Author: jkim Date: Fri Mar 20 23:48:11 2015 New Revision: 280306 URL: https://svnweb.freebsd.org/changeset/base/280306
Log: Disable insecure SSLv2 support from the base OpenSSL. Differential Revision: https://reviews.freebsd.org/D1304 Modified: head/secure/lib/libcrypto/opensslconf-arm.h head/secure/lib/libcrypto/opensslconf-mips.h head/secure/lib/libcrypto/opensslconf-powerpc.h head/secure/lib/libcrypto/opensslconf-sparc64.h head/secure/lib/libcrypto/opensslconf-x86.h head/secure/lib/libssl/Makefile head/sys/sys/param.h Modified: head/secure/lib/libcrypto/opensslconf-arm.h ============================================================================== --- head/secure/lib/libcrypto/opensslconf-arm.h Fri Mar 20 21:56:48 2015 (r280305) +++ head/secure/lib/libcrypto/opensslconf-arm.h Fri Mar 20 23:48:11 2015 (r280306) @@ -27,6 +27,9 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif +#ifndef OPENSSL_NO_SSL2 +# define OPENSSL_NO_SSL2 +#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -69,6 +72,9 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif +# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) +# define NO_SSL2 +# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: head/secure/lib/libcrypto/opensslconf-mips.h ============================================================================== --- head/secure/lib/libcrypto/opensslconf-mips.h Fri Mar 20 21:56:48 2015 (r280305) +++ head/secure/lib/libcrypto/opensslconf-mips.h Fri Mar 20 23:48:11 2015 (r280306) @@ -27,6 +27,9 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif +#ifndef OPENSSL_NO_SSL2 +# define OPENSSL_NO_SSL2 +#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -69,6 +72,9 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif +# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) +# define NO_SSL2 +# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: head/secure/lib/libcrypto/opensslconf-powerpc.h ============================================================================== --- head/secure/lib/libcrypto/opensslconf-powerpc.h Fri Mar 20 21:56:48 2015 (r280305) +++ head/secure/lib/libcrypto/opensslconf-powerpc.h Fri Mar 20 23:48:11 2015 (r280306) @@ -27,6 +27,9 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif +#ifndef OPENSSL_NO_SSL2 +# define OPENSSL_NO_SSL2 +#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -69,6 +72,9 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif +# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) +# define NO_SSL2 +# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: head/secure/lib/libcrypto/opensslconf-sparc64.h ============================================================================== --- head/secure/lib/libcrypto/opensslconf-sparc64.h Fri Mar 20 21:56:48 2015 (r280305) +++ head/secure/lib/libcrypto/opensslconf-sparc64.h Fri Mar 20 23:48:11 2015 (r280306) @@ -27,6 +27,9 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif +#ifndef OPENSSL_NO_SSL2 +# define OPENSSL_NO_SSL2 +#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -69,6 +72,9 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif +# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) +# define NO_SSL2 +# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: head/secure/lib/libcrypto/opensslconf-x86.h ============================================================================== --- head/secure/lib/libcrypto/opensslconf-x86.h Fri Mar 20 21:56:48 2015 (r280305) +++ head/secure/lib/libcrypto/opensslconf-x86.h Fri Mar 20 23:48:11 2015 (r280306) @@ -27,6 +27,9 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif +#ifndef OPENSSL_NO_SSL2 +# define OPENSSL_NO_SSL2 +#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -66,6 +69,9 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif +# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) +# define NO_SSL2 +# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: head/secure/lib/libssl/Makefile ============================================================================== --- head/secure/lib/libssl/Makefile Fri Mar 20 21:56:48 2015 (r280305) +++ head/secure/lib/libssl/Makefile Fri Mar 20 23:48:11 2015 (r280306) @@ -12,11 +12,11 @@ NO_LINT= SRCS= bio_ssl.c d1_both.c d1_clnt.c d1_enc.c d1_lib.c d1_meth.c d1_pkt.c \ d1_srtp.c d1_srvr.c s23_clnt.c s23_lib.c s23_meth.c s23_pkt.c \ - s23_srvr.c s2_clnt.c s2_enc.c s2_lib.c s2_meth.c s2_pkt.c s2_srvr.c \ - s3_both.c s3_cbc.c s3_clnt.c s3_enc.c s3_lib.c s3_meth.c s3_pkt.c \ - s3_srvr.c ssl_algs.c ssl_asn1.c ssl_cert.c ssl_ciph.c ssl_err.c \ - ssl_err2.c ssl_lib.c ssl_rsa.c ssl_sess.c ssl_stat.c ssl_txt.c \ - t1_clnt.c t1_enc.c t1_lib.c t1_meth.c t1_reneg.c t1_srvr.c tls_srp.c + s23_srvr.c s3_both.c s3_cbc.c s3_clnt.c s3_enc.c s3_lib.c s3_meth.c \ + s3_pkt.c s3_srvr.c ssl_algs.c ssl_asn1.c ssl_cert.c ssl_ciph.c \ + ssl_err.c ssl_err2.c ssl_lib.c ssl_rsa.c ssl_sess.c ssl_stat.c \ + ssl_txt.c t1_clnt.c t1_enc.c t1_lib.c t1_meth.c t1_reneg.c t1_srvr.c \ + tls_srp.c INCS= dtls1.h kssl.h srtp.h ssl.h ssl2.h ssl23.h ssl3.h tls1.h INCSDIR=${INCLUDEDIR}/openssl Modified: head/sys/sys/param.h ============================================================================== --- head/sys/sys/param.h Fri Mar 20 21:56:48 2015 (r280305) +++ head/sys/sys/param.h Fri Mar 20 23:48:11 2015 (r280306) @@ -58,7 +58,7 @@ * in the range 5 to 9. */ #undef __FreeBSD_version -#define __FreeBSD_version 1100065 /* Master, propagated to newvers */ +#define __FreeBSD_version 1100066 /* Master, propagated to newvers */ /* * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD, _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"