diff options
| -rw-r--r-- | net-ftp/pure-ftpd/files/pure-ftpd-1.0.47-disable-TLSv1.3.patch | 21 | ||||
| -rw-r--r-- | net-ftp/pure-ftpd/pure-ftpd-1.0.47-r4.ebuild (renamed from net-ftp/pure-ftpd/pure-ftpd-1.0.47-r3.ebuild) | 1 |
2 files changed, 22 insertions, 0 deletions
diff --git a/net-ftp/pure-ftpd/files/pure-ftpd-1.0.47-disable-TLSv1.3.patch b/net-ftp/pure-ftpd/files/pure-ftpd-1.0.47-disable-TLSv1.3.patch new file mode 100644 index 000000000000..cbe9c8bdcb8f --- /dev/null +++ b/net-ftp/pure-ftpd/files/pure-ftpd-1.0.47-disable-TLSv1.3.patch @@ -0,0 +1,21 @@ +Temporarily disable TLSv1.3 support + +Disable TLSv1.3 until support for it is fixed in pure-ftpd. This is a +workaround for the following issue: +https://github.com/jedisct1/pure-ftpd/issues/102 + +--- a/src/tls.c ++++ b/src/tls.c +@@ -301,6 +301,10 @@ int tls_init_library(void) + # endif + # ifdef SSL_OP_NO_TLSv1_2 + SSL_CTX_clear_options(tls_ctx, SSL_OP_NO_TLSv1_2); ++# endif ++ /* Disable TLSv1.3 support until it works properly in pure-ftpd */ ++# ifdef SSL_OP_NO_TLSv1_3 ++ SSL_CTX_set_options(tls_ctx, SSL_OP_NO_TLSv1_3); + # endif + if (tlsciphersuite != NULL) { + if (SSL_CTX_set_cipher_list(tls_ctx, tlsciphersuite) != 1) { +-- +2.20.1 diff --git a/net-ftp/pure-ftpd/pure-ftpd-1.0.47-r3.ebuild b/net-ftp/pure-ftpd/pure-ftpd-1.0.47-r4.ebuild index 58e90f89ddc0..485065724467 100644 --- a/net-ftp/pure-ftpd/pure-ftpd-1.0.47-r3.ebuild +++ b/net-ftp/pure-ftpd/pure-ftpd-1.0.47-r4.ebuild @@ -44,6 +44,7 @@ PATCHES=( "${FILESDIR}/${PN}-1.0.28-pam.patch" "${FILESDIR}/${PN}-1.0.47-MAX_DATA_SIZE.patch" "${FILESDIR}/${PN}-1.0.47-TLSv1.3.patch" + "${FILESDIR}/${PN}-1.0.47-disable-TLSv1.3.patch" ) src_configure() { |