Disable Segglemann's RFC520 hearbeat.

I am completely blown away that the same IETF that cannot efficiently allocate needed protocol, service numbers, or other such things when they are needed, can so quickly and easily rubber stamp the addition of a 64K Covert Channel in a critical protocol. The organization should look at itself very carefully, find out how this this happened, and everyone who allowed this to happen on their watch should be evicted from the decision making process. IETF, I don't trust you. ok tedu markus
author: deraadt <> 2014-04-10 18:09:08 +0000
committer: deraadt <> 2014-04-10 18:09:08 +0000
commit: 765ba4f5df62ba013c7670d45f13bdd7b2a74707 (patch)
tree: 45280bf705368b7463b663e54c1e1fc8af321b35 /src
parent: dd6008ac7699cfcbe2fef6fb74ae5f6e08393dc4 (diff)
download: openbsd-765ba4f5df62ba013c7670d45f13bdd7b2a74707.tar.gz
openbsd-765ba4f5df62ba013c7670d45f13bdd7b2a74707.tar.bz2
openbsd-765ba4f5df62ba013c7670d45f13bdd7b2a74707.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl/Makefile b/src/lib/libssl/ssl/Makefile
index ff511eb339..194f1a3a74 100644
--- a/src/lib/libssl/ssl/Makefile
+++ b/src/lib/libssl/ssl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.28 2014/04/10 18:03:44 tedu Exp $
+# $OpenBSD: Makefile,v 1.29 2014/04/10 18:09:08 deraadt Exp $
 LIB=    ssl
@@ -9,7 +9,7 @@ LSSL_SRC= ${.CURDIR}/../${SSLEAYDIST}/ssl
 CFLAGS+= -DTERMIOS -DANSI_SOURCE
 CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5
 CFLAGS+= -DOPENSSL_NO_SSL2
-CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS
+CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS -DOPENSSL_NO_HEARTBEAT
 CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST} -I${.CURDIR}/../${SSLEAYDIST}/crypto
 SRCS=\
author	deraadt <>	2014-04-10 18:09:08 +0000
committer	deraadt <>	2014-04-10 18:09:08 +0000
commit	765ba4f5df62ba013c7670d45f13bdd7b2a74707 (patch)
tree	45280bf705368b7463b663e54c1e1fc8af321b35 /src
parent	dd6008ac7699cfcbe2fef6fb74ae5f6e08393dc4 (diff)
download	openbsd-765ba4f5df62ba013c7670d45f13bdd7b2a74707.tar.gz openbsd-765ba4f5df62ba013c7670d45f13bdd7b2a74707.tar.bz2 openbsd-765ba4f5df62ba013c7670d45f13bdd7b2a74707.zip

diff --git a/src/lib/libssl/ssl/Makefile b/src/lib/libssl/ssl/Makefile index ff511eb339..194f1a3a74 100644 --- a/src/lib/libssl/ssl/Makefile +++ b/src/lib/libssl/ssl/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.28 2014/04/10 18:03:44 tedu Exp $	1	# $OpenBSD: Makefile,v 1.29 2014/04/10 18:09:08 deraadt Exp $
2		2
3	LIB= ssl	3	LIB= ssl
4		4
@@ -9,7 +9,7 @@ LSSL_SRC= ${.CURDIR}/../${SSLEAYDIST}/ssl
9	CFLAGS+= -DTERMIOS -DANSI_SOURCE	9	CFLAGS+= -DTERMIOS -DANSI_SOURCE
10	CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5	10	CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5
11	CFLAGS+= -DOPENSSL_NO_SSL2	11	CFLAGS+= -DOPENSSL_NO_SSL2
12	CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS	12	CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS -DOPENSSL_NO_HEARTBEAT
13	CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST} -I${.CURDIR}/../${SSLEAYDIST}/crypto	13	CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST} -I${.CURDIR}/../${SSLEAYDIST}/crypto
14		14
15	SRCS=\	15	SRCS=\