22615 2009-12-24 20:10:23 +0300 Cisco's implementation of the DTLS protocol 2010-01-08 21:26:51 +0300 1 1 4 Development Sisyphus openssl unstable all Linux CLOSED FIXED P3 normal --- 1 shaba glebfm glebfm shaba qa-sisyphus oldest_to_newest 104776 0 shaba 2009-12-24 20:10:23 +0300 For openconnect package: Cisco's implementation of the DTLS protocol unfortunately does not comply with the relevant standards. We need some patches to OpenSSL to be compatible with it. For the 0.9.8 branch of OpenSSL, the required patch is http://cvs.openssl.org/chngview?cn=18037 This was included in OpenSSL CVS in April 2009 and should be in the next release from the 0.9.8 branch, which will presumably be 0.9.8l. OpenSSL 1.0.0-beta2 and later require no patching; all the required support is already present. PS: 05-Nov-2009 OpenSSL 0.9.8l is now available 104791 1 ldv 2009-12-25 04:43:08 +0300 (In reply to comment #0) > For openconnect package: > > Cisco's implementation of the DTLS protocol unfortunately does not > comply with the relevant standards. We need some patches to OpenSSL to > be compatible with it. > > For the 0.9.8 branch of OpenSSL, the required patch is > http://cvs.openssl.org/chngview?cn=18037 > > This was included in OpenSSL CVS in April 2009 and should be in the > next release from the 0.9.8 branch, which will presumably be 0.9.8l. > OpenSSL 1.0.0-beta2 and later require no patching; all the required > support is already present. > > PS: 05-Nov-2009 OpenSSL 0.9.8l is now available Unfortunately, 0.9.8l was released as 0.9.8k with just one change (so called CVE-2009-3555 fix), without any changed available in OpenSSL_0_9_8-stable branch at that time. I've just fetched and pushed this change, please test: http://git.altlinux.org/people/ldv/packages/?p=openssl.git;a=commit;h=ef8799678b107be51606d940a751fa6c3eaeb0b1 104812 2 shaba 2009-12-25 13:52:07 +0300 > I've just fetched and pushed this change, please test: > http://git.altlinux.org/people/ldv/packages/?p=openssl.git;a=commit;h=ef8799678b107be51606d940a751fa6c3eaeb0b1 openconnect собрался успешно. Его работу проверю позже. Спасибо. 105255 3 repository-robot 2010-01-08 21:26:51 +0300 openssl098-0.9.8l-alt4 -> sisyphus: * Fri Jan 08 2010 Dmitry V. Levin <ldv@altlinux> 0.9.8l-alt4 - Built for target linux-generic32 on ARM. - Applied upstream crypto/{md5,sha1} build fixes (by Evgeny Sinelnikov and Kirill A. Shutemov). - Applied upstream compatibility patch for Cisco VPN client DTLS (closes: #22615).