From e02b6d37706201456a69b1fecd0e54304bb8d0f5 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Arkadiusz=20Mi=C5=9Bkiewicz?= <arekm@maven.pl>
Date: Mon, 20 Oct 2014 19:45:36 +0200
Subject: [PATCH] - rel 2; disable unsecure protocols (zlib: CRIME attack;
 SSLv2: uses md5; SSLv3: POODLE) - enable enable-ec_nistp_64_gcc_128 on x86_64

---
 openssl.spec | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/openssl.spec b/openssl.spec
index 4455fe6..9bca391 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -17,7 +17,7 @@ Summary(ru.UTF-8):	Библиотеки и утилиты для соедине
 Summary(uk.UTF-8):	Бібліотеки та утиліти для з'єднань через Secure Sockets Layer
 Name:		openssl
 Version:	1.0.1j
-Release:	1
+Release:	2
 License:	Apache-like
 Group:		Libraries
 Source0:	ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
@@ -271,16 +271,21 @@ PERL="%{__perl}" \
 	--libdir=%{_lib} \
 	shared \
 	threads \
-	zlib \
-	enable-tlsext \
-	enable-seed \
-	enable-rfc3779 \
+	no-ssl2 \
+	no-ssl3 \
+	no-zlib \
 	enable-camelia \
 	enable-cms \
 	enable-idea \
-	enable-mdc2 \
 	enable-md2 \
+	enable-mdc2 \
 	enable-rc5 \
+	enable-rfc3779 \
+	enable-seed \
+	enable-tlsext \
+%ifarch %{x8664}
+	enable-ec_nistp_64_gcc_128 \
+%endif
 %ifarch %{ix86}
 %ifarch i386
 	386 linux-elf
-- 
2.43.0