- Fix the patch for CVE-2008-4989 not to cause segfaults on runtime anymore

PR:		ports/128868
Obtained from:	vendor

2 files changed, 1 insertions, 18 deletions

diff --git a/security/gnutls/Makefile b/security/gnutls/Makefile
index 1f359eb01e77..a5fdad237602 100644
--- a/security/gnutls/Makefile
+++ b/security/gnutls/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	gnutls
 PORTVERSION=	2.4.2
+PORTREVISION=	1
 CATEGORIES=	security net
 MASTER_SITES=	http://josefsson.org/gnutls/releases/ \
 	ftp://ftp.gnutls.org/pub/gnutls/ \
diff --git a/security/gnutls/files/patch-CVE-2008-4989 b/security/gnutls/files/patch-CVE-2008-4989
index 9389b7bc4638..0fcbc839f437 100644
--- a/security/gnutls/files/patch-CVE-2008-4989
+++ b/security/gnutls/files/patch-CVE-2008-4989
@@ -1,23 +1,5 @@
 --- lib/x509/verify.c.orig	2008-09-16 00:04:19.000000000 +0400
 +++ lib/x509/verify.c	2008-11-14 16:06:59.000000000 +0300
-@@ -376,6 +376,17 @@
-   int i = 0, ret;
-   unsigned int status = 0, output;
- 
-+  /* Check if the last certificate in the path is self signed.
-+   * In that case ignore it (a certificate is trusted only if it
-+   * leads to a trusted party by us, not the server's).
-+   */
-+  if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
-+				    certificate_list[clist_size - 1]) > 0
-+      && clist_size > 0)
-+    {
-+      clist_size--;
-+    }
-+
-   /* Verify the last certificate in the certificate path
-    * against the trusted CA certificate list.
-    *
 @@ -414,17 +425,6 @@
      }
  #endif