Your message dated Thu, 16 May 2013 20:04:23 +0300
with message-id <[email protected]>
and subject line Re: Bug#109735: Old bugs filed against links-ssl
has caused the Debian Bug report #109735,
regarding links-ssl 0.92 is sometimes so better than 0.96...
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
109735: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=109735
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: links-ssl
Version: 0.96

links-ssl 0.92 has some important advantage over links-ssl 0.96 (and
probably other versions): the 0.92 version works correctly with the
popular Polish internet bank 'Inteligo' (http://www.inteligo.pl) while
the 0.96 does not (for some reason bank software looses in some
situations the 'session context' what causes most of the bank
application not to work any more). Look below for the more detailistic
discussion.

If I understand correctly, links-ssl 0.92 is based on some custom SSL
patch to links while links-ssl 0.96 contains original author
implementation.

It is hard to say 'who is responsible' (fairly possible that this is the
bank software bug/limitation) but for the Polish Linux users it would be
really nice to keept the ability of using inteligo... Maybe
'links-ssl-old package' (if the problem happens impossible to track
down)?

As I possess the account in the bank mentioned, I can perform some tests
in case someone is interested. Unfortunately I will not publish my
account and password - this is my real bank account. In case someone is
able formulate the real hypotesis 'what could be wrong', I should be
able to report the bank software error. Contact me at
mailto:[email protected] if you like.

Let me know describe in detail what happens. Inteligo software performs
some strict checking whether the session has not timed out or has not
been messed somehow. When someone (using officially supported browser
like IE or NN) presses Back and attempts to do something with the form
got this way, he or she gets the login form with the information 'please
log again, something with your session is wrong' (the main reasoning
behind it is to protect users which did something in the app and logged
out from problems when someone else comes, presses Back some times and
has access to the account). I got exactly the same effect while using
links-ssl 0.96 in the 'normal' way. I am not HTTPS expert but I suspect
that maybe links-ssl 0.96 implements things like 'keeping more than one
connection and switching between them' or something similar.

                                Regards

-- 
http://www.mk.w.pl /
 Marcin.Kasperski | Rekomendacja narzędzi dla programistów:           
   @softax.com.pl |   http://www.mk.w.pl/narzedzia                    
     @bigfoot.com  \


--- End Message ---
--- Begin Message ---
On Jo, 16 mai 13, 18:41:15, Marcin Kasperski wrote:
> 
> So likely the only thing one can do is to close as "ignored so long
> that it is not reproducible anymore".

Ok, thanks for your time.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic

Attachment: signature.asc
Description: Digital signature


--- End Message ---

Reply via email to