diff options
author | joerg <joerg@pkgsrc.org> | 2016-03-26 23:05:10 +0000 |
---|---|---|
committer | joerg <joerg@pkgsrc.org> | 2016-03-26 23:05:10 +0000 |
commit | 3e33a04e29c4122cd2ca542775fdf5e700e1d105 (patch) | |
tree | 33b1fcfeccca4caa18ceba0e65319acb02c5923a /www/lhs | |
parent | 3c3b5a40be39df178cc79092c3786a3ec3fbe7e8 (diff) | |
download | pkgsrc-3e33a04e29c4122cd2ca542775fdf5e700e1d105.tar.gz |
Drop SSLv2 support. Add option for disabling SSLv3 as well. Bump
revision.
Diffstat (limited to 'www/lhs')
-rw-r--r-- | www/lhs/Makefile | 4 | ||||
-rw-r--r-- | www/lhs/distinfo | 8 | ||||
-rw-r--r-- | www/lhs/patches/patch-ab | 12 | ||||
-rw-r--r-- | www/lhs/patches/patch-ac | 50 | ||||
-rw-r--r-- | www/lhs/patches/patch-configure | 9 |
5 files changed, 65 insertions, 18 deletions
diff --git a/www/lhs/Makefile b/www/lhs/Makefile index 548f63a079d..96c3f61ba39 100644 --- a/www/lhs/Makefile +++ b/www/lhs/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.20 2016/03/05 11:29:37 jperkin Exp $ +# $NetBSD: Makefile,v 1.21 2016/03/26 23:05:10 joerg Exp $ # DISTNAME= lhs-0.1 -PKGREVISION= 8 +PKGREVISION= 9 CATEGORIES= www MASTER_SITES= ftp://dev.null.pl/pub/ diff --git a/www/lhs/distinfo b/www/lhs/distinfo index b39a63966fa..2ccc745d6de 100644 --- a/www/lhs/distinfo +++ b/www/lhs/distinfo @@ -1,10 +1,10 @@ -$NetBSD: distinfo,v 1.4 2015/11/04 02:46:56 agc Exp $ +$NetBSD: distinfo,v 1.5 2016/03/26 23:05:10 joerg Exp $ SHA1 (lhs-0.1.tar.gz) = 74fbb0a982cd00c668c9f07b7c3c583759f14fd6 RMD160 (lhs-0.1.tar.gz) = 176d8149d11383fc4d82e4a13991f156f3ab42ca SHA512 (lhs-0.1.tar.gz) = 38eaa65eea5e2ac1ec914e2a88d10402abab6d3f03349d24d4f0c7236f829ba7c775b0745fd8c87891e45819e47896b01f4e425b257e45c2a49f9e7845c0654a Size (lhs-0.1.tar.gz) = 10665 bytes SHA1 (patch-aa) = 682df4329c32b01438221ba78055761468ede8fa -SHA1 (patch-ab) = 83591e01fc71e4d487b5a4b5d598a60f83d22fa9 -SHA1 (patch-ac) = 66e697aa31f17519c700bd7ba857c1faefe7dda6 -SHA1 (patch-configure) = 87b38dd13938dc9756530d34497502924ccff121 +SHA1 (patch-ab) = a066f92aa5f47e85863b23e92247c2fad8f3c5bf +SHA1 (patch-ac) = 5359e9a017dc3e9ca4199b52691eb8727bdfa1f5 +SHA1 (patch-configure) = 21e675f56bd36f6bb880cb0179db952fa18a25a3 diff --git a/www/lhs/patches/patch-ab b/www/lhs/patches/patch-ab index d0633225706..739dcd259a8 100644 --- a/www/lhs/patches/patch-ab +++ b/www/lhs/patches/patch-ab @@ -1,8 +1,8 @@ -$NetBSD: patch-ab,v 1.2 2012/12/26 17:12:57 ryoon Exp $ +$NetBSD: patch-ab,v 1.3 2016/03/26 23:05:10 joerg Exp $ --- lhs.h.orig 2001-02-25 14:48:00.000000000 +0000 +++ lhs.h -@@ -7,7 +7,10 @@ +@@ -7,14 +7,17 @@ #define VERSION "lhs/0.1" @@ -13,3 +13,11 @@ $NetBSD: patch-ab,v 1.2 2012/12/26 17:12:57 ryoon Exp $ #define DEFAULT_HTTP_PORT 8000 #define DEFAULT_HTTPS_PORT 8001 #define DEFAULT_MAX_SOCKS 50 + + #ifdef USE_SSL + #include <openssl/ssl.h> +-#define DEFAULT_SSL_PROTOCOL SSL2_VERSION ++#define DEFAULT_SSL_PROTOCOL TLS1_VERSION + #define DEFAULT_CERT_FILE "lhs.pem" + #endif + diff --git a/www/lhs/patches/patch-ac b/www/lhs/patches/patch-ac index bc6d63f5d55..652e768f873 100644 --- a/www/lhs/patches/patch-ac +++ b/www/lhs/patches/patch-ac @@ -1,6 +1,8 @@ -$NetBSD: patch-ac,v 1.2 2012/12/26 17:12:57 ryoon Exp $ +$NetBSD: patch-ac,v 1.3 2016/03/26 23:05:10 joerg Exp $ * Include sys/filio.h for FIONBIO etc. +* Drop SSLv2 support +* Add TLSv1 support --- lhs.c.orig 2001-02-27 17:37:10.000000000 +0000 +++ lhs.c @@ -14,7 +16,40 @@ $NetBSD: patch-ac,v 1.2 2012/12/26 17:12:57 ryoon Exp $ #define debug(x...) { if (verbose) printf(x); } -@@ -592,7 +595,7 @@ void usage(char *a0) +@@ -467,12 +470,10 @@ int init_ssl() + SSL_load_error_strings(); + SSLeay_add_ssl_algorithms(); + +- if (ssl_protocol == SSL2_VERSION) +- ctx = SSL_CTX_new(SSLv2_method()); +- else { +- ctx = SSL_CTX_new(SSLv23_method()); +- SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); +- } ++ ctx = SSL_CTX_new(SSLv23_method()); ++ SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); ++ if (ssl_protocol == TLS1_VERSION) ++ SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3); + if (!ctx) { + fprintf(stderr, "SSL_CTX_new failed.\n"); + return 0; +@@ -512,12 +513,12 @@ SSL *init_ssl_socket(int sock) + } + // SSL_set_session_id_context(ssl,AppContext,sizeof(AppContext)); + switch(ssl->session->ssl_version) { +- case SSL2_VERSION: +- debug("ssl2\n"); +- break; + case SSL3_VERSION: + debug("ssl3\n"); + break; ++ case TLS1_VERSION: ++ debug("tls3\n"); ++ break; + default: + debug("nieznany standard szyfrowania\n"); + } +@@ -592,7 +593,7 @@ void usage(char *a0) " -s version set SSL protocol version (default: SSLv2)\n" " -c filename load certificate file (default: lhs.pem)\n" #endif @@ -23,3 +58,14 @@ $NetBSD: patch-ac,v 1.2 2012/12/26 17:12:57 ryoon Exp $ " -u user switch to other user after startup\n" " -g group change gid to other than user's\n" " -m socks set number of sockets (default: 50, min: 3)\n" +@@ -633,8 +634,8 @@ int main(int argc, char **argv) + cert_file = optarg; + break; + case 's': +- if (!strcasecmp(optarg, "ssl2") || !strcasecmp(optarg, "sslv2")) +- ssl_protocol = SSL2_VERSION; ++ if (!strcasecmp(optarg, "tls1") || !strcasecmp(optarg, "tls1")) ++ ssl_protocol = TLS1_VERSION; + else if (!strcasecmp(optarg, "ssl3") || !strcasecmp(optarg, "sslv3")) + ssl_protocol = SSL3_VERSION; + else { diff --git a/www/lhs/patches/patch-configure b/www/lhs/patches/patch-configure index 78ada54092c..ca2257a3fc0 100644 --- a/www/lhs/patches/patch-configure +++ b/www/lhs/patches/patch-configure @@ -1,4 +1,4 @@ -$NetBSD: patch-configure,v 1.1 2012/12/26 17:12:57 ryoon Exp $ +$NetBSD: patch-configure,v 1.2 2016/03/26 23:05:10 joerg Exp $ * Catch LIBS from pkgsrc Makefile @@ -10,10 +10,3 @@ $NetBSD: patch-configure,v 1.1 2012/12/26 17:12:57 ryoon Exp $ rm -f Makefile config.h if [ -f /usr/include/netinet/ip6.h ]; then echo "#define USE_IPV6" >> config.h -@@ -10,4 +9,4 @@ if [ -f /usr/include/openssl/ssl.h ]; th - echo "openssl includes found." - LIBS="$LIBS -lssl -lcrypto" - fi --sed "s/#LIBS#/$LIBS/g" < Makefile.in > Makefile -\ No newline at end of file -+sed "s/#LIBS#/$LIBS/g" < Makefile.in > Makefile |