Missed new additions in previous commit

Add checks for the presence of SSLv3 in OpenSSL/LibreSSL - obtained from
http://www.libressl.org/patches.html
This commit is contained in:
sevan 2015-10-14 18:42:34 +00:00
parent a99ab29716
commit e806445269
4 changed files with 70 additions and 0 deletions

View file

@ -0,0 +1,16 @@
$NetBSD: patch-ext_openssl_extconf.rb,v 1.1 2015/10/14 18:42:34 sevan Exp $
Check for SSLv3 support as it may nolonger be available
--- ext/openssl/extconf.rb.orig Thu Oct 8 12:36:41 2015
+++ ext/openssl/extconf.rb
@@ -104,6 +104,9 @@ have_func("OPENSSL_cleanse")
have_func("SSLv2_method")
have_func("SSLv2_server_method")
have_func("SSLv2_client_method")
+have_func("SSLv3_method")
+have_func("SSLv3_server_method")
+have_func("SSLv3_client_method")
unless have_func("SSL_set_tlsext_host_name", ['openssl/ssl.h'])
have_macro("SSL_set_tlsext_host_name", ['openssl/ssl.h']) && $defs.push("-DHAVE_SSL_SET_TLSEXT_HOST_NAME")
end

View file

@ -0,0 +1,19 @@
$NetBSD: patch-ext_openssl_ossl_ssl.c,v 1.1 2015/10/14 18:42:34 sevan Exp $
Only enable SSLv3 methods if Library provides support
--- ext/openssl/ossl_ssl.c.orig Thu Oct 8 12:43:06 2015
+++ ext/openssl/ossl_ssl.c
@@ -113,9 +113,12 @@ struct {
OSSL_SSL_METHOD_ENTRY(SSLv2_server),
OSSL_SSL_METHOD_ENTRY(SSLv2_client),
#endif
+#if defined(HAVE_SSLV3_METHOD) && defined(HAVE_SSLV3_SERVER_METHOD) && \
+ defined(HAVE_SSLV3_CLIENT_METHOD)
OSSL_SSL_METHOD_ENTRY(SSLv3),
OSSL_SSL_METHOD_ENTRY(SSLv3_server),
OSSL_SSL_METHOD_ENTRY(SSLv3_client),
+#endif
OSSL_SSL_METHOD_ENTRY(SSLv23),
OSSL_SSL_METHOD_ENTRY(SSLv23_server),
OSSL_SSL_METHOD_ENTRY(SSLv23_client),

View file

@ -0,0 +1,16 @@
$NetBSD: patch-ext_openssl_extconf.rb,v 1.1 2015/10/14 18:43:11 sevan Exp $
Check for SSLv3 support as it may nolonger be available.
--- ext/openssl/extconf.rb.orig Sat Oct 10 17:10:39 2015
+++ ext/openssl/extconf.rb
@@ -103,6 +103,9 @@ have_func("OPENSSL_cleanse")
have_func("SSLv2_method")
have_func("SSLv2_server_method")
have_func("SSLv2_client_method")
+have_func("SSLv3_method")
+have_func("SSLv3_server_method")
+have_func("SSLv3_client_method")
have_func("TLSv1_1_method")
have_func("TLSv1_1_server_method")
have_func("TLSv1_1_client_method")

View file

@ -0,0 +1,19 @@
$NetBSD: patch-ext_openssl_ossl_ssl.c,v 1.1 2015/10/14 18:43:11 sevan Exp $
Only enable SSLv3 methods if library provides support.
--- ext/openssl/ossl_ssl.c.orig Sat Oct 10 17:17:33 2015
+++ ext/openssl/ossl_ssl.c
@@ -129,9 +129,12 @@ struct {
OSSL_SSL_METHOD_ENTRY(SSLv2_server),
OSSL_SSL_METHOD_ENTRY(SSLv2_client),
#endif
+#if defined(HAVE_SSLV3_METHOD) && defined(HAVE_SSLV3_SERVER_METHOD) && \
+ defined(HAVE_SSLV3_CLIENT_METHOD)
OSSL_SSL_METHOD_ENTRY(SSLv3),
OSSL_SSL_METHOD_ENTRY(SSLv3_server),
OSSL_SSL_METHOD_ENTRY(SSLv3_client),
+#endif
OSSL_SSL_METHOD_ENTRY(SSLv23),
OSSL_SSL_METHOD_ENTRY(SSLv23_server),
OSSL_SSL_METHOD_ENTRY(SSLv23_client),