Disable Segglemann's RFC520 hearbeat.

I am completely blown away that the same IETF that cannot efficiently allocate needed protocol, service numbers, or other such things when they are needed, can so quickly and easily rubber stamp the addition of a 64K Covert Channel in a critical protocol. The organization should look at itself very carefully, find out how this this happened, and everyone who allowed this to happen on their watch should be evicted from the decision making process. IETF, I don't trust you. ok tedu markus
author: deraadt <> 2014-04-10 18:09:08 +0000
committer: deraadt <> 2014-04-10 18:09:08 +0000
commit: daed265d1965b832573d4458214b5bc976aa2f42 (patch)
tree: 45280bf705368b7463b663e54c1e1fc8af321b35 /src
parent: 0a7b8dbc3e8fc8e26b2236216c8b7f7bc41a736f (diff)
download: openbsd-daed265d1965b832573d4458214b5bc976aa2f42.tar.gz
openbsd-daed265d1965b832573d4458214b5bc976aa2f42.tar.bz2
openbsd-daed265d1965b832573d4458214b5bc976aa2f42.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl/Makefile b/src/lib/libssl/ssl/Makefile
index ff511eb339..194f1a3a74 100644
--- a/src/lib/libssl/ssl/Makefile
+++ b/src/lib/libssl/ssl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.28 2014/04/10 18:03:44 tedu Exp $
+# $OpenBSD: Makefile,v 1.29 2014/04/10 18:09:08 deraadt Exp $
 LIB=    ssl
@@ -9,7 +9,7 @@ LSSL_SRC= ${.CURDIR}/../${SSLEAYDIST}/ssl
 CFLAGS+= -DTERMIOS -DANSI_SOURCE
 CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5
 CFLAGS+= -DOPENSSL_NO_SSL2
-CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS
+CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS -DOPENSSL_NO_HEARTBEAT
 CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST} -I${.CURDIR}/../${SSLEAYDIST}/crypto
 SRCS=\
author	deraadt <>	2014-04-10 18:09:08 +0000
committer	deraadt <>	2014-04-10 18:09:08 +0000
commit	daed265d1965b832573d4458214b5bc976aa2f42 (patch)
tree	45280bf705368b7463b663e54c1e1fc8af321b35 /src
parent	0a7b8dbc3e8fc8e26b2236216c8b7f7bc41a736f (diff)
download	openbsd-daed265d1965b832573d4458214b5bc976aa2f42.tar.gz openbsd-daed265d1965b832573d4458214b5bc976aa2f42.tar.bz2 openbsd-daed265d1965b832573d4458214b5bc976aa2f42.zip

diff --git a/src/lib/libssl/ssl/Makefile b/src/lib/libssl/ssl/Makefile index ff511eb339..194f1a3a74 100644 --- a/src/lib/libssl/ssl/Makefile +++ b/src/lib/libssl/ssl/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.28 2014/04/10 18:03:44 tedu Exp $	1	# $OpenBSD: Makefile,v 1.29 2014/04/10 18:09:08 deraadt Exp $
2		2
3	LIB= ssl	3	LIB= ssl
4		4
@@ -9,7 +9,7 @@ LSSL_SRC= ${.CURDIR}/../${SSLEAYDIST}/ssl
9	CFLAGS+= -DTERMIOS -DANSI_SOURCE	9	CFLAGS+= -DTERMIOS -DANSI_SOURCE
10	CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5	10	CFLAGS+= -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5
11	CFLAGS+= -DOPENSSL_NO_SSL2	11	CFLAGS+= -DOPENSSL_NO_SSL2
12	CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS	12	CFLAGS+= -DOPENSSL_NO_BUF_FREELISTS -DOPENSSL_NO_HEARTBEAT
13	CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST} -I${.CURDIR}/../${SSLEAYDIST}/crypto	13	CFLAGS+= -I${.CURDIR}/../${SSLEAYDIST} -I${.CURDIR}/../${SSLEAYDIST}/crypto
14		14
15	SRCS=\	15	SRCS=\