bump(dev-libs/openssl): sync with upstream

Current version (openssl-1.0.1c) is old and has a parallel-make build issue that can cause the build to fail randomly. Upgrade time! New stable version is openssl-1.0.1f
2025-10-10 15:01:50 +02:00 · 2014-02-16 23:25:21 -08:00 · 2014-02-16 23:25:21 -08:00 · 672c56be39
commit 672c56be39
parent 82a33ae0eb
29 changed files with 1766 additions and 972 deletions
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/ChangeLog
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/ChangeLog
@ -1,6 +1,193 @@
 # ChangeLog for dev-libs/openssl
-# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
+# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.470 2013/02/03 23:44:01 ago Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/ChangeLog,v 1.513 2014/01/26 11:59:33 ago Exp $
  26 Jan 2014; Agostino Sarubbo <ago@gentoo.org> openssl-1.0.1f.ebuild:
  Stable for sparc, wrt bug #497838
  26 Jan 2014; Agostino Sarubbo <ago@gentoo.org> openssl-1.0.1f.ebuild:
  Stable for ppc64, wrt bug #497838
  26 Jan 2014; Agostino Sarubbo <ago@gentoo.org> openssl-1.0.1f.ebuild:
  Stable for ia64, wrt bug #497838
  25 Jan 2014; Mike Frysinger <vapier@gentoo.org>
  +files/openssl-1.0.1f-revert-alpha-perl-generation.patch,
  openssl-1.0.1f.ebuild:
  Fix build for alpha systems #499086 by Matt Turner.
  21 Jan 2014; Pawel Hajdan jr <phajdan.jr@gentoo.org> openssl-1.0.1f.ebuild:
  x86 stable wrt security bug #497838
  20 Jan 2014; Agostino Sarubbo <ago@gentoo.org> openssl-1.0.1f.ebuild:
  Stable for ppc, wrt bug #497838
  19 Jan 2014; Agostino Sarubbo <ago@gentoo.org> openssl-1.0.1f.ebuild:
  Stable for alpha, wrt bug #497838
  19 Jan 2014; Markus Meier <maekke@gentoo.org> openssl-1.0.1f.ebuild:
  arm stable, bug #497838
  18 Jan 2014; Pacho Ramos <pacho@gentoo.org> openssl-1.0.1f.ebuild:
  amd64 stable, bug #497838
  17 Jan 2014; Jeroen Roovers <jer@gentoo.org> openssl-1.0.1f.ebuild:
  Stable for HPPA (bug #497838).
  17 Jan 2014; Mike Frysinger <vapier@gentoo.org> files/gentoo.config-1.0.1,
  openssl-1.0.1f.ebuild:
  Initial arm64 and little endian ppc support.
  17 Jan 2014; Mike Frysinger <vapier@gentoo.org> openssl-1.0.1f.ebuild:
  Mark m68k/s390/sh stable #497838.
  16 Jan 2014; Mike Frysinger <vapier@gentoo.org> openssl-1.0.1e-r1.ebuild:
  Mark m68k/s390/sh stable.
  06 Jan 2014; Lars Wendler <polynomial-c@gentoo.org> openssl-1.0.1f.ebuild,
  +files/openssl-1.0.1f-perl-5.18.patch:
  Fixed build with perl-5.18 (bug #497286).
 *openssl-1.0.1f (06 Jan 2014)
  06 Jan 2014; Mike Frysinger <vapier@gentoo.org> +openssl-1.0.1f.ebuild:
  Version bump.
 *openssl-1.0.1e-r3 (20 Dec 2013)
  20 Dec 2013; Mike Frysinger <vapier@gentoo.org>
  +files/openssl-1.0.1e-rdrand-explicit.patch,
  +files/openssl-1.0.1e-tls-ver-crash.patch, +openssl-1.0.1e-r3.ebuild:
  Add fix from upstream for crashes w/TLS 1.2 #494816 by Agostino Sarubbo.  Also
  add fix from upstream for rdrand selection.
  26 Nov 2013; Lars Wendler <polynomial-c@gentoo.org> -openssl-0.9.8u.ebuild,
  -openssl-0.9.8v.ebuild, -openssl-0.9.8w.ebuild, -openssl-0.9.8x.ebuild,
  -openssl-1.0.0h.ebuild, -openssl-1.0.0i.ebuild, -openssl-1.0.1a.ebuild,
  -openssl-1.0.1b.ebuild, -openssl-1.0.1c.ebuild, -openssl-1.0.1d.ebuild,
  -openssl-1.0.1d-r1.ebuild, openssl-1.0.1e.ebuild,
  -files/openssl-1.0.0d-alpha-fix-unalign.patch,
  -files/openssl-1.0.0d-alpha-typo.patch,
  -files/openssl-1.0.0e-pkg-config.patch, -files/openssl-1.0.1-ipv6.patch,
  -files/openssl-1.0.1a-hmac-ia32cap.patch,
  -files/openssl-1.0.1d-s3-packet.patch:
  Removed old vulnerable versions. Removed all but ppc64 KEYWORDS from
  openssl-1.0.1e.ebuild.
 *openssl-1.0.1e-r2 (23 Oct 2013)
  23 Oct 2013; Mike Frysinger <vapier@gentoo.org>
  +files/openssl-1.0.1e-s_client-verify.patch, +openssl-1.0.1e-r2.ebuild:
  Add fix for s_client verify #472584 by Fabio Coatti.  Disable 128bit math
  logic for now #469976 by Jim Faulkner.
  15 Oct 2013; Mike Frysinger <vapier@gentoo.org> openssl-1.0.1e-r1.ebuild:
  Disable 5 second delay in config when building for some targets.
  15 Oct 2013; Mike Frysinger <vapier@gentoo.org>
  +files/openssl-1.0.1e-perl-5.18.patch, openssl-1.0.1e-r1.ebuild:
  Add patch to fix building w/perl-5.18 #483820 by Mike Gilbert.
  14 Oct 2013; Mike Frysinger <vapier@gentoo.org> metadata.xml,
  openssl-1.0.1e-r1.ebuild:
  Add USE=tls-heartbeat for controlling the heartbeat extension.
  13 Oct 2013; Agostino Sarubbo <ago@gentoo.org> openssl-0.9.8y.ebuild,
  openssl-1.0.1e-r1.ebuild:
  Stable for sparc, wrt bug #455592
  08 Oct 2013; Mike Frysinger <vapier@gentoo.org>
  files/openssl-1.0.1-parallel-build.patch:
  Fix parallel build failures when generating header files.
  23 Sep 2013; Jack Morgan <jmorgan@gentoo.org> openssl-1.0.1e-r1.ebuild:
  removing ppc64 openssl-1.0.1e-r1 wrt bug #469976
  23 Sep 2013; Jack Morgan <jmorgan@gentoo.org> openssl-1.0.1e.ebuild,
  openssl-1.0.1e-r1.ebuild:
  ppc64 stable for openssl-1.0.1e and ~ppc64 for openssl-1.0.1e-r1 wrt bug
  #469976
  22 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openssl-0.9.8y.ebuild,
  openssl-1.0.1e-r1.ebuild:
  Stable for alpha, wrt bug #455592
  22 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openssl-0.9.8y.ebuild,
  openssl-1.0.1e-r1.ebuild:
  Stable for ia64, wrt bug #455592
  15 Sep 2013; Markus Meier <maekke@gentoo.org> openssl-1.0.1e-r1.ebuild:
  arm stable, bug #455592
  15 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openssl-0.9.8y.ebuild,
  openssl-1.0.1e-r1.ebuild:
  Stable for ppc64, wrt bug #455592
  15 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openssl-0.9.8y.ebuild,
  openssl-1.0.1e-r1.ebuild:
  Stable for ppc, wrt bug #455592
  15 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openssl-0.9.8y.ebuild,
  openssl-1.0.1e-r1.ebuild:
  Stable for x86, wrt bug #455592
  15 Sep 2013; Agostino Sarubbo <ago@gentoo.org> openssl-0.9.8y.ebuild,
  openssl-1.0.1e-r1.ebuild:
  Stable for amd64, wrt bug #455592
  12 Sep 2013; Jeroen Roovers <jer@gentoo.org> openssl-1.0.1e-r1.ebuild:
  Stable for HPPA (bug #455592).
  09 Jun 2013; Mike Frysinger <vapier@gentoo.org> metadata.xml:
  Add upstream CPE tag (security info) from ChromiumOS.
  21 May 2013; Mike Frysinger <vapier@gentoo.org> +files/gentoo.config-1.0.1,
  openssl-1.0.1a.ebuild, openssl-1.0.1b.ebuild, openssl-1.0.1c.ebuild,
  openssl-1.0.1d-r1.ebuild, openssl-1.0.1d.ebuild, openssl-1.0.1e-r1.ebuild,
  openssl-1.0.1e.ebuild:
  Update the target used for s390x systems #470740 by Agostino Sarubbo.
  11 May 2013; Mike Frysinger <vapier@gentoo.org> openssl-1.0.1c.ebuild:
  Mark m68k/s390/sh/sparc stable #454566.
 *openssl-1.0.1e-r1 (27 Apr 2013)
  27 Apr 2013; Mike Frysinger <vapier@gentoo.org>
  +files/openssl-1.0.1e-bad-mac-aes-ni.patch, +openssl-1.0.1e-r1.ebuild:
  Tweak DESCRIPTION to remove protocol version info to be lazy and avoid keeping
  it up-to-date #458204 by Walter.  Automatically enable optimized EC 64bit code
  when the compiler supports it #460790 by Ameretat.Reith.  Add fix from
  upstream when running on AES NI platforms #463444 by Markus Oehme.
 *openssl-1.0.1e (20 Feb 2013)
  20 Feb 2013; Mike Frysinger <vapier@gentoo.org>
  +files/openssl-1.0.1e-ipv6.patch, +openssl-1.0.1e.ebuild:
  Version bump #458414 by Per Pomsel.
  19 Feb 2013; Zac Medico <zmedico@gentoo.org> openssl-1.0.1d-r1.ebuild:
  Fix for prefix and add ~arm-linux + ~x86-linux keywords.
 *openssl-1.0.1d-r1 (08 Feb 2013)
  08 Feb 2013; Mike Frysinger <vapier@gentoo.org>
  +files/openssl-1.0.1d-s3-packet.patch, +openssl-1.0.1d-r1.ebuild:
  Add fix from upstream for 1.0.1c regression #456108 by Ryan Hill.
  08 Feb 2013; Mike Frysinger <vapier@gentoo.org> openssl-1.0.0h.ebuild,
  openssl-1.0.0i.ebuild, openssl-1.0.0j.ebuild, openssl-1.0.1a.ebuild,
  openssl-1.0.1b.ebuild, openssl-1.0.1c.ebuild, openssl-1.0.1d.ebuild:
  Drop /~checkout~/ from pld cvs url #455892 by Csaba Péter.
 *openssl-0.9.8y (06 Feb 2013)
 *openssl-1.0.1d (06 Feb 2013)
  06 Feb 2013; Mike Frysinger <vapier@gentoo.org> +openssl-0.9.8y.ebuild,
  +openssl-1.0.1d.ebuild:
  Version bump #455592 by Hanno Boeck.
  04 Feb 2013; Agostino Sarubbo <ago@gentoo.org> openssl-1.0.1c.ebuild:
  Stable for alpha, wrt bug #454566
  03 Feb 2013; Agostino Sarubbo <ago@gentoo.org> openssl-1.0.1c.ebuild:
  Stable for ia64, wrt bug #454566
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/Manifest
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/Manifest
@ -1,41 +1,56 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA256
 AUX gentoo.config-0.9.8 4246 SHA256 a38f4a9af890303d764b04eab64dd618b60599762d3ab3286b667c1ee38d2b75 SHA512 04ca7a9cb42762060216cf2696003d1087b1504e7f79278b0509b6a03da0bba0a13cdbe9fd713754379e09dc6bf0e7354fc1bcbaf8a7d75f4a400fe6c8868ab7 WHIRLPOOL 3d5524dda714eec5236b7d15e36c0633d75c750ba5555df2c5da59781cd6d0005f5810dad001758635def1894f27f83fde45e80f51c5467603c54a2b1389e22a
 AUX gentoo.config-1.0.0 4748 SHA256 67ae024ebb87a8236a358a081f2d9b038eef2d0f432705d05063274e7af28b4e SHA512 c68b7eb3d07a3b619f6c3e5f508e594efe2991aef91d8904019f967c20a7e9e9604d8fce1271b5bc247856411e81a800eed7710da46645b9d5d9e5cb184ab99b WHIRLPOOL a849c1ea7d7d0dfeac675636e801dd050c66866f6327e6619f233ede0fc0e59f5f2f554f7812a0c33bd40d76a7ba85ca3aab0a00f964e971de97f5af11a527bc
 AUX gentoo.config-1.0.1 4980 SHA256 e7dd01bc76f0262c91b0a3a56bbf0675feedd6d5c6e61f8dcb5e3c538b113424 SHA512 1900cf603954dc4213d84d2f1f10fb74310dd8134f9c1bcf5f633a45e2ab27398f51656ac2f4165f86be78b19283374689766e3a5d7b43e16afeff884f31a1a0 WHIRLPOOL 2fd9eb3e46a262509f46f5ee6cef963e0bf32ff2c2dc3acb2fdf890326b4db801c0c90814df6f206fc6bc8aaf1184eb68289beb33e36dcebd890bb9e2855545a
 AUX openssl-0.9.8e-bsd-sparc64.patch 1484 SHA256 8a79f022a17a7fadb4eb708538b41a7a034e21ad84162beb1f7fa7cff5eb487e SHA512 dbbfae5ce19a4247a6b1ca4a45ca6c15904e13e6bf603447cb5d9820292ceb411792e29db0001c5869e3c4cb0a8afe7fb64d35f007052efc68098301c2e81def WHIRLPOOL 36959cfb8a3f2ac05b28fb6c0e28574f0267ddb6f89471e663ee370a1a1ce3e6c85c6a637098acdac4644f4c20370e2775d9c2610ff03a5ae2a7662d79a60e95
 AUX openssl-0.9.8h-ldflags.patch 1048 SHA256 2c7cca7b59efc9da5de2efebec2085933295c2875d221c54897dae770cca45de SHA512 71faa144f3a5c9e9b55a05d856e8d1e6d76fd3c00078d7e44a1637076cc86eea018d533ad1dd677a28ebbb1418794b7d029d993d66601f2bc02f497b1cc7eb6e WHIRLPOOL bab4de438c687752e497c8cc3dd2d24015d189fdcccaec5e35c1f738177ad39555dc70d80fd3efba46db425bdf3b471f380a91466a2d17316d491755893763bd
 AUX openssl-0.9.8m-binutils.patch 684 SHA256 1e4475f7183ec237d129b686d4ca5265bf7eb34642e7d9e77cbe8ad9a97b4876 SHA512 5e8a20111bd4809e7375c7323dab2c2edd6a131d1ec2377ee99c5e06ceb7b4b000e9606ba6d0e68cd67d8e001cc8194e11e301eace0feb066d5f3c5b331b5f04 WHIRLPOOL dd4a0329e571e4f9322806fce2e6c510b978b68e5c6c64bfbe6993da16989c1a5451fe1e5b0509c0022925ca356cf3309799cdc204998107425fb016cb49da2d
 AUX openssl-1.0.0a-ldflags.patch 891 SHA256 f04cef1b912681393236f9631792cd404783586c2fd8e0f011ace6236cc6dc4a SHA512 8ced9f22e413f81ff0563793bd6b765912af16671a0d10bff0c518c44bced0177dbcd6536359ff5b6bd5d49fa5032de47c719198444254d4814e4b21301f606c WHIRLPOOL f9b2641b8df926ff5d9d5cf5a7737f5cb4a3a2be2225911ebebd944f13219acfac07d496eec9a8e91af3f50ac1275dc7b0652354e8e958a0d3f6708e641f8970
 AUX openssl-1.0.0d-alpha-fix-unalign.patch 1377 SHA256 e5f1c60ea82f22d7f388ecc9db42aa872e1329a672e41297bec2bf9b7a662244 SHA512 dbd953cfeeac148277a03ef86bf3e293fa2620c0b4d18888c141ac234b9d492b016745553b6c8937eee784dea5706be29794c7a456928da0d7ce47f4ac63d120 WHIRLPOOL 8fd0ce44a2f64df2a55155162a606edd2b1c1cd82196f6be89de0a8c2262067eedf1f14647407c9bb3d8eda7598c4eda078f6d597cfc97487cb4e54d9c6e196f
 AUX openssl-1.0.0d-alpha-typo.patch 235 SHA256 60d2cb4cae47b5d61aeca2b6e0ae45d82c3b2ba698df72d10ee26370abd354ab SHA512 5993c77d15cd19353c218863e65d773c42c2a11e35247f991d7f388965e64fef3aae0659c02698bd5b4cd28dcbf7c4c40beb63dea1ac7b4ec041965eaf16b0db WHIRLPOOL 9eb3808e8ca7793b1cdd926d4a63822006be54cb0085855af27bfa57ff792772828d3f20b4598036f3ab075d6a24cad456dc19f995d6ec5ccf5c26a22ca46ccf
 AUX openssl-1.0.0d-fbsd-amd64.patch 417 SHA256 c72d33d0ac88280fb444574f236fefd73db4b968d342b0fb4530cdffbe2fff5a SHA512 3f9805ce1b3e52e3c14c79104a76b42f94df677be2567b4d4f25fd1e964d60bac39fae4f4e0175583da5eeea012315d95d27656c8ad7613ad31e4f82f036c301 WHIRLPOOL 6b51beb8fd9874a0683136df7dd21bec72de85abd1e561397ecbdb2fb7633047738d2b9bb4cad2610b3788b9995ff40212383b7dd752074e9af5d671780b0ccc
 AUX openssl-1.0.0d-windres.patch 2890 SHA256 27664cfab4852f1a301c4020375eba029c8a1728d58829c831a36d3aa2fbe9f4 SHA512 32187d0a04c85118cc763ff1fe8c4635622294fe629b920c47e16408aa720fee2bcc42f97120f6750b59996878e0a3d249143d728a5b5775ec3a022f81bc230a WHIRLPOOL d5979143f7e637b0072f7d5f214d80f5cc0e53f54358781d7f10c0cdb15c2b52813e12d2aa07dde2b40e7a88fcb26d1d619443a8012530d90789609cf5ac4083
 AUX openssl-1.0.0e-parallel-build.patch 9055 SHA256 dc7b14a29d4efc26bf14c5c37e9c3696448826a639ebf9c8485f9f2ddd7efc9b SHA512 1c34083ae3b4833792a0236a6fc73d14056aeb4f4ad086be42865f46dc81a15f017f76cc82c5e8d7cc296f6c7826fb060bf5388cba1653dc7d1fda78208513c5 WHIRLPOOL 5d31f5fdbddad7869912762bb39bcb0e93b0cfc81f3e3a5833f35517349662b9c59369524a05848fde92be600e8decc486219913a0ca3ea27761736cbee96ead
 AUX openssl-1.0.0e-pkg-config.patch 1702 SHA256 f506d94ee240776e3f5d93ecdaa010539aa264ec4553b09fa8093074401fe98b SHA512 b28c4118a5157fded2c01a6a61891c69c2c511972ec1afccf1d124736446588838b3025c4a0e41c440aca1e784aa05161fca38e9b6e6f90746263b108b956ac2 WHIRLPOOL 86d32914a757d519b513bec0c0a7e1592775782f8ba5b9c85c8bb01612e6c700c40d5f22f2713e974e140e2841c5852b7391056709b9c353eb1a64df7087e080
 AUX openssl-1.0.0e-x32.patch 4113 SHA256 e3c5118541d580d3cac2fe9f8af54059f81518b9bec0f07aaa1b77e03b85b1c9 SHA512 3e45360aea727f7835c192bc7f0271b0b8fc29c7262b6a96744c88aa56242044872fe170f64e48e0757b5d0a8b7650c786b2b3799bb353d3803253c42691dfaf WHIRLPOOL 1afe85e83041773fea3fbe7264f67d13e6ca0c821a64d3e78de694085cb2270b6f6bfa88c17c1fd5ec9ccc13c58355bca04b6652646b9a754636bdb07c1f8659
 AUX openssl-1.0.0h-pkg-config.patch 1289 SHA256 542dea12747b1cb667707250e3eb3803cbdd396bd0d8e836e48a8018417dc1b8 SHA512 4d1f66dc8615cdf7c96719c8cc909c7d908089e91b0cfe2dd08ae7a332c525b5384e2eb8eb3922e89cbc035167f581eaa606ba826fca6253f16f89f66a9ef225 WHIRLPOOL cdd63a06205b0237ddef1f56df2accf29e5f43f886aed01f95711b49a3af07d87afd0953cb3c12c7e97d4a3392f7c691257dcb7ad3e97cc6fbf1cf399a8a6394
-AUX openssl-1.0.1-ipv6.patch 19237 SHA256 0fae6057881fb43e775cabafb6ff6af6cfaa40eebf64be26ff77a9d4b8bc6b2c SHA512 df55d28b6668ade3041e8d33cf7f98c5770d0b0935a6ba33468783eec6065dcf37ba8d59ba94ea1938afcf3377db176cb27ce417897194c64fc8a75a3f7f924e WHIRLPOOL 90a3cae043a44505ef73cfbc5d48a72309f8eb513789ab3209dac5471983452f10443cee07654867b12860b79840a6b24c5c3a8cd27cb5f3e031068eab196069
+AUX openssl-1.0.1-parallel-build.patch 10614 SHA256 f3aa674880ffa53a891d3f9054a1ff162c4461b3ec160a365990275907636259 SHA512 439015b3b007adfbab047a1e3e12a9700030779a593bba1a30e9554c7c02eb1cffe9acb089546954e87163847cf86b13130abf9646eb5d00a2ff725b534f84d5 WHIRLPOOL 673f6f045765effb9ded607bf8116a81e7bfeee78ba0e8a34892081c272239a2b75fbb14f4c48b61d93593fac8e1b1e8bef7223f4cc64e8443e19c8f337ab6bc
 AUX openssl-1.0.1-parallel-build.patch 9918 SHA256 bd56e5fe1b6fe594ab93f34d25fef0b7372633bad8532f81da998f3e6655d221 SHA512 7255b3315133e415631b2ecadc8f5c50a705b9db507c46efded0190363ce9eb31ffbfe01c500669c060878e5202f858b1d2475c64948426fbf70820b4c798ba1 WHIRLPOOL 8a8c71c3806db85d6c6b355717cb4aa1e421fa1777aa7dcd7ee817ac1e552d4b671cdd7cceef9aee1a7dc1b305eb722b1ba0219832c7a6c1b808a0c49212df05
 AUX openssl-1.0.1-x32.patch 3273 SHA256 a4f05b8757e225a05a9c5a3ea485159066760d878c9ee54c4eaf61760e33c6cf SHA512 6bed57fe2fbe2d0ced1279b53804d94426a679d5d6b80ad7d0ed18523a7fda397e02038032c08cdd4e6034f9ff6e82cad365ff2a724d49d91467cf2b77f47752 WHIRLPOOL 1366632e7dc1c6e54efc5b9791bf24833d20e7a61ca29aa38d31b5b9629febf926a29742e370b7cd6767c810c0a1676100ca9169f0d836dfd19ff0b2c29e49c1
-AUX openssl-1.0.1a-hmac-ia32cap.patch 1876 SHA256 798f883a1852ecf50fff5c7cd97b7b5162931fb5ba0f21ba0d3ca26e23c8e967 SHA512 4a13394757e9fdd3a7713cad75c464a33e17860529ee136f988c40e6ee5988483ed3307e5603a5a9ef336b2c94ca35e4707fb493138d79c36aa1c646df6cc81c WHIRLPOOL f04aaf4b0a7ad501d8f3a35e0219f7e7bf73851ba9b1b756e6a0791badf850dc04ffe69ce3fe99045a7a6c9672b10ec5447c5de21ba4bdd44b70bf8fd56372aa
+AUX openssl-1.0.1e-bad-mac-aes-ni.patch 1220 SHA256 484fe928925965e98bb0fccc14d6a1e2469507e513a4257a1741e725e9fabf8d SHA512 0c3ad477cd4a8e61e6235eda23b5efbf15aef23f3a753f30c35ec170236d9d3a52d11736d25b9995dd60cf534382b9ad7bf36aa6a95aa9fbd12a3019176d04f2 WHIRLPOOL 1e40dd340dc06e1d13447a72dcc6e6acaaab3270b118e37699bccab05ac6f47d196239bdec6be24182e46d57f2f5e3f927e64bb7346e6d4aa19b28155c2918c6
-DIST openssl-0.9.8u.tar.gz 3781776 SHA256 0548e4b9171a62dcbbe85e63d9b897a35de718e0fe19b3fe56002c8f5a3ba587 SHA512 5c5998a74b70fb0624086d22f2bc16b6114819deae13c777f93e1c3cf0c1efc6e7adad4a8b00a45c1a112596ac9ea07330356af02d86a82667bb216327cdde34 WHIRLPOOL c6059d0fa69fea76f645afaa0b9d40ea9c5cab310d1e522aaba5b7176dbe89136af74e70577e16e0926c824f646ee3c6902cdc0c87305fd7693a9e4b7e1f4585
+AUX openssl-1.0.1e-ipv6.patch 18596 SHA256 430d15f2f62c2d7b9bbb968d3c1d3cea51c97d549e01683fd6befb20e2b60946 SHA512 15bfcafc8c173d2875954a43db19d15956619528a0fc356b6d36877f7434321071cf707d950767491261adc1e6403e56b3e014e3d0ffb6cef563daca00a128bd WHIRLPOOL d1dd63d00b166efb1ca9e5d8da931a47e571f5784e3b47780355553b4d0cf656885375e3fe7fc1554b6c5eb749371efeb370c7462e4fcc52c0dd85c6e2318ad8
-DIST openssl-0.9.8v.tar.gz 3782207 SHA256 701ac4dbd27b9237919b214b53bc0d08e5e1448f2d0fbe1c80479293d2379a65 SHA512 5e625c69b6176bbb4acd0c4b5751d694591156f672e79fecd72c2a7e782e27cb67f0bfe2aea662b2e81f2f4c71ce9805bb5b8da023b368f35952b052e04520f9 WHIRLPOOL 66ea39d7f67259bf17f614de17e76c4c01e910aece24a3f9b107c7f0119809c8b86e098e92639d7c94417e45bc80c670cc3838520743b5ccc632905d1140d66f
+AUX openssl-1.0.1e-perl-5.18.patch 8211 SHA256 0d2263de7cd1e814cf7583a738d7c439dadb6f195793a29356186b336edc5a98 SHA512 4b56cae218af916c5d7f1006f0a17e34eebc6ee9fb08789db0b18b7e0d6ca7ea0b297efdc712f8951b4db55d15dffea33faa939d2daa42db6be61670e43f0412 WHIRLPOOL 78ced5c41dba502f93f92322516ac8774ff73ce236c7cf793f7e502822c8b0c288f2ed4360d89d2ff2bfaf969f6bd0cc12b28151eda0217197c60bf6a561d8cf
-DIST openssl-0.9.8w.tar.gz 3782900 SHA256 537411fe2cfe249a8a5b98b3f809a07ed5f913b94a216b3c510fd353318e4593 SHA512 3d93c96ec5550ae6936b353aa48081b9d8a4adfbd5a51d58b44916961e56fb9aedd30621a99ca3618aa3c6b3e15f30a10457d98629ef6ee0c6cb5518606981ca WHIRLPOOL 0ebc673d02489be248b62f800a99d714b7751702fcb7050f40c2231b318aeb3c868cdd48abc9dcecd018139c30b6e23764d0525bafde17097699e9767a3534dd
+AUX openssl-1.0.1e-rdrand-explicit.patch 936 SHA256 0eb50c82edb24c0ff4b5b2e6c41e4d11e9288b33dca05dd2b5fd613c0bc5b815 SHA512 2b4744dcd200d42a90c7640e3b5d16fa215e042ed4ae675504c20788fdd591cc866313d65be4e72e8992961d2e46f1945b006f4449710e23660c1ef666f17fdd WHIRLPOOL 0257c7919dbb6e82c52d5cd6f3cf909fda64782a1025b1a4f964acb42bd00c0a11b009a9b968250afbd44ccd9578949bb6e73f04d6238514d1b84673602fde87
-DIST openssl-0.9.8x.tar.gz 3782486 SHA256 7ce0c7f2c451070b4497ea7ca6f23eba6cef1a56db2e86e433f65926a7bc7497 SHA512 195ba38e5a3ecb9ea65ed1c0dfd7a7c7c8d25683cb401a4c68880a58b0dc3f3002186381ab1ddac64cc441ecd86606aa14bb91ecfc0c56b31ba85015589afdb2 WHIRLPOOL c54f046600443e16dcb41ef1bbb8a803f701f3af4b2a2011419fb1528838f412dc003155a3fbf5e0d15c64c64c3368e628e145cfc90671a0c2b333ac3a4c2ff9
+AUX openssl-1.0.1e-s_client-verify.patch 592 SHA256 6f540fce663eefbe68cee16ad7d8d561d6c898eeb4180c2f4a4caa7e43c6d0c9 SHA512 117b1017e1259667078d3ccdcd9fd46357c6f85cf2702794f49c612b37acdc044fe88f871dbe46fcad9ed4cd8aaaaee800dddb5286203322802efd7549a43b68 WHIRLPOOL 70a4cc36b1dcb24d7e9bcef016684fb2394977f7f20aa332ebd0aa15e3f4c16c74563d2fc0ba8d70669f6cc9a13bf8a30cdb28ebafe2d102cd2859a4e32c38d7
-DIST openssl-1.0.0h.tar.gz 4048067 SHA256 7e3dfc21aa57ed33ea673170053d1921322803b8a6a624a4f0d2e4c308bd418d SHA512 6a1129fa4c90ed67cdeec5578f72ee74ceb983877bbbac41b6ace4abcf4154d6b8217d11951296a1fdfade82c7b9e59e7994fca94e7eb78026b2980fec7be9c5 WHIRLPOOL edec087ef7bf3b6300c2b5870471eca793a0cba217f1ae728d808757749bdc1bdc193c21d86ecf9ba47ca4d0e6bebd1d6407654637226b6dece68b75b8295bc5
+AUX openssl-1.0.1e-tls-ver-crash.patch 1210 SHA256 720ea2617ad5ba4ab8e16da3fd42858d2daf35a39377c649f408e13012a57e37 SHA512 c0a33d1e7d91d54b4dee2a9392cc1ca31b9038b168eeb471e58620c8e6bf2b86d6bdc6b83a96d47717bb703beee79261a73f607521d3f76d1bfa4563e2db0a3c WHIRLPOOL 758d6877bc6181c1dd354d6737a998e3bd77627789e6f184f1958836f084cbd64b4c6427410fa51f120b5d1b56dc4378180ef90d5b91992629f36917081eb5d1
-DIST openssl-1.0.0i.tar.gz 4047721 SHA256 548262d15777c504be1ab9bb8fabef1e14a3de54837a6593c8f403dd843d5e57 SHA512 b35d64c038f913fcec8cdec5f8a801425dd4bafb1472548a8c13cbce2245aabfc0ca416e166ac6063d59375817f6560390079156db41b98a83db44307ac0cecb WHIRLPOOL a0854284830ec7e7e2c4418423d089f91a0f81bc7313dd1d1791b20d4b78bfc7543834baad2e8817a3809eb8db10079ee1e84f40ef5003ff9330ad49adf142b8
+AUX openssl-1.0.1f-perl-5.18.patch 7820 SHA256 e45c6856ef35b16e150282afa59432e783943e6aee62394f8a0e79ccd469fd84 SHA512 2fcda9f76968e8a193892170b2acc06b246c5a04bda2c501fa223231af0e4b2a38afd1adaf83cce4afd4210cdfd9cae8251aeb9510f24bcb50e7aeaa9fa09364 WHIRLPOOL 38768056d2bc4cd719c88038d201f765420a7d47b5dbd73b6d86347e59b4a1fc62f5f27d6c576fb73184fcfe26917446753d871db22aeac2a205f0bd18d2bbc3
 AUX openssl-1.0.1f-revert-alpha-perl-generation.patch 3029 SHA256 3b4b3e40f70330219a139d8562ed5ebc171c5e7ebf1ab2b29e295ccf435fb6eb SHA512 77f45b12211cb790ae362bed9417590f87a1749d6300dde408f00590ed86e7b05d05909f0a2356e5c64711319d2f8759ad452eaccc0f64c7578916b31462251f WHIRLPOOL a2140b00e69b2dc74d290db0c2d12d3d5e5ca7452710c3f3b2fdde8a06aa0f398212bd263d9a37cfea3df407aa1d26a996b852183955ca5eb4e8c061ca8cb68c
 DIST openssl-0.9.8y.tar.gz 3785001 SHA256 bbecf13495e612936e3a9860c29c0701413564b7a964bf771a3575eaa867cee3 SHA512 cdc05067343d6b06a0d0278e90abcea9bf58439c98279ce0ce22673bf6f4a6597babcb276635c3b15cf04ec76cf53320236f5b6bbc46544a61280825f5b7b3cc WHIRLPOOL c8c9cb00f303c2d95a1d2000c74bb146fb069da9471093bf7a2c00db2a5955c2d63908b3314eb9cd12ea1e80c3bac143d3774bc27515f2ab03c5ef4d88b61612
 DIST openssl-1.0.0j.tar.gz 4047852 SHA256 626fb8fcb3eb7e966edbe71553ff993d137f6e8a87b05051a3695e621098b8af SHA512 9796c75b4d5de57928708f5f0a8ca01aff5b4974b60006454657ed54c34998bc54d747af03860d319db7e7a57b0cd3c267758ffaac31be2be045c977d5fc33d4 WHIRLPOOL 239f051930d9562e7266edd69cf3a1060d381a95228fd17813dd2dbf469c2cf066786b277c2fd56973b830a6b43f28934f5f15d3b6dfac8f37a6e6a65fcae455
-DIST openssl-1.0.1a.tar.gz 4456456 SHA256 d3487e09d891c772cf946273a3bb0ca47479e7941be6d822274320e7cfcc361b SHA512 ceebecbe60201ebb2c600f97e4e0ed38638789189dc2fae85997d5903eda7884ad6190e21b75c453c28ab36ab9262c30f2732945e78bcecc3090542dd4dafd02 WHIRLPOOL 8448ef79710410a2f2b8a7b7b80798c032273d39a3c3f5c1389a1c45a24dd63a3a5a6ce8902a6d0669f0f2643cd5321e969417d01e5194283a159d1773896a50
+DIST openssl-1.0.1e.tar.gz 4459777 SHA256 f74f15e8c8ff11aa3d5bb5f276d202ec18d7246e95f961db76054199c69c1ae3 SHA512 c76857e439431b2ef6f2aa123997e53f82b9c3c964d4d765d7cc6c0c20b37a21adf578f9b759b2b65ae3925454c432a01b7de0cd320ece7181dc292e00d3244e WHIRLPOOL e85cca98d9525935977bab00a1309682c0571973a1472cdd75ea1c96a1b12d8b86d1b51a501bc24a6fdbf3257b047a569b5d24d6164a903af689b01d46a7e428
-DIST openssl-1.0.1b.tar.gz 4456651 SHA256 1187bf2d5cdf0b286b951bf5c777aa97855cd7db24fdb9604cb557c8b1d7364b SHA512 d0cfec093b1a27a14ee6d6dc5da0c19c14b77edf8ba558e909be7cf8c5e29023061ed7ac3c54ffe08ea0c21bb859781c63257e26423a66a117c5887bc65051d2 WHIRLPOOL 552d99cdecba10f208933d5fd2055125769c67576af76c8a50f0d33a4d64cc3165913cddcf5e9a1bed0dec51efbd055beaa8bfdcb079fb8337b22534da741540
+DIST openssl-1.0.1f.tar.gz 4509212 SHA256 6cc2a80b17d64de6b7bac985745fdaba971d54ffd7d38d3556f998d7c0c9cb5a SHA512 8a50892ce0c32707486e248b273631c38e9743371f28f96b635a9e61dac31919e5cf00690d0926c1f425c718cb56c4fe18a87c6e679e0543ad453e42f7a811ef WHIRLPOOL 4489061d7348a53ed23fd01fbaf36b701c5a17968a4811cf0289aa8604752b1e3b3f4ed53ac629db3948d58fab1d9e0efdae5f6cde39a78828dd8b220fdb3900
 DIST openssl-1.0.1c.tar.gz 4457113 SHA256 2a9eb3cd4e8b114eb9179c0d3884d61658e7d8e8bf4984798a5f5bd48e325ebe SHA512 14f766daab0828a2f07c65d6da8469a4a5a2b839ff3da188538c4e2db3e3e2f37217fb37e269617fb438463b75fb77dab0b155f36831ff48edbc9e7f2903ebd3 WHIRLPOOL 15f90cd981ed82cb1891a2e4179a15882f34aa0ecfff7e6a4fa435b9ea021168228504e7cd9e201c8ada1207942784558f2696f5d45293fa876cf143d8826bf7
 DIST openssl-c_rehash.sh.1.7 4167 SHA256 4999ee79892f52bd6a4a7baba9fac62262454d573bbffd72685d3aae9e48cee0 SHA512 55e8c2e827750a4f375cb83c86bfe2d166c01ffa5d7e9b16657b72b38b747c8985dd2c98f854c911dfbbee2ff3e92aff39fdf089d979b2e3534b7685ee8b80da WHIRLPOOL c88f06a3b8651f76b6289552cccceb64e13f6697c5f0ce3ff114c781ce1c218912b8ee308af9d087cd76a9600fdacda1953175bff07d7d3eb21b0c0b7f4f1ce1
-EBUILD openssl-0.9.8u.ebuild 4327 SHA256 700495983027e6aa69cc801f245e35697fb57336fe33d4b165a884a0f1d8743a SHA512 911484ed40414e5528eb8f2f3899adf8c3c01a45574a6f21318a4abc15c2ee5217b54727bb5aa36ba76102d24772954a591a30f38dd65d3ad1b8164a5b93be8f WHIRLPOOL f70f7e47063803b85303a1b49e4c581d7802330c824ec8694109d284e4517be6c7afd960d585c921b7a89c8d1def2d66c60f3c6aa3fd89934e8216141e10f815
+EBUILD openssl-0.9.8y.ebuild 4424 SHA256 4250c4201a33cebac72954b5068a335d64ec03b03d4a9c787c90c453c23563f9 SHA512 cb59ccff8f59237b33de7db976201b260f5a28a841bcdf59245261a3d74f05c03fc5c4ff4c49e42c38f29533bfa80c6a753448ae9c3e47842223fe12d8f65fce WHIRLPOOL 5c8c490b9094ef6a1c93275dc39f97e61ae021d2cbbfce362f7deb92f844ced318254b1aa2197230dd42b5874602d5c1d43393547642907cf7c6e00244c05d33
-EBUILD openssl-0.9.8v.ebuild 4328 SHA256 6feb0c64fb55a702b77cee8ef7fb549ec48af9b8c6d513a3238cb66d9fe02548 SHA512 047322f69df93f9d0c800bac10eb2069665bae00acba726f85a6c6446659dd2123148e612a41cd38dee756946e61b1897a1e3d38f991c894e8b343bc1dbed34c WHIRLPOOL 1eedc542e7b94ba7d8095c458ca939671bf2c04ccc24d6bc76bb96a0dafa93aa0864d991e55a59d65393f277176f9613092911cc0f3b31396539e3639fb33ba4
+EBUILD openssl-1.0.0j.ebuild 7035 SHA256 8b8cf5082b7eb04abc02fe452a006dad3b2460f65b016f1a1292af79bfef9980 SHA512 e4a4adfa8fda5d514e35f67e55ee50784ae785598b5889cb5d135bb5805b42c77e42246965cfbb4168bf0c6963961dc7e418f979d26574639e8b30730bb2ddea WHIRLPOOL ad2a6e1fcd89e528acce6c0d5a19bfcc82201776bbddb00154fb915792bde6458054d6352abdfa3e1fd17d2f1409de94f9ae6596c25b9e4d87e212901817da99
-EBUILD openssl-0.9.8w.ebuild 4329 SHA256 d41ca4ed1e7178ec41b08e9948a5793aaa777effe7c3c1d550637f3f3adac1ff SHA512 1463ef8ceb393f23492b67c6b2c6ffdc9727f733640e56050fe4fbfa2450826d94dfaad655bcf0f2b820722aa89c912d898f34ff70a0f1fcd5d26d2ef80c9f37 WHIRLPOOL 5853809b2c4f7891e026147a37b0ed54556d7b55ba5814a1565d094d4757d470eb460a169818ac6d40fc57adc47d63a583bd7c8801ea959dfa0cfc0a8365d973
+EBUILD openssl-1.0.1e-r1.ebuild 8051 SHA256 fc2279e7acad38d658e006d0b6f91a4754927e73266bf19b4e3af6c5b022769e SHA512 39d7f2f233329f2233e27a503fc3b8e1ddc26cb16d196842540bc5f1336272c85d5d2f33445829f68f0e6f7f5bf332bd18637b1ed21e7faa3082493de1ce66f5 WHIRLPOOL c39ea92f3addc5d1de5647be44db7dc88a68f2880633a3601036753792b38727bdd17f52bc3eb2ab8c7ce3f5edfa95a3f40a419cf58abb4bc9128ef1c63f9a80
-EBUILD openssl-0.9.8x.ebuild 4329 SHA256 4d95e8d5a1c566e645d7c8b0be86487114a9b2ef48373b778995a7116e9847da SHA512 cd33d7432234aa0c4fc35fb44e2b0fb06df0bde54641a886027fec17ab7b3cce35441f5599260cb556ba00ced08be7f65925ab2dd4d286c6ae630bdc52c3c5c9 WHIRLPOOL 0dbf0f044ae876bb2109773556efea36d412e5e9c5d4e43aa5c6d636a4e2c405a8754d86d9eb5ac103d360ef69befea33788f835e72e5ec3ec853ca4ad4c06b1
+EBUILD openssl-1.0.1e-r2.ebuild 8170 SHA256 364b19958f6426e429159dc6de1b59b955f382ad3e85d01235b9835ecee229de SHA512 1fef3a928f7874d868acfe6568fc090b41a288ce05002674d8feefa009b6ff4ad58d9f2db57f3aa45469cabd8fa179375d11b20794f5a0ef85ea7f218a409e66 WHIRLPOOL 28955035911b5867d4daef173de080915a77eee055682e6ac18655e97afca77bdfcfaecdeab4ce02cf97320e6059067eb612f505243d30b79e4b82ae5cb0420c
-EBUILD openssl-1.0.0h.ebuild 7045 SHA256 b22ebc6290b9619c741e893c26045b2ee41135b8b5ff0c3823912f8ca78ce9a6 SHA512 2e2e61dccd7aac6fe910df1f74a9e0e8b59888bb5d9f6467496e84d63a517803b76b8f5f563556e129d10c0f4dabc6db53e1db44e5a422ec14a5327dfc804cde WHIRLPOOL e105ca19416bcbb76fbac93d30180e3e9223e67ab9673c50e6719866bce334c56d574b7d19329c49ac9bcb3951bd84fffacd41d91f534ab08f6c3d7ceec808e0
+EBUILD openssl-1.0.1e-r3.ebuild 8276 SHA256 c1d6a6b365db046e8f46d56b09ce9c13351255b036bf4a76ab59772cc8a61a96 SHA512 f96d07e92fc9251cf0687922a76af5c535bdd7bc9ff9035dddc3b70030101dcd81e29d3ad3cb9e45b4981f69932eccabdfa3d83d7b4563f40f65018fb03d5a4c WHIRLPOOL 6e5b9ff9fc09508ec61375031b0bc01148e05ee74496676c86dc60ebc9c30e9391abb5392b5cd574b58bad57c0ce7b1750c26f0f4884ab90d95d55d15fd2d1d9
-EBUILD openssl-1.0.0i.ebuild 7045 SHA256 a47a7cb0c489642191aca5c515b0cb7c9732c1b5efc4ddfed7cf73d4627b3a95 SHA512 e02849ee3957b40fc471f8111f7530becb40f965de8075a12ccbb68edc8e41e8c9d07cab671c52800f2091da095c4fad86addda279a65603a676dfc9eb9d3b7e WHIRLPOOL 0b3debf0e531ef1ea29548c3f6f4b5d5f8c774ee4d68e49843bb9f68702c662f4cbf3c1a22b44bedaca0e1cf6ef8103c1777444bdf4833896af65a8d89d23e17
+EBUILD openssl-1.0.1e.ebuild 7260 SHA256 12cdd7dd88ade561157275f48f1f029b3320a215f503b1ef50704875e98d5635 SHA512 655544f450d0b3306cbbb3e70237e234120386705019ddc03986455591cfa85bcadc4cdb72c0319d6a368e38164956ef1e9027b602d081dab096234b32105e15 WHIRLPOOL 9173764576e15d5351f140bb6d67e47a08f577a818c4d434c5c15d9dec321a512e6f4e7483fa5e5ebee66541313506f4745b4c636392bce7e21455ba7a3bad5e
-EBUILD openssl-1.0.0j.ebuild 7045 SHA256 ea3c127fec343b813a517ecc2b6eee6183c8094fdb575ff9fc015783ee3e39cb SHA512 5a501172d4690f71a109ec4efa4166b8c979efd56b36cfb0c9d46e0333b3c3863ebe755512bca87c543f82469daeda601b2a3f4247f924c2905707c7bb383930 WHIRLPOOL 3db8a0e930df8e605da735ccd25ef31b59ea81e0a3839e09cbe927ac88db8d53b263482f673afe8fd10009c8f2b615c3ff5e501ca97f563051223d070835406b
+EBUILD openssl-1.0.1f.ebuild 8181 SHA256 444e562daa1950bfbd9c76bb75922ed2ed6bba5fdc229c7b08cf80d370326e1e SHA512 34ebc04c3ea1efade80fa229c9a5e15bfd93c4462d893d410387948ab9760566cc9d84e6414dff96c6d970c85598bac024308e5e0799e0b3b312eefccb579649 WHIRLPOOL d931b949e9cd459eac7d4fb5f32a0c43a00d8083783a393dc4f845e2648f2ff5097a72db5ea450b1f6806336f128776df137af4887ff40d3c29a4b41b360a2ca
-EBUILD openssl-1.0.1a.ebuild 7364 SHA256 8f4b3486fb8e73dcf54469228c089b185444a449796b8651d54d0c45c5ca4e57 SHA512 0ee731d20639b8464330e1be1e130a28dd55ddbdbce4264c16645eb4c9f4d53805a0a97c614add73eab44714a64f8a4db15cfdd90117a48eac8b8bafba464547 WHIRLPOOL 330865f112a84360bc8f14cc5119bc378f126fea2cd7e4a2892fface434d7eeb6a30cee5e798ebd185ec946bf27ead502806b6d5dad7e48f8d43e4c63ebef1eb
+MISC ChangeLog 77738 SHA256 ec9b5e0f6b368b1fa2dfdba47c17fa3ef682882c144dc6994ee4c1d8286dd292 SHA512 f98b38834e94dacc6c0db25ac54e64497b3c2a47862a0121537d44935f36b1f4d6aaa2cf08c9aee6fa8a3dba152ad69ebcf5251423797333c945d25e4a2d2830 WHIRLPOOL a4041968d7c06cb2eeb3e0d92f15d6f306d877d39a5010073d591be3b2a5aefb7a0e37810f196085563bd39616d3192e81cabb1b408caf00d695159bdcbdb0a4
-EBUILD openssl-1.0.1b.ebuild 7317 SHA256 e06c044e6493d34ab718b10f75c0c4f119dac3bb2989c1bf97b70e14f1131b12 SHA512 eaca2832c9dfb8955a7bb97025fb97a44739c0308283a9dfcd270daccd1b973ac5125f1f1dbf1bece138a0b0f08d2900f7e710f173f89346874251566f3e103b WHIRLPOOL 28fe59a0e846600d1e69d7d505d862f14d5630af3b341cb758bee993466146867a5c7c245711ece96a2b391cd0bf608703986e919447aa299b985571fb3e3ab8
+MISC metadata.xml 537 SHA256 dfb61bab6de1d7e943f92be14ed54fb9275d568a11d6ba29e395f23f547603ee SHA512 0417c438c7f9586c7bbe7694707fec94f2ecf6fb59e36bc87d707fab0b24346a6c9fac5e58c69302e767cd8a7e50a508cdb2430b2cdf8fcc88921286e09756e1 WHIRLPOOL 0f21bab1258c7ee675c27cb7d78a90985437dc8d001a232661657549cebd9f2f26802686435bdd3a1346c5a0ff14bfffa740d6ded2288dc211ad0183f5b3f686
-EBUILD openssl-1.0.1c.ebuild 7308 SHA256 a22c0324c4d1a53b4d5f81f2a4789da6e4c7e34b355cbb1f651b5f2fb975fcd6 SHA512 72129a888e05270a5efbc17e7c901d4fae94ecb0609cffc5d6d528a9be5b57a0a033bab7a71ab076f367a9a5ba8ba2c634434a9f7a9d41bbd3f319138f6ed2dc WHIRLPOOL 4075cde512b87351de65acf1944981727e6195676b61c31d9989752981ef869c6ab2ceb3b0443339b257b3fc647c38be6316b2b3b7d13106b6b3a372544db250
+-----BEGIN PGP SIGNATURE-----
-MISC ChangeLog 70374 SHA256 74ec4fcdd2029fa4a3d54e7b44f5d595c525ab2e60dae7ab6b0bac1fc3a7122a SHA512 999916c9ebcfe10eeddc7ae2a780d81c69ae32f6ce2ec228c863d8e7f063b5db0e91e8c48553d2df56e27ad055925aa11dae74892023acc4a6b307192f6dde3f WHIRLPOOL e602d235f0cc7af6d4e068009a7a575427b425e144bc9192f38c32870c3ef6516584843fe4e07f98b59d3b4bbc204d02d45160a0e132457d51c175e4cf58813c
+Version: GnuPG v2.0.22 (GNU/Linux)
-MISC metadata.xml 374 SHA256 ce29618473c02511695f6767087277e246b2d252ef6e662dbc65e9df44722f5b SHA512 af8240564be62abad18e8f928694ac2836fc445ae186d5ac3b11dae060e5088dbcbbcac625fffe888de1df0e75934cf1484e54c113c00a25a55d57c39563d430 WHIRLPOOL 197464700dbd530c26a50055e98c1008cd1fd6f4f34ba2e9b4070fca6b87201599c3187b5e4689b6360a1311f1de6b96ae6a0050eb9677c648d8eaf28b0880b9
+
 iQIcBAEBCAAGBQJS5PimAAoJELp701BxlEWfKWoQAIf0aYS6Ok4lAz4Cbm+MwaEY
 URqfYk8Em5aNtjMW72Vnns2a2X0jbaZSlQ9lCF64M5M5vA1gpkCmKdUV1fvtWlli
 NtAaH2Rf3D9z2iAxMGkWpe10Lsq0GK0MOC5hosyX0HsCuqxvbUj6sH3Kqtku+Kfe
 QIMymUOHNR17J5Bb4sdMTr/3DoTGRyWS8SGhKm//CeaGxKyJfbOew+RHiBG5t/GB
 +OCRZAPfwzDBEJXFjNPkh5W/jV+b8o/N+CNFcybpinPqNa4Hlk6A5phSPdgKL94n
 54/Ev3YVwAIUQ4D2Tl0zvIGZmid/bGzmLL+JiEkhPoyTFGj9pNHdH39ufOTMxXCK
 2yK9Ew7BxmmlGVJZK8Z2yI3pJJJLYGQmLKu2VNN4p10o2NEYaj6varCS9B396+Kp
 Zc76QtlqfTNa1wKQ6Ps3asi/aouwwro06tUp3yr1/WN9DNzV1SNFvP7JlC3INaoL
 a3GwUIA8UJbz8uxh8ZHz60QA/stRL6N3oPcIGd+BzX58ahAvhUm8lnmZvBF9AtjE
 MD641OT/js5Rkzx93mZYZdM4IEYT2UR4MqrqJ9Yk6AsBPd65/qVWMm9Vq9m09YsN
 rSPcw0cvPbjXfT50l6S+QMOFfxA01i6xOLrDZCyAOU0XhxMR5lDhNRz2/fpkZoHW
 5FtFH4wTTc7AgF91noZr
 =H9rM
 -----END PGP SIGNATURE-----
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-0.9.8
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-0.9.8
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.1
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/gentoo.config-1.0.1
@ -0,0 +1,164 @@
 #!/usr/bin/env bash
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/gentoo.config-1.0.1,v 1.2 2014/01/17 04:27:03 vapier Exp $
 #
 # Openssl doesn't play along nicely with cross-compiling
 # like autotools based projects, so let's teach it new tricks.
 #
 # Review the bundled 'config' script to see why kind of targets
 # we can pass to the 'Configure' script.
 # Testing routines
 if [[ $1 == "test" ]] ; then
 	for c in \
 		"arm-gentoo-linux-uclibc      |linux-generic32 -DL_ENDIAN" \
 		"armv5b-linux-gnu             |linux-armv4 -DB_ENDIAN" \
 		"x86_64-pc-linux-gnu          |linux-x86_64" \
 		"alpha-linux-gnu              |linux-alpha-gcc" \
 		"alphaev56-unknown-linux-gnu  |linux-alpha+bwx-gcc" \
 		"i686-pc-linux-gnu            |linux-elf" \
 		"whatever-gentoo-freebsdX.Y   |BSD-generic32" \
 		"i686-gentoo-freebsdX.Y       |BSD-x86-elf" \
 		"sparc64-alpha-freebsdX.Y     |BSD-sparc64" \
 		"ia64-gentoo-freebsd5.99234   |BSD-ia64" \
 		"x86_64-gentoo-freebsdX.Y     |BSD-x86_64" \
 		"hppa64-aldsF-linux-gnu5.3    |linux-generic32 -DB_ENDIAN" \
 		"powerpc-gentOO-linux-uclibc  |linux-ppc" \
 		"powerpc64-unk-linux-gnu      |linux-ppc64" \
 		"x86_64-apple-darwinX         |darwin64-x86_64-cc" \
 		"powerpc64-apple-darwinX      |darwin64-ppc-cc" \
 		"i686-apple-darwinX           |darwin-i386-cc" \
 		"i386-apple-darwinX           |darwin-i386-cc" \
 		"powerpc-apple-darwinX        |darwin-ppc-cc" \
 		"i586-pc-winnt                |winnt-parity" \
 		"s390-ibm-linux-gnu           |linux-generic32 -DB_ENDIAN" \
 		"s390x-linux-gnu              |linux64-s390x" \
 	;do
 		CHOST=${c/|*}
 		ret_want=${c/*|}
 		ret_got=$(CHOST=${CHOST} "$0")
 		if [[ ${ret_want} == "${ret_got}" ]] ; then
 			echo "PASS: ${CHOST}"
 		else
 			echo "FAIL: ${CHOST}"
 			echo -e "\twanted: ${ret_want}"
 			echo -e "\twe got: ${ret_got}"
 		fi
 	done
 	exit 0
 fi
 [[ -z ${CHOST} && -n $1 ]] && CHOST=$1
 # Detect the operating system
 case ${CHOST} in
 	*-aix*)          system="aix";;
 	*-darwin*)       system="darwin";;
 	*-freebsd*)      system="BSD";;
 	*-hpux*)         system="hpux";;
 	*-linux*)        system="linux";;
 	*-solaris*)      system="solaris";;
 	*-winnt*)        system="winnt";;
 	x86_64-*-mingw*) system="mingw64";;
 	*mingw*)         system="mingw";;
 	*)               exit 0;;
 esac
 # Compiler munging
 compiler="gcc"
 if [[ ${CC} == "ccc" ]] ; then
 	compiler=${CC}
 fi
 # Detect target arch
 machine=""
 chost_machine=${CHOST%%-*}
 case ${system} in
 linux)
 	case ${chost_machine}:${ABI} in
 		aarch64*be)   machine="generic64 -DB_ENDIAN";;
 		aarch64*)     machine="generic64 -DL_ENDIAN";;
 		alphaev56*|\
 		alphaev[678]*)machine=alpha+bwx-${compiler};;
 		alpha*)       machine=alpha-${compiler};;
 		armv[4-9]*b*) machine="armv4 -DB_ENDIAN";;
 		armv[4-9]*)   machine="armv4 -DL_ENDIAN";;
 		arm*b*)       machine="generic32 -DB_ENDIAN";;
 		arm*)         machine="generic32 -DL_ENDIAN";;
 		avr*)         machine="generic32 -DL_ENDIAN";;
 		bfin*)        machine="generic32 -DL_ENDIAN";;
 	#	hppa64*)      machine=parisc64;;
 		hppa*)        machine="generic32 -DB_ENDIAN";;
 		i[0-9]86*|\
 		x86_64*:x86)  machine=elf;;
 		ia64*)        machine=ia64;;
 		m68*)         machine="generic32 -DB_ENDIAN";;
 		mips*el*)     machine="generic32 -DL_ENDIAN";;
 		mips*)        machine="generic32 -DB_ENDIAN";;
 		powerpc64*le) machine="generic64 -DL_ENDIAN";;
 		powerpc64*)   machine=ppc64;;
 		powerpc*le)   machine="generic32 -DL_ENDIAN";;
 		powerpc*)     machine=ppc;;
 	#	sh64*)        machine=elf;;
 		sh*b*)        machine="generic32 -DB_ENDIAN";;
 		sh*)          machine="generic32 -DL_ENDIAN";;
 		sparc*v7*)    machine="generic32 -DB_ENDIAN";;
 		sparc64*)     machine=sparcv9;;
 		sparc*)       machine=sparcv8;;
 		s390x*)       machine=s390x system=linux64;;
 		s390*)        machine="generic32 -DB_ENDIAN";;
 		x86_64*:x32)  machine=x32;;
 		x86_64*)      machine=x86_64;;
 	esac
 	;;
 BSD)
 	case ${chost_machine} in
 		alpha*)       machine=generic64;;
 		i[6-9]86*)    machine=x86-elf;;
 		ia64*)        machine=ia64;;
 		sparc64*)     machine=sparc64;;
 		x86_64*)      machine=x86_64;;
 		*)            machine=generic32;;
 	esac
 	;;
 aix)
 	machine=${compiler}
 	;;
 darwin)
 	case ${chost_machine} in
 		powerpc64)    machine=ppc-cc; system=${system}64;;
 		powerpc)      machine=ppc-cc;;
 		i?86*)        machine=i386-cc;;
 		x86_64)       machine=x86_64-cc; system=${system}64;;
 	esac
 	;;
 hpux)
 	case ${chost_machine} in
 		ia64)	machine=ia64-${compiler} ;;
 	esac
 	;;
 solaris)
 	case ${chost_machine} in
 		i386)         machine=x86-${compiler} ;;
 		x86_64*)      machine=x86_64-${compiler}; system=${system}64;;
 		sparcv9*)     machine=sparcv9-${compiler}; system=${system}64;;
 		sparc*)       machine=sparcv8-${compiler};;
 	esac
 	;;
 winnt)
 	machine=parity
 	;;
 mingw*)
 	# special case ... no xxx-yyy style name
 	echo ${system}
 	;;
 esac
 # If we have something, show it
 [[ -n ${machine} ]] && echo ${system}-${machine}
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0d-alpha-fix-unalign.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0d-alpha-fix-unalign.patch
@ -1,59 +0,0 @@
 fix unaligned access in alpha specific 'OPENSSL_cleanse' function
 Debugged with the following simple program:
    // gcc cleanse_test.c -o ct -lcrypto
    #include <openssl/crypto.h>
    int main(void)
    {
        char buffer [128];
        int off;
        int sz;
        for (off = 0; off < sizeof (buffer); ++off)
            for (sz = 0; sz < sizeof (buffer) - off; ++sz)
                OPENSSL_cleanse (buffer + off, sz);
        return 0;
    }
    $ prctl --unaligned=signal ./cleanse_test
    Bus error
 https://bugs.gentoo.org/show_bug.cgi?id=371561
 http://cvs.openssl.org/chngview?cn=21233
 Reported by Tobias Klausmann <klausman@gentoo.org>
 Fixed by Andy Polyakov <appro@openssl.org>
 diff --git a/crypto/alphacpuid.pl b/crypto/alphacpuid.pl
 index 11f2e30..5b0e21b 100644
 --- a/crypto/alphacpuid.pl
 +++ b/crypto/alphacpuid.pl
@@ -99,19 +99,19 @@ OPENSSL_cleanse:
 	beq	$0,.Laligned
 .Little:
 +	subq	$0,8,$0
 	ldq_u	$1,0($16)
 	mov	$16,$2
 .Lalign:
 	mskbl	$1,$16,$1
 	lda	$16,1($16)
 	subq	$17,1,$17
 -	subq	$0,1,$0
 +	addq	$0,1,$0
 	beq	$17,.Lout
 	bne	$0,.Lalign
 .Lout:	stq_u	$1,0($2)
 	beq	$17,.Ldone
 	bic	$17,7,$at
 -	mov	$17,$0
 	beq	$at,.Little
 .Laligned:
@@ -120,9 +120,7 @@ OPENSSL_cleanse:
 	lda	$16,8($16)
 	bic	$17,7,$at
 	bne	$at,.Laligned
 -	beq	$17,.Ldone
 -	mov	$17,$0
 -	br	.Little
 +	bne	$17,.Little
 .Ldone: ret	($26)
 .end	OPENSSL_cleanse
 ___
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0d-alpha-typo.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0d-alpha-typo.patch
@ -1,13 +0,0 @@
 http://bugs.gentoo.org/364699
 --- crypto/bn/asm/alpha-mont.pl
 +++ crypto/bn/asm/alpha-mont.pl
@@ -41,7 +41,7 @@ $j="s4";
 $m1="s5";
 $code=<<___;
 -#indef __linux__
 +#ifdef __linux__
 #include <asm/regdef.h>
 #else
 #include <asm.h>
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0e-pkg-config.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.0e-pkg-config.patch
@ -1,42 +0,0 @@
 move internal libraries to ".private" fields so that the default
 --libs output matches only what we need
 --- a/Makefile.org
 +++ b/Makefile.org
@@ -325,7 +325,8 @@ libcrypto.pc: Makefile
 	    echo 'Description: OpenSSL cryptography library'; \
 	    echo 'Version: '$(VERSION); \
 	    echo 'Requires: '; \
 -	    echo 'Libs: -L$${libdir} -lcrypto $(EX_LIBS)'; \
 +	    echo 'Libs: -L$${libdir} -lcrypto'; \
 +	    echo 'Libs.private: $(EX_LIBS)'; \
 	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
 libssl.pc: Makefile
@@ -334,11 +335,12 @@ libssl.pc: Makefile
 	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
 	    echo 'includedir=$${prefix}/include'; \
 	    echo ''; \
 -	    echo 'Name: OpenSSL'; \
 +	    echo 'Name: OpenSSL-libssl'; \
 	    echo 'Description: Secure Sockets Layer and cryptography libraries'; \
 	    echo 'Version: '$(VERSION); \
 -	    echo 'Requires: '; \
 -	    echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
 +	    echo 'Requires.private: libcrypto'; \
 +	    echo 'Libs: -L$${libdir} -lssl'; \
 +	    echo 'Libs.private: $(EX_LIBS)'; \
 	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
 openssl.pc: Makefile
@@ -350,9 +352,7 @@ openssl.pc: Makefile
 	    echo 'Name: OpenSSL'; \
 	    echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
 	    echo 'Version: '$(VERSION); \
 -	    echo 'Requires: '; \
 -	    echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
 -	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
 +	    echo 'Requires: libssl libcrypto' ) > openssl.pc
 Makefile: Makefile.org Configure config
 	@echo "Makefile is older than Makefile.org, Configure or config."
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1-parallel-build.patch
@ -335,3 +335,20 @@ http://rt.openssl.org/Ticket/Display.html?id=2084
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 --- a/crypto/objects/Makefile
 +++ b/crypto/objects/Makefile
@@ -44,11 +44,11 @@ obj_dat.h: obj_dat.pl obj_mac.h
 # objects.pl both reads and writes obj_mac.num
 obj_mac.h: objects.pl objects.txt obj_mac.num
 	$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
 -	@sleep 1; touch obj_mac.h; sleep 1
 -obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
 +# This doesn't really need obj_mac.h, but since that rule reads & writes
 +# obj_mac.num, we can't run in parallel with it.
 +obj_xref.h: objxref.pl obj_xref.txt obj_mac.num obj_mac.h
 	$(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
 -	@sleep 1; touch obj_xref.h; sleep 1
 files:
 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1a-hmac-ia32cap.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1a-hmac-ia32cap.patch
@ -1,52 +0,0 @@
 http://cvs.openssl.org/chngview?cn=22455
 fix from upstream for building on non-x86 arches
 e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms [from HEAD]. PR: 2792
 Index: crypto/evp/e_rc4_hmac_md5.c
 ===================================================================
 RCS file: /usr/local/src/openssl/CVSROOT/openssl/crypto/evp/e_rc4_hmac_md5.c,v
 retrieving revision 1.1.2.5
 retrieving revision 1.1.2.6
 diff -u -p -r1.1.2.5 -r1.1.2.6
 --- crypto/evp/e_rc4_hmac_md5.c	18 Apr 2012 17:51:33 -0000	1.1.2.5
 +++ crypto/evp/e_rc4_hmac_md5.c	19 Apr 2012 20:43:02 -0000	1.1.2.6
@@ -121,6 +121,7 @@ static int rc4_hmac_md5_cipher(EVP_CIPHE
 		md5_off = MD5_CBLOCK-key->md.num,
 		blocks;
 	unsigned int l;
 +	extern unsigned int OPENSSL_ia32cap_P[];
 #endif
 	size_t	plen = key->payload_length;
@@ -132,7 +133,8 @@ static int rc4_hmac_md5_cipher(EVP_CIPHE
 		/* cipher has to "fall behind" */
 		if (rc4_off>md5_off) md5_off+=MD5_CBLOCK;
 -		if (plen>md5_off && (blocks=(plen-md5_off)/MD5_CBLOCK)) {
 +		if (plen>md5_off && (blocks=(plen-md5_off)/MD5_CBLOCK) &&
 +		    (OPENSSL_ia32cap_P[0]&(1<<20))==0) {
 			MD5_Update(&key->md,in,md5_off);
 			RC4(&key->ks,rc4_off,in,out);
@@ -172,7 +174,8 @@ static int rc4_hmac_md5_cipher(EVP_CIPHE
 		if (md5_off>rc4_off)	rc4_off += 2*MD5_CBLOCK;
 		else			rc4_off += MD5_CBLOCK;
 -		if (len>rc4_off && (blocks=(len-rc4_off)/MD5_CBLOCK)) {
 +		if (len>rc4_off && (blocks=(len-rc4_off)/MD5_CBLOCK) &&
 +		    (OPENSSL_ia32cap_P[0]&(1<<20))==0) {
 			RC4(&key->ks,rc4_off,in,out);
 			MD5_Update(&key->md,out,md5_off);
@@ -289,8 +292,6 @@ static EVP_CIPHER r4_hmac_md5_cipher=
 const EVP_CIPHER *EVP_rc4_hmac_md5(void)
 	{
 -	extern unsigned int OPENSSL_ia32cap_P[];
 -	/* RC4_CHAR flag ------------vvvvv */
 -	return(OPENSSL_ia32cap_P[0]&(1<<20) ? NULL : &r4_hmac_md5_cipher);
 +	return(&r4_hmac_md5_cipher);
 	}
 #endif
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-bad-mac-aes-ni.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-bad-mac-aes-ni.patch
@ -0,0 +1,35 @@
 https://bugs.gentoo.org/463444
 From 9ab3ce124616cb12bd39c6aa1e1bde0f46969b29 Mon Sep 17 00:00:00 2001
 From: Andy Polyakov <appro@openssl.org>
 Date: Mon, 18 Mar 2013 19:29:41 +0100
 Subject: [PATCH] e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI
 plaforms.
 PR: 3002
 (cherry picked from commit 5c60046553716fcf160718f59160493194f212dc)
 ---
 crypto/evp/e_aes_cbc_hmac_sha1.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
 diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
 index 483e04b..fb2c884 100644
 --- a/crypto/evp/e_aes_cbc_hmac_sha1.c
 +++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -328,10 +328,11 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 				if (res!=SHA_CBLOCK) continue;
 -				mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
 +				/* j is not incremented yet */
 +				mask = 0-((inp_len+7-j)>>(sizeof(j)*8-1));
 				data->u[SHA_LBLOCK-1] |= bitlen&mask;
 				sha1_block_data_order(&key->md,data,1);
 -				mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
 +				mask &= 0-((j-inp_len-72)>>(sizeof(j)*8-1));
 				pmac->u[0] |= key->md.h0 & mask;
 				pmac->u[1] |= key->md.h1 & mask;
 				pmac->u[2] |= key->md.h2 & mask;
 -- 
 1.8.2.1
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-ipv6.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-ipv6.patch
@ -26,13 +26,6 @@ diff -u -r1.21.2.1 s_apps.h
 int should_retry(int i);
 int extract_port(char *str, short *port_ptr);
 int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
 Index: apps/s_cb.c
 ===================================================================
 RCS file: /v/openssl/cvs/openssl/apps/s_cb.c,v
 retrieving revision 1.27.2.8.2.2
 diff -u -r1.27.2.8.2.2 s_cb.c
 --- apps/s_cb.c	13 Nov 2011 13:13:13 -0000	1.27.2.8.2.2
 +++ apps/s_cb.c	28 Dec 2011 00:28:14 -0000
 Index: apps/s_client.c
 ===================================================================
 RCS file: /v/openssl/cvs/openssl/apps/s_client.c,v
@ -40,12 +33,13 @@ retrieving revision 1.123.2.6.2.10
 diff -u -r1.123.2.6.2.10 s_client.c
 --- apps/s_client.c	14 Dec 2011 22:18:02 -0000	1.123.2.6.2.10
 +++ apps/s_client.c	28 Dec 2011 00:28:14 -0000
-@@ -285,6 +285,9 @@
+@@ -285,6 +285,10 @@
 	{
 	BIO_printf(bio_err,"usage: s_client args\n");
 	BIO_printf(bio_err,"\n");
 +	BIO_printf(bio_err," -4             - use IPv4 only\n");
 +#if OPENSSL_USE_IPV6
-+	BIO_printf(bio_err," -6             - use IPv6\n");
+	BIO_printf(bio_err," -6             - use IPv6 only\n");
 +#endif
 	BIO_printf(bio_err," -host host     - use -connect instead\n");
 	BIO_printf(bio_err," -port port     - use -connect instead\n");
@ -71,19 +65,28 @@ diff -u -r1.123.2.6.2.10 s_client.c
 	int peerlen = sizeof(peer);
 	int enable_timeouts = 0 ;
 	long socket_mtu = 0;
-@@ -630,6 +638,8 @@
+@@ -630,6 +638,12 @@
 	meth=SSLv2_client_method();
 #endif
 +	use_ipv4 = 1;
 +#if OPENSSL_USE_IPV6
 +	use_ipv6 = 1;
 +#else
 +	use_ipv6 = 0;
 +#endif
 	apps_startup();
 	c_Pause=0;
 	c_quiet=0;
-@@ -951,6 +961,13 @@
+@@ -951,6 +961,18 @@
 			jpake_secret = *++argv;
 			}
 #endif
 +		else if (strcmp(*argv,"-4") == 0)
 +			{
 +			use_ipv4 = 1;
 +			use_ipv6 = 0;
 +			}
 +#if OPENSSL_USE_IPV6
 +		else if (strcmp(*argv,"-6") == 0)
 +			{
@ -91,18 +94,9 @@ diff -u -r1.123.2.6.2.10 s_client.c
 +			use_ipv6 = 1;
 +			}
 +#endif
 #ifndef OPENSSL_NO_SRTP
 		else if (strcmp(*argv,"-use_srtp") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -967,7 +984,7 @@
 			keymatexportlen=atoi(*(++argv));
 			if (keymatexportlen == 0) goto bad;
 			}
 -                else
 +		else
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
 			badop=1;
@@ -1259,7 +1276,7 @@
 re_start:
@ -121,15 +115,6 @@ diff -u -r1.123.2.6.2.10 s_client.c
 			{
 			BIO_printf(bio_err, "getsockname:errno=%d\n",
 				get_last_socket_error());
@@ -2036,7 +2061,7 @@
 	BIO_printf(bio,"Expansion: %s\n",
 		expansion ? SSL_COMP_get_name(expansion) : "NONE");
 #endif
 - 
 +
 #ifdef SSL_DEBUG
 	{
 	/* Print out local port of connection: useful for debugging */
 ===================================================================
 RCS file: /v/openssl/cvs/openssl/apps/s_server.c,v
 retrieving revision 1.136.2.15.2.13
@ -184,9 +169,9 @@ diff -u -r1.136.2.15.2.13 s_server.c
 +			use_ipv6 = 1;
 +			}
 +#endif
 #ifndef OPENSSL_NO_SRTP
 		else if (strcmp(*argv,"-use_srtp") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -1884,9 +1907,9 @@
 	BIO_printf(bio_s_out,"ACCEPT\n");
 	(void)BIO_flush(bio_s_out);
@ -228,7 +213,7 @@ diff -u -r1.43.2.3.2.2 s_socket.c
 #ifdef OPENSSL_SYS_WIN16
 #define SOCKET_PROTOCOL	0 /* more microsoft stupidity */
-@@ -234,38 +234,76 @@
+@@ -234,38 +234,68 @@
 	return(1);
 	}
@ -243,20 +228,13 @@ diff -u -r1.43.2.3.2.2 s_socket.c
 -	memset(ip, '\0', sizeof ip);
 -	if (!host_ip(host,&(ip[0])))
-+	if (!use_ipv4 && !use_ipv6)
+-		return 0;
 		return 0;
 -	return init_client_ip(sock,ip,port,type);
 -	}
 -
 -static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
 -	{
 -	unsigned long addr;
 +#if OPENSSL_USE_IPV6
 +	/* we are fine here */
 +#else
 +	if (use_ipv6)
 +		return 0;
 +#endif
 +	if (use_ipv4)
 +		if (host_ip(host,ip,AF_INET))
 +			return(init_client_ip(sock,ip,port,type,AF_INET));
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-perl-5.18.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-perl-5.18.patch
@ -0,0 +1,375 @@
 https://bugs.gentoo.org/483820
 Submitted By: Martin Ward <macros_the_black at ntlworld dot com>
 Date: 2013-06-18
 Initial Package Version: 1.0.1e
 Upstream Status: Unknown
 Origin: self, based on fedora
 Description: Fixes install with perl-5.18.
 --- openssl-1.0.1e.orig/doc/apps/cms.pod
 +++ openssl-1.0.1e/doc/apps/cms.pod
@@ -450,28 +450,28 @@
 =over 4
 -=item 0
 +=item C<0>
 the operation was completely successfully.
 -=item 1 
 +=item C<1>
 an error occurred parsing the command options.
 -=item 2
 +=item C<2>
 one of the input files could not be read.
 -=item 3
 +=item C<3>
 an error occurred creating the CMS file or when reading the MIME
 message.
 -=item 4
 +=item C<4>
 an error occurred decrypting or verifying the message.
 -=item 5
 +=item C<5>
 the message was verified correctly but an error occurred writing out
 the signers certificates.
 --- openssl-1.0.1e.orig/doc/apps/smime.pod
 +++ openssl-1.0.1e/doc/apps/smime.pod
@@ -308,28 +308,28 @@
 =over 4
 -=item 0
 +=item C<0>
 the operation was completely successfully.
 -=item 1 
 +=item C<1>
 an error occurred parsing the command options.
 -=item 2
 +=item C<2>
 one of the input files could not be read.
 -=item 3
 +=item C<3>
 an error occurred creating the PKCS#7 file or when reading the MIME
 message.
 -=item 4
 +=item C<4>
 an error occurred decrypting or verifying the message.
 -=item 5
 +=item C<5>
 the message was verified correctly but an error occurred writing out
 the signers certificates.
 --- openssl-1.0.1e.orig/doc/crypto/X509_STORE_CTX_get_error.pod
 +++ openssl-1.0.1e/doc/crypto/X509_STORE_CTX_get_error.pod
@@ -278,6 +278,8 @@
 an application specific error. This will never be returned unless explicitly
 set by an application.
 +=back
 +
 =head1 NOTES
 The above functions should be used instead of directly referencing the fields
 --- openssl-1.0.1e.orig/doc/ssl/SSL_accept.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_accept.pod
@@ -44,12 +44,12 @@
 =over 4
 -=item 1
 +=item C<1>
 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 established.
 -=item 0
 +=item C<0>
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 --- openssl-1.0.1e.orig/doc/ssl/SSL_clear.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_clear.pod
@@ -56,12 +56,12 @@
 =over 4
 -=item 0
 +=item C<0>
 The SSL_clear() operation could not be performed. Check the error stack to
 find out the reason.
 -=item 1
 +=item C<1>
 The SSL_clear() operation was successful.
 --- openssl-1.0.1e.orig/doc/ssl/SSL_COMP_add_compression_method.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod
@@ -53,11 +53,11 @@
 =over 4
 -=item 0
 +=item C<0>
 The operation succeeded.
 -=item 1
 +=item C<1>
 The operation failed. Check the error queue to find out the reason.
 --- openssl-1.0.1e.orig/doc/ssl/SSL_connect.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_connect.pod
@@ -41,12 +41,12 @@
 =over 4
 -=item 1
 +=item C<1>
 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 established.
 -=item 0
 +=item C<0>
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_add_session.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod
@@ -52,13 +52,13 @@
 =over 4
 -=item 0
 +=item C<0>
  The operation failed. In case of the add operation, it was tried to add
  the same (identical) session twice. In case of the remove operation, the
  session was not found in the cache.
 -=item 1
 +=item C<1>
  The operation succeeded.
 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_load_verify_locations.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod
@@ -100,13 +100,13 @@
 =over 4
 -=item 0
 +=item C<0>
 The operation failed because B<CAfile> and B<CApath> are NULL or the
 processing at one of the locations specified failed. Check the error
 stack to find out the reason.
 -=item 1
 +=item C<1>
 The operation succeeded.
 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod
@@ -66,11 +66,11 @@
 =over 4
 -=item 1
 +=item C<1>
 The operation succeeded.
 -=item 0
 +=item C<0>
 A failure while manipulating the STACK_OF(X509_NAME) object occurred or
 the X509_NAME could not be extracted from B<cacert>. Check the error stack
 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_session_id_context.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod
@@ -64,13 +64,13 @@
 =over 4
 -=item 0
 +=item C<0>
 The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
 the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
 is logged to the error stack.
 -=item 1
 +=item C<1>
 The operation succeeded.
 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_ssl_version.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod
@@ -42,11 +42,11 @@
 =over 4
 -=item 0
 +=item C<0>
 The new choice failed, check the error stack to find out the reason.
 -=item 1
 +=item C<1>
 The operation succeeded.
 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
@@ -81,6 +81,8 @@
 Return values from the server callback are interpreted as follows:
 +=over
 +
 =item > 0
 PSK identity was found and the server callback has provided the PSK
@@ -94,9 +96,11 @@
 connection will fail with decryption_error before it will be finished
 completely.
 -=item 0
 +=item C<0>
 PSK identity was not found. An "unknown_psk_identity" alert message
 will be sent and the connection setup fails.
 +=back
 +
 =cut
 --- openssl-1.0.1e.orig/doc/ssl/SSL_do_handshake.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod
@@ -45,12 +45,12 @@
 =over 4
 -=item 1
 +=item C<1>
 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 established.
 -=item 0
 +=item C<0>
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 --- openssl-1.0.1e.orig/doc/ssl/SSL_read.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_read.pod
@@ -86,7 +86,7 @@
 The read operation was successful; the return value is the number of
 bytes actually read from the TLS/SSL connection.
 -=item 0
 +=item C<0>
 The read operation was not successful. The reason may either be a clean
 shutdown due to a "close notify" alert sent by the peer (in which case
 --- openssl-1.0.1e.orig/doc/ssl/SSL_session_reused.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_session_reused.pod
@@ -27,11 +27,11 @@
 =over 4
 -=item 0
 +=item C<0>
 A new session was negotiated.
 -=item 1
 +=item C<1>
 A session was reused.
 --- openssl-1.0.1e.orig/doc/ssl/SSL_set_fd.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_set_fd.pod
@@ -35,11 +35,11 @@
 =over 4
 -=item 0
 +=item C<0>
 The operation failed. Check the error stack to find out why.
 -=item 1
 +=item C<1>
 The operation succeeded.
 --- openssl-1.0.1e.orig/doc/ssl/SSL_set_session.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_set_session.pod
@@ -37,11 +37,11 @@
 =over 4
 -=item 0
 +=item C<0>
 The operation failed; check the error stack to find out the reason.
 -=item 1
 +=item C<1>
 The operation succeeded.
 --- openssl-1.0.1e.orig/doc/ssl/SSL_shutdown.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_shutdown.pod
@@ -92,12 +92,12 @@
 =over 4
 -=item 1
 +=item C<1>
 The shutdown was successfully completed. The "close notify" alert was sent
 and the peer's "close notify" alert was received.
 -=item 0
 +=item C<0>
 The shutdown is not yet finished. Call SSL_shutdown() for a second time,
 if a bidirectional shutdown shall be performed.
 --- openssl-1.0.1e.orig/doc/ssl/SSL_write.pod
 +++ openssl-1.0.1e/doc/ssl/SSL_write.pod
@@ -79,7 +79,7 @@
 The write operation was successful, the return value is the number of
 bytes actually written to the TLS/SSL connection.
 -=item 0
 +=item C<0>
 The write operation was not successful. Probably the underlying connection
 was closed. Call SSL_get_error() with the return value B<ret> to find out,
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-rdrand-explicit.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-rdrand-explicit.patch
@ -0,0 +1,28 @@
 https://chromium-review.googlesource.com/181001
 From 8a1956f3eac8b164f8c741ff1a259008bab3bac1 Mon Sep 17 00:00:00 2001
 From: "Dr. Stephen Henson" <steve@openssl.org>
 Date: Wed, 11 Dec 2013 14:45:12 +0000
 Subject: [PATCH] Don't use rdrand engine as default unless explicitly
 requested. (cherry picked from commit
 16898401bd47a153fbf799127ff57fdcfcbd324f)
 ---
 crypto/engine/eng_rdrand.c | 1 +
 1 file changed, 1 insertion(+)
 diff --git a/crypto/engine/eng_rdrand.c b/crypto/engine/eng_rdrand.c
 index a9ba5ae..4e9e91d 100644
 --- a/crypto/engine/eng_rdrand.c
 +++ b/crypto/engine/eng_rdrand.c
@@ -104,6 +104,7 @@ static int bind_helper(ENGINE *e)
 	{
 	if (!ENGINE_set_id(e, engine_e_rdrand_id) ||
 	    !ENGINE_set_name(e, engine_e_rdrand_name) ||
 +            !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) ||
 	    !ENGINE_set_init_function(e, rdrand_init) ||
 	    !ENGINE_set_RAND(e, &rdrand_meth) )
 		return 0;
 -- 
 1.8.4.3
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-s_client-verify.patch
@ -0,0 +1,18 @@
 https://bugs.gentoo.org/472584
 http://rt.openssl.org/Ticket/Display.html?id=2387&user=guest&pass=guest
 fix verification handling in s_client.  when loading paths, make sure
 we properly fallback to setting the default paths.
 --- a/apps/s_client.c
 +++ b/apps/s_client.c
@@ -899,7 +899,7 @@
 	if (!set_cert_key_stuff(ctx,cert,key))
 		goto end;
 -	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
 +	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) &&
 		(!SSL_CTX_set_default_verify_paths(ctx)))
 		{
 		/* BIO_printf(bio_err,"error setting default verify locations\n"); */
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-tls-ver-crash.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1e-tls-ver-crash.patch
@ -0,0 +1,34 @@
 https://bugs.gentoo.org/494816
 https://bugzilla.redhat.com/show_bug.cgi?id=1045363
 http://rt.openssl.org/Ticket/Display.html?id=3200&user=guest&pass=guest
 From ca989269a2876bae79393bd54c3e72d49975fc75 Mon Sep 17 00:00:00 2001
 From: "Dr. Stephen Henson" <steve@openssl.org>
 Date: Thu, 19 Dec 2013 14:37:39 +0000
 Subject: [PATCH] Use version in SSL_METHOD not SSL structure.
 When deciding whether to use TLS 1.2 PRF and record hash algorithms
 use the version number in the corresponding SSL_METHOD structure
 instead of the SSL structure. The SSL structure version is sometimes
 inaccurate. Note: OpenSSL 1.0.2 and later effectively do this already.
 (CVE-2013-6449)
 ---
 ssl/s3_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
 index bf832bb..c4ef273 100644
 --- a/ssl/s3_lib.c
 +++ b/ssl/s3_lib.c
@@ -4286,7 +4286,7 @@ need to go to SSL_ST_ACCEPT.
 long ssl_get_algorithm2(SSL *s)
 	{
 	long alg2 = s->s3->tmp.new_cipher->algorithm2;
 -	if (TLS1_get_version(s) >= TLS1_2_VERSION &&
 +	if (s->method->version == TLS1_2_VERSION &&
 	    alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
 		return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
 	return alg2;
 -- 
 1.8.4.3
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1f-perl-5.18.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1f-perl-5.18.patch
@ -0,0 +1,356 @@
 Forward-ported from openssl-1.0.1e-perl-5.18.patch
 Fixes install with perl-5.18.
 https://bugs.gentoo.org/show_bug.cgi?id=497286
 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
 --- openssl-1.0.1f/doc/apps/cms.pod
 +++ openssl-1.0.1f/doc/apps/cms.pod
@@ -450,28 +450,28 @@
 =over 4
 -=item 0
 +=item C<0>
 the operation was completely successfully.
 -=item 1 
 +=item C<1>
 an error occurred parsing the command options.
 -=item 2
 +=item C<2>
 one of the input files could not be read.
 -=item 3
 +=item C<3>
 an error occurred creating the CMS file or when reading the MIME
 message.
 -=item 4
 +=item C<4>
 an error occurred decrypting or verifying the message.
 -=item 5
 +=item C<5>
 the message was verified correctly but an error occurred writing out
 the signers certificates.
 --- openssl-1.0.1f/doc/apps/smime.pod
 +++ openssl-1.0.1f/doc/apps/smime.pod
@@ -308,28 +308,28 @@
 =over 4
 -=item 0
 +=item C<0>
 the operation was completely successfully.
 -=item 1 
 +=item C<1>
 an error occurred parsing the command options.
 -=item 2
 +=item C<2>
 one of the input files could not be read.
 -=item 3
 +=item C<3>
 an error occurred creating the PKCS#7 file or when reading the MIME
 message.
 -=item 4
 +=item C<4>
 an error occurred decrypting or verifying the message.
 -=item 5
 +=item C<5>
 the message was verified correctly but an error occurred writing out
 the signers certificates.
 --- openssl-1.0.1f/doc/ssl/SSL_accept.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_accept.pod
@@ -44,13 +44,13 @@
 =over 4
 -=item 0
 +=item C<0>
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 return value B<ret> to find out the reason.
 -=item 1
 +=item C<1>
 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 established.
 --- openssl-1.0.1f/doc/ssl/SSL_clear.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_clear.pod
@@ -56,12 +56,12 @@
 =over 4
 -=item 0
 +=item C<0>
 The SSL_clear() operation could not be performed. Check the error stack to
 find out the reason.
 -=item 1
 +=item C<1>
 The SSL_clear() operation was successful.
 --- openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_COMP_add_compression_method.pod
@@ -53,11 +53,11 @@
 =over 4
 -=item 0
 +=item C<0>
 The operation succeeded.
 -=item 1
 +=item C<1>
 The operation failed. Check the error queue to find out the reason.
 --- openssl-1.0.1f/doc/ssl/SSL_connect.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_connect.pod
@@ -41,13 +41,13 @@
 =over 4
 -=item 0
 +=item C<0>
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 return value B<ret> to find out the reason.
 -=item 1
 +=item C<1>
 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 established.
 --- openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_CTX_add_session.pod
@@ -52,13 +52,13 @@
 =over 4
 -=item 0
 +=item C<0>
  The operation failed. In case of the add operation, it was tried to add
  the same (identical) session twice. In case of the remove operation, the
  session was not found in the cache.
 -=item 1
 +=item C<1>
  The operation succeeded.
 --- openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_CTX_load_verify_locations.pod
@@ -100,13 +100,13 @@
 =over 4
 -=item 0
 +=item C<0>
 The operation failed because B<CAfile> and B<CApath> are NULL or the
 processing at one of the locations specified failed. Check the error
 stack to find out the reason.
 -=item 1
 +=item C<1>
 The operation succeeded.
 --- openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_client_CA_list.pod
@@ -66,13 +66,13 @@
 =over 4
 -=item 0
 +=item C<0>
 A failure while manipulating the STACK_OF(X509_NAME) object occurred or
 the X509_NAME could not be extracted from B<cacert>. Check the error stack
 to find out the reason.
 -=item 1
 +=item C<1>
 The operation succeeded.
 --- openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_session_id_context.pod
@@ -64,13 +64,13 @@
 =over 4
 -=item 0
 +=item C<0>
 The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
 the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
 is logged to the error stack.
 -=item 1
 +=item C<1>
 The operation succeeded.
 --- openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_CTX_set_ssl_version.pod
@@ -42,11 +42,11 @@
 =over 4
 -=item 0
 +=item C<0>
 The new choice failed, check the error stack to find out the reason.
 -=item 1
 +=item C<1>
 The operation succeeded.
 --- openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
@@ -96,7 +96,7 @@
 connection will fail with decryption_error before it will be finished
 completely.
 -=item 0
 +=item C<0>
 PSK identity was not found. An "unknown_psk_identity" alert message
 will be sent and the connection setup fails.
 --- openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_do_handshake.pod
@@ -45,13 +45,13 @@
 =over 4
 -=item 0
 +=item C<0>
 The TLS/SSL handshake was not successful but was shut down controlled and
 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
 return value B<ret> to find out the reason.
 -=item 1
 +=item C<1>
 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
 established.
 --- openssl-1.0.1f/doc/ssl/SSL_read.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_read.pod
@@ -86,7 +86,7 @@
 The read operation was successful; the return value is the number of
 bytes actually read from the TLS/SSL connection.
 -=item 0
 +=item C<0>
 The read operation was not successful. The reason may either be a clean
 shutdown due to a "close notify" alert sent by the peer (in which case
 --- openssl-1.0.1f/doc/ssl/SSL_session_reused.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_session_reused.pod
@@ -27,11 +27,11 @@
 =over 4
 -=item 0
 +=item C<0>
 A new session was negotiated.
 -=item 1
 +=item C<1>
 A session was reused.
 --- openssl-1.0.1f/doc/ssl/SSL_set_fd.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_set_fd.pod
@@ -35,11 +35,11 @@
 =over 4
 -=item 0
 +=item C<0>
 The operation failed. Check the error stack to find out why.
 -=item 1
 +=item C<1>
 The operation succeeded.
 --- openssl-1.0.1f/doc/ssl/SSL_set_session.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_set_session.pod
@@ -37,11 +37,11 @@
 =over 4
 -=item 0
 +=item C<0>
 The operation failed; check the error stack to find out the reason.
 -=item 1
 +=item C<1>
 The operation succeeded.
 --- openssl-1.0.1f/doc/ssl/SSL_shutdown.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_shutdown.pod
@@ -92,14 +92,14 @@
 =over 4
 -=item 0
 +=item C<0>
 The shutdown is not yet finished. Call SSL_shutdown() for a second time,
 if a bidirectional shutdown shall be performed.
 The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
 erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
 -=item 1
 +=item C<1>
 The shutdown was successfully completed. The "close notify" alert was sent
 and the peer's "close notify" alert was received.
 --- openssl-1.0.1f/doc/ssl/SSL_write.pod
 +++ openssl-1.0.1f/doc/ssl/SSL_write.pod
@@ -79,7 +79,7 @@
 The write operation was successful, the return value is the number of
 bytes actually written to the TLS/SSL connection.
 -=item 0
 +=item C<0>
 The write operation was not successful. Probably the underlying connection
 was closed. Call SSL_get_error() with the return value B<ret> to find out,
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/files/openssl-1.0.1f-revert-alpha-perl-generation.patch
@ -0,0 +1,83 @@
 when gcc is given a .s file and told to preprocess it, it outputs nothing
 https://bugs.gentoo.org/499086
 From a2976461784ce463fc7f336cd0dce607d21c2fad Mon Sep 17 00:00:00 2001
 From: Mike Frysinger <vapier@gentoo.org>
 Date: Sat, 25 Jan 2014 05:44:47 -0500
 Subject: [PATCH] Revert "Make Makefiles OSF-make-friendly."
 This reverts commit d1cf23ac86c05b22b8780e2c03b67230564d2d34.
 ---
 crypto/Makefile       | 4 +---
 crypto/bn/Makefile    | 4 +---
 crypto/evp/Makefile   | 2 +-
 crypto/modes/Makefile | 5 +----
 crypto/sha/Makefile   | 4 +---
 util/shlib_wrap.sh    | 6 +-----
 6 files changed, 6 insertions(+), 19 deletions(-)
 diff --git a/crypto/Makefile b/crypto/Makefile
 index b253f50..1de9d5f 100644
 --- a/crypto/Makefile
 +++ b/crypto/Makefile
@@ -86,9 +86,7 @@ ia64cpuid.s:	ia64cpuid.S;	$(CC) $(CFLAGS) -E ia64cpuid.S > $@
 ppccpuid.s:	ppccpuid.pl;	$(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
 pariscid.s:	pariscid.pl;	$(PERL) pariscid.pl $(PERLASM_SCHEME) $@
 alphacpuid.s:	alphacpuid.pl
 -	(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
 -	$(PERL) alphacpuid.pl > $$preproc && \
 -	$(CC) -E $$preproc > $@ && rm $$preproc)
 +	$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
 subdirs:
 	@target=all; $(RECURSIVE_MAKE)
 diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile
 index b62b676..6c03363 100644
 --- a/crypto/bn/Makefile
 +++ b/crypto/bn/Makefile
@@ -136,9 +136,7 @@ ppc-mont.s:	asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
 ppc64-mont.s:	asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
 alpha-mont.s:	asm/alpha-mont.pl
 -	(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
 -	$(PERL) asm/alpha-mont.pl > $$preproc && \
 -	$(CC) -E $$preproc > $@ && rm $$preproc)
 +	$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
 # GNU make "catch all"
 %-mont.S:	asm/%-mont.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
 diff --git a/crypto/modes/Makefile b/crypto/modes/Makefile
 index ce0dcd6..88ac65e 100644
 --- a/crypto/modes/Makefile
 +++ b/crypto/modes/Makefile
@@ -55,10 +55,7 @@ aesni-gcm-x86_64.s:	asm/aesni-gcm-x86_64.pl
 ghash-sparcv9.s:	asm/ghash-sparcv9.pl
 	$(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS)
 ghash-alpha.s:	asm/ghash-alpha.pl
 -	(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
 -	$(PERL) asm/ghash-alpha.pl > $$preproc && \
 -	$(CC) -E $$preproc > $@ && rm $$preproc)
 -
 +	$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
 ghash-parisc.s:	asm/ghash-parisc.pl
 	$(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@
 diff --git a/crypto/sha/Makefile b/crypto/sha/Makefile
 index 64eab6c..63fba69 100644
 --- a/crypto/sha/Makefile
 +++ b/crypto/sha/Makefile
@@ -60,9 +60,7 @@ sha256-armv4.S: asm/sha256-armv4.pl
 	$(PERL) $< $(PERLASM_SCHEME) $@
 sha1-alpha.s:	asm/sha1-alpha.pl
 -	(preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
 -	$(PERL) asm/sha1-alpha.pl > $$preproc && \
 -	$(CC) -E $$preproc > $@ && rm $$preproc)
 +	$(PERL) $< | $(CC) -E - | tee $@ > /dev/null
 # Solaris make has to be explicitly told
 sha1-x86_64.s:	asm/sha1-x86_64.pl;	$(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@
 -- 
 1.8.5.3
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/metadata.xml
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/metadata.xml
@ -5,5 +5,9 @@
 <use>
 <flag name='bindist'>Disable EC/RC5 algorithms (as they seem to be patented)</flag>
 <flag name='rfc3779'>Enable support for RFC 3779 (X.509 Extensions for IP Addresses and AS Identifiers)</flag>
 <flag name='tls-heartbeat'>Enable the Heartbeat Extension in TLS and DTLS</flag>
 </use>
 <upstream>
 <remote-id type="cpe">cpe:/a:openssl:openssl</remote-id>
 </upstream>
 </pkgmetadata>
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8v.ebuild
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8v.ebuild
@ -1,141 +0,0 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8v.ebuild,v 1.5 2012/05/25 17:41:49 vapier Exp $
 # this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat
 EAPI="2"
 inherit eutils flag-o-matic toolchain-funcs multilib
 DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1"
 HOMEPAGE="http://www.openssl.org/"
 SRC_URI="mirror://openssl/source/${P}.tar.gz"
 LICENSE="openssl"
 SLOT="0.9.8"
 KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd"
 IUSE="bindist gmp kerberos sse2 test zlib"
 RDEPEND="gmp? ( dev-libs/gmp )
 	zlib? ( sys-libs/zlib )
 	kerberos? ( app-crypt/mit-krb5 )
 	!=dev-libs/openssl-0.9.8*:0"
 DEPEND="${RDEPEND}
 	sys-apps/diffutils
 	>=dev-lang/perl-5
 	test? ( sys-devel/bc )"
 pkg_setup() {
 	# avoid collisions with openssl-1 (preserve lib)
 	if ! has_version dev-libs/openssl:${SLOT} ; then
 		ewarn "Removing lib{crypto,ssl}.so.0.9.8 to avoid collision with openssl-1"
 		rm -f "${ROOT}"/usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
 	fi
 }
 src_prepare() {
 	epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch
 	epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438
 	epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130
 	# disable fips in the build
 	# make sure the man pages are suffixed #302165
 	# don't bother building man pages if they're disabled
 	sed -i \
 		-e '/DIRS/s: fips : :g' \
 		-e '/^MANSUFFIX/s:=.*:=ssl:' \
 		-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
 		-e $(has noman FEATURES \
 			&& echo '/^install:/s:install_docs::' \
 			|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
 		Makefile{,.org} \
 		|| die
 	# show the actual commands in the log
 	sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
 	# update the enginedir path
 	sed -i \
 		-e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \
 		Configure || die
 	# allow openssl to be cross-compiled
 	cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed"
 	chmod a+rx gentoo.config
 	append-flags -fno-strict-aliasing
 	append-flags -Wa,--noexecstack
 	sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
 	sed -i '/^"debug-steve/d' Configure # 0.9.8k shipped broken
 	./config --test-sanity || die "I AM NOT SANE"
 }
 src_configure() {
 	unset APPS #197996
 	unset SCRIPTS #312551
 	tc-export CC AR RANLIB
 	# Clean out patent-or-otherwise-encumbered code
 	# Camellia: Royalty Free            http://en.wikipedia.org/wiki/Camellia_(cipher)
 	# IDEA:     Expired                 http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
 	# EC:       ????????? ??/??/2015    http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
 	# MDC2:     Expired                 http://en.wikipedia.org/wiki/MDC-2
 	# RC5:      5,724,428 03/03/2015    http://en.wikipedia.org/wiki/RC5
 	use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; }
 	echoit() { echo "$@" ; "$@" ; }
 	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
 	local sslout=$(./gentoo.config)
 	einfo "Use configuration ${sslout:-(openssl knows best)}"
 	local config="Configure"
 	[[ -z ${sslout} ]] && config="config"
 	echoit \
 	./${config} \
 		${sslout} \
 		$(use sse2 || echo "no-sse2") \
 		enable-camellia \
 		$(use_ssl !bindist ec) \
 		enable-idea \
 		enable-mdc2 \
 		$(use_ssl !bindist rc5) \
 		enable-tlsext \
 		$(use_ssl gmp gmp -lgmp) \
 		$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
 		$(use_ssl zlib) \
 		--prefix=/usr \
 		--openssldir=/etc/ssl \
 		shared threads \
 		|| die "Configure failed"
 	# Clean out hardcoded flags that openssl uses
 	local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
 		-e 's:^CFLAG=::' \
 		-e 's:-fomit-frame-pointer ::g' \
 		-e 's:-O[0-9] ::g' \
 		-e 's:-march=[-a-z0-9]* ::g' \
 		-e 's:-mcpu=[-a-z0-9]* ::g' \
 		-e 's:-m[a-z0-9]* ::g' \
 	)
 	sed -i \
 		-e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \
 		-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
 		-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
 		Makefile || die
 }
 src_compile() {
 	# depend is needed to use $confopts
 	emake -j1 depend || die "depend failed"
 	emake -j1 build_libs || die "make build_libs failed"
 }
 src_test() {
 	emake -j1 test || die "make test failed"
 }
 src_install() {
 	dolib.so lib{crypto,ssl}.so.0.9.8 || die
 }
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8w.ebuild
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8w.ebuild
@ -1,141 +0,0 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8w.ebuild,v 1.4 2012/05/25 17:41:49 vapier Exp $
 # this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat
 EAPI="2"
 inherit eutils flag-o-matic toolchain-funcs multilib
 DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1"
 HOMEPAGE="http://www.openssl.org/"
 SRC_URI="mirror://openssl/source/${P}.tar.gz"
 LICENSE="openssl"
 SLOT="0.9.8"
 KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd"
 IUSE="bindist gmp kerberos sse2 test zlib"
 RDEPEND="gmp? ( dev-libs/gmp )
 	zlib? ( sys-libs/zlib )
 	kerberos? ( app-crypt/mit-krb5 )
 	!=dev-libs/openssl-0.9.8*:0"
 DEPEND="${RDEPEND}
 	sys-apps/diffutils
 	>=dev-lang/perl-5
 	test? ( sys-devel/bc )"
 pkg_setup() {
 	# avoid collisions with openssl-1 (preserve lib)
 	if ! has_version dev-libs/openssl:${SLOT} ; then
 		ewarn "Removing lib{crypto,ssl}.so.0.9.8 to avoid collision with openssl-1"
 		rm -f "${ROOT}"/usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
 	fi
 }
 src_prepare() {
 	epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch
 	epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438
 	epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130
 	# disable fips in the build
 	# make sure the man pages are suffixed #302165
 	# don't bother building man pages if they're disabled
 	sed -i \
 		-e '/DIRS/s: fips : :g' \
 		-e '/^MANSUFFIX/s:=.*:=ssl:' \
 		-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
 		-e $(has noman FEATURES \
 			&& echo '/^install:/s:install_docs::' \
 			|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
 		Makefile{,.org} \
 		|| die
 	# show the actual commands in the log
 	sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
 	# update the enginedir path
 	sed -i \
 		-e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \
 		Configure || die
 	# allow openssl to be cross-compiled
 	cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed"
 	chmod a+rx gentoo.config
 	append-flags -fno-strict-aliasing
 	append-flags -Wa,--noexecstack
 	sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
 	sed -i '/^"debug-steve/d' Configure # 0.9.8k shipped broken
 	./config --test-sanity || die "I AM NOT SANE"
 }
 src_configure() {
 	unset APPS #197996
 	unset SCRIPTS #312551
 	tc-export CC AR RANLIB
 	# Clean out patent-or-otherwise-encumbered code
 	# Camellia: Royalty Free            http://en.wikipedia.org/wiki/Camellia_(cipher)
 	# IDEA:     Expired                 http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
 	# EC:       ????????? ??/??/2015    http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
 	# MDC2:     Expired                 http://en.wikipedia.org/wiki/MDC-2
 	# RC5:      5,724,428 03/03/2015    http://en.wikipedia.org/wiki/RC5
 	use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; }
 	echoit() { echo "$@" ; "$@" ; }
 	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
 	local sslout=$(./gentoo.config)
 	einfo "Use configuration ${sslout:-(openssl knows best)}"
 	local config="Configure"
 	[[ -z ${sslout} ]] && config="config"
 	echoit \
 	./${config} \
 		${sslout} \
 		$(use sse2 || echo "no-sse2") \
 		enable-camellia \
 		$(use_ssl !bindist ec) \
 		enable-idea \
 		enable-mdc2 \
 		$(use_ssl !bindist rc5) \
 		enable-tlsext \
 		$(use_ssl gmp gmp -lgmp) \
 		$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
 		$(use_ssl zlib) \
 		--prefix=/usr \
 		--openssldir=/etc/ssl \
 		shared threads \
 		|| die "Configure failed"
 	# Clean out hardcoded flags that openssl uses
 	local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
 		-e 's:^CFLAG=::' \
 		-e 's:-fomit-frame-pointer ::g' \
 		-e 's:-O[0-9] ::g' \
 		-e 's:-march=[-a-z0-9]* ::g' \
 		-e 's:-mcpu=[-a-z0-9]* ::g' \
 		-e 's:-m[a-z0-9]* ::g' \
 	)
 	sed -i \
 		-e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \
 		-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
 		-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
 		Makefile || die
 }
 src_compile() {
 	# depend is needed to use $confopts
 	emake -j1 depend || die "depend failed"
 	emake -j1 build_libs || die "make build_libs failed"
 }
 src_test() {
 	emake -j1 test || die "make test failed"
 }
 src_install() {
 	dolib.so lib{crypto,ssl}.so.0.9.8 || die
 }
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8x.ebuild
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8x.ebuild
@ -1,141 +0,0 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8x.ebuild,v 1.4 2012/05/25 17:41:49 vapier Exp $
 # this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat
 EAPI="2"
 inherit eutils flag-o-matic toolchain-funcs multilib
 DESCRIPTION="Toolkit for SSL v2/v3 and TLS v1"
 HOMEPAGE="http://www.openssl.org/"
 SRC_URI="mirror://openssl/source/${P}.tar.gz"
 LICENSE="openssl"
 SLOT="0.9.8"
 KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd"
 IUSE="bindist gmp kerberos sse2 test zlib"
 RDEPEND="gmp? ( dev-libs/gmp )
 	zlib? ( sys-libs/zlib )
 	kerberos? ( app-crypt/mit-krb5 )
 	!=dev-libs/openssl-0.9.8*:0"
 DEPEND="${RDEPEND}
 	sys-apps/diffutils
 	>=dev-lang/perl-5
 	test? ( sys-devel/bc )"
 pkg_setup() {
 	# avoid collisions with openssl-1 (preserve lib)
 	if ! has_version dev-libs/openssl:${SLOT} ; then
 		ewarn "Removing lib{crypto,ssl}.so.0.9.8 to avoid collision with openssl-1"
 		rm -f "${ROOT}"/usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
 	fi
 }
 src_prepare() {
 	epatch "${FILESDIR}"/${PN}-0.9.8e-bsd-sparc64.patch
 	epatch "${FILESDIR}"/${PN}-0.9.8h-ldflags.patch #181438
 	epatch "${FILESDIR}"/${PN}-0.9.8m-binutils.patch #289130
 	# disable fips in the build
 	# make sure the man pages are suffixed #302165
 	# don't bother building man pages if they're disabled
 	sed -i \
 		-e '/DIRS/s: fips : :g' \
 		-e '/^MANSUFFIX/s:=.*:=ssl:' \
 		-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
 		-e $(has noman FEATURES \
 			&& echo '/^install:/s:install_docs::' \
 			|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
 		Makefile{,.org} \
 		|| die
 	# show the actual commands in the log
 	sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
 	# update the enginedir path
 	sed -i \
 		-e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \
 		Configure || die
 	# allow openssl to be cross-compiled
 	cp "${FILESDIR}"/gentoo.config-0.9.8 gentoo.config || die "cp cross-compile failed"
 	chmod a+rx gentoo.config
 	append-flags -fno-strict-aliasing
 	append-flags -Wa,--noexecstack
 	sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
 	sed -i '/^"debug-steve/d' Configure # 0.9.8k shipped broken
 	./config --test-sanity || die "I AM NOT SANE"
 }
 src_configure() {
 	unset APPS #197996
 	unset SCRIPTS #312551
 	tc-export CC AR RANLIB
 	# Clean out patent-or-otherwise-encumbered code
 	# Camellia: Royalty Free            http://en.wikipedia.org/wiki/Camellia_(cipher)
 	# IDEA:     Expired                 http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
 	# EC:       ????????? ??/??/2015    http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
 	# MDC2:     Expired                 http://en.wikipedia.org/wiki/MDC-2
 	# RC5:      5,724,428 03/03/2015    http://en.wikipedia.org/wiki/RC5
 	use_ssl() { use $1 && echo "enable-${2:-$1} ${*:3}" || echo "no-${2:-$1}" ; }
 	echoit() { echo "$@" ; "$@" ; }
 	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
 	local sslout=$(./gentoo.config)
 	einfo "Use configuration ${sslout:-(openssl knows best)}"
 	local config="Configure"
 	[[ -z ${sslout} ]] && config="config"
 	echoit \
 	./${config} \
 		${sslout} \
 		$(use sse2 || echo "no-sse2") \
 		enable-camellia \
 		$(use_ssl !bindist ec) \
 		enable-idea \
 		enable-mdc2 \
 		$(use_ssl !bindist rc5) \
 		enable-tlsext \
 		$(use_ssl gmp gmp -lgmp) \
 		$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
 		$(use_ssl zlib) \
 		--prefix=/usr \
 		--openssldir=/etc/ssl \
 		shared threads \
 		|| die "Configure failed"
 	# Clean out hardcoded flags that openssl uses
 	local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
 		-e 's:^CFLAG=::' \
 		-e 's:-fomit-frame-pointer ::g' \
 		-e 's:-O[0-9] ::g' \
 		-e 's:-march=[-a-z0-9]* ::g' \
 		-e 's:-mcpu=[-a-z0-9]* ::g' \
 		-e 's:-m[a-z0-9]* ::g' \
 	)
 	sed -i \
 		-e "/^LIBDIR=/s|=.*|=$(get_libdir)|" \
 		-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
 		-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
 		Makefile || die
 }
 src_compile() {
 	# depend is needed to use $confopts
 	emake -j1 depend || die "depend failed"
 	emake -j1 build_libs || die "make build_libs failed"
 }
 src_test() {
 	emake -j1 test || die "make test failed"
 }
 src_install() {
 	dolib.so lib{crypto,ssl}.so.0.9.8 || die
 }
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8y.ebuild
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-0.9.8y.ebuild
@ -1,6 +1,6 @@
-# Copyright 1999-2012 Gentoo Foundation
+# Copyright 1999-2013 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8u.ebuild,v 1.5 2012/05/25 17:41:49 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-0.9.8y.ebuild,v 1.8 2013/10/13 11:18:08 ago Exp $
 # this ebuild is only for the libcrypto.so.0.9.8 and libssl.so.0.9.8 SONAME for ABI compat
@ -14,7 +14,7 @@ SRC_URI="mirror://openssl/source/${P}.tar.gz"
 LICENSE="openssl"
 SLOT="0.9.8"
-KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd"
+KEYWORDS="alpha amd64 ~arm ~hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~sparc-fbsd ~x86-fbsd"
 IUSE="bindist gmp kerberos sse2 test zlib"
 RDEPEND="gmp? ( dev-libs/gmp )
@ -53,8 +53,10 @@ src_prepare() {
 		|| die
 	# show the actual commands in the log
 	sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
-	# update the enginedir path
+	# update the enginedir path.
 	# punt broken config we don't care about as it fails sanity check.
 	sed -i \
 		-e '/^"debug-ben-debug-64"/d' \
 		-e "/foo.*engines/s|/lib/engines|/$(get_libdir)/engines|" \
 		Configure || die
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0h.ebuild
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0h.ebuild
@ -1,213 +0,0 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0h.ebuild,v 1.7 2012/05/25 17:41:49 vapier Exp $
 EAPI="4"
 inherit eutils flag-o-matic toolchain-funcs multilib
 REV="1.7"
 DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
 HOMEPAGE="http://www.openssl.org/"
 SRC_URI="mirror://openssl/source/${P}.tar.gz
 	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
 LICENSE="openssl"
 SLOT="0"
 KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd"
 IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test zlib"
 # Have the sub-libs in RDEPEND with [static-libs] since, logically,
 # our libssl.a depends on libz.a/etc... at runtime.
 LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] )
 	zlib? ( sys-libs/zlib[static-libs(+)] )
 	kerberos? ( app-crypt/mit-krb5 )"
 RDEPEND="static-libs? ( ${LIB_DEPEND} )
 	!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )"
 DEPEND="${RDEPEND}
 	sys-apps/diffutils
 	>=dev-lang/perl-5
 	test? ( sys-devel/bc )"
 PDEPEND="app-misc/ca-certificates"
 src_unpack() {
 	unpack ${P}.tar.gz
 	SSL_CNF_DIR="/etc/ssl"
 	sed \
 		-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \
 		"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
 		> "${WORKDIR}"/c_rehash || die #416717
 }
 src_prepare() {
 	# Make sure we only ever touch Makefile.org and avoid patching a file
 	# that gets blown away anyways by the Configure script in src_configure
 	rm -f Makefile
 	epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
 	epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089
 	epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
 	epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
 	epatch "${FILESDIR}"/${PN}-1.0.0e-parallel-build.patch
 	epatch "${FILESDIR}"/${PN}-1.0.0e-x32.patch
 	epatch_user #332661
 	# disable fips in the build
 	# make sure the man pages are suffixed #302165
 	# don't bother building man pages if they're disabled
 	sed -i \
 		-e '/DIRS/s: fips : :g' \
 		-e '/^MANSUFFIX/s:=.*:=ssl:' \
 		-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
 		-e $(has noman FEATURES \
 			&& echo '/^install:/s:install_docs::' \
 			|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
 		Makefile.org \
 		|| die
 	# show the actual commands in the log
 	sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
 	# allow openssl to be cross-compiled
 	cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die
 	chmod a+rx gentoo.config
 	append-flags -fno-strict-aliasing
 	append-flags $(test-flags-CC -Wa,--noexecstack)
 	sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
 	./config --test-sanity || die "I AM NOT SANE"
 }
 src_configure() {
 	unset APPS #197996
 	unset SCRIPTS #312551
 	unset CROSS_COMPILE #311473
 	tc-export CC AR RANLIB RC
 	# Clean out patent-or-otherwise-encumbered code
 	# Camellia: Royalty Free            http://en.wikipedia.org/wiki/Camellia_(cipher)
 	# IDEA:     Expired                 http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
 	# EC:       ????????? ??/??/2015    http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
 	# MDC2:     Expired                 http://en.wikipedia.org/wiki/MDC-2
 	# RC5:      5,724,428 03/03/2015    http://en.wikipedia.org/wiki/RC5
 	use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
 	echoit() { echo "$@" ; "$@" ; }
 	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
 	local sslout=$(./gentoo.config)
 	einfo "Use configuration ${sslout:-(openssl knows best)}"
 	local config="Configure"
 	[[ -z ${sslout} ]] && config="config"
 	echoit \
 	./${config} \
 		${sslout} \
 		$(use sse2 || echo "no-sse2") \
 		enable-camellia \
 		$(use_ssl !bindist ec) \
 		enable-idea \
 		enable-mdc2 \
 		$(use_ssl !bindist rc5) \
 		enable-tlsext \
 		$(use_ssl gmp gmp -lgmp) \
 		$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
 		$(use_ssl rfc3779) \
 		$(use_ssl zlib) \
 		--prefix=/usr \
 		--openssldir=${SSL_CNF_DIR} \
 		--libdir=$(get_libdir) \
 		shared threads \
 		|| die
 	# Clean out hardcoded flags that openssl uses
 	local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
 		-e 's:^CFLAG=::' \
 		-e 's:-fomit-frame-pointer ::g' \
 		-e 's:-O[0-9] ::g' \
 		-e 's:-march=[-a-z0-9]* ::g' \
 		-e 's:-mcpu=[-a-z0-9]* ::g' \
 		-e 's:-m[a-z0-9]* ::g' \
 	)
 	sed -i \
 		-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
 		-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
 		Makefile || die
 }
 src_compile() {
 	# depend is needed to use $confopts; it also doesn't matter
 	# that it's -j1 as the code itself serializes subdirs
 	emake -j1 depend || die
 	emake all || die
 	# rehash is needed to prep the certs/ dir; do this
 	# separately to avoid parallel build issues.
 	emake rehash || die
 }
 src_test() {
 	emake -j1 test || die
 }
 src_install() {
 	emake INSTALL_PREFIX="${D}" install || die
 	dobin "${WORKDIR}"/c_rehash || die #333117
 	dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
 	dohtml -r doc/*
 	use rfc3779 && dodoc engines/ccgost/README.gost
 	# This is crappy in that the static archives are still built even
 	# when USE=static-libs.  But this is due to a failing in the openssl
 	# build system: the static archives are built as PIC all the time.
 	# Only way around this would be to manually configure+compile openssl
 	# twice; once with shared lib support enabled and once without.
 	use static-libs || rm -f "${D}"/usr/lib*/lib*.a
 	# create the certs directory
 	dodir ${SSL_CNF_DIR}/certs
 	cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die
 	rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired}
 	# Namespace openssl programs to prevent conflicts with other man pages
 	cd "${D}"/usr/share/man
 	local m d s
 	for m in $(find . -type f | xargs grep -L '#include') ; do
 		d=${m%/*} ; d=${d#./} ; m=${m##*/}
 		[[ ${m} == openssl.1* ]] && continue
 		[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
 		mv ${d}/{,ssl-}${m}
 		# fix up references to renamed man pages
 		sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
 		ln -s ssl-${m} ${d}/openssl-${m}
 		# locate any symlinks that point to this man page ... we assume
 		# that any broken links are due to the above renaming
 		for s in $(find -L ${d} -type l) ; do
 			s=${s##*/}
 			rm -f ${d}/${s}
 			ln -s ssl-${m} ${d}/ssl-${s}
 			ln -s ssl-${s} ${d}/openssl-${s}
 		done
 	done
 	[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
 	dodir /etc/sandbox.d #254521
 	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
 	diropts -m0700
 	keepdir ${SSL_CNF_DIR}/private
 }
 pkg_preinst() {
 	has_version ${CATEGORY}/${PN}:0.9.8 && return 0
 	preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
 }
 pkg_postinst() {
 	ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
 	c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
 	eend $?
 	has_version ${CATEGORY}/${PN}:0.9.8 && return 0
 	preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
 }
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0j.ebuild
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.0j.ebuild
@ -1,6 +1,6 @@
-# Copyright 1999-2012 Gentoo Foundation
+# Copyright 1999-2013 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0j.ebuild,v 1.9 2012/05/25 17:41:49 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0j.ebuild,v 1.10 2013/02/08 06:17:18 vapier Exp $
 EAPI="4"
@ -10,7 +10,7 @@ REV="1.7"
 DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
 HOMEPAGE="http://www.openssl.org/"
 SRC_URI="mirror://openssl/source/${P}.tar.gz
-	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
+	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
 LICENSE="openssl"
 SLOT="0"
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r1.ebuild
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r1.ebuild
@ -1,21 +1,21 @@
-# Copyright 1999-2012 Gentoo Foundation
+# Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1a.ebuild,v 1.6 2012/05/25 17:41:49 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1e-r1.ebuild,v 1.17 2014/01/16 17:37:37 vapier Exp $
 EAPI="4"
 inherit eutils flag-o-matic toolchain-funcs multilib
 REV="1.7"
-DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
+DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
 HOMEPAGE="http://www.openssl.org/"
 SRC_URI="mirror://openssl/source/${P}.tar.gz
-	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
+	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
 LICENSE="openssl"
 SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
+KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc -ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
-IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test vanilla zlib"
+IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib"
 # Have the sub-libs in RDEPEND with [static-libs] since, logically,
 # our libssl.a depends on libz.a/etc... at runtime.
@ -39,7 +39,8 @@ src_unpack() {
 	unpack ${P}.tar.gz
 	SSL_CNF_DIR="/etc/ssl"
 	sed \
-		-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \
+		-e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \
 		-e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \
 		"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
 		> "${WORKDIR}"/c_rehash || die #416717
 }
@ -51,13 +52,13 @@ src_prepare() {
 	if ! use vanilla ; then
 		epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
 		epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089
 		epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
 		epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
 		epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch
 		epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch
-		epatch "${FILESDIR}"/${PN}-1.0.1-ipv6.patch
+		epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch
-		epatch "${FILESDIR}"/${P}-hmac-ia32cap.patch
+		epatch "${FILESDIR}"/${P}-bad-mac-aes-ni.patch #463444
 		epatch "${FILESDIR}"/${PN}-1.0.1e-perl-5.18.patch #483820
 		epatch_user #332661
 	fi
@ -70,20 +71,22 @@ src_prepare() {
 		-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
 		-e $(has noman FEATURES \
 			&& echo '/^install:/s:install_docs::' \
-			|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
+			|| echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
 		Makefile.org \
 		|| die
 	# show the actual commands in the log
 	sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
 	# allow openssl to be cross-compiled
-	cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die
+	cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die
 	chmod a+rx gentoo.config
 	append-flags -fno-strict-aliasing
 	append-flags $(test-flags-CC -Wa,--noexecstack)
-	sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
+	sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
 	# The config script does stupid stuff to prompt the user.  Kill it.
 	sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
 	./config --test-sanity || die "I AM NOT SANE"
 }
@ -106,6 +109,16 @@ src_configure() {
 	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
 	# See if our toolchain supports __uint128_t.  If so, it's 64bit
 	# friendly and can use the nicely optimized code paths. #460790
 	local ec_nistp_64_gcc_128
 	if ! use bindist ; then
 		echo "__uint128_t i;" > "${T}"/128.c
 		if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
 			ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
 		fi
 	fi
 	local sslout=$(./gentoo.config)
 	einfo "Use configuration ${sslout:-(openssl knows best)}"
 	local config="Configure"
@ -116,6 +129,7 @@ src_configure() {
 		$(use sse2 || echo "no-sse2") \
 		enable-camellia \
 		$(use_ssl !bindist ec) \
 		${ec_nistp_64_gcc_128} \
 		enable-idea \
 		enable-mdc2 \
 		$(use_ssl !bindist rc5) \
@ -123,9 +137,10 @@ src_configure() {
 		$(use_ssl gmp gmp -lgmp) \
 		$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
 		$(use_ssl rfc3779) \
 		$(use_ssl tls-heartbeat heartbeats) \
 		$(use_ssl zlib) \
-		--prefix=/usr \
+		--prefix="${EPREFIX}"/usr \
-		--openssldir=${SSL_CNF_DIR} \
+		--openssldir="${EPREFIX}"${SSL_CNF_DIR} \
 		--libdir=$(get_libdir) \
 		shared threads \
 		|| die
@ -171,15 +186,15 @@ src_install() {
 	# build system: the static archives are built as PIC all the time.
 	# Only way around this would be to manually configure+compile openssl
 	# twice; once with shared lib support enabled and once without.
-	use static-libs || rm -f "${D}"/usr/lib*/lib*.a
+	use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
 	# create the certs directory
 	dodir ${SSL_CNF_DIR}/certs
-	cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die
+	cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
-	rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired}
+	rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
 	# Namespace openssl programs to prevent conflicts with other man pages
-	cd "${D}"/usr/share/man
+	cd "${ED}"/usr/share/man
 	local m d s
 	for m in $(find . -type f | xargs grep -L '#include') ; do
 		d=${m%/*} ; d=${d#./} ; m=${m##*/}
@ -201,7 +216,7 @@ src_install() {
 	[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
 	dodir /etc/sandbox.d #254521
-	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
+	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
 	diropts -m0700
 	keepdir ${SSL_CNF_DIR}/private
@ -213,8 +228,8 @@ pkg_preinst() {
 }
 pkg_postinst() {
-	ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
+	ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
-	c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
+	c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
 	eend $?
 	has_version ${CATEGORY}/${PN}:0.9.8 && return 0
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r2.ebuild
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r2.ebuild
@ -1,21 +1,21 @@
-# Copyright 1999-2012 Gentoo Foundation
+# Copyright 1999-2013 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1b.ebuild,v 1.3 2012/05/25 17:41:49 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1e-r2.ebuild,v 1.1 2013/10/23 16:10:35 vapier Exp $
 EAPI="4"
 inherit eutils flag-o-matic toolchain-funcs multilib
 REV="1.7"
-DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
+DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
 HOMEPAGE="http://www.openssl.org/"
 SRC_URI="mirror://openssl/source/${P}.tar.gz
-	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
+	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
 LICENSE="openssl"
 SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
-IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test vanilla zlib"
+IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib"
 # Have the sub-libs in RDEPEND with [static-libs] since, logically,
 # our libssl.a depends on libz.a/etc... at runtime.
@ -39,7 +39,8 @@ src_unpack() {
 	unpack ${P}.tar.gz
 	SSL_CNF_DIR="/etc/ssl"
 	sed \
-		-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \
+		-e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \
 		-e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \
 		"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
 		> "${WORKDIR}"/c_rehash || die #416717
 }
@ -51,12 +52,14 @@ src_prepare() {
 	if ! use vanilla ; then
 		epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
 		epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089
 		epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
 		epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
 		epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch
 		epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch
-		epatch "${FILESDIR}"/${PN}-1.0.1-ipv6.patch
+		epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch
 		epatch "${FILESDIR}"/${P}-bad-mac-aes-ni.patch #463444
 		epatch "${FILESDIR}"/${PN}-1.0.1e-perl-5.18.patch #483820
 		epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584
 		epatch_user #332661
 	fi
@ -69,20 +72,22 @@ src_prepare() {
 		-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
 		-e $(has noman FEATURES \
 			&& echo '/^install:/s:install_docs::' \
-			|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
+			|| echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
 		Makefile.org \
 		|| die
 	# show the actual commands in the log
 	sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
 	# allow openssl to be cross-compiled
-	cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die
+	cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die
 	chmod a+rx gentoo.config
 	append-flags -fno-strict-aliasing
 	append-flags $(test-flags-CC -Wa,--noexecstack)
-	sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
+	sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
 	# The config script does stupid stuff to prompt the user.  Kill it.
 	sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
 	./config --test-sanity || die "I AM NOT SANE"
 }
@ -105,6 +110,17 @@ src_configure() {
 	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
 	# See if our toolchain supports __uint128_t.  If so, it's 64bit
 	# friendly and can use the nicely optimized code paths. #460790
 	local ec_nistp_64_gcc_128
 	# Disable it for now though #469976
 	#if ! use bindist ; then
 	#	echo "__uint128_t i;" > "${T}"/128.c
 	#	if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
 	#		ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
 	#	fi
 	#fi
 	local sslout=$(./gentoo.config)
 	einfo "Use configuration ${sslout:-(openssl knows best)}"
 	local config="Configure"
@ -115,6 +131,7 @@ src_configure() {
 		$(use sse2 || echo "no-sse2") \
 		enable-camellia \
 		$(use_ssl !bindist ec) \
 		${ec_nistp_64_gcc_128} \
 		enable-idea \
 		enable-mdc2 \
 		$(use_ssl !bindist rc5) \
@ -122,9 +139,10 @@ src_configure() {
 		$(use_ssl gmp gmp -lgmp) \
 		$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
 		$(use_ssl rfc3779) \
 		$(use_ssl tls-heartbeat heartbeats) \
 		$(use_ssl zlib) \
-		--prefix=/usr \
+		--prefix="${EPREFIX}"/usr \
-		--openssldir=${SSL_CNF_DIR} \
+		--openssldir="${EPREFIX}"${SSL_CNF_DIR} \
 		--libdir=$(get_libdir) \
 		shared threads \
 		|| die
@ -170,15 +188,15 @@ src_install() {
 	# build system: the static archives are built as PIC all the time.
 	# Only way around this would be to manually configure+compile openssl
 	# twice; once with shared lib support enabled and once without.
-	use static-libs || rm -f "${D}"/usr/lib*/lib*.a
+	use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
 	# create the certs directory
 	dodir ${SSL_CNF_DIR}/certs
-	cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die
+	cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
-	rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired}
+	rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
 	# Namespace openssl programs to prevent conflicts with other man pages
-	cd "${D}"/usr/share/man
+	cd "${ED}"/usr/share/man
 	local m d s
 	for m in $(find . -type f | xargs grep -L '#include') ; do
 		d=${m%/*} ; d=${d#./} ; m=${m##*/}
@ -200,7 +218,7 @@ src_install() {
 	[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
 	dodir /etc/sandbox.d #254521
-	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
+	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
 	diropts -m0700
 	keepdir ${SSL_CNF_DIR}/private
@ -212,8 +230,8 @@ pkg_preinst() {
 }
 pkg_postinst() {
-	ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
+	ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
-	c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
+	c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
 	eend $?
 	has_version ${CATEGORY}/${PN}:0.9.8 && return 0
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r3.ebuild
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e-r3.ebuild
@ -0,0 +1,241 @@
 # Copyright 1999-2013 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1e-r3.ebuild,v 1.1 2013/12/20 19:26:59 vapier Exp $
 EAPI="4"
 inherit eutils flag-o-matic toolchain-funcs multilib
 REV="1.7"
 DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
 HOMEPAGE="http://www.openssl.org/"
 SRC_URI="mirror://openssl/source/${P}.tar.gz
 	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
 LICENSE="openssl"
 SLOT="0"
 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
 IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib"
 # Have the sub-libs in RDEPEND with [static-libs] since, logically,
 # our libssl.a depends on libz.a/etc... at runtime.
 LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] )
 	zlib? ( sys-libs/zlib[static-libs(+)] )
 	kerberos? ( app-crypt/mit-krb5 )"
 # The blocks are temporary just to make sure people upgrade to a
 # version that lack runtime version checking.  We'll drop them in
 # the future.
 RDEPEND="static-libs? ( ${LIB_DEPEND} )
 	!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )
 	!<net-misc/openssh-5.9_p1-r4
 	!<net-libs/neon-0.29.6-r1"
 DEPEND="${RDEPEND}
 	sys-apps/diffutils
 	>=dev-lang/perl-5
 	test? ( sys-devel/bc )"
 PDEPEND="app-misc/ca-certificates"
 src_unpack() {
 	unpack ${P}.tar.gz
 	SSL_CNF_DIR="/etc/ssl"
 	sed \
 		-e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \
 		-e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \
 		"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
 		> "${WORKDIR}"/c_rehash || die #416717
 }
 src_prepare() {
 	# Make sure we only ever touch Makefile.org and avoid patching a file
 	# that gets blown away anyways by the Configure script in src_configure
 	rm -f Makefile
 	if ! use vanilla ; then
 		epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
 		epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
 		epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
 		epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch
 		epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch
 		epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch
 		epatch "${FILESDIR}"/${P}-bad-mac-aes-ni.patch #463444
 		epatch "${FILESDIR}"/${PN}-1.0.1e-perl-5.18.patch #483820
 		epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584
 		epatch "${FILESDIR}"/${P}-tls-ver-crash.patch #494816
 		epatch "${FILESDIR}"/${P}-rdrand-explicit.patch
 		epatch_user #332661
 	fi
 	# disable fips in the build
 	# make sure the man pages are suffixed #302165
 	# don't bother building man pages if they're disabled
 	sed -i \
 		-e '/DIRS/s: fips : :g' \
 		-e '/^MANSUFFIX/s:=.*:=ssl:' \
 		-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
 		-e $(has noman FEATURES \
 			&& echo '/^install:/s:install_docs::' \
 			|| echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
 		Makefile.org \
 		|| die
 	# show the actual commands in the log
 	sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
 	# allow openssl to be cross-compiled
 	cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die
 	chmod a+rx gentoo.config
 	append-flags -fno-strict-aliasing
 	append-flags $(test-flags-CC -Wa,--noexecstack)
 	sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
 	# The config script does stupid stuff to prompt the user.  Kill it.
 	sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
 	./config --test-sanity || die "I AM NOT SANE"
 }
 src_configure() {
 	unset APPS #197996
 	unset SCRIPTS #312551
 	unset CROSS_COMPILE #311473
 	tc-export CC AR RANLIB RC
 	# Clean out patent-or-otherwise-encumbered code
 	# Camellia: Royalty Free            http://en.wikipedia.org/wiki/Camellia_(cipher)
 	# IDEA:     Expired                 http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
 	# EC:       ????????? ??/??/2015    http://en.wikipedia.org/wiki/Elliptic_Curve_Cryptography
 	# MDC2:     Expired                 http://en.wikipedia.org/wiki/MDC-2
 	# RC5:      5,724,428 03/03/2015    http://en.wikipedia.org/wiki/RC5
 	use_ssl() { usex $1 "enable-${2:-$1}" "no-${2:-$1}" " ${*:3}" ; }
 	echoit() { echo "$@" ; "$@" ; }
 	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
 	# See if our toolchain supports __uint128_t.  If so, it's 64bit
 	# friendly and can use the nicely optimized code paths. #460790
 	local ec_nistp_64_gcc_128
 	# Disable it for now though #469976
 	#if ! use bindist ; then
 	#	echo "__uint128_t i;" > "${T}"/128.c
 	#	if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
 	#		ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
 	#	fi
 	#fi
 	local sslout=$(./gentoo.config)
 	einfo "Use configuration ${sslout:-(openssl knows best)}"
 	local config="Configure"
 	[[ -z ${sslout} ]] && config="config"
 	echoit \
 	./${config} \
 		${sslout} \
 		$(use sse2 || echo "no-sse2") \
 		enable-camellia \
 		$(use_ssl !bindist ec) \
 		${ec_nistp_64_gcc_128} \
 		enable-idea \
 		enable-mdc2 \
 		$(use_ssl !bindist rc5) \
 		enable-tlsext \
 		$(use_ssl gmp gmp -lgmp) \
 		$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
 		$(use_ssl rfc3779) \
 		$(use_ssl tls-heartbeat heartbeats) \
 		$(use_ssl zlib) \
 		--prefix="${EPREFIX}"/usr \
 		--openssldir="${EPREFIX}"${SSL_CNF_DIR} \
 		--libdir=$(get_libdir) \
 		shared threads \
 		|| die
 	# Clean out hardcoded flags that openssl uses
 	local CFLAG=$(grep ^CFLAG= Makefile | LC_ALL=C sed \
 		-e 's:^CFLAG=::' \
 		-e 's:-fomit-frame-pointer ::g' \
 		-e 's:-O[0-9] ::g' \
 		-e 's:-march=[-a-z0-9]* ::g' \
 		-e 's:-mcpu=[-a-z0-9]* ::g' \
 		-e 's:-m[a-z0-9]* ::g' \
 	)
 	sed -i \
 		-e "/^CFLAG/s|=.*|=${CFLAG} ${CFLAGS}|" \
 		-e "/^SHARED_LDFLAGS=/s|$| ${LDFLAGS}|" \
 		Makefile || die
 }
 src_compile() {
 	# depend is needed to use $confopts; it also doesn't matter
 	# that it's -j1 as the code itself serializes subdirs
 	emake -j1 depend
 	emake all
 	# rehash is needed to prep the certs/ dir; do this
 	# separately to avoid parallel build issues.
 	emake rehash
 }
 src_test() {
 	emake -j1 test
 }
 src_install() {
 	emake INSTALL_PREFIX="${D}" install
 	dobin "${WORKDIR}"/c_rehash #333117
 	dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
 	dohtml -r doc/*
 	use rfc3779 && dodoc engines/ccgost/README.gost
 	# This is crappy in that the static archives are still built even
 	# when USE=static-libs.  But this is due to a failing in the openssl
 	# build system: the static archives are built as PIC all the time.
 	# Only way around this would be to manually configure+compile openssl
 	# twice; once with shared lib support enabled and once without.
 	use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
 	# create the certs directory
 	dodir ${SSL_CNF_DIR}/certs
 	cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
 	rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
 	# Namespace openssl programs to prevent conflicts with other man pages
 	cd "${ED}"/usr/share/man
 	local m d s
 	for m in $(find . -type f | xargs grep -L '#include') ; do
 		d=${m%/*} ; d=${d#./} ; m=${m##*/}
 		[[ ${m} == openssl.1* ]] && continue
 		[[ -n $(find -L ${d} -type l) ]] && die "erp, broken links already!"
 		mv ${d}/{,ssl-}${m}
 		# fix up references to renamed man pages
 		sed -i '/^[.]SH "SEE ALSO"/,/^[.]/s:\([^(, ]*(1)\):ssl-\1:g' ${d}/ssl-${m}
 		ln -s ssl-${m} ${d}/openssl-${m}
 		# locate any symlinks that point to this man page ... we assume
 		# that any broken links are due to the above renaming
 		for s in $(find -L ${d} -type l) ; do
 			s=${s##*/}
 			rm -f ${d}/${s}
 			ln -s ssl-${m} ${d}/ssl-${s}
 			ln -s ssl-${s} ${d}/openssl-${s}
 		done
 	done
 	[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
 	dodir /etc/sandbox.d #254521
 	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
 	diropts -m0700
 	keepdir ${SSL_CNF_DIR}/private
 }
 pkg_preinst() {
 	has_version ${CATEGORY}/${PN}:0.9.8 && return 0
 	preserve_old_lib /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
 }
 pkg_postinst() {
 	ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
 	c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
 	eend $?
 	has_version ${CATEGORY}/${PN}:0.9.8 && return 0
 	preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
 }
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e.ebuild
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1e.ebuild
@ -1,6 +1,6 @@
 # Copyright 1999-2013 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1c.ebuild,v 1.10 2013/02/03 23:44:01 ago Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1e.ebuild,v 1.4 2013/11/26 07:27:00 polynomial-c Exp $
 EAPI="4"
@ -10,11 +10,11 @@ REV="1.7"
 DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
 HOMEPAGE="http://www.openssl.org/"
 SRC_URI="mirror://openssl/source/${P}.tar.gz
-	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
+	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
 LICENSE="openssl"
 SLOT="0"
-KEYWORDS="~alpha amd64 arm hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
+KEYWORDS="ppc64"
 IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test vanilla zlib"
 # Have the sub-libs in RDEPEND with [static-libs] since, logically,
@ -39,7 +39,8 @@ src_unpack() {
 	unpack ${P}.tar.gz
 	SSL_CNF_DIR="/etc/ssl"
 	sed \
-		-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \
+		-e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \
 		-e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \
 		"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
 		> "${WORKDIR}"/c_rehash || die #416717
 }
@ -51,12 +52,11 @@ src_prepare() {
 	if ! use vanilla ; then
 		epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
 		epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089
 		epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
 		epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
 		epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch
 		epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch
-		epatch "${FILESDIR}"/${PN}-1.0.1-ipv6.patch
+		epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch
 		epatch_user #332661
 	fi
@ -69,20 +69,20 @@ src_prepare() {
 		-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
 		-e $(has noman FEATURES \
 			&& echo '/^install:/s:install_docs::' \
-			|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
+			|| echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
 		Makefile.org \
 		|| die
 	# show the actual commands in the log
 	sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
 	# allow openssl to be cross-compiled
-	cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die
+	cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die
 	chmod a+rx gentoo.config
 	append-flags -fno-strict-aliasing
 	append-flags $(test-flags-CC -Wa,--noexecstack)
-	sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
+	sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
 	./config --test-sanity || die "I AM NOT SANE"
 }
@ -123,8 +123,8 @@ src_configure() {
 		$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
 		$(use_ssl rfc3779) \
 		$(use_ssl zlib) \
-		--prefix=/usr \
+		--prefix="${EPREFIX}"/usr \
-		--openssldir=${SSL_CNF_DIR} \
+		--openssldir="${EPREFIX}"${SSL_CNF_DIR} \
 		--libdir=$(get_libdir) \
 		shared threads \
 		|| die
@ -170,15 +170,15 @@ src_install() {
 	# build system: the static archives are built as PIC all the time.
 	# Only way around this would be to manually configure+compile openssl
 	# twice; once with shared lib support enabled and once without.
-	use static-libs || rm -f "${D}"/usr/lib*/lib*.a
+	use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
 	# create the certs directory
 	dodir ${SSL_CNF_DIR}/certs
-	cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die
+	cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
-	rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired}
+	rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
 	# Namespace openssl programs to prevent conflicts with other man pages
-	cd "${D}"/usr/share/man
+	cd "${ED}"/usr/share/man
 	local m d s
 	for m in $(find . -type f | xargs grep -L '#include') ; do
 		d=${m%/*} ; d=${d#./} ; m=${m##*/}
@ -200,7 +200,7 @@ src_install() {
 	[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
 	dodir /etc/sandbox.d #254521
-	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
+	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
 	diropts -m0700
 	keepdir ${SSL_CNF_DIR}/private
@ -212,8 +212,8 @@ pkg_preinst() {
 }
 pkg_postinst() {
-	ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
+	ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
-	c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
+	c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
 	eend $?
 	has_version ${CATEGORY}/${PN}:0.9.8 && return 0
--- a/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1f.ebuild
+++ b/sdk_container/src/third_party/portage-stable/dev-libs/openssl/openssl-1.0.1f.ebuild
@ -1,29 +1,34 @@
-# Copyright 1999-2012 Gentoo Foundation
+# Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.0i.ebuild,v 1.9 2012/05/25 17:41:49 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/openssl/openssl-1.0.1f.ebuild,v 1.14 2014/01/26 11:59:33 ago Exp $
 EAPI="4"
 inherit eutils flag-o-matic toolchain-funcs multilib
 REV="1.7"
-DESCRIPTION="full-strength general purpose cryptography library (including SSL v2/v3 and TLS v1)"
+DESCRIPTION="full-strength general purpose cryptography library (including SSL and TLS)"
 HOMEPAGE="http://www.openssl.org/"
 SRC_URI="mirror://openssl/source/${P}.tar.gz
-	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/~checkout~/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
+	http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/${PN}/${PN}-c_rehash.sh?rev=${REV} -> ${PN}-c_rehash.sh.${REV}"
 LICENSE="openssl"
 SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd"
+KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
-IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test zlib"
+IUSE="bindist gmp kerberos rfc3779 sse2 static-libs test +tls-heartbeat vanilla zlib"
 # Have the sub-libs in RDEPEND with [static-libs] since, logically,
 # our libssl.a depends on libz.a/etc... at runtime.
 LIB_DEPEND="gmp? ( dev-libs/gmp[static-libs(+)] )
 	zlib? ( sys-libs/zlib[static-libs(+)] )
 	kerberos? ( app-crypt/mit-krb5 )"
 # The blocks are temporary just to make sure people upgrade to a
 # version that lack runtime version checking.  We'll drop them in
 # the future.
 RDEPEND="static-libs? ( ${LIB_DEPEND} )
-	!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )"
+	!static-libs? ( ${LIB_DEPEND//\[static-libs(+)]} )
 	!<net-misc/openssh-5.9_p1-r4
 	!<net-libs/neon-0.29.6-r1"
 DEPEND="${RDEPEND}
 	sys-apps/diffutils
 	>=dev-lang/perl-5
@ -34,7 +39,8 @@ src_unpack() {
 	unpack ${P}.tar.gz
 	SSL_CNF_DIR="/etc/ssl"
 	sed \
-		-e "/^DIR=/s:=.*:=${SSL_CNF_DIR}:" \
+		-e "/^DIR=/s:=.*:=${EPREFIX}${SSL_CNF_DIR}:" \
 		-e "s:SSL_CMD=/usr:SSL_CMD=${EPREFIX}/usr:" \
 		"${DISTDIR}"/${PN}-c_rehash.sh.${REV} \
 		> "${WORKDIR}"/c_rehash || die #416717
 }
@ -44,13 +50,18 @@ src_prepare() {
 	# that gets blown away anyways by the Configure script in src_configure
 	rm -f Makefile
 	if ! use vanilla ; then
 		epatch "${FILESDIR}"/${PN}-1.0.0a-ldflags.patch #327421
 	epatch "${FILESDIR}"/${PN}-1.0.0d-fbsd-amd64.patch #363089
 		epatch "${FILESDIR}"/${PN}-1.0.0d-windres.patch #373743
 		epatch "${FILESDIR}"/${PN}-1.0.0h-pkg-config.patch
-	epatch "${FILESDIR}"/${PN}-1.0.0e-parallel-build.patch
+		epatch "${FILESDIR}"/${PN}-1.0.1-parallel-build.patch
-	epatch "${FILESDIR}"/${PN}-1.0.0e-x32.patch
+		epatch "${FILESDIR}"/${PN}-1.0.1-x32.patch
 		epatch "${FILESDIR}"/${PN}-1.0.1e-ipv6.patch
 		epatch "${FILESDIR}"/${PN}-1.0.1f-perl-5.18.patch #497286
 		epatch "${FILESDIR}"/${PN}-1.0.1e-s_client-verify.patch #472584
 		epatch "${FILESDIR}"/${PN}-1.0.1f-revert-alpha-perl-generation.patch #499086
 		epatch_user #332661
 	fi
 	# disable fips in the build
 	# make sure the man pages are suffixed #302165
@ -61,20 +72,22 @@ src_prepare() {
 		-e '/^MAKEDEPPROG/s:=.*:=$(CC):' \
 		-e $(has noman FEATURES \
 			&& echo '/^install:/s:install_docs::' \
-			|| echo '/^MANDIR=/s:=.*:=/usr/share/man:') \
+			|| echo '/^MANDIR=/s:=.*:='${EPREFIX}'/usr/share/man:') \
 		Makefile.org \
 		|| die
 	# show the actual commands in the log
 	sed -i '/^SET_X/s:=.*:=set -x:' Makefile.shared
 	# allow openssl to be cross-compiled
-	cp "${FILESDIR}"/gentoo.config-1.0.0 gentoo.config || die
+	cp "${FILESDIR}"/gentoo.config-1.0.1 gentoo.config || die
 	chmod a+rx gentoo.config
 	append-flags -fno-strict-aliasing
 	append-flags $(test-flags-CC -Wa,--noexecstack)
-	sed -i '1s,^:$,#!/usr/bin/perl,' Configure #141906
+	sed -i '1s,^:$,#!'${EPREFIX}'/usr/bin/perl,' Configure #141906
 	# The config script does stupid stuff to prompt the user.  Kill it.
 	sed -i '/stty -icanon min 0 time 50; read waste/d' config || die
 	./config --test-sanity || die "I AM NOT SANE"
 }
@ -97,6 +110,17 @@ src_configure() {
 	local krb5=$(has_version app-crypt/mit-krb5 && echo "MIT" || echo "Heimdal")
 	# See if our toolchain supports __uint128_t.  If so, it's 64bit
 	# friendly and can use the nicely optimized code paths. #460790
 	local ec_nistp_64_gcc_128
 	# Disable it for now though #469976
 	#if ! use bindist ; then
 	#	echo "__uint128_t i;" > "${T}"/128.c
 	#	if ${CC} ${CFLAGS} -c "${T}"/128.c -o /dev/null >&/dev/null ; then
 	#		ec_nistp_64_gcc_128="enable-ec_nistp_64_gcc_128"
 	#	fi
 	#fi
 	local sslout=$(./gentoo.config)
 	einfo "Use configuration ${sslout:-(openssl knows best)}"
 	local config="Configure"
@ -107,6 +131,7 @@ src_configure() {
 		$(use sse2 || echo "no-sse2") \
 		enable-camellia \
 		$(use_ssl !bindist ec) \
 		${ec_nistp_64_gcc_128} \
 		enable-idea \
 		enable-mdc2 \
 		$(use_ssl !bindist rc5) \
@ -114,9 +139,10 @@ src_configure() {
 		$(use_ssl gmp gmp -lgmp) \
 		$(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \
 		$(use_ssl rfc3779) \
 		$(use_ssl tls-heartbeat heartbeats) \
 		$(use_ssl zlib) \
-		--prefix=/usr \
+		--prefix="${EPREFIX}"/usr \
-		--openssldir=${SSL_CNF_DIR} \
+		--openssldir="${EPREFIX}"${SSL_CNF_DIR} \
 		--libdir=$(get_libdir) \
 		shared threads \
 		|| die
@ -139,20 +165,20 @@ src_configure() {
 src_compile() {
 	# depend is needed to use $confopts; it also doesn't matter
 	# that it's -j1 as the code itself serializes subdirs
-	emake -j1 depend || die
+	emake -j1 depend
-	emake all || die
+	emake all
 	# rehash is needed to prep the certs/ dir; do this
 	# separately to avoid parallel build issues.
-	emake rehash || die
+	emake rehash
 }
 src_test() {
-	emake -j1 test || die
+	emake -j1 test
 }
 src_install() {
-	emake INSTALL_PREFIX="${D}" install || die
+	emake INSTALL_PREFIX="${D}" install
-	dobin "${WORKDIR}"/c_rehash || die #333117
+	dobin "${WORKDIR}"/c_rehash #333117
 	dodoc CHANGES* FAQ NEWS README doc/*.txt doc/c-indentation.el
 	dohtml -r doc/*
 	use rfc3779 && dodoc engines/ccgost/README.gost
@ -162,15 +188,15 @@ src_install() {
 	# build system: the static archives are built as PIC all the time.
 	# Only way around this would be to manually configure+compile openssl
 	# twice; once with shared lib support enabled and once without.
-	use static-libs || rm -f "${D}"/usr/lib*/lib*.a
+	use static-libs || rm -f "${ED}"/usr/lib*/lib*.a
 	# create the certs directory
 	dodir ${SSL_CNF_DIR}/certs
-	cp -RP certs/* "${D}"${SSL_CNF_DIR}/certs/ || die
+	cp -RP certs/* "${ED}"${SSL_CNF_DIR}/certs/ || die
-	rm -r "${D}"${SSL_CNF_DIR}/certs/{demo,expired}
+	rm -r "${ED}"${SSL_CNF_DIR}/certs/{demo,expired}
 	# Namespace openssl programs to prevent conflicts with other man pages
-	cd "${D}"/usr/share/man
+	cd "${ED}"/usr/share/man
 	local m d s
 	for m in $(find . -type f | xargs grep -L '#include') ; do
 		d=${m%/*} ; d=${d#./} ; m=${m##*/}
@ -192,7 +218,7 @@ src_install() {
 	[[ -n $(find -L ${d} -type l) ]] && die "broken manpage links found :("
 	dodir /etc/sandbox.d #254521
-	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${D}"/etc/sandbox.d/10openssl
+	echo 'SANDBOX_PREDICT="/dev/crypto"' > "${ED}"/etc/sandbox.d/10openssl
 	diropts -m0700
 	keepdir ${SSL_CNF_DIR}/private
@ -204,8 +230,8 @@ pkg_preinst() {
 }
 pkg_postinst() {
-	ebegin "Running 'c_rehash ${ROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
+	ebegin "Running 'c_rehash ${EROOT%/}${SSL_CNF_DIR}/certs/' to rebuild hashes #333069"
-	c_rehash "${ROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
+	c_rehash "${EROOT%/}${SSL_CNF_DIR}/certs" >/dev/null
 	eend $?
 	has_version ${CATEGORY}/${PN}:0.9.8 && return 0