3070f0d570
- wget-no-ssl-comp.patch: Since the apperance of the "CRIME attack" (CVE-2012-4929) HTTPS clients must not negotatiate ssl compression. OBS-URL: https://build.opensuse.org/request/show/140898 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wget?expand=0&rev=31
14 lines
308 B
Diff
14 lines
308 B
Diff
--- src/openssl.c.orig
|
|
+++ src/openssl.c
|
|
@@ -248,6 +248,10 @@ ssl_init ()
|
|
/* Keep memory usage as low as possible */
|
|
SSL_CTX_set_mode (ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
|
|
#endif
|
|
+#ifdef SSL_OP_NO_COMPRESSION
|
|
+ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_COMPRESSION);
|
|
+#endif
|
|
+
|
|
return true;
|
|
|
|
error:
|