Re: CVS commit: src/crypto/dist/openssl/ssl

To: gendalia%netbsd.org@localhost
Subject: Re: CVS commit: src/crypto/dist/openssl/ssl
From: "Johnny C. Lam" <jlam%pkgsrc.org@localhost>
Date: Tue, 11 Oct 2005 14:27:46 -0400

Tracy Di Marco White wrote:

Module Name:    src
Committed By:   gendalia
Date:           Tue Oct 11 18:07:40 UTC 2005

Modified Files:
        src/crypto/dist/openssl/ssl: s23_srvr.c

Log Message:
fix openssl 2.0 rollback, CAN-2005-2969
approved by: agc

If we're not going to import OpenSSL 0.9.7h into src, I think we'regoing to need add a preprocessor symbol to <openssl/opensslv.h> so thatwe can distinguish NetBSD's "fixed" openssl-0.9.7g from vanillaopenssl-0.9.7g. In the past, we've used the following (see revision1.1.1.4.2.4 of src/crypto/dist/openssl/crypto/opensslv.h):


/* The following macro indicates that this version of OpenSSL
 * contains the security-related diffs between 0.9.6l and 0.9.6m
 * that were pulled up to the netbsd-1-6 branch on 2004-04-01.
 */
#define OPENSSL_HAS_20040401_FIX

So I would imagine we need something similar, e.g. OPENSSL_HAS_20051011_FIX.

        Cheers,

        -- Johnny Lam <jlam%pkgsrc.org@localhost>

References:
- CVS commit: src/crypto/dist/openssl/ssl
  - From: Tracy Di Marco White

Prev by Date: CVS commit: src/crypto/dist/openssl/ssl
Next by Date: CVS commit: src/sys/dev/pci
Previous by Thread: CVS commit: src/crypto/dist/openssl/ssl
Next by Thread: CVS commit: src/sys/dev/pci
Indexes:

Home | Main Index | Thread Index | Old Index