diff options
| author | Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> | 2015-05-06 09:49:30 -0400 |
|---|---|---|
| committer | Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> | 2015-05-06 09:49:30 -0400 |
| commit | 2283f5e85dbc78dd10810cb6ebfa39e61ab6759e (patch) | |
| tree | 88017c6acfa326ebaab2d7a4935534f65a36db9b /Cryptlib/OpenSSL/crypto/x509 | |
| parent | 3967dc652453e47ecd5f21a55bb687be15c59e9c (diff) | |
| download | efi-boot-shim-2283f5e85dbc78dd10810cb6ebfa39e61ab6759e.tar.gz efi-boot-shim-2283f5e85dbc78dd10810cb6ebfa39e61ab6759e.zip | |
Unapplying patches to prevent spurious conflicts.
Diffstat (limited to 'Cryptlib/OpenSSL/crypto/x509')
| -rwxr-xr-x | Cryptlib/OpenSSL/crypto/x509/by_dir.c | 8 | ||||
| -rwxr-xr-x | Cryptlib/OpenSSL/crypto/x509/x509_vfy.c | 6 |
2 files changed, 5 insertions, 9 deletions
diff --git a/Cryptlib/OpenSSL/crypto/x509/by_dir.c b/Cryptlib/OpenSSL/crypto/x509/by_dir.c index dc2e7df8..b3acd80f 100755 --- a/Cryptlib/OpenSSL/crypto/x509/by_dir.c +++ b/Cryptlib/OpenSSL/crypto/x509/by_dir.c @@ -92,10 +92,8 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, static int new_dir(X509_LOOKUP *lu); static void free_dir(X509_LOOKUP *lu); static int add_cert_dir(BY_DIR *ctx,const char *dir,int type); -#ifndef OPENSSL_NO_STDIO static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name, X509_OBJECT *ret); -#endif X509_LOOKUP_METHOD x509_dir_lookup= { "Load certs from files in a directory", @@ -104,11 +102,7 @@ X509_LOOKUP_METHOD x509_dir_lookup= NULL, /* init */ NULL, /* shutdown */ dir_ctrl, /* ctrl */ -#ifdef OPENSSL_NO_STDIO - NULL, /* get_by_subject */ -#else get_cert_by_subject, /* get_by_subject */ -#endif NULL, /* get_by_issuer_serial */ NULL, /* get_by_fingerprint */ NULL, /* get_by_alias */ @@ -248,7 +242,6 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) return(1); } -#ifndef OPENSSL_NO_STDIO static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, X509_OBJECT *ret) { @@ -390,4 +383,3 @@ finish: if (b != NULL) BUF_MEM_free(b); return(ok); } -#endif diff --git a/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c b/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c index b87617ac..af12520f 100755 --- a/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c +++ b/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c @@ -386,7 +386,11 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) static int check_chain_extensions(X509_STORE_CTX *ctx) { -#ifdef OPENSSL_NO_CHAIN_VERIFY +#if defined(OPENSSL_NO_CHAIN_VERIFY) || defined(OPENSSL_SYS_UEFI) + /* + NOTE: Bypass KU Flags Checking for UEFI version. There are incorrect KU flag setting + in Authenticode Signing Certificates. + */ return 1; #else int i, ok=0, must_be_ca, plen = 0; |