Package: xchat-gnome
Version: 1:0.30.0~git20110821.e2a400-0.2
Severity: normal
Tags: patch
User: [email protected]
Usertags: origin-ubuntu utopic ubuntu-patch
*** /tmp/tmpwg2gkZ/bug_body
XChat-Gnome forces the use of SSLv3, breaking connections to sites that
have started disabling SSLv3.
In Ubuntu, the attached patch was applied to achieve the following:
* Don't force the use of SSLv3 (LP: #1381484)
- debian/patches/dont_force_sslv3.patch: use SSLv23_client_method() so
the best method gets automatically negotiated in src/common/ssl.c.
Thanks for considering the patch.
-- System Information:
Debian Release: jessie/sid
APT prefers utopic-updates
APT policy: (500, 'utopic-updates'), (500, 'utopic-security'), (500,
'utopic'), (100, 'utopic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-23-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/changelog xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/changelog
diff -Nru xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/dont_force_sslv3.patch xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/dont_force_sslv3.patch
--- xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/dont_force_sslv3.patch 1969-12-31 19:00:00.000000000 -0500
+++ xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/dont_force_sslv3.patch 2014-10-20 10:14:37.000000000 -0400
@@ -0,0 +1,28 @@
+Description: Don't force the use of SSLv3
+Author: Marc Deslauriers <[email protected]>
+Bug: https://bugzilla.gnome.org/show_bug.cgi?id=738870
+Bug-Ubuntu: https://bugs.launchpad.net/xchat-gnome/+bug/1381484
+Forwarded: yes
+
+Index: xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/src/common/ssl.c
+===================================================================
+--- xchat-gnome-0.30.0~git20131003.d20b8d+really20110821.orig/src/common/ssl.c 2014-10-17 14:34:35.094385583 -0400
++++ xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/src/common/ssl.c 2014-10-17 14:34:56.390560285 -0400
+@@ -70,7 +70,7 @@
+
+ SSLeay_add_ssl_algorithms ();
+ SSL_load_error_strings ();
+- ctx = SSL_CTX_new (server ? SSLv3_server_method() : SSLv3_client_method ());
++ ctx = SSL_CTX_new (server ? SSLv23_server_method() : SSLv23_client_method ());
+
+ SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH);
+ SSL_CTX_set_timeout (ctx, 300);
+@@ -281,7 +281,7 @@
+ __SSL_critical_error ("SSL_new");
+
+ SSL_set_fd (ssl, sd);
+- if (ctx->method == SSLv3_client_method())
++ if (ctx->method == SSLv23_client_method())
+ SSL_set_connect_state (ssl);
+ else
+ SSL_set_accept_state(ssl);
diff -Nru xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/series xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/series
--- xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/series 2014-08-21 10:55:22.000000000 -0400
+++ xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/series 2014-10-17 14:25:16.000000000 -0400
@@ -25,3 +25,4 @@
link.diff
define_functions_fix_build.patch
perl5.20.patch
+dont_force_sslv3.patch
