Drop support for SSLv2. Bump revision.
This commit is contained in:
parent
788fdab01d
commit
ea51a609d9
4 changed files with 48 additions and 3 deletions
|
@ -1,9 +1,9 @@
|
|||
# $NetBSD: Makefile,v 1.68 2016/03/05 11:28:50 jperkin Exp $
|
||||
# $NetBSD: Makefile,v 1.69 2016/03/26 23:52:37 joerg Exp $
|
||||
#
|
||||
|
||||
DISTNAME= qpopper${VERSION}
|
||||
PKGNAME= qpopper-${VERSION}
|
||||
PKGREVISION= 4
|
||||
PKGREVISION= 5
|
||||
CATEGORIES= mail
|
||||
MASTER_SITES= ${QPOPPER_MASTER_SITES}
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
$NetBSD: distinfo,v 1.19 2015/11/03 23:27:18 agc Exp $
|
||||
$NetBSD: distinfo,v 1.20 2016/03/26 23:52:37 joerg Exp $
|
||||
|
||||
SHA1 (qpopper4.1.0.tar.gz) = 7806c230cb2b87d131c356de6ce85160650b5aea
|
||||
RMD160 (qpopper4.1.0.tar.gz) = 5254dd252739b2465795a0161bc2fed82adffbcc
|
||||
|
@ -14,3 +14,5 @@ SHA1 (patch-ag) = 401408f7c6150ec41cecb85d166e7e338b9a9e5f
|
|||
SHA1 (patch-al) = 93d3c6cc3deee57c707abeb131febbd057a1ef57
|
||||
SHA1 (patch-am) = 05cc53a56205d4db8bb7914437e788117d58b212
|
||||
SHA1 (patch-ap) = 1a9df8496a0190fc56db04630b415b04ba125a21
|
||||
SHA1 (patch-popper_pop__config.c) = 504b98bf5d4ee93d8530f68a1f4ea813b46b5c92
|
||||
SHA1 (patch-popper_pop__tls__openssl.c) = 7de9032306df0993c3455bf3a64a9e4cc4da4058
|
||||
|
|
16
mail/qpopper/patches/patch-popper_pop__config.c
Normal file
16
mail/qpopper/patches/patch-popper_pop__config.c
Normal file
|
@ -0,0 +1,16 @@
|
|||
$NetBSD: patch-popper_pop__config.c,v 1.1 2016/03/26 23:52:37 joerg Exp $
|
||||
|
||||
Remove SSLv2 support.
|
||||
|
||||
--- popper/pop_config.c.orig 2016-03-26 21:49:03.159886179 +0000
|
||||
+++ popper/pop_config.c
|
||||
@@ -433,7 +433,9 @@ static mnemonic_map mnem_map_tls_sup []
|
||||
static mnemonic_map mnem_map_tls_vers [] =
|
||||
{
|
||||
{ "default" , QPOP_TLSvDEFAULT },
|
||||
+#if 0
|
||||
{ "SSLv2" , QPOP_SSLv2 },
|
||||
+#endif
|
||||
{ "SSLv3" , QPOP_SSLv3 },
|
||||
{ "TLSv1" , QPOP_TLSv1 },
|
||||
{ "SSLv23" , QPOP_SSLv23 },
|
27
mail/qpopper/patches/patch-popper_pop__tls__openssl.c
Normal file
27
mail/qpopper/patches/patch-popper_pop__tls__openssl.c
Normal file
|
@ -0,0 +1,27 @@
|
|||
$NetBSD: patch-popper_pop__tls__openssl.c,v 1.1 2016/03/26 23:52:37 joerg Exp $
|
||||
|
||||
Disable SSLv2.
|
||||
|
||||
--- popper/pop_tls_openssl.c.orig 2016-03-26 21:49:05.471963098 +0000
|
||||
+++ popper/pop_tls_openssl.c
|
||||
@@ -318,10 +318,12 @@ openssl_init ( pop_tls *pTLS, POP *pPOP
|
||||
pTLS->m_OpenSSLmeth = SSLv23_server_method();
|
||||
break;
|
||||
|
||||
+#if 0
|
||||
case QPOP_SSLv2: /* SSL version 2 only */
|
||||
DEBUG_LOG0 ( pPOP, "...setting method to SSLv2_server_method" );
|
||||
pTLS->m_OpenSSLmeth = SSLv2_server_method();
|
||||
break;
|
||||
+#endif
|
||||
|
||||
case QPOP_SSLv3: /* SSL version 3 only */
|
||||
DEBUG_LOG0 ( pPOP, "...setting method to SSLv3_server_method" );
|
||||
@@ -350,6 +352,7 @@ openssl_init ( pop_tls *pTLS, POP *pPOP
|
||||
log_openssl_err ( pPOP, HERE, "Unable to allocate SSL_CTX" );
|
||||
goto Done;
|
||||
}
|
||||
+ SSL_CTX_set_options(pTLS->m_OpenSSLctx, SSL_OP_NO_SSLv2);
|
||||
|
||||
/*
|
||||
* Set desired options
|
Loading…
Reference in a new issue