Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/w3m/patches/05-init-openssl.patch
author Rich Burridge <rich.burridge@oracle.com>
Thu, 29 Jan 2015 14:57:20 -0800
changeset 3705 0d8951107033
permissions -rw-r--r--
20231080 problem in UTILITY/W3M 20231097 problem in UTILITY/LYNX
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
3705
0d8951107033 20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff changeset 
     1
 
Disable SSLv2 and SSLv3 in w3m to "mitigate POODLE vulnerability".
0d8951107033 20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff changeset 
     2
 












0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     3


This change will be passed upstream.













0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     4














0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     5


--- w3m-0.5.2/url.c.orig	2015-01-29 08:37:04.156739107 -0800













0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     6


+++ w3m-0.5.2/url.c	2015-01-29 08:48:24.055383389 -0800













0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     7


@@ -337,6 +337,8 @@













0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     8


 		option |= SSL_OP_NO_TLSv1;













0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     9


 	}













0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    10


 	SSL_CTX_set_options(ssl_ctx, option);













0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    11


+	/* Always disable SSLv2 & SSLv3 to "mitigate POODLE vulnerability". */













0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    12


+	SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);













0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    13


 #ifdef USE_SSL_VERIFY













0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    14


 	/* derived from openssl-0.9.5/apps/s_{client,cb}.c */













0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    15


 #if 1				/* use SSL_get_verify_result() to verify cert */















upstream/oracle/userland-gate