rpms / shim

Clone
Source Code
GIT

Blame SOURCES/0035-OpenSSL-always-provide-OBJ_create-with-name-strings.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   6e4e7fc15c81e44dbc5d46ef80ef7326e543437d
  2.   SOURCES
  3.   0035-OpenSSL-always-provide-OBJ_create-with-name-strings.patch
Blob History Raw
00e791 
From 44b211bcf7ad58ff29e6495e1c3978e4660cb7d1 Mon Sep 17 00:00:00 2001
00e791 
From: Peter Jones <pjones@redhat.com>
00e791 
Date: Tue, 15 Jan 2019 18:04:34 -0500
00e791 
Subject: [PATCH 35/62] OpenSSL: always provide OBJ_create() with name strings.
00e791
00e791 
Some versions of OpenSSL seem to go back and forth as to whether NULL
00e791 
for these names are okay.  Don't risk it.
00e791
00e791 
Signed-off-by: Peter Jones <pjones@redhat.com>
00e791 
Upstream-commit-id: 46b76a01717
00e791 
---
00e791 
 shim.c | 4 +++-
00e791 
 1 file changed, 3 insertions(+), 1 deletion(-)
00e791
00e791 
diff --git a/shim.c b/shim.c
00e791 
index a0eb19b91fe..d7ee2b6de6f 100644
00e791 
--- a/shim.c
00e791 
+++ b/shim.c
00e791 
@@ -388,7 +388,9 @@ static BOOLEAN verify_eku(UINT8 *Cert, UINTN CertSize)
00e791 
 	EXTENDED_KEY_USAGE *eku;
00e791 
 	ASN1_OBJECT *module_signing;
00e791
00e791 
-	module_signing = OBJ_nid2obj(OBJ_create(OID_EKU_MODSIGN, NULL, NULL));
00e791 
+        module_signing = OBJ_nid2obj(OBJ_create(OID_EKU_MODSIGN,
00e791 
+                                                "modsign-eku",
00e791 
+                                                "modsign-eku"));
00e791
00e791 
 	x509 = d2i_X509 (NULL, &Temp, (long) CertSize);
00e791 
 	if (x509 != NULL) {
00e791 
--
00e791 
2.26.2
00e791

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation