From owner-svn-ports-all@FreeBSD.ORG Tue Jan 7 20:40:23 2014 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AAD2FFE3; Tue, 7 Jan 2014 20:40:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8BEA31B46; Tue, 7 Jan 2014 20:40:23 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id s07KeN69084786; Tue, 7 Jan 2014 20:40:23 GMT (envelope-from dinoex@svn.freebsd.org) Received: (from dinoex@localhost) by svn.freebsd.org (8.14.7/8.14.7/Submit) id s07KeN7v084781; Tue, 7 Jan 2014 20:40:23 GMT (envelope-from dinoex@svn.freebsd.org) Message-Id: <201401072040.s07KeN7v084781@svn.freebsd.org> From: Dirk Meyer Date: Tue, 7 Jan 2014 20:40:22 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r339031 - in head/security/openssl: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Jan 2014 20:40:23 -0000 Author: dinoex Date: Tue Jan 7 20:40:22 2014 New Revision: 339031 URL: http://svnweb.freebsd.org/changeset/ports/339031 Log: - Security update to openssl-1.0.1f - remove broken patches - new fix for perl5.18 - fix option GMP Security: http://www.openssl.org/news/vulnerabilities.html Security: CVE-2013-4353 Security: CVE-2013-6449 Security: CVE-2013-6450 Security: 5aaa257e-772d-11e3-a65a-3c970e169bc2 Modified: head/security/openssl/Makefile head/security/openssl/distinfo head/security/openssl/files/patch-config Modified: head/security/openssl/Makefile ============================================================================== --- head/security/openssl/Makefile Tue Jan 7 20:33:10 2014 (r339030) +++ head/security/openssl/Makefile Tue Jan 7 20:40:22 2014 (r339031) @@ -3,22 +3,18 @@ PORTNAME= openssl PORTVERSION= 1.0.1 -DISTVERSIONSUFFIX= e -PORTREVISION= 8 +DISTVERSIONSUFFIX= f +PORTREVISION= 9 CATEGORIES= security devel MASTER_SITES= http://www.openssl.org/%SUBDIR%/ \ ftp://ftp.openssl.org/%SUBDIR%/ \ ftp://ftp.cert.dfn.de/pub/tools/net/openssl/%SUBDIR%/ MASTER_SITE_SUBDIR= source -DIST_SUBDIR= ${DISTNAME}2 +DIST_SUBDIR= ${DISTNAME} MAINTAINER= dinoex@FreeBSD.org COMMENT= SSL and crypto library -PATCH_SITES+= http://www.linuxfromscratch.org/patches/blfs/svn/:pod -PATCHFILES+= openssl-1.0.1e-fix_pod_syntax-1.patch:pod -PATCH_DIST_STRIP= -p1 - .ifdef USE_OPENSSL .error You have `USE_OPENSSL' variable defined either in environment or in make(1) arguments. Please undefine and try again. .endif @@ -60,6 +56,24 @@ SUB_FILES= pkg-message OPENSSLDIR= ${PREFIX}/openssl MANPREFIX= ${PREFIX} +FIX_POD=apps/cms.pod \ + apps/smime.pod \ + ssl/SSL_accept.pod \ + ssl/SSL_clear.pod \ + ssl/SSL_COMP_add_compression_method.pod ssl/SSL_connect.pod \ + ssl/SSL_CTX_add_session.pod ssl/SSL_CTX_load_verify_locations.pod \ + ssl/SSL_CTX_set_client_CA_list.pod \ + ssl/SSL_CTX_set_session_id_context.pod \ + ssl/SSL_CTX_set_ssl_version.pod \ + ssl/SSL_CTX_use_psk_identity_hint.pod \ + ssl/SSL_do_handshake.pod \ + ssl/SSL_read.pod \ + ssl/SSL_session_reused.pod \ + ssl/SSL_set_fd.pod \ + ssl/SSL_set_session.pod \ + ssl/SSL_shutdown.pod \ + ssl/SSL_write.pod + MAN1= CA.pl.1 asn1parse.1 ca.1 ciphers.1 cms.1 crl.1 crl2pkcs7.1 dgst.1 \ dhparam.1 dsa.1 dsaparam.1 ec.1 ecparam.1 enc.1 errstr.1 gendsa.1 \ genpkey.1 genrsa.1 nseq.1 ocsp.1 openssl.1 passwd.1 pkcs12.1 pkcs7.1 \ @@ -1123,6 +1137,8 @@ PLIST_SUB+= WITH_RC5="@comment " .endif .if ${PORT_OPTIONS:MPADLOCK} +BROKEN= does not build with openssl-1.0.1f +PATCH_DIST_STRIP= -p1 PATCH_SITES+= http://git.alpinelinux.org/cgit/aports/plain/main/openssl/:padlock PATCHFILES+= 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch:padlock \ 0002-engines-e_padlock-backport-cvs-head-changes.patch:padlock \ @@ -1131,7 +1147,7 @@ PATCHFILES+= 0001-crypto-hmac-support-EV .endif .if ${PORT_OPTIONS:MGMP} -EXTRACONFIGURE+= enable-gmp +EXTRACONFIGURE+= enable-gmp -I${LOCALBASE}/include IGNORE= GMP is LGPLv3 and can not be linked .else EXTRACONFIGURE+= no-gmp @@ -1160,6 +1176,10 @@ pre-everything:: .endif +pre-patch: + ${REINPLACE_CMD} -e 's|^=item \([0-9]\)$$|=item C<\1>|' \ + ${FIX_POD:S,^,${WRKSRC}/doc/,} + post-patch: @${REINPLACE_CMD} -e 's|m4 -B 8192|m4|g' \ ${WRKSRC}/crypto/des/Makefile Modified: head/security/openssl/distinfo ============================================================================== --- head/security/openssl/distinfo Tue Jan 7 20:33:10 2014 (r339030) +++ head/security/openssl/distinfo Tue Jan 7 20:40:22 2014 (r339031) @@ -1,12 +1,2 @@ -SHA256 (openssl-1.0.1e2/openssl-1.0.1e.tar.gz) = f74f15e8c8ff11aa3d5bb5f276d202ec18d7246e95f961db76054199c69c1ae3 -SIZE (openssl-1.0.1e2/openssl-1.0.1e.tar.gz) = 4459777 -SHA256 (openssl-1.0.1e2/openssl-1.0.1e-fix_pod_syntax-1.patch) = 748fd906d6d50b0183d4795aec4857c5b1e53de1155aaa8512fc775f2c04dbe9 -SIZE (openssl-1.0.1e2/openssl-1.0.1e-fix_pod_syntax-1.patch) = 11743 -SHA256 (openssl-1.0.1e2/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 18dd81fefb39b3328a444774ed10871ed50348ca171d2da9f826f916127b2dae -SIZE (openssl-1.0.1e2/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 3512 -SHA256 (openssl-1.0.1e2/0002-engines-e_padlock-backport-cvs-head-changes.patch) = 39c31c2e33cded09543a2d1fd2e3238e9d11c672ba71a14d13095baad3ec9696 -SIZE (openssl-1.0.1e2/0002-engines-e_padlock-backport-cvs-head-changes.patch) = 5867 -SHA256 (openssl-1.0.1e2/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = cbb2493ec9157e78035e9cc02be17655996ee9cd0a71b79507fc19f3862f452b -SIZE (openssl-1.0.1e2/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = 20625 -SHA256 (openssl-1.0.1e2/0004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 157ec6d17add25b96956abc7c44259c91eebe8a6c1026cdb976b895bf42ec56f -SIZE (openssl-1.0.1e2/0004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 777 +SHA256 (openssl-1.0.1f/openssl-1.0.1f.tar.gz) = 6cc2a80b17d64de6b7bac985745fdaba971d54ffd7d38d3556f998d7c0c9cb5a +SIZE (openssl-1.0.1f/openssl-1.0.1f.tar.gz) = 4509212 Modified: head/security/openssl/files/patch-config ============================================================================== --- head/security/openssl/files/patch-config Tue Jan 7 20:33:10 2014 (r339030) +++ head/security/openssl/files/patch-config Tue Jan 7 20:40:22 2014 (r339031) @@ -9,7 +9,7 @@ - libc=/usr/lib/libc.so - else # OpenBSD - # ld searches for highest libc.so.* and so do we -- libc=`(ls /usr/lib/libc.so.* | tail -1) 2>/dev/null` +- libc=`(ls /usr/lib/libc.so.* /lib/libc.so.* | tail -1) 2>/dev/null` - fi - case "`(file -L $libc) 2>/dev/null`" in + *86*-*-*bsd*)