sslv2/sslv3/zlib bconds; discussion about their default state in progress on devel...

author Arkadiusz Miśkiewicz <arekm@maven.pl>

Tue, 21 Oct 2014 12:19:48 +0000 (14:19 +0200)

committer Arkadiusz Miśkiewicz <arekm@maven.pl>

Tue, 21 Oct 2014 12:19:48 +0000 (14:19 +0200)
author Arkadiusz Miśkiewicz <arekm@maven.pl>
Tue, 21 Oct 2014 12:19:48 +0000 (14:19 +0200)
committer Arkadiusz Miśkiewicz <arekm@maven.pl>
Tue, 21 Oct 2014 12:19:48 +0000 (14:19 +0200)
diff --git a/openssl.spec b/openssl.spec

index 9bca39169978093ce5a517b07cc1528311beb94f..39543f50ba7e90965ab230e82308a2edcfcf2c05 100644 (file)
--- a/openssl.spec
+++ b/openssl.spec
@@ -3,6 +3,9 @@
  #
  # Conditional build:
  %bcond_without tests   # don't perform "make tests"
+%bcond_with    zlib    # zlib: note - enables CVE-2012-4929 vulnerability
+%bcond_with    sslv2   # SSLv2: note - many flaws http://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_2.0
+%bcond_with    sslv3   # SSLv3: note - enables  CVE-2014-3566 vulnerability
  %bcond_with    purify  # Compile openssl with \-DPURIFY, useful when one wants to
                         # use valgrind debugger against openssl-linked programs
  
@@ -271,9 +274,9 @@ PERL="%{__perl}" \
         --libdir=%{_lib} \
         shared \
         threads \
-       no-ssl2 \
-       no-ssl3 \
-       no-zlib \
+       %{!?with_sslv2:no-}ssl2 \
+       %{!?with_sslv3:no-}ssl3 \
+       %{!?with_zlib:no-}zlib \
         enable-camelia \
         enable-cms \
         enable-idea \
author	Arkadiusz Miśkiewicz <arekm@maven.pl>
	Tue, 21 Oct 2014 12:19:48 +0000 (14:19 +0200)
committer	Arkadiusz Miśkiewicz <arekm@maven.pl>
	Tue, 21 Oct 2014 12:19:48 +0000 (14:19 +0200)