diff options
Diffstat (limited to 'packages/openssl/openssl-0.9.7g/debian.patch')
-rw-r--r-- | packages/openssl/openssl-0.9.7g/debian.patch | 2808 |
1 files changed, 0 insertions, 2808 deletions
diff --git a/packages/openssl/openssl-0.9.7g/debian.patch b/packages/openssl/openssl-0.9.7g/debian.patch deleted file mode 100644 index 8cfdd2d653..0000000000 --- a/packages/openssl/openssl-0.9.7g/debian.patch +++ /dev/null @@ -1,2808 +0,0 @@ ---- openssl097-0.9.7g.orig/apps/CA.pl -+++ openssl097-0.9.7g/apps/CA.pl -@@ -1,4 +1,4 @@ --#!/usr/bin/perl -+#!/usr/local/bin/perl - # - # CA - wrapper around ca to make it easier to use ... basically ca requires - # some setup stuff to be done before you can use it and this makes -@@ -63,6 +63,7 @@ - foreach (@ARGV) { - if ( /^(-\?|-h|-help)$/ ) { - print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; -+ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; - exit 0; - } elsif (/^-newcert$/) { - # create a certificate -@@ -158,6 +159,7 @@ - } else { - print STDERR "Unknown arg $_\n"; - print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; -+ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; - exit 1; - } - } ---- openssl097-0.9.7g.orig/apps/CA.pl.in -+++ openssl097-0.9.7g/apps/CA.pl.in -@@ -63,6 +63,7 @@ - foreach (@ARGV) { - if ( /^(-\?|-h|-help)$/ ) { - print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; -+ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; - exit 0; - } elsif (/^-newcert$/) { - # create a certificate -@@ -158,6 +159,7 @@ - } else { - print STDERR "Unknown arg $_\n"; - print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; -+ print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; - exit 1; - } - } ---- openssl097-0.9.7g.orig/apps/progs.h -+++ openssl097-0.9.7g/apps/progs.h -@@ -35,11 +35,9 @@ - extern int spkac_main(int argc,char *argv[]); - extern int smime_main(int argc,char *argv[]); - extern int rand_main(int argc,char *argv[]); --extern int prime_main(int argc,char *argv[]); --#ifndef OPENSSL_NO_ENGINE - extern int engine_main(int argc,char *argv[]); --#endif - extern int ocsp_main(int argc,char *argv[]); -+extern int prime_main(int argc,char *argv[]); - - #define FUNC_TYPE_GENERAL 1 - #define FUNC_TYPE_MD 2 -@@ -95,9 +93,7 @@ - #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) - {FUNC_TYPE_GENERAL,"s_client",s_client_main}, - #endif --#ifndef OPENSSL_NO_SPEED - {FUNC_TYPE_GENERAL,"speed",speed_main}, --#endif - #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) - {FUNC_TYPE_GENERAL,"s_time",s_time_main}, - #endif -@@ -116,11 +112,9 @@ - {FUNC_TYPE_GENERAL,"spkac",spkac_main}, - {FUNC_TYPE_GENERAL,"smime",smime_main}, - {FUNC_TYPE_GENERAL,"rand",rand_main}, -- {FUNC_TYPE_GENERAL,"prime",prime_main}, --#ifndef OPENSSL_NO_ENGINE - {FUNC_TYPE_GENERAL,"engine",engine_main}, --#endif - {FUNC_TYPE_GENERAL,"ocsp",ocsp_main}, -+ {FUNC_TYPE_GENERAL,"prime",prime_main}, - #ifndef OPENSSL_NO_MD2 - {FUNC_TYPE_MD,"md2",dgst_main}, - #endif ---- openssl097-0.9.7g.orig/config -+++ openssl097-0.9.7g/config -@@ -163,8 +163,8 @@ - echo "${MACHINE}-whatever-linux1"; exit 0 - ;; - -- GNU*) -- echo "hurd-x86"; exit 0; -+ GNU:*|GNU/*:*) -+ echo "${MACHINE}-gnuish"; exit 0; - ;; - - LynxOS:*) ---- openssl097-0.9.7g.orig/Configure -+++ openssl097-0.9.7g/Configure -@@ -1,4 +1,4 @@ --: -+#!/usr/local/bin/perl - eval 'exec perl -S $0 ${1+"$@"}' - if $running_under_some_shell; - ## -@@ -390,6 +390,42 @@ - # assembler versions -- currently defunct: - ##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}", - -+# Debian GNU/* (various architectures) -+"debian-alpha","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-alpha-ev4","gcc:-DTERMIO -O3 -mcpu=ev4 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-alpha-ev5","gcc:-DTERMIO -O3 -mcpu=ev5 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-arm","gcc:-DL_ENDIAN -DTERMIO -O2 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+#"debian-amd64","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-amd64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR BF_PTR2 DES_INT DES_UNROLL:asm/x86_64-gcc.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+#"debian-freebsd-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-kfreebsd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-hppa","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-ia64","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+#"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC", -+"debian-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-i386-i486","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i486 -mcpu=i486 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-i386-i586","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i586 -mcpu=i586 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i686 -mcpu=i686 -Wa,--noexecstack -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-m68k","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-openbsd-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-openbsd-mips","gcc:-O2 -DL_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-powerpc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-ppc64","gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:asm/linux_ppc64.o:::::::::dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-s390","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sh3", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sh4", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sh3eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sh4eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sparc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sparc-v8","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v8 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"debian-sparc-v9","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v9 -Wa,-Av8plus -fomit-frame-pointer -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the - # bn86-elf.o file file since it is hand tweaked assembler. - "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -@@ -1316,7 +1352,8 @@ - elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/) - { - my $sotmp = $1; -- s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/; -+# s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/; -+ s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/; - } - elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/) - { ---- openssl097-0.9.7g.orig/crypto/asn1/charmap.pl -+++ openssl097-0.9.7g/crypto/asn1/charmap.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/local/bin/perl - - use strict; - ---- openssl097-0.9.7g.orig/crypto/bn/asm/ppc.pl -+++ openssl097-0.9.7g/crypto/bn/asm/ppc.pl -@@ -1,4 +1,4 @@ --#!/usr/bin/env perl -+#!/usr/local/bin/perl - # - # Implemented as a Perl wrapper as we want to support several different - # architectures with single file. We pick up the target based on the ---- openssl097-0.9.7g.orig/crypto/md5/asm/md5-sparcv9.S -+++ openssl097-0.9.7g/crypto/md5/asm/md5-sparcv9.S -@@ -74,14 +74,14 @@ - #define Dval R8 - - #if defined(MD5_BLOCK_DATA_ORDER) --# if defined(OPENSSL_SYSNAME_ULTRASPARC) -+/*# if defined(OPENSSL_SYSNAME_ULTRASPARC)*/ - # define LOAD lda - # define X(i) [%i1+i*4]%asi - # define md5_block md5_block_asm_data_order_aligned - # define ASI_PRIMARY_LITTLE 0x88 --# else -+/*# else - # error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!" --# endif -+# endif*/ - #else - # define LOAD ld - # define X(i) [%i1+i*4] ---- openssl097-0.9.7g.orig/crypto/opensslconf.h -+++ openssl097-0.9.7g/crypto/opensslconf.h -@@ -4,17 +4,38 @@ - /* OpenSSL was configured with the following options: */ - #ifndef OPENSSL_DOING_MAKEDEPEND - -+#ifndef OPENSSL_NO_IDEA -+# define OPENSSL_NO_IDEA -+#endif -+#ifndef OPENSSL_NO_MDC2 -+# define OPENSSL_NO_MDC2 -+#endif -+#ifndef OPENSSL_NO_RC5 -+# define OPENSSL_NO_RC5 -+#endif - #ifndef OPENSSL_NO_KRB5 - # define OPENSSL_NO_KRB5 - #endif - - #endif /* OPENSSL_DOING_MAKEDEPEND */ -+#ifndef OPENSSL_THREADS -+# define OPENSSL_THREADS -+#endif - - /* The OPENSSL_NO_* macros are also defined as NO_* if the application - asks for it. This is a transient feature that is provided for those - who haven't had the time to do the appropriate changes in their - applications. */ - #ifdef OPENSSL_ALGORITHM_DEFINES -+# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA) -+# define NO_IDEA -+# endif -+# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2) -+# define NO_MDC2 -+# endif -+# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5) -+# define NO_RC5 -+# endif - # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5) - # define NO_KRB5 - # endif -@@ -27,7 +48,7 @@ - - #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ - #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) --#define OPENSSLDIR "/usr/local/ssl" -+#define OPENSSLDIR "/usr/lib/ssl" - #endif - #endif - -@@ -79,7 +100,7 @@ - - #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) - #define CONFIG_HEADER_BN_H --#undef BN_LLONG -+#define BN_LLONG - - /* Should we define BN_DIV2W here? */ - -@@ -98,7 +119,7 @@ - #define CONFIG_HEADER_RC4_LOCL_H - /* if this is defined data[i] is used instead of *data, this is a %20 - * speedup on x86 */ --#undef RC4_INDEX -+#define RC4_INDEX - #endif - - #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -@@ -112,14 +133,14 @@ - /* the following is tweaked from a config script, that is why it is a - * protected undef/define */ - #ifndef DES_PTR --#undef DES_PTR -+#define DES_PTR - #endif - - /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more - * registers */ - #ifndef DES_RISC1 --#undef DES_RISC1 -+#define DES_RISC1 - #endif - - #ifndef DES_RISC2 -@@ -133,7 +154,7 @@ - /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ - #ifndef DES_UNROLL --#undef DES_UNROLL -+#define DES_UNROLL - #endif - - /* These default values were supplied by ---- openssl097-0.9.7g.orig/crypto/pkcs7/pk7_mime.c -+++ openssl097-0.9.7g/crypto/pkcs7/pk7_mime.c -@@ -277,9 +277,9 @@ - - if(strcmp(hdr->value, "application/x-pkcs7-signature") && - strcmp(hdr->value, "application/pkcs7-signature")) { -- sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE); - ERR_add_error_data(2, "type: ", hdr->value); -+ sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } ---- openssl097-0.9.7g.orig/crypto/rc4/asm/rc4-amd64.pl -+++ openssl097-0.9.7g/crypto/rc4/asm/rc4-amd64.pl -@@ -1,4 +1,4 @@ --#!/usr/bin/env perl -+#!/usr/local/bin/perl - # - # ==================================================================== - # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL ---- openssl097-0.9.7g.orig/crypto/rc4/rc4_enc.c -+++ openssl097-0.9.7g/crypto/rc4/rc4_enc.c -@@ -77,10 +77,6 @@ - x=key->x; - y=key->y; - d=key->data; --#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64) -- /* see crypto/rc4/asm/rc4-ia64.S for further details... */ -- d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1)); --#endif - - #if defined(RC4_CHUNK) - /* ---- openssl097-0.9.7g.orig/crypto/rc4/rc4.h -+++ openssl097-0.9.7g/crypto/rc4/rc4.h -@@ -73,10 +73,6 @@ - { - RC4_INT x,y; - RC4_INT data[256]; --#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64) -- /* see crypto/rc4/asm/rc4-ia64.S for further details... */ -- RC4_INT pad[512-256-2]; --#endif - } RC4_KEY; - - ---- openssl097-0.9.7g.orig/crypto/rc4/rc4_skey.c -+++ openssl097-0.9.7g/crypto/rc4/rc4_skey.c -@@ -94,10 +94,6 @@ - unsigned int i; - - d= &(key->data[0]); --#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64) -- /* see crypto/rc4/asm/rc4-ia64.S for further details... */ -- d=(RC4_INT *)(((size_t)(d+255))&~(sizeof(key->data)-1)); --#endif - - for (i=0; i<256; i++) - d[i]=i; ---- openssl097-0.9.7g.orig/crypto/sha/asm/sha1-ia64.pl -+++ openssl097-0.9.7g/crypto/sha/asm/sha1-ia64.pl -@@ -1,4 +1,4 @@ --#!/usr/bin/env perl -+#!/usr/local/bin/perl - # - # ==================================================================== - # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL ---- openssl097-0.9.7g.orig/demos/tunala/configure.in -+++ openssl097-0.9.7g/demos/tunala/configure.in -@@ -1,4 +1,4 @@ --dnl Process this file with autoconf to produce a configure script. -+#!/usr/local/bin/perl - AC_INIT(tunala.c) - AM_CONFIG_HEADER(config.h) - AM_INIT_AUTOMAKE(tunala, 0.0.1-dev) ---- openssl097-0.9.7g.orig/doc/apps/CA.pl.pod -+++ openssl097-0.9.7g/doc/apps/CA.pl.pod -@@ -47,7 +47,7 @@ - creates a new certificate request. The private key and request are - written to the file "newreq.pem". - --=item B<-newreq-nowdes> -+=item B<-newreq-nodes> - - is like B<-newreq> except that the private key will not be encrypted. - ---- openssl097-0.9.7g.orig/doc/Makefile -+++ openssl097-0.9.7g/doc/Makefile -@@ -0,0 +1,40 @@ -+VERSION = -+ -+#PODS = $(wildcard *.pod) -+#MANS = $(addsuffix .man, $(basename $(PODS))) -+ -+MANS = openssl.1 ssl.3 crypto.3 -+ -+P2M = pod2man --center='OpenSSL Documentation' --release="OpenSSL $(VERSION)" -+ -+all: manpages -+ -+.PHONY: manpages -+ -+manpages: openssl.1 crypto.3 ssl.3 -+ -+openssl.1: -+ $(P2M) --section=1 openssl.pod > openssl.1 -+ -+crypto.3: -+ $(P2M) --section=3 crypto.pod > crypto.3 -+ -+ssl.3: -+ $(P2M) --section=3 ssl.pod > ssl.3 -+ -+.PHONY: install -+install: -+ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1 -+ mkdir -p $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3 -+ install -m 644 -p openssl.1 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man1 -+ install -m 644 -p crypto.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3 -+ install -m 644 -p ssl.3 $(INSTALL_PREFIX)$(INSTALLTOP)/share/man/man3 -+ rm -f $(MANS) -+ -+.PHONY: clean -+clean: -+ rm -f $(MANS) -+ -+.PHONY: realclean -+realclean: -+ -$(MAKE) clean ---- openssl097-0.9.7g.orig/Makefile -+++ openssl097-0.9.7g/Makefile -@@ -11,11 +11,11 @@ - SHLIB_VERSION_HISTORY= - SHLIB_MAJOR=0 - SHLIB_MINOR=9.7 --SHLIB_EXT= --PLATFORM=dist --OPTIONS= no-krb5 --CONFIGURE_ARGS=dist --SHLIB_TARGET= -+SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR) -+PLATFORM=debian-i386 -+OPTIONS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug no-krb5 -+CONFIGURE_ARGS=--prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug debian-i386 -+SHLIB_TARGET=linux-shared - - # HERE indicates where this Makefile lives. This can be used to indicate - # where sub-Makefiles are expected to be. Currently has very limited usage, -@@ -26,10 +26,10 @@ - # for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/. - # Normally it is left empty. - INSTALL_PREFIX= --INSTALLTOP=/usr/local/ssl -+INSTALLTOP=/usr - - # Do not edit this manually. Use Configure --openssldir=DIR do change this! --OPENSSLDIR=/usr/local/ssl -+OPENSSLDIR=/usr/lib/ssl - - # NO_IDEA - Define to build without the IDEA algorithm - # NO_RC4 - Define to build without the RC4 algorithm -@@ -59,12 +59,13 @@ - # equal 4. - # PKCS1_CHECK - pkcs1 tests. - --CC= cc -+#TOP=$(shell pwd) -+CC= gcc - #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM --CFLAG= -DOPENSSL_NO_KRB5 -O --DEPFLAG= -+CFLAG= -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DL_ENDIAN -DTERMIO -O3 -Wall -g -+DEPFLAG= -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 - PEX_LIBS= --EX_LIBS= -+EX_LIBS= -ldl - EXE_EXT= - ARFLAGS= - AR=ar $(ARFLAGS) r -@@ -72,7 +73,7 @@ - PERL= /usr/bin/perl - TAR= tar - TARFLAGS= --no-recursion --MAKEDEPPROG=makedepend -+MAKEDEPPROG= gcc - - # We let the C compiler driver to take care of .s files. This is done in - # order to be excused from maintaining a separate set of architecture -@@ -177,13 +178,13 @@ - # we might set SHLIB_MARK to '$(SHARED_LIBS)'. - SHLIB_MARK= - --DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps test tools -+DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps doc tools - SHLIBDIRS= crypto ssl - - # dirs in crypto to build - SDIRS= objects \ -- md2 md4 md5 sha mdc2 hmac ripemd \ -- des rc2 rc4 rc5 idea bf cast \ -+ md2 md4 md5 sha hmac ripemd \ -+ des rc2 rc4 bf cast \ - bn ec rsa dsa dh dso engine aes \ - buffer bio stack lhash rand err \ - evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 -@@ -196,10 +197,10 @@ - - MAKEFILE= Makefile - --MANDIR=$(OPENSSLDIR)/man -+MANDIR=/usr/share/man - MAN1=1 - MAN3=3 --MANSUFFIX= -+MANSUFFIX=ssl - SHELL=/bin/sh - - TOP= . -@@ -211,7 +212,7 @@ - SHARED_CRYPTO=libcrypto$(SHLIB_EXT) - SHARED_SSL=libssl$(SHLIB_EXT) - SHARED_LIBS= --SHARED_LIBS_LINK_EXTS= -+SHARED_LIBS_LINK_EXTS=.so - SHARED_LDFLAGS= - - GENERAL= Makefile -@@ -826,7 +827,7 @@ - do \ - if [ -f "$$i" ]; then \ - ( echo installing $$i; \ -- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -+ cp -d $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ - if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ - : ; \ - else \ ---- openssl097-0.9.7g.orig/Makefile.org -+++ openssl097-0.9.7g/Makefile.org -@@ -57,6 +57,7 @@ - # equal 4. - # PKCS1_CHECK - pkcs1 tests. - -+#TOP=$(shell pwd) - CC= gcc - #CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM - CFLAG= -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -@@ -175,7 +176,7 @@ - # we might set SHLIB_MARK to '$(SHARED_LIBS)'. - SHLIB_MARK= - --DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps test tools -+DIRS= crypto fips ssl $(SHLIB_MARK) sigs apps doc tools - SHLIBDIRS= crypto ssl - - # dirs in crypto to build -@@ -194,10 +195,10 @@ - - MAKEFILE= Makefile - --MANDIR=$(OPENSSLDIR)/man -+MANDIR=/usr/share/man - MAN1=1 - MAN3=3 --MANSUFFIX= -+MANSUFFIX=ssl - SHELL=/bin/sh - - TOP= . -@@ -824,7 +825,7 @@ - do \ - if [ -f "$$i" ]; then \ - ( echo installing $$i; \ -- cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ -+ cp -d $$i $(INSTALL_PREFIX)$(INSTALLTOP)/lib/$$i.new; \ - if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ - : ; \ - else \ ---- openssl097-0.9.7g.orig/os2/backwardify.pl -+++ openssl097-0.9.7g/os2/backwardify.pl -@@ -1,4 +1,4 @@ --#!/usr/bin/perl -w -+#!/usr/local/bin/perl - use strict; - - # Use as $0 ---- openssl097-0.9.7g.orig/ssl/s23_srvr.c -+++ openssl097-0.9.7g/ssl/s23_srvr.c -@@ -528,9 +528,7 @@ - } - - s->state=SSL2_ST_GET_CLIENT_HELLO_A; -- if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || -- use_sslv2_strong || -- (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)) -+ if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3) - s->s2->ssl2_rollback=0; - else - /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 ---- openssl097-0.9.7g.orig/ssl/ssl_algs.c -+++ openssl097-0.9.7g/ssl/ssl_algs.c -@@ -109,3 +109,8 @@ - return(1); - } - -+#undef SSLeay_add_ssl_algorithms -+int SSLeay_add_ssl_algorithms(void) -+ { -+ return SSL_library_init(); -+ } ---- openssl097-0.9.7g.orig/tools/c_rehash -+++ openssl097-0.9.7g/tools/c_rehash -@@ -6,7 +6,7 @@ - - my $openssl; - --my $dir = "/usr/local/ssl"; -+my $dir = "/usr/lib/ssl"; - - if(defined $ENV{OPENSSL}) { - $openssl = $ENV{OPENSSL}; ---- openssl097-0.9.7g.orig/tools/c_rehash.in -+++ openssl097-0.9.7g/tools/c_rehash.in -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -+#!/usr/bin/perl - - - # Perl c_rehash script, scan all files in a directory ---- openssl097-0.9.7g.orig/util/clean-depend.pl -+++ openssl097-0.9.7g/util/clean-depend.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/local/bin/perl - # Clean the dependency list in a makefile of standard includes... - # Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999 - ---- openssl097-0.9.7g.orig/util/extract-names.pl -+++ openssl097-0.9.7g/util/extract-names.pl -@@ -1,4 +1,4 @@ --#!/usr/bin/perl -+#!/usr/local/bin/perl - - $/ = ""; # Eat a paragraph at once. - while(<STDIN>) { ---- openssl097-0.9.7g.orig/util/mkdef.pl -+++ openssl097-0.9.7g/util/mkdef.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/local/bin/perl - # - # generate a .def file - # ---- openssl097-0.9.7g.orig/util/mkerr.pl -+++ openssl097-0.9.7g/util/mkerr.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/local/bin/perl - - my $config = "crypto/err/openssl.ec"; - my $debug = 0; ---- openssl097-0.9.7g.orig/util/mkstack.pl -+++ openssl097-0.9.7g/util/mkstack.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/local/bin/perl - - # This is a utility that searches out "DECLARE_STACK_OF()" - # declarations in .h and .c files, and updates/creates/replaces ---- openssl097-0.9.7g.orig/util/pod2man.pl -+++ openssl097-0.9.7g/util/pod2man.pl -@@ -1,4 +1,4 @@ --: #!/usr/bin/perl-5.005 -+#!/usr/local/bin/perl - eval 'exec /usr/bin/perl -S $0 ${1+"$@"}' - if $running_under_some_shell; - ---- openssl097-0.9.7g.orig/util/selftest.pl -+++ openssl097-0.9.7g/util/selftest.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/local/bin/perl - # - # Run the test suite and generate a report - # ---- openssl097-0.9.7g.orig/VMS/VMSify-conf.pl -+++ openssl097-0.9.7g/VMS/VMSify-conf.pl -@@ -1,4 +1,4 @@ --#! /usr/bin/perl -+#!/usr/local/bin/perl - - use strict; - use warnings; ---- openssl097-0.9.7g.orig/debian/po/sv.po -+++ openssl097-0.9.7g/debian/po/sv.po -@@ -0,0 +1,61 @@ -+# Translators, if you are not familiar with the PO format, gettext -+# documentation is worth reading, especially sections dedicated to -+# this format, e.g. by running: -+# info -n '(gettext)PO Files' -+# info -n '(gettext)Header Entry' -+# Some information specific to po-debconf are available at -+# /usr/share/doc/po-debconf/README-trans -+# or http://www.debian.org/intl/l10n/po-debconf/README-trans -+# Developers do not need to manually edit POT or PO files. -+# , fuzzy -+# -+# -+msgid "" -+msgstr "" -+"Project-Id-Version: openssl 0.9.7g-2\n" -+"Report-Msgid-Bugs-To: \n" -+"POT-Creation-Date: 2004-03-22 18:34+0100\n" -+"PO-Revision-Date: 2005-09-28 19:22-0700\n" -+"Last-Translator: Daniel Nylander <po@danielnylander.se>\n" -+"Language-Team: Swedish <sv@li.org>\n" -+"MIME-Version: 1.0\n" -+"Content-Type: text/plain; charset=iso-8859-1\n" -+"Content-Transfer-Encoding: 8bit" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "Which services should be restarted to make them use the new libraries?" -+msgstr "Vilka tjänster ska startas om för att få dom att använda de nya biblioteken?" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Security holes were fixed with this release. Services may not use these " -+"fixes until they are restarted. Note: restarting sshd should not affect any " -+"existing connections." -+msgstr "" -+"Säkerhetshålen fixades i denna versionen. Tjänster kommer inte att använda denna version förrän de har startats om. Notera: startar du om sshd kommer inte fixen aktiveras för redan etablerade anslutningar." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Following is a list of detected services that need to be restarted. Please " -+"correct the list, if you think it is incorrect. The services names must be " -+"identical to the script names in /etc/init.d and must be separated by " -+"spaces. If you clear the list, no services will be restarted." -+msgstr "" -+"Följande är en lista på upptäcka tjänster som behöver startas om. Vänligen undersök listan och du tror den är felaktig. Namnen på tjänsterna måste vara identiska som skriptnamnen i /etc/init.d och måste separeras med mellanslag. Om du rensar listan kommer inga tjänster att startas om." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"If other services begin to fail mysteriously after this upgrade, it may be " -+"necessary to restart them too. We strongly recommend you to reboot your " -+"machine to avoid the SSL related trouble." -+msgstr "" -+"Om andra tjänster börjar att få underliga problem efter denna uppgradering kanske de måste startas om också. Vi rekommenderar att du startar om din maskin för att inte få SSL-relaterade problem." -+ ---- openssl097-0.9.7g.orig/debian/po/templates.pot -+++ openssl097-0.9.7g/debian/po/templates.pot -@@ -0,0 +1,59 @@ -+# -+# Translators, if you are not familiar with the PO format, gettext -+# documentation is worth reading, especially sections dedicated to -+# this format, e.g. by running: -+# info -n '(gettext)PO Files' -+# info -n '(gettext)Header Entry' -+# -+# Some information specific to po-debconf are available at -+# /usr/share/doc/po-debconf/README-trans -+# or http://www.debian.org/intl/l10n/po-debconf/README-trans -+# -+# Developers do not need to manually edit POT or PO files. -+# -+#, fuzzy -+msgid "" -+msgstr "" -+"Project-Id-Version: PACKAGE VERSION\n" -+"Report-Msgid-Bugs-To: \n" -+"POT-Creation-Date: 2004-03-22 18:34+0100\n" -+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -+"Language-Team: LANGUAGE <LL@li.org>\n" -+"MIME-Version: 1.0\n" -+"Content-Type: text/plain; charset=CHARSET\n" -+"Content-Transfer-Encoding: 8bit\n" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "Which services should be restarted to make them use the new libraries?" -+msgstr "" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Security holes were fixed with this release. Services may not use these " -+"fixes until they are restarted. Note: restarting sshd should not affect any " -+"existing connections." -+msgstr "" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Following is a list of detected services that need to be restarted. Please " -+"correct the list, if you think it is incorrect. The services names must be " -+"identical to the script names in /etc/init.d and must be separated by " -+"spaces. If you clear the list, no services will be restarted." -+msgstr "" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"If other services begin to fail mysteriously after this upgrade, it may be " -+"necessary to restart them too. We strongly recommend you to reboot your " -+"machine to avoid the SSL related trouble." -+msgstr "" ---- openssl097-0.9.7g.orig/debian/po/ca.po -+++ openssl097-0.9.7g/debian/po/ca.po -@@ -0,0 +1,59 @@ -+# openssl (debconf) translation to Catalan. -+# Copyright (C) 2004 Free Software Foundation, Inc. -+# Aleix Badia i Bosch <abadia@ica.es>, 2004 -+msgid "" -+msgstr "" -+"Project-Id-Version: openssl_0.9.7d-1_templates\n" -+"Report-Msgid-Bugs-To: \n" -+"POT-Creation-Date: 2004-03-22 18:34+0100\n" -+"PO-Revision-Date: 2004-04-08 19:46GMT\n" -+"Last-Translator: Aleix Badia i Bosch <abadia@ica.es>\n" -+"Language-Team: Catalan <debian-l10n-catalan@lists.debian.org>\n" -+"MIME-Version: 1.0\n" -+"Content-Type: text/plain; charset=UTF-8\n" -+"Content-Transfer-Encoding: 8bit\n" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "Which services should be restarted to make them use the new libraries?" -+msgstr "" -+"Quina serveis s'han de reiniciar perquè utilitzin les noves biblioteques?" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Security holes were fixed with this release. Services may not use these " -+"fixes until they are restarted. Note: restarting sshd should not affect any " -+"existing connections." -+msgstr "" -+"Aquesta versió resol els errors de seguretat. Els serveis no utilitzaran les " -+"correccions fins que no s'hagin reiniciat. Nota: reiniciant l'sshd no " -+"s'afectarà cap connexió existent." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Following is a list of detected services that need to be restarted. Please " -+"correct the list, if you think it is incorrect. The services names must be " -+"identical to the script names in /etc/init.d and must be separated by " -+"spaces. If you clear the list, no services will be restarted." -+msgstr "" -+"És una llista de serveis que s'ha detectat que s'haurien de reiniciar, " -+"corregiu-la si és incorrecta. El nom dels serveis hauria de ser idèntic als " -+"noms de les seqüències del directori /etc/init.d i haurien d'estar separats " -+"per espais. Si suprimiu la llista no es reiniciarà cap servei." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"If other services begin to fail mysteriously after this upgrade, it may be " -+"necessary to restart them too. We strongly recommend you to reboot your " -+"machine to avoid the SSL related trouble." -+msgstr "" -+"Si després de l'actualització d'altres serveis fallen de forma inexplicable, " -+"probablement també sigui necessari reiniciar-los. Us recomanem que per " -+"evitar els problemes relacionats amb l'SSL reinicieu l'ordinador." ---- openssl097-0.9.7g.orig/debian/po/da.po -+++ openssl097-0.9.7g/debian/po/da.po -@@ -0,0 +1,70 @@ -+# translation of openssl_0.9.7d-1_templates.po to Danish -+# -+# Translators, if you are not familiar with the PO format, gettext -+# documentation is worth reading, especially sections dedicated to -+# this format, e.g. by running: -+# info -n '(gettext)PO Files' -+# info -n '(gettext)Header Entry' -+# Some information specific to po-debconf are available at -+# /usr/share/doc/po-debconf/README-trans -+# or http://www.debian.org/intl/l10n/po-debconf/README-trans# -+# Developers do not need to manually edit POT or PO files. -+# Claus Hindsgaul <claus_h@image.dk>, 2004. -+# -+msgid "" -+msgstr "" -+"Project-Id-Version: openssl_0.9.7d-1_templates\n" -+"Report-Msgid-Bugs-To: \n" -+"POT-Creation-Date: 2004-03-22 18:34+0100\n" -+"PO-Revision-Date: 2004-04-02 16:08+0200\n" -+"Last-Translator: Claus Hindsgaul <claus_h@image.dk>\n" -+"Language-Team: Danish <dansk@klid.dk>\n" -+"MIME-Version: 1.0\n" -+"Content-Type: text/plain; charset=ISO-8859-1\n" -+"Content-Transfer-Encoding: 8bit\n" -+"X-Generator: KBabel 1.3.1\n" -+"Plural-Forms: nplurals=2; plural=(n != 1);\n" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "Which services should be restarted to make them use the new libraries?" -+msgstr "Hvilke services skal genstartes, så de benytter de nye biblioteker?" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Security holes were fixed with this release. Services may not use these " -+"fixes until they are restarted. Note: restarting sshd should not affect any " -+"existing connections." -+msgstr "" -+"Der lukket nogle sikkerhedshuller i denne version af openssl. Disse huller " -+"bliver ikke lukket i dine services før de er blevet genstartet. Bemærk at " -+"det ikke vil påvirke eksisterende forbindelser at genstarte ssh." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Following is a list of detected services that need to be restarted. Please " -+"correct the list, if you think it is incorrect. The services names must be " -+"identical to the script names in /etc/init.d and must be separated by " -+"spaces. If you clear the list, no services will be restarted." -+msgstr "" -+"Herunder ser du en liste over fundne services, som bør genstartes. Ret " -+"listen, hvis du mener at den ikke er korrekt. Servicenavnene skal være " -+"identiske med skriptnavnene i /etc/init.d, og skal adskilles med mellemrum. " -+"Hvis du sletter listen, vil ingen services blive genstartet." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"If other services begin to fail mysteriously after this upgrade, it may be " -+"necessary to restart them too. We strongly recommend you to reboot your " -+"machine to avoid the SSL related trouble." -+msgstr "" -+"Hvis andre services begynder at fejle på mystisk vis efter denne " -+"opgradering, kan det være nødvendigt også at genstarte disse. Vi anbefaler " -+"dig kraftigt at genstarte din maskine for at undgå SSL-relaterede problemer." ---- openssl097-0.9.7g.orig/debian/po/cs.po -+++ openssl097-0.9.7g/debian/po/cs.po -@@ -0,0 +1,68 @@ -+# -+# Translators, if you are not familiar with the PO format, gettext -+# documentation is worth reading, especially sections dedicated to -+# this format, e.g. by running: -+# info -n '(gettext)PO Files' -+# info -n '(gettext)Header Entry' -+# -+# Some information specific to po-debconf are available at -+# /usr/share/doc/po-debconf/README-trans -+# or http://www.debian.org/intl/l10n/po-debconf/README-trans -+# -+# Developers do not need to manually edit POT or PO files. -+# -+msgid "" -+msgstr "" -+"Project-Id-Version: openssl\n" -+"Report-Msgid-Bugs-To: \n" -+"POT-Creation-Date: 2004-03-22 18:34+0100\n" -+"PO-Revision-Date: 2004-09-26 17:40+0200\n" -+"Last-Translator: Miroslav Kure <kurem@debian.cz>\n" -+"Language-Team: Czech <provoz@debian.cz>\n" -+"MIME-Version: 1.0\n" -+"Content-Type: text/plain; charset=ISO-8859-2\n" -+"Content-Transfer-Encoding: 8bit\n" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "Which services should be restarted to make them use the new libraries?" -+msgstr "Které slu¾by se mají restartovat, aby zaèaly vyu¾ívat nové knihovny?" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Security holes were fixed with this release. Services may not use these " -+"fixes until they are restarted. Note: restarting sshd should not affect any " -+"existing connections." -+msgstr "" -+"V této verzi balíku byly opraveny bezbeènostní chyby. Tyto opravy se v " -+"programech projeví a¾ po jejich restartu. Poznámka: restart sshd by nemìl " -+"ovlivnit stávající spojení." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Following is a list of detected services that need to be restarted. Please " -+"correct the list, if you think it is incorrect. The services names must be " -+"identical to the script names in /etc/init.d and must be separated by " -+"spaces. If you clear the list, no services will be restarted." -+msgstr "" -+"Následuje seznam rozpoznaných slu¾eb, které je tøeba restartovat. Pokud se " -+"vám zdá, ¾e je tento seznam chybný, mù¾ete jej opravit. Názvy slu¾eb musí " -+"být shodné s názvy skriptù v adresáøi /etc/init.d a musí být oddìleny " -+"mezerami. Pokud seznam vyma¾ete, nebude restartována ¾ádná slu¾ba." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"If other services begin to fail mysteriously after this upgrade, it may be " -+"necessary to restart them too. We strongly recommend you to reboot your " -+"machine to avoid the SSL related trouble." -+msgstr "" -+"Jestli¾e po této aktualizaci zaènou selhávat nìkteré slu¾by, mo¾ná bude " -+"nutné je takté¾ restartovat. Abyste se vyhnuli problémùm spojených se SSL, " -+"doporuèujeme restartovat celý poèítaè." ---- openssl097-0.9.7g.orig/debian/po/pt_BR.po -+++ openssl097-0.9.7g/debian/po/pt_BR.po -@@ -0,0 +1,69 @@ -+# -+# Translators, if you are not familiar with the PO format, gettext -+# documentation is worth reading, especially sections dedicated to -+# this format, e.g. by running: -+# info -n '(gettext)PO Files' -+# info -n '(gettext)Header Entry' -+# -+# Some information specific to po-debconf are available at -+# /usr/share/doc/po-debconf/README-trans -+# or http://www.debian.org/intl/l10n/po-debconf/README-trans -+# -+# Developers do not need to manually edit POT or PO files. -+# -+msgid "" -+msgstr "" -+"Project-Id-Version: openssl\n" -+"Report-Msgid-Bugs-To: \n" -+"POT-Creation-Date: 2004-03-22 18:34+0100\n" -+"PO-Revision-Date: 2004-04-04 15:21-0300\n" -+"Last-Translator: André Luís Lopes <andrelop@debian.org>\n" -+"Language-Team: Debian-BR Project <debian-l10n-portuguese@lists.debian.org>\n" -+"MIME-Version: 1.0\n" -+"Content-Type: text/plain; charset=ISO-8859-1\n" -+"Content-Transfer-Encoding: 8bit\n" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "Which services should be restarted to make them use the new libraries?" -+msgstr "Quais serviços devem ser reiniciados para utilizar novas bibliotecas ?" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Security holes were fixed with this release. Services may not use these " -+"fixes until they are restarted. Note: restarting sshd should not affect any " -+"existing connections." -+msgstr "" -+"Falhas de segurança foram corrigidas nesta versão. Alguns serviços podem não " -+"utilizar estas correções até que sejam reiniciados. Note : reiniciar o sshd " -+"não afetará nenhuma conexão já estabelecida." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Following is a list of detected services that need to be restarted. Please " -+"correct the list, if you think it is incorrect. The services names must be " -+"identical to the script names in /etc/init.d and must be separated by " -+"spaces. If you clear the list, no services will be restarted." -+msgstr "" -+"A seguir será exibida uma lista de serviços que foram detectados e que " -+"precisam ser reiniciados. Por favor, corrija a lista caso você tenha certeza " -+"que ela esteja incorreta. Os nomes dos serviços devem ser idênticos aos " -+"nomes dos scripts sob o diretório /etc/init.d e devem estar separados por " -+"espaços. Caso você esvazie a lista, nenhum serviço será reiniciado." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"If other services begin to fail mysteriously after this upgrade, it may be " -+"necessary to restart them too. We strongly recommend you to reboot your " -+"machine to avoid the SSL related trouble." -+msgstr "" -+"Caso outros serviços comecem a falhar misteriosamente após esta atualização, " -+"pode ser necessário reiniciá-los também. Recomendados fortemente que você " -+"reinicie sua máquina para evitar problemas relacionados a SSL." ---- openssl097-0.9.7g.orig/debian/po/es.po -+++ openssl097-0.9.7g/debian/po/es.po -@@ -0,0 +1,85 @@ -+# openssl translation to spanish -+# Copyright (C) 2004 Software in the Public Interest -+# This file is distributed under the same license as the openssl package. -+# -+# Changes: -+# - Initial translation -+# Lucas Wall <kthulhu@kadath.com.ar>, 2004 -+# -+# -+# Traductores, si no conoce el formato PO, merece la pena leer la -+# documentación de gettext, especialmente las secciones dedicadas a este -+# formato, por ejemplo ejecutando: -+# info -n '(gettext)PO Files' -+# info -n '(gettext)Header Entry' -+# -+# Equipo de traducción al español, por favor lean antes de traducir -+# los siguientes documentos: -+# -+# - El proyecto de traducción de Debian al español -+# http://www.debian.org/intl/spanish/coordinacion -+# especialmente las notas de traducción en -+# http://www.debian.org/intl/spanish/notas -+# -+# - La guía de traducción de po's de debconf: -+# /usr/share/doc/po-debconf/README-trans -+# o http://www.debian.org/intl/l10n/po-debconf/README-trans -+# -+msgid "" -+msgstr "" -+"Project-Id-Version: openssl 0.9.7d-3\n" -+"Report-Msgid-Bugs-To: \n" -+"POT-Creation-Date: 2004-03-22 18:34+0100\n" -+"PO-Revision-Date: 2004-06-12 15:23-0300\n" -+"Last-Translator: Lucas Wall <kthulhu@kadath.com.ar>\n" -+"Language-Team: Debian Spanish <debian-l10n-spanish@lists.debian.org>\n" -+"MIME-Version: 1.0\n" -+"Content-Type: text/plain; charset=ISO-8859-15\n" -+"Content-Transfer-Encoding: 8bit\n" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "Which services should be restarted to make them use the new libraries?" -+msgstr "" -+"¿Qué servicios desea reiniciar para que utilicen las nuevas bibliotecas?" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Security holes were fixed with this release. Services may not use these " -+"fixes until they are restarted. Note: restarting sshd should not affect any " -+"existing connections." -+msgstr "" -+"En esta versión se han solucionado problemas de seguridad. Los servicios " -+"afectados no gozarán de los arreglos hasta que no se hayan reiniciado. Nota: " -+"reiniciar el servicio «sshd» no afectará ninguna de las conexiones " -+"existentes." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Following is a list of detected services that need to be restarted. Please " -+"correct the list, if you think it is incorrect. The services names must be " -+"identical to the script names in /etc/init.d and must be separated by " -+"spaces. If you clear the list, no services will be restarted." -+msgstr "" -+"Una lista de los servicios que deben ser reiniciados se presenta a " -+"continuación. Si cree que no es correcta haga los ajustes necesarios. Los " -+"nombres de los servicios deben ser iguales a los nombres de los ficheros en " -+"«/etc/init.d» y debe estar separados por espacios. Ningún servicio será " -+"reiniciado si deja la lista en blanco." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"If other services begin to fail mysteriously after this upgrade, it may be " -+"necessary to restart them too. We strongly recommend you to reboot your " -+"machine to avoid the SSL related trouble." -+msgstr "" -+"Si, tras esta actualización, otros servicios comienzan a fallar en forma " -+"misteriosa puede ser necesario reiniciarlos también. Para evitar problemas " -+"relacionados con «SSL» se le recomienda reiniciar su sistema." ---- openssl097-0.9.7g.orig/debian/po/fr.po -+++ openssl097-0.9.7g/debian/po/fr.po -@@ -0,0 +1,69 @@ -+# -+# Translators, if you are not familiar with the PO format, gettext -+# documentation is worth reading, especially sections dedicated to -+# this format, e.g. by running: -+# info -n '(gettext)PO Files' -+# info -n '(gettext)Header Entry' -+# Some information specific to po-debconf are available at -+# /usr/share/doc/po-debconf/README-trans -+# or http://www.debian.org/intl/l10n/po-debconf/README-trans# -+# Developers do not need to manually edit POT or PO files. -+# -+msgid "" -+msgstr "" -+"Project-Id-Version: openssl_0.9.7c-5\n" -+"Report-Msgid-Bugs-To: \n" -+"POT-Creation-Date: 2004-03-22 18:34+0100\n" -+"PO-Revision-Date: 2003-10-22 21:37+0200\n" -+"Last-Translator: Michel Grentzinger <mic.grentz@online.fr>\n" -+"Language-Team: French <debian-l10n-french@lists.debian.org>\n" -+"MIME-Version: 1.0\n" -+"Content-Type: text/plain; charset=ISO-8859-15\n" -+"Content-Transfer-Encoding: 8bit\n" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "Which services should be restarted to make them use the new libraries?" -+msgstr "Services à redémarrer afin d'utiliser les nouvelles bibliothèques" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Security holes were fixed with this release. Services may not use these " -+"fixes until they are restarted. Note: restarting sshd should not affect any " -+"existing connections." -+msgstr "" -+"Des failles de sécurité on été corrigées dans cette version. Les services ne " -+"devraient pas utiliser ces correctifs tant qu'ils n'auront pas été " -+"redémarrés. Note : le redémarrage de sshd n'affectera aucune connexion " -+"existante." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Following is a list of detected services that need to be restarted. Please " -+"correct the list, if you think it is incorrect. The services names must be " -+"identical to the script names in /etc/init.d and must be separated by " -+"spaces. If you clear the list, no services will be restarted." -+msgstr "" -+"La liste suivante recense tous les services devant être redémarrés. Veuillez " -+"corriger la liste si vous pensez qu'elle contient des erreurs. Les noms des " -+"services doivent être identiques aux noms des scripts présents dans /etc/" -+"init.d et doivent être séparés par des espaces. Si vous effacez la liste, " -+"aucun service ne sera redémarré." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"If other services begin to fail mysteriously after this upgrade, it may be " -+"necessary to restart them too. We strongly recommend you to reboot your " -+"machine to avoid the SSL related trouble." -+msgstr "" -+"Si d'autres services ne fonctionnent plus correctement après cette mise à " -+"jour, il est sans doute nécessaire de les redémarrer de la même façon. Il " -+"est fortement recommandé de redémarrer votre machine pour éviter les " -+"problèmes liés à SSL." ---- openssl097-0.9.7g.orig/debian/po/nl.po -+++ openssl097-0.9.7g/debian/po/nl.po -@@ -0,0 +1,71 @@ -+# Translators, if you are not familiar with the PO format, gettext
-+# documentation is worth reading, especially sections dedicated to
-+# this format, e.g. by running:
-+# info -n '(gettext)PO Files'
-+# info -n '(gettext)Header Entry'
-+#
-+# Some information specific to po-debconf are available at
-+# /usr/share/doc/po-debconf/README-trans
-+# or http://www.debian.org/intl/l10n/po-debconf/README-trans
-+#
-+# Developers do not need to manually edit POT or PO files.
-+#
-+msgid "" -+msgstr "" -+"Project-Id-Version: openssl 0.9.7d-5\n" -+"Report-Msgid-Bugs-To: \n" -+"POT-Creation-Date: 2004-03-22 18:34+0100\n" -+"PO-Revision-Date: 2004-08-01 18:31+0100\n" -+"Last-Translator: Luk Claes <luk.claes@ugent.be>\n" -+"Language-Team: Debian l10n Dutch <debian-l10n-dutch@lists.debian.org>\n" -+"MIME-Version: 1.0\n" -+"Content-Type: text/plain; charset=iso-8859-1\n" -+"Content-Transfer-Encoding: 8bit\n" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "Which services should be restarted to make them use the new libraries?" -+msgstr "" -+"Welke diensten moeten herstart worden om ze de nieuwe bibliotheken te laten " -+"gebruiken?" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Security holes were fixed with this release. Services may not use these " -+"fixes until they are restarted. Note: restarting sshd should not affect any " -+"existing connections." -+msgstr "" -+"Er zijn veiligheidslekken gedicht in deze release. Diensten gebruiken deze " -+"versie misschien niet totdat ze herstart zijn. Merk op: sshd herstarten zou " -+"geen effect mogen hebben op bestaande verbindingen." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Following is a list of detected services that need to be restarted. Please " -+"correct the list, if you think it is incorrect. The services names must be " -+"identical to the script names in /etc/init.d and must be separated by " -+"spaces. If you clear the list, no services will be restarted." -+msgstr "" -+"Hierna volgt een lijst van gedetecteerde diensten die herstart moeten " -+"worden. Verbeter de lijst, als u denkt dat ze incorrect is. De namen moeten " -+"overeenkomen met de script-namen in /etc/init.d en moeten gescheiden worden " -+"door spaties. Als u de lijst ledigt, dan zullen er geen diensten worden " -+"herstart." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"If other services begin to fail mysteriously after this upgrade, it may be " -+"necessary to restart them too. We strongly recommend you to reboot your " -+"machine to avoid the SSL related trouble." -+msgstr "" -+"Als er andere diensten mysterieus beginnen te falen na deze opwaardering, " -+"kan het nodig zijn om ze ook te herstarten. Er wordt u ten zeerste " -+"aanbevolen uw machine te herstarten om SSL-gerelateerde problemen te " -+"vermijden." ---- openssl097-0.9.7g.orig/debian/po/ja.po -+++ openssl097-0.9.7g/debian/po/ja.po -@@ -0,0 +1,69 @@ -+# -+# Translators, if you are not familiar with the PO format, gettext -+# documentation is worth reading, especially sections dedicated to -+# this format, e.g. by running: -+# info -n '(gettext)PO Files' -+# info -n '(gettext)Header Entry' -+# -+# Some information specific to po-debconf are available at -+# /usr/share/doc/po-debconf/README-trans -+# or http://www.debian.org/intl/l10n/po-debconf/README-trans -+# -+# Developers do not need to manually edit POT or PO files. -+# -+# -+msgid "" -+msgstr "" -+"Project-Id-Version: openssl 0.9.7d-1\n" -+"Report-Msgid-Bugs-To: \n" -+"POT-Creation-Date: 2004-03-22 18:34+0100\n" -+"PO-Revision-Date: 2004-03-24 23:41+0900\n" -+"Last-Translator: Hideki Yamane <henrich@samba.gr.jp>\n" -+"Language-Team: Japanese <debian-japanese@lists.debian.org>\n" -+"MIME-Version: 1.0\n" -+"Content-Type: text/plain; charset=EUC-JP\n" -+"Content-Transfer-Encoding: 8bit\n" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "Which services should be restarted to make them use the new libraries?" -+msgstr "¤É¤Î¥µ¡¼¥Ó¥¹¤ò¿·¤·¤¤¥é¥¤¥Ö¥é¥ê¤ò»È¤¦¤¿¤á¤ËºÆµ¯Æ°¤·¤Þ¤¹¤«?" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Security holes were fixed with this release. Services may not use these " -+"fixes until they are restarted. Note: restarting sshd should not affect any " -+"existing connections." -+msgstr "" -+"º£²ó¤Î¥ê¥ê¡¼¥¹¤Ç¥»¥¥å¥ê¥Æ¥£¥Û¡¼¥ë¤¬½¤Àµ¤µ¤ì¤Þ¤·¤¿¡£³Æ¥µ¡¼¥Ó¥¹¤ÏºÆµ¯Æ°¤ò¹Ô¤¦" -+"¤Þ¤Ç¤³¤Î½¤Àµ¤µ¤ì¤¿¥é¥¤¥Ö¥é¥ê¤òÍøÍѤ·¤Þ¤»¤ó¡£Ãí°Õ: sshd ¤ÎºÆµ¯Æ°¤Ï¸½¾õ¤ÎÀܳ¤Ë" -+"¤Ï²¿¤é±Æ¶Á¤·¤Þ¤»¤ó¡£" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Following is a list of detected services that need to be restarted. Please " -+"correct the list, if you think it is incorrect. The services names must be " -+"identical to the script names in /etc/init.d and must be separated by " -+"spaces. If you clear the list, no services will be restarted." -+msgstr "" -+"°Ê²¼¤¬ºÆµ¯Æ°¤¬É¬ÍפÀ¤ÈȽÃǤµ¤ì¤¿¥µ¡¼¥Ó¥¹¤Î¥ê¥¹¥È¤Ç¤¹¡£´Ö°ã¤Ã¤Æ¤¤¤ë¤È»×¤Ã¤¿¤é" -+"½¤Àµ¤·¤Æ¤¯¤À¤µ¤¤¡£¥µ¡¼¥Ó¥¹Ì¾¤Ï /etc/init.d ¤Ë¤¢¤ë¥¹¥¯¥ê¥×¥È¤Î̾Á°¤ò»Ø¤·¡¢¶õÇò" -+"¤Ç¶èÀÚ¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£¥ê¥¹¥È¤¬¶õ¤Î¾ì¹ç¤Ï¡¢¥µ¡¼¥Ó¥¹¤ÎºÆµ¯Æ°¤ÏɬÍפ¢¤ê¤Þ¤»" -+"¤ó¡£" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"If other services begin to fail mysteriously after this upgrade, it may be " -+"necessary to restart them too. We strongly recommend you to reboot your " -+"machine to avoid the SSL related trouble." -+msgstr "" -+"¾¤Î¥µ¡¼¥Ó¥¹¤¬¤³¤³¤Ç¤Î¥¢¥Ã¥×¥°¥ì¡¼¥É¤Î¸å¤Ë²¿¸Î¤«¥¨¥é¡¼¤òµ¯¤³¤·»Ï¤á¤¿¾ì¹ç¡¢¤½" -+"¤ì¤é¤âºÆµ¯Æ°¤¹¤ëɬÍפ¬¤¢¤ê¤Þ¤¹¡£SSL ´ØÏ¢¤Î¥È¥é¥Ö¥ë¤òÈò¤±¤ë¤¿¤á¤Ë¥Þ¥·¥ó¤òºÆµ¯" -+"Æ°¤¹¤ë¤Î¤ò¶¯¤¯¤ª´«¤á¤·¤Þ¤¹¡£" ---- openssl097-0.9.7g.orig/debian/po/POTFILES.in -+++ openssl097-0.9.7g/debian/po/POTFILES.in -@@ -0,0 +1 @@ -+[type: gettext/rfc822deb] libssl0.9.7.templates ---- openssl097-0.9.7g.orig/debian/po/vi.po -+++ openssl097-0.9.7g/debian/po/vi.po -@@ -0,0 +1,61 @@ -+# Vietnamese translation for openssl. -+# Copyright © 2005 Free Software Foundation, Inc. -+# Clytie Siddall <clytie@riverland.net.au>, 2005. -+# -+msgid "" -+msgstr "" -+"Project-Id-Version: openssl 0.9.7g-1\n" -+"Report-Msgid-Bugs-To: \n" -+"POT-Creation-Date: 2004-03-22 18:34+0100\n" -+"PO-Revision-Date: 2005-07-03 12:49+0930\n" -+"Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n" -+"Language-Team: Vietnamese <gnomevi-list@lists.sourceforge.net>\n" -+"MIME-Version: 1.0\n" -+"Content-Type: text/plain; charset=utf-8\n" -+"Content-Transfer-Encoding: 8bit\n" -+"Plural-Forms: nplurals=1; plural=0\n" -+"X-Generator: LocFactoryEditor 1.2.2\n" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "Which services should be restarted to make them use the new libraries?" -+msgstr "Äể dùng những thÆ° viên má»›i, cần phải khởi chạy lại dịch vụ nà o?" -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Security holes were fixed with this release. Services may not use these " -+"fixes until they are restarted. Note: restarting sshd should not affect any " -+"existing connections." -+msgstr "" -+"Phiên bản phát hà nh nà y đã sá»a má»™t số lá»— hổng bảo máºt rồi. Dịch vụ sẽ dùng " -+"mã đã sá»a chỉ sau khi khởi chạy lại thôi. Ghi chú: khởi chạy lại sshd nên " -+"không là m ảnh hưởng đến sá»± kết nối hiện thá»i nà o." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"Following is a list of detected services that need to be restarted. Please " -+"correct the list, if you think it is incorrect. The services names must be " -+"identical to the script names in /etc/init.d and must be separated by " -+"spaces. If you clear the list, no services will be restarted." -+msgstr "" -+"Theo đây có má»™t danh sách dịch vụ đã phát hiện mà cần phải khởi chạy lại. " -+"Bạn hãy sá»a danh sách nếu chÆ°a đúng. Tên dịch vụ phải là cùng má»™t tên vá»›i " -+"tên táºp lệnh trong «/etc/init.d», những tên định giá»›i bằng dấu cách. Nếu bạn " -+"xóa hết danh sách thì sẽ không khởi chạy lại dịch vụ nà o." -+ -+#. Type: string -+#. Description -+#: ../libssl0.9.7.templates:3 -+msgid "" -+"If other services begin to fail mysteriously after this upgrade, it may be " -+"necessary to restart them too. We strongly recommend you to reboot your " -+"machine to avoid the SSL related trouble." -+msgstr "" -+"Nếu dịch vụ khác má»›i bị lá»—i má»™t cách lạ sau việc nâng cấp nà y, có lẽ bạn " -+"cÅ©ng cần phải khởi chạy lại chúng. Khuyến khÃch nặng bạn khởi Ä‘á»™ng máy nà y " -+"để tránh lá»—i liên quan đến SSL." ---- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.docs -+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.docs -@@ -0,0 +1 @@ -+demos ---- openssl097-0.9.7g.orig/debian/control -+++ openssl097-0.9.7g/debian/control -@@ -0,0 +1,27 @@ -+Source: openssl097 -+Build-Depends: debhelper (>= 4.2.0), binutils (>= 2.14.90.0.7), zlib1g-dev -+Section: utils -+Priority: optional -+Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org> -+Uploaders: Christoph Martin <christoph.martin@uni-mainz.de>, Kurt Roeckx <kurt@roeckx.be> -+Standards-Version: 3.6.1 -+ -+Package: libssl0.9.7 -+Section: oldlibs -+Priority: important -+Architecture: any -+Depends: ${shlibs:Depends}, ${misc:Depends} -+Conflicts: ssleay (<< 0.9.2b), libssl, openssl (<< 0.9.6-2), libssl096-dev (<< 0.9.6-2) -+Description: SSL shared libraries -+ libssl and libcrypto shared libraries needed by programs like -+ apache-ssl, telnet-ssl and openssh. -+ . -+ It is part of the OpenSSL implementation of SSL. -+ -+Package: libssl0.9.7-dbg -+Section: libdevel -+Priority: extra -+Architecture: any -+Depends: libssl0.9.7 (= ${Source-Version}) -+Description: Symbol tables for libssl and libcrypt -+ This package is part of the OpenSSL implementation of SSL. ---- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.prerm -+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.prerm -@@ -0,0 +1,3 @@ -+#!/bin/sh -e -+ -+#DEBHELPER# ---- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.postinst -+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.postinst -@@ -0,0 +1,3 @@ -+#!/bin/sh -e -+ -+#DEBHELPER# ---- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.files -+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.files -@@ -0,0 +1,9 @@ -+usr/lib/libssl.so -+usr/lib/libcrypto.so -+usr/lib/libssl.a -+usr/lib/libcrypto.a -+usr/lib/libssl_pic.a -+usr/lib/libcrypto_pic.a -+usr/lib/pkgconfig/openssl.pc -+usr/include -+usr/share/man/man3 ---- openssl097-0.9.7g.orig/debian/libssl0.9.7.templates -+++ openssl097-0.9.7g/debian/libssl0.9.7.templates -@@ -0,0 +1,15 @@ -+Template: libssl0.9.7/restart-services -+Type: string -+_Description: Which services should be restarted to make them use the new libraries? -+ Security holes were fixed with this release. Services may not use these -+ fixes until they are restarted. Note: restarting sshd should not affect any -+ existing connections. -+ . -+ Following is a list of detected services that need to be restarted. Please -+ correct the list, if you think it is incorrect. The services names must be -+ identical to the script names in /etc/init.d and must be separated by -+ spaces. If you clear the list, no services will be restarted. -+ . -+ If other services begin to fail mysteriously after this upgrade, it may be -+ necessary to restart them too. We strongly recommend you to reboot your -+ machine to avoid the SSL related trouble. ---- openssl097-0.9.7g.orig/debian/libssl0.9.7-dev.dirs -+++ openssl097-0.9.7g/debian/libssl0.9.7-dev.dirs -@@ -0,0 +1,3 @@ -+usr/lib -+usr/share/doc/libssl0.9.7-dev -+usr/share/man ---- openssl097-0.9.7g.orig/debian/README.optimization -+++ openssl097-0.9.7g/debian/README.optimization -@@ -0,0 +1,32 @@ -+openssl ships optimized libraries for some cpus. The loading of these -+libraries depends on the ability of the dynamic linker to automaticly -+search additional directories depending on the cpu. If you want to -+find out which are these directories for your computer, run the -+following command: -+ -+LD_LIBRARY_PATH=/usr/lib strace true 2>&1 | fgrep "open(\"/usr/lib" -+ -+On a Pentium III this gives: -+ -+open("/usr/lib/i686/mmx/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) -+open("/usr/lib/i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) -+open("/usr/lib/mmx/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) -+open("/usr/lib/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory) -+ -+Following is a list of cpus, library paths and possible optimizations: -+ -+486 /usr/lib/i486 -march=i486 -mcpu=i486 +asm -+Pentium /usr/lib/i586 -march=i586 -mcpu=i586 +asm -+Pentium MMX /usr/lib/i586 -march=i586 -mcpu=i586 +asm -+Pentium II /usr/lib/i686 -march=i686 -mcpu=i686 +asm -+Pentium III /usr/lib/i686 -march=i686 -mcpu=i686 +asm -+AMD-K6 /usr/lib/i586 -march=i586 -mcpu=i586 +asm -+AMD-K7 /usr/lib/i686 -march=i686 -mcpu=i686 +asm -+ -+Sparc v8 /usr/lib/v8 -mcpu=v8 +asm -+Sparc v9 /usr/lib/v9 -mcpu=v9 -Wa,-Av8plus +asm -+ -+Alpha EV4 /usr/lib/ev4 -mcpu=ev4 -+Alpha EV5 /usr/lib/ev5 -mcpu=ev5 -+ -++asm means that the handcrafted 586 assembler routines can be used. ---- openssl097-0.9.7g.orig/debian/libssl0.9.7.dirs -+++ openssl097-0.9.7g/debian/libssl0.9.7.dirs -@@ -0,0 +1,2 @@ -+usr/lib -+usr/share/doc/libssl0.9.7 ---- openssl097-0.9.7g.orig/debian/libssl0.9.7.files -+++ openssl097-0.9.7g/debian/libssl0.9.7.files -@@ -0,0 +1,3 @@ -+usr/lib/*.so.*.*.* -+usr/lib/*/*.so.*.*.* -+usr/lib/i686/cmov/*.so.*.*.* ---- openssl097-0.9.7g.orig/debian/changelog -+++ openssl097-0.9.7g/debian/changelog -@@ -0,0 +1,689 @@ -+openssl097 (0.9.7g-5) unstable; urgency=medium -+ -+ * Add the shlibs for libcrypto again, removed by accident. -+ * Change priority of -dbg package to extra. -+ * Remove the libssl0.9.7-dev package. -+ * Add security patch for CAN-2005-2969, setting urgency to medium. -+ -+ -- Kurt Roeckx <kurt@roeckx.be> Wed, 12 Oct 2005 21:07:19 +0200 -+ -+openssl097 (0.9.7g-4) unstable; urgency=low -+ -+ * Reintroduce openssl 0.9.7 source package to provide the old -+ library version. This should make packages linked against -+ the old version installable again. (Closes: #332892) -+ * Drop the openssl and libcrypto0.9.7-udeb package. -+ * Rename libssl-dev to libssl0.9.7-dev. -+ * Add myself to the Uploaders field. -+ -+ -- Kurt Roeckx <kurt@roeckx.be> Mon, 10 Oct 2005 18:38:30 +0200 -+ -+openssl (0.9.7g-3) unstable; urgency=low -+ -+ * change Configure line for debian-freebsd-i386 to debian-kfreebsd-i386 -+ (closes: #327692) -+ * include -dbg version. That implies compiling with -g and without -+ -fomit-frame-pointer (closes: #293823, #153811) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 23 Sep 2005 13:51:57 +0200 -+ -+openssl (0.9.7g-2) unstable; urgency=low -+ -+ * really include nl translation -+ * remove special ia64 code from rc4 code to make the abi compatible to -+ older 0.9.7 versions (closes: #310489, #309274) -+ * fix compile flag for debian-ppc64 (closes: #318750) -+ * small fix in libssl0.9.7.postinst (closes: #239956) -+ * fix pk7_mime.c to prevent garbled messages because of to early memory -+ free (closes: #310184) -+ * include vietnamese debconf translation (closes: #316689) -+ * make optimized i386 libraries have non executable stack (closes: -+ #321721) -+ * remove leftover files from ssleay -+ * move from dh_installmanpages to dh_installman -+ * change Maintainer to pkg-openssl-devel@lists.alioth.debian.org -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 7 Sep 2005 15:32:54 +0200 -+ -+openssl (0.9.7g-1) unstable; urgency=low -+ -+ * New upstream release -+ * Added support for proxy certificates according to RFC 3820. -+ Because they may be a security thread to unaware applications, -+ they must be explicitely allowed in run-time. See -+ docs/HOWTO/proxy_certificates.txt for further information. -+ * Prompt for pass phrases when appropriate for PKCS12 input format. -+ * Back-port of selected performance improvements from development -+ branch, as well as improved support for PowerPC platforms. -+ * Add lots of checks for memory allocation failure, error codes to indicate -+ failure and freeing up memory if a failure occurs. -+ * Perform some character comparisons of different types in X509_NAME_cmp: -+ this is needed for some certificates that reencode DNs into UTF8Strings -+ (in violation of RFC3280) and can't or wont issue name rollover -+ certificates. -+ * corrected watchfile -+ * added upstream source url (closes: #292904) -+ * fix typo in CA.pl.1 (closes: #290271) -+ * change debian-powerpc64 to debian-ppc64 and adapt the configure -+ options to be the same like upstream (closes: #289841) -+ * include -signcert option in CA.pl usage -+ * compile with zlib-dynamic to use system zlib (closes: #289872) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 9 May 2005 23:32:03 +0200 -+ -+openssl (0.9.7e-3) unstable; urgency=high -+ -+ * really fix der_chop. The fix from -1 was not really included (closes: -+ #281212) -+ * still fixes security problem CAN-2004-0975 etc. -+ - tempfile raise condition in der_chop -+ - Avoid a race condition when CRLs are checked in a multi threaded -+ environment. -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 16 Dec 2004 18:41:29 +0100 -+ -+openssl (0.9.7e-2) unstable; urgency=high -+ -+ * fix perl path in der_chop and c_rehash (closes: #281212) -+ * still fixes security problem CAN-2004-0975 etc. -+ - tempfile raise condition in der_chop -+ - Avoid a race condition when CRLs are checked in a multi threaded -+ environment. -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 14 Nov 2004 20:16:21 +0100 -+ -+openssl (0.9.7e-1) unstable; urgency=high -+ -+ * SECURITY UPDATE: fix insecure temporary file handling -+ * apps/der_chop: -+ - replaced $$-style creation of temporary files with -+ File::Temp::tempfile() -+ - removed unused temporary file name in do_certificate() -+ * References: -+ CAN-2004-0975 (closes: #278260) -+ * fix ASN1_STRING_to_UTF8 with UTF8 (closes: #260357) -+ * New upstream release with security fixes -+ - Avoid a race condition when CRLs are checked in a multi threaded -+ environment. -+ - Various fixes to s3_pkt.c so alerts are sent properly. -+ - Reduce the chances of duplicate issuer name and serial numbers (in -+ violation of RFC3280) using the OpenSSL certificate creation -+ utilities. -+ * depends openssl on perl-base instead of perl (closes: #280225) -+ * support powerpc64 in Configure (closes: #275224) -+ * include cs translation (closes: #273517) -+ * include nl translation (closes: #272479) -+ * Fix default dir of c_rehash (closes: #253126) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 12 Nov 2004 14:11:15 +0100 -+ -+openssl (0.9.7d-5) unstable; urgency=low -+ -+ * Make S/MIME encrypt work again (backport from CVS) (closes: #241407, -+ #241386) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 26 Jul 2004 17:22:42 +0200 -+ -+openssl (0.9.7d-4) unstable; urgency=low -+ -+ * add Catalan translation (closes: #248749) -+ * add Spanish translation (closes: #254561) -+ * include NMU fixes: see below -+ * decrease optimisation level for debian-arm to work around gcc bug -+ (closes: #253848) (thanks to Steve Langasek and Thom May) -+ * Add libcrypto0.9.7-udeb. (closes: #250010) (thanks to Bastian Blank) -+ * Add watchfile -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 14 Jul 2004 14:31:02 +0200 -+ -+openssl (0.9.7d-3) unstable; urgency=low -+ -+ * rename -pic.a libraries to _pic.a (closes: #250016) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 24 May 2004 17:02:29 +0200 -+ -+openssl (0.9.7d-2) unstable; urgency=low -+ -+ * include PIC libs (libcrypto-pic.a and libssl-pic.a) to libssl-dev -+ (closes: #246928, #243999) -+ * add racoon to restart list (closes: #242652) -+ * add Brazilian, Japanese and Danish translations (closes: #242087, -+ #241830, #241705) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 11 May 2004 10:13:49 +0200 -+ -+openssl (0.9.7d-1) unstable; urgency=high -+ -+ * new upstream -+ * fixes security holes (http://www.openssl.org/news/secadv_20040317.txt) -+ (closes: #238661) -+ * includes support for debian-amd64 (closes: #235551, #232310) -+ * fix typo in pem.pod (closes: #219873) -+ * fix typo in libssl0.9.7.templates (closes: #224690) -+ * openssl suggests ca-certificates (closes: #217180) -+ * change debconf template to gettext format (closes: #219013) -+ * include french debconf template (closes: #219014) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 18 Mar 2004 16:18:43 +0100 -+ -+openssl (0.9.7c-5) unstable; urgency=low -+ -+ * include openssl.pc into libssl-dev (closes: #212545) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 16 Oct 2003 16:31:32 +0200 -+ -+openssl (0.9.7c-4) unstable; urgency=low -+ -+ * change question to restart services to debconf (closes: #214840) -+ * stop using dh_undocumented (closes: #214831) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 10 Oct 2003 15:40:48 +0200 -+ -+openssl (0.9.7c-3) unstable; urgency=low -+ -+ * fix POSIX conformance for head in libssl0.9.7.postinst (closes: -+ #214700) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 8 Oct 2003 14:02:38 +0200 -+ -+openssl (0.9.7c-2) unstable; urgency=low -+ -+ * add filerc macro to libssl0.9.7.postinst (closes: #213906) -+ * restart spamassassins spamd on upgrade (closes: #214106) -+ * restart more services on upgrade -+ * fix EVP_BytesToKey manpage (closes: #213715) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 7 Oct 2003 15:01:32 +0200 -+ -+openssl (0.9.7c-1) unstable; urgency=high -+ -+ * upstream security fix (closes: #213451) -+ - Fix various bugs revealed by running the NISCC test suite: -+ Stop out of bounds reads in the ASN1 code when presented with -+ invalid tags (CAN-2003-0543 and CAN-2003-0544). -+ Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545). -+ If verify callback ignores invalid public key errors don't try to check -+ certificate signature with the NULL public key. -+ - In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate -+ if the server requested one: as stated in TLS 1.0 and SSL 3.0 -+ specifications. -+ * more minor upstream bugfixes -+ * fix formatting in c_issuer (closes: #190026) -+ * fix Debian-FreeBSD support (closes: #200381) -+ * restart some services in postinst to make them use the new libraries -+ * remove duplicated openssl.1, crypto.3 and ssl.3 (closes: #198594) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 1 Oct 2003 08:54:27 +0200 -+ -+openssl (0.9.7b-2) unstable; urgency=high -+ -+ * fix permission of /etc/ssl/private to 700 again -+ * change section of libssl-dev to libdevel -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 23 Apr 2003 11:13:24 +0200 -+ -+openssl (0.9.7b-1) unstable; urgency=high -+ -+ * upstream security fix -+ - Countermeasure against the Klima-Pokorny-Rosa extension of -+ Bleichbacher's attack on PKCS #1 v1.5 padding: treat -+ a protocol version number mismatch like a decryption error -+ in ssl3_get_client_key_exchange (ssl/s3_srvr.c). (CAN-2003-0131) -+ (closes: #189087) -+ - Turn on RSA blinding by default in the default implementation -+ to avoid a timing attack. Applications that don't want it can call -+ RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING. -+ They would be ill-advised to do so in most cases. (CAN-2003-0147) -+ - Change RSA blinding code so that it works when the PRNG is not -+ seeded (in this case, the secret RSA exponent is abused as -+ an unpredictable seed -- if it is not unpredictable, there -+ is no point in blinding anyway). Make RSA blinding thread-safe -+ by remembering the creator's thread ID in rsa->blinding and -+ having all other threads use local one-time blinding factors -+ (this requires more computation than sharing rsa->blinding, but -+ avoids excessive locking; and if an RSA object is not shared -+ between threads, blinding will still be very fast). -+ for more details see the CHANGES file -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 16 Apr 2003 10:32:57 +0200 -+ -+openssl (0.9.7a-1) unstable; urgency=high -+ -+ * upstream Security fix -+ - In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked -+ via timing by performing a MAC computation even if incorrrect -+ block cipher padding has been found. This is a countermeasure -+ against active attacks where the attacker has to distinguish -+ between bad padding and a MAC verification error. (CAN-2003-0078) -+ for more details see the CHANGES file -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 21 Feb 2003 22:39:40 +0100 -+ -+openssl (0.9.7-4) unstable; urgency=low -+ -+ * use DH_COMPAT=3 to build -+ * move i686 to i686/cmov to fix problems on Via C3. For that to work we -+ have to depend on the newest libc6 on i386 (closes: #177891) -+ * fix bug in ui_util.c (closes: #177615) -+ * fix typo in md5.h (closes: #178112) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 24 Jan 2003 10:22:56 +0100 -+ -+openssl (0.9.7-3) unstable; urgency=low -+ -+ * enable build of ultrasparc code on non ultrasparc machines (closes: -+ #177024) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 17 Jan 2003 08:22:13 +0100 -+ -+openssl (0.9.7-2) unstable; urgency=low -+ -+ * include changes between 0.9.6g-9 and -10 -+ * fix problem in build-process on i386 with libc6 version number -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 13 Jan 2003 14:26:56 +0100 -+ -+openssl (0.9.7-1) unstable; urgency=low -+ -+ * new upstream -+ * includes engine support -+ * a lot of bugfixes and enhancements, see the CHANGES file -+ * include AES encryption -+ * makes preview of certificate configurable (closes: #176059) -+ * fix x509 manpage (closes: #168070) -+ * fix declaration of ERR_load_PEM_string in pem.h (closes: #141360) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 11 Jan 2003 09:12:16 +0100 -+ -+openssl (0.9.6g-10) unstable; urgency=low -+ -+ * fix problem in build-process on i386 with libc6 version number -+ (closes: #167096) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 4 Nov 2002 12:27:21 +0100 -+ -+openssl (0.9.6g-9) unstable; urgency=low -+ -+ * fix typo in i386 libc6 depend (sigh) (closes: #163848) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 8 Oct 2002 23:29:20 +0200 -+ -+openssl (0.9.6g-8) unstable; urgency=low -+ -+ * fix libc6 depends. Only needed for i386 (closes: #163701) -+ * remove SHLIB section for bsds from Configure (closes: #163585) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 8 Oct 2002 10:57:35 +0200 -+ -+openssl (0.9.6g-7) unstable; urgency=low -+ -+ * enable i686 optimisation and depend on fixed glibc (closes: #163500) -+ * remove transition package ssleay -+ * include optimisation vor sparcv8 (closes: #139996) -+ * improve optimisation vor sparcv9 -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 6 Oct 2002 14:07:12 +0200 -+ -+openssl (0.9.6g-6) unstable; urgency=low -+ -+ * temporarily disable i686 optimisation (See bug in glibc #161788) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 21 Sep 2002 18:56:49 +0200 -+ -+openssl (0.9.6g-5) unstable; urgency=low -+ -+ * i486 can use i586 assembler -+ * include set -xe in the for loops in the rules files to make it abort -+ on error (closes: #161768) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 21 Sep 2002 16:23:11 +0200 -+ -+openssl (0.9.6g-4) unstable; urgency=low -+ -+ * fix optimization for alpha and sparc -+ * add optimization for i486 -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 20 Sep 2002 22:36:19 +0200 -+ -+openssl (0.9.6g-3) unstable; urgency=low -+ -+ * add optimized libraries for i586, i686, ev4, ev5 and v9 (closes: #139783) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 19 Sep 2002 18:33:04 +0200 -+ -+openssl (0.9.6g-2) unstable; urgency=low -+ -+ * fix manpage names (closes: #156717, #156718, #156719, #156721) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 15 Aug 2002 11:26:37 +0200 -+ -+openssl (0.9.6g-1) unstable; urgency=low -+ -+ * new upstream version -+ * Use proper error handling instead of 'assertions' in buffer -+ overflow checks added in 0.9.6e. This prevents DoS (the -+ assertions could call abort()). (closes: #155985, #156495) -+ * Fix ASN1 checks. Check for overflow by comparing with LONG_MAX -+ and get fix the header length calculation. -+ * include support for new sh* architectures (closes: #155117) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 14 Aug 2002 13:59:22 +0200 -+ -+openssl (0.9.6e-1) unstable; urgency=high -+ -+ * fixes remote exploits (see DSA-136-1) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 30 Jul 2002 18:32:28 +0200 -+ -+openssl (0.9.6d-1) unstable; urgency=low -+ -+ * new upstream (minor) version -+ * includes Configure lines for debian-*bsd-* (closes: #130413) -+ * fix wrong prototype for BN_pseudo_rand_range in BN_rand(3ssl) (closes: -+ #144586) -+ * fix typos in package description (closes: #141469) -+ * fix typo in SSL_CTX_set_cert_store manpage (closes: #135297) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 3 Jun 2002 19:42:10 +0200 -+ -+openssl (0.9.6c-2) unstable; urgency=low -+ -+ * moved from non-US to main -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 19 Mar 2002 14:48:39 +0100 -+ -+openssl (0.9.6c-1) unstable; urgency=low -+ -+ * new upstream version with a lot of bugfixes -+ * remove directory /usr/include/openssl from openssl package (closes: -+ bug #121226) -+ * remove selfdepends from libssl0.9.6 -+ * link openssl binary shared again -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 5 Jan 2002 19:04:31 +0100 -+ -+openssl (0.9.6b-4) unstable; urgency=low -+ -+ * build with -D_REENTRANT for threads support on all architectures -+ (closes: #112329, #119239) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 24 Nov 2001 12:17:51 +0100 -+ -+openssl (0.9.6b-3) unstable; urgency=low -+ -+ * disable idea, mdc2 and rc5 because they are not free (closes: #65368) -+ * ready to be moved from nonus to main -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 21 Nov 2001 17:51:41 +0100 -+ -+openssl (0.9.6b-2) unstable; urgency=high -+ -+ * fix definition of crypt in des.h (closes: #107533) -+ * fix descriptions (closes: #109503) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 17 Sep 2001 15:38:27 +0200 -+ -+openssl (0.9.6b-1) unstable; urgency=medium -+ -+ * new upstream fixes some security issues (closes: #105835, #100146) -+ * added support for s390 (closes: #105681) -+ * added support for sh (closes: #100003) -+ * change priority of libssl096 to standard as ssh depends on it (closes: -+ #105440) -+ * don't optimize for i486 to support i386. (closes: #104127, #82194) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 20 Jul 2001 15:52:42 +0200 -+ -+openssl (0.9.6a-3) unstable; urgency=medium -+ -+ * add perl-base to builddeps -+ * include static libraries in libssl-dev (closes: #93688) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 14 May 2001 20:16:06 +0200 -+ -+openssl (0.9.6a-2) unstable; urgency=medium -+ -+ * change Architecture of ssleay from any to all (closes: #92913) -+ * depend libssl-dev on the exact same version of libssl0.9.6 (closes: -+ #88939) -+ * remove lib{crypto,ssl}.a from openssl (closes: #93666) -+ * rebuild with newer gcc to fix atexit problem (closes: #94036) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 2 May 2001 12:28:39 +0200 -+ -+openssl (0.9.6a-1) unstable; urgency=medium -+ -+ * new upstream, fixes some security bugs (closes: #90584) -+ * fix typo in s_server manpage (closes: #89756) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 10 Apr 2001 12:13:11 +0200 -+ -+openssl (0.9.6-2) unstable; urgency=low -+ -+ * policy: reorganisation of package names: libssl096 -> libssl0.9.6, -+ libssl096-dev -> libssl-dev (closes: #83426) -+ * libssl0.9.6 drops replaces libssl09 (Closes: #83425) -+ * install upstream CHANGES files (Closes: #83430) -+ * added support for hppa and ia64 (Closes: #88790) -+ * move man3 manpages to libssl-dev (Closes: #87546) -+ * fix formating problem in rand_add(1) (Closes: #87547) -+ * remove manpage duplicates (Closes: #87545, #74986) -+ * make package descriptions clearer (Closes: #83518, #83444) -+ * increase default emailAddress_max from 40 to 60 (Closes: #67238) -+ * removed RSAREF warning (Closes: #84122) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 8 Mar 2001 14:24:00 +0100 -+ -+openssl (0.9.6-1) unstable; urgency=low -+ -+ * New upstream version (Thanks to Enrique Zanardi <ezanard@debian.org>) -+ (closes: #72388) -+ * Add support for debian-hurd (closes: #76032) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 13 Nov 2000 22:30:46 +0100 -+ -+openssl (0.9.5a-5) unstable; urgency=low -+ -+ * move manpages in standard directories with section ssl (closes: -+ #72152, #69809) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 5 Oct 2000 19:56:20 +0200 -+ -+openssl (0.9.5a-4) unstable; urgency=low -+ -+ * include edg_rand_bytes patch from and for apache-ssl -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 23 Sep 2000 16:48:06 +0200 -+ -+openssl (0.9.5a-3) unstable; urgency=low -+ -+ * fix call to dh_makeshlibs to create correct shlibs file and make -+ dependend programs link correctly (closes: Bug#61658) -+ * include a note in README.debian concerning the location of the -+ subcommand manpages (closes: Bug#69809) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 16 Sep 2000 19:10:50 +0200 -+ -+openssl (0.9.5a-2) unstable; urgency=low -+ -+ * try to fix the sharedlib problem. change soname of library -+ (closes: Bug#4622, #66102, #66538, #66123) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 12 Jul 2000 03:26:30 +0200 -+ -+openssl (0.9.5a-1) unstable; urgency=low -+ -+ * new upstream version (major changes see file NEWS) (closes: Bug#63976, -+ #65239, #65358) -+ * new library package libssl095a because of probably changed library -+ interface (closes: Bug#46222) -+ * added architecture mips and mipsel (closes: Bug#62437, #60366) -+ * provide shlibs.local file in build to help build if libraries are not -+ yet installed (closes: Bug#63984) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 11 Jun 2000 15:17:35 +0200 -+ -+openssl (0.9.4-5) frozen unstable; urgency=medium -+ -+ * cleanup of move of doc directories to /usr/share/doc (closes: -+ Bug#56430) -+ * lintian issues (closes: Bug#49358) -+ * move demos from openssl to libssl09-dev (closes: Bug#59201) -+ * move to debhelpers -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 11 Mar 2000 10:38:04 +0100 -+ -+openssl (0.9.4-4) unstable; urgency=medium -+ -+ * Added 'debian-arm' in 'Configure'. (closes: Bug#54251, #54766) -+ * Fixed Configure for 'debian-m68k' (closes: Bug#53636) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 15 Jan 2000 13:16:18 +0100 -+ -+openssl (0.9.4-3) unstable; urgency=low -+ -+ * define symbol SSLeay_add_ssl_algorithms for backward compatibility -+ (closes: Bug#46882) -+ * remove manpages from /usr/doc/openssl (closes: Bug#46791) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 14 Oct 1999 16:51:08 +0200 -+ -+openssl (0.9.4-2) unstable; urgency=low -+ -+ * include some more docu in pod format (Bug #43933) -+ * removed -mv8 from sparc flags (Bug #44769) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 14 Sep 1999 22:04:06 +0200 -+ -+openssl (0.9.4-1) unstable; urgency=low -+ -+ * new upstream version (Closes: #42926) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sat, 28 Aug 1999 17:04:23 +0200 -+ -+openssl (0.9.3a-1) unstable; urgency=low -+ -+ * new upstream version (Bug #38345, #38627) -+ * sparc is big-endian (Bug #39973) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 7 Jul 1999 16:03:37 +0200 -+ -+openssl (0.9.2b-3) unstable; urgency=low -+ -+ * correct move conffiles to /etc/ssl (Bug #38570) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 31 May 1999 21:08:07 +0200 -+ -+openssl (0.9.2b-2) unstable; urgency=low -+ -+ * added convenience package ssleay to help upgrade to openssl (Bug -+ #37185, #37623, #36326) -+ * added some missing dependencies from libssl09 (Bug #36681, #35867, -+ #36326) -+ * move lib*.so to libssl09-dev (Bug #36761) -+ * corrected version numbers of library files -+ * introduce link from /usr/lib/ssl to /etc/ssl (Bug #36710) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 23 May 1999 14:57:48 +0200 -+ -+openssl (0.9.2b-1) unstable; urgency=medium -+ -+ * First openssl version -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 31 Mar 1999 15:54:26 +0200 -+ -+ssleay (0.9.0b-2) unstable; urgency=low -+ -+ * Include message about the (not)usage of RSAREF (#24409) -+ * Move configfiles from /usr/lib/ssl to /etc/ssl (#26406) -+ * Change definitions for sparc (#26487) -+ * Added missing dependency (#28591) -+ * Make debian/libtool executable (#29708) -+ * /etc/ssl/lib/ssleay.cnf is now a confile (#32624) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Sun, 21 Mar 1999 19:41:04 +0100 -+ -+ssleay (0.9.0b-1) unstable; urgency=low -+ -+ * new upstream version (Bug #21227, #25971) -+ * build shared libraries with -fPIC (Bug #20027) -+ * support sparc architecture (Bug #28467) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 13 Oct 1998 10:20:13 +0200 -+ -+ssleay (0.8.1-7) frozen unstable; urgency=high -+ -+ * security fix patch to 0.8.1b (bug #24022) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 6 Jul 1998 15:42:15 +0200 -+ -+ssleay (0.8.1-6) frozen unstable; urgency=low -+ -+ * second try to fix bug #15235 (copyright was still missing) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Mon, 22 Jun 1998 08:56:27 +0200 -+ -+ssleay (0.8.1-5) frozen unstable; urgency=high -+ -+ * changed /dev/random to /dev/urandom (Bug #23169, #17817) -+ * copyright contains now the full licence (Bug #15235) -+ * fixed bug #19410 (md5sums-lists-nonexisting-file) -+ * added demos to /usr/doc (Bug #17372) -+ * fixed type in package description (Bug #18969) -+ * fixed bug in adding documentation (Bug #21463) -+ * added patch for support of debian-powerpc (Bug #21579) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 18 Jun 1998 23:09:13 +0200 -+ -+ssleay (0.8.1-4) unstable; urgency=low -+ -+ * purged dependency from libc5 -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Tue, 11 Nov 1997 15:31:50 +0100 -+ -+ssleay (0.8.1-3) unstable; urgency=low -+ -+ * changed packagename libssl to libssl08 to get better dependancies -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Fri, 7 Nov 1997 14:23:17 +0100 -+ -+ssleay (0.8.1-2) unstable; urgency=low -+ -+ * linked shared libraries against libc6 -+ * use /dev/random for randomseed -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 5 Nov 1997 11:21:40 +0100 -+ -+ssleay (0.8.1-1) unstable; urgency=low -+ -+ * new upstream version -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Thu, 16 Oct 1997 16:15:43 +0200 -+ -+ssleay (0.6.6-2) unstable; urgency=low -+ -+ * cleanup in diffs -+ * removed INSTALL from docs (bug #13205) -+ * split libssl and libssl-dev (but #13735) -+ -+ -- Christoph Martin <christoph.martin@uni-mainz.de> Wed, 15 Oct 1997 17:38:38 +0200 -+ -+ssleay (0.6.6-1) unstable; urgency=low -+ -+ * New upstream version -+ * added shared libraries for libcrypto and libssl -+ -+ -- Christoph Martin <martin@uni-mainz.de> Thu, 26 Jun 1997 19:26:14 +0200 -+ -+ssleay (0.6.4-2) unstable; urgency=low -+ -+ * changed doc filenames from .doc to .txt to be able to read them -+ over with webbrowser -+ -+ -- Christoph Martin <martin@uni-mainz.de> Tue, 25 Feb 1997 14:02:53 +0100 -+ -+ssleay (0.6.4-1) unstable; urgency=low -+ -+ * Initial Release. -+ -+ -- Christoph Martin <martin@uni-mainz.de> Fri, 22 Nov 1996 21:29:51 +0100 ---- openssl097-0.9.7g.orig/debian/rules -+++ openssl097-0.9.7g/debian/rules -@@ -0,0 +1,173 @@ -+#!/usr/bin/make -f -+# Sample debian.rules file - for GNU Hello (1.3). -+# Copyright 1994,1995 by Ian Jackson. -+# I hereby give you perpetual unlimited permission to copy, -+# modify and relicense this file, provided that you do not remove -+# my name from the file itself. (I assert my moral right of -+# paternity under the Copyright, Designs and Patents Act 1988.) -+# This file may have to be extensively modified -+# -+# Modified to be a prototype for debmake by Christoph Lameter <clameter@debian.org> -+SHELL=/bin/bash -+export DH_COMPAT=3 -+ -+package=openssl -+ -+# For generating the manpages -+export VERSION=$(shell dpkg-parsechangelog | grep '^Version:' | sed -e 's/^.*://' -e 's/-.*//') -+ -+# The binary architeture -+DEB_HOST_ARCH = $(shell dpkg-architecture -qDEB_HOST_ARCH) -+ -+CONFARGS = --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 zlib-dynamic debug -+OPT_alpha = ev4 ev5 -+OPT_i386 = i486 i586 i686/cmov -+OPT_sparc = v8 v9 -+ARCHOPTS = OPT_$(DEB_HOST_ARCH) -+OPTS = $($(ARCHOPTS)) -+WANTED_LIBC_VERSION = 2.3.1-10 -+ -+build: -+ dh_testdir -+ perl util/perlpath.pl /usr/bin -+# perl util/ssldir.pl /usr/lib/ssl -+# chmod +x debian/libtool -+ ./Configure no-shared $(CONFARGS) debian-$(DEB_HOST_ARCH) -+ make -f Makefile DIRS="crypto ssl" all -+ mv libcrypto.a libcrypto.static -+ mv libssl.a libssl.static -+ make -f Makefile DIRS="crypto ssl" clean -+ test -z "$(OPTS)" || for opt in $(OPTS); \ -+ do \ -+ set -xe; \ -+ ./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH)-$$opt; \ -+ make -f Makefile DIRS="crypto ssl" all; \ -+ mkdir -p $$opt; \ -+ mv libcrypto.so* libssl.so* $$opt/; \ -+ make -f Makefile DIRS="crypto ssl" clean; \ -+ done -+ ./Configure shared $(CONFARGS) debian-$(DEB_HOST_ARCH) -+ #make -f Makefile depend -+ ln -sf apps/openssl.pod crypto/crypto.pod ssl/ssl.pod doc/ -+# make -f Makefile linux-shared -+ make -f Makefile all -+# strip apps/openssl -+# make -f Makefile clean DIRS="crypto ssl" -+# ./Configure --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 debian-$(DEB_HOST_ARCH) -+# make -f Makefile all DIRS="crypto ssl" -+ touch build -+ -+clean: -+ dh_testdir -+ dh_testroot -+ -rm -f build -+ -perl util/perlpath.pl /usr/bin -+ -./Configure $(CONFARGS) debian-$(DEB_HOST_ARCH) -+ -make -f Makefile clean clean-shared -+ #-make -f Makefile dclean -+ -perl util/perlpath.pl /usr/local/bin/perl -+# perl util/ssldir.pl /usr/local/ssl -+ -rm -f test/.rnd test/testkey.pem test/testreq.pem test/certCA.srl -+ -rm -f util/mk1mf.bak Makefile.bak `find . -name Makefile.save` -+ -rm -f crypto/pem/ctx_size -+ -rm -f `find . -name "*~"` -+ -rm -f `find . -name "*.orig" -o -name "*.rej"` -+ -rm -f certs/*.0 certs/*.1 -+# -rm -rf debian/tmp debian/files* core `find debian/* -type d` -+ -rm -rf core $(OPTS) -+ -rm doc/*.pod -+ -rm -f libcrypto.* libssl.* -+ dh_clean -+ -+binary-indep: build -+ dh_testdir -+ dh_testroot -+# There are no architecture-independent files to be uploaded -+# generated by this package. If there were any they would be -+# made here. -+ -+binary-arch: build -+ dh_testdir -+ dh_testroot -+ dh_clean -+# -rm -rf debian/tmp `find debian/* -type d` -+# install -d debian/tmp debian/libssl0.9.7 debian/libssl0.9.7-dev -+# cd debian/tmp && install -d `cat ../dirs` -+# cd debian/libssl09 && install -d `cat ../libssl09.dirs` -+# cd debian/libssl09-dev && install -d `cat ../libssl09-dev.dirs` -+ dh_installdirs -+#openssl install -+ make -f Makefile install INSTALL_PREFIX=`pwd`/debian/tmp -+ rm debian/tmp/usr/share/man/man1/openssl.1 -+ rm debian/tmp/usr/share/man/man3/crypto.3 -+ rm debian/tmp/usr/share/man/man3/ssl.3 -+# rm debian/tmp/usr/lib/libcrypto.a -+# rm debian/tmp/usr/lib/libssl.a -+ mv debian/tmp/usr/lib/libcrypto.a debian/tmp/usr/lib/libcrypto_pic.a -+ mv debian/tmp/usr/lib/libssl.a debian/tmp/usr/lib/libssl_pic.a -+ cp -pf libcrypto.static debian/tmp/usr/lib/libcrypto.a -+ cp -pf libssl.static debian/tmp/usr/lib/libssl.a -+# mv debian/tmp/usr/lib/ssl/bin debian/tmp/usr/bin/ssl -+# (cd debian/tmp/usr/lib/ssl; ln -s /usr/bin/ssl bin) -+# mv debian/tmp/usr/lib/ssl/include debian/tmp/usr/include/ssl -+# (cd debian/tmp/usr/lib/ssl; ln -s /usr/include/ssl include) -+# chmod -x debian/tmp/usr/lib/*.so.* -+# mv debian/tmp/usr/lib/*.a debian/libssl09-dev/usr/lib/ -+# mv debian/tmp/usr/lib/*.so debian/libssl09-dev/usr/lib/ -+# mv debian/tmp/usr/lib/*.so.*.*.* debian/libssl09/usr/lib/ -+# mv debian/tmp/usr/lib/*.la debian/libssl09-dev/usr/lib/ -+# mv debian/tmp/usr/include debian/libssl09-dev/usr/ -+ mkdir -p debian/tmp/etc/ssl -+ mv debian/tmp/usr/lib/ssl/{certs,openssl.cnf,private} debian/tmp/etc/ssl/ -+ ln -s /etc/ssl/{certs,openssl.cnf,private} debian/tmp/usr/lib/ssl/ -+ cp -auv lib*.so* debian/tmp/usr/lib/ -+# cp -auv lib*.a debian/tmp/usr/lib/ -+ for opt in $(OPTS); do set -xe; mkdir -p debian/tmp/usr/lib/$$opt; cp -auv $$opt/lib*.so* debian/tmp/usr/lib/$$opt/; done -+ install debian/copyright debian/libssl0.9.7/usr/share/doc/libssl0.9.7/ -+ install debian/changelog debian/libssl0.9.7/usr/share/doc/libssl0.9.7/changelog.Debian -+# install debian/copyright debian/libssl0.9.7-dev/usr/share/doc/libssl0.9.7-dev/ -+# install debian/changelog debian/libssl0.9.7-dev/usr/share/doc/libssl0.9.7-dev/changelog.Debian -+# debstd -u CHANGES* LICENSE README NEWS -+ dh_installdocs CHANGES.SSLeay LICENSE README NEWS debian/README.optimization -+ dh_installexamples -+ dh_installchangelogs CHANGES -+# dh_installmenu -+# dh_installcron -+ dh_installdebconf -+# dh_undocumented c_rehash.1 -+ dh_movefiles -+# rmdir debian/tmp/usr/lib/ssl/lib -+# rmdir debian/tmp/usr/include/openssl -+# rmdir debian/tmp/usr/include -+# for opt in $(OPTS); do set -xe; rm -fr debian/tmp/usr/lib/$$opt; done -+ dh_compress -+ dh_fixperms -X etc/ssl/private -+ dh_strip --dbg-package=libssl0.9.7 -+ dh_perl -d -+# dh_suidregister -+ dh_shlibdeps -l`pwd` -Xlibssl.so -+ # Hack, to depend on version of libc6 which supports the i686 directory -+ if [ "${DEB_HOST_ARCH}" == "i386" ]; \ -+ then \ -+ SHLIB=`cat debian/libssl0.9.7.substvars`; \ -+ LIBC_VERSION=`echo $$SHLIB | sed s'/.*libc6 (>= \(.*\))/\1/'`; \ -+ if dpkg --compare-versions ${WANTED_LIBC_VERSION} gt $$LIBC_VERSION; \ -+ then \ -+ echo $$SHLIB | sed s'/libc6 (>= \(.*\))/libc6 (>= ${WANTED_LIBC_VERSION})/' > debian/libssl0.9.7.substvars; \ -+ fi \ -+ fi -+ dh_gencontrol -+ dh_makeshlibs -m 0.9.7 -+ dh_installdeb -+ dh_md5sums -+ dh_builddeb -+ echo -en "\a" -+ -+# Below here is fairly generic really -+ -+binary: binary-indep binary-arch -+ -+source diff: -+ @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false -+ -+.PHONY: binary binary-arch binary-indep clean ---- openssl097-0.9.7g.orig/debian/libssl0.9.7.postinst -+++ openssl097-0.9.7g/debian/libssl0.9.7.postinst -@@ -0,0 +1,139 @@ -+#!/bin/sh -e -+ -+. /usr/share/debconf/confmodule -+ -+package_name() -+{ -+ echo $(basename $0 .postinst) -+} -+ -+# element() is a helper function for file-rc: -+element() { -+ local element list IFS -+ -+ element="$1" -+ -+ [ "$2" = "in" ] && shift -+ list="$2" -+ [ "$list" = "-" ] && return 1 -+ [ "$list" = "*" ] && return 0 -+ -+ IFS="," -+ set -- $list -+ case $element in -+ "$1"|"$2"|"$3"|"$4"|"$5"|"$6"|"$7"|"$8"|"$9") -+ return 0 -+ esac -+ return 1 -+} -+ -+# filerc (runlevel, service) returns /etc/init.d/service, if service is -+# running in $runlevel: -+filerc() { -+ local runlevel basename -+ runlevel=$1 -+ basename=$2 -+ while read LINE -+ do -+ case $LINE in -+ \#*|"") continue -+ esac -+ -+ set -- $LINE -+ SORT_NO="$1"; STOP="$2"; START="$3"; CMD="$4" -+ [ "$CMD" = "/etc/init.d/$basename" ] || continue -+ -+ if element "$runlevel" in "$START" || element "S" in "$START" -+ then -+ echo "/etc/init.d/$basename" -+ return 0 -+ fi -+ done < /etc/runlevel.conf -+ echo "" -+} -+ -+if [ "$1" = "configure" ] -+then -+ if [ ! -z "$2" ]; then -+ if dpkg --compare-versions "$2" lt 0.9.7d-1; then -+ echo -n "Checking for services that may need to be restarted..." -+ -+ check="sendmail ssh" -+ check="$check apache2-common ssh-nonfree exim4" -+ check="$check apache-ssl libapache-mod-ssl openvpn spamassassin" -+ check="$check courier-imap-ssl courier-mta-ssl courier-pop-ssl" -+ check="$check postfix-tls cyrus21-imapd cyrus21-pop3d" -+ check="$check postgresql racoon" -+ # Only get the ones that are installed, and configured -+ check=$(dpkg -s $check 2> /dev/null | sed '/^$/{N;/^\n$/D;}' | awk 'BEGIN{RS="\n\n";FS="\n"}{if ( $2 ~ /Status: .* installed$/ ) { print $1 } }' | cut -f 2 -d ' ') -+ # apache2 ships its init script in apache2-common, but the -+ # script is apache2 -+ check=$(echo $check | sed 's/apache2-common/apache2/g') -+ # For mod-ssl apache has to be restarted -+ check=$(echo $check | sed 's/libapache-mod-ssl/apache/g') -+ rl=$(runlevel | awk '{print $2}') -+ for service in $check; do -+ if [ -f /usr/share/file-rc/rc -o -f /usr/lib/file-rc/rc ] && [ -f /etc/runlevel.conf ]; then -+ idl=$(filerc $rl $service) -+ else -+ idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1) -+ fi -+ if [ -n "$idl" ] && [ -x $idl ]; then -+ services="$service $services" -+ fi -+ done -+ echo "done." -+ if [ -n "$services" ]; then -+ db_version 2.0 -+ -+ db_reset libssl0.9.7/restart-services -+ db_set libssl0.9.7/restart-services "$services" -+ db_input critical libssl0.9.7/restart-services || true -+ db_go || true -+ db_get libssl0.9.7/restart-services -+ # Arghhh, close all the stupid debconf pipes -+ db_stop -+ -+ if [ "x$RET" != "x" ] -+ then -+ services=$RET -+ answer=yes -+ else -+ answer=no -+ fi -+ echo -+ if [ "$answer" = yes ] && [ "$services" != "" ]; then -+ echo "Restarting services possibly affected by the upgrade:" -+ failed="" -+ for service in $services; do -+ idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1) -+ echo -n " $service: stopping..." -+ $idl stop > /dev/null 2>&1 || true -+ sleep 1 -+ echo -n "starting..." -+ if $idl start > /dev/null 2>&1; then -+ echo "done." -+ else -+ echo "FAILED! ($?)" -+ failed="$service $failed" -+ fi -+ done -+ echo -+ if [ -n "$failed" ]; then -+ # Ruh roh, George -+ echo "The following services failed to start: $failed" -+ echo -+ echo "You will need to start these manually by running \`/etc/init.d/<service> start'" -+ echo "If the service still fails to start, you may need to file a bug on" -+ echo "$(package_name) or the service involved." -+ else -+ echo "Services restarted successfully." -+ fi -+ echo -+ fi -+ fi -+ fi # end upgrading and $2 lt 0.9.7c-1 -+ fi # Upgrading -+fi -+ -+#DEBHELPER# ---- openssl097-0.9.7g.orig/debian/watch -+++ openssl097-0.9.7g/debian/watch -@@ -0,0 +1,2 @@ -+version=2 -+ftp://ftp.openssl.org/source/openssl-(\d+\.\d+\.\d+[a-z]?)\.tar\.gz debian uupdate ---- openssl097-0.9.7g.orig/debian/libssl0.9.7.preinst -+++ openssl097-0.9.7g/debian/libssl0.9.7.preinst -@@ -0,0 +1,3 @@ -+#!/bin/sh -e -+ -+#DEBHELPER# ---- openssl097-0.9.7g.orig/debian/libssl0.9.7.prerm -+++ openssl097-0.9.7g/debian/libssl0.9.7.prerm -@@ -0,0 +1,3 @@ -+#!/bin/sh -e -+ -+#DEBHELPER# ---- openssl097-0.9.7g.orig/debian/copyright -+++ openssl097-0.9.7g/debian/copyright -@@ -0,0 +1,135 @@ -+This package was debianized by Christoph Martin martin@uni-mainz.de on -+Fri, 22 Nov 1996 21:29:51 +0100. -+ -+Copyright (c) 1998-2004 The OpenSSL Project -+Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson -+ -+The upstream sources were obtained from http://www.openssl.org/ -+ -+ -+ LICENSE ISSUES -+ ============== -+ -+ The OpenSSL toolkit stays under a dual license, i.e. both the conditions of -+ the OpenSSL License and the original SSLeay license apply to the toolkit. -+ See below for the actual license texts. Actually both licenses are BSD-style -+ Open Source licenses. In case of any license issues related to OpenSSL -+ please contact openssl-core@openssl.org. -+ -+ OpenSSL License -+ --------------- -+ -+/* ==================================================================== -+ * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. All advertising materials mentioning features or use of this -+ * software must display the following acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -+ * -+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. For written permission, please contact -+ * openssl-core@openssl.org. -+ * -+ * 5. Products derived from this software may not be called "OpenSSL" -+ * nor may "OpenSSL" appear in their names without prior written -+ * permission of the OpenSSL Project. -+ * -+ * 6. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by the OpenSSL Project -+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ * ==================================================================== -+ * -+ * This product includes cryptographic software written by Eric Young -+ * (eay@cryptsoft.com). This product includes software written by Tim -+ * Hudson (tjh@cryptsoft.com). -+ * -+ */ -+ -+ Original SSLeay License -+ ----------------------- -+ -+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) -+ * All rights reserved. -+ * -+ * This package is an SSL implementation written -+ * by Eric Young (eay@cryptsoft.com). -+ * The implementation was written so as to conform with Netscapes SSL. -+ * -+ * This library is free for commercial and non-commercial use as long as -+ * the following conditions are aheared to. The following conditions -+ * apply to all code found in this distribution, be it the RC4, RSA, -+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation -+ * included with this distribution is covered by the same copyright terms -+ * except that the holder is Tim Hudson (tjh@cryptsoft.com). -+ * -+ * Copyright remains Eric Young's, and as such any Copyright notices in -+ * the code are not to be removed. -+ * If this package is used in a product, Eric Young should be given attribution -+ * as the author of the parts of the library used. -+ * This can be in the form of a textual message at program startup or -+ * in documentation (online or textual) provided with the package. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the copyright -+ * notice, this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. All advertising materials mentioning features or use of this software -+ * must display the following acknowledgement: -+ * "This product includes cryptographic software written by -+ * Eric Young (eay@cryptsoft.com)" -+ * The word 'cryptographic' can be left out if the rouines from the library -+ * being used are not cryptographic related :-). -+ * 4. If you include any Windows specific code (or a derivative thereof) from -+ * the apps directory (application code) you must include an acknowledgement: -+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" -+ * -+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -+ * SUCH DAMAGE. -+ * -+ * The licence and distribution terms for any publically available version or -+ * derivative of this code cannot be changed. i.e. this code cannot simply be -+ * copied and put under another distribution licence -+ * [including the GNU Public Licence.] -+ */ -+ ---- openssl097-0.9.7g.orig/debian/shlibs.local -+++ openssl097-0.9.7g/debian/shlibs.local -@@ -0,0 +1,2 @@ -+libcrypto 0.9.7 libssl0.9.7 -+libssl 0.9.7 libssl0.9.7 ---- openssl097-0.9.7g.orig/debian/README.debian -+++ openssl097-0.9.7g/debian/README.debian -@@ -0,0 +1,52 @@ -+openssl for DEBIAN -+---------------------- -+ -+openssl replaces ssleay. -+ -+The application links to openssl like req, ca, verify and s_client -+have been removed. -+ -+Instead of `<application>` please call now `openssl <application>` -+ -+eg: -+instead of `req` please call `openssl req` -+ -+NOTE: The libssl library version for debian-i386 is optimized for -+486-processors and better. It will not run on 386-processors. -+ -+---- -+Self-signed certs and webservers: -+ -+If you get with a selfsigned certificate and a webserver: -+ > "The certificate is not approved for the attempted operation." -+ -+Bodo_Moeller@public.uni-hamburg.de (Bodo Moeller) writes: -+>Probably you are using a CA certificate for your server; if you use -+>"openssl req" to generate a new key and self-signed certificate with -+>the default openssl.cnf, the certificate you get includes certain -+>X.509v3 extensions that make it unfit for use as a server certificate. -+>This was not so with earlier versions of the software because back -+>then there was far less X.509v3 support. -+> -+>To look at the certificate some HTTPS server presents to its cliens, -+>use "openssl s_client -port 443 -host your.server", store the output -+>(at least the part from "-----BEGIN CERTIFICATE-----" up to "-----END -+>CERTIFICATE-----", including these separators) in a file and use -+>"openssl x509 -in the_file_you_just_stored -text" to look at it in -+>readable form. If it has in the "X509v3 extensions section" any of -+>the following entries, it is not usable as a server certificate: -+> -+> X509v3 Basic Constraints: -+> CA:TRUE -+> -+> X509v3 Key Usage: -+> Certificate Sign, CRL Sign -+> -+>To quickly create a new server key and certificate that works with -+>Netscape, you can just copy the original openssl.cnf file and comment -+>out the "x509_extensions" entry in the "[ req ]" section. -+>The, use "openssl req ..." as before to create a new certificate and -+>key. -+ -+ -+Christoph Martin <martin@uni-mainz.de>, Wed, 31 Mar 1999 16:00:51 +0200 |