openssl_1_1: 1.1.1 -> 1.1.1a
CVE-2018-0734: https://www.openssl.org/news/vulnerabilities.html#2018-0734 CVE-2018-0735: https://www.openssl.org/news/vulnerabilities.html#2018-0735
This commit is contained in:
parent
ae29a9e688
commit
d012516c44
@ -0,0 +1,15 @@
|
||||
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
|
||||
index 244512c935..f0b70d7ea1 100644
|
||||
--- a/crypto/x509/by_file.c
|
||||
+++ b/crypto/x509/by_file.c
|
||||
@@ -46,7 +46,9 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp,
|
||||
switch (cmd) {
|
||||
case X509_L_FILE_LOAD:
|
||||
if (argl == X509_FILETYPE_DEFAULT) {
|
||||
- file = ossl_safe_getenv(X509_get_default_cert_file_env());
|
||||
+ file = ossl_safe_getenv("NIX_SSL_CERT_FILE");
|
||||
+ if (!file)
|
||||
+ file = ossl_safe_getenv(X509_get_default_cert_file_env());
|
||||
if (file)
|
||||
ok = (X509_load_cert_crl_file(ctx, file,
|
||||
X509_FILETYPE_PEM) != 0);
|
@ -131,9 +131,9 @@ in {
|
||||
};
|
||||
|
||||
openssl_1_1 = common {
|
||||
version = "1.1.1";
|
||||
sha256 = "0gbab2fjgms1kx5xjvqx8bxhr98k4r8l2fa8vw7kvh491xd8fdi8";
|
||||
patches = [ ./nix-ssl-cert-file.patch ];
|
||||
version = "1.1.1a";
|
||||
sha256 = "0hcz7znzznbibpy3iyyhvlqrq44y88plxwdj32wjzgbwic7i687w";
|
||||
patches = [ ./1.1/nix-ssl-cert-file.patch ];
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -1,14 +0,0 @@
|
||||
diff -ru -x '*~' openssl-1.0.2j-orig/crypto/x509/by_file.c openssl-1.0.2j/crypto/x509/by_file.c
|
||||
--- openssl-1.0.2j-orig/crypto/x509/by_file.c 2016-09-26 11:49:07.000000000 +0200
|
||||
+++ openssl-1.0.2j/crypto/x509/by_file.c 2016-10-13 16:54:31.400288302 +0200
|
||||
@@ -97,7 +97,9 @@
|
||||
switch (cmd) {
|
||||
case X509_L_FILE_LOAD:
|
||||
if (argl == X509_FILETYPE_DEFAULT) {
|
||||
- file = getenv(X509_get_default_cert_file_env());
|
||||
+ file = getenv("NIX_SSL_CERT_FILE");
|
||||
+ if (!file)
|
||||
+ file = getenv(X509_get_default_cert_file_env());
|
||||
if (file)
|
||||
ok = (X509_load_cert_crl_file(ctx, file,
|
||||
X509_FILETYPE_PEM) != 0);
|
Loading…
Reference in New Issue
Block a user