update to OpenSSL 1.0.2e, patching around the pod2mantest script missing

in the distribution tar file. - BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193, Aug 13) - Certificate verify crash with missing PSS parameter (CVE-2015-3194, Aug 27) - X509_ATTRIBUTE memory leak (CVE-2015-3195, Nov 9) (plus the advisory mentions an issue fixed in 1.0.2d)
2015-12-03 16:21:30 +00:00 · 2015-12-03 16:21:30 +00:00 · 15b08744d2
commit 15b08744d2
parent a9c479e4b6
5 changed files with 30 additions and 10 deletions
--- a/security/openssl/Makefile
+++ b/security/openssl/Makefile
@ -1,8 +1,8 @@
-# $OpenBSD: Makefile,v 1.11 2015/09/12 19:29:34 sthen Exp $
+# $OpenBSD: Makefile,v 1.12 2015/12/03 16:21:30 sthen Exp $

 COMMENT=	TLS/SSL library and tools

-V=		1.0.2d
+V=		1.0.2e
 DISTNAME=	openssl-$V
 PKGNAME=	openssl-$V

@ -10,7 +10,7 @@ SHLIBVER=	3.0
 SHARED_LIBS=	crypto ${SHLIBVER} \
 		ssl ${SHLIBVER}

-CATEGORIES=	security net games
+CATEGORIES=	security net

 HOMEPAGE=	http://www.openssl.org/

--- a/security/openssl/distinfo
+++ b/security/openssl/distinfo
@ -1,2 +1,2 @@
-SHA256 (openssl-1.0.2d.tar.gz) = Zxw2SHeFYopwM3TGUq0s6+pF+pIK5WgVFd8l2fLJqMg=
-SIZE (openssl-1.0.2d.tar.gz) = 5295447
+SHA256 (openssl-1.0.2e.tar.gz) = 7uEd7wNkeqImdDSneWCK9vymRQI8mhlN24LxRCaDVTc=
+SIZE (openssl-1.0.2e.tar.gz) = 5255719
--- a/security/openssl/patches/patch-Configure
+++ b/security/openssl/patches/patch-Configure
@ -1,7 +1,7 @@
-$OpenBSD: patch-Configure,v 1.4 2015/09/12 19:29:34 sthen Exp $
--- Configure.orig	Thu Jul  9 13:57:15 2015
-+++ Configure	Sat Sep 12 20:49:20 2015
-@@ -467,19 +467,19 @@ my %table=(
+$OpenBSD: patch-Configure,v 1.5 2015/12/03 16:21:30 sthen Exp $
+--- Configure.orig	Thu Dec  3 14:04:23 2015
+++ Configure	Thu Dec  3 16:13:39 2015
+@@ -468,19 +468,19 @@ my %table=(
 "android-mips","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 #### *BSD [do see comment about ${BSDthreads} above!]
--- a/security/openssl/patches/patch-Makefile_org
+++ b/security/openssl/patches/patch-Makefile_org
@ -0,0 +1,12 @@
+$OpenBSD: patch-Makefile_org,v 1.1 2015/12/03 16:21:30 sthen Exp $
+--- Makefile.org.orig	Thu Dec  3 16:15:27 2015
+++ Makefile.org	Thu Dec  3 16:15:35 2015
+@@ -638,7 +638,7 @@ install_docs:
+ 		$(INSTALL_PREFIX)$(MANDIR)/man3 \
+ 		$(INSTALL_PREFIX)$(MANDIR)/man5 \
+ 		$(INSTALL_PREFIX)$(MANDIR)/man7
+-	@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
+	@pod2man=pod2man; \
+ 	here="`pwd`"; \
+ 	filecase=; \
+ 	case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \
--- a/security/openssl/pkg/PLIST
+++ b/security/openssl/pkg/PLIST
@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST,v 1.5 2015/09/12 19:29:34 sthen Exp $
+@comment $OpenBSD: PLIST,v 1.6 2015/12/03 16:21:30 sthen Exp $
@bin bin/eopenssl
 include/eopenssl/
 include/eopenssl/openssl/
@ -407,7 +407,12 @@ lib/eopenssl/man/man3/
@man lib/eopenssl/man/man3/BUF_MEM_free.3
@man lib/eopenssl/man/man3/BUF_MEM_grow.3
@man lib/eopenssl/man/man3/BUF_MEM_new.3
+@man lib/eopenssl/man/man3/BUF_MEM_new_ex.3
+@man lib/eopenssl/man/man3/BUF_memdup.3
@man lib/eopenssl/man/man3/BUF_strdup.3
+@man lib/eopenssl/man/man3/BUF_strlcat.3
+@man lib/eopenssl/man/man3/BUF_strlcpy.3
+@man lib/eopenssl/man/man3/BUF_strndup.3
@man lib/eopenssl/man/man3/CMS_ReceiptRequest_create0.3
@man lib/eopenssl/man/man3/CMS_ReceiptRequest_get0_values.3
@man lib/eopenssl/man/man3/CMS_RecipientInfo_decrypt.3
@ -829,6 +834,7 @@ lib/eopenssl/man/man3/
@man lib/eopenssl/man/man3/EVP_SealUpdate.3
@man lib/eopenssl/man/man3/EVP_SignFinal.3
@man lib/eopenssl/man/man3/EVP_SignInit.3
+@man lib/eopenssl/man/man3/EVP_SignInit_ex.3
@man lib/eopenssl/man/man3/EVP_SignUpdate.3
@man lib/eopenssl/man/man3/EVP_VerifyFinal.3
@man lib/eopenssl/man/man3/EVP_VerifyInit.3
@ -1137,6 +1143,7 @@ lib/eopenssl/man/man3/
@man lib/eopenssl/man/man3/SSL_CTX_callback_ctrl.3
@man lib/eopenssl/man/man3/SSL_CTX_check_private_key.3
@man lib/eopenssl/man/man3/SSL_CTX_clear_chain_certs.3
+@man lib/eopenssl/man/man3/SSL_CTX_clear_extra_chain_certs.3
@man lib/eopenssl/man/man3/SSL_CTX_clear_options.3
@man lib/eopenssl/man/man3/SSL_CTX_ctrl.3
@man lib/eopenssl/man/man3/SSL_CTX_flush_sessions.3
@ -1262,6 +1269,7 @@ lib/eopenssl/man/man3/
@man lib/eopenssl/man/man3/SSL_alert_type_string_long.3
@man lib/eopenssl/man/man3/SSL_build_cert_chain.3
@man lib/eopenssl/man/man3/SSL_callback_ctrl.3
+@man lib/eopenssl/man/man3/SSL_check_chain.3
@man lib/eopenssl/man/man3/SSL_check_private_key.3
@man lib/eopenssl/man/man3/SSL_clear.3
@man lib/eopenssl/man/man3/SSL_clear_chain_certs.3