Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 342678 Details for
Bug 462380
www-servers/pound-2.7c version bump
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Disable SSL compression
pound-2.7a-no-ssl-compression.patch (text/plain), 2.54 KB, created by
Markus Ullmann
on 2013-03-19 21:49:03 UTC
(
hide
)
Description:
Disable SSL compression
Filename:
MIME Type:
Creator:
Markus Ullmann
Created:
2013-03-19 21:49:03 UTC
Size:
2.54 KB
patch
obsolete
>diff -urN ./Pound-2.7a/config.c ./Pound-2.7a-no-compression/config.c >--- ./Pound-2.7a/config.c 2012-04-09 15:37:26.000000000 +0200 >+++ ./Pound-2.7a-no-compression/config.c 2013-03-19 22:30:51.000000000 +0100 >@@ -342,6 +342,9 @@ > SSL_CTX_set_verify(res->ctx, SSL_VERIFY_NONE, NULL); > SSL_CTX_set_mode(res->ctx, SSL_MODE_AUTO_RETRY); > SSL_CTX_set_options(res->ctx, SSL_OP_ALL); >+#ifdef SSL_OP_NO_COMPRESSION >+ SSL_CTX_set_options(res->ctx, SSL_OP_NO_COMPRESSION); >+#endif > SSL_CTX_clear_options(res->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION); > SSL_CTX_clear_options(res->ctx, SSL_OP_LEGACY_SERVER_CONNECT); > sprintf(lin, "%d-Pound-%ld", getpid(), random()); >@@ -362,6 +365,9 @@ > SSL_CTX_set_verify(res->ctx, SSL_VERIFY_NONE, NULL); > SSL_CTX_set_mode(res->ctx, SSL_MODE_AUTO_RETRY); > SSL_CTX_set_options(res->ctx, SSL_OP_ALL); >+#ifdef SSL_OP_NO_COMPRESSION >+ SSL_CTX_set_options(res->ctx, SSL_OP_NO_COMPRESSION); >+#endif > SSL_CTX_clear_options(res->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION); > SSL_CTX_clear_options(res->ctx, SSL_OP_LEGACY_SERVER_CONNECT); > sprintf(lin, "%d-Pound-%ld", getpid(), random()); >@@ -902,6 +908,9 @@ > POUND_CTX *pc; > > ssl_op_enable = SSL_OP_ALL; >+#ifdef SSL_OP_NO_COMPRESSION >+ ssl_op_enable |= SSL_OP_NO_COMPRESSION; >+#endif > ssl_op_disable = SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION | SSL_OP_LEGACY_SERVER_CONNECT; > > if((res = (LISTENER *)malloc(sizeof(LISTENER))) == NULL) >diff -urN ./Pound-2.7a/pound.c ./Pound-2.7a-no-compression/pound.c >--- ./Pound-2.7a/pound.c 2012-04-09 15:37:26.000000000 +0200 >+++ ./Pound-2.7a-no-compression/pound.c 2013-03-19 22:31:40.000000000 +0100 >@@ -267,6 +267,23 @@ > CRYPTO_set_locking_callback(l_lock); > init_timer(); > >+ /* Disable SSL Compression for OpenSSL pre-1.0. 1.0 is handled with an option in config.c */ >+#if OPENSSL_VERSION_NUMBER >= 0x00907000L >+#ifndef SSL_OP_NO_COMPRESSION >+ { >+ int i,n; >+ STACK_OF(SSL_COMP) *ssl_comp_methods; >+ >+ ssl_comp_methods = SSL_COMP_get_compression_methods(); >+ n = sk_SSL_COMP_num(ssl_comp_methods); >+ >+ for(i=n-1; i>=0; i--) { >+ sk_SSL_COMP_delete(ssl_comp_methods, i); >+ } >+ } >+#endif >+#endif >+ > /* prepare regular expressions */ > if(regcomp(&HEADER, "^([a-z0-9!#$%&'*+.^_`|~-]+):[ \t]*(.*)[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED) > || regcomp(&CHUNK_HEAD, "^([0-9a-f]+).*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 462380
:
342674
|
342678
|
386752
|
386754