diff options
| author | Dirk Meyer <dinoex@FreeBSD.org> | 2005-10-12 10:49:33 +0000 |
|---|---|---|
| committer | Dirk Meyer <dinoex@FreeBSD.org> | 2005-10-12 10:49:33 +0000 |
| commit | 2b3ef4dcb2768edab27a19fc9ccf0a17159230dc (patch) | |
| tree | 53d8bfc22a87dc26c2cb5e3790263c390191dc6d /security/openssl | |
| parent | 1899843f04c449b988b81a3396e220dcf0e86d87 (diff) | |
| download | ports-2b3ef4dcb2768edab27a19fc9ccf0a17159230dc.tar.gz ports-2b3ef4dcb2768edab27a19fc9ccf0a17159230dc.zip | |
Notes
Diffstat (limited to 'security/openssl')
| -rw-r--r-- | security/openssl/Makefile | 4 | ||||
| -rw-r--r-- | security/openssl/files-beta/patch-CAN-2005-2969 | 28 | ||||
| -rw-r--r-- | security/openssl/files/patch-CAN-2005-2969 | 28 |
3 files changed, 58 insertions, 2 deletions
diff --git a/security/openssl/Makefile b/security/openssl/Makefile index d0c493ee2a6f..9e56a7990d62 100644 --- a/security/openssl/Makefile +++ b/security/openssl/Makefile @@ -12,10 +12,10 @@ PORTREVISION!= date -v-1d +%Y%m%d .else .if !defined(WITH_OPENSSL_BETA) && defined(WITH_OPENSSL_097) PORTVERSION= 0.9.7g -PORTREVISION?= 0 +PORTREVISION?= 1 .else PORTVERSION= 0.9.8 -PORTREVISION?= 1 +PORTREVISION?= 2 .endif .endif CATEGORIES= security devel diff --git a/security/openssl/files-beta/patch-CAN-2005-2969 b/security/openssl/files-beta/patch-CAN-2005-2969 new file mode 100644 index 000000000000..32a6230b3e48 --- /dev/null +++ b/security/openssl/files-beta/patch-CAN-2005-2969 @@ -0,0 +1,28 @@ +Index: crypto/openssl/ssl/s23_srvr.c +=================================================================== +RCS file: /home/ncvs/src/crypto/openssl/ssl/s23_srvr.c,v +retrieving revision 1.7 +diff -u -p -r1.7 s23_srvr.c +--- ssl/s23_srvr.c 28 Jan 2003 22:34:21 -0000 1.7 ++++ ssl/s23_srvr.c 10 Oct 2005 16:39:19 -0000 +@@ -268,9 +268,6 @@ int ssl23_get_client_hello(SSL *s) + int n=0,j; + int type=0; + int v[2]; +-#ifndef OPENSSL_NO_RSA +- int use_sslv2_strong=0; +-#endif + + if (s->state == SSL23_ST_SR_CLNT_HELLO_A) + { +@@ -519,9 +516,7 @@ int ssl23_get_client_hello(SSL *s) + } + + s->state=SSL2_ST_GET_CLIENT_HELLO_A; +- if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || +- use_sslv2_strong || +- (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)) ++ if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3) + s->s2->ssl2_rollback=0; + else + /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 diff --git a/security/openssl/files/patch-CAN-2005-2969 b/security/openssl/files/patch-CAN-2005-2969 new file mode 100644 index 000000000000..32a6230b3e48 --- /dev/null +++ b/security/openssl/files/patch-CAN-2005-2969 @@ -0,0 +1,28 @@ +Index: crypto/openssl/ssl/s23_srvr.c +=================================================================== +RCS file: /home/ncvs/src/crypto/openssl/ssl/s23_srvr.c,v +retrieving revision 1.7 +diff -u -p -r1.7 s23_srvr.c +--- ssl/s23_srvr.c 28 Jan 2003 22:34:21 -0000 1.7 ++++ ssl/s23_srvr.c 10 Oct 2005 16:39:19 -0000 +@@ -268,9 +268,6 @@ int ssl23_get_client_hello(SSL *s) + int n=0,j; + int type=0; + int v[2]; +-#ifndef OPENSSL_NO_RSA +- int use_sslv2_strong=0; +-#endif + + if (s->state == SSL23_ST_SR_CLNT_HELLO_A) + { +@@ -519,9 +516,7 @@ int ssl23_get_client_hello(SSL *s) + } + + s->state=SSL2_ST_GET_CLIENT_HELLO_A; +- if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || +- use_sslv2_strong || +- (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)) ++ if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3) + s->s2->ssl2_rollback=0; + else + /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 |