openssl: update to v0.9.8n, thanks Peter Wagner
authorJo-Philipp Wich <jow@openwrt.org>
Wed, 5 May 2010 20:32:10 +0000 (20:32 +0000)
committerJo-Philipp Wich <jow@openwrt.org>
Wed, 5 May 2010 20:32:10 +0000 (20:32 +0000)
SVN-Revision: 21382

package/openssl/Makefile
package/openssl/patches/200-ocf-20100325.patch
package/openssl/patches/400-cve-2010-0740.patch [deleted file]

index f0bcd1d8421896ae803085535f2a273bb3ac6afc..06a39fd445195f1d64a20fd9fb362ea6e7c9f1ad 100644 (file)
@@ -8,15 +8,15 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
-PKG_VERSION:=0.9.8m
-PKG_RELEASE:=4
+PKG_VERSION:=0.9.8n
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.openssl.org/source/ \
        ftp://ftp.funet.fi/pub/crypt/cryptography/libs/openssl/source/ \
        ftp://ftp.webmonster.de/pub/openssl/source/ \
        ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/
-PKG_MD5SUM:=898bf125370926d5f692a2201124f8ec
+PKG_MD5SUM:=076d8efc3ed93646bd01f04e23c07066
 
 PKG_BUILD_DEPENDS:=ocf-crypto-headers
 PKG_CONFIG_DEPENDS:=CONFIG_OPENSSL_ENGINE
index da941b37ac6c5eca34752cee3c643166cc93b028..16d84513954e9310b7c5794d459b8236f5db4ca6 100644 (file)
                if (kop->crk_param[i].crp_p)
                        free(kop->crk_param[i].crp_p);
                kop->crk_param[i].crp_p = NULL;
-@@ -757,6 +1025,9 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BI
-       if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) {
-               const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-+              fprintf(stderr, "cryptodev_asym: CRK_MOD_EXP %s failed, "
-+                      "Running in software\n", errno==kop.crk_status ?
-+                      "hardware operation" : "asym process");
-               ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
-       }
- err:
 @@ -768,7 +1039,6 @@ static int
  cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
  {
        r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
        return (r);
  }
-@@ -803,6 +1073,9 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const 
-       if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) {
-               const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-+              fprintf(stderr, "cryptodev_asym: CRK_MOD_EXP_CRT %s failed, "
-+                      "Running in software\n", errno==kop.crk_status ?
-+                      "hardware operation" : "asym process");
-               ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
-       }
- err:
 @@ -904,6 +1177,9 @@ cryptodev_dsa_do_sign(const unsigned cha
                const DSA_METHOD *meth = DSA_OpenSSL();
                BN_free(r);
diff --git a/package/openssl/patches/400-cve-2010-0740.patch b/package/openssl/patches/400-cve-2010-0740.patch
deleted file mode 100644 (file)
index 4c893eb..0000000
+++ /dev/null
@@ -1,15 +0,0 @@
---- a/ssl/s3_pkt.c
-+++ b/ssl/s3_pkt.c
-@@ -291,9 +291,9 @@ again:
-                       if (version != s->version)
-                               {
-                               SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
--                              /* Send back error using their
--                               * version number :-) */
--                              s->version=version;
-+                                if ((s->version & 0xFF00) == (version & 0xFF00))
-+                                      /* Send back error using their minor version number :-) */
-+                                      s->version = (unsigned short)version;
-                               al=SSL_AD_PROTOCOL_VERSION;
-                               goto f_err;
-                               }