forked from rpms/openssl
- don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG in SSL_OP_ALL
(#175779)
This commit is contained in:
Tomáš Mráz
parent
6a4a9c2005
commit
f1d9cb4f96
20
openssl-0.9.8a-reuse-cipher-change.patch
Normal file
20
openssl-0.9.8a-reuse-cipher-change.patch
Normal file
@ -0,0 +1,20 @@
|
||||
--- openssl-0.9.8a/ssl/ssl.h.cipher-change 2005-11-22 16:36:22.000000000 +0100
|
||||
+++ openssl-0.9.8a/ssl/ssl.h 2005-12-15 11:28:05.000000000 +0100
|
||||
@@ -477,7 +477,7 @@
|
||||
|
||||
#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
|
||||
#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
|
||||
-#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
|
||||
+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L /* can break some security expectations */
|
||||
#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
|
||||
#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
|
||||
#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */
|
||||
@@ -494,7 +494,7 @@
|
||||
|
||||
/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
|
||||
* This used to be 0x000FFFFFL before 0.9.7. */
|
||||
-#define SSL_OP_ALL 0x00000FFFL
|
||||
+#define SSL_OP_ALL 0x00000FF7L /* without SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG */
|
||||
|
||||
/* DTLS options */
|
||||
#define SSL_OP_NO_QUERY_MTU 0x00001000L
|
||||
@ -23,7 +23,7 @@
|
||||
Summary: The OpenSSL toolkit.
|
||||
Name: openssl
|
||||
Version: 0.9.8a
|
||||
Release: 4.1
|
||||
Release: 5
|
||||
Source: openssl-%{version}-usa.tar.bz2
|
||||
Source1: hobble-openssl
|
||||
Source2: Makefile.certificate
|
||||
@ -55,6 +55,7 @@ Patch34: openssl-0.9.6-x509.patch
|
||||
Patch35: openssl-0.9.7-beta5-version-add-engines.patch
|
||||
Patch36: openssl-0.9.8a-use-poll.patch
|
||||
Patch37: openssl-0.9.8a-no-builtin-comp.patch
|
||||
Patch38: openssl-0.9.8a-reuse-cipher-change.patch
|
||||
# Backported fixes including security fixes
|
||||
|
||||
License: BSDish
|
||||
@ -119,6 +120,7 @@ popd
|
||||
%patch35 -p1 -b .version-add-engines
|
||||
%patch36 -p1 -b .use-poll
|
||||
%patch37 -p1 -b .no-builtin-comp
|
||||
%patch38 -p1 -b .cipher-change
|
||||
|
||||
# Modify the various perl scripts to reference perl in the right location.
|
||||
perl util/perlpath.pl `dirname %{__perl}`
|
||||
@ -380,6 +382,10 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libssl.so.%{soversion}
|
||||
%postun -p /sbin/ldconfig
|
||||
|
||||
%changelog
|
||||
* Thu Dec 15 2005 Tomas Mraz <tmraz@redhat.com> 0.9.8a-5
|
||||
- don't include SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
|
||||
in SSL_OP_ALL (#175779)
|
||||
|
||||
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
|
||||
- rebuilt
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user