From owner-svn-src-all@FreeBSD.ORG Fri Mar 20 23:48:15 2015 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 526D7E95; Fri, 20 Mar 2015 23:48:15 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3C844E68; Fri, 20 Mar 2015 23:48:15 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t2KNmFw2033412; Fri, 20 Mar 2015 23:48:15 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t2KNmCM0033402; Fri, 20 Mar 2015 23:48:12 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201503202348.t2KNmCM0033402@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Fri, 20 Mar 2015 23:48:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r280306 - in head: secure/lib/libcrypto secure/lib/libssl sys/sys X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Mar 2015 23:48:15 -0000 Author: jkim Date: Fri Mar 20 23:48:11 2015 New Revision: 280306 URL: https://svnweb.freebsd.org/changeset/base/280306 Log: Disable insecure SSLv2 support from the base OpenSSL. Differential Revision: https://reviews.freebsd.org/D1304 Modified: head/secure/lib/libcrypto/opensslconf-arm.h head/secure/lib/libcrypto/opensslconf-mips.h head/secure/lib/libcrypto/opensslconf-powerpc.h head/secure/lib/libcrypto/opensslconf-sparc64.h head/secure/lib/libcrypto/opensslconf-x86.h head/secure/lib/libssl/Makefile head/sys/sys/param.h Modified: head/secure/lib/libcrypto/opensslconf-arm.h ============================================================================== --- head/secure/lib/libcrypto/opensslconf-arm.h Fri Mar 20 21:56:48 2015 (r280305) +++ head/secure/lib/libcrypto/opensslconf-arm.h Fri Mar 20 23:48:11 2015 (r280306) @@ -27,6 +27,9 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif +#ifndef OPENSSL_NO_SSL2 +# define OPENSSL_NO_SSL2 +#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -69,6 +72,9 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif +# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) +# define NO_SSL2 +# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: head/secure/lib/libcrypto/opensslconf-mips.h ============================================================================== --- head/secure/lib/libcrypto/opensslconf-mips.h Fri Mar 20 21:56:48 2015 (r280305) +++ head/secure/lib/libcrypto/opensslconf-mips.h Fri Mar 20 23:48:11 2015 (r280306) @@ -27,6 +27,9 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif +#ifndef OPENSSL_NO_SSL2 +# define OPENSSL_NO_SSL2 +#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -69,6 +72,9 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif +# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) +# define NO_SSL2 +# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: head/secure/lib/libcrypto/opensslconf-powerpc.h ============================================================================== --- head/secure/lib/libcrypto/opensslconf-powerpc.h Fri Mar 20 21:56:48 2015 (r280305) +++ head/secure/lib/libcrypto/opensslconf-powerpc.h Fri Mar 20 23:48:11 2015 (r280306) @@ -27,6 +27,9 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif +#ifndef OPENSSL_NO_SSL2 +# define OPENSSL_NO_SSL2 +#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -69,6 +72,9 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif +# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) +# define NO_SSL2 +# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: head/secure/lib/libcrypto/opensslconf-sparc64.h ============================================================================== --- head/secure/lib/libcrypto/opensslconf-sparc64.h Fri Mar 20 21:56:48 2015 (r280305) +++ head/secure/lib/libcrypto/opensslconf-sparc64.h Fri Mar 20 23:48:11 2015 (r280306) @@ -27,6 +27,9 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif +#ifndef OPENSSL_NO_SSL2 +# define OPENSSL_NO_SSL2 +#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -69,6 +72,9 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif +# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) +# define NO_SSL2 +# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: head/secure/lib/libcrypto/opensslconf-x86.h ============================================================================== --- head/secure/lib/libcrypto/opensslconf-x86.h Fri Mar 20 21:56:48 2015 (r280305) +++ head/secure/lib/libcrypto/opensslconf-x86.h Fri Mar 20 23:48:11 2015 (r280306) @@ -27,6 +27,9 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif +#ifndef OPENSSL_NO_SSL2 +# define OPENSSL_NO_SSL2 +#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -66,6 +69,9 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif +# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) +# define NO_SSL2 +# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: head/secure/lib/libssl/Makefile ============================================================================== --- head/secure/lib/libssl/Makefile Fri Mar 20 21:56:48 2015 (r280305) +++ head/secure/lib/libssl/Makefile Fri Mar 20 23:48:11 2015 (r280306) @@ -12,11 +12,11 @@ NO_LINT= SRCS= bio_ssl.c d1_both.c d1_clnt.c d1_enc.c d1_lib.c d1_meth.c d1_pkt.c \ d1_srtp.c d1_srvr.c s23_clnt.c s23_lib.c s23_meth.c s23_pkt.c \ - s23_srvr.c s2_clnt.c s2_enc.c s2_lib.c s2_meth.c s2_pkt.c s2_srvr.c \ - s3_both.c s3_cbc.c s3_clnt.c s3_enc.c s3_lib.c s3_meth.c s3_pkt.c \ - s3_srvr.c ssl_algs.c ssl_asn1.c ssl_cert.c ssl_ciph.c ssl_err.c \ - ssl_err2.c ssl_lib.c ssl_rsa.c ssl_sess.c ssl_stat.c ssl_txt.c \ - t1_clnt.c t1_enc.c t1_lib.c t1_meth.c t1_reneg.c t1_srvr.c tls_srp.c + s23_srvr.c s3_both.c s3_cbc.c s3_clnt.c s3_enc.c s3_lib.c s3_meth.c \ + s3_pkt.c s3_srvr.c ssl_algs.c ssl_asn1.c ssl_cert.c ssl_ciph.c \ + ssl_err.c ssl_err2.c ssl_lib.c ssl_rsa.c ssl_sess.c ssl_stat.c \ + ssl_txt.c t1_clnt.c t1_enc.c t1_lib.c t1_meth.c t1_reneg.c t1_srvr.c \ + tls_srp.c INCS= dtls1.h kssl.h srtp.h ssl.h ssl2.h ssl23.h ssl3.h tls1.h INCSDIR=${INCLUDEDIR}/openssl Modified: head/sys/sys/param.h ============================================================================== --- head/sys/sys/param.h Fri Mar 20 21:56:48 2015 (r280305) +++ head/sys/sys/param.h Fri Mar 20 23:48:11 2015 (r280306) @@ -58,7 +58,7 @@ * in the range 5 to 9. */ #undef __FreeBSD_version -#define __FreeBSD_version 1100065 /* Master, propagated to newvers */ +#define __FreeBSD_version 1100066 /* Master, propagated to newvers */ /* * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD,