summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--security/openssl/Makefile5
-rw-r--r--security/openssl/PLIST.common90
-rw-r--r--security/openssl/distinfo11
-rw-r--r--security/openssl/patches/patch-crypto_x509v3_v3_addr.c25
4 files changed, 96 insertions, 35 deletions
diff --git a/security/openssl/Makefile b/security/openssl/Makefile
index e40acaa3130..5d966c17ca3 100644
--- a/security/openssl/Makefile
+++ b/security/openssl/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.232 2017/09/22 21:02:43 tez Exp $
+# $NetBSD: Makefile,v 1.233 2017/11/24 20:34:23 bsiegert Exp $
-DISTNAME= openssl-1.0.2k
-PKGREVISION= 1
+DISTNAME= openssl-1.0.2m
CATEGORIES= security
MASTER_SITES= https://www.openssl.org/source/
diff --git a/security/openssl/PLIST.common b/security/openssl/PLIST.common
index e2200138054..0592347096b 100644
--- a/security/openssl/PLIST.common
+++ b/security/openssl/PLIST.common
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST.common,v 1.30 2016/09/22 12:28:55 jperkin Exp $
+@comment $NetBSD: PLIST.common,v 1.31 2017/11/24 20:34:23 bsiegert Exp $
bin/c_rehash
bin/openssl
include/openssl/aes.h
@@ -122,6 +122,48 @@ man/man1/openssl_md5.1
man/man1/openssl_mdc2.1
man/man1/openssl_nseq.1
man/man1/openssl_ocsp.1
+man/man1/openssl_openssl-asn1parse.1
+man/man1/openssl_openssl-ca.1
+man/man1/openssl_openssl-ciphers.1
+man/man1/openssl_openssl-cms.1
+man/man1/openssl_openssl-crl.1
+man/man1/openssl_openssl-crl2pkcs7.1
+man/man1/openssl_openssl-dgst.1
+man/man1/openssl_openssl-dhparam.1
+man/man1/openssl_openssl-dsa.1
+man/man1/openssl_openssl-dsaparam.1
+man/man1/openssl_openssl-ec.1
+man/man1/openssl_openssl-ecparam.1
+man/man1/openssl_openssl-enc.1
+man/man1/openssl_openssl-errstr.1
+man/man1/openssl_openssl-gendsa.1
+man/man1/openssl_openssl-genpkey.1
+man/man1/openssl_openssl-genrsa.1
+man/man1/openssl_openssl-nseq.1
+man/man1/openssl_openssl-ocsp.1
+man/man1/openssl_openssl-passwd.1
+man/man1/openssl_openssl-pkcs12.1
+man/man1/openssl_openssl-pkcs7.1
+man/man1/openssl_openssl-pkcs8.1
+man/man1/openssl_openssl-pkey.1
+man/man1/openssl_openssl-pkeyparam.1
+man/man1/openssl_openssl-pkeyutl.1
+man/man1/openssl_openssl-rand.1
+man/man1/openssl_openssl-req.1
+man/man1/openssl_openssl-rsa.1
+man/man1/openssl_openssl-rsautl.1
+man/man1/openssl_openssl-s_client.1
+man/man1/openssl_openssl-s_server.1
+man/man1/openssl_openssl-s_time.1
+man/man1/openssl_openssl-sess_id.1
+man/man1/openssl_openssl-smime.1
+man/man1/openssl_openssl-speed.1
+man/man1/openssl_openssl-spkac.1
+man/man1/openssl_openssl-ts.1
+man/man1/openssl_openssl-tsget.1
+man/man1/openssl_openssl-verify.1
+man/man1/openssl_openssl-version.1
+man/man1/openssl_openssl-x509.1
man/man1/openssl_passwd.1
man/man1/openssl_pkcs12.1
man/man1/openssl_pkcs7.1
@@ -814,6 +856,7 @@ man/man3/EVP_PKEY_CTX_set_rsa_padding.3
man/man3/EVP_PKEY_CTX_set_rsa_pss_saltlen.3
man/man3/EVP_PKEY_CTX_set_rsa_rsa_keygen_bits.3
man/man3/EVP_PKEY_CTX_set_signature_md.3
+man/man3/EVP_PKEY_METHOD.3
man/man3/EVP_PKEY_assign_DH.3
man/man3/EVP_PKEY_assign_DSA.3
man/man3/EVP_PKEY_assign_EC_KEY.3
@@ -837,6 +880,39 @@ man/man3/EVP_PKEY_get_default_digest.3
man/man3/EVP_PKEY_get_default_digest_nid.3
man/man3/EVP_PKEY_keygen.3
man/man3/EVP_PKEY_keygen_init.3
+man/man3/EVP_PKEY_meth_add0.3
+man/man3/EVP_PKEY_meth_copy.3
+man/man3/EVP_PKEY_meth_find.3
+man/man3/EVP_PKEY_meth_free.3
+man/man3/EVP_PKEY_meth_get_cleanup.3
+man/man3/EVP_PKEY_meth_get_copy.3
+man/man3/EVP_PKEY_meth_get_ctrl.3
+man/man3/EVP_PKEY_meth_get_decrypt.3
+man/man3/EVP_PKEY_meth_get_derive.3
+man/man3/EVP_PKEY_meth_get_encrypt.3
+man/man3/EVP_PKEY_meth_get_init.3
+man/man3/EVP_PKEY_meth_get_keygen.3
+man/man3/EVP_PKEY_meth_get_paramgen.3
+man/man3/EVP_PKEY_meth_get_sign.3
+man/man3/EVP_PKEY_meth_get_signctx.3
+man/man3/EVP_PKEY_meth_get_verify.3
+man/man3/EVP_PKEY_meth_get_verify_recover.3
+man/man3/EVP_PKEY_meth_get_verifyctx.3
+man/man3/EVP_PKEY_meth_new.3
+man/man3/EVP_PKEY_meth_set_cleanup.3
+man/man3/EVP_PKEY_meth_set_copy.3
+man/man3/EVP_PKEY_meth_set_ctrl.3
+man/man3/EVP_PKEY_meth_set_decrypt.3
+man/man3/EVP_PKEY_meth_set_derive.3
+man/man3/EVP_PKEY_meth_set_encrypt.3
+man/man3/EVP_PKEY_meth_set_init.3
+man/man3/EVP_PKEY_meth_set_keygen.3
+man/man3/EVP_PKEY_meth_set_paramgen.3
+man/man3/EVP_PKEY_meth_set_sign.3
+man/man3/EVP_PKEY_meth_set_signctx.3
+man/man3/EVP_PKEY_meth_set_verify.3
+man/man3/EVP_PKEY_meth_set_verify_recover.3
+man/man3/EVP_PKEY_meth_set_verifyctx.3
man/man3/EVP_PKEY_missing_parameters.3
man/man3/EVP_PKEY_new.3
man/man3/EVP_PKEY_paramgen.3
@@ -865,10 +941,14 @@ man/man3/EVP_SignUpdate.3
man/man3/EVP_VerifyFinal.3
man/man3/EVP_VerifyInit.3
man/man3/EVP_VerifyUpdate.3
+man/man3/EVP_aes_128_cbc_hmac_sha1.3
+man/man3/EVP_aes_128_cbc_hmac_sha256.3
man/man3/EVP_aes_128_ccm.3
man/man3/EVP_aes_128_gcm.3
man/man3/EVP_aes_192_ccm.3
man/man3/EVP_aes_192_gcm.3
+man/man3/EVP_aes_256_cbc_hmac_sha1.3
+man/man3/EVP_aes_256_cbc_hmac_sha256.3
man/man3/EVP_aes_256_ccm.3
man/man3/EVP_aes_256_gcm.3
man/man3/EVP_bf_cbc.3
@@ -918,6 +998,7 @@ man/man3/EVP_rc2_ecb.3
man/man3/EVP_rc2_ofb.3
man/man3/EVP_rc4.3
man/man3/EVP_rc4_40.3
+man/man3/EVP_rc4_hmac_md5.3
man/man3/EVP_rc5_32_12_16_cbc.3
man/man3/EVP_rc5_32_12_16_cfb.3
man/man3/EVP_rc5_32_12_16_ecb.3
@@ -1258,6 +1339,8 @@ man/man3/SSL_CTX_set_session_cache_mode.3
man/man3/SSL_CTX_set_session_id_context.3
man/man3/SSL_CTX_set_ssl_version.3
man/man3/SSL_CTX_set_timeout.3
+man/man3/SSL_CTX_set_tlsext_servername_arg.3
+man/man3/SSL_CTX_set_tlsext_servername_callback.3
man/man3/SSL_CTX_set_tlsext_status_arg.3
man/man3/SSL_CTX_set_tlsext_status_cb.3
man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3
@@ -1307,6 +1390,7 @@ man/man3/SSL_clear_options.3
man/man3/SSL_connect.3
man/man3/SSL_ctrl.3
man/man3/SSL_do_handshake.3
+man/man3/SSL_export_keying_material.3
man/man3/SSL_flush_sessions.3
man/man3/SSL_free.3
man/man3/SSL_get0_alpn_selected.3
@@ -1342,6 +1426,8 @@ man/man3/SSL_get_quiet_shutdown.3
man/man3/SSL_get_rbio.3
man/man3/SSL_get_read_ahead.3
man/man3/SSL_get_secure_renegotiation_support.3
+man/man3/SSL_get_servername.3
+man/man3/SSL_get_servername_type.3
man/man3/SSL_get_session.3
man/man3/SSL_get_shared_curve.3
man/man3/SSL_get_shutdown.3
@@ -1494,6 +1580,7 @@ man/man3/X509_NAME_oneline.3
man/man3/X509_NAME_print.3
man/man3/X509_NAME_print_ex.3
man/man3/X509_NAME_print_ex_fp.3
+man/man3/X509_REQ_check_private_key.3
man/man3/X509_STORE_CTX_cleanup.3
man/man3/X509_STORE_CTX_free.3
man/man3/X509_STORE_CTX_get0_param.3
@@ -1537,6 +1624,7 @@ man/man3/X509_check_email.3
man/man3/X509_check_host.3
man/man3/X509_check_ip.3
man/man3/X509_check_ip_asc.3
+man/man3/X509_check_private_key.3
man/man3/X509_free.3
man/man3/X509_new.3
man/man3/X509_verify_cert.3
diff --git a/security/openssl/distinfo b/security/openssl/distinfo
index 925abc0422e..c659f2e2f4d 100644
--- a/security/openssl/distinfo
+++ b/security/openssl/distinfo
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.128 2017/09/22 21:02:43 tez Exp $
+$NetBSD: distinfo,v 1.129 2017/11/24 20:34:23 bsiegert Exp $
-SHA1 (openssl-1.0.2k.tar.gz) = 5f26a624479c51847ebd2f22bb9f84b3b44dcb44
-RMD160 (openssl-1.0.2k.tar.gz) = 56b70831e49f83987ec14b3878d0d693f9a7d862
-SHA512 (openssl-1.0.2k.tar.gz) = 0d314b42352f4b1df2c40ca1094abc7e9ad684c5c35ea997efdd58204c70f22a1abcb17291820f0fff3769620a4e06906034203d31eb1a4d540df3e0db294016
-Size (openssl-1.0.2k.tar.gz) = 5309236 bytes
+SHA1 (openssl-1.0.2m.tar.gz) = 27fb00641260f97eaa587eb2b80fab3647f6013b
+RMD160 (openssl-1.0.2m.tar.gz) = 353479313ecfee1abdf28170e642fc30a4c71c09
+SHA512 (openssl-1.0.2m.tar.gz) = 7619aa223ee50d0f5e270ac9090e95b2b1ba5dfc656c98f625a9a277dda472fb960a4e89a7ba300044cb401b2072b2ca6a6fcce8206d927bf373d1c981806a93
+Size (openssl-1.0.2m.tar.gz) = 5373776 bytes
SHA1 (patch-Configure) = 2d963d781314276a0ee1bc531df6bc50f0f6b32b
SHA1 (patch-Makefile.org) = d2a9295003a8b88718a328b01ff6bcbbc102ec0b
SHA1 (patch-Makefile.shared) = d317004d6ade167fc3b6e533bb8a1e93657188b2
@@ -11,5 +11,4 @@ SHA1 (patch-apps_Makefile) = 60113291f2a25f5f1c1dba35e8173087bcd4cc30
SHA1 (patch-config) = 345cadece3bdf0ef0a273a6c9ba6d0cbb1026a31
SHA1 (patch-crypto_bn_bn__prime.pl) = a516f3709a862d85e659d466e895419b1e0a94c8
SHA1 (patch-crypto_des_Makefile) = 7a23f9883ff6c93ec0e5d08e1332cc95de8cdba2
-SHA1 (patch-crypto_x509v3_v3_addr.c) = 0782668ce0748b58eda9036ee93fa926e575698b
SHA1 (patch-tools_Makefile) = 67f0b9b501969382fd89b678c277d32bf5d294bc
diff --git a/security/openssl/patches/patch-crypto_x509v3_v3_addr.c b/security/openssl/patches/patch-crypto_x509v3_v3_addr.c
deleted file mode 100644
index 76f8917b0b6..00000000000
--- a/security/openssl/patches/patch-crypto_x509v3_v3_addr.c
+++ /dev/null
@@ -1,25 +0,0 @@
-$NetBSD: patch-crypto_x509v3_v3_addr.c,v 1.1 2017/09/22 21:02:43 tez Exp $
-
-Patch for CVE-2017-3735 from
-https://github.com/openssl/openssl/commit/31c8b265591a0aaa462a1f3eb5770661aaac67db
-
-
---- crypto/x509v3/v3_addr.c
-+++ crypto/x509v3/v3_addr.c
-@@ -130,10 +130,12 @@ static int length_from_afi(const unsigned afi)
- */
- unsigned int v3_addr_get_afi(const IPAddressFamily *f)
- {
-- return ((f != NULL &&
-- f->addressFamily != NULL && f->addressFamily->data != NULL)
-- ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1]))
-- : 0);
-+ if (f == NULL
-+ || f->addressFamily == NULL
-+ || f->addressFamily->data == NULL
-+ || f->addressFamily->length < 2)
-+ return 0;
-+ return (f->addressFamily->data[0] << 8) | f->addressFamily->data[1];
- }
-
- /*
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-12 07:55:27 +0000