Fri Dec 3 04:34:47 2010 UTC ()
Pullup ticket #3292 - requested by taca
pkgsrc/security/openssl security update

Revisions pulled up:
pkgsrc/security/openssl/Makefile	1.153
pkgsrc/security/openssl/distinfo	1.79

-------------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Dec  3 00:17:21 UTC 2010

   Modified Files:
   	pkgsrc/security/openssl: Makefile distinfo

   Log Message:
   Update openssl package to 0.9.8q.

      OpenSSL version 0.9.8q released
      ===============================

      OpenSSL - The Open Source toolkit for SSL/TLS
      http://www.openssl.org/

      The OpenSSL project team is pleased to announce the release of
      version 0.9.8q of our open source toolkit for SSL/TLS. This new
      OpenSSL version is a security and bugfix release. For a complete
      list of changes, please see

          http://www.openssl.org/source/exp/CHANGES.

      The most significant changes are:

         o Fix for security issue CVE-2010-4180
         o Fix for CVE-2010-4252

   To generate a diff of this commit:
   cvs rdiff -u -r1.152 -r1.153 pkgsrc/security/openssl/Makefile
   cvs rdiff -u -r1.78 -r1.79 pkgsrc/security/openssl/distinfo


(sbd)
diff -r1.151.2.1 -r1.151.2.2 pkgsrc/security/openssl/Makefile
diff -r1.77.2.1 -r1.77.2.2 pkgsrc/security/openssl/distinfo
cvs diff -r1.151.2.1 -r1.151.2.2 pkgsrc/security/openssl/Makefile (switch to unified diff)

--- pkgsrc/security/openssl/Makefile 2010/11/17 18:47:28 1.151.2.1
+++ pkgsrc/security/openssl/Makefile 2010/12/03 04:34:47 1.151.2.2
@@ -1,139 +1,140 @@ @@ -1,139 +1,140 @@
1# $NetBSD: Makefile,v 1.151.2.1 2010/11/17 18:47:28 tron Exp $ 1# $NetBSD: Makefile,v 1.151.2.2 2010/12/03 04:34:47 sbd Exp $
2 2
3OPENSSL_SNAPSHOT?= # empty 3OPENSSL_SNAPSHOT?= # empty
4OPENSSL_STABLE?= # empty 4OPENSSL_STABLE?= # empty
5OPENSSL_VERS?= 0.9.8p 5OPENSSL_VERS?= 0.9.8q
6 6
7.if empty(OPENSSL_SNAPSHOT) 7.if empty(OPENSSL_SNAPSHOT)
8DISTNAME= openssl-${OPENSSL_VERS} 8DISTNAME= openssl-${OPENSSL_VERS}
9MASTER_SITES= ftp://ftp.openssl.org/source/ \ 9MASTER_SITES= ftp://ftp.openssl.org/source/ \
10 ftp://sunsite.cnlab-switch.ch/mirror/openssl/source/ \ 10 ftp://sunsite.cnlab-switch.ch/mirror/openssl/source/ \
11 ftp://sunsite.uio.no/pub/security/openssl/source/ 11 ftp://sunsite.uio.no/pub/security/openssl/source/
12.else 12.else
13. if !empty(OPENSSL_STABLE:M[yY][eE][sS]) 13. if !empty(OPENSSL_STABLE:M[yY][eE][sS])
14DISTNAME= openssl-${OPENSSL_VERS:C/[a-z]$//}-stable-SNAP-${OPENSSL_SNAPSHOT} 14DISTNAME= openssl-${OPENSSL_VERS:C/[a-z]$//}-stable-SNAP-${OPENSSL_SNAPSHOT}
15PKGNAME= openssl-${OPENSSL_VERS}beta${OPENSSL_SNAPSHOT} 15PKGNAME= openssl-${OPENSSL_VERS}beta${OPENSSL_SNAPSHOT}
16MASTER_SITES= ftp://ftp.openssl.org/snapshot/ 16MASTER_SITES= ftp://ftp.openssl.org/snapshot/
17. else 17. else
18DISTNAME= openssl-SNAP-${OPENSSL_SNAPSHOT} 18DISTNAME= openssl-SNAP-${OPENSSL_SNAPSHOT}
19PKGNAME= openssl-${OPENSSL_VERS}alpha${OPENSSL_SNAPSHOT} 19PKGNAME= openssl-${OPENSSL_VERS}alpha${OPENSSL_SNAPSHOT}
20MASTER_SITES= ftp://ftp.openssl.org/snapshot/ 20MASTER_SITES= ftp://ftp.openssl.org/snapshot/
21. endif 21. endif
22.endif 22.endif
23 23
24SVR4_PKGNAME= ossl 24SVR4_PKGNAME= ossl
25CATEGORIES= security 25CATEGORIES= security
26MAINTAINER= pkgsrc-users@NetBSD.org 26MAINTAINER= pkgsrc-users@NetBSD.org
27HOMEPAGE= http://www.openssl.org/ 27HOMEPAGE= http://www.openssl.org/
28COMMENT= Secure Socket Layer and cryptographic library 28COMMENT= Secure Socket Layer and cryptographic library
29 29
30CONFLICTS= SSLeay-[0-9]* ssleay-[0-9]* 30CONFLICTS= SSLeay-[0-9]* ssleay-[0-9]*
31 31
32CRYPTO= yes 32CRYPTO= yes
33 33
34PKG_INSTALLATION_TYPES= overwrite pkgviews 34PKG_INSTALLATION_TYPES= overwrite pkgviews
35PKG_DESTDIR_SUPPORT= user-destdir 35PKG_DESTDIR_SUPPORT= user-destdir
36 36
37.include "../../mk/bsd.prefs.mk" 37.include "../../mk/bsd.prefs.mk"
38.include "../../mk/compiler.mk" 38.include "../../mk/compiler.mk"
39 39
 40EXTRACT_USING= gtar
40USE_TOOLS+= gmake perl 41USE_TOOLS+= gmake perl
41TEST_TARGET= tests 42TEST_TARGET= tests
42MAKE_JOBS_SAFE= no 43MAKE_JOBS_SAFE= no
43 44
44HAS_CONFIGURE= yes 45HAS_CONFIGURE= yes
45CONFIGURE_SCRIPT= ./config 46CONFIGURE_SCRIPT= ./config
46CONFIGURE_ARGS+= --prefix=${PREFIX:Q} 47CONFIGURE_ARGS+= --prefix=${PREFIX:Q}
47CONFIGURE_ARGS+= --install_prefix=${DESTDIR} 48CONFIGURE_ARGS+= --install_prefix=${DESTDIR}
48CONFIGURE_ARGS+= --openssldir=${PKG_SYSCONFDIR:Q} 49CONFIGURE_ARGS+= --openssldir=${PKG_SYSCONFDIR:Q}
49CONFIGURE_ARGS+= shared threads no-fips 50CONFIGURE_ARGS+= shared threads no-fips
50 51
51.if ${OPSYS} == "SunOS" 52.if ${OPSYS} == "SunOS"
52. if ${MACHINE_ARCH} == "sparc" 53. if ${MACHINE_ARCH} == "sparc"
53OPENSSL_MACHINE_ARCH= ${SPARC_TARGET_ARCH} 54OPENSSL_MACHINE_ARCH= ${SPARC_TARGET_ARCH}
54. elif ${MACHINE_ARCH} == "i386" 55. elif ${MACHINE_ARCH} == "i386"
55OPENSSL_MACHINE_ARCH= x86 56OPENSSL_MACHINE_ARCH= x86
56. elif ${MACHINE_ARCH} == "x86_64" 57. elif ${MACHINE_ARCH} == "x86_64"
57OPENSSL_MACHINE_ARCH= ${MACHINE_ARCH} 58OPENSSL_MACHINE_ARCH= ${MACHINE_ARCH}
58. endif 59. endif
59# only override the configure target if we know the platform, falling 60# only override the configure target if we know the platform, falling
60# back to ./config's autodetection if not. 61# back to ./config's autodetection if not.
61. if defined(OPENSSL_MACHINE_ARCH) && !empty(OPENSSL_MACHINE_ARCH) 62. if defined(OPENSSL_MACHINE_ARCH) && !empty(OPENSSL_MACHINE_ARCH)
62CONFIGURE_SCRIPT= ./Configure 63CONFIGURE_SCRIPT= ./Configure
63. if !empty(CC_VERSION:Mgcc*) 64. if !empty(CC_VERSION:Mgcc*)
64CONFIGURE_ARGS+= solaris-${OPENSSL_MACHINE_ARCH}-gcc 65CONFIGURE_ARGS+= solaris-${OPENSSL_MACHINE_ARCH}-gcc
65. else 66. else
66CONFIGURE_ARGS+= solaris-${OPENSSL_MACHINE_ARCH}-cc 67CONFIGURE_ARGS+= solaris-${OPENSSL_MACHINE_ARCH}-cc
67. endif 68. endif
68. endif 69. endif
69.elif ${OPSYS} == "IRIX" 70.elif ${OPSYS} == "IRIX"
70CONFIGURE_ARGS+= no-asm 71CONFIGURE_ARGS+= no-asm
71. if ${ABI} == "64" 72. if ${ABI} == "64"
72CONFIGURE_SCRIPT= ./Configure 73CONFIGURE_SCRIPT= ./Configure
73. if !empty(CC_VERSION:Mgcc*) 74. if !empty(CC_VERSION:Mgcc*)
74CONFIGURE_ARGS+= irix64-mips4-gcc 75CONFIGURE_ARGS+= irix64-mips4-gcc
75. else 76. else
76CONFIGURE_ARGS+= irix64-mips4-cc 77CONFIGURE_ARGS+= irix64-mips4-cc
77. endif 78. endif
78. endif 79. endif
79.elif ${OPSYS} == "OSF1" 80.elif ${OPSYS} == "OSF1"
80PLIST_OPSYS= PLIST.osf1 81PLIST_OPSYS= PLIST.osf1
81CONFIGURE_SCRIPT= ./Configure 82CONFIGURE_SCRIPT= ./Configure
82. if !empty(CC_VERSION:Mgcc*) 83. if !empty(CC_VERSION:Mgcc*)
83CONFIGURE_ARGS+= tru64-alpha-gcc 84CONFIGURE_ARGS+= tru64-alpha-gcc
84. else 85. else
85CONFIGURE_ARGS+= tru64-alpha-cc 86CONFIGURE_ARGS+= tru64-alpha-cc
86. endif 87. endif
87.elif ${OPSYS} == "Darwin" 88.elif ${OPSYS} == "Darwin"
88CONFIGURE_SCRIPT= ./Configure 89CONFIGURE_SCRIPT= ./Configure
89. if defined(ABI) && ${ABI} == "64" 90. if defined(ABI) && ${ABI} == "64"
90CONFIGURE_ARGS+= darwin64-${MACHINE_ARCH}-cc 91CONFIGURE_ARGS+= darwin64-${MACHINE_ARCH}-cc
91. else 92. else
92CONFIGURE_ARGS+= darwin-${MACHINE_ARCH}-cc 93CONFIGURE_ARGS+= darwin-${MACHINE_ARCH}-cc
93. endif 94. endif
94 95
95.include "../../mk/dlopen.buildlink3.mk" 96.include "../../mk/dlopen.buildlink3.mk"
96 97
97SUBST_CLASSES+= dl 98SUBST_CLASSES+= dl
98SUBST_MESSAGE.dl= Adding dynamic link compatibility library. 99SUBST_MESSAGE.dl= Adding dynamic link compatibility library.
99SUBST_STAGE.dl= post-configure 100SUBST_STAGE.dl= post-configure
100SUBST_FILES.dl= Makefile apps/Makefile crypto/Makefile \ 101SUBST_FILES.dl= Makefile apps/Makefile crypto/Makefile \
101 crypto/pkcs7/Makefile test/Makefile 102 crypto/pkcs7/Makefile test/Makefile
102SUBST_SED.dl= -e 's,^EX_LIBS=,EX_LIBS=${DL_LDFLAGS:Q} ,g' 103SUBST_SED.dl= -e 's,^EX_LIBS=,EX_LIBS=${DL_LDFLAGS:Q} ,g'
103 104
104.elif ${OPSYS} == "Interix" 105.elif ${OPSYS} == "Interix"
105 106
106SUBST_CLASSES+= soname 107SUBST_CLASSES+= soname
107SUBST_STAGE.soname= post-configure 108SUBST_STAGE.soname= post-configure
108SUBST_FILES.soname= Makefile.shared 109SUBST_FILES.soname= Makefile.shared
109SUBST_SED.soname= -e 's/-Wl,-soname=/-Wl,-h,/g' 110SUBST_SED.soname= -e 's/-Wl,-soname=/-Wl,-h,/g'
110.endif 111.endif
111 112
112.include "../../security/openssl/options.mk" 113.include "../../security/openssl/options.mk"
113 114
114CONFIGURE_ARGS+= ${CFLAGS} ${LDFLAGS} 115CONFIGURE_ARGS+= ${CFLAGS} ${LDFLAGS}
115CONFIGURE_ENV+= PERL=${PERL5:Q} 116CONFIGURE_ENV+= PERL=${PERL5:Q}
116 117
117PLIST_OPSYS?= ${PKGDIR}/PLIST.${LOWER_OPSYS:C/([.0-9]*)$//} 118PLIST_OPSYS?= ${PKGDIR}/PLIST.${LOWER_OPSYS:C/([.0-9]*)$//}
118.if exists(${PLIST_OPSYS}) 119.if exists(${PLIST_OPSYS})
119PLIST_SHLIB= ${PLIST_OPSYS} 120PLIST_SHLIB= ${PLIST_OPSYS}
120.else 121.else
121PLIST_SHLIB= ${PKGDIR}/PLIST.shlib 122PLIST_SHLIB= ${PKGDIR}/PLIST.shlib
122.endif 123.endif
123PLIST_SRC= ${PLIST_SHLIB} 124PLIST_SRC= ${PLIST_SHLIB}
124PLIST_SRC+= ${PKGDIR}/PLIST.common 125PLIST_SRC+= ${PKGDIR}/PLIST.common
125PLIST_SUBST+= SHLIB_VERSION=${OPENSSL_VERS:C/[^0-9]*$//} 126PLIST_SUBST+= SHLIB_VERSION=${OPENSSL_VERS:C/[^0-9]*$//}
126PLIST_SUBST+= SHLIB_MAJOR=${OPENSSL_VERS:C/\..*$//} 127PLIST_SUBST+= SHLIB_MAJOR=${OPENSSL_VERS:C/\..*$//}
127 128
128PKG_SYSCONFSUBDIR= openssl 129PKG_SYSCONFSUBDIR= openssl
129CONF_FILES= ${PREFIX}/share/examples/openssl/openssl.cnf \ 130CONF_FILES= ${PREFIX}/share/examples/openssl/openssl.cnf \
130 ${PKG_SYSCONFDIR}/openssl.cnf 131 ${PKG_SYSCONFDIR}/openssl.cnf
131OWN_DIRS= ${PKG_SYSCONFDIR}/certs ${PKG_SYSCONFDIR}/private 132OWN_DIRS= ${PKG_SYSCONFDIR}/certs ${PKG_SYSCONFDIR}/private
132 133
133INSTALLATION_DIRS+= share/examples/openssl 134INSTALLATION_DIRS+= share/examples/openssl
134 135
135# Fix the path to perl in various scripts. 136# Fix the path to perl in various scripts.
136pre-configure: 137pre-configure:
137 cd ${WRKSRC} && ${PERL5} util/perlpath.pl ${PERL5} 138 cd ${WRKSRC} && ${PERL5} util/perlpath.pl ${PERL5}
138 139
139.include "../../mk/bsd.pkg.mk" 140.include "../../mk/bsd.pkg.mk"
cvs diff -r1.77.2.1 -r1.77.2.2 pkgsrc/security/openssl/distinfo (switch to unified diff)

--- pkgsrc/security/openssl/distinfo 2010/11/17 18:47:29 1.77.2.1
+++ pkgsrc/security/openssl/distinfo 2010/12/03 04:34:47 1.77.2.2
@@ -1,13 +1,13 @@ @@ -1,13 +1,13 @@
1$NetBSD: distinfo,v 1.77.2.1 2010/11/17 18:47:29 tron Exp $ 1$NetBSD: distinfo,v 1.77.2.2 2010/12/03 04:34:47 sbd Exp $
2 2
3SHA1 (openssl-0.9.8p.tar.gz) = 4ba43f4110432d7518c4f5d7be79077705ae7f16 3SHA1 (openssl-0.9.8q.tar.gz) = 12b6859698ca299fa0cba594686c25d5c01e410d
4RMD160 (openssl-0.9.8p.tar.gz) = 13ec0427100f3d31940fe3725ca7c73163dc9fdd 4RMD160 (openssl-0.9.8q.tar.gz) = 2a6583fc059f83232b16d0dad8855fc8086f2450
5Size (openssl-0.9.8p.tar.gz) = 3772501 bytes 5Size (openssl-0.9.8q.tar.gz) = 3773961 bytes
6SHA1 (patch-aa) = eb25505e8a745eb5ba85f857b0f9302fd5e9bda1 6SHA1 (patch-aa) = eb25505e8a745eb5ba85f857b0f9302fd5e9bda1
7SHA1 (patch-ac) = 6ff4a20440666f5c520837e10547091e1bee2208 7SHA1 (patch-ac) = 6ff4a20440666f5c520837e10547091e1bee2208
8SHA1 (patch-ad) = bb86ac463fc4ab8b485df5f1a4fb9c13c1fc41c3 8SHA1 (patch-ad) = bb86ac463fc4ab8b485df5f1a4fb9c13c1fc41c3
9SHA1 (patch-ae) = 7a58f1765a3761321dcc8dafc5fe2e33207be480 9SHA1 (patch-ae) = 7a58f1765a3761321dcc8dafc5fe2e33207be480
10SHA1 (patch-af) = 2610930b6b06397fa2e3955b3244c02193f5b7a6 10SHA1 (patch-af) = 2610930b6b06397fa2e3955b3244c02193f5b7a6
11SHA1 (patch-ag) = 5f12c72b85e4b6c6a79dfcf87055e9e029fbd8c8 11SHA1 (patch-ag) = 5f12c72b85e4b6c6a79dfcf87055e9e029fbd8c8
12SHA1 (patch-ak) = 049250b9bd42e6f155145703135dab39a7ec17e0 12SHA1 (patch-ak) = 049250b9bd42e6f155145703135dab39a7ec17e0
13SHA1 (patch-al) = 076a606352bdeaeea1cc64f16be2ac1325882302 13SHA1 (patch-al) = 076a606352bdeaeea1cc64f16be2ac1325882302