From e44e52157d95a369ee370b532e4de6eea061351e Mon Sep 17 00:00:00 2001
From: nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Sat, 18 Oct 2014 09:19:51 +0000
Subject: [PATCH] polarssl: disable SSLv3 support, fixes CVE-2014-3566 (POODLE)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

Backport of r42947

git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@42948 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 .../libs/polarssl/patches/100-disable_sslv3.patch    | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 package/libs/polarssl/patches/100-disable_sslv3.patch

diff --git a/package/libs/polarssl/patches/100-disable_sslv3.patch b/package/libs/polarssl/patches/100-disable_sslv3.patch
new file mode 100644
index 00000000..06312f34
--- /dev/null
+++ b/package/libs/polarssl/patches/100-disable_sslv3.patch
@@ -0,0 +1,12 @@
+--- a/include/polarssl/config.h
++++ b/include/polarssl/config.h
+@@ -859,8 +859,8 @@
+  *           POLARSSL_SHA1_C
+  *
+  * Comment this macro to disable support for SSL 3.0
+- */
+ #define POLARSSL_SSL_PROTO_SSL3
++ */
+ 
+ /**
+  * \def POLARSSL_SSL_PROTO_TLS1
-- 
GitLab