projects
/
freeradius.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
82f556b
)
allow acknowledged CVEs
author
Alan T. DeKok
<aland@freeradius.org>
Mon, 26 Sep 2016 11:40:04 +0000
(07:40 -0400)
committer
Alan T. DeKok
<aland@freeradius.org>
Mon, 26 Sep 2016 11:40:04 +0000
(07:40 -0400)
src/main/tls.c
patch
|
blob
|
history
diff --git
a/src/main/tls.c
b/src/main/tls.c
index
b126f5f
..
6b6090e
100644
(file)
--- a/
src/main/tls.c
+++ b/
src/main/tls.c
@@
-2466,6
+2466,11
@@
int tls_global_version_check(char const *acknowledged)
libssl_defect_t *defect = &libssl_defects[i];
if ((v >= defect->low) && (v <= defect->high)) {
+ /*
+ * If the CVE is acknowledged, allow it.
+ */
+ if (strcmp(acknowledged, defect->name) == 0) return 0;
+
ERROR("Refusing to start with libssl version %s (in range %s)",
ssl_version(), ssl_version_range(defect->low, defect->high));
ERROR("Security advisory %s (%s)", defect->id, defect->name);