head	1.4;
access;
symbols
	pkgsrc-2015Q1:1.3.0.2
	pkgsrc-2015Q1-base:1.3
	pkgsrc-2014Q4:1.2.0.12
	pkgsrc-2014Q4-base:1.2
	pkgsrc-2014Q3:1.2.0.10
	pkgsrc-2014Q3-base:1.2
	pkgsrc-2014Q2:1.2.0.8
	pkgsrc-2014Q2-base:1.2
	pkgsrc-2014Q1:1.2.0.6
	pkgsrc-2014Q1-base:1.2
	pkgsrc-2013Q4:1.2.0.4
	pkgsrc-2013Q4-base:1.2
	pkgsrc-2013Q3:1.2.0.2
	pkgsrc-2013Q3-base:1.2
	pkgsrc-2013Q2:1.1.0.6
	pkgsrc-2013Q2-base:1.1
	pkgsrc-2013Q1:1.1.0.4
	pkgsrc-2013Q1-base:1.1
	pkgsrc-2012Q4:1.1.0.2
	pkgsrc-2012Q4-base:1.1;
locks; strict;
comment	@# @;


1.4
date	2015.06.14.17.42.50;	author fhajny;	state dead;
branches;
next	1.3;
commitid	NDHxeSLWwC2piqpy;

1.3
date	2015.03.28.19.00.28;	author rodent;	state Exp;
branches;
next	1.2;
commitid	myUuQEh25FgRdpfy;

1.2
date	2013.09.11.13.17.26;	author obache;	state Exp;
branches;
next	1.1;
commitid	mpeYJfqhILvSq15x;

1.1
date	2012.12.11.23.29.28;	author gdt;	state Exp;
branches;
next	;


desc
@@


1.4
log
@Remove security/polarssl, it's been superseded by security/mbedtls.
@
text
@$NetBSD: patch-Makefile,v 1.3 2015/03/28 19:00:28 rodent Exp $

Fix DESTDIR for pkgsrc, and suppress building test programs.

--- Makefile.orig	2014-10-20 11:59:19.000000000 +0000
+++ Makefile
@@@@ -1,48 +1,28 @@@@
 
-DESTDIR=/usr/local
-PREFIX=polarssl_
+APPNAME_PRE=polarssl_
 
 .SILENT:
 
 all:
 	cd library  && $(MAKE) all && cd ..
-	cd programs && $(MAKE) all && cd ..
 	cd tests    && $(MAKE) all && cd ..
 
 no_test:
 	cd library  && $(MAKE) all && cd ..
-	cd programs && $(MAKE) all && cd ..
 
 lib:
 	cd library  && $(MAKE) all && cd ..
 
 install:
-	mkdir -p $(DESTDIR)/include/polarssl
-	cp -r include/polarssl $(DESTDIR)/include
+	mkdir -p $(DESTDIR)${PREFIX}/include/polarssl
+	cp -r include/polarssl $(DESTDIR)${PREFIX}/include
 	
-	mkdir -p $(DESTDIR)/lib
-	cp library/libpolarssl.* $(DESTDIR)/lib
-	
-	mkdir -p $(DESTDIR)/bin
-	for p in programs/*/* ; do              \
-	    if [ -x $$p ] && [ ! -d $$p ] ;     \
-	    then                                \
-	        f=$(PREFIX)`basename $$p` ;     \
-	        cp $$p $(DESTDIR)/bin/$$f ;     \
-	    fi                                  \
-	done
+	mkdir -p $(DESTDIR)${PREFIX}/lib
+	cp library/libpolarssl.* $(DESTDIR)${PREFIX}/lib
 
 uninstall:
-	rm -rf $(DESTDIR)/include/polarssl
-	rm -f $(DESTDIR)/lib/libpolarssl.*
-	
-	for p in programs/*/* ; do              \
-	    if [ -x $$p ] && [ ! -d $$p ] ;     \
-	    then                                \
-	        f=$(PREFIX)`basename $$p` ;     \
-	        rm -f $(DESTDIR)/bin/$$f ;      \
-	    fi                                  \
-	done
+	rm -rf $(DESTDIR)${PREFIX}/include/polarssl
+	rm -f $(DESTDIR)${PREFIX}/lib/libpolarssl.*
 
 clean:
 	cd library  && $(MAKE) clean && cd ..
@


1.3
log
@Add patch to make OpenSSL ("tests") optional. The package wants this by
default and users of other package management systems might imagine this
package functioning the same way. However, the PLIST differs by one item
without it, which users may change at their discretion. Add zlib option
too which I'd missed during the previous update. Bump PKGREVISION.
@
text
@d1 1
a1 1
$NetBSD: patch-Makefile,v 1.2 2013/09/11 13:17:26 obache Exp $
@


1.2
log
@Update PolarSSL to 1.2.8

= Version 1.2.8 released 2013-06-19
Features
   * Parsing of PKCS#8 encrypted private key files
   * PKCS#12 PBE and derivation functions
   * Centralized module option values in config.h to allow user-defined
     settings without editing header files by using POLARSSL_CONFIG_OPTIONS

Changes
   * HAVEGE random generator disabled by default
   * Internally split up x509parse_key() into a (PEM) handler function
     and specific DER parser functions for the PKCS#1 and unencrypted
     PKCS#8 private key formats
   * Added mechanism to provide alternative implementations for all
     symmetric cipher and hash algorithms (e.g. POLARSSL_AES_ALT in
	 config.h)
   * PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated
     old PBKDF2 module

Bugfix
   * Secure renegotiation extension should only be sent in case client
     supports secure renegotiation
   * Fixed offset for cert_type list in ssl_parse_certificate_request()
   * Fixed const correctness issues that have no impact on the ABI
   * x509parse_crt() now better handles PEM error situations
   * ssl_parse_certificate() now calls x509parse_crt_der() directly
     instead of the x509parse_crt() wrapper that can also parse PEM
	 certificates
   * x509parse_crtpath() is now reentrant and uses more portable stat()
   * Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler
   * Fixed values for 2-key Triple DES in cipher layer
   * ssl_write_certificate_request() can handle empty ca_chain

Security
   * A possible DoS during the SSL Handshake, due to faulty parsing of
     PEM-encoded certificates has been fixed (found by Jack Lloyd)

= Version 1.2.7 released 2013-04-13
Features
   * Ability to specify allowed ciphersuites based on the protocol version.

Changes
   * Default Blowfish keysize is now 128-bits
   * Test suites made smaller to accommodate Raspberry Pi

Bugfix
   * Fix for MPI assembly for ARM
   * GCM adapted to support sizes > 2^29

= Version 1.2.6 released 2013-03-11
Bugfix
   * Fixed memory leak in ssl_free() and ssl_reset() for active session
   * Corrected GCM counter incrementation to use only 32-bits instead of
     128-bits (found by Yawning Angel)
   * Fixes for 64-bit compilation with MS Visual Studio
   * Fixed net_bind() for specified IP addresses on little endian systems
   * Fixed assembly code for ARM (Thumb and regular) for some compilers

Changes
   * Internally split up rsa_pkcs1_encrypt(), rsa_pkcs1_decrypt(),
     rsa_pkcs1_sign() and rsa_pkcs1_verify() to separate PKCS#1 v1.5 and
     PKCS#1 v2.1 functions
   * Added support for custom labels when using rsa_rsaes_oaep_encrypt()
     or rsa_rsaes_oaep_decrypt()
   * Re-added handling for SSLv2 Client Hello when the define
     POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO is set
   * The SSL session cache module (ssl_cache) now also retains peer_cert
     information (not the entire chain)

Security
   * Removed further timing differences during SSL message decryption in
     ssl_decrypt_buf()
   * Removed timing differences due to bad padding from
     rsa_rsaes_pkcs1_v15_decrypt() and rsa_pkcs1_decrypt() for PKCS#1 v1.5
     operations

= Version 1.2.5 released 2013-02-02
Changes
   * Allow enabling of dummy error_strerror() to support some use-cases
   * Debug messages about padding errors during SSL message decryption are
     disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL
   * Sending of security-relevant alert messages that do not break
     interoperability can be switched on/off with the flag
     POLARSSL_SSL_ALL_ALERT_MESSAGES

Security
   * Removed timing differences during SSL message decryption in
     ssl_decrypt_buf() due to badly formatted padding

= Version 1.2.4 released 2013-01-25
Changes
   * Added ssl_handshake_step() to allow single stepping the handshake process

Bugfix
   * Memory leak when using RSA_PKCS_V21 operations fixed
   * Handle future version properly in ssl_write_certificate_request()
   * Correctly handle CertificateRequest message in client for <= TLS 1.1
     without DN list

= Version 1.2.3 released 2012-11-26
Bugfix
   * Server not always sending correct CertificateRequest message

= Version 1.2.2 released 2012-11-24
Changes
   * Added p_hw_data to ssl_context for context specific hardware acceleration
     data
   * During verify trust-CA is only checked for expiration and CRL presence

Bugfixes
   * Fixed client authentication compatibility
   * Fixed dependency on POLARSSL_SHA4_C in SSL modules

= Version 1.2.1 released 2012-11-20
Changes
   * Depth that the certificate verify callback receives is now numbered
     bottom-up (Peer cert depth is 0)

Bugfixes
   * Fixes for MSVC6
   * Moved mpi_inv_mod() outside POLARSSL_GENPRIME
   * Allow R and A to point to same mpi in mpi_div_mpi (found by Manuel
     Pégourié-Gonnard)
   * Fixed possible segfault in mpi_shift_r() (found by Manuel
     Pégourié-Gonnard)
   * Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1
@
text
@d1 1
a1 1
$NetBSD: patch-Makefile,v 1.1 2012/12/11 23:29:28 gdt Exp $
d5 1
a5 1
--- Makefile.orig	2013-06-21 13:11:10.000000000 +0000
@


1.1
log
@Import polarssl-1.2.0 as security/polarssl.

PolarSSL is an SSL library written in ANSI C. PolarSSL makes it easy for
developers to include cryptographic and SSL/TLS capabilities in their
(embedded) products with as little hassle as possible. It is designed to be
readable, documented, tested, loosely coupled and portable.

This package includes headers/libs only, not the demo programs.

PolarSSL is GPLv2, but offers exceptions to be distributed with other works
licensed as Apache, BSD, CC0, EUPL, LGPL, ISC, WTFPL, X11, zlib/libpng.
@
text
@d1 1
a1 1
$NetBSD$
d4 5
a8 4
--- Makefile.orig	2012-04-05 07:07:50.000000000 -0500
+++ Makefile	2012-11-14 23:27:47.000000000 -0600
@@@@ -1,37 +1,24 @@@@
-
d30 2
a31 2
+	mkdir -p ${DESTDIR}${PREFIX}/include/polarssl
+	cp -r include/polarssl ${DESTDIR}${PREFIX}/include
d35 1
a35 3
+	mkdir -p ${DESTDIR}${PREFIX}/lib
+	cp library/libpolarssl.* ${DESTDIR}${PREFIX}/lib
 	
d44 17
a60 1
-
a62 1
 	cd programs && $(MAKE) clean && cd ..
@