Hello,
gnutls13 1.4.5 features a bugfix I'd like to have in etch:
-------------------------------
diff -u gnutls13-1.4.4/debian/changelog gnutls13-1.4.4/debian/changelog
--- gnutls13-1.4.4/debian/changelog
+++ gnutls13-1.4.4/debian/changelog
@@ -1,3 +1,12 @@
+gnutls13 (1.4.4-3) unstable; urgency=low
+
+ * Pulled /patches/18_negotiate_cypher.diff from 1.4.5:
+ When a GnuTLS server receive a SSLv2 Client Hello for an unknown TLS
+ version, try to negotiate the highest version support by the GnuTLS
+ server, instead of the lowest.
+
+ -- Andreas Metzler <[EMAIL PROTECTED]> Sat, 11 Nov 2006 10:35:29 +0100
+
gnutls13 (1.4.4-2) unstable; urgency=low
[ Andreas Metzler ]
only in patch2:
unchanged:
--- gnutls13-1.4.4.orig/debian/patches/18_negotiate_cypher.diff
+++ gnutls13-1.4.4/debian/patches/18_negotiate_cypher.diff
@@ -0,0 +1,40 @@
+Pulled from gnutls 1.4.5:
+
+ ** When a GnuTLS server receive a SSLv2 Client Hello for an unknown TLS
+ ** version, try to negotiate the highest version support by the GnuTLS server,
+ ** instead of the lowest.
+
+ Reported by <[EMAIL PROTECTED]>.
+--- gnutls-1.4.4/lib/gnutls_v2_compat.c 2006-03-08 11:44:59.000000000
+0100
++++ gnutls-1.4.5/lib/gnutls_v2_compat.c 2006-11-06 12:18:25.000000000
+0100
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (C) 2001, 2004, 2005 Free Software Foundation
++ * Copyright (C) 2001, 2004, 2005, 2006 Free Software Foundation
+ *
+ * Author: Nikos Mavroyanopoulos
+ *
+@@ -117,11 +117,21 @@
+
+ version = _gnutls_version_get (data[pos], data[pos + 1]);
+
+- /* if we do not support that version
++ /* if we do not support that version
+ */
+ if (_gnutls_version_is_supported (session, version) == 0)
+ {
+- ver = _gnutls_version_lowest (session);
++ /* If he requested something we do not support
++ * then we send him the highest we support.
++ */
++ ver = _gnutls_version_max (session);
++ if (ver == GNUTLS_VERSION_UNKNOWN)
++ {
++ /* this check is not really needed.
++ */
++ gnutls_assert ();
++ return GNUTLS_E_UNKNOWN_CIPHER_SUITE;
++ }
+ }
+ else
+ {
-------------------------------
gnutls13 1.4.4-3 is already 27 days old.
thanks, cu andreas
--
The 'Galactic Cleaning' policy undertaken by Emperor Zhark is a personal
vision of the emperor's, and its inclusion in this work does not constitute
tacit approval by the author or the publisher for any such projects,
howsoever undertaken. (c) Jasper Ffforde
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
