Date: Tue, 2 Jul 2024 00:34:22 +0200 From: Matthias Andree <mandree@FreeBSD.org> To: Ryan Steinmetz <zi@FreeBSD.org> Cc: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: Re: git: 3653c88dfeb3 - main - irc/ircd-ratbox: Unbreak with modern OpenSSL Message-ID: <1aee547b-fb9c-4a35-957b-1c6eb34d106c@FreeBSD.org> In-Reply-To: <202407012147.461LlLWb038146@gitrepo.freebsd.org> References: <202407012147.461LlLWb038146@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 01.07.24 um 23:47 schrieb Ryan Steinmetz: > The branch main has been updated by zi: > > URL: https://cgit.FreeBSD.org/ports/commit/?id=3653c88dfeb3bbc5e9ad572b65276f5d8807693b > > commit 3653c88dfeb3bbc5e9ad572b65276f5d8807693b > Author: Ryan Steinmetz <zi@FreeBSD.org> > AuthorDate: 2024-07-01 21:46:46 +0000 > Commit: Ryan Steinmetz <zi@FreeBSD.org> > CommitDate: 2024-07-01 21:46:46 +0000 > > irc/ircd-ratbox: Unbreak with modern OpenSSL > > - Bump PORTREVISION > Approved by: blanket > --- > irc/ircd-ratbox/Makefile | 2 +- > irc/ircd-ratbox/files/patch-libratbox_src_openssl.c | 11 +++++++++++ > 2 files changed, 12 insertions(+), 1 deletion(-) > > diff --git a/irc/ircd-ratbox/Makefile b/irc/ircd-ratbox/Makefile > index 43f2c284fdce..1fa77580afe2 100644 > --- a/irc/ircd-ratbox/Makefile > +++ b/irc/ircd-ratbox/Makefile > @@ -1,6 +1,6 @@ > PORTNAME= ircd-ratbox > PORTVERSION= 3.0.10 > -PORTREVISION= 7 > +PORTREVISION= 8 > CATEGORIES= irc > MASTER_SITES= http://www.ratbox.org/download/ \ > http://www.ratbox.org/download/old/ > diff --git a/irc/ircd-ratbox/files/patch-libratbox_src_openssl.c b/irc/ircd-ratbox/files/patch-libratbox_src_openssl.c > new file mode 100644 > index 000000000000..69db1316de0a > --- /dev/null > +++ b/irc/ircd-ratbox/files/patch-libratbox_src_openssl.c > @@ -0,0 +1,11 @@ > +--- libratbox/src/openssl.c.orig 2024-07-01 21:36:08 UTC > ++++ libratbox/src/openssl.c > +@@ -299,7 +299,7 @@ rb_init_ssl(void) > + /* Disable SSLv2, make the client use our settings */ > + SSL_CTX_set_options(ssl_server_ctx, SSL_OP_NO_SSLv2 | SSL_OP_CIPHER_SERVER_PREFERENCE); Thanks. Should that also get options to add SSL_OP_NO_SSLv3, and possibly does it - or should one add - options to set the minimum negotiable TLS version to 1.2? > + > +- ssl_client_ctx = SSL_CTX_new(TLSv1_client_method()); > ++ ssl_client_ctx = SSL_CTX_new(TLS_client_method()); > + > + if(ssl_client_ctx == NULL) > + { -- Matthias Andree FreeBSD ports committer
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1aee547b-fb9c-4a35-957b-1c6eb34d106c>