core/openssl-cryptodev to 1.0.1.f-1

This commit is contained in:
Kevin Mihelich 2014-04-05 03:48:27 +00:00
parent 587b84c1ef
commit 2feaf93203
5 changed files with 399 additions and 512 deletions

View file

@ -14,16 +14,16 @@ buildarch=6
pkgname=openssl-cryptodev
_pkgname=openssl
_ver=1.0.1e
_ver=1.0.1f
# use a pacman compatible version scheme
pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
#pkgver=$_ver
pkgrel=5
pkgrel=1
pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
arch=('arm' 'armv7h')
url='https://www.openssl.org'
license=('custom:BSD')
depends=('perl')
depends=('zlib' 'perl')
optdepends=('ca-certificates')
options=('!makeflags')
backup=('etc/ssl/openssl.cnf')
@ -34,79 +34,66 @@ _cryptover=1.6
source=("https://www.openssl.org/source/${_pkgname}-${_ver}.tar.gz"
'no-rpath.patch'
'ca-dir.patch'
'openssl-1.0.1e-fix_pod_syntax-1.patch'
"http://download.gna.org/cryptodev-linux/cryptodev-linux-${_cryptover}.tar.gz"
'openssl-1.0.1-Check-DTLS_BAD_VER-for-version-number.patch'
'openssl-1.0.1-e_aes_cbc_hmac_sha1.c-fix-rare-bad-record-mac-on-AES.patch')
md5sums=('66bf6f10f060d561929de96f9dfe5b8c'
'openssl-1.0.1f-perl-5.18.patch')
md5sums=('f26b09c028a0541cab33da697d522b25'
'dc78d3d06baffc16217519242ce92478'
'3bf51be3a1bbd262be46dc619f92aa90'
'88d3bef4bbdc640b0412315d8d347bdf'
'3bf51be3a1bbd262be46dc619f92aa90'
'eade38998313c25fd7934719cdf8a2ea'
'ae7848bb152b8834ceff30c8c480d422'
'c5cc62a47cef72f4e5ad119a88e97ae4')
'ea2a61c8bd43788d81d98f1ac36c98ac')
prepare() {
cd $srcdir/${_pkgname}-$_ver
cd $srcdir/${_pkgname}-$_ver
# remove rpath: http://bugs.archlinux.org/task/14367
patch -p0 -i $srcdir/no-rpath.patch
# set ca dir to /etc/ssl by default
patch -p0 -i $srcdir/ca-dir.patch
# remove rpath: http://bugs.archlinux.org/task/14367
patch -p0 -i $srcdir/no-rpath.patch
# set ca dir to /etc/ssl by default
patch -p0 -i $srcdir/ca-dir.patch
patch -p1 -i $srcdir/openssl-1.0.1e-fix_pod_syntax-1.patch
patch -p1 -i $srcdir/openssl-1.0.1f-perl-5.18.patch
# OpenSSL 1.0.0k, 1.0.1.d, 1.0.1e fail handshake with DTLS1_BAD_VER
# http://rt.openssl.org/Ticket/Display.html?id=2984
patch -p1 -i $srcdir/openssl-1.0.1-Check-DTLS_BAD_VER-for-version-number.patch
#Replace eng_cryptodev.c with cryptodev version
cp -u ${srcdir}/cryptodev-linux-${_cryptover}/extras/eng_cryptodev.c ${srcdir}/openssl-${_ver}/crypto/engine/
# Communication problems with 1.0.1e
# http://rt.openssl.org/Ticket/Display.html?id=3002
patch -p1 -i $srcdir/openssl-1.0.1-e_aes_cbc_hmac_sha1.c-fix-rare-bad-record-mac-on-AES.patch
#Replace eng_cryptodev.c with cryptodev version
cp -u ${srcdir}/cryptodev-linux-${_cryptover}/extras/eng_cryptodev.c ${srcdir}/openssl-${_ver}/crypto/engine/
#Copy the header file
cp -u ${srcdir}/cryptodev-linux-${_cryptover}/crypto/cryptodev.h ${srcdir}/openssl-${_ver}/crypto/
#Copy the header file
cp -u ${srcdir}/cryptodev-linux-${_cryptover}/crypto/cryptodev.h ${srcdir}/openssl-${_ver}/crypto/
}
build() {
cd $srcdir/${_pkgname}-$_ver
cd $srcdir/${_pkgname}-$_ver
if [ "${CARCH}" == 'x86_64' ]; then
openssltarget='linux-x86_64'
elif [ "${CARCH}" == 'i686' ]; then
openssltarget='linux-elf'
elif [ "${CARCH}" == 'arm' -o "${CARCH}" == 'armv7h' ]; then
openssltarget='linux-armv4'
fi
if [ "${CARCH}" == 'x86_64' ]; then
openssltarget='linux-x86_64'
elif [ "${CARCH}" == 'i686' ]; then
openssltarget='linux-elf'
elif [ "${CARCH}" == 'arm' -o "${CARCH}" == 'armv7h' ]; then
openssltarget='linux-armv4'
fi
# mark stack as non-executable: http://bugs.archlinux.org/task/12434
./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DHASH_MAX_LEN=64 \
shared threads zlib \
"${openssltarget}" \
-Wa,--noexecstack "${CFLAGS}"
# mark stack as non-executable: http://bugs.archlinux.org/task/12434
./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DHASH_MAX_LEN=64 \
shared threads zlib \
"${openssltarget}" \
"-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
make depend
make
make depend
make
}
check() {
cd $srcdir/$_pkgname-$_ver
# the test fails due to missing write permissions in /etc/ssl
# revert this patch for make test
patch -p0 -R -i $srcdir/ca-dir.patch
# make test
patch -p0 -i $srcdir/ca-dir.patch
cd $srcdir/$_pkgname-$_ver
# the test fails due to missing write permissions in /etc/ssl
# revert this patch for make test
patch -p0 -R -i $srcdir/ca-dir.patch
#make test
patch -p0 -i $srcdir/ca-dir.patch
}
package() {
depends=('cryptodev_friendly')
cd $srcdir/$_pkgname-$_ver
make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install
install -D -m644 LICENSE $pkgdir/usr/share/licenses/$_pkgname/LICENSE
depends=('cryptodev_friendly')
cd $srcdir/$_pkgname-$_ver
make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install
install -D -m644 LICENSE $pkgdir/usr/share/licenses/$_pkgname/LICENSE
}

View file

@ -1,31 +0,0 @@
From 9fe4603b8245425a4c46986ed000fca054231253 Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw2@infradead.org>
Date: Tue, 12 Feb 2013 14:55:32 +0000
Subject: Check DTLS_BAD_VER for version number.
The version check for DTLS1_VERSION was redundant as
DTLS1_VERSION > TLS1_1_VERSION, however we do need to
check for DTLS1_BAD_VER for compatibility.
PR:2984
(cherry picked from commit d980abb22e22661e98e5cee33d760ab0c7584ecc)
---
ssl/s3_cbc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index 02edf3f..443a31e 100644
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -148,7 +148,7 @@ int tls1_cbc_remove_padding(const SSL* s,
unsigned padding_length, good, to_check, i;
const unsigned overhead = 1 /* padding length byte */ + mac_size;
/* Check if version requires explicit IV */
- if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
+ if (s->version >= TLS1_1_VERSION || s->version == DTLS1_BAD_VER)
{
/* These lengths are all public so we can test them in
* non-constant time.
--
1.8.4.2

View file

@ -1,32 +0,0 @@
From 9ab3ce124616cb12bd39c6aa1e1bde0f46969b29 Mon Sep 17 00:00:00 2001
From: Andy Polyakov <appro@openssl.org>
Date: Mon, 18 Mar 2013 19:29:41 +0100
Subject: e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI plaforms.
PR: 3002
(cherry picked from commit 5c60046553716fcf160718f59160493194f212dc)
---
crypto/evp/e_aes_cbc_hmac_sha1.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
index 483e04b..fb2c884 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -328,10 +328,11 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (res!=SHA_CBLOCK) continue;
- mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
+ /* j is not incremented yet */
+ mask = 0-((inp_len+7-j)>>(sizeof(j)*8-1));
data->u[SHA_LBLOCK-1] |= bitlen&mask;
sha1_block_data_order(&key->md,data,1);
- mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
+ mask &= 0-((j-inp_len-72)>>(sizeof(j)*8-1));
pmac->u[0] |= key->md.h0 & mask;
pmac->u[1] |= key->md.h1 & mask;
pmac->u[2] |= key->md.h2 & mask;
--
1.8.4.2

View file

@ -1,393 +0,0 @@
Submitted By: Martin Ward <macros_the_black at ntlworld dot com>
Date: 2013-06-18
Initial Package Version: 1.0.1e
Upstream Status: Unknown
Origin: self, based on fedora
Description: Fixes install with perl-5.18.
diff -Naur openssl-1.0.1e.orig/doc/apps/cms.pod openssl-1.0.1e/doc/apps/cms.pod
--- openssl-1.0.1e.orig/doc/apps/cms.pod 2013-06-06 14:35:15.867871879 +0100
+++ openssl-1.0.1e/doc/apps/cms.pod 2013-06-06 14:35:25.791747119 +0100
@@ -450,28 +450,28 @@
=over 4
-=item 0
+=item C<0>
the operation was completely successfully.
-=item 1
+=item C<1>
an error occurred parsing the command options.
-=item 2
+=item C<2>
one of the input files could not be read.
-=item 3
+=item C<3>
an error occurred creating the CMS file or when reading the MIME
message.
-=item 4
+=item C<4>
an error occurred decrypting or verifying the message.
-=item 5
+=item C<5>
the message was verified correctly but an error occurred writing out
the signers certificates.
diff -Naur openssl-1.0.1e.orig/doc/apps/smime.pod openssl-1.0.1e/doc/apps/smime.pod
--- openssl-1.0.1e.orig/doc/apps/smime.pod 2013-06-06 14:35:15.867871879 +0100
+++ openssl-1.0.1e/doc/apps/smime.pod 2013-06-06 14:35:25.794747082 +0100
@@ -308,28 +308,28 @@
=over 4
-=item 0
+=item C<0>
the operation was completely successfully.
-=item 1
+=item C<1>
an error occurred parsing the command options.
-=item 2
+=item C<2>
one of the input files could not be read.
-=item 3
+=item C<3>
an error occurred creating the PKCS#7 file or when reading the MIME
message.
-=item 4
+=item C<4>
an error occurred decrypting or verifying the message.
-=item 5
+=item C<5>
the message was verified correctly but an error occurred writing out
the signers certificates.
diff -Naur openssl-1.0.1e.orig/doc/crypto/X509_STORE_CTX_get_error.pod openssl-1.0.1e/doc/crypto/X509_STORE_CTX_get_error.pod
--- openssl-1.0.1e.orig/doc/crypto/X509_STORE_CTX_get_error.pod 2013-06-06 14:35:15.874871791 +0100
+++ openssl-1.0.1e/doc/crypto/X509_STORE_CTX_get_error.pod 2013-06-06 14:37:13.826388940 +0100
@@ -278,6 +278,8 @@
an application specific error. This will never be returned unless explicitly
set by an application.
+=back
+
=head1 NOTES
The above functions should be used instead of directly referencing the fields
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_accept.pod openssl-1.0.1e/doc/ssl/SSL_accept.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_accept.pod 2013-06-06 14:35:15.871871829 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_accept.pod 2013-06-06 14:35:25.796747057 +0100
@@ -44,12 +44,12 @@
=over 4
-=item 1
+=item C<1>
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
established.
-=item 0
+=item C<0>
The TLS/SSL handshake was not successful but was shut down controlled and
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_clear.pod openssl-1.0.1e/doc/ssl/SSL_clear.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_clear.pod 2013-06-06 14:35:15.871871829 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_clear.pod 2013-06-06 14:35:25.803746969 +0100
@@ -56,12 +56,12 @@
=over 4
-=item 0
+=item C<0>
The SSL_clear() operation could not be performed. Check the error stack to
find out the reason.
-=item 1
+=item C<1>
The SSL_clear() operation was successful.
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_COMP_add_compression_method.pod openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_COMP_add_compression_method.pod 2013-06-06 14:35:15.870871842 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod 2013-06-06 14:35:25.806746931 +0100
@@ -53,11 +53,11 @@
=over 4
-=item 0
+=item C<0>
The operation succeeded.
-=item 1
+=item C<1>
The operation failed. Check the error queue to find out the reason.
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_connect.pod openssl-1.0.1e/doc/ssl/SSL_connect.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_connect.pod 2013-06-06 14:35:15.869871854 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_connect.pod 2013-06-06 14:35:25.808746906 +0100
@@ -41,12 +41,12 @@
=over 4
-=item 1
+=item C<1>
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
established.
-=item 0
+=item C<0>
The TLS/SSL handshake was not successful but was shut down controlled and
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_CTX_add_session.pod openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_add_session.pod 2013-06-06 14:35:15.871871829 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod 2013-06-06 14:35:25.816746805 +0100
@@ -52,13 +52,13 @@
=over 4
-=item 0
+=item C<0>
The operation failed. In case of the add operation, it was tried to add
the same (identical) session twice. In case of the remove operation, the
session was not found in the cache.
-=item 1
+=item C<1>
The operation succeeded.
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_CTX_load_verify_locations.pod openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_load_verify_locations.pod 2013-06-06 14:35:15.870871842 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod 2013-06-06 14:35:25.818746780 +0100
@@ -100,13 +100,13 @@
=over 4
-=item 0
+=item C<0>
The operation failed because B<CAfile> and B<CApath> are NULL or the
processing at one of the locations specified failed. Check the error
stack to find out the reason.
-=item 1
+=item C<1>
The operation succeeded.
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod 2013-06-06 14:35:15.871871829 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod 2013-06-06 14:35:25.821746742 +0100
@@ -66,11 +66,11 @@
=over 4
-=item 1
+=item C<1>
The operation succeeded.
-=item 0
+=item C<0>
A failure while manipulating the STACK_OF(X509_NAME) object occurred or
the X509_NAME could not be extracted from B<cacert>. Check the error stack
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_session_id_context.pod openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_session_id_context.pod 2013-06-06 14:35:15.871871829 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod 2013-06-06 14:35:25.828746654 +0100
@@ -64,13 +64,13 @@
=over 4
-=item 0
+=item C<0>
The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
is logged to the error stack.
-=item 1
+=item C<1>
The operation succeeded.
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_ssl_version.pod openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_ssl_version.pod 2013-06-06 14:35:15.871871829 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod 2013-06-06 14:35:25.831746617 +0100
@@ -42,11 +42,11 @@
=over 4
-=item 0
+=item C<0>
The new choice failed, check the error stack to find out the reason.
-=item 1
+=item C<1>
The operation succeeded.
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod 2013-06-06 14:35:15.870871842 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod 2013-06-06 14:36:42.456783309 +0100
@@ -81,6 +81,8 @@
Return values from the server callback are interpreted as follows:
+=over
+
=item > 0
PSK identity was found and the server callback has provided the PSK
@@ -94,9 +96,11 @@
connection will fail with decryption_error before it will be finished
completely.
-=item 0
+=item C<0>
PSK identity was not found. An "unknown_psk_identity" alert message
will be sent and the connection setup fails.
+=back
+
=cut
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_do_handshake.pod openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_do_handshake.pod 2013-06-06 14:35:15.869871854 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod 2013-06-06 14:35:25.839746516 +0100
@@ -45,12 +45,12 @@
=over 4
-=item 1
+=item C<1>
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
established.
-=item 0
+=item C<0>
The TLS/SSL handshake was not successful but was shut down controlled and
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_read.pod openssl-1.0.1e/doc/ssl/SSL_read.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_read.pod 2013-06-06 14:35:15.871871829 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_read.pod 2013-06-06 14:35:25.847746415 +0100
@@ -86,7 +86,7 @@
The read operation was successful; the return value is the number of
bytes actually read from the TLS/SSL connection.
-=item 0
+=item C<0>
The read operation was not successful. The reason may either be a clean
shutdown due to a "close notify" alert sent by the peer (in which case
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_session_reused.pod openssl-1.0.1e/doc/ssl/SSL_session_reused.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_session_reused.pod 2013-06-06 14:35:15.871871829 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_session_reused.pod 2013-06-06 14:35:25.849746390 +0100
@@ -27,11 +27,11 @@
=over 4
-=item 0
+=item C<0>
A new session was negotiated.
-=item 1
+=item C<1>
A session was reused.
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_set_fd.pod openssl-1.0.1e/doc/ssl/SSL_set_fd.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_set_fd.pod 2013-06-06 14:35:15.869871854 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_set_fd.pod 2013-06-06 14:35:25.852746353 +0100
@@ -35,11 +35,11 @@
=over 4
-=item 0
+=item C<0>
The operation failed. Check the error stack to find out why.
-=item 1
+=item C<1>
The operation succeeded.
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_set_session.pod openssl-1.0.1e/doc/ssl/SSL_set_session.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_set_session.pod 2013-06-06 14:35:15.870871842 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_set_session.pod 2013-06-06 14:35:25.855746315 +0100
@@ -37,11 +37,11 @@
=over 4
-=item 0
+=item C<0>
The operation failed; check the error stack to find out the reason.
-=item 1
+=item C<1>
The operation succeeded.
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_shutdown.pod openssl-1.0.1e/doc/ssl/SSL_shutdown.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_shutdown.pod 2013-06-06 14:35:15.870871842 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_shutdown.pod 2013-06-06 14:35:25.857746290 +0100
@@ -92,12 +92,12 @@
=over 4
-=item 1
+=item C<1>
The shutdown was successfully completed. The "close notify" alert was sent
and the peer's "close notify" alert was received.
-=item 0
+=item C<0>
The shutdown is not yet finished. Call SSL_shutdown() for a second time,
if a bidirectional shutdown shall be performed.
diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_write.pod openssl-1.0.1e/doc/ssl/SSL_write.pod
--- openssl-1.0.1e.orig/doc/ssl/SSL_write.pod 2013-06-06 14:35:15.870871842 +0100
+++ openssl-1.0.1e/doc/ssl/SSL_write.pod 2013-06-06 14:35:25.865746189 +0100
@@ -79,7 +79,7 @@
The write operation was successful, the return value is the number of
bytes actually written to the TLS/SSL connection.
-=item 0
+=item C<0>
The write operation was not successful. Probably the underlying connection
was closed. Call SSL_get_error() with the return value B<ret> to find out,

View file

@ -0,0 +1,356 @@
Forward-ported from openssl-1.0.1e-perl-5.18.patch
Fixes install with perl-5.18.
https://bugs.gentoo.org/show_bug.cgi?id=497286
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
--- openssl-1.0.1f/doc/apps/cms.pod
+++ openssl-1.0.1f/doc/apps/cms.pod
@@ -450,28 +450,28 @@
=over 4
-=item 0
+=item C<0>
the operation was completely successfully.
-=item 1
+=item C<1>
an error occurred parsing the command options.
-=item 2
+=item C<2>
one of the input files could not be read.
-=item 3
+=item C<3>
an error occurred creating the CMS file or when reading the MIME
message.
-=item 4
+=item C<4>
an error occurred decrypting or verifying the message.
-=item 5
+=item C<5>
the message was verified correctly but an error occurred writing out
the signers certificates.
--- openssl-1.0.1f/doc/apps/smime.pod
+++ openssl-1.0.1f/doc/apps/smime.pod
@@ -308,28 +308,28 @@
=over 4
-=item 0
+=item C<0>
the operation was completely successfully.
-=item 1
+=item C<1>
an error occurred parsing the command options.
-=item 2
+=item C<2>
one of the input files could not be read.
-=item 3
+=item C<3>
an error occurred creating the PKCS#7 file or when reading the MIME
message.
-=item 4
+=item C<4>
an error occurred decrypting or verifying the message.
-=item 5
+=item C<5>
the message was verified correctly but an error occurred writing out
the signers certificates.
--- openssl-1.0.1f/doc/ssl/SSL_accept.pod
+++ openssl-1.0.1f/doc/ssl/SSL_accept.pod
@@ -44,13 +44,13 @@
=over 4
-=item 0
+=item C<0>
The TLS/SSL handshake was not successful but was shut down controlled and
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
return value B<ret> to find out the reason.
-=item 1
+=item C<1>
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
established.
--- openssl-1.0.1f/doc/ssl/SSL_clear.pod
+++ openssl-1.0.1f/doc/ssl/SSL_clear.pod
@@ -56,12 +56,12 @@
=over 4
-=item 0
+=item C<0>
The SSL_clear() operation could not be performed. Check the error stack to
find out the reason.
-=item 1
+=item C<1>
The SSL_clear() operation was successful.
--- openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod
+++ openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod
@@ -53,11 +53,11 @@
=over 4
-=item 0
+=item C<0>
The operation succeeded.
-=item 1
+=item C<1>
The operation failed. Check the error queue to find out the reason.
--- openssl-1.0.1f/doc/ssl/SSL_connect.pod
+++ openssl-1.0.1f/doc/ssl/SSL_connect.pod
@@ -41,13 +41,13 @@
=over 4
-=item 0
+=item C<0>
The TLS/SSL handshake was not successful but was shut down controlled and
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
return value B<ret> to find out the reason.
-=item 1
+=item C<1>
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
established.
--- openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod
+++ openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod
@@ -52,13 +52,13 @@
=over 4
-=item 0
+=item C<0>
The operation failed. In case of the add operation, it was tried to add
the same (identical) session twice. In case of the remove operation, the
session was not found in the cache.
-=item 1
+=item C<1>
The operation succeeded.
--- openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod
+++ openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod
@@ -100,13 +100,13 @@
=over 4
-=item 0
+=item C<0>
The operation failed because B<CAfile> and B<CApath> are NULL or the
processing at one of the locations specified failed. Check the error
stack to find out the reason.
-=item 1
+=item C<1>
The operation succeeded.
--- openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod
+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod
@@ -66,13 +66,13 @@
=over 4
-=item 0
+=item C<0>
A failure while manipulating the STACK_OF(X509_NAME) object occurred or
the X509_NAME could not be extracted from B<cacert>. Check the error stack
to find out the reason.
-=item 1
+=item C<1>
The operation succeeded.
--- openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod
+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod
@@ -64,13 +64,13 @@
=over 4
-=item 0
+=item C<0>
The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
is logged to the error stack.
-=item 1
+=item C<1>
The operation succeeded.
--- openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod
+++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod
@@ -42,11 +42,11 @@
=over 4
-=item 0
+=item C<0>
The new choice failed, check the error stack to find out the reason.
-=item 1
+=item C<1>
The operation succeeded.
--- openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
+++ openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
@@ -96,7 +96,7 @@
connection will fail with decryption_error before it will be finished
completely.
-=item 0
+=item C<0>
PSK identity was not found. An "unknown_psk_identity" alert message
will be sent and the connection setup fails.
--- openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod
+++ openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod
@@ -45,13 +45,13 @@
=over 4
-=item 0
+=item C<0>
The TLS/SSL handshake was not successful but was shut down controlled and
by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
return value B<ret> to find out the reason.
-=item 1
+=item C<1>
The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
established.
--- openssl-1.0.1f/doc/ssl/SSL_read.pod
+++ openssl-1.0.1f/doc/ssl/SSL_read.pod
@@ -86,7 +86,7 @@
The read operation was successful; the return value is the number of
bytes actually read from the TLS/SSL connection.
-=item 0
+=item C<0>
The read operation was not successful. The reason may either be a clean
shutdown due to a "close notify" alert sent by the peer (in which case
--- openssl-1.0.1f/doc/ssl/SSL_session_reused.pod
+++ openssl-1.0.1f/doc/ssl/SSL_session_reused.pod
@@ -27,11 +27,11 @@
=over 4
-=item 0
+=item C<0>
A new session was negotiated.
-=item 1
+=item C<1>
A session was reused.
--- openssl-1.0.1f/doc/ssl/SSL_set_fd.pod
+++ openssl-1.0.1f/doc/ssl/SSL_set_fd.pod
@@ -35,11 +35,11 @@
=over 4
-=item 0
+=item C<0>
The operation failed. Check the error stack to find out why.
-=item 1
+=item C<1>
The operation succeeded.
--- openssl-1.0.1f/doc/ssl/SSL_set_session.pod
+++ openssl-1.0.1f/doc/ssl/SSL_set_session.pod
@@ -37,11 +37,11 @@
=over 4
-=item 0
+=item C<0>
The operation failed; check the error stack to find out the reason.
-=item 1
+=item C<1>
The operation succeeded.
--- openssl-1.0.1f/doc/ssl/SSL_shutdown.pod
+++ openssl-1.0.1f/doc/ssl/SSL_shutdown.pod
@@ -92,14 +92,14 @@
=over 4
-=item 0
+=item C<0>
The shutdown is not yet finished. Call SSL_shutdown() for a second time,
if a bidirectional shutdown shall be performed.
The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
-=item 1
+=item C<1>
The shutdown was successfully completed. The "close notify" alert was sent
and the peer's "close notify" alert was received.
--- openssl-1.0.1f/doc/ssl/SSL_write.pod
+++ openssl-1.0.1f/doc/ssl/SSL_write.pod
@@ -79,7 +79,7 @@
The write operation was successful, the return value is the number of
bytes actually written to the TLS/SSL connection.
-=item 0
+=item C<0>
The write operation was not successful. Probably the underlying connection
was closed. Call SSL_get_error() with the return value B<ret> to find out,