summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/openssl
diff options
context:
space:
mode:
authorIlya Yanok <yanok@emcraft.com>2011-01-17 22:36:17 (GMT)
committerRichard Purdie <richard.purdie@linuxfoundation.org>2011-01-20 21:36:59 (GMT)
commit81f1457d7e5092ced648993f3507fdee0165580f (patch)
tree9a6eaee771ea4bc35a431d05d7e30f032c72cc89 /meta/recipes-connectivity/openssl
parent05cb09b2ff8134ad66c19373a1f229f774314a15 (diff)
downloadpoky-81f1457d7e5092ced648993f3507fdee0165580f.tar.gz
openssl: drop the valgrind patch that introduce a security hole
debian/valgrind.patch is the 'famous' Debian OpenSSL patch responsible for everyone using Debian and derivatives changing their keys. All keys generated with the patched OpenSSL are compromised so at very least we have to drop this patch for good. Signed-off-by: Ilya Yanok <yanok@emcraft.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
Diffstat (limited to 'meta/recipes-connectivity/openssl')
-rw-r--r--meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch15
-rw-r--r--meta/recipes-connectivity/openssl/openssl_0.9.8p.bb1
2 files changed, 0 insertions, 16 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch b/meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch
deleted file mode 100644
index e9f86ea..0000000
--- a/meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch
+++ /dev/null
@@ -1,15 +0,0 @@
1Index: openssl-0.9.8k/crypto/rand/md_rand.c
2===================================================================
3--- openssl-0.9.8k.orig/crypto/rand/md_rand.c 2008-09-16 13:50:05.000000000 +0200
4+++ openssl-0.9.8k/crypto/rand/md_rand.c 2009-07-19 11:36:05.000000000 +0200
5@@ -477,8 +477,10 @@
6 MD_Update(&m,local_md,MD_DIGEST_LENGTH);
7 MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
8 #ifndef PURIFY
9+#if 0 /* Don't add uninitialised data. */
10 MD_Update(&m,buf,j); /* purify complains */
11 #endif
12+#endif
13 k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
14 if (k > 0)
15 {
diff --git a/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb b/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb
index 3ae6bf4..283b82a 100644
--- a/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb
+++ b/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb
@@ -13,7 +13,6 @@ SRC_URI += "file://debian/ca.patch \
13 file://debian/no-symbolic.patch \ 13 file://debian/no-symbolic.patch \
14 file://debian/pic.patch \ 14 file://debian/pic.patch \
15 file://debian/pkg-config.patch \ 15 file://debian/pkg-config.patch \
16 file://debian/valgrind.patch \
17 file://debian/rc4-amd64.patch \ 16 file://debian/rc4-amd64.patch \
18 file://debian/rehash-crt.patch \ 17 file://debian/rehash-crt.patch \
19 file://debian/rehash_pod.patch \ 18 file://debian/rehash_pod.patch \