diff options
author | wiz <wiz@pkgsrc.org> | 2022-02-28 12:25:09 +0000 |
---|---|---|
committer | wiz <wiz@pkgsrc.org> | 2022-02-28 12:25:09 +0000 |
commit | 4606aa8369f3bb993c67b371f9038845de2f6137 (patch) | |
tree | 3687c59c605c7e29945f69736c962ed637377605 /security | |
parent | 4e42fb5298e06a01d3a3104f10309051c49adbec (diff) | |
download | pkgsrc-4606aa8369f3bb993c67b371f9038845de2f6137.tar.gz |
openssl: update to 1.1.1m.
Changes between 1.1.1l and 1.1.1m [14 Dec 2021]
*) Avoid loading of a dynamic engine twice.
*) Fixed building on Debian with kfreebsd kernels
*) Prioritise DANE TLSA issuer certs over peer certs
*) Fixed random API for MacOS prior to 10.12
Diffstat (limited to 'security')
-rw-r--r-- | security/openssl/Makefile | 4 | ||||
-rw-r--r-- | security/openssl/PLIST | 8 | ||||
-rw-r--r-- | security/openssl/distinfo | 10 | ||||
-rw-r--r-- | security/openssl/patches/patch-crypto_rand_rand__unix.c | 26 | ||||
-rw-r--r-- | security/openssl/patches/patch-include_crypto_rand.h | 24 |
5 files changed, 11 insertions, 61 deletions
diff --git a/security/openssl/Makefile b/security/openssl/Makefile index a8dc91838f5..c49249fc762 100644 --- a/security/openssl/Makefile +++ b/security/openssl/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.277 2022/01/11 11:10:39 schmonz Exp $ +# $NetBSD: Makefile,v 1.278 2022/02/28 12:25:09 wiz Exp $ # Remember to upload-distfiles when updating OpenSSL -- otherwise it # is not possible for users who have bootstrapped without OpenSSL # to install it and enable HTTPS fetching. -DISTNAME= openssl-1.1.1l +DISTNAME= openssl-1.1.1m CATEGORIES= security MASTER_SITES= https://www.openssl.org/source/ diff --git a/security/openssl/PLIST b/security/openssl/PLIST index 6f397f27551..68eeedb99f1 100644 --- a/security/openssl/PLIST +++ b/security/openssl/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.9 2021/08/25 11:25:25 jperkin Exp $ +@comment $NetBSD: PLIST,v 1.10 2022/02/28 12:25:09 wiz Exp $ bin/c_rehash bin/openssl include/openssl/aes.h @@ -3780,6 +3780,8 @@ man/man3/d2i_X509_REQ_fp.3 man/man3/d2i_X509_REVOKED.3 man/man3/d2i_X509_SIG.3 man/man3/d2i_X509_VAL.3 +man/man3/d2i_X509_bio.3 +man/man3/d2i_X509_fp.3 man/man3/i2d_ACCESS_DESCRIPTION.3 man/man3/i2d_ADMISSIONS.3 man/man3/i2d_ADMISSION_SYNTAX.3 @@ -3974,6 +3976,8 @@ man/man3/i2d_X509_REQ_fp.3 man/man3/i2d_X509_REVOKED.3 man/man3/i2d_X509_SIG.3 man/man3/i2d_X509_VAL.3 +man/man3/i2d_X509_bio.3 +man/man3/i2d_X509_fp.3 man/man3/i2d_re_X509_CRL_tbs.3 man/man3/i2d_re_X509_REQ_tbs.3 man/man3/i2d_re_X509_tbs.3 @@ -4045,5 +4049,3 @@ share/examples/openssl/misc/tsget share/examples/openssl/misc/tsget.pl share/examples/openssl/openssl.cnf share/examples/openssl/openssl.cnf.dist -@pkgdir share/examples/openssl/private -@pkgdir share/examples/openssl/certs diff --git a/security/openssl/distinfo b/security/openssl/distinfo index ac616e55d39..a14ef5adf60 100644 --- a/security/openssl/distinfo +++ b/security/openssl/distinfo @@ -1,10 +1,8 @@ -$NetBSD: distinfo,v 1.156 2022/01/11 13:54:01 schmonz Exp $ +$NetBSD: distinfo,v 1.157 2022/02/28 12:25:09 wiz Exp $ -BLAKE2s (openssl-1.1.1l.tar.gz) = a011562eff4d77dab8d1e80753fa06cb87945783b4dd9ca111e37a59209f1df6 -SHA512 (openssl-1.1.1l.tar.gz) = d9611f393e37577cca05004531388d3e0ebbf714894cab9f95f4903909cd4f45c214faab664c0cbc3ad3cca309d500b9e6d0ecbf9a0a0588d1677dc6b047f9e0 -Size (openssl-1.1.1l.tar.gz) = 9834044 bytes +BLAKE2s (openssl-1.1.1m.tar.gz) = 4fbc0401eb9e3b8100c82b736e86cade3bf0ff9f0ed7c3fc96c99fb3b9f32485 +SHA512 (openssl-1.1.1m.tar.gz) = ba0ef99b321546c13385966e4a607734df38b96f6ed45c4c67063a5f8d1482986855279797a6920d9f86c2ec31ce3e104dcc62c37328caacdd78aec59aa66156 +Size (openssl-1.1.1m.tar.gz) = 9847315 bytes SHA1 (patch-Configurations_shared-info.pl) = 0e835f6e343b5d05ef9a0e6ef2a195201262d15c SHA1 (patch-Configurations_unix-Makefile.tmpl) = 3f47dd453381485aeb6c37dc53f932428fdcef50 SHA1 (patch-Configure) = 479f1bc826f7721f6b44d6b5a6cf460432924bf2 -SHA1 (patch-crypto_rand_rand__unix.c) = 41b7cce4f31021080d5dfdd2b7d4ddc0f4c7175a -SHA1 (patch-include_crypto_rand.h) = c7c6556a483b56ba2ac23c6b44193ce3dc0b2119 diff --git a/security/openssl/patches/patch-crypto_rand_rand__unix.c b/security/openssl/patches/patch-crypto_rand_rand__unix.c deleted file mode 100644 index 3562be03849..00000000000 --- a/security/openssl/patches/patch-crypto_rand_rand__unix.c +++ /dev/null @@ -1,26 +0,0 @@ -$NetBSD: patch-crypto_rand_rand__unix.c,v 1.4 2022/01/11 13:54:01 schmonz Exp $ - -Apply upstream c023d98dcf2ba1cc30f545ae54d0e037e80a8794: -Darwin platform allows to build on releases before Yosemite/ios 8. - ---- crypto/rand/rand_unix.c.orig 2021-08-24 13:38:47.000000000 +0000 -+++ crypto/rand/rand_unix.c -@@ -34,9 +34,6 @@ - #if defined(__OpenBSD__) - # include <sys/param.h> - #endif --#if defined(__APPLE__) --# include <CommonCrypto/CommonRandom.h> --#endif - - #if defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__) - # include <sys/types.h> -@@ -381,7 +378,7 @@ static ssize_t syscall_random(void *buf, - if (errno != ENOSYS) - return -1; - } --# elif defined(__APPLE__) -+# elif defined(OPENSSL_APPLE_CRYPTO_RANDOM) - if (CCRandomGenerateBytes(buf, buflen) == kCCSuccess) - return (ssize_t)buflen; - diff --git a/security/openssl/patches/patch-include_crypto_rand.h b/security/openssl/patches/patch-include_crypto_rand.h deleted file mode 100644 index 1a7a04ae92e..00000000000 --- a/security/openssl/patches/patch-include_crypto_rand.h +++ /dev/null @@ -1,24 +0,0 @@ -$NetBSD: patch-include_crypto_rand.h,v 1.1 2022/01/11 13:54:01 schmonz Exp $ - -Apply upstream c023d98dcf2ba1cc30f545ae54d0e037e80a8794: -Darwin platform allows to build on releases before Yosemite/ios 8. - ---- include/crypto/rand.h.orig 2021-08-24 13:38:47.000000000 +0000 -+++ include/crypto/rand.h -@@ -20,6 +20,16 @@ - - # include <openssl/rand.h> - -+# if defined(__APPLE__) && !defined(OPENSSL_NO_APPLE_CRYPTO_RANDOM) -+# include <Availability.h> -+# if (defined(__MAC_OS_X_VERSION_MIN_REQUIRED) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101000) || \ -+ (defined(__IPHONE_OS_VERSION_MIN_REQUIRED) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 80000) -+# define OPENSSL_APPLE_CRYPTO_RANDOM 1 -+# include <CommonCrypto/CommonCryptoError.h> -+# include <CommonCrypto/CommonRandom.h> -+# endif -+# endif -+ - /* forward declaration */ - typedef struct rand_pool_st RAND_POOL; - |