diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:16:14 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:16:14 +0000 |
| commit | 318a1a2246a9f521e5a02313dcc1f6d68a0af7ec (patch) | |
| tree | e28c79d572e488bf782444e31d81291b99ef1932 /debian/patches/75_62-OpenSSL-Fix-tls_eccurve-on-earlier-versions-than-3.0.patch | |
| parent | Adding upstream version 4.96. (diff) | |
| download | exim4-318a1a2246a9f521e5a02313dcc1f6d68a0af7ec.tar.xz exim4-318a1a2246a9f521e5a02313dcc1f6d68a0af7ec.zip | |
Adding debian version 4.96-15+deb12u4.debian/4.96-15+deb12u4debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/75_62-OpenSSL-Fix-tls_eccurve-on-earlier-versions-than-3.0.patch')
| -rw-r--r-- | debian/patches/75_62-OpenSSL-Fix-tls_eccurve-on-earlier-versions-than-3.0.patch | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/debian/patches/75_62-OpenSSL-Fix-tls_eccurve-on-earlier-versions-than-3.0.patch b/debian/patches/75_62-OpenSSL-Fix-tls_eccurve-on-earlier-versions-than-3.0.patch new file mode 100644 index 0000000..e346df1 --- /dev/null +++ b/debian/patches/75_62-OpenSSL-Fix-tls_eccurve-on-earlier-versions-than-3.0.patch @@ -0,0 +1,42 @@ +From 7fa5764c203f2f4a900898a79ed02d674075313f Mon Sep 17 00:00:00 2001 +From: Jeremy Harris <jgh146exb@wizmail.org> +Date: Mon, 2 Jan 2023 15:04:14 +0000 +Subject: [PATCH 1/3] OpenSSL: Fix tls_eccurve on earlier versions than 3.0.0. + Bug 2954 + +Broken-by: ca4014de81e6 +--- + src/tls-openssl.c | 7 ++++--- + test/log/2149 | 28 ++++++++++++++-------------- + test/runtest | 3 +++ + test/scripts/2100-OpenSSL/2149 | 22 ++++++++++++---------- + 4 files changed, 33 insertions(+), 27 deletions(-) + +diff --git a/src/tls-openssl.c b/src/tls-openssl.c +index 4d0f99ea9..e063d29bd 100644 +--- a/src/tls-openssl.c ++++ b/src/tls-openssl.c +@@ -786,8 +786,9 @@ if ( (nid = OBJ_sn2nid (CCS exp_curve)) == NID_undef + # endif + ) + { +- tls_error(string_sprintf("Unknown curve name tls_eccurve '%s'", exp_curve), +- NULL, NULL, errstr); ++ uschar * s = string_sprintf("Unknown curve name tls_eccurve '%s'", exp_curve); ++ DEBUG(D_tls) debug_printf("TLS error '%s'\n", s); ++ if (errstr) *errstr = s; + return FALSE; + } + +@@ -803,7 +804,7 @@ if ( (nid = OBJ_sn2nid (CCS exp_curve)) == NID_undef + /* The "tmp" in the name here refers to setting a temporary key + not to the stability of the interface. */ + +- if ((rc = SSL_CTX_set_tmp_ecdh(sctx, ecdh) == 0)) ++ if ((rc = SSL_CTX_set_tmp_ecdh(sctx, ecdh)) == 0) + tls_error(string_sprintf("Error enabling '%s' curve", exp_curve), NULL, NULL, errstr); + else + DEBUG(D_tls) debug_printf(" ECDH: enabled '%s' curve\n", exp_curve); +-- +2.39.0 + |