mingw-openssl/0006-Disable-signature-verification-with-totally-unsafe-h.patch

diff -rupN --no-dereference openssl-3.0.5/crypto/asn1/a_verify.c openssl-3.0.5-new/crypto/asn1/a_verify.c
--- openssl-3.0.5/crypto/asn1/a_verify.c	2022-07-05 10:57:04.000000000 +0200
+++ openssl-3.0.5-new/crypto/asn1/a_verify.c	2022-07-08 10:09:53.250097964 +0200
@@ -153,6 +153,11 @@ int ASN1_item_verify_ctx(const ASN1_ITEM
             ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
         if (ret <= 1)
             goto err;
+    } else if ((mdnid == NID_md5
+               && ossl_safe_getenv("OPENSSL_ENABLE_MD5_VERIFY") == NULL) ||
+               mdnid == NID_md4 || mdnid == NID_md2 || mdnid == NID_sha) {
+        ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+        goto err;
     } else {
         const EVP_MD *type = NULL;
Update to 3.0.5 2022-07-08 08:35:39 +00:00			`diff -rupN --no-dereference openssl-3.0.5/crypto/asn1/a_verify.c openssl-3.0.5-new/crypto/asn1/a_verify.c`
			`--- openssl-3.0.5/crypto/asn1/a_verify.c 2022-07-05 10:57:04.000000000 +0200`
			`+++ openssl-3.0.5-new/crypto/asn1/a_verify.c 2022-07-08 10:09:53.250097964 +0200`
Update to 3.0.3 2022-06-02 13:09:32 +00:00			`@@ -153,6 +153,11 @@ int ASN1_item_verify_ctx(const ASN1_ITEM`
Update to 3.0.0 2022-02-17 15:28:36 +00:00			`ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);`
			`if (ret <= 1)`
			`goto err;`
			`+ } else if ((mdnid == NID_md5`
			`+ && ossl_safe_getenv("OPENSSL_ENABLE_MD5_VERIFY") == NULL) \|\|`
			`+ mdnid == NID_md4 \|\| mdnid == NID_md2 \|\| mdnid == NID_sha) {`
			`+ ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);`
			`+ goto err;`
			`} else {`
			`const EVP_MD *type = NULL;`