All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
- fixes build with openssl 1.1
- add support for mbedtls as an option
- avoids regenerating autoconf bits
2020-11-17 - Version 1.27
* core: handle PIN expiration after C_Login as C_Login may take a while
* core: return explict success when plugin&play and no threading and no
safefork, thanks to Tunnelblick
2020-01-21 - Version 1.26
* openssl: build with openssl ec disabled
* openssl: support RSA_NO_PADDING padding, thanks to Selva Nair
* core: reduce mutex lock scope of add/remove provider, thanks to Frank Morgner
* core: improve the fork fixup sequence
2018-08-16 - Version 1.25.1
* core: build with threading disabled
2018-08-04 - Version 1.25
* core: do not attempt to initialize provider with fork mode is not safe. Too
many providers do not follow the PKCS#11 spec.
2018-06-15 - Version 1.24
* build: support libressl-2.7
2018-06-02 - Version 1.23
* build: cleanups.
* openssl: rework support 1.1.
2017-02-12 - Version 1.22
* spec: minor cleanups.
2017-01-06 - Version 1.21
* mbedtls: fix missing logic if issur certificate, thanks to Steffan Karger
2016-12-08 - Version 1.20
* polarssl: support polarssl-1.3, thanks to Steffan Karger.
* certificate: ignore certificate object without CKA_ID.
* openssl: fix memory leak, thanks to ASPj.
* openssl: support 1.1 and libressl, thanks to Daiki Ueno.
2013-10-11 - Version 1.11
* openssl: support generic pkey.
* openssl: add dsa support.
* openssl: add ecdsa support, thanks for Sanaullah for testing.
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
Change MASTER_SITE, and therefore fetch with curl.
Specify C99, after guessing that from warnings.
Enable extra warnings (reported upstream).
2012-02-29 - Version 1.10
* PolarSSL crypto engine by Adriaan de Jong
* build: --disable-crypto-engine-win32 renamed to --disable-crypto-engine-cryptoapi
* api: PKCS11H_FEATURE_MASK_ENGINE_CRYPTO_WIN32 renamed to
PKCS11H_FEATURE_MASK_ENGINE_CRYPTO_CRYPTOAPI.
* api: PKCS11H_ENGINE_CRYPTO_WIN32 renamed to
PKCS11H_ENGINE_CRYPTO_CRYPTOAPI
2011-08-16 - Version 1.09
* Do not retry if CKR_BUFFER_TOO_SMALL and none NULL target.
* Fixup OpenSSL engine's rsa_priv_enc to use RSA size output buffer.
