commit:     a0929ecb1f22149df7aba7e00b5ea707ba7ca665
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Sat Feb 23 16:18:59 2019 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Sat Feb 23 16:22:10 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a0929ecb

net-ftp/pure-ftpd: temporarily disable TLSv1.3 support

Bug: https://github.com/jedisct1/pure-ftpd/issues/102
Package-Manager: Portage-2.3.62, Repoman-2.3.12
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

 .../files/pure-ftpd-1.0.47-disable-TLSv1.3.patch    | 21 +++++++++++++++++++++
 ...-1.0.47-r3.ebuild => pure-ftpd-1.0.47-r4.ebuild} |  1 +
 2 files changed, 22 insertions(+)

diff --git a/net-ftp/pure-ftpd/files/pure-ftpd-1.0.47-disable-TLSv1.3.patch 
b/net-ftp/pure-ftpd/files/pure-ftpd-1.0.47-disable-TLSv1.3.patch
new file mode 100644
index 00000000000..cbe9c8bdcb8
--- /dev/null
+++ b/net-ftp/pure-ftpd/files/pure-ftpd-1.0.47-disable-TLSv1.3.patch
@@ -0,0 +1,21 @@
+Temporarily disable TLSv1.3 support
+
+Disable TLSv1.3 until support for it is fixed in pure-ftpd. This is a
+workaround for the following issue:
+https://github.com/jedisct1/pure-ftpd/issues/102
+
+--- a/src/tls.c
++++ b/src/tls.c
+@@ -301,6 +301,10 @@ int tls_init_library(void)
+ # endif
+ # ifdef SSL_OP_NO_TLSv1_2
+     SSL_CTX_clear_options(tls_ctx, SSL_OP_NO_TLSv1_2);
++# endif
++    /* Disable TLSv1.3 support until it works properly in pure-ftpd */
++# ifdef SSL_OP_NO_TLSv1_3
++    SSL_CTX_set_options(tls_ctx, SSL_OP_NO_TLSv1_3);
+ # endif
+     if (tlsciphersuite != NULL) {
+         if (SSL_CTX_set_cipher_list(tls_ctx, tlsciphersuite) != 1) {
+-- 
+2.20.1

diff --git a/net-ftp/pure-ftpd/pure-ftpd-1.0.47-r3.ebuild 
b/net-ftp/pure-ftpd/pure-ftpd-1.0.47-r4.ebuild
similarity index 98%
rename from net-ftp/pure-ftpd/pure-ftpd-1.0.47-r3.ebuild
rename to net-ftp/pure-ftpd/pure-ftpd-1.0.47-r4.ebuild
index 58e90f89ddc..48506572446 100644
--- a/net-ftp/pure-ftpd/pure-ftpd-1.0.47-r3.ebuild
+++ b/net-ftp/pure-ftpd/pure-ftpd-1.0.47-r4.ebuild
@@ -44,6 +44,7 @@ PATCHES=(
        "${FILESDIR}/${PN}-1.0.28-pam.patch"
        "${FILESDIR}/${PN}-1.0.47-MAX_DATA_SIZE.patch"
        "${FILESDIR}/${PN}-1.0.47-TLSv1.3.patch"
+       "${FILESDIR}/${PN}-1.0.47-disable-TLSv1.3.patch"
 )
 
 src_configure() {

Reply via email to