Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: Enable X509_V_FLAG_TRUSTED_FIRST flag in BoringSSL (#31214)
* fix: Enable X509_V_FLAG_TRUSTED_FIRST flag in BoringSSL Fixes: #31212 Signed-off-by: Juan Cruz Viotti <jv@jviotti.com> * Update .patches * chore: update patches Co-authored-by: Juan Cruz Viotti <jv@jviotti.com> Co-authored-by: Samuel Attard <sam@electronjs.org> Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
- Loading branch information
1 parent
8a9811a
commit 504ecb4
Showing
2 changed files
with
21 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,4 @@ | ||
expose_ripemd160.patch | ||
expose_aes-cfb.patch | ||
expose_des-ede3.patch | ||
enable_x509_v_flag_trusted_first_flag.patch |
20 changes: 20 additions & 0 deletions
20
patches/boringssl/enable_x509_v_flag_trusted_first_flag.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 | ||
From: Juan Cruz Viotti <jv@jviotti.com> | ||
Date: Thu, 30 Sep 2021 13:39:23 -0400 | ||
Subject: Enable X509_V_FLAG_TRUSTED_FIRST flag | ||
|
||
Signed-off-by: Juan Cruz Viotti <jv@jviotti.com> | ||
|
||
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c | ||
index d8d1efe883321510e4da1aab2cd78378e395c2b2..a371d611dbb2ea7a287a3cb117c3e3d0e1a925b6 100644 | ||
--- a/crypto/x509/x509_vpm.c | ||
+++ b/crypto/x509/x509_vpm.c | ||
@@ -548,7 +548,7 @@ static const X509_VERIFY_PARAM default_table[] = { | ||
(char *)"default", /* X509 default parameters */ | ||
0, /* Check time */ | ||
0, /* internal flags */ | ||
- 0, /* flags */ | ||
+ X509_V_FLAG_TRUSTED_FIRST, /* flags */ | ||
0, /* purpose */ | ||
0, /* trust */ | ||
100, /* depth */ |