Author: oden
Date: Tue Oct 31 22:58:53 2006
New Revision: 74808
Added:
packages/cooker/openssl/current/SOURCES/openssl-0.9.6-x509.patch
packages/cooker/openssl/current/SOURCES/openssl-0.9.6b-mdkconfig.patch
packages/cooker/openssl/current/SOURCES/openssl-0.9.7-beta5-version-add-engines.patch
packages/cooker/openssl/current/SOURCES/openssl-0.9.7-beta6-ia64.patch
packages/cooker/openssl/current/SOURCES/openssl-0.9.7-ia64-asm.patch
packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-defaults.patch
packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-enginesdir.patch
packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-link-krb5.patch
packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-use-poll.patch
Removed:
packages/cooker/openssl/current/SOURCES/openssl-0.9.6-x509.patch.bz2
packages/cooker/openssl/current/SOURCES/openssl-0.9.6b-mdkconfig.patch.bz2
packages/cooker/openssl/current/SOURCES/openssl-0.9.7-beta5-version-add-engines.patch.bz2
packages/cooker/openssl/current/SOURCES/openssl-0.9.7-beta6-ia64.patch.bz2
packages/cooker/openssl/current/SOURCES/openssl-0.9.7-ia64-asm.patch.bz2
packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-defaults.patch.bz2
packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-enginesdir.patch.bz2
packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-link-krb5.patch.bz2
packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-use-poll.patch.bz2
Log:
- commit the patches too...
Added: packages/cooker/openssl/current/SOURCES/openssl-0.9.6-x509.patch
==============================================================================
--- (empty file)
+++ packages/cooker/openssl/current/SOURCES/openssl-0.9.6-x509.patch Tue Oct
31 22:58:53 2006
@@ -0,0 +1,29 @@
+Do not treat duplicate certs as an error.
+
+--- openssl-0.9.6/crypto/x509/by_file.c Wed Sep 27 15:09:05 2000
++++ openssl-0.9.6/crypto/x509/by_file.c Wed Sep 27 14:21:20 2000
+@@ -163,8 +163,12 @@
+ }
+ }
+ i=X509_STORE_add_cert(ctx->store_ctx,x);
+- if (!i) goto err;
+- count++;
++ /* ignore any problems with current certificate
++ and continue with the next one */
++ if (i)
++ count++;
++ else
++ ERR_clear_error();
+ X509_free(x);
+ x=NULL;
+ }
+@@ -179,7 +183,8 @@
+ goto err;
+ }
+ i=X509_STORE_add_cert(ctx->store_ctx,x);
+- if (!i) goto err;
++ if (!i)
++ ERR_clear_error();
+ ret=i;
+ }
+ else
Added: packages/cooker/openssl/current/SOURCES/openssl-0.9.6b-mdkconfig.patch
==============================================================================
--- (empty file)
+++ packages/cooker/openssl/current/SOURCES/openssl-0.9.6b-mdkconfig.patch
Tue Oct 31 22:58:53 2006
@@ -0,0 +1,116 @@
+--- openssl-0.9.6b/ssl/s3_lib.c.mdkconfig Fri Mar 9 11:08:04 2001
++++ openssl-0.9.6b/ssl/s3_lib.c Tue Dec 4 17:44:27 2001
+@@ -204,6 +204,7 @@
+ SSL_ALL_STRENGTHS,
+ },
+ /* Cipher 1B */
++#if 0
+ {
+ 1,
+ SSL3_TXT_ADH_DES_192_CBC_SHA,
+@@ -216,6 +217,7 @@
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
++#endif
+
+ /* RSA again */
+ /* Cipher 03 */
+@@ -310,6 +312,7 @@
+ SSL_ALL_STRENGTHS,
+ },
+ /* Cipher 0A */
++#if 0
+ {
+ 1,
+ SSL3_TXT_RSA_DES_192_CBC3_SHA,
+@@ -322,6 +325,7 @@
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
++#endif
+
+ /* The DH ciphers */
+ /* Cipher 0B */
+@@ -351,6 +355,7 @@
+ SSL_ALL_STRENGTHS,
+ },
+ /* Cipher 0D */
++#if 0
+ {
+ 0,
+ SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
+@@ -363,6 +368,7 @@
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
++#endif
+ /* Cipher 0E */
+ {
+ 0,
+@@ -390,6 +396,7 @@
+ SSL_ALL_STRENGTHS,
+ },
+ /* Cipher 10 */
++#if 0
+ {
+ 0,
+ SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
+@@ -402,6 +409,7 @@
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
++#endif
+
+ /* The Ephemeral DH ciphers */
+ /* Cipher 11 */
+@@ -431,6 +439,7 @@
+ SSL_ALL_STRENGTHS,
+ },
+ /* Cipher 13 */
++#if 0
+ {
+ 1,
+ SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
+@@ -443,6 +452,7 @@
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
++#endif
+ /* Cipher 14 */
+ {
+ 1,
+@@ -470,6 +480,7 @@
+ SSL_ALL_STRENGTHS,
+ },
+ /* Cipher 16 */
++#if 0
+ {
+ 1,
+ SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
+@@ -482,6 +493,7 @@
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
++#endif
+
+ /* Fortezza */
+ /* Cipher 1C */
+--- openssl-0.9.6b/ssl/s2_lib.c.mdkconfig Tue Dec 26 13:06:47 2000
++++ openssl-0.9.6b/ssl/s2_lib.c Tue Dec 4 17:54:13 2001
+@@ -162,6 +162,7 @@
+ SSL_ALL_STRENGTHS,
+ },
+ /* DES_192_EDE3_CBC_WITH_MD5 */
++#if 0
+ {
+ 1,
+ SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
+@@ -174,6 +175,7 @@
+ SSL_ALL_CIPHERS,
+ SSL_ALL_STRENGTHS,
+ },
++#endif
+ /* RC4_64_WITH_MD5 */
+ #if 1
+ {
Added:
packages/cooker/openssl/current/SOURCES/openssl-0.9.7-beta5-version-add-engines.patch
==============================================================================
--- (empty file)
+++
packages/cooker/openssl/current/SOURCES/openssl-0.9.7-beta5-version-add-engines.patch
Tue Oct 31 22:58:53 2006
@@ -0,0 +1,49 @@
+List the compiled-in hardware support when passed the -a flag.
+
+--- openssl-0.9.7-beta5/apps/version.c 2002-12-03 11:34:28.000000000 -0500
++++ openssl-0.9.7-beta5/apps/version.c 2002-12-11 19:29:10.000000000 -0500
+@@ -130,6 +130,7 @@
+ #ifndef OPENSSL_NO_BF
+ # include <openssl/blowfish.h>
+ #endif
++#include <openssl/engine.h>
+
+ #undef PROG
+ #define PROG version_main
+@@ -139,7 +140,7 @@
+ int MAIN(int argc, char **argv)
+ {
+ int i,ret=0;
+- int cflags=0,version=0,date=0,options=0,platform=0,dir=0;
++ int cflags=0,version=0,date=0,options=0,platform=0,dir=0,engines=0;
+
+ apps_startup();
+
+@@ -163,7 +164,7 @@
+ else if (strcmp(argv[i],"-d") == 0)
+ dir=1;
+ else if (strcmp(argv[i],"-a") == 0)
+- date=version=cflags=options=platform=dir=1;
++ date=version=cflags=options=platform=dir=engines=1;
+ else
+ {
+ BIO_printf(bio_err,"usage:version -[avbofp]\n");
+@@ -198,6 +199,18 @@
+ }
+ if (cflags) printf("%s\n",SSLeay_version(SSLEAY_CFLAGS));
+ if (dir) printf("%s\n",SSLeay_version(SSLEAY_DIR));
++ if (engines)
++ {
++ ENGINE *e;
++ printf("engines: ");
++ e = ENGINE_get_first();
++ while (e)
++ {
++ printf("%s ", ENGINE_get_id(e));
++ e = ENGINE_get_next(e);
++ }
++ printf("\n");
++ }
+ end:
+ apps_shutdown();
+ OPENSSL_EXIT(ret);
Added: packages/cooker/openssl/current/SOURCES/openssl-0.9.7-beta6-ia64.patch
==============================================================================
--- (empty file)
+++ packages/cooker/openssl/current/SOURCES/openssl-0.9.7-beta6-ia64.patch
Tue Oct 31 22:58:53 2006
@@ -0,0 +1,18 @@
+--- openssl/crypto/bn/bn_lcl.h 2002-12-17 16:04:42.000000000 -0500
++++ openssl/crypto/bn/bn_lcl.h 2002-12-17 16:12:59.000000000 -0500
+@@ -245,6 +245,15 @@
+ : "a"(a),"g"(b) \
+ : "cc");
+ # endif
++# elif defined(__ia64) && defined(SIXTY_FOUR_BIT_LONG)
++# if defined(__GNUC__)
++# define BN_UMULT_HIGH(a,b) ({ \
++ register BN_ULONG ret; \
++ asm ("xmpy.hu %0 = %1, %2" \
++ : "=f"(ret) \
++ : "f"(a), "f"(b)); \
++ ret; })
++# endif /* compiler */
+ # endif /* cpu */
+ #endif /* OPENSSL_NO_ASM */
+
Added: packages/cooker/openssl/current/SOURCES/openssl-0.9.7-ia64-asm.patch
==============================================================================
--- (empty file)
+++ packages/cooker/openssl/current/SOURCES/openssl-0.9.7-ia64-asm.patch
Tue Oct 31 22:58:53 2006
@@ -0,0 +1,18 @@
+--- openssl-0.9.7.orig/crypto/bn/bn_lcl.h 2002-12-20 19:10:39.000000000
+0100
++++ openssl-0.9.7/crypto/bn/bn_lcl.h 2003-01-14 08:56:39.000000000 +0100
+@@ -230,6 +230,15 @@
+ : "r"(a), "r"(b)); \
+ ret; })
+ # endif /* compiler */
++# elif defined(__ia64) && defined(SIXTY_FOUR_BIT_LONG)
++# if defined(__GNUC__)
++# define BN_UMULT_HIGH(a,b) ({ \
++ register BN_ULONG ret; \
++ asm ("xmpy.hu %0 = %1, %2" \
++ : "=f"(ret) \
++ : "f"(a), "f"(b)); \
++ ret;
++# endif /* compiler */
+ # elif defined(__x86_64) && defined(SIXTY_FOUR_BIT_LONG)
+ # if defined(__GNUC__)
+ # define BN_UMULT_HIGH(a,b) ({ \
Added: packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-defaults.patch
==============================================================================
--- (empty file)
+++ packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-defaults.patch
Tue Oct 31 22:58:53 2006
@@ -0,0 +1,50 @@
+--- openssl-0.9.8a/apps/openssl.cnf.defaults 2005-09-16 14:20:24.000000000
+0200
++++ openssl-0.9.8a/apps/openssl.cnf 2005-11-04 11:00:37.000000000 +0100
+@@ -99,6 +99,7 @@
+ ####################################################################
+ [ req ]
+ default_bits = 1024
++default_md = sha1
+ default_keyfile = privkey.pem
+ distinguished_name = req_distinguished_name
+ attributes = req_attributes
+@@ -116,23 +117,26 @@
+ # MASK:XXXX a literal mask value.
+ # WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings
+ # so use this option with caution!
+-string_mask = nombstr
++# we use PrintableString+UTF8String mask so if pure ASCII texts are used
++# the resulting certificates are compatible with Netscape
++string_mask = MASK:0x2002
+
+ # req_extensions = v3_req # The extensions to add to a certificate request
+
+ [ req_distinguished_name ]
+ countryName = Country Name (2 letter code)
+-countryName_default = AU
++countryName_default = GB
+ countryName_min = 2
+ countryName_max = 2
+
+ stateOrProvinceName = State or Province Name (full name)
+-stateOrProvinceName_default = Some-State
++stateOrProvinceName_default = Berkshire
+
+ localityName = Locality Name (eg, city)
++localityName_default = Newbury
+
+ 0.organizationName = Organization Name (eg, company)
+-0.organizationName_default = Internet Widgits Pty Ltd
++0.organizationName_default = My Company Ltd
+
+ # we can do this but it is not needed normally :-)
+ #1.organizationName = Second Organization Name (eg, company)
+@@ -141,7 +145,7 @@
+ organizationalUnitName = Organizational Unit Name (eg, section)
+ #organizationalUnitName_default =
+
+-commonName = Common Name (eg, YOUR name)
++commonName = Common Name (eg, your name or your server\'s
hostname)
+ commonName_max = 64
+
+ emailAddress = Email Address
Added: packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-enginesdir.patch
==============================================================================
--- (empty file)
+++ packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-enginesdir.patch
Tue Oct 31 22:58:53 2006
@@ -0,0 +1,39 @@
+--- openssl-0.9.8a/Configure.enginesdir 2005-11-04 15:06:37.000000000
+0100
++++ openssl-0.9.8a/Configure 2005-11-07 14:15:12.000000000 +0100
+@@ -560,6 +560,7 @@
+
+ my $prefix="";
+ my $openssldir="";
++my $enginesdir="";
+ my $exe_ext="";
+ my $install_prefix="";
+ my $no_threads=0;
+@@ -739,6 +740,10 @@
+ {
+ $openssldir=$1;
+ }
++ elsif (/^--enginesdir=(.*)$/)
++ {
++ $enginesdir=$1;
++ }
+ elsif (/^--install.prefix=(.*)$/)
+ {
+ $install_prefix=$1;
+@@ -923,7 +928,7 @@
+
+ $openssldir=$prefix . "/ssl" if $openssldir eq "";
+ $openssldir=$prefix . "/" . $openssldir if $openssldir !~
/(^\/|^[a-zA-Z]:[\\\/])/;
+-
++$enginesdir="$prefix/lib/engines" if $enginesdir eq "";
+
+ print "IsMK1MF=$IsMK1MF\n";
+
+@@ -1430,7 +1435,7 @@
+ if (/^#define\s+OPENSSLDIR/)
+ { print OUT "#define OPENSSLDIR \"$openssldir\"\n"; }
+ elsif (/^#define\s+ENGINESDIR/)
+- { print OUT "#define ENGINESDIR \"$prefix/lib/engines\"\n"; }
++ { print OUT "#define ENGINESDIR \"$enginesdir\"\n"; }
+ elsif (/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
+ { printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
+ if $export_var_as_fn;
Added: packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-link-krb5.patch
==============================================================================
--- (empty file)
+++ packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-link-krb5.patch
Tue Oct 31 22:58:53 2006
@@ -0,0 +1,11 @@
+--- openssl-0.9.8a/Makefile.org.link-krb5 2005-07-05 07:14:21.000000000
+0200
++++ openssl-0.9.8a/Makefile.org 2005-11-07 18:00:08.000000000 +0100
+@@ -266,7 +266,7 @@
+
+ do_$(SHLIB_TARGET):
+ @ set -e; libs='-L. ${SHLIBDEPS}'; for i in ${SHLIBDIRS}; do \
+- if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
++ if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
+ libs="$(LIBKRB5) $$libs"; \
+ fi; \
+ $(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
Added: packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-use-poll.patch
==============================================================================
--- (empty file)
+++ packages/cooker/openssl/current/SOURCES/openssl-0.9.8a-use-poll.patch
Tue Oct 31 22:58:53 2006
@@ -0,0 +1,73 @@
+--- openssl-0.9.8a/crypto/rand/rand_unix.c.use-poll 2005-08-29
01:20:48.000000000 +0200
++++ openssl-0.9.8a/crypto/rand/rand_unix.c 2005-11-08 01:28:35.000000000
+0100
+@@ -125,6 +125,7 @@
+ #include <fcntl.h>
+ #include <unistd.h>
+ #include <time.h>
++#include <sys/poll.h>
+
+ #ifdef __OpenBSD__
+ int RAND_poll(void)
+@@ -157,6 +158,7 @@
+ struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])];
+ int fd;
+ size_t i;
++ struct pollfd pfd;
+ #endif
+ #ifdef DEVRANDOM_EGD
+ static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
+@@ -184,11 +186,10 @@
+ #endif
+ )) >= 0)
+ {
+- struct timeval t = { 0, 10*1000 }; /* Spend 10ms on
++ int t = 10; /* Spend 10ms on
+ each file. */
+ int r;
+ size_t j;
+- fd_set fset;
+ struct stat *st=&randomstats[i];
+
+ /* Avoid using same input... Used to be O_NOFOLLOW
+@@ -204,30 +205,25 @@
+
+ do
+ {
+- FD_ZERO(&fset);
+- FD_SET(fd, &fset);
+- r = -1;
+-
+- if (select(fd+1,&fset,NULL,NULL,&t) < 0)
+- t.tv_usec=0;
+- else if (FD_ISSET(fd, &fset))
++ pfd.fd = fd;
++ pfd.events = POLLIN;
++ pfd.revents = 0;
++
++ if ((r=poll(&pfd,1,t)) == 0)
++ t = 0;
++ else if (r > 0 && (pfd.revents & POLLIN))
+ {
+ r=read(fd,(unsigned char *)tmpbuf+n,
+ ENTROPY_NEEDED-n);
+ if (r > 0)
+ n += r;
+ }
+-
+- /* Some Unixen will update t, some
+- won't. For those who won't, give
+- up here, otherwise, we will do
+- this once again for the remaining
+- time. */
+- if (t.tv_usec == 10*1000)
+- t.tv_usec=0;
++ /* we don't know how big part of the timeout
elapsed
++ wait half the original timeout next time */
++ t >>= 1;
+ }
+ while ((r > 0 || (errno == EINTR || errno == EAGAIN))
+- && t.tv_usec != 0 && n < ENTROPY_NEEDED);
++ && t != 0 && n < ENTROPY_NEEDED);
+
+ close(fd);
+ }
