Unconditionally remove SSLv2 support. Bump revision.

2016-03-29 22:01:13 +00:00 · 2016-03-29 22:01:13 +00:00 · af1ea28464
commit af1ea28464
parent 169a80a903
3 changed files with 22 additions and 23 deletions
--- a/net/pen/Makefile
+++ b/net/pen/Makefile
@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.19 2016/03/05 11:29:10 jperkin Exp $
+# $NetBSD: Makefile,v 1.20 2016/03/29 22:01:13 joerg Exp $

 DISTNAME=	pen-0.17.2
-PKGREVISION=	4
+PKGREVISION=	5
 CATEGORIES=	net
 MASTER_SITES=	http://siag.nu/pub/pen/

--- a/net/pen/distinfo
+++ b/net/pen/distinfo
@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.11 2016/03/29 21:46:48 khorben Exp $
+$NetBSD: distinfo,v 1.12 2016/03/29 22:01:13 joerg Exp $

 SHA1 (pen-0.17.2.tar.gz) = 7277259c552b659ece6fef1d4bc55ca9fd927488
 RMD160 (pen-0.17.2.tar.gz) = 3e7152cad72f3893c171db8e1c85cae37418aeb6
 SHA512 (pen-0.17.2.tar.gz) = c84057ab6226f84cc3f024cf25bfb941be297fff42b2d027ad738ea8e7aaa88fec18668152c8dc283b19c93cd8ef8766430ef865d75a701dc1117148751e200a
 Size (pen-0.17.2.tar.gz) = 129285 bytes
-SHA1 (patch-pen.c) = 1ece0ea00a12c5c1b3d31942e2d2fce6e3e2bf6f
+SHA1 (patch-pen.c) = 6c5315d429d26577ebdb9689ff71d9b4512f63ea
--- a/net/pen/patches/patch-pen.c
+++ b/net/pen/patches/patch-pen.c
@ -1,40 +1,39 @@
-$NetBSD: patch-pen.c,v 1.1 2016/03/29 21:46:48 khorben Exp $
+$NetBSD: patch-pen.c,v 1.2 2016/03/29 22:01:13 joerg Exp $

-Fix build without support for SSLv2
-
--- pen.c.orig	2007-09-12 06:26:31.000000000 +0000
+--- pen.c.orig	2016-03-28 18:32:43.989295691 +0000
 +++ pen.c
-@@ -56,7 +56,9 @@
+@@ -56,7 +56,6 @@
 #include <openssl/err.h>
 
 #define SRV_SSL_V23 0
 -#define SRV_SSL_V2 1
-+#ifndef OPENSSL_NO_SSL2
-+# define SRV_SSL_V2 1
-+#endif
 #define SRV_SSL_V3 2
 #define SRV_SSL_TLS1 3
 
-@@ -327,9 +329,11 @@ static int ssl_init(void)
+@@ -327,9 +326,6 @@ static int ssl_init(void)
 	SSL_load_error_strings();
 	SSLeay_add_ssl_algorithms();
 	switch (ssl_protocol) {
-+#ifndef OPENSSL_NO_SSL2
- 	case SRV_SSL_V2:
- 		ssl_context = SSL_CTX_new(SSLv2_method());
- 		break;
-+#endif
+-	case SRV_SSL_V2:
+-		ssl_context = SSL_CTX_new(SSLv2_method());
+-		break;
 	case SRV_SSL_V3:
 		ssl_context = SSL_CTX_new(SSLv3_method());
 		break;
-@@ -2625,8 +2629,10 @@ static int options(int argc, char **argv
+@@ -346,6 +342,7 @@ static int ssl_init(void)
+ 		error("SSL: Error allocating context: %s",
+ 			ERR_error_string(err, NULL));
+ 	}
+	SSL_CTX_set_options(ssl_context, SSL_OP_NO_SSLv2);
+ 	if (ssl_compat) {
+ 		SSL_CTX_set_options(ssl_context, SSL_OP_ALL);
+ 	}
+@@ -2625,8 +2622,6 @@ static int options(int argc, char **argv
 		case 'L':
 			if (strcmp(optarg, "ssl23") == 0)
 				ssl_protocol = SRV_SSL_V23;
-+#ifndef OPENSSL_NO_SSL2
- 			else if (strcmp(optarg, "ssl2") == 0)
- 				ssl_protocol = SRV_SSL_V2;
-+#endif
+-			else if (strcmp(optarg, "ssl2") == 0)
+-				ssl_protocol = SRV_SSL_V2;
 			else if (strcmp(optarg, "ssl3") == 0)
 				ssl_protocol = SRV_SSL_V3;
 			else if (strcmp(optarg, "tls1") == 0)