aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs/openssl/patches
diff options
context:
space:
mode:
authorEneas U de Queiroz <cote2004-github@yahoo.com>2019-05-28 20:07:57 +0000
committerChristian Lamparter <chunkeey@gmail.com>2019-05-31 11:21:22 +0200
commitf22ef1f1de8816201c6d8551e1bb3f3fc58c4328 (patch)
tree964df5bc8a2429113ffa17a8938379269fd1a1c5 /package/libs/openssl/patches
parent4d6da056836aa017e1006ff8dd463dfd5d7341df (diff)
downloadupstream-f22ef1f1de8816201c6d8551e1bb3f3fc58c4328.tar.gz
upstream-f22ef1f1de8816201c6d8551e1bb3f3fc58c4328.tar.bz2
upstream-f22ef1f1de8816201c6d8551e1bb3f3fc58c4328.zip
openssl: update to version 1.1.1c
Highlights of this version: - Prevent over long nonces in ChaCha20-Poly1305 (CVE-2019-1543) - Fix OPENSSL_config bug (patch removed) - Change the default RSA, DSA and DH size to 2048 bit instead of 1024. - Enable SHA3 pre-hashing for ECDSA and DSA Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [DMARC removal]
Diffstat (limited to 'package/libs/openssl/patches')
-rw-r--r--package/libs/openssl/patches/200-OPENSSL_config-restore-error-agnosticism.patch31
1 files changed, 0 insertions, 31 deletions
diff --git a/package/libs/openssl/patches/200-OPENSSL_config-restore-error-agnosticism.patch b/package/libs/openssl/patches/200-OPENSSL_config-restore-error-agnosticism.patch
deleted file mode 100644
index 3923ac41da..0000000000
--- a/package/libs/openssl/patches/200-OPENSSL_config-restore-error-agnosticism.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 9933d4a06bd0a0b5b757f072944e8cd54d4bddd3 Mon Sep 17 00:00:00 2001
-From: Richard Levitte <levitte@openssl.org>
-Date: Wed, 20 Mar 2019 10:18:13 +0100
-Subject: [PATCH] OPENSSL_config(): restore error agnosticism
-
-Great effort has been made to make initialization more configurable.
-However, the behavior of OPENSSL_config() was lost in the process,
-having it suddenly generate errors it didn't previously, which is not
-how it's documented to behave.
-
-A simple setting of default flags fixes this problem.
-
-Fixes #8528
-
-Reviewed-by: Matt Caswell <matt@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/8533)
-
-(cherry picked from commit 905c9a72a708701597891527b422c7f374125c52)
-
-diff --git a/crypto/conf/conf_sap.c b/crypto/conf/conf_sap.c
-index 2ce42f0c67..3805c426d8 100644
---- a/crypto/conf/conf_sap.c
-+++ b/crypto/conf/conf_sap.c
-@@ -35,6 +35,7 @@ void OPENSSL_config(const char *appname)
- memset(&settings, 0, sizeof(settings));
- if (appname != NULL)
- settings.appname = strdup(appname);
-+ settings.flags = DEFAULT_CONF_MFLAGS;
- OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, &settings);
- }
- #endif