bakabtw/packages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

disable SSLv2

Browse Source 
git-svn-id: svn://svn.openwrt.org/openwrt/packages@5843 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
nico 2006-12-18 17:07:01 +00:00
parent 2a2579dadc
commit fc340f1e60
3 changed files with 111 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
admin/monit/patches/01-no_sslv2.patch Normal file
View File

@ -0,0 +1,16 @@
diff -ruN monit-4.6-old/ssl.c monit-4.6-new/ssl.c
--- monit-4.6-old/ssl.c 2005-08-07 22:26:47.000000000 +0200
+++ monit-4.6-new/ssl.c 2006-12-18 11:18:46.000000000 +0100
@@ -1367,10 +1367,12 @@
ssl->method = SSLv23_client_method();
break;
+#ifndef OPENSSL_NO_SSL2
case SSL_VERSION_SSLV2:
ssl->method = SSLv2_client_method();
break;
+#endif
case SSL_VERSION_SSLV3:

45
net/rrs/patches/02-no_sslv2.patch Normal file
View File

@ -0,0 +1,45 @@
diff -ruN rrs-1.70-old/rrs.c rrs-1.70-new/rrs.c
--- rrs-1.70-old/rrs.c 2006-12-18 11:41:42.000000000 +0100
+++ rrs-1.70-new/rrs.c 2006-12-18 11:53:43.000000000 +0100
@@ -1826,9 +1826,12 @@
}
rrs_ssl = TLSv1;
if (optarg) {
+#ifndef OPENSSL_NO_SSL2
if (!strcasecmp(optarg, "SSLv2")) {
rrs_ssl = SSLv2;
- } else if (!strcasecmp(optarg, "SSLv3")) {
+ } else
+#endif
+ if (!strcasecmp(optarg, "SSLv3")) {
rrs_ssl = SSLv3;
} else if (!strcasecmp(optarg, "TLSv1")) {
rrs_ssl = TLSv1;
@@ -1981,9 +1984,12 @@
SSL_load_error_strings();
if (rrs_listen) {
+#ifndef OPENSSL_NO_SSL2
if (rrs_ssl == SSLv2) {
sslmethod = SSLv2_server_method();
- } else if (rrs_ssl == SSLv3) {
+ } else
+#endif
+ if (rrs_ssl == SSLv3) {
sslmethod = SSLv3_server_method();
} else if (rrs_ssl == TLSv1) {
sslmethod = TLSv1_server_method();
@@ -1992,9 +1998,12 @@
return err_generic;
}
} else {
+#ifndef OPENSSL_NO_SSL2
if (rrs_ssl == SSLv2) {
sslmethod = SSLv2_client_method();
- } else if (rrs_ssl == SSLv3) {
+ } else
+#endif
+ if (rrs_ssl == SSLv3) {
sslmethod = SSLv3_client_method();
} else if (rrs_ssl == TLSv1) {
sslmethod = TLSv1_client_method();

50
net/socat/patches/502-no_sslv2.patch Normal file
View File

@ -0,0 +1,50 @@
diff -ruN socat-1.4-old/sslcls.c socat-1.4-new/sslcls.c
--- socat-1.4-old/sslcls.c 2005-03-12 19:06:54.000000000 +0100
+++ socat-1.4-new/sslcls.c 2006-12-18 12:26:32.000000000 +0100
@@ -35,6 +35,7 @@
return result;
}
+#ifndef OPENSSL_NO_SSL2
SSL_METHOD *sycSSLv2_client_method(void) {
SSL_METHOD *result;
Debug("SSLv2_client_method()");
@@ -50,6 +51,7 @@
Debug1("SSLv2_server_method() -> %p", result);
return result;
}
+#endif
SSL_METHOD *sycSSLv3_client_method(void) {
SSL_METHOD *result;
diff -ruN socat-1.4-old/xio-openssl.c socat-1.4-new/xio-openssl.c
--- socat-1.4-old/xio-openssl.c 2005-09-04 11:40:45.000000000 +0200
+++ socat-1.4-new/xio-openssl.c 2006-12-18 12:27:17.000000000 +0100
@@ -612,9 +612,12 @@
if (!server) {
if (me_str != 0) {
+#ifndef OPENSSL_NO_SSL2
if (!strcasecmp(me_str, "SSLv2") || !strcasecmp(me_str, "SSL2")) {
method = sycSSLv2_client_method();
- } else if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) {
+ } else
+#endif
+ if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) {
method = sycSSLv3_client_method();
} else if (!strcasecmp(me_str, "SSLv23") || !strcasecmp(me_str, "SSL23") ||
!strcasecmp(me_str, "SSL")) {
@@ -631,9 +634,12 @@
}
} else /* server */ {
if (me_str != 0) {
+#ifndef OPENSSL_NO_SSL2
if (!strcasecmp(me_str, "SSLv2") || !strcasecmp(me_str, "SSL2")) {
method = sycSSLv2_server_method();
- } else if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) {
+ } else
+#endif
+ if (!strcasecmp(me_str, "SSLv3") || !strcasecmp(me_str, "SSL3")) {
method = sycSSLv3_server_method();
} else if (!strcasecmp(me_str, "SSLv23") || !strcasecmp(me_str, "SSL23") ||
!strcasecmp(me_str, "SSL")) {