Tue Feb 7 16:34:42 2023 UTC ()
openssl: Update to 1.1.1t.

Changes between 1.1.1s and 1.1.1t [7 Feb 2023]

 *) Fixed X.400 address type confusion in X.509 GeneralName.

   There is a type confusion vulnerability relating to X.400 address processing
   inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING
   but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This
   vulnerability may allow an attacker who can provide a certificate chain and
   CRL (neither of which need have a valid signature) to pass arbitrary
   pointers to a memcmp call, creating a possible read primitive, subject to
   some constraints. Refer to the advisory for more information. Thanks to
   David Benjamin for discovering this issue. (CVE-2023-0286)

   This issue has been fixed by changing the public header file definition of
   GENERAL_NAME so that x400Address reflects the implementation. It was not
   possible for any existing application to successfully use the existing
   definition; however, if any application references the x400Address field
   (e.g. in dead code), note that the type of this field has changed. There is
   no ABI change.
   [Hugo Landau]

 *) Fixed Use-after-free following BIO_new_NDEF.

   The public API function BIO_new_NDEF is a helper function used for
   streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL
   to support the SMIME, CMS and PKCS7 streaming capabilities, but may also
   be called directly by end user applications.

   The function receives a BIO from the caller, prepends a new BIO_f_asn1
   filter BIO onto the front of it to form a BIO chain, and then returns
   the new head of the BIO chain to the caller. Under certain conditions,
   for example if a CMS recipient public key is invalid, the new filter BIO
   is freed and the function returns a NULL result indicating a failure.
   However, in this case, the BIO chain is not properly cleaned up and the
   BIO passed by the caller still retains internal pointers to the previously
   freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO
   then a use-after-free will occur. This will most likely result in a crash.
   (CVE-2023-0215)
   [Viktor Dukhovni, Matt Caswell]

 *) Fixed Double free after calling PEM_read_bio_ex.

   The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and
   decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload
   data. If the function succeeds then the "name_out", "header" and "data"
   arguments are populated with pointers to buffers containing the relevant
   decoded data. The caller is responsible for freeing those buffers. It is
   possible to construct a PEM file that results in 0 bytes of payload data.
   In this case PEM_read_bio_ex() will return a failure code but will populate
   the header argument with a pointer to a buffer that has already been freed.
   If the caller also frees this buffer then a double free will occur. This
   will most likely lead to a crash.

   The functions PEM_read_bio() and PEM_read() are simple wrappers around
   PEM_read_bio_ex() and therefore these functions are also directly affected.

   These functions are also called indirectly by a number of other OpenSSL
   functions including PEM_X509_INFO_read_bio_ex() and
   SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL
   internal uses of these functions are not vulnerable because the caller does
   not free the header argument if PEM_read_bio_ex() returns a failure code.
   (CVE-2022-4450)
   [Kurt Roeckx, Matt Caswell]

 *) Fixed Timing Oracle in RSA Decryption.

   A timing based side channel exists in the OpenSSL RSA Decryption
   implementation which could be sufficient to recover a plaintext across
   a network in a Bleichenbacher style attack. To achieve a successful
   decryption an attacker would have to be able to send a very large number
   of trial messages for decryption. The vulnerability affects all RSA padding
   modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
   (CVE-2022-4304)
   [Dmitry Belyavsky, Hubert Kario]


(jperkin)
diff -r1.286 -r1.287 pkgsrc/security/openssl/Makefile
diff -r1.50 -r1.51 pkgsrc/security/openssl/builtin.mk
diff -r1.164 -r1.165 pkgsrc/security/openssl/distinfo
cvs diff -r1.286 -r1.287 pkgsrc/security/openssl/Makefile (expand / switch to unified diff)

--- pkgsrc/security/openssl/Makefile 2022/11/05 18:42:00 1.286
+++ pkgsrc/security/openssl/Makefile 2023/02/07 16:34:42 1.287
@@ -1,19 +1,19 @@ @@ -1,19 +1,19 @@
1# $NetBSD: Makefile,v 1.286 2022/11/05 18:42:00 wiz Exp $ 1# $NetBSD: Makefile,v 1.287 2023/02/07 16:34:42 jperkin Exp $
2 2
3# Remember to upload-distfiles when updating OpenSSL -- otherwise it 3# Remember to upload-distfiles when updating OpenSSL -- otherwise it
4# is not possible for users who have bootstrapped without OpenSSL 4# is not possible for users who have bootstrapped without OpenSSL
5# to install it and enable HTTPS fetching. 5# to install it and enable HTTPS fetching.
6DISTNAME= openssl-1.1.1s 6DISTNAME= openssl-1.1.1t
7CATEGORIES= security 7CATEGORIES= security
8MASTER_SITES= https://www.openssl.org/source/ 8MASTER_SITES= https://www.openssl.org/source/
9 9
10MAINTAINER= pkgsrc-users@NetBSD.org 10MAINTAINER= pkgsrc-users@NetBSD.org
11HOMEPAGE= https://www.openssl.org/ 11HOMEPAGE= https://www.openssl.org/
12COMMENT= Secure Socket Layer and cryptographic library 12COMMENT= Secure Socket Layer and cryptographic library
13LICENSE= openssl 13LICENSE= openssl
14 14
15USE_GCC_RUNTIME= yes 15USE_GCC_RUNTIME= yes
16 16
17USE_TOOLS+= fgrep gmake perl 17USE_TOOLS+= fgrep gmake perl
18USE_TOOLS.SunOS+= gm4 18USE_TOOLS.SunOS+= gm4
19BUILD_TARGET= depend all 19BUILD_TARGET= depend all
cvs diff -r1.50 -r1.51 pkgsrc/security/openssl/builtin.mk (expand / switch to unified diff)

--- pkgsrc/security/openssl/builtin.mk 2023/01/12 11:01:41 1.50
+++ pkgsrc/security/openssl/builtin.mk 2023/02/07 16:34:42 1.51
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: builtin.mk,v 1.50 2023/01/12 11:01:41 markd Exp $ 1# $NetBSD: builtin.mk,v 1.51 2023/02/07 16:34:42 jperkin Exp $
2 2
3BUILTIN_PKG:= openssl 3BUILTIN_PKG:= openssl
4 4
5BUILTIN_FIND_LIBS:= crypto ssl 5BUILTIN_FIND_LIBS:= crypto ssl
6BUILTIN_FIND_HEADERS_VAR:= H_OPENSSLCONF H_OPENSSLV 6BUILTIN_FIND_HEADERS_VAR:= H_OPENSSLCONF H_OPENSSLV
7BUILTIN_FIND_HEADERS.H_OPENSSLCONF= openssl/opensslconf.h 7BUILTIN_FIND_HEADERS.H_OPENSSLCONF= openssl/opensslconf.h
8BUILTIN_FIND_HEADERS.H_OPENSSLV= openssl/opensslv.h 8BUILTIN_FIND_HEADERS.H_OPENSSLV= openssl/opensslv.h
9 9
10.include "../../mk/buildlink3/bsd.builtin.mk" 10.include "../../mk/buildlink3/bsd.builtin.mk"
11 11
12### 12###
13### Determine if there is a built-in implementation of the package and 13### Determine if there is a built-in implementation of the package and
14### set IS_BUILTIN.<pkg> appropriately ("yes" or "no"). 14### set IS_BUILTIN.<pkg> appropriately ("yes" or "no").
@@ -16,27 +16,27 @@ BUILTIN_FIND_HEADERS.H_OPENSSLV= openssl @@ -16,27 +16,27 @@ BUILTIN_FIND_HEADERS.H_OPENSSLV= openssl
16.if !defined(IS_BUILTIN.openssl) 16.if !defined(IS_BUILTIN.openssl)
17IS_BUILTIN.openssl= no 17IS_BUILTIN.openssl= no
18. if empty(H_OPENSSLV:M__nonexistent__) && empty(H_OPENSSLV:M${LOCALBASE}/*) 18. if empty(H_OPENSSLV:M__nonexistent__) && empty(H_OPENSSLV:M${LOCALBASE}/*)
19IS_BUILTIN.openssl= yes 19IS_BUILTIN.openssl= yes
20. endif 20. endif
21.endif 21.endif
22MAKEVARS+= IS_BUILTIN.openssl 22MAKEVARS+= IS_BUILTIN.openssl
23 23
24### 24###
25### If there is a built-in implementation, then set BUILTIN_PKG.<pkg> to 25### If there is a built-in implementation, then set BUILTIN_PKG.<pkg> to
26### a package name to represent the built-in package. 26### a package name to represent the built-in package.
27### 27###
28.if !defined(BUILTIN_PKG.openssl) && \ 28.if !defined(BUILTIN_PKG.openssl) && \
29 ${IS_BUILTIN.openssl:M[yY][eE][sS]} && \ 29 ${IS_BUILTIN.openssl:tl} == yes && \
30 empty(H_OPENSSLV:M__nonexistent__) 30 empty(H_OPENSSLV:M__nonexistent__)
31BUILTIN_VERSION.openssl!= \ 31BUILTIN_VERSION.openssl!= \
32 ${AWK} 'BEGIN { hex="0123456789abcdef"; \ 32 ${AWK} 'BEGIN { hex="0123456789abcdef"; \
33 alpha="abcdefghijklmnopqrstuvwxyz"; \ 33 alpha="abcdefghijklmnopqrstuvwxyz"; \
34 } \ 34 } \
35 /\#[ ]+define/ { sub("\#[ \\t]+define", "\#define", $$0); } \ 35 /\#[ ]+define/ { sub("\#[ \\t]+define", "\#define", $$0); } \
36 /\#define[ ]*OPENSSL_VERSION_STR/ { \ 36 /\#define[ ]*OPENSSL_VERSION_STR/ { \
37 printf "%s\n",substr($$3,2,length($$3)-2); \ 37 printf "%s\n",substr($$3,2,length($$3)-2); \
38 exit 0; \ 38 exit 0; \
39 } \ 39 } \
40 /\#define[ ]*OPENSSL_VERSION_NUMBER/ { \ 40 /\#define[ ]*OPENSSL_VERSION_NUMBER/ { \
41 major = index(hex, substr($$3, 3, 1)) - 1; \ 41 major = index(hex, substr($$3, 3, 1)) - 1; \
42 i = 16 * (index(hex, substr($$3, 4, 1)) - 1); \ 42 i = 16 * (index(hex, substr($$3, 4, 1)) - 1); \
@@ -55,101 +55,101 @@ BUILTIN_VERSION.openssl!= \ @@ -55,101 +55,101 @@ BUILTIN_VERSION.openssl!= \
55 patchlevel = substr(alpha,i,1); \ 55 patchlevel = substr(alpha,i,1); \
56 } \ 56 } \
57 printf "%s%s%s%s\n", \ 57 printf "%s%s%s%s\n", \
58 major, minor, teeny, patchlevel; \ 58 major, minor, teeny, patchlevel; \
59 exit 0; \ 59 exit 0; \
60 } \ 60 } \
61 ' ${H_OPENSSLV} 61 ' ${H_OPENSSLV}
62BUILTIN_PKG.openssl= openssl-${BUILTIN_VERSION.openssl} 62BUILTIN_PKG.openssl= openssl-${BUILTIN_VERSION.openssl}
63.endif 63.endif
64MAKEVARS+= BUILTIN_PKG.openssl 64MAKEVARS+= BUILTIN_PKG.openssl
65MAKEVARS+= BUILTIN_VERSION.openssl 65MAKEVARS+= BUILTIN_VERSION.openssl
66 66
67.if !defined(BUILTIN_OPENSSL_HAS_THREADS) && \ 67.if !defined(BUILTIN_OPENSSL_HAS_THREADS) && \
68 ${IS_BUILTIN.openssl:M[yY][eE][sS]} && \ 68 ${IS_BUILTIN.openssl:tl} == yes && \
69 empty(H_OPENSSLCONF:M__nonexistent__) 69 empty(H_OPENSSLCONF:M__nonexistent__)
70BUILTIN_OPENSSL_HAS_THREADS!= \ 70BUILTIN_OPENSSL_HAS_THREADS!= \
71 ${AWK} 'BEGIN { ans = "no" } \ 71 ${AWK} 'BEGIN { ans = "no" } \
72 /\#[ ]*define[ ]*OPENSSL_THREADS/ { ans= "yes" } \ 72 /\#[ ]*define[ ]*OPENSSL_THREADS/ { ans= "yes" } \
73 /\#[ ]*define[ ]*THREADS/ { ans = "yes" } \ 73 /\#[ ]*define[ ]*THREADS/ { ans = "yes" } \
74 END { print ans; exit 0 } \ 74 END { print ans; exit 0 } \
75 ' ${H_OPENSSLCONF:Q} 75 ' ${H_OPENSSLCONF:Q}
76.endif 76.endif
77MAKEVARS+= BUILTIN_OPENSSL_HAS_THREADS 77MAKEVARS+= BUILTIN_OPENSSL_HAS_THREADS
78 78
79### 79###
80### Determine whether we should use the built-in implementation if it 80### Determine whether we should use the built-in implementation if it
81### exists, and set USE_BUILTIN.<pkg> appropriate ("yes" or "no"). 81### exists, and set USE_BUILTIN.<pkg> appropriate ("yes" or "no").
82### 82###
83.if !defined(USE_BUILTIN.openssl) 83.if !defined(USE_BUILTIN.openssl)
84. if ${PREFER.openssl} == "pkgsrc" 84. if ${PREFER.openssl} == "pkgsrc"
85USE_BUILTIN.openssl= no 85USE_BUILTIN.openssl= no
86. else 86. else
87USE_BUILTIN.openssl= ${IS_BUILTIN.openssl} 87USE_BUILTIN.openssl= ${IS_BUILTIN.openssl}
88. if defined(BUILTIN_PKG.openssl) && \ 88. if defined(BUILTIN_PKG.openssl) && \
89 ${IS_BUILTIN.openssl:M[yY][eE][sS]} 89 ${IS_BUILTIN.openssl:tl} == yes
90USE_BUILTIN.openssl= yes 90USE_BUILTIN.openssl= yes
91### take care builtin check case, BUILDLINK_API_DEPENDS may not be defined yet. 91### take care builtin check case, BUILDLINK_API_DEPENDS may not be defined yet.
92CHECK_BUILTIN.openssl?= no 92CHECK_BUILTIN.openssl?= no
93. if ${CHECK_BUILTIN.openssl:M[yY][eE][sS]} 93. if ${CHECK_BUILTIN.openssl:tl} == yes
94BUILDLINK_API_DEPENDS.openssl?= openssl>=1.1.1 94BUILDLINK_API_DEPENDS.openssl?= openssl>=1.1.1
95. endif 95. endif
96. for dep_ in ${BUILDLINK_API_DEPENDS.openssl} 96. for dep_ in ${BUILDLINK_API_DEPENDS.openssl}
97. if ${USE_BUILTIN.openssl:M[yY][eE][sS]} 97. if ${USE_BUILTIN.openssl:tl} == yes
98USE_BUILTIN.openssl!= \ 98USE_BUILTIN.openssl!= \
99 if ${PKG_ADMIN} pmatch ${dep_:Q} ${BUILTIN_PKG.openssl:Q}; then \ 99 if ${PKG_ADMIN} pmatch ${dep_:Q} ${BUILTIN_PKG.openssl:Q}; then \
100 ${ECHO} yes; \ 100 ${ECHO} yes; \
101 else \ 101 else \
102 ${ECHO} no; \ 102 ${ECHO} no; \
103 fi 103 fi
104. endif 104. endif
105. endfor 105. endfor
106. endif 106. endif
107. if ${IS_BUILTIN.openssl:M[yY][eE][sS]} && \ 107. if ${IS_BUILTIN.openssl:tl} == yes && \
108 defined(USE_FEATURES.openssl) 108 defined(USE_FEATURES.openssl)
109. if !empty(USE_FEATURES.openssl:Mthreads) && \ 109. if !empty(USE_FEATURES.openssl:Mthreads) && \
110 !empty(BUILTIN_OPENSSL_HAS_THREADS:M[nN][oO]) 110 !empty(BUILTIN_OPENSSL_HAS_THREADS:M[nN][oO])
111USE_BUILTIN.openssl= no 111USE_BUILTIN.openssl= no
112. endif 112. endif
113. endif 113. endif
114. endif # PREFER.openssl 114. endif # PREFER.openssl
115.endif 115.endif
116MAKEVARS+= USE_BUILTIN.openssl 116MAKEVARS+= USE_BUILTIN.openssl
117 117
118### 118###
119### The section below only applies if we are not including this file 119### The section below only applies if we are not including this file
120### solely to determine whether a built-in implementation exists. 120### solely to determine whether a built-in implementation exists.
121### 121###
122CHECK_BUILTIN.openssl?= no 122CHECK_BUILTIN.openssl?= no
123.if ${CHECK_BUILTIN.openssl:M[nN][oO]} 123.if ${CHECK_BUILTIN.openssl:tl} == no
124 124
125. if ${USE_BUILTIN.openssl:M[yY][eE][sS]} 125. if ${USE_BUILTIN.openssl:tl} == yes
126. if empty(H_OPENSSLV:M__nonexistent__) 126. if empty(H_OPENSSLV:M__nonexistent__)
127. if !empty(H_OPENSSLV:M/usr/sfw/*) 127. if !empty(H_OPENSSLV:M/usr/sfw/*)
128BUILDLINK_PREFIX.openssl= /usr/sfw 128BUILDLINK_PREFIX.openssl= /usr/sfw
129BUILDLINK_PASSTHRU_DIRS+= /usr/sfw 129BUILDLINK_PASSTHRU_DIRS+= /usr/sfw
130. elif !empty(H_OPENSSLV:M/usr/*) 130. elif !empty(H_OPENSSLV:M/usr/*)
131BUILDLINK_PREFIX.openssl= /usr 131BUILDLINK_PREFIX.openssl= /usr
132. elif !empty(H_OPENSSLV:M/boot/system/develop/*) 132. elif !empty(H_OPENSSLV:M/boot/system/develop/*)
133BUILDLINK_PREFIX.openssl= /boot/system/develop 133BUILDLINK_PREFIX.openssl= /boot/system/develop
134. elif !empty(H_OPENSSLV:M/boot/common/*) 134. elif !empty(H_OPENSSLV:M/boot/common/*)
135BUILDLINK_PREFIX.openssl= /boot/common 135BUILDLINK_PREFIX.openssl= /boot/common
136. endif 136. endif
137. endif 137. endif
138. endif 138. endif
139 139
140. if defined(PKG_SYSCONFDIR.openssl) 140. if defined(PKG_SYSCONFDIR.openssl)
141SSLDIR= ${PKG_SYSCONFDIR.openssl} 141SSLDIR= ${PKG_SYSCONFDIR.openssl}
142. elif ${USE_BUILTIN.openssl:M[yY][eE][sS]} 142. elif ${USE_BUILTIN.openssl:tl} == yes
143. if ${OPSYS} == "NetBSD" 143. if ${OPSYS} == "NetBSD"
144SSLDIR= /etc/openssl 144SSLDIR= /etc/openssl
145. elif ${OPSYS} == "Linux" 145. elif ${OPSYS} == "Linux"
146. if exists(/etc/pki/tls) 146. if exists(/etc/pki/tls)
147# Some distributions have moved to /etc/pki/tls, with incomplete 147# Some distributions have moved to /etc/pki/tls, with incomplete
148# symlinks from /etc/ssl. Prefer the new location if it exists 148# symlinks from /etc/ssl. Prefer the new location if it exists
149SSLDIR= /etc/pki/tls 149SSLDIR= /etc/pki/tls
150. else 150. else
151SSLDIR= /etc/ssl # standard location 151SSLDIR= /etc/ssl # standard location
152. endif 152. endif
153. elif ${OPSYS} == "Haiku" 153. elif ${OPSYS} == "Haiku"
154. if exists(/boot/system/data/ssl) 154. if exists(/boot/system/data/ssl)
155SSLDIR= /boot/system/data/ssl 155SSLDIR= /boot/system/data/ssl
@@ -168,27 +168,27 @@ SSLCERTS= ${SSLDIR}/certs @@ -168,27 +168,27 @@ SSLCERTS= ${SSLDIR}/certs
168# Continue to define SSLCERTS because it's unclear if that's the 168# Continue to define SSLCERTS because it's unclear if that's the
169# directory that has one file per cert, or the directory that contains 169# directory that has one file per cert, or the directory that contains
170# trust anchor config in some fortm. 170# trust anchor config in some fortm.
171. if exists(${SSLDIR}/certs/ca-bundle.crt) 171. if exists(${SSLDIR}/certs/ca-bundle.crt)
172SSLCERTBUNDLE= ${SSLDIR}/certs/ca-bundle.crt 172SSLCERTBUNDLE= ${SSLDIR}/certs/ca-bundle.crt
173. endif 173. endif
174SSLKEYS= ${SSLDIR}/private 174SSLKEYS= ${SSLDIR}/private
175 175
176BUILD_DEFS+= SSLDIR SSLCERTS SSLCERTBUNDLE SSLKEYS 176BUILD_DEFS+= SSLDIR SSLCERTS SSLCERTBUNDLE SSLKEYS
177 177
178# create pc files for builtin version; other versions assumed to contain them 178# create pc files for builtin version; other versions assumed to contain them
179# If we are using the builtin version, check whether it has a *.pc 179# If we are using the builtin version, check whether it has a *.pc
180# files or not. If the latter, generate fake ones. 180# files or not. If the latter, generate fake ones.
181. if ${USE_BUILTIN.openssl:M[Yy][Ee][Ss]} 181. if ${USE_BUILTIN.openssl:tl} == yes
182BUILDLINK_TARGETS+= openssl-fake-pc 182BUILDLINK_TARGETS+= openssl-fake-pc
183 183
184. if !defined(HAS_OPENSSL_FAKE_PC) 184. if !defined(HAS_OPENSSL_FAKE_PC)
185HAS_OPENSSL_FAKE_PC= 185HAS_OPENSSL_FAKE_PC=
186 186
187.PHONY: openssl-fake-pc 187.PHONY: openssl-fake-pc
188openssl-fake-pc: 188openssl-fake-pc:
189 ${RUN} \ 189 ${RUN} \
190 src=${BUILDLINK_PREFIX.openssl}/lib${LIBABISUFFIX}/pkgconfig/libcrypto.pc; \ 190 src=${BUILDLINK_PREFIX.openssl}/lib${LIBABISUFFIX}/pkgconfig/libcrypto.pc; \
191 dst=${BUILDLINK_DIR}/lib/pkgconfig/libcrypto.pc; \ 191 dst=${BUILDLINK_DIR}/lib/pkgconfig/libcrypto.pc; \
192 ${MKDIR} ${BUILDLINK_DIR}/lib/pkgconfig; \ 192 ${MKDIR} ${BUILDLINK_DIR}/lib/pkgconfig; \
193 if ${TEST} -f $${src}; then \ 193 if ${TEST} -f $${src}; then \
194 ${LN} -sf $${src} $${dst}; \ 194 ${LN} -sf $${src} $${dst}; \
cvs diff -r1.164 -r1.165 pkgsrc/security/openssl/distinfo (expand / switch to unified diff)

--- pkgsrc/security/openssl/distinfo 2022/11/05 18:42:00 1.164
+++ pkgsrc/security/openssl/distinfo 2023/02/07 16:34:42 1.165
@@ -1,8 +1,8 @@ @@ -1,8 +1,8 @@
1$NetBSD: distinfo,v 1.164 2022/11/05 18:42:00 wiz Exp $ 1$NetBSD: distinfo,v 1.165 2023/02/07 16:34:42 jperkin Exp $
2 2
3BLAKE2s (openssl-1.1.1s.tar.gz) = 745dcf07ed1abea12b4c7aa5cc9cb9edb724c4f1117499b87f251ac01f0ffada 3BLAKE2s (openssl-1.1.1t.tar.gz) = ef41c557d0e29387b2e6e41349054c1f45e0ab6a208070450c42bc0491ec7b2e
4SHA512 (openssl-1.1.1s.tar.gz) = 2ef983f166b5e1bf456ca37938e7e39d58d4cd85e9fc4b5174a05f5c37cc5ad89c3a9af97a6919bcaab128a8a92e4bdc8a045e5d9156d90768da8f73ac67c5b9 4SHA512 (openssl-1.1.1t.tar.gz) = 628676c9c3bc1cf46083d64f61943079f97f0eefd0264042e40a85dbbd988f271bfe01cd1135d22cc3f67a298f1d078041f8f2e97b0da0d93fe172da573da18c
5Size (openssl-1.1.1s.tar.gz) = 9868981 bytes 5Size (openssl-1.1.1t.tar.gz) = 9881866 bytes
6SHA1 (patch-Configurations_shared-info.pl) = 0e835f6e343b5d05ef9a0e6ef2a195201262d15c 6SHA1 (patch-Configurations_shared-info.pl) = 0e835f6e343b5d05ef9a0e6ef2a195201262d15c
7SHA1 (patch-Configurations_unix-Makefile.tmpl) = 3f47dd453381485aeb6c37dc53f932428fdcef50 7SHA1 (patch-Configurations_unix-Makefile.tmpl) = 3f47dd453381485aeb6c37dc53f932428fdcef50
8SHA1 (patch-Configure) = 479f1bc826f7721f6b44d6b5a6cf460432924bf2 8SHA1 (patch-Configure) = 479f1bc826f7721f6b44d6b5a6cf460432924bf2