diff --git a/0049-Selectively-disallow-SHA1-signatures.patch b/0049-Selectively-disallow-SHA1-signatures.patch index df0404c..f8fda92 100644 --- a/0049-Selectively-disallow-SHA1-signatures.patch +++ b/0049-Selectively-disallow-SHA1-signatures.patch @@ -1,4 +1,4 @@ -From f6a2f59574788aadd0ce323ad8ebe4d0c470672e Mon Sep 17 00:00:00 2001 +From e738d17c45869eda31cb94f2832e65ec7cf8afa9 Mon Sep 17 00:00:00 2001 From: Clemens Lang Date: Wed, 17 Aug 2022 12:56:29 -0400 Subject: [PATCH] Selectively disallow SHA1 signatures @@ -235,7 +235,7 @@ index a84113287c3d0edf6c67726aee7d8abb87401445..f1536258470563b4fe74f8d1e3db6d73 The value is a boolean that can be B or B. If the value is diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h -index 1291299b6e50ea129ba77c85bb0b21b0997e4494..e234341e6afd15f7108c7af453d6f2190c086b04 100644 +index 934d4b089c209a16b01a364da0f528afd4d12475..45346d7d0b0c91eae4a9d4466ed314c0873cf6f6 100644 --- a/include/internal/cryptlib.h +++ b/include/internal/cryptlib.h @@ -168,7 +168,8 @@ typedef struct ossl_ex_data_global_st { @@ -439,7 +439,7 @@ index 7023a866131e38c214ac7326fdd83274dab81833..f66d7705c35add553694c5808b51d569 if (pmgf1mdname != NULL && !rsa_setup_mgf1_md(prsactx, pmgf1mdname, pmgf1mdprops)) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c -index 48a0b7f6e5908e62b433a306c49a3f2ff7e8df76..909e38c2fe88324884a939b583fd7f43d01f3920 100644 +index 51c2283db915d792fa3020a2d7cbdc0d91fc9dca..89c1dd31c72271b1923ab972e3d3359b6c8e1a03 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -20,6 +20,7 @@ @@ -477,15 +477,15 @@ index 48a0b7f6e5908e62b433a306c49a3f2ff7e8df76..909e38c2fe88324884a939b583fd7f43 if (!EVP_PKEY_set_type(tmpkey, lu->sig)) { cache[i].enabled = 0; diff --git a/util/libcrypto.num b/util/libcrypto.num -index d94f406606132690d4744e470d98eff377d87699..07ae9a21ec979028eb78feaee4cadb801b790caf 100644 +index 4e729be97d7b31b4caf0c3bab06dbce908dc2628..2ad515028ac6522e43cdb48794ba2cc96de56049 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num -@@ -5428,3 +5428,5 @@ EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION: - OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION: +@@ -5429,3 +5429,5 @@ OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION: OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION: + OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: +ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION: +ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION: -- -2.37.2 +2.39.1