| Summary: | app-crypt/qca[ssl]: Add use flags to disable insecure protocols/ciphers | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Thomas Bettler <thomas.bettler> |
| Component: | Current packages | Assignee: | Gentoo KDE team <kde> |
| Status: | RESOLVED UPSTREAM | ||
| Severity: | enhancement | CC: | crypto+disabled, qt |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://quickgit.kde.org/?p=qca.git&a=commitdiff&h=748af8203e439fdfba90cc37f9cb2cf114c8994d | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 510798 | ||
| Attachments: |
patch for ebuild
qca-ossl-remove-ssl2.patch |
||
|
Description
Thomas Bettler
2015-04-12 08:40:58 UTC
Created attachment 401070 [details, diff]
patch for ebuild
Created attachment 401072 [details, diff]
qca-ossl-remove-ssl2.patch
*** Bug 546326 has been marked as a duplicate of this bug. *** When we introduce any USE=ssl2 we may do so concurrently in all the relevant packages, see blocker #510798 therefore. There is a commit upstream that looks like it would let us do openssl[ssl2=] if/when that flag's introduced. It's part of qca[openssl] which replaces qca-ossl. I wonder why this blocks 510798. Imho this should depend on it. plugins/qca-ossl/qca-ossl.cpp now has:
#ifndef OPENSSL_NO_SSL2
case TLS::SSL_v2:
ctx = SSL_CTX_new(SSLv2_client_method());
break;
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
case TLS::SSL_v3:
ctx = SSL_CTX_new(SSLv3_client_method());
break;
#endif
should we now add sslv2 and sslv3 USE flags to qca with the appropriate USE dep on openssl?
@kensington: Thanks for your hint. Use flags are no longer needed. |
