mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2024-11-08 22:45:43 +00:00
core/openssl to 1.0.1-2
This commit is contained in:
Kevin Mihelich
parent
1ededdfc0f
commit
21e08e2c36
2 changed files with 45 additions and 4 deletions
|
|
@ -11,7 +11,7 @@ _ver=1.0.1
|
|||
# use a pacman compatible version scheme
|
||||
#pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
|
||||
pkgver=$_ver
|
||||
pkgrel=1
|
||||
pkgrel=2
|
||||
pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
|
||||
arch=('i686' 'x86_64')
|
||||
url='https://www.openssl.org'
|
||||
|
|
@ -24,12 +24,14 @@ source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz"
|
|||
"https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc"
|
||||
'fix-manpages.patch'
|
||||
'no-rpath.patch'
|
||||
'ca-dir.patch')
|
||||
'ca-dir.patch'
|
||||
'disable-tls12-client.patch')
|
||||
md5sums=('134f168bc2a8333f19f81d684841710b'
|
||||
'efbe93c11747fed52e60567819409d8a'
|
||||
'5bbc0655bda2af95bc8eb568963ce8ba'
|
||||
'dc78d3d06baffc16217519242ce92478'
|
||||
'3bf51be3a1bbd262be46dc619f92aa90')
|
||||
'3bf51be3a1bbd262be46dc619f92aa90'
|
||||
'26432b9d7af63c63828b6405c9185400')
|
||||
|
||||
build() {
|
||||
cd $srcdir/$pkgname-$_ver
|
||||
|
|
@ -49,11 +51,14 @@ build() {
|
|||
patch -p0 -i $srcdir/no-rpath.patch
|
||||
# set ca dir to /etc/ssl by default
|
||||
patch -p0 -i $srcdir/ca-dir.patch
|
||||
# workaround for PR#2771
|
||||
patch -p1 -i $srcdir/disable-tls12-client.patch
|
||||
# mark stack as non-executable: http://bugs.archlinux.org/task/12434
|
||||
./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
|
||||
shared zlib enable-md2 \
|
||||
"${openssltarget}" \
|
||||
-Wa,--noexecstack "${CFLAGS}"
|
||||
-Wa,--noexecstack "${CFLAGS}" \
|
||||
-DOPENSSL_NO_TLS1_2_CLIENT
|
||||
|
||||
make depend
|
||||
make
|
||||
|
|
|
|||
36
core/openssl/disable-tls12-client.patch
Normal file
36
core/openssl/disable-tls12-client.patch
Normal file
|
|
@ -0,0 +1,36 @@
|
|||
Index: openssl/ssl/t1_lib.c
|
||||
RCS File: /v/openssl/cvs/openssl/ssl/t1_lib.c,v
|
||||
rcsdiff -q -kk '-r1.64.2.14.2.31' '-r1.64.2.14.2.32' -u '/v/openssl/cvs/openssl/ssl/t1_lib.c,v' 2>/dev/null
|
||||
--- t1_lib.c 2012/02/27 16:38:10 1.64.2.14.2.31
|
||||
+++ t1_lib.c 2012/03/21 21:32:57 1.64.2.14.2.32
|
||||
@@ -544,7 +544,7 @@
|
||||
}
|
||||
skip_ext:
|
||||
|
||||
- if (TLS1_get_version(s) >= TLS1_2_VERSION)
|
||||
+ if (TLS1_get_client_version(s) >= TLS1_2_VERSION)
|
||||
{
|
||||
if ((size_t)(limit - ret) < sizeof(tls12_sigalgs) + 6)
|
||||
return NULL;
|
||||
Index: openssl/ssl/s23_clnt.c
|
||||
RCS File: /v/openssl/cvs/openssl/ssl/s23_clnt.c,v
|
||||
rcsdiff -q -kk '-r1.43.2.4.2.5' '-r1.43.2.4.2.6' -u '/v/openssl/cvs/openssl/ssl/s23_clnt.c,v' 2>/dev/null
|
||||
--- s23_clnt.c 2011/05/19 18:22:15 1.43.2.4.2.5
|
||||
+++ s23_clnt.c 2012/03/29 19:08:54 1.43.2.4.2.6
|
||||
@@ -287,12 +287,14 @@
|
||||
|
||||
if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
|
||||
ssl2_compat = 0;
|
||||
-
|
||||
+#ifndef OPENSSL_NO_TLS1_2_CLIENT
|
||||
if (!(s->options & SSL_OP_NO_TLSv1_2))
|
||||
{
|
||||
version = TLS1_2_VERSION;
|
||||
}
|
||||
- else if (!(s->options & SSL_OP_NO_TLSv1_1))
|
||||
+ else
|
||||
+#endif
|
||||
+ if (!(s->options & SSL_OP_NO_TLSv1_1))
|
||||
{
|
||||
version = TLS1_1_VERSION;
|
||||
}
|
||||
Loading…
Reference in a new issue