aboutsummaryrefslogtreecommitdiffstats
path: root/testing/erlang/otp-0009-Patch-removes-support-for-SSLv3-protocol-because-it-.patch
diff options
context:
space:
mode:
authorMarlus Saraiva <marlus.saraiva@gmail.com>2015-07-03 04:20:11 +0000
committerBartłomiej Piotrowski <b@bpiotrowski.pl>2015-07-04 18:39:57 +0200
commitd353b4d850cc0ad9c4a99251e8d9e734080a49b5 (patch)
treeaaebf90acac05a6d275ee3b6dafc3b5691b1debf /testing/erlang/otp-0009-Patch-removes-support-for-SSLv3-protocol-because-it-.patch
parent499f4a72a2030ddd17a7612823c959ad803565c0 (diff)
downloadaports-d353b4d850cc0ad9c4a99251e8d9e734080a49b5.tar.gz
aports-d353b4d850cc0ad9c4a99251e8d9e734080a49b5.tar.bz2
aports-d353b4d850cc0ad9c4a99251e8d9e734080a49b5.tar.xz
testing/erlang: update to 18.0.1
Diffstat (limited to 'testing/erlang/otp-0009-Patch-removes-support-for-SSLv3-protocol-because-it-.patch')
-rw-r--r--testing/erlang/otp-0009-Patch-removes-support-for-SSLv3-protocol-because-it-.patch100
1 files changed, 0 insertions, 100 deletions
diff --git a/testing/erlang/otp-0009-Patch-removes-support-for-SSLv3-protocol-because-it-.patch b/testing/erlang/otp-0009-Patch-removes-support-for-SSLv3-protocol-because-it-.patch
deleted file mode 100644
index fa55663342..0000000000
--- a/testing/erlang/otp-0009-Patch-removes-support-for-SSLv3-protocol-because-it-.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-From: Sergei Golovan <sgolovan@debian.org>
-Date: Sun, 30 Nov 2014 20:20:41 +0300
-Subject: [PATCH] Patch removes support for SSLv3 protocol because it is proved
- to be insecure and nobody should use it anymore.
-
-
-diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
-index b53344e..b245621 100644
---- a/lib/ssl/doc/src/ssl.xml
-+++ b/lib/ssl/doc/src/ssl.xml
-@@ -123,7 +123,7 @@
-
- <p><c>sslsocket() - opaque to the user. </c></p>
-
-- <p><c>protocol() = sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2' </c></p>
-+ <p><c>protocol() = tlsv1 | 'tlsv1.1' | 'tlsv1.2' </c></p>
-
- <p><c>ciphers() = [ciphersuite()] | string() (according to old API)</c></p>
-
-diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml
-index 43cb393..ff12e04 100644
---- a/lib/ssl/doc/src/ssl_app.xml
-+++ b/lib/ssl/doc/src/ssl_app.xml
-@@ -47,10 +47,10 @@
- </p>
- <p>Note that the environment parameters can be set on the command line,
- for instance,</p>
-- <p><c>erl ... -ssl protocol_version '[sslv3, tlsv1]' ...</c>.
-+ <p><c>erl ... -ssl protocol_version '[tlsv1.1, tlsv1]' ...</c>.
- </p>
- <taglist>
-- <tag><c><![CDATA[protocol_version = [sslv3|tlsv1] <optional>]]></c>.</tag>
-+ <tag><c><![CDATA[protocol_version = [tlsv1|tlsv1.1|tlsv1.2] <optional>]]></c>.</tag>
- <item>
- <p>Protocol that will be supported by started clients and
- servers. If this option is not set it will default to all
-@@ -58,6 +58,9 @@
- Note that this option may be overridden by the version option
- to ssl:connect/[2,3] and ssl:listen/2.
- </p>
-+ <p>For Debian GNU/Linux distribution the sslv3 protocol was
-+ disabled due to its security issues.
-+ </p>
- </item>
-
- <tag><c><![CDATA[session_lifetime = integer() <optional>]]></c></tag>
-diff --git a/lib/ssl/src/ssl_internal.hrl b/lib/ssl/src/ssl_internal.hrl
-index 75efb64..155fa81 100644
---- a/lib/ssl/src/ssl_internal.hrl
-+++ b/lib/ssl/src/ssl_internal.hrl
-@@ -67,8 +67,8 @@
- -define(TRUE, 0).
- -define(FALSE, 1).
-
---define(ALL_SUPPORTED_VERSIONS, ['tlsv1.2', 'tlsv1.1', tlsv1, sslv3]).
---define(MIN_SUPPORTED_VERSIONS, ['tlsv1.1', tlsv1, sslv3]).
-+-define(ALL_SUPPORTED_VERSIONS, ['tlsv1.2', 'tlsv1.1', tlsv1]).
-+-define(MIN_SUPPORTED_VERSIONS, ['tlsv1.1', tlsv1]).
- -define(ALL_DATAGRAM_SUPPORTED_VERSIONS, ['dtlsv1.2', dtlsv1]).
- -define(MIN_DATAGRAM_SUPPORTED_VERSIONS, ['dtlsv1.2', dtlsv1]).
-
-diff --git a/lib/ssl/src/ssl_record.hrl b/lib/ssl/src/ssl_record.hrl
-index 6aab35d..1511abd 100644
---- a/lib/ssl/src/ssl_record.hrl
-+++ b/lib/ssl/src/ssl_record.hrl
-@@ -144,6 +144,7 @@
- %% }).
-
- -define(LOWEST_MAJOR_SUPPORTED_VERSION, 3).
-+-define(LOWEST_MINOR_SUPPORTED_VERSION, 1).
-
-
- -record(generic_stream_cipher, {
-diff --git a/lib/ssl/src/tls_record.erl b/lib/ssl/src/tls_record.erl
-index f50ea22..aa4fc8d 100644
---- a/lib/ssl/src/tls_record.erl
-+++ b/lib/ssl/src/tls_record.erl
-@@ -276,14 +276,20 @@ supported_protocol_versions([_|_] = Vsns) ->
- %%--------------------------------------------------------------------
- -spec is_acceptable_version(tls_version()) -> boolean().
- is_acceptable_version({N,_})
-- when N >= ?LOWEST_MAJOR_SUPPORTED_VERSION ->
-+ when N > ?LOWEST_MAJOR_SUPPORTED_VERSION ->
-+ true;
-+is_acceptable_version({N,M})
-+ when N == ?LOWEST_MAJOR_SUPPORTED_VERSION andalso M >= ?LOWEST_MINOR_SUPPORTED_VERSION ->
- true;
- is_acceptable_version(_) ->
- false.
-
- -spec is_acceptable_version(tls_version(), Supported :: [tls_version()]) -> boolean().
- is_acceptable_version({N,_} = Version, Versions)
-- when N >= ?LOWEST_MAJOR_SUPPORTED_VERSION ->
-+ when N > ?LOWEST_MAJOR_SUPPORTED_VERSION ->
-+ lists:member(Version, Versions);
-+is_acceptable_version({N,M} = Version, Versions)
-+ when N == ?LOWEST_MAJOR_SUPPORTED_VERSION andalso M >= ?LOWEST_MINOR_SUPPORTED_VERSION ->
- lists:member(Version, Versions);
- is_acceptable_version(_,_) ->
- false.