Migrate doc to Hugo/AsciiDoctor

I'm very pleased to announce the release of
our new website and documentation using
the new toolchain with Hugo and AsciiDoctor.

To get more information about the new toolchain
please read the FreeBSD Documentation Project Primer[1],
Hugo docs[2] and AsciiDoctor docs[3].

Acknowledgment:
Benedict Reuschling <bcr@>
Glen Barber <gjb@>
Hiroki Sato <hrs@>
Li-Wen Hsu <lwhsu@>
Sean Chittenden <seanc@>
The FreeBSD Foundation

[1] https://docs.FreeBSD.org/en/books/fdp-primer/
[2] https://gohugo.io/documentation/
[3] https://docs.asciidoctor.org/home/

Approved by:    doceng, core

4 files changed, 0 insertions, 481 deletions

diff --git a/share/security/patches/SA-20:33/openssl.11.patch b/share/security/patches/SA-20:33/openssl.11.patch
deleted file mode 100644
index d3f677651d..0000000000
--- a/share/security/patches/SA-20:33/openssl.11.patch
+++ /dev/null
@@ -1,204 +0,0 @@
---- crypto/openssl/crypto/asn1/asn1.h.orig
-+++ crypto/openssl/crypto/asn1/asn1.h
-@@ -1203,6 +1203,7 @@
- # define ASN1_F_ASN1_ITEM_DUP                             191
- # define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW                  121
- # define ASN1_F_ASN1_ITEM_EX_D2I                          120
-+# define ASN1_F_ASN1_ITEM_EX_I2D                          224
- # define ASN1_F_ASN1_ITEM_I2D_BIO                         192
- # define ASN1_F_ASN1_ITEM_I2D_FP                          193
- # define ASN1_F_ASN1_ITEM_PACK                            198
-@@ -1304,6 +1305,7 @@
- # define ASN1_R_BAD_OBJECT_HEADER                         102
- # define ASN1_R_BAD_PASSWORD_READ                         103
- # define ASN1_R_BAD_TAG                                   104
-+# define ASN1_R_BAD_TEMPLATE                              221
- # define ASN1_R_BMPSTRING_IS_WRONG_LENGTH                 214
- # define ASN1_R_BN_LIB                                    105
- # define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                   106
---- crypto/openssl/crypto/asn1/asn1_err.c.orig
-+++ crypto/openssl/crypto/asn1/asn1_err.c
-@@ -1,6 +1,6 @@
- /* crypto/asn1/asn1_err.c */
- /* ====================================================================
-- * Copyright (c) 1999-2018 The OpenSSL Project.  All rights reserved.
-+ * Copyright (c) 1999-2020 The OpenSSL Project.  All rights reserved.
-  *
-  * Redistribution and use in source and binary forms, with or without
-  * modification, are permitted provided that the following conditions
-@@ -103,6 +103,7 @@
-     {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"},
-     {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW), "ASN1_ITEM_EX_COMBINE_NEW"},
-     {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"},
-+    {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_I2D), "ASN1_item_ex_i2d"},
-     {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"},
-     {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"},
-     {ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"},
-@@ -207,6 +208,7 @@
-     {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER), "bad object header"},
-     {ERR_REASON(ASN1_R_BAD_PASSWORD_READ), "bad password read"},
-     {ERR_REASON(ASN1_R_BAD_TAG), "bad tag"},
-+    {ERR_REASON(ASN1_R_BAD_TEMPLATE), "bad template"},
-     {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH),
-      "bmpstring is wrong length"},
-     {ERR_REASON(ASN1_R_BN_LIB), "bn lib"},
---- crypto/openssl/crypto/asn1/tasn_dec.c.orig
-+++ crypto/openssl/crypto/asn1/tasn_dec.c
-@@ -223,6 +223,15 @@
-         break;
- 
-     case ASN1_ITYPE_MSTRING:
-+        /*
-+         * It never makes sense for multi-strings to have implicit tagging, so
-+         * if tag != -1, then this looks like an error in the template.
-+         */
-+        if (tag != -1) {
-+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_BAD_TEMPLATE);
-+            goto err;
-+        }
-+
-         p = *in;
-         /* Just read in tag and class */
-         ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
-@@ -240,6 +249,7 @@
-             ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL);
-             goto err;
-         }
-+
-         /* Check tag matches bit map */
-         if (!(ASN1_tag2bit(otag) & it->utype)) {
-             /* If OPTIONAL, assume this is OK */
-@@ -316,6 +326,15 @@
-         goto err;
- 
-     case ASN1_ITYPE_CHOICE:
-+        /*
-+         * It never makes sense for CHOICE types to have implicit tagging, so
-+         * if tag != -1, then this looks like an error in the template.
-+         */
-+        if (tag != -1) {
-+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_BAD_TEMPLATE);
-+            goto err;
-+        }
-+
-         if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
-             goto auxerr;
-         if (*pval) {
---- crypto/openssl/crypto/asn1/tasn_enc.c.orig
-+++ crypto/openssl/crypto/asn1/tasn_enc.c
-@@ -151,9 +151,25 @@
-         break;
- 
-     case ASN1_ITYPE_MSTRING:
-+        /*
-+         * It never makes sense for multi-strings to have implicit tagging, so
-+         * if tag != -1, then this looks like an error in the template.
-+         */
-+        if (tag != -1) {
-+            ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE);
-+            return -1;
-+        }
-         return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
- 
-     case ASN1_ITYPE_CHOICE:
-+        /*
-+         * It never makes sense for CHOICE types to have implicit tagging, so
-+         * if tag != -1, then this looks like an error in the template.
-+         */
-+        if (tag != -1) {
-+            ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE);
-+            return -1;
-+        }
-         if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
-             return 0;
-         i = asn1_get_choice_selector(pval, it);
---- crypto/openssl/crypto/x509v3/v3_genn.c.orig
-+++ crypto/openssl/crypto/x509v3/v3_genn.c
-@@ -72,8 +72,9 @@
- IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME)
- 
- ASN1_SEQUENCE(EDIPARTYNAME) = {
--        ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
--        ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
-+        /* DirectoryString is a CHOICE type so use explicit tagging */
-+        ASN1_EXP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
-+        ASN1_EXP(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
- } ASN1_SEQUENCE_END(EDIPARTYNAME)
- 
- IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME)
-@@ -107,6 +108,37 @@
-                                     (char *)a);
- }
- 
-+static int edipartyname_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b)
-+{
-+    int res;
-+
-+    if (a == NULL || b == NULL) {
-+        /*
-+         * Shouldn't be possible in a valid GENERAL_NAME, but we handle it
-+         * anyway. OTHERNAME_cmp treats NULL != NULL so we do the same here
-+         */
-+        return -1;
-+    }
-+    if (a->nameAssigner == NULL && b->nameAssigner != NULL)
-+        return -1;
-+    if (a->nameAssigner != NULL && b->nameAssigner == NULL)
-+        return 1;
-+    /* If we get here then both have nameAssigner set, or both unset */
-+    if (a->nameAssigner != NULL) {
-+        res = ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner);
-+        if (res != 0)
-+            return res;
-+    }
-+    /*
-+     * partyName is required, so these should never be NULL. We treat it in
-+     * the same way as the a == NULL || b == NULL case above
-+     */
-+    if (a->partyName == NULL || b->partyName == NULL)
-+        return -1;
-+
-+    return ASN1_STRING_cmp(a->partyName, b->partyName);
-+}
-+
- /* Returns 0 if they are equal, != 0 otherwise. */
- int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
- {
-@@ -116,8 +148,11 @@
-         return -1;
-     switch (a->type) {
-     case GEN_X400:
-+        result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address);
-+        break;
-+
-     case GEN_EDIPARTY:
--        result = ASN1_TYPE_cmp(a->d.other, b->d.other);
-+        result = edipartyname_cmp(a->d.ediPartyName, b->d.ediPartyName);
-         break;
- 
-     case GEN_OTHERNAME:
-@@ -164,8 +199,11 @@
- {
-     switch (type) {
-     case GEN_X400:
-+        a->d.x400Address = value;
-+        break;
-+
-     case GEN_EDIPARTY:
--        a->d.other = value;
-+        a->d.ediPartyName = value;
-         break;
- 
-     case GEN_OTHERNAME:
-@@ -199,8 +237,10 @@
-         *ptype = a->type;
-     switch (a->type) {
-     case GEN_X400:
-+        return a->d.x400Address;
-+
-     case GEN_EDIPARTY:
--        return a->d.other;
-+        return a->d.ediPartyName;
- 
-     case GEN_OTHERNAME:
-         return a->d.otherName;
diff --git a/share/security/patches/SA-20:33/openssl.11.patch.asc b/share/security/patches/SA-20:33/openssl.11.patch.asc
deleted file mode 100644
index 04a1f67bc2..0000000000
--- a/share/security/patches/SA-20:33/openssl.11.patch.asc
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl/X1+ZfFIAAAAAALgAo
-aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
-MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
-5cLSXA/+POtmlmjt6rC2UhrW91eAxVENBcN8rzjtlHwMqaJuV1Hdj8lcIqcQQyKV
-8XpdgcyRGIG9XDCekFkwITtamuIYCl47Mmp8BB6aoY+o8WKRn7AcwjS3Wsk45YF0
-0sbw6quT71i7CeIDTQyI/ku3ovacFnDo+aZFN4M4xJ5ESj4RwPdEno6xatsBAaeQ
-3slF62D+i1oTKkC1e5dTcvB9H/dhm9tPUTIkuNXwJ7ba/UF8zacnRyfS4vyu+IxG
-Tu8tTSxoPxp74Khin1JhlL3qkcVZkRP5bDjan/Jilu88Oi/OE+WAQGIYVb9ozxwj
-DHrXPGw2tkqCwt+0Dz2sYPKyJc3ceGQHJqWljFNvGe8tRBIHqbg9ig1RJkTUMWw9
-y1bFILvzzEpgRT8dZe4pSarF/+0+O9CyXNBJOPQKVKpx/QOqEIWo5Ohcb6sE3cbo
-n2epPYiuvpthmZQLaHJ9x/Q/CiDy31SjandK9UF4pe3rg0IdJpH1UmoxaXYLsK6l
-LxbFqgv6xR/WOl+/Xhk7BQ6vC6C6wy3hgZ5XfziZJCH9jammciS13KcwGlc+s3we
-1qWHtiYxJyo8GeRQQwcGnyPb1LyxQ2ELbxjceCB7nVHyPQsVFtzJkCN6fH9sl7Pl
-7o+oX6amcXd5NLN8SoqH2A0yU/l5mMjky0XfD8wdkpemOMui7mo=
-=2k8P
------END PGP SIGNATURE-----
diff --git a/share/security/patches/SA-20:33/openssl.patch b/share/security/patches/SA-20:33/openssl.patch
deleted file mode 100644
index b58161fddd..0000000000
--- a/share/security/patches/SA-20:33/openssl.patch
+++ /dev/null
@@ -1,241 +0,0 @@
---- crypto/openssl/crypto/asn1/asn1_err.c.orig
-+++ crypto/openssl/crypto/asn1/asn1_err.c
-@@ -1,6 +1,6 @@
- /*
-  * Generated by util/mkerr.pl DO NOT EDIT
-- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
-+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
-  *
-  * Licensed under the OpenSSL license (the "License").  You may not use
-  * this file except in compliance with the License.  You can obtain a copy
-@@ -49,6 +49,7 @@
-      "asn1_item_embed_d2i"},
-     {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EMBED_NEW, 0),
-      "asn1_item_embed_new"},
-+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EX_I2D, 0), "ASN1_item_ex_i2d"},
-     {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_FLAGS_I2D, 0),
-      "asn1_item_flags_i2d"},
-     {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_I2D_BIO, 0), "ASN1_item_i2d_bio"},
-@@ -160,6 +161,7 @@
-     "asn1 sig parse error"},
-     {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_AUX_ERROR), "aux error"},
-     {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_OBJECT_HEADER), "bad object header"},
-+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_TEMPLATE), "bad template"},
-     {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BMPSTRING_IS_WRONG_LENGTH),
-     "bmpstring is wrong length"},
-     {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BN_LIB), "bn lib"},
---- crypto/openssl/crypto/asn1/tasn_dec.c.orig
-+++ crypto/openssl/crypto/asn1/tasn_dec.c
-@@ -182,6 +182,15 @@
-                                      tag, aclass, opt, ctx);
- 
-     case ASN1_ITYPE_MSTRING:
-+        /*
-+         * It never makes sense for multi-strings to have implicit tagging, so
-+         * if tag != -1, then this looks like an error in the template.
-+         */
-+        if (tag != -1) {
-+            ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_BAD_TEMPLATE);
-+            goto err;
-+        }
-+
-         p = *in;
-         /* Just read in tag and class */
-         ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
-@@ -199,6 +208,7 @@
-             ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL);
-             goto err;
-         }
-+
-         /* Check tag matches bit map */
-         if (!(ASN1_tag2bit(otag) & it->utype)) {
-             /* If OPTIONAL, assume this is OK */
-@@ -215,6 +225,15 @@
-         return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx);
- 
-     case ASN1_ITYPE_CHOICE:
-+        /*
-+         * It never makes sense for CHOICE types to have implicit tagging, so
-+         * if tag != -1, then this looks like an error in the template.
-+         */
-+        if (tag != -1) {
-+            ASN1err(ASN1_F_ASN1_ITEM_EMBED_D2I, ASN1_R_BAD_TEMPLATE);
-+            goto err;
-+        }
-+
-         if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
-             goto auxerr;
-         if (*pval) {
---- crypto/openssl/crypto/asn1/tasn_enc.c.orig
-+++ crypto/openssl/crypto/asn1/tasn_enc.c
-@@ -103,9 +103,25 @@
-         return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
- 
-     case ASN1_ITYPE_MSTRING:
-+        /*
-+         * It never makes sense for multi-strings to have implicit tagging, so
-+         * if tag != -1, then this looks like an error in the template.
-+         */
-+        if (tag != -1) {
-+            ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE);
-+            return -1;
-+        }
-         return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
- 
-     case ASN1_ITYPE_CHOICE:
-+        /*
-+         * It never makes sense for CHOICE types to have implicit tagging, so
-+         * if tag != -1, then this looks like an error in the template.
-+         */
-+        if (tag != -1) {
-+            ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE);
-+            return -1;
-+        }
-         if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
-             return 0;
-         i = asn1_get_choice_selector(pval, it);
---- crypto/openssl/crypto/err/openssl.txt.orig
-+++ crypto/openssl/crypto/err/openssl.txt
-@@ -36,6 +36,7 @@
- ASN1_F_ASN1_ITEM_DUP:191:ASN1_item_dup
- ASN1_F_ASN1_ITEM_EMBED_D2I:120:asn1_item_embed_d2i
- ASN1_F_ASN1_ITEM_EMBED_NEW:121:asn1_item_embed_new
-+ASN1_F_ASN1_ITEM_EX_I2D:144:ASN1_item_ex_i2d
- ASN1_F_ASN1_ITEM_FLAGS_I2D:118:asn1_item_flags_i2d
- ASN1_F_ASN1_ITEM_I2D_BIO:192:ASN1_item_i2d_bio
- ASN1_F_ASN1_ITEM_I2D_FP:193:ASN1_item_i2d_fp
-@@ -1771,6 +1772,7 @@
- ASN1_R_ASN1_SIG_PARSE_ERROR:204:asn1 sig parse error
- ASN1_R_AUX_ERROR:100:aux error
- ASN1_R_BAD_OBJECT_HEADER:102:bad object header
-+ASN1_R_BAD_TEMPLATE:230:bad template
- ASN1_R_BMPSTRING_IS_WRONG_LENGTH:214:bmpstring is wrong length
- ASN1_R_BN_LIB:105:bn lib
- ASN1_R_BOOLEAN_IS_WRONG_LENGTH:106:boolean is wrong length
---- crypto/openssl/crypto/x509v3/v3_genn.c.orig
-+++ crypto/openssl/crypto/x509v3/v3_genn.c
-@@ -22,8 +22,9 @@
- IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME)
- 
- ASN1_SEQUENCE(EDIPARTYNAME) = {
--        ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
--        ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
-+        /* DirectoryString is a CHOICE type so use explicit tagging */
-+        ASN1_EXP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
-+        ASN1_EXP(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
- } ASN1_SEQUENCE_END(EDIPARTYNAME)
- 
- IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME)
-@@ -57,6 +58,37 @@
-                                     (char *)a);
- }
- 
-+static int edipartyname_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b)
-+{
-+    int res;
-+
-+    if (a == NULL || b == NULL) {
-+        /*
-+         * Shouldn't be possible in a valid GENERAL_NAME, but we handle it
-+         * anyway. OTHERNAME_cmp treats NULL != NULL so we do the same here
-+         */
-+        return -1;
-+    }
-+    if (a->nameAssigner == NULL && b->nameAssigner != NULL)
-+        return -1;
-+    if (a->nameAssigner != NULL && b->nameAssigner == NULL)
-+        return 1;
-+    /* If we get here then both have nameAssigner set, or both unset */
-+    if (a->nameAssigner != NULL) {
-+        res = ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner);
-+        if (res != 0)
-+            return res;
-+    }
-+    /*
-+     * partyName is required, so these should never be NULL. We treat it in
-+     * the same way as the a == NULL || b == NULL case above
-+     */
-+    if (a->partyName == NULL || b->partyName == NULL)
-+        return -1;
-+
-+    return ASN1_STRING_cmp(a->partyName, b->partyName);
-+}
-+
- /* Returns 0 if they are equal, != 0 otherwise. */
- int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
- {
-@@ -66,8 +98,11 @@
-         return -1;
-     switch (a->type) {
-     case GEN_X400:
-+        result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address);
-+        break;
-+
-     case GEN_EDIPARTY:
--        result = ASN1_TYPE_cmp(a->d.other, b->d.other);
-+        result = edipartyname_cmp(a->d.ediPartyName, b->d.ediPartyName);
-         break;
- 
-     case GEN_OTHERNAME:
-@@ -114,8 +149,11 @@
- {
-     switch (type) {
-     case GEN_X400:
-+        a->d.x400Address = value;
-+        break;
-+
-     case GEN_EDIPARTY:
--        a->d.other = value;
-+        a->d.ediPartyName = value;
-         break;
- 
-     case GEN_OTHERNAME:
-@@ -149,8 +187,10 @@
-         *ptype = a->type;
-     switch (a->type) {
-     case GEN_X400:
-+        return a->d.x400Address;
-+
-     case GEN_EDIPARTY:
--        return a->d.other;
-+        return a->d.ediPartyName;
- 
-     case GEN_OTHERNAME:
-         return a->d.otherName;
---- crypto/openssl/include/openssl/asn1err.h.orig
-+++ crypto/openssl/include/openssl/asn1err.h
-@@ -1,6 +1,6 @@
- /*
-  * Generated by util/mkerr.pl DO NOT EDIT
-- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
-+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
-  *
-  * Licensed under the OpenSSL license (the "License").  You may not use
-  * this file except in compliance with the License.  You can obtain a copy
-@@ -11,9 +11,7 @@
- #ifndef HEADER_ASN1ERR_H
- # define HEADER_ASN1ERR_H
- 
--# ifndef HEADER_SYMHACKS_H
--#  include <openssl/symhacks.h>
--# endif
-+# include <openssl/symhacks.h>
- 
- # ifdef  __cplusplus
- extern "C"
-@@ -53,6 +51,7 @@
- # define ASN1_F_ASN1_ITEM_DUP                             191
- # define ASN1_F_ASN1_ITEM_EMBED_D2I                       120
- # define ASN1_F_ASN1_ITEM_EMBED_NEW                       121
-+# define ASN1_F_ASN1_ITEM_EX_I2D                          144
- # define ASN1_F_ASN1_ITEM_FLAGS_I2D                       118
- # define ASN1_F_ASN1_ITEM_I2D_BIO                         192
- # define ASN1_F_ASN1_ITEM_I2D_FP                          193
-@@ -145,6 +144,7 @@
- # define ASN1_R_ASN1_SIG_PARSE_ERROR                      204
- # define ASN1_R_AUX_ERROR                                 100
- # define ASN1_R_BAD_OBJECT_HEADER                         102
-+# define ASN1_R_BAD_TEMPLATE                              230
- # define ASN1_R_BMPSTRING_IS_WRONG_LENGTH                 214
- # define ASN1_R_BN_LIB                                    105
- # define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                   106
diff --git a/share/security/patches/SA-20:33/openssl.patch.asc b/share/security/patches/SA-20:33/openssl.patch.asc
deleted file mode 100644
index c6de85f2ed..0000000000
--- a/share/security/patches/SA-20:33/openssl.patch.asc
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl/P6+1fFIAAAAAALgAo
-aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
-MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
-5cLdXw//SUwKJmX7xk+EKpdbwlird/Jmo0WcvyOqtegU+Oxaq0Tg9XaovBjnPgUJ
-QPWA9qphvMMxcdmwpdlZCf5ulz0rlIrXEn41kaowPMy5t3hqF5KwF66d09wilrPG
-W89u3WCg4krKOw4UAEq1lkAOo1aFdQWkN3+0pJaERG5+HitWEqPwl5t+XpTsu82a
-0YY2HNC4vcNyzpLT35VBtSGDoIME11om/i69Kbh9eBk/Ohllw213d2TGWYv6/JqO
-ImQ9H9riYngzXOWAEauSzR5GLLVw1pxV11iXe3eXwWb6/zY5BUipXJ9Q+Jip8H/N
-RT+WMNWZVibmhu3t1gn1d4wsT3LMWXi5Ew+T2tzY71wnMTUIDWEOAaw1jdSWDe25
-5F+ygfTmSZOWEd7UmugwL28N5yjil6aI7LCH9SiM0dOZRGlXv66CIIyBOQjIjVsg
-BRw99pEiSjmNgwtBBaU0enXaZB+z25iFgJwuBZaCMd8povPWnmTE1QYQ2jPzW+kJ
-o0jXistXHYh4omjruV8Y3qssxNuuQj9juUJHgUsuhWukDyR6p36Yc9iLXozvpbT2
-bGnyvfO/QrDSgV1QfGxRCjaLhSpCltpjAfWXxV7OJeVongB/ECXjVgDEC+T4FOXX
-TCmO0eEglt7c3wIk0sg5q2LGy6+owftBK+v0e423jjVJzsphukk=
-=MbZV
------END PGP SIGNATURE-----