Warmcat homepage andy@warmcat.com
libwebsockets
{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"", "gen_ut":1750227923, "reponame":"openssl", "desc":"OpenSSL", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://warmcat.com/repo/openssl", "f":3, "items": [ {"schema":"libjg2-1", "cid":"859f1f838082130c53273ae69f2e496c", "commit": {"type":"commit", "time": 1496953716, "time_ofs": 60, "oid_tree": { "oid": "b3efca2c34c48508c58e1969e57093af82136680", "alias": []}, "oid":{ "oid": "1c7aa0dbf16c3389bbedd13391bb653e7a189603", "alias": []}, "msg": "Ignore -named_curve auto value to improve backwards compatibility", "sig_commit": { "git_time": { "time": 1496953716, "offset": 60 }, "name": "Matt Caswell", "email": "matt@openssl.org", "md5": "10f7b441a32d5790efad9fc68cae4af2" }, "sig_author": { "git_time": { "time": 1495462821, "offset": 120 }, "name": "Tomas Mraz", "email": "tmraz@fedoraproject.org", "md5": "ced3a023f967099766c3897f9c82c4bc" }}, "body": "Ignore -named_curve auto value to improve backwards compatibility\n\nFixes #3490\n\nReviewed-by: Rich Salz \u003crsalz@openssl.org\u003e\nReviewed-by: Matt Caswell \u003cmatt@openssl.org\u003e\n(Merged from https://github.com/openssl/openssl/pull/3518)" , "diff": "diff --git a/CHANGES b/CHANGES\nindex 0e8d922..97bfa55 100644\n--- a/CHANGES\n+++ b/CHANGES\n@@ -14,6 +14,10 @@\n than just the call where this user data is passed.\n [Richard Levitte]\n \n+ *) Ignore the '-named_curve auto' value for compatibility of applications\n+ with OpenSSL 1.0.2.\n+ [Tomas Mraz \u003ctmraz@fedoraproject.org\u003e]\n+\n *) Fragmented SSL/TLS alerts are no longer accepted. An alert message is 2\n bytes long. In theory it is permissible in SSLv3 - TLSv1.2 to fragment such\n alerts across multiple records (some of which could be empty). In practice\ndiff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c\nindex 41c7ff7..ab0a94d 100644\n--- a/ssl/ssl_conf.c\n+++ b/ssl/ssl_conf.c\n@@ -227,6 +227,14 @@ static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)\n EC_KEY *ecdh;\n int nid;\n \n+ /* Ignore values supported by 1.0.2 for the automatic selection */\n+ if ((cctx-\u003eflags \u0026 SSL_CONF_FLAG_FILE) \u0026\u0026\n+ strcasecmp(value, \u0022+automatic\u0022) \u003d\u003d 0)\n+ return 1;\n+ if ((cctx-\u003eflags \u0026 SSL_CONF_FLAG_CMDLINE) \u0026\u0026\n+ strcmp(value, \u0022auto\u0022) \u003d\u003d 0)\n+ return 1;\n+\n nid \u003d EC_curve_nist2nid(value);\n if (nid \u003d\u003d NID_undef)\n nid \u003d OBJ_sn2nid(value);\n","s":{"c":1750227923,"u": 36869}} ],"g": 38397,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "0000"}