diff options
author | Florian Boor <florian.boor@kernelconcepts.de> | 2006-03-22 15:53:44 +0000 |
---|---|---|
committer | OpenEmbedded Project <openembedded-devel@lists.openembedded.org> | 2006-03-22 15:53:44 +0000 |
commit | 3ac85651547ce2c174e66a39bf7baa4c8a7194ec (patch) | |
tree | 7a87aed41b7ff84f44e0bd7954e005d97f3256eb /packages/openssl/openssl-0.9.7g/debian.patch | |
parent | 3a707a2397026f2f9fdc6b4827b660982bb64440 (diff) |
openssl: add 0.9.7g with pkgconfig support
Diffstat (limited to 'packages/openssl/openssl-0.9.7g/debian.patch')
-rw-r--r-- | packages/openssl/openssl-0.9.7g/debian.patch | 2808 |
1 files changed, 2808 insertions, 0 deletions
diff --git a/packages/openssl/openssl-0.9.7g/debian.patch b/packages/openssl/openssl-0.9.7g/debian.patch new file mode 100644 index 0000000000..8cfdd2d653 --- /dev/null +++ b/packages/openssl/openssl-0.9.7g/debian.patch @@ -0,0 +1,2808 @@ +--- openssl097-0.9.7g.orig/apps/CA.pl ++++ openssl097-0.9.7g/apps/CA.pl +@@ -1,4 +1,4 @@ +-#!/usr/bin/perl ++#!/usr/local/bin/perl + # + # CA - wrapper around ca to make it easier to use ... basically ca requires + # some setup stuff to be done before you can use it and this makes +@@ -63,6 +63,7 @@ + foreach (@ARGV) { + if ( /^(-\?|-h|-help)$/ ) { + print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; ++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; + exit 0; + } elsif (/^-newcert$/) { + # create a certificate +@@ -158,6 +159,7 @@ + } else { + print STDERR "Unknown arg $_\n"; + print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; ++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; + exit 1; + } + } +--- openssl097-0.9.7g.orig/apps/CA.pl.in ++++ openssl097-0.9.7g/apps/CA.pl.in +@@ -63,6 +63,7 @@ + foreach (@ARGV) { + if ( /^(-\?|-h|-help)$/ ) { + print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; ++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; + exit 0; + } elsif (/^-newcert$/) { + # create a certificate +@@ -158,6 +159,7 @@ + } else { + print STDERR "Unknown arg $_\n"; + print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; ++ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; + exit 1; + } + } +--- openssl097-0.9.7g.orig/apps/progs.h ++++ openssl097-0.9.7g/apps/progs.h +@@ -35,11 +35,9 @@ + extern int spkac_main(int argc,char *argv[]); + extern int smime_main(int argc,char *argv[]); + extern int rand_main(int argc,char *argv[]); +-extern int prime_main(int argc,char *argv[]); +-#ifndef OPENSSL_NO_ENGINE + extern int engine_main(int argc,char *argv[]); +-#endif + extern int ocsp_main(int argc,char *argv[]); ++extern int prime_main(int argc,char *argv[]); + + #define FUNC_TYPE_GENERAL 1 + #define FUNC_TYPE_MD 2 +@@ -95,9 +93,7 @@ + #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) + {FUNC_TYPE_GENERAL,"s_client",s_client_main}, + #endif +-#ifndef OPENSSL_NO_SPEED + {FUNC_TYPE_GENERAL,"speed",speed_main}, +-#endif + #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) + {FUNC_TYPE_GENERAL,"s_time",s_time_main}, + #endif +@@ -116,11 +112,9 @@ + {FUNC_TYPE_GENERAL,"spkac",spkac_main}, + {FUNC_TYPE_GENERAL,"smime",smime_main}, + {FUNC_TYPE_GENERAL,"rand",rand_main}, +- {FUNC_TYPE_GENERAL,"prime",prime_main}, +-#ifndef OPENSSL_NO_ENGINE + {FUNC_TYPE_GENERAL,"engine",engine_main}, +-#endif + {FUNC_TYPE_GENERAL,"ocsp",ocsp_main}, ++ {FUNC_TYPE_GENERAL,"prime",prime_main}, + #ifndef OPENSSL_NO_MD2 + {FUNC_TYPE_MD,"md2",dgst_main}, + #endif +--- openssl097-0.9.7g.orig/config ++++ openssl097-0.9.7g/config +@@ -163,8 +163,8 @@ + echo "${MACHINE}-whatever-linux1"; exit 0 + ;; + +- GNU*) +- echo "hurd-x86"; exit 0; ++ GNU:*|GNU/*:*) ++ echo "${MACHINE}-gnuish"; exit 0; + ;; + + LynxOS:*) +--- openssl097-0.9.7g.orig/Configure ++++ openssl097-0.9.7g/Configure +@@ -1,4 +1,4 @@ +-: ++#!/usr/local/bin/perl + eval 'exec perl -S $0 ${1+"$@"}' + if $running_under_some_shell; + ## +@@ -390,6 +390,42 @@ + # assembler versions -- currently defunct: + ##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}", + ++# Debian GNU/* (various architectures) ++"debian-alpha","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-alpha-ev4","gcc:-DTERMIO -O3 -mcpu=ev4 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-alpha-ev5","gcc:-DTERMIO -O3 -mcpu=ev5 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++#"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++#"debian-freebsd-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-hppa","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-ia64","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++#"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC", ++"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i486 -mcpu=i486 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i586 -mcpu=i586 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i686 -mcpu=i686 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-m68k","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-openbsd-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-openbsd-mips","gcc:-O2 -DL_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc64.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-s390","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sh4", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sh3eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sh4eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sparc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v8 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v9 -Wa,-Av8plus -fomit-frame-pointer -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the + # bn86-elf.o file file since it is hand tweaked assembler. + "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +@@ -1316,7 +1352,8 @@ + elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/) + { + my $sotmp = $1; +- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/; ++# s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/; ++ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/; + } + elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/) + { +--- openssl097-0.9.7g.orig/crypto/asn1/charmap.pl ++++ openssl097-0.9.7g/crypto/asn1/charmap.pl +@@ -1,4 +1,4 @@ +-#!/usr/local/bin/perl -w ++#!/usr/local/bin/perl + + use strict; + +--- openssl097-0.9.7g.orig/crypto/bn/asm/ppc.pl ++++ openssl097-0.9.7g/crypto/bn/asm/ppc.pl +@@ -1,4 +1,4 @@ +-#!/usr/bin/env perl ++#!/usr/local/bin/perl + # + # Implemented as a Perl wrapper as we want to support several different + # architectures with single file. We pick up the target based on the +--- openssl097-0.9.7g.orig/crypto/md5/asm/md5-sparcv9.S ++++ openssl097-0.9.7g/crypto/md5/asm/md5-sparcv9.S +@@ -74,14 +74,14 @@ + #define Dval R8 + + #if defined(MD5_BLOCK_DATA_ORDER) +-# if defined(OPENSSL_SYSNAME_ULTRASPARC) ++/*# if defined(OPENSSL_SYSNAME_ULTRASPARC)*/ + # define LOAD lda + # define X(i) [%i1+i*4]%asi + # define md5_block md5_block_asm_data_order_aligned + # define ASI_PRIMARY_LITTLE 0x88 +-# else ++/*# else + # error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!" +-# endif ++# endif*/ + #else + # define LOAD ld + # define X(i) [%i1+i*4] +--- openssl097-0.9.7g.orig/crypto/opensslconf.h ++++ openssl097-0.9.7g/crypto/opensslconf.h +@@ -4,17 +4,38 @@ + /* OpenSSL was configured with the following options: */ + #ifndef OPENSSL_DOING_MAKEDEPEND + ++#ifndef OPENSSL_NO_IDEA ++# define OPENSSL_NO_IDEA ++#endif ++#ifndef OPENSSL_NO_MDC2 ++# define OPENSSL_NO_MDC2 ++#endif ++#ifndef OPENSSL_NO_RC5 ++# define OPENSSL_NO_RC5 ++#endif + #ifndef OPENSSL_NO_KRB5 + # define OPENSSL_NO_KRB5 + #endif + + #endif /* OPENSSL_DOING_MAKEDEPEND */ ++#ifndef OPENSSL_THREADS ++# define OPENSSL_THREADS ++#endif + + /* The OPENSSL_NO_* macros are also defined as NO_* if the application + asks for it. This is a transient feature that is provided for those + who haven't had the time to do the appropriate changes in their + applications. */ + #ifdef OPENSSL_ALGORITHM_DEFINES ++# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA) ++# define NO_IDEA ++# endif ++# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2) ++# define NO_MDC2 ++# endif ++# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5) ++# define NO_RC5 ++# endif + # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5) + # define NO_KRB5 + # endif +@@ -27,7 +48,7 @@ + + #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ + #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) +-#define OPENSSLDIR "/usr/local/ssl" ++#define OPENSSLDIR "/usr/lib/ssl" + #endif + #endif + +@@ -79,7 +100,7 @@ + + #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) + #define CONFIG_HEADER_BN_H +-#undef BN_LLONG ++#define BN_LLONG + + /* Should we define BN_DIV2W here? */ + +@@ -98,7 +119,7 @@ + #define CONFIG_HEADER_RC4_LOCL_H + /* if this is defined data[i] is used instead of *data, this is a %20 + * speedup on x86 */ +-#undef RC4_INDEX ++#define RC4_INDEX + #endif + + #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) +@@ -112,14 +133,14 @@ + /* the following is tweaked from a config script, that is why it is a + * protected undef/define */ + #ifndef DES_PTR +-#undef DES_PTR ++#define DES_PTR + #endif + + /* This helps C compiler generate the correct code for multiple functional + * units. It reduces register dependancies at the expense of 2 more + * registers */ + #ifndef DES_RISC1 +-#undef DES_RISC1 ++#define DES_RISC1 + #endif + + #ifndef DES_RISC2 +@@ -133,7 +154,7 @@ + /* Unroll the inner loop, this sometimes helps, sometimes hinders. + * Very mucy CPU dependant */ + #ifndef DES_UNROLL +-#undef DES_UNROLL ++#define DES_UNROLL + #endif + + /* These default values were supplied by +--- openssl097-0.9.7g.orig/crypto/pkcs7/pk7_mime.c ++++ openssl097-0.9.7g/crypto/pkcs7/pk7_mime.c +@@ -277,9 +277,9 @@ + + if(strcmp(hdr->value, "application/x-pkcs7-signature") && + strcmp(hdr->value, "application/pkcs7-signature")) { +- sk_MIME_HEADER_pop_free(headers, mime_hdr_free); + PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE); + ERR_add_error_data(2, "type: ", hdr->value); ++ sk_MIME_HEADER_pop_free(headers, mime_hdr_free); + sk_BIO_pop_free(parts, BIO_vfree); + return NULL; + } +--- openssl097-0.9.7g.orig/crypto/rc4/asm/rc4-amd64.pl ++++ openssl097-0.9.7g/crypto/rc4/asm/rc4-amd64.pl +@@ -1,4 +1,4 @@ +-#!/usr/bin/env perl ++#!/usr/local/bin/perl + # + # ==================================================================== + # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL +--- openssl097-0.9.7g.orig/crypto/rc4/rc4_enc.c ++++ openssl097-0.9.7g/crypto/rc4/rc4_enc.c +@@ -77,10 +77,6 @@ + x=key->x; + y=key->y; + d=key->data; +-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64) +- /* see crypto/rc4/asm/rc4-ia64.S for further details... */ +- d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1)); +-#endif + + #if defined(RC4_CHUNK) + /* +--- openssl097-0.9.7g.orig/crypto/rc4/rc4.h ++++ openssl097-0.9.7g/crypto/rc4/rc4.h +@@ -73,10 +73,6 @@ + { + RC4_INT x,y; + RC4_INT data[256]; +-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64) +- /* see crypto/rc4/asm/rc4-ia64.S for further details... */ +- RC4_INT pad[512-256-2]; +-#endif + } RC4_KEY; + + +--- openssl097-0.9.7g.orig/crypto/rc4/rc4_skey.c ++++ openssl097-0.9.7g/crypto/rc4/rc4_skey.c +@@ -94,10 +94,6 @@ + unsigned int i; + + d= &(key->data[0]); +-#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64) +- /* see crypto/rc4/asm/rc4-ia64.S for further details... */ +- d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1)); +-#endif + + for (i=0; i<256; i++) + d[i]=i; +--- openssl097-0.9.7g.orig/crypto/sha/asm/sha1-ia64.pl ++++ openssl097-0.9.7g/crypto/sha/asm/sha1-ia64.pl +@@ -1,4 +1,4 @@ +-#!/usr/bin/env perl ++#!/usr/local/bin/perl + # + # ==================================================================== + # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL +--- openssl097-0.9.7g.orig/demos/tunala/configure.in ++++ openssl097-0.9.7g/demos/tunala/configure.in +@@ -1,4 +1,4 @@ +-dnl Process this file with autoconf to produce a configure script. ++#!/usr/local/bin/perl + AC_INIT(tunala.c) + AM_CONFIG_HEADER(config.h) + AM_INIT_AUTOMAKE(tunala, 0.0.1-dev) +--- openssl097-0.9.7g.orig/doc/apps/CA.pl.pod ++++ openssl097-0.9.7g/doc/apps/CA.pl.pod +@@ -47,7 +47,7 @@ + creates a new certificate request. The private key and request are + written to the file "newreq.pem". + +-=item B<-newreq-nowdes> ++=item B<-newreq-nodes> + + is like B<-newreq> except that the private key will not be encrypted. + +--- openssl097-0.9.7g.orig/doc/Makefile ++++ openssl097-0.9.7g/doc/Makefile +@@ -0,0 +1,40 @@ ++VERSION = ++ ++#PODS = $(wildcard *.pod) ++#MANS = $(addsuffix .man, $(basename $(PODS))) ++ ++MANS = openssl.1 ssl.3 crypto.3 ++ ++P2M = pod2man --center='OpenSSL Documentation' --release="OpenSSL $(VERSION)" ++ ++all: manpages ++ ++.PHONY: manpages ++ ++manpages: openssl.1 crypto.3 ssl.3 ++ ++openssl.1: ++ $(P2M) --section=1 openssl.pod > openssl.1 ++ ++crypto.3: ++ $(P2M) --section=3 crypto.pod > crypto.3 ++ ++ssl.3: ++ $(P2M) --section=3 ssl.pod > ssl.3 ++ ++.PHONY: install ++install: ++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1 ++ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3 ++ install -m 644 -p openssl.1 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1 ++ install -m 644 -p crypto.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3 ++ install -m 644 -p ssl.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3 ++ rm -f $(MANS) ++ ++.PHONY: clean ++clean: ++ rm -f $(MANS) ++ ++.PHONY: realclean ++realclean: ++ -$(MAKE) clean +--- openssl097-0.9.7g.orig/Makefile ++++ openssl097-0.9.7g/Makefile +@@ -11,11 +11,11 @@ + SHLIB_VERSION_HISTORY= + SHLIB_MAJOR=0 + SHLIB_MINOR=9.7 +-SHLIB_EXT= +-PLATFORM=dist +-OPTIONS= no-krb5 +-CONFIGURE_ARGS=dist +-SHLIB_TARGET= ++SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR) ++PLATFORM=debian-i386 ++OPTIONS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug no-krb5 ++CONFIGURE_ARGS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug debian-i386 ++SHLIB_TARGET=linux-shared + + # HERE indicates where this Makefile lives. This can be used to indicate + # where sub-Makefiles are expected to be. Currently has very limited usage, +@@ -26,10 +26,10 @@ + # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/. + # Normally it is left empty. + INSTALL_PREFIX= +-INSTALLTOP=/usr/local/ssl ++INSTALLTOP=/usr + + # Do not edit this manually. Use Configure --openssldir=DIR do change this! +-OPENSSLDIR=/usr/local/ssl ++OPENSSLDIR=/usr/lib/ssl + + # NO_IDEA - Define to build without the IDEA algorithm + # NO_RC4 - Define to build without the RC4 algorithm +@@ -59,12 +59,13 @@ + # equal 4. + # PKCS1_CHECK - pkcs1 tests. + +-CC= cc ++#TOP=$(shell pwd) ++CC= gcc + #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM +-CFLAG= -DOPENSSL_NO_KRB5 -O +-DEPFLAG= ++CFLAG= -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DL_ENDIAN -DTERMIO -O3 -Wall -g ++DEPFLAG= -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 + PEX_LIBS= +-EX_LIBS= ++EX_LIBS= -ldl + EXE_EXT= + ARFLAGS= + AR=ar $(ARFLAGS) r +@@ -72,7 +73,7 @@ + PERL= /usr/bin/perl + TAR= tar + TARFLAGS= --no-recursion +-MAKEDEPPROG=makedepend ++MAKEDEPPROG= gcc + + # We let the C compiler driver to take care of .s files. This is done in + # order to be excused from maintaining a separate set of architecture +@@ -177,13 +178,13 @@ + # we might set SHLIB_MARK to '$(SHARED_LIBS)'. + SHLIB_MARK= + +-DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps test tools ++DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps doc tools + SHLIBDIRS= crypto ssl + + # dirs in crypto to build + SDIRS= objects \ +- md2 md4 md5 sha mdc2 hmac ripemd \ +- des rc2 rc4 rc5 idea bf cast \ ++ md2 md4 md5 sha hmac ripemd \ ++ des rc2 rc4 bf cast \ + bn ec rsa dsa dh dso engine aes \ + buffer bio stack lhash rand err \ + evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 +@@ -196,10 +197,10 @@ + + MAKEFILE= Makefile + +-MANDIR=$(OPENSSLDIR)/man ++MANDIR=/usr/share/man + MAN1=1 + MAN3=3 +-MANSUFFIX= ++MANSUFFIX=ssl + SHELL=/bin/sh + + TOP= . +@@ -211,7 +212,7 @@ + SHARED_CRYPTO=libcrypto$(SHLIB_EXT) + SHARED_SSL=libssl$(SHLIB_EXT) + SHARED_LIBS= +-SHARED_LIBS_LINK_EXTS= ++SHARED_LIBS_LINK_EXTS=.so + SHARED_LDFLAGS= + + GENERAL= Makefile +@@ -826,7 +827,7 @@ + do \ + if [ -f "$$i" ]; then \ + ( echo installing $$i; \ +- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ ++ cp -d $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ + if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ + : ; \ + else \ +--- openssl097-0.9.7g.orig/Makefile.org ++++ openssl097-0.9.7g/Makefile.org +@@ -57,6 +57,7 @@ + # equal 4. + # PKCS1_CHECK - pkcs1 tests. + ++#TOP=$(shell pwd) + CC= gcc + #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM + CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM +@@ -175,7 +176,7 @@ + # we might set SHLIB_MARK to '$(SHARED_LIBS)'. + SHLIB_MARK= + +-DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps test tools ++DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps doc tools + SHLIBDIRS= crypto ssl + + # dirs in crypto to build +@@ -194,10 +195,10 @@ + + MAKEFILE= Makefile + +-MANDIR=$(OPENSSLDIR)/man ++MANDIR=/usr/share/man + MAN1=1 + MAN3=3 +-MANSUFFIX= ++MANSUFFIX=ssl + SHELL=/bin/sh + + TOP= . +@@ -824,7 +825,7 @@ + do \ + if [ -f "$$i" ]; then \ + ( echo installing $$i; \ +- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ ++ cp -d $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ + if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ + : ; \ + else \ +--- openssl097-0.9.7g.orig/os2/backwardify.pl ++++ openssl097-0.9.7g/os2/backwardify.pl +@@ -1,4 +1,4 @@ +-#!/usr/bin/perl -w ++#!/usr/local/bin/perl + use strict; + + # Use as $0 +--- openssl097-0.9.7g.orig/ssl/s23_srvr.c ++++ openssl097-0.9.7g/ssl/s23_srvr.c +@@ -528,9 +528,7 @@ + } + + s->state=SSL2_ST_GET_CLIENT_HELLO_A; +- if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || +- use_sslv2_strong || +- (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)) ++ if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3) + s->s2->ssl2_rollback=0; + else + /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 +--- openssl097-0.9.7g.orig/ssl/ssl_algs.c ++++ openssl097-0.9.7g/ssl/ssl_algs.c +@@ -109,3 +109,8 @@ + return(1); + } + ++#undef SSLeay_add_ssl_algorithms ++int SSLeay_add_ssl_algorithms(void) ++ { ++ return SSL_library_init(); ++ } +--- openssl097-0.9.7g.orig/tools/c_rehash ++++ openssl097-0.9.7g/tools/c_rehash +@@ -6,7 +6,7 @@ + + my $openssl; + +-my $dir = "/usr/local/ssl"; ++my $dir = "/usr/lib/ssl"; + + if(defined $ENV{OPENSSL}) { + $openssl = $ENV{OPENSSL}; +--- openssl097-0.9.7g.orig/tools/c_rehash.in ++++ openssl097-0.9.7g/tools/c_rehash.in +@@ -1,4 +1,4 @@ +-#!/usr/local/bin/perl ++#!/usr/bin/perl + + + # Perl c_rehash script, scan all files in a directory +--- openssl097-0.9.7g.orig/util/clean-depend.pl ++++ openssl097-0.9.7g/util/clean-depend.pl +@@ -1,4 +1,4 @@ +-#!/usr/local/bin/perl -w ++#!/usr/local/bin/perl + # Clean the dependency list in a makefile of standard includes... + # Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999 + +--- openssl097-0.9.7g.orig/util/extract-names.pl ++++ openssl097-0.9.7g/util/extract-names.pl +@@ -1,4 +1,4 @@ +-#!/usr/bin/perl ++#!/usr/local/bin/perl + + $/ = ""; # Eat a paragraph at once. + while(<STDIN>) { +--- openssl097-0.9.7g.orig/util/mkdef.pl ++++ openssl097-0.9.7g/util/mkdef.pl +@@ -1,4 +1,4 @@ +-#!/usr/local/bin/perl -w ++#!/usr/local/bin/perl + # + # generate a .def file + # +--- openssl097-0.9.7g.orig/util/mkerr.pl ++++ openssl097-0.9.7g/util/mkerr.pl +@@ -1,4 +1,4 @@ +-#!/usr/local/bin/perl -w ++#!/usr/local/bin/perl + + my $config = "crypto/err/openssl.ec"; + my $debug = 0; +--- openssl097-0.9.7g.orig/util/mkstack.pl ++++ openssl097-0.9.7g/util/mkstack.pl +@@ -1,4 +1,4 @@ +-#!/usr/local/bin/perl -w ++#!/usr/local/bin/perl + + # This is a utility that searches out "DECLARE_STACK_OF()" + # declarations in .h and .c files, and updates/creates/replaces +--- openssl097-0.9.7g.orig/util/pod2man.pl ++++ openssl097-0.9.7g/util/pod2man.pl +@@ -1,4 +1,4 @@ +-: #!/usr/bin/perl-5.005 ++#!/usr/local/bin/perl + eval 'exec /usr/bin/perl -S $0 ${1+"$@"}' + if $running_under_some_shell; + +--- openssl097-0.9.7g.orig/util/selftest.pl ++++ openssl097-0.9.7g/util/selftest.pl +@@ -1,4 +1,4 @@ +-#!/usr/local/bin/perl -w ++#!/usr/local/bin/perl + # + # Run the test suite and generate a report + # +--- openssl097-0.9.7g.orig/VMS/VMSify-conf.pl ++++ openssl097-0.9.7g/VMS/VMSify-conf.pl +@@ -1,4 +1,4 @@ +-#! /usr/bin/perl ++#!/usr/local/bin/perl + + use strict; + use warnings; +--- openssl097-0.9.7g.orig/debian/po/sv.po ++++ openssl097-0.9.7g/debian/po/sv.po +@@ -0,0 +1,61 @@ ++# Translators, if you are not familiar with the PO format, gettext ++# documentation is worth reading, especially sections dedicated to ++# this format, e.g. by running: ++# info -n '(gettext)PO Files' ++# info -n '(gettext)Header Entry' ++# Some information specific to po-debconf are available at ++# /usr/share/doc/po-debconf/README-trans ++# or http://www.debian.org/intl/l10n/po-debconf/README-trans ++# Developers do not need to manually edit POT or PO files. ++# , fuzzy ++# ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openssl 0.9.7g-2\n" ++"Report-Msgid-Bugs-To: \n" ++"POT-Creation-Date: 2004-03-22 18:34+0100\n" ++"PO-Revision-Date: 2005-09-28 19:22-0700\n" ++"Last-Translator: Daniel Nylander <po@danielnylander.se>\n" ++"Language-Team: Swedish <sv@li.org>\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=iso-8859-1\n" ++"Content-Transfer-Encoding: 8bit" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "Which services should be restarted to make them use the new libraries?" ++msgstr "Vilka tjänster ska startas om för att få dom att använda de nya biblioteken?" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Security holes were fixed with this release. Services may not use these " ++"fixes until they are restarted. Note: restarting sshd should not affect any " ++"existing connections." ++msgstr "" ++"Säkerhetshålen fixades i denna versionen. Tjänster kommer inte att använda denna version förrän de har startats om. Notera: startar du om sshd kommer inte fixen aktiveras för redan etablerade anslutningar." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Following is a list of detected services that need to be restarted. Please " ++"correct the list, if you think it is incorrect. The services names must be " ++"identical to the script names in /etc/init.d and must be separated by " ++"spaces. If you clear the list, no services will be restarted." ++msgstr "" ++"Följande är en lista på upptäcka tjänster som behöver startas om. Vänligen undersök listan och du tror den är felaktig. Namnen på tjänsterna måste vara identiska som skriptnamnen i /etc/init.d och måste separeras med mellanslag. Om du rensar listan kommer inga tjänster att startas om." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"If other services begin to fail mysteriously after this upgrade, it may be " ++"necessary to restart them too. We strongly recommend you to reboot your " ++"machine to avoid the SSL related trouble." ++msgstr "" ++"Om andra tjänster börjar att få underliga problem efter denna uppgradering kanske de måste startas om också. Vi rekommenderar att du startar om din maskin för att inte få SSL-relaterade problem." ++ +--- openssl097-0.9.7g.orig/debian/po/templates.pot ++++ openssl097-0.9.7g/debian/po/templates.pot +@@ -0,0 +1,59 @@ ++# ++# Translators, if you are not familiar with the PO format, gettext ++# documentation is worth reading, especially sections dedicated to ++# this format, e.g. by running: ++# info -n '(gettext)PO Files' ++# info -n '(gettext)Header Entry' ++# ++# Some information specific to po-debconf are available at ++# /usr/share/doc/po-debconf/README-trans ++# or http://www.debian.org/intl/l10n/po-debconf/README-trans ++# ++# Developers do not need to manually edit POT or PO files. ++# ++#, fuzzy ++msgid "" ++msgstr "" ++"Project-Id-Version: PACKAGE VERSION\n" ++"Report-Msgid-Bugs-To: \n" ++"POT-Creation-Date: 2004-03-22 18:34+0100\n" ++"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" ++"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" ++"Language-Team: LANGUAGE <LL@li.org>\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=CHARSET\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "Which services should be restarted to make them use the new libraries?" ++msgstr "" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Security holes were fixed with this release. Services may not use these " ++"fixes until they are restarted. Note: restarting sshd should not affect any " ++"existing connections." ++msgstr "" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Following is a list of detected services that need to be restarted. Please " ++"correct the list, if you think it is incorrect. The services names must be " ++"identical to the script names in /etc/init.d and must be separated by " ++"spaces. If you clear the list, no services will be restarted." ++msgstr "" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"If other services begin to fail mysteriously after this upgrade, it may be " ++"necessary to restart them too. We strongly recommend you to reboot your " ++"machine to avoid the SSL related trouble." ++msgstr "" +--- openssl097-0.9.7g.orig/debian/po/ca.po ++++ openssl097-0.9.7g/debian/po/ca.po +@@ -0,0 +1,59 @@ ++# openssl (debconf) translation to Catalan. ++# Copyright (C) 2004 Free Software Foundation, Inc. ++# Aleix Badia i Bosch <abadia@ica.es>, 2004 ++msgid "" ++msgstr "" ++"Project-Id-Version: openssl_0.9.7d-1_templates\n" ++"Report-Msgid-Bugs-To: \n" ++"POT-Creation-Date: 2004-03-22 18:34+0100\n" ++"PO-Revision-Date: 2004-04-08 19:46GMT\n" ++"Last-Translator: Aleix Badia i Bosch <abadia@ica.es>\n" ++"Language-Team: Catalan <debian-l10n-catalan@lists.debian.org>\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=UTF-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "Which services should be restarted to make them use the new libraries?" ++msgstr "" ++"Quina serveis s'han de reiniciar perquè utilitzin les noves biblioteques?" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Security holes were fixed with this release. Services may not use these " ++"fixes until they are restarted. Note: restarting sshd should not affect any " ++"existing connections." ++msgstr "" ++"Aquesta versió resol els errors de seguretat. Els serveis no utilitzaran les " ++"correccions fins que no s'hagin reiniciat. Nota: reiniciant l'sshd no " ++"s'afectarà cap connexió existent." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Following is a list of detected services that need to be restarted. Please " ++"correct the list, if you think it is incorrect. The services names must be " ++"identical to the script names in /etc/init.d and must be separated by " ++"spaces. If you clear the list, no services will be restarted." ++msgstr "" ++"És una llista de serveis que s'ha detectat que s'haurien de reiniciar, " ++"corregiu-la si és incorrecta. El nom dels serveis hauria de ser idèntic als " ++"noms de les seqüències del directori /etc/init.d i haurien d'estar separats " ++"per espais. Si suprimiu la llista no es reiniciarà cap servei." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"If other services begin to fail mysteriously after this upgrade, it may be " ++"necessary to restart them too. We strongly recommend you to reboot your " ++"machine to avoid the SSL related trouble." ++msgstr "" ++"Si després de l'actualització d'altres serveis fallen de forma inexplicable, " ++"probablement també sigui necessari reiniciar-los. Us recomanem que per " ++"evitar els problemes relacionats amb l'SSL reinicieu l'ordinador." +--- openssl097-0.9.7g.orig/debian/po/da.po ++++ openssl097-0.9.7g/debian/po/da.po +@@ -0,0 +1,70 @@ ++# translation of openssl_0.9.7d-1_templates.po to Danish ++# ++# Translators, if you are not familiar with the PO format, gettext ++# documentation is worth reading, especially sections dedicated to ++# this format, e.g. by running: ++# info -n '(gettext)PO Files' ++# info -n '(gettext)Header Entry' ++# Some information specific to po-debconf are available at ++# /usr/share/doc/po-debconf/README-trans ++# or http://www.debian.org/intl/l10n/po-debconf/README-trans# ++# Developers do not need to manually edit POT or PO files. ++# Claus Hindsgaul <claus_h@image.dk>, 2004. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openssl_0.9.7d-1_templates\n" ++"Report-Msgid-Bugs-To: \n" ++"POT-Creation-Date: 2004-03-22 18:34+0100\n" ++"PO-Revision-Date: 2004-04-02 16:08+0200\n" ++"Last-Translator: Claus Hindsgaul <claus_h@image.dk>\n" ++"Language-Team: Danish <dansk@klid.dk>\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=ISO-8859-1\n" ++"Content-Transfer-Encoding: 8bit\n" ++"X-Generator: KBabel 1.3.1\n" ++"Plural-Forms: nplurals=2; plural=(n != 1);\n" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "Which services should be restarted to make them use the new libraries?" ++msgstr "Hvilke services skal genstartes, så de benytter de nye biblioteker?" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Security holes were fixed with this release. Services may not use these " ++"fixes until they are restarted. Note: restarting sshd should not affect any " ++"existing connections." ++msgstr "" ++"Der lukket nogle sikkerhedshuller i denne version af openssl. Disse huller " ++"bliver ikke lukket i dine services før de er blevet genstartet. Bemærk at " ++"det ikke vil påvirke eksisterende forbindelser at genstarte ssh." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Following is a list of detected services that need to be restarted. Please " ++"correct the list, if you think it is incorrect. The services names must be " ++"identical to the script names in /etc/init.d and must be separated by " ++"spaces. If you clear the list, no services will be restarted." ++msgstr "" ++"Herunder ser du en liste over fundne services, som bør genstartes. Ret " ++"listen, hvis du mener at den ikke er korrekt. Servicenavnene skal være " ++"identiske med skriptnavnene i /etc/init.d, og skal adskilles med mellemrum. " ++"Hvis du sletter listen, vil ingen services blive genstartet." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"If other services begin to fail mysteriously after this upgrade, it may be " ++"necessary to restart them too. We strongly recommend you to reboot your " ++"machine to avoid the SSL related trouble." ++msgstr "" ++"Hvis andre services begynder at fejle på mystisk vis efter denne " ++"opgradering, kan det være nødvendigt også at genstarte disse. Vi anbefaler " ++"dig kraftigt at genstarte din maskine for at undgå SSL-relaterede problemer." +--- openssl097-0.9.7g.orig/debian/po/cs.po ++++ openssl097-0.9.7g/debian/po/cs.po +@@ -0,0 +1,68 @@ ++# ++# Translators, if you are not familiar with the PO format, gettext ++# documentation is worth reading, especially sections dedicated to ++# this format, e.g. by running: ++# info -n '(gettext)PO Files' ++# info -n '(gettext)Header Entry' ++# ++# Some information specific to po-debconf are available at ++# /usr/share/doc/po-debconf/README-trans ++# or http://www.debian.org/intl/l10n/po-debconf/README-trans ++# ++# Developers do not need to manually edit POT or PO files. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openssl\n" ++"Report-Msgid-Bugs-To: \n" ++"POT-Creation-Date: 2004-03-22 18:34+0100\n" ++"PO-Revision-Date: 2004-09-26 17:40+0200\n" ++"Last-Translator: Miroslav Kure <kurem@debian.cz>\n" ++"Language-Team: Czech <provoz@debian.cz>\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=ISO-8859-2\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "Which services should be restarted to make them use the new libraries?" ++msgstr "Které slu¾by se mají restartovat, aby zaèaly vyu¾ívat nové knihovny?" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Security holes were fixed with this release. Services may not use these " ++"fixes until they are restarted. Note: restarting sshd should not affect any " ++"existing connections." ++msgstr "" ++"V této verzi balíku byly opraveny bezbeènostní chyby. Tyto opravy se v " ++"programech projeví a¾ po jejich restartu. Poznámka: restart sshd by nemìl " ++"ovlivnit stávající spojení." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Following is a list of detected services that need to be restarted. Please " ++"correct the list, if you think it is incorrect. The services names must be " ++"identical to the script names in /etc/init.d and must be separated by " ++"spaces. If you clear the list, no services will be restarted." ++msgstr "" ++"Následuje seznam rozpoznaných slu¾eb, které je tøeba restartovat. Pokud se " ++"vám zdá, ¾e je tento seznam chybný, mù¾ete jej opravit. Názvy slu¾eb musí " ++"být shodné s názvy skriptù v adresáøi /etc/init.d a musí být oddìleny " ++"mezerami. Pokud seznam vyma¾ete, nebude restartována ¾ádná slu¾ba." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"If other services begin to fail mysteriously after this upgrade, it may be " ++"necessary to restart them too. We strongly recommend you to reboot your " ++"machine to avoid the SSL related trouble." ++msgstr "" ++"Jestli¾e po této aktualizaci zaènou selhávat nìkteré slu¾by, mo¾ná bude " ++"nutné je takté¾ restartovat. Abyste se vyhnuli problémùm spojených se SSL, " ++"doporuèujeme restartovat celý poèítaè." +--- openssl097-0.9.7g.orig/debian/po/pt_BR.po ++++ openssl097-0.9.7g/debian/po/pt_BR.po +@@ -0,0 +1,69 @@ ++# ++# Translators, if you are not familiar with the PO format, gettext ++# documentation is worth reading, especially sections dedicated to ++# this format, e.g. by running: ++# info -n '(gettext)PO Files' ++# info -n '(gettext)Header Entry' ++# ++# Some information specific to po-debconf are available at ++# /usr/share/doc/po-debconf/README-trans ++# or http://www.debian.org/intl/l10n/po-debconf/README-trans ++# ++# Developers do not need to manually edit POT or PO files. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openssl\n" ++"Report-Msgid-Bugs-To: \n" ++"POT-Creation-Date: 2004-03-22 18:34+0100\n" ++"PO-Revision-Date: 2004-04-04 15:21-0300\n" ++"Last-Translator: André Luís Lopes <andrelop@debian.org>\n" ++"Language-Team: Debian-BR Project <debian-l10n-portuguese@lists.debian.org>\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=ISO-8859-1\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "Which services should be restarted to make them use the new libraries?" ++msgstr "Quais serviços devem ser reiniciados para utilizar novas bibliotecas ?" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Security holes were fixed with this release. Services may not use these " ++"fixes until they are restarted. Note: restarting sshd should not affect any " ++"existing connections." ++msgstr "" ++"Falhas de segurança foram corrigidas nesta versão. Alguns serviços podem não " ++"utilizar estas correções até que sejam reiniciados. Note : reiniciar o sshd " ++"não afetará nenhuma conexão já estabelecida." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Following is a list of detected services that need to be restarted. Please " ++"correct the list, if you think it is incorrect. The services names must be " ++"identical to the script names in /etc/init.d and must be separated by " ++"spaces. If you clear the list, no services will be restarted." ++msgstr "" ++"A seguir será exibida uma lista de serviços que foram detectados e que " ++"precisam ser reiniciados. Por favor, corrija a lista caso você tenha certeza " ++"que ela esteja incorreta. Os nomes dos serviços devem ser idênticos aos " ++"nomes dos scripts sob o diretório /etc/init.d e devem estar separados por " ++"espaços. Caso você esvazie a lista, nenhum serviço será reiniciado." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"If other services begin to fail mysteriously after this upgrade, it may be " ++"necessary to restart them too. We strongly recommend you to reboot your " ++"machine to avoid the SSL related trouble." ++msgstr "" ++"Caso outros serviços comecem a falhar misteriosamente após esta atualização, " ++"pode ser necessário reiniciá-los também. Recomendados fortemente que você " ++"reinicie sua máquina para evitar problemas relacionados a SSL." +--- openssl097-0.9.7g.orig/debian/po/es.po ++++ openssl097-0.9.7g/debian/po/es.po +@@ -0,0 +1,85 @@ ++# openssl translation to spanish ++# Copyright (C) 2004 Software in the Public Interest ++# This file is distributed under the same license as the openssl package. ++# ++# Changes: ++# - Initial translation ++# Lucas Wall <kthulhu@kadath.com.ar>, 2004 ++# ++# ++# Traductores, si no conoce el formato PO, merece la pena leer la ++# documentación de gettext, especialmente las secciones dedicadas a este ++# formato, por ejemplo ejecutando: ++# info -n '(gettext)PO Files' ++# info -n '(gettext)Header Entry' ++# ++# Equipo de traducción al español, por favor lean antes de traducir ++# los siguientes documentos: ++# ++# - El proyecto de traducción de Debian al español ++# http://www.debian.org/intl/spanish/coordinacion ++# especialmente las notas de traducción en ++# http://www.debian.org/intl/spanish/notas ++# ++# - La guía de traducción de po's de debconf: ++# /usr/share/doc/po-debconf/README-trans ++# o http://www.debian.org/intl/l10n/po-debconf/README-trans ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openssl 0.9.7d-3\n" ++"Report-Msgid-Bugs-To: \n" ++"POT-Creation-Date: 2004-03-22 18:34+0100\n" ++"PO-Revision-Date: 2004-06-12 15:23-0300\n" ++"Last-Translator: Lucas Wall <kthulhu@kadath.com.ar>\n" ++"Language-Team: Debian Spanish <debian-l10n-spanish@lists.debian.org>\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=ISO-8859-15\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "Which services should be restarted to make them use the new libraries?" ++msgstr "" ++"¿Qué servicios desea reiniciar para que utilicen las nuevas bibliotecas?" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Security holes were fixed with this release. Services may not use these " ++"fixes until they are restarted. Note: restarting sshd should not affect any " ++"existing connections." ++msgstr "" ++"En esta versión se han solucionado problemas de seguridad. Los servicios " ++"afectados no gozarán de los arreglos hasta que no se hayan reiniciado. Nota: " ++"reiniciar el servicio «sshd» no afectará ninguna de las conexiones " ++"existentes." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Following is a list of detected services that need to be restarted. Please " ++"correct the list, if you think it is incorrect. The services names must be " ++"identical to the script names in /etc/init.d and must be separated by " ++"spaces. If you clear the list, no services will be restarted." ++msgstr "" ++"Una lista de los servicios que deben ser reiniciados se presenta a " ++"continuación. Si cree que no es correcta haga los ajustes necesarios. Los " ++"nombres de los servicios deben ser iguales a los nombres de los ficheros en " ++"«/etc/init.d» y debe estar separados por espacios. Ningún servicio será " ++"reiniciado si deja la lista en blanco." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"If other services begin to fail mysteriously after this upgrade, it may be " ++"necessary to restart them too. We strongly recommend you to reboot your " ++"machine to avoid the SSL related trouble." ++msgstr "" ++"Si, tras esta actualización, otros servicios comienzan a fallar en forma " ++"misteriosa puede ser necesario reiniciarlos también. Para evitar problemas " ++"relacionados con «SSL» se le recomienda reiniciar su sistema." +--- openssl097-0.9.7g.orig/debian/po/fr.po ++++ openssl097-0.9.7g/debian/po/fr.po +@@ -0,0 +1,69 @@ ++# ++# Translators, if you are not familiar with the PO format, gettext ++# documentation is worth reading, especially sections dedicated to ++# this format, e.g. by running: ++# info -n '(gettext)PO Files' ++# info -n '(gettext)Header Entry' ++# Some information specific to po-debconf are available at ++# /usr/share/doc/po-debconf/README-trans ++# or http://www.debian.org/intl/l10n/po-debconf/README-trans# ++# Developers do not need to manually edit POT or PO files. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openssl_0.9.7c-5\n" ++"Report-Msgid-Bugs-To: \n" ++"POT-Creation-Date: 2004-03-22 18:34+0100\n" ++"PO-Revision-Date: 2003-10-22 21:37+0200\n" ++"Last-Translator: Michel Grentzinger <mic.grentz@online.fr>\n" ++"Language-Team: French <debian-l10n-french@lists.debian.org>\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=ISO-8859-15\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "Which services should be restarted to make them use the new libraries?" ++msgstr "Services à redémarrer afin d'utiliser les nouvelles bibliothèques" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Security holes were fixed with this release. Services may not use these " ++"fixes until they are restarted. Note: restarting sshd should not affect any " ++"existing connections." ++msgstr "" ++"Des failles de sécurité on été corrigées dans cette version. Les services ne " ++"devraient pas utiliser ces correctifs tant qu'ils n'auront pas été " ++"redémarrés. Note : le redémarrage de sshd n'affectera aucune connexion " ++"existante." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Following is a list of detected services that need to be restarted. Please " ++"correct the list, if you think it is incorrect. The services names must be " ++"identical to the script names in /etc/init.d and must be separated by " ++"spaces. If you clear the list, no services will be restarted." ++msgstr "" ++"La liste suivante recense tous les services devant être redémarrés. Veuillez " ++"corriger la liste si vous pensez qu'elle contient des erreurs. Les noms des " ++"services doivent être identiques aux noms des scripts présents dans /etc/" ++"init.d et doivent être séparés par des espaces. Si vous effacez la liste, " ++"aucun service ne sera redémarré." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"If other services begin to fail mysteriously after this upgrade, it may be " ++"necessary to restart them too. We strongly recommend you to reboot your " ++"machine to avoid the SSL related trouble." ++msgstr "" ++"Si d'autres services ne fonctionnent plus correctement après cette mise à " ++"jour, il est sans doute nécessaire de les redémarrer de la même façon. Il " ++"est fortement recommandé de redémarrer votre machine pour éviter les " ++"problèmes liés à SSL." +--- openssl097-0.9.7g.orig/debian/po/nl.po ++++ openssl097-0.9.7g/debian/po/nl.po +@@ -0,0 +1,71 @@ ++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++#
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++# Developers do not need to manually edit POT or PO files.
++#
++msgid "" ++msgstr "" ++"Project-Id-Version: openssl 0.9.7d-5\n" ++"Report-Msgid-Bugs-To: \n" ++"POT-Creation-Date: 2004-03-22 18:34+0100\n" ++"PO-Revision-Date: 2004-08-01 18:31+0100\n" ++"Last-Translator: Luk Claes <luk.claes@ugent.be>\n" ++"Language-Team: Debian l10n Dutch <debian-l10n-dutch@lists.debian.org>\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=iso-8859-1\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "Which services should be restarted to make them use the new libraries?" ++msgstr "" ++"Welke diensten moeten herstart worden om ze de nieuwe bibliotheken te laten " ++"gebruiken?" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Security holes were fixed with this release. Services may not use these " ++"fixes until they are restarted. Note: restarting sshd should not affect any " ++"existing connections." ++msgstr "" ++"Er zijn veiligheidslekken gedicht in deze release. Diensten gebruiken deze " ++"versie misschien niet totdat ze herstart zijn. Merk op: sshd herstarten zou " ++"geen effect mogen hebben op bestaande verbindingen." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Following is a list of detected services that need to be restarted. Please " ++"correct the list, if you think it is incorrect. The services names must be " ++"identical to the script names in /etc/init.d and must be separated by " ++"spaces. If you clear the list, no services will be restarted." ++msgstr "" ++"Hierna volgt een lijst van gedetecteerde diensten die herstart moeten " ++"worden. Verbeter de lijst, als u denkt dat ze incorrect is. De namen moeten " ++"overeenkomen met de script-namen in /etc/init.d en moeten gescheiden worden " ++"door spaties. Als u de lijst ledigt, dan zullen er geen diensten worden " ++"herstart." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"If other services begin to fail mysteriously after this upgrade, it may be " ++"necessary to restart them too. We strongly recommend you to reboot your " ++"machine to avoid the SSL related trouble." ++msgstr "" ++"Als er andere diensten mysterieus beginnen te falen na deze opwaardering, " ++"kan het nodig zijn om ze ook te herstarten. Er wordt u ten zeerste " ++"aanbevolen uw machine te herstarten om SSL-gerelateerde problemen te " ++"vermijden." +--- openssl097-0.9.7g.orig/debian/po/ja.po ++++ openssl097-0.9.7g/debian/po/ja.po +@@ -0,0 +1,69 @@ ++# ++# Translators, if you are not familiar with the PO format, gettext ++# documentation is worth reading, especially sections dedicated to ++# this format, e.g. by running: ++# info -n '(gettext)PO Files' ++# info -n '(gettext)Header Entry' ++# ++# Some information specific to po-debconf are available at ++# /usr/share/doc/po-debconf/README-trans ++# or http://www.debian.org/intl/l10n/po-debconf/README-trans ++# ++# Developers do not need to manually edit POT or PO files. ++# ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openssl 0.9.7d-1\n" ++"Report-Msgid-Bugs-To: \n" ++"POT-Creation-Date: 2004-03-22 18:34+0100\n" ++"PO-Revision-Date: 2004-03-24 23:41+0900\n" ++"Last-Translator: Hideki Yamane <henrich@samba.gr.jp>\n" ++"Language-Team: Japanese <debian-japanese@lists.debian.org>\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=EUC-JP\n" ++"Content-Transfer-Encoding: 8bit\n" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "Which services should be restarted to make them use the new libraries?" ++msgstr "¤É¤Î¥µ¡¼¥Ó¥¹¤ò¿·¤·¤¤¥é¥¤¥Ö¥é¥ê¤ò»È¤¦¤¿¤á¤ËºÆµ¯Æ°¤·¤Þ¤¹¤«?" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Security holes were fixed with this release. Services may not use these " ++"fixes until they are restarted. Note: restarting sshd should not affect any " ++"existing connections." ++msgstr "" ++"º£²ó¤Î¥ê¥ê¡¼¥¹¤Ç¥»¥¥å¥ê¥Æ¥£¥Û¡¼¥ë¤¬½¤Àµ¤µ¤ì¤Þ¤·¤¿¡£³Æ¥µ¡¼¥Ó¥¹¤ÏºÆµ¯Æ°¤ò¹Ô¤¦" ++"¤Þ¤Ç¤³¤Î½¤Àµ¤µ¤ì¤¿¥é¥¤¥Ö¥é¥ê¤òÍøÍѤ·¤Þ¤»¤ó¡£Ãí°Õ: sshd ¤ÎºÆµ¯Æ°¤Ï¸½¾õ¤ÎÀܳ¤Ë" ++"¤Ï²¿¤é±Æ¶Á¤·¤Þ¤»¤ó¡£" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Following is a list of detected services that need to be restarted. Please " ++"correct the list, if you think it is incorrect. The services names must be " ++"identical to the script names in /etc/init.d and must be separated by " ++"spaces. If you clear the list, no services will be restarted." ++msgstr "" ++"°Ê²¼¤¬ºÆµ¯Æ°¤¬É¬ÍפÀ¤ÈȽÃǤµ¤ì¤¿¥µ¡¼¥Ó¥¹¤Î¥ê¥¹¥È¤Ç¤¹¡£´Ö°ã¤Ã¤Æ¤¤¤ë¤È»×¤Ã¤¿¤é" ++"½¤Àµ¤·¤Æ¤¯¤À¤µ¤¤¡£¥µ¡¼¥Ó¥¹Ì¾¤Ï /etc/init.d ¤Ë¤¢¤ë¥¹¥¯¥ê¥×¥È¤Î̾Á°¤ò»Ø¤·¡¢¶õÇò" ++"¤Ç¶èÀÚ¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£¥ê¥¹¥È¤¬¶õ¤Î¾ì¹ç¤Ï¡¢¥µ¡¼¥Ó¥¹¤ÎºÆµ¯Æ°¤ÏɬÍפ¢¤ê¤Þ¤»" ++"¤ó¡£" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"If other services begin to fail mysteriously after this upgrade, it may be " ++"necessary to restart them too. We strongly recommend you to reboot your " ++"machine to avoid the SSL related trouble." ++msgstr "" ++"¾¤Î¥µ¡¼¥Ó¥¹¤¬¤³¤³¤Ç¤Î¥¢¥Ã¥×¥°¥ì¡¼¥É¤Î¸å¤Ë²¿¸Î¤«¥¨¥é¡¼¤òµ¯¤³¤·»Ï¤á¤¿¾ì¹ç¡¢¤½" ++"¤ì¤é¤âºÆµ¯Æ°¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£SSL ´ØÏ¢¤Î¥È¥é¥Ö¥ë¤òÈò¤±¤ë¤¿¤á¤Ë¥Þ¥·¥ó¤òºÆµ¯" ++"Æ°¤¹¤ë¤Î¤ò¶¯¤¯¤ª´«¤á¤·¤Þ¤¹¡£" +--- openssl097-0.9.7g.orig/debian/po/POTFILES.in ++++ openssl097-0.9.7g/debian/po/POTFILES.in +@@ -0,0 +1 @@ ++[type: gettext/rfc822deb] libssl0.9.7.templates +--- openssl097-0.9.7g.orig/debian/po/vi.po ++++ openssl097-0.9.7g/debian/po/vi.po +@@ -0,0 +1,61 @@ ++# Vietnamese translation for openssl. ++# Copyright © 2005 Free Software Foundation, Inc. ++# Clytie Siddall <clytie@riverland.net.au>, 2005. ++# ++msgid "" ++msgstr "" ++"Project-Id-Version: openssl 0.9.7g-1\n" ++"Report-Msgid-Bugs-To: \n" ++"POT-Creation-Date: 2004-03-22 18:34+0100\n" ++"PO-Revision-Date: 2005-07-03 12:49+0930\n" ++"Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n" ++"Language-Team: Vietnamese <gnomevi-list@lists.sourceforge.net>\n" ++"MIME-Version: 1.0\n" ++"Content-Type: text/plain; charset=utf-8\n" ++"Content-Transfer-Encoding: 8bit\n" ++"Plural-Forms: nplurals=1; plural=0\n" ++"X-Generator: LocFactoryEditor 1.2.2\n" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "Which services should be restarted to make them use the new libraries?" ++msgstr "Äể dùng những thÆ° viên má»›i, cần phải khởi chạy lại dịch vụ nà o?" ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Security holes were fixed with this release. Services may not use these " ++"fixes until they are restarted. Note: restarting sshd should not affect any " ++"existing connections." ++msgstr "" ++"Phiên bản phát hà nh nà y đã sá»a má»™t số lá»— hổng bảo máºt rồi. Dịch vụ sẽ dùng " ++"mã đã sá»a chỉ sau khi khởi chạy lại thôi. Ghi chú: khởi chạy lại sshd nên " ++"không là m ảnh hưởng đến sá»± kết nối hiện thá»i nà o." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"Following is a list of detected services that need to be restarted. Please " ++"correct the list, if you think it is incorrect. The services names must be " ++"identical to the script names in /etc/init.d and must be separated by " ++"spaces. If you clear the list, no services will be restarted." ++msgstr "" ++"Theo đây có má»™t danh sách dịch vụ đã phát hiện mà cần phải khởi chạy lại. " ++"Bạn hãy sá»a danh sách nếu chÆ°a đúng. Tên dịch vụ phải là cùng má»™t tên vá»›i " ++"tên táºp lệnh trong «/etc/init.d», những tên định giá»›i bằng dấu cách. Nếu bạn " ++"xóa hết danh sách thì sẽ không khởi chạy lại dịch vụ nà o." ++ ++#. Type: string ++#. Description ++#: ../libssl0.9.7.templates:3 ++msgid "" ++"If other services begin to fail mysteriously after this upgrade, it may be " ++"necessary to restart them too. We strongly recommend you to reboot your " ++"machine to avoid the SSL related trouble." ++msgstr "" ++"Nếu dịch vụ khác má»›i bị lá»—i má»™t cách lạ sau việc nâng cấp nà y, có lẽ bạn " ++"cÅ©ng cần phải khởi chạy lại chúng. Khuyến khÃch nặng bạn khởi Ä‘á»™ng máy nà y " ++"để tránh lá»—i liên quan đến SSL." +--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.docs ++++ openssl097-0.9.7g/debian/libssl0.9.7-dev.docs +@@ -0,0 +1 @@ ++demos +--- openssl097-0.9.7g.orig/debian/control ++++ openssl097-0.9.7g/debian/control +@@ -0,0 +1,27 @@ ++Source: openssl097 ++Build-Depends: debhelper (>= 4.2.0), binutils (>= 2.14.90.0.7), zlib1g-dev ++Section: utils ++Priority: optional ++Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org> ++Uploaders: Christoph Martin <christoph.martin@uni-mainz.de>, Kurt Roeckx <kurt@roeckx.be> ++Standards-Version: 3.6.1 ++ ++Package: libssl0.9.7 ++Section: oldlibs ++Priority: important ++Architecture: any ++Depends: ${shlibs:Depends}, ${misc:Depends} ++Conflicts: ssleay (<< 0.9.2b), libssl, openssl (<< 0.9.6-2), libssl096-dev (<< 0.9.6-2) ++Description: SSL shared libraries ++ libssl and libcrypto shared libraries needed by programs like ++ apache-ssl, telnet-ssl and openssh. ++ . ++ It is part of the OpenSSL implementation of SSL. ++ ++Package: libssl0.9.7-dbg ++Section: libdevel ++Priority: extra ++Architecture: any ++Depends: libssl0.9.7 (= ${Source-Version}) ++Description: Symbol tables for libssl and libcrypt ++ This package is part of the OpenSSL implementation of SSL. +--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.prerm ++++ openssl097-0.9.7g/debian/libssl0.9.7-dev.prerm +@@ -0,0 +1,3 @@ ++#!/bin/sh -e ++ ++#DEBHELPER# +--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.postinst ++++ openssl097-0.9.7g/debian/libssl0.9.7-dev.postinst +@@ -0,0 +1,3 @@ ++#!/bin/sh -e ++ ++#DEBHELPER# +--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.files ++++ openssl097-0.9.7g/debian/libssl0.9.7-dev.files +@@ -0,0 +1,9 @@ ++usr/lib/libssl.so ++usr/lib/libcrypto.so ++usr/lib/libssl.a ++usr/lib/libcrypto.a ++usr/lib/libssl_pic.a ++usr/lib/libcrypto_pic.a ++usr/lib/pkgconfig/openssl.pc ++usr/include ++usr/share/man/man3 +--- openssl097-0.9.7g.orig/debian/libssl0.9.7.templates ++++ openssl097-0.9.7g/debian/libssl0.9.7.templates +@@ -0,0 +1,15 @@ ++Template: libssl0.9.7/restart-services ++Type: string ++_Description: Which services should be restarted to make them use the new libraries? ++ Security holes were fixed with this release. Services may not use these ++ fixes until they are restarted. Note: restarting sshd should not affect any ++ existing connections. ++ . ++ Following is a list of detected services that need to be restarted. Please ++ correct the list, if you think it is incorrect. The services names must be ++ identical to the script names in /etc/init.d and must be separated by ++ spaces. If you clear the list, no services will be restarted. ++ . ++ If other services begin to fail mysteriously after this upgrade, it may be ++ necessary to restart them too. We strongly recommend you to reboot your ++ machine to avoid the SSL related trouble. +--- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.dirs ++++ openssl097-0.9.7g/debian/libssl0.9.7-dev.dirs +@@ -0,0 +1,3 @@ ++usr/lib ++usr/share/doc/libssl0.9.7-dev ++usr/share/man +--- openssl097-0.9.7g.orig/debian/README.optimization ++++ openssl097-0.9.7g/debian/README.optimization +@@ -0,0 +1,32 @@ ++openssl ships optimized libraries for some cpus. The loading of these ++libraries depends on the ability of the dynamic linker to automaticly ++search additional directories depending on the cpu. If you want to ++find out which are these directories for your computer, run the ++following command: ++ ++LD_LIBRARY_PATH=/usr/lib strace true 2>&1 | fgrep "open(\"/usr/lib" ++ ++On a Pentium III this gives: ++ ++open("/usr/lib/i686/mmx/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) ++open("/usr/lib/i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) ++open("/usr/lib/mmx/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) ++open("/usr/lib/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) ++ ++Following is a list of cpus, library paths and possible optimizations: ++ ++486 /usr/lib/i486 -march=i486 -mcpu=i486 +asm ++Pentium /usr/lib/i586 -march=i586 -mcpu=i586 +asm ++Pentium MMX /usr/lib/i586 -march=i586 -mcpu=i586 +asm ++Pentium II /usr/lib/i686 -march=i686 -mcpu=i686 +asm ++Pentium III /usr/lib/i686 -march=i686 -mcpu=i686 +asm ++AMD-K6 /usr/lib/i586 -march=i586 -mcpu=i586 +asm ++AMD-K7 /usr/lib/i686 -march=i686 -mcpu=i686 +asm ++ ++Sparc v8 /usr/lib/v8 -mcpu=v8 +asm ++Sparc v9 /usr/lib/v9 -mcpu=v9 -Wa,-Av8plus +asm ++ ++Alpha EV4 /usr/lib/ev4 -mcpu=ev4 ++Alpha EV5 /usr/lib/ev5 -mcpu=ev5 ++ +++asm means that the handcrafted 586 assembler routines can be used. +--- openssl097-0.9.7g.orig/debian/libssl0.9.7.dirs ++++ openssl097-0.9.7g/debian/libssl0.9.7.dirs +@@ -0,0 +1,2 @@ ++usr/lib ++usr/share/doc/libssl0.9.7 +--- openssl097-0.9.7g.orig/debian/libssl0.9.7.files ++++ openssl097-0.9.7g/debian/libssl0.9.7.files +@@ -0,0 +1,3 @@ ++usr/lib/*.so.*.*.* ++usr/lib/*/*.so.*.*.* ++usr/lib/i686/cmov/*.so.*.*.* +--- openssl097-0.9.7g.orig/debian/changelog ++++ openssl097-0.9.7g/debian/changelog +@@ -0,0 +1,689 @@ ++openssl097 (0.9.7g-5) unstable; urgency=medium ++ ++ * Add the shlibs for libcrypto again, removed by accident. ++ * Change priority of -dbg package to extra. ++ * Remove the libssl0.9.7-dev package. ++ * Add security patch for CAN-2005-2969, setting urgency to medium. ++ ++ -- Kurt Roeckx <kurt@roeckx.be> Wed, 12 Oct 2005 21:07:19 +0200 ++ ++openssl097 (0.9.7g-4) unstable; urgency=low ++ ++ * Reintroduce openssl 0.9.7 source package to provide the old ++ library version. This should make packages linked against ++ the old version installable again. (Closes: #332892) ++ * Drop the openssl and libcrypto0.9.7-udeb package. ++ * Rename libssl-dev to libssl0.9.7-dev. ++ * Add myself to the Uploaders field. ++ ++ -- Kurt Roeckx <kurt@roeckx.be> Mon, 10 Oct 2005 18:38:30 +0200 ++ ++openssl (0.9.7g-3) unstable; urgency=low ++ ++ * change Configure line for debian-freebsd-i386 to debian-kfreebsd-i386 ++ (closes: #327692) ++ * include -dbg version. That implies compiling with -g and without ++ -fomit-frame-pointer (closes: #293823, #153811) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 23 Sep 2005 13:51:57 +0200 ++ ++openssl (0.9.7g-2) unstable; urgency=low ++ ++ * really include nl translation ++ * remove special ia64 code from rc4 code to make the abi compatible to ++ older 0.9.7 versions (closes: #310489, #309274) ++ * fix compile flag for debian-ppc64 (closes: #318750) ++ * small fix in libssl0.9.7.postinst (closes: #239956) ++ * fix pk7_mime.c to prevent garbled messages because of to early memory ++ free (closes: #310184) ++ * include vietnamese debconf translation (closes: #316689) ++ * make optimized i386 libraries have non executable stack (closes: ++ #321721) ++ * remove leftover files from ssleay ++ * move from dh_installmanpages to dh_installman ++ * change Maintainer to pkg-openssl-devel@lists.alioth.debian.org ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 7 Sep 2005 15:32:54 +0200 ++ ++openssl (0.9.7g-1) unstable; urgency=low ++ ++ * New upstream release ++ * Added support for proxy certificates according to RFC 3820. ++ Because they may be a security thread to unaware applications, ++ they must be explicitely allowed in run-time. See ++ docs/HOWTO/proxy_certificates.txt for further information. ++ * Prompt for pass phrases when appropriate for PKCS12 input format. ++ * Back-port of selected performance improvements from development ++ branch, as well as improved support for PowerPC platforms. ++ * Add lots of checks for memory allocation failure, error codes to indicate ++ failure and freeing up memory if a failure occurs. ++ * Perform some character comparisons of different types in X509_NAME_cmp: ++ this is needed for some certificates that reencode DNs into UTF8Strings ++ (in violation of RFC3280) and can't or wont issue name rollover ++ certificates. ++ * corrected watchfile ++ * added upstream source url (closes: #292904) ++ * fix typo in CA.pl.1 (closes: #290271) ++ * change debian-powerpc64 to debian-ppc64 and adapt the configure ++ options to be the same like upstream (closes: #289841) ++ * include -signcert option in CA.pl usage ++ * compile with zlib-dynamic to use system zlib (closes: #289872) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 9 May 2005 23:32:03 +0200 ++ ++openssl (0.9.7e-3) unstable; urgency=high ++ ++ * really fix der_chop. The fix from -1 was not really included (closes: ++ #281212) ++ * still fixes security problem CAN-2004-0975 etc. ++ - tempfile raise condition in der_chop ++ - Avoid a race condition when CRLs are checked in a multi threaded ++ environment. ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 16 Dec 2004 18:41:29 +0100 ++ ++openssl (0.9.7e-2) unstable; urgency=high ++ ++ * fix perl path in der_chop and c_rehash (closes: #281212) ++ * still fixes security problem CAN-2004-0975 etc. ++ - tempfile raise condition in der_chop ++ - Avoid a race condition when CRLs are checked in a multi threaded ++ environment. ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 14 Nov 2004 20:16:21 +0100 ++ ++openssl (0.9.7e-1) unstable; urgency=high ++ ++ * SECURITY UPDATE: fix insecure temporary file handling ++ * apps/der_chop: ++ - replaced $$-style creation of temporary files with ++ File::Temp::tempfile() ++ - removed unused temporary file name in do_certificate() ++ * References: ++ CAN-2004-0975 (closes: #278260) ++ * fix ASN1_STRING_to_UTF8 with UTF8 (closes: #260357) ++ * New upstream release with security fixes ++ - Avoid a race condition when CRLs are checked in a multi threaded ++ environment. ++ - Various fixes to s3_pkt.c so alerts are sent properly. ++ - Reduce the chances of duplicate issuer name and serial numbers (in ++ violation of RFC3280) using the OpenSSL certificate creation ++ utilities. ++ * depends openssl on perl-base instead of perl (closes: #280225) ++ * support powerpc64 in Configure (closes: #275224) ++ * include cs translation (closes: #273517) ++ * include nl translation (closes: #272479) ++ * Fix default dir of c_rehash (closes: #253126) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 12 Nov 2004 14:11:15 +0100 ++ ++openssl (0.9.7d-5) unstable; urgency=low ++ ++ * Make S/MIME encrypt work again (backport from CVS) (closes: #241407, ++ #241386) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 26 Jul 2004 17:22:42 +0200 ++ ++openssl (0.9.7d-4) unstable; urgency=low ++ ++ * add Catalan translation (closes: #248749) ++ * add Spanish translation (closes: #254561) ++ * include NMU fixes: see below ++ * decrease optimisation level for debian-arm to work around gcc bug ++ (closes: #253848) (thanks to Steve Langasek and Thom May) ++ * Add libcrypto0.9.7-udeb. (closes: #250010) (thanks to Bastian Blank) ++ * Add watchfile ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 14 Jul 2004 14:31:02 +0200 ++ ++openssl (0.9.7d-3) unstable; urgency=low ++ ++ * rename -pic.a libraries to _pic.a (closes: #250016) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 24 May 2004 17:02:29 +0200 ++ ++openssl (0.9.7d-2) unstable; urgency=low ++ ++ * include PIC libs (libcrypto-pic.a and libssl-pic.a) to libssl-dev ++ (closes: #246928, #243999) ++ * add racoon to restart list (closes: #242652) ++ * add Brazilian, Japanese and Danish translations (closes: #242087, ++ #241830, #241705) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 11 May 2004 10:13:49 +0200 ++ ++openssl (0.9.7d-1) unstable; urgency=high ++ ++ * new upstream ++ * fixes security holes (http://www.openssl.org/news/secadv_20040317.txt) ++ (closes: #238661) ++ * includes support for debian-amd64 (closes: #235551, #232310) ++ * fix typo in pem.pod (closes: #219873) ++ * fix typo in libssl0.9.7.templates (closes: #224690) ++ * openssl suggests ca-certificates (closes: #217180) ++ * change debconf template to gettext format (closes: #219013) ++ * include french debconf template (closes: #219014) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 18 Mar 2004 16:18:43 +0100 ++ ++openssl (0.9.7c-5) unstable; urgency=low ++ ++ * include openssl.pc into libssl-dev (closes: #212545) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 16 Oct 2003 16:31:32 +0200 ++ ++openssl (0.9.7c-4) unstable; urgency=low ++ ++ * change question to restart services to debconf (closes: #214840) ++ * stop using dh_undocumented (closes: #214831) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 10 Oct 2003 15:40:48 +0200 ++ ++openssl (0.9.7c-3) unstable; urgency=low ++ ++ * fix POSIX conformance for head in libssl0.9.7.postinst (closes: ++ #214700) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 8 Oct 2003 14:02:38 +0200 ++ ++openssl (0.9.7c-2) unstable; urgency=low ++ ++ * add filerc macro to libssl0.9.7.postinst (closes: #213906) ++ * restart spamassassins spamd on upgrade (closes: #214106) ++ * restart more services on upgrade ++ * fix EVP_BytesToKey manpage (closes: #213715) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 7 Oct 2003 15:01:32 +0200 ++ ++openssl (0.9.7c-1) unstable; urgency=high ++ ++ * upstream security fix (closes: #213451) ++ - Fix various bugs revealed by running the NISCC test suite: ++ Stop out of bounds reads in the ASN1 code when presented with ++ invalid tags (CAN-2003-0543 and CAN-2003-0544). ++ Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545). ++ If verify callback ignores invalid public key errors don't try to check ++ certificate signature with the NULL public key. ++ - In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate ++ if the server requested one: as stated in TLS 1.0 and SSL 3.0 ++ specifications. ++ * more minor upstream bugfixes ++ * fix formatting in c_issuer (closes: #190026) ++ * fix Debian-FreeBSD support (closes: #200381) ++ * restart some services in postinst to make them use the new libraries ++ * remove duplicated openssl.1, crypto.3 and ssl.3 (closes: #198594) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 1 Oct 2003 08:54:27 +0200 ++ ++openssl (0.9.7b-2) unstable; urgency=high ++ ++ * fix permission of /etc/ssl/private to 700 again ++ * change section of libssl-dev to libdevel ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 23 Apr 2003 11:13:24 +0200 ++ ++openssl (0.9.7b-1) unstable; urgency=high ++ ++ * upstream security fix ++ - Countermeasure against the Klima-Pokorny-Rosa extension of ++ Bleichbacher's attack on PKCS #1 v1.5 padding: treat ++ a protocol version number mismatch like a decryption error ++ in ssl3_get_client_key_exchange (ssl/s3_srvr.c). (CAN-2003-0131) ++ (closes: #189087) ++ - Turn on RSA blinding by default in the default implementation ++ to avoid a timing attack. Applications that don't want it can call ++ RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING. ++ They would be ill-advised to do so in most cases. (CAN-2003-0147) ++ - Change RSA blinding code so that it works when the PRNG is not ++ seeded (in this case, the secret RSA exponent is abused as ++ an unpredictable seed -- if it is not unpredictable, there ++ is no point in blinding anyway). Make RSA blinding thread-safe ++ by remembering the creator's thread ID in rsa->blinding and ++ having all other threads use local one-time blinding factors ++ (this requires more computation than sharing rsa->blinding, but ++ avoids excessive locking; and if an RSA object is not shared ++ between threads, blinding will still be very fast). ++ for more details see the CHANGES file ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 16 Apr 2003 10:32:57 +0200 ++ ++openssl (0.9.7a-1) unstable; urgency=high ++ ++ * upstream Security fix ++ - In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked ++ via timing by performing a MAC computation even if incorrrect ++ block cipher padding has been found. This is a countermeasure ++ against active attacks where the attacker has to distinguish ++ between bad padding and a MAC verification error. (CAN-2003-0078) ++ for more details see the CHANGES file ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 21 Feb 2003 22:39:40 +0100 ++ ++openssl (0.9.7-4) unstable; urgency=low ++ ++ * use DH_COMPAT=3 to build ++ * move i686 to i686/cmov to fix problems on Via C3. For that to work we ++ have to depend on the newest libc6 on i386 (closes: #177891) ++ * fix bug in ui_util.c (closes: #177615) ++ * fix typo in md5.h (closes: #178112) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 24 Jan 2003 10:22:56 +0100 ++ ++openssl (0.9.7-3) unstable; urgency=low ++ ++ * enable build of ultrasparc code on non ultrasparc machines (closes: ++ #177024) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 17 Jan 2003 08:22:13 +0100 ++ ++openssl (0.9.7-2) unstable; urgency=low ++ ++ * include changes between 0.9.6g-9 and -10 ++ * fix problem in build-process on i386 with libc6 version number ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 13 Jan 2003 14:26:56 +0100 ++ ++openssl (0.9.7-1) unstable; urgency=low ++ ++ * new upstream ++ * includes engine support ++ * a lot of bugfixes and enhancements, see the CHANGES file ++ * include AES encryption ++ * makes preview of certificate configurable (closes: #176059) ++ * fix x509 manpage (closes: #168070) ++ * fix declaration of ERR_load_PEM_string in pem.h (closes: #141360) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 11 Jan 2003 09:12:16 +0100 ++ ++openssl (0.9.6g-10) unstable; urgency=low ++ ++ * fix problem in build-process on i386 with libc6 version number ++ (closes: #167096) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 4 Nov 2002 12:27:21 +0100 ++ ++openssl (0.9.6g-9) unstable; urgency=low ++ ++ * fix typo in i386 libc6 depend (sigh) (closes: #163848) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 8 Oct 2002 23:29:20 +0200 ++ ++openssl (0.9.6g-8) unstable; urgency=low ++ ++ * fix libc6 depends. Only needed for i386 (closes: #163701) ++ * remove SHLIB section for bsds from Configure (closes: #163585) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 8 Oct 2002 10:57:35 +0200 ++ ++openssl (0.9.6g-7) unstable; urgency=low ++ ++ * enable i686 optimisation and depend on fixed glibc (closes: #163500) ++ * remove transition package ssleay ++ * include optimisation vor sparcv8 (closes: #139996) ++ * improve optimisation vor sparcv9 ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 6 Oct 2002 14:07:12 +0200 ++ ++openssl (0.9.6g-6) unstable; urgency=low ++ ++ * temporarily disable i686 optimisation (See bug in glibc #161788) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 21 Sep 2002 18:56:49 +0200 ++ ++openssl (0.9.6g-5) unstable; urgency=low ++ ++ * i486 can use i586 assembler ++ * include set -xe in the for loops in the rules files to make it abort ++ on error (closes: #161768) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 21 Sep 2002 16:23:11 +0200 ++ ++openssl (0.9.6g-4) unstable; urgency=low ++ ++ * fix optimization for alpha and sparc ++ * add optimization for i486 ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 20 Sep 2002 22:36:19 +0200 ++ ++openssl (0.9.6g-3) unstable; urgency=low ++ ++ * add optimized libraries for i586, i686, ev4, ev5 and v9 (closes: #139783) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 19 Sep 2002 18:33:04 +0200 ++ ++openssl (0.9.6g-2) unstable; urgency=low ++ ++ * fix manpage names (closes: #156717, #156718, #156719, #156721) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 15 Aug 2002 11:26:37 +0200 ++ ++openssl (0.9.6g-1) unstable; urgency=low ++ ++ * new upstream version ++ * Use proper error handling instead of 'assertions' in buffer ++ overflow checks added in 0.9.6e. This prevents DoS (the ++ assertions could call abort()). (closes: #155985, #156495) ++ * Fix ASN1 checks. Check for overflow by comparing with LONG_MAX ++ and get fix the header length calculation. ++ * include support for new sh* architectures (closes: #155117) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 14 Aug 2002 13:59:22 +0200 ++ ++openssl (0.9.6e-1) unstable; urgency=high ++ ++ * fixes remote exploits (see DSA-136-1) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 30 Jul 2002 18:32:28 +0200 ++ ++openssl (0.9.6d-1) unstable; urgency=low ++ ++ * new upstream (minor) version ++ * includes Configure lines for debian-*bsd-* (closes: #130413) ++ * fix wrong prototype for BN_pseudo_rand_range in BN_rand(3ssl) (closes: ++ #144586) ++ * fix typos in package description (closes: #141469) ++ * fix typo in SSL_CTX_set_cert_store manpage (closes: #135297) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 3 Jun 2002 19:42:10 +0200 ++ ++openssl (0.9.6c-2) unstable; urgency=low ++ ++ * moved from non-US to main ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 19 Mar 2002 14:48:39 +0100 ++ ++openssl (0.9.6c-1) unstable; urgency=low ++ ++ * new upstream version with a lot of bugfixes ++ * remove directory /usr/include/openssl from openssl package (closes: ++ bug #121226) ++ * remove selfdepends from libssl0.9.6 ++ * link openssl binary shared again ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 5 Jan 2002 19:04:31 +0100 ++ ++openssl (0.9.6b-4) unstable; urgency=low ++ ++ * build with -D_REENTRANT for threads support on all architectures ++ (closes: #112329, #119239) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 24 Nov 2001 12:17:51 +0100 ++ ++openssl (0.9.6b-3) unstable; urgency=low ++ ++ * disable idea, mdc2 and rc5 because they are not free (closes: #65368) ++ * ready to be moved from nonus to main ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 21 Nov 2001 17:51:41 +0100 ++ ++openssl (0.9.6b-2) unstable; urgency=high ++ ++ * fix definition of crypt in des.h (closes: #107533) ++ * fix descriptions (closes: #109503) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 17 Sep 2001 15:38:27 +0200 ++ ++openssl (0.9.6b-1) unstable; urgency=medium ++ ++ * new upstream fixes some security issues (closes: #105835, #100146) ++ * added support for s390 (closes: #105681) ++ * added support for sh (closes: #100003) ++ * change priority of libssl096 to standard as ssh depends on it (closes: ++ #105440) ++ * don't optimize for i486 to support i386. (closes: #104127, #82194) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 20 Jul 2001 15:52:42 +0200 ++ ++openssl (0.9.6a-3) unstable; urgency=medium ++ ++ * add perl-base to builddeps ++ * include static libraries in libssl-dev (closes: #93688) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 14 May 2001 20:16:06 +0200 ++ ++openssl (0.9.6a-2) unstable; urgency=medium ++ ++ * change Architecture of ssleay from any to all (closes: #92913) ++ * depend libssl-dev on the exact same version of libssl0.9.6 (closes: ++ #88939) ++ * remove lib{crypto,ssl}.a from openssl (closes: #93666) ++ * rebuild with newer gcc to fix atexit problem (closes: #94036) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 2 May 2001 12:28:39 +0200 ++ ++openssl (0.9.6a-1) unstable; urgency=medium ++ ++ * new upstream, fixes some security bugs (closes: #90584) ++ * fix typo in s_server manpage (closes: #89756) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 10 Apr 2001 12:13:11 +0200 ++ ++openssl (0.9.6-2) unstable; urgency=low ++ ++ * policy: reorganisation of package names: libssl096 -> libssl0.9.6, ++ libssl096-dev -> libssl-dev (closes: #83426) ++ * libssl0.9.6 drops replaces libssl09 (Closes: #83425) ++ * install upstream CHANGES files (Closes: #83430) ++ * added support for hppa and ia64 (Closes: #88790) ++ * move man3 manpages to libssl-dev (Closes: #87546) ++ * fix formating problem in rand_add(1) (Closes: #87547) ++ * remove manpage duplicates (Closes: #87545, #74986) ++ * make package descriptions clearer (Closes: #83518, #83444) ++ * increase default emailAddress_max from 40 to 60 (Closes: #67238) ++ * removed RSAREF warning (Closes: #84122) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 8 Mar 2001 14:24:00 +0100 ++ ++openssl (0.9.6-1) unstable; urgency=low ++ ++ * New upstream version (Thanks to Enrique Zanardi <ezanard@debian.org>) ++ (closes: #72388) ++ * Add support for debian-hurd (closes: #76032) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 13 Nov 2000 22:30:46 +0100 ++ ++openssl (0.9.5a-5) unstable; urgency=low ++ ++ * move manpages in standard directories with section ssl (closes: ++ #72152, #69809) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 5 Oct 2000 19:56:20 +0200 ++ ++openssl (0.9.5a-4) unstable; urgency=low ++ ++ * include edg_rand_bytes patch from and for apache-ssl ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 23 Sep 2000 16:48:06 +0200 ++ ++openssl (0.9.5a-3) unstable; urgency=low ++ ++ * fix call to dh_makeshlibs to create correct shlibs file and make ++ dependend programs link correctly (closes: Bug#61658) ++ * include a note in README.debian concerning the location of the ++ subcommand manpages (closes: Bug#69809) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 16 Sep 2000 19:10:50 +0200 ++ ++openssl (0.9.5a-2) unstable; urgency=low ++ ++ * try to fix the sharedlib problem. change soname of library ++ (closes: Bug#4622, #66102, #66538, #66123) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 12 Jul 2000 03:26:30 +0200 ++ ++openssl (0.9.5a-1) unstable; urgency=low ++ ++ * new upstream version (major changes see file NEWS) (closes: Bug#63976, ++ #65239, #65358) ++ * new library package libssl095a because of probably changed library ++ interface (closes: Bug#46222) ++ * added architecture mips and mipsel (closes: Bug#62437, #60366) ++ * provide shlibs.local file in build to help build if libraries are not ++ yet installed (closes: Bug#63984) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 11 Jun 2000 15:17:35 +0200 ++ ++openssl (0.9.4-5) frozen unstable; urgency=medium ++ ++ * cleanup of move of doc directories to /usr/share/doc (closes: ++ Bug#56430) ++ * lintian issues (closes: Bug#49358) ++ * move demos from openssl to libssl09-dev (closes: Bug#59201) ++ * move to debhelpers ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 11 Mar 2000 10:38:04 +0100 ++ ++openssl (0.9.4-4) unstable; urgency=medium ++ ++ * Added 'debian-arm' in 'Configure'. (closes: Bug#54251, #54766) ++ * Fixed Configure for 'debian-m68k' (closes: Bug#53636) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 15 Jan 2000 13:16:18 +0100 ++ ++openssl (0.9.4-3) unstable; urgency=low ++ ++ * define symbol SSLeay_add_ssl_algorithms for backward compatibility ++ (closes: Bug#46882) ++ * remove manpages from /usr/doc/openssl (closes: Bug#46791) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 14 Oct 1999 16:51:08 +0200 ++ ++openssl (0.9.4-2) unstable; urgency=low ++ ++ * include some more docu in pod format (Bug #43933) ++ * removed -mv8 from sparc flags (Bug #44769) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 14 Sep 1999 22:04:06 +0200 ++ ++openssl (0.9.4-1) unstable; urgency=low ++ ++ * new upstream version (Closes: #42926) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 28 Aug 1999 17:04:23 +0200 ++ ++openssl (0.9.3a-1) unstable; urgency=low ++ ++ * new upstream version (Bug #38345, #38627) ++ * sparc is big-endian (Bug #39973) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 7 Jul 1999 16:03:37 +0200 ++ ++openssl (0.9.2b-3) unstable; urgency=low ++ ++ * correct move conffiles to /etc/ssl (Bug #38570) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 31 May 1999 21:08:07 +0200 ++ ++openssl (0.9.2b-2) unstable; urgency=low ++ ++ * added convenience package ssleay to help upgrade to openssl (Bug ++ #37185, #37623, #36326) ++ * added some missing dependencies from libssl09 (Bug #36681, #35867, ++ #36326) ++ * move lib*.so to libssl09-dev (Bug #36761) ++ * corrected version numbers of library files ++ * introduce link from /usr/lib/ssl to /etc/ssl (Bug #36710) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 23 May 1999 14:57:48 +0200 ++ ++openssl (0.9.2b-1) unstable; urgency=medium ++ ++ * First openssl version ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 31 Mar 1999 15:54:26 +0200 ++ ++ssleay (0.9.0b-2) unstable; urgency=low ++ ++ * Include message about the (not)usage of RSAREF (#24409) ++ * Move configfiles from /usr/lib/ssl to /etc/ssl (#26406) ++ * Change definitions for sparc (#26487) ++ * Added missing dependency (#28591) ++ * Make debian/libtool executable (#29708) ++ * /etc/ssl/lib/ssleay.cnf is now a confile (#32624) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 21 Mar 1999 19:41:04 +0100 ++ ++ssleay (0.9.0b-1) unstable; urgency=low ++ ++ * new upstream version (Bug #21227, #25971) ++ * build shared libraries with -fPIC (Bug #20027) ++ * support sparc architecture (Bug #28467) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 13 Oct 1998 10:20:13 +0200 ++ ++ssleay (0.8.1-7) frozen unstable; urgency=high ++ ++ * security fix patch to 0.8.1b (bug #24022) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 6 Jul 1998 15:42:15 +0200 ++ ++ssleay (0.8.1-6) frozen unstable; urgency=low ++ ++ * second try to fix bug #15235 (copyright was still missing) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 22 Jun 1998 08:56:27 +0200 ++ ++ssleay (0.8.1-5) frozen unstable; urgency=high ++ ++ * changed /dev/random to /dev/urandom (Bug #23169, #17817) ++ * copyright contains now the full licence (Bug #15235) ++ * fixed bug #19410 (md5sums-lists-nonexisting-file) ++ * added demos to /usr/doc (Bug #17372) ++ * fixed type in package description (Bug #18969) ++ * fixed bug in adding documentation (Bug #21463) ++ * added patch for support of debian-powerpc (Bug #21579) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 18 Jun 1998 23:09:13 +0200 ++ ++ssleay (0.8.1-4) unstable; urgency=low ++ ++ * purged dependency from libc5 ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 11 Nov 1997 15:31:50 +0100 ++ ++ssleay (0.8.1-3) unstable; urgency=low ++ ++ * changed packagename libssl to libssl08 to get better dependancies ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 7 Nov 1997 14:23:17 +0100 ++ ++ssleay (0.8.1-2) unstable; urgency=low ++ ++ * linked shared libraries against libc6 ++ * use /dev/random for randomseed ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 5 Nov 1997 11:21:40 +0100 ++ ++ssleay (0.8.1-1) unstable; urgency=low ++ ++ * new upstream version ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 16 Oct 1997 16:15:43 +0200 ++ ++ssleay (0.6.6-2) unstable; urgency=low ++ ++ * cleanup in diffs ++ * removed INSTALL from docs (bug #13205) ++ * split libssl and libssl-dev (but #13735) ++ ++ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 15 Oct 1997 17:38:38 +0200 ++ ++ssleay (0.6.6-1) unstable; urgency=low ++ ++ * New upstream version ++ * added shared libraries for libcrypto and libssl ++ ++ -- Christoph Martin <martin@uni-mainz.de> Thu, 26 Jun 1997 19:26:14 +0200 ++ ++ssleay (0.6.4-2) unstable; urgency=low ++ ++ * changed doc filenames from .doc to .txt to be able to read them ++ over with webbrowser ++ ++ -- Christoph Martin <martin@uni-mainz.de> Tue, 25 Feb 1997 14:02:53 +0100 ++ ++ssleay (0.6.4-1) unstable; urgency=low ++ ++ * Initial Release. ++ ++ -- Christoph Martin <martin@uni-mainz.de> Fri, 22 Nov 1996 21:29:51 +0100 +--- openssl097-0.9.7g.orig/debian/rules ++++ openssl097-0.9.7g/debian/rules +@@ -0,0 +1,173 @@ ++#!/usr/bin/make -f ++# Sample debian.rules file - for GNU Hello (1.3). ++# Copyright 1994,1995 by Ian Jackson. ++# I hereby give you perpetual unlimited permission to copy, ++# modify and relicense this file, provided that you do not remove ++# my name from the file itself. (I assert my moral right of ++# paternity under the Copyright, Designs and Patents Act 1988.) ++# This file may have to be extensively modified ++# ++# Modified to be a prototype for debmake by Christoph Lameter <clameter@debian.org> ++SHELL=/bin/bash ++export DH_COMPAT=3 ++ ++package=openssl ++ ++# For generating the manpages ++export VERSION=$(shell dpkg-parsechangelog | grep '^Version:' | sed -e 's/^.*://' -e 's/-.*//') ++ ++# The binary architeture ++DEB_HOST_ARCH = $(shell dpkg-architecture -qDEB_HOST_ARCH) ++ ++CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug ++OPT_alpha = ev4 ev5 ++OPT_i386 = i486 i586 i686/cmov ++OPT_sparc = v8 v9 ++ARCHOPTS = OPT_$(DEB_HOST_ARCH) ++OPTS = $($(ARCHOPTS)) ++WANTED_LIBC_VERSION = 2.3.1-10 ++ ++build: ++ dh_testdir ++ perl util/perlpath.pl /usr/bin ++# perl util/ssldir.pl /usr/lib/ssl ++# chmod +x debian/libtool ++ ./Configure no-shared $(CONFARGS) debian-$(DEB_HOST_ARCH) ++ make -f Makefile DIRS="crypto ssl" all ++ mv libcrypto.a libcrypto.static ++ mv libssl.a libssl.static ++ make -f Makefile DIRS="crypto ssl" clean ++ test -z "$(OPTS)" || for opt in $(OPTS); \ ++ do \ ++ set -xe; \ ++ ./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)-$$opt; \ ++ make -f Makefile DIRS="crypto ssl" all; \ ++ mkdir -p $$opt; \ ++ mv libcrypto.so* libssl.so* $$opt/; \ ++ make -f Makefile DIRS="crypto ssl" clean; \ ++ done ++ ./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH) ++ #make -f Makefile depend ++ ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/ ++# make -f Makefile linux-shared ++ make -f Makefile all ++# strip apps/openssl ++# make -f Makefile clean DIRS="crypto ssl" ++# ./Configure --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 debian-$(DEB_HOST_ARCH) ++# make -f Makefile all DIRS="crypto ssl" ++ touch build ++ ++clean: ++ dh_testdir ++ dh_testroot ++ -rm -f build ++ -perl util/perlpath.pl /usr/bin ++ -./Configure $(CONFARGS) debian-$(DEB_HOST_ARCH) ++ -make -f Makefile clean clean-shared ++ #-make -f Makefile dclean ++ -perl util/perlpath.pl /usr/local/bin/perl ++# perl util/ssldir.pl /usr/local/ssl ++ -rm -f test/.rnd test/testkey.pem test/testreq.pem test/certCA.srl ++ -rm -f util/mk1mf.bak Makefile.bak `find . -name Makefile.save` ++ -rm -f crypto/pem/ctx_size ++ -rm -f `find . -name "*~"` ++ -rm -f `find . -name "*.orig" -o -name "*.rej"` ++ -rm -f certs/*.0 certs/*.1 ++# -rm -rf debian/tmp debian/files* core `find debian/* -type d` ++ -rm -rf core $(OPTS) ++ -rm doc/*.pod ++ -rm -f libcrypto.* libssl.* ++ dh_clean ++ ++binary-indep: build ++ dh_testdir ++ dh_testroot ++# There are no architecture-independent files to be uploaded ++# generated by this package. If there were any they would be ++# made here. ++ ++binary-arch: build ++ dh_testdir ++ dh_testroot ++ dh_clean ++# -rm -rf debian/tmp `find debian/* -type d` ++# install -d debian/tmp debian/libssl0.9.7 debian/libssl0.9.7-dev ++# cd debian/tmp && install -d `cat ../dirs` ++# cd debian/libssl09 && install -d `cat ../libssl09.dirs` ++# cd debian/libssl09-dev && install -d `cat ../libssl09-dev.dirs` ++ dh_installdirs ++#openssl install ++ make -f Makefile install INSTALL_PREFIX=`pwd`/debian/tmp ++ rm debian/tmp/usr/share/man/man1/openssl.1 ++ rm debian/tmp/usr/share/man/man3/crypto.3 ++ rm debian/tmp/usr/share/man/man3/ssl.3 ++# rm debian/tmp/usr/lib/libcrypto.a ++# rm debian/tmp/usr/lib/libssl.a ++ mv debian/tmp/usr/lib/libcrypto.a debian/tmp/usr/lib/libcrypto_pic.a ++ mv debian/tmp/usr/lib/libssl.a debian/tmp/usr/lib/libssl_pic.a ++ cp -pf libcrypto.static debian/tmp/usr/lib/libcrypto.a ++ cp -pf libssl.static debian/tmp/usr/lib/libssl.a ++# mv debian/tmp/usr/lib/ssl/bin debian/tmp/usr/bin/ssl ++# (cd debian/tmp/usr/lib/ssl; ln -s /usr/bin/ssl bin) ++# mv debian/tmp/usr/lib/ssl/include debian/tmp/usr/include/ssl ++# (cd debian/tmp/usr/lib/ssl; ln -s /usr/include/ssl include) ++# chmod -x debian/tmp/usr/lib/*.so.* ++# mv debian/tmp/usr/lib/*.a debian/libssl09-dev/usr/lib/ ++# mv debian/tmp/usr/lib/*.so debian/libssl09-dev/usr/lib/ ++# mv debian/tmp/usr/lib/*.so.*.*.* debian/libssl09/usr/lib/ ++# mv debian/tmp/usr/lib/*.la debian/libssl09-dev/usr/lib/ ++# mv debian/tmp/usr/include debian/libssl09-dev/usr/ ++ mkdir -p debian/tmp/etc/ssl ++ mv debian/tmp/usr/lib/ssl/{certs,openssl.cnf,private} debian/tmp/etc/ssl/ ++ ln -s /etc/ssl/{certs,openssl.cnf,private} debian/tmp/usr/lib/ssl/ ++ cp -auv lib*.so* debian/tmp/usr/lib/ ++# cp -auv lib*.a debian/tmp/usr/lib/ ++ for opt in $(OPTS); do set -xe; mkdir -p debian/tmp/usr/lib/$$opt; cp -auv $$opt/lib*.so* debian/tmp/usr/lib/$$opt/; done ++ install debian/copyright debian/libssl0.9.7/usr/share/doc/libssl0.9.7/ ++ install debian/changelog debian/libssl0.9.7/usr/share/doc/libssl0.9.7/changelog.Debian ++# install debian/copyright debian/libssl0.9.7-dev/usr/share/doc/libssl0.9.7-dev/ ++# install debian/changelog debian/libssl0.9.7-dev/usr/share/doc/libssl0.9.7-dev/changelog.Debian ++# debstd -u CHANGES* LICENSE README NEWS ++ dh_installdocs CHANGES.SSLeay LICENSE README NEWS debian/README.optimization ++ dh_installexamples ++ dh_installchangelogs CHANGES ++# dh_installmenu ++# dh_installcron ++ dh_installdebconf ++# dh_undocumented c_rehash.1 ++ dh_movefiles ++# rmdir debian/tmp/usr/lib/ssl/lib ++# rmdir debian/tmp/usr/include/openssl ++# rmdir debian/tmp/usr/include ++# for opt in $(OPTS); do set -xe; rm -fr debian/tmp/usr/lib/$$opt; done ++ dh_compress ++ dh_fixperms -X etc/ssl/private ++ dh_strip --dbg-package=libssl0.9.7 ++ dh_perl -d ++# dh_suidregister ++ dh_shlibdeps -l`pwd` -Xlibssl.so ++ # Hack, to depend on version of libc6 which supports the i686 directory ++ if [ "${DEB_HOST_ARCH}" == "i386" ]; \ ++ then \ ++ SHLIB=`cat debian/libssl0.9.7.substvars`; \ ++ LIBC_VERSION=`echo $$SHLIB | sed s'/.*libc6 (>= \(.*\))/\1/'`; \ ++ if dpkg --compare-versions ${WANTED_LIBC_VERSION} gt $$LIBC_VERSION; \ ++ then \ ++ echo $$SHLIB | sed s'/libc6 (>= \(.*\))/libc6 (>= ${WANTED_LIBC_VERSION})/' > debian/libssl0.9.7.substvars; \ ++ fi \ ++ fi ++ dh_gencontrol ++ dh_makeshlibs -m 0.9.7 ++ dh_installdeb ++ dh_md5sums ++ dh_builddeb ++ echo -en "\a" ++ ++# Below here is fairly generic really ++ ++binary: binary-indep binary-arch ++ ++source diff: ++ @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false ++ ++.PHONY: binary binary-arch binary-indep clean +--- openssl097-0.9.7g.orig/debian/libssl0.9.7.postinst ++++ openssl097-0.9.7g/debian/libssl0.9.7.postinst +@@ -0,0 +1,139 @@ ++#!/bin/sh -e ++ ++. /usr/share/debconf/confmodule ++ ++package_name() ++{ ++ echo $(basename $0 .postinst) ++} ++ ++# element() is a helper function for file-rc: ++element() { ++ local element list IFS ++ ++ element="$1" ++ ++ [ "$2" = "in" ] && shift ++ list="$2" ++ [ "$list" = "-" ] && return 1 ++ [ "$list" = "*" ] && return 0 ++ ++ IFS="," ++ set -- $list ++ case $element in ++ "$1"|"$2"|"$3"|"$4"|"$5"|"$6"|"$7"|"$8"|"$9") ++ return 0 ++ esac ++ return 1 ++} ++ ++# filerc (runlevel, service) returns /etc/init.d/service, if service is ++# running in $runlevel: ++filerc() { ++ local runlevel basename ++ runlevel=$1 ++ basename=$2 ++ while read LINE ++ do ++ case $LINE in ++ \#*|"") continue ++ esac ++ ++ set -- $LINE ++ SORT_NO="$1"; STOP="$2"; START="$3"; CMD="$4" ++ [ "$CMD" = "/etc/init.d/$basename" ] || continue ++ ++ if element "$runlevel" in "$START" || element "S" in "$START" ++ then ++ echo "/etc/init.d/$basename" ++ return 0 ++ fi ++ done < /etc/runlevel.conf ++ echo "" ++} ++ ++if [ "$1" = "configure" ] ++then ++ if [ ! -z "$2" ]; then ++ if dpkg --compare-versions "$2" lt 0.9.7d-1; then ++ echo -n "Checking for services that may need to be restarted..." ++ ++ check="sendmail ssh" ++ check="$check apache2-common ssh-nonfree exim4" ++ check="$check apache-ssl libapache-mod-ssl openvpn spamassassin" ++ check="$check courier-imap-ssl courier-mta-ssl courier-pop-ssl" ++ check="$check postfix-tls cyrus21-imapd cyrus21-pop3d" ++ check="$check postgresql racoon" ++ # Only get the ones that are installed, and configured ++ check=$(dpkg -s $check 2> /dev/null | sed '/^$/{N;/^\n$/D;}' | awk 'BEGIN{RS="\n\n";FS="\n"}{if ( $2 ~ /Status: .* installed$/ ) { print $1 } }' | cut -f 2 -d ' ') ++ # apache2 ships its init script in apache2-common, but the ++ # script is apache2 ++ check=$(echo $check | sed 's/apache2-common/apache2/g') ++ # For mod-ssl apache has to be restarted ++ check=$(echo $check | sed 's/libapache-mod-ssl/apache/g') ++ rl=$(runlevel | awk '{print $2}') ++ for service in $check; do ++ if [ -f /usr/share/file-rc/rc -o -f /usr/lib/file-rc/rc ] && [ -f /etc/runlevel.conf ]; then ++ idl=$(filerc $rl $service) ++ else ++ idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1) ++ fi ++ if [ -n "$idl" ] && [ -x $idl ]; then ++ services="$service $services" ++ fi ++ done ++ echo "done." ++ if [ -n "$services" ]; then ++ db_version 2.0 ++ ++ db_reset libssl0.9.7/restart-services ++ db_set libssl0.9.7/restart-services "$services" ++ db_input critical libssl0.9.7/restart-services || true ++ db_go || true ++ db_get libssl0.9.7/restart-services ++ # Arghhh, close all the stupid debconf pipes ++ db_stop ++ ++ if [ "x$RET" != "x" ] ++ then ++ services=$RET ++ answer=yes ++ else ++ answer=no ++ fi ++ echo ++ if [ "$answer" = yes ] && [ "$services" != "" ]; then ++ echo "Restarting services possibly affected by the upgrade:" ++ failed="" ++ for service in $services; do ++ idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1) ++ echo -n " $service: stopping..." ++ $idl stop > /dev/null 2>&1 || true ++ sleep 1 ++ echo -n "starting..." ++ if $idl start > /dev/null 2>&1; then ++ echo "done." ++ else ++ echo "FAILED! ($?)" ++ failed="$service $failed" ++ fi ++ done ++ echo ++ if [ -n "$failed" ]; then ++ # Ruh roh, George ++ echo "The following services failed to start: $failed" ++ echo ++ echo "You will need to start these manually by running \`/etc/init.d/<service> start'" ++ echo "If the service still fails to start, you may need to file a bug on" ++ echo "$(package_name) or the service involved." ++ else ++ echo "Services restarted successfully." ++ fi ++ echo ++ fi ++ fi ++ fi # end upgrading and $2 lt 0.9.7c-1 ++ fi # Upgrading ++fi ++ ++#DEBHELPER# +--- openssl097-0.9.7g.orig/debian/watch ++++ openssl097-0.9.7g/debian/watch +@@ -0,0 +1,2 @@ ++version=2 ++ftp://ftp.openssl.org/source/openssl-(\d+\.\d+\.\d+[a-z]?)\.tar\.gz debian uupdate +--- openssl097-0.9.7g.orig/debian/libssl0.9.7.preinst ++++ openssl097-0.9.7g/debian/libssl0.9.7.preinst +@@ -0,0 +1,3 @@ ++#!/bin/sh -e ++ ++#DEBHELPER# +--- openssl097-0.9.7g.orig/debian/libssl0.9.7.prerm ++++ openssl097-0.9.7g/debian/libssl0.9.7.prerm +@@ -0,0 +1,3 @@ ++#!/bin/sh -e ++ ++#DEBHELPER# +--- openssl097-0.9.7g.orig/debian/copyright ++++ openssl097-0.9.7g/debian/copyright +@@ -0,0 +1,135 @@ ++This package was debianized by Christoph Martin martin@uni-mainz.de on ++Fri, 22 Nov 1996 21:29:51 +0100. ++ ++Copyright (c) 1998-2004 The OpenSSL Project ++Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson ++ ++The upstream sources were obtained from http://www.openssl.org/ ++ ++ ++ LICENSE ISSUES ++ ============== ++ ++ The OpenSSL toolkit stays under a dual license, i.e. both the conditions of ++ the OpenSSL License and the original SSLeay license apply to the toolkit. ++ See below for the actual license texts. Actually both licenses are BSD-style ++ Open Source licenses. In case of any license issues related to OpenSSL ++ please contact openssl-core@openssl.org. ++ ++ OpenSSL License ++ --------------- ++ ++/* ==================================================================== ++ * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. All advertising materials mentioning features or use of this ++ * software must display the following acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" ++ * ++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For written permission, please contact ++ * openssl-core@openssl.org. ++ * ++ * 5. Products derived from this software may not be called "OpenSSL" ++ * nor may "OpenSSL" appear in their names without prior written ++ * permission of the OpenSSL Project. ++ * ++ * 6. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by the OpenSSL Project ++ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY ++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT ++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; ++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED ++ * OF THE POSSIBILITY OF SUCH DAMAGE. ++ * ==================================================================== ++ * ++ * This product includes cryptographic software written by Eric Young ++ * (eay@cryptsoft.com). This product includes software written by Tim ++ * Hudson (tjh@cryptsoft.com). ++ * ++ */ ++ ++ Original SSLeay License ++ ----------------------- ++ ++/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) ++ * All rights reserved. ++ * ++ * This package is an SSL implementation written ++ * by Eric Young (eay@cryptsoft.com). ++ * The implementation was written so as to conform with Netscapes SSL. ++ * ++ * This library is free for commercial and non-commercial use as long as ++ * the following conditions are aheared to. The following conditions ++ * apply to all code found in this distribution, be it the RC4, RSA, ++ * lhash, DES, etc., code; not just the SSL code. The SSL documentation ++ * included with this distribution is covered by the same copyright terms ++ * except that the holder is Tim Hudson (tjh@cryptsoft.com). ++ * ++ * Copyright remains Eric Young's, and as such any Copyright notices in ++ * the code are not to be removed. ++ * If this package is used in a product, Eric Young should be given attribution ++ * as the author of the parts of the library used. ++ * This can be in the form of a textual message at program startup or ++ * in documentation (online or textual) provided with the package. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * 3. All advertising materials mentioning features or use of this software ++ * must display the following acknowledgement: ++ * "This product includes cryptographic software written by ++ * Eric Young (eay@cryptsoft.com)" ++ * The word 'cryptographic' can be left out if the rouines from the library ++ * being used are not cryptographic related :-). ++ * 4. If you include any Windows specific code (or a derivative thereof) from ++ * the apps directory (application code) you must include an acknowledgement: ++ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" ++ * ++ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE ++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ++ * SUCH DAMAGE. ++ * ++ * The licence and distribution terms for any publically available version or ++ * derivative of this code cannot be changed. i.e. this code cannot simply be ++ * copied and put under another distribution licence ++ * [including the GNU Public Licence.] ++ */ ++ +--- openssl097-0.9.7g.orig/debian/shlibs.local ++++ openssl097-0.9.7g/debian/shlibs.local +@@ -0,0 +1,2 @@ ++libcrypto 0.9.7 libssl0.9.7 ++libssl 0.9.7 libssl0.9.7 +--- openssl097-0.9.7g.orig/debian/README.debian ++++ openssl097-0.9.7g/debian/README.debian +@@ -0,0 +1,52 @@ ++openssl for DEBIAN ++---------------------- ++ ++openssl replaces ssleay. ++ ++The application links to openssl like req, ca, verify and s_client ++have been removed. ++ ++Instead of `<application>` please call now `openssl <application>` ++ ++eg: ++instead of `req` please call `openssl req` ++ ++NOTE: The libssl library version for debian-i386 is optimized for ++486-processors and better. It will not run on 386-processors. ++ ++---- ++Self-signed certs and webservers: ++ ++If you get with a selfsigned certificate and a webserver: ++ > "The certificate is not approved for the attempted operation." ++ ++Bodo_Moeller@public.uni-hamburg.de (Bodo Moeller) writes: ++>Probably you are using a CA certificate for your server; if you use ++>"openssl req" to generate a new key and self-signed certificate with ++>the default openssl.cnf, the certificate you get includes certain ++>X.509v3 extensions that make it unfit for use as a server certificate. ++>This was not so with earlier versions of the software because back ++>then there was far less X.509v3 support. ++> ++>To look at the certificate some HTTPS server presents to its cliens, ++>use "openssl s_client -port 443 -host your.server", store the output ++>(at least the part from "-----BEGIN CERTIFICATE-----" up to "-----END ++>CERTIFICATE-----", including these separators) in a file and use ++>"openssl x509 -in the_file_you_just_stored -text" to look at it in ++>readable form. If it has in the "X509v3 extensions section" any of ++>the following entries, it is not usable as a server certificate: ++> ++> X509v3 Basic Constraints: ++> CA:TRUE ++> ++> X509v3 Key Usage: ++> Certificate Sign, CRL Sign ++> ++>To quickly create a new server key and certificate that works with ++>Netscape, you can just copy the original openssl.cnf file and comment ++>out the "x509_extensions" entry in the "[ req ]" section. ++>The, use "openssl req ..." as before to create a new certificate and ++>key. ++ ++ ++Christoph Martin <martin@uni-mainz.de>, Wed, 31 Mar 1999 16:00:51 +0200 |