Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CVE-2018-0734: https://www.openssl.org/news/vulnerabilities.html#2018-0734 CVE-2018-5407: https://www.openssl.org/news/vulnerabilities.html#2018-5407 No patches can any longer be shared between 1.0.2 and 1.1, so reorganize patches into subdirectories (and remove an unused one).
- Loading branch information
Showing
5 changed files
with
27 additions
and
21 deletions.
There are no files selected for viewing
16 changes: 16 additions & 0 deletions
16
pkgs/development/libraries/openssl/1.0.2/nix-ssl-cert-file.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c | ||
index e6d0e6e1a6..b89456fd87 100644 | ||
--- a/crypto/x509/by_file.c | ||
+++ b/crypto/x509/by_file.c | ||
@@ -97,7 +97,10 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, | ||
switch (cmd) { | ||
case X509_L_FILE_LOAD: | ||
if (argl == X509_FILETYPE_DEFAULT) { | ||
- file = ossl_safe_getenv(X509_get_default_cert_file_env()); | ||
+ file = ossl_safe_getenv("NIX_SSL_CERT_FILE"); | ||
+ | ||
+ if (!file) | ||
+ file = ossl_safe_getenv(X509_get_default_cert_file_env()); | ||
|
||
if (file) | ||
ok = (X509_load_cert_crl_file(ctx, file, |
File renamed without changes.
File renamed without changes.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters