ELN: fix SHA1 signature patch again

The util/libcrypto.num patch did not apply cleanly.

Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
This commit is contained in:
Stephen Gallagher 2023-02-13 10:53:54 -05:00
parent 194ef7464a
commit 167e0dd694
No known key found for this signature in database
GPG Key ID: 45DB85A568286D11

View File

@ -1,4 +1,4 @@
From f6a2f59574788aadd0ce323ad8ebe4d0c470672e Mon Sep 17 00:00:00 2001 From e738d17c45869eda31cb94f2832e65ec7cf8afa9 Mon Sep 17 00:00:00 2001
From: Clemens Lang <cllang@redhat.com> From: Clemens Lang <cllang@redhat.com>
Date: Wed, 17 Aug 2022 12:56:29 -0400 Date: Wed, 17 Aug 2022 12:56:29 -0400
Subject: [PATCH] Selectively disallow SHA1 signatures Subject: [PATCH] Selectively disallow SHA1 signatures
@ -235,7 +235,7 @@ index a84113287c3d0edf6c67726aee7d8abb87401445..f1536258470563b4fe74f8d1e3db6d73
The value is a boolean that can be B<yes> or B<no>. If the value is The value is a boolean that can be B<yes> or B<no>. If the value is
diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h
index 1291299b6e50ea129ba77c85bb0b21b0997e4494..e234341e6afd15f7108c7af453d6f2190c086b04 100644 index 934d4b089c209a16b01a364da0f528afd4d12475..45346d7d0b0c91eae4a9d4466ed314c0873cf6f6 100644
--- a/include/internal/cryptlib.h --- a/include/internal/cryptlib.h
+++ b/include/internal/cryptlib.h +++ b/include/internal/cryptlib.h
@@ -168,7 +168,8 @@ typedef struct ossl_ex_data_global_st { @@ -168,7 +168,8 @@ typedef struct ossl_ex_data_global_st {
@ -439,7 +439,7 @@ index 7023a866131e38c214ac7326fdd83274dab81833..f66d7705c35add553694c5808b51d569
if (pmgf1mdname != NULL if (pmgf1mdname != NULL
&& !rsa_setup_mgf1_md(prsactx, pmgf1mdname, pmgf1mdprops)) && !rsa_setup_mgf1_md(prsactx, pmgf1mdname, pmgf1mdprops))
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 48a0b7f6e5908e62b433a306c49a3f2ff7e8df76..909e38c2fe88324884a939b583fd7f43d01f3920 100644 index 51c2283db915d792fa3020a2d7cbdc0d91fc9dca..89c1dd31c72271b1923ab972e3d3359b6c8e1a03 100644
--- a/ssl/t1_lib.c --- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c +++ b/ssl/t1_lib.c
@@ -20,6 +20,7 @@ @@ -20,6 +20,7 @@
@ -477,15 +477,15 @@ index 48a0b7f6e5908e62b433a306c49a3f2ff7e8df76..909e38c2fe88324884a939b583fd7f43
if (!EVP_PKEY_set_type(tmpkey, lu->sig)) { if (!EVP_PKEY_set_type(tmpkey, lu->sig)) {
cache[i].enabled = 0; cache[i].enabled = 0;
diff --git a/util/libcrypto.num b/util/libcrypto.num diff --git a/util/libcrypto.num b/util/libcrypto.num
index d94f406606132690d4744e470d98eff377d87699..07ae9a21ec979028eb78feaee4cadb801b790caf 100644 index 4e729be97d7b31b4caf0c3bab06dbce908dc2628..2ad515028ac6522e43cdb48794ba2cc96de56049 100644
--- a/util/libcrypto.num --- a/util/libcrypto.num
+++ b/util/libcrypto.num +++ b/util/libcrypto.num
@@ -5428,3 +5428,5 @@ EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION: @@ -5429,3 +5429,5 @@ OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION:
OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION: OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION:
OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP
ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION:
+ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION: +ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION:
+ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION: +ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION:
-- --
2.37.2 2.39.1