[gentoo-commits] gentoo-x86 commit in dev-libs/openssl/files: openssl-0.9.8g-sslv3-no-tlsext.patch

[gentoo-commits] gentoo-x86 commit in dev-libs/openssl/files: openssl-0.9.8g-sslv3-no-tlsext.patch

[Doug Klima (cardoe)]

cardoe      08/03/25 00:27:17

  Added:                openssl-0.9.8g-sslv3-no-tlsext.patch
  Log:
  Patch from OpenSSL's bug tracker not to send TLS Extensions on SSLv3 only connections, while not explicitly against the SSL spec, several SSL implementations can not handle it. Patch by Kaspar Brand <ossl-rt@velox.ch> from http://rt.openssl.org/Ticket/Display.html?id=1629. Resolves bug #198914
  (Portage version: 2.1.4.4)

Revision  Changes    Path
1.1                  dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch?rev=1.1&content-type=text/plain

Index: openssl-0.9.8g-sslv3-no-tlsext.patch
===================================================================
ndex: ssl/t1_lib.c
===================================================================
RCS file: /home/ossl-cvs/openssl/ssl/t1_lib.c,v
retrieving revision 1.51
diff -p -u -r1.51 t1_lib.c
--- ssl/t1_lib.c	26 Oct 2007 12:06:35 -0000	1.51
+++ ssl/t1_lib.c	26 Feb 2008 18:02:50 -0000
@@ -267,6 +267,10 @@ unsigned char *ssl_add_clienthello_tlsex
 	int extdatalen=0;
 	unsigned char *ret = p;
 
+	/* don't add extensions for SSLv3 */
+	if (s->client_version == SSL3_VERSION)
+		return p;
+
 	ret+=2;
 
 	if (ret>=limit) return NULL; /* this really never occurs, but ... */
@@ -448,6 +452,10 @@ unsigned char *ssl_add_serverhello_tlsex
 	int extdatalen=0;
 	unsigned char *ret = p;
 
+	/* don't add extensions for SSLv3 */
+	if (s->version == SSL3_VERSION)
+		return p;
+	
 	ret+=2;
 	if (ret>=limit) return NULL; /* this really never occurs, but ... */



-- 
gentoo-commits@lists.gentoo.org mailing list

[gentoo-commits] gentoo-x86 commit in dev-libs/openssl/files: openssl-0.9.8g-sslv3-no-tlsext.patch

[Mike Frysinger (vapier)]

vapier      09/10/26 10:49:32

  Modified:             openssl-0.9.8g-sslv3-no-tlsext.patch
  Log:
  update patch header
  (Portage version: 2.2_rc46/cvs/Linux x86_64)

Revision  Changes    Path
1.2                  dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch?rev=1.2&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch?rev=1.2&content-type=text/plain
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch?r1=1.1&r2=1.2

Index: openssl-0.9.8g-sslv3-no-tlsext.patch
===================================================================
RCS file: /var/cvsroot/gentoo-x86/dev-libs/openssl/files/openssl-0.9.8g-sslv3-no-tlsext.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- openssl-0.9.8g-sslv3-no-tlsext.patch	25 Mar 2008 00:27:16 -0000	1.1
+++ openssl-0.9.8g-sslv3-no-tlsext.patch	26 Oct 2009 10:49:31 -0000	1.2
@@ -1,10 +1,13 @@
-ndex: ssl/t1_lib.c
+Fix from upstream cvs
+
+Index: ssl/t1_lib.c
 ===================================================================
-RCS file: /home/ossl-cvs/openssl/ssl/t1_lib.c,v
-retrieving revision 1.51
-diff -p -u -r1.51 t1_lib.c
---- ssl/t1_lib.c	26 Oct 2007 12:06:35 -0000	1.51
-+++ ssl/t1_lib.c	26 Feb 2008 18:02:50 -0000
+RCS file: /usr/local/src/openssl/CVSROOT/openssl/ssl/t1_lib.c,v
+retrieving revision 1.64
+retrieving revision 1.65
+diff -u -p -r1.64 -r1.65
+--- ssl/t1_lib.c	29 Dec 2008 16:15:27 -0000  1.64
++++ ssl/t1_lib.c	28 Apr 2009 22:10:54 -0000  1.65
 @@ -267,6 +267,10 @@ unsigned char *ssl_add_clienthello_tlsex
  	int extdatalen=0;
  	unsigned char *ret = p;