security/libressl-devel: Fix ECDSA P-256 timing attack vuln

- Add patch from LibreSSL github

MFH:		2017Q1
Security:	7caebe30-d7f1-11e6-a9a5-b499baebfeaf
Security:	CVE-2016-7056

security/libressl-devel/Makefile

@@ -3,6 +3,7 @@
 
 PORTNAME=	libressl
 PORTVERSION=	2.5.0
+PORTREVISION=	1
 CATEGORIES=	security devel
 MASTER_SITES=	OPENBSD/LibreSSL
 PKGNAMESUFFIX=	-devel

security/libressl-devel/files/patch-CVE-2016-7056

@@ -0,0 +1,33 @@
+From 3585681bd8ac343b7c357a932c9577988bca86b0 Mon Sep 17 00:00:00 2001
+From: jsing <>
+Date: Thu, 5 Jan 2017 13:25:52 +0000
+Subject: [PATCH] Avoid a side-channel cache-timing attack that can leak the
+ ECDSA private keys when signing. This is due to BN_mod_inverse() being used
+ without the constant time flag being set.
+
+This issue was reported by Cesar Pereida Garcia and Billy Brumley
+(Tampere University of Technology). The fix was developed by Cesar Pereida
+Garcia.
+---
+ src/lib/libcrypto/ecdsa/ecs_ossl.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib/libcrypto/ecdsa/ecs_ossl.c b/src/lib/libcrypto/ecdsa/ecs_ossl.c
+index b03b1fb..9e23b88 100644
+--- crypto/ecdsa/ecs_ossl.c
++++ crypto/ecdsa/ecs_ossl.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: ecs_ossl.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
++/* $OpenBSD: ecs_ossl.c,v 1.6 2015/02/08 13:35:07 jsing Exp $ */
+ /*
+  * Written by Nils Larsch for the OpenSSL project
+  */
+@@ -142,6 +142,8 @@ ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
+ 			if (!BN_add(k, k, order))
+ 				goto err;
+ 
++		BN_set_flags(k, BN_FLG_CONSTTIME);
++
+ 		/* compute r the x-coordinate of generator * k */
+ 		if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {
+ 			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);