Wed Jan 8 03:37:02 UTC 2014

author: Nicolás Reynolds <fauno@endefensadelsl.org> 2014-01-08 03:41:42 +0000
committer: Nicolás Reynolds <fauno@endefensadelsl.org> 2014-01-08 03:41:42 +0000
commit: 3092fe0e20f490a5f9b8b9602ffc039a22be60c0 (patch)
tree: ca5296f2b482de6c3889b3d2721dda0ae342eaee /core/openssl
parent: bd5b8fe0fe2355ad0df744ed310d12b8a70c51f9 (diff)
5 files changed, 363 insertions, 473 deletions
diff --git a/core/openssl/PKGBUILD b/core/openssl/PKGBUILD
index f3d13b221..341731bfb 100644
--- a/core/openssl/PKGBUILD
+++ b/core/openssl/PKGBUILD
@@ -1,12 +1,12 @@
-# $Id: PKGBUILD 199034 2013-11-07 14:18:31Z pierre $
+# $Id: PKGBUILD 203278 2014-01-07 10:02:52Z pierre $
 # Maintainer: Pierre Schmitz <pierre@archlinux.de>
 
 pkgname=openssl
-_ver=1.0.1e
+_ver=1.0.1f
 # use a pacman compatible version scheme
 pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
 #pkgver=$_ver
-pkgrel=5
+pkgrel=1
 pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
 arch=('i686' 'x86_64')
 url='https://www.openssl.org'
@@ -19,16 +19,12 @@ source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz"
         "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc"
         'no-rpath.patch'
         'ca-dir.patch'
-        'openssl-1.0.1e-fix_pod_syntax-1.patch'
-        'openssl-1.0.1-Check-DTLS_BAD_VER-for-version-number.patch'
-        'openssl-1.0.1-e_aes_cbc_hmac_sha1.c-fix-rare-bad-record-mac-on-AES.patch')
-md5sums=('66bf6f10f060d561929de96f9dfe5b8c'
+        'openssl-1.0.1f-perl-5.18.patch')
+md5sums=('f26b09c028a0541cab33da697d522b25'
          'SKIP'
          'dc78d3d06baffc16217519242ce92478'
          '3bf51be3a1bbd262be46dc619f92aa90'
-         '88d3bef4bbdc640b0412315d8d347bdf'
-         'ae7848bb152b8834ceff30c8c480d422'
-         'c5cc62a47cef72f4e5ad119a88e97ae4')
+         'ea2a61c8bd43788d81d98f1ac36c98ac')
 
 prepare() {
 	cd $srcdir/$pkgname-$_ver
@@ -38,13 +34,7 @@ prepare() {
 	# set ca dir to /etc/ssl by default
 	patch -p0 -i $srcdir/ca-dir.patch
 
-	patch -p1 -i $srcdir/openssl-1.0.1e-fix_pod_syntax-1.patch
-	# OpenSSL 1.0.0k, 1.0.1.d, 1.0.1e fail handshake with DTLS1_BAD_VER
-	# http://rt.openssl.org/Ticket/Display.html?id=2984
-	patch -p1 -i $srcdir/openssl-1.0.1-Check-DTLS_BAD_VER-for-version-number.patch
-	# Communication problems with 1.0.1e
-	# http://rt.openssl.org/Ticket/Display.html?id=3002
-	patch -p1 -i $srcdir/openssl-1.0.1-e_aes_cbc_hmac_sha1.c-fix-rare-bad-record-mac-on-AES.patch
+	patch -p1 -i $srcdir/openssl-1.0.1f-perl-5.18.patch
 }
 
 build() {
diff --git a/core/openssl/openssl-1.0.1-Check-DTLS_BAD_VER-for-version-number.patch b/core/openssl/openssl-1.0.1-Check-DTLS_BAD_VER-for-version-number.patch
deleted file mode 100644
index 5a88220c3..000000000
--- a/core/openssl/openssl-1.0.1-Check-DTLS_BAD_VER-for-version-number.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 9fe4603b8245425a4c46986ed000fca054231253 Mon Sep 17 00:00:00 2001
-From: David Woodhouse <dwmw2@infradead.org>
-Date: Tue, 12 Feb 2013 14:55:32 +0000
-Subject: Check DTLS_BAD_VER for version number.
-
-The version check for DTLS1_VERSION was redundant as
-DTLS1_VERSION > TLS1_1_VERSION, however we do need to
-check for DTLS1_BAD_VER for compatibility.
-
-PR:2984
-(cherry picked from commit d980abb22e22661e98e5cee33d760ab0c7584ecc)
----
- ssl/s3_cbc.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
-index 02edf3f..443a31e 100644
---- a/ssl/s3_cbc.c
-+++ b/ssl/s3_cbc.c
-@@ -148,7 +148,7 @@ int tls1_cbc_remove_padding(const SSL* s,
- 	unsigned padding_length, good, to_check, i;
- 	const unsigned overhead = 1 /* padding length byte */ + mac_size;
- 	/* Check if version requires explicit IV */
--	if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
-+	if (s->version >= TLS1_1_VERSION || s->version == DTLS1_BAD_VER)
- 		{
- 		/* These lengths are all public so we can test them in
- 		 * non-constant time.
--- 
-1.8.4.2
-
diff --git a/core/openssl/openssl-1.0.1-e_aes_cbc_hmac_sha1.c-fix-rare-bad-record-mac-on-AES.patch b/core/openssl/openssl-1.0.1-e_aes_cbc_hmac_sha1.c-fix-rare-bad-record-mac-on-AES.patch
deleted file mode 100644
index f1a251227..000000000
--- a/core/openssl/openssl-1.0.1-e_aes_cbc_hmac_sha1.c-fix-rare-bad-record-mac-on-AES.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 9ab3ce124616cb12bd39c6aa1e1bde0f46969b29 Mon Sep 17 00:00:00 2001
-From: Andy Polyakov <appro@openssl.org>
-Date: Mon, 18 Mar 2013 19:29:41 +0100
-Subject: e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI plaforms.
-
-PR: 3002
-(cherry picked from commit 5c60046553716fcf160718f59160493194f212dc)
----
- crypto/evp/e_aes_cbc_hmac_sha1.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
-index 483e04b..fb2c884 100644
---- a/crypto/evp/e_aes_cbc_hmac_sha1.c
-+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
-@@ -328,10 +328,11 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- 
- 				if (res!=SHA_CBLOCK) continue;
- 
--				mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
-+				/* j is not incremented yet */
-+				mask = 0-((inp_len+7-j)>>(sizeof(j)*8-1));
- 				data->u[SHA_LBLOCK-1] |= bitlen&mask;
- 				sha1_block_data_order(&key->md,data,1);
--				mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
-+				mask &= 0-((j-inp_len-72)>>(sizeof(j)*8-1));
- 				pmac->u[0] |= key->md.h0 & mask;
- 				pmac->u[1] |= key->md.h1 & mask;
- 				pmac->u[2] |= key->md.h2 & mask;
--- 
-1.8.4.2
-
diff --git a/core/openssl/openssl-1.0.1e-fix_pod_syntax-1.patch b/core/openssl/openssl-1.0.1e-fix_pod_syntax-1.patch
deleted file mode 100644
index ba25afec3..000000000
--- a/core/openssl/openssl-1.0.1e-fix_pod_syntax-1.patch
+++ /dev/null
@@ -1,393 +0,0 @@
-Submitted By: Martin Ward <macros_the_black at ntlworld dot com>
-Date: 2013-06-18
-Initial Package Version: 1.0.1e
-Upstream Status: Unknown
-Origin: self, based on fedora
-Description: Fixes install with perl-5.18.
-
-diff -Naur openssl-1.0.1e.orig/doc/apps/cms.pod openssl-1.0.1e/doc/apps/cms.pod
---- openssl-1.0.1e.orig/doc/apps/cms.pod	2013-06-06 14:35:15.867871879 +0100
-+++ openssl-1.0.1e/doc/apps/cms.pod	2013-06-06 14:35:25.791747119 +0100
-@@ -450,28 +450,28 @@
- 
- =over 4
- 
--=item 0
-+=item C<0>
- 
- the operation was completely successfully.
- 
--=item 1 
-+=item C<1>
- 
- an error occurred parsing the command options.
- 
--=item 2
-+=item C<2>
- 
- one of the input files could not be read.
- 
--=item 3
-+=item C<3>
- 
- an error occurred creating the CMS file or when reading the MIME
- message.
- 
--=item 4
-+=item C<4>
- 
- an error occurred decrypting or verifying the message.
- 
--=item 5
-+=item C<5>
- 
- the message was verified correctly but an error occurred writing out
- the signers certificates.
-diff -Naur openssl-1.0.1e.orig/doc/apps/smime.pod openssl-1.0.1e/doc/apps/smime.pod
---- openssl-1.0.1e.orig/doc/apps/smime.pod	2013-06-06 14:35:15.867871879 +0100
-+++ openssl-1.0.1e/doc/apps/smime.pod	2013-06-06 14:35:25.794747082 +0100
-@@ -308,28 +308,28 @@
- 
- =over 4
- 
--=item 0
-+=item C<0>
- 
- the operation was completely successfully.
- 
--=item 1 
-+=item C<1>
- 
- an error occurred parsing the command options.
- 
--=item 2
-+=item C<2>
- 
- one of the input files could not be read.
- 
--=item 3
-+=item C<3>
- 
- an error occurred creating the PKCS#7 file or when reading the MIME
- message.
- 
--=item 4
-+=item C<4>
- 
- an error occurred decrypting or verifying the message.
- 
--=item 5
-+=item C<5>
- 
- the message was verified correctly but an error occurred writing out
- the signers certificates.
-diff -Naur openssl-1.0.1e.orig/doc/crypto/X509_STORE_CTX_get_error.pod openssl-1.0.1e/doc/crypto/X509_STORE_CTX_get_error.pod
---- openssl-1.0.1e.orig/doc/crypto/X509_STORE_CTX_get_error.pod	2013-06-06 14:35:15.874871791 +0100
-+++ openssl-1.0.1e/doc/crypto/X509_STORE_CTX_get_error.pod	2013-06-06 14:37:13.826388940 +0100
-@@ -278,6 +278,8 @@
- an application specific error. This will never be returned unless explicitly
- set by an application.
- 
-+=back
-+
- =head1 NOTES
- 
- The above functions should be used instead of directly referencing the fields
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_accept.pod openssl-1.0.1e/doc/ssl/SSL_accept.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_accept.pod	2013-06-06 14:35:15.871871829 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_accept.pod	2013-06-06 14:35:25.796747057 +0100
-@@ -44,12 +44,12 @@
- 
- =over 4
- 
--=item 1
-+=item C<1>
- 
- The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
- established.
- 
--=item 0
-+=item C<0>
- 
- The TLS/SSL handshake was not successful but was shut down controlled and
- by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_clear.pod openssl-1.0.1e/doc/ssl/SSL_clear.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_clear.pod	2013-06-06 14:35:15.871871829 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_clear.pod	2013-06-06 14:35:25.803746969 +0100
-@@ -56,12 +56,12 @@
- 
- =over 4
- 
--=item 0
-+=item C<0>
- 
- The SSL_clear() operation could not be performed. Check the error stack to
- find out the reason.
- 
--=item 1
-+=item C<1>
- 
- The SSL_clear() operation was successful.
- 
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_COMP_add_compression_method.pod openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_COMP_add_compression_method.pod	2013-06-06 14:35:15.870871842 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod	2013-06-06 14:35:25.806746931 +0100
-@@ -53,11 +53,11 @@
- 
- =over 4
- 
--=item 0
-+=item C<0>
- 
- The operation succeeded.
- 
--=item 1
-+=item C<1>
- 
- The operation failed. Check the error queue to find out the reason.
- 
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_connect.pod openssl-1.0.1e/doc/ssl/SSL_connect.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_connect.pod	2013-06-06 14:35:15.869871854 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_connect.pod	2013-06-06 14:35:25.808746906 +0100
-@@ -41,12 +41,12 @@
- 
- =over 4
- 
--=item 1
-+=item C<1>
- 
- The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
- established.
- 
--=item 0
-+=item C<0>
- 
- The TLS/SSL handshake was not successful but was shut down controlled and
- by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_CTX_add_session.pod openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_add_session.pod	2013-06-06 14:35:15.871871829 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod	2013-06-06 14:35:25.816746805 +0100
-@@ -52,13 +52,13 @@
- 
- =over 4
- 
--=item 0
-+=item C<0>
- 
-  The operation failed. In case of the add operation, it was tried to add
-  the same (identical) session twice. In case of the remove operation, the
-  session was not found in the cache.
- 
--=item 1
-+=item C<1>
-  
-  The operation succeeded.
- 
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_CTX_load_verify_locations.pod openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_load_verify_locations.pod	2013-06-06 14:35:15.870871842 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod	2013-06-06 14:35:25.818746780 +0100
-@@ -100,13 +100,13 @@
- 
- =over 4
- 
--=item 0
-+=item C<0>
- 
- The operation failed because B<CAfile> and B<CApath> are NULL or the
- processing at one of the locations specified failed. Check the error
- stack to find out the reason.
- 
--=item 1
-+=item C<1>
- 
- The operation succeeded.
- 
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod	2013-06-06 14:35:15.871871829 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod	2013-06-06 14:35:25.821746742 +0100
-@@ -66,11 +66,11 @@
- 
- =over 4
- 
--=item 1
-+=item C<1>
- 
- The operation succeeded.
- 
--=item 0
-+=item C<0>
- 
- A failure while manipulating the STACK_OF(X509_NAME) object occurred or
- the X509_NAME could not be extracted from B<cacert>. Check the error stack
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_session_id_context.pod openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_session_id_context.pod	2013-06-06 14:35:15.871871829 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod	2013-06-06 14:35:25.828746654 +0100
-@@ -64,13 +64,13 @@
- 
- =over 4
- 
--=item 0
-+=item C<0>
- 
- The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
- the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
- is logged to the error stack.
- 
--=item 1
-+=item C<1>
- 
- The operation succeeded.
- 
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_ssl_version.pod openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_ssl_version.pod	2013-06-06 14:35:15.871871829 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod	2013-06-06 14:35:25.831746617 +0100
-@@ -42,11 +42,11 @@
- 
- =over 4
- 
--=item 0
-+=item C<0>
- 
- The new choice failed, check the error stack to find out the reason.
- 
--=item 1
-+=item C<1>
- 
- The operation succeeded.
- 
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod	2013-06-06 14:35:15.870871842 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod	2013-06-06 14:36:42.456783309 +0100
-@@ -81,6 +81,8 @@
- 
- Return values from the server callback are interpreted as follows:
- 
-+=over
-+
- =item > 0
- 
- PSK identity was found and the server callback has provided the PSK
-@@ -94,9 +96,11 @@
- connection will fail with decryption_error before it will be finished
- completely.
- 
--=item 0
-+=item C<0>
- 
- PSK identity was not found. An "unknown_psk_identity" alert message
- will be sent and the connection setup fails.
- 
-+=back
-+
- =cut
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_do_handshake.pod openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_do_handshake.pod	2013-06-06 14:35:15.869871854 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod	2013-06-06 14:35:25.839746516 +0100
-@@ -45,12 +45,12 @@
- 
- =over 4
- 
--=item 1
-+=item C<1>
- 
- The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
- established.
- 
--=item 0
-+=item C<0>
- 
- The TLS/SSL handshake was not successful but was shut down controlled and
- by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_read.pod openssl-1.0.1e/doc/ssl/SSL_read.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_read.pod	2013-06-06 14:35:15.871871829 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_read.pod	2013-06-06 14:35:25.847746415 +0100
-@@ -86,7 +86,7 @@
- The read operation was successful; the return value is the number of
- bytes actually read from the TLS/SSL connection.
- 
--=item 0
-+=item C<0>
- 
- The read operation was not successful. The reason may either be a clean
- shutdown due to a "close notify" alert sent by the peer (in which case
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_session_reused.pod openssl-1.0.1e/doc/ssl/SSL_session_reused.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_session_reused.pod	2013-06-06 14:35:15.871871829 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_session_reused.pod	2013-06-06 14:35:25.849746390 +0100
-@@ -27,11 +27,11 @@
- 
- =over 4
- 
--=item 0
-+=item C<0>
- 
- A new session was negotiated.
- 
--=item 1
-+=item C<1>
- 
- A session was reused.
- 
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_set_fd.pod openssl-1.0.1e/doc/ssl/SSL_set_fd.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_set_fd.pod	2013-06-06 14:35:15.869871854 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_set_fd.pod	2013-06-06 14:35:25.852746353 +0100
-@@ -35,11 +35,11 @@
- 
- =over 4
- 
--=item 0
-+=item C<0>
- 
- The operation failed. Check the error stack to find out why.
- 
--=item 1
-+=item C<1>
- 
- The operation succeeded.
- 
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_set_session.pod openssl-1.0.1e/doc/ssl/SSL_set_session.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_set_session.pod	2013-06-06 14:35:15.870871842 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_set_session.pod	2013-06-06 14:35:25.855746315 +0100
-@@ -37,11 +37,11 @@
- 
- =over 4
- 
--=item 0
-+=item C<0>
- 
- The operation failed; check the error stack to find out the reason.
- 
--=item 1
-+=item C<1>
- 
- The operation succeeded.
- 
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_shutdown.pod openssl-1.0.1e/doc/ssl/SSL_shutdown.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_shutdown.pod	2013-06-06 14:35:15.870871842 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_shutdown.pod	2013-06-06 14:35:25.857746290 +0100
-@@ -92,12 +92,12 @@
- 
- =over 4
- 
--=item 1
-+=item C<1>
- 
- The shutdown was successfully completed. The "close notify" alert was sent
- and the peer's "close notify" alert was received.
- 
--=item 0
-+=item C<0>
- 
- The shutdown is not yet finished. Call SSL_shutdown() for a second time,
- if a bidirectional shutdown shall be performed.
-diff -Naur openssl-1.0.1e.orig/doc/ssl/SSL_write.pod openssl-1.0.1e/doc/ssl/SSL_write.pod
---- openssl-1.0.1e.orig/doc/ssl/SSL_write.pod	2013-06-06 14:35:15.870871842 +0100
-+++ openssl-1.0.1e/doc/ssl/SSL_write.pod	2013-06-06 14:35:25.865746189 +0100
-@@ -79,7 +79,7 @@
- The write operation was successful, the return value is the number of
- bytes actually written to the TLS/SSL connection.
- 
--=item 0
-+=item C<0>
- 
- The write operation was not successful. Probably the underlying connection
- was closed. Call SSL_get_error() with the return value B<ret> to find out,
diff --git a/core/openssl/openssl-1.0.1f-perl-5.18.patch b/core/openssl/openssl-1.0.1f-perl-5.18.patch
new file mode 100644
index 000000000..c66209637
--- /dev/null
+++ b/core/openssl/openssl-1.0.1f-perl-5.18.patch
@@ -0,0 +1,356 @@
+Forward-ported from openssl-1.0.1e-perl-5.18.patch
+Fixes install with perl-5.18.
+
+https://bugs.gentoo.org/show_bug.cgi?id=497286
+
+Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
+
+--- openssl-1.0.1f/doc/apps/cms.pod
++++ openssl-1.0.1f/doc/apps/cms.pod
+@@ -450,28 +450,28 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ the operation was completely successfully.
+ 
+-=item 1 
++=item C<1>
+ 
+ an error occurred parsing the command options.
+ 
+-=item 2
++=item C<2>
+ 
+ one of the input files could not be read.
+ 
+-=item 3
++=item C<3>
+ 
+ an error occurred creating the CMS file or when reading the MIME
+ message.
+ 
+-=item 4
++=item C<4>
+ 
+ an error occurred decrypting or verifying the message.
+ 
+-=item 5
++=item C<5>
+ 
+ the message was verified correctly but an error occurred writing out
+ the signers certificates.
+--- openssl-1.0.1f/doc/apps/smime.pod
++++ openssl-1.0.1f/doc/apps/smime.pod
+@@ -308,28 +308,28 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ the operation was completely successfully.
+ 
+-=item 1 
++=item C<1>
+ 
+ an error occurred parsing the command options.
+ 
+-=item 2
++=item C<2>
+ 
+ one of the input files could not be read.
+ 
+-=item 3
++=item C<3>
+ 
+ an error occurred creating the PKCS#7 file or when reading the MIME
+ message.
+ 
+-=item 4
++=item C<4>
+ 
+ an error occurred decrypting or verifying the message.
+ 
+-=item 5
++=item C<5>
+ 
+ the message was verified correctly but an error occurred writing out
+ the signers certificates.
+--- openssl-1.0.1f/doc/ssl/SSL_accept.pod
++++ openssl-1.0.1f/doc/ssl/SSL_accept.pod
+@@ -44,13 +44,13 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ The TLS/SSL handshake was not successful but was shut down controlled and
+ by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
+ return value B<ret> to find out the reason.
+ 
+-=item 1
++=item C<1>
+ 
+ The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
+ established.
+--- openssl-1.0.1f/doc/ssl/SSL_clear.pod
++++ openssl-1.0.1f/doc/ssl/SSL_clear.pod
+@@ -56,12 +56,12 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ The SSL_clear() operation could not be performed. Check the error stack to
+ find out the reason.
+ 
+-=item 1
++=item C<1>
+ 
+ The SSL_clear() operation was successful.
+ 
+--- openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod
++++ openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod
+@@ -53,11 +53,11 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ The operation succeeded.
+ 
+-=item 1
++=item C<1>
+ 
+ The operation failed. Check the error queue to find out the reason.
+ 
+--- openssl-1.0.1f/doc/ssl/SSL_connect.pod
++++ openssl-1.0.1f/doc/ssl/SSL_connect.pod
+@@ -41,13 +41,13 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ The TLS/SSL handshake was not successful but was shut down controlled and
+ by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
+ return value B<ret> to find out the reason.
+ 
+-=item 1
++=item C<1>
+ 
+ The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
+ established.
+--- openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod
++++ openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod
+@@ -52,13 +52,13 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+  The operation failed. In case of the add operation, it was tried to add
+  the same (identical) session twice. In case of the remove operation, the
+  session was not found in the cache.
+ 
+-=item 1
++=item C<1>
+  
+  The operation succeeded.
+ 
+--- openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod
++++ openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod
+@@ -100,13 +100,13 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ The operation failed because B<CAfile> and B<CApath> are NULL or the
+ processing at one of the locations specified failed. Check the error
+ stack to find out the reason.
+ 
+-=item 1
++=item C<1>
+ 
+ The operation succeeded.
+ 
+--- openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod
++++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod
+@@ -66,13 +66,13 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ A failure while manipulating the STACK_OF(X509_NAME) object occurred or
+ the X509_NAME could not be extracted from B<cacert>. Check the error stack
+ to find out the reason.
+ 
+-=item 1
++=item C<1>
+ 
+ The operation succeeded.
+ 
+--- openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod
++++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod
+@@ -64,13 +64,13 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
+ the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
+ is logged to the error stack.
+ 
+-=item 1
++=item C<1>
+ 
+ The operation succeeded.
+ 
+--- openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod
++++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod
+@@ -42,11 +42,11 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ The new choice failed, check the error stack to find out the reason.
+ 
+-=item 1
++=item C<1>
+ 
+ The operation succeeded.
+ 
+--- openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
++++ openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
+@@ -96,7 +96,7 @@
+ connection will fail with decryption_error before it will be finished
+ completely.
+ 
+-=item 0
++=item C<0>
+ 
+ PSK identity was not found. An "unknown_psk_identity" alert message
+ will be sent and the connection setup fails.
+--- openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod
++++ openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod
+@@ -45,13 +45,13 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ The TLS/SSL handshake was not successful but was shut down controlled and
+ by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
+ return value B<ret> to find out the reason.
+ 
+-=item 1
++=item C<1>
+ 
+ The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
+ established.
+--- openssl-1.0.1f/doc/ssl/SSL_read.pod
++++ openssl-1.0.1f/doc/ssl/SSL_read.pod
+@@ -86,7 +86,7 @@
+ The read operation was successful; the return value is the number of
+ bytes actually read from the TLS/SSL connection.
+ 
+-=item 0
++=item C<0>
+ 
+ The read operation was not successful. The reason may either be a clean
+ shutdown due to a "close notify" alert sent by the peer (in which case
+--- openssl-1.0.1f/doc/ssl/SSL_session_reused.pod
++++ openssl-1.0.1f/doc/ssl/SSL_session_reused.pod
+@@ -27,11 +27,11 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ A new session was negotiated.
+ 
+-=item 1
++=item C<1>
+ 
+ A session was reused.
+ 
+--- openssl-1.0.1f/doc/ssl/SSL_set_fd.pod
++++ openssl-1.0.1f/doc/ssl/SSL_set_fd.pod
+@@ -35,11 +35,11 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ The operation failed. Check the error stack to find out why.
+ 
+-=item 1
++=item C<1>
+ 
+ The operation succeeded.
+ 
+--- openssl-1.0.1f/doc/ssl/SSL_set_session.pod
++++ openssl-1.0.1f/doc/ssl/SSL_set_session.pod
+@@ -37,11 +37,11 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ The operation failed; check the error stack to find out the reason.
+ 
+-=item 1
++=item C<1>
+ 
+ The operation succeeded.
+ 
+--- openssl-1.0.1f/doc/ssl/SSL_shutdown.pod
++++ openssl-1.0.1f/doc/ssl/SSL_shutdown.pod
+@@ -92,14 +92,14 @@
+ 
+ =over 4
+ 
+-=item 0
++=item C<0>
+ 
+ The shutdown is not yet finished. Call SSL_shutdown() for a second time,
+ if a bidirectional shutdown shall be performed.
+ The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
+ erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
+ 
+-=item 1
++=item C<1>
+ 
+ The shutdown was successfully completed. The "close notify" alert was sent
+ and the peer's "close notify" alert was received.
+--- openssl-1.0.1f/doc/ssl/SSL_write.pod
++++ openssl-1.0.1f/doc/ssl/SSL_write.pod
+@@ -79,7 +79,7 @@
+ The write operation was successful, the return value is the number of
+ bytes actually written to the TLS/SSL connection.
+ 
+-=item 0
++=item C<0>
+ 
+ The write operation was not successful. Probably the underlying connection
+ was closed. Call SSL_get_error() with the return value B<ret> to find out,
author	Nicolás Reynolds <fauno@endefensadelsl.org>	2014-01-08 03:41:42 +0000
committer	Nicolás Reynolds <fauno@endefensadelsl.org>	2014-01-08 03:41:42 +0000
commit	3092fe0e20f490a5f9b8b9602ffc039a22be60c0 (patch)
tree	ca5296f2b482de6c3889b3d2721dda0ae342eaee /core/openssl
parent	bd5b8fe0fe2355ad0df744ed310d12b8a70c51f9 (diff)