View | Details | Raw Unified | Return to bug 198980 | Differences between
and this patch

Collapse All | Expand All

(-)comms/kermit/files/patch-ck__ssl.c (+80 lines)
Line 0 Link Here
1
--- ck_ssl.c.orig	2011-07-06 15:03:32.000000000 +0200
2
+++ ck_ssl.c	2015-10-03 14:42:36.360598285 +0200
3
@@ -1054,11 +1054,15 @@ ssl_display_comp(SSL * ssl)
4
     if (ssl == NULL)
5
         return;
6
 
7
+#ifndef OPENSSL_NO_COMP
8
     if (ssl->expand == NULL || ssl->expand->meth == NULL)
9
+#endif
10
         printf("Compression: None\r\n");
11
+#ifndef OPENSSL_NO_COMP
12
     else {
13
         printf("Compression: %s\r\n",ssl->expand->meth->name);
14
     }
15
+#endif
16
 }
17
 
18
 int
19
@@ -1483,9 +1487,13 @@ the build.\r\n\r\n");
20
         }
21
         debug(F110,"ssl_rnd_file",ssl_rnd_file,0);
22
 
23
+#ifndef OPENSSL_NO_EGD
24
         rc1 = RAND_egd(ssl_rnd_file);
25
         debug(F111,"ssl_once_init","RAND_egd()",rc1);
26
-        if ( rc1 <= 0 ) {
27
+        if ( rc1 <= 0 ) 
28
+#endif
29
+	{
30
+
31
             rc2 = RAND_load_file(ssl_rnd_file, -1);
32
             debug(F111,"ssl_once_init","RAND_load_file()",rc1);
33
         }
34
@@ -1579,10 +1587,12 @@ ssl_tn_init(mode) int mode;
35
             /* This can fail because we do not have RSA available */
36
             if ( !ssl_ctx ) {
37
                 debug(F110,"ssl_tn_init","SSLv23_client_method failed",0);
38
+#ifndef OPENSSL_NO_SSL3
39
                 ssl_ctx=(SSL_CTX *)SSL_CTX_new(SSLv3_client_method());
40
             }
41
             if ( !ssl_ctx ) {
42
                 debug(F110,"ssl_tn_init","SSLv3_client_method failed",0);
43
+#endif
44
                 last_ssl_mode = -1;
45
                 return(0);
46
             }
47
@@ -1593,8 +1603,10 @@ ssl_tn_init(mode) int mode;
48
             /* This can fail because we do not have RSA available */
49
             if ( !tls_ctx ) {
50
                 debug(F110,"ssl_tn_init","SSLv23_client_method failed",0);
51
+#ifndef OPENSSL_NO_SSL3
52
                 tls_ctx=(SSL_CTX *)SSL_CTX_new(SSLv3_client_method());
53
             }
54
+#endif /* OPENSSL_NO_SSL3 */
55
 #endif /* COMMENT */
56
             if ( !tls_ctx ) {
57
                 debug(F110,"ssl_tn_init","TLSv1_client_method failed",0);
58
@@ -1611,10 +1623,12 @@ ssl_tn_init(mode) int mode;
59
             /* This can fail because we do not have RSA available */
60
             if ( !ssl_ctx ) {
61
                 debug(F110,"ssl_tn_init","SSLv23_server_method failed",0);
62
+#ifndef OPENSSL_NO_SSL3
63
                 ssl_ctx=(SSL_CTX *)SSL_CTX_new(SSLv3_server_method());
64
             }
65
             if ( !ssl_ctx ) {
66
                 debug(F110,"ssl_tn_init","SSLv3_server_method failed",0);
67
+#endif
68
                 last_ssl_mode = -1;
69
                 return(0);
70
             }
71
@@ -2161,7 +2175,9 @@ ssl_http_init(hostname) char * hostname;
72
         /* This can fail because we do not have RSA available */
73
         if ( !tls_http_ctx ) {
74
             debug(F110,"ssl_http_init","SSLv23_client_method failed",0);
75
+#ifndef OPENSSL_NO_SSL3
76
             tls_http_ctx=(SSL_CTX *)SSL_CTX_new(SSLv3_client_method());
77
+#endif
78
         }
79
 #endif /* COMMENT */
80
         if ( !tls_http_ctx ) {
(-)comms/kermit/files/patch-ckcftp.c (+24 lines)
Line 0 Link Here
1
--- ckcftp.c.orig	2011-07-14 18:17:30.000000000 +0200
2
+++ ckcftp.c	2015-10-03 14:48:01.112575165 +0200
3
@@ -10196,15 +10196,21 @@ ssl_auth() {
4
 #define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0L
5
 #endif
6
     if (auth_type && !strcmp(auth_type,"TLS")) {
7
+#ifndef OPENSSL_NO_SSL3
8
         ssl_ftp_ctx=SSL_CTX_new(SSLv3_client_method());
9
+#endif
10
         if (!ssl_ftp_ctx)
11
           return(0);
12
         SSL_CTX_set_options(ssl_ftp_ctx,
13
                             SSL_OP_SINGLE_DH_USE|SSL_OP_EPHEMERAL_RSA
14
                             );
15
     } else {
16
+#ifndef OPENSSL_NO_SSL3
17
         ssl_ftp_ctx = SSL_CTX_new(ftp_bug_use_ssl_v2 ? SSLv23_client_method() : 
18
                                   SSLv3_client_method());
19
+#else
20
+        ssl_ftp_ctx = SSL_CTX_new(SSLv23_client_method());
21
+#endif
22
         if (!ssl_ftp_ctx)
23
           return(0);
24
         SSL_CTX_set_options(ssl_ftp_ctx,
(-)comms/kermit/files/patch-ckcssl.h (+20 lines)
Line 0 Link Here
1
--- ckcssl.h.orig	1999-09-21 04:08:20.000000000 +0200
2
+++ ckcssl.h	2015-10-03 14:35:05.123628000 +0200
3
@@ -71,13 +71,15 @@ _PROTOTYP(int ssl_client_verify_callback
4
 #define SSL_CTX_free                     ck_SSL_CTX_free
5
 #define SSL_CTX_set_default_passwd_cb    ck_SSL_CTX_set_default_passwd_cb
6
 #define SSLv23_method                    ck_SSLv23_method
7
+#ifndef OPENSSL_NO_SSL3
8
 #define SSLv3_method                     ck_SSLv3_method
9
+#define SSLv3_client_method              ck_SSLv3_client_method
10
+#define SSLv3_server_method              ck_SSLv3_server_method
11
+#endif
12
 #define TLSv1_method                     ck_TLSv1_method
13
 #define SSLv23_client_method             ck_SSLv23_client_method
14
-#define SSLv3_client_method              ck_SSLv3_client_method
15
 #define TLSv1_client_method              ck_TLSv1_client_method
16
 #define SSLv23_server_method             ck_SSLv23_server_method
17
-#define SSLv3_server_method              ck_SSLv3_server_method
18
 #define TLSv1_server_method              ck_TLSv1_server_method
19
 #define SSL_library_init                 ck_SSL_library_init
20
 #define SSL_state_string                 ck_SSL_state_string

Return to bug 198980