Remove SSLv2 support. Bump revision.diff -r1.30 -r1.31 pkgsrc/security/openvas-client/Makefile
(joerg)
@@ -1,18 +1,18 @@ | @@ -1,18 +1,18 @@ | |||
1 | # $NetBSD: Makefile,v 1.30 2016/03/05 11:29:23 jperkin Exp $ | 1 | # $NetBSD: Makefile,v 1.31 2016/03/29 22:00:13 joerg Exp $ | |
2 | # | 2 | # | |
3 | 3 | |||
4 | DISTNAME= openvas-client-2.0.1 | 4 | DISTNAME= openvas-client-2.0.1 | |
5 | PKGREVISION= 25 | 5 | PKGREVISION= 26 | |
6 | CATEGORIES= security | 6 | CATEGORIES= security | |
7 | MASTER_SITES= http://wald.intevation.org/frs/download.php/552/ | 7 | MASTER_SITES= http://wald.intevation.org/frs/download.php/552/ | |
8 | 8 | |||
9 | MAINTAINER= pkgsrc-users@NetBSD.org | 9 | MAINTAINER= pkgsrc-users@NetBSD.org | |
10 | HOMEPAGE= http://www.openvas.org/ | 10 | HOMEPAGE= http://www.openvas.org/ | |
11 | COMMENT= Client for the Open Vulnerability Assessment System | 11 | COMMENT= Client for the Open Vulnerability Assessment System | |
12 | 12 | |||
13 | USE_TOOLS+= gmake pkg-config | 13 | USE_TOOLS+= gmake pkg-config | |
14 | GNU_CONFIGURE= YES | 14 | GNU_CONFIGURE= YES | |
15 | BUILD_DEFS+= VARBASE | 15 | BUILD_DEFS+= VARBASE | |
16 | USE_X11= YES | 16 | USE_X11= YES | |
17 | 17 | |||
18 | CONFIGURE_ARGS+= --localstatedir=${VARBASE} | 18 | CONFIGURE_ARGS+= --localstatedir=${VARBASE} |
@@ -1,7 +1,8 @@ | @@ -1,7 +1,8 @@ | |||
1 | $NetBSD: distinfo,v 1.3 2015/11/04 01:17:52 agc Exp $ | 1 | $NetBSD: distinfo,v 1.4 2016/03/29 22:00:13 joerg Exp $ | |
2 | 2 | |||
3 | SHA1 (openvas-client-2.0.1.tar.gz) = 07ada2cb7538da072c27a3a1cf58f9c6152d5e64 | 3 | SHA1 (openvas-client-2.0.1.tar.gz) = 07ada2cb7538da072c27a3a1cf58f9c6152d5e64 | |
4 | RMD160 (openvas-client-2.0.1.tar.gz) = aa966e1e9911b63e5fee48d947cda5f0b036dd0a | 4 | RMD160 (openvas-client-2.0.1.tar.gz) = aa966e1e9911b63e5fee48d947cda5f0b036dd0a | |
5 | SHA512 (openvas-client-2.0.1.tar.gz) = b20235fb9b6d6355a01b02156f6b10b78c98e74e1ebcfac586167989c8175f347a8eaf6eab543a76556745ef4c6aaa88a6e63f984a081d55a7f496d6063fe892 | 5 | SHA512 (openvas-client-2.0.1.tar.gz) = b20235fb9b6d6355a01b02156f6b10b78c98e74e1ebcfac586167989c8175f347a8eaf6eab543a76556745ef4c6aaa88a6e63f984a081d55a7f496d6063fe892 | |
6 | Size (openvas-client-2.0.1.tar.gz) = 629551 bytes | 6 | Size (openvas-client-2.0.1.tar.gz) = 629551 bytes | |
7 | SHA1 (patch-aa) = ffca8ce1116a4014e1a65f53536e0fc4faeeb675 | 7 | SHA1 (patch-aa) = ffca8ce1116a4014e1a65f53536e0fc4faeeb675 | |
8 | SHA1 (patch-nessus_nessus.c) = 9c2e10a8abe410db8c9b8a7a575dd6cfdbec5804 |
$NetBSD: patch-nessus_nessus.c,v 1.1 2016/03/29 22:00:14 joerg Exp $
--- nessus/nessus.c.orig 2016-03-29 18:19:57.396124258 +0000
+++ nessus/nessus.c
@@ -410,9 +410,7 @@ Please launch openvasclient-mkrand(1) fi
}
if (ssl_mt == NULL)
{
- if (strcasecmp(ssl_ver, "SSLv2") == 0)
- ssl_mt = SSLv2_client_method();
- else if (strcasecmp(ssl_ver, "SSLv3") == 0)
+ if (strcasecmp(ssl_ver, "SSLv3") == 0)
ssl_mt = SSLv3_client_method();
else if (strcasecmp(ssl_ver, "SSLv23") == 0)
ssl_mt = SSLv23_client_method();
@@ -443,6 +441,7 @@ Please launch openvasclient-mkrand(1) fi
return "SSL error";
}
+ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2);
if (SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL) < 0)
sslerror("SSL_CTX_set_options(SSL_OP_ALL)");