source: trunk/server/common/patches/openssl-1.0.0n-cipher-change.patch @ 2560

Last change on this file since 2560 was 2558, checked in by andersk, 9 years ago
Update OpenSSL to 1.0.0n
File size: 1.1 KB
RevLine 
[2558]1diff -up openssl-1.0.0-beta5/ssl/ssl.h.cipher-change openssl-1.0.0-beta5/ssl/ssl.h
2--- openssl-1.0.0-beta5/ssl/ssl.h.cipher-change 2010-01-20 18:12:07.000000000 +0100
3+++ openssl-1.0.0-beta5/ssl/ssl.h       2010-01-20 18:13:04.000000000 +0100
4@@ -513,7 +513,7 @@ typedef struct ssl_session_st
5 #define SSL_OP_NETSCAPE_CHALLENGE_BUG                  0x00000002L
6 /* Allow initial connection to servers that don't support RI */
7 #define SSL_OP_LEGACY_SERVER_CONNECT                   0x00000004L
8-#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG                0x00000008L
9+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG                0x00000008L /* no effect since 1.0.0c due to CVE-2010-4180 */
10 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG             0x00000010L
11 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER              0x00000020L
12 #define SSL_OP_SAFARI_ECDHE_ECDSA_BUG                  0x00000040L
13@@ -530,7 +530,7 @@ typedef struct ssl_session_st
14 
15 /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
16  *             This used to be 0x000FFFFFL before 0.9.7. */
17-#define SSL_OP_ALL                                     0x80000FFFL
18+#define SSL_OP_ALL                                     0x80000FF7L
19 
20 /* DTLS options */
21 #define SSL_OP_NO_QUERY_MTU                 0x00001000L
Note: See TracBrowser for help on using the repository browser.