summaryrefslogtreecommitdiff
path: root/security/openssl/options.mk
AgeCommit message (Collapse)AuthorFilesLines
2013-02-06Update OpenSSL to 1.0.1d. Changes are far too numerous to list, the main ↵jperkin1-30/+16
one being that we can now take advantage of AES-NI support in modern processors to significantly increase performance. Miscellaneous pkgsrc changes: - Remove unnecessary warning message on Solaris. - Fix RPATH for libgost.so. - MD2 support is optional, enabled by default for compatability.
2012-01-20remove restrictions related to idea and mdc2 patents - both are expireddrochner1-8/+1
2011-11-02Add a new threads option which is on by default. The purpose of this isjnemeth1-2/+9
to allow other packages that can't handle threads to link against this. No revbump since there is no change to binary packages.
2008-09-17Add zlib option.reed1-2/+9
This is for PR 39433. It is not enabled by default.
2008-04-12Convert to use PLIST_VARS instead of manually passing "@comment "jlam1-7/+7
through PLIST_SUBST to the plist module.
2008-01-17Update to openssl-0.9.8g. Provided by Jukka Salmi in pkgsrc-wip.tnn1-1/+3
pkgsrc notes: o Tested on NetBSD/i386 (Jukka Salmi), Mac OSX 10.5 (Adrian Portelli), Linux (Jeremy C. Reed), Tru64 5.1b (tnn), HP-UX 11i (tnn). Because the Makefile system has been rewamped, other platforms may require fixes. Please test if you can. o OpenSSL can now be built with installation to DESTDIR. Overview of important changes since 0.9.7i: o Add gcc 4.2 support. o DTLS improvements. o RFC4507bis support. o TLS Extensions support. o RFC3779 support. o New cipher Camellia o Updated ECC cipher suite support. o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free(). o Zlib compression usage fixes. o Major work on the BIGNUM library for higher efficiency and to make operations more streamlined and less contradictory. This is the result of a major audit of the BIGNUM library. o Addition of BIGNUM functions for fields GF(2^m) and NIST curves, to support the Elliptic Crypto functions. o Major work on Elliptic Crypto; ECDH and ECDSA added, including the use through EVP, X509 and ENGINE. o New ASN.1 mini-compiler that's usable through the OpenSSL configuration file. o Added support for ASN.1 indefinite length constructed encoding. o New PKCS#12 'medium level' API to manipulate PKCS#12 files. o Complete rework of shared library construction and linking programs with shared or static libraries, through a separate Makefile.shared. o Rework of the passing of parameters from one Makefile to another. o Changed ENGINE framework to load dynamic engine modules automatically from specifically given directories. o New structure and ASN.1 functions for CertificatePair. o Changed the key-generation and primality testing "progress" mechanism to take a structure that contains the ticker function and an argument. o New engine module: GMP (performs private key exponentiation). o New engine module: VIA PadLOck ACE extension in VIA C3 Nehemiah processors. o Added support for IPv6 addresses in certificate extensions. See RFC 1884, section 2.2. o Added support for certificate policy mappings, policy constraints and name constraints. o Added support for multi-valued AVAs in the OpenSSL configuration file. o Added support for multiple certificates with the same subject in the 'openssl ca' index file. o Make it possible to create self-signed certificates using 'openssl ca -selfsign'. o Make it possible to generate a serial number file with 'openssl ca -create_serial'. o New binary search functions with extended functionality. o New BUF functions. o New STORE structure and library to provide an interface to all sorts of data repositories. Supports storage of public and private keys, certificates, CRLs, numbers and arbitrary blobs. This library is unfortunately unfinished and unused withing OpenSSL. o New control functions for the error stack. o Changed the PKCS#7 library to support one-pass S/MIME processing. o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512). o New X509_VERIFY_PARAM structure to support parametrisation of X.509 path validation. o Change the default digest in 'openssl' commands from MD5 to SHA-1. o Added support for DTLS. o New BIGNUM blinding. o Added support for the RSA-PSS encryption scheme o Added support for the RSA X.931 padding. o Added support for files larger than 2GB. o Added alternate pkg-config files.
2007-12-27Remove deprecated "fee-based commercial use" license for idea, mdc2,gdt1-11/+8
rc5, and replace with {idea,mdc2,rc5}-nonlicense. Because pkgsrc does not yet handle multiple licenses, set LICENSE to openssl-patented-algorithms-nonlicense.
2005-07-19the option for fee-based-commercial-use is fee-based-commercial-use,grant1-7/+7
not fee-based-commercial.
2005-03-23Update security/openssl to openssl-0.9.7f.jlam1-0/+55
Pkgsrc changes from version 0.9.7e include: *) Install the man pages with names that are less likely to collide with other packages' man pages. *) Support PKG_OPTIONS of "idea", "mdc2" and "rc5" to allow building with patented algorithms. By default, this package still builds without patented algorithms. Major changes from version 0.9.7e include: *) Prompt for pass phrases when appropriate for PKCS12 input format. *) Back-port of selected performance improvements from development branch, as well as improved support for PowerPC platforms. *) Add lots of checks for memory allocation failure, error codes to indicate failure and freeing up memory if a failure occurs. *) Add new -passin argument to dgst. *) Make an explicit check during certificate validation to see that the CA setting in each certificate on the chain is correct.
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-11 06:19:53 +0000