diff options
| author | shannonjr <shannonjr> | 2008-07-21 12:10:48 +0000 |
|---|---|---|
| committer | shannonjr <shannonjr> | 2008-07-21 12:10:48 +0000 |
| commit | cfe9e8ff3d737e1af835436b66c024928d7f5f20 (patch) | |
| tree | bed1f2f56559d057a62ed57bbd27a9f919570af3 /security/libprelude/patches | |
| parent | 31a1b5a920f8c4258e74339146044aada92aa1f8 (diff) | |
| download | pkgsrc-cfe9e8ff3d737e1af835436b66c024928d7f5f20.tar.gz | |
Update to 0.9.18. Changes:
- Add support for newer GnuTLS 2.2.0 session priority functions. When
the option is available, the user might specify TLS settings through
the "tls-options" configuration entry.
- Workaround a GnuTLS issue where the client wouldn't be able
to negotiate a supported compression protocol with the server (#299).
- Implement variable substitution in Prelude configuration files.
- Allow IDMEF criteria with multiples values for a single path,
as can be seen in the following example:
alert.classification.text = (A || B || C || D)
- Implement negation of idmef-criteria, allowing to write criteria like:
! (alert.classification.text = A || alert.classification.text = B)
- Fix an IDMEF-Criteria matching problem, where the match function would
not attempt to match a OR after multiple consecutive AND that failed.
Thanks Alexander Afonyashin <firm(at)iname.com> for pointing out the
problem.
- Never use non-pointer field, always use the "required" keyword. Fix
API consistency issue, that could lead to unexpected behavior.
- Fix multiples problem with prelude_read_multiline /
prelude_read_multiline2,
(fix a problem with prelude-manager idmef-criteria that wouldn't read
external ruleset).
- Error out if GnuTLS initialization fail.
Diffstat (limited to 'security/libprelude/patches')
| -rw-r--r-- | security/libprelude/patches/patch-ab | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/security/libprelude/patches/patch-ab b/security/libprelude/patches/patch-ab index 36b480c5202..f5e1cf21848 100644 --- a/security/libprelude/patches/patch-ab +++ b/security/libprelude/patches/patch-ab @@ -1,19 +1,19 @@ -$NetBSD: patch-ab,v 1.2 2007/09/03 13:43:40 shannonjr Exp $ +$NetBSD: patch-ab,v 1.3 2008/07/21 12:10:49 shannonjr Exp $ ---- src/tls-auth.c.orig 2007-08-23 10:25:39.000000000 -0600 +--- src/tls-auth.c.orig 2008-07-18 08:32:52.000000000 -0600 +++ src/tls-auth.c -@@ -189,6 +189,7 @@ int tls_auth_connection(prelude_client_p - int ret, fd; +@@ -269,6 +269,7 @@ int tls_auth_connection(prelude_client_p void *cred; + int ret, fd; gnutls_session session; + int cipher_list[2]; - ret = prelude_client_profile_get_credentials(cp, &cred); - if ( ret < 0 ) -@@ -196,6 +197,9 @@ int tls_auth_connection(prelude_client_p + if ( ! priority_set ) { + ret = tls_auth_init_priority(NULL); +@@ -285,6 +286,9 @@ int tls_auth_connection(prelude_client_p + return prelude_error_verbose(PRELUDE_ERROR_PROFILE, "TLS initialization error: %s", gnutls_strerror(ret)); - gnutls_init(&session, GNUTLS_CLIENT); - gnutls_set_default_priority(session); + set_default_priority(session); + cipher_list[0] = GNUTLS_CIPHER_AES_128_CBC; + cipher_list[1] = 0; + gnutls_cipher_set_priority (session, cipher_list); |