rpms/neon/F-9 neon-0.28.3-gnutls.patch, NONE, 1.1 neon.spec, 1.44, 1.45
Joe Orton
jorton at fedoraproject.org
Tue Feb 3 16:11:24 UTC 2009
- Previous message (by thread): rpms/neon/F-10 neon-0.28.3-gnutls.patch, NONE, 1.1 neon.spec, 1.46, 1.47
- Next message (by thread): rpms/pango/devel .cvsignore, 1.83, 1.84 pango.spec, 1.151, 1.152 sources, 1.84, 1.85
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jorton
Update of /cvs/extras/rpms/neon/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv23590
Modified Files:
neon.spec
Added Files:
neon-0.28.3-gnutls.patch
Log Message:
* Tue Feb 3 2009 Joe Orton <jorton at redhat.com> 0.28.3-2.1
- GnuTLS fixes from upstream (#445044)
neon-0.28.3-gnutls.patch:
--- NEW FILE neon-0.28.3-gnutls.patch ---
--- neon-0.28.3/src/ne_gnutls.c.gnutls
+++ neon-0.28.3/src/ne_gnutls.c
@@ -634,7 +634,9 @@ static ne_ssl_certificate *make_peers_ch
if (gnutls_x509_crt_init(&x5) ||
gnutls_x509_crt_import(x5, &certs[n], GNUTLS_X509_FMT_DER)) {
- ne_ssl_cert_free(top);
+ if (top) {
+ ne_ssl_cert_free(top);
+ }
return NULL;
}
@@ -854,6 +856,10 @@ static int pkcs12_parse(gnutls_pkcs12 p1
switch (type) {
case GNUTLS_BAG_PKCS8_KEY:
case GNUTLS_BAG_PKCS8_ENCRYPTED_KEY:
+ /* Ignore any but the first key encountered; really
+ * need to match up keyids. */
+ if (*pkey) break;
+
gnutls_x509_privkey_init(pkey);
ret = gnutls_pkcs12_bag_get_data(bag, j, &data);
@@ -866,6 +872,10 @@ static int pkcs12_parse(gnutls_pkcs12 p1
if (ret < 0) continue;
break;
case GNUTLS_BAG_CERTIFICATE:
+ /* Ignore any but the first cert encountered; again,
+ * really need to match up keyids. */
+ if (*x5) break;
+
gnutls_x509_crt_init(x5);
ret = gnutls_pkcs12_bag_get_data(bag, j, &data);
--- neon-0.28.3/src/ne_socket.c.gnutls
+++ neon-0.28.3/src/ne_socket.c
@@ -705,13 +705,18 @@ static ssize_t error_gnutls(ne_socket *s
static ssize_t read_gnutls(ne_socket *sock, char *buffer, size_t len)
{
ssize_t ret;
+ unsigned reneg = 1; /* number of allowed rehandshakes */
ret = readable_gnutls(sock, sock->rdtimeout);
if (ret) return ret;
do {
- ret = gnutls_record_recv(sock->ssl, buffer, len);
- } while (RETRY_GNUTLS(sock, ret));
+ do {
+ ret = gnutls_record_recv(sock->ssl, buffer, len);
+ } while (RETRY_GNUTLS(sock, ret));
+
+ } while (ret == GNUTLS_E_REHANDSHAKE && reneg--
+ && (ret = gnutls_handshake(sock->ssl)) == GNUTLS_E_SUCCESS);
if (ret <= 0)
ret = error_gnutls(sock, ret);
Index: neon.spec
===================================================================
RCS file: /cvs/extras/rpms/neon/F-9/neon.spec,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- neon.spec 28 Aug 2008 20:14:31 -0000 1.44
+++ neon.spec 3 Feb 2009 16:10:53 -0000 1.45
@@ -1,12 +1,13 @@
Summary: An HTTP and WebDAV client library
Name: neon
Version: 0.28.3
-Release: 1%{?dist}
+Release: 2.1%{?dist}
License: LGPLv2+
Group: System Environment/Libraries
URL: http://www.webdav.org/neon/
Source0: http://www.webdav.org/neon/neon-%{version}.tar.gz
Patch0: neon-0.27.0-multilib.patch
+Patch1: neon-0.28.3-gnutls.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: expat-devel, gnutls-devel, zlib-devel, krb5-devel
BuildRequires: pkgconfig, pakchois-devel
@@ -34,6 +35,7 @@
%prep
%setup -q
%patch0 -p1 -b .multilib
+%patch1 -p1 -b .gnutls
%build
export CC="%{__cc} -pthread"
@@ -76,6 +78,9 @@
%{_libdir}/*.so
%changelog
+* Tue Feb 3 2009 Joe Orton <jorton at redhat.com> 0.28.3-2.1
+- GnuTLS fixes from upstream (#445044)
+
* Thu Aug 28 2008 Joe Orton <jorton at redhat.com> 0.28.3-1
- update to 0.28.3 (CVE-2008-3746, #460415)
- Previous message (by thread): rpms/neon/F-10 neon-0.28.3-gnutls.patch, NONE, 1.1 neon.spec, 1.46, 1.47
- Next message (by thread): rpms/pango/devel .cvsignore, 1.83, 1.84 pango.spec, 1.151, 1.152 sources, 1.84, 1.85
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list