summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/rpm/files/0001-Rip-out-partial-support-for-unused-MD2-and-RIPEMD160.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-devtools/rpm/files/0001-Rip-out-partial-support-for-unused-MD2-and-RIPEMD160.patch')
-rw-r--r--meta/recipes-devtools/rpm/files/0001-Rip-out-partial-support-for-unused-MD2-and-RIPEMD160.patch81
1 files changed, 81 insertions, 0 deletions
diff --git a/meta/recipes-devtools/rpm/files/0001-Rip-out-partial-support-for-unused-MD2-and-RIPEMD160.patch b/meta/recipes-devtools/rpm/files/0001-Rip-out-partial-support-for-unused-MD2-and-RIPEMD160.patch
new file mode 100644
index 0000000000..734e38bb39
--- /dev/null
+++ b/meta/recipes-devtools/rpm/files/0001-Rip-out-partial-support-for-unused-MD2-and-RIPEMD160.patch
@@ -0,0 +1,81 @@
+From 2d53d1e308a5bd15a16cc289fa7e1f264ea706be Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Tue, 26 Jun 2018 10:46:14 +0300
+Subject: [PATCH] Rip out partial support for unused MD2 and RIPEMD160 digests
+
+Inspired by #453, adding configure-checks for unused digests algorithms
+seems nonsensical, at no point in rpm history have these algorithms been
+used for anything in rpm so there's not even backward compatibility to
+care about. So the question becomes why do we appear to have (some)
+support for those unused algorithms? So lets don't, problem solved...
+
+Upstream-Status: Backport [https://github.com/rpm-software-management/rpm/commit/ff4b9111aeba01dd025dd133ce617fb80f7398a0]
+Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
+---
+ rpmio/digest_beecrypt.c | 7 -------
+ rpmio/digest_nss.c | 2 --
+ rpmio/digest_openssl.c | 6 ------
+ 3 files changed, 15 deletions(-)
+
+diff --git a/rpmio/digest_beecrypt.c b/rpmio/digest_beecrypt.c
+index 597027e25..653a39491 100644
+--- a/rpmio/digest_beecrypt.c
++++ b/rpmio/digest_beecrypt.c
+@@ -132,10 +132,6 @@ DIGEST_CTX rpmDigestInit(int hashalgo, rpmDigestFlags flags)
+ ctx->Digest = (void *) sha512Digest;
+ break;
+ #endif
+- case PGPHASHALGO_RIPEMD160:
+- case PGPHASHALGO_MD2:
+- case PGPHASHALGO_TIGER192:
+- case PGPHASHALGO_HAVAL_5_160:
+ default:
+ free(ctx);
+ return NULL;
+@@ -292,9 +288,6 @@ static int pgpVerifySigRSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig, uint8_t *hash, si
+ case PGPHASHALGO_SHA1:
+ prefix = "3021300906052b0e03021a05000414";
+ break;
+- case PGPHASHALGO_MD2:
+- prefix = "3020300c06082a864886f70d020205000410";
+- break;
+ case PGPHASHALGO_SHA256:
+ prefix = "3031300d060960864801650304020105000420";
+ break;
+diff --git a/rpmio/digest_nss.c b/rpmio/digest_nss.c
+index e11920e3e..b3d2b5595 100644
+--- a/rpmio/digest_nss.c
++++ b/rpmio/digest_nss.c
+@@ -117,7 +117,6 @@ static HASH_HashType getHashType(int hashalgo)
+ {
+ switch (hashalgo) {
+ case PGPHASHALGO_MD5: return HASH_AlgMD5;
+- case PGPHASHALGO_MD2: return HASH_AlgMD2;
+ case PGPHASHALGO_SHA1: return HASH_AlgSHA1;
+ #ifdef SHA224_LENGTH
+ case PGPHASHALGO_SHA224: return HASH_AlgSHA224;
+@@ -217,7 +216,6 @@ static SECOidTag getHashAlg(unsigned int hashalgo)
+ {
+ switch (hashalgo) {
+ case PGPHASHALGO_MD5: return SEC_OID_MD5;
+- case PGPHASHALGO_MD2: return SEC_OID_MD2;
+ case PGPHASHALGO_SHA1: return SEC_OID_SHA1;
+ #ifdef SHA224_LENGTH
+ case PGPHASHALGO_SHA224: return SEC_OID_SHA224;
+diff --git a/rpmio/digest_openssl.c b/rpmio/digest_openssl.c
+index 18e52a724..0ae48dd1d 100644
+--- a/rpmio/digest_openssl.c
++++ b/rpmio/digest_openssl.c
+@@ -172,12 +172,6 @@ static const EVP_MD *getEVPMD(int hashalgo)
+ case PGPHASHALGO_SHA1:
+ return EVP_sha1();
+
+- case PGPHASHALGO_RIPEMD160:
+- return EVP_ripemd160();
+-
+- case PGPHASHALGO_MD2:
+- return EVP_md2();
+-
+ case PGPHASHALGO_SHA256:
+ return EVP_sha256();
+
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-30 15:33:52 +0000