Apply openssl-0.9.1c-bnrec.patch via PATCHFILES:
"DESCRIPTION:
The Big Number (BN) library in OpenSSL 0.9.1c has some problems when dealing
with very large numbers. Because mostly all other OpenSSL sub-libraries
(including the RSA library) are based on BN, this can cause failures when
doing certificate verification and performing other SSL functions. These BN
bugs are already fixed for OpenSSL 0.9.2. But for OpenSSL 0.9.1c the easiest
workaround to fix the subtle problems is to apply the above patch which mainly
disables the broken Montgomery multiplication algorithm inside BN."
Requested by: Garrett Wollman <wollman@FreeBSD.ORG>:
"If you have an RSA license, you DON'T want to use rsaref -- it's
slow as hell. The only reason you would want to use rsaref is:
1) You are in the US.
2) The patent hasn't expired yet (600-someodd days and counting).
3) You wouldn't have the right to use RSA otherwise."
OpenSSL is a successor of SSLeay (see http://www.openssl.org/).
This port uses almost the same files as SSLeay. So they can't be
installed both.
- make the port ${PREFIX} clean
- reorganize PLIST (list links as normal files, which makes the PLIST
shorter and easier to maintain)
- reference ${PREFIX}/etc/ssleay.cnf only (there was a reference to
${PREFIX}/lib/ssleay.cnf somewhere)
- some other minor portlint changes
want to touch it.
While I'm here, change MASTER_SITES to URL form (ftp://) and add
markm as the maintainer (he's the only one who touched this
Makefile since the beginning of history)....
This implementation has been built with Our ((actually its own but in our
source tree) DES library and our MD{45}. You will need to link your SSL
code with -ldes and -lmd.
Are you happy now, Torsten? ;-)