Slackware 14.0slackware-14.0

Wed Sep 26 01:10:42 UTC 2012
Slackware 14.0 x86_64 stable is released!

We're perfectionists here at Slackware, so this release has been a long
time a-brewing.  But we think you'll agree that it was worth the wait.
Slackware 14.0 combines modern components, ease of use, and flexible
configuration... our "KISS" philosophy demands it.

The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD.  Please consider supporting the Slackware
project by picking up a copy from store.slackware.com.  We're taking
pre-orders now, and offer a discount if you sign up for a subscription.

Thanks to everyone who helped make this happen.  The Slackware team, the
upstream developers, and (of course) the awesome Slackware user
community.

Have fun!  :-)

15 files changed, 654 insertions, 19 deletions

diff --git a/source/n/openssl/certwatch b/source/n/openssl/certwatch
index 8fef1509f..d52dc3dc4 100644
--- a/source/n/openssl/certwatch
+++ b/source/n/openssl/certwatch
@@ -84,6 +84,7 @@ for binary in basename date find grep mail openssl touch ; do
 done
 
 find $CERTDIR -type f -maxdepth 1 | while read certfile ; do
+  if [ "$certfile" != "/etc/ssl/certs/ca-certificates.crt" ]; then
   certfilebase="$(basename "$certfile")"
   inform=PEM
   echo "$certfile" | grep -q -i '\.net$'
@@ -124,5 +125,6 @@ find $CERTDIR -type f -maxdepth 1 | while read certfile ; do
       fi
     fi
   fi
+  fi
 done
 
diff --git a/source/n/openssl/doinst.sh-openssl b/source/n/openssl/doinst.sh-openssl
index c92e60763..8fcf3d1c1 100644
--- a/source/n/openssl/doinst.sh-openssl
+++ b/source/n/openssl/doinst.sh-openssl
@@ -19,3 +19,8 @@ fi
 
 config etc/ssl/openssl.cnf.new
 config etc/cron.daily/certwatch.new
+
+# Rehash certificates if the package is upgraded on a running system:
+if [ -x /usr/bin/c_rehash ]; then
+  /usr/bin/c_rehash 1> /dev/null 2> /dev/null
+fi
diff --git a/source/n/openssl/openssl.SlackBuild b/source/n/openssl/openssl.SlackBuild
index f0e55b52c..8d5c4a096 100755
--- a/source/n/openssl/openssl.SlackBuild
+++ b/source/n/openssl/openssl.SlackBuild
@@ -2,7 +2,7 @@
 
 # Copyright 2000 BSDi, Inc. Concord, CA, USA
 # Copyright 2001, 2002 Slackware Linux, Inc.  Concord, CA, USA
-# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -27,7 +27,7 @@
 CWD=$(pwd)
 TMP=${TMP:-/tmp}
 
-VERSION=${VERSION:-$(echo openssl-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo openssl-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
@@ -45,17 +45,19 @@ PKG2=$TMP/package-ossllibs
 NAME1=openssl-$VERSION-$ARCH-$BUILD
 NAME2=openssl-solibs-$VERSION-$ARCH-$BUILD
 
-NUMJOBS=${NUMJOBS:--j6}
+# Parallel build doesn't link properly.
+#NUMJOBS=${NUMJOBS:--j6}
 
 # So that ls has the right field counts for parsing...
 export LC_ALL=C
 
 cd $TMP
 rm -rf $PKG1 $PKG2 openssl-$VERSION
-tar xvf $CWD/openssl-$VERSION.tar.?z* || exit 1
+
+tar xvf $CWD/openssl-$VERSION.tar.gz || exit 1
 cd openssl-$VERSION
 
-# Use .so.0, not .so.0.9.8:
+# Use .so.1, not .so.1.0.0:
 zcat $CWD/openssl.soname.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1
 if [ "$ARCH" = "i486" ]; then
   # Build with -march=i486 -mtune=i686:
@@ -70,9 +72,9 @@ fi
 # paranoid that they won't run against a different OpenSSL version than
 # what they were compiled against, whether or not the ABI has changed.
 #
-# So, we will use the OPENSSL_VERSION_NUMBER from openssl-0.9.8o unless ABI
+# So, we will use the OPENSSL_VERSION_NUMBER from openssl-1.0.1c unless ABI
 # breakage forces it to change.  Yes, we're finally using this old trick.  :)
-sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x009080efL (0.9.8o) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x009080efL/g" crypto/opensslv.h || exit 1
+sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x1000103fL (1.0.1c) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x1000103fL/g" crypto/opensslv.h || exit 1
 
 chown -R root:root .
 mkdir -p $PKG1/usr/doc/openssl-$VERSION
@@ -103,15 +105,12 @@ fi
  no-sse2 \
  shared
 
-make depend || exit 1
+make $NUMJOBS depend || make depend || exit 1
 
 make $NUMJOBS || make || exit 1
 
 make install INSTALL_PREFIX=$PKG1 || exit 1
 
-# Use proper libdir:
-( cd $PKG1/usr; mv lib lib${LIBDIRSUFFIX} )
-
 # Make the .so.? library symlinks:
 ( cd $PKG1/usr/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.* )
 
@@ -158,6 +157,21 @@ if [ -d $PKG1/usr/man ]; then
   )
 fi
 
+# If there's an openssl0 directory, then build openssl-0 shared libraries for
+# compatibility with programs linked to those:
+if [ -d $CWD/openssl0 ]; then
+  ( cd $CWD/openssl0
+    ./openssl0.build || exit 1
+  ) || exit 1
+  # Don't put these in the openssl package...  openssl-solibs is enough.
+  #mkdir -p $PKG1/lib${LIBDIRSUFFIX}
+  #cp -a $TMP/package-openssl0/usr/lib/lib*.so.?.?.? $PKG1/lib${LIBDIRSUFFIX}
+  #( cd $PKG1/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.?.?.? )
+  mkdir -p $PKG2/lib${LIBDIRSUFFIX}
+  cp -a $TMP/package-openssl0/usr/lib/lib*.so.?.?.? $PKG2/lib${LIBDIRSUFFIX}
+  ( cd $PKG2/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.?.?.? )
+fi
+
 cd $PKG1
 chmod 755 usr/lib${LIBDIRSUFFIX}/pkgconfig
 sed -i -e "s#lib\$#lib${LIBDIRSUFFIX}#" usr/lib${LIBDIRSUFFIX}/pkgconfig/*.pc
diff --git a/source/n/openssl/openssl.optsx86.diff b/source/n/openssl/openssl.optsx86.diff
index a1a289a20..330e50970 100644
--- a/source/n/openssl/openssl.optsx86.diff
+++ b/source/n/openssl/openssl.optsx86.diff
@@ -1,11 +1,11 @@
---- ./Configure.orig	2005-08-02 03:59:42.000000000 -0700
-+++ ./Configure	2005-10-12 20:04:43.000000000 -0700
-@@ -317,7 +317,7 @@
- "linux-ppc",	"gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+--- ./Configure.orig	2012-03-14 17:20:40.000000000 -0500
++++ ./Configure	2012-07-03 18:30:19.962011710 -0500
+@@ -350,7 +350,7 @@
+ "linux-armv4",	"gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
  #### IA-32 targets...
  "linux-ia32-icc",	"icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 -"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 +"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -mtune=i686 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- "linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
+ "linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
  ####
  "linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff --git a/source/n/openssl/openssl.soname.diff b/source/n/openssl/openssl.soname.diff
index f660e93bb..308968d9c 100644
--- a/source/n/openssl/openssl.soname.diff
+++ b/source/n/openssl/openssl.soname.diff
@@ -5,7 +5,7 @@
  	ALLSYMSFLAGS='-Wl,--whole-archive'; \
  	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
 -	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB.0"
++	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB.1"
  
  DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
  
diff --git a/source/n/openssl/openssl0/certwatch b/source/n/openssl/openssl0/certwatch
new file mode 100644
index 000000000..8fef1509f
--- /dev/null
+++ b/source/n/openssl/openssl0/certwatch
@@ -0,0 +1,128 @@
+#!/bin/sh
+#
+# Will check all certificates stored in $CERTDIR for their expiration date,
+# and will display (if optional "stdout" argument is given), or mail a warning
+# message to $MAILADDR (if script is executed without any parameter
+# - unattended mode suitable for cron execution) for each particular certificate
+# that is about to expire in time less to, or equal to $DAYS after this script
+# has been executed, or if it has already expired.
+# This stupid script (C) 2006,2007 Jan Rafaj
+
+########################## CONFIGURATION SECTION BEGIN #########################
+# Note: all settings are mandatory
+# Warning will be sent if a certificate expires in time <= days given here
+DAYS=7
+# E-mail address where to send warnings
+MAILADDR=root
+# Directory with certificates to check
+CERTDIR=/etc/ssl/certs
+# Directory where to keep state files if this script isnt executed with "stdout"
+STATEDIR=/var/run
+########################### CONFIGURATION SECTION END ##########################
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+DAY_IN_SECS=$((60*60*24))
+DATE_CURRENT=$(date '+%s')
+
+usage()
+{
+  echo "Usage: $0 [stdout]"
+  echo
+  echo "Detailed description and configuration is embedded within the script."
+  exit 0
+}
+
+message()
+{
+  cat << EOF
+    WARNING: certificate $certfile
+    is about to expire in time equal to or less than $DAYS days from now on,
+    or has already expired - it might be a good idea to obtain/create new one.
+
+EOF
+}
+
+message_mail()
+{
+  message
+  cat << EOF
+    NOTE: This message is being sent only once.
+
+    A lock-file
+    $STATEDIR/certwatch-mailwarning-sent-$certfilebase
+    has been created, which will prevent this script from mailing you again
+    upon its subsequent executions by crond. You dont need to care about it;
+    the file will be auto-deleted as soon as you'll prolong your certificate.
+EOF
+}
+
+unset stdout
+case $# in
+  0) ;;
+  1) if   [ "$1" = "-h" -o "$1" == "--help" ]; then
+       usage
+     elif [ "$1" = "stdout" ]; then
+       stdout=1
+     else
+       usage
+     fi
+     ;;
+  *) usage ;;
+esac
+
+for dir in $STATEDIR $CERTDIR ; do
+  if [ ! -d $dir ]; then
+    echo "ERROR: directory $dir does not exist"
+    exit 1
+  fi
+done
+for binary in basename date find grep mail openssl touch ; do
+  if [ ! \( -x /usr/bin/$binary -o -x /bin/$binary \) ]; then
+    echo "ERROR: /usr/bin/$binary not found"
+    exit 1
+  fi
+done
+
+find $CERTDIR -type f -maxdepth 1 | while read certfile ; do
+  certfilebase="$(basename "$certfile")"
+  inform=PEM
+  echo "$certfile" | grep -q -i '\.net$'
+  if [ $? -eq 0 ]; then
+    # This is based purely on filename extension, so may give false results.
+    # But lets assume noone uses NET format certs today, ok?
+    continue
+  fi
+  echo "$certfile" | grep -q -i '\.der$'
+  if [ $? -eq 0 -o "$(file "$certfile" | egrep '(ASCII|PEM)')" == "" ]; then
+    inform=DER
+  fi
+  # We wont use '-checkend' since it is not properly documented (as of
+  # OpenSSL 0.9.8e).
+  DATE_CERT_EXPIRES=$(openssl x509 -in "$certfile" -inform $inform -noout -enddate | sed 's/^notAfter=//')
+  DATE_CERT_EXPIRES=$(date -d"$DATE_CERT_EXPIRES" +%s)
+  if [ $(($DATE_CERT_EXPIRES - $DATE_CURRENT)) -le $(($DAYS * $DAY_IN_SECS)) ]
+  then
+    if [ $stdout ]; then
+      message
+    else
+      if [ ! -f $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" ]; then
+        subject="$0: certificate $certfile expiration warning"
+        message_mail | mail -r "certwatch@$HOSTNAME" \
+                            -s "$subject" \
+                            $MAILADDR 2>/dev/null
+        # echo "Mail about expiring certificate $certfile sent to $MAILADDR."
+        # echo "If you need to send it again, please remove lock-file"
+        # echo "$STATEDIR/certwatch-mailwarning-sent-$certfilebase ."
+        # echo
+      fi
+      touch $STATEDIR/certwatch-mailwarning-sent-"$certfilebase"
+    fi
+  else
+    if [ ! $stdout ]; then
+      if [ -f $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" ]; then
+        rm $STATEDIR/certwatch-mailwarning-sent-"$certfilebase"
+      fi
+    fi
+  fi
+done
+
diff --git a/source/n/openssl/openssl0/doinst.sh-openssl b/source/n/openssl/openssl0/doinst.sh-openssl
new file mode 100644
index 000000000..c92e60763
--- /dev/null
+++ b/source/n/openssl/openssl0/doinst.sh-openssl
@@ -0,0 +1,21 @@
+config() {
+  NEW="$1"
+  OLD="`dirname $NEW`/`basename $NEW .new`"
+  # If there's no config file by that name, mv it over:
+  if [ ! -r $OLD ]; then
+    mv $NEW $OLD
+  elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
+    rm $NEW
+  fi
+  # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+# If there is a known buggy certwatch script with no local
+# modifications, just replace it:
+if [ "$(md5sum etc/cron.daily/certwatch 2> /dev/null)" = "32556321806f1850d56cb2ef8384b7a1  etc/cron.daily/certwatch" ]; then
+  cat etc/cron.daily/certwatch.new > etc/cron.daily/certwatch
+  touch -r etc/cron.daily/certwatch.new etc/cron.daily/certwatch
+fi
+
+config etc/ssl/openssl.cnf.new
+config etc/cron.daily/certwatch.new
diff --git a/source/n/openssl/openssl0/doinst.sh-openssl-solibs b/source/n/openssl/openssl0/doinst.sh-openssl-solibs
new file mode 100644
index 000000000..ed4fdfacb
--- /dev/null
+++ b/source/n/openssl/openssl0/doinst.sh-openssl-solibs
@@ -0,0 +1,12 @@
+config() {
+  NEW="$1"
+  OLD="`dirname $NEW`/`basename $NEW .new`"
+  # If there's no config file by that name, mv it over:
+  if [ ! -r $OLD ]; then
+    mv $NEW $OLD
+  elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
+    rm $NEW
+  fi
+  # Otherwise, we leave the .new copy for the admin to consider...
+}
+config etc/ssl/openssl.cnf.new
diff --git a/source/n/openssl/openssl0/openssl.SlackBuild b/source/n/openssl/openssl0/openssl.SlackBuild
new file mode 100755
index 000000000..6c4197d50
--- /dev/null
+++ b/source/n/openssl/openssl0/openssl.SlackBuild
@@ -0,0 +1,195 @@
+#!/bin/sh
+
+# Copyright 2000 BSDi, Inc. Concord, CA, USA
+# Copyright 2001, 2002 Slackware Linux, Inc.  Concord, CA, USA
+# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012  Patrick J. Volkerding, Sebeka, MN, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
+#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+# Set initial variables:
+CWD=$(pwd)
+TMP=${TMP:-/tmp}
+
+VERSION=${VERSION:-$(echo openssl-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-1}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+  case "$( uname -m )" in
+    i?86) export ARCH=i486 ;;
+    arm*) export ARCH=arm ;;
+    # Unless $ARCH is already set, use uname -m for all other archs:
+       *) export ARCH=$( uname -m ) ;;
+  esac
+fi
+
+PKG1=$TMP/package-openssl
+PKG2=$TMP/package-ossllibs
+NAME1=openssl-$VERSION-$ARCH-$BUILD
+NAME2=openssl-solibs-$VERSION-$ARCH-$BUILD
+
+NUMJOBS=${NUMJOBS:--j6}
+
+# So that ls has the right field counts for parsing...
+export LC_ALL=C
+
+cd $TMP
+rm -rf $PKG1 $PKG2 openssl-$VERSION
+tar xvf $CWD/openssl-$VERSION.tar.gz || exit 1
+cd openssl-$VERSION
+
+# Use .so.0, not .so.0.9.8:
+zcat $CWD/openssl.soname.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1
+if [ "$ARCH" = "i486" ]; then
+  # Build with -march=i486 -mtune=i686:
+  zcat $CWD/openssl.optsx86.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+  LIBDIRSUFFIX="64"
+fi
+
+# OpenSSL has a (nasty?) habit of bumping the internal version number with
+# every release.  This wouldn't be so bad, but some applications are so
+# paranoid that they won't run against a different OpenSSL version than
+# what they were compiled against, whether or not the ABI has changed.
+#
+# So, we will use the OPENSSL_VERSION_NUMBER from openssl-0.9.8o unless ABI
+# breakage forces it to change.  Yes, we're finally using this old trick.  :)
+sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x009080efL (0.9.8o) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x009080efL/g" crypto/opensslv.h || exit 1
+
+chown -R root:root .
+mkdir -p $PKG1/usr/doc/openssl-$VERSION
+cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \
+  LICENSE NEWS README README.ENGINE doc $PKG1/usr/doc/openssl-$VERSION
+find $PKG1/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \;
+find $PKG1/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \;
+
+# If there's a CHANGES file, installing at least part of the recent history
+# is useful, but don't let it get totally out of control:
+if [ -r CHANGES ]; then
+  DOCSDIR=$(echo $PKG1/usr/doc/*-$VERSION)
+  cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES
+  touch -r CHANGES $DOCSDIR/CHANGES
+fi
+
+# These are the known patent issues with OpenSSL:
+# name   #         expires
+# MDC-2: 4,908,861  2007-03-13, included.  :-)
+# IDEA:  5,214,703  2010-05-25, not included.
+# RC5:   5,724,428  2015-03-03, not included.
+
+./config \
+ --prefix=/usr \
+ --openssldir=/etc/ssl \
+ no-idea \
+ no-rc5 \
+ no-sse2 \
+ shared
+
+make $NUMJOBS depend || make depend || exit 1
+
+make $NUMJOBS || make || exit 1
+
+make install INSTALL_PREFIX=$PKG1 || exit 1
+
+# Use proper libdir:
+( cd $PKG1/usr; mv lib lib${LIBDIRSUFFIX} )
+
+# Make the .so.? library symlinks:
+( cd $PKG1/usr/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.* )
+
+# Move libraries, as they might be needed by programs that bring a network
+# mounted /usr online:
+
+mkdir $PKG1/lib${LIBDIRSUFFIX}
+( cd $PKG1/usr/lib${LIBDIRSUFFIX}
+  for file in lib*.so.?.* ; do
+    mv $file ../../lib${LIBDIRSUFFIX}
+    ln -sf ../../lib${LIBDIRSUFFIX}/$file .
+  done 
+  cp -a lib*.so.? ../../lib${LIBDIRSUFFIX}
+)
+
+# Add a cron script to warn root if a certificate is going to expire soon:
+mkdir -p $PKG1/etc/cron.daily
+zcat $CWD/certwatch.gz > $PKG1/etc/cron.daily/certwatch.new
+chmod 755 $PKG1/etc/cron.daily/certwatch.new
+
+mv $PKG1/etc/ssl/openssl.cnf $PKG1/etc/ssl/openssl.cnf.new
+
+( cd $PKG1
+  find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+  find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+)
+
+mv $PKG1/etc/ssl/man $PKG1/usr
+( cd $PKG1/usr/man/man1 ; mv passwd.1 ssl_passwd.1 )
+( cd $PKG1/usr/man/man3 ; mv rand.3 ssl_rand.3 )
+( cd $PKG1/usr/man/man3 ; mv err.3 ssl_err.3 )
+# Compress and symlink the man pages:
+if [ -d $PKG1/usr/man ]; then
+  ( cd $PKG1/usr/man
+    for manpagedir in $(find . -type d -name "man*") ; do
+      ( cd $manpagedir
+        for eachpage in $( find . -type l -maxdepth 1) ; do
+          ln -s $( readlink $eachpage ).gz $eachpage.gz
+          rm $eachpage
+        done
+        gzip -9 *.?
+      )
+    done
+  )
+fi
+
+cd $PKG1
+chmod 755 usr/lib${LIBDIRSUFFIX}/pkgconfig
+sed -i -e "s#lib\$#lib${LIBDIRSUFFIX}#" usr/lib${LIBDIRSUFFIX}/pkgconfig/*.pc
+mkdir -p install
+zcat $CWD/doinst.sh-openssl.gz > install/doinst.sh
+cat $CWD/slack-desc.openssl > install/slack-desc
+/sbin/makepkg -l y -c n $TMP/${NAME1}.txz
+
+# Make runtime package:
+mkdir -p $PKG2/lib${LIBDIRSUFFIX}
+( cd lib${LIBDIRSUFFIX} ; cp -a lib*.so.* $PKG2/lib${LIBDIRSUFFIX} )
+( cd $PKG2/lib${LIBDIRSUFFIX} ; ldconfig -l * )
+mkdir -p $PKG2/etc
+( cd $PKG2/etc ; cp -a $PKG1/etc/ssl . )
+mkdir -p $PKG2/usr/doc/openssl-$VERSION
+( cd $TMP/openssl-$VERSION
+  cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \
+  LICENSE NEWS README README.ENGINE $PKG2/usr/doc/openssl-$VERSION
+)
+
+# If there's a CHANGES file, installing at least part of the recent history
+# is useful, but don't let it get totally out of control:
+if [ -r CHANGES ]; then
+  DOCSDIR=$(echo $PKG2/usr/doc/*-$VERSION)
+  cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES
+  touch -r CHANGES $DOCSDIR/CHANGES
+fi
+
+find $PKG2/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \;
+find $PKG2/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \;
+cd $PKG2
+mkdir -p install
+zcat $CWD/doinst.sh-openssl-solibs.gz > install/doinst.sh
+cat $CWD/slack-desc.openssl-solibs > install/slack-desc
+/sbin/makepkg -l y -c n $TMP/${NAME2}.txz
diff --git a/source/n/openssl/openssl0/openssl.optsx86.diff b/source/n/openssl/openssl0/openssl.optsx86.diff
new file mode 100644
index 000000000..a1a289a20
--- /dev/null
+++ b/source/n/openssl/openssl0/openssl.optsx86.diff
@@ -0,0 +1,11 @@
+--- ./Configure.orig	2005-08-02 03:59:42.000000000 -0700
++++ ./Configure	2005-10-12 20:04:43.000000000 -0700
+@@ -317,7 +317,7 @@
+ "linux-ppc",	"gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ #### IA-32 targets...
+ "linux-ia32-icc",	"icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -mtune=i686 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
+ ####
+ "linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff --git a/source/n/openssl/openssl0/openssl.soname.diff b/source/n/openssl/openssl0/openssl.soname.diff
new file mode 100644
index 000000000..f660e93bb
--- /dev/null
+++ b/source/n/openssl/openssl0/openssl.soname.diff
@@ -0,0 +1,11 @@
+--- ./Makefile.shared.orig	2005-06-23 13:47:54.000000000 -0700
++++ ./Makefile.shared	2005-10-12 20:02:28.000000000 -0700
+@@ -151,7 +151,7 @@
+ 	SHLIB_SUFFIX=; \
+ 	ALLSYMSFLAGS='-Wl,--whole-archive'; \
+ 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+-	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
++	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB.0"
+ 
+ DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
+ 
diff --git a/source/n/openssl/openssl0/openssl0.build b/source/n/openssl/openssl0/openssl0.build
new file mode 100755
index 000000000..262a16a50
--- /dev/null
+++ b/source/n/openssl/openssl0/openssl0.build
@@ -0,0 +1,198 @@
+#!/bin/sh
+
+# Copyright 2000 BSDi, Inc. Concord, CA, USA
+# Copyright 2001, 2002 Slackware Linux, Inc.  Concord, CA, USA
+# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012  Patrick J. Volkerding, Sebeka, MN, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
+#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+# Set initial variables:
+CWD=$(pwd)
+TMP=${TMP:-/tmp}
+
+VERSION=${VERSION:-$(echo openssl-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-1}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+  case "$( uname -m )" in
+    i?86) export ARCH=i486 ;;
+    arm*) export ARCH=arm ;;
+    # Unless $ARCH is already set, use uname -m for all other archs:
+       *) export ARCH=$( uname -m ) ;;
+  esac
+fi
+
+PKG1=$TMP/package-openssl0
+PKG2=$TMP/package-ossllibs
+NAME1=openssl-$VERSION-$ARCH-$BUILD
+NAME2=openssl-solibs-$VERSION-$ARCH-$BUILD
+
+NUMJOBS=${NUMJOBS:--j6}
+
+# So that ls has the right field counts for parsing...
+export LC_ALL=C
+
+cd $TMP
+#rm -rf $PKG1 $PKG2 openssl-$VERSION
+rm -rf $PKG1 openssl-$VERSION
+tar xvf $CWD/openssl-$VERSION.tar.gz || exit 1
+cd openssl-$VERSION
+
+# Use .so.0, not .so.0.9.8:
+zcat $CWD/openssl.soname.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1
+if [ "$ARCH" = "i486" ]; then
+  # Build with -march=i486 -mtune=i686:
+  zcat $CWD/openssl.optsx86.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+  LIBDIRSUFFIX="64"
+fi
+
+# OpenSSL has a (nasty?) habit of bumping the internal version number with
+# every release.  This wouldn't be so bad, but some applications are so
+# paranoid that they won't run against a different OpenSSL version than
+# what they were compiled against, whether or not the ABI has changed.
+#
+# So, we will use the OPENSSL_VERSION_NUMBER from openssl-0.9.8o unless ABI
+# breakage forces it to change.  Yes, we're finally using this old trick.  :)
+sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x009080efL (0.9.8o) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x009080efL/g" crypto/opensslv.h || exit 1
+
+chown -R root:root .
+mkdir -p $PKG1/usr/doc/openssl-$VERSION
+cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \
+  LICENSE NEWS README README.ENGINE doc $PKG1/usr/doc/openssl-$VERSION
+find $PKG1/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \;
+find $PKG1/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \;
+
+# If there's a CHANGES file, installing at least part of the recent history
+# is useful, but don't let it get totally out of control:
+if [ -r CHANGES ]; then
+  DOCSDIR=$(echo $PKG1/usr/doc/*-$VERSION)
+  cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES
+  touch -r CHANGES $DOCSDIR/CHANGES
+fi
+
+# These are the known patent issues with OpenSSL:
+# name   #         expires
+# MDC-2: 4,908,861  2007-03-13, included.  :-)
+# IDEA:  5,214,703  2010-05-25, not included.
+# RC5:   5,724,428  2015-03-03, not included.
+
+./config \
+ --prefix=/usr \
+ --openssldir=/etc/ssl \
+ no-idea \
+ no-rc5 \
+ no-sse2 \
+ shared
+
+make $NUMJOBS depend || make depend || exit 1
+
+make $NUMJOBS || make || exit 1
+
+make install INSTALL_PREFIX=$PKG1 || exit 1
+
+exit 0
+
+# Use proper libdir:
+( cd $PKG1/usr; mv lib lib${LIBDIRSUFFIX} )
+
+# Make the .so.? library symlinks:
+( cd $PKG1/usr/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.* )
+
+# Move libraries, as they might be needed by programs that bring a network
+# mounted /usr online:
+
+mkdir $PKG1/lib${LIBDIRSUFFIX}
+( cd $PKG1/usr/lib${LIBDIRSUFFIX}
+  for file in lib*.so.?.* ; do
+    mv $file ../../lib${LIBDIRSUFFIX}
+    ln -sf ../../lib${LIBDIRSUFFIX}/$file .
+  done 
+  cp -a lib*.so.? ../../lib${LIBDIRSUFFIX}
+)
+
+# Add a cron script to warn root if a certificate is going to expire soon:
+mkdir -p $PKG1/etc/cron.daily
+zcat $CWD/certwatch.gz > $PKG1/etc/cron.daily/certwatch.new
+chmod 755 $PKG1/etc/cron.daily/certwatch.new
+
+mv $PKG1/etc/ssl/openssl.cnf $PKG1/etc/ssl/openssl.cnf.new
+
+( cd $PKG1
+  find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+  find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+)
+
+mv $PKG1/etc/ssl/man $PKG1/usr
+( cd $PKG1/usr/man/man1 ; mv passwd.1 ssl_passwd.1 )
+( cd $PKG1/usr/man/man3 ; mv rand.3 ssl_rand.3 )
+( cd $PKG1/usr/man/man3 ; mv err.3 ssl_err.3 )
+# Compress and symlink the man pages:
+if [ -d $PKG1/usr/man ]; then
+  ( cd $PKG1/usr/man
+    for manpagedir in $(find . -type d -name "man*") ; do
+      ( cd $manpagedir
+        for eachpage in $( find . -type l -maxdepth 1) ; do
+          ln -s $( readlink $eachpage ).gz $eachpage.gz
+          rm $eachpage
+        done
+        gzip -9 *.?
+      )
+    done
+  )
+fi
+
+cd $PKG1
+chmod 755 usr/lib${LIBDIRSUFFIX}/pkgconfig
+sed -i -e "s#lib\$#lib${LIBDIRSUFFIX}#" usr/lib${LIBDIRSUFFIX}/pkgconfig/*.pc
+mkdir -p install
+zcat $CWD/doinst.sh-openssl.gz > install/doinst.sh
+cat $CWD/slack-desc.openssl > install/slack-desc
+/sbin/makepkg -l y -c n $TMP/${NAME1}.txz
+
+# Make runtime package:
+mkdir -p $PKG2/lib${LIBDIRSUFFIX}
+( cd lib${LIBDIRSUFFIX} ; cp -a lib*.so.* $PKG2/lib${LIBDIRSUFFIX} )
+( cd $PKG2/lib${LIBDIRSUFFIX} ; ldconfig -l * )
+mkdir -p $PKG2/etc
+( cd $PKG2/etc ; cp -a $PKG1/etc/ssl . )
+mkdir -p $PKG2/usr/doc/openssl-$VERSION
+( cd $TMP/openssl-$VERSION
+  cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \
+  LICENSE NEWS README README.ENGINE $PKG2/usr/doc/openssl-$VERSION
+)
+
+# If there's a CHANGES file, installing at least part of the recent history
+# is useful, but don't let it get totally out of control:
+if [ -r CHANGES ]; then
+  DOCSDIR=$(echo $PKG2/usr/doc/*-$VERSION)
+  cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES
+  touch -r CHANGES $DOCSDIR/CHANGES
+fi
+
+find $PKG2/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \;
+find $PKG2/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \;
+cd $PKG2
+mkdir -p install
+zcat $CWD/doinst.sh-openssl-solibs.gz > install/doinst.sh
+cat $CWD/slack-desc.openssl-solibs > install/slack-desc
+/sbin/makepkg -l y -c n $TMP/${NAME2}.txz
diff --git a/source/n/openssl/openssl0/slack-desc.openssl b/source/n/openssl/openssl0/slack-desc.openssl
new file mode 100644
index 000000000..57227c043
--- /dev/null
+++ b/source/n/openssl/openssl0/slack-desc.openssl
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.  Line
+# up the first '|' above the ':' following the base package name, and the '|' on
+# the right side marks the last column you can put a character in.  You must make
+# exactly 11 lines for the formatting to be correct.  It's also customary to
+# leave one space after the ':'.
+
+       |-----handy-ruler------------------------------------------------------|
+openssl: openssl (Secure Sockets Layer toolkit)
+openssl:
+openssl: The OpenSSL certificate management tool and the shared libraries that
+openssl: provide various encryption and decryption algorithms and protocols.
+openssl:
+openssl: This product includes software developed by the OpenSSL Project for
+openssl: use in the OpenSSL Toolkit (http://www.openssl.org).  This product
+openssl: includes cryptographic software written by Eric Young
+openssl: (eay@cryptsoft.com).  This product includes software written by Tim
+openssl: Hudson (tjh@cryptsoft.com).
+openssl:
diff --git a/source/n/openssl/openssl0/slack-desc.openssl-solibs b/source/n/openssl/openssl0/slack-desc.openssl-solibs
new file mode 100644
index 000000000..58609e68b
--- /dev/null
+++ b/source/n/openssl/openssl0/slack-desc.openssl-solibs
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.  Line
+# up the first '|' above the ':' following the base package name, and the '|' on
+# the right side marks the last column you can put a character in.  You must make
+# exactly 11 lines for the formatting to be correct.  It's also customary to
+# leave one space after the ':'.
+
+              |-----handy-ruler------------------------------------------------------|
+openssl-solibs: openssl-solibs (OpenSSL shared libraries)
+openssl-solibs:
+openssl-solibs: These shared libraries provide encryption routines required by
+openssl-solibs: programs such as openssh, bind, sendmail, and many others.
+openssl-solibs:
+openssl-solibs: This product includes software developed by the OpenSSL Project for
+openssl-solibs: use in the OpenSSL Toolkit (http://www.openssl.org).  This product
+openssl-solibs: includes cryptographic software written by Eric Young
+openssl-solibs: (eay@cryptsoft.com).  This product includes software written by Tim
+openssl-solibs: Hudson (tjh@cryptsoft.com).
+openssl-solibs:
diff --git a/source/n/openssl/slack-desc.openssl-solibs b/source/n/openssl/slack-desc.openssl-solibs
index f65bf12c9..58609e68b 100644
--- a/source/n/openssl/slack-desc.openssl-solibs
+++ b/source/n/openssl/slack-desc.openssl-solibs
@@ -9,11 +9,11 @@
 openssl-solibs: openssl-solibs (OpenSSL shared libraries)
 openssl-solibs:
 openssl-solibs: These shared libraries provide encryption routines required by
-openssl-solibs: programs such as openssh.  They are also used by KDE's Konqueror web
-openssl-solibs: browser to provide secure web connections.
+openssl-solibs: programs such as openssh, bind, sendmail, and many others.
 openssl-solibs:
 openssl-solibs: This product includes software developed by the OpenSSL Project for
 openssl-solibs: use in the OpenSSL Toolkit (http://www.openssl.org).  This product
 openssl-solibs: includes cryptographic software written by Eric Young
 openssl-solibs: (eay@cryptsoft.com).  This product includes software written by Tim
 openssl-solibs: Hudson (tjh@cryptsoft.com).
+openssl-solibs: