From 8e2106488a812dbb316776940a3b552a31b88549 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jow@openwrt.org>
Date: Tue, 29 Oct 2013 09:53:48 +0000
Subject: Revert "[cyassl]: upgrade to 2.8.0"

Reverts the CyaSSL version bump for now since the update completely broke
trunk building due to incompatible changes in the IO callback API which in
turn breaks the core ustream-ssl package.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 38576
---
 .../patches/200-SSL_accept-handle-hello-garbage.patch       | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch

(limited to 'package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch')

diff --git a/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch b/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch
new file mode 100644
index 0000000..4a6b8da
--- /dev/null
+++ b/package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch
@@ -0,0 +1,13 @@
+--- a/src/cyassl_int.c
++++ b/src/cyassl_int.c
+@@ -1588,6 +1588,10 @@
+                 b1 =
+                 ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx++];
+                 ssl->curSize = ((b0 & 0x7f) << 8) | b1;
++
++                /* does not appear to a be a SSLv2 client hello */
++                if ( ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx] != 1 )
++                    return UNKNOWN_HANDSHAKE_TYPE;
+             }
+             else {
+                 ssl->options.processReply = getRecordLayerHeader;
-- 
cgit v1.1