wget/wget-no-ssl-comp.patch
OBS User mrdocs 3070f0d570 Accepting request 140898 from home:elvigia:branches:network:utilities
- wget-no-ssl-comp.patch: Since the apperance of the "CRIME attack"
  (CVE-2012-4929) HTTPS clients must not negotatiate ssl compression.

OBS-URL: https://build.opensuse.org/request/show/140898
OBS-URL: https://build.opensuse.org/package/show/network:utilities/wget?expand=0&rev=31
2012-11-12 04:54:16 +00:00

14 lines
308 B
Diff

--- src/openssl.c.orig
+++ src/openssl.c
@@ -248,6 +248,10 @@ ssl_init ()
/* Keep memory usage as low as possible */
SSL_CTX_set_mode (ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
#endif
+#ifdef SSL_OP_NO_COMPRESSION
+ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_COMPRESSION);
+#endif
+
return true;
error: