[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GnuTLS CVE-2009-2730 Patches
From: |
Simon Josefsson |
Subject: |
Re: GnuTLS CVE-2009-2730 Patches |
Date: |
Thu, 20 Aug 2009 19:03:23 +0200 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) |
Simon Josefsson <address@hidden> writes:
> Btw, I just notice a problem with RedHat's patch, it appears to break
> OpenPGP connections:
>
> gnutls-cli -p 5556 test.gnutls.org --priority
> NORMAL:+CTYPE-OPENPGP:-CTYPE-X509
>
> I get an error:
>
> - The hostname in the certificate does NOT match 'test.gnutls.org'
>
> But this is incorrect, the names do match.
>
> Please test if that command works on your versions, otherwise you will
> need this patch too:
>
> http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=9eed44b4ef9538117cc134956b32bc8fd39534fd
>
> I'll write a self-test to check this regression too.
Now finished, and here is another way to check if your library is OK or
not:
wget http://git.savannah.gnu.org/cgit/gnutls.git/plain/tests/hostname-check.c
wget http://git.savannah.gnu.org/cgit/gnutls.git/plain/tests/utils.c
wget http://git.savannah.gnu.org/cgit/gnutls.git/plain/tests/utils.h
gcc -o hostname-check hostname-check.c utils.c -I. -lgnutls
./hostname-check
It should finish with 0 errors.
Maybe we'll need a 2.8.4 to fix this...
/Simon
- Re: GnuTLS 2.8.2, (continued)
- Re: GnuTLS 2.8.2, Jeff Cai, 2009/08/12
- Re: GnuTLS 2.8.2, Jeff Cai, 2009/08/12
- Re: GnuTLS 2.8.2, Simon Josefsson, 2009/08/13
- Re: GnuTLS 2.8.2, Jeff Cai, 2009/08/14
- Re: GnuTLS 2.8.2, Simon Josefsson, 2009/08/14
- GnuTLS CVE-2009-2730 Patches (Was Re: GnuTLS 2.8.2), Jamie Strandboge, 2009/08/15
- Re: GnuTLS CVE-2009-2730 Patches, Simon Josefsson, 2009/08/15
- Re: GnuTLS CVE-2009-2730 Patches, Jamie Strandboge, 2009/08/17
- Re: GnuTLS CVE-2009-2730 Patches, Simon Josefsson, 2009/08/18
- Message not available
- Re: GnuTLS CVE-2009-2730 Patches, Simon Josefsson, 2009/08/20
- Re: GnuTLS CVE-2009-2730 Patches,
Simon Josefsson <=
- Re: GnuTLS CVE-2009-2730 Patches (Was Re: GnuTLS 2.8.2), Jamie Strandboge, 2009/08/17