diff options
author | Renato Botelho <garga@FreeBSD.org> | 2019-02-11 13:58:08 +0000 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2019-02-11 13:58:08 +0000 |
commit | 6256c3a0d10d465552d236b1c72f6df98d417b9c (patch) | |
tree | 8c6ea3e9de8f138591074be1a154b8d770c607fd /dns/unbound | |
parent | 57c8dd1b0476b73e404a16a55a999ff5c4200a5f (diff) | |
download | freebsd-ports-6256c3a0d10d465552d236b1c72f6df98d417b9c.zip |
dns/unbound: Import patch to fix hostname verification with OpenSSL 1.0.2
PR: 235571
Approved by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Obtained from: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=4206#c5
https://github.com/pfsense/FreeBSD-ports/commit/af2c493a0dfa99e2afc6e3f9236aad10021d6b39
Sponsored by: Rubicon Communications, LLC (Netgate)
Diffstat (limited to 'dns/unbound')
-rw-r--r-- | dns/unbound/Makefile | 1 | ||||
-rw-r--r-- | dns/unbound/files/patch-daemon_remote.c | 11 | ||||
-rw-r--r-- | dns/unbound/files/patch-iterator_iter__fwd.c | 11 | ||||
-rw-r--r-- | dns/unbound/files/patch-iterator_iter__hints.c | 11 |
4 files changed, 34 insertions, 0 deletions
diff --git a/dns/unbound/Makefile b/dns/unbound/Makefile index 8c1da84c83a3..698b45a270d1 100644 --- a/dns/unbound/Makefile +++ b/dns/unbound/Makefile @@ -3,6 +3,7 @@ PORTNAME= unbound PORTVERSION= 1.9.0 +PORTREVISION= 1 CATEGORIES= dns MASTER_SITES= https://www.nlnetlabs.nl/downloads/unbound/ \ https://distfiles.crux.guru/ diff --git a/dns/unbound/files/patch-daemon_remote.c b/dns/unbound/files/patch-daemon_remote.c new file mode 100644 index 000000000000..cfa503a582f5 --- /dev/null +++ b/dns/unbound/files/patch-daemon_remote.c @@ -0,0 +1,11 @@ +--- daemon/remote.c.orig 2019-01-23 09:35:52 UTC ++++ daemon/remote.c +@@ -1987,7 +1987,7 @@ parse_delegpt(RES* ssl, char* args, uint8_t* nm, int a + return NULL; + } + } else { +-#ifndef HAVE_SSL_SET1_HOST ++#if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST) + if(auth_name) + log_err("no name verification functionality in " + "ssl library, ignored name for %s", todo); diff --git a/dns/unbound/files/patch-iterator_iter__fwd.c b/dns/unbound/files/patch-iterator_iter__fwd.c new file mode 100644 index 000000000000..fc328b0fa5d6 --- /dev/null +++ b/dns/unbound/files/patch-iterator_iter__fwd.c @@ -0,0 +1,11 @@ +--- iterator/iter_fwd.c.orig 2018-08-09 12:44:40 UTC ++++ iterator/iter_fwd.c +@@ -239,7 +239,7 @@ read_fwds_addr(struct config_stub* s, struct delegpt* + s->name, p->str); + return 0; + } +-#ifndef HAVE_SSL_SET1_HOST ++#if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST) + if(tls_auth_name) + log_err("no name verification functionality in " + "ssl library, ignored name for %s", p->str); diff --git a/dns/unbound/files/patch-iterator_iter__hints.c b/dns/unbound/files/patch-iterator_iter__hints.c new file mode 100644 index 000000000000..4e85a91bad99 --- /dev/null +++ b/dns/unbound/files/patch-iterator_iter__hints.c @@ -0,0 +1,11 @@ +--- iterator/iter_hints.c.orig 2018-08-09 12:44:40 UTC ++++ iterator/iter_hints.c +@@ -252,7 +252,7 @@ read_stubs_addr(struct config_stub* s, struct delegpt* + s->name, p->str); + return 0; + } +-#ifndef HAVE_SSL_SET1_HOST ++#if ! defined(HAVE_SSL_SET1_HOST) && ! defined(HAVE_X509_VERIFY_PARAM_SET1_HOST) + if(auth_name) + log_err("no name verification functionality in " + "ssl library, ignored name for %s", p->str); |