \ + ${PATCHDIR}/097-patch-crypto-hmac-hmac.h +.endif + .if ${PORTOBJFORMAT} == "aout" MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=-Bforcearchive .else diff -ruN openssl.orig/files/097-patch-crypto-evp-evp.h openssl/files/097-patch-crypto-evp-evp.h --- openssl.orig/files/097-patch-crypto-evp-evp.h Wed Dec 31 17:00:00 1969 +++ openssl/files/097-patch-crypto-evp-evp.h Thu Oct 13 17:27:05 2005 @@ -0,0 +1,14 @@ +--- crypto/evp/evp.h.orig Thu Oct 13 17:24:41 2005 ++++ crypto/evp/evp.h Thu Oct 13 17:26:32 2005 +@@ -132,7 +132,11 @@ + #define EVP_CAST5_KEY_SIZE 16 + #define EVP_RC5_32_12_16_KEY_SIZE 16 + */ ++#ifdef OPENSSL_FIPS + #define EVP_MAX_MD_SIZE 64 /* longest known SHA512 */ ++#else ++#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */ ++#endif + #define EVP_MAX_KEY_LENGTH 32 + #define EVP_MAX_IV_LENGTH 16 + #define EVP_MAX_BLOCK_LENGTH 32 diff -ruN openssl.orig/files/097-patch-crypto-hmac-hmac.h openssl/files/097-patch-crypto-hmac-hmac.h --- openssl.orig/files/097-patch-crypto-hmac-hmac.h Wed Dec 31 17:00:00 1969 +++ openssl/files/097-patch-crypto-hmac-hmac.h Thu Oct 13 17:29:51 2005 @@ -0,0 +1,14 @@ +--- crypto/hmac/hmac.h.orig Thu Oct 13 17:27:32 2005 ++++ crypto/hmac/hmac.h Thu Oct 13 17:28:43 2005 +@@ -64,7 +64,11 @@ + + #include <openssl/evp.h> + ++#ifdef OPENSSL_FIPS + #define HMAC_MAX_MD_CBLOCK 128 ++#else ++#define HMAC_MAX_MD_CBLOCK 64 ++#endif + + #ifdef __cplusplus + extern "C" { --- patch-openssl ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200510140134.j9E1Y0Ku093887>