18543884 Upgrade OpenSSL to 1.0.1g s11-update
authorMisaki Miyashita <Misaki.Miyashita@Oracle.COM>
Wed, 09 Apr 2014 15:50:49 -0700
branchs11-update
changeset 3066 07964fc8b408
parent 3065 53e904a2c22e
child 3067 61e6cd945591
18543884 Upgrade OpenSSL to 1.0.1g 18530504 problem in UTILITY/OPENSSL 18538605 problem in UTILITY/OPENSSL
components/openssl/openssl-1.0.1-fips-140/Makefile
components/openssl/openssl-1.0.1-fips-140/openssl-1.0.1-fips-140.license
components/openssl/openssl-1.0.1-fips-140/openssl-1.0.1-fips-140.p5m
components/openssl/openssl-1.0.1-fips-140/patches/34_tls_segfault.patch
components/openssl/openssl-1.0.1/Makefile
components/openssl/openssl-1.0.1/openssl-1.0.1.p5m
components/openssl/openssl-1.0.1/patches/34_tls_segfault.patch
--- a/components/openssl/openssl-1.0.1-fips-140/Makefile	Wed Apr 09 15:06:42 2014 -0700
+++ b/components/openssl/openssl-1.0.1-fips-140/Makefile	Wed Apr 09 15:50:49 2014 -0700
@@ -29,14 +29,14 @@
 COMPONENT_NAME =	openssl-fips-140
 # Note that this is the OpenSSL version that is used to build FIPS-140 certified
 # libraries. However, we use the FIPS canister version for the IPS package.
-COMPONENT_VERSION =	1.0.1f
+COMPONENT_VERSION =	1.0.1g
 IPS_COMPONENT_VERSION = 2.0.6
 COMPONENT_PROJECT_URL=	http://www.openssl.org/
 COMPONENT_SRC_NAME =	openssl
 COMPONENT_SRC =		$(COMPONENT_SRC_NAME)-$(COMPONENT_VERSION)
 COMPONENT_ARCHIVE =	$(COMPONENT_SRC).tar.gz
 COMPONENT_ARCHIVE_HASH=	\
-    sha256:6cc2a80b17d64de6b7bac985745fdaba971d54ffd7d38d3556f998d7c0c9cb5a
+    sha256:53cb818c3b90e507a8348f4f5eaedb05d8bfe5358aabb508b7263cc670c3e028
 COMPONENT_ARCHIVE_URL =	$(COMPONENT_PROJECT_URL)source/$(COMPONENT_ARCHIVE)
 COMPONENT_BUGDB=	utility/openssl
 
--- a/components/openssl/openssl-1.0.1-fips-140/openssl-1.0.1-fips-140.license	Wed Apr 09 15:06:42 2014 -0700
+++ b/components/openssl/openssl-1.0.1-fips-140/openssl-1.0.1-fips-140.license	Wed Apr 09 15:50:49 2014 -0700
@@ -12,7 +12,7 @@
   ---------------
 
 /* ====================================================================
- * Copyright (c) 1998-2008 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2011 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
--- a/components/openssl/openssl-1.0.1-fips-140/openssl-1.0.1-fips-140.p5m	Wed Apr 09 15:06:42 2014 -0700
+++ b/components/openssl/openssl-1.0.1-fips-140/openssl-1.0.1-fips-140.p5m	Wed Apr 09 15:50:49 2014 -0700
@@ -34,7 +34,7 @@
 set name=pkg.human-version value=$(COMPONENT_VERSION)
 set name=com.oracle.info.description \
     value="the FIPS 140-2 Capable OpenSSL libraries"
-set name=com.oracle.info.tpno value=16634
+set name=com.oracle.info.tpno value=17171
 set name=info.classification value=org.opensolaris.category.2008:System/Security
 set name=info.source-url value=$(COMPONENT_ARCHIVE_URL)
 set name=info.upstream-url value=$(COMPONENT_PROJECT_URL)
--- a/components/openssl/openssl-1.0.1-fips-140/patches/34_tls_segfault.patch	Wed Apr 09 15:06:42 2014 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,17 +0,0 @@
-Index: openssl/ssl/t1_enc.c
-============================================================================
-$ diff -ru ssl/t1_enc.c ssl/t1_enc.c
---- t1_enc.c.orig       Tue Dec 10 15:36:05 2013
-+++ t1_enc.c    Wed Dec 11 09:29:02 2013
[email protected]@ -986,7 +986,10 @@
- 		}
- 		else
- 		{
--			EVP_MD_CTX_copy(&hmac,hash);
-+			if (EVP_MD_CTX_copy(&hmac,hash) != 1)
-+				{
-+				return (0);
-+				}
- 			mac_ctx = &hmac;
- 		}
- 
--- a/components/openssl/openssl-1.0.1/Makefile	Wed Apr 09 15:06:42 2014 -0700
+++ b/components/openssl/openssl-1.0.1/Makefile	Wed Apr 09 15:50:49 2014 -0700
@@ -28,15 +28,15 @@
 # When upgrading OpenSSL, please, DON'T FORGET TO TEST WANBOOT too. 
 # For more information about wanboot-openssl testing, please refer to
 # ../README.
-COMPONENT_VERSION =	1.0.1f
+COMPONENT_VERSION =	1.0.1g
 # Version for IPS. It is easier to do it manually than convert the letter to a
 # number while taking into account that there might be no letter at all.
-IPS_COMPONENT_VERSION = 1.0.1.6
+IPS_COMPONENT_VERSION = 1.0.1.7
 COMPONENT_PROJECT_URL=	http://www.openssl.org/
 COMPONENT_SRC =		$(COMPONENT_NAME)-$(COMPONENT_VERSION)
 COMPONENT_ARCHIVE =	$(COMPONENT_SRC).tar.gz
 COMPONENT_ARCHIVE_HASH=	\
-    sha256:6cc2a80b17d64de6b7bac985745fdaba971d54ffd7d38d3556f998d7c0c9cb5a
+    sha256:53cb818c3b90e507a8348f4f5eaedb05d8bfe5358aabb508b7263cc670c3e028
 
 COMPONENT_ARCHIVE_URL =	$(COMPONENT_PROJECT_URL)source/$(COMPONENT_ARCHIVE)
 COMPONENT_BUGDB=	utility/openssl
--- a/components/openssl/openssl-1.0.1/openssl-1.0.1.p5m	Wed Apr 09 15:06:42 2014 -0700
+++ b/components/openssl/openssl-1.0.1/openssl-1.0.1.p5m	Wed Apr 09 15:50:49 2014 -0700
@@ -30,7 +30,7 @@
     value="OpenSSL is a full-featured toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library."
 set name=pkg.human-version value=$(COMPONENT_VERSION)
 set name=com.oracle.info.description value=OpenSSL
-set name=com.oracle.info.tpno value=16634
+set name=com.oracle.info.tpno value=17171
 set name=info.classification value=org.opensolaris.category.2008:System/Security
 set name=info.source-url value=$(COMPONENT_ARCHIVE_URL)
 set name=info.upstream-url value=$(COMPONENT_PROJECT_URL)
--- a/components/openssl/openssl-1.0.1/patches/34_tls_segfault.patch	Wed Apr 09 15:06:42 2014 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,17 +0,0 @@
-Index: openssl/ssl/t1_enc.c
-============================================================================
-$ diff -ru ssl/t1_enc.c ssl/t1_enc.c
---- t1_enc.c.orig       Tue Dec 10 15:36:05 2013
-+++ t1_enc.c    Wed Dec 11 09:29:02 2013
[email protected]@ -986,7 +986,10 @@
- 		}
- 		else
- 		{
--			EVP_MD_CTX_copy(&hmac,hash);
-+			if (EVP_MD_CTX_copy(&hmac,hash) != 1)
-+				{
-+				return (0);
-+				}
- 			mac_ctx = &hmac;
- 		}
-