Drop ocsp key usage patch

Discussed in upstream issue with bottom-line that this is a ocsp certificate issue. https://dev.gnupg.org/T1333
2021-05-03 15:08:26 +02:00 · 2021-05-03 15:08:26 +02:00 · c059245ad0
commit c059245ad0
parent 0a6c109756
2 changed files with 0 additions and 20 deletions
--- a/gnupg-2.2.16-ocsp-keyusage.patch
+++ b/gnupg-2.2.16-ocsp-keyusage.patch
@ -1,17 +0,0 @@
-diff -up gnupg-2.2.16/sm/certlist.c.keyusage gnupg-2.2.16/sm/certlist.c
--- gnupg-2.2.16/sm/certlist.c.keyusage	2019-07-01 17:17:06.925254065 +0200
-+++ gnupg-2.2.16/sm/certlist.c	2019-07-01 17:24:15.665759322 +0200
-@@ -147,10 +147,9 @@ cert_usage_p (ksba_cert_t cert, int mode
- 
-   if (mode == 5)
-     {
-      if (use != ~0
-          && (have_ocsp_signing
-              || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
-                         |KSBA_KEYUSAGE_CRL_SIGN))))
-+      if (have_ocsp_signing
-+          || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
-+                     |KSBA_KEYUSAGE_CRL_SIGN)))
-         return 0;
-       if (!silent)
-         log_info (_("certificate should not have "
--- a/gnupg2.spec
+++ b/gnupg2.spec
@ -17,8 +17,6 @@ Patch3:  gnupg-2.1.10-secmem.patch
 # non-upstreamable patch adding file-is-digest option needed for Copr
 # https://dev.gnupg.org/T1646
 Patch4:  gnupg-2.2.20-file-is-digest.patch
-# fix handling of missing key usage on ocsp replies - upstream T1333
-Patch5:  gnupg-2.2.16-ocsp-keyusage.patch
 Patch6:  gnupg-2.1.1-fips-algo.patch
 # allow 8192 bit RSA keys in keygen UI with large RSA
 Patch9:  gnupg-2.2.23-large-rsa.patch
@ -101,7 +99,6 @@ to the base GnuPG package

 %patch3 -p1 -b .secmem
 %patch4 -p1 -b .file-is-digest
-%patch5 -p1 -b .keyusage
 %patch6 -p1 -b .fips
 %patch9 -p1 -b .large-rsa