According to the OpenSSL-core-team you are strongly encouraged to upgrade
any old version. The new version has a lot of bug fixes.
- ${PREFIX}/bin/ssleay was renamed to ${PREFIX}/bin/openssl and
${PREFIX}/etc/ssleay.cnf to ${PREFIX}/lib/openssl.cnf
- there are no links from e. g. ${PREFIX}/bin/md5 to ${PREFIX}/bin/ssleay
any longer, instead you have to call "openssl md5" now
- replaced HAS_CONFIGURE, CONFIGURE_SCRIPT and CONFIGURE_ENV with a
do-configure target and changed the indention level
- some perl scripts need perl5 now, so set USE_PERL5 and replace perl
with ${PERL5} where neccessary.
- honour ${CFLAGS}
Apply openssl-0.9.1c-bnrec.patch via PATCHFILES:
"DESCRIPTION:
The Big Number (BN) library in OpenSSL 0.9.1c has some problems when dealing
with very large numbers. Because mostly all other OpenSSL sub-libraries
(including the RSA library) are based on BN, this can cause failures when
doing certificate verification and performing other SSL functions. These BN
bugs are already fixed for OpenSSL 0.9.2. But for OpenSSL 0.9.1c the easiest
workaround to fix the subtle problems is to apply the above patch which mainly
disables the broken Montgomery multiplication algorithm inside BN."
OpenSSL is a successor of SSLeay (see http://www.openssl.org/).
This port uses almost the same files as SSLeay. So they can't be
installed both.
- make the port ${PREFIX} clean
- reorganize PLIST (list links as normal files, which makes the PLIST
shorter and easier to maintain)
- reference ${PREFIX}/etc/ssleay.cnf only (there was a reference to
${PREFIX}/lib/ssleay.cnf somewhere)
- some other minor portlint changes
This implementation has been built with Our ((actually its own but in our
source tree) DES library and our MD{45}. You will need to link your SSL
code with -ldes and -lmd.
Are you happy now, Torsten? ;-)