openssl: Remove openssl10

OpenSSL 1.0 has been replaced by 1.1, and it would be harder to security-support after the upstream EOL at the end of 2019. (From OE-Core rev: 0f7ffcaa18db7bc27f30c994aafbb9f4f8b2ae7e) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Adrian Bunk <bunk@stusta.de> 2019-05-12 22:53:19 +0300
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-05-15 17:53:29 +0100
commit: a98ac2a39b30b3a3e94669616900547b0b87992a (patch)
tree: 3ab98c21f2018d317dae16ed6d40cb951eca60a2 /meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_digicert_malaysia.patch
parent: 66ef365ba617e3f0dfb13d8711871b6628ed4465 (diff)
download: poky-a98ac2a39b30b3a3e94669616900547b0b87992a.tar.gz
1 files changed, 0 insertions, 29 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_digicert_malaysia.patch b/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_digicert_malaysia.patch
deleted file mode 100644
index c43bcd1c77..0000000000
--- a/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_digicert_malaysia.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From: Raphael Geissert <geissert@debian.org>
-Description: make X509_verify_cert indicate that any certificate whose
- name contains "Digicert Sdn. Bhd." (from Malaysia) is revoked.
-Forwarded: not-needed
-Origin: vendor
-Last-Update: 2011-11-05
-Upstream-Status: Backport [debian]
-Index: openssl-1.0.2~beta1/crypto/x509/x509_vfy.c
-===================================================================
--- openssl-1.0.2~beta1.orig/crypto/x509/x509_vfy.c     2014-02-25 00:16:12.488028844 +0100
-+++ openssl-1.0.2~beta1/crypto/x509/x509_vfy.c  2014-02-25 00:16:12.484028929 +0100
-@@ -964,10 +964,11 @@
-        for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
-                {
-                x = sk_X509_value(ctx->chain, i);
-               /* Mark DigiNotar certificates as revoked, no matter
-                * where in the chain they are.
-+               /* Mark certificates containing the following names as
-+                * revoked, no matter where in the chain they are.
-                 */
-               if (x->name && strstr(x->name, "DigiNotar"))
-+               if (x->name && (strstr(x->name, "DigiNotar") ||
-+                       strstr(x->name, "Digicert Sdn. Bhd.")))
-                        {
-                        ctx->error = X509_V_ERR_CERT_REVOKED;
-                        ctx->error_depth = i;
author	Adrian Bunk <bunk@stusta.de>	2019-05-12 22:53:19 +0300
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2019-05-15 17:53:29 +0100
commit	a98ac2a39b30b3a3e94669616900547b0b87992a (patch)
tree	3ab98c21f2018d317dae16ed6d40cb951eca60a2 /meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_digicert_malaysia.patch
parent	66ef365ba617e3f0dfb13d8711871b6628ed4465 (diff)
download	poky-a98ac2a39b30b3a3e94669616900547b0b87992a.tar.gz

diff --git a/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_digicert_malaysia.patch b/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_digicert_malaysia.patch deleted file mode 100644 index c43bcd1c77..0000000000 --- a/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_digicert_malaysia.patch +++ /dev/null
@@ -1,29 +0,0 @@
1	From: Raphael Geissert <geissert@debian.org>
2	Description: make X509_verify_cert indicate that any certificate whose
3	name contains "Digicert Sdn. Bhd." (from Malaysia) is revoked.
4	Forwarded: not-needed
5	Origin: vendor
6	Last-Update: 2011-11-05
7
8	Upstream-Status: Backport [debian]
9
10
11	Index: openssl-1.0.2~beta1/crypto/x509/x509_vfy.c
12	===================================================================
13	--- openssl-1.0.2~beta1.orig/crypto/x509/x509_vfy.c 2014-02-25 00:16:12.488028844 +0100
14	+++ openssl-1.0.2~beta1/crypto/x509/x509_vfy.c 2014-02-25 00:16:12.484028929 +0100
15	@@ -964,10 +964,11 @@
16	for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
17	{
18	x = sk_X509_value(ctx->chain, i);
19	- /* Mark DigiNotar certificates as revoked, no matter
20	- * where in the chain they are.
21	+ /* Mark certificates containing the following names as
22	+ * revoked, no matter where in the chain they are.
23	*/
24	- if (x->name && strstr(x->name, "DigiNotar"))
25	+ if (x->name && (strstr(x->name, "DigiNotar") \|\|
26	+ strstr(x->name, "Digicert Sdn. Bhd.")))
27	{
28	ctx->error = X509_V_ERR_CERT_REVOKED;
29	ctx->error_depth = i;