mirror of
https://github.com/coolsnowwolf/lede.git
synced 2025-07-22 11:16:59 +08:00
5a8163e07b
* package: sync with upstream Removed: package/libs/libselinux/bcm27xx-userland (Already in package/utils/bcm27xx-userland) Signed-off-by: Linhui Liu <liulinhui36@gmail.com> * uclibc++: remove No package here depends on it. Furthermore, uClibc++ is a fairly buggy C++ library and seems to be relatively inactive upstream. It also lacks proper support for modern C++11 features. The main benefit of it is size: 66.6 KB vs 287.3 KB on mips24kc. Static linking and LTO can help bring the size down of packages that need it. Added warning message to uclibc++.mk Signed-off-by: Rosen Penev <rosenp@gmail.com> Acked-by: Hauke Mehrtens <hauke@hauke-m.de> * target: sync with upstream Signed-off-by: Linhui Liu <liulinhui36@gmail.com> * toolchain: gcc: Remove gcc 10.x support This compiler is old and was never used by default in OpenWrt. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> * ucode: update to latest Git HEAD 46d93c9 tests: fixup testcases 4c654df types: adjust double printing format eac2add compiler: fix bytecode for logical assignments of properties 3903b18 fs: add `realpath()` function 8366102 math: add isnan() function eef83d3 tests: relax sleep() test 394e901 lib: uc_json(): accept trailing whitespace when parsing strings 1867c8b uloop: terminate parent uloop in task child processes d2cc003 uci: auto-load package in `ctx.foreach()` and `ctx.get_first()` 6c5ee53 compiler: ensure that arrow functions with block bodies return no value fdc9b6a compiler: fix `??=`, `||=` and `&&=` logical assignment semantics 88dcca7 add cmake to install requires for debian Signed-off-by: Jo-Philipp Wich <jo@mein.io> * firewall4: update to latest Git HEAD 700a925 fw4: prevent null access when no ipsets are defined 6443ec7 config: drop input traffic by default 119ee1a ruleset: drop ctstate invalid traffic for masq-enabled zones Signed-off-by: Jo-Philipp Wich <jo@mein.io> * ustream-ssl: update to Git version 2022-12-07 9217ab4 ustream-openssl: Disable renegotiation in TLSv1.2 and earlier 2ce1d48 ci: fix building with i.MX6 SDK 584f1f6 ustream-openssl: wolfSSL: provide detailed information in debug builds aa8c48e cmake: add a possibility to set library version Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> * tools/mpfr: import patch fixing macro bug Co-authored-by: Nick Hainke <vincent@systemli.org> Signed-off-by: Linhui Liu <liulinhui36@gmail.com> Signed-off-by: Linhui Liu <liulinhui36@gmail.com> Signed-off-by: Rosen Penev <rosenp@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: Jo-Philipp Wich <jo@mein.io> Co-authored-by: Rosen Penev <rosenp@gmail.com> Co-authored-by: Hauke Mehrtens <hauke@hauke-m.de> Co-authored-by: Jo-Philipp Wich <jo@mein.io> Co-authored-by: Nick Hainke <vincent@systemli.org>
54 lines
1.7 KiB
Diff
54 lines
1.7 KiB
Diff
From 3c51cb5ff1d0db41fb3288fb555c7e7055cf3e86 Mon Sep 17 00:00:00 2001
|
|
From: Christian Lamparter <chunkeey@gmail.com>
|
|
Date: Wed, 1 Dec 2021 14:41:31 +0100
|
|
Subject: [PATCH] ca-certificates: fix python3-cryptography woes in
|
|
certdata2pem.py
|
|
|
|
reverts the code portion of the Debian's ca-certificate
|
|
commit 033d52259172 ("mozilla/certdata2pem.py: print a warning for expired certificates.")
|
|
|
|
It broke builds with the popular Ubuntu 20.04 (focal) releases.
|
|
This was due to them shipping with an older python3-cryptography
|
|
version which is not compatible.
|
|
|
|
More concerns were raised by jow- as well:
|
|
"We don't want the build to depend on the local system time anyway."
|
|
|
|
Reported-by: Chen Minqiang <ptpt52@gmail.com>
|
|
Reported-by: Shane Synan <digitalcircuit36939@gmail.com>
|
|
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
|
|
---
|
|
--- a/work/mozilla/certdata2pem.py
|
|
+++ b/work/mozilla/certdata2pem.py
|
|
@@ -21,16 +21,12 @@
|
|
# USA.
|
|
|
|
import base64
|
|
-import datetime
|
|
import os.path
|
|
import re
|
|
import sys
|
|
import textwrap
|
|
import io
|
|
|
|
-from cryptography import x509
|
|
-
|
|
-
|
|
objects = []
|
|
|
|
# Dirty file parser.
|
|
@@ -121,13 +117,6 @@ for obj in objects:
|
|
if obj['CKA_CLASS'] == 'CKO_CERTIFICATE':
|
|
if not obj['CKA_LABEL'] in trust or not trust[obj['CKA_LABEL']]:
|
|
continue
|
|
-
|
|
- cert = x509.load_der_x509_certificate(obj['CKA_VALUE'])
|
|
- if cert.not_valid_after < datetime.datetime.now():
|
|
- print('!'*74)
|
|
- print('Trusted but expired certificate found: %s' % obj['CKA_LABEL'])
|
|
- print('!'*74)
|
|
-
|
|
bname = obj['CKA_LABEL'][1:-1].replace('/', '_')\
|
|
.replace(' ', '_')\
|
|
.replace('(', '=')\
|