|
|
| @@ -0,0 +1,17 @@
+Nur in openssl-1.0.1j-norc4: openssl__disable_rc4.patch.
+diff -ru openssl-1.0.1j/ssl/s3_lib.c openssl-1.0.1j-norc4/ssl/s3_lib.c
+--- openssl-1.0.1j/ssl/s3_lib.c 2014-10-15 14:53:39.000000000 +0200
++++ openssl-1.0.1j-norc4/ssl/s3_lib.c 2014-10-23 18:57:16.468131600 +0200
+@@ -3844,6 +3844,11 @@
+ (TLS1_get_version(s) < TLS1_2_VERSION))
+ continue;
+
++ /* Disable RC4 for TLS v1.1+ */
++ if ((c->algorithm_enc == SSL_RC4) &&
++ (TLS1_get_version(s) >= TLS1_1_VERSION))
++ continue;
++
+ ssl_set_cert_masks(cert,c);
+ mask_k = cert->mask_k;
+ mask_a = cert->mask_a;
+Nur in openssl-1.0.1j-norc4/ssl: s3_lib.c.orig.
|
