debian/patches/guard-use-of-deprecated-openssl-definition.patch - net/nginx-mbedtls - Rivoreo Source Code Repositories

 Description: guard use of SSL_OP_MSIE_SSLV2_RSA_PADDING
  This option had no effect since 0.9.7h / 0.9.8b and it was removed
  in recent OpenSSL
 Author: Piotr Sikora <piotr@cloudflare.com>
 Origin: http://trac.nginx.org/nginx/changeset/a73678f5f96ffead0b616b2c03dfcfd5445d443b/nginx

 Index: src/event/ngx_event_openssl.c
 ===================================================================
 --- a/src/event/ngx_event_openssl.c
 +++ b/src/event/ngx_event_openssl.c
 @@ -186,6 +186,8 @@
      SSL_CTX_set_options(ssl->ctx, SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER);

 +#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING
      /* this option allow a potential SSL 2.0 rollback (CAN-2005-2969) */
      SSL_CTX_set_options(ssl->ctx, SSL_OP_MSIE_SSLV2_RSA_PADDING);
 +#endif

      SSL_CTX_set_options(ssl->ctx, SSL_OP_SSLEAY_080_CLIENT_DH_BUG);
	Description: guard use of SSL_OP_MSIE_SSLV2_RSA_PADDING
	This option had no effect since 0.9.7h / 0.9.8b and it was removed
	in recent OpenSSL
	Author: Piotr Sikora <piotr@cloudflare.com>
	Origin: http://trac.nginx.org/nginx/changeset/a73678f5f96ffead0b616b2c03dfcfd5445d443b/nginx

	Index: src/event/ngx_event_openssl.c
	===================================================================
	--- a/src/event/ngx_event_openssl.c
	+++ b/src/event/ngx_event_openssl.c
	@@ -186,6 +186,8 @@
	SSL_CTX_set_options(ssl->ctx, SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER);

	+#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING
	/* this option allow a potential SSL 2.0 rollback (CAN-2005-2969) */
	SSL_CTX_set_options(ssl->ctx, SSL_OP_MSIE_SSLV2_RSA_PADDING);
	+#endif

	SSL_CTX_set_options(ssl->ctx, SSL_OP_SSLEAY_080_CLIENT_DH_BUG);