diff options
Diffstat (limited to 'testing')
| -rw-r--r-- | testing/bash/PKGBUILD | 129 | ||||
| -rw-r--r-- | testing/bash/bash.install | 20 | ||||
| -rw-r--r-- | testing/bash/dot.bash_logout | 3 | ||||
| -rw-r--r-- | testing/bash/dot.bash_profile | 5 | ||||
| -rw-r--r-- | testing/bash/dot.bashrc | 9 | ||||
| -rw-r--r-- | testing/bash/system.bash_logout | 3 | ||||
| -rw-r--r-- | testing/bash/system.bashrc | 23 | ||||
| -rw-r--r-- | testing/grep/PKGBUILD | 11 | ||||
| -rw-r--r-- | testing/grep/grep-2.11-exclude-dir-crash.patch | 44 | ||||
| -rw-r--r-- | testing/iproute2/PKGBUILD | 58 | ||||
| -rw-r--r-- | testing/iproute2/fix-ip-l.patch | 27 | ||||
| -rw-r--r-- | testing/iproute2/iproute2-fhs.patch | 84 | ||||
| -rw-r--r-- | testing/iproute2/remove-libnl-headers.patch | 31 | ||||
| -rw-r--r-- | testing/libedit/PKGBUILD | 30 | ||||
| -rw-r--r-- | testing/openssl/PKGBUILD | 67 | ||||
| -rw-r--r-- | testing/openssl/ca-dir.patch | 33 | ||||
| -rw-r--r-- | testing/openssl/fix-manpages.patch | 1920 | ||||
| -rw-r--r-- | testing/openssl/no-rpath.patch | 11 | ||||
| -rw-r--r-- | testing/sudo/PKGBUILD | 8 | ||||
| -rw-r--r-- | testing/usbutils/PKGBUILD | 35 | ||||
| -rw-r--r-- | testing/usbutils/fix-python2.patch | 17 |
21 files changed, 2560 insertions, 8 deletions
diff --git a/testing/bash/PKGBUILD b/testing/bash/PKGBUILD new file mode 100644 index 000000000..c12cd512c --- /dev/null +++ b/testing/bash/PKGBUILD @@ -0,0 +1,129 @@ +# $Id: PKGBUILD 153410 2012-03-13 01:18:55Z allan $ +# Maintainer: Allan McRae <allan@archlinux.org> +# Contributor: Aaron Griffin <aaron@archlinux.org> + +pkgname=bash +_basever=4.2 +_patchlevel=024 #prepare for some patches +pkgver=$_basever.$_patchlevel +pkgrel=1 +pkgdesc="The GNU Bourne Again shell" +arch=('i686' 'x86_64') +license=('GPL') +url="http://www.gnu.org/software/bash/bash.html" +groups=('base') +backup=(etc/bash.bash{rc,_logout} etc/skel/.bash{rc,_profile,_logout}) +depends=('readline>=6.1' 'glibc') +provides=('sh') +install=bash.install +source=(http://ftp.gnu.org/gnu/bash/bash-$_basever.tar.gz{,.sig} + dot.bashrc + dot.bash_profile + dot.bash_logout + system.bashrc + system.bash_logout) +if [ $_patchlevel -gt 000 ]; then + for (( p=1; p<=$((10#${_patchlevel})); p++ )); do + source=(${source[@]} http://ftp.gnu.org/gnu/bash/bash-$_basever-patches/bash${_basever//./}-$(printf "%03d" $p){,.sig}) + done +fi + +build() { + cd ${srcdir}/${pkgname}-$_basever + for (( p=1; p<=$((10#${_patchlevel})); p++ )); do + msg "applying patch bash${_basever//./}-$(printf "%03d" $p)" + patch -Np0 -i $srcdir/bash${_basever//./}-$(printf "%03d" $p) + done + + _bashconfig=(-DDEFAULT_PATH_VALUE=\'\"/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin\"\' + -DSTANDARD_UTILS_PATH=\'\"/usr/bin:/bin:/usr/sbin:/sbin\"\' + -DSYS_BASHRC=\'\"/etc/bash.bashrc\"\' + -DSYS_BASH_LOGOUT=\'\"/etc/bash.bash_logout\"\') + export CFLAGS="${CFLAGS} ${_bashconfig[@]}" + + ./configure --prefix=/usr --with-curses --enable-readline \ + --without-bash-malloc --with-installed-readline \ + --bindir=/bin --mandir=/usr/share/man --infodir=/usr/share/info + make +} + +check() { + cd ${srcdir}/${pkgname}-$_basever + make check +} + +package() { + cd ${srcdir}/${pkgname}-$_basever + make DESTDIR=${pkgdir} install + + # for now, bash is our default /bin/sh + cd ${pkgdir}/bin + ln -s bash sh + + install -dm755 ${pkgdir}/etc/skel/ + + # system-wide configuration files + install -m644 ${srcdir}/system.bashrc ${pkgdir}/etc/bash.bashrc + install -m644 ${srcdir}/system.bash_logout ${pkgdir}/etc/bash.bash_logout + + # user configuration file skeletons + install -m644 ${srcdir}/dot.bashrc ${pkgdir}/etc/skel/.bashrc + install -m644 ${srcdir}/dot.bash_profile ${pkgdir}/etc/skel/.bash_profile + install -m644 ${srcdir}/dot.bash_logout ${pkgdir}/etc/skel/.bash_logout +} + +md5sums=('3fb927c7c33022f1c327f14a81c0d4b0' + '8d37a3f97a48c1e56e1a4ded877ed944' + '027d6bd8f5f6a06b75bb7698cb478089' + '2902e0fee7a9168f3a4fd2ccd60ff047' + '42f4400ed2314bd7519c020d0187edc5' + 'fe5d3a367f7d5f754214dc05e3d958ab' + '472f536d7c9e8250dc4568ec4cfaf294' + '1100bc1dda2cdc06ac44d7e5d17864a3' + 'a7184b76eb4a079f10174a0a8f574819' + '30e7948079921d3261efcc6a40722135' + 'c4d45307f7e69fe508ce347c4cec1955' + '9ea06decec43a198f3d7cf29acc602f8' + '74bddae6eeb9227a04a467d42597a34d' + 'fb48f6134d7b013135929476aa0c250c' + '3e6a18226b16c773229246abd07a1f5e' + 'e70e45de33426b38153b390be0dbbcd4' + 'e667dc9348ebc3e0e14bfdd87f4b6ff2' + 'ce4e5c484993705b27daa151eca242c2' + '41cbd8e57589bc081a546a014ddb12f8' + '88d1f96db29461767602e2546803bda7' + 'b8b781520f4c7493a2a1ac3010a44a44' + '24c574bf6d6a581e300823d9c1276af6' + '354a0899a7c4b446454c52546562b55b' + '4c5835f2fbab36c4292bb334977e5b6d' + 'ff4547ca7b508d52101729d61f5b77b6' + '0a51602b535ef661ee707be6c8bdb373' + 'cec7c92a4d8052ea4b29216365d16566' + '58deacf3d57cbd75575444ff6a3b0806' + '9ed2a08e549c3c17745f19e8413cfb31' + '72d5059820015231483bb7415d09e9db' + '45b04b41a4230f469d3e47ab9952c2df' + '608336ebe215984ef126e3c29d2d3409' + '623f63025d155a84977b62531e260ee2' + 'ed19da878e3f630834c62b9d9dcc6fce' + 'eef2dd4a0e4505dc8f8e664b40c6cd66' + '2d07daba0b8ca8f876d2aa052ff594b4' + '0cb823a44e6dc1cde7ac97ae5c8163c9' + '53d246537e1fffd1aaa02ba5c056211c' + '60f983a1dded5f0b28040ff4b3f1e9b5' + '304fd129a58fee2d8a34f8b4704db0aa' + '9df4bf4f46aaadc436f430187741f815' + '6921a0b4228fe89b6537a5c29f027c89' + '4ef0e2a2cbfbdd53346f927000b7e112' + '1195d85447f3d048d2c9bcd075fa765c' + 'b0f3a651ce29a1feee687d93177870f1' + 'b09000bba08da6ac753124593850cdf7' + '204bb5054d1f8bafe2b446d4e5d0d99a' + '09d3f96a16b881334cfaee0cf320b47e' + 'aab415350bcc2bb0c29943b413499d96' + '597bf71a2aac6feb510b7505cdd3d4f7' + 'b0db384bdedecafbdd70c8d22c56af5f' + '3fab459b4e09daea529cacad025b13b3' + 'bab99835ad6198cb1109fac89a085262' + '4ad8d11e72afc6090e701073ff034cf4' + '5658ef10c9d0d804126ec1ce700e4e2c') diff --git a/testing/bash/bash.install b/testing/bash/bash.install new file mode 100644 index 000000000..bc75e9b6a --- /dev/null +++ b/testing/bash/bash.install @@ -0,0 +1,20 @@ +info_dir=usr/share/info +info_files=(bash.info) + +post_install() { + [ -x usr/bin/install-info ] || return 0 + for f in ${info_files[@]}; do + usr/bin/install-info ${info_dir}/$f.gz ${info_dir}/dir 2> /dev/null + done +} + +post_upgrade() { + post_install $1 +} + +pre_remove() { + [ -x usr/bin/install-info ] || return 0 + for f in ${info_files[@]}; do + usr/bin/install-info --delete ${info_dir}/$f.gz ${info_dir}/dir 2> /dev/null + done +} diff --git a/testing/bash/dot.bash_logout b/testing/bash/dot.bash_logout new file mode 100644 index 000000000..0e4e4f184 --- /dev/null +++ b/testing/bash/dot.bash_logout @@ -0,0 +1,3 @@ +# +# ~/.bash_logout +# diff --git a/testing/bash/dot.bash_profile b/testing/bash/dot.bash_profile new file mode 100644 index 000000000..5545f007e --- /dev/null +++ b/testing/bash/dot.bash_profile @@ -0,0 +1,5 @@ +# +# ~/.bash_profile +# + +[[ -f ~/.bashrc ]] && . ~/.bashrc diff --git a/testing/bash/dot.bashrc b/testing/bash/dot.bashrc new file mode 100644 index 000000000..a355b0cd3 --- /dev/null +++ b/testing/bash/dot.bashrc @@ -0,0 +1,9 @@ +# +# ~/.bashrc +# + +# If not running interactively, don't do anything +[[ $- != *i* ]] && return + +alias ls='ls --color=auto' +PS1='[\u@\h \W]\$ ' diff --git a/testing/bash/system.bash_logout b/testing/bash/system.bash_logout new file mode 100644 index 000000000..a76e48e4a --- /dev/null +++ b/testing/bash/system.bash_logout @@ -0,0 +1,3 @@ +# +# /etc/bash.bash_logout +# diff --git a/testing/bash/system.bashrc b/testing/bash/system.bashrc new file mode 100644 index 000000000..84de2898c --- /dev/null +++ b/testing/bash/system.bashrc @@ -0,0 +1,23 @@ +# +# /etc/bash.bashrc +# + +# If not running interactively, don't do anything +[[ $- != *i* ]] && return + +PS1='[\u@\h \W]\$ ' +PS2='> ' +PS3='> ' +PS4='+ ' + +case ${TERM} in + xterm*|rxvt*|Eterm|aterm|kterm|gnome*) + PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND; }'printf "\033]0;%s@%s:%s\007" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/~}"' + + ;; + screen) + PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND; }'printf "\033_%s@%s:%s\033\\" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/~}"' + ;; +esac + +[ -r /etc/bash_completion ] && . /etc/bash_completion diff --git a/testing/grep/PKGBUILD b/testing/grep/PKGBUILD index fdb2a36ab..511e1b119 100644 --- a/testing/grep/PKGBUILD +++ b/testing/grep/PKGBUILD @@ -1,10 +1,10 @@ -# $Id: PKGBUILD 151764 2012-03-02 11:04:18Z allan $ +# $Id: PKGBUILD 153237 2012-03-12 09:51:20Z allan $ # Maintainer: Allan McRae <allan@archlinux.org> # Contributor: judd <jvinet@zeroflux.org> pkgname=grep pkgver=2.11 -pkgrel=1 +pkgrel=2 pkgdesc="A string search utility" arch=('i686' 'x86_64') license=('GPL3') @@ -13,12 +13,15 @@ groups=('base') depends=('glibc' 'pcre' 'sh') makedepends=('texinfo') install=${pkgname}.install -source=(ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz{,.sig}) +source=(ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz{,.sig} + grep-2.11-exclude-dir-crash.patch) md5sums=('ad9c6dbdeab93e50d2bc380f10ed3643' - 'e4fea5e355973c951f93f48bc86f92fa') + 'e4fea5e355973c951f93f48bc86f92fa' + 'e882644cf8c1a4e37da7ba8c0867e70b') build() { cd ${srcdir}/${pkgname}-${pkgver} + patch -p1 -i $srcdir/grep-2.11-exclude-dir-crash.patch ./configure --prefix=/usr --without-included-regex make } diff --git a/testing/grep/grep-2.11-exclude-dir-crash.patch b/testing/grep/grep-2.11-exclude-dir-crash.patch new file mode 100644 index 000000000..6b1731768 --- /dev/null +++ b/testing/grep/grep-2.11-exclude-dir-crash.patch @@ -0,0 +1,44 @@ +From 12c957f786b12a4dd116f9c40a715d671d17fa16 Mon Sep 17 00:00:00 2001 +From: Allan McRae <allan@archlinux.org> +Date: Mon, 12 Mar 2012 09:28:01 +0100 +Subject: [PATCH] grep: fix segfault with -r --exclude-dir and no file operand + +* src/main.c (grepdir): Don't invoke excluded_file_name on NULL. +* NEWS (Bug fixes): Mention it. +--- + NEWS | 5 +++++ + src/main.c | 2 +- + 2 files changed, 6 insertions(+), 1 deletion(-) + +diff --git a/NEWS b/NEWS +index d0a63d5..d4d70f5 100644 +--- a/NEWS ++++ b/NEWS +@@ -2,6 +2,11 @@ GNU grep NEWS -*- outline -*- + + * Noteworthy changes in release ?.? (????-??-??) [?] + ++** Bug fixes ++ ++ grep no longer segfaults with -r --exclude-dir and no file operand. ++ I.e., ":|grep -r --exclude-dir=D PAT" would segfault. ++ + + * Noteworthy changes in release 2.11 (2012-03-02) [stable] + +diff --git a/src/main.c b/src/main.c +index 2f6c761..f4f1235 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -1361,7 +1361,7 @@ grepdir (char const *dir, struct stats const *stats) + struct stats const *ancestor; + char *name_space; + int status = 1; +- if (excluded_directory_patterns ++ if (dir && excluded_directory_patterns + && excluded_file_name (excluded_directory_patterns, dir)) + return 1; + +-- +1.7.9.3 + diff --git a/testing/iproute2/PKGBUILD b/testing/iproute2/PKGBUILD new file mode 100644 index 000000000..9988299c3 --- /dev/null +++ b/testing/iproute2/PKGBUILD @@ -0,0 +1,58 @@ +# $Id: PKGBUILD 153250 2012-03-12 14:49:33Z ibiru $ +# Maintainer: Ronald van Haren <ronald.archlinux.org> +# Contributor: Judd Vinet <jvinet@zeroflux.org> + +pkgname=iproute2 +pkgver=3.2.0 +pkgrel=3 +pkgdesc="IP Routing Utilities" +arch=('i686' 'x86_64') +license=('GPL2') +url="http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2" +depends=('glibc' 'db' 'libnl') +makedepends=('linux-atm') +optdepends=('linux-atm: ATM support') +provides=('iproute') +conflicts=('iproute') +replaces=('iproute') +options=('!makeflags') +backup=('etc/iproute2/ematch_map' 'etc/iproute2/rt_dsfield' 'etc/iproute2/rt_protos' \ + 'etc/iproute2/rt_realms' 'etc/iproute2/rt_scopes' 'etc/iproute2/rt_tables') +source=(http://www.kernel.org/pub/linux/utils/net/$pkgname/$pkgname-$pkgver.tar.xz + iproute2-fhs.patch + fix-ip-l.patch + remove-libnl-headers.patch) +sha1sums=('1e217f22b0bbfc870ddf746de883ee375cd9e533' + '2416b11252364d7a6c742eabb4a6924a75637a46' + '2ec5513c44f89046438d65e2cda1a014010e3b73' + '1cb89ea0945fd190e6943fa7b1c3a4f254d0c1b3') + +build() { + cd $srcdir/$pkgname-$pkgver + + # set correct fhs structure + patch -Np1 -i "$srcdir/iproute2-fhs.patch" + + #upstream fixes + patch -Np1 -i "$srcdir/fix-ip-l.patch" + patch -Np1 -i "$srcdir/remove-libnl-headers.patch" + + ./configure + + make +} + +package() { + cd $srcdir/$pkgname-$pkgver + + make DESTDIR="$pkgdir" install + + # allow loopback to be started before /usr is mounted, this may not be supported in the future + mkdir -p "$pkgdir/sbin" + mv "$pkgdir/usr/sbin/ip" "$pkgdir/sbin/ip" + ln -s /sbin/ip "$pkgdir/usr/sbin/ip" + + # libnetlink isn't installed, install it FS#19385 + install -Dm644 include/libnetlink.h "$pkgdir/usr/include/libnetlink.h" + install -Dm644 lib/libnetlink.a "$pkgdir/usr/lib/libnetlink.a" +} diff --git a/testing/iproute2/fix-ip-l.patch b/testing/iproute2/fix-ip-l.patch new file mode 100644 index 000000000..7f1749cbb --- /dev/null +++ b/testing/iproute2/fix-ip-l.patch @@ -0,0 +1,27 @@ +From 5aa08f6bf4107f8aec43c0678466a314dbd0d054 Mon Sep 17 00:00:00 2001 +From: Stephen Hemminger <shemminger@vyatta.com> +Date: Fri, 20 Jan 2012 08:16:02 -0800 +Subject: [PATCH] ip: make 'ip l' be 'ip link' + +Restore compatiablity for those lazy typists. +--- + ip/ip.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/ip/ip.c b/ip/ip.c +index 7b4bacb..20dc3b5 100644 +--- a/ip/ip.c ++++ b/ip/ip.c +@@ -72,8 +72,8 @@ static const struct cmd { + { "neighbour", do_ipneigh }, + { "ntable", do_ipntable }, + { "ntbl", do_ipntable }, +- { "l2tp", do_ipl2tp }, + { "link", do_iplink }, ++ { "l2tp", do_ipl2tp }, + { "tunnel", do_iptunnel }, + { "tunl", do_iptunnel }, + { "tuntap", do_iptuntap }, +-- +1.7.6.5 + diff --git a/testing/iproute2/iproute2-fhs.patch b/testing/iproute2/iproute2-fhs.patch new file mode 100644 index 000000000..2608414db --- /dev/null +++ b/testing/iproute2/iproute2-fhs.patch @@ -0,0 +1,84 @@ +diff -Naur iproute2.old/Makefile iproute2-2.6.29/Makefile +--- iproute2.old/Makefile 2009-11-11 22:05:21.251407668 +0100 ++++ iproute2-2.6.29/Makefile 2009-11-11 22:07:09.891833516 +0100 +@@ -1,11 +1,12 @@ + DESTDIR=/usr/ + ROOTDIR=$(DESTDIR) + LIBDIR=/usr/lib/ +-SBINDIR=/sbin ++SBINDIR=/usr/sbin + CONFDIR=/etc/iproute2 +-DOCDIR=/share/doc/iproute2 +-MANDIR=/share/man ++DOCDIR=/usr/share/doc/iproute2 ++MANDIR=/usr/share/man + ARPDDIR=/var/lib/arpd ++SHAREDIR=/usr/share + + # Path to db_185.h include + DBM_INCLUDE:=$(ROOTDIR)/usr/include +diff -Naur iproute2.old/tc/tc_util.c iproute2-2.6.29/tc/tc_util.c +--- iproute2.old/tc/tc_util.c 2009-11-11 22:05:21.298076943 +0100 ++++ iproute2-2.6.29/tc/tc_util.c 2009-11-11 22:09:32.865152646 +0100 +@@ -24,8 +24,8 @@ + #include "utils.h" + #include "tc_util.h" + +-#ifndef LIBDIR +-#define LIBDIR "/usr/lib/" ++#ifndef SHAREDIR ++#define SHAREDIR "/usr/share" + #endif + + const char *get_tc_lib(void) +@@ -34,7 +34,7 @@ + + lib_dir = getenv("TC_LIB_DIR"); + if (!lib_dir) +- lib_dir = LIBDIR "/tc/"; ++ lib_dir = SHAREDIR "/tc/"; + + return lib_dir; + } +diff -Naur iproute2.old/netem/Makefile iproute2-2.6.35/netem/Makefile +--- iproute2.old/netem/Makefile 2010-08-06 11:30:48.640940183 +0200 ++++ iproute2-2.6.35/netem/Makefile 2010-08-06 11:32:34.210908892 +0200 +@@ -20,9 +20,9 @@ + $(HOSTCC) $(CCOPTS) -I../include -o $@ $@.c -lm + + install: all +- mkdir -p $(DESTDIR)$(LIBDIR)/tc ++ mkdir -p $(DESTDIR)$(SHAREDIR)/tc + for i in $(DISTDATA); \ +- do install -m 644 $$i $(DESTDIR)$(LIBDIR)/tc; \ ++ do install -m 644 $$i $(DESTDIR)$(SHAREDIR)/tc; \ + done + + clean: +diff -Naur iproute2.old/tc/Makefile iproute2-2.6.35/tc/Makefile +--- iproute2.old/tc/Makefile 2010-08-06 11:48:35.607472252 +0200 ++++ iproute2-2.6.35/tc/Makefile 2010-08-06 11:49:36.977473380 +0200 +@@ -99,18 +99,11 @@ + $(AR) rcs $@ $(TCLIB) + + install: all +- mkdir -p $(MODDESTDIR) +- install -m 0755 tc $(DESTDIR)$(SBINDIR) +- for i in $(TCSO); \ +- do install -m 755 $$i $(MODDESTDIR); \ +- done +- if [ ! -f $(MODDESTDIR)/m_ipt.so ]; then \ +- if [ -f $(MODDESTDIR)/m_xt.so ]; \ +- then ln -s m_xt.so $(MODDESTDIR)/m_ipt.so ; \ +- elif [ -f $(MODDESTDIR)/m_xt_old.so ]; \ +- then ln -s m_xt_old.so $(MODDESTDIR)/m_ipt.so ; \ +- fi; \ +- fi ++ mkdir -p $(DESTDIR)$(LIBDIR)/tc ++ install -m 0755 tc $(DESTDIR)$(SBINDIR) ++ for i in $(TCSO); \ ++ do install -m 755 $$i $(DESTDIR)$(LIBDIR)/tc; \ ++ done + + clean: + rm -f $(TCOBJ) $(TCLIB) libtc.a tc *.so emp_ematch.yacc.h; \ diff --git a/testing/iproute2/remove-libnl-headers.patch b/testing/iproute2/remove-libnl-headers.patch new file mode 100644 index 000000000..921e1fa82 --- /dev/null +++ b/testing/iproute2/remove-libnl-headers.patch @@ -0,0 +1,31 @@ +From 13603f6a9e46f08576f6284a0ef1ce1fbf94ffe0 Mon Sep 17 00:00:00 2001 +From: Stephen Hemminger <shemminger@vyatta.com> +Date: Tue, 10 Jan 2012 08:50:49 -0800 +Subject: [PATCH] iplt2p: remove unused libnl headers + +Leftover from change to original code. +--- + ip/ipl2tp.c | 7 ------- + 1 files changed, 0 insertions(+), 7 deletions(-) + +diff --git a/ip/ipl2tp.c b/ip/ipl2tp.c +index 042ddb4..97f98b6 100644 +--- a/ip/ipl2tp.c ++++ b/ip/ipl2tp.c +@@ -23,13 +23,6 @@ + #include <linux/if_arp.h> + #include <linux/ip.h> + +-#include <netlink/netlink.h> +-#include <netlink/genl/genl.h> +-#include <netlink/genl/family.h> +-#include <netlink/genl/mngt.h> +-#include <netlink/genl/ctrl.h> +-#include <netlink/utils.h> +- + #include <linux/genetlink.h> + #include <linux/l2tp.h> + +-- +1.7.6.5 + diff --git a/testing/libedit/PKGBUILD b/testing/libedit/PKGBUILD new file mode 100644 index 000000000..a1de65d9f --- /dev/null +++ b/testing/libedit/PKGBUILD @@ -0,0 +1,30 @@ +# $Id: PKGBUILD 153246 2012-03-12 13:49:58Z bisson $ +# Maintainer: Gaetan Bisson <bisson@archlinux.org> +# Maintainer: Vesa Kaihlavirta <vesa@archlinux.org> +# Contributor: Roman Cheplyaka <roma@ro-che.info> + +pkgname=libedit +pkgver=20120311_3.0 +pkgrel=1 +pkgdesc='Command line editor library providing generic line editing, history, and tokenization functions' +url='http://www.thrysoee.dk/editline/' +arch=('i686' 'x86_64') +license=('BSD') +depends=('ncurses') +options=('!libtool') +source=("http://www.thrysoee.dk/editline/libedit-${pkgver/_/-}.tar.gz") +sha1sums=('2a4be10c33af5e3b09c1d3c8829b02fe5b41796b') + +build() { + cd "${srcdir}/${pkgname}-${pkgver/_/-}" + ./configure --prefix=/usr --enable-widec --enable-static=no + make +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver/_/-}" + make prefix="${pkgdir}"/usr install + + cp "${pkgdir}"/usr/share/man/man3/editline.3 "${pkgdir}"/usr/share/man/man3/el.3 + install -Dm644 COPYING "${pkgdir}"/usr/share/licenses/libedit/LICENSE +} diff --git a/testing/openssl/PKGBUILD b/testing/openssl/PKGBUILD new file mode 100644 index 000000000..1e12fc78f --- /dev/null +++ b/testing/openssl/PKGBUILD @@ -0,0 +1,67 @@ +# $Id: PKGBUILD 153275 2012-03-12 20:24:11Z pierre $ +# Maintainer: Pierre Schmitz <pierre@archlinux.de> + +pkgname=openssl +_ver=1.0.0h +# use a pacman compatible version scheme +pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}} +pkgrel=1 +pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security' +arch=('i686' 'x86_64') +url='https://www.openssl.org' +license=('custom:BSD') +depends=('perl') +optdepends=('ca-certificates') +options=('!makeflags') +backup=('etc/ssl/openssl.cnf') +source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz" + "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc" + 'fix-manpages.patch' + 'no-rpath.patch' + 'ca-dir.patch') +md5sums=('a5bc483c570f2ac3758ce5c19b667fab' + 'ed51bb7b3ed58f5e1e1b642050bdd7c1' + '5bbc0655bda2af95bc8eb568963ce8ba' + 'dc78d3d06baffc16217519242ce92478' + '3bf51be3a1bbd262be46dc619f92aa90') + +build() { + cd $srcdir/$pkgname-$_ver + + if [ "${CARCH}" == 'x86_64' ]; then + openssltarget='linux-x86_64' + elif [ "${CARCH}" == 'i686' ]; then + openssltarget='linux-elf' + fi + + # avoid conflicts with other man pages + # see http://www.linuxfromscratch.org/patches/downloads/openssl/ + patch -p1 -i $srcdir/fix-manpages.patch + # remove rpath: http://bugs.archlinux.org/task/14367 + patch -p0 -i $srcdir/no-rpath.patch + # set ca dir to /etc/ssl by default + patch -p0 -i $srcdir/ca-dir.patch + # mark stack as non-executable: http://bugs.archlinux.org/task/12434 + ./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \ + shared zlib enable-md2 \ + "${openssltarget}" \ + -Wa,--noexecstack "${CFLAGS}" "${LDFLAGS}" + + make depend + make +} + +check() { + cd $srcdir/$pkgname-$_ver + # the test fails due to missing write permissions in /etc/ssl + # revert this patch for make test + patch -p0 -R -i $srcdir/ca-dir.patch + make test + patch -p0 -i $srcdir/ca-dir.patch +} + +package() { + cd $srcdir/$pkgname-$_ver + make INSTALL_PREFIX=$pkgdir MANDIR=/usr/share/man install + install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE +} diff --git a/testing/openssl/ca-dir.patch b/testing/openssl/ca-dir.patch new file mode 100644 index 000000000..41d1386d3 --- /dev/null +++ b/testing/openssl/ca-dir.patch @@ -0,0 +1,33 @@ +--- apps/CA.pl.in 2006-04-28 02:30:49.000000000 +0200 ++++ apps/CA.pl.in 2010-04-01 00:35:02.600553509 +0200 +@@ -53,7 +53,7 @@ + $X509="$openssl x509"; + $PKCS12="$openssl pkcs12"; + +-$CATOP="./demoCA"; ++$CATOP="/etc/ssl"; + $CAKEY="cakey.pem"; + $CAREQ="careq.pem"; + $CACERT="cacert.pem"; +--- apps/CA.sh 2009-10-15 19:27:47.000000000 +0200 ++++ apps/CA.sh 2010-04-01 00:35:02.600553509 +0200 +@@ -68,7 +68,7 @@ + X509="$OPENSSL x509" + PKCS12="openssl pkcs12" + +-if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi ++if [ -z "$CATOP" ] ; then CATOP=/etc/ssl ; fi + CAKEY=./cakey.pem + CAREQ=./careq.pem + CACERT=./cacert.pem +--- apps/openssl.cnf 2009-04-04 20:09:43.000000000 +0200 ++++ apps/openssl.cnf 2010-04-01 00:35:02.607220681 +0200 +@@ -39,7 +39,7 @@ + #################################################################### + [ CA_default ] + +-dir = ./demoCA # Where everything is kept ++dir = /etc/ssl # Where everything is kept + certs = $dir/certs # Where the issued certs are kept + crl_dir = $dir/crl # Where the issued crl are kept + database = $dir/index.txt # database index file. diff --git a/testing/openssl/fix-manpages.patch b/testing/openssl/fix-manpages.patch new file mode 100644 index 000000000..0a300f3b9 --- /dev/null +++ b/testing/openssl/fix-manpages.patch @@ -0,0 +1,1920 @@ +Submitted By: Robert Connolly <robert at linuxfromscratch dot org> +Date: 2005-11-13 +Initial Package Version: 0.9.8a +Upstream Status: Submitted upstream +Origin: Anderson Lizardo +Description: This patch fixes conflicts between man pages + installed by OpenSSL and those found on other + packages (particulary Shadow, Perl, and + Man-pages). It also fixes syntax errors on some + POD files that generates slightly broken man + pages. Rediffed for 1.0.0a by Ken Moffat + +diff -Naur openssl-1.0.0a.orig//crypto/rand/md_rand.c openssl-1.0.0a/crypto/rand/md_rand.c +--- openssl-1.0.0a.orig//crypto/rand/md_rand.c 2009-01-03 09:25:32.000000000 +0000 ++++ openssl-1.0.0a/crypto/rand/md_rand.c 2010-09-01 19:36:31.604126440 +0100 +@@ -196,7 +196,7 @@ + int do_not_lock; + + /* +- * (Based on the rand(3) manpage) ++ * (Based on the openssl_rand(3) manpage) + * + * The input is chopped up into units of 20 bytes (or less for + * the last block). Each of these blocks is run through the hash +@@ -361,7 +361,7 @@ + num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2); + + /* +- * (Based on the rand(3) manpage:) ++ * (Based on the openssl_rand(3) manpage) + * + * For each group of 10 bytes (or less), we do the following: + * +diff -Naur openssl-1.0.0a.orig//doc/apps/openssl-passwd.pod openssl-1.0.0a/doc/apps/openssl-passwd.pod +--- openssl-1.0.0a.orig//doc/apps/openssl-passwd.pod 1970-01-01 01:00:00.000000000 +0100 ++++ openssl-1.0.0a/doc/apps/openssl-passwd.pod 2010-09-01 19:36:31.608126088 +0100 +@@ -0,0 +1,82 @@ ++=pod ++ ++=head1 NAME ++ ++openssl-passwd - compute password hashes ++ ++=head1 SYNOPSIS ++ ++B<openssl passwd> ++[B<-crypt>] ++[B<-1>] ++[B<-apr1>] ++[B<-salt> I<string>] ++[B<-in> I<file>] ++[B<-stdin>] ++[B<-noverify>] ++[B<-quiet>] ++[B<-table>] ++{I<password>} ++ ++=head1 DESCRIPTION ++ ++The B<passwd> command computes the hash of a password typed at ++run-time or the hash of each password in a list. The password list is ++taken from the named file for option B<-in file>, from stdin for ++option B<-stdin>, or from the command line, or from the terminal otherwise. ++The Unix standard algorithm B<crypt> and the MD5-based BSD password ++algorithm B<1> and its Apache variant B<apr1> are available. ++ ++=head1 OPTIONS ++ ++=over 4 ++ ++=item B<-crypt> ++ ++Use the B<crypt> algorithm (default). ++ ++=item B<-1> ++ ++Use the MD5 based BSD password algorithm B<1>. ++ ++=item B<-apr1> ++ ++Use the B<apr1> algorithm (Apache variant of the BSD algorithm). ++ ++=item B<-salt> I<string> ++ ++Use the specified salt. ++When reading a password from the terminal, this implies B<-noverify>. ++ ++=item B<-in> I<file> ++ ++Read passwords from I<file>. ++ ++=item B<-stdin> ++ ++Read passwords from B<stdin>. ++ ++=item B<-noverify> ++ ++Don't verify when reading a password from the terminal. ++ ++=item B<-quiet> ++ ++Don't output warnings when passwords given at the command line are truncated. ++ ++=item B<-table> ++ ++In the output list, prepend the cleartext password and a TAB character ++to each password hash. ++ ++=back ++ ++=head1 EXAMPLES ++ ++B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>. ++ ++B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>. ++ ++B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>. ++ ++=cut +diff -Naur openssl-1.0.0a.orig//doc/apps/openssl.pod openssl-1.0.0a/doc/apps/openssl.pod +--- openssl-1.0.0a.orig//doc/apps/openssl.pod 2010-01-21 18:46:28.000000000 +0000 ++++ openssl-1.0.0a/doc/apps/openssl.pod 2010-09-01 19:36:31.608126088 +0100 +@@ -163,7 +163,7 @@ + + Online Certificate Status Protocol utility. + +-=item L<B<passwd>|passwd(1)> ++=item L<B<passwd>|openssl-passwd(1)> + + Generation of hashed passwords. + +@@ -401,7 +401,7 @@ + L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>, + L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>, L<genpkey(1)|genpkey(1)>, + L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>, +-L<passwd(1)|passwd(1)>, ++L<openssl-passwd(1)|openssl-passwd(1)>, + L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>, + L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>, + L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>, +diff -Naur openssl-1.0.0a.orig//doc/apps/passwd.pod openssl-1.0.0a/doc/apps/passwd.pod +--- openssl-1.0.0a.orig//doc/apps/passwd.pod 2002-10-04 13:59:00.000000000 +0100 ++++ openssl-1.0.0a/doc/apps/passwd.pod 1970-01-01 01:00:00.000000000 +0100 +@@ -1,82 +0,0 @@ +-=pod +- +-=head1 NAME +- +-passwd - compute password hashes +- +-=head1 SYNOPSIS +- +-B<openssl passwd> +-[B<-crypt>] +-[B<-1>] +-[B<-apr1>] +-[B<-salt> I<string>] +-[B<-in> I<file>] +-[B<-stdin>] +-[B<-noverify>] +-[B<-quiet>] +-[B<-table>] +-{I<password>} +- +-=head1 DESCRIPTION +- +-The B<passwd> command computes the hash of a password typed at +-run-time or the hash of each password in a list. The password list is +-taken from the named file for option B<-in file>, from stdin for +-option B<-stdin>, or from the command line, or from the terminal otherwise. +-The Unix standard algorithm B<crypt> and the MD5-based BSD password +-algorithm B<1> and its Apache variant B<apr1> are available. +- +-=head1 OPTIONS +- +-=over 4 +- +-=item B<-crypt> +- +-Use the B<crypt> algorithm (default). +- +-=item B<-1> +- +-Use the MD5 based BSD password algorithm B<1>. +- +-=item B<-apr1> +- +-Use the B<apr1> algorithm (Apache variant of the BSD algorithm). +- +-=item B<-salt> I<string> +- +-Use the specified salt. +-When reading a password from the terminal, this implies B<-noverify>. +- +-=item B<-in> I<file> +- +-Read passwords from I<file>. +- +-=item B<-stdin> +- +-Read passwords from B<stdin>. +- +-=item B<-noverify> +- +-Don't verify when reading a password from the terminal. +- +-=item B<-quiet> +- +-Don't output warnings when passwords given at the command line are truncated. +- +-=item B<-table> +- +-In the output list, prepend the cleartext password and a TAB character +-to each password hash. +- +-=back +- +-=head1 EXAMPLES +- +-B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>. +- +-B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>. +- +-B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>. +- +-=cut +diff -Naur openssl-1.0.0a.orig//doc/crypto/BN_generate_prime.pod openssl-1.0.0a/doc/crypto/BN_generate_prime.pod +--- openssl-1.0.0a.orig//doc/crypto/BN_generate_prime.pod 2003-01-13 13:18:22.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/BN_generate_prime.pod 2010-09-01 19:36:31.608126088 +0100 +@@ -90,7 +90,7 @@ + + =head1 SEE ALSO + +-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)> ++L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/bn.pod openssl-1.0.0a/doc/crypto/bn.pod +--- openssl-1.0.0a.orig//doc/crypto/bn.pod 2008-07-03 20:59:24.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/bn.pod 2010-09-01 19:36:31.620125025 +0100 +@@ -167,7 +167,7 @@ + =head1 SEE ALSO + + L<bn_internal(3)|bn_internal(3)>, +-L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, ++L<dh(3)|dh(3)>, L<openssl_err(3)|openssl_err(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, + L<BN_new(3)|BN_new(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>, + L<BN_copy(3)|BN_copy(3)>, L<BN_swap(3)|BN_swap(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>, + L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>, +diff -Naur openssl-1.0.0a.orig//doc/crypto/BN_rand.pod openssl-1.0.0a/doc/crypto/BN_rand.pod +--- openssl-1.0.0a.orig//doc/crypto/BN_rand.pod 2002-09-25 14:33:26.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/BN_rand.pod 2010-09-01 19:36:31.608126088 +0100 +@@ -45,7 +45,7 @@ + + =head1 SEE ALSO + +-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, ++L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, + L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/CONF_modules_free.pod openssl-1.0.0a/doc/crypto/CONF_modules_free.pod +--- openssl-1.0.0a.orig//doc/crypto/CONF_modules_free.pod 2006-12-21 21:13:27.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/CONF_modules_free.pod 2010-09-01 19:36:31.608126088 +0100 +@@ -37,7 +37,7 @@ + =head1 SEE ALSO + + L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>, +-L<CONF_modules_load_file(3), CONF_modules_load_file(3)> ++L<CONF_modules_load_file(3)|CONF_modules_load_file(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/CONF_modules_load_file.pod openssl-1.0.0a/doc/crypto/CONF_modules_load_file.pod +--- openssl-1.0.0a.orig//doc/crypto/CONF_modules_load_file.pod 2004-03-02 13:31:32.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/CONF_modules_load_file.pod 2010-09-01 19:36:31.608126088 +0100 +@@ -51,7 +51,7 @@ + =head1 SEE ALSO + + L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>, +-L<CONF_free(3), CONF_free(3)>, L<err(3),err(3)> ++L<CONF_free(3)|CONF_free(3)>, L<openssl_err(3)|openssl_err(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/crypto.pod openssl-1.0.0a/doc/crypto/crypto.pod +--- openssl-1.0.0a.orig//doc/crypto/crypto.pod 2002-10-06 13:59:25.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/crypto.pod 2010-09-01 19:36:31.620125025 +0100 +@@ -46,7 +46,7 @@ + + =item AUXILIARY FUNCTIONS + +-L<err(3)|err(3)>, L<threads(3)|threads(3)>, L<rand(3)|rand(3)>, ++L<openssl_err(3)|openssl_err(3)>, L<openssl_threads(3)|openssl_threads(3)>, L<openssl_rand(3)|openssl_rand(3)>, + L<OPENSSL_VERSION_NUMBER(3)|OPENSSL_VERSION_NUMBER(3)> + + =item INPUT/OUTPUT, DATA ENCODING +diff -Naur openssl-1.0.0a.orig//doc/crypto/des.pod openssl-1.0.0a/doc/crypto/des.pod +--- openssl-1.0.0a.orig//doc/crypto/des.pod 2003-10-01 16:02:45.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/des.pod 2010-09-01 19:36:31.620125025 +0100 +@@ -115,7 +115,7 @@ + the key; it is used to speed the encryption process. + + DES_random_key() generates a random key. The PRNG must be seeded +-prior to using this function (see L<rand(3)|rand(3)>). If the PRNG ++prior to using this function (see L<openssl_rand(3)|openssl_rand(3)>). If the PRNG + could not generate a secure key, 0 is returned. + + Before a DES key can be used, it must be converted into the +@@ -317,7 +317,7 @@ + + =head1 SEE ALSO + +-crypt(3), L<des_modes(7)|des_modes(7)>, L<evp(3)|evp(3)>, L<rand(3)|rand(3)> ++crypt(3), L<des_modes(7)|des_modes(7)>, L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/DH_generate_key.pod openssl-1.0.0a/doc/crypto/DH_generate_key.pod +--- openssl-1.0.0a.orig//doc/crypto/DH_generate_key.pod 2002-09-25 14:33:27.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/DH_generate_key.pod 2010-09-01 19:36:31.608126088 +0100 +@@ -40,7 +40,7 @@ + + =head1 SEE ALSO + +-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_size(3)|DH_size(3)> ++L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<DH_size(3)|DH_size(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/DH_generate_parameters.pod openssl-1.0.0a/doc/crypto/DH_generate_parameters.pod +--- openssl-1.0.0a.orig//doc/crypto/DH_generate_parameters.pod 2002-09-25 14:33:27.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/DH_generate_parameters.pod 2010-09-01 19:36:31.608126088 +0100 +@@ -59,7 +59,7 @@ + + =head1 SEE ALSO + +-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, ++L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, + L<DH_free(3)|DH_free(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/dh.pod openssl-1.0.0a/doc/crypto/dh.pod +--- openssl-1.0.0a.orig//doc/crypto/dh.pod 2002-08-05 17:27:01.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/dh.pod 2010-09-01 19:36:31.620125025 +0100 +@@ -67,8 +67,8 @@ + + =head1 SEE ALSO + +-L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>, +-L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>, ++L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<openssl_err(3)|openssl_err(3)>, ++L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>, + L<DH_set_method(3)|DH_set_method(3)>, L<DH_new(3)|DH_new(3)>, + L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>, + L<DH_generate_parameters(3)|DH_generate_parameters(3)>, +diff -Naur openssl-1.0.0a.orig//doc/crypto/DSA_do_sign.pod openssl-1.0.0a/doc/crypto/DSA_do_sign.pod +--- openssl-1.0.0a.orig//doc/crypto/DSA_do_sign.pod 2002-09-25 14:33:27.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/DSA_do_sign.pod 2010-09-01 19:36:31.608126088 +0100 +@@ -36,7 +36,7 @@ + + =head1 SEE ALSO + +-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, ++L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, + L<DSA_SIG_new(3)|DSA_SIG_new(3)>, + L<DSA_sign(3)|DSA_sign(3)> + +diff -Naur openssl-1.0.0a.orig//doc/crypto/DSA_generate_key.pod openssl-1.0.0a/doc/crypto/DSA_generate_key.pod +--- openssl-1.0.0a.orig//doc/crypto/DSA_generate_key.pod 2002-09-25 14:33:27.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/DSA_generate_key.pod 2010-09-01 19:36:31.608126088 +0100 +@@ -24,7 +24,7 @@ + + =head1 SEE ALSO + +-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, ++L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, + L<DSA_generate_parameters(3)|DSA_generate_parameters(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/DSA_generate_parameters.pod openssl-1.0.0a/doc/crypto/DSA_generate_parameters.pod +--- openssl-1.0.0a.orig//doc/crypto/DSA_generate_parameters.pod 2002-09-25 14:33:27.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/DSA_generate_parameters.pod 2010-09-01 19:36:31.608126088 +0100 +@@ -90,7 +90,7 @@ + + =head1 SEE ALSO + +-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, ++L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, + L<DSA_free(3)|DSA_free(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/dsa.pod openssl-1.0.0a/doc/crypto/dsa.pod +--- openssl-1.0.0a.orig//doc/crypto/dsa.pod 2002-08-05 17:27:01.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/dsa.pod 2010-09-01 19:36:31.620125025 +0100 +@@ -100,7 +100,7 @@ + + =head1 SEE ALSO + +-L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, ++L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<openssl_err(3)|openssl_err(3)>, L<openssl_rand(3)|openssl_rand(3)>, + L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<engine(3)|engine(3)>, + L<DSA_new(3)|DSA_new(3)>, + L<DSA_size(3)|DSA_size(3)>, +diff -Naur openssl-1.0.0a.orig//doc/crypto/DSA_sign.pod openssl-1.0.0a/doc/crypto/DSA_sign.pod +--- openssl-1.0.0a.orig//doc/crypto/DSA_sign.pod 2002-09-25 14:33:27.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/DSA_sign.pod 2010-09-01 19:36:31.608126088 +0100 +@@ -55,7 +55,7 @@ + + =head1 SEE ALSO + +-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, ++L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, + L<DSA_do_sign(3)|DSA_do_sign(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/engine.pod openssl-1.0.0a/doc/crypto/engine.pod +--- openssl-1.0.0a.orig//doc/crypto/engine.pod 2007-11-19 09:18:03.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/engine.pod 2010-09-01 19:36:31.620125025 +0100 +@@ -594,6 +594,6 @@ + + =head1 SEE ALSO + +-L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<rand(3)|rand(3)> ++L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<openssl_rand(3)|openssl_rand(3)> + + =cut +diff -Naur openssl-1.0.0a.orig//doc/crypto/ERR_clear_error.pod openssl-1.0.0a/doc/crypto/ERR_clear_error.pod +--- openssl-1.0.0a.orig//doc/crypto/ERR_clear_error.pod 2000-02-01 01:36:58.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/ERR_clear_error.pod 2010-09-01 19:36:31.612125737 +0100 +@@ -20,7 +20,7 @@ + + =head1 SEE ALSO + +-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)> ++L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/ERR_error_string.pod openssl-1.0.0a/doc/crypto/ERR_error_string.pod +--- openssl-1.0.0a.orig//doc/crypto/ERR_error_string.pod 2004-11-14 15:11:37.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/ERR_error_string.pod 2010-09-01 19:36:31.612125737 +0100 +@@ -60,7 +60,7 @@ + + =head1 SEE ALSO + +-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, ++L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, + L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>, + L<SSL_load_error_strings(3)|SSL_load_error_strings(3)> + L<ERR_print_errors(3)|ERR_print_errors(3)> +diff -Naur openssl-1.0.0a.orig//doc/crypto/ERR_get_error.pod openssl-1.0.0a/doc/crypto/ERR_get_error.pod +--- openssl-1.0.0a.orig//doc/crypto/ERR_get_error.pod 2002-11-29 14:21:54.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/ERR_get_error.pod 2010-09-01 19:36:31.612125737 +0100 +@@ -61,7 +61,7 @@ + + =head1 SEE ALSO + +-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>, ++L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>, + L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/ERR_GET_LIB.pod openssl-1.0.0a/doc/crypto/ERR_GET_LIB.pod +--- openssl-1.0.0a.orig//doc/crypto/ERR_GET_LIB.pod 2000-02-01 01:36:58.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/ERR_GET_LIB.pod 2010-09-01 19:36:31.612125737 +0100 +@@ -41,7 +41,7 @@ + + =head1 SEE ALSO + +-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)> ++L<openssl_err(3)|openssl_err(3)>, L<ERR_get_error(3)|ERR_get_error(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/ERR_load_crypto_strings.pod openssl-1.0.0a/doc/crypto/ERR_load_crypto_strings.pod +--- openssl-1.0.0a.orig//doc/crypto/ERR_load_crypto_strings.pod 2000-02-24 11:55:08.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/ERR_load_crypto_strings.pod 2010-09-01 19:36:31.612125737 +0100 +@@ -35,7 +35,7 @@ + + =head1 SEE ALSO + +-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)> ++L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/ERR_load_strings.pod openssl-1.0.0a/doc/crypto/ERR_load_strings.pod +--- openssl-1.0.0a.orig//doc/crypto/ERR_load_strings.pod 2000-02-24 11:55:08.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/ERR_load_strings.pod 2010-09-01 19:36:31.612125737 +0100 +@@ -43,7 +43,7 @@ + + =head1 SEE ALSO + +-L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)> ++L<openssl_err(3)|openssl_err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/err.pod openssl-1.0.0a/doc/crypto/err.pod +--- openssl-1.0.0a.orig//doc/crypto/err.pod 2002-07-10 20:35:46.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/err.pod 1970-01-01 01:00:00.000000000 +0100 +@@ -1,187 +0,0 @@ +-=pod +- +-=head1 NAME +- +-err - error codes +- +-=head1 SYNOPSIS +- +- #include <openssl/err.h> +- +- unsigned long ERR_get_error(void); +- unsigned long ERR_peek_error(void); +- unsigned long ERR_get_error_line(const char **file, int *line); +- unsigned long ERR_peek_error_line(const char **file, int *line); +- unsigned long ERR_get_error_line_data(const char **file, int *line, +- const char **data, int *flags); +- unsigned long ERR_peek_error_line_data(const char **file, int *line, +- const char **data, int *flags); +- +- int ERR_GET_LIB(unsigned long e); +- int ERR_GET_FUNC(unsigned long e); +- int ERR_GET_REASON(unsigned long e); +- +- void ERR_clear_error(void); +- +- char *ERR_error_string(unsigned long e, char *buf); +- const char *ERR_lib_error_string(unsigned long e); +- const char *ERR_func_error_string(unsigned long e); +- const char *ERR_reason_error_string(unsigned long e); +- +- void ERR_print_errors(BIO *bp); +- void ERR_print_errors_fp(FILE *fp); +- +- void ERR_load_crypto_strings(void); +- void ERR_free_strings(void); +- +- void ERR_remove_state(unsigned long pid); +- +- void ERR_put_error(int lib, int func, int reason, const char *file, +- int line); +- void ERR_add_error_data(int num, ...); +- +- void ERR_load_strings(int lib,ERR_STRING_DATA str[]); +- unsigned long ERR_PACK(int lib, int func, int reason); +- int ERR_get_next_error_library(void); +- +-=head1 DESCRIPTION +- +-When a call to the OpenSSL library fails, this is usually signalled +-by the return value, and an error code is stored in an error queue +-associated with the current thread. The B<err> library provides +-functions to obtain these error codes and textual error messages. +- +-The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to +-access error codes. +- +-Error codes contain information about where the error occurred, and +-what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to +-extract this information. A method to obtain human-readable error +-messages is described in L<ERR_error_string(3)|ERR_error_string(3)>. +- +-L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the +-error queue. +- +-Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to +-avoid memory leaks when threads are terminated. +- +-=head1 ADDING NEW ERROR CODES TO OPENSSL +- +-See L<ERR_put_error(3)> if you want to record error codes in the +-OpenSSL error system from within your application. +- +-The remainder of this section is of interest only if you want to add +-new error codes to OpenSSL or add error codes from external libraries. +- +-=head2 Reporting errors +- +-Each sub-library has a specific macro XXXerr() that is used to report +-errors. Its first argument is a function code B<XXX_F_...>, the second +-argument is a reason code B<XXX_R_...>. Function codes are derived +-from the function names; reason codes consist of textual error +-descriptions. For example, the function ssl23_read() reports a +-"handshake failure" as follows: +- +- SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE); +- +-Function and reason codes should consist of upper case characters, +-numbers and underscores only. The error file generation script translates +-function codes into function names by looking in the header files +-for an appropriate function name, if none is found it just uses +-the capitalized form such as "SSL23_READ" in the above example. +- +-The trailing section of a reason code (after the "_R_") is translated +-into lower case and underscores changed to spaces. +- +-When you are using new function or reason codes, run B<make errors>. +-The necessary B<#define>s will then automatically be added to the +-sub-library's header file. +- +-Although a library will normally report errors using its own specific +-XXXerr macro, another library's macro can be used. This is normally +-only done when a library wants to include ASN1 code which must use +-the ASN1err() macro. +- +-=head2 Adding new libraries +- +-When adding a new sub-library to OpenSSL, assign it a library number +-B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its +-name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add +-C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function +-(in B<crypto/err/err_all.c>). Finally, add an entry +- +- L XXX xxx.h xxx_err.c +- +-to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile. +-Running B<make errors> will then generate a file B<xxx_err.c>, and +-add all error codes used in the library to B<xxx.h>. +- +-Additionally the library include file must have a certain form. +-Typically it will initially look like this: +- +- #ifndef HEADER_XXX_H +- #define HEADER_XXX_H +- +- #ifdef __cplusplus +- extern "C" { +- #endif +- +- /* Include files */ +- +- #include <openssl/bio.h> +- #include <openssl/x509.h> +- +- /* Macros, structures and function prototypes */ +- +- +- /* BEGIN ERROR CODES */ +- +-The B<BEGIN ERROR CODES> sequence is used by the error code +-generation script as the point to place new error codes, any text +-after this point will be overwritten when B<make errors> is run. +-The closing #endif etc will be automatically added by the script. +- +-The generated C error code file B<xxx_err.c> will load the header +-files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the +-header file must load any additional header files containing any +-definitions it uses. +- +-=head1 USING ERROR CODES IN EXTERNAL LIBRARIES +- +-It is also possible to use OpenSSL's error code scheme in external +-libraries. The library needs to load its own codes and call the OpenSSL +-error code insertion script B<mkerr.pl> explicitly to add codes to +-the header file and generate the C error code file. This will normally +-be done if the external library needs to generate new ASN1 structures +-but it can also be used to add more general purpose error code handling. +- +-TBA more details +- +-=head1 INTERNALS +- +-The error queues are stored in a hash table with one B<ERR_STATE> +-entry for each pid. ERR_get_state() returns the current thread's +-B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error +-codes. When more error codes are added, the old ones are overwritten, +-on the assumption that the most recent errors are most important. +- +-Error strings are also stored in hash table. The hash tables can +-be obtained by calling ERR_get_err_state_table(void) and +-ERR_get_string_table(void) respectively. +- +-=head1 SEE ALSO +- +-L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>, +-L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>, +-L<ERR_get_error(3)|ERR_get_error(3)>, +-L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>, +-L<ERR_clear_error(3)|ERR_clear_error(3)>, +-L<ERR_error_string(3)|ERR_error_string(3)>, +-L<ERR_print_errors(3)|ERR_print_errors(3)>, +-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>, +-L<ERR_remove_state(3)|ERR_remove_state(3)>, +-L<ERR_put_error(3)|ERR_put_error(3)>, +-L<ERR_load_strings(3)|ERR_load_strings(3)>, +-L<SSL_get_error(3)|SSL_get_error(3)> +- +-=cut +diff -Naur openssl-1.0.0a.orig//doc/crypto/ERR_print_errors.pod openssl-1.0.0a/doc/crypto/ERR_print_errors.pod +--- openssl-1.0.0a.orig//doc/crypto/ERR_print_errors.pod 2000-02-01 01:36:59.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/ERR_print_errors.pod 2010-09-01 19:36:31.612125737 +0100 +@@ -38,7 +38,7 @@ + + =head1 SEE ALSO + +-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>, ++L<openssl_err(3)|openssl_err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>, + L<ERR_get_error(3)|ERR_get_error(3)>, + L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>, + L<SSL_load_error_strings(3)|SSL_load_error_strings(3)> +diff -Naur openssl-1.0.0a.orig//doc/crypto/ERR_put_error.pod openssl-1.0.0a/doc/crypto/ERR_put_error.pod +--- openssl-1.0.0a.orig//doc/crypto/ERR_put_error.pod 2000-02-24 11:55:08.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/ERR_put_error.pod 2010-09-01 19:36:31.612125737 +0100 +@@ -34,7 +34,7 @@ + + =head1 SEE ALSO + +-L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)> ++L<openssl_err(3)|openssl_err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/ERR_remove_state.pod openssl-1.0.0a/doc/crypto/ERR_remove_state.pod +--- openssl-1.0.0a.orig//doc/crypto/ERR_remove_state.pod 2000-05-19 08:54:42.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/ERR_remove_state.pod 2010-09-01 19:36:31.612125737 +0100 +@@ -25,7 +25,7 @@ + + =head1 SEE ALSO + +-L<err(3)|err(3)> ++L<openssl_err(3)|openssl_err(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/EVP_BytesToKey.pod openssl-1.0.0a/doc/crypto/EVP_BytesToKey.pod +--- openssl-1.0.0a.orig//doc/crypto/EVP_BytesToKey.pod 2004-11-25 17:47:30.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/EVP_BytesToKey.pod 2010-09-01 19:36:31.612125737 +0100 +@@ -59,7 +59,7 @@ + + =head1 SEE ALSO + +-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>, ++L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>, + L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/EVP_OpenInit.pod openssl-1.0.0a/doc/crypto/EVP_OpenInit.pod +--- openssl-1.0.0a.orig//doc/crypto/EVP_OpenInit.pod 2000-09-23 08:16:14.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/EVP_OpenInit.pod 2010-09-01 19:36:31.612125737 +0100 +@@ -54,7 +54,7 @@ + + =head1 SEE ALSO + +-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>, ++L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>, + L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>, + L<EVP_SealInit(3)|EVP_SealInit(3)> + +diff -Naur openssl-1.0.0a.orig//doc/crypto/EVP_SealInit.pod openssl-1.0.0a/doc/crypto/EVP_SealInit.pod +--- openssl-1.0.0a.orig//doc/crypto/EVP_SealInit.pod 2005-03-29 18:50:08.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/EVP_SealInit.pod 2010-09-01 19:36:31.612125737 +0100 +@@ -74,7 +74,7 @@ + + =head1 SEE ALSO + +-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>, ++L<evp(3)|evp(3)>, L<openssl_rand(3)|openssl_rand(3)>, + L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>, + L<EVP_OpenInit(3)|EVP_OpenInit(3)> + +diff -Naur openssl-1.0.0a.orig//doc/crypto/EVP_SignInit.pod openssl-1.0.0a/doc/crypto/EVP_SignInit.pod +--- openssl-1.0.0a.orig//doc/crypto/EVP_SignInit.pod 2006-07-12 13:31:29.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/EVP_SignInit.pod 2010-09-01 19:36:31.616125383 +0100 +@@ -89,7 +89,7 @@ + =head1 SEE ALSO + + L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>, +-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>, ++L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<openssl_err(3)|openssl_err(3)>, + L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, + L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, + L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)> +diff -Naur openssl-1.0.0a.orig//doc/crypto/EVP_VerifyInit.pod openssl-1.0.0a/doc/crypto/EVP_VerifyInit.pod +--- openssl-1.0.0a.orig//doc/crypto/EVP_VerifyInit.pod 2006-07-12 13:31:30.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/EVP_VerifyInit.pod 2010-09-01 19:36:31.616125383 +0100 +@@ -80,7 +80,7 @@ + + L<evp(3)|evp(3)>, + L<EVP_SignInit(3)|EVP_SignInit(3)>, +-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>, ++L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<openssl_err(3)|openssl_err(3)>, + L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, + L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>, + L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)> +diff -Naur openssl-1.0.0a.orig//doc/crypto/OPENSSL_config.pod openssl-1.0.0a/doc/crypto/OPENSSL_config.pod +--- openssl-1.0.0a.orig//doc/crypto/OPENSSL_config.pod 2005-06-03 00:19:56.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/OPENSSL_config.pod 2010-09-01 19:36:31.616125383 +0100 +@@ -73,7 +73,7 @@ + =head1 SEE ALSO + + L<conf(5)|conf(5)>, L<CONF_load_modules_file(3)|CONF_load_modules_file(3)>, +-L<CONF_modules_free(3),CONF_modules_free(3)> ++L<CONF_modules_free(3)|CONF_modules_free(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/openssl_err.pod openssl-1.0.0a/doc/crypto/openssl_err.pod +--- openssl-1.0.0a.orig//doc/crypto/openssl_err.pod 1970-01-01 01:00:00.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/openssl_err.pod 2010-09-01 19:36:31.624124669 +0100 +@@ -0,0 +1,187 @@ ++=pod ++ ++=head1 NAME ++ ++openssl_err - error codes ++ ++=head1 SYNOPSIS ++ ++ #include <openssl/err.h> ++ ++ unsigned long ERR_get_error(void); ++ unsigned long ERR_peek_error(void); ++ unsigned long ERR_get_error_line(const char **file, int *line); ++ unsigned long ERR_peek_error_line(const char **file, int *line); ++ unsigned long ERR_get_error_line_data(const char **file, int *line, ++ const char **data, int *flags); ++ unsigned long ERR_peek_error_line_data(const char **file, int *line, ++ const char **data, int *flags); ++ ++ int ERR_GET_LIB(unsigned long e); ++ int ERR_GET_FUNC(unsigned long e); ++ int ERR_GET_REASON(unsigned long e); ++ ++ void ERR_clear_error(void); ++ ++ char *ERR_error_string(unsigned long e, char *buf); ++ const char *ERR_lib_error_string(unsigned long e); ++ const char *ERR_func_error_string(unsigned long e); ++ const char *ERR_reason_error_string(unsigned long e); ++ ++ void ERR_print_errors(BIO *bp); ++ void ERR_print_errors_fp(FILE *fp); ++ ++ void ERR_load_crypto_strings(void); ++ void ERR_free_strings(void); ++ ++ void ERR_remove_state(unsigned long pid); ++ ++ void ERR_put_error(int lib, int func, int reason, const char *file, ++ int line); ++ void ERR_add_error_data(int num, ...); ++ ++ void ERR_load_strings(int lib,ERR_STRING_DATA str[]); ++ unsigned long ERR_PACK(int lib, int func, int reason); ++ int ERR_get_next_error_library(void); ++ ++=head1 DESCRIPTION ++ ++When a call to the OpenSSL library fails, this is usually signalled ++by the return value, and an error code is stored in an error queue ++associated with the current thread. The B<err> library provides ++functions to obtain these error codes and textual error messages. ++ ++The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to ++access error codes. ++ ++Error codes contain information about where the error occurred, and ++what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to ++extract this information. A method to obtain human-readable error ++messages is described in L<ERR_error_string(3)|ERR_error_string(3)>. ++ ++L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the ++error queue. ++ ++Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to ++avoid memory leaks when threads are terminated. ++ ++=head1 ADDING NEW ERROR CODES TO OPENSSL ++ ++See L<ERR_put_error(3)> if you want to record error codes in the ++OpenSSL error system from within your application. ++ ++The remainder of this section is of interest only if you want to add ++new error codes to OpenSSL or add error codes from external libraries. ++ ++=head2 Reporting errors ++ ++Each sub-library has a specific macro XXXerr() that is used to report ++errors. Its first argument is a function code B<XXX_F_...>, the second ++argument is a reason code B<XXX_R_...>. Function codes are derived ++from the function names; reason codes consist of textual error ++descriptions. For example, the function ssl23_read() reports a ++"handshake failure" as follows: ++ ++ SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE); ++ ++Function and reason codes should consist of upper case characters, ++numbers and underscores only. The error file generation script translates ++function codes into function names by looking in the header files ++for an appropriate function name, if none is found it just uses ++the capitalized form such as "SSL23_READ" in the above example. ++ ++The trailing section of a reason code (after the "_R_") is translated ++into lower case and underscores changed to spaces. ++ ++When you are using new function or reason codes, run B<make errors>. ++The necessary B<#define>s will then automatically be added to the ++sub-library's header file. ++ ++Although a library will normally report errors using its own specific ++XXXerr macro, another library's macro can be used. This is normally ++only done when a library wants to include ASN1 code which must use ++the ASN1err() macro. ++ ++=head2 Adding new libraries ++ ++When adding a new sub-library to OpenSSL, assign it a library number ++B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its ++name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add ++C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function ++(in B<crypto/err/err_all.c>). Finally, add an entry ++ ++ L XXX xxx.h xxx_err.c ++ ++to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile. ++Running B<make errors> will then generate a file B<xxx_err.c>, and ++add all error codes used in the library to B<xxx.h>. ++ ++Additionally the library include file must have a certain form. ++Typically it will initially look like this: ++ ++ #ifndef HEADER_XXX_H ++ #define HEADER_XXX_H ++ ++ #ifdef __cplusplus ++ extern "C" { ++ #endif ++ ++ /* Include files */ ++ ++ #include <openssl/bio.h> ++ #include <openssl/x509.h> ++ ++ /* Macros, structures and function prototypes */ ++ ++ ++ /* BEGIN ERROR CODES */ ++ ++The B<BEGIN ERROR CODES> sequence is used by the error code ++generation script as the point to place new error codes, any text ++after this point will be overwritten when B<make errors> is run. ++The closing #endif etc will be automatically added by the script. ++ ++The generated C error code file B<xxx_err.c> will load the header ++files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the ++header file must load any additional header files containing any ++definitions it uses. ++ ++=head1 USING ERROR CODES IN EXTERNAL LIBRARIES ++ ++It is also possible to use OpenSSL's error code scheme in external ++libraries. The library needs to load its own codes and call the OpenSSL ++error code insertion script B<mkerr.pl> explicitly to add codes to ++the header file and generate the C error code file. This will normally ++be done if the external library needs to generate new ASN1 structures ++but it can also be used to add more general purpose error code handling. ++ ++TBA more details ++ ++=head1 INTERNALS ++ ++The error queues are stored in a hash table with one B<ERR_STATE> ++entry for each pid. ERR_get_state() returns the current thread's ++B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error ++codes. When more error codes are added, the old ones are overwritten, ++on the assumption that the most recent errors are most important. ++ ++Error strings are also stored in hash table. The hash tables can ++be obtained by calling ERR_get_err_state_table(void) and ++ERR_get_string_table(void) respectively. ++ ++=head1 SEE ALSO ++ ++L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>, ++L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>, ++L<ERR_get_error(3)|ERR_get_error(3)>, ++L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>, ++L<ERR_clear_error(3)|ERR_clear_error(3)>, ++L<ERR_error_string(3)|ERR_error_string(3)>, ++L<ERR_print_errors(3)|ERR_print_errors(3)>, ++L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>, ++L<ERR_remove_state(3)|ERR_remove_state(3)>, ++L<ERR_put_error(3)|ERR_put_error(3)>, ++L<ERR_load_strings(3)|ERR_load_strings(3)>, ++L<SSL_get_error(3)|SSL_get_error(3)> ++ ++=cut +diff -Naur openssl-1.0.0a.orig//doc/crypto/openssl_rand.pod openssl-1.0.0a/doc/crypto/openssl_rand.pod +--- openssl-1.0.0a.orig//doc/crypto/openssl_rand.pod 1970-01-01 01:00:00.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/openssl_rand.pod 2010-09-01 19:36:31.624124669 +0100 +@@ -0,0 +1,175 @@ ++=pod ++ ++=head1 NAME ++ ++openssl_rand - pseudo-random number generator ++ ++=head1 SYNOPSIS ++ ++ #include <openssl/rand.h> ++ ++ int RAND_set_rand_engine(ENGINE *engine); ++ ++ int RAND_bytes(unsigned char *buf, int num); ++ int RAND_pseudo_bytes(unsigned char *buf, int num); ++ ++ void RAND_seed(const void *buf, int num); ++ void RAND_add(const void *buf, int num, int entropy); ++ int RAND_status(void); ++ ++ int RAND_load_file(const char *file, long max_bytes); ++ int RAND_write_file(const char *file); ++ const char *RAND_file_name(char *file, size_t num); ++ ++ int RAND_egd(const char *path); ++ ++ void RAND_set_rand_method(const RAND_METHOD *meth); ++ const RAND_METHOD *RAND_get_rand_method(void); ++ RAND_METHOD *RAND_SSLeay(void); ++ ++ void RAND_cleanup(void); ++ ++ /* For Win32 only */ ++ void RAND_screen(void); ++ int RAND_event(UINT, WPARAM, LPARAM); ++ ++=head1 DESCRIPTION ++ ++Since the introduction of the ENGINE API, the recommended way of controlling ++default implementations is by using the ENGINE API functions. The default ++B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by ++RAND_get_rand_method(), is only used if no ENGINE has been set as the default ++"rand" implementation. Hence, these two functions are no longer the recommened ++way to control defaults. ++ ++If an alternative B<RAND_METHOD> implementation is being used (either set ++directly or as provided by an ENGINE module), then it is entirely responsible ++for the generation and management of a cryptographically secure PRNG stream. The ++mechanisms described below relate solely to the software PRNG implementation ++built in to OpenSSL and used by default. ++ ++These functions implement a cryptographically secure pseudo-random ++number generator (PRNG). It is used by other library functions for ++example to generate random keys, and applications can use it when they ++need randomness. ++ ++A cryptographic PRNG must be seeded with unpredictable data such as ++mouse movements or keys pressed at random by the user. This is ++described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file ++(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the ++seeding process whenever the application is started. ++ ++L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the ++PRNG. ++ ++=head1 INTERNALS ++ ++The RAND_SSLeay() method implements a PRNG based on a cryptographic ++hash function. ++ ++The following description of its design is based on the SSLeay ++documentation: ++ ++First up I will state the things I believe I need for a good RNG. ++ ++=over 4 ++ ++=item 1 ++ ++A good hashing algorithm to mix things up and to convert the RNG 'state' ++to random numbers. ++ ++=item 2 ++ ++An initial source of random 'state'. ++ ++=item 3 ++ ++The state should be very large. If the RNG is being used to generate ++4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum). ++If your RNG state only has 128 bits, you are obviously limiting the ++search space to 128 bits, not 2048. I'm probably getting a little ++carried away on this last point but it does indicate that it may not be ++a bad idea to keep quite a lot of RNG state. It should be easier to ++break a cipher than guess the RNG seed data. ++ ++=item 4 ++ ++Any RNG seed data should influence all subsequent random numbers ++generated. This implies that any random seed data entered will have ++an influence on all subsequent random numbers generated. ++ ++=item 5 ++ ++When using data to seed the RNG state, the data used should not be ++extractable from the RNG state. I believe this should be a ++requirement because one possible source of 'secret' semi random ++data would be a private key or a password. This data must ++not be disclosed by either subsequent random numbers or a ++'core' dump left by a program crash. ++ ++=item 6 ++ ++Given the same initial 'state', 2 systems should deviate in their RNG state ++(and hence the random numbers generated) over time if at all possible. ++ ++=item 7 ++ ++Given the random number output stream, it should not be possible to determine ++the RNG state or the next random number. ++ ++=back ++ ++The algorithm is as follows. ++ ++There is global state made up of a 1023 byte buffer (the 'state'), a ++working hash value ('md'), and a counter ('count'). ++ ++Whenever seed data is added, it is inserted into the 'state' as ++follows. ++ ++The input is chopped up into units of 20 bytes (or less for ++the last block). Each of these blocks is run through the hash ++function as follows: The data passed to the hash function ++is the current 'md', the same number of bytes from the 'state' ++(the location determined by in incremented looping index) as ++the current 'block', the new key data 'block', and 'count' ++(which is incremented after each use). ++The result of this is kept in 'md' and also xored into the ++'state' at the same locations that were used as input into the ++hash function. I ++believe this system addresses points 1 (hash function; currently ++SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash ++function and xor). ++ ++When bytes are extracted from the RNG, the following process is used. ++For each group of 10 bytes (or less), we do the following: ++ ++Input into the hash function the local 'md' (which is initialized from ++the global 'md' before any bytes are generated), the bytes that are to ++be overwritten by the random bytes, and bytes from the 'state' ++(incrementing looping index). From this digest output (which is kept ++in 'md'), the top (up to) 10 bytes are returned to the caller and the ++bottom 10 bytes are xored into the 'state'. ++ ++Finally, after we have finished 'num' random bytes for the caller, ++'count' (which is incremented) and the local and global 'md' are fed ++into the hash function and the results are kept in the global 'md'. ++ ++I believe the above addressed points 1 (use of SHA-1), 6 (by hashing ++into the 'state' the 'old' data from the caller that is about to be ++overwritten) and 7 (by not using the 10 bytes given to the caller to ++update the 'state', but they are used to update 'md'). ++ ++So of the points raised, only 2 is not addressed (but see ++L<RAND_add(3)|RAND_add(3)>). ++ ++=head1 SEE ALSO ++ ++L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>, ++L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>, ++L<RAND_bytes(3)|RAND_bytes(3)>, ++L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>, ++L<RAND_cleanup(3)|RAND_cleanup(3)> ++ ++=cut +diff -Naur openssl-1.0.0a.orig//doc/crypto/openssl_threads.pod openssl-1.0.0a/doc/crypto/openssl_threads.pod +--- openssl-1.0.0a.orig//doc/crypto/openssl_threads.pod 1970-01-01 01:00:00.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/openssl_threads.pod 2010-09-01 19:36:31.624124669 +0100 +@@ -0,0 +1,175 @@ ++=pod ++ ++=head1 NAME ++ ++CRYPTO_set_locking_callback, CRYPTO_set_id_callback, CRYPTO_num_locks, ++CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback, ++CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid, ++CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support ++ ++=head1 SYNOPSIS ++ ++ #include <openssl/crypto.h> ++ ++ void CRYPTO_set_locking_callback(void (*locking_function)(int mode, ++ int n, const char *file, int line)); ++ ++ void CRYPTO_set_id_callback(unsigned long (*id_function)(void)); ++ ++ int CRYPTO_num_locks(void); ++ ++ ++ /* struct CRYPTO_dynlock_value needs to be defined by the user */ ++ struct CRYPTO_dynlock_value; ++ ++ void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value * ++ (*dyn_create_function)(char *file, int line)); ++ void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function) ++ (int mode, struct CRYPTO_dynlock_value *l, ++ const char *file, int line)); ++ void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function) ++ (struct CRYPTO_dynlock_value *l, const char *file, int line)); ++ ++ int CRYPTO_get_new_dynlockid(void); ++ ++ void CRYPTO_destroy_dynlockid(int i); ++ ++ void CRYPTO_lock(int mode, int n, const char *file, int line); ++ ++ #define CRYPTO_w_lock(type) \ ++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) ++ #define CRYPTO_w_unlock(type) \ ++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) ++ #define CRYPTO_r_lock(type) \ ++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__) ++ #define CRYPTO_r_unlock(type) \ ++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__) ++ #define CRYPTO_add(addr,amount,type) \ ++ CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__) ++ ++=head1 DESCRIPTION ++ ++OpenSSL can safely be used in multi-threaded applications provided ++that at least two callback functions are set. ++ ++locking_function(int mode, int n, const char *file, int line) is ++needed to perform locking on shared data structures. ++(Note that OpenSSL uses a number of global data structures that ++will be implicitly shared whenever multiple threads use OpenSSL.) ++Multi-threaded applications will crash at random if it is not set. ++ ++locking_function() must be able to handle up to CRYPTO_num_locks() ++different mutex locks. It sets the B<n>-th lock if B<mode> & ++B<CRYPTO_LOCK>, and releases it otherwise. ++ ++B<file> and B<line> are the file number of the function setting the ++lock. They can be useful for debugging. ++ ++id_function(void) is a function that returns a thread ID, for example ++pthread_self() if it returns an integer (see NOTES below). It isn't ++needed on Windows nor on platforms where getpid() returns a different ++ID for each thread (see NOTES below). ++ ++Additionally, OpenSSL supports dynamic locks, and sometimes, some parts ++of OpenSSL need it for better performance. To enable this, the following ++is required: ++ ++=over 4 ++ ++=item * ++Three additional callback function, dyn_create_function, dyn_lock_function ++and dyn_destroy_function. ++ ++=item * ++A structure defined with the data that each lock needs to handle. ++ ++=back ++ ++struct CRYPTO_dynlock_value has to be defined to contain whatever structure ++is needed to handle locks. ++ ++dyn_create_function(const char *file, int line) is needed to create a ++lock. Multi-threaded applications might crash at random if it is not set. ++ ++dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line) ++is needed to perform locking off dynamic lock numbered n. Multi-threaded ++applications might crash at random if it is not set. ++ ++dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is ++needed to destroy the lock l. Multi-threaded applications might crash at ++random if it is not set. ++ ++CRYPTO_get_new_dynlockid() is used to create locks. It will call ++dyn_create_function for the actual creation. ++ ++CRYPTO_destroy_dynlockid() is used to destroy locks. It will call ++dyn_destroy_function for the actual destruction. ++ ++CRYPTO_lock() is used to lock and unlock the locks. mode is a bitfield ++describing what should be done with the lock. n is the number of the ++lock as returned from CRYPTO_get_new_dynlockid(). mode can be combined ++from the following values. These values are pairwise exclusive, with ++undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE ++should not be used together): ++ ++ CRYPTO_LOCK 0x01 ++ CRYPTO_UNLOCK 0x02 ++ CRYPTO_READ 0x04 ++ CRYPTO_WRITE 0x08 ++ ++=head1 RETURN VALUES ++ ++CRYPTO_num_locks() returns the required number of locks. ++ ++CRYPTO_get_new_dynlockid() returns the index to the newly created lock. ++ ++The other functions return no values. ++ ++=head1 NOTES ++ ++You can find out if OpenSSL was configured with thread support: ++ ++ #define OPENSSL_THREAD_DEFINES ++ #include <openssl/opensslconf.h> ++ #if defined(OPENSSL_THREADS) ++ // thread support enabled ++ #else ++ // no thread support ++ #endif ++ ++Also, dynamic locks are currently not used internally by OpenSSL, but ++may do so in the future. ++ ++Defining id_function(void) has it's own issues. Generally speaking, ++pthread_self() should be used, even on platforms where getpid() gives ++different answers in each thread, since that may depend on the machine ++the program is run on, not the machine where the program is being ++compiled. For instance, Red Hat 8 Linux and earlier used ++LinuxThreads, whose getpid() returns a different value for each ++thread. Red Hat 9 Linux and later use NPTL, which is ++Posix-conformant, and has a getpid() that returns the same value for ++all threads in a process. A program compiled on Red Hat 8 and run on ++Red Hat 9 will therefore see getpid() returning the same value for ++all threads. ++ ++There is still the issue of platforms where pthread_self() returns ++something other than an integer. This is a bit unusual, and this ++manual has no cookbook solution for that case. ++ ++=head1 EXAMPLES ++ ++B<crypto/threads/mttest.c> shows examples of the callback functions on ++Solaris, Irix and Win32. ++ ++=head1 HISTORY ++ ++CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() are ++available in all versions of SSLeay and OpenSSL. ++CRYPTO_num_locks() was added in OpenSSL 0.9.4. ++All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev. ++ ++=head1 SEE ALSO ++ ++L<crypto(3)|crypto(3)> ++ ++=cut +diff -Naur openssl-1.0.0a.orig//doc/crypto/RAND_add.pod openssl-1.0.0a/doc/crypto/RAND_add.pod +--- openssl-1.0.0a.orig//doc/crypto/RAND_add.pod 2000-03-22 15:30:03.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/RAND_add.pod 2010-09-01 19:36:31.616125383 +0100 +@@ -65,7 +65,7 @@ + + =head1 SEE ALSO + +-L<rand(3)|rand(3)>, L<RAND_egd(3)|RAND_egd(3)>, ++L<openssl_rand(3)|openssl_rand(3)>, L<RAND_egd(3)|RAND_egd(3)>, + L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/RAND_bytes.pod openssl-1.0.0a/doc/crypto/RAND_bytes.pod +--- openssl-1.0.0a.orig//doc/crypto/RAND_bytes.pod 2007-09-24 12:01:18.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/RAND_bytes.pod 2010-09-01 19:36:31.616125383 +0100 +@@ -38,7 +38,7 @@ + + =head1 SEE ALSO + +-L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, ++L<openssl_rand(3)|openssl_rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, + L<RAND_add(3)|RAND_add(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/RAND_cleanup.pod openssl-1.0.0a/doc/crypto/RAND_cleanup.pod +--- openssl-1.0.0a.orig//doc/crypto/RAND_cleanup.pod 2000-01-27 01:25:06.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/RAND_cleanup.pod 2010-09-01 19:36:31.616125383 +0100 +@@ -20,7 +20,7 @@ + + =head1 SEE ALSO + +-L<rand(3)|rand(3)> ++L<openssl_rand(3)|openssl_rand(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/RAND_egd.pod openssl-1.0.0a/doc/crypto/RAND_egd.pod +--- openssl-1.0.0a.orig//doc/crypto/RAND_egd.pod 2008-11-10 11:26:44.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/RAND_egd.pod 2010-09-01 19:36:31.616125383 +0100 +@@ -72,7 +72,7 @@ + + =head1 SEE ALSO + +-L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>, ++L<openssl_rand(3)|openssl_rand(3)>, L<RAND_add(3)|RAND_add(3)>, + L<RAND_cleanup(3)|RAND_cleanup(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/RAND_load_file.pod openssl-1.0.0a/doc/crypto/RAND_load_file.pod +--- openssl-1.0.0a.orig//doc/crypto/RAND_load_file.pod 2001-03-21 15:25:56.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/RAND_load_file.pod 2010-09-01 19:36:31.616125383 +0100 +@@ -43,7 +43,7 @@ + + =head1 SEE ALSO + +-L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)> ++L<openssl_rand(3)|openssl_rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/rand.pod openssl-1.0.0a/doc/crypto/rand.pod +--- openssl-1.0.0a.orig//doc/crypto/rand.pod 2002-08-05 17:27:01.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/rand.pod 1970-01-01 01:00:00.000000000 +0100 +@@ -1,175 +0,0 @@ +-=pod +- +-=head1 NAME +- +-rand - pseudo-random number generator +- +-=head1 SYNOPSIS +- +- #include <openssl/rand.h> +- +- int RAND_set_rand_engine(ENGINE *engine); +- +- int RAND_bytes(unsigned char *buf, int num); +- int RAND_pseudo_bytes(unsigned char *buf, int num); +- +- void RAND_seed(const void *buf, int num); +- void RAND_add(const void *buf, int num, int entropy); +- int RAND_status(void); +- +- int RAND_load_file(const char *file, long max_bytes); +- int RAND_write_file(const char *file); +- const char *RAND_file_name(char *file, size_t num); +- +- int RAND_egd(const char *path); +- +- void RAND_set_rand_method(const RAND_METHOD *meth); +- const RAND_METHOD *RAND_get_rand_method(void); +- RAND_METHOD *RAND_SSLeay(void); +- +- void RAND_cleanup(void); +- +- /* For Win32 only */ +- void RAND_screen(void); +- int RAND_event(UINT, WPARAM, LPARAM); +- +-=head1 DESCRIPTION +- +-Since the introduction of the ENGINE API, the recommended way of controlling +-default implementations is by using the ENGINE API functions. The default +-B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by +-RAND_get_rand_method(), is only used if no ENGINE has been set as the default +-"rand" implementation. Hence, these two functions are no longer the recommened +-way to control defaults. +- +-If an alternative B<RAND_METHOD> implementation is being used (either set +-directly or as provided by an ENGINE module), then it is entirely responsible +-for the generation and management of a cryptographically secure PRNG stream. The +-mechanisms described below relate solely to the software PRNG implementation +-built in to OpenSSL and used by default. +- +-These functions implement a cryptographically secure pseudo-random +-number generator (PRNG). It is used by other library functions for +-example to generate random keys, and applications can use it when they +-need randomness. +- +-A cryptographic PRNG must be seeded with unpredictable data such as +-mouse movements or keys pressed at random by the user. This is +-described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file +-(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the +-seeding process whenever the application is started. +- +-L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the +-PRNG. +- +-=head1 INTERNALS +- +-The RAND_SSLeay() method implements a PRNG based on a cryptographic +-hash function. +- +-The following description of its design is based on the SSLeay +-documentation: +- +-First up I will state the things I believe I need for a good RNG. +- +-=over 4 +- +-=item 1 +- +-A good hashing algorithm to mix things up and to convert the RNG 'state' +-to random numbers. +- +-=item 2 +- +-An initial source of random 'state'. +- +-=item 3 +- +-The state should be very large. If the RNG is being used to generate +-4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum). +-If your RNG state only has 128 bits, you are obviously limiting the +-search space to 128 bits, not 2048. I'm probably getting a little +-carried away on this last point but it does indicate that it may not be +-a bad idea to keep quite a lot of RNG state. It should be easier to +-break a cipher than guess the RNG seed data. +- +-=item 4 +- +-Any RNG seed data should influence all subsequent random numbers +-generated. This implies that any random seed data entered will have +-an influence on all subsequent random numbers generated. +- +-=item 5 +- +-When using data to seed the RNG state, the data used should not be +-extractable from the RNG state. I believe this should be a +-requirement because one possible source of 'secret' semi random +-data would be a private key or a password. This data must +-not be disclosed by either subsequent random numbers or a +-'core' dump left by a program crash. +- +-=item 6 +- +-Given the same initial 'state', 2 systems should deviate in their RNG state +-(and hence the random numbers generated) over time if at all possible. +- +-=item 7 +- +-Given the random number output stream, it should not be possible to determine +-the RNG state or the next random number. +- +-=back +- +-The algorithm is as follows. +- +-There is global state made up of a 1023 byte buffer (the 'state'), a +-working hash value ('md'), and a counter ('count'). +- +-Whenever seed data is added, it is inserted into the 'state' as +-follows. +- +-The input is chopped up into units of 20 bytes (or less for +-the last block). Each of these blocks is run through the hash +-function as follows: The data passed to the hash function +-is the current 'md', the same number of bytes from the 'state' +-(the location determined by in incremented looping index) as +-the current 'block', the new key data 'block', and 'count' +-(which is incremented after each use). +-The result of this is kept in 'md' and also xored into the +-'state' at the same locations that were used as input into the +-hash function. I +-believe this system addresses points 1 (hash function; currently +-SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash +-function and xor). +- +-When bytes are extracted from the RNG, the following process is used. +-For each group of 10 bytes (or less), we do the following: +- +-Input into the hash function the local 'md' (which is initialized from +-the global 'md' before any bytes are generated), the bytes that are to +-be overwritten by the random bytes, and bytes from the 'state' +-(incrementing looping index). From this digest output (which is kept +-in 'md'), the top (up to) 10 bytes are returned to the caller and the +-bottom 10 bytes are xored into the 'state'. +- +-Finally, after we have finished 'num' random bytes for the caller, +-'count' (which is incremented) and the local and global 'md' are fed +-into the hash function and the results are kept in the global 'md'. +- +-I believe the above addressed points 1 (use of SHA-1), 6 (by hashing +-into the 'state' the 'old' data from the caller that is about to be +-overwritten) and 7 (by not using the 10 bytes given to the caller to +-update the 'state', but they are used to update 'md'). +- +-So of the points raised, only 2 is not addressed (but see +-L<RAND_add(3)|RAND_add(3)>). +- +-=head1 SEE ALSO +- +-L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>, +-L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>, +-L<RAND_bytes(3)|RAND_bytes(3)>, +-L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>, +-L<RAND_cleanup(3)|RAND_cleanup(3)> +- +-=cut +diff -Naur openssl-1.0.0a.orig//doc/crypto/RAND_set_rand_method.pod openssl-1.0.0a/doc/crypto/RAND_set_rand_method.pod +--- openssl-1.0.0a.orig//doc/crypto/RAND_set_rand_method.pod 2007-11-19 09:18:03.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/RAND_set_rand_method.pod 2010-09-01 19:36:31.616125383 +0100 +@@ -67,7 +67,7 @@ + + =head1 SEE ALSO + +-L<rand(3)|rand(3)>, L<engine(3)|engine(3)> ++L<openssl_rand(3)|openssl_rand(3)>, L<engine(3)|engine(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/RSA_blinding_on.pod openssl-1.0.0a/doc/crypto/RSA_blinding_on.pod +--- openssl-1.0.0a.orig//doc/crypto/RSA_blinding_on.pod 2000-02-24 11:55:10.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/RSA_blinding_on.pod 2010-09-01 19:36:31.616125383 +0100 +@@ -34,7 +34,7 @@ + + =head1 SEE ALSO + +-L<rsa(3)|rsa(3)>, L<rand(3)|rand(3)> ++L<rsa(3)|rsa(3)>, L<openssl_rand(3)|openssl_rand(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/crypto/RSA_generate_key.pod openssl-1.0.0a/doc/crypto/RSA_generate_key.pod +--- openssl-1.0.0a.orig//doc/crypto/RSA_generate_key.pod 2002-09-25 14:33:27.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/RSA_generate_key.pod 2010-09-01 19:36:31.616125383 +0100 +@@ -59,7 +59,7 @@ + + =head1 SEE ALSO + +-L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, ++L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, + L<RSA_free(3)|RSA_free(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/rsa.pod openssl-1.0.0a/doc/crypto/rsa.pod +--- openssl-1.0.0a.orig//doc/crypto/rsa.pod 2002-08-04 22:08:36.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/rsa.pod 2010-09-01 19:36:31.624124669 +0100 +@@ -108,7 +108,7 @@ + =head1 SEE ALSO + + L<rsa(1)|rsa(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, +-L<rand(3)|rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>, ++L<openssl_rand(3)|openssl_rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>, + L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>, + L<RSA_sign(3)|RSA_sign(3)>, L<RSA_size(3)|RSA_size(3)>, + L<RSA_generate_key(3)|RSA_generate_key(3)>, +diff -Naur openssl-1.0.0a.orig//doc/crypto/RSA_public_encrypt.pod openssl-1.0.0a/doc/crypto/RSA_public_encrypt.pod +--- openssl-1.0.0a.orig//doc/crypto/RSA_public_encrypt.pod 2004-03-23 21:01:34.000000000 +0000 ++++ openssl-1.0.0a/doc/crypto/RSA_public_encrypt.pod 2010-09-01 19:36:31.620125025 +0100 +@@ -73,7 +73,7 @@ + + =head1 SEE ALSO + +-L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, ++L<ERR_get_error(3)|ERR_get_error(3)>, L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, + L<RSA_size(3)|RSA_size(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod openssl-1.0.0a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod +--- openssl-1.0.0a.orig//doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod 2002-09-25 14:33:28.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod 2010-09-01 19:36:31.620125025 +0100 +@@ -48,7 +48,7 @@ + =head1 SEE ALSO + + L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>, +-L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>, ++L<openssl_rand(3)|openssl_rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>, + L<RSA_verify(3)|RSA_verify(3)> + + =head1 HISTORY +diff -Naur openssl-1.0.0a.orig//doc/crypto/threads.pod openssl-1.0.0a/doc/crypto/threads.pod +--- openssl-1.0.0a.orig//doc/crypto/threads.pod 2009-10-01 00:40:52.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/threads.pod 1970-01-01 01:00:00.000000000 +0100 +@@ -1,210 +0,0 @@ +-=pod +- +-=head1 NAME +- +-CRYPTO_THREADID_set_callback, CRYPTO_THREADID_get_callback, +-CRYPTO_THREADID_current, CRYPTO_THREADID_cmp, CRYPTO_THREADID_cpy, +-CRYPTO_THREADID_hash, CRYPTO_set_locking_callback, CRYPTO_num_locks, +-CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback, +-CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid, +-CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support +- +-=head1 SYNOPSIS +- +- #include <openssl/crypto.h> +- +- /* Don't use this structure directly. */ +- typedef struct crypto_threadid_st +- { +- void *ptr; +- unsigned long val; +- } CRYPTO_THREADID; +- /* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */ +- void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val); +- void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr); +- int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *)); +- void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *); +- void CRYPTO_THREADID_current(CRYPTO_THREADID *id); +- int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, +- const CRYPTO_THREADID *b); +- void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, +- const CRYPTO_THREADID *src); +- unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id); +- +- int CRYPTO_num_locks(void); +- +- /* struct CRYPTO_dynlock_value needs to be defined by the user */ +- struct CRYPTO_dynlock_value; +- +- void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value * +- (*dyn_create_function)(char *file, int line)); +- void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function) +- (int mode, struct CRYPTO_dynlock_value *l, +- const char *file, int line)); +- void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function) +- (struct CRYPTO_dynlock_value *l, const char *file, int line)); +- +- int CRYPTO_get_new_dynlockid(void); +- +- void CRYPTO_destroy_dynlockid(int i); +- +- void CRYPTO_lock(int mode, int n, const char *file, int line); +- +- #define CRYPTO_w_lock(type) \ +- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) +- #define CRYPTO_w_unlock(type) \ +- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) +- #define CRYPTO_r_lock(type) \ +- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__) +- #define CRYPTO_r_unlock(type) \ +- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__) +- #define CRYPTO_add(addr,amount,type) \ +- CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__) +- +-=head1 DESCRIPTION +- +-OpenSSL can safely be used in multi-threaded applications provided +-that at least two callback functions are set, locking_function and +-threadid_func. +- +-locking_function(int mode, int n, const char *file, int line) is +-needed to perform locking on shared data structures. +-(Note that OpenSSL uses a number of global data structures that +-will be implicitly shared whenever multiple threads use OpenSSL.) +-Multi-threaded applications will crash at random if it is not set. +- +-locking_function() must be able to handle up to CRYPTO_num_locks() +-different mutex locks. It sets the B<n>-th lock if B<mode> & +-B<CRYPTO_LOCK>, and releases it otherwise. +- +-B<file> and B<line> are the file number of the function setting the +-lock. They can be useful for debugging. +- +-threadid_func(CRYPTO_THREADID *id) is needed to record the currently-executing +-thread's identifier into B<id>. The implementation of this callback should not +-fill in B<id> directly, but should use CRYPTO_THREADID_set_numeric() if thread +-IDs are numeric, or CRYPTO_THREADID_set_pointer() if they are pointer-based. +-If the application does not register such a callback using +-CRYPTO_THREADID_set_callback(), then a default implementation is used - on +-Windows and BeOS this uses the system's default thread identifying APIs, and on +-all other platforms it uses the address of B<errno>. The latter is satisfactory +-for thread-safety if and only if the platform has a thread-local error number +-facility. +- +-Once threadid_func() is registered, or if the built-in default implementation is +-to be used; +- +-=over 4 +- +-=item * +-CRYPTO_THREADID_current() records the currently-executing thread ID into the +-given B<id> object. +- +-=item * +-CRYPTO_THREADID_cmp() compares two thread IDs (returning zero for equality, ie. +-the same semantics as memcmp()). +- +-=item * +-CRYPTO_THREADID_cpy() duplicates a thread ID value, +- +-=item * +-CRYPTO_THREADID_hash() returns a numeric value usable as a hash-table key. This +-is usually the exact numeric or pointer-based thread ID used internally, however +-this also handles the unusual case where pointers are larger than 'long' +-variables and the platform's thread IDs are pointer-based - in this case, mixing +-is done to attempt to produce a unique numeric value even though it is not as +-wide as the platform's true thread IDs. +- +-=back +- +-Additionally, OpenSSL supports dynamic locks, and sometimes, some parts +-of OpenSSL need it for better performance. To enable this, the following +-is required: +- +-=over 4 +- +-=item * +-Three additional callback function, dyn_create_function, dyn_lock_function +-and dyn_destroy_function. +- +-=item * +-A structure defined with the data that each lock needs to handle. +- +-=back +- +-struct CRYPTO_dynlock_value has to be defined to contain whatever structure +-is needed to handle locks. +- +-dyn_create_function(const char *file, int line) is needed to create a +-lock. Multi-threaded applications might crash at random if it is not set. +- +-dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line) +-is needed to perform locking off dynamic lock numbered n. Multi-threaded +-applications might crash at random if it is not set. +- +-dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is +-needed to destroy the lock l. Multi-threaded applications might crash at +-random if it is not set. +- +-CRYPTO_get_new_dynlockid() is used to create locks. It will call +-dyn_create_function for the actual creation. +- +-CRYPTO_destroy_dynlockid() is used to destroy locks. It will call +-dyn_destroy_function for the actual destruction. +- +-CRYPTO_lock() is used to lock and unlock the locks. mode is a bitfield +-describing what should be done with the lock. n is the number of the +-lock as returned from CRYPTO_get_new_dynlockid(). mode can be combined +-from the following values. These values are pairwise exclusive, with +-undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE +-should not be used together): +- +- CRYPTO_LOCK 0x01 +- CRYPTO_UNLOCK 0x02 +- CRYPTO_READ 0x04 +- CRYPTO_WRITE 0x08 +- +-=head1 RETURN VALUES +- +-CRYPTO_num_locks() returns the required number of locks. +- +-CRYPTO_get_new_dynlockid() returns the index to the newly created lock. +- +-The other functions return no values. +- +-=head1 NOTES +- +-You can find out if OpenSSL was configured with thread support: +- +- #define OPENSSL_THREAD_DEFINES +- #include <openssl/opensslconf.h> +- #if defined(OPENSSL_THREADS) +- // thread support enabled +- #else +- // no thread support +- #endif +- +-Also, dynamic locks are currently not used internally by OpenSSL, but +-may do so in the future. +- +-=head1 EXAMPLES +- +-B<crypto/threads/mttest.c> shows examples of the callback functions on +-Solaris, Irix and Win32. +- +-=head1 HISTORY +- +-CRYPTO_set_locking_callback() is +-available in all versions of SSLeay and OpenSSL. +-CRYPTO_num_locks() was added in OpenSSL 0.9.4. +-All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev. +-B<CRYPTO_THREADID> and associated functions were introduced in OpenSSL 1.0.0 +-to replace (actually, deprecate) the previous CRYPTO_set_id_callback(), +-CRYPTO_get_id_callback(), and CRYPTO_thread_id() functions which assumed +-thread IDs to always be represented by 'unsigned long'. +- +-=head1 SEE ALSO +- +-L<crypto(3)|crypto(3)> +- +-=cut +diff -Naur openssl-1.0.0a.orig//doc/crypto/X509_NAME_ENTRY_get_object.pod openssl-1.0.0a/doc/crypto/X509_NAME_ENTRY_get_object.pod +--- openssl-1.0.0a.orig//doc/crypto/X509_NAME_ENTRY_get_object.pod 2006-05-14 12:27:59.000000000 +0100 ++++ openssl-1.0.0a/doc/crypto/X509_NAME_ENTRY_get_object.pod 2010-09-01 19:36:31.620125025 +0100 +@@ -65,7 +65,7 @@ + =head1 SEE ALSO + + L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>, +-L<OBJ_nid2obj(3),OBJ_nid2obj(3)> ++L<OBJ_nid2obj(3)|OBJ_nid2obj(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/ssl/SSL_get_error.pod openssl-1.0.0a/doc/ssl/SSL_get_error.pod +--- openssl-1.0.0a.orig//doc/ssl/SSL_get_error.pod 2005-03-30 12:50:14.000000000 +0100 ++++ openssl-1.0.0a/doc/ssl/SSL_get_error.pod 2010-09-01 19:36:40.259360162 +0100 +@@ -105,7 +105,7 @@ + + =head1 SEE ALSO + +-L<ssl(3)|ssl(3)>, L<err(3)|err(3)> ++L<ssl(3)|ssl(3)>, L<openssl_err(3)|openssl_err(3)> + + =head1 HISTORY + +diff -Naur openssl-1.0.0a.orig//doc/ssl/SSL_want.pod openssl-1.0.0a/doc/ssl/SSL_want.pod +--- openssl-1.0.0a.orig//doc/ssl/SSL_want.pod 2005-03-30 12:50:14.000000000 +0100 ++++ openssl-1.0.0a/doc/ssl/SSL_want.pod 2010-09-01 19:36:40.259360162 +0100 +@@ -72,6 +72,6 @@ + + =head1 SEE ALSO + +-L<ssl(3)|ssl(3)>, L<err(3)|err(3)>, L<SSL_get_error(3)|SSL_get_error(3)> ++L<ssl(3)|ssl(3)>, L<openssl_err(3)|openssl_err(3)>, L<SSL_get_error(3)|SSL_get_error(3)> + + =cut +diff -Naur openssl-1.0.0a.orig//FAQ openssl-1.0.0a/FAQ +--- openssl-1.0.0a.orig//FAQ 2010-06-01 14:31:36.000000000 +0100 ++++ openssl-1.0.0a/FAQ 2010-09-01 19:39:19.677244857 +0100 +@@ -724,7 +724,7 @@ + CRYPTO_set_id_callback(), for all versions of OpenSSL up to and + including 0.9.8[abc...]. As of version 1.0.0, CRYPTO_set_id_callback() + and associated APIs are deprecated by CRYPTO_THREADID_set_callback() +-and friends. This is described in the threads(3) manpage. ++and friends. This is described in the openssl_threads(3) manpage. + + * I've compiled a program under Windows and it crashes: why? + diff --git a/testing/openssl/no-rpath.patch b/testing/openssl/no-rpath.patch new file mode 100644 index 000000000..ebd95e23d --- /dev/null +++ b/testing/openssl/no-rpath.patch @@ -0,0 +1,11 @@ +--- Makefile.shared.no-rpath 2005-06-23 22:47:54.000000000 +0200 ++++ Makefile.shared 2005-11-16 22:35:37.000000000 +0100 +@@ -153,7 +153,7 @@ + NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ + SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" + +-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" ++DO_GNU_APP=LDFLAGS="$(CFLAGS)" + + #This is rather special. It's a special target with which one can link + #applications without bothering with any features that have anything to diff --git a/testing/sudo/PKGBUILD b/testing/sudo/PKGBUILD index 9fe2cf1b8..2f96abb2a 100644 --- a/testing/sudo/PKGBUILD +++ b/testing/sudo/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 151762 2012-03-02 10:58:36Z allan $ +# $Id: PKGBUILD 153412 2012-03-13 01:20:15Z allan $ # Maintainer: Allan McRae <allan@archlinux.org> # Contributor: Tom Newsom <Jeepster@gmx.co.uk> pkgname=sudo -_ver=1.8.4p2 +_ver=1.8.4p3 pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}} pkgrel=1 pkgdesc="Give certain users the ability to run some commands as root" @@ -15,8 +15,8 @@ backup=('etc/sudoers' 'etc/pam.d/sudo') options=('!libtool' '!makeflags') source=(ftp://ftp.sudo.ws/pub/sudo/$pkgname-$_ver.tar.gz{,.sig} sudo.pam) -md5sums=('c0cc9334246d4f34128660b6c5463e94' - 'bb692de8ecb24d8bfab00c45292536c5' +md5sums=('a97af5e84192d30d8f2d5e9e03fcc618' + 'dd92cdb4eb6cd61846a7a72f02277001' '4e7ad4ec8f2fe6a40e12bcb2c0b256e3') build() { diff --git a/testing/usbutils/PKGBUILD b/testing/usbutils/PKGBUILD new file mode 100644 index 000000000..0fc3645c1 --- /dev/null +++ b/testing/usbutils/PKGBUILD @@ -0,0 +1,35 @@ +# $Id: PKGBUILD 153397 2012-03-12 21:43:35Z tomegun $ +# Maintainer: Tobias Powalowski <tpowa@archlinux.org> +# Contributor: Tom Gundersen <teg@jklm.no> +# Contributor: Judd Vinet <jvinet@zeroflux.org> +# Contributor: Curtis Campbell <curtisjamescampbell@hotmail.com> +pkgname=usbutils +pkgver=005 +pkgrel=1 +pkgdesc="USB Device Utilities" +arch=(i686 x86_64) +license=('GPL') +groups=('base') +depends=('libusb') +optdepends=('python2: for lsusb.py usage' + 'coreutils: for lsusb.py usage' + 'wget: for update-usbids.sh usage') +url="http://linux-usb.sourceforge.net/" +# currently broken: http://www.kernel.org/pub/linux/utils/usb/$pkgname/$pkgname-$pkgver.tar.gz +source=("ftp://ftp.archlinux.org/other/${pkgname}/${pkgname}-${pkgver}.tar.bz2" + fix-python2.patch) + +build() { + cd $srcdir/$pkgname-$pkgver + # patch lsusb.py to use correct usb.ids file and python2 interpreter + patch -Np1 -i $srcdir/fix-python2.patch + ./configure --prefix=/usr --datadir=/usr/share/hwdata --disable-zlib + make +} + +package() { + cd $srcdir/$pkgname-$pkgver + make DESTDIR=$pkgdir install +} +md5sums=('6a21f7b6c02b76df5e8a7c208d746654' + '45766196895b4cc50b53cd56e1bbf3d1') diff --git a/testing/usbutils/fix-python2.patch b/testing/usbutils/fix-python2.patch new file mode 100644 index 000000000..7e2875e99 --- /dev/null +++ b/testing/usbutils/fix-python2.patch @@ -0,0 +1,17 @@ +--- usbutils-002/lsusb.py 2010-12-16 01:07:09.000000000 +0100 ++++ usbutils-002/lsusb.py 2011-04-09 22:43:59.043828595 +0200 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python2 + # lsusb.py + # Displays your USB devices in reasonable form. + # (c) Kurt Garloff <garloff@suse.de>, 2/2009, GPL v2 or v3. +@@ -16,7 +16,7 @@ + warnsort = False + + prefix = "/sys/bus/usb/devices/" +-usbids = "/usr/share/usb.ids" ++usbids = "/usr/share/hwdata/usb.ids" + + esc = chr(27) + norm = esc + "[0;0m" |