see <https://trac.macports.org/ticket/55264#comment:3>
> On Mar 24, 2018, at 03:49, Jan Stary <h...@stare.cz> wrote: > > Hi Jeremy, > > what is the plan really with libressl and libressl-devel? > We have 2.5.5 in security/libressl, 2.6.2 in security/libressl-devel, > and now 2.7.1 is out. > > I would just prepare an udate of libressl to 2.7.1, > but I want to as kfirst: why do we have "devel". > LibreSSL themselves make no such distinction, > these are just "releases". > > Jan > > > PS: specific MacOS fixes here > >> On Mar 23 20:17:39, bust...@gmail.com wrote: >> We have released LibreSSL 2.7.1, which will be arriving in the >> LibreSSL directory of your local OpenBSD mirror soon. This is the second >> release from the 2.7 series, which will be part of OpenBSD 6.3. >> >> It includes the following changes from 2.7.0 >> >> * Fixed a bug in int_x509_param_set_hosts, calling strlen() if name >> length provided is 0 to match the OpenSSL behaviour. Issue noticed >> by Christian Heimes <christ...@python.org> >> >> * Fixed builds macOS 10.11 and older. >> >> LibreSSL 2.7.1 also includes: >> >> * Added support for many OpenSSL 1.0.2 and 1.1 APIs, based on >> observations of real-world usage in applications. These are >> implemented in parallel with existing OpenSSL 1.0.1 APIs - visibility >> changes have not been made to existing structs, allowing code written >> for older OpenSSL APIs to continue working. >> >> * Extensive corrections, improvements, and additions to the >> API documentation, including new public APIs from OpenSSL that had >> no pre-existing documentation. >> >> * Added support for automatic library initialization in libcrypto, >> libssl, and libtls. Support for pthread_once or a compatible >> equivalent is now required of the target operating system. As a >> side-effect, minimum Windows support is Vista or higher. >> >> * Converted more packet handling methods to CBB, which improves >> resiliency when generating TLS messages. >> >> * Completed TLS extension handling rewrite, improving consistency of >> checks for malformed and duplicate extensions. >> >> * Rewrote ASN1_TYPE_{get,set}_octetstring() using templated ASN.1. >> This removes the last remaining use of the old M_ASN1_* macros >> (asn1_mac.h) from API that needs to continue to exist. >> >> * Added support for client-side session resumption in libtls. >> A libtls client can specify a session file descriptor (a regular >> file with appropriate ownership and permissions) and libtls will >> manage reading and writing of session data across TLS handshakes. >> >> * Improved support for strict alignment on ARMv7 architectures, >> conditionally enabling assembly in those cases. >> >> * Fixed a memory leak in libtls when reusing a tls_config. >> >> * Merged more DTLS support into the regular TLS code path, removing >> duplicated code. >> >> * Many improvements to Windows Cmake-based builds and tests, >> especially when targeting Visual Studio. >> >> Thanks for all of the testing, suggestions, and updates from the porting >> community. We look forward to releasing a final stable version in a few >> weeks. >> >> The LibreSSL project continues improvement of the codebase to reflect modern, >> safe programming practices. We welcome feedback and improvements from the >> broader community. Thanks to all of the contributors who helped make this >> release possible. >>