[master] openssl 1.0.2f patch

4306. [maint] Added a PKCS#11 openssl patch supporting version 1.0.2f [RT #38312]

[master] openssl 1.0.2f patch
4306. [maint] Added a PKCS#11 openssl patch supporting version 1.0.2f [RT #38312]
e073205a · Evan Hunt · 832ab79d · e073205a · e073205a · e073205a
Commit e073205a authored Jan 28, 2016 by Evan Hunt
--- a/CHANGES
+++ b/CHANGES
+4306.	[maint]		Added a PKCS#11 openssl patch supporting
+			version 1.0.2f [RT #38312]
+
 4305.	[bug]		dnssec-signzone was not removing unnecessary rrsigs
 			from the zone's apex. [RT #41483]


--- a/bin/pkcs11/openssl-1.0.2f-patch
+++ b/bin/pkcs11/openssl-1.0.2f-patch
--- a/doc/arm/pkcs11.xml
+++ b/doc/arm/pkcs11.xml
@@ -169,14 +169,14 @@ $ <userinput> /opt/pkcs11/usr/bin/softhsm-util --init-token 0 --slot 0 --label s
    <para>
      The modified OpenSSL code is included in the BIND 9 release,
      in the form of a context diff against the latest versions of
-      OpenSSL.  OpenSSL 0.9.8, 1.0.0, and 1.0.1 are supported; there are
-      separate diffs for each version.  In the examples to follow,
-      we use OpenSSL 0.9.8, but the same methods work with OpenSSL
-      1.0.0 and 1.0.1.
+      OpenSSL.  OpenSSL 0.9.8, 1.0.0, 1.0.1 and 1.0.2 are supported;
+      there are separate diffs for each version.  In the examples to
+      follow, we use OpenSSL 0.9.8, but the same methods work with
+      OpenSSL 1.0.0 through 1.0.2.
    </para>
    <note><simpara>
-      The latest OpenSSL versions as of this writing (January 2015)
-      are 0.9.8zc, 1.0.0o, and 1.0.1j.
+      The OpenSSL patches as of this writing (January 2016)
+      support versions 0.9.8zh, 1.0.0t, 1.0.1q and 1.0.2f.
      ISC will provide updated patches as new versions of OpenSSL
      are released. The version number in the following examples
      is expected to change.