Revert "pound: Allow to use legacy renegotiation."
authorMichael Tremer <michael.tremer@ipfire.org>
Tue, 3 Mar 2015 11:44:00 +0000 (12:44 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Tue, 3 Mar 2015 11:44:00 +0000 (12:44 +0100)
This reverts commit 09e3b0fa356c087b27ca7197024bf0210455a73c.

lfs/pound
src/patches/pound-2.7-legacy-regnegotiation.patch [deleted file]

index 52fb293..a0f6f29 100644 (file)
--- a/lfs/pound
+++ b/lfs/pound
@@ -32,7 +32,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = pound
-PAK_VER    = 8
+PAK_VER    = 7
 
 DEPS       = ""
 
@@ -77,7 +77,6 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
-       cd $(DIR_APP) && patch -p1 -i $(DIR_SRC)/src/patches/pound-2.7-legacy-regnegotiation.patch
        cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc
        cd $(DIR_APP) && make $(MAKETUNING)
        cd $(DIR_APP) && make install
diff --git a/src/patches/pound-2.7-legacy-regnegotiation.patch b/src/patches/pound-2.7-legacy-regnegotiation.patch
deleted file mode 100644 (file)
index eb1d772..0000000
+++ /dev/null
@@ -1,25 +0,0 @@
-diff -Nur Pound-2.7c-vanilla/config.c Pound-2.7c/config.c
---- Pound-2.7c-vanilla/config.c        2014-04-21 13:16:08.000000000 +0200
-+++ Pound-2.7c/config.c        2014-05-16 12:57:33.273583192 +0200
-@@ -345,8 +345,10 @@
- #ifdef  SSL_OP_NO_COMPRESSION
-             SSL_CTX_set_options(res->ctx, SSL_OP_NO_COMPRESSION);
- #endif
-+#if 0
-             SSL_CTX_clear_options(res->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
-             SSL_CTX_clear_options(res->ctx, SSL_OP_LEGACY_SERVER_CONNECT);
-+#endif
-             sprintf(lin, "%d-Pound-%ld", getpid(), random());
-             SSL_CTX_set_session_id_context(res->ctx, (unsigned char *)lin, strlen(lin));
-             SSL_CTX_set_tmp_rsa_callback(res->ctx, RSA_tmp_callback);
-@@ -368,8 +370,10 @@
- #ifdef  SSL_OP_NO_COMPRESSION
-             SSL_CTX_set_options(res->ctx, SSL_OP_NO_COMPRESSION);
- #endif
-+#if 0
-             SSL_CTX_clear_options(res->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
-             SSL_CTX_clear_options(res->ctx, SSL_OP_LEGACY_SERVER_CONNECT);
-+#endif
-             sprintf(lin, "%d-Pound-%ld", getpid(), random());
-             SSL_CTX_set_session_id_context(res->ctx, (unsigned char *)lin, strlen(lin));
-             SSL_CTX_set_tmp_rsa_callback(res->ctx, RSA_tmp_callback);