diff options
| author | Dirk Meyer <dinoex@FreeBSD.org> | 2015-03-21 10:53:13 +0000 |
|---|---|---|
| committer | Dirk Meyer <dinoex@FreeBSD.org> | 2015-03-21 10:53:13 +0000 |
| commit | a4e7653b215735f6aff3b742454cd573947c6140 (patch) | |
| tree | d091a5c3117c4efad30a26875bbf908639f2a2d6 /security/openssl/files/patch-RFC-5705 | |
| parent | java/eclipse: Upgrade version 4.3.2 => 4.4.2 (diff) | |
- Security update to 1.0.2a
- termios.h now default
- fix patches
- fix manpage generation
- option ZLIB removed from default
- restore padlock support
- restore RFC-5705
- restore patch history
- restore build on older FreeBSD
- restore soname
Security: https://www.openssl.org/news/secadv_20150319.txt
Security: CVE-2015-0291
Security: CVE-2015-0204
Security: CVE-2015-0290
Security: CVE-2015-0207
Security: CVE-2015-0286
Security: CVE-2015-0208
Security: CVE-2015-0287
Security: CVE-2015-0289
Security: CVE-2015-0292
Security: CVE-2015-0293
Security: CVE-2015-1787
Security: CVE-2015-0285
Security: CVE-2015-0209
Security: CVE-2015-0288
Diffstat (limited to 'security/openssl/files/patch-RFC-5705')
| -rw-r--r-- | security/openssl/files/patch-RFC-5705 | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/security/openssl/files/patch-RFC-5705 b/security/openssl/files/patch-RFC-5705 new file mode 100644 index 000000000000..7138cdf22b7d --- /dev/null +++ b/security/openssl/files/patch-RFC-5705 @@ -0,0 +1,38 @@ +--- ssl/ssl.h 6 Jan 2010 17:37:38 -0000 1.221.2.24 ++++ ssl/ssl.h 17 Jun 2010 12:25:35 -0000 +@@ -1806,6 +1806,10 @@ + /* Pre-shared secret session resumption functions */ + int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); + ++void SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len, ++ unsigned char *context, int context_len, ++ unsigned char *out, int olen); ++ + /* BEGIN ERROR CODES */ + /* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + +--- ssl/t1_enc.c.orig 2015-01-22 15:58:32.000000000 +0100 ++++ ssl/t1_enc.c 2015-03-10 07:21:12.000000000 +0100 +@@ -1261,6 +1261,21 @@ + return (rv); + } + ++void SSL_tls1_key_exporter(SSL *s, unsigned char *label, int label_len, ++ unsigned char *context, int context_len, ++ unsigned char *out, int olen) ++ { ++ unsigned char tmp[olen]; ++ ++ tls1_PRF(s->s3->tmp.new_cipher->algorithm2, ++ label, label_len, ++ s->s3->client_random,SSL3_RANDOM_SIZE, ++ s->s3->server_random,SSL3_RANDOM_SIZE, ++ context, context_len, NULL, 0, ++ s->session->master_key, s->session->master_key_length, ++ out, tmp, olen); ++ } ++ + int tls1_alert_code(int code) + { + switch (code) { |