aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/gnutls/gnutls/CVE-2014-1959-rejection-of-v1-intermediate-cert.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-support/gnutls/gnutls/CVE-2014-1959-rejection-of-v1-intermediate-cert.patch')
-rw-r--r--meta/recipes-support/gnutls/gnutls/CVE-2014-1959-rejection-of-v1-intermediate-cert.patch33
1 files changed, 0 insertions, 33 deletions
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2014-1959-rejection-of-v1-intermediate-cert.patch b/meta/recipes-support/gnutls/gnutls/CVE-2014-1959-rejection-of-v1-intermediate-cert.patch
deleted file mode 100644
index 6567257a83..0000000000
--- a/meta/recipes-support/gnutls/gnutls/CVE-2014-1959-rejection-of-v1-intermediate-cert.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 467478d8ff08a3cb4be3034ff04c9d08a0ceba3e Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Wed, 12 Feb 2014 16:41:33 +0100
-Subject: [PATCH 1/5] Fixed bug that prevented the rejection of v1 intermediate
- CA certificates.
-
-Upstream-Status: Backport
-
-Signed-off-by: Karl Hiramoto <karl@hiramoto.org>
-
----
- lib/x509/verify.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/lib/x509/verify.c b/lib/x509/verify.c
-index 2efcebf..c9a6b0d 100644
---- a/lib/x509/verify.c
-+++ b/lib/x509/verify.c
-@@ -645,7 +645,10 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list,
- * certificates can exist in a supplied chain.
- */
- if (!(flags & GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT))
-- flags &= ~(GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
-+ {
-+ flags &= ~(GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
-+ flags |= GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT;
-+ }
- if ((ret =
- _gnutls_verify_certificate2 (certificate_list[i - 1],
- &certificate_list[i], 1, flags,
---
-1.8.3.2
-
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-06-06 10:38:31 +0000