Hello community, here is the log from the commit of package perl-Crypt-SSLeay for openSUSE:Factory checked in at 2017-11-14 13:01:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/perl-Crypt-SSLeay (Old) and /work/SRC/openSUSE:Factory/.perl-Crypt-SSLeay.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-Crypt-SSLeay" Tue Nov 14 13:01:13 2017 rev:27 rq:541539 version:0.72 Changes: -------- --- /work/SRC/openSUSE:Factory/perl-Crypt-SSLeay/perl-Crypt-SSLeay.changes 2017-10-03 23:18:33.583654942 +0200 +++ /work/SRC/openSUSE:Factory/.perl-Crypt-SSLeay.new/perl-Crypt-SSLeay.changes 2017-11-14 13:01:34.077414490 +0100 @@ -1,0 +2,6 @@ +Mon Nov 13 13:47:00 UTC 2017 - [email protected] + +- Disable SSLv2/3 to fix build with OpenSSL 1.1 (bsc#1067188) + * add Crypt-SSLeay-use_TLS_instead_of_SSL.patch + +------------------------------------------------------------------- New: ---- Crypt-SSLeay-use_TLS_instead_of_SSL.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ perl-Crypt-SSLeay.spec ++++++ --- /var/tmp/diff_new_pack.p7ImZO/_old 2017-11-14 13:01:37.889275112 +0100 +++ /var/tmp/diff_new_pack.p7ImZO/_new 2017-11-14 13:01:37.889275112 +0100 @@ -27,6 +27,7 @@ Source0: https://cpan.metacpan.org/authors/id/N/NA/NANIS/%{cpan_name}-%{version}.tar.gz Source1: cpanspec.yml Patch0: no-dot-inc.patch +Patch1: Crypt-SSLeay-use_TLS_instead_of_SSL.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: perl BuildRequires: perl-macros @@ -55,6 +56,7 @@ %setup -q -n %{cpan_name}-%{version} find . -type f ! -name \*.pl -print0 | xargs -0 chmod 644 %patch0 -p1 +%patch1 -p1 %build %{__perl} Makefile.PL INSTALLDIRS=vendor OPTIMIZE="%{optflags}" ++++++ Crypt-SSLeay-use_TLS_instead_of_SSL.patch ++++++ Index: Crypt-SSLeay-0.72/SSLeay.xs =================================================================== --- Crypt-SSLeay-0.72.orig/SSLeay.xs 2014-04-24 00:36:24.000000000 +0200 +++ Crypt-SSLeay-0.72/SSLeay.xs 2017-11-13 14:41:30.924182704 +0100 @@ -45,12 +45,7 @@ extern "C" { } #endif - -#if SSLEAY_VERSION_NUMBER >= 0x0900 -#define CRYPT_SSL_CLIENT_METHOD SSLv3_client_method() -#else -#define CRYPT_SSL_CLIENT_METHOD SSLv2_client_method() -#endif +#define CRYPT_SSL_CLIENT_METHOD SSLv23_client_method() static void InfoCallback(const SSL *s,int where,int ret) { @@ -145,23 +140,9 @@ SSL_CTX_new(packname, ssl_version) RAND_seed(buf, CRYPT_SSLEAY_RAND_BUFSIZE); } - if(ssl_version == 23) { - ctx = SSL_CTX_new(SSLv23_client_method()); - } - else if(ssl_version == 3) { - ctx = SSL_CTX_new(SSLv3_client_method()); - } - else { -#ifndef OPENSSL_NO_SSL2 - /* v2 is the default */ - ctx = SSL_CTX_new(SSLv2_client_method()); -#else - /* v3 is the default */ - ctx = SSL_CTX_new(SSLv3_client_method()); -#endif - } + ctx = SSL_CTX_new(CRYPT_SSL_CLIENT_METHOD); - SSL_CTX_set_options(ctx,SSL_OP_ALL|0); + SSL_CTX_set_options(ctx,SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); SSL_CTX_set_default_verify_paths(ctx); SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL); RETVAL = ctx;
