Summary: | Cisco's implementation of the DTLS protocol | ||
---|---|---|---|
Product: | Sisyphus | Reporter: | Alexey Shabalin <shaba> |
Component: | openssl | Assignee: | Gleb F-Malinovskiy <glebfm> |
Status: | CLOSED FIXED | QA Contact: | qa-sisyphus |
Severity: | normal | ||
Priority: | P3 | CC: | glebfm, shaba |
Version: | unstable | ||
Hardware: | all | ||
OS: | Linux |
Description
Alexey Shabalin
2009-12-24 20:10:23 MSK
(In reply to comment #0) > For openconnect package: > > Cisco's implementation of the DTLS protocol unfortunately does not > comply with the relevant standards. We need some patches to OpenSSL to > be compatible with it. > > For the 0.9.8 branch of OpenSSL, the required patch is > http://cvs.openssl.org/chngview?cn=18037 > > This was included in OpenSSL CVS in April 2009 and should be in the > next release from the 0.9.8 branch, which will presumably be 0.9.8l. > OpenSSL 1.0.0-beta2 and later require no patching; all the required > support is already present. > > PS: 05-Nov-2009 OpenSSL 0.9.8l is now available Unfortunately, 0.9.8l was released as 0.9.8k with just one change (so called CVE-2009-3555 fix), without any changed available in OpenSSL_0_9_8-stable branch at that time. I've just fetched and pushed this change, please test: http://git.altlinux.org/people/ldv/packages/?p=openssl.git;a=commit;h=ef8799678b107be51606d940a751fa6c3eaeb0b1 > I've just fetched and pushed this change, please test:
> http://git.altlinux.org/people/ldv/packages/?p=openssl.git;a=commit;h=ef8799678b107be51606d940a751fa6c3eaeb0b1
openconnect собрался успешно.
Его работу проверю позже.
Спасибо.
openssl098-0.9.8l-alt4 -> sisyphus: * Fri Jan 08 2010 Dmitry V. Levin <ldv@altlinux> 0.9.8l-alt4 - Built for target linux-generic32 on ARM. - Applied upstream crypto/{md5,sha1} build fixes (by Evgeny Sinelnikov and Kirill A. Shutemov). - Applied upstream compatibility patch for Cisco VPN client DTLS (closes: #22615). |