aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--security/openssl/Makefile4
-rw-r--r--security/openssl/files-beta/patch-CAN-2005-296928
-rw-r--r--security/openssl/files/patch-CAN-2005-296928
3 files changed, 58 insertions, 2 deletions
diff --git a/security/openssl/Makefile b/security/openssl/Makefile
index d0c493ee2a6f..9e56a7990d62 100644
--- a/security/openssl/Makefile
+++ b/security/openssl/Makefile
@@ -12,10 +12,10 @@ PORTREVISION!= date -v-1d +%Y%m%d
.else
.if !defined(WITH_OPENSSL_BETA) && defined(WITH_OPENSSL_097)
PORTVERSION= 0.9.7g
-PORTREVISION?= 0
+PORTREVISION?= 1
.else
PORTVERSION= 0.9.8
-PORTREVISION?= 1
+PORTREVISION?= 2
.endif
.endif
CATEGORIES= security devel
diff --git a/security/openssl/files-beta/patch-CAN-2005-2969 b/security/openssl/files-beta/patch-CAN-2005-2969
new file mode 100644
index 000000000000..32a6230b3e48
--- /dev/null
+++ b/security/openssl/files-beta/patch-CAN-2005-2969
@@ -0,0 +1,28 @@
+Index: crypto/openssl/ssl/s23_srvr.c
+===================================================================
+RCS file: /home/ncvs/src/crypto/openssl/ssl/s23_srvr.c,v
+retrieving revision 1.7
+diff -u -p -r1.7 s23_srvr.c
+--- ssl/s23_srvr.c 28 Jan 2003 22:34:21 -0000 1.7
++++ ssl/s23_srvr.c 10 Oct 2005 16:39:19 -0000
+@@ -268,9 +268,6 @@ int ssl23_get_client_hello(SSL *s)
+ int n=0,j;
+ int type=0;
+ int v[2];
+-#ifndef OPENSSL_NO_RSA
+- int use_sslv2_strong=0;
+-#endif
+
+ if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
+ {
+@@ -519,9 +516,7 @@ int ssl23_get_client_hello(SSL *s)
+ }
+
+ s->state=SSL2_ST_GET_CLIENT_HELLO_A;
+- if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
+- use_sslv2_strong ||
+- (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
++ if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
+ s->s2->ssl2_rollback=0;
+ else
+ /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
diff --git a/security/openssl/files/patch-CAN-2005-2969 b/security/openssl/files/patch-CAN-2005-2969
new file mode 100644
index 000000000000..32a6230b3e48
--- /dev/null
+++ b/security/openssl/files/patch-CAN-2005-2969
@@ -0,0 +1,28 @@
+Index: crypto/openssl/ssl/s23_srvr.c
+===================================================================
+RCS file: /home/ncvs/src/crypto/openssl/ssl/s23_srvr.c,v
+retrieving revision 1.7
+diff -u -p -r1.7 s23_srvr.c
+--- ssl/s23_srvr.c 28 Jan 2003 22:34:21 -0000 1.7
++++ ssl/s23_srvr.c 10 Oct 2005 16:39:19 -0000
+@@ -268,9 +268,6 @@ int ssl23_get_client_hello(SSL *s)
+ int n=0,j;
+ int type=0;
+ int v[2];
+-#ifndef OPENSSL_NO_RSA
+- int use_sslv2_strong=0;
+-#endif
+
+ if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
+ {
+@@ -519,9 +516,7 @@ int ssl23_get_client_hello(SSL *s)
+ }
+
+ s->state=SSL2_ST_GET_CLIENT_HELLO_A;
+- if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
+- use_sslv2_strong ||
+- (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
++ if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
+ s->s2->ssl2_rollback=0;
+ else
+ /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0