From 47051c2a0aa6307d0d1cefb05d51d0eda175a62e Mon Sep 17 00:00:00 2001 From: =?utf8?q?Peter=20M=C3=BCller?= Date: Mon, 5 Nov 2018 16:21:43 +0100 Subject: [PATCH] drop orphaned OpenSSL patches MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Peter Müller Signed-off-by: Michael Tremer --- src/patches/openssl-1.0.2h-weak-ciphers.patch | 12 ------------ src/patches/openssl-1.1.0g-weak-ciphers.patch | 11 ----------- 2 files changed, 23 deletions(-) delete mode 100644 src/patches/openssl-1.0.2h-weak-ciphers.patch delete mode 100644 src/patches/openssl-1.1.0g-weak-ciphers.patch diff --git a/src/patches/openssl-1.0.2h-weak-ciphers.patch b/src/patches/openssl-1.0.2h-weak-ciphers.patch deleted file mode 100644 index d1ec6a2afc..0000000000 --- a/src/patches/openssl-1.0.2h-weak-ciphers.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Naur openssl-1.0.2h.org/ssl/ssl.h openssl-1.0.2h/ssl/ssl.h ---- openssl-1.0.2h.org/ssl/ssl.h 2016-05-03 15:44:42.000000000 +0200 -+++ openssl-1.0.2h/ssl/ssl.h 2016-05-03 18:49:10.393302264 +0200 -@@ -338,7 +338,7 @@ - * The following cipher list is used by default. It also is substituted when - * an application-defined cipher list string starts with 'DEFAULT'. - */ --# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2" -+# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2:!RC2:!DES" - /* - * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always - * starts with a reasonable order, and all we have to do for DEFAULT is diff --git a/src/patches/openssl-1.1.0g-weak-ciphers.patch b/src/patches/openssl-1.1.0g-weak-ciphers.patch deleted file mode 100644 index 66dad2bee5..0000000000 --- a/src/patches/openssl-1.1.0g-weak-ciphers.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- openssl-1.1.0g-orig/include/openssl/ssl.h 2017-11-02 15:29:05.000000000 +0100 -+++ openssl-1.1.0g/include/openssl/ssl.h 2018-02-27 18:23:43.522649728 +0100 -@@ -194,7 +194,7 @@ - * The following cipher list is used by default. It also is substituted when - * an application-defined cipher list string starts with 'DEFAULT'. - */ --# define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL" -+# define SSL_DEFAULT_CIPHER_LIST "kEECDH+ECDSA:kEECDH:kEDH:HIGH:+SHA:+kRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!kECDH:!IDEA:!SEED:!RC4:!kDH:!DSS" - /* - * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always - * starts with a reasonable order, and all we have to do for DEFAULT is -- 2.39.2