net/znc: get rid of SSLv3

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

net/znc: get rid of SSLv3

Jeremie Courreges-Anglas-2

Similar to most ports update today.  Note the "fall-through"s in the
switch statement.

ok?

Index: patches/patch-src_Csocket_cpp
===================================================================
RCS file: /cvs/ports/net/znc/patches/patch-src_Csocket_cpp,v
retrieving revision 1.2
diff -u -p -r1.2 patch-src_Csocket_cpp
--- patches/patch-src_Csocket_cpp 15 May 2015 06:47:27 -0000 1.2
+++ patches/patch-src_Csocket_cpp 19 Jul 2015 01:58:54 -0000
@@ -1,6 +1,6 @@
 $OpenBSD: patch-src_Csocket_cpp,v 1.2 2015/05/15 06:47:27 ajacoutot Exp $
---- src/Csocket.cpp.orig Thu May 14 23:10:24 2015
-+++ src/Csocket.cpp Thu May 14 23:11:00 2015
+--- src/Csocket.cpp.orig Thu Feb 12 13:51:46 2015
++++ src/Csocket.cpp Sat Jul 18 19:48:40 2015
 @@ -47,6 +47,7 @@
  #include <stdio.h>
  #include <openssl/conf.h>
@@ -9,3 +9,35 @@ $OpenBSD: patch-src_Csocket_cpp,v 1.2 20
  #endif /* HAVE_LIBSSL */
 
  #ifdef HAVE_ICU
+@@ -1464,6 +1465,7 @@ bool Csock::SSLClientSetup()
+ switch( m_iMethod )
+ {
+ case SSL3:
++#ifndef OPENSSL_NO_SSL3
+ m_ssl_ctx = SSL_CTX_new( SSLv3_client_method() );
+ if( !m_ssl_ctx )
+ {
+@@ -1471,6 +1473,7 @@ bool Csock::SSLClientSetup()
+ return( false );
+ }
+ break;
++#endif /* OPENSSL_NO_SSL3 */
+ case TLS12:
+ #if defined( TLS1_2_VERSION ) && defined( OPENSSL_VERSION_NUMBER ) && OPENSSL_VERSION_NUMBER >= 0x1000100f
+ m_ssl_ctx = SSL_CTX_new( TLSv1_2_client_method() );
+@@ -1586,6 +1589,7 @@ SSL_CTX * Csock::SetupServerCTX()
+ switch( m_iMethod )
+ {
+ case SSL3:
++#ifndef OPENSSL_NO_SSL3
+ pCTX = SSL_CTX_new( SSLv3_server_method() );
+ if( !pCTX )
+ {
+@@ -1593,6 +1597,7 @@ SSL_CTX * Csock::SetupServerCTX()
+ return( NULL );
+ }
+ break;
++#endif
+ case TLS12:
+ #if defined( TLS1_2_VERSION ) && defined( OPENSSL_VERSION_NUMBER ) && OPENSSL_VERSION_NUMBER >= 0x1000100f
+ pCTX = SSL_CTX_new( TLSv1_2_server_method() );


--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Reply | Threaded
Open this post in threaded view
|

Re: net/znc: get rid of SSLv3

Jeremie Courreges-Anglas-2
[hidden email] (Jérémie Courrèges-Anglas) writes:

> Similar to most ports update today.  Note the "fall-through"s in the
> switch statement.
>
> ok?

Please disregard this diff; it doesn't work as advertised.  I'll leave
the SSLv3 problem to Brad.

--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE