[ipfire-2.x.git] / src / patches / pound-2.7-legacy-regnegotiation.patch

diff -Nur Pound-2.7c-vanilla/config.c Pound-2.7c/config.c
--- Pound-2.7c-vanilla/config.c	2014-04-21 13:16:08.000000000 +0200
+++ Pound-2.7c/config.c	2014-05-16 12:57:33.273583192 +0200
@@ -345,8 +345,10 @@
 #ifdef  SSL_OP_NO_COMPRESSION
             SSL_CTX_set_options(res->ctx, SSL_OP_NO_COMPRESSION);
 #endif
+#if 0
             SSL_CTX_clear_options(res->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
             SSL_CTX_clear_options(res->ctx, SSL_OP_LEGACY_SERVER_CONNECT);
+#endif
             sprintf(lin, "%d-Pound-%ld", getpid(), random());
             SSL_CTX_set_session_id_context(res->ctx, (unsigned char *)lin, strlen(lin));
             SSL_CTX_set_tmp_rsa_callback(res->ctx, RSA_tmp_callback);
@@ -368,8 +370,10 @@
 #ifdef  SSL_OP_NO_COMPRESSION
             SSL_CTX_set_options(res->ctx, SSL_OP_NO_COMPRESSION);
 #endif
+#if 0
             SSL_CTX_clear_options(res->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
             SSL_CTX_clear_options(res->ctx, SSL_OP_LEGACY_SERVER_CONNECT);
+#endif
             sprintf(lin, "%d-Pound-%ld", getpid(), random());
             SSL_CTX_set_session_id_context(res->ctx, (unsigned char *)lin, strlen(lin));
             SSL_CTX_set_tmp_rsa_callback(res->ctx, RSA_tmp_callback);
Commit	Line	Data
09e3b0fa MT	1	diff -Nur Pound-2.7c-vanilla/config.c Pound-2.7c/config.c
	2	--- Pound-2.7c-vanilla/config.c 2014-04-21 13:16:08.000000000 +0200
	3	+++ Pound-2.7c/config.c 2014-05-16 12:57:33.273583192 +0200
	4	@@ -345,8 +345,10 @@
	5	#ifdef SSL_OP_NO_COMPRESSION
	6	SSL_CTX_set_options(res->ctx, SSL_OP_NO_COMPRESSION);
	7	#endif
	8	+#if 0
	9	SSL_CTX_clear_options(res->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
	10	SSL_CTX_clear_options(res->ctx, SSL_OP_LEGACY_SERVER_CONNECT);
	11	+#endif
	12	sprintf(lin, "%d-Pound-%ld", getpid(), random());
	13	SSL_CTX_set_session_id_context(res->ctx, (unsigned char *)lin, strlen(lin));
	14	SSL_CTX_set_tmp_rsa_callback(res->ctx, RSA_tmp_callback);
	15	@@ -368,8 +370,10 @@
	16	#ifdef SSL_OP_NO_COMPRESSION
	17	SSL_CTX_set_options(res->ctx, SSL_OP_NO_COMPRESSION);
	18	#endif
	19	+#if 0
	20	SSL_CTX_clear_options(res->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
	21	SSL_CTX_clear_options(res->ctx, SSL_OP_LEGACY_SERVER_CONNECT);
	22	+#endif
	23	sprintf(lin, "%d-Pound-%ld", getpid(), random());
	24	SSL_CTX_set_session_id_context(res->ctx, (unsigned char *)lin, strlen(lin));
	25	SSL_CTX_set_tmp_rsa_callback(res->ctx, RSA_tmp_callback);