OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 28-May-2008 19:22:37
Branch: HEAD Handle: 2008052818223700
Modified files:
openpkg-src/openssl openssl.patch openssl.spec
Log:
upgrading package: openssl 0.9.8g -> 0.9.8h
Summary:
Revision Changes Path
1.37 +4 -156 openpkg-src/openssl/openssl.patch
1.98 +2 -2 openpkg-src/openssl/openssl.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/openssl/openssl.patch
============================================================================
$ cvs diff -u -r1.36 -r1.37 openssl.patch
--- openpkg-src/openssl/openssl.patch 4 Nov 2007 10:15:39 -0000 1.36
+++ openpkg-src/openssl/openssl.patch 28 May 2008 17:22:37 -0000 1.37
@@ -1,7 +1,7 @@
Index: Configure
---- Configure.orig 2007-09-16 14:24:17 +0200
-+++ Configure 2007-10-17 10:00:11 +0200
-@@ -402,8 +402,8 @@
+--- Configure.orig 2008-05-02 01:11:30 +0200
++++ Configure 2008-05-28 19:20:07 +0200
+@@ -407,8 +407,8 @@
#### IBM's AIX.
"aix3-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG
RC4_CHAR:::",
@@ -14,7 +14,7 @@
"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro
-qroconst::-qthreaded:AIX::BN_LLONG
RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared::-q32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X
32",
Index: config
--- config.orig 2007-08-01 13:21:35 +0200
-+++ config 2007-10-17 09:59:48 +0200
++++ config 2008-05-28 19:20:07 +0200
@@ -469,6 +469,7 @@
if [ "${SYSTEM}" = "AIX" ]; then # favor vendor cc over gcc
@@ -32,155 +32,3 @@
OUT="solaris64-x86_64-$CC"
else
OUT="solaris-x86-$CC"
-Index: crypto/rand/rand_lib.c
---- crypto/rand/rand_lib.c.orig 2007-09-21 12:10:47 +0200
-+++ crypto/rand/rand_lib.c 2007-10-17 09:59:48 +0200
-@@ -154,6 +154,7 @@
- int RAND_bytes(unsigned char *buf, int num)
- {
- const RAND_METHOD *meth = RAND_get_rand_method();
-+ memset(buf, 0, num);
- if (meth && meth->bytes)
- return meth->bytes(buf,num);
- return(-1);
-@@ -162,6 +163,7 @@
- int RAND_pseudo_bytes(unsigned char *buf, int num)
- {
- const RAND_METHOD *meth = RAND_get_rand_method();
-+ memset(buf, 0, num);
- if (meth && meth->pseudorand)
- return meth->pseudorand(buf,num);
- return(-1);
-
------------------------------------------------------------------------------
-
-A few patches from upstream OpenSSL CVS:
-
-Index: ssl/ssl_asn1.c
---- ssl/ssl_asn1.c 12 Aug 2007 18:59:02 -0000 1.20.2.2
-+++ ssl/ssl_asn1.c 17 Oct 2007 11:27:25 -0000 1.20.2.3
-@@ -200,12 +200,13 @@
- a.tlsext_tick.type=V_ASN1_OCTET_STRING;
- a.tlsext_tick.data=(unsigned char *)in->tlsext_tick;
- /* If we have a ticket set session ID to empty because
-- * it will be bogus.
-+ * it will be bogus. If liftime hint is -1 treat as a special
-+ * case because the session is being used as a container
- */
-- if (in->tlsext_ticklen)
-+ if (in->tlsext_ticklen && (in->tlsext_tick_lifetime_hint != -1))
- a.session_id.length=0;
- }
-- if (in->tlsext_tick_lifetime_hint != 0)
-+ if (in->tlsext_tick_lifetime_hint > 0)
- {
- a.tlsext_tick_lifetime.length=LSIZE2;
- a.tlsext_tick_lifetime.type=V_ASN1_INTEGER;
-@@ -235,7 +236,7 @@
-
M_ASN1_I2D_len_EXP_opt(&(a.verify_result),i2d_ASN1_INTEGER,5,v5);
-
- #ifndef OPENSSL_NO_TLSEXT
-- if (in->tlsext_tick_lifetime_hint)
-+ if (in->tlsext_tick_lifetime_hint > 0)
- M_ASN1_I2D_len_EXP_opt(&a.tlsext_tick_lifetime,
i2d_ASN1_INTEGER,9,v9);
- if (in->tlsext_tick)
- M_ASN1_I2D_len_EXP_opt(&(a.tlsext_tick),
i2d_ASN1_OCTET_STRING,10,v10);
-@@ -268,7 +269,7 @@
- #ifndef OPENSSL_NO_TLSEXT
- if (in->tlsext_hostname)
- M_ASN1_I2D_put_EXP_opt(&(a.tlsext_hostname),
i2d_ASN1_OCTET_STRING,6,v6);
-- if (in->tlsext_tick_lifetime_hint)
-+ if (in->tlsext_tick_lifetime_hint > 0)
- M_ASN1_I2D_put_EXP_opt(&a.tlsext_tick_lifetime,
i2d_ASN1_INTEGER,9,v9);
- if (in->tlsext_tick)
- M_ASN1_I2D_put_EXP_opt(&(a.tlsext_tick),
i2d_ASN1_OCTET_STRING,10,v10);
-@@ -464,8 +465,10 @@
- ret->tlsext_tick_lifetime_hint=ASN1_INTEGER_get(aip);
- OPENSSL_free(ai.data); ai.data=NULL; ai.length=0;
- }
-+ else if (ret->tlsext_ticklen && ret->session_id_length)
-+ ret->tlsext_tick_lifetime_hint = -1;
- else
-- ret->tlsext_tick_lifetime_hint=0;
-+ ret->tlsext_tick_lifetime_hint = 0;
- os.length=0;
- os.data=NULL;
- M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,10);
-Index: ssl/s3_clnt.c
---- ssl/s3_clnt.c 14 Oct 2007 14:07:46 -0000 1.88.2.11
-+++ ssl/s3_clnt.c 3 Nov 2007 13:07:39 -0000 1.88.2.12
-@@ -273,7 +273,10 @@
- if (ret == 2)
- {
- s->hit = 1;
-- s->state=SSL3_ST_CR_FINISHED_A;
-+ if (s->tlsext_ticket_expected)
-+ s->state=SSL3_ST_CR_SESSION_TICKET_A;
-+ else
-+ s->state=SSL3_ST_CR_FINISHED_A;
- s->init_num=0;
- break;
- }
-Index: crypto/bn/bn_mul.c
---- crypto/bn/bn_mul.c 8 Jul 2007 18:54:30 -0000 1.36.2.1
-+++ crypto/bn/bn_mul.c 3 Nov 2007 20:09:29 -0000 1.36.2.2
-@@ -389,6 +389,7 @@
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-+/* dnX may not be positive, but n2/2+dnX has to be */
- void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
- int dna, int dnb, BN_ULONG *t)
- {
-@@ -398,7 +399,7 @@
- BN_ULONG ln,lo,*p;
-
- # ifdef BN_COUNT
-- fprintf(stderr," bn_mul_recursive %d * %d\n",n2,n2);
-+ fprintf(stderr," bn_mul_recursive %d%+d * %d%+d\n",n2,dna,n2,dnb);
- # endif
- # ifdef BN_MUL_COMBA
- # if 0
-@@ -545,6 +546,7 @@
-
- /* n+tn is the word length
- * t needs to be n*4 is size, as does r */
-+/* tnX may not be negative but less than n */
- void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
- int tna, int tnb, BN_ULONG *t)
- {
-@@ -553,8 +555,8 @@
- BN_ULONG ln,lo,*p;
-
- # ifdef BN_COUNT
-- fprintf(stderr," bn_mul_part_recursive (%d+%d) * (%d+%d)\n",
-- tna, n, tnb, n);
-+ fprintf(stderr," bn_mul_part_recursive (%d%+d) * (%d%+d)\n",
-+ n, tna, n, tnb);
- # endif
- if (n < 8)
- {
-@@ -655,16 +657,19 @@
- for (;;)
- {
- i/=2;
-- if (i <= tna && tna == tnb)
-+ /* these simplified conditions work
-+ * exclusively because difference
-+ * between tna and tnb is 1 or 0 */
-+ if (i < tna || i < tnb)
- {
-- bn_mul_recursive(&(r[n2]),
-+ bn_mul_part_recursive(&(r[n2]),
- &(a[n]),&(b[n]),
- i,tna-i,tnb-i,p);
- break;
- }
-- else if (i < tna || i < tnb)
-+ else if (i == tna || i == tnb)
- {
-- bn_mul_part_recursive(&(r[n2]),
-+ bn_mul_recursive(&(r[n2]),
- &(a[n]),&(b[n]),
- i,tna-i,tnb-i,p);
- break;
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/openssl/openssl.spec
============================================================================
$ cvs diff -u -r1.97 -r1.98 openssl.spec
--- openpkg-src/openssl/openssl.spec 1 Jan 2008 15:00:47 -0000 1.97
+++ openpkg-src/openssl/openssl.spec 28 May 2008 17:22:37 -0000 1.98
@@ -31,8 +31,8 @@
Class: CORE
Group: SSL
License: BSD-style
-Version: 0.9.8g
-Release: 20080101
+Version: 0.9.8h
+Release: 20080528
# package options
%option with_zlib no
@@ .
______________________________________________________________________
OpenPKG http://openpkg.org
CVS Repository Commit List [email protected]
