Site Navigation

Date:      Wed, 08 Jan 2014 09:33:50 -0200
From:      Renato Botelho <garga@FreeBSD.org>
To:        Dirk Meyer <dinoex@FreeBSD.org>, ports-committers@freebsd.org,  svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   Re: svn commit: r339031 - in head/security/openssl: . files
Message-ID:  <52CD379E.3030004@FreeBSD.org>
In-Reply-To: <201401072040.s07KeN7v084781@svn.freebsd.org>
References:  <201401072040.s07KeN7v084781@svn.freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--mRGhvTbjgQl7Gd4oV15qU8gD0blG1LwFI
Content-Type: multipart/mixed;
 boundary="------------090202090407030002010006"

This is a multi-part message in MIME format.
--------------090202090407030002010006
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 07-01-2014 18:40, Dirk Meyer wrote:
> Author: dinoex
> Date: Tue Jan  7 20:40:22 2014
> New Revision: 339031
> URL: http://svnweb.freebsd.org/changeset/ports/339031
>=20
> Log:
>   - Security update to openssl-1.0.1f
>   - remove broken patches
>   - new fix for perl5.18
>   - fix option GMP
>  =20
>   Security: http://www.openssl.org/news/vulnerabilities.html
>   Security: CVE-2013-4353
>   Security: CVE-2013-6449
>   Security: CVE-2013-6450
>   Security: 5aaa257e-772d-11e3-a65a-3c970e169bc2
>=20
> Modified:
>   head/security/openssl/Makefile
>   head/security/openssl/distinfo
>   head/security/openssl/files/patch-config
>=20
> Modified: head/security/openssl/Makefile
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
> --- head/security/openssl/Makefile	Tue Jan  7 20:33:10 2014	(r339030)
> +++ head/security/openssl/Makefile	Tue Jan  7 20:40:22 2014	(r339031)
> @@ -3,22 +3,18 @@
> =20
>  PORTNAME=3D	openssl
>  PORTVERSION=3D	1.0.1
> -DISTVERSIONSUFFIX=3D	e
> -PORTREVISION=3D	8
> +DISTVERSIONSUFFIX=3D	f
> +PORTREVISION=3D	9
>  CATEGORIES=3D	security devel
>  MASTER_SITES=3D	http://www.openssl.org/%SUBDIR%/ \
>  		ftp://ftp.openssl.org/%SUBDIR%/ \
>  		ftp://ftp.cert.dfn.de/pub/tools/net/openssl/%SUBDIR%/
>  MASTER_SITE_SUBDIR=3D	source
> -DIST_SUBDIR=3D	${DISTNAME}2
> +DIST_SUBDIR=3D	${DISTNAME}
> =20
>  MAINTAINER=3D	dinoex@FreeBSD.org
>  COMMENT=3D	SSL and crypto library
> =20
> -PATCH_SITES+=3D	http://www.linuxfromscratch.org/patches/blfs/svn/:pod
> -PATCHFILES+=3D	openssl-1.0.1e-fix_pod_syntax-1.patch:pod
> -PATCH_DIST_STRIP=3D	-p1
> -
>  .ifdef USE_OPENSSL
>  .error You have `USE_OPENSSL' variable defined either in environment o=
r in make(1) arguments. Please undefine and try again.
>  .endif
> @@ -60,6 +56,24 @@ SUB_FILES=3D	pkg-message
>  OPENSSLDIR=3D	${PREFIX}/openssl
>  MANPREFIX=3D	${PREFIX}
> =20
> +FIX_POD=3Dapps/cms.pod \
> +	apps/smime.pod \
> +	ssl/SSL_accept.pod \
> +	ssl/SSL_clear.pod \
> +	ssl/SSL_COMP_add_compression_method.pod ssl/SSL_connect.pod \
> +	ssl/SSL_CTX_add_session.pod ssl/SSL_CTX_load_verify_locations.pod \
> +	ssl/SSL_CTX_set_client_CA_list.pod \
> +	ssl/SSL_CTX_set_session_id_context.pod \
> +	ssl/SSL_CTX_set_ssl_version.pod \
> +	ssl/SSL_CTX_use_psk_identity_hint.pod \
> +	ssl/SSL_do_handshake.pod \
> +	ssl/SSL_read.pod \
> +	ssl/SSL_session_reused.pod \
> +	ssl/SSL_set_fd.pod \
> +	ssl/SSL_set_session.pod \
> +	ssl/SSL_shutdown.pod \
> +	ssl/SSL_write.pod
> +
>  MAN1=3D	CA.pl.1 asn1parse.1 ca.1 ciphers.1 cms.1 crl.1 crl2pkcs7.1 dgs=
t.1 \
>  	dhparam.1 dsa.1 dsaparam.1 ec.1 ecparam.1 enc.1 errstr.1 gendsa.1 \
>  	genpkey.1 genrsa.1 nseq.1 ocsp.1 openssl.1 passwd.1 pkcs12.1 pkcs7.1 =
\
> @@ -1123,6 +1137,8 @@ PLIST_SUB+=3D	WITH_RC5=3D"@comment "
>  .endif
> =20
>  .if ${PORT_OPTIONS:MPADLOCK}
> +BROKEN=3D		does not build with openssl-1.0.1f

I built it fine on 10.0-amd64 with PADLOCK option set and the attached
patch.

--=20
Renato Botelho <garga     @ FreeBSD.org>
               <garga.bsd @ gmail.com>
GnuPG Key: http://www.FreeBSD.org/~garga/pubkey.asc

--------------090202090407030002010006
Content-Type: text/x-patch;
 name="openssl.diff"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
 filename="openssl.diff"

Index: Makefile
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- Makefile	(revision 339097)
+++ Makefile	(working copy)
@@ -1139,7 +1139,6 @@
 .endif
=20
 .if ${PORT_OPTIONS:MPADLOCK}
-BROKEN=3D		does not build with openssl-1.0.1f
 PATCH_DIST_STRIP=3D	-p1
 PATCH_SITES+=3D	http://git.alpinelinux.org/cgit/aports/plain/main/openss=
l/:padlock
 PATCHFILES+=3D	0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-=
=2Epatch:padlock \
Index: distinfo
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- distinfo	(revision 339097)
+++ distinfo	(working copy)
@@ -1,2 +1,10 @@
 SHA256 (openssl-1.0.1f/openssl-1.0.1f.tar.gz) =3D 6cc2a80b17d64de6b7bac9=
85745fdaba971d54ffd7d38d3556f998d7c0c9cb5a
 SIZE (openssl-1.0.1f/openssl-1.0.1f.tar.gz) =3D 4509212
+SHA256 (openssl-1.0.1f/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-=
and-set-.patch) =3D 18dd81fefb39b3328a444774ed10871ed50348ca171d2da9f826f=
916127b2dae
+SIZE (openssl-1.0.1f/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-an=
d-set-.patch) =3D 3512
+SHA256 (openssl-1.0.1f/0002-engines-e_padlock-backport-cvs-head-changes.=
patch) =3D 39c31c2e33cded09543a2d1fd2e3238e9d11c672ba71a14d13095baad3ec96=
96
+SIZE (openssl-1.0.1f/0002-engines-e_padlock-backport-cvs-head-changes.pa=
tch) =3D 5867
+SHA256 (openssl-1.0.1f/0003-engines-e_padlock-implement-sha1-sha224-sha2=
56-accel.patch) =3D cbb2493ec9157e78035e9cc02be17655996ee9cd0a71b79507fc1=
9f3862f452b
+SIZE (openssl-1.0.1f/0003-engines-e_padlock-implement-sha1-sha224-sha256=
-accel.patch) =3D 20625
+SHA256 (openssl-1.0.1f/0004-crypto-engine-autoload-padlock-dynamic-engin=
e.patch) =3D 157ec6d17add25b96956abc7c44259c91eebe8a6c1026cdb976b895bf42e=
c56f
+SIZE (openssl-1.0.1f/0004-crypto-engine-autoload-padlock-dynamic-engine.=
patch) =3D 777

--------------090202090407030002010006--

--mRGhvTbjgQl7Gd4oV15qU8gD0blG1LwFI
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJSzTeeAAoJEPHw56GfYleQ7KAP/RkRewJEWe+DpSkGRGSqkT1j
NrCjONu9UPdrEiUuRXMVSNolUiyR9EdqF3CqjNgUrOlGnCM+sSjnwU39Q/W2cReB
f+vOmrBmeOOTwwfozK41xSFm6ibBi0c3ydA/SWecVf0SVE09V9KzrNauz4Tc1X9U
Jlg4vLJobsm7HMoVYEBM7YsONzBLMIuCLPrc8Np6UrwhWSOUAOVLHHJXO3Ctb7p4
dldoB51rHvNSjoipo7Btp/+NJiXfK7E30rtqnhACrI7rJ5Nx6MCi2lQoVX8WzzdX
fuYD5etFlBmdFArkzeA7hOb3TTFi57IIYrfKJT5Y4vVi84V3LIg7ScbdAOOni+4G
txZnaLAZQuAQj+lqIRb9w8JRJxsy/epYmD2JTvhHotOL0G3Lapz4I3dKq5csuwbj
XRo84MO6gpGOMepeBgACO3+4/CxoOCOu2PbqyppAsALWLjbAslSXryDuTDgmBnFW
4UxTH+RnGbQtGSLzL+IJTd+WpE4kkN/T/nfW0gNFcnG9ngNDec8MyiWE5nFlZDQ2
wqhgiBl36EMclC10Ogj7z6nCun6imjlb2V1kjygI7wK+/PDorbxkXFapQCesFIRe
P85xuI4dsjOrDM/4z8N86a/EVAPh1ai2JysyoOdKYshw+NTxjsf2CldsuNYLcBo8
eFzWpWIofNFQG9bHzjEj
=mqd+
-----END PGP SIGNATURE-----

--mRGhvTbjgQl7Gd4oV15qU8gD0blG1LwFI--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52CD379E.3030004>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact