diff options
| author | Sam Hartman <hartmans@debian.org> | 2019-02-11 18:38:59 -0500 |
|---|---|---|
| committer | Sam Hartman <hartmans@debian.org> | 2019-02-11 18:38:59 -0500 |
| commit | 6e0b82512985fb3555efdb3b51c1f1faa0ee595c (patch) | |
| tree | ea4b1ead3b76b7bfb8312a11574407598333642d | |
| parent | 0cfccf44518eaae6076d2d081411387c7f260df0 (diff) | |
Commit Debian 3.0 (quilt) metadataHEADdebian/1.0.1-6archive/debian/1.0.1-6master
[dgit (8.3) quilt-fixup]
| -rw-r--r-- | debian/patches/debian-changes | 27 |
1 files changed, 23 insertions, 4 deletions
diff --git a/debian/patches/debian-changes b/debian/patches/debian-changes index 507e15359..60d14eb6c 100644 --- a/debian/patches/debian-changes +++ b/debian/patches/debian-changes @@ -5,10 +5,9 @@ Description: <short summary of the patch> information below has been extracted from the changelog. Adjust it or drop it. . - moonshot-gss-eap (1.0.1-5) unstable; urgency=medium + moonshot-gss-eap (1.0.1-6) unstable; urgency=medium . - * New test suite; currently only tests .gss_eap_id but not moonshot-ui - * Depend on new libradsec to deal with openssl 1.1.1 + * Disable TLS1.3 in our client because it doesn't work currently. Author: Sam Hartman <hartmans@debian.org> --- @@ -22,7 +21,7 @@ Bug-Debian: https://bugs.debian.org/<bugnumber> Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber> Forwarded: <no|not-needed|url proving that it has been forwarded> Reviewed-By: <name and email of someone who approved the patch> -Last-Update: 2019-01-02 +Last-Update: 2019-02-11 --- /dev/null +++ moonshot-gss-eap-1.0.1/.gitignore @@ -3778,6 +3777,26 @@ Last-Update: 2019-01-02 +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: +--- moonshot-gss-eap-1.0.1.orig/libeap/src/crypto/tls_openssl.c ++++ moonshot-gss-eap-1.0.1/libeap/src/crypto/tls_openssl.c +@@ -954,7 +954,7 @@ void * tls_init(const struct tls_config + + data = os_zalloc(sizeof(*data)); + if (data) +- ssl = SSL_CTX_new(SSLv23_method()); ++ ssl = SSL_CTX_new(TLS_method()); + else + ssl = NULL; + if (ssl == NULL) { +@@ -968,6 +968,8 @@ void * tls_init(const struct tls_config + os_free(data); + return NULL; + } ++ SSL_CTX_set_max_proto_version(ssl, TLS1_2_VERSION); ++ SSL_CTX_set_min_proto_version(ssl, TLS1_2_VERSION); + data->ssl = ssl; + if (conf) + data->tls_session_lifetime = conf->tls_session_lifetime; --- moonshot-gss-eap-1.0.1.orig/libeap/src/utils/common.h +++ moonshot-gss-eap-1.0.1/libeap/src/utils/common.h @@ -432,6 +432,7 @@ void perror(const char *s); |