diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2018-10-30 10:12:35 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2018-11-07 16:46:10 +0000 |
| commit | 9c960af877a03bad65fa2a54ba7cd2dfb4e5d63a (patch) | |
| tree | 2c0a35582e3b9cb62551596d3f70166872319feb /main/partimage/Use-SSLv3-by-default.patch | |
| parent | dc40601472596cd3c5f186c979a76140c5a6a42d (diff) | |
| download | aports-9c960af877a03bad65fa2a54ba7cd2dfb4e5d63a.tar.bz2 aports-9c960af877a03bad65fa2a54ba7cd2dfb4e5d63a.tar.xz | |
main/partimage: rebuild against openssl 1.1
Diffstat (limited to 'main/partimage/Use-SSLv3-by-default.patch')
| -rw-r--r-- | main/partimage/Use-SSLv3-by-default.patch | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/main/partimage/Use-SSLv3-by-default.patch b/main/partimage/Use-SSLv3-by-default.patch new file mode 100644 index 0000000000..cf219957e6 --- /dev/null +++ b/main/partimage/Use-SSLv3-by-default.patch @@ -0,0 +1,80 @@ +From 8b05af027723ff3a64040275d4050ff0e992d629 Mon Sep 17 00:00:00 2001 +From: Marko Kohtala <marko.kohtala@gmail.com> +Date: Sun, 9 Feb 2014 22:54:11 +0200 +Subject: [PATCH] Use SSLv3 by default + +SSLv2_client_method may be hidden. Use the SSLv23_client_method instead. + +This is a fix from Debian package partimage-0.6.8-2.2. + +Signed-off-by: Marko Kohtala <marko.kohtala@gmail.com> +--- + src/client/netclient.cpp | 3 +-- + src/client/netclient.h | 6 ------ + src/server/netserver.cpp | 3 +-- + src/server/netserver.h | 6 ------ + 4 files changed, 2 insertions(+), 16 deletions(-) + +diff --git a/src/client/netclient.cpp b/src/client/netclient.cpp +index 30b8d5c..43b2672 100644 +--- a/src/client/netclient.cpp ++++ b/src/client/netclient.cpp +@@ -43,9 +43,8 @@ CNetClient::CNetClient(bool bMustLogin, bool bUseSSL):CNet() + { + showDebug(3, "initializing client ssl\n"); + SSLeay_add_ssl_algorithms(); +- meth = SSLv2_client_method(); + SSL_load_error_strings(); +- ctx = SSL_CTX_new(meth); ++ ctx = SSL_CTX_new(SSLv23_client_method()); + if (!ctx) + THROW(ERR_SSL_CTX); + m_bUseSSL = (ctx != NULL); +diff --git a/src/client/netclient.h b/src/client/netclient.h +index 8423798..9d98b39 100644 +--- a/src/client/netclient.h ++++ b/src/client/netclient.h +@@ -35,12 +35,6 @@ class CNetClient : public CNet + #ifdef HAVE_SSL + SSL_CTX * ctx; + X509 * server_cert; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L +- SSL_METHOD const * meth; +-#else +- SSL_METHOD * meth; +-#endif // OPENSSL_VERSION_NUMBER +- + #endif + bool m_bUseSSL; + bool m_bMustLogin; +diff --git a/src/server/netserver.cpp b/src/server/netserver.cpp +index a542760..28c43cc 100644 +--- a/src/server/netserver.cpp ++++ b/src/server/netserver.cpp +@@ -39,8 +39,7 @@ CNetServer::CNetServer( uint32_t ip4_addr, unsigned short int port):CNet() + { + SSL_load_error_strings(); + SSLeay_add_ssl_algorithms(); +- meth = SSLv23_server_method(); +- ctx = SSL_CTX_new(meth); ++ ctx = SSL_CTX_new(SSLv23_server_method()); + if (!ctx) + { + ERR_print_errors_fp(stderr); +diff --git a/src/server/netserver.h b/src/server/netserver.h +index 01f6b6c..29d2a32 100644 +--- a/src/server/netserver.h ++++ b/src/server/netserver.h +@@ -41,12 +41,6 @@ class CNetServer : public CNet + #ifdef HAVE_SSL + SSL_CTX * ctx; + X509 * client_cert; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L +- SSL_METHOD const * meth; +-#else +- SSL_METHOD * meth; +-#endif // OPENSSL_VERSION_NUMBER +- + int err; + #endif + |