1 files changed, 0 insertions, 36 deletions

diff --git a/patches/openssl-1.0.2q/0007-block_digicert_malaysia.patch b/patches/openssl-1.0.2q/0007-block_digicert_malaysia.patch
deleted file mode 100644
index e5024163c..000000000
--- a/patches/openssl-1.0.2q/0007-block_digicert_malaysia.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From: Raphael Geissert <geissert@debian.org>
-Date: Tue, 12 Dec 2017 23:35:24 +0100
-Subject: [PATCH] block_digicert_malaysia
-
-Description: make X509_verify_cert indicate that any certificate whose
- name contains "Digicert Sdn. Bhd." (from Malaysia) is revoked.
-Forwarded: not-needed
-Origin: vendor
-Last-Update: 2011-11-05
-
-Imported from openssl1.0_1.0.2q-2.debian.tar.xz
-
-Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
----
- crypto/x509/x509_vfy.c | 7 ++++---
- 1 file changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
-index 77bdb18882ce..f7f8ed76e05b 100644
---- a/crypto/x509/x509_vfy.c
-+++ b/crypto/x509/x509_vfy.c
-@@ -1122,10 +1122,11 @@ static int check_ca_blacklist(X509_STORE_CTX *ctx)
- 	for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
- 		{
- 		x = sk_X509_value(ctx->chain, i);
--		/* Mark DigiNotar certificates as revoked, no matter
--		 * where in the chain they are.
-+		/* Mark certificates containing the following names as
-+		 * revoked, no matter where in the chain they are.
- 		 */
--		if (x->name && strstr(x->name, "DigiNotar"))
-+		if (x->name && (strstr(x->name, "DigiNotar") ||
-+			strstr(x->name, "Digicert Sdn. Bhd.")))
- 			{
- 			ctx->error = X509_V_ERR_CERT_REVOKED;
- 			ctx->error_depth = i;