[packages/ckermit] - partial update
arekm
arekm at pld-linux.org
Thu Sep 27 13:23:05 CEST 2018
commit abd21ebbebdacf608a7fdd1255009b3a506c4734
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Thu Sep 27 13:22:57 2018 +0200
- partial update
050-consider-OPENSSL_NO_SSL3.patch | 82 ++++++++++++++++++++++++++++++++++++++
build.patch | 18 +++++++++
ckermit.spec | 6 ++-
3 files changed, 105 insertions(+), 1 deletion(-)
---
diff --git a/ckermit.spec b/ckermit.spec
index 26d0a54..3f94b52 100644
--- a/ckermit.spec
+++ b/ckermit.spec
@@ -18,6 +18,8 @@ Source4: cku-%{name}.phone
Patch0: cku-makefile.patch
Patch1: %{name}-gcc4.patch
Patch2: %{name}-openssl-clash.patch
+Patch3: build.patch
+Patch4: 050-consider-OPENSSL_NO_SSL3.patch
URL: http://www.columbia.edu/kermit/
%{?with_kerberos5:BuildRequires: heimdal-devel}
BuildRequires: ncurses-devel
@@ -46,6 +48,8 @@ komunikacyjnych.
%patch0 -p1
%patch1 -p1
%patch2 -p1
+%patch3 -p1
+%patch4 -p1
%build
%if %{with kerberos5}
@@ -55,7 +59,7 @@ komunikacyjnych.
%endif
CC="%{__cc}" \
CC2="%{__cc}" \
- OPT="%{rpmcflags}" \
+ OPT="%{rpmcflags} -DNOARROWKEYS=1" \
LNKFLAGS="%{rpmldflags}"
%install
diff --git a/050-consider-OPENSSL_NO_SSL3.patch b/050-consider-OPENSSL_NO_SSL3.patch
new file mode 100644
index 0000000..1ffa8cf
--- /dev/null
+++ b/050-consider-OPENSSL_NO_SSL3.patch
@@ -0,0 +1,82 @@
+From: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
+Date: Tue, 19 Apr 2016 21:32:07 +0200
+Subject: [PATCH] consider OPENSSL_NO_SSL3
+
+and avoid using SSLv3 code when not provided by openssl.
+
+Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
+---
+ ck_ssl.c | 8 ++++++++
+ ckcftp.c | 5 +++++
+ 2 files changed, 13 insertions(+)
+
+diff --git a/ck_ssl.c b/ck_ssl.c
+index 428fb7ca6f98..3640d8f07fa8 100644
+--- a/ck_ssl.c
++++ b/ck_ssl.c
+@@ -1579,7 +1579,9 @@ ssl_tn_init(mode) int mode;
+ /* This can fail because we do not have RSA available */
+ if ( !ssl_ctx ) {
+ debug(F110,"ssl_tn_init","SSLv23_client_method failed",0);
++#ifndef OPENSSL_NO_SSL3
+ ssl_ctx=(SSL_CTX *)SSL_CTX_new(SSLv3_client_method());
++#endif
+ }
+ if ( !ssl_ctx ) {
+ debug(F110,"ssl_tn_init","SSLv3_client_method failed",0);
+@@ -1593,7 +1595,9 @@ ssl_tn_init(mode) int mode;
+ /* This can fail because we do not have RSA available */
+ if ( !tls_ctx ) {
+ debug(F110,"ssl_tn_init","SSLv23_client_method failed",0);
++#ifndef OPENSSL_NO_SSL3
+ tls_ctx=(SSL_CTX *)SSL_CTX_new(SSLv3_client_method());
++#endif
+ }
+ #endif /* COMMENT */
+ if ( !tls_ctx ) {
+@@ -1611,7 +1615,9 @@ ssl_tn_init(mode) int mode;
+ /* This can fail because we do not have RSA available */
+ if ( !ssl_ctx ) {
+ debug(F110,"ssl_tn_init","SSLv23_server_method failed",0);
++#ifndef OPENSSL_NO_SSL3
+ ssl_ctx=(SSL_CTX *)SSL_CTX_new(SSLv3_server_method());
++#endif
+ }
+ if ( !ssl_ctx ) {
+ debug(F110,"ssl_tn_init","SSLv3_server_method failed",0);
+@@ -2161,7 +2167,9 @@ ssl_http_init(hostname) char * hostname;
+ /* This can fail because we do not have RSA available */
+ if ( !tls_http_ctx ) {
+ debug(F110,"ssl_http_init","SSLv23_client_method failed",0);
++#ifndef OPENSSL_NO_SSL3
+ tls_http_ctx=(SSL_CTX *)SSL_CTX_new(SSLv3_client_method());
++#endif
+ }
+ #endif /* COMMENT */
+ if ( !tls_http_ctx ) {
+diff --git a/ckcftp.c b/ckcftp.c
+index 66c7940dedc2..d718323faac4 100644
+--- a/ckcftp.c
++++ b/ckcftp.c
+@@ -10195,6 +10195,7 @@ ssl_auth() {
+ #ifndef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+ #define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0L
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ if (auth_type && !strcmp(auth_type,"TLS")) {
+ ssl_ftp_ctx=SSL_CTX_new(SSLv3_client_method());
+ if (!ssl_ftp_ctx)
+@@ -10205,6 +10206,10 @@ ssl_auth() {
+ } else {
+ ssl_ftp_ctx = SSL_CTX_new(ftp_bug_use_ssl_v2 ? SSLv23_client_method() :
+ SSLv3_client_method());
++#else
++ {
++ ssl_ftp_ctx = SSL_CTX_new(SSLv23_client_method());
++#endif
+ if (!ssl_ftp_ctx)
+ return(0);
+ SSL_CTX_set_options(ssl_ftp_ctx,
+--
+2.8.0.rc3
+
diff --git a/build.patch b/build.patch
new file mode 100644
index 0000000..fa08042
--- /dev/null
+++ b/build.patch
@@ -0,0 +1,18 @@
+--- ckermit-8.0.211/ckucmd.c~ 2004-01-07 19:04:04.000000000 +0100
++++ ckermit-8.0.211/ckucmd.c 2018-09-15 22:40:21.511061428 +0200
+@@ -7115,7 +7115,6 @@ cmdconchk() {
+ #ifdef NOARROWKEYS
+ debug(F101,"cmdconchk NOARROWKEYS x","",0);
+ #else
+- debug(F101,"cmdconchk stdin->_cnt","",stdin->_cnt);
+ x = stdin->_cnt;
+ #endif /* NOARROWKEYS */
+ #endif /* VMS */
+@@ -7123,7 +7122,6 @@ cmdconchk() {
+ if (x < 0) x = 0;
+ #else /* USE_FILE_CNT */
+ #ifdef USE_FILE__CNT /* HP-UX */
+- debug(F101,"cmdconchk stdin->__cnt","",stdin->__cnt);
+ x = stdin->__cnt;
+ if (x == 0) x = conchk();
+ if (x < 0) x = 0;
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/ckermit.git/commitdiff/abd21ebbebdacf608a7fdd1255009b3a506c4734
More information about the pld-cvs-commit
mailing list