head 1.9; access; symbols pkgsrc-2014Q1:1.8.0.54 pkgsrc-2014Q1-base:1.8 pkgsrc-2013Q4:1.8.0.52 pkgsrc-2013Q4-base:1.8 pkgsrc-2013Q3:1.8.0.50 pkgsrc-2013Q3-base:1.8 pkgsrc-2013Q2:1.8.0.48 pkgsrc-2013Q2-base:1.8 pkgsrc-2013Q1:1.8.0.46 pkgsrc-2013Q1-base:1.8 pkgsrc-2012Q4:1.8.0.44 pkgsrc-2012Q4-base:1.8 pkgsrc-2012Q3:1.8.0.42 pkgsrc-2012Q3-base:1.8 pkgsrc-2012Q2:1.8.0.40 pkgsrc-2012Q2-base:1.8 pkgsrc-2012Q1:1.8.0.38 pkgsrc-2012Q1-base:1.8 pkgsrc-2011Q4:1.8.0.36 pkgsrc-2011Q4-base:1.8 pkgsrc-2011Q3:1.8.0.34 pkgsrc-2011Q3-base:1.8 pkgsrc-2011Q2:1.8.0.32 pkgsrc-2011Q2-base:1.8 pkgsrc-2011Q1:1.8.0.30 pkgsrc-2011Q1-base:1.8 pkgsrc-2010Q4:1.8.0.28 pkgsrc-2010Q4-base:1.8 pkgsrc-2010Q3:1.8.0.26 pkgsrc-2010Q3-base:1.8 pkgsrc-2010Q2:1.8.0.24 pkgsrc-2010Q2-base:1.8 pkgsrc-2010Q1:1.8.0.22 pkgsrc-2010Q1-base:1.8 pkgsrc-2009Q4:1.8.0.20 pkgsrc-2009Q4-base:1.8 pkgsrc-2009Q3:1.8.0.18 pkgsrc-2009Q3-base:1.8 pkgsrc-2009Q2:1.8.0.16 pkgsrc-2009Q2-base:1.8 pkgsrc-2009Q1:1.8.0.14 pkgsrc-2009Q1-base:1.8 pkgsrc-2008Q4:1.8.0.12 pkgsrc-2008Q4-base:1.8 pkgsrc-2008Q3:1.8.0.10 pkgsrc-2008Q3-base:1.8 cube-native-xorg:1.8.0.8 cube-native-xorg-base:1.8 pkgsrc-2008Q2:1.8.0.6 pkgsrc-2008Q2-base:1.8 cwrapper:1.8.0.4 pkgsrc-2008Q1:1.8.0.2 pkgsrc-2008Q1-base:1.8 pkgsrc-2007Q4:1.7.0.24 pkgsrc-2007Q4-base:1.7 pkgsrc-2007Q3:1.7.0.22 pkgsrc-2007Q3-base:1.7 pkgsrc-2007Q2:1.7.0.20 pkgsrc-2007Q2-base:1.7 pkgsrc-2007Q1:1.7.0.18 pkgsrc-2007Q1-base:1.7 pkgsrc-2006Q4:1.7.0.16 pkgsrc-2006Q4-base:1.7 pkgsrc-2006Q3:1.7.0.14 pkgsrc-2006Q3-base:1.7 pkgsrc-2006Q2:1.7.0.12 pkgsrc-2006Q2-base:1.7 pkgsrc-2006Q1:1.7.0.10 pkgsrc-2006Q1-base:1.7 pkgsrc-2005Q4:1.7.0.8 pkgsrc-2005Q4-base:1.7 pkgsrc-2005Q3:1.7.0.6 pkgsrc-2005Q3-base:1.7 pkgsrc-2005Q2:1.7.0.4 pkgsrc-2005Q2-base:1.7 pkgsrc-2005Q1:1.7.0.2 pkgsrc-2005Q1-base:1.7 pkgsrc-2004Q4:1.6.0.12 pkgsrc-2004Q4-base:1.6 pkgsrc-2004Q3:1.6.0.10 pkgsrc-2004Q3-base:1.6 pkgsrc-2004Q2:1.6.0.8 pkgsrc-2004Q2-base:1.6 pkgsrc-2004Q1:1.6.0.6 pkgsrc-2004Q1-base:1.6 pkgsrc-2003Q4:1.6.0.4 pkgsrc-2003Q4-base:1.6 netbsd-1-6-1:1.6.0.2 netbsd-1-6-1-base:1.6 buildlink2:1.5.0.2 netbsd-1-6:1.5.0.4 netbsd-1-6-RELEASE-base:1.5 buildlink2-base:1.5 netbsd-1-4-PATCH002:1.3 comdex-fall-1999:1.2 netbsd-1-4-PATCH001:1.1.1.1 netbsd-1-4-RELEASE:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.9 date 2014.04.02.12.11.35; author he; state dead; branches; next 1.8; commitid g3YIpigZLUt5x6vx; 1.8 date 2008.01.17.06.42.48; author tnn; state Exp; branches 1.8.54.1; next 1.7; 1.7 date 2004.12.24.22.02.38; author jlam; state Exp; branches; next 1.6; 1.6 date 2002.08.25.19.23.19; author jlam; state Exp; branches; next 1.5; 1.5 date 2002.08.04.15.47.46; author fredb; state Exp; branches 1.5.2.1; next 1.4; 1.4 date 2000.05.10.12.28.41; author veego; state dead; branches; next 1.3; 1.3 date 99.11.25.18.51.47; author erh; state Exp; branches; next 1.2; 1.2 date 99.10.19.04.09.19; author erh; state Exp; branches; next 1.1; 1.1 date 99.04.30.15.19.13; author tv; state Exp; branches 1.1.1.1; next ; 1.8.54.1 date 2014.04.08.10.09.26; author tron; state dead; branches; next ; commitid znq8PwHLRSRRFRvx; 1.5.2.1 date 2002.08.04.15.47.46; author jlam; state dead; branches; next 1.5.2.2; 1.5.2.2 date 2002.08.22.11.12.30; author jlam; state Exp; branches; next ; 1.1.1.1 date 99.04.30.15.19.13; author tv; state Exp; branches; next ; desc @@ 1.9 log @Rename all remaining patch-?? files using the newer naming convention. Add a fix for CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" by Yuval Yarom and Naomi Benger. Details can be obtained from: http://eprint.iacr.org/2014/140 Thanks to Yuval Yarom and Naomi Benger for discovering this flaw and to Yuval Yarom for supplying a fix. Fix from culled from http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f91e57d247d0fc667aef29 Bump PKGREVISION. @ text @$NetBSD: patch-ae,v 1.8 2008/01/17 06:42:48 tnn Exp $ --- tools/Makefile.orig 2006-02-04 02:49:36.000000000 +0100 +++ tools/Makefile 2007-07-31 17:20:05.000000000 +0200 @@@@ -4,6 +4,7 @@@@ DIR= tools TOP= .. +EXAMPLEDIR= $(INSTALLTOP)/share/examples/openssl CC= cc INCLUDES= -I$(TOP) -I../../include CFLAG=-g @@@@ -28,9 +29,9 @@@@ install: done; @@for i in $(MISC_APPS) ; \ do \ - (cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \ - chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \ - mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \ + (cp $$i $(INSTALL_PREFIX)$(EXAMPLEDIR)/$$i.new; \ + chmod 755 $(INSTALL_PREFIX)$(EXAMPLEDIR)/$$i.new; \ + mv -f $(INSTALL_PREFIX)$(EXAMPLEDIR)/$$i.new $(INSTALL_PREFIX)$(EXAMPLEDIR)/$$i ); \ done; files: @ 1.8 log @Update to openssl-0.9.8g. Provided by Jukka Salmi in pkgsrc-wip. pkgsrc notes: o Tested on NetBSD/i386 (Jukka Salmi), Mac OSX 10.5 (Adrian Portelli), Linux (Jeremy C. Reed), Tru64 5.1b (tnn), HP-UX 11i (tnn). Because the Makefile system has been rewamped, other platforms may require fixes. Please test if you can. o OpenSSL can now be built with installation to DESTDIR. Overview of important changes since 0.9.7i: o Add gcc 4.2 support. o DTLS improvements. o RFC4507bis support. o TLS Extensions support. o RFC3779 support. o New cipher Camellia o Updated ECC cipher suite support. o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free(). o Zlib compression usage fixes. o Major work on the BIGNUM library for higher efficiency and to make operations more streamlined and less contradictory. This is the result of a major audit of the BIGNUM library. o Addition of BIGNUM functions for fields GF(2^m) and NIST curves, to support the Elliptic Crypto functions. o Major work on Elliptic Crypto; ECDH and ECDSA added, including the use through EVP, X509 and ENGINE. o New ASN.1 mini-compiler that's usable through the OpenSSL configuration file. o Added support for ASN.1 indefinite length constructed encoding. o New PKCS#12 'medium level' API to manipulate PKCS#12 files. o Complete rework of shared library construction and linking programs with shared or static libraries, through a separate Makefile.shared. o Rework of the passing of parameters from one Makefile to another. o Changed ENGINE framework to load dynamic engine modules automatically from specifically given directories. o New structure and ASN.1 functions for CertificatePair. o Changed the key-generation and primality testing "progress" mechanism to take a structure that contains the ticker function and an argument. o New engine module: GMP (performs private key exponentiation). o New engine module: VIA PadLOck ACE extension in VIA C3 Nehemiah processors. o Added support for IPv6 addresses in certificate extensions. See RFC 1884, section 2.2. o Added support for certificate policy mappings, policy constraints and name constraints. o Added support for multi-valued AVAs in the OpenSSL configuration file. o Added support for multiple certificates with the same subject in the 'openssl ca' index file. o Make it possible to create self-signed certificates using 'openssl ca -selfsign'. o Make it possible to generate a serial number file with 'openssl ca -create_serial'. o New binary search functions with extended functionality. o New BUF functions. o New STORE structure and library to provide an interface to all sorts of data repositories. Supports storage of public and private keys, certificates, CRLs, numbers and arbitrary blobs. This library is unfortunately unfinished and unused withing OpenSSL. o New control functions for the error stack. o Changed the PKCS#7 library to support one-pass S/MIME processing. o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512). o New X509_VERIFY_PARAM structure to support parametrisation of X.509 path validation. o Change the default digest in 'openssl' commands from MD5 to SHA-1. o Added support for DTLS. o New BIGNUM blinding. o Added support for the RSA-PSS encryption scheme o Added support for the RSA X.931 padding. o Added support for files larger than 2GB. o Added alternate pkg-config files. @ text @d1 1 a1 1 $NetBSD$ @ 1.8.54.1 log @Pullup ticket #4359 - requested by obache security/openssl: security update Revisions pulled up: - security/openssl/Makefile 1.186-1.188 - security/openssl/distinfo 1.103-1.104 - security/openssl/patches/patch-Configure 1.1 - security/openssl/patches/patch-Makefile.org 1.1 - security/openssl/patches/patch-Makefile.shared 1.1 - security/openssl/patches/patch-aa deleted - security/openssl/patches/patch-ac deleted - security/openssl/patches/patch-ad deleted - security/openssl/patches/patch-ae deleted - security/openssl/patches/patch-af deleted - security/openssl/patches/patch-ag deleted - security/openssl/patches/patch-ak deleted - security/openssl/patches/patch-apps_Makefile 1.1 - security/openssl/patches/patch-config 1.1 - security/openssl/patches/patch-crypto_bn_bn__prime.pl 1.1 - security/openssl/patches/patch-tools_Makefile 1.1 --- Module Name: pkgsrc Committed By: he Date: Wed Apr 2 12:11:35 UTC 2014 Modified Files: pkgsrc/security/openssl: Makefile distinfo Added Files: pkgsrc/security/openssl/patches: patch-Configure patch-Makefile.org patch-Makefile.shared patch-apps_Makefile patch-config patch-crypto_bn_bn.h patch-crypto_bn_bn__lib.c patch-crypto_bn_bn__prime.pl patch-crypto_ec_ec2__mult.c patch-tools_Makefile Removed Files: pkgsrc/security/openssl/patches: patch-aa patch-ac patch-ad patch-ae patch-af patch-ag patch-ak Log Message: Rename all remaining patch-?? files using the newer naming convention. Add a fix for CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" by Yuval Yarom and Naomi Benger. Details can be obtained from: http://eprint.iacr.org/2014/140 Thanks to Yuval Yarom and Naomi Benger for discovering this flaw and to Yuval Yarom for supplying a fix. Fix from culled from http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f 91e57d247d0fc667aef29 Bump PKGREVISION. --- Module Name: pkgsrc Committed By: obache Date: Tue Apr 8 02:48:38 UTC 2014 Modified Files: pkgsrc/security/openssl: Makefile Log Message: p5-Perl4-CoreLibs is not required for perl<5.16 --- Module Name: pkgsrc Committed By: obache Date: Tue Apr 8 06:20:44 UTC 2014 Modified Files: pkgsrc/security/openssl: Makefile distinfo Removed Files: pkgsrc/security/openssl/patches: patch-crypto_bn_bn.h patch-crypto_bn_bn__lib.c patch-crypto_ec_ec2__mult.c Log Message: Update openssl to 1.0.1g. (CVE-2014-0076 is already fixed in pkgsrc). OpenSSL CHANGES _______________ Changes between 1.0.1f and 1.0.1g [7 Apr 2014] *) A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server. Thanks for Neel Mehta of Google Security for discovering this bug and to Adam Langley and Bodo Moeller for preparing the fix (CVE-2014-0160) [Adam Langley, Bodo Moeller] *) Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" by Yuval Yarom and Naomi Benger. Details can be obtained from: http://eprint.iacr.org/2014/140 Thanks to Yuval Yarom and Naomi Benger for discovering this flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076) [Yuval Yarom and Naomi Benger] *) TLS pad extension: draft-agl-tls-padding-03 Workaround for the "TLS hang bug" (see FAQ and opensslPR#2771): if the TLS client Hello record length value would otherwise be > 255 and less that 512 pad with a dummy extension containing zeroes so it is at least 512 bytes long. [Adam Langley, Steve Henson] @ text @d1 1 a1 1 $NetBSD: patch-ae,v 1.8 2008/01/17 06:42:48 tnn Exp $ @ 1.7 log @Update security/openssl to 0.9.7e. Changes from openssl-0.9.6m are too numerous to be listed here, but include adding a new DES API (support for the old one is still present). Changes to the pkgsrc structure include: * Install the shared libraries with a version number that matches the OpenSSL version number * Move some of the less often-used c_* utilities back into the examples directory. * Drop support for using the RSAREF library and always use the built-in RSA code instead. @ text @d3 6 a8 6 --- tools/Makefile.orig 2004-05-11 08:46:17.000000000 -0400 +++ tools/Makefile @@@@ -10,6 +10,7 @@@@ CFLAG=-g INSTALL_PREFIX= OPENSSLDIR= /usr/local/ssl INSTALLTOP=/usr/local/ssl d10 4 a13 4 MAKEDEPPROG= makedepend MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) MAKEFILE= Makefile @@@@ -31,9 +32,9 @@@@ install: @ 1.6 log @Merge changes in packages from the buildlink2 branch that have buildlink2.mk files back into the main trunk. @ text @d1 1 a1 1 $NetBSD: patch-ae,v 1.5.2.1 2002/08/22 11:12:30 jlam Exp $ d3 11 a13 3 --- tools/Makefile.ssl.orig Thu Apr 29 16:52:08 1999 +++ tools/Makefile.ssl @@@@ -31,8 +31,8 @@@@ d17 6 a22 4 - (cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i; \ - chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \ + chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \ @ 1.5 log @Update openssl to 0.9.6e. This update fixes multiple vulnerabilities, and also changes the ABI of "libcrypto" and "libssl". (So the shared library majors and buildlink requirements are bumped, too.) The code base is now synced perfectly with NetBSD HEAD and netbsd-1-6 branches as of 2002-08-04, the optimization levels are reduced to "-O2", but I've retained some of the processor optimization flags and different code path #defines in the "Configure" script, just to keep things interesting. The default "certs" directory on NetBSD is now "/etc/openssl/certs", to give continuity to those who find themselves using the package system's "openssl" after upgrading a package that formerly used the base system's. [Suggested by itojun.] The best way to avoid such problems, however, is to upgrade your base system *first*. I'm making use of the new and improved build system as much as possible. This gives us a cleaner way to make shared libraries and real man pages, but loses many of the symlinks to the openssl binary. I've culled items from the "CHANGES" file that appear to have security implications or are particularly interesting for NetBSD users, below. My comments are marked off with '===>'. ===> This is from the netbsd-20020804-patch *) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX and get fix the header length calculation. [Florian Weimer , Alon Kantor (and others), Steve Henson] Changes between 0.9.6d and 0.9.6e [30 Jul 2002] *) New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling the SSL 3.0/TLS 1.0 CBC vulnerability countermeasure that was added in OpenSSL 0.9.6d. As the countermeasure turned out to be incompatible with some broken SSL implementations, the new option is part of SSL_OP_ALL. SSL_OP_ALL is usually employed when compatibility with weird SSL implementations is desired (e.g. '-bugs' option to 's_client' and 's_server'), so the new option is automatically set in many applications. [Bodo Moeller] *) Changes in security patch: Changes marked "(CHATS)" were sponsored by the Defense Advanced Research Projects Agency (DARPA) and Air Force Research Laboratory, Air Force Materiel Command, USAF, under agreement number F30602-01-2-0537. *) Add various sanity checks to asn1_get_length() to reject the ASN1 length bytes if they exceed sizeof(long), will appear negative or the content length exceeds the length of the supplied buffer. [Steve Henson, Adi Stav , James Yonan ] *) Assertions for various potential buffer overflows, not known to happen in practice. [Ben Laurie (CHATS)] *) Various temporary buffers to hold ASCII versions of integers were too small for 64 bit platforms. (CAN-2002-0655) [Matthew Byng-Maddick and Ben Laurie (CHATS)> *) Remote buffer overflow in SSL3 protocol - an attacker could supply an oversized session ID to a client. (CAN-2002-0656) [Ben Laurie (CHATS)] *) Remote buffer overflow in SSL2 protocol - an attacker could supply an oversized client master key. (CAN-2002-0656) [Ben Laurie (CHATS)] Changes between 0.9.6c and 0.9.6d [9 May 2002] *) Implement a countermeasure against a vulnerability recently found in CBC ciphersuites in SSL 3.0/TLS 1.0: Send an empty fragment before application data chunks to avoid the use of known IVs with data potentially chosen by the attacker. [Bodo Moeller] Changes between 0.9.6a and 0.9.6b [9 Jul 2001] *) Change ssleay_rand_bytes (crypto/rand/md_rand.c) to avoid a SSLeay/OpenSSL PRNG weakness pointed out by Markku-Juhani O. Saarinen : PRNG state recovery was possible based on the output of one PRNG request appropriately sized to gain knowledge on 'md' followed by enough consecutive 1-byte PRNG requests to traverse all of 'state'. 1. When updating 'md_local' (the current thread's copy of 'md') during PRNG output generation, hash all of the previous 'md_local' value, not just the half used for PRNG output. 2. Make the number of bytes from 'state' included into the hash independent from the number of PRNG bytes requested. The first measure alone would be sufficient to avoid Markku-Juhani's attack. (Actually it had never occurred to me that the half of 'md_local' used for chaining was the half from which PRNG output bytes were taken -- I had always assumed that the secret half would be used.) The second measure makes sure that additional data from 'state' is never mixed into 'md_local' in small portions; this heuristically further strengthens the PRNG. [Bodo Moeller] *) The countermeasure against Bleichbacher's attack on PKCS #1 v1.5 RSA encryption was accidentally removed in s3_srvr.c in OpenSSL 0.9.5 when fixing the server behaviour for backwards-compatible 'client hello' messages. (Note that the attack is impractical against SSL 3.0 and TLS 1.0 anyway because length and version checking means that the probability of guessing a valid ciphertext is around 2^-40; see section 5 in Bleichenbacher's CRYPTO '98 paper.) Before 0.9.5, the countermeasure (hide the error by generating a random 'decryption result') did not work properly because ERR_clear_error() was missing, meaning that SSL_get_error() would detect the supposedly ignored error. Both problems are now fixed. [Bodo Moeller] Changes between 0.9.6 and 0.9.6a [5 Apr 2001] ===> This is our ABI change. *) Rename 'des_encrypt' to 'des_encrypt1'. This avoids the clashes with des_encrypt() defined on some operating systems, like Solaris and UnixWare. [Richard Levitte] *) Don't use getenv in library functions when run as setuid/setgid. New function OPENSSL_issetugid(). [Ulf Moeller] *) Store verify_result within SSL_SESSION also for client side to avoid potential security hole. (Re-used sessions on the client side always resulted in verify_result==X509_V_OK, not using the original result of the server certificate verification.) [Lutz Jaenicke] ===> package doesn't doesn't do this. We'll bump major versions ===> as necessary. *) Make sure that shared libraries get the internal name engine with the full version number and not just 0. This should mark the shared libraries as not backward compatible. Of course, this should be changed again when we can guarantee backward binary compatibility. [Richard Levitte] *) Rework the system to generate shared libraries: - Make note of the expected extension for the shared libraries and if there is a need for symbolic links from for example libcrypto.so.0 to libcrypto.so.0.9.7. There is extended info in Configure for that. - Make as few rebuilds of the shared libraries as possible. - Still avoid linking the OpenSSL programs with the shared libraries. - When installing, install the shared libraries separately from the static ones. @ text @d1 1 a1 1 $NetBSD$ @ 1.5.2.1 log @file patch-ae was added on branch buildlink2 on 2002-08-22 11:12:30 +0000 @ text @d1 15 @ 1.5.2.2 log @Merge changes from pkgsrc-current into the buildlink2 branch for the packages that have buildlink2.mk files. @ text @a0 15 $NetBSD: patch-ae,v 1.5.2.1 2002/08/22 11:12:30 jlam Exp $ --- tools/Makefile.ssl.orig Thu Apr 29 16:52:08 1999 +++ tools/Makefile.ssl @@@@ -31,8 +31,8 @@@@ done; @@for i in $(MISC_APPS) ; \ do \ - (cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i; \ - chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \ + chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \ done; files: @ 1.4 log @Support to build it on Solaris. It would be easier to make that change if we support patches for one OPSYS but someone removed that from out tree. @ text @d1 1 a1 1 $NetBSD: patch-ae,v 1.3 1999/11/25 18:51:47 erh Exp $ d3 11 a13 4 --- crypto/Makefile.ssl.orig Mon Aug 2 16:44:47 1999 +++ crypto/Makefile.ssl Wed Oct 20 17:31:16 1999 @@@@ -48,6 +48,7 @@@@ @@(cd ..; $(MAKE) DIRS=$(DIR) all) d15 1 a15 5 all: buildinf.h lib subdirs + cd ${TOP} && csh ${MAKELIB} ${IS_ELF} libcrypto.so.${MAJOR}.${MINOR} libcrypto.a buildinf.h: ../Makefile.ssl ( echo "#ifndef MK1MF_BUILD"; \ @ 1.3 log @Update openssl to 0.9.4. @ text @d1 1 a1 1 $NetBSD: $ @ 1.2 log @Make openssl compile whether or not RSAref is defined. @ text @d3 2 a4 2 --- crypto/Makefile.ssl.orig Mon Mar 22 06:21:17 1999 +++ crypto/Makefile.ssl Mon Oct 18 22:19:47 1999 d8 2 a9 2 all: date.h lib subdirs + XMAKELIB d11 2 a12 2 date.h: ../Makefile.ssl echo "#define DATE \"`date`\"" >date.h @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD$ d3 2 a4 2 --- crypto/Makefile.ssl.orig Tue Apr 27 14:35:41 1999 +++ crypto/Makefile.ssl Tue Apr 27 14:37:46 1999 d9 1 a9 1 + cd .. && csh ${MAKELIB} libcrypto.so.1.0 libcrypto.a libRSAglue.a @ 1.1.1.1 log @Import OpenSSL 0.9.2b pkg, a package which finally updates and fixes many deficiencies in SSLeay. Intended to be a drop-in replacement for SSLeay (and still provides the command-prompt interface as "ssleay"). @ text @@