Imported Upstream version 1.11.6-rbsec
Sophie Brun
8 years ago
0 | 0 |
Changelog
|
1 | 1 |
=========
|
|
2 |
|
|
3 |
Version: 1.11.6
|
|
4 |
Date : 09/04/2016
|
|
5 |
Author : rbsec <[email protected]>
|
|
6 |
Changes: The following are a list of changes
|
|
7 |
> Re-eanble support for weak (<1024) DH keys in OpenSSL
|
2 | 8 |
|
3 | 9 |
Version: 1.11.5
|
4 | 10 |
Date : 24/03/2016
|
84 | 84 |
else \
|
85 | 85 |
git clone --depth 1 -b OpenSSL_1_0_2-stable https://github.com/openssl/openssl ./openssl && cd ./openssl && touch ../.openssl.is.fresh ; \
|
86 | 86 |
fi
|
|
87 |
# Re-enable SSLv2 EXPORT ciphers
|
87 | 88 |
sed -i.bak 's/# if 0/# if 1/g' openssl/ssl/s2_lib.c
|
88 | 89 |
rm openssl/ssl/s2_lib.c.bak
|
|
90 |
# Re-enable weak (<1024 bit) DH keys
|
|
91 |
sed -i.bak 's/dh_size < [0-9]\+/dh_size < 512/g' openssl/ssl/s3_clnt.c
|
|
92 |
rm openssl/ssl/s3_clnt.c.bak
|
|
93 |
# Break the weak DH key test so OpenSSL compiles
|
|
94 |
sed -i.bak 's/dhe512/zzz/g' openssl/test/testssl
|
|
95 |
rm openssl/test/testssl.bak
|
89 | 96 |
|
90 | 97 |
# Need to build OpenSSL differently on OSX
|
91 | 98 |
ifeq ($(OS), Darwin)
|