gentoo-mirror/gentoo
1
0
Fork 0
mirror of https://github.com/gentoo-mirror/gentoo.git synced 2026-01-04 01:37:34 -08:00
Code Issues Projects Releases Wiki Activity
gentoo/net-libs/libircclient/files/libircclient-1.10-openssl.patch
Lars Wendler 6e66251643
net-libs/libircclient: Added two openssl fixes from upstream. 
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11
2018-10-10 13:12:29 +02:00

39 lines
1.2 KiB
Diff
Raw Permalink Blame History

https://sourceforge.net/p/libircclient/code/141/
https://sourceforge.net/p/libircclient/code/142/
--- libircclient-1.10/src/ssl.c
+++ libircclient-1.10/src/ssl.c
@@ -114,26 +114,23 @@
#if OPENSSL_VERSION_NUMBER < 0x10100000L
SSL_library_init();
#else
- OPENSSL_init_ssl(0, NULL);
+ if ( OPENSSL_init_ssl(0, NULL) == 0 )
+ return LIBIRC_ERR_SSL_INIT_FAILED;
#endif
if ( RAND_status() == 0 )
return LIBIRC_ERR_SSL_INIT_FAILED;
// Create an SSL context; currently a single context is used for all connections
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
ssl_context = SSL_CTX_new( SSLv23_method() );
+#else
+ ssl_context = SSL_CTX_new( TLS_client_method() );
+#endif
if ( !ssl_context )
return LIBIRC_ERR_SSL_INIT_FAILED;
- // Disable SSLv2 as it is unsecure
- if ( (SSL_CTX_set_options( ssl_context, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2) == 0 )
- return LIBIRC_ERR_SSL_INIT_FAILED;
-
- // Enable only strong ciphers
- if ( SSL_CTX_set_cipher_list( ssl_context, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH" ) != 1 )
- return LIBIRC_ERR_SSL_INIT_FAILED;
-
// Set the verification
if ( session->options & LIBIRC_OPTION_SSL_NO_VERIFY )
SSL_CTX_set_verify( ssl_context, SSL_VERIFY_NONE, 0 );
Reference in New Issue View Git Blame Copy Permalink