AA: bind: merge r36404 (CVE-2013-2266)

[12.09/packages.git] / net / bind / patches / 002-no-ecdsa-testing.patch

diff --git a/net/bind/patches/002-no-ecdsa-testing.patch b/net/bind/patches/002-no-ecdsa-testing.patch
new file mode 100644 (file)
index 0000000..901e246
--- /dev/null
+++ b/net/bind/patches/002-no-ecdsa-testing.patch
@@ -0,0 +1,43 @@
+--- a/configure.in
++++ b/configure.in
+@@ -763,40 +763,6 @@ esac
+                       AC_MSG_RESULT(no)
+               fi
+ 
+-              AC_CHECK_FUNCS(EVP_sha256 EVP_sha384 EVP_sha512)
+-
+-              AC_MSG_CHECKING(for OpenSSL ECDSA support)
+-              have_ecdsa=""
+-              AC_TRY_RUN([
+-#include <stdio.h>
+-#include <openssl/ecdsa.h>
+-#include <openssl/objects.h>
+-int main() {
+-      EC_KEY *ec256, *ec384;
+-
+-#if !defined(HAVE_EVP_SHA256) || !defined(HAVE_EVP_SHA384)
+-      return (1);
+-#endif
+-      ec256 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+-      ec384 = EC_KEY_new_by_curve_name(NID_secp384r1);
+-      if (ec256 == NULL || ec384 == NULL)
+-              return (2);
+-      return (0);
+-}
+-],
+-              [AC_MSG_RESULT(yes)
+-              have_ecdsa="yes"],
+-              [AC_MSG_RESULT(no)
+-              have_ecdsa="no"])
+-              case $have_ecdsa in
+-              yes)
+-                      OPENSSL_ECDSA="yes"
+-                      AC_DEFINE(HAVE_OPENSSL_ECDSA)
+-                      ;;
+-              *)
+-                      ;;
+-              esac
+-
+               AC_MSG_CHECKING(for OpenSSL GOST support)
+               have_gost=""
+               AC_TRY_RUN([