Fixes default tls version patch to handle default values from OpenSSL crypto policies
This commit is contained in:
parent
cf3d71fba4
commit
4130928dd2
@ -10,9 +10,21 @@
|
|||||||
#endif /* defined PROTOTYPES_H */
|
#endif /* defined PROTOTYPES_H */
|
||||||
|
|
||||||
/* end of prototypes.h */
|
/* end of prototypes.h */
|
||||||
--- stunnel-5.56/src/options.c.default-tls-version 2020-04-06 11:14:41.993334510 +0200
|
--- stunnel-5.56/src/options.c.default-tls-version 2020-04-06 18:58:48.947214149 +0200
|
||||||
+++ stunnel-5.56/src/options.c 2020-04-06 11:22:37.393391977 +0200
|
+++ stunnel-5.56/src/options.c 2020-04-08 15:45:18.093520780 +0200
|
||||||
@@ -3142,7 +3142,10 @@ NOEXPORT char *parse_service_option(CMD
|
@@ -3123,8 +3123,9 @@ NOEXPORT char *parse_service_option(CMD
|
||||||
|
return "Invalid protocol version";
|
||||||
|
return NULL; /* OK */
|
||||||
|
case CMD_INITIALIZE:
|
||||||
|
- if(section->max_proto_version && section->min_proto_version &&
|
||||||
|
- section->max_proto_version<section->min_proto_version)
|
||||||
|
+ if(section->max_proto_version != USE_DEFAULT_TLS_VERSION
|
||||||
|
+ && section->min_proto_version != USE_DEFAULT_TLS_VERSION
|
||||||
|
+ && section->max_proto_version<section->min_proto_version)
|
||||||
|
return "Invalid protocol version range";
|
||||||
|
break;
|
||||||
|
case CMD_PRINT_DEFAULTS:
|
||||||
|
@@ -3142,7 +3143,10 @@ NOEXPORT char *parse_service_option(CMD
|
||||||
/* sslVersionMax */
|
/* sslVersionMax */
|
||||||
switch(cmd) {
|
switch(cmd) {
|
||||||
case CMD_SET_DEFAULTS:
|
case CMD_SET_DEFAULTS:
|
||||||
@ -24,7 +36,7 @@
|
|||||||
break;
|
break;
|
||||||
case CMD_SET_COPY:
|
case CMD_SET_COPY:
|
||||||
section->max_proto_version=new_service_options.max_proto_version;
|
section->max_proto_version=new_service_options.max_proto_version;
|
||||||
@@ -3173,7 +3176,10 @@ NOEXPORT char *parse_service_option(CMD
|
@@ -3173,7 +3177,10 @@ NOEXPORT char *parse_service_option(CMD
|
||||||
/* sslVersionMin */
|
/* sslVersionMin */
|
||||||
switch(cmd) {
|
switch(cmd) {
|
||||||
case CMD_SET_DEFAULTS:
|
case CMD_SET_DEFAULTS:
|
||||||
|
@ -10,7 +10,7 @@
|
|||||||
Summary: A TLS-encrypting socket wrapper
|
Summary: A TLS-encrypting socket wrapper
|
||||||
Name: stunnel
|
Name: stunnel
|
||||||
Version: 5.56
|
Version: 5.56
|
||||||
Release: 5%{?dist}
|
Release: 6%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
URL: http://www.stunnel.org/
|
URL: http://www.stunnel.org/
|
||||||
Source0: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz
|
Source0: https://www.stunnel.org/downloads/stunnel-%{version}.tar.gz
|
||||||
@ -138,6 +138,9 @@ make test || (for i in tests/logs/*.log ; do echo "$i": ; cat "$i" ; done)
|
|||||||
%systemd_postun_with_restart %{name}.service
|
%systemd_postun_with_restart %{name}.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Apr 08 2020 Sahana Prasad <sahana@redhat.com> - 5.56-6
|
||||||
|
- Fixes default tls version patch to handle default values from OpenSSL crypto policies
|
||||||
|
|
||||||
* Mon Apr 06 2020 Sahana Prasad <sahana@redhat.com> - 5.56-5
|
* Mon Apr 06 2020 Sahana Prasad <sahana@redhat.com> - 5.56-5
|
||||||
- Removes warnings caused by the patch
|
- Removes warnings caused by the patch
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user