Bug 117851 - Squid SRPM contains what appears to be an unnecessary SSL patch
Squid SRPM contains what appears to be an unnecessary SSL patch
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: squid (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jay Fenlason
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-03-09 05:12 EST by Reuben Farrelly
Modified: 2014-08-31 19:26 EDT (History)
1 user (show)

See Also:
Fixed In Version: squid-2.5.STABLE5-2
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-04-05 17:24:59 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Reuben Farrelly 2004-03-09 05:12:16 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4)
Gecko/20030624 Netscape/7.1 (ax)

Description of problem:


Version-Release number of selected component (if applicable):
2.5.STABLE5-1

How reproducible:
Always

Steps to Reproduce:
Rebuild squid from SRPM

Additional info:

Why does this patch (top few lines of squid-2.5.STABLE3-build.patch)
exist in the squid SRPM?

I can build squid-2.5 succesfully without it, and if it is in fact
needed then it ought to be pushed upstream to the official squid source:

--- squid-2.5.STABLE3/src/ssl_support.c.build   2003-02-08
09:53:15.000000000 -0500
+++ squid-2.5.STABLE3/src/ssl_support.c 2003-06-30 11:18:12.000000000
-0400
@@ -173,7 +173,7 @@
 #endif
 #ifdef SSL_OP_NON_EXPORT_FIRST
     {
-       "NON_EXPORT_FIRST", SSL_OP_NON_EXPORT_FIRST
+       "NON_EXPORT_FIRST", 0
     },
 #endif
 #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE

---------------------

There appears to be no comment on it in bugzilla nor %Changelog of the
SRPM.

I forwarded it onto one of the core squid developers and his comment
follows:

"I don't understand this patch. It kills the NON_EXPORT_FIRST ssl
option making it a no-op.

The code already deals with the situation where the SSL library does
not have this option.

Why is this patch needed? Have not seen any need of it during all the
years while the SSL support in Squid has been developed on RedHat boxes..

Regards
Henrik"
Comment 1 Jay Fenlason 2004-04-05 17:24:59 EDT
I removed the questionable part from the patch for the latest rawhide
squid rpm

Note You need to log in before you can comment on or make changes to this bug.