Summary: | app-crypt/qca[ssl]: Add use flags to disable insecure protocols/ciphers | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Thomas Bettler <thomas.bettler> |
Component: | Current packages | Assignee: | Gentoo KDE team <kde> |
Status: | RESOLVED UPSTREAM | ||
Severity: | enhancement | CC: | crypto+disabled, qt |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://quickgit.kde.org/?p=qca.git&a=commitdiff&h=748af8203e439fdfba90cc37f9cb2cf114c8994d | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 510798 | ||
Attachments: |
patch for ebuild
qca-ossl-remove-ssl2.patch |
Description
Thomas Bettler
2015-04-12 08:40:58 UTC
Created attachment 401070 [details, diff]
patch for ebuild
Created attachment 401072 [details, diff]
qca-ossl-remove-ssl2.patch
*** Bug 546326 has been marked as a duplicate of this bug. *** When we introduce any USE=ssl2 we may do so concurrently in all the relevant packages, see blocker #510798 therefore. There is a commit upstream that looks like it would let us do openssl[ssl2=] if/when that flag's introduced. It's part of qca[openssl] which replaces qca-ossl. I wonder why this blocks 510798. Imho this should depend on it. plugins/qca-ossl/qca-ossl.cpp now has: #ifndef OPENSSL_NO_SSL2 case TLS::SSL_v2: ctx = SSL_CTX_new(SSLv2_client_method()); break; #endif #ifndef OPENSSL_NO_SSL3_METHOD case TLS::SSL_v3: ctx = SSL_CTX_new(SSLv3_client_method()); break; #endif should we now add sslv2 and sslv3 USE flags to qca with the appropriate USE dep on openssl? @kensington: Thanks for your hint. Use flags are no longer needed. |