diff options
| author | Rene Ladan <rene@FreeBSD.org> | 2020-01-01 14:20:43 +0000 |
|---|---|---|
| committer | Rene Ladan <rene@FreeBSD.org> | 2020-01-01 14:20:43 +0000 |
| commit | 758edde62973c24d29b0c082f9cab9329b405194 (patch) | |
| tree | 814d3f82f4830b66ab0ffc2cdbfd041d23929b49 /lang/erlang-runtime17/files/patch-lib_ssl_src_ssl__connection.erl | |
| parent | Fix GitLab with newer gems (diff) | |
Remove expired ports:
2020-01-01 databases/couchdb: No longer supported upstream, move to databases/couchdb2
2020-01-01 databases/riak: No longer supported upstream, see riak 2.9.0 and newer
2020-01-01 lang/erlang-runtime15: No longer supported upstream, use lang/erlang >= 21
2020-01-01 lang/erlang-runtime16: No longer supported upstream, use lang/erlang >=21
2020-01-01 lang/erlang-runtime17: No longer supported upstream, use lang/erlang >=21
2020-01-01 lang/erlang-runtime18: No longer supported upstream, use lang/erlang >=21
2020-01-01 lang/erlang-runtime19: No longer supported upstream, use lang/erlang >=21
Diffstat (limited to 'lang/erlang-runtime17/files/patch-lib_ssl_src_ssl__connection.erl')
| -rw-r--r-- | lang/erlang-runtime17/files/patch-lib_ssl_src_ssl__connection.erl | 30 |
1 files changed, 0 insertions, 30 deletions
diff --git a/lang/erlang-runtime17/files/patch-lib_ssl_src_ssl__connection.erl b/lang/erlang-runtime17/files/patch-lib_ssl_src_ssl__connection.erl deleted file mode 100644 index 8a8d93487cf5..000000000000 --- a/lang/erlang-runtime17/files/patch-lib_ssl_src_ssl__connection.erl +++ /dev/null @@ -1,30 +0,0 @@ ---- lib/ssl/src/ssl_connection.erl.orig 2015-03-31 12:32:52.000000000 +0000 -+++ lib/ssl/src/ssl_connection.erl 2017-12-14 13:13:46.570861000 +0000 -@@ -1135,8 +1135,25 @@ - request_client_cert(State2, Connection). - - certify_client_key_exchange(#encrypted_premaster_secret{premaster_secret= EncPMS}, -- #state{private_key = Key} = State, Connection) -> -- PremasterSecret = ssl_handshake:premaster_secret(EncPMS, Key), -+ #state{private_key = Key, client_hello_version = {Major, Minor} = Version } = State, Connection) -> -+ -+ %% Countermeasure for Bleichenbacher attack always provide some kind of premaster secret -+ %% and fail handshake later.RFC 5246 section 7.4.7.1. -+ PremasterSecret = -+ try ssl_handshake:premaster_secret(EncPMS, Key) of -+ Secret when erlang:byte_size(Secret) == ?NUM_OF_PREMASTERSECRET_BYTES -> -+ case Secret of -+ <<?BYTE(Major), ?BYTE(Minor), _/binary>> -> %% Correct -+ Secret; -+ <<?BYTE(_), ?BYTE(_), Rest/binary>> -> %% Version mismatch -+ <<?BYTE(Major), ?BYTE(Minor), Rest/binary>> -+ end; -+ _ -> %% erlang:byte_size(Secret) =/= ?NUM_OF_PREMASTERSECRET_BYTES -+ make_premaster_secret(Version, rsa) -+ catch -+ #alert{description = ?DECRYPT_ERROR} -> -+ make_premaster_secret(Version, rsa) -+ end, - calculate_master_secret(PremasterSecret, State, Connection, certify, cipher); - - certify_client_key_exchange(#client_diffie_hellman_public{dh_public = ClientPublicDhKey}, |