Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/lynx/patches/02-init-openssl.patch
author Mike Sullivan <Mike.Sullivan@Oracle.COM>
Thu, 08 Oct 2015 23:00:32 -0700
changeset 4929 29020dc0c404
parent 3886 23032290b95a
permissions -rw-r--r--
Added tag s12-85 for changeset 264d4a0eb386
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
3705
0d8951107033 20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff changeset 
     1
 
Disable SSLv2 and SSLv3 in lynx to "mitigate POODLE vulnerability".
0d8951107033 20231080 problem in UTILITY/W3M
Rich Burridge <rich.burridge@oracle.com>
parents:
diff changeset 
     2
 







3886






23032290b95a
20555289 lynx should be updated to version 2.8.8



Rich Burridge <rich.burridge@oracle.com>


parents: 
3705

diff
changeset




     3


This change has been passed upstream.








3705






0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     4









3886






23032290b95a
20555289 lynx should be updated to version 2.8.8



Rich Burridge <rich.burridge@oracle.com>


parents: 
3705

diff
changeset




     5


--- lynx2-8-8/WWW/Library/Implementation/HTTP.c.orig	2015-02-16 12:48:34.014809453 -0800













23032290b95a
20555289 lynx should be updated to version 2.8.8



Rich Burridge <rich.burridge@oracle.com>


parents: 
3705

diff
changeset




     6


+++ lynx2-8-8/WWW/Library/Implementation/HTTP.c	2015-02-16 12:49:09.627395954 -0800













23032290b95a
20555289 lynx should be updated to version 2.8.8



Rich Burridge <rich.burridge@oracle.com>


parents: 
3705

diff
changeset




     7


@@ -119,7 +119,8 @@













23032290b95a
20555289 lynx should be updated to version 2.8.8



Rich Burridge <rich.burridge@oracle.com>


parents: 
3705

diff
changeset




     8


 #else








3705






0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




     9


 	SSLeay_add_ssl_algorithms();













0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    10


 	ssl_ctx = SSL_CTX_new(SSLv23_client_method());








3886






23032290b95a
20555289 lynx should be updated to version 2.8.8



Rich Burridge <rich.burridge@oracle.com>


parents: 
3705

diff
changeset




    11


-	SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2);








3705






0d8951107033
20231080 problem in UTILITY/W3M



Rich Burridge <rich.burridge@oracle.com>


parents: 

diff
changeset




    12


+	/* Always disable SSLv2 & SSLv3 to "mitigate POODLE vulnerability". */








3886






23032290b95a
20555289 lynx should be updated to version 2.8.8



Rich Burridge <rich.burridge@oracle.com>


parents: 
3705

diff
changeset




    13


+	SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);













23032290b95a
20555289 lynx should be updated to version 2.8.8



Rich Burridge <rich.burridge@oracle.com>


parents: 
3705

diff
changeset




    14


 #ifdef SSL_OP_NO_COMPRESSION













23032290b95a
20555289 lynx should be updated to version 2.8.8



Rich Burridge <rich.burridge@oracle.com>


parents: 
3705

diff
changeset




    15


 	SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_COMPRESSION);













23032290b95a
20555289 lynx should be updated to version 2.8.8



Rich Burridge <rich.burridge@oracle.com>


parents: 
3705

diff
changeset




    16


 #endif















upstream/oracle/userland-gate