Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

2026-04-23 01:12:57 +02:00 · 2015-03-17 20:42:17 +01:00
parent 07f0e777f0 c366dbb433
commit 6f49ea2ea2
50 changed files with 148 additions and 40 deletions
--- a/src/patches/crda-3.13-crypto_use_optional.patch
+++ b/src/patches/crda-3.13-crypto_use_optional.patch
@@ -1,22 +0,0 @@
-Submitted By: hauke from OpenWRT
-Date: 2009-04-17
-Initial Package Version: 1.0.2
-Origin: https://dev.openwrt.org/changeset/15405/trunk/package/crda/patches/101-make_crypto_use_optional.patch
-Description: The patch was modified for version crda-3.13 by Erik Kapfer <erik.kapfer@ipfire.org>..
-This patch provides the following improvements:
-    * Crypto usage is optional.
-
-diff -Nur crda-3.13.orig/Makefile crda-3.13/Makefile
--- crda-3.13.orig/Makefile	2015-01-12 07:55:08.791183765 +0100
-+++ crda-3.13/Makefile	2015-01-12 07:56:35.437381029 +0100
-@@ -43,7 +43,9 @@
- 
- $(LIBREG): keys-ssl.c
- 
-else
-+endif
-+
-+ifeq ($(USE_GCRYPT),1)
- CFLAGS += -DUSE_GCRYPT
- LDLIBS += -lgcrypt
- 
--- a/src/patches/openssl-disable-sslv2-sslv3.patch
+++ b/src/patches/openssl-disable-sslv2-sslv3.patch
@@ -0,0 +1,13 @@
+diff -up openssl-1.0.1h/ssl/ssl_lib.c.v2v3 openssl-1.0.1h/ssl/ssl_lib.c
+--- openssl-1.0.1h/ssl/ssl_lib.c.v2v3	2014-06-11 16:02:52.000000000 +0200
+++ openssl-1.0.1h/ssl/ssl_lib.c	2014-06-30 14:18:04.290248080 +0200
+@@ -1875,6 +1875,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
+ 	 */
+ 	ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
+ 
+	/* Disable SSLv2 and SSLv3 by default (affects the SSLv23_method() only) */
+	ret->options |= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
+
+ 	return(ret);
+ err:
+ 	SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);