diff options
Diffstat (limited to '')
40 files changed, 1045 insertions, 1049 deletions
diff --git a/security/openssl-oqsprovider/Makefile b/security/openssl-oqsprovider/Makefile index 9a1378b32411..65f29c9e16e8 100644 --- a/security/openssl-oqsprovider/Makefile +++ b/security/openssl-oqsprovider/Makefile @@ -1,5 +1,5 @@ PORTNAME= oqsprovider -PORTVERSION= 0.9.0 +PORTVERSION= 0.10.0 CATEGORIES= security PKGNAMEPREFIX= openssl- diff --git a/security/openssl-oqsprovider/distinfo b/security/openssl-oqsprovider/distinfo index f6b9fd3d2966..e5e248ee3456 100644 --- a/security/openssl-oqsprovider/distinfo +++ b/security/openssl-oqsprovider/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1748797303 -SHA256 (open-quantum-safe-oqs-provider-0.9.0_GH0.tar.gz) = 8bf33d24e80d41a05a5d0102cfcea52fe679761a23c0074f129679fef5491280 -SIZE (open-quantum-safe-oqs-provider-0.9.0_GH0.tar.gz) = 233012 +TIMESTAMP = 1753863315 +SHA256 (open-quantum-safe-oqs-provider-0.10.0_GH0.tar.gz) = b6caaa8701678a5360600cff439c0eeda387d698e9cc432ac05d2c253029776c +SIZE (open-quantum-safe-oqs-provider-0.10.0_GH0.tar.gz) = 229013 diff --git a/security/openssl/Makefile b/security/openssl/Makefile index 863590936744..0c43cf9a6808 100644 --- a/security/openssl/Makefile +++ b/security/openssl/Makefile @@ -1,5 +1,5 @@ PORTNAME= openssl -PORTVERSION= 3.0.16 +PORTVERSION= 3.0.17 PORTEPOCH= 1 CATEGORIES= security devel MASTER_SITES= https://github.com/openssl/openssl/releases/download/${DISTNAME}/ diff --git a/security/openssl/distinfo b/security/openssl/distinfo index a995eee15899..110c105d736f 100644 --- a/security/openssl/distinfo +++ b/security/openssl/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1739293708 -SHA256 (openssl-3.0.16.tar.gz) = 57e03c50feab5d31b152af2b764f10379aecd8ee92f16c985983ce4a99f7ef86 -SIZE (openssl-3.0.16.tar.gz) = 15334967 +TIMESTAMP = 1751448128 +SHA256 (openssl-3.0.17.tar.gz) = dfdd77e4ea1b57ff3a6dbde6b0bdc3f31db5ac99e7fdd4eaf9e1fbb6ec2db8ce +SIZE (openssl-3.0.17.tar.gz) = 15344831 diff --git a/security/openssl31-quictls/Makefile b/security/openssl31-quictls/Makefile deleted file mode 100644 index 68804cb00ff3..000000000000 --- a/security/openssl31-quictls/Makefile +++ /dev/null @@ -1,192 +0,0 @@ -PORTNAME= openssl -DISTVERSIONPREFIX= ${PORTNAME}- -PORTVERSION= 3.1.7 -PORTREVISION= 1 -DISTVERSIONSUFFIX= -quic1 -CATEGORIES= security devel -PKGNAMESUFFIX= 31-quictls - -MAINTAINER= brnrd@FreeBSD.org -COMMENT= QUIC capable fork of OpenSSL -WWW= https://www.github.com/quictls/openssl - -LICENSE= APACHE20 -LICENSE_FILE= ${WRKSRC}/LICENSE.txt - -CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3* openssl-quictls - -BROKEN_i386= ld: error: undefined symbol: __atomic_is_lock_free - -HAS_CONFIGURE= yes -CONFIGURE_SCRIPT= config -CONFIGURE_ENV= PERL="${PERL}" -CONFIGURE_ARGS= --openssldir=${OPENSSLDIR} \ - --prefix=${PREFIX} - -USES= cpe perl5 -USE_PERL5= build -USE_GITHUB= yes -GH_ACCOUNT= ${PKGNAMESUFFIX:C/.*-//} - -TEST_TARGET= test - -LDFLAGS_i386= -Wl,-znotext - -MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive CNF_LDFLAGS="${LDFLAGS}" -MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS= - -EXTRA_PATCHES+= ${.CURDIR}/../openssl/files/patch-crypto_async_arch_async__posix.h - -OPTIONS_GROUP= CIPHERS HASHES MODULES OPTIMIZE PROTOCOLS -OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM4 RC2 RC4 RC5 WEAK-SSL-CIPHERS -OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160 SM2 SM3 -OPTIONS_GROUP_OPTIMIZE= ASM SSE2 THREADS -OPTIONS_GROUP_MODULES= FIPS LEGACY -OPTIONS_DEFINE_i386= I386 -OPTIONS_GROUP_PROTOCOLS=NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1 TLS1_2 - -OPTIONS_DEFINE= ASYNC CT KTLS MAN3 RFC3779 SHARED ZLIB - -OPTIONS_DEFAULT=ASM ASYNC CT DES EC FIPS GOST KTLS MAN3 MD4 NEXTPROTONEG \ - RC2 RC4 RMD160 SCTP SHARED SSE2 THREADS TLS1 TLS1_1 TLS1_2 - -OPTIONS_EXCLUDE_i386= FIPS - -OPTIONS_GROUP_OPTIMIZE_amd64= EC - -.if ${MACHINE_ARCH} == "amd64" -OPTIONS_GROUP_OPTIMIZE+= EC -.elif ${MACHINE_ARCH} == "mips64el" -OPTIONS_GROUP_OPTIMIZE+= EC -.endif - -OPTIONS_SUB= yes - -ARIA_DESC= ARIA (South Korean standard) -ASM_DESC= Assembler code -ASYNC_DESC= Asynchronous mode -CIPHERS_DESC= Block Cipher Support -CT_DESC= Certificate Transparency Support -DES_DESC= (Triple) Data Encryption Standard -EC_DESC= Optimize NIST elliptic curves -FIPS_DESC= Build FIPS provider (Note: NOT yet FIPS validated) -GOST_DESC= GOST (Russian standard) -HASHES_DESC= Hash Function Support -I386_DESC= i386 (instead of i486+) -IDEA_DESC= International Data Encryption Algorithm -KTLS_DESC= Use in-kernel TLS -LEGACY_DESC= Older algorithms -MAN3_DESC= Install API manpages (section 3, 7) -MD2_DESC= MD2 (obsolete) (requires LEGACY) -MD4_DESC= MD4 (unsafe) -MDC2_DESC= MDC-2 (patented, requires DES) -MODULES_DESC= Provider modules -NEXTPROTONEG_DESC= Next Protocol Negotiation (SPDY) -OPTIMIZE_DESC= Optimizations -PROTOCOLS_DESC= Protocol Support -RC2_DESC= RC2 (unsafe) -RC4_DESC= RC4 (unsafe) -RC5_DESC= RC5 (patented) -RMD160_DESC= RIPEMD-160 -RFC3779_DESC= RFC3779 support (BGP) -SCTP_DESC= SCTP (Stream Control Transmission) -SHARED_DESC= Build shared libraries -SM2_DESC= SM2 Elliptic Curve DH (Chinese standard) -SM3_DESC= SM3 256bit (Chinese standard) -SM4_DESC= SM4 128bit (Chinese standard) -SSE2_DESC= Runtime SSE2 detection -SSL3_DESC= SSLv3 (unsafe) -TLS1_DESC= TLSv1.0 (requires TLS1_1, TLS1_2) -TLS1_1_DESC= TLSv1.1 (requires TLS1_2) -TLS1_2_DESC= TLSv1.2 -WEAK-SSL-CIPHERS_DESC= Weak cipher support (unsafe) - -# Upstream default disabled options -.for _option in fips md2 ktls rc5 sctp ssl3 weak-ssl-ciphers zlib -${_option:tu}_CONFIGURE_ON= enable-${_option} -.endfor - -# Upstream default enabled options -.for _option in aria asm async ct des gost idea md4 mdc2 legacy \ - nextprotoneg rc2 rc4 rfc3779 rmd160 shared sm2 sm3 sm4 sse2 \ - threads tls1 tls1_1 tls1_2 -${_option:tu}_CONFIGURE_OFF= no-${_option} -.endfor - -MD2_IMPLIES= LEGACY -MDC2_IMPLIES= DES -TLS1_IMPLIES= TLS1_1 -TLS1_1_IMPLIES= TLS1_2 - -EC_CONFIGURE_ON= enable-ec_nistp_64_gcc_128 -FIPS_VARS= shlibs+=lib/ossl-modules/fips.so -I386_CONFIGURE_ON= 386 -LEGACY_VARS= shlibs+=lib/ossl-modules/legacy.so -MAN3_EXTRA_PATCHES_OFF= ${FILESDIR}/extra-patch-util_find-doc-nits -SHARED_MAKE_ENV= SHLIBVER=${OPENSSL_SHLIBVER} -SHARED_PLIST_SUB= SHLIBVER=${OPENSSL_SHLIBVER} -SHARED_USE= ldconfig=yes -SHARED_VARS= shlibs+="lib/libcrypto.so.${OPENSSL_SHLIBVER} \ - lib/libssl.so.${OPENSSL_SHLIBVER} \ - lib/engines-${OPENSSL_SHLIBVER}/capi.so \ - lib/engines-${OPENSSL_SHLIBVER}/devcrypto.so \ - lib/engines-${OPENSSL_SHLIBVER}/padlock.so" -SSL3_CONFIGURE_ON+= enable-ssl3-method -ZLIB_CONFIGURE_ON= zlib-dynamic - -SHLIBS= lib/engines-${OPENSSL_SHLIBVER}/loader_attic.so - -PORTSCOUT= limit:^${DISTVERSION:R:S/./\./g}\. - -.include <bsd.port.options.mk> - -.if ${ARCH} == powerpc64 -CONFIGURE_ARGS+= BSD-ppc64 -.elif ${ARCH} == powerpc64le -CONFIGURE_ARGS+= BSD-ppc64le -.elif ${ARCH} == riscv64 -CONFIGURE_ARGS+= BSD-riscv64 -.endif - -.include <bsd.port.pre.mk> -.if ${PREFIX} == /usr -IGNORE= the OpenSSL port can not be installed over the base version -.endif - -OPENSSLDIR?= ${PREFIX}/openssl -PLIST_SUB+= OPENSSLDIR=${OPENSSLDIR:S=^${PREFIX}/==} - -.include "version.mk" - -post-patch: - ${REINPLACE_CMD} -Ee 's|^MANDIR=.*$$|MANDIR=$$(INSTALLTOP)/share/man|' \ - -e 's|^(build\|install)_docs: .*|\1_docs: \1_man_docs|' \ - ${WRKSRC}/Configurations/unix-Makefile.tmpl - ${REINPLACE_CMD} 's|SHLIB_VERSION=81.3|SHLIB_VERSION=${OPENSSL_SHLIBVER}|' \ - ${WRKSRC}/VERSION.dat - -post-configure: - ( cd ${WRKSRC} ; ${PERL} configdata.pm --dump ) - -post-configure-MAN3-off: - ${REINPLACE_CMD} \ - -e 's|^build_man_docs:.*|build_man_docs: $$(MANDOCS1) $$(MANDOCS5)|' \ - -e 's|dummy $$(MANDOCS[37]); do |dummy; do |' \ - ${WRKSRC}/Makefile - -post-install-SHARED-on: -.for i in ${SHLIBS} - -@${STRIP_CMD} ${STAGEDIR}${PREFIX}/$i -.endfor - -post-install-SHARED-off: - ${RMDIR} ${STAGEDIR}${PREFIX}/lib/engines-${OPENSSL_SHLIBVER} - -post-install: - ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/openssl - -post-install-MAN3-on: - ( cd ${STAGEDIR}/${PREFIX} ; find share/man/man3 -not -type d ; \ - find share/man/man7 -not -type d ) | sed 's/$$/.gz/' >> ${TMPPLIST} - -.include <bsd.port.post.mk> diff --git a/security/openssl31-quictls/distinfo b/security/openssl31-quictls/distinfo deleted file mode 100644 index 8d0bb64bf68f..000000000000 --- a/security/openssl31-quictls/distinfo +++ /dev/null @@ -1,3 +0,0 @@ -TIMESTAMP = 1725707938 -SHA256 (quictls-openssl-openssl-3.1.7-quic1_GH0.tar.gz) = e7e514ea033c290f09c7250dd43a845bc1e08066b793274f3ad3fe04c76a5206 -SIZE (quictls-openssl-openssl-3.1.7-quic1_GH0.tar.gz) = 15852595 diff --git a/security/openssl31-quictls/pkg-plist b/security/openssl31-quictls/pkg-plist deleted file mode 100644 index 8258642b4355..000000000000 --- a/security/openssl31-quictls/pkg-plist +++ /dev/null @@ -1,276 +0,0 @@ -bin/c_rehash -bin/openssl -include/openssl/aes.h -include/openssl/asn1.h -include/openssl/asn1_mac.h -include/openssl/asn1err.h -include/openssl/asn1t.h -include/openssl/async.h -include/openssl/asyncerr.h -include/openssl/bio.h -include/openssl/bioerr.h -include/openssl/blowfish.h -include/openssl/bn.h -include/openssl/bnerr.h -include/openssl/buffer.h -include/openssl/buffererr.h -include/openssl/camellia.h -include/openssl/cast.h -include/openssl/cmac.h -include/openssl/cmp.h -include/openssl/cmp_util.h -include/openssl/cmperr.h -include/openssl/cms.h -include/openssl/cmserr.h -include/openssl/comp.h -include/openssl/comperr.h -include/openssl/conf.h -include/openssl/conf_api.h -include/openssl/conferr.h -include/openssl/configuration.h -include/openssl/conftypes.h -include/openssl/core.h -include/openssl/core_dispatch.h -include/openssl/core_names.h -include/openssl/core_object.h -include/openssl/crmf.h -include/openssl/crmferr.h -include/openssl/crypto.h -include/openssl/cryptoerr.h -include/openssl/cryptoerr_legacy.h -include/openssl/ct.h -include/openssl/cterr.h -include/openssl/decoder.h -include/openssl/decodererr.h -include/openssl/des.h -include/openssl/dh.h -include/openssl/dherr.h -include/openssl/dsa.h -include/openssl/dsaerr.h -include/openssl/dtls1.h -include/openssl/e_os2.h -include/openssl/ebcdic.h -include/openssl/ec.h -include/openssl/ecdh.h -include/openssl/ecdsa.h -include/openssl/ecerr.h -include/openssl/encoder.h -include/openssl/encodererr.h -include/openssl/engine.h -include/openssl/engineerr.h -include/openssl/err.h -include/openssl/ess.h -include/openssl/esserr.h -include/openssl/evp.h -include/openssl/evperr.h -include/openssl/fips_names.h -include/openssl/fipskey.h -include/openssl/hmac.h -include/openssl/http.h -include/openssl/httperr.h -include/openssl/idea.h -include/openssl/kdf.h -include/openssl/kdferr.h -include/openssl/lhash.h -include/openssl/macros.h -include/openssl/md2.h -include/openssl/md4.h -include/openssl/md5.h -include/openssl/mdc2.h -include/openssl/modes.h -include/openssl/obj_mac.h -include/openssl/objects.h -include/openssl/objectserr.h -include/openssl/ocsp.h -include/openssl/ocsperr.h -include/openssl/opensslconf.h -include/openssl/opensslv.h -include/openssl/ossl_typ.h -include/openssl/param_build.h -include/openssl/params.h -include/openssl/pem.h -include/openssl/pem2.h -include/openssl/pemerr.h -include/openssl/pkcs12.h -include/openssl/pkcs12err.h -include/openssl/pkcs7.h -include/openssl/pkcs7err.h -include/openssl/prov_ssl.h -include/openssl/proverr.h -include/openssl/provider.h -include/openssl/quic.h -include/openssl/rand.h -include/openssl/randerr.h -include/openssl/rc2.h -include/openssl/rc4.h -include/openssl/rc5.h -include/openssl/ripemd.h -include/openssl/rsa.h -include/openssl/rsaerr.h -include/openssl/safestack.h -include/openssl/seed.h -include/openssl/self_test.h -include/openssl/sha.h -include/openssl/srp.h -include/openssl/srtp.h -include/openssl/ssl.h -include/openssl/ssl2.h -include/openssl/ssl3.h -include/openssl/sslerr.h -include/openssl/sslerr_legacy.h -include/openssl/stack.h -include/openssl/store.h -include/openssl/storeerr.h -include/openssl/symhacks.h -include/openssl/tls1.h -include/openssl/trace.h -include/openssl/ts.h -include/openssl/tserr.h -include/openssl/txt_db.h -include/openssl/types.h -include/openssl/ui.h -include/openssl/uierr.h -include/openssl/whrlpool.h -include/openssl/x509.h -include/openssl/x509_vfy.h -include/openssl/x509err.h -include/openssl/x509v3.h -include/openssl/x509v3err.h -%%SHARED%%lib/engines-%%SHLIBVER%%/capi.so -%%SHARED%%lib/engines-%%SHLIBVER%%/devcrypto.so -%%SHARED%%lib/engines-%%SHLIBVER%%/loader_attic.so -%%SHARED%%lib/engines-%%SHLIBVER%%/padlock.so -lib/libcrypto.a -%%SHARED%%lib/libcrypto.so -%%SHARED%%lib/libcrypto.so.%%SHLIBVER%% -lib/libssl.a -%%SHARED%%lib/libssl.so -%%SHARED%%lib/libssl.so.%%SHLIBVER%% -%%FIPS%%%%SHARED%%lib/ossl-modules/fips.so -%%LEGACY%%%%SHARED%%lib/ossl-modules/legacy.so -libdata/pkgconfig/libcrypto.pc -libdata/pkgconfig/libssl.pc -libdata/pkgconfig/openssl.pc -share/man/man1/CA.pl.1ossl.gz -share/man/man1/asn1parse.1ossl.gz -share/man/man1/c_rehash.1ossl.gz -share/man/man1/ca.1ossl.gz -share/man/man1/ciphers.1ossl.gz -share/man/man1/cms.1ossl.gz -share/man/man1/cmp.1ossl.gz -share/man/man1/crl.1ossl.gz -share/man/man1/crl2pkcs7.1ossl.gz -share/man/man1/dgst.1ossl.gz -share/man/man1/dhparam.1ossl.gz -share/man/man1/dsa.1ossl.gz -share/man/man1/dsaparam.1ossl.gz -share/man/man1/ec.1ossl.gz -share/man/man1/ecparam.1ossl.gz -share/man/man1/enc.1ossl.gz -share/man/man1/engine.1ossl.gz -share/man/man1/errstr.1ossl.gz -share/man/man1/gendsa.1ossl.gz -share/man/man1/genpkey.1ossl.gz -share/man/man1/genrsa.1ossl.gz -share/man/man1/info.1ossl.gz -share/man/man1/kdf.1ossl.gz -share/man/man1/mac.1ossl.gz -share/man/man1/nseq.1ossl.gz -share/man/man1/ocsp.1ossl.gz -share/man/man1/openssl-asn1parse.1ossl.gz -share/man/man1/openssl-ca.1ossl.gz -share/man/man1/openssl-ciphers.1ossl.gz -share/man/man1/openssl-cmds.1ossl.gz -share/man/man1/openssl-cmp.1ossl.gz -share/man/man1/openssl-cms.1ossl.gz -share/man/man1/openssl-crl.1ossl.gz -share/man/man1/openssl-crl2pkcs7.1ossl.gz -share/man/man1/openssl-dgst.1ossl.gz -share/man/man1/openssl-dhparam.1ossl.gz -share/man/man1/openssl-dsa.1ossl.gz -share/man/man1/openssl-dsaparam.1ossl.gz -share/man/man1/openssl-ec.1ossl.gz -share/man/man1/openssl-ecparam.1ossl.gz -share/man/man1/openssl-enc.1ossl.gz -share/man/man1/openssl-engine.1ossl.gz -share/man/man1/openssl-errstr.1ossl.gz -share/man/man1/openssl-fipsinstall.1ossl.gz -share/man/man1/openssl-format-options.1ossl.gz -share/man/man1/openssl-gendsa.1ossl.gz -share/man/man1/openssl-genpkey.1ossl.gz -share/man/man1/openssl-genrsa.1ossl.gz -share/man/man1/openssl-info.1ossl.gz -share/man/man1/openssl-kdf.1ossl.gz -share/man/man1/openssl-list.1ossl.gz -share/man/man1/openssl-mac.1ossl.gz -share/man/man1/openssl-namedisplay-options.1ossl.gz -share/man/man1/openssl-nseq.1ossl.gz -share/man/man1/openssl-ocsp.1ossl.gz -share/man/man1/openssl-passphrase-options.1ossl.gz -share/man/man1/openssl-passwd.1ossl.gz -share/man/man1/openssl-pkcs12.1ossl.gz -share/man/man1/openssl-pkcs7.1ossl.gz -share/man/man1/openssl-pkcs8.1ossl.gz -share/man/man1/openssl-pkey.1ossl.gz -share/man/man1/openssl-pkeyparam.1ossl.gz -share/man/man1/openssl-pkeyutl.1ossl.gz -share/man/man1/openssl-prime.1ossl.gz -share/man/man1/openssl-rand.1ossl.gz -share/man/man1/openssl-rehash.1ossl.gz -share/man/man1/openssl-req.1ossl.gz -share/man/man1/openssl-rsa.1ossl.gz -share/man/man1/openssl-rsautl.1ossl.gz -share/man/man1/openssl-s_client.1ossl.gz -share/man/man1/openssl-s_server.1ossl.gz -share/man/man1/openssl-s_time.1ossl.gz -share/man/man1/openssl-sess_id.1ossl.gz -share/man/man1/openssl-smime.1ossl.gz -share/man/man1/openssl-speed.1ossl.gz -share/man/man1/openssl-spkac.1ossl.gz -share/man/man1/openssl-srp.1ossl.gz -share/man/man1/openssl-storeutl.1ossl.gz -share/man/man1/openssl-ts.1ossl.gz -share/man/man1/openssl-verification-options.1ossl.gz -share/man/man1/openssl-verify.1ossl.gz -share/man/man1/openssl-version.1ossl.gz -share/man/man1/openssl-x509.1ossl.gz -share/man/man1/openssl.1ossl.gz -share/man/man1/passwd.1ossl.gz -share/man/man1/pkcs12.1ossl.gz -share/man/man1/pkcs7.1ossl.gz -share/man/man1/pkcs8.1ossl.gz -share/man/man1/pkey.1ossl.gz -share/man/man1/pkeyparam.1ossl.gz -share/man/man1/pkeyutl.1ossl.gz -share/man/man1/prime.1ossl.gz -share/man/man1/rand.1ossl.gz -share/man/man1/rehash.1ossl.gz -share/man/man1/req.1ossl.gz -share/man/man1/rsa.1ossl.gz -share/man/man1/rsautl.1ossl.gz -share/man/man1/s_client.1ossl.gz -share/man/man1/s_server.1ossl.gz -share/man/man1/s_time.1ossl.gz -share/man/man1/sess_id.1ossl.gz -share/man/man1/smime.1ossl.gz -share/man/man1/speed.1ossl.gz -share/man/man1/spkac.1ossl.gz -share/man/man1/srp.1ossl.gz -share/man/man1/storeutl.1ossl.gz -share/man/man1/ts.1ossl.gz -share/man/man1/tsget.1ossl.gz -share/man/man1/verify.1ossl.gz -share/man/man1/version.1ossl.gz -share/man/man1/x509.1ossl.gz -share/man/man5/config.5ossl.gz -share/man/man5/fips_config.5ossl.gz -share/man/man5/x509v3_config.5ossl.gz -%%OPENSSLDIR%%/misc/CA.pl -@comment %%OPENSSLDIR%%/misc/tsget.pl -%%OPENSSLDIR%%/misc/tsget -@sample %%OPENSSLDIR%%/ct_log_list.cnf.dist %%OPENSSLDIR%%/ct_log_list.cnf -%%FIPS%%%%OPENSSLDIR%%/fipsmodule.cnf -@sample %%OPENSSLDIR%%/openssl.cnf.dist %%OPENSSLDIR%%/openssl.cnf -@dir lib/ossl-modules -@dir %%OPENSSLDIR%%/private -@dir %%OPENSSLDIR%%/certs diff --git a/security/openssl31-quictls/version.mk b/security/openssl31-quictls/version.mk deleted file mode 100644 index 54915616c6b6..000000000000 --- a/security/openssl31-quictls/version.mk +++ /dev/null @@ -1 +0,0 @@ -OPENSSL_SHLIBVER?= 13 diff --git a/security/openssl31/Makefile b/security/openssl31/Makefile deleted file mode 100644 index 3f98568e46a7..000000000000 --- a/security/openssl31/Makefile +++ /dev/null @@ -1,185 +0,0 @@ -PORTNAME= openssl -PORTVERSION= 3.1.8 -CATEGORIES= security devel -PKGNAMESUFFIX= 31 -MASTER_SITES= https://github.com/openssl/openssl/releases/download/${DISTNAME}/ - -MAINTAINER= brnrd@FreeBSD.org -COMMENT= TLSv1.3 capable SSL and crypto library -WWW= https://www.openssl.org/ - -LICENSE= APACHE20 -LICENSE_FILE= ${WRKSRC}/LICENSE.txt - -#EXPIRATION_DATE= 2025-03-14 - -CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3[2345] openssl*-quictls - -HAS_CONFIGURE= yes -CONFIGURE_SCRIPT= config -CONFIGURE_ENV= PERL="${PERL}" -CONFIGURE_ARGS= --openssldir=${OPENSSLDIR} \ - --prefix=${PREFIX} - -USES= cpe perl5 -USE_PERL5= build -TEST_TARGET= test - -LDFLAGS_i386= -Wl,-znotext - -MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive CNF_LDFLAGS="${LDFLAGS}" -MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS= - -EXTRA_PATCHES+= ${.CURDIR}/../openssl/files/patch-crypto_async_arch_async__posix.h - -OPTIONS_GROUP= CIPHERS HASHES MODULES OPTIMIZE PROTOCOLS -OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM4 RC2 RC4 RC5 WEAK-SSL-CIPHERS -OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160 SM2 SM3 -OPTIONS_GROUP_OPTIMIZE= ASM SSE2 THREADS -OPTIONS_GROUP_MODULES= FIPS LEGACY -OPTIONS_DEFINE_i386= I386 -OPTIONS_GROUP_PROTOCOLS=NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1 TLS1_2 - -OPTIONS_DEFINE= ASYNC CT KTLS MAN3 RFC3779 SHARED ZLIB - -OPTIONS_DEFAULT=ASM ASYNC CT DES EC FIPS GOST KTLS MAN3 MD4 NEXTPROTONEG \ - RFC3779 RC2 RC4 RMD160 SCTP SHARED SSE2 THREADS TLS1 TLS1_1 TLS1_2 - -OPTIONS_GROUP_OPTIMIZE_amd64= EC - -.if ${MACHINE_ARCH} == "amd64" -OPTIONS_GROUP_OPTIMIZE+= EC -.elif ${MACHINE_ARCH} == "mips64el" -OPTIONS_GROUP_OPTIMIZE+= EC -.endif - -OPTIONS_SUB= yes - -ARIA_DESC= ARIA (South Korean standard) -ASM_DESC= Assembler code -ASYNC_DESC= Asynchronous mode -CIPHERS_DESC= Block Cipher Support -CT_DESC= Certificate Transparency Support -DES_DESC= (Triple) Data Encryption Standard -EC_DESC= Optimize NIST elliptic curves -FIPS_DESC= Build FIPS provider -GOST_DESC= GOST (Russian standard) -HASHES_DESC= Hash Function Support -I386_DESC= i386 (instead of i486+) -IDEA_DESC= International Data Encryption Algorithm -KTLS_DESC= Use in-kernel TLS (FreeBSD >13) -LEGACY_DESC= Older algorithms -MAN3_DESC= Install API manpages (section 3, 7) -MD2_DESC= MD2 (obsolete) (requires LEGACY) -MD4_DESC= MD4 (unsafe) -MDC2_DESC= MDC-2 (patented, requires DES) -MODULES_DESC= Provider modules -NEXTPROTONEG_DESC= Next Protocol Negotiation (SPDY) -OPTIMIZE_DESC= Optimizations -PROTOCOLS_DESC= Protocol Support -RC2_DESC= RC2 (unsafe) -RC4_DESC= RC4 (unsafe) -RC5_DESC= RC5 (patented) -RMD160_DESC= RIPEMD-160 -RFC3779_DESC= RFC3779 support (BGP) -SCTP_DESC= SCTP (Stream Control Transmission) -SHARED_DESC= Build shared libraries -SM2_DESC= SM2 Elliptic Curve DH (Chinese standard) -SM3_DESC= SM3 256bit (Chinese standard) -SM4_DESC= SM4 128bit (Chinese standard) -SSE2_DESC= Runtime SSE2 detection -SSL3_DESC= SSLv3 (unsafe) -TLS1_DESC= TLSv1.0 (requires TLS1_1, TLS1_2) -TLS1_1_DESC= TLSv1.1 (requires TLS1_2) -TLS1_2_DESC= TLSv1.2 -WEAK-SSL-CIPHERS_DESC= Weak cipher support (unsafe) - -# Upstream default disabled options -.for _option in fips md2 ktls rc5 sctp ssl3 weak-ssl-ciphers zlib -${_option:tu}_CONFIGURE_ON= enable-${_option} -.endfor - -# Upstream default enabled options -.for _option in aria asm async ct des gost idea md4 mdc2 legacy \ - nextprotoneg rc2 rc4 rfc3779 rmd160 shared sm2 sm3 sm4 sse2 \ - threads tls1 tls1_1 tls1_2 -${_option:tu}_CONFIGURE_OFF= no-${_option} -.endfor - -MD2_IMPLIES= LEGACY -MDC2_IMPLIES= DES -TLS1_IMPLIES= TLS1_1 -TLS1_1_IMPLIES= TLS1_2 - -EC_CONFIGURE_ON= enable-ec_nistp_64_gcc_128 -FIPS_VARS= shlibs+=lib/ossl-modules/fips.so -I386_CONFIGURE_ON= 386 -KTLS_EXTRA_PATCHES= ${FILESDIR}/extra-patch-ktls -LEGACY_VARS= shlibs+=lib/ossl-modules/legacy.so -MAN3_EXTRA_PATCHES_OFF= ${FILESDIR}/extra-patch-util_find-doc-nits -SHARED_MAKE_ENV= SHLIBVER=${OPENSSL_SHLIBVER} -SHARED_PLIST_SUB= SHLIBVER=${OPENSSL_SHLIBVER} -SHARED_USE= ldconfig=yes -SHARED_VARS= shlibs+="lib/libcrypto.so.${OPENSSL_SHLIBVER} \ - lib/libssl.so.${OPENSSL_SHLIBVER} \ - lib/engines-${OPENSSL_SHLIBVER}/capi.so \ - lib/engines-${OPENSSL_SHLIBVER}/devcrypto.so \ - lib/engines-${OPENSSL_SHLIBVER}/padlock.so" -SSL3_CONFIGURE_ON+= enable-ssl3-method -ZLIB_CONFIGURE_ON= zlib-dynamic - -SHLIBS= lib/engines-${OPENSSL_SHLIBVER}/loader_attic.so - -PORTSCOUT= limit:^${DISTVERSION:R:S/./\./g}\. - -.include <bsd.port.options.mk> - -.if ${ARCH} == powerpc64 -CONFIGURE_ARGS+= BSD-ppc64 -.elif ${ARCH} == powerpc64le -CONFIGURE_ARGS+= BSD-ppc64le -.elif ${ARCH} == riscv64 -CONFIGURE_ARGS+= BSD-riscv64 -.endif - -.include <bsd.port.pre.mk> -.if ${PREFIX} == /usr -IGNORE= the OpenSSL port can not be installed over the base version -.endif - -OPENSSLDIR?= ${PREFIX}/openssl -PLIST_SUB+= OPENSSLDIR=${OPENSSLDIR:S=^${PREFIX}/==} - -.include "version.mk" - -post-patch: - ${REINPLACE_CMD} -Ee 's|^(build\|install)_docs: .*|\1_docs: \1_man_docs|' \ - ${WRKSRC}/Configurations/unix-Makefile.tmpl - ${REINPLACE_CMD} 's|SHLIB_VERSION=3|SHLIB_VERSION=${OPENSSL_SHLIBVER}|' \ - ${WRKSRC}/VERSION.dat - -post-configure: - ( cd ${WRKSRC} ; ${PERL} configdata.pm --dump ) - -post-configure-MAN3-off: - ${REINPLACE_CMD} \ - -e 's|^build_man_docs:.*|build_man_docs: $$(MANDOCS1) $$(MANDOCS5)|' \ - -e 's|dummy $$(MANDOCS[37]); do |dummy; do |' \ - ${WRKSRC}/Makefile - -post-install-SHARED-on: -.for i in ${SHLIBS} - -@${STRIP_CMD} ${STAGEDIR}${PREFIX}/$i -.endfor - -post-install-SHARED-off: - ${RMDIR} ${STAGEDIR}${PREFIX}/lib/engines-12 - -post-install: - ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/openssl - -post-install-MAN3-on: - ( cd ${STAGEDIR}/${PREFIX} ; find share/man/man3 -not -type d ; \ - find share/man/man7 -not -type d ) | sed 's/$$/.gz/' >> ${TMPPLIST} - -.include <bsd.port.post.mk> diff --git a/security/openssl31/distinfo b/security/openssl31/distinfo deleted file mode 100644 index 9d4d4e4c08ea..000000000000 --- a/security/openssl31/distinfo +++ /dev/null @@ -1,3 +0,0 @@ -TIMESTAMP = 1739293895 -SHA256 (openssl-3.1.8.tar.gz) = d319da6aecde3aa6f426b44bbf997406d95275c5c59ab6f6ef53caaa079f456f -SIZE (openssl-3.1.8.tar.gz) = 15706439 diff --git a/security/openssl31/files/extra-patch-util_find-doc-nits b/security/openssl31/files/extra-patch-util_find-doc-nits deleted file mode 100644 index df3d58f0c5cc..000000000000 --- a/security/openssl31/files/extra-patch-util_find-doc-nits +++ /dev/null @@ -1,20 +0,0 @@ ---- util/find-doc-nits.orig 2021-09-07 11:46:32 UTC -+++ util/find-doc-nits -@@ -80,7 +80,7 @@ my $temp = '/tmp/docnits.txt'; - my $OUT; - my $status = 0; - --$opt_m = "man1,man3,man5,man7" unless $opt_m; -+$opt_m = "man1,man5" unless $opt_m; - die "Argument of -m option may contain only man1, man3, man5, and/or man7" - unless $opt_m =~ /^(man[1357][, ]?)*$/; - my @sections = ( split /[, ]/, $opt_m ); -@@ -721,7 +721,7 @@ sub check { - next if $target eq ''; # Skip if links within page, or - next if $target =~ /::/; # links to a Perl module, or - next if $target =~ /^https?:/; # is a URL link, or -- next if $target =~ /\([1357]\)$/; # it has a section -+ next if $target =~ /\([15]\)$/; # it has a section - err($id, "Section missing in $target") - } - # Check for proper links to commands. diff --git a/security/openssl31/pkg-plist b/security/openssl31/pkg-plist deleted file mode 100644 index 37d4816c9993..000000000000 --- a/security/openssl31/pkg-plist +++ /dev/null @@ -1,275 +0,0 @@ -bin/c_rehash -bin/openssl -include/openssl/aes.h -include/openssl/asn1.h -include/openssl/asn1_mac.h -include/openssl/asn1err.h -include/openssl/asn1t.h -include/openssl/async.h -include/openssl/asyncerr.h -include/openssl/bio.h -include/openssl/bioerr.h -include/openssl/blowfish.h -include/openssl/bn.h -include/openssl/bnerr.h -include/openssl/buffer.h -include/openssl/buffererr.h -include/openssl/camellia.h -include/openssl/cast.h -include/openssl/cmac.h -include/openssl/cmp.h -include/openssl/cmp_util.h -include/openssl/cmperr.h -include/openssl/cms.h -include/openssl/cmserr.h -include/openssl/comp.h -include/openssl/comperr.h -include/openssl/conf.h -include/openssl/conf_api.h -include/openssl/conferr.h -include/openssl/configuration.h -include/openssl/conftypes.h -include/openssl/core.h -include/openssl/core_dispatch.h -include/openssl/core_names.h -include/openssl/core_object.h -include/openssl/crmf.h -include/openssl/crmferr.h -include/openssl/crypto.h -include/openssl/cryptoerr.h -include/openssl/cryptoerr_legacy.h -include/openssl/ct.h -include/openssl/cterr.h -include/openssl/decoder.h -include/openssl/decodererr.h -include/openssl/des.h -include/openssl/dh.h -include/openssl/dherr.h -include/openssl/dsa.h -include/openssl/dsaerr.h -include/openssl/dtls1.h -include/openssl/e_os2.h -include/openssl/ebcdic.h -include/openssl/ec.h -include/openssl/ecdh.h -include/openssl/ecdsa.h -include/openssl/ecerr.h -include/openssl/encoder.h -include/openssl/encodererr.h -include/openssl/engine.h -include/openssl/engineerr.h -include/openssl/err.h -include/openssl/ess.h -include/openssl/esserr.h -include/openssl/evp.h -include/openssl/evperr.h -include/openssl/fips_names.h -include/openssl/fipskey.h -include/openssl/hmac.h -include/openssl/http.h -include/openssl/httperr.h -include/openssl/idea.h -include/openssl/kdf.h -include/openssl/kdferr.h -include/openssl/lhash.h -include/openssl/macros.h -include/openssl/md2.h -include/openssl/md4.h -include/openssl/md5.h -include/openssl/mdc2.h -include/openssl/modes.h -include/openssl/obj_mac.h -include/openssl/objects.h -include/openssl/objectserr.h -include/openssl/ocsp.h -include/openssl/ocsperr.h -include/openssl/opensslconf.h -include/openssl/opensslv.h -include/openssl/ossl_typ.h -include/openssl/param_build.h -include/openssl/params.h -include/openssl/pem.h -include/openssl/pem2.h -include/openssl/pemerr.h -include/openssl/pkcs12.h -include/openssl/pkcs12err.h -include/openssl/pkcs7.h -include/openssl/pkcs7err.h -include/openssl/prov_ssl.h -include/openssl/proverr.h -include/openssl/provider.h -include/openssl/rand.h -include/openssl/randerr.h -include/openssl/rc2.h -include/openssl/rc4.h -include/openssl/rc5.h -include/openssl/ripemd.h -include/openssl/rsa.h -include/openssl/rsaerr.h -include/openssl/safestack.h -include/openssl/seed.h -include/openssl/self_test.h -include/openssl/sha.h -include/openssl/srp.h -include/openssl/srtp.h -include/openssl/ssl.h -include/openssl/ssl2.h -include/openssl/ssl3.h -include/openssl/sslerr.h -include/openssl/sslerr_legacy.h -include/openssl/stack.h -include/openssl/store.h -include/openssl/storeerr.h -include/openssl/symhacks.h -include/openssl/tls1.h -include/openssl/trace.h -include/openssl/ts.h -include/openssl/tserr.h -include/openssl/txt_db.h -include/openssl/types.h -include/openssl/ui.h -include/openssl/uierr.h -include/openssl/whrlpool.h -include/openssl/x509.h -include/openssl/x509_vfy.h -include/openssl/x509err.h -include/openssl/x509v3.h -include/openssl/x509v3err.h -%%SHARED%%lib/engines-%%SHLIBVER%%/capi.so -%%SHARED%%lib/engines-%%SHLIBVER%%/devcrypto.so -%%SHARED%%lib/engines-%%SHLIBVER%%/loader_attic.so -%%SHARED%%lib/engines-%%SHLIBVER%%/padlock.so -lib/libcrypto.a -%%SHARED%%lib/libcrypto.so -%%SHARED%%lib/libcrypto.so.%%SHLIBVER%% -lib/libssl.a -%%SHARED%%lib/libssl.so -%%SHARED%%lib/libssl.so.%%SHLIBVER%% -%%FIPS%%%%SHARED%%lib/ossl-modules/fips.so -%%LEGACY%%%%SHARED%%lib/ossl-modules/legacy.so -libdata/pkgconfig/libcrypto.pc -libdata/pkgconfig/libssl.pc -libdata/pkgconfig/openssl.pc -share/man/man1/CA.pl.1ossl.gz -share/man/man1/asn1parse.1ossl.gz -share/man/man1/c_rehash.1ossl.gz -share/man/man1/ca.1ossl.gz -share/man/man1/ciphers.1ossl.gz -share/man/man1/cmp.1ossl.gz -share/man/man1/cms.1ossl.gz -share/man/man1/crl.1ossl.gz -share/man/man1/crl2pkcs7.1ossl.gz -share/man/man1/dgst.1ossl.gz -share/man/man1/dhparam.1ossl.gz -share/man/man1/dsa.1ossl.gz -share/man/man1/dsaparam.1ossl.gz -share/man/man1/ec.1ossl.gz -share/man/man1/ecparam.1ossl.gz -share/man/man1/enc.1ossl.gz -share/man/man1/engine.1ossl.gz -share/man/man1/errstr.1ossl.gz -share/man/man1/gendsa.1ossl.gz -share/man/man1/genpkey.1ossl.gz -share/man/man1/genrsa.1ossl.gz -share/man/man1/info.1ossl.gz -share/man/man1/kdf.1ossl.gz -share/man/man1/mac.1ossl.gz -share/man/man1/nseq.1ossl.gz -share/man/man1/ocsp.1ossl.gz -share/man/man1/openssl-asn1parse.1ossl.gz -share/man/man1/openssl-ca.1ossl.gz -share/man/man1/openssl-ciphers.1ossl.gz -share/man/man1/openssl-cmds.1ossl.gz -share/man/man1/openssl-cmp.1ossl.gz -share/man/man1/openssl-cms.1ossl.gz -share/man/man1/openssl-crl.1ossl.gz -share/man/man1/openssl-crl2pkcs7.1ossl.gz -share/man/man1/openssl-dgst.1ossl.gz -share/man/man1/openssl-dhparam.1ossl.gz -share/man/man1/openssl-dsa.1ossl.gz -share/man/man1/openssl-dsaparam.1ossl.gz -share/man/man1/openssl-ec.1ossl.gz -share/man/man1/openssl-ecparam.1ossl.gz -share/man/man1/openssl-enc.1ossl.gz -share/man/man1/openssl-engine.1ossl.gz -share/man/man1/openssl-errstr.1ossl.gz -share/man/man1/openssl-fipsinstall.1ossl.gz -share/man/man1/openssl-format-options.1ossl.gz -share/man/man1/openssl-gendsa.1ossl.gz -share/man/man1/openssl-genpkey.1ossl.gz -share/man/man1/openssl-genrsa.1ossl.gz -share/man/man1/openssl-info.1ossl.gz -share/man/man1/openssl-kdf.1ossl.gz -share/man/man1/openssl-list.1ossl.gz -share/man/man1/openssl-mac.1ossl.gz -share/man/man1/openssl-namedisplay-options.1ossl.gz -share/man/man1/openssl-nseq.1ossl.gz -share/man/man1/openssl-ocsp.1ossl.gz -share/man/man1/openssl-passphrase-options.1ossl.gz -share/man/man1/openssl-passwd.1ossl.gz -share/man/man1/openssl-pkcs12.1ossl.gz -share/man/man1/openssl-pkcs7.1ossl.gz -share/man/man1/openssl-pkcs8.1ossl.gz -share/man/man1/openssl-pkey.1ossl.gz -share/man/man1/openssl-pkeyparam.1ossl.gz -share/man/man1/openssl-pkeyutl.1ossl.gz -share/man/man1/openssl-prime.1ossl.gz -share/man/man1/openssl-rand.1ossl.gz -share/man/man1/openssl-rehash.1ossl.gz -share/man/man1/openssl-req.1ossl.gz -share/man/man1/openssl-rsa.1ossl.gz -share/man/man1/openssl-rsautl.1ossl.gz -share/man/man1/openssl-s_client.1ossl.gz -share/man/man1/openssl-s_server.1ossl.gz -share/man/man1/openssl-s_time.1ossl.gz -share/man/man1/openssl-sess_id.1ossl.gz -share/man/man1/openssl-smime.1ossl.gz -share/man/man1/openssl-speed.1ossl.gz -share/man/man1/openssl-spkac.1ossl.gz -share/man/man1/openssl-srp.1ossl.gz -share/man/man1/openssl-storeutl.1ossl.gz -share/man/man1/openssl-ts.1ossl.gz -share/man/man1/openssl-verification-options.1ossl.gz -share/man/man1/openssl-verify.1ossl.gz -share/man/man1/openssl-version.1ossl.gz -share/man/man1/openssl-x509.1ossl.gz -share/man/man1/openssl.1ossl.gz -share/man/man1/passwd.1ossl.gz -share/man/man1/pkcs12.1ossl.gz -share/man/man1/pkcs7.1ossl.gz -share/man/man1/pkcs8.1ossl.gz -share/man/man1/pkey.1ossl.gz -share/man/man1/pkeyparam.1ossl.gz -share/man/man1/pkeyutl.1ossl.gz -share/man/man1/prime.1ossl.gz -share/man/man1/rand.1ossl.gz -share/man/man1/rehash.1ossl.gz -share/man/man1/req.1ossl.gz -share/man/man1/rsa.1ossl.gz -share/man/man1/rsautl.1ossl.gz -share/man/man1/s_client.1ossl.gz -share/man/man1/s_server.1ossl.gz -share/man/man1/s_time.1ossl.gz -share/man/man1/sess_id.1ossl.gz -share/man/man1/smime.1ossl.gz -share/man/man1/speed.1ossl.gz -share/man/man1/spkac.1ossl.gz -share/man/man1/srp.1ossl.gz -share/man/man1/storeutl.1ossl.gz -share/man/man1/ts.1ossl.gz -share/man/man1/tsget.1ossl.gz -share/man/man1/verify.1ossl.gz -share/man/man1/version.1ossl.gz -share/man/man1/x509.1ossl.gz -share/man/man5/config.5ossl.gz -share/man/man5/fips_config.5ossl.gz -share/man/man5/x509v3_config.5ossl.gz -%%OPENSSLDIR%%/misc/CA.pl -@comment %%OPENSSLDIR%%/misc/tsget.pl -%%OPENSSLDIR%%/misc/tsget -@sample %%OPENSSLDIR%%/ct_log_list.cnf.dist %%OPENSSLDIR%%/ct_log_list.cnf -%%FIPS%%%%OPENSSLDIR%%/fipsmodule.cnf -@sample %%OPENSSLDIR%%/openssl.cnf.dist %%OPENSSLDIR%%/openssl.cnf -@dir lib/ossl-modules -@dir %%OPENSSLDIR%%/private -@dir %%OPENSSLDIR%%/certs diff --git a/security/openssl31/version.mk b/security/openssl31/version.mk deleted file mode 100644 index 54915616c6b6..000000000000 --- a/security/openssl31/version.mk +++ /dev/null @@ -1 +0,0 @@ -OPENSSL_SHLIBVER?= 13 diff --git a/security/openssl32/Makefile b/security/openssl32/Makefile index ae59b26936e6..7d7665c242e3 100644 --- a/security/openssl32/Makefile +++ b/security/openssl32/Makefile @@ -1,5 +1,5 @@ PORTNAME= openssl -PORTVERSION= 3.2.4 +PORTVERSION= 3.2.5 CATEGORIES= security devel PKGNAMESUFFIX= 32 MASTER_SITES= https://github.com/openssl/openssl/releases/download/${DISTNAME}/ @@ -11,6 +11,9 @@ WWW= https://www.openssl.org/ LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE.txt +DEPRECATED= Please use security/openssl35 (LTS) +EXPIRATION_DATE= 2025-09-30 + CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3[1345] openssl*-quictls HAS_CONFIGURE= yes diff --git a/security/openssl32/distinfo b/security/openssl32/distinfo index 24e08af5bfb9..a79020e9f3da 100644 --- a/security/openssl32/distinfo +++ b/security/openssl32/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1739293970 -SHA256 (openssl-3.2.4.tar.gz) = b23ad7fd9f73e43ad1767e636040e88ba7c9e5775bfa5618436a0dd2c17c3716 -SIZE (openssl-3.2.4.tar.gz) = 17782746 +TIMESTAMP = 1751448354 +SHA256 (openssl-3.2.5.tar.gz) = b36347d024a0f5bd09fefcd6af7a58bb30946080eb8ce8f7be78562190d09879 +SIZE (openssl-3.2.5.tar.gz) = 17800797 diff --git a/security/openssl33-quictls/Makefile b/security/openssl33-quictls/Makefile new file mode 100644 index 000000000000..4d53a2b5a87d --- /dev/null +++ b/security/openssl33-quictls/Makefile @@ -0,0 +1,190 @@ +PORTNAME= openssl +DISTVERSIONPREFIX= ${PORTNAME}- +PORTVERSION= 3.3.0 +CATEGORIES= security devel +PKGNAMESUFFIX= 33-quictls + +MAINTAINER= brnrd@FreeBSD.org +COMMENT= QUIC capable fork of OpenSSL +WWW= https://www.github.com/quictls/quictls + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE.txt + +CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3* openssl*-quictls + +BROKEN_i386= ld: error: undefined symbol: __atomic_is_lock_free + +HAS_CONFIGURE= yes +CONFIGURE_SCRIPT= config +CONFIGURE_ENV= PERL="${PERL}" +CONFIGURE_ARGS= --openssldir=${OPENSSLDIR} \ + --prefix=${PREFIX} + +USES= cpe perl5 +USE_PERL5= build +USE_GITHUB= yes +GH_ACCOUNT= quictls +GH_PROJECT= quictls + +TEST_TARGET= test + +LDFLAGS_i386= -Wl,-znotext + +MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive CNF_LDFLAGS="${LDFLAGS}" +MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS= + +EXTRA_PATCHES+= ${.CURDIR}/../openssl/files/patch-crypto_async_arch_async__posix.h + +OPTIONS_GROUP= CIPHERS HASHES MODULES OPTIMIZE PROTOCOLS +OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM4 RC2 RC4 RC5 WEAK-SSL-CIPHERS +OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160 SM2 SM3 +OPTIONS_GROUP_OPTIMIZE= ASM SSE2 THREADS +OPTIONS_GROUP_MODULES= FIPS LEGACY +OPTIONS_DEFINE_i386= I386 +OPTIONS_GROUP_PROTOCOLS=NEXTPROTONEG SCTP SSL3 TLS1 TLS1_1 TLS1_2 + +OPTIONS_DEFINE= ASYNC CT MAN3 RFC3779 SHARED ZLIB + +OPTIONS_DEFAULT=ASM ASYNC CT DES EC FIPS GOST MAN3 MD4 NEXTPROTONEG \ + RC2 RC4 RMD160 SCTP SHARED SSE2 THREADS TLS1 TLS1_1 TLS1_2 + +OPTIONS_EXCLUDE_i386= FIPS + +OPTIONS_GROUP_OPTIMIZE_amd64= EC + +.if ${MACHINE_ARCH} == "amd64" +OPTIONS_GROUP_OPTIMIZE+= EC +.elif ${MACHINE_ARCH} == "mips64el" +OPTIONS_GROUP_OPTIMIZE+= EC +.endif + +OPTIONS_SUB= yes + +ARIA_DESC= ARIA (South Korean standard) +ASM_DESC= Assembler code +ASYNC_DESC= Asynchronous mode +CIPHERS_DESC= Block Cipher Support +CT_DESC= Certificate Transparency Support +DES_DESC= (Triple) Data Encryption Standard +EC_DESC= Optimize NIST elliptic curves +FIPS_DESC= Build FIPS provider (Note: NOT yet FIPS validated) +GOST_DESC= GOST (Russian standard) +HASHES_DESC= Hash Function Support +I386_DESC= i386 (instead of i486+) +IDEA_DESC= International Data Encryption Algorithm +LEGACY_DESC= Older algorithms +MAN3_DESC= Install API manpages (section 3, 7) +MD2_DESC= MD2 (obsolete) (requires LEGACY) +MD4_DESC= MD4 (unsafe) +MDC2_DESC= MDC-2 (patented, requires DES) +MODULES_DESC= Provider modules +NEXTPROTONEG_DESC= Next Protocol Negotiation (SPDY) +OPTIMIZE_DESC= Optimizations +PROTOCOLS_DESC= Protocol Support +RC2_DESC= RC2 (unsafe) +RC4_DESC= RC4 (unsafe) +RC5_DESC= RC5 (patented) +RMD160_DESC= RIPEMD-160 +RFC3779_DESC= RFC3779 support (BGP) +SCTP_DESC= SCTP (Stream Control Transmission) +SHARED_DESC= Build shared libraries +SM2_DESC= SM2 Elliptic Curve DH (Chinese standard) +SM3_DESC= SM3 256bit (Chinese standard) +SM4_DESC= SM4 128bit (Chinese standard) +SSE2_DESC= Runtime SSE2 detection +SSL3_DESC= SSLv3 (unsafe) +TLS1_DESC= TLSv1.0 (requires TLS1_1, TLS1_2) +TLS1_1_DESC= TLSv1.1 (requires TLS1_2) +TLS1_2_DESC= TLSv1.2 +WEAK-SSL-CIPHERS_DESC= Weak cipher support (unsafe) + +# Upstream default disabled options +.for _option in fips md2 ktls rc5 sctp ssl3 weak-ssl-ciphers zlib +${_option:tu}_CONFIGURE_ON= enable-${_option} +.endfor + +# Upstream default enabled options +.for _option in aria asm async ct des gost idea md4 mdc2 legacy \ + nextprotoneg rc2 rc4 rfc3779 rmd160 shared sm2 sm3 sm4 sse2 \ + threads tls1 tls1_1 tls1_2 +${_option:tu}_CONFIGURE_OFF= no-${_option} +.endfor + +MD2_IMPLIES= LEGACY +MDC2_IMPLIES= DES +TLS1_IMPLIES= TLS1_1 +TLS1_1_IMPLIES= TLS1_2 + +EC_CONFIGURE_ON= enable-ec_nistp_64_gcc_128 +FIPS_VARS= shlibs+=lib/ossl-modules/fips.so +I386_CONFIGURE_ON= 386 +LEGACY_VARS= shlibs+=lib/ossl-modules/legacy.so +MAN3_EXTRA_PATCHES_OFF= ${FILESDIR}/extra-patch-util_find-doc-nits +SHARED_MAKE_ENV= SHLIBVER=${OPENSSL_SHLIBVER} +SHARED_PLIST_SUB= SHLIBVER=${OPENSSL_SHLIBVER} +SHARED_USE= ldconfig=yes +SHARED_VARS= shlibs+="lib/libcrypto.so.${OPENSSL_SHLIBVER} \ + lib/libssl.so.${OPENSSL_SHLIBVER} \ + lib/engines-${OPENSSL_SHLIBVER}/capi.so \ + lib/engines-${OPENSSL_SHLIBVER}/devcrypto.so \ + lib/engines-${OPENSSL_SHLIBVER}/padlock.so" +SSL3_CONFIGURE_ON+= enable-ssl3-method +ZLIB_CONFIGURE_ON= zlib-dynamic + +SHLIBS= lib/engines-${OPENSSL_SHLIBVER}/loader_attic.so + +PORTSCOUT= limit:^${DISTVERSION:R:S/./\./g}\. + +.include <bsd.port.options.mk> + +.if ${ARCH} == powerpc64 +CONFIGURE_ARGS+= BSD-ppc64 +.elif ${ARCH} == powerpc64le +CONFIGURE_ARGS+= BSD-ppc64le +.elif ${ARCH} == riscv64 +CONFIGURE_ARGS+= BSD-riscv64 +.endif + +.include <bsd.port.pre.mk> +.if ${PREFIX} == /usr +IGNORE= the OpenSSL port can not be installed over the base version +.endif + +OPENSSLDIR?= ${PREFIX}/openssl +PLIST_SUB+= OPENSSLDIR=${OPENSSLDIR:S=^${PREFIX}/==} + +.include "version.mk" + +post-patch: + ${REINPLACE_CMD} -Ee 's|^MANDIR=.*$$|MANDIR=$$(INSTALLTOP)/share/man|' \ + -e 's|^(build\|install)_docs: .*|\1_docs: \1_man_docs|' \ + ${WRKSRC}/Configurations/unix-Makefile.tmpl + ${REINPLACE_CMD} 's|SHLIB_VERSION=3|SHLIB_VERSION=${OPENSSL_SHLIBVER}|' \ + ${WRKSRC}/VERSION.dat + +post-configure: + ( cd ${WRKSRC} ; ${PERL} configdata.pm --dump ) + +post-configure-MAN3-off: + ${REINPLACE_CMD} \ + -e 's|^build_man_docs:.*|build_man_docs: $$(MANDOCS1) $$(MANDOCS5)|' \ + -e 's|dummy $$(MANDOCS[37]); do |dummy; do |' \ + ${WRKSRC}/Makefile + +post-install-SHARED-on: +.for i in ${SHLIBS} + -@${STRIP_CMD} ${STAGEDIR}${PREFIX}/$i +.endfor + +post-install-SHARED-off: + ${RMDIR} ${STAGEDIR}${PREFIX}/lib/engines-${OPENSSL_SHLIBVER} + +post-install: + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/openssl + +post-install-MAN3-on: + ( cd ${STAGEDIR}/${PREFIX} ; find share/man/man3 -not -type d ; \ + find share/man/man7 -not -type d ) | sed 's/$$/.gz/' >> ${TMPPLIST} + +.include <bsd.port.post.mk> diff --git a/security/openssl33-quictls/distinfo b/security/openssl33-quictls/distinfo new file mode 100644 index 000000000000..4003eb7cc283 --- /dev/null +++ b/security/openssl33-quictls/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1751486314 +SHA256 (quictls-quictls-openssl-3.3.0_GH0.tar.gz) = ff194511e53c0bead06d316e6891deebb07e3713efc65ef938e22962a43579a4 +SIZE (quictls-quictls-openssl-3.3.0_GH0.tar.gz) = 18220759 diff --git a/security/openssl31-quictls/files/extra-patch-util_find-doc-nits b/security/openssl33-quictls/files/extra-patch-util_find-doc-nits index 947f7447a445..947f7447a445 100644 --- a/security/openssl31-quictls/files/extra-patch-util_find-doc-nits +++ b/security/openssl33-quictls/files/extra-patch-util_find-doc-nits diff --git a/security/openssl31-quictls/files/patch-CVE-2024-9143 b/security/openssl33-quictls/files/patch-CVE-2024-9143 index f36b97f194f7..f36b97f194f7 100644 --- a/security/openssl31-quictls/files/patch-CVE-2024-9143 +++ b/security/openssl33-quictls/files/patch-CVE-2024-9143 diff --git a/security/openssl31-quictls/pkg-descr b/security/openssl33-quictls/pkg-descr index 0373df3f0b26..0373df3f0b26 100644 --- a/security/openssl31-quictls/pkg-descr +++ b/security/openssl33-quictls/pkg-descr diff --git a/security/openssl31-quictls/pkg-message b/security/openssl33-quictls/pkg-message index 7cd49c285a43..7cd49c285a43 100644 --- a/security/openssl31-quictls/pkg-message +++ b/security/openssl33-quictls/pkg-message diff --git a/security/openssl33-quictls/pkg-plist b/security/openssl33-quictls/pkg-plist new file mode 100644 index 000000000000..3e3f644f4a2c --- /dev/null +++ b/security/openssl33-quictls/pkg-plist @@ -0,0 +1,281 @@ +bin/c_rehash +bin/openssl +include/openssl/aes.h +include/openssl/asn1.h +include/openssl/asn1_mac.h +include/openssl/asn1err.h +include/openssl/asn1t.h +include/openssl/async.h +include/openssl/asyncerr.h +include/openssl/bio.h +include/openssl/bioerr.h +include/openssl/blowfish.h +include/openssl/bn.h +include/openssl/bnerr.h +include/openssl/buffer.h +include/openssl/buffererr.h +include/openssl/camellia.h +include/openssl/cast.h +include/openssl/cmac.h +include/openssl/cmp.h +include/openssl/cmp_util.h +include/openssl/cmperr.h +include/openssl/cms.h +include/openssl/cmserr.h +include/openssl/comp.h +include/openssl/comperr.h +include/openssl/conf.h +include/openssl/conf_api.h +include/openssl/conferr.h +include/openssl/configuration.h +include/openssl/conftypes.h +include/openssl/core.h +include/openssl/core_dispatch.h +include/openssl/core_names.h +include/openssl/core_object.h +include/openssl/crmf.h +include/openssl/crmferr.h +include/openssl/crypto.h +include/openssl/cryptoerr.h +include/openssl/cryptoerr_legacy.h +include/openssl/ct.h +include/openssl/cterr.h +include/openssl/decoder.h +include/openssl/decodererr.h +include/openssl/des.h +include/openssl/dh.h +include/openssl/dherr.h +include/openssl/dsa.h +include/openssl/dsaerr.h +include/openssl/dtls1.h +include/openssl/e_os2.h +include/openssl/e_ostime.h +include/openssl/ebcdic.h +include/openssl/ec.h +include/openssl/ecdh.h +include/openssl/ecdsa.h +include/openssl/ecerr.h +include/openssl/encoder.h +include/openssl/encodererr.h +include/openssl/engine.h +include/openssl/engineerr.h +include/openssl/err.h +include/openssl/ess.h +include/openssl/esserr.h +include/openssl/evp.h +include/openssl/evperr.h +include/openssl/fips_names.h +include/openssl/fipskey.h +include/openssl/hmac.h +include/openssl/hpke.h +include/openssl/http.h +include/openssl/httperr.h +include/openssl/idea.h +include/openssl/kdf.h +include/openssl/kdferr.h +include/openssl/lhash.h +include/openssl/macros.h +include/openssl/md2.h +include/openssl/md4.h +include/openssl/md5.h +include/openssl/mdc2.h +include/openssl/modes.h +include/openssl/obj_mac.h +include/openssl/objects.h +include/openssl/objectserr.h +include/openssl/ocsp.h +include/openssl/ocsperr.h +include/openssl/opensslconf.h +include/openssl/opensslv.h +include/openssl/ossl_typ.h +include/openssl/param_build.h +include/openssl/params.h +include/openssl/pem.h +include/openssl/pem2.h +include/openssl/pemerr.h +include/openssl/pkcs12.h +include/openssl/pkcs12err.h +include/openssl/pkcs7.h +include/openssl/pkcs7err.h +include/openssl/prov_ssl.h +include/openssl/proverr.h +include/openssl/provider.h +include/openssl/quic.h +include/openssl/rand.h +include/openssl/randerr.h +include/openssl/rc2.h +include/openssl/rc4.h +include/openssl/rc5.h +include/openssl/ripemd.h +include/openssl/rsa.h +include/openssl/rsaerr.h +include/openssl/safestack.h +include/openssl/seed.h +include/openssl/self_test.h +include/openssl/sha.h +include/openssl/srp.h +include/openssl/srtp.h +include/openssl/ssl.h +include/openssl/ssl2.h +include/openssl/ssl3.h +include/openssl/sslerr.h +include/openssl/sslerr_legacy.h +include/openssl/stack.h +include/openssl/store.h +include/openssl/storeerr.h +include/openssl/symhacks.h +include/openssl/thread.h +include/openssl/tls1.h +include/openssl/trace.h +include/openssl/ts.h +include/openssl/tserr.h +include/openssl/txt_db.h +include/openssl/types.h +include/openssl/ui.h +include/openssl/uierr.h +include/openssl/whrlpool.h +include/openssl/x509.h +include/openssl/x509_vfy.h +include/openssl/x509err.h +include/openssl/x509v3.h +include/openssl/x509v3err.h +lib/cmake/OpenSSL/OpenSSLConfig.cmake +lib/cmake/OpenSSL/OpenSSLConfigVersion.cmake +%%SHARED%%lib/engines-%%SHLIBVER%%/capi.so +%%SHARED%%lib/engines-%%SHLIBVER%%/devcrypto.so +%%SHARED%%lib/engines-%%SHLIBVER%%/loader_attic.so +%%SHARED%%lib/engines-%%SHLIBVER%%/padlock.so +lib/libcrypto.a +%%SHARED%%lib/libcrypto.so +%%SHARED%%lib/libcrypto.so.%%SHLIBVER%% +lib/libssl.a +%%SHARED%%lib/libssl.so +%%SHARED%%lib/libssl.so.%%SHLIBVER%% +%%FIPS%%%%SHARED%%lib/ossl-modules/fips.so +%%LEGACY%%%%SHARED%%lib/ossl-modules/legacy.so +libdata/pkgconfig/libcrypto.pc +libdata/pkgconfig/libssl.pc +libdata/pkgconfig/openssl.pc +share/man/man1/CA.pl.1ossl.gz +share/man/man1/asn1parse.1ossl.gz +share/man/man1/c_rehash.1ossl.gz +share/man/man1/ca.1ossl.gz +share/man/man1/ciphers.1ossl.gz +share/man/man1/cms.1ossl.gz +share/man/man1/cmp.1ossl.gz +share/man/man1/crl.1ossl.gz +share/man/man1/crl2pkcs7.1ossl.gz +share/man/man1/dgst.1ossl.gz +share/man/man1/dhparam.1ossl.gz +share/man/man1/dsa.1ossl.gz +share/man/man1/dsaparam.1ossl.gz +share/man/man1/ec.1ossl.gz +share/man/man1/ecparam.1ossl.gz +share/man/man1/enc.1ossl.gz +share/man/man1/engine.1ossl.gz +share/man/man1/errstr.1ossl.gz +share/man/man1/gendsa.1ossl.gz +share/man/man1/genpkey.1ossl.gz +share/man/man1/genrsa.1ossl.gz +share/man/man1/info.1ossl.gz +share/man/man1/kdf.1ossl.gz +share/man/man1/mac.1ossl.gz +share/man/man1/nseq.1ossl.gz +share/man/man1/ocsp.1ossl.gz +share/man/man1/openssl-asn1parse.1ossl.gz +share/man/man1/openssl-ca.1ossl.gz +share/man/man1/openssl-ciphers.1ossl.gz +share/man/man1/openssl-cmds.1ossl.gz +share/man/man1/openssl-cmp.1ossl.gz +share/man/man1/openssl-cms.1ossl.gz +share/man/man1/openssl-crl.1ossl.gz +share/man/man1/openssl-crl2pkcs7.1ossl.gz +share/man/man1/openssl-dgst.1ossl.gz +share/man/man1/openssl-dhparam.1ossl.gz +share/man/man1/openssl-dsa.1ossl.gz +share/man/man1/openssl-dsaparam.1ossl.gz +share/man/man1/openssl-ec.1ossl.gz +share/man/man1/openssl-ecparam.1ossl.gz +share/man/man1/openssl-enc.1ossl.gz +share/man/man1/openssl-engine.1ossl.gz +share/man/man1/openssl-errstr.1ossl.gz +share/man/man1/openssl-fipsinstall.1ossl.gz +share/man/man1/openssl-format-options.1ossl.gz +share/man/man1/openssl-gendsa.1ossl.gz +share/man/man1/openssl-genpkey.1ossl.gz +share/man/man1/openssl-genrsa.1ossl.gz +share/man/man1/openssl-info.1ossl.gz +share/man/man1/openssl-kdf.1ossl.gz +share/man/man1/openssl-list.1ossl.gz +share/man/man1/openssl-mac.1ossl.gz +share/man/man1/openssl-namedisplay-options.1ossl.gz +share/man/man1/openssl-nseq.1ossl.gz +share/man/man1/openssl-ocsp.1ossl.gz +share/man/man1/openssl-passphrase-options.1ossl.gz +share/man/man1/openssl-passwd.1ossl.gz +share/man/man1/openssl-pkcs12.1ossl.gz +share/man/man1/openssl-pkcs7.1ossl.gz +share/man/man1/openssl-pkcs8.1ossl.gz +share/man/man1/openssl-pkey.1ossl.gz +share/man/man1/openssl-pkeyparam.1ossl.gz +share/man/man1/openssl-pkeyutl.1ossl.gz +share/man/man1/openssl-prime.1ossl.gz +share/man/man1/openssl-rand.1ossl.gz +share/man/man1/openssl-rehash.1ossl.gz +share/man/man1/openssl-req.1ossl.gz +share/man/man1/openssl-rsa.1ossl.gz +share/man/man1/openssl-rsautl.1ossl.gz +share/man/man1/openssl-s_client.1ossl.gz +share/man/man1/openssl-s_server.1ossl.gz +share/man/man1/openssl-s_time.1ossl.gz +share/man/man1/openssl-sess_id.1ossl.gz +share/man/man1/openssl-smime.1ossl.gz +share/man/man1/openssl-speed.1ossl.gz +share/man/man1/openssl-spkac.1ossl.gz +share/man/man1/openssl-srp.1ossl.gz +share/man/man1/openssl-storeutl.1ossl.gz +share/man/man1/openssl-ts.1ossl.gz +share/man/man1/openssl-verification-options.1ossl.gz +share/man/man1/openssl-verify.1ossl.gz +share/man/man1/openssl-version.1ossl.gz +share/man/man1/openssl-x509.1ossl.gz +share/man/man1/openssl.1ossl.gz +share/man/man1/passwd.1ossl.gz +share/man/man1/pkcs12.1ossl.gz +share/man/man1/pkcs7.1ossl.gz +share/man/man1/pkcs8.1ossl.gz +share/man/man1/pkey.1ossl.gz +share/man/man1/pkeyparam.1ossl.gz +share/man/man1/pkeyutl.1ossl.gz +share/man/man1/prime.1ossl.gz +share/man/man1/rand.1ossl.gz +share/man/man1/rehash.1ossl.gz +share/man/man1/req.1ossl.gz +share/man/man1/rsa.1ossl.gz +share/man/man1/rsautl.1ossl.gz +share/man/man1/s_client.1ossl.gz +share/man/man1/s_server.1ossl.gz +share/man/man1/s_time.1ossl.gz +share/man/man1/sess_id.1ossl.gz +share/man/man1/smime.1ossl.gz +share/man/man1/speed.1ossl.gz +share/man/man1/spkac.1ossl.gz +share/man/man1/srp.1ossl.gz +share/man/man1/storeutl.1ossl.gz +share/man/man1/ts.1ossl.gz +share/man/man1/tsget.1ossl.gz +share/man/man1/verify.1ossl.gz +share/man/man1/version.1ossl.gz +share/man/man1/x509.1ossl.gz +share/man/man5/config.5ossl.gz +share/man/man5/fips_config.5ossl.gz +share/man/man5/x509v3_config.5ossl.gz +%%OPENSSLDIR%%/misc/CA.pl +@comment %%OPENSSLDIR%%/misc/tsget.pl +%%OPENSSLDIR%%/misc/tsget +@sample %%OPENSSLDIR%%/ct_log_list.cnf.dist %%OPENSSLDIR%%/ct_log_list.cnf +%%FIPS%%%%OPENSSLDIR%%/fipsmodule.cnf +@sample %%OPENSSLDIR%%/openssl.cnf.dist %%OPENSSLDIR%%/openssl.cnf +@dir lib/ossl-modules +@dir %%OPENSSLDIR%%/private +@dir %%OPENSSLDIR%%/certs diff --git a/security/openssl33-quictls/version.mk b/security/openssl33-quictls/version.mk new file mode 100644 index 000000000000..c3fe2e51c987 --- /dev/null +++ b/security/openssl33-quictls/version.mk @@ -0,0 +1 @@ +OPENSSL_SHLIBVER?= 15 diff --git a/security/openssl33/Makefile b/security/openssl33/Makefile index 92b2a3b70d07..652a325e8d5c 100644 --- a/security/openssl33/Makefile +++ b/security/openssl33/Makefile @@ -1,5 +1,5 @@ PORTNAME= openssl -PORTVERSION= 3.3.3 +PORTVERSION= 3.3.4 CATEGORIES= security devel PKGNAMESUFFIX= 33 MASTER_SITES= https://github.com/openssl/openssl/releases/download/${DISTNAME}/ @@ -11,6 +11,9 @@ WWW= https://www.openssl.org/ LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE.txt +DEPRECATED= Please use security/openssl35 (LTS) +EXPIRATION_DATE= 2026-03-31 + CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3[1245] openssl*-quictls HAS_CONFIGURE= yes diff --git a/security/openssl33/distinfo b/security/openssl33/distinfo index ba314a4dcc7f..a6394ed16a43 100644 --- a/security/openssl33/distinfo +++ b/security/openssl33/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1739294023 -SHA256 (openssl-3.3.3.tar.gz) = 712590fd20aaa60ec75d778fe5b810d6b829ca7fb1e530577917a131f9105539 -SIZE (openssl-3.3.3.tar.gz) = 18102481 +TIMESTAMP = 1751448373 +SHA256 (openssl-3.3.4.tar.gz) = 8d1a5fc323d3fd351dc05458457fd48f78652d2a498e1d70ffea07b4d0eb3fa8 +SIZE (openssl-3.3.4.tar.gz) = 18113350 diff --git a/security/openssl34/Makefile b/security/openssl34/Makefile index b1ab27b4efc0..4f6eef7378f4 100644 --- a/security/openssl34/Makefile +++ b/security/openssl34/Makefile @@ -1,5 +1,5 @@ PORTNAME= openssl -DISTVERSION= 3.4.1 +DISTVERSION= 3.4.2 CATEGORIES= security devel PKGNAMESUFFIX= 34 MASTER_SITES= https://github.com/openssl/openssl/releases/download/${DISTNAME}/ @@ -11,6 +11,9 @@ WWW= https://www.openssl.org/ LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE.txt +DEPRECATED= Please use security/openssl35 (LTS) +EXPIRATION_DATE= 2026-09-30 + CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3[1235] openssl*-quictls HAS_CONFIGURE= yes diff --git a/security/openssl34/distinfo b/security/openssl34/distinfo index d8af1d8ae114..f57015331c43 100644 --- a/security/openssl34/distinfo +++ b/security/openssl34/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1739294109 -SHA256 (openssl-3.4.1.tar.gz) = 002a2d6b30b58bf4bea46c43bdd96365aaf8daa6c428782aa4feee06da197df3 -SIZE (openssl-3.4.1.tar.gz) = 18346056 +TIMESTAMP = 1751448388 +SHA256 (openssl-3.4.2.tar.gz) = 17b02459fc28be415470cccaae7434f3496cac1306b86b52c83886580e82834c +SIZE (openssl-3.4.2.tar.gz) = 18357346 diff --git a/security/openssl35/Makefile b/security/openssl35/Makefile index 03c8a5cf9203..025e57551ed5 100644 --- a/security/openssl35/Makefile +++ b/security/openssl35/Makefile @@ -1,5 +1,5 @@ PORTNAME= openssl -PORTVERSION= 3.5.0 +PORTVERSION= 3.5.2 PORTREVISION= 1 CATEGORIES= security devel PKGNAMESUFFIX= 35 @@ -29,8 +29,10 @@ LDFLAGS_i386= -Wl,-znotext MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive CNF_LDFLAGS="${LDFLAGS}" MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS= -OPTIONS_GROUP= CIPHERS COMPRESSION HASHES MODULES OPTIMIZE PQC PROTOCOLS -OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM4 RC2 RC4 RC5 TLS-DEPRECATED-EC WEAK-SSL-CIPHERS +OPTIONS_GROUP= CIPHERS COMPRESSION HASHES MODULES OPTIMIZE PQC \ + PROTOCOLS +OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM4 RC2 RC4 RC5 TLS-DEPRECATED-EC \ + WEAK-SSL-CIPHERS OPTIONS_GROUP_COMPRESSION= BROTLI ZLIB ZSTD OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160 SM2 SM3 OPTIONS_GROUP_OPTIMIZE= ASM SSE2 THREADS THREADPOOL @@ -41,10 +43,9 @@ OPTIONS_GROUP_PROTOCOLS=NEXTPROTONEG QUIC SCTP SSL3 TLS1 TLS1_1 TLS1_2 OPTIONS_DEFINE= ASYNC CT FIPS-JITTER KTLS MAN3 RFC3779 SHARED -OPTIONS_DEFAULT=ASM ASYNC CT DES EC FIPS GOST MAN3 MD4 ML-DSA ML-KEM NEXTPROTONEG \ - QUIC RFC3779 RC2 RC4 RMD160 SCTP SHARED SLH-DSA SSE2 \ - THREADPOOL THREADS TLS1 TLS1_1 TLS1_2 -#OPTIONS_DEFAULT+= KTLS pending updated KTLS patch +OPTIONS_DEFAULT=ASM ASYNC CT DES EC FIPS GOST KTLS MAN3 MD4 ML-DSA ML-KEM \ + NEXTPROTONEG QUIC RFC3779 RC2 RC4 RMD160 SCTP SHARED SLH-DSA \ + SSE2 THREADPOOL THREADS TLS1 TLS1_1 TLS1_2 OPTIONS_GROUP_OPTIMIZE_amd64= EC @@ -131,8 +132,6 @@ I386_CONFIGURE_ON= 386 FIPS-JITTER_CFLAGS= -I${PREFIX}/include FIPS-JITTER_LDFLAGS= -L${PREFIX}/lib FIPS-JITTER_BUILD_DEPENDS= ${LOCALBASE}/lib/libjitterentropy.a:devel/libjitterentropy -KTLS_BROKEN= Pending updated KTLS patch -KTLS_EXTRA_PATCHES= ${FILESDIR}/extra-patch-ktls LEGACY_VARS= shlibs+=lib/ossl-modules/legacy.so MAN3_EXTRA_PATCHES_OFF= ${FILESDIR}/extra-patch-util_find-doc-nits SHARED_MAKE_ENV= SHLIBVER=${OPENSSL_SHLIBVER} diff --git a/security/openssl35/distinfo b/security/openssl35/distinfo index a607cb09a0e2..255ff3531836 100644 --- a/security/openssl35/distinfo +++ b/security/openssl35/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1744140897 -SHA256 (openssl-3.5.0.tar.gz) = 344d0a79f1a9b08029b0744e2cc401a43f9c90acd1044d09a530b4885a8e9fc0 -SIZE (openssl-3.5.0.tar.gz) = 53136912 +TIMESTAMP = 1754406677 +SHA256 (openssl-3.5.2.tar.gz) = c53a47e5e441c930c3928cf7bf6fb00e5d129b630e0aa873b08258656e7345ec +SIZE (openssl-3.5.2.tar.gz) = 53180161 diff --git a/security/openssl35/files/patch-CVE-2025-4575 b/security/openssl35/files/patch-CVE-2025-4575 deleted file mode 100644 index 1bcec34bcb96..000000000000 --- a/security/openssl35/files/patch-CVE-2025-4575 +++ /dev/null @@ -1,61 +0,0 @@ -From e96d22446e633d117e6c9904cb15b4693e956eaa Mon Sep 17 00:00:00 2001 -From: Tomas Mraz <tomas@openssl.org> -Date: Tue, 20 May 2025 16:34:10 +0200 -Subject: [PATCH] apps/x509.c: Fix the -addreject option adding trust instead - of rejection - -Fixes CVE-2025-4575 - -Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> -Reviewed-by: Paul Dale <ppzgs1@gmail.com> -(Merged from https://github.com/openssl/openssl/pull/27672) - -(cherry picked from commit 0eb9acc24febb1f3f01f0320cfba9654cf66b0ac) ---- - apps/x509.c | 2 +- - test/recipes/25-test_x509.t | 12 +++++++++++- - 2 files changed, 12 insertions(+), 2 deletions(-) - -diff --git a/apps/x509.c b/apps/x509.c -index fdae8f383a667..0c340c15b321a 100644 ---- apps/x509.c.orig -+++ apps/x509.c -@@ -465,7 +465,7 @@ int x509_main(int argc, char **argv) - prog, opt_arg()); - goto opthelp; - } -- if (!sk_ASN1_OBJECT_push(trust, objtmp)) -+ if (!sk_ASN1_OBJECT_push(reject, objtmp)) - goto end; - trustout = 1; - break; -diff --git a/test/recipes/25-test_x509.t b/test/recipes/25-test_x509.t -index 09b61708ff8a5..dfa0a428f5f0c 100644 ---- test/recipes/25-test_x509.t.orig -+++ test/recipes/25-test_x509.t -@@ -16,7 +16,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; - - setup("test_x509"); - --plan tests => 134; -+plan tests => 138; - - # Prevent MSys2 filename munging for arguments that look like file paths but - # aren't -@@ -110,6 +110,16 @@ ok(run(app(["openssl", "x509", "-new", "-force_pubkey", $key, "-subj", "/CN=EE", - && run(app(["openssl", "verify", "-no_check_time", - "-trusted", $ca, "-partial_chain", $caout]))); - -+# test trust decoration -+ok(run(app(["openssl", "x509", "-in", $ca, "-addtrust", "emailProtection", -+ "-out", "ca-trusted.pem"]))); -+cert_contains("ca-trusted.pem", "Trusted Uses: E-mail Protection", -+ 1, 'trusted use - E-mail Protection'); -+ok(run(app(["openssl", "x509", "-in", $ca, "-addreject", "emailProtection", -+ "-out", "ca-rejected.pem"]))); -+cert_contains("ca-rejected.pem", "Rejected Uses: E-mail Protection", -+ 1, 'rejected use - E-mail Protection'); -+ - subtest 'x509 -- x.509 v1 certificate' => sub { - tconversion( -type => 'x509', -prefix => 'x509v1', - -in => srctop_file("test", "testx509.pem") ); diff --git a/security/openssl36/Makefile b/security/openssl36/Makefile new file mode 100644 index 000000000000..9604e260b8e0 --- /dev/null +++ b/security/openssl36/Makefile @@ -0,0 +1,206 @@ +PORTNAME= openssl +DISTVERSION= 3.6.0-alpha1 +PORTREVISION= 1 +CATEGORIES= security devel +PKGNAMESUFFIX= 36 +MASTER_SITES= https://github.com/openssl/openssl/releases/download/${DISTNAME}/ + +MAINTAINER= brnrd@FreeBSD.org +COMMENT= TLSv1.3 capable SSL and crypto library +WWW= https://www.openssl.org/ + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE.txt + +CONFLICTS_INSTALL= boringssl libressl libressl-devel openssl openssl111 openssl3[1234] openssl*-quictls + +HAS_CONFIGURE= yes +CONFIGURE_SCRIPT= config +CONFIGURE_ENV= PERL="${PERL}" +CONFIGURE_ARGS= --openssldir=${OPENSSLDIR} \ + --prefix=${PREFIX} + +USES= cpe perl5 +USE_PERL5= build +TEST_TARGET= test + +LDFLAGS_i386= -Wl,-znotext + +MAKE_ARGS+= WHOLE_ARCHIVE_FLAG=--whole-archive CNF_LDFLAGS="${LDFLAGS}" +MAKE_ENV+= LIBRPATH="${PREFIX}/lib" GREP_OPTIONS= + +OPTIONS_GROUP= CIPHERS COMPRESSION HASHES MODULES OPTIMIZE PQC \ + PROTOCOLS +OPTIONS_GROUP_CIPHERS= ARIA DES GOST IDEA SM4 RC2 RC4 RC5 TLS-DEPRECATED-EC \ + WEAK-SSL-CIPHERS +OPTIONS_GROUP_COMPRESSION= BROTLI ZLIB ZSTD +OPTIONS_GROUP_HASHES= MD2 MD4 MDC2 RMD160 SM2 SM3 +OPTIONS_GROUP_OPTIMIZE= ASM SSE2 THREADS THREADPOOL +OPTIONS_GROUP_PQC= ML-DSA ML-KEM SLH-DSA +OPTIONS_GROUP_MODULES= FIPS LEGACY +OPTIONS_DEFINE_i386= I386 +OPTIONS_GROUP_PROTOCOLS=NEXTPROTONEG QUIC SCTP SSL3 TLS1 TLS1_1 TLS1_2 + +OPTIONS_DEFINE= ASYNC CT FIPS-JITTER KTLS MAN3 RFC3779 SHARED + +OPTIONS_DEFAULT=ASM ASYNC CT DES EC FIPS GOST KTLS MAN3 MD4 ML-DSA ML-KEM \ + NEXTPROTONEG QUIC RFC3779 RC2 RC4 RMD160 SCTP SHARED SLH-DSA \ + SSE2 THREADPOOL THREADS TLS1 TLS1_1 TLS1_2 + +OPTIONS_GROUP_OPTIMIZE_amd64= EC + +.if ${MACHINE_ARCH} == "amd64" +OPTIONS_GROUP_OPTIMIZE+= EC +.elif ${MACHINE_ARCH} == "mips64el" +OPTIONS_GROUP_OPTIMIZE+= EC +.endif + +OPTIONS_SUB= yes + +ARIA_DESC= ARIA (South Korean standard) +ASM_DESC= Assembler code +ASYNC_DESC= Asynchronous mode +CIPHERS_DESC= Block Cipher Support +COMPRESSION_DESC= Compression Support +CT_DESC= Certificate Transparency Support +DES_DESC= (Triple) Data Encryption Standard +EC_DESC= Optimize NIST elliptic curves +FIPS_DESC= Build FIPS provider (Note: NOT yet FIPS validated) +FIPS-JITTER_DESC= Use JITTER seed source in FIPS provider +GOST_DESC= GOST (Russian standard) +HASHES_DESC= Hash Function Support +I386_DESC= i386 (instead of i486+) +IDEA_DESC= International Data Encryption Algorithm +KTLS_DESC= Use in-kernel TLS (FreeBSD >13) +LEGACY_DESC= Older algorithms +MAN3_DESC= Install API manpages (section 3, 7) +MD2_DESC= MD2 (obsolete) (requires LEGACY) +MD4_DESC= MD4 (unsafe) +MDC2_DESC= MDC-2 (patented, requires DES) +ML-DSA_DESC= ML-DSA CRYSTALS-Dilithium Digital Signature Algorithm +ML-KEM_DESC= ML-KEM Kyber Key Encapsulation Method +MODULES_DESC= Provider modules +NEXTPROTONEG_DESC= Next Protocol Negotiation (SPDY) +OPTIMIZE_DESC= Optimizations +PQC_DESC= Post-Quantum Cryptography +PROTOCOLS_DESC= Protocol Support +QUIC_DESC= HTTP/3 +RC2_DESC= RC2 (unsafe) +RC4_DESC= RC4 (unsafe) +RC5_DESC= RC5 (patented) +RMD160_DESC= RIPEMD-160 +RFC3779_DESC= RFC3779 support (BGP) +SCTP_DESC= SCTP (Stream Control Transmission) +SHARED_DESC= Build shared libraries +SLH-DSA_DESC= SLH-DSA Sphinx+ Digital Signature Algorithm +SM2_DESC= SM2 Elliptic Curve DH (Chinese standard) +SM3_DESC= SM3 256bit (Chinese standard) +SM4_DESC= SM4 128bit (Chinese standard) +SSE2_DESC= Runtime SSE2 detection +SSL3_DESC= SSLv3 (unsafe) +TLS-DEPRECATED-EC_DESC= Deprecated elliptic curve groups in TLS (unsafe) +TLS1_DESC= TLSv1.0 (requires TLS1_1, TLS1_2) +TLS1_1_DESC= TLSv1.1 (requires TLS1_2) +TLS1_2_DESC= TLSv1.2 +THREADPOOL_DESC=Thread Pooling support +WEAK-SSL-CIPHERS_DESC= Weak cipher support (unsafe) + +# Upstream default disabled options +.for _option in brotli fips fips-jitter md2 ktls rc5 sctp ssl3 weak-ssl-ciphers zlib zstd +${_option:tu}_CONFIGURE_ON= enable-${_option} +.endfor + +# Upstream default enabled options +.for _option in aria asm async ct des gost idea md4 mdc2 ml-kem ml-dsa \ + legacy nextprotoneg quic rc2 rc4 rfc3779 rmd160 shared slh-dsa \ + sm2 sm3 sm4 sse2 threads tls-deprecated-ec tls1 tls1_1 tls1_2 +${_option:tu}_CONFIGURE_OFF= no-${_option} +.endfor + +FIPS-JITTER_IMPLIES= FIPS +MD2_IMPLIES= LEGACY +MDC2_IMPLIES= DES +TLS1_IMPLIES= TLS1_1 +TLS1_1_IMPLIES= TLS1_2 + +BROTLI_CFLAGS= -I${PREFIX}/include +BROTLI_CONFIGURE_ON= enable-brotli-dynamic +BROTLI_LIB_DEPENDS= libbrotlicommon.so:archivers/brotli +EC_CONFIGURE_ON= enable-ec_nistp_64_gcc_128 +FIPS_VARS= shlibs+=lib/ossl-modules/fips.so +I386_CONFIGURE_ON= 386 +FIPS-JITTER_CFLAGS= -I${PREFIX}/include +FIPS-JITTER_LDFLAGS= -L${PREFIX}/lib +FIPS-JITTER_BUILD_DEPENDS= ${LOCALBASE}/lib/libjitterentropy.a:devel/libjitterentropy +LEGACY_VARS= shlibs+=lib/ossl-modules/legacy.so +MAN3_EXTRA_PATCHES_OFF= ${FILESDIR}/extra-patch-util_find-doc-nits +SHARED_MAKE_ENV= SHLIBVER=${OPENSSL_SHLIBVER} +SHARED_PLIST_SUB= SHLIBVER=${OPENSSL_SHLIBVER} +SHARED_USE= ldconfig=yes +SHARED_VARS= shlibs+="lib/libcrypto.so.${OPENSSL_SHLIBVER} \ + lib/libssl.so.${OPENSSL_SHLIBVER} \ + lib/engines-${OPENSSL_SHLIBVER}/capi.so \ + lib/engines-${OPENSSL_SHLIBVER}/devcrypto.so \ + lib/engines-${OPENSSL_SHLIBVER}/padlock.so" +SSL3_CONFIGURE_ON= enable-ssl3 enable-ssl3-method +THREADPOOL_CONFIGURE_OFF= no-thread-pool +ZLIB_CONFIGURE_ON= zlib-dynamic +ZSTD_CFLAGS= -I${PREFIX}/include +ZSTD_CONFIGURE_ON= enable-zstd-dynamic +ZSTD_LIB_DEPENDS= libzstd.so:archivers/zstd + +SHLIBS= lib/engines-${OPENSSL_SHLIBVER}/loader_attic.so + +PORTSCOUT= limit:^${DISTVERSION:R:S/./\./g}\. + +.include <bsd.port.options.mk> + +.if ${ARCH} == powerpc64 +CONFIGURE_ARGS+= BSD-ppc64 +.elif ${ARCH} == powerpc64le +CONFIGURE_ARGS+= BSD-ppc64le +.elif ${ARCH} == riscv64 +CONFIGURE_ARGS+= BSD-riscv64 +.endif + +.include <bsd.port.pre.mk> +.if ${PREFIX} == /usr +IGNORE= the OpenSSL port can not be installed over the base version +.endif + +OPENSSLDIR?= ${PREFIX}/openssl +PLIST_SUB+= OPENSSLDIR=${OPENSSLDIR:S=^${PREFIX}/==} + +.include "version.mk" + +post-patch: + ${REINPLACE_CMD} -Ee 's|^(build\|install)_docs: .*|\1_docs: \1_man_docs|' \ + ${WRKSRC}/Configurations/unix-Makefile.tmpl + ${REINPLACE_CMD} 's|SHLIB_VERSION=3|SHLIB_VERSION=${OPENSSL_SHLIBVER}|' \ + ${WRKSRC}/VERSION.dat + +post-configure: + ( cd ${WRKSRC} ; ${PERL} configdata.pm --dump ) + +post-configure-MAN3-off: + ${REINPLACE_CMD} \ + -e 's|^build_man_docs:.*|build_man_docs: $$(MANDOCS1) $$(MANDOCS5)|' \ + -e 's|dummy $$(MANDOCS[37]); do |dummy; do |' \ + ${WRKSRC}/Makefile + +post-install-SHARED-on: +.for i in ${SHLIBS} + -@${STRIP_CMD} ${STAGEDIR}${PREFIX}/$i +.endfor + +post-install-SHARED-off: + ${RMDIR} ${STAGEDIR}${PREFIX}/lib/engines-12 + +post-install: + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/openssl + +post-install-MAN3-on: + ( cd ${STAGEDIR}/${PREFIX} ; find share/man/man3 -not -type d ; \ + find share/man/man7 -not -type d ) | sed 's/$$/.gz/' >> ${TMPPLIST} + +.include <bsd.port.post.mk> diff --git a/security/openssl36/distinfo b/security/openssl36/distinfo new file mode 100644 index 000000000000..864066f84ddb --- /dev/null +++ b/security/openssl36/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1756905754 +SHA256 (openssl-3.6.0-alpha1.tar.gz) = 214991128e68adbac1e41df435960c11a0899f762f9e586beb8112f2ca415778 +SIZE (openssl-3.6.0-alpha1.tar.gz) = 54968069 diff --git a/security/openssl31/files/extra-patch-ktls b/security/openssl36/files/extra-patch-ktls index 8a46c272d95c..8a46c272d95c 100644 --- a/security/openssl31/files/extra-patch-ktls +++ b/security/openssl36/files/extra-patch-ktls diff --git a/security/openssl36/files/extra-patch-util_find-doc-nits b/security/openssl36/files/extra-patch-util_find-doc-nits new file mode 100644 index 000000000000..bf70e9fee1ac --- /dev/null +++ b/security/openssl36/files/extra-patch-util_find-doc-nits @@ -0,0 +1,20 @@ +--- util/find-doc-nits.orig 2023-09-07 09:00:22 UTC ++++ util/find-doc-nits +@@ -80,7 +80,7 @@ my $temp = '/tmp/docnits.txt'; + my $OUT; + my $status = 0; + +-$opt_m = "man1,man3,man5,man7" unless $opt_m; ++$opt_m = "man1,man5" unless $opt_m; + die "Argument of -m option may contain only man1, man3, man5, and/or man7" + unless $opt_m =~ /^(man[1357][, ]?)*$/; + my @sections = ( split /[, ]/, $opt_m ); +@@ -725,7 +725,7 @@ sub check { + next if $target eq ''; # Skip if links within page, or + next if $target =~ /::/; # links to a Perl module, or + next if $target =~ /^https?:/; # is a URL link, or +- next if $target =~ /\([1357]\)$/; # it has a section ++ next if $target =~ /\([15]\)$/; # it has a section + err($id, "Missing man section number (likely, $mansect) in L<$target>") + } + # Check for proper links to commands. diff --git a/security/openssl31/files/patch-Configurations_10-main.conf b/security/openssl36/files/patch-Configurations_10-main.conf index 82503c0ff90c..82503c0ff90c 100644 --- a/security/openssl31/files/patch-Configurations_10-main.conf +++ b/security/openssl36/files/patch-Configurations_10-main.conf diff --git a/security/openssl31/files/patch-crypto_threads__pthread.c b/security/openssl36/files/patch-crypto_threads__pthread.c index 3347170e0bd0..3347170e0bd0 100644 --- a/security/openssl31/files/patch-crypto_threads__pthread.c +++ b/security/openssl36/files/patch-crypto_threads__pthread.c diff --git a/security/openssl31/pkg-descr b/security/openssl36/pkg-descr index c7704288547a..c7704288547a 100644 --- a/security/openssl31/pkg-descr +++ b/security/openssl36/pkg-descr diff --git a/security/openssl36/pkg-message b/security/openssl36/pkg-message new file mode 100644 index 000000000000..0ed980ee3513 --- /dev/null +++ b/security/openssl36/pkg-message @@ -0,0 +1,14 @@ +[ +{ type: install + message: <<EOM +This OpenSSL version is in an ALPHA stage +Do NOT use for production! +EOM +} +{ type: upgrade + message: <<EOM +This OpenSSL version is in an ALPHA stage +Do NOT use for production! +EOM +} +] diff --git a/security/openssl36/pkg-plist b/security/openssl36/pkg-plist new file mode 100644 index 000000000000..7bd599c31899 --- /dev/null +++ b/security/openssl36/pkg-plist @@ -0,0 +1,286 @@ +bin/c_rehash +bin/openssl +include/openssl/aes.h +include/openssl/asn1.h +include/openssl/asn1err.h +include/openssl/asn1t.h +include/openssl/async.h +include/openssl/asyncerr.h +include/openssl/bio.h +include/openssl/bioerr.h +include/openssl/blowfish.h +include/openssl/bn.h +include/openssl/bnerr.h +include/openssl/buffer.h +include/openssl/buffererr.h +include/openssl/byteorder.h +include/openssl/camellia.h +include/openssl/cast.h +include/openssl/cmac.h +include/openssl/cmp.h +include/openssl/cmp_util.h +include/openssl/cmperr.h +include/openssl/cms.h +include/openssl/cmserr.h +include/openssl/comp.h +include/openssl/comperr.h +include/openssl/conf.h +include/openssl/conf_api.h +include/openssl/conferr.h +include/openssl/configuration.h +include/openssl/conftypes.h +include/openssl/core.h +include/openssl/core_dispatch.h +include/openssl/core_names.h +include/openssl/core_object.h +include/openssl/crmf.h +include/openssl/crmferr.h +include/openssl/crypto.h +include/openssl/cryptoerr.h +include/openssl/cryptoerr_legacy.h +include/openssl/ct.h +include/openssl/cterr.h +include/openssl/decoder.h +include/openssl/decodererr.h +include/openssl/des.h +include/openssl/dh.h +include/openssl/dherr.h +include/openssl/dsa.h +include/openssl/dsaerr.h +include/openssl/dtls1.h +include/openssl/e_os2.h +include/openssl/e_ostime.h +include/openssl/ebcdic.h +include/openssl/ec.h +include/openssl/ecdh.h +include/openssl/ecdsa.h +include/openssl/ecerr.h +include/openssl/encoder.h +include/openssl/encodererr.h +include/openssl/engine.h +include/openssl/engineerr.h +include/openssl/err.h +include/openssl/ess.h +include/openssl/esserr.h +include/openssl/evp.h +include/openssl/evperr.h +include/openssl/fips_names.h +include/openssl/fipskey.h +include/openssl/hmac.h +include/openssl/hpke.h +include/openssl/http.h +include/openssl/httperr.h +include/openssl/idea.h +include/openssl/indicator.h +include/openssl/kdf.h +include/openssl/kdferr.h +include/openssl/lhash.h +include/openssl/macros.h +include/openssl/md2.h +include/openssl/md4.h +include/openssl/md5.h +include/openssl/mdc2.h +include/openssl/ml_kem.h +include/openssl/modes.h +include/openssl/obj_mac.h +include/openssl/objects.h +include/openssl/objectserr.h +include/openssl/ocsp.h +include/openssl/ocsperr.h +include/openssl/opensslconf.h +include/openssl/opensslv.h +include/openssl/ossl_typ.h +include/openssl/param_build.h +include/openssl/params.h +include/openssl/pem.h +include/openssl/pem2.h +include/openssl/pemerr.h +include/openssl/pkcs12.h +include/openssl/pkcs12err.h +include/openssl/pkcs7.h +include/openssl/pkcs7err.h +include/openssl/prov_ssl.h +include/openssl/proverr.h +include/openssl/provider.h +include/openssl/quic.h +include/openssl/rand.h +include/openssl/randerr.h +include/openssl/rc2.h +include/openssl/rc4.h +include/openssl/rc5.h +include/openssl/ripemd.h +include/openssl/rsa.h +include/openssl/rsaerr.h +include/openssl/safestack.h +include/openssl/seed.h +include/openssl/self_test.h +include/openssl/sha.h +include/openssl/srp.h +include/openssl/srtp.h +include/openssl/ssl.h +include/openssl/ssl2.h +include/openssl/ssl3.h +include/openssl/sslerr.h +include/openssl/sslerr_legacy.h +include/openssl/stack.h +include/openssl/store.h +include/openssl/storeerr.h +include/openssl/symhacks.h +include/openssl/thread.h +include/openssl/tls1.h +include/openssl/trace.h +include/openssl/ts.h +include/openssl/tserr.h +include/openssl/txt_db.h +include/openssl/types.h +include/openssl/ui.h +include/openssl/uierr.h +include/openssl/whrlpool.h +include/openssl/x509.h +include/openssl/x509_acert.h +include/openssl/x509_vfy.h +include/openssl/x509err.h +include/openssl/x509v3.h +include/openssl/x509v3err.h +lib/cmake/OpenSSL/OpenSSLConfig.cmake +lib/cmake/OpenSSL/OpenSSLConfigVersion.cmake +%%SHARED%%lib/engines-%%SHLIBVER%%/capi.so +%%SHARED%%lib/engines-%%SHLIBVER%%/devcrypto.so +%%SHARED%%lib/engines-%%SHLIBVER%%/loader_attic.so +%%SHARED%%lib/engines-%%SHLIBVER%%/padlock.so +lib/libcrypto.a +%%SHARED%%lib/libcrypto.so +%%SHARED%%lib/libcrypto.so.%%SHLIBVER%% +lib/libssl.a +%%SHARED%%lib/libssl.so +%%SHARED%%lib/libssl.so.%%SHLIBVER%% +%%FIPS%%%%SHARED%%lib/ossl-modules/fips.so +%%LEGACY%%%%SHARED%%lib/ossl-modules/legacy.so +libdata/pkgconfig/libcrypto.pc +libdata/pkgconfig/libssl.pc +libdata/pkgconfig/openssl.pc +share/man/man1/CA.pl.1ossl.gz +share/man/man1/asn1parse.1ossl.gz +share/man/man1/c_rehash.1ossl.gz +share/man/man1/ca.1ossl.gz +share/man/man1/ciphers.1ossl.gz +share/man/man1/cmp.1ossl.gz +share/man/man1/cms.1ossl.gz +share/man/man1/crl.1ossl.gz +share/man/man1/crl2pkcs7.1ossl.gz +share/man/man1/dgst.1ossl.gz +share/man/man1/dhparam.1ossl.gz +share/man/man1/dsa.1ossl.gz +share/man/man1/dsaparam.1ossl.gz +share/man/man1/ec.1ossl.gz +share/man/man1/ecparam.1ossl.gz +share/man/man1/enc.1ossl.gz +share/man/man1/engine.1ossl.gz +share/man/man1/errstr.1ossl.gz +share/man/man1/gendsa.1ossl.gz +share/man/man1/genpkey.1ossl.gz +share/man/man1/genrsa.1ossl.gz +share/man/man1/info.1ossl.gz +share/man/man1/kdf.1ossl.gz +share/man/man1/mac.1ossl.gz +share/man/man1/nseq.1ossl.gz +share/man/man1/ocsp.1ossl.gz +share/man/man1/openssl-asn1parse.1ossl.gz +share/man/man1/openssl-ca.1ossl.gz +share/man/man1/openssl-ciphers.1ossl.gz +share/man/man1/openssl-cmds.1ossl.gz +share/man/man1/openssl-cmp.1ossl.gz +share/man/man1/openssl-cms.1ossl.gz +share/man/man1/openssl-configutl.1ossl.gz +share/man/man1/openssl-crl.1ossl.gz +share/man/man1/openssl-crl2pkcs7.1ossl.gz +share/man/man1/openssl-dgst.1ossl.gz +share/man/man1/openssl-dhparam.1ossl.gz +share/man/man1/openssl-dsa.1ossl.gz +share/man/man1/openssl-dsaparam.1ossl.gz +share/man/man1/openssl-ec.1ossl.gz +share/man/man1/openssl-ecparam.1ossl.gz +share/man/man1/openssl-enc.1ossl.gz +share/man/man1/openssl-engine.1ossl.gz +share/man/man1/openssl-errstr.1ossl.gz +share/man/man1/openssl-fipsinstall.1ossl.gz +share/man/man1/openssl-format-options.1ossl.gz +share/man/man1/openssl-gendsa.1ossl.gz +share/man/man1/openssl-genpkey.1ossl.gz +share/man/man1/openssl-genrsa.1ossl.gz +share/man/man1/openssl-info.1ossl.gz +share/man/man1/openssl-kdf.1ossl.gz +share/man/man1/openssl-list.1ossl.gz +share/man/man1/openssl-mac.1ossl.gz +share/man/man1/openssl-namedisplay-options.1ossl.gz +share/man/man1/openssl-nseq.1ossl.gz +share/man/man1/openssl-ocsp.1ossl.gz +share/man/man1/openssl-passphrase-options.1ossl.gz +share/man/man1/openssl-passwd.1ossl.gz +share/man/man1/openssl-pkcs12.1ossl.gz +share/man/man1/openssl-pkcs7.1ossl.gz +share/man/man1/openssl-pkcs8.1ossl.gz +share/man/man1/openssl-pkey.1ossl.gz +share/man/man1/openssl-pkeyparam.1ossl.gz +share/man/man1/openssl-pkeyutl.1ossl.gz +share/man/man1/openssl-prime.1ossl.gz +share/man/man1/openssl-rand.1ossl.gz +share/man/man1/openssl-rehash.1ossl.gz +share/man/man1/openssl-req.1ossl.gz +share/man/man1/openssl-rsa.1ossl.gz +share/man/man1/openssl-rsautl.1ossl.gz +share/man/man1/openssl-s_client.1ossl.gz +share/man/man1/openssl-s_server.1ossl.gz +share/man/man1/openssl-s_time.1ossl.gz +share/man/man1/openssl-sess_id.1ossl.gz +share/man/man1/openssl-skeyutl.1ossl.gz +share/man/man1/openssl-smime.1ossl.gz +share/man/man1/openssl-speed.1ossl.gz +share/man/man1/openssl-spkac.1ossl.gz +share/man/man1/openssl-srp.1ossl.gz +share/man/man1/openssl-storeutl.1ossl.gz +share/man/man1/openssl-ts.1ossl.gz +share/man/man1/openssl-verification-options.1ossl.gz +share/man/man1/openssl-verify.1ossl.gz +share/man/man1/openssl-version.1ossl.gz +share/man/man1/openssl-x509.1ossl.gz +share/man/man1/openssl.1ossl.gz +share/man/man1/passwd.1ossl.gz +share/man/man1/pkcs12.1ossl.gz +share/man/man1/pkcs7.1ossl.gz +share/man/man1/pkcs8.1ossl.gz +share/man/man1/pkey.1ossl.gz +share/man/man1/pkeyparam.1ossl.gz +share/man/man1/pkeyutl.1ossl.gz +share/man/man1/prime.1ossl.gz +share/man/man1/rand.1ossl.gz +share/man/man1/rehash.1ossl.gz +share/man/man1/req.1ossl.gz +share/man/man1/rsa.1ossl.gz +share/man/man1/rsautl.1ossl.gz +share/man/man1/s_client.1ossl.gz +share/man/man1/s_server.1ossl.gz +share/man/man1/s_time.1ossl.gz +share/man/man1/sess_id.1ossl.gz +share/man/man1/smime.1ossl.gz +share/man/man1/speed.1ossl.gz +share/man/man1/spkac.1ossl.gz +share/man/man1/srp.1ossl.gz +share/man/man1/storeutl.1ossl.gz +share/man/man1/ts.1ossl.gz +share/man/man1/tsget.1ossl.gz +share/man/man1/verify.1ossl.gz +share/man/man1/version.1ossl.gz +share/man/man1/x509.1ossl.gz +share/man/man5/config.5ossl.gz +share/man/man5/fips_config.5ossl.gz +share/man/man5/x509v3_config.5ossl.gz +%%OPENSSLDIR%%/misc/CA.pl +@comment %%OPENSSLDIR%%/misc/tsget.pl +%%OPENSSLDIR%%/misc/tsget +@sample %%OPENSSLDIR%%/ct_log_list.cnf.dist %%OPENSSLDIR%%/ct_log_list.cnf +%%FIPS%%%%OPENSSLDIR%%/fipsmodule.cnf +@sample %%OPENSSLDIR%%/openssl.cnf.dist %%OPENSSLDIR%%/openssl.cnf +@dir lib/ossl-modules +@dir %%OPENSSLDIR%%/private +@dir %%OPENSSLDIR%%/certs diff --git a/security/openssl36/version.mk b/security/openssl36/version.mk new file mode 100644 index 000000000000..7bf1106dadd0 --- /dev/null +++ b/security/openssl36/version.mk @@ -0,0 +1 @@ +OPENSSL_SHLIBVER?= 18 |