Bug#359054: Bug#357624: [Pkg-gnutls-maint] Bug#357624: bug is in libetpan
Ricardo Mones wrote: On Sun, 24 Sep 2006 22:17:54 +0400 Nikita V. Youshchenko [EMAIL PROTECTED] wrote: Hi. # On 2006-09-24 Colin Leroy [EMAIL PROTECTED] wrote: # This bug is in libetpan and should be solved by this commit: # # http://libetpan.cvs.sourceforge.net/libetpan/libetpan/src/data-types/mai lstream_ssl.c?r1=1.39r2=1.40view=patch # # Thanks a lot. Re-assigning. reassign 357624 libetpan 0.46-1 thanks Commit log reads this BTW: 2006-09-24 - libetpan-0.46cvs8 - colin * src/data-types/mailstream_ssl.c Fix a typo that made gnutls crash on some servers (mail.hp.com:993 for example). Sorry :-/ cu andreas I've prepared a new version of libetpan package, that has this patch applied. It's currently on temporary location at http://zigzag.lvk.cs.msu.su/~nikita/debian/tmp/libetpan-0.46-3/ Before I upload it to debian archive, could someone please confirm that this version really closes the issue? I've downloaded, built and installed it for amd64 [0] Tested with claws 2.5.0~rc3-1 (the one in the archive) and current CVS. The segfault still happens when enabling certificate checks[1], so that version doesn't fix the problem. regards, [0] http://mones.dyndns.org/~devel/debian/amd64/ [1] setting skip_ssl_cert_check=0 in ~/.sylpheed-claws/sylpheerc, I had it set to 1 as a workaround for this bug. Could you compile with debugging symbols and show the stack trace of the crash ? Thanks, -- DINH V. Hoa
Bug#359054: Bug#357624: [Pkg-gnutls-maint] Bug#357624: bug is in libetpan
On Mon, 25 Sep 2006 08:25:51 +0200 DINH Viêt Hoà [EMAIL PROTECTED] wrote: The segfault still happens when enabling certificate checks[1], so that version doesn't fix the problem. Could you compile with debugging symbols and show the stack trace of the crash ? Hi, The segfault seems to be in sylpheed-claws (though the cause is probably in libetpan): Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 47451585384160 (LWP 24817)] etpan_certificate_check (certificate=0xd18a6e , len=value optimized out, data=0x7fff) at imap-thread.c:421 421 } else if (ssl_certificate_check(cert, (gdb) bt #0 etpan_certificate_check (certificate=0xd18a6e , len=value optimized out, data=0x7fff) at imap-thread.c:421 #1 0x00542843 in imap_threaded_connect_ssl (folder=0xc21b90, server=value optimized out, port=7993) at imap-thread.c:475 #2 0x0049fc9f in imap_session_get (folder=0xc21b90) at imap.c:798 #3 0x004a107c in imap_scan_required (folder=0xcde2e0, _item=0xcde2e0) at imap.c:3415 #4 0x0048f2ea in folder_item_process_open (item=0xc21dd0, before_proc_func=0, after_proc_func=0, data=0x0) at folder.c:1562 #5 0x0048f42e in folder_item_open (item=0xcde2e0) at folder.c:1600 #6 0x00494ce4 in folderview_selected (ctree=0x810340, row=0xc1af60, column=-1, folderview=0x8f68c0) at folderview.c:2134 #7 0x2b282b3fd910 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0 #8 0x2b282b40caf2 in g_signal_stop_emission () from /usr/lib/libgobject-2.0.so.0 #9 0x2b282b40dfcc in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0 #10 0x2b282ad4a5fc in gtk_signal_emit (object=0x810340, signal_id=98) at gtksignal.c:360 #11 0x005643e5 in select_row (sctree=0x810340, row=value optimized out, col=0, state=0, _node=0x0) at gtksctree.c:1434 #12 0x005654ce in gtk_sctree_button_press (widget=value optimized out, event=0x8f4f50) at gtksctree.c:1521 #13 0x2b282ad035e0 in _gtk_marshal_BOOLEAN__BOXED (closure=0x7f7e00, return_value=0x7fff80ffb050, n_param_values=value optimized out, param_values=0x7fff80ffb150, invocation_hint=value optimized out, marshal_data=0x565110) at gtkmarshalers.c:83
Bug#359054: Bug#357624: [Pkg-gnutls-maint] Bug#357624: bug is in libetpan
On Mon, 25 Sep 2006 16:06:17 +0400 25 Sep 2006 at 16h09, Nikita V. Youshchenko wrote: Hi, Could you compile with debugging symbols and show the stack trace of the crash ? Dinh, could it happen that applying only the mentioned patch (without all the rest that was committed to CVS since 0.46 release) results in broken code? I don't think, but maybe there's still stuff I do wrong. Ricardo, which server do you use to reproduce this crash? -- Colin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#359054: Bug#357624: [Pkg-gnutls-maint] Bug#357624: bug is in libetpan
Hi, I've prepared a new version of libetpan package, that has this patch applied... The segfault still happens ... Could you compile with debugging symbols and show the stack trace of the crash ? Dinh, could it happen that applying only the mentioned patch (without all the rest that was committed to CVS since 0.46 release) results in broken code? Nikita -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#359054: Bug#357624: [Pkg-gnutls-maint] Bug#357624: bug is in libetpan
On 25 Sep 2006, at 14:06, Nikita V. Youshchenko wrote: Hi, I've prepared a new version of libetpan package, that has this patch applied... The segfault still happens ... Could you compile with debugging symbols and show the stack trace of the crash ? Dinh, could it happen that applying only the mentioned patch (without all the rest that was committed to CVS since 0.46 release) results in broken code? (Hoa) most of the changes since 0.46 release are not related to SSL. -- DINH Viêt Hoà
Bug#359054: Bug#357624: [Pkg-gnutls-maint] Bug#357624: bug is in libetpan
On Mon, 25 Sep 2006 16:06:17 +0400
Nikita V. Youshchenko [EMAIL PROTECTED] wrote:
Hi,
I've prepared a new version of libetpan package, that has this patch
applied...
The segfault still happens ...
Could you compile with debugging symbols and show the stack trace of
the crash ?
Dinh, could it happen that applying only the mentioned patch (without all
the rest that was committed to CVS since 0.46 release) results in broken
code?
Finally Colin got a patch which at least works for me and the IMAP
server which I use (btw, it's a (Cyrus v2.2.3) with LMTP; on OpenBSD 3.4
(GENERIC)).
Thanks Colin! ;)
It's against 0.46, so it replaces the current patch in patches/.
regards,
--
Ricardo Mones
http://people.debian.org/~mones
«All the troubles you have will pass away very quickly.»
--- libetpan-0.46/src/data-types/mailstream_ssl.c 2006-06-26 13:50:26.0 +0200
+++ mailstream_ssl.c 2006-09-25 19:05:18.0 +0200
@@ -30,7 +30,7 @@
*/
/*
- * $Id: mailstream_ssl.c,v 1.38 2006/06/26 11:50:26 hoa Exp $
+ * $Id: mailstream_ssl.c,v 1.40 2006/09/24 08:42:37 colinleroy Exp $
*/
/*
@@ -162,6 +162,7 @@
#ifdef USE_SSL
static inline int mailstream_prepare_fd(int fd)
{
+#ifndef WIN32
int fd_flags;
int r;
@@ -170,6 +171,7 @@
r = fcntl(fd, F_SETFL, fd_flags);
if (r 0)
return -1;
+#endif
return 0;
}
@@ -269,19 +271,37 @@
{
struct mailstream_ssl_data * ssl_data;
gnutls_session session;
- gnutls_anon_client_credentials anoncred;
+
+ const int cipher_prio[] = { GNUTLS_CIPHER_AES_128_CBC,
+ GNUTLS_CIPHER_3DES_CBC,
+ GNUTLS_CIPHER_AES_256_CBC,
+ GNUTLS_CIPHER_ARCFOUR_128, 0 };
+ const int kx_prio[] = { GNUTLS_KX_DHE_RSA,
+ GNUTLS_KX_RSA,
+ GNUTLS_KX_DHE_DSS, 0 };
+ const int mac_prio[] = { GNUTLS_MAC_SHA1,
+ GNUTLS_MAC_MD5, 0 };
+ const int proto_prio[] = { GNUTLS_TLS1,
+ GNUTLS_SSL3, 0 };
+
+ gnutls_certificate_credentials_t xcred;
int r;
mailstream_ssl_init();
- gnutls_anon_allocate_client_credentials (anoncred);
-
+ gnutls_certificate_allocate_credentials (xcred);
r = gnutls_init(session, GNUTLS_CLIENT);
if (session == NULL)
return NULL;
- r = gnutls_set_default_priority(session);
- r = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, anoncred);
+ gnutls_set_default_priority(session);
+ gnutls_protocol_set_priority (session, proto_prio);
+ gnutls_cipher_set_priority (session, cipher_prio);
+ gnutls_kx_set_priority (session, kx_prio);
+ gnutls_mac_set_priority (session, mac_prio);
+
+ r = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred);
+
gnutls_transport_set_ptr(session, (gnutls_transport_ptr) fd);
do {
Bug#359054: Bug#357624: [Pkg-gnutls-maint] Bug#357624: bug is in libetpan
On Mon, 25 Sep 2006 16:06:17 +0400 Nikita V. Youshchenko [EMAIL PROTECTED] wrote: Hi, I've prepared a new version of libetpan package, that has this patch applied... The segfault still happens ... Could you compile with debugging symbols and show the stack trace of the crash ? Dinh, could it happen that applying only the mentioned patch (without all the rest that was committed to CVS since 0.46 release) results in broken code? Finally Colin got a patch which at least works for me and the IMAP server which I use (btw, it's a (Cyrus v2.2.3) with LMTP; on OpenBSD 3.4 (GENERIC)). Thanks Colin! ;) It's against 0.46, so it replaces the current patch in patches/. Let's try once more before upload :). I've build package with this patch. Version number is the same, 0.46-3. Files [updated] are available at http://zigzag.lvk.cs.msu.su/~nikita/debian/tmp/libetpan-0.46-3/ Could please someone confirm that this version of libetpan package closes the issue? Nikita pgpYLbGI09IZo.pgp Description: PGP signature
Bug#357624: bug is in libetpan
Hi, This bug is in libetpan and should be solved by this commit: http://libetpan.cvs.sourceforge.net/libetpan/libetpan/src/data-types/mailstream_ssl.c?r1=1.39r2=1.40view=patch -- Colin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#357624: [Pkg-gnutls-maint] Bug#357624: bug is in libetpan
# On 2006-09-24 Colin Leroy [EMAIL PROTECTED] wrote: # This bug is in libetpan and should be solved by this commit: # # http://libetpan.cvs.sourceforge.net/libetpan/libetpan/src/data-types/mailstream_ssl.c?r1=1.39r2=1.40view=patch # # Thanks a lot. Re-assigning. reassign 357624 libetpan 0.46-1 thanks Commit log reads this BTW: 2006-09-24 - libetpan-0.46cvs8 - colin * src/data-types/mailstream_ssl.c Fix a typo that made gnutls crash on some servers (mail.hp.com:993 for example). Sorry :-/ cu andreas -- The 'Galactic Cleaning' policy undertaken by Emperor Zhark is a personal vision of the emperor's, and its inclusion in this work does not constitute tacit approval by the author or the publisher for any such projects, howsoever undertaken.(c) Jasper Ffforde -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#357624: [Pkg-gnutls-maint] Bug#357624: bug is in libetpan
Hi. # On 2006-09-24 Colin Leroy [EMAIL PROTECTED] wrote: # This bug is in libetpan and should be solved by this commit: # # http://libetpan.cvs.sourceforge.net/libetpan/libetpan/src/data-types/mai lstream_ssl.c?r1=1.39r2=1.40view=patch # # Thanks a lot. Re-assigning. reassign 357624 libetpan 0.46-1 thanks Commit log reads this BTW: 2006-09-24 - libetpan-0.46cvs8 - colin * src/data-types/mailstream_ssl.c Fix a typo that made gnutls crash on some servers (mail.hp.com:993 for example). Sorry :-/ cu andreas I've prepared a new version of libetpan package, that has this patch applied. It's currently on temporary location at http://zigzag.lvk.cs.msu.su/~nikita/debian/tmp/libetpan-0.46-3/ Before I upload it to debian archive, could someone please confirm that this version really closes the issue? Nikita pgpf2SuNyfcFq.pgp Description: PGP signature
Bug#359054: Bug#357624: [Pkg-gnutls-maint] Bug#357624: bug is in libetpan
On Sun, 24 Sep 2006 22:17:54 +0400 Nikita V. Youshchenko [EMAIL PROTECTED] wrote: Hi. # On 2006-09-24 Colin Leroy [EMAIL PROTECTED] wrote: # This bug is in libetpan and should be solved by this commit: # # http://libetpan.cvs.sourceforge.net/libetpan/libetpan/src/data-types/mai lstream_ssl.c?r1=1.39r2=1.40view=patch # # Thanks a lot. Re-assigning. reassign 357624 libetpan 0.46-1 thanks Commit log reads this BTW: 2006-09-24 - libetpan-0.46cvs8 - colin * src/data-types/mailstream_ssl.c Fix a typo that made gnutls crash on some servers (mail.hp.com:993 for example). Sorry :-/ cu andreas I've prepared a new version of libetpan package, that has this patch applied. It's currently on temporary location at http://zigzag.lvk.cs.msu.su/~nikita/debian/tmp/libetpan-0.46-3/ Before I upload it to debian archive, could someone please confirm that this version really closes the issue? I've downloaded, built and installed it for amd64 [0] Tested with claws 2.5.0~rc3-1 (the one in the archive) and current CVS. The segfault still happens when enabling certificate checks[1], so that version doesn't fix the problem. regards, [0] http://mones.dyndns.org/~devel/debian/amd64/ [1] setting skip_ssl_cert_check=0 in ~/.sylpheed-claws/sylpheerc, I had it set to 1 as a workaround for this bug. -- Ricardo Mones http://people.debian.org/~mones «You're at the end of the road again.»
