Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 23 Mar 2015 18:44:04 -0400
From:      Adam McDougall <mcdouga9@egr.msu.edu>
To:        Jung-uk Kim <jkim@FreeBSD.org>
Cc:        svn-ports-all@freebsd.org
Subject:   Re: svn commit: r382053 - head/mail/courier/files
Message-ID:  <55109734.4030604@egr.msu.edu>
In-Reply-To: <201503232235.t2NMZhGl045433@svn.freebsd.org>
References:  <201503232235.t2NMZhGl045433@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 03/23/2015 18:35, Jung-uk Kim wrote:
> Author: jkim
> Date: Mon Mar 23 22:35:42 2015
> New Revision: 382053
> URL: https://svnweb.freebsd.org/changeset/ports/382053
> QAT: https://qat.redports.org/buildarchive/r382053/
> 
> Log:
>   Fix build on head with the base OpenSSL.  SSLv2 is no longer available.
> 
> Added:
>   head/mail/courier/files/patch-tcpd__libcouriertls.c   (contents, props changed)
> 
> Added: head/mail/courier/files/patch-tcpd__libcouriertls.c
> ==============================================================================
> --- /dev/null	00:00:00 1970	(empty, because file is newly added)
> +++ head/mail/courier/files/patch-tcpd__libcouriertls.c	Mon Mar 23 22:35:42 2015	(r382053)
> @@ -0,0 +1,15 @@
> +--- tcpd/libcouriertls.c.orig	2009-11-21 15:07:32.000000000 -0500
> ++++ tcpd/libcouriertls.c	2015-03-23 18:04:57.776710000 -0400
> +@@ -551,8 +551,10 @@
> + 	if (!protocol || !*protocol)
> + 		protocol="SSL23";
> + 
> +-	ctx=SSL_CTX_new(protocol && strcmp(protocol, "SSL2") == 0
> +-							? SSLv2_method():
> ++	ctx=SSL_CTX_new(
> ++#ifndef OPENSSL_NO_SSL2
> ++		protocol && strcmp(protocol, "SSL2") == 0 ? SSLv2_method():
> ++#endif
> + 		protocol && strcmp(protocol, "SSL3") == 0 ? SSLv3_method():
> + 		protocol && strcmp(protocol, "SSL23") == 0 ? SSLv23_method():
> + 		TLSv1_method());

Could you please consider instead the more complete patch in Bug 198399?
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=198399

Lots of tested patches for SSL2 (and v3) already exist at:
https://wiki.freebsd.org/LibreSSL

and patches that only conditionalize SSL2 will make a previously
prepared patch not apply, increasing future work.  Thanks.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55109734.4030604>