From 46394c9b0e6d3f8554694e75b5f90e5ca9ee332e Mon Sep 17 00:00:00 2001 From: Ryan Steinmetz Date: Sat, 16 Aug 2014 20:19:30 +0000 Subject: [PATCH] - Do not fail to start if there is a mismatch between libssl compile/runtime versions. We will still print the error, but it will not be fatal. This is to workaround an issue with pkg where pkg will only reinstall dependant ports if the .so version changes. - Bump PORTREVISION PR: 192661 Submitted by: mat@ --- net/freeradius2/Makefile | 2 +- .../files/patch-src__main__version.c | 24 +++++++++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 net/freeradius2/files/patch-src__main__version.c diff --git a/net/freeradius2/Makefile b/net/freeradius2/Makefile index ba94feb1a292..5698f4156417 100644 --- a/net/freeradius2/Makefile +++ b/net/freeradius2/Makefile @@ -3,7 +3,7 @@ PORTNAME= freeradius DISTVERSION= 2.2.5 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= net MASTER_SITES= ftp://ftp.freeradius.org/pub/freeradius/%SUBDIR%/ \ ftp://ftp.ntua.gr/pub/net/radius/freeradius/%SUBDIR%/ \ diff --git a/net/freeradius2/files/patch-src__main__version.c b/net/freeradius2/files/patch-src__main__version.c new file mode 100644 index 000000000000..749499d684a4 --- /dev/null +++ b/net/freeradius2/files/patch-src__main__version.c @@ -0,0 +1,24 @@ +--- ./src/main/version.c.orig 2014-08-16 16:17:41.000000000 -0400 ++++ ./src/main/version.c 2014-08-16 16:18:31.000000000 -0400 +@@ -60,21 +60,8 @@ + (unsigned long) ssl_built, + (unsigned long) ssl_linked); + +- return -1; + }; + +- if (!allow_vulnerable) { +- /* Check for bad versions */ +- /* 1.0.1 - 1.0.1f CVE-2014-0160 http://heartbleed.com */ +- if ((ssl_linked >= 0x010001000) && (ssl_linked < 0x010001070)) { +- radlog(L_ERR, "Refusing to start with libssl version %s (in range 1.0.1 - 1.0.1f). " +- "Security advisory CVE-2014-0160 (Heartbleed)", ssl_version()); +- radlog(L_ERR, "For more information see http://heartbleed.com"); +- +- return -1; +- } +- } +- + return 0; + } +