Codebase list openssl / ceec24e
Update to a git snapshot. Kurt Roeckx 10 years ago
7 changed file(s) with 140 addition(s) and 240 deletion(s). Raw diff Collapse all Expand all
+0
-26
debian/patches/aesni-mac.patch less more
0 From: Andy Polyakov <appro@openssl.org>
1 Date: Mon, 18 Mar 2013 19:29:41 +0100
2 Subject: e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI plaforms.
3 Origin: upstream: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=9ab3ce124616cb12bd39c6aa1e1bde0f46969b29
4 Bug-Debian: http://bugs.debian.org/701868
5 Bug: http://rt.openssl.org/Ticket/Display.html?id=3002&user=guest&pass=guest
6
7 diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
8 index 483e04b..fb2c884 100644
9 --- a/crypto/evp/e_aes_cbc_hmac_sha1.c
10 +++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
11 @@ -328,10 +328,11 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
12
13 if (res!=SHA_CBLOCK) continue;
14
15 - mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
16 + /* j is not incremented yet */
17 + mask = 0-((inp_len+7-j)>>(sizeof(j)*8-1));
18 data->u[SHA_LBLOCK-1] |= bitlen&mask;
19 sha1_block_data_order(&key->md,data,1);
20 - mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
21 + mask &= 0-((j-inp_len-72)>>(sizeof(j)*8-1));
22 pmac->u[0] |= key->md.h0 & mask;
23 pmac->u[1] |= key->md.h1 & mask;
24 pmac->u[2] |= key->md.h2 & mask;
25
+0
-27
debian/patches/cpuid.patch less more
0 From: Andy Polyakov <appro@openssl.org>
1 Date: Mon, 4 Mar 2013 19:05:04 +0000 (+0100)
2 Subject: x86cpuid.pl: make it work with older CPUs.
3 Origin: upstream: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=5702e965d759dde8a098d8108660721ba2b93a7d
4 Bug-Debian: http://bugs.debian.org/699692
5 Bug: http://rt.openssl.org/Ticket/Display.html?id=3005&user=guest&pass=guest
6
7 diff --git a/crypto/x86cpuid.pl b/crypto/x86cpuid.pl
8 index 3b6c469..e8a7518 100644
9 --- a/crypto/x86cpuid.pl
10 +++ b/crypto/x86cpuid.pl
11 @@ -69,6 +69,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
12 &inc ("esi"); # number of cores
13
14 &mov ("eax",1);
15 + &xor ("ecx","ecx");
16 &cpuid ();
17 &bt ("edx",28);
18 &jnc (&label("generic"));
19 @@ -102,6 +103,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
20
21 &set_label("nocacheinfo");
22 &mov ("eax",1);
23 + &xor ("ecx","ecx");
24 &cpuid ();
25 &and ("edx",0xbfefffff); # force reserved bits #20, #30 to 0
26 &cmp ("ebp",0);
+0
-25
debian/patches/dtls_version.patch less more
0 From: David Woodhouse <dwmw2@infradead.org>
1 Date: Tue, 12 Feb 2013 14:55:32 +0000
2 Subject: Check DTLS_BAD_VER for version number.
3 Origin: upstream: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=9fe4603b8245425a4c46986ed000fca054231253
4 Bug-Debian: http://bugs.debian.org/701826
5 Bug: http://rt.openssl.org/Ticket/Display.html?id=2984&user=guest&pass=guest
6
7 The version check for DTLS1_VERSION was redundant as
8 DTLS1_VERSION > TLS1_1_VERSION, however we do need to
9 check for DTLS1_BAD_VER for compatibility.
10
11 diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
12 index 02edf3f..443a31e 100644
13 --- a/ssl/s3_cbc.c
14 +++ b/ssl/s3_cbc.c
15 @@ -148,7 +148,7 @@ int tls1_cbc_remove_padding(const SSL* s,
16 unsigned padding_length, good, to_check, i;
17 const unsigned overhead = 1 /* padding length byte */ + mac_size;
18 /* Check if version requires explicit IV */
19 - if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
20 + if (s->version >= TLS1_1_VERSION || s->version == DTLS1_BAD_VER)
21 {
22 /* These lengths are all public so we can test them in
23 * non-constant time.
24
+139
-106
debian/patches/fix-pod-errors.patch less more
66 Bug-Debian: http://bugs.debian.org/723954
77 Bug: http://rt.openssl.org/Ticket/Display.html?id=3146&user=guest&pass=guest
88
9 --- openssl-1.0.1e.orig/doc/apps/smime.pod
10 +++ openssl-1.0.1e/doc/apps/smime.pod
11 @@ -308,28 +308,28 @@ remains DER.
9 Index: openssl-1.0.1e/doc/apps/smime.pod
10 ===================================================================
11 --- openssl-1.0.1e.orig/doc/apps/smime.pod 2013-12-22 17:21:52.913435572 +0100
12 +++ openssl-1.0.1e/doc/apps/smime.pod 2013-12-22 17:21:52.909435656 +0100
13 @@ -308,28 +308,28 @@
1214
1315 =over 4
1416
4345
4446 the message was verified correctly but an error occurred writing out
4547 the signers certificates.
46 --- openssl-1.0.1e.orig/doc/apps/cms.pod
47 +++ openssl-1.0.1e/doc/apps/cms.pod
48 @@ -450,28 +450,28 @@ remains DER.
48 Index: openssl-1.0.1e/doc/apps/cms.pod
49 ===================================================================
50 --- openssl-1.0.1e.orig/doc/apps/cms.pod 2013-12-22 17:21:52.913435572 +0100
51 +++ openssl-1.0.1e/doc/apps/cms.pod 2013-12-22 17:21:52.909435656 +0100
52 @@ -450,28 +450,28 @@
4953
5054 =over 4
5155
8084
8185 the message was verified correctly but an error occurred writing out
8286 the signers certificates.
83 --- openssl-1.0.1e.orig/doc/ssl/SSL_clear.pod
84 +++ openssl-1.0.1e/doc/ssl/SSL_clear.pod
85 @@ -56,12 +56,12 @@ The following return values can occur:
87 Index: openssl-1.0.1e/doc/ssl/SSL_clear.pod
88 ===================================================================
89 --- openssl-1.0.1e.orig/doc/ssl/SSL_clear.pod 2013-12-22 17:21:52.913435572 +0100
90 +++ openssl-1.0.1e/doc/ssl/SSL_clear.pod 2013-12-22 17:21:52.909435656 +0100
91 @@ -56,12 +56,12 @@
8692
8793 =over 4
8894
97103
98104 The SSL_clear() operation was successful.
99105
100 --- openssl-1.0.1e.orig/doc/ssl/SSL_session_reused.pod
101 +++ openssl-1.0.1e/doc/ssl/SSL_session_reused.pod
102 @@ -27,11 +27,11 @@ The following return values can occur:
106 Index: openssl-1.0.1e/doc/ssl/SSL_session_reused.pod
107 ===================================================================
108 --- openssl-1.0.1e.orig/doc/ssl/SSL_session_reused.pod 2013-12-22 17:21:52.913435572 +0100
109 +++ openssl-1.0.1e/doc/ssl/SSL_session_reused.pod 2013-12-22 17:21:52.909435656 +0100
110 @@ -27,11 +27,11 @@
103111
104112 =over 4
105113
113121
114122 A session was reused.
115123
116 --- openssl-1.0.1e.orig/doc/ssl/SSL_set_session.pod
117 +++ openssl-1.0.1e/doc/ssl/SSL_set_session.pod
118 @@ -37,11 +37,11 @@ The following return values can occur:
124 Index: openssl-1.0.1e/doc/ssl/SSL_set_session.pod
125 ===================================================================
126 --- openssl-1.0.1e.orig/doc/ssl/SSL_set_session.pod 2013-12-22 17:21:52.913435572 +0100
127 +++ openssl-1.0.1e/doc/ssl/SSL_set_session.pod 2013-12-22 17:21:52.909435656 +0100
128 @@ -37,11 +37,11 @@
119129
120130 =over 4
121131
129139
130140 The operation succeeded.
131141
132 --- openssl-1.0.1e.orig/doc/ssl/SSL_connect.pod
133 +++ openssl-1.0.1e/doc/ssl/SSL_connect.pod
134 @@ -49,13 +49,13 @@ not clean. It can also occur of action i
135 for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
136 to find out the reason.
142 Index: openssl-1.0.1e/doc/ssl/SSL_connect.pod
143 ===================================================================
144 --- openssl-1.0.1e.orig/doc/ssl/SSL_connect.pod 2013-12-22 17:21:52.913435572 +0100
145 +++ openssl-1.0.1e/doc/ssl/SSL_connect.pod 2013-12-22 17:22:42.956402467 +0100
146 @@ -41,13 +41,13 @@
147
148 =over 4
137149
138150 -=item 0
139151 +=item C<0>
147159
148160 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
149161 established.
150 --- openssl-1.0.1e.orig/doc/ssl/SSL_shutdown.pod
151 +++ openssl-1.0.1e/doc/ssl/SSL_shutdown.pod
152 @@ -92,7 +92,7 @@ The following return values can occur:
153
154 =over 4
162 Index: openssl-1.0.1e/doc/ssl/SSL_shutdown.pod
163 ===================================================================
164 --- openssl-1.0.1e.orig/doc/ssl/SSL_shutdown.pod 2013-12-22 17:21:52.913435572 +0100
165 +++ openssl-1.0.1e/doc/ssl/SSL_shutdown.pod 2013-12-22 17:23:49.347031915 +0100
166 @@ -92,14 +92,14 @@
167
168 =over 4
169
170 -=item 0
171 +=item C<0>
172
173 The shutdown is not yet finished. Call SSL_shutdown() for a second time,
174 if a bidirectional shutdown shall be performed.
175 The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
176 erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
155177
156178 -=item 1
157179 +=item C<1>
158180
159181 The shutdown was successfully completed. The "close notify" alert was sent
160182 and the peer's "close notify" alert was received.
161 @@ -101,7 +101,7 @@ and the peer's "close notify" alert was
162
163 =over 4
164
165 -=item 0
166 +=item C<0>
167
168 The shutdown is not yet finished. Call SSL_shutdown() for a second time,
169 if a bidirectional shutdown shall be performed.
170 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod
171 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod
172 @@ -66,7 +66,7 @@ values:
173
174 =over 4
175
176 -=item 1
177 +=item C<1>
178
179 The operation succeeded.
180
181 @@ -74,7 +74,7 @@ The operation succeeded.
183 Index: openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod
184 ===================================================================
185 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_client_CA_list.pod 2013-12-22 17:21:52.913435572 +0100
186 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_client_CA_list.pod 2013-12-22 17:24:41.985942861 +0100
187 @@ -66,13 +66,13 @@
182188
183189 =over 4
184190
187193
188194 A failure while manipulating the STACK_OF(X509_NAME) object occurred or
189195 the X509_NAME could not be extracted from B<cacert>. Check the error stack
190 --- openssl-1.0.1e.orig/doc/ssl/SSL_accept.pod
191 +++ openssl-1.0.1e/doc/ssl/SSL_accept.pod
192 @@ -44,7 +44,7 @@ The following return values can occur:
193
194 =over 4
196 to find out the reason.
197
198 -=item 1
199 +=item C<1>
200
201 The operation succeeded.
202
203 Index: openssl-1.0.1e/doc/ssl/SSL_accept.pod
204 ===================================================================
205 --- openssl-1.0.1e.orig/doc/ssl/SSL_accept.pod 2013-12-22 17:21:52.913435572 +0100
206 +++ openssl-1.0.1e/doc/ssl/SSL_accept.pod 2013-12-22 17:24:17.466450402 +0100
207 @@ -44,13 +44,13 @@
208
209 =over 4
210
211 -=item 0
212 +=item C<0>
213
214 The TLS/SSL handshake was not successful but was shut down controlled and
215 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
216 return value B<ret> to find out the reason.
195217
196218 -=item 1
197219 +=item C<1>
198220
199221 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
200222 established.
201 @@ -53,7 +53,7 @@ established.
202
203 =over 4
204
205 -=item 0
206 +=item C<0>
207
208 The TLS/SSL handshake was not successful but was shut down controlled and
209 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
210 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_session_id_context.pod
211 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod
212 @@ -64,13 +64,13 @@ return the following values:
223 Index: openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod
224 ===================================================================
225 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_session_id_context.pod 2013-12-22 17:21:52.913435572 +0100
226 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_session_id_context.pod 2013-12-22 17:21:52.909435656 +0100
227 @@ -64,13 +64,13 @@
213228
214229 =over 4
215230
225240
226241 The operation succeeded.
227242
228 --- openssl-1.0.1e.orig/doc/ssl/SSL_write.pod
229 +++ openssl-1.0.1e/doc/ssl/SSL_write.pod
230 @@ -79,7 +79,7 @@ The following return values can occur:
243 Index: openssl-1.0.1e/doc/ssl/SSL_write.pod
244 ===================================================================
245 --- openssl-1.0.1e.orig/doc/ssl/SSL_write.pod 2013-12-22 17:21:52.913435572 +0100
246 +++ openssl-1.0.1e/doc/ssl/SSL_write.pod 2013-12-22 17:21:52.909435656 +0100
247 @@ -79,7 +79,7 @@
231248 The write operation was successful, the return value is the number of
232249 bytes actually written to the TLS/SSL connection.
233250
236253
237254 The write operation was not successful. Probably the underlying connection
238255 was closed. Call SSL_get_error() with the return value B<ret> to find out,
239 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_load_verify_locations.pod
240 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod
241 @@ -100,13 +100,13 @@ The following return values can occur:
256 Index: openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod
257 ===================================================================
258 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_load_verify_locations.pod 2013-12-22 17:21:52.913435572 +0100
259 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_load_verify_locations.pod 2013-12-22 17:21:52.909435656 +0100
260 @@ -100,13 +100,13 @@
242261
243262 =over 4
244263
254273
255274 The operation succeeded.
256275
257 --- openssl-1.0.1e.orig/doc/ssl/SSL_set_fd.pod
258 +++ openssl-1.0.1e/doc/ssl/SSL_set_fd.pod
259 @@ -35,11 +35,11 @@ The following return values can occur:
276 Index: openssl-1.0.1e/doc/ssl/SSL_set_fd.pod
277 ===================================================================
278 --- openssl-1.0.1e.orig/doc/ssl/SSL_set_fd.pod 2013-12-22 17:21:52.913435572 +0100
279 +++ openssl-1.0.1e/doc/ssl/SSL_set_fd.pod 2013-12-22 17:21:52.909435656 +0100
280 @@ -35,11 +35,11 @@
260281
261282 =over 4
262283
270291
271292 The operation succeeded.
272293
273 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
274 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
275 @@ -100,7 +100,7 @@ completely.
276
277 =over 4
294 Index: openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
295 ===================================================================
296 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_use_psk_identity_hint.pod 2013-12-22 17:21:52.913435572 +0100
297 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_use_psk_identity_hint.pod 2013-12-22 17:21:52.909435656 +0100
298 @@ -96,7 +96,7 @@
299 connection will fail with decryption_error before it will be finished
300 completely.
278301
279302 -=item 0
280303 +=item C<0>
281304
282305 PSK identity was not found. An "unknown_psk_identity" alert message
283306 will be sent and the connection setup fails.
284 --- openssl-1.0.1e.orig/doc/ssl/SSL_read.pod
285 +++ openssl-1.0.1e/doc/ssl/SSL_read.pod
286 @@ -86,7 +86,7 @@ The following return values can occur:
307 Index: openssl-1.0.1e/doc/ssl/SSL_read.pod
308 ===================================================================
309 --- openssl-1.0.1e.orig/doc/ssl/SSL_read.pod 2013-12-22 17:21:52.913435572 +0100
310 +++ openssl-1.0.1e/doc/ssl/SSL_read.pod 2013-12-22 17:21:52.909435656 +0100
311 @@ -86,7 +86,7 @@
287312 The read operation was successful; the return value is the number of
288313 bytes actually read from the TLS/SSL connection.
289314
292317
293318 The read operation was not successful. The reason may either be a clean
294319 shutdown due to a "close notify" alert sent by the peer (in which case
295 --- openssl-1.0.1e.orig/doc/ssl/SSL_set_shutdown.pod
296 +++ openssl-1.0.1e/doc/ssl/SSL_set_shutdown.pod
297 @@ -24,7 +24,7 @@ The shutdown state of an ssl connection
320 Index: openssl-1.0.1e/doc/ssl/SSL_set_shutdown.pod
321 ===================================================================
322 --- openssl-1.0.1e.orig/doc/ssl/SSL_set_shutdown.pod 2013-12-22 17:21:52.913435572 +0100
323 +++ openssl-1.0.1e/doc/ssl/SSL_set_shutdown.pod 2013-12-22 17:21:52.909435656 +0100
324 @@ -24,7 +24,7 @@
298325
299326 =over 4
300327
303330
304331 No shutdown setting, yet.
305332
306 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_add_session.pod
307 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod
308 @@ -52,13 +52,13 @@ The following values are returned by all
333 Index: openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod
334 ===================================================================
335 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_add_session.pod 2013-12-22 17:21:52.913435572 +0100
336 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_add_session.pod 2013-12-22 17:21:52.909435656 +0100
337 @@ -52,13 +52,13 @@
309338
310339 =over 4
311340
321350
322351 The operation succeeded.
323352
324 --- openssl-1.0.1e.orig/doc/ssl/SSL_do_handshake.pod
325 +++ openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod
326 @@ -45,7 +45,7 @@ The following return values can occur:
327
328 =over 4
353 Index: openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod
354 ===================================================================
355 --- openssl-1.0.1e.orig/doc/ssl/SSL_do_handshake.pod 2013-12-22 17:21:52.913435572 +0100
356 +++ openssl-1.0.1e/doc/ssl/SSL_do_handshake.pod 2013-12-22 17:23:09.503854843 +0100
357 @@ -45,13 +45,13 @@
358
359 =over 4
360
361 -=item 0
362 +=item C<0>
363
364 The TLS/SSL handshake was not successful but was shut down controlled and
365 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
366 return value B<ret> to find out the reason.
329367
330368 -=item 1
331369 +=item C<1>
332370
333371 The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
334372 established.
335 @@ -54,7 +54,7 @@ established.
336
337 =over 4
338
339 -=item 0
340 +=item C<0>
341
342 The TLS/SSL handshake was not successful but was shut down controlled and
343 by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
344 --- openssl-1.0.1e.orig/doc/ssl/SSL_COMP_add_compression_method.pod
345 +++ openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod
346 @@ -53,11 +53,11 @@ SSL_COMP_add_compression_method() may re
373 Index: openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod
374 ===================================================================
375 --- openssl-1.0.1e.orig/doc/ssl/SSL_COMP_add_compression_method.pod 2013-12-22 17:21:52.913435572 +0100
376 +++ openssl-1.0.1e/doc/ssl/SSL_COMP_add_compression_method.pod 2013-12-22 17:21:52.909435656 +0100
377 @@ -53,11 +53,11 @@
347378
348379 =over 4
349380
357388
358389 The operation failed. Check the error queue to find out the reason.
359390
360 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_ssl_version.pod
361 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod
362 @@ -42,11 +42,11 @@ and SSL_set_ssl_method():
391 Index: openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod
392 ===================================================================
393 --- openssl-1.0.1e.orig/doc/ssl/SSL_CTX_set_ssl_version.pod 2013-12-22 17:21:52.913435572 +0100
394 +++ openssl-1.0.1e/doc/ssl/SSL_CTX_set_ssl_version.pod 2013-12-22 17:21:52.909435656 +0100
395 @@ -42,11 +42,11 @@
363396
364397 =over 4
365398
+0
-27
debian/patches/get_certificate.patch less more
0 From: "Dr. Stephen Henson" <steve@openssl.org>
1 Date: Mon, 11 Feb 2013 18:24:03 +0000
2 Subject: Fix for SSL_get_certificate
3 Origin: upstream: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=147dbb2fe3bead7a10e2f280261b661ce7af7adc
4 Bug-Debian: http://bugs.debian.org/703031
5
6
7 Now we set the current certificate to the one used by a server
8 there is no need to call ssl_get_server_send_cert which will
9 fail if we haven't sent a certificate yet.
10
11 diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
12 index 14d143d..ff5a85a 100644
13 --- a/ssl/ssl_lib.c
14 +++ b/ssl/ssl_lib.c
15 @@ -2792,9 +2792,7 @@ void ssl_clear_cipher_ctx(SSL *s)
16 /* Fix this function so that it takes an optional type parameter */
17 X509 *SSL_get_certificate(const SSL *s)
18 {
19 - if (s->server)
20 - return(ssl_get_server_send_cert(s));
21 - else if (s->cert != NULL)
22 + if (s->cert != NULL)
23 return(s->cert->key->x509);
24 else
25 return(NULL);
26
+1
-5
debian/patches/series less more
2727 block_diginotar.patch
2828 block_digicert_malaysia.patch
2929 #padlock_conf.patch
30 2013-12-21.patch
3031 defaults.patch
31 ssltest_no_sslv2.patch
32 cpuid.patch
33 aesni-mac.patch
34 dtls_version.patch
35 get_certificate.patch
3632 openssl_fix_for_x32.patch
3733 fix-pod-errors.patch
+0
-24
debian/patches/ssltest_no_sslv2.patch less more
0 From: Dr. Stephen Henson <steve@openssl.org>
1 Date: Mon Feb 11 18:17:50 2013 +0000
2 Origin: upstream, commit:cbf9b4aed3e209fe8a39e1d6f55aaf46d1369dc4
3 Subject: Fix in ssltest is no-ssl2 configured
4
5 diff --git a/ssl/ssltest.c b/ssl/ssltest.c
6 index 316bbb0..4f80be8 100644
7 --- a/ssl/ssltest.c
8 +++ b/ssl/ssltest.c
9 @@ -881,7 +881,13 @@ bad:
10 meth=SSLv23_method();
11 #else
12 #ifdef OPENSSL_NO_SSL2
13 - meth=SSLv3_method();
14 + if (tls1)
15 + meth=TLSv1_method();
16 + else
17 + if (ssl3)
18 + meth=SSLv3_method();
19 + else
20 + meth=SSLv23_method();
21 #else
22 meth=SSLv2_method();
23 #endif