Hello community, here is the log from the commit of package lftp for openSUSE:Factory checked in at 2014-08-04 15:14:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/lftp (Old) and /work/SRC/openSUSE:Factory/.lftp.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "lftp" Changes: -------- --- /work/SRC/openSUSE:Factory/lftp/lftp.changes 2014-07-27 18:47:42.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.lftp.new/lftp.changes 2014-08-04 15:14:42.000000000 +0200 @@ -1,0 +2,8 @@ +Tue Jul 29 09:50:11 UTC 2014 - pgajdos@suse.com + +- use default ssl cipher instead of the custom one + [bnc#857148] (internal) +- added patches: + * lftp-default-ssl-cipher.patch + +------------------------------------------------------------------- New: ---- lftp-default-ssl-cipher.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lftp.spec ++++++ --- /var/tmp/diff_new_pack.NwnFBd/_old 2014-08-04 15:14:43.000000000 +0200 +++ /var/tmp/diff_new_pack.NwnFBd/_new 2014-08-04 15:14:43.000000000 +0200 @@ -45,6 +45,8 @@ Patch8: lftp-ca-bundle-path.patch # PATCH-FIX-UPSTREAM -- Include config.h where needed. Patch9: lftp-config_h.patch +# PATCH-FEATURE-OPENSUSE lftp-ssl-cipher.patch pgajdos@suse.cz -- use stronger cipher [bnc#857148] +Patch10: lftp-default-ssl-cipher.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: gcc-c++ @@ -105,6 +107,7 @@ %patch7 -p1 %patch8 -p1 %patch9 -p1 +%patch10 # replace AC_CHECK_FUNCS_ONCE with AC_CHECK_FUNCS on SLE 9+10 # as they're not supported by the autotools environment there: ++++++ lftp-default-ssl-cipher.patch ++++++ Index: src/lftp_ssl.cc =================================================================== --- src/lftp_ssl.cc.orig 2013-03-19 13:55:58.000000000 +0100 +++ src/lftp_ssl.cc 2014-07-29 11:26:00.702007402 +0200 @@ -772,7 +772,7 @@ SSLeay_add_ssl_algorithms(); ssl_ctx=SSL_CTX_new(SSLv23_client_method()); SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL|SSL_OP_NO_TICKET|SSL_OP_NO_SSLv2); - SSL_CTX_set_cipher_list(ssl_ctx, "ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!MD5:@STRENGTH"); + //SSL_CTX_set_cipher_list(ssl_ctx, "ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!MD5:@STRENGTH"); SSL_CTX_set_verify(ssl_ctx,SSL_VERIFY_PEER,lftp_ssl_openssl::verify_callback); // SSL_CTX_set_default_passwd_cb(ssl_ctx,lftp_ssl_passwd_callback); -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org