diff --git a/pkgs/applications/misc/xca/0001-Fix-for-openssl-1.0.1i.patch b/pkgs/applications/misc/xca/0001-Fix-for-openssl-1.0.1i.patch deleted file mode 100644 index 9bfe3831c4aa..000000000000 --- a/pkgs/applications/misc/xca/0001-Fix-for-openssl-1.0.1i.patch +++ /dev/null @@ -1,57 +0,0 @@ -From abd9d530776e8bb6d8f05312fc3ae3044796139c Mon Sep 17 00:00:00 2001 -From: Oliver Winker -Date: Tue, 12 Aug 2014 19:08:05 +0200 -Subject: [PATCH] Fix for openssl 1.0.1i - -Fixes following application error ---- -Errors -error:0D0C40D8:asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error error:0D0C40D8:asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error error:0D0C40D8:asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error error:0D0C40D8:asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error error:0D0C40D8:asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error ---- - -Due to openssl 1.0.1i change: ---- -commit 03b04ddac162c7b7fa3c57eadccc5a583a00d291 -Author: Emilia Kasper -Date: Wed Jul 2 19:02:33 2014 +0200 - - Fix OID handling: - - - Upon parsing, reject OIDs with invalid base-128 encoding. - - Always NUL-terminate the destination buffer in OBJ_obj2txt printing function. - - CVE-2014-3508 - - Reviewed-by: Dr. Stephen Henson - Reviewed-by: Kurt Roeckx - Reviewed-by: Tim Hudson ---- ---- - lib/x509v3ext.cpp | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/lib/x509v3ext.cpp b/lib/x509v3ext.cpp -index cf74c32..d94cbda 100644 ---- a/lib/x509v3ext.cpp -+++ b/lib/x509v3ext.cpp -@@ -27,6 +27,8 @@ x509v3ext::x509v3ext(const X509_EXTENSION *n) - x509v3ext::x509v3ext(const x509v3ext &n) - { - ext = NULL; -+ if (!n.isValid()) -+ return; - set(n.ext); - } - -@@ -743,7 +745,7 @@ X509_EXTENSION *x509v3ext::get() const - - bool x509v3ext::isValid() const - { -- return ext->value->length > 0 && -+ return ext && ext->value && ext->value->length > 0 && - OBJ_obj2nid(ext->object) != NID_undef; - } - --- -2.0.1 - diff --git a/pkgs/applications/misc/xca/default.nix b/pkgs/applications/misc/xca/default.nix index d5fa5e5ec56d..fdd136cc8389 100644 --- a/pkgs/applications/misc/xca/default.nix +++ b/pkgs/applications/misc/xca/default.nix @@ -2,21 +2,13 @@ stdenv.mkDerivation rec { name = "xca-${version}"; - version = "0.9.3"; + version = "1.3.0"; src = fetchurl { url = "mirror://sourceforge/xca/${name}.tar.gz"; - sha256 = "1fn6kh8mdy65rrgjif7j9wn3mxg1mrrcnhzpi86hfy24ic6bahk8"; + sha256 = "0k21d4lfkn0nlj8az6067dmc5dgy5cidspljagmh5frsv576wnzg"; }; - patches = [ ./0001-Fix-for-openssl-1.0.1i.patch ]; - - configurePhase = '' - export PATH=$PATH:${which}/bin - export QTDIR=${qt4} - prefix=$out ./configure ${openssl} ${libtool} - ''; - postInstall = '' wrapProgram "$out/bin/xca" \ --prefix LD_LIBRARY_PATH : "${qt4}/lib:${gcc.cc}/lib:${gcc.cc}/lib64:${openssl}/lib:${libtool}/lib"