From: Arkadiusz Miśkiewicz <arekm@maven.pl>
Date: Tue, 21 Oct 2014 12:19:48 +0000 (+0200)
Subject: sslv2/sslv3/zlib bconds; discussion about their default state in progress on devel... 
X-Git-Tag: auto/th/openssl-1.0.1j-3~3
X-Git-Url: http://git.pld-linux.org/?p=packages%2Fopenssl.git;a=commitdiff_plain;h=93a4f283d314782309469ff2c6d3ce8629854db3

sslv2/sslv3/zlib bconds; discussion about their default state in progress on devel lists
---

diff --git a/openssl.spec b/openssl.spec
index 9bca391..39543f5 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -3,6 +3,9 @@
 #
 # Conditional build:
 %bcond_without	tests	# don't perform "make tests"
+%bcond_with	zlib	# zlib: note - enables CVE-2012-4929 vulnerability
+%bcond_with	sslv2	# SSLv2: note - many flaws http://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_2.0
+%bcond_with	sslv3	# SSLv3: note - enables  CVE-2014-3566 vulnerability
 %bcond_with	purify	# Compile openssl with \-DPURIFY, useful when one wants to
 			# use valgrind debugger against openssl-linked programs
 
@@ -271,9 +274,9 @@ PERL="%{__perl}" \
 	--libdir=%{_lib} \
 	shared \
 	threads \
-	no-ssl2 \
-	no-ssl3 \
-	no-zlib \
+	%{!?with_sslv2:no-}ssl2 \
+	%{!?with_sslv3:no-}ssl3 \
+	%{!?with_zlib:no-}zlib \
 	enable-camelia \
 	enable-cms \
 	enable-idea \