21240304 Upgrade OpenSSL version to 1.0.1o
21240415 problem in LIBRARY/OPENSSL
21240436 problem in LIBRARY/OPENSSL
21240446 problem in LIBRARY/OPENSSL
21240457 problem in LIBRARY/OPENSSL
21240467 problem in LIBRARY/OPENSSL
21240488 problem in LIBRARY/OPENSSL
--- a/components/openssl/openssl-1.0.1-fips-140/Makefile Wed Jun 17 14:13:59 2015 -0700
+++ b/components/openssl/openssl-1.0.1-fips-140/Makefile Tue Jun 23 09:14:23 2015 -0700
@@ -29,14 +29,14 @@
COMPONENT_NAME = openssl-fips-140
# Note that this is the OpenSSL version that is used to build FIPS-140 certified
# libraries. However, we use the FIPS canister version for the IPS package.
-COMPONENT_VERSION = 1.0.1m
+COMPONENT_VERSION = 1.0.1o
IPS_COMPONENT_VERSION = 2.0.6
COMPONENT_PROJECT_URL= http://www.openssl.org/
COMPONENT_SRC_NAME = openssl
COMPONENT_SRC = $(COMPONENT_SRC_NAME)-$(COMPONENT_VERSION)
COMPONENT_ARCHIVE = $(COMPONENT_SRC).tar.gz
COMPONENT_ARCHIVE_HASH= \
- sha256:095f0b7b09116c0c5526422088058dc7e6e000aa14d22acca6a4e2babcdfef74
+ sha256:16e678c6a05f2502811e075f2c4059ac01c878d091c9c585afc49ebc541f7b13
COMPONENT_ARCHIVE_URL = $(COMPONENT_PROJECT_URL)source/$(COMPONENT_ARCHIVE)
COMPONENT_BUGDB= library/openssl
--- a/components/openssl/openssl-1.0.1-fips-140/openssl-1.0.1-fips-140.p5m Wed Jun 17 14:13:59 2015 -0700
+++ b/components/openssl/openssl-1.0.1-fips-140/openssl-1.0.1-fips-140.p5m Tue Jun 23 09:14:23 2015 -0700
@@ -34,7 +34,7 @@
set name=pkg.human-version value=$(COMPONENT_VERSION)
set name=com.oracle.info.description \
value="the FIPS 140-2 Capable OpenSSL libraries"
-set name=com.oracle.info.tpno value=21965
+set name=com.oracle.info.tpno value=23126
set name=info.classification value=org.opensolaris.category.2008:System/Security
set name=info.source-url value=$(COMPONENT_ARCHIVE_URL)
set name=info.upstream-url value=$(COMPONENT_PROJECT_URL)
--- a/components/openssl/openssl-1.0.1-fips-140/patches/33_cert_chain.patch Wed Jun 17 14:13:59 2015 -0700
+++ b/components/openssl/openssl-1.0.1-fips-140/patches/33_cert_chain.patch Tue Jun 23 09:14:23 2015 -0700
@@ -199,12 +199,12 @@
$ cvs diff -u -r1.133.2.11.2.6.2.3 -r1.133.2.11.2.6.2.4 apps.c
--- openssl/apps/apps.c 4 Dec 2012 17:26:04 -0000 1.133.2.11.2.6.2.3
+++ openssl/apps/apps.c 14 Dec 2012 14:30:45 -0000 1.133.2.11.2.6.2.4
-@@ -2238,6 +2238,8 @@
+@@ -2240,6 +2240,8 @@
flags |= X509_V_FLAG_NOTIFY_POLICY;
else if (!strcmp(arg, "-check_ss_sig"))
flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
+ else if (!strcmp(arg, "-partial_chain"))
+ flags |= X509_V_FLAG_PARTIAL_CHAIN;
+ else if (!strcmp(arg, "-no_alt_chains"))
+ flags |= X509_V_FLAG_NO_ALT_CHAINS;
else
- return 0;
-
--- a/components/openssl/openssl-1.0.1/Makefile Wed Jun 17 14:13:59 2015 -0700
+++ b/components/openssl/openssl-1.0.1/Makefile Tue Jun 23 09:14:23 2015 -0700
@@ -28,15 +28,15 @@
# When upgrading OpenSSL, please, DON'T FORGET TO TEST WANBOOT too.
# For more information about wanboot-openssl testing, please refer to
# ../README.
-COMPONENT_VERSION = 1.0.1m
+COMPONENT_VERSION = 1.0.1o
# Version for IPS. It is easier to do it manually than convert the letter to a
# number while taking into account that there might be no letter at all.
-IPS_COMPONENT_VERSION = 1.0.1.13
+IPS_COMPONENT_VERSION = 1.0.1.15
COMPONENT_PROJECT_URL= http://www.openssl.org/
COMPONENT_SRC = $(COMPONENT_NAME)-$(COMPONENT_VERSION)
COMPONENT_ARCHIVE = $(COMPONENT_SRC).tar.gz
COMPONENT_ARCHIVE_HASH= \
- sha256:095f0b7b09116c0c5526422088058dc7e6e000aa14d22acca6a4e2babcdfef74
+ sha256:16e678c6a05f2502811e075f2c4059ac01c878d091c9c585afc49ebc541f7b13
COMPONENT_ARCHIVE_URL = $(COMPONENT_PROJECT_URL)source/$(COMPONENT_ARCHIVE)
COMPONENT_BUGDB= library/openssl
--- a/components/openssl/openssl-1.0.1/openssl-1.0.1.p5m Wed Jun 17 14:13:59 2015 -0700
+++ b/components/openssl/openssl-1.0.1/openssl-1.0.1.p5m Tue Jun 23 09:14:23 2015 -0700
@@ -30,7 +30,7 @@
value="OpenSSL is a full-featured toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library."
set name=pkg.human-version value=$(COMPONENT_VERSION)
set name=com.oracle.info.description value=OpenSSL
-set name=com.oracle.info.tpno value=21965
+set name=com.oracle.info.tpno value=23126
set name=info.classification value=org.opensolaris.category.2008:System/Security
set name=info.source-url value=$(COMPONENT_ARCHIVE_URL)
set name=info.upstream-url value=$(COMPONENT_PROJECT_URL)
--- a/components/openssl/openssl-1.0.1/patches/33_cert_chain.patch Wed Jun 17 14:13:59 2015 -0700
+++ b/components/openssl/openssl-1.0.1/patches/33_cert_chain.patch Tue Jun 23 09:14:23 2015 -0700
@@ -199,12 +199,12 @@
$ cvs diff -u -r1.133.2.11.2.6.2.3 -r1.133.2.11.2.6.2.4 apps.c
--- openssl/apps/apps.c 4 Dec 2012 17:26:04 -0000 1.133.2.11.2.6.2.3
+++ openssl/apps/apps.c 14 Dec 2012 14:30:45 -0000 1.133.2.11.2.6.2.4
-@@ -2238,6 +2238,8 @@
+@@ -2240,6 +2240,8 @@
flags |= X509_V_FLAG_NOTIFY_POLICY;
else if (!strcmp(arg, "-check_ss_sig"))
flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
+ else if (!strcmp(arg, "-partial_chain"))
+ flags |= X509_V_FLAG_PARTIAL_CHAIN;
+ else if (!strcmp(arg, "-no_alt_chains"))
+ flags |= X509_V_FLAG_NO_ALT_CHAINS;
else
- return 0;
-