Author: jkim
Date: Fri Mar 4 00:40:15 2016
New Revision: 296371
URL: https://svnweb.freebsd.org/changeset/base/296371
Log:
Re-enable SSLv2 support to restore ABI.
Excerpt from CHANGES:
Even if "enable-ssl2" is used, users who want to negotiate SSLv2 via
the version-flexible SSLv23_method() will need to explicitly call
either of:
SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
or
SSL_clear_options(ssl, SSL_OP_NO_SSLv2);
as appropriate. Even if either of those is used, or the application
explicitly uses the version-specific SSLv2_method() or its client and
server variants, SSLv2 ciphers vulnerable to exhaustive search key
recovery have been removed. Specifically, the SSLv2 40-bit EXPORT
ciphers, and SSLv2 56-bit DES are no longer available.
Approved by: re (marius, gjb), so (delphij)
Modified:
stable/10/secure/lib/libcrypto/opensslconf-arm.h
stable/10/secure/lib/libcrypto/opensslconf-ia64.h
stable/10/secure/lib/libcrypto/opensslconf-mips.h
stable/10/secure/lib/libcrypto/opensslconf-powerpc.h
stable/10/secure/lib/libcrypto/opensslconf-sparc64.h
stable/10/secure/lib/libcrypto/opensslconf-x86.h
Modified: stable/10/secure/lib/libcrypto/opensslconf-arm.h
==============================================================================
--- stable/10/secure/lib/libcrypto/opensslconf-arm.h Thu Mar 3 23:25:31
2016 (r296370)
+++ stable/10/secure/lib/libcrypto/opensslconf-arm.h Fri Mar 4 00:40:15
2016 (r296371)
@@ -27,9 +27,6 @@ extern "C" {
#ifndef OPENSSL_NO_SCTP
# define OPENSSL_NO_SCTP
#endif
-#ifndef OPENSSL_NO_SSL2
-# define OPENSSL_NO_SSL2
-#endif
#ifndef OPENSSL_NO_STORE
# define OPENSSL_NO_STORE
#endif
@@ -75,9 +72,6 @@ extern "C" {
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
# define NO_SCTP
# endif
-# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
-# define NO_SSL2
-# endif
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
# define NO_STORE
# endif
Modified: stable/10/secure/lib/libcrypto/opensslconf-ia64.h
==============================================================================
--- stable/10/secure/lib/libcrypto/opensslconf-ia64.h Thu Mar 3 23:25:31
2016 (r296370)
+++ stable/10/secure/lib/libcrypto/opensslconf-ia64.h Fri Mar 4 00:40:15
2016 (r296371)
@@ -24,9 +24,6 @@
#ifndef OPENSSL_NO_SCTP
# define OPENSSL_NO_SCTP
#endif
-#ifndef OPENSSL_NO_SSL2
-# define OPENSSL_NO_SSL2
-#endif
#ifndef OPENSSL_NO_STORE
# define OPENSSL_NO_STORE
#endif
@@ -69,9 +66,6 @@
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
# define NO_SCTP
# endif
-# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
-# define NO_SSL2
-# endif
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
# define NO_STORE
# endif
Modified: stable/10/secure/lib/libcrypto/opensslconf-mips.h
==============================================================================
--- stable/10/secure/lib/libcrypto/opensslconf-mips.h Thu Mar 3 23:25:31
2016 (r296370)
+++ stable/10/secure/lib/libcrypto/opensslconf-mips.h Fri Mar 4 00:40:15
2016 (r296371)
@@ -27,9 +27,6 @@ extern "C" {
#ifndef OPENSSL_NO_SCTP
# define OPENSSL_NO_SCTP
#endif
-#ifndef OPENSSL_NO_SSL2
-# define OPENSSL_NO_SSL2
-#endif
#ifndef OPENSSL_NO_STORE
# define OPENSSL_NO_STORE
#endif
@@ -75,9 +72,6 @@ extern "C" {
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
# define NO_SCTP
# endif
-# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
-# define NO_SSL2
-# endif
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
# define NO_STORE
# endif
Modified: stable/10/secure/lib/libcrypto/opensslconf-powerpc.h
==============================================================================
--- stable/10/secure/lib/libcrypto/opensslconf-powerpc.h Thu Mar 3
23:25:31 2016 (r296370)
+++ stable/10/secure/lib/libcrypto/opensslconf-powerpc.h Fri Mar 4
00:40:15 2016 (r296371)
@@ -27,9 +27,6 @@ extern "C" {
#ifndef OPENSSL_NO_SCTP
# define OPENSSL_NO_SCTP
#endif
-#ifndef OPENSSL_NO_SSL2
-# define OPENSSL_NO_SSL2
-#endif
#ifndef OPENSSL_NO_STORE
# define OPENSSL_NO_STORE
#endif
@@ -75,9 +72,6 @@ extern "C" {
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
# define NO_SCTP
# endif
-# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
-# define NO_SSL2
-# endif
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
# define NO_STORE
# endif
Modified: stable/10/secure/lib/libcrypto/opensslconf-sparc64.h
==============================================================================
--- stable/10/secure/lib/libcrypto/opensslconf-sparc64.h Thu Mar 3
23:25:31 2016 (r296370)
+++ stable/10/secure/lib/libcrypto/opensslconf-sparc64.h Fri Mar 4
00:40:15 2016 (r296371)
@@ -27,9 +27,6 @@ extern "C" {
#ifndef OPENSSL_NO_SCTP
# define OPENSSL_NO_SCTP
#endif
-#ifndef OPENSSL_NO_SSL2
-# define OPENSSL_NO_SSL2
-#endif
#ifndef OPENSSL_NO_STORE
# define OPENSSL_NO_STORE
#endif
@@ -75,9 +72,6 @@ extern "C" {
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
# define NO_SCTP
# endif
-# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
-# define NO_SSL2
-# endif
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
# define NO_STORE
# endif
Modified: stable/10/secure/lib/libcrypto/opensslconf-x86.h
==============================================================================
--- stable/10/secure/lib/libcrypto/opensslconf-x86.h Thu Mar 3 23:25:31
2016 (r296370)
+++ stable/10/secure/lib/libcrypto/opensslconf-x86.h Fri Mar 4 00:40:15
2016 (r296371)
@@ -27,9 +27,6 @@ extern "C" {
#ifndef OPENSSL_NO_SCTP
# define OPENSSL_NO_SCTP
#endif
-#ifndef OPENSSL_NO_SSL2
-# define OPENSSL_NO_SSL2
-#endif
#ifndef OPENSSL_NO_STORE
# define OPENSSL_NO_STORE
#endif
@@ -72,9 +69,6 @@ extern "C" {
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
# define NO_SCTP
# endif
-# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
-# define NO_SSL2
-# endif
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
# define NO_STORE
# endif
_______________________________________________
svn-src-stable-10@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10
To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
