Date: Fri, 4 Mar 2016 00:40:16 +0000 (UTC) From: Jung-uk Kim <jkim@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r296371 - stable/10/secure/lib/libcrypto Message-ID: <201603040040.u240eGeY044590@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jkim Date: Fri Mar 4 00:40:15 2016 New Revision: 296371 URL: https://svnweb.freebsd.org/changeset/base/296371 Log: Re-enable SSLv2 support to restore ABI. Excerpt from CHANGES: Even if "enable-ssl2" is used, users who want to negotiate SSLv2 via the version-flexible SSLv23_method() will need to explicitly call either of: SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2); or SSL_clear_options(ssl, SSL_OP_NO_SSLv2); as appropriate. Even if either of those is used, or the application explicitly uses the version-specific SSLv2_method() or its client and server variants, SSLv2 ciphers vulnerable to exhaustive search key recovery have been removed. Specifically, the SSLv2 40-bit EXPORT ciphers, and SSLv2 56-bit DES are no longer available. Approved by: re (marius, gjb), so (delphij) Modified: stable/10/secure/lib/libcrypto/opensslconf-arm.h stable/10/secure/lib/libcrypto/opensslconf-ia64.h stable/10/secure/lib/libcrypto/opensslconf-mips.h stable/10/secure/lib/libcrypto/opensslconf-powerpc.h stable/10/secure/lib/libcrypto/opensslconf-sparc64.h stable/10/secure/lib/libcrypto/opensslconf-x86.h Modified: stable/10/secure/lib/libcrypto/opensslconf-arm.h ============================================================================== --- stable/10/secure/lib/libcrypto/opensslconf-arm.h Thu Mar 3 23:25:31 2016 (r296370) +++ stable/10/secure/lib/libcrypto/opensslconf-arm.h Fri Mar 4 00:40:15 2016 (r296371) @@ -27,9 +27,6 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif -#ifndef OPENSSL_NO_SSL2 -# define OPENSSL_NO_SSL2 -#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -75,9 +72,6 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif -# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) -# define NO_SSL2 -# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: stable/10/secure/lib/libcrypto/opensslconf-ia64.h ============================================================================== --- stable/10/secure/lib/libcrypto/opensslconf-ia64.h Thu Mar 3 23:25:31 2016 (r296370) +++ stable/10/secure/lib/libcrypto/opensslconf-ia64.h Fri Mar 4 00:40:15 2016 (r296371) @@ -24,9 +24,6 @@ #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif -#ifndef OPENSSL_NO_SSL2 -# define OPENSSL_NO_SSL2 -#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -69,9 +66,6 @@ # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif -# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) -# define NO_SSL2 -# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: stable/10/secure/lib/libcrypto/opensslconf-mips.h ============================================================================== --- stable/10/secure/lib/libcrypto/opensslconf-mips.h Thu Mar 3 23:25:31 2016 (r296370) +++ stable/10/secure/lib/libcrypto/opensslconf-mips.h Fri Mar 4 00:40:15 2016 (r296371) @@ -27,9 +27,6 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif -#ifndef OPENSSL_NO_SSL2 -# define OPENSSL_NO_SSL2 -#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -75,9 +72,6 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif -# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) -# define NO_SSL2 -# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: stable/10/secure/lib/libcrypto/opensslconf-powerpc.h ============================================================================== --- stable/10/secure/lib/libcrypto/opensslconf-powerpc.h Thu Mar 3 23:25:31 2016 (r296370) +++ stable/10/secure/lib/libcrypto/opensslconf-powerpc.h Fri Mar 4 00:40:15 2016 (r296371) @@ -27,9 +27,6 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif -#ifndef OPENSSL_NO_SSL2 -# define OPENSSL_NO_SSL2 -#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -75,9 +72,6 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif -# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) -# define NO_SSL2 -# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: stable/10/secure/lib/libcrypto/opensslconf-sparc64.h ============================================================================== --- stable/10/secure/lib/libcrypto/opensslconf-sparc64.h Thu Mar 3 23:25:31 2016 (r296370) +++ stable/10/secure/lib/libcrypto/opensslconf-sparc64.h Fri Mar 4 00:40:15 2016 (r296371) @@ -27,9 +27,6 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif -#ifndef OPENSSL_NO_SSL2 -# define OPENSSL_NO_SSL2 -#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -75,9 +72,6 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif -# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) -# define NO_SSL2 -# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif Modified: stable/10/secure/lib/libcrypto/opensslconf-x86.h ============================================================================== --- stable/10/secure/lib/libcrypto/opensslconf-x86.h Thu Mar 3 23:25:31 2016 (r296370) +++ stable/10/secure/lib/libcrypto/opensslconf-x86.h Fri Mar 4 00:40:15 2016 (r296371) @@ -27,9 +27,6 @@ extern "C" { #ifndef OPENSSL_NO_SCTP # define OPENSSL_NO_SCTP #endif -#ifndef OPENSSL_NO_SSL2 -# define OPENSSL_NO_SSL2 -#endif #ifndef OPENSSL_NO_STORE # define OPENSSL_NO_STORE #endif @@ -72,9 +69,6 @@ extern "C" { # if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) # define NO_SCTP # endif -# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2) -# define NO_SSL2 -# endif # if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) # define NO_STORE # endif
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201603040040.u240eGeY044590>