Update openssl pacakge to 0.9.8s.

 OpenSSL CHANGES
 _______________

 Changes between 0.9.8r and 0.9.8s [4 Jan 2012]

  *) Nadhem Alfardan and Kenny Paterson have discovered an extension
     of the Vaudenay padding oracle attack on CBC mode encryption
     which enables an efficient plaintext recovery attack against
     the OpenSSL implementation of DTLS. Their attack exploits timing
     differences arising during decryption processing. A research
     paper describing this attack can be found at:
                  http://www.isg.rhul.ac.uk/~kp/dtls.pdf
     Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
     Security Group at Royal Holloway, University of London
     (www.isg.rhul.ac.uk) for discovering this flaw and to Robin Seggelmann
     <seggelmann@fh-muenster.de> and Michael Tuexen <tuexen@fh-muenster.de>
     for preparing the fix. (CVE-2011-4108)
     [Robin Seggelmann, Michael Tuexen]

  *) Stop policy check failure freeing same buffer twice. (CVE-2011-4109)
     [Ben Laurie, Kasper <ekasper@google.com>]

  *) Clear bytes used for block padding of SSL 3.0 records.
     (CVE-2011-4576)
     [Adam Langley (Google)]

  *) Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
     [Adam Langley (Google)]

  *) Prevent malformed RFC3779 data triggering an assertion failure.
     Thanks to Andrew Chi, BBN Technologies, for discovering the flaw
     and Rob Austein <sra@hactrn.net> for fixing it. (CVE-2011-4577)
     [Rob Austein <sra@hactrn.net>]

  *) Fix ssl_ciph.c set-up race.
     [Adam Langley (Google)]

  *) Fix spurious failures in ecdsatest.c.
     [Emilia Käóper (Google)]

  *) Fix the BIO_f_buffer() implementation (which was mixing different
     interpretations of the '..._len' fields).
     [Adam Langley (Google)]

  *) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than
     BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent
     threads won't reuse the same blinding coefficients.

     This also avoids the need to obtain the CRYPTO_LOCK_RSA_BLINDING
     lock to call BN_BLINDING_invert_ex, and avoids one use of
     BN_BLINDING_update for each BN_BLINDING structure (previously,
     the last update always remained unused).
     [Emilia Käóper (Google)]

  *) Fix SSL memory handling for (EC)DH ciphersuites, in particular
     for multi-threaded use of ECDH.
     [Adam Langley (Google)]

  *) Fix x509_name_ex_d2i memory leak on bad inputs.
     [Bodo Moeller]

  *) Add protection against ECDSA timing attacks as mentioned in the paper
     by Billy Bob Brumley and Nicola Tuveri, see:

	http://eprint.iacr.org/2011/232.pdf

     [Billy Bob Brumley and Nicola Tuveri]

 Changes between 0.9.8q and 0.9.8r [8 Feb 2011]

  *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014
     [Neel Mehta, Adam Langley, Bodo Moeller (Google)]

  *) Fix bug in string printing code: if *any* escaping is enabled we must
     escape the escape character (backslash) or the resulting string is
     ambiguous.
     [Steve Henson]

 Changes between 0.9.8p and 0.9.8q [2 Dec 2010]

  *) Disable code workaround for ancient and obsolete Netscape browsers
     and servers: an attacker can use it in a ciphersuite downgrade attack.
     Thanks to Martin Rex for discovering this bug. CVE-2010-4180
     [Steve Henson]

  *) Fixed J-PAKE implementation error, originally discovered by
     Sebastien Martini, further info and confirmation from Stefan
     Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
     [Ben Laurie]

4 files changed, 6 insertions, 67 deletions

diff --git a/security/openssl/Makefile b/security/openssl/Makefile
index 731820cf6b0..2802d57c29f 100644
--- a/security/openssl/Makefile
+++ b/security/openssl/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.158 2011/11/02 22:51:07 jnemeth Exp $
+# $NetBSD: Makefile,v 1.159 2012/01/06 03:26:23 taca Exp $
 
 OPENSSL_SNAPSHOT?=	# empty
 OPENSSL_STABLE?=	# empty
-OPENSSL_VERS?=		0.9.8q
+OPENSSL_VERS?=		0.9.8s
 
 .if empty(OPENSSL_SNAPSHOT)
 DISTNAME=	openssl-${OPENSSL_VERS}
@@ -22,7 +22,6 @@ MASTER_SITES=	ftp://ftp.openssl.org/snapshot/
 .endif
 
 SVR4_PKGNAME=	ossl
-PKGREVISION=	3
 CATEGORIES=	security
 MAINTAINER=	pkgsrc-users@NetBSD.org
 HOMEPAGE=	http://www.openssl.org/
diff --git a/security/openssl/distinfo b/security/openssl/distinfo
index 62e364e76dd..bc92e5c56c0 100644
--- a/security/openssl/distinfo
+++ b/security/openssl/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.82 2011/07/04 14:42:56 tez Exp $
+$NetBSD: distinfo,v 1.83 2012/01/06 03:26:23 taca Exp $
 
-SHA1 (openssl-0.9.8q.tar.gz) = 12b6859698ca299fa0cba594686c25d5c01e410d
-RMD160 (openssl-0.9.8q.tar.gz) = 2a6583fc059f83232b16d0dad8855fc8086f2450
-Size (openssl-0.9.8q.tar.gz) = 3773961 bytes
+SHA1 (openssl-0.9.8s.tar.gz) = a7410b0991f37e125bf835dfd1315822fca64d56
+RMD160 (openssl-0.9.8s.tar.gz) = 61c98766dfca33e4a60c1e13196bc32c1c65930a
+Size (openssl-0.9.8s.tar.gz) = 3779406 bytes
 SHA1 (patch-aa) = eb25505e8a745eb5ba85f857b0f9302fd5e9bda1
 SHA1 (patch-ac) = 6ff4a20440666f5c520837e10547091e1bee2208
 SHA1 (patch-ad) = bb86ac463fc4ab8b485df5f1a4fb9c13c1fc41c3
@@ -11,5 +11,3 @@ SHA1 (patch-af) = 2610930b6b06397fa2e3955b3244c02193f5b7a6
 SHA1 (patch-ag) = 5f12c72b85e4b6c6a79dfcf87055e9e029fbd8c8
 SHA1 (patch-ak) = 049250b9bd42e6f155145703135dab39a7ec17e0
 SHA1 (patch-al) = 076a606352bdeaeea1cc64f16be2ac1325882302
-SHA1 (patch-crypto_ecdsa_ecs__ossl.c) = d5eeefca9df411d7478f731809133dea8f1978f5
-SHA1 (patch-ssl_t1__lib.c) = 0ec0cfd2c70c7d35c2bb1c6261d5817ea56941aa
diff --git a/security/openssl/patches/patch-crypto_ecdsa_ecs__ossl.c b/security/openssl/patches/patch-crypto_ecdsa_ecs__ossl.c
deleted file mode 100644
index 7dce2114e32..00000000000
--- a/security/openssl/patches/patch-crypto_ecdsa_ecs__ossl.c
+++ /dev/null
@@ -1,28 +0,0 @@
-$NetBSD: patch-crypto_ecdsa_ecs__ossl.c,v 1.2 2011/07/04 14:42:57 tez Exp $
-
-Add protection against ECDSA timing attacks as mentioned in the paper
-by Billy Bob Brumley and Nicola Tuveri, see:
-  http://eprint.iacr.org/2011/232.pdf
-[Billy Bob Brumley and Nicola Tuveri]
-
-#ifdef conditional removed per
-   http://www.mail-archive.com/openssl-dev@openssl.org/msg29283.html
-
---- crypto/ecdsa/ecs_ossl.c.orig	2009-12-01 11:32:16.000000000 -0600
-+++ crypto/ecdsa/ecs_ossl.c	2011-06-03 10:10:10.161291300 -0500
-@@ -144,6 +144,14 @@
- 			}
- 		while (BN_is_zero(k));
- 
-+		/* We do not want timing information to leak the length of k,
-+		 * so we compute G*k using an equivalent scalar of fixed
-+		 * bit-length. */
-+
-+		if (!BN_add(k, k, order)) goto err;
-+		if (BN_num_bits(k) <= BN_num_bits(order))
-+			if (!BN_add(k, k, order)) goto err;
-+
- 		/* compute r the x-coordinate of generator * k */
- 		if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx))
- 		{
-
diff --git a/security/openssl/patches/patch-ssl_t1__lib.c b/security/openssl/patches/patch-ssl_t1__lib.c
deleted file mode 100644
index 983bb2e9c72..00000000000
--- a/security/openssl/patches/patch-ssl_t1__lib.c
+++ /dev/null
@@ -1,30 +0,0 @@
-$NetBSD: patch-ssl_t1__lib.c,v 1.1 2011/02/09 00:15:30 taca Exp $
-
-Fix for security issue CVE-2011-0014.
-
---- ssl/t1_lib.c.orig	2010-11-16 14:26:18.000000000 +0000
-+++ ssl/t1_lib.c
-@@ -521,6 +521,7 @@ int ssl_parse_clienthello_tlsext(SSL *s,
- 						}
- 					n2s(data, idsize);
- 					dsize -= 2 + idsize;
-+					size -= 2 + idsize;
- 					if (dsize < 0)
- 						{
- 						*al = SSL_AD_DECODE_ERROR;
-@@ -559,9 +560,14 @@ int ssl_parse_clienthello_tlsext(SSL *s,
- 					}
- 
- 				/* Read in request_extensions */
-+				if (size < 2)
-+					{
-+					*al = SSL_AD_DECODE_ERROR;
-+					return 0;
-+					}
- 				n2s(data,dsize);
- 				size -= 2;
--				if (dsize > size) 
-+				if (dsize != size) 
- 					{
- 					*al = SSL_AD_DECODE_ERROR;
- 					return 0;