From 1d511bce13be23e6119e6805dafa1054ad638fa4 Mon Sep 17 00:00:00 2001 From: Michael Catanzaro Date: Tue, 26 Jul 2022 08:27:46 -0500 Subject: [PATCH] Restore certificate revocation checking "Restore" is not quite the right word, because we never performed any certificate revocation checking: it was disabled almost immediately after it was added due to this bug: https://bugzilla.redhat.com/show_bug.cgi?id=2003363 which seems to be no longer relevant. So I think we can start doing it now. In practice, it only works for servers that support OCSP stapling, which is not much. --- glib-networking.spec | 3 --- sabotage-revocation-checks.patch | 14 -------------- 2 files changed, 17 deletions(-) delete mode 100644 sabotage-revocation-checks.patch diff --git a/glib-networking.spec b/glib-networking.spec index f561836..d2904f6 100644 --- a/glib-networking.spec +++ b/glib-networking.spec @@ -16,9 +16,6 @@ License: LGPLv2+ URL: https://gitlab.gnome.org/GNOME/glib-networking Source0: https://download.gnome.org/sources/glib-networking/2.74/%{name}-%{tarball_version}.tar.xz -# https://bugzilla.redhat.com/show_bug.cgi?id=2024296 -Patch0: sabotage-revocation-checks.patch - BuildRequires: ca-certificates BuildRequires: gcc BuildRequires: gettext diff --git a/sabotage-revocation-checks.patch b/sabotage-revocation-checks.patch deleted file mode 100644 index 8805cb0..0000000 --- a/sabotage-revocation-checks.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/tls/gnutls/gtlsconnection-gnutls.c b/tls/gnutls/gtlsconnection-gnutls.c -index 1b60740..e8fee43 100644 ---- a/tls/gnutls/gtlsconnection-gnutls.c -+++ b/tls/gnutls/gtlsconnection-gnutls.c -@@ -1016,7 +1016,7 @@ g_tls_connection_gnutls_verify_chain (GTlsConnectionBase *tls, - * GTlsDatabaseGnutls. - */ - database = g_tls_connection_get_database (G_TLS_CONNECTION (gnutls)); -- if (!G_IS_TLS_DATABASE_GNUTLS (database)) -+ if (TRUE) /* Fedora: sabotage new codepath due to https://bugzilla.redhat.com/show_bug.cgi?id=2024296 */ - { - return g_tls_database_verify_chain (database, - chain, -