openssl: drop the valgrind patch that introduce a security hole

debian/valgrind.patch is the 'famous' Debian OpenSSL patch responsible for everyone using Debian and derivatives changing their keys. All keys generated with the patched OpenSSL are compromised so at very least we have to drop this patch for good. Signed-off-by: Ilya Yanok <yanok@emcraft.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2011-01-18 01:36:17 +03:00 · 2011-01-18 01:36:17 +03:00 · 81f1457d7e
parent 05cb09b2ff
commit 81f1457d7e
2 changed files with 0 additions and 16 deletions
--- a/meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch
+++ b/meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch
@ -1,15 +0,0 @@
-Index: openssl-0.9.8k/crypto/rand/md_rand.c
-===================================================================
--- openssl-0.9.8k.orig/crypto/rand/md_rand.c	2008-09-16 13:50:05.000000000 +0200
-+++ openssl-0.9.8k/crypto/rand/md_rand.c	2009-07-19 11:36:05.000000000 +0200
-@@ -477,8 +477,10 @@
- 		MD_Update(&m,local_md,MD_DIGEST_LENGTH);
- 		MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
- #ifndef PURIFY
-+#if 0 /* Don't add uninitialised data. */
- 		MD_Update(&m,buf,j); /* purify complains */
- #endif
-+#endif
- 		k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
- 		if (k > 0)
- 			{
--- a/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb
+++ b/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb
@ -13,7 +13,6 @@ SRC_URI += "file://debian/ca.patch \
            file://debian/no-symbolic.patch \
            file://debian/pic.patch \
            file://debian/pkg-config.patch \
-            file://debian/valgrind.patch \
            file://debian/rc4-amd64.patch \
            file://debian/rehash-crt.patch \
            file://debian/rehash_pod.patch \