- Do not fail to start if there is a mismatch between libssl compile/runtime

versions. We will still print the error, but it will not be fatal. This is to workaround an issue with pkg where pkg will only reinstall dependant ports if the .so version changes. - Bump PORTREVISION PR: 192661 Submitted by: mat@
svn path=/head/; revision=365131
2024-11-21 00:25:50 +00:00 · 2014-08-16 20:19:30 +00:00 · 2014-08-16 20:19:30 +00:00 · 46394c9b0e · 2021-03-31 03:12:20 +00:00
commit 46394c9b0e
parent 40f1df68c1
2 changed files with 25 additions and 1 deletions
--- a/net/freeradius2/Makefile
+++ b/net/freeradius2/Makefile
@ -3,7 +3,7 @@

 PORTNAME=	freeradius
 DISTVERSION=	2.2.5
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.freeradius.org/pub/freeradius/%SUBDIR%/ \
 		ftp://ftp.ntua.gr/pub/net/radius/freeradius/%SUBDIR%/ \
--- a/net/freeradius2/files/patch-srcmainversion.c
+++ b/net/freeradius2/files/patch-srcmainversion.c
@ -0,0 +1,24 @@
+--- ./src/main/version.c.orig	2014-08-16 16:17:41.000000000 -0400
+++ ./src/main/version.c	2014-08-16 16:18:31.000000000 -0400
+@@ -60,21 +60,8 @@
+ 		       (unsigned long) ssl_built,
+ 		       (unsigned long) ssl_linked);
+ 
+-		return -1;
+ 	};
+ 
+-	if (!allow_vulnerable) {
+-		/* Check for bad versions */
+-		/* 1.0.1 - 1.0.1f CVE-2014-0160 http://heartbleed.com */
+-		if ((ssl_linked >= 0x010001000) && (ssl_linked < 0x010001070)) {
+-			radlog(L_ERR, "Refusing to start with libssl version %s (in range 1.0.1 - 1.0.1f).  "
+-			      "Security advisory CVE-2014-0160 (Heartbleed)", ssl_version());
+-			radlog(L_ERR, "For more information see http://heartbleed.com");
+-
+-			return -1;
+-		}
+-	}
+-
+ 	return 0;
+ }
+