Date: Mon, 25 Jul 2016 17:41:15 +0000 (UTC) From: Brad Davis <brd@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r419050 - in head/irc/xchat: . files Message-ID: <201607251741.u6PHfFqq014676@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: brd Date: Mon Jul 25 17:41:15 2016 New Revision: 419050 URL: https://svnweb.freebsd.org/changeset/ports/419050 Log: Fix connecting to servers with SSLv3 disabled to address POODLE. PR: 142198 Submitted by: lordsith49@hotmail.com, brnrd Added: head/irc/xchat/files/patch-src_common_ssl.c (contents, props changed) Modified: head/irc/xchat/Makefile Modified: head/irc/xchat/Makefile ============================================================================== --- head/irc/xchat/Makefile Mon Jul 25 17:10:38 2016 (r419049) +++ head/irc/xchat/Makefile Mon Jul 25 17:41:15 2016 (r419050) @@ -4,7 +4,7 @@ PORTNAME= xchat PORTVERSION= 2.8.8 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= irc gnome ipv6 MASTER_SITES= SF/${PORTNAME}/ \ http://xchat.org/files/source/${PORTVERSION:C/^([0-9]+\.[0-9]+).*/\1/}/ Added: head/irc/xchat/files/patch-src_common_ssl.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/irc/xchat/files/patch-src_common_ssl.c Mon Jul 25 17:41:15 2016 (r419050) @@ -0,0 +1,21 @@ +--- src/common/ssl.c.orig 2009-08-16 11:40:16.000000000 +0200 ++++ src/common/ssl.c 2015-09-26 16:13:10.740904871 +0200 +@@ -70,7 +70,8 @@ _SSL_context_init (void (*info_cb_func), + + SSLeay_add_ssl_algorithms (); + SSL_load_error_strings (); +- ctx = SSL_CTX_new (server ? SSLv3_server_method() : SSLv3_client_method ()); ++ ctx = SSL_CTX_new (server ? SSLv23_server_method() : SSLv23_client_method ()); ++ SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); + + SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH); + SSL_CTX_set_timeout (ctx, 300); +@@ -281,7 +282,7 @@ _SSL_socket (SSL_CTX *ctx, int sd) + __SSL_critical_error ("SSL_new"); + + SSL_set_fd (ssl, sd); +- if (ctx->method == SSLv3_client_method()) ++ if (ctx->method == SSLv23_client_method()) + SSL_set_connect_state (ssl); + else + SSL_set_accept_state(ssl);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201607251741.u6PHfFqq014676>