62 lines
1.4 KiB
Plaintext
62 lines
1.4 KiB
Plaintext
$NetBSD: patch-ge,v 1.5 2016/03/17 14:15:39 jperkin Exp $
|
|
|
|
Disable SSLv2.
|
|
|
|
--- kcontrol/crypto/crypto.cpp.orig 2006-10-01 17:31:49.000000000 +0000
|
|
+++ kcontrol/crypto/crypto.cpp
|
|
@@ -2321,11 +2321,17 @@ bool KCryptoConfig::loadCiphers() {
|
|
unsigned int i;
|
|
SSL_CTX *ctx;
|
|
SSL *ssl;
|
|
+#if OPENSSL_VERSION_NUMBER < 0x00909000L
|
|
SSL_METHOD *meth;
|
|
+#else
|
|
+const SSL_METHOD *meth;
|
|
+#endif
|
|
+ CipherItem *item;
|
|
|
|
SSLv2Box->clear();
|
|
SSLv3Box->clear();
|
|
|
|
+#if 0
|
|
meth = SSLv2_client_method();
|
|
SSLeay_add_ssl_algorithms();
|
|
ctx = SSL_CTX_new(meth);
|
|
@@ -2334,11 +2340,12 @@ SSL_METHOD *meth;
|
|
ssl = SSL_new(ctx);
|
|
if (!ssl) return false;
|
|
|
|
- CipherItem *item;
|
|
for (i=0; ; i++) {
|
|
int j, k;
|
|
- SSL_CIPHER *sc;
|
|
- sc = (meth->get_cipher)(i);
|
|
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10000000L
|
|
+ const
|
|
+#endif
|
|
+ SSL_CIPHER *sc = (meth->get_cipher)(i);
|
|
if (!sc)
|
|
break;
|
|
// Leak of sc*?
|
|
@@ -2353,6 +2360,7 @@ SSL_METHOD *meth;
|
|
|
|
if (ctx) SSL_CTX_free(ctx);
|
|
if (ssl) SSL_free(ssl);
|
|
+#endif
|
|
|
|
// We repeat for SSLv3
|
|
meth = SSLv3_client_method();
|
|
@@ -2365,8 +2373,10 @@ SSL_METHOD *meth;
|
|
|
|
for (i=0; ; i++) {
|
|
int j, k;
|
|
- SSL_CIPHER *sc;
|
|
- sc = (meth->get_cipher)(i);
|
|
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10000000L
|
|
+ const
|
|
+#endif
|
|
+ SSL_CIPHER *sc = (meth->get_cipher)(i);
|
|
if (!sc)
|
|
break;
|
|
// Leak of sc*?
|