Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 439716 Details for
Bug 510798
dev-libs/openssl: Add use flags to disable insecure protocols/ciphers
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Allow user to configure ciphers used
openssl_ciphers.patch (text/plain), 2.77 KB, created by
Andrew John Hughes
on 2016-07-04 18:49:29 UTC
(
hide
)
Description:
Allow user to configure ciphers used
Filename:
MIME Type:
Creator:
Andrew John Hughes
Created:
2016-07-04 18:49:29 UTC
Size:
2.77 KB
patch
obsolete
>--- /mnt/builder/portage/dev-libs/openssl/openssl-1.0.2h-r2.ebuild 2016-07-02 12:08:27.000000000 +0100 >+++ openssl-1.0.2h-r2.ebuild 2016-07-04 19:15:07.019490789 +0100 >@@ -13,8 +13,8 @@ > > LICENSE="openssl" > SLOT="0" >-KEYWORDS="alpha amd64 ~arm ~arm64 hppa ~ia64 ~m68k ~mips ~ppc ppc64 ~s390 ~sh ~sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" >-IUSE="+asm bindist gmp kerberos rfc3779 sctp cpu_flags_x86_sse2 sslv2 +sslv3 static-libs test +tls-heartbeat vanilla zlib" >+KEYWORDS="~amd64" >+IUSE="+asm bindist +camellia +des gmp idea kerberos mdc2 rc2 +rc4 rc5 rfc3779 sctp cpu_flags_x86_sse2 sslv2 +sslv3 static-libs test +tls-heartbeat vanilla zlib" > RESTRICT="!bindist? ( bindist )" > > RDEPEND=">=app-misc/c_rehash-1.7-r1 >@@ -58,6 +58,7 @@ > epatch "${FILESDIR}"/${PN}-1.0.2-ipv6.patch > epatch "${FILESDIR}"/${PN}-1.0.2a-x32-asm.patch #542618 > epatch "${FILESDIR}"/${PN}-1.0.1p-default-source.patch #554338 >+ epatch "${FILESDIR}"/${PN}-1.0.2-no_des.patch > > epatch_user #332661 > fi >@@ -142,16 +142,19 @@ > ./${config} \ > ${sslout} \ > $(use cpu_flags_x86_sse2 || echo "no-sse2") \ >- enable-camellia \ > $(use_ssl !bindist ec) \ > ${ec_nistp_64_gcc_128} \ >- enable-idea \ >- enable-mdc2 \ >- enable-rc5 \ > enable-tlsext \ > $(use_ssl asm) \ >+ $(use_ssl camellia) \ >+ $(use_ssl des) \ > $(use_ssl gmp gmp -lgmp) \ >+ $(use_ssl idea) \ > $(use_ssl kerberos krb5 --with-krb5-flavor=${krb5}) \ >+ $(use_ssl mdc2) \ >+ $(use_ssl rc2) \ >+ $(use_ssl rc4) \ >+ $(use_ssl rc5) \ > $(use_ssl rfc3779) \ > $(use_ssl sctp) \ > $(use_ssl sslv2 ssl2) \ >--- /mnt/builder/portage/dev-libs/openssl/metadata.xml 2016-06-30 21:07:12.000000000 +0100 >+++ metadata.xml 2016-07-04 19:12:32.066113322 +0100 >@@ -8,6 +8,13 @@ > <use> > <flag name="asm">Support assembly hand optimized crypto functions (i.e. faster run time)</flag> > <flag name="bindist">Disable EC algorithms (as they seem to be patented) -- note: changes the ABI</flag> >+ <flag name="camellia">Support for the symmetric key block cipher Camellia (same class as AES)</flag> >+ <flag name="des">Support for the old/insecure DES cipher -- many apps still depend on this for 3DES</flag> >+ <flag name="idea">Support for the old/insecure IDEA cipher</flag> >+ <flag name="mdc2">Support for the MDC2 cipher -- not widely used</flag> >+ <flag name="rc2">Support for the old/insecure RC2 cipher</flag> >+ <flag name="rc4">Support for the old/insecure RC2 cipher -- some apps still depend on this</flag> >+ <flag name="rc5">Support for the old/insecure RC2 cipher</flag> > <flag name="rfc3779">Enable support for RFC 3779 (X.509 Extensions for IP Addresses and AS Identifiers)</flag> > <flag name="sctp">Support for Stream Control Transmission Protocol</flag> > <flag name="sslv2">Support for the old/insecure SSLv2 protocol -- note: not required for TLS/https</flag>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=439716">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 510798
:
401082
| 439716 |
439718
