Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 546328 - app-crypt/qca[ssl]: Add use flags to disable insecure protocols/ciphers
Summary: app-crypt/qca[ssl]: Add use flags to disable insecure protocols/ciphers
Status: RESOLVED UPSTREAM
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal enhancement (vote)
Assignee: Gentoo KDE team
URL: http://quickgit.kde.org/?p=qca.git&a=...
Whiteboard:
Keywords:
: 546326 (view as bug list)
Depends on:
Blocks: 510798
  Show dependency tree
 
Reported: 2015-04-12 08:40 UTC by Thomas Bettler
Modified: 2016-11-21 20:29 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
patch for ebuild (qca-ossl_2.0.0_beta3-r2.ebuild.patch,1.03 KB, patch)
2015-04-12 08:45 UTC, Thomas Bettler
Details | Diff
qca-ossl-remove-ssl2.patch (qca-ossl-remove-ssl2.patch,2.08 KB, patch)
2015-04-12 08:46 UTC, Thomas Bettler
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Bettler 2015-04-12 08:40:58 UTC
I propose a patch for app-crypt/qca-ossl-2.0.0_beta3 to prepare for openssl phasing out SSL2 support.
Comment 1 Thomas Bettler 2015-04-12 08:45:18 UTC
Created attachment 401070 [details, diff]
patch for ebuild
Comment 2 Thomas Bettler 2015-04-12 08:46:26 UTC
Created attachment 401072 [details, diff]
qca-ossl-remove-ssl2.patch
Comment 3 Thomas Bettler 2015-04-12 08:54:18 UTC
*** Bug 546326 has been marked as a duplicate of this bug. ***
Comment 4 Thomas Bettler 2015-04-20 20:51:37 UTC
When we introduce any USE=ssl2 we may do so concurrently in all the relevant packages, see blocker #510798 therefore.
Comment 5 Michael Palimaka (kensington) gentoo-dev 2015-04-22 16:15:44 UTC
There is a commit upstream that looks like it would let us do openssl[ssl2=] if/when that flag's introduced. It's part of qca[openssl] which replaces qca-ossl.
Comment 6 Johannes Huber gentoo-dev 2016-05-03 07:20:00 UTC
I wonder why this blocks 510798. Imho this should depend on it.
Comment 7 Michael Palimaka (kensington) gentoo-dev 2016-06-15 16:07:34 UTC
plugins/qca-ossl/qca-ossl.cpp now has:

#ifndef OPENSSL_NO_SSL2
                case TLS::SSL_v2:
                        ctx = SSL_CTX_new(SSLv2_client_method());
                        break;
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
                case TLS::SSL_v3:
                        ctx = SSL_CTX_new(SSLv3_client_method());
                        break;
#endif

should we now add sslv2 and sslv3 USE flags to qca with the appropriate USE dep on openssl?
Comment 8 Thomas Bettler 2016-11-21 20:29:58 UTC
@kensington: Thanks for your hint. Use flags are no longer needed.