polarssl: disable SSLv3 support, fixes CVE-2014-3566 (POODLE)

author Felix Fietkau <nbd@openwrt.org>

Sat, 18 Oct 2014 09:17:31 +0000 (09:17 +0000)

committer Felix Fietkau <nbd@openwrt.org>

Sat, 18 Oct 2014 09:17:31 +0000 (09:17 +0000)
author Felix Fietkau <nbd@openwrt.org>
Sat, 18 Oct 2014 09:17:31 +0000 (09:17 +0000)
committer Felix Fietkau <nbd@openwrt.org>
Sat, 18 Oct 2014 09:17:31 +0000 (09:17 +0000)
diff --git a/package/libs/polarssl/patches/100-disable_sslv3.patch b/package/libs/polarssl/patches/100-disable_sslv3.patch

new file mode 100644 (file)

index 0000000..06312f3
--- /dev/null
+++ b/package/libs/polarssl/patches/100-disable_sslv3.patch
@@ -0,0 +1,12 @@
+--- a/include/polarssl/config.h
++++ b/include/polarssl/config.h
+@@ -859,8 +859,8 @@
+  *           POLARSSL_SHA1_C
+  *
+  * Comment this macro to disable support for SSL 3.0
+- */
+ #define POLARSSL_SSL_PROTO_SSL3
++ */
+ 
+ /**
+  * \def POLARSSL_SSL_PROTO_TLS1
author	Felix Fietkau <nbd@openwrt.org>
	Sat, 18 Oct 2014 09:17:31 +0000 (09:17 +0000)
committer	Felix Fietkau <nbd@openwrt.org>
	Sat, 18 Oct 2014 09:17:31 +0000 (09:17 +0000)