- Rebase to native Fedora version 2.6.3.

[fedora-mingw.git] / gnutls / gnutls-1.4.1-cve-2008-4989.patch

diff --git a/gnutls/gnutls-1.4.1-cve-2008-4989.patch b/gnutls/gnutls-1.4.1-cve-2008-4989.patch
deleted file mode 100644 (file)
index c7f5bc7..0000000
--- a/gnutls/gnutls-1.4.1-cve-2008-4989.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-diff -up gnutls-1.4.1/lib/x509/verify.c.chain-verify gnutls-1.4.1/lib/x509/verify.c
---- gnutls-1.4.1/lib/x509/verify.c.chain-verify        2008-11-11 10:55:19.000000000 +0100
-+++ gnutls-1.4.1/lib/x509/verify.c     2008-11-11 10:58:54.000000000 +0100
-@@ -379,6 +379,17 @@ _gnutls_x509_verify_certificate (const g
-   int i = 0, ret;
-   unsigned int status = 0, output;
- 
-+  /* Check if the last certificate in the path is self signed.
-+   * In that case ignore it (a certificate is trusted only if it
-+   * leads to a trusted party by us, not the server's).
-+   */
-+  if (clist_size > 1 &&
-+      gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
-+                                  certificate_list[clist_size - 1]) > 0)
-+    {
-+      clist_size--;
-+    }
-+
-   /* Verify the last certificate in the certificate path
-    * against the trusted CA certificate list.
-    *
-@@ -417,17 +428,6 @@ _gnutls_x509_verify_certificate (const g
-     }
- #endif
- 
--  /* Check if the last certificate in the path is self signed.
--   * In that case ignore it (a certificate is trusted only if it
--   * leads to a trusted party by us, not the server's).
--   */
--  if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
--                                  certificate_list[clist_size - 1]) > 0
--      && clist_size > 0)
--    {
--      clist_size--;
--    }
--
-   /* Verify the certificate path (chain) 
-    */
-   for (i = clist_size - 1; i > 0; i--)