[Pkg-openssl-changes] r574 - in openssl/trunk/debian: . patches
Kurt Roeckx
kroeckx at alioth.debian.org
Tue Jun 5 22:44:20 UTC 2012
Author: kroeckx
Date: 2012-06-05 22:44:19 +0000 (Tue, 05 Jun 2012)
New Revision: 574
Added:
openssl/trunk/debian/patches/renegiotate_tls.patch
Modified:
openssl/trunk/debian/changelog
openssl/trunk/debian/patches/series
Log:
Fix renegiotation when using TLS > 1.0. This breaks tor. Patch from
upstream. (Closes: #675990)
Modified: openssl/trunk/debian/changelog
===================================================================
--- openssl/trunk/debian/changelog 2012-05-11 16:46:14 UTC (rev 573)
+++ openssl/trunk/debian/changelog 2012-06-05 22:44:19 UTC (rev 574)
@@ -1,3 +1,10 @@
+openssl (1.0.1c-2) unstable; urgency=high
+
+ * Fix renegiotation when using TLS > 1.0. This breaks tor. Patch from
+ upstream. (Closes: #675990)
+
+ -- Kurt Roeckx <kurt at roeckx.be> Wed, 06 Jun 2012 00:37:39 +0200
+
openssl (1.0.1c-1) unstable; urgency=high
* New upstream version
Added: openssl/trunk/debian/patches/renegiotate_tls.patch
===================================================================
--- openssl/trunk/debian/patches/renegiotate_tls.patch (rev 0)
+++ openssl/trunk/debian/patches/renegiotate_tls.patch 2012-06-05 22:44:19 UTC (rev 574)
@@ -0,0 +1,10 @@
+--- a/openssl/ssl/s3_pkt.c 2012/04/17 13:21:19 1.95
++++ b/openssl/ssl/s3_pkt.c 2012/05/11 13:34:29 1.96
+@@ -744,6 +744,7 @@
+ * bytes and record version number > TLS 1.0
+ */
+ if (s->state == SSL3_ST_CW_CLNT_HELLO_B
++ && !s->renegotiate
+ && TLS1_get_version(s) > TLS1_VERSION)
+ *(p++) = 0x1;
+ else
Modified: openssl/trunk/debian/patches/series
===================================================================
--- openssl/trunk/debian/patches/series 2012-05-11 16:46:14 UTC (rev 573)
+++ openssl/trunk/debian/patches/series 2012-06-05 22:44:19 UTC (rev 574)
@@ -29,3 +29,4 @@
block_diginotar.patch
block_digicert_malaysia.patch
c_rehash-multi.patch
+renegiotate_tls.patch
More information about the Pkg-openssl-changes
mailing list