[PATCH] delete obsolete patch for OpenSSL 1.0.x

[PATCH] delete obsolete patch for OpenSSL 1.0.x

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 1327 bytes --]

This patch became obsolete since we use OpenSSL 1.1.x in Core Update
120 and onward, where a similar patch already exists.

Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
---
 src/patches/openssl-1.0.2h-weak-ciphers.patch | 12 ------------
 1 file changed, 12 deletions(-)
 delete mode 100644 src/patches/openssl-1.0.2h-weak-ciphers.patch

diff --git a/src/patches/openssl-1.0.2h-weak-ciphers.patch b/src/patches/openssl-1.0.2h-weak-ciphers.patch
deleted file mode 100644
index d1ec6a2af..000000000
--- a/src/patches/openssl-1.0.2h-weak-ciphers.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -Naur openssl-1.0.2h.org/ssl/ssl.h openssl-1.0.2h/ssl/ssl.h
---- openssl-1.0.2h.org/ssl/ssl.h	2016-05-03 15:44:42.000000000 +0200
-+++ openssl-1.0.2h/ssl/ssl.h	2016-05-03 18:49:10.393302264 +0200
-@@ -338,7 +338,7 @@
-  * The following cipher list is used by default. It also is substituted when
-  * an application-defined cipher list string starts with 'DEFAULT'.
-  */
--# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"
-+# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2:!RC2:!DES"
- /*
-  * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
-  * starts with a reasonable order, and all we have to do for DEFAULT is
-- 
2.13.6

Re: [PATCH] delete obsolete patch for OpenSSL 1.0.x

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 1716 bytes --]

Hello,

this patch is actually used in lfs/openssl-compat.

We still ship the old version since some add-ons and some old (self-compiled)
binaries might still be linked against this. It is to be determined for how long
we will continue to ship both versions.

Best,
-Michael

On Sat, 2018-03-24 at 15:59 +0100, Peter Müller wrote:
> This patch became obsolete since we use OpenSSL 1.1.x in Core Update
> 120 and onward, where a similar patch already exists.
> 
> Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
> ---
>  src/patches/openssl-1.0.2h-weak-ciphers.patch | 12 ------------
>  1 file changed, 12 deletions(-)
>  delete mode 100644 src/patches/openssl-1.0.2h-weak-ciphers.patch
> 
> diff --git a/src/patches/openssl-1.0.2h-weak-ciphers.patch
> b/src/patches/openssl-1.0.2h-weak-ciphers.patch
> deleted file mode 100644
> index d1ec6a2af..000000000
> --- a/src/patches/openssl-1.0.2h-weak-ciphers.patch
> +++ /dev/null
> @@ -1,12 +0,0 @@
> -diff -Naur openssl-1.0.2h.org/ssl/ssl.h openssl-1.0.2h/ssl/ssl.h
> ---- openssl-1.0.2h.org/ssl/ssl.h	2016-05-03 15:44:42.000000000 +0200
> -+++ openssl-1.0.2h/ssl/ssl.h	2016-05-03 18:49:10.393302264 +0200
> -@@ -338,7 +338,7 @@
> -  * The following cipher list is used by default. It also is substituted when
> -  * an application-defined cipher list string starts with 'DEFAULT'.
> -  */
> --# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"
> -+# define SSL_DEFAULT_CIPHER_LIST
> "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2:!RC2:!DES"
> - /*
> -  * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
> -  * starts with a reasonable order, and all we have to do for DEFAULT is

Re: [PATCH] delete obsolete patch for OpenSSL 1.0.x

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 1899 bytes --]

Hello,

thanks, I was missing that. Please drop this patch.

Best regards,
Peter Müller

> Hello,
> 
> this patch is actually used in lfs/openssl-compat.
> 
> We still ship the old version since some add-ons and some old (self-compiled)
> binaries might still be linked against this. It is to be determined for how long
> we will continue to ship both versions.
> 
> Best,
> -Michael
> 
> On Sat, 2018-03-24 at 15:59 +0100, Peter Müller wrote:
> > This patch became obsolete since we use OpenSSL 1.1.x in Core Update
> > 120 and onward, where a similar patch already exists.
> > 
> > Signed-off-by: Peter Müller <peter.mueller(a)link38.eu>
> > ---
> >  src/patches/openssl-1.0.2h-weak-ciphers.patch | 12 ------------
> >  1 file changed, 12 deletions(-)
> >  delete mode 100644 src/patches/openssl-1.0.2h-weak-ciphers.patch
> > 
> > diff --git a/src/patches/openssl-1.0.2h-weak-ciphers.patch
> > b/src/patches/openssl-1.0.2h-weak-ciphers.patch
> > deleted file mode 100644
> > index d1ec6a2af..000000000
> > --- a/src/patches/openssl-1.0.2h-weak-ciphers.patch
> > +++ /dev/null
> > @@ -1,12 +0,0 @@
> > -diff -Naur openssl-1.0.2h.org/ssl/ssl.h openssl-1.0.2h/ssl/ssl.h
> > ---- openssl-1.0.2h.org/ssl/ssl.h	2016-05-03 15:44:42.000000000 +0200
> > -+++ openssl-1.0.2h/ssl/ssl.h	2016-05-03 18:49:10.393302264 +0200
> > -@@ -338,7 +338,7 @@
> > -  * The following cipher list is used by default. It also is substituted when
> > -  * an application-defined cipher list string starts with 'DEFAULT'.
> > -  */
> > --# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"
> > -+# define SSL_DEFAULT_CIPHER_LIST
> > "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2:!RC2:!DES"
> > - /*
> > -  * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
> > -  * starts with a reasonable order, and all we have to do for DEFAULT is