the diffs are trashed because Makefile.org is used as a basis for
Makefile.ssl during configuration. Now that patch-ab is applied correctly
libRSAglue.a is installed.
- add patch-aj obtained from the OpenSSL CVS repository:
"Make sure the RSA OAEP test is skipped under -DRSAref because
OAEP isn't supported when OpenSSL is built with RSAref."
According to the OpenSSL-core-team you are strongly encouraged to upgrade
any old version. The new version has a lot of bug fixes.
- ${PREFIX}/bin/ssleay was renamed to ${PREFIX}/bin/openssl and
${PREFIX}/etc/ssleay.cnf to ${PREFIX}/lib/openssl.cnf
- there are no links from e. g. ${PREFIX}/bin/md5 to ${PREFIX}/bin/ssleay
any longer, instead you have to call "openssl md5" now
- replaced HAS_CONFIGURE, CONFIGURE_SCRIPT and CONFIGURE_ENV with a
do-configure target and changed the indention level
- some perl scripts need perl5 now, so set USE_PERL5 and replace perl
with ${PERL5} where neccessary.
- honour ${CFLAGS}
(2) Reorganize MASTER_SITEs
(3) Remove reference to Phil Karn's ssh speedups, it is now distributed
as a full source package, and not a patch kit. If we want to use it,
we will have to make a new port for it.
(4) Use ${ECHO} instead of echo, ${RM} instead of rm, ${LN} instead of ln
(5) Use ${FALSE} instead of false
(6) Remove multiple blank lines in Makefile
(7) Remove trailing blank lines in pkg/DESCR
Submitted by: Alex Perel <veers@disturbed.net> (1, 2, 4, 6)
Bill Fumerola <billf@FreeBSD.org> (3, 5, 7)
brief discussion on -committers, tcp_wrappers will be imported into the base
system which will allow us to build our system portmapper with hosts.allow
functionality.
Apply openssl-0.9.1c-bnrec.patch via PATCHFILES:
"DESCRIPTION:
The Big Number (BN) library in OpenSSL 0.9.1c has some problems when dealing
with very large numbers. Because mostly all other OpenSSL sub-libraries
(including the RSA library) are based on BN, this can cause failures when
doing certificate verification and performing other SSL functions. These BN
bugs are already fixed for OpenSSL 0.9.2. But for OpenSSL 0.9.1c the easiest
workaround to fix the subtle problems is to apply the above patch which mainly
disables the broken Montgomery multiplication algorithm inside BN."
