Update security/openssl to version 0.9.7h. This is a security

vulnerability triggered update due to CAN-2005-2969. Changes from version 0.9.7f include: o Fix SSL 2.0 Rollback, CAN-2005-2969 o Allow use of fixed-length exponent on DSA signing o Default fixed-window RSA, DSA, DH private-key operations o More compilation issues fixed. o Adaptation to more modern Kerberos API. o Enhanced or corrected configuration for Solaris64, Mingw and Cygwin. o Enhanced x86_64 assembler BIGNUM module. o More constification. o Added processing of proxy certificates (RFC 3820).
author: jlam <jlam> 2005-10-11 17:19:21 +0000
committer: jlam <jlam> 2005-10-11 17:19:21 +0000
commit: 038b7c5276542cfb2c0547496c3ff6b703d2f30c (patch)
tree: 9bb35298bbd6fc0c93ea79f87a62d3fd9db372a1 /security/openssl/patches
parent: ae709f49af917159d412d2b81590ab68f6cf4228 (diff)
download: pkgsrc-038b7c5276542cfb2c0547496c3ff6b703d2f30c.tar.gz
4 files changed, 34 insertions, 34 deletions
diff --git a/security/openssl/patches/patch-aa b/security/openssl/patches/patch-aa
index 7107495d5e4..db5844b9c61 100644
--- a/security/openssl/patches/patch-aa
+++ b/security/openssl/patches/patch-aa
@@ -1,6 +1,6 @@
-$NetBSD: patch-aa,v 1.17 2004/12/25 22:11:26 jlam Exp $
+$NetBSD: patch-aa,v 1.18 2005/10/11 17:19:21 jlam Exp $
 
---- config.orig	2004-06-28 18:01:05.000000000 -0400
+--- config.orig	2005-04-07 16:26:10.000000000 -0400
 +++ config
 @@ -49,6 +49,7 @@ done
  # First get uname entries that we use below
@@ -30,7 +30,7 @@ $NetBSD: patch-aa,v 1.17 2004/12/25 22:11:26 jlam Exp $
  	;;
  
      OpenBSD:*)
-@@ -654,9 +659,21 @@ EOF
+@@ -671,9 +676,21 @@ EOF
    ia64-*-freebsd*) OUT="FreeBSD-ia64" ;;
    *-freebsd[3-9]*) OUT="FreeBSD-elf" ;;
    *-freebsd[1-2]*) OUT="FreeBSD" ;;
diff --git a/security/openssl/patches/patch-ac b/security/openssl/patches/patch-ac
index ae0d3e6f881..4f5a7bbb2a0 100644
--- a/security/openssl/patches/patch-ac
+++ b/security/openssl/patches/patch-ac
@@ -1,20 +1,20 @@
-$NetBSD: patch-ac,v 1.27 2005/03/23 09:06:38 jlam Exp $
+$NetBSD: patch-ac,v 1.28 2005/10/11 17:19:21 jlam Exp $
 
---- Configure.orig	2005-03-12 06:28:21.000000000 -0500
+--- Configure.orig	2005-06-26 13:24:48.000000000 -0400
 +++ Configure
-@@ -171,7 +171,7 @@ my %table=(
- "solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+@@ -180,7 +180,7 @@ my %table=(
+ "solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN -DMD32_REG_T=int::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-x86_64.o:::dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
  
  #### Solaris x86 with Sun C setups
--"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"solaris-x86-cc","cc:-xO5 -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"solaris-x86-cc","cc:-fast -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"solaris-x86-cc","cc:-xO5 -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL::::::::::dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
  
  #### SPARC Solaris with GNU C setups
- "solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-@@ -403,9 +403,23 @@ my %table=(
- "linux-ia64-ecc",   "ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-amd64.o:::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-em64t", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+@@ -412,9 +412,23 @@ my %table=(
+ "linux-ia64",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-ia64-ecc",   "ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o::::::asm/rc4-x86_64.o:::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 -"NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 -"NetBSD-m68",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 -"NetBSD-x86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -38,7 +38,7 @@ $NetBSD: patch-ac,v 1.27 2005/03/23 09:06:38 jlam Exp $
  "FreeBSD-elf",  "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
  "FreeBSD-sparc64","gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
  "FreeBSD-ia64","gcc:-DL_ENDIAN -DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64-cpp.o:::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-@@ -836,6 +850,10 @@ PROCESS_ARGS:
+@@ -845,6 +859,10 @@ PROCESS_ARGS:
  				{
  				$libs.=$_." ";
  				}
@@ -49,7 +49,7 @@ $NetBSD: patch-ac,v 1.27 2005/03/23 09:06:38 jlam Exp $
  			elsif (/^-[^-]/ or /^\+/)
  				{
  				$flags.=$_." ";
-@@ -1306,7 +1324,7 @@ while (<IN>)
+@@ -1323,7 +1341,7 @@ while (<IN>)
  	elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
  		{
  		my $sotmp = $1;
diff --git a/security/openssl/patches/patch-ad b/security/openssl/patches/patch-ad
index f6f7e755f57..93e9bfcf5c2 100644
--- a/security/openssl/patches/patch-ad
+++ b/security/openssl/patches/patch-ad
@@ -1,6 +1,6 @@
-$NetBSD: patch-ad,v 1.14 2005/03/23 09:06:38 jlam Exp $
+$NetBSD: patch-ad,v 1.15 2005/10/11 17:19:21 jlam Exp $
 
---- apps/Makefile.orig	2005-03-12 07:15:19.000000000 -0500
+--- apps/Makefile.orig	2005-06-14 08:29:33.000000000 -0400
 +++ apps/Makefile
 @@ -10,6 +10,7 @@ CFLAG=		-g -static
  INSTALL_PREFIX=
@@ -10,7 +10,7 @@ $NetBSD: patch-ad,v 1.14 2005/03/23 09:06:38 jlam Exp $
  MAKEDEPPROG=	makedepend
  MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
  MAKEFILE=	Makefile
-@@ -106,13 +107,13 @@ install:
+@@ -115,13 +116,13 @@ install:
  	@for i in $(SCRIPTS); \
  	do  \
  	(echo installing $$i; \
diff --git a/security/openssl/patches/patch-af b/security/openssl/patches/patch-af
index 7234a40ec7f..282706d746a 100644
--- a/security/openssl/patches/patch-af
+++ b/security/openssl/patches/patch-af
@@ -1,6 +1,6 @@
-$NetBSD: patch-af,v 1.16 2005/03/23 09:06:38 jlam Exp $
+$NetBSD: patch-af,v 1.17 2005/10/11 17:19:21 jlam Exp $
 
---- Makefile.org.orig	2005-03-15 04:46:13.000000000 -0500
+--- Makefile.org.orig	2005-06-20 00:29:54.000000000 -0400
 +++ Makefile.org
 @@ -28,6 +28,7 @@ INSTALLTOP=/usr/local/ssl
  
@@ -10,7 +10,7 @@ $NetBSD: patch-af,v 1.16 2005/03/23 09:06:38 jlam Exp $
  
  # NO_IDEA - Define to build without the IDEA algorithm
  # NO_RC4  - Define to build without the RC4 algorithm
-@@ -194,7 +195,7 @@ TESTS = alltests
+@@ -195,7 +196,7 @@ TESTS = alltests
  
  MAKEFILE= Makefile
  
@@ -19,7 +19,7 @@ $NetBSD: patch-af,v 1.16 2005/03/23 09:06:38 jlam Exp $
  MAN1=1
  MAN3=3
  MANSUFFIX=
-@@ -287,11 +288,13 @@ link-shared:
+@@ -291,11 +292,13 @@ link-shared:
  		tmp="$(SHARED_LIBS_LINK_EXTS)"; \
  		for i in $(SHLIBDIRS); do \
  			prev=lib$$i$(SHLIB_EXT); \
@@ -33,7 +33,7 @@ $NetBSD: patch-af,v 1.16 2005/03/23 09:06:38 jlam Exp $
  		done; \
  	fi
  
-@@ -306,8 +309,7 @@ do_gnu-shared:
+@@ -310,8 +313,7 @@ do_gnu-shared:
  	fi; \
  	( set -x; ${CC} ${SHARED_LDFLAGS} \
  		-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
@@ -41,17 +41,17 @@ $NetBSD: patch-af,v 1.16 2005/03/23 09:06:38 jlam Exp $
 -		-Wl,-Bsymbolic \
 +		-Wl,-h,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
  		-Wl,--whole-archive lib$$i.a \
- 		-Wl,--no-whole-archive $$libs ${EX_LIBS} -lc ) || exit 1; \
+ 		-Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \
  	libs="-l$$i $$libs"; \
-@@ -422,6 +424,7 @@ do_solaris-shared:
+@@ -427,6 +429,7 @@ do_solaris-shared:
  			-o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
  			-h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
  			-Wl,-Bsymbolic \
 +			-Wl,-R${INSTALLTOP}/lib \
  			$${MINUSZ}allextract lib$$i.a $${MINUSZ}defaultextract \
- 			$$libs ${EX_LIBS} -lc ) || exit 1; \
+ 			$$libs ${EX_LIBS} ) || exit 1; \
  		libs="-l$$i $$libs"; \
-@@ -565,7 +568,7 @@ do_hpux64-shared:
+@@ -534,7 +537,7 @@ do_hpux-shared:
  #  HP/UX-64bit: +forceload
  #  AIX:		-bnogc
  # SHAREDFLAGS would be:
@@ -60,7 +60,7 @@ $NetBSD: patch-af,v 1.16 2005/03/23 09:06:38 jlam Exp $
  #  Tru64 Unix:  -shared \
  #		-set_version "${SHLIB_VERSION_HISTORY}${SHLIB_VERSION_NUMBER}"
  #  Solaris:     -G -h lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}
-@@ -798,16 +801,14 @@ dist:   
+@@ -771,16 +774,14 @@ dist:   
  dist_pem_h:
  	(cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
  
@@ -79,7 +79,7 @@ $NetBSD: patch-af,v 1.16 2005/03/23 09:06:38 jlam Exp $
  	@headerlist="$(EXHEADER)"; for i in $$headerlist ;\
  	do \
  	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
-@@ -893,35 +894,53 @@ install_docs:
+@@ -875,35 +876,53 @@ install_docs:
  	for i in doc/apps/*.pod; do \
  		fn=`basename $$i .pod`; \
  		if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
@@ -96,8 +96,8 @@ $NetBSD: patch-af,v 1.16 2005/03/23 09:06:38 jlam Exp $
 -			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
 +			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$ofn.$${sec}$(MANSUFFIX); \
  		$(PERL) util/extract-names.pl < $$i | \
- 			grep -v $$filecase "^$$fn\$$" | \
- 			grep -v "[	]" | \
+ 			(grep -v $$filecase "^$$fn\$$"; true) | \
+ 			(grep -v "[	]"; true) | \
  			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
  			 while read n; do \
 -				$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
@@ -125,8 +125,8 @@ $NetBSD: patch-af,v 1.16 2005/03/23 09:06:38 jlam Exp $
 -			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
 +			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$ofn.$${sec}$(MANSUFFIX); \
  		$(PERL) util/extract-names.pl < $$i | \
- 			grep -v $$filecase "^$$fn\$$" | \
- 			grep -v "[	]" | \
+ 			(grep -v $$filecase "^$$fn\$$"; true) | \
+ 			(grep -v "[	]"; true) | \
  			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
  			 while read n; do \
 -				$$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
author	jlam <jlam>	2005-10-11 17:19:21 +0000
committer	jlam <jlam>	2005-10-11 17:19:21 +0000
commit	038b7c5276542cfb2c0547496c3ff6b703d2f30c (patch)
tree	9bb35298bbd6fc0c93ea79f87a62d3fd9db372a1 /security/openssl/patches
parent	ae709f49af917159d412d2b81590ab68f6cf4228 (diff)
download	pkgsrc-038b7c5276542cfb2c0547496c3ff6b703d2f30c.tar.gz