source: trunk/server/common/patches/openssl-1.0.0n-conflicts.patchpatch @ 2558

Last change on this file since 2558 was 2558, checked in by andersk, 10 years ago
Update OpenSSL to 1.0.0n
File size: 4.0 KB
RevLine 
[2558]1--- openssl-1.0.0-beta5-cipher-change.patch     2013-02-19 16:06:15.000000000 -0500
2+++ openssl-1.0.0n-cipher-change.patch  2014-08-06 21:07:44.382050554 -0400
3@@ -9,7 +9,7 @@
4 +#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG               0x00000008L /* no effect since 1.0.0c due to CVE-2010-4180 */
5  #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG            0x00000010L
6  #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER             0x00000020L
7- #define SSL_OP_MSIE_SSLV2_RSA_PADDING                 0x00000040L /* no effect since 0.9.7h and 0.9.8b */
8+ #define SSL_OP_SAFARI_ECDHE_ECDSA_BUG                 0x00000040L
9 @@ -530,7 +530,7 @@ typedef struct ssl_session_st
10 
11  /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
12--- openssl-1.0.0b-ipv6-apps.patch      2013-02-19 16:06:15.000000000 -0500
13+++ openssl-1.0.0n-ipv6-apps.patch      2014-08-06 21:07:44.383050535 -0400
14@@ -179,7 +179,7 @@
15                {
16 -              i=0;
17 -              i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
18--              if (i < 0) { perror("keepalive"); return(0); }
19+-              if (i < 0) { closesocket(s); perror("keepalive"); return(0); }
20 +                      int i=0;
21 +                      i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,
22 +                              (char *)&i,sizeof(i));
23@@ -335,7 +335,7 @@
24        int len;
25  /*    struct linger ling; */
26 
27-@@ -432,135 +451,58 @@ redoit:
28+@@ -432,138 +451,59 @@ redoit:
29  */
30 
31        if (host == NULL) goto end;
32@@ -364,6 +364,7 @@
33 +              if ((*host=(char *)OPENSSL_malloc(strlen(buffer)+1)) == NULL)
34                        {
35                        perror("OPENSSL_malloc");
36+                       closesocket(ret);
37                        return(0);
38                        }
39 -              BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
40@@ -372,11 +373,13 @@
41 -              if (h2 == NULL)
42 -                      {
43 -                      BIO_printf(bio_err,"gethostbyname failure\n");
44+-                      closesocket(ret);
45 -                      return(0);
46 -                      }
47 -              if (h2->h_addrtype != AF_INET)
48 -                      {
49 -                      BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
50+-                      closesocket(ret);
51 -                      return(0);
52 -                      }
53 +              strcpy(*host, buffer);
54--- openssl-1.0.0k-fips.patch   2013-02-19 16:06:15.000000000 -0500
55+++ openssl-1.0.0n-fips.patch   2014-08-06 21:07:44.383050535 -0400
56@@ -10646,7 +10646,7 @@
57 
58 
59  static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag);
60-@@ -90,7 +94,14 @@ PKCS12 *PKCS12_create(char *pass, char *
61+@@ -90,11 +94,18 @@ PKCS12 *PKCS12_create(char *pass, char *
62 
63        /* Set defaults */
64        if (!nid_cert)
65@@ -10656,7 +10656,11 @@
66 +                      nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
67 +              else
68 +#endif
69+ #ifdef OPENSSL_NO_RC2
70+               nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
71+ #else
72                nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
73+ #endif
74 +              }
75        if (!nid_key)
76                nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
77--- openssl-1.0.1a-algo-doc.patch       2013-02-19 16:06:15.000000000 -0500
78+++ openssl-1.0.0n-algo-doc.patch       2014-08-06 21:07:44.382050554 -0400
79@@ -11,8 +11,8 @@
80 
81  EVP_DigestUpdate() hashes B<cnt> bytes of data at B<d> into the
82 @@ -165,7 +165,8 @@ EVP_MD_size(), EVP_MD_block_size(), EVP_
83- EVP_MD_CTX_block_size()       and EVP_MD_block_size() return the digest or block
84- size in bytes.
85+ EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and
86+ EVP_MD_CTX_block_size() return the digest or block size in bytes.
87 
88 -EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
89 +EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
90--- openssl-1.0.0k-version.patch        2013-02-19 16:06:15.000000000 -0500
91+++ openssl-1.0.0n-version.patch        2014-08-06 21:07:44.383050535 -0400
92@@ -5,17 +5,17 @@
93   * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
94   *  major minor fix final patch/beta)
95   */
96--#define OPENSSL_VERSION_NUMBER        0x100000bfL
97+-#define OPENSSL_VERSION_NUMBER        0x100000efL
98 +#define OPENSSL_VERSION_NUMBER        0x10000003L
99  #ifdef OPENSSL_FIPS
100- #define OPENSSL_VERSION_TEXT  "OpenSSL 1.0.0k-fips 5 Feb 2013"
101+ #define OPENSSL_VERSION_TEXT  "OpenSSL 1.0.0n-fips 6 Aug 2014"
102  #else
103 @@ -83,7 +83,7 @@
104   * should only keep the versions that are binary compatible with the current.
105   */
106  #define SHLIB_VERSION_HISTORY ""
107 -#define SHLIB_VERSION_NUMBER "1.0.0"
108-+#define SHLIB_VERSION_NUMBER "1.0.0k"
109++#define SHLIB_VERSION_NUMBER "1.0.0n"
110 
111 
112  #endif /* HEADER_OPENSSLV_H */
Note: See TracBrowser for help on using the repository browser.