| author | saurabh.vyas@oracle.com |
| Fri, 08 May 2015 11:22:54 -0700 | |
| changeset 4264 | 7d52b0c22474 |
| parent 4140 | a4532816a48e |
| permissions | -rw-r--r-- |
|
4140
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
1 |
/*------------------------------------------------------------------------------------------------- |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
2 |
This patch was developed in-house. |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
3 |
It is submitted upstream at https://www.cups.org/str.php?L4476+P-1+S0+C0+I0+E0+Q4476 |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
4 |
---------------------------------------------------------------------------------------------------*/ |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
5 |
--- scheduler/client.c 2015-03-06 03:28:52.100318608 -0800 |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
6 |
+++ scheduler/client.c 2015-03-06 03:35:41.539740276 -0800 |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
7 |
@@ -3258,7 +3258,7 @@ |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
8 |
|
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
9 |
context = SSL_CTX_new(SSLv23_server_method()); |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
10 |
|
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
11 |
- SSL_CTX_set_options(context, SSL_OP_NO_SSLv2); /* Only use SSLv3 or TLS */ |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
12 |
+ SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); /* Always disable SSLv2 & SSLv3 to "mitigate POODLE vulnerability". */ |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
13 |
if (SSLOptions & CUPSD_SSL_NOEMPTY) |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
14 |
SSL_CTX_set_options(context, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS); |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
15 |
SSL_CTX_use_PrivateKey_file(context, ServerKey, SSL_FILETYPE_PEM); |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
16 |
--- cups/http.c 2015-03-06 03:27:05.266068026 -0800 |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
17 |
+++ cups/http.c 2015-03-06 03:34:22.981276422 -0800 |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
18 |
@@ -2972,7 +2972,7 @@ |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
19 |
# ifdef HAVE_LIBSSL |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
20 |
context = SSL_CTX_new(SSLv23_client_method()); |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
21 |
|
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
22 |
- SSL_CTX_set_options(context, SSL_OP_NO_SSLv2); /* Only use SSLv3 or TLS */ |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
23 |
+ SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); /* Always disable SSLv2 & SSLv3 to "mitigate POODLE vulnerability". */ |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
24 |
|
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
25 |
bio = BIO_new(_httpBIOMethods()); |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
26 |
BIO_ctrl(bio, BIO_C_SET_FILE_PTR, 0, (char *)http); |
|
a4532816a48e
20231096 problem in UTILITY/CUPS
Panchami Sanjeev - Oracle Corporation - Bangalore India <panchami.sanjeev@oracle.com>
parents:
diff
changeset
|
27 |