upstream/oracle/userland-gate: changeset 5951:53f9397aa985

--- a/components/openssl/openssl-1.0.1-fips-140/Makefile	Mon May 09 19:41:29 2016 -0700
+++ b/components/openssl/openssl-1.0.1-fips-140/Makefile	Mon May 09 20:56:05 2016 -0700
@@ -32,18 +32,18 @@
 COMPONENT_NAME =	openssl-fips-140
 # Note that this is the OpenSSL version that is used to build FIPS-140 certified
 # libraries. However, we use the FIPS canister version for the IPS package.
-COMPONENT_VERSION =	1.0.1s
+COMPONENT_VERSION =	1.0.1t
 IPS_COMPONENT_VERSION = 2.0.6
 COMPONENT_PROJECT_URL=	http://www.openssl.org/
 COMPONENT_SRC_NAME =	openssl
 COMPONENT_SRC =		$(COMPONENT_SRC_NAME)-$(COMPONENT_VERSION)
 COMPONENT_ARCHIVE =	$(COMPONENT_SRC).tar.gz
 COMPONENT_ARCHIVE_HASH=	\
-    sha256:e7e81d82f3cd538ab0cdba494006d44aab9dd96b7f6233ce9971fb7c7916d511
+    sha256:4a6ee491a2fdb22e519c76fdc2a628bb3cec12762cd456861d207996c8a07088
 COMPONENT_ARCHIVE_URL =	$(COMPONENT_PROJECT_URL)source/$(COMPONENT_ARCHIVE)
 COMPONENT_BUGDB=	library/openssl
 
-TPNO=			27087
+TPNO=			28138
 
 # OpenSSL FIPS directory
 OPENSSL_FIPS_DIR = $(COMPONENT_DIR)/../openssl-fips
@@ -107,7 +107,7 @@
 CONFIGURE_OPTIONS += no-seed
 
 # Disable SSLv2 protocol
-CONFIGURE_OPTIONS += no-ssl2
+CONFIGURE_OPTIONS += no-ssl2 no-ssl2-method
 
 # We define our own compiler and linker option sets for Solaris. See Configure
 # for more information.

--- a/components/openssl/openssl-1.0.1-fips-140/patches/42_rm_sslv2.patch	Mon May 09 19:41:29 2016 -0700
+++ b/components/openssl/openssl-1.0.1-fips-140/patches/42_rm_sslv2.patch	Mon May 09 20:56:05 2016 -0700
@@ -51,11 +51,11 @@
  # endif
 --- openssl-1.0.1/ssl/ssl.h	Tue May 26 11:13:15 2015
 +++ openssl-1.0.1/ssl/ssl.h.new	Tue May 26 11:32:09 2015
-@@ -2016,12 +2016,26 @@
+@@ -2016,12 +2016,28 @@
  /* This sets the 'default' SSL version that SSL_new() will create */
  int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
  
--# ifndef OPENSSL_NO_SSL2
+-# ifndef OPENSSL_NO_SSL2_METHOD
 -const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
 -const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
 -const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
@@ -75,10 +75,12 @@
 +#endif
 +
 +# ifndef OPENSSL_NO_SSL2
++# ifndef OPENSSL_NO_SSL2_METHOD
 +DEPRECATED const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
 +DEPRECATED const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
 +DEPRECATED const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
 +# endif
++# endif
 +
  # ifndef OPENSSL_NO_SSL3_METHOD
  const SSL_METHOD *SSLv3_method(void); /* SSLv3 */

--- a/components/openssl/openssl-1.0.1/Makefile	Mon May 09 19:41:29 2016 -0700
+++ b/components/openssl/openssl-1.0.1/Makefile	Mon May 09 20:56:05 2016 -0700
@@ -28,20 +28,20 @@
 # When upgrading OpenSSL, please, DON'T FORGET TO TEST WANBOOT too. 
 # For more information about wanboot-openssl testing, please refer to
 # ../README.
-COMPONENT_VERSION =	1.0.1s
+COMPONENT_VERSION =	1.0.1t
 # Version for IPS. It is easier to do it manually than convert the letter to a
 # number while taking into account that there might be no letter at all.
-IPS_COMPONENT_VERSION = 1.0.1.19
+IPS_COMPONENT_VERSION = 1.0.1.20
 COMPONENT_PROJECT_URL=	http://www.openssl.org/
 COMPONENT_SRC =		$(COMPONENT_NAME)-$(COMPONENT_VERSION)
 COMPONENT_ARCHIVE =	$(COMPONENT_SRC).tar.gz
 COMPONENT_ARCHIVE_HASH=	\
-    sha256:e7e81d82f3cd538ab0cdba494006d44aab9dd96b7f6233ce9971fb7c7916d511
+    sha256:4a6ee491a2fdb22e519c76fdc2a628bb3cec12762cd456861d207996c8a07088
 
 COMPONENT_ARCHIVE_URL =	$(COMPONENT_PROJECT_URL)source/$(COMPONENT_ARCHIVE)
 COMPONENT_BUGDB=	library/openssl
 
-TPNO=			27087
+TPNO=			28138
 
 include $(WS_MAKE_RULES)/prep.mk
 include $(WS_MAKE_RULES)/configure.mk
@@ -98,7 +98,7 @@
 CONFIGURE_OPTIONS += no-seed
 
 # Disable SSLv2 protocol
-CONFIGURE_OPTIONS += no-ssl2
+CONFIGURE_OPTIONS += no-ssl2 no-ssl2-method
 
 # We use both no-whirlpool and no-whrlpool since there is an inconsistency in
 # the OpenSSL code and one needs both to build OpenSSL successfully with

--- a/components/openssl/openssl-1.0.1/patches/42_rm_sslv2.patch	Mon May 09 19:41:29 2016 -0700
+++ b/components/openssl/openssl-1.0.1/patches/42_rm_sslv2.patch	Mon May 09 20:56:05 2016 -0700
@@ -51,11 +51,11 @@
  # endif
 --- openssl-1.0.1/ssl/ssl.h	Tue May 26 11:13:15 2015
 +++ openssl-1.0.1/ssl/ssl.h.new	Tue May 26 11:32:09 2015
-@@ -2016,12 +2016,26 @@
+@@ -2016,12 +2016,28 @@
  /* This sets the 'default' SSL version that SSL_new() will create */
  int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
  
--# ifndef OPENSSL_NO_SSL2
+-# ifndef OPENSSL_NO_SSL2_METHOD
 -const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
 -const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
 -const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
@@ -75,10 +75,12 @@
 +#endif
 +
 +# ifndef OPENSSL_NO_SSL2
++# ifndef OPENSSL_NO_SSL2_METHOD
 +DEPRECATED const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
 +DEPRECATED const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
 +DEPRECATED const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
 +# endif
++# endif
 +
  # ifndef OPENSSL_NO_SSL3_METHOD
  const SSL_METHOD *SSLv3_method(void); /* SSLv3 */

author	Ronald Jordan <ron.jordan@oracle.com>
	Mon, 09 May 2016 20:56:05 -0700
branch	s11u3-sru
changeset 5951	53f9397aa985
parent 5950	9032c8d91972
child 5966	9a7d9bde3d8f

components/openssl/openssl-1.0.1-fips-140/Makefile		file \| annotate \| diff \| comparison \| revisions
components/openssl/openssl-1.0.1-fips-140/patches/42_rm_sslv2.patch		file \| annotate \| diff \| comparison \| revisions
components/openssl/openssl-1.0.1/Makefile		file \| annotate \| diff \| comparison \| revisions
components/openssl/openssl-1.0.1/patches/42_rm_sslv2.patch		file \| annotate \| diff \| comparison \| revisions