severity 569639 important thanks Hey,
since there is no news from maintainer on this bug, I'm proposing to NMU the package to delayed queue, with the attached debdiff, using the patch from Tobias Gruetzmacher. I will upload soon, but to delayed so if Laszlo Boszormenyi wants to do a MU, he's welcome :) I've tested that the patch indeed fix the problem with SNI servers, and don't break non SNI ones (at least on alioth). Cheers, -- Yves-Alexis
Reading package lists... Building dependency tree... Reading state information... Need to get 892kB of source archives. Get:1 http://ftp.fr.debian.org testing/main neon27 0.29.3-1 (dsc) [1 266B] Get:2 http://ftp.fr.debian.org testing/main neon27 0.29.3-1 (tar) [882kB] Get:3 http://ftp.fr.debian.org testing/main neon27 0.29.3-1 (diff) [8 851B] dpkg-source: info: extracting neon27 in neon27-0.29.3 dpkg-source: info: unpacking neon27_0.29.3.orig.tar.gz dpkg-source: info: applying neon27_0.29.3-1.diff.gz dpkg-source: info: upstream files that have been modified: neon27-0.29.3/neon-config.in Fetched 892kB in 1s (777kB/s) Differences in neon27 between 0.29.3-1 and 0.29.3-1.1 diff -u neon27-0.29.3/debian/changelog neon27-0.29.3/debian/changelog --- neon27-0.29.3/debian/changelog +++ neon27-0.29.3/debian/changelog @@ -1,3 +1,13 @@ +neon27 (0.29.3-1.1) unstable; urgency=low + + * Non-maintainer upload. + * debian/patches: + - 01_fix-sni.dpatch, fix SNI TLS extension. closes: #569639 + * debian/rules: + - use dpatch rules. + + -- Yves-Alexis Perez <cor...@debian.org> Mon, 22 Feb 2010 21:10:30 +0100 + neon27 (0.29.3-1) unstable; urgency=low * New upstream release. diff -u neon27-0.29.3/debian/control neon27-0.29.3/debian/control --- neon27-0.29.3/debian/control +++ neon27-0.29.3/debian/control @@ -2,7 +2,7 @@ Section: net Priority: optional Maintainer: Laszlo Boszormenyi (GCS) <g...@debian.hu> -Build-Depends: debhelper (>= 5.0.0), pkg-config, libxml2-dev, libssl-dev (>= 0.9.8c), libgnutls-dev (>= 2.8.3), libkrb5-dev, libz-dev, autotools-dev, binutils (>= 2.14.90.0.7), ca-certificates, chrpath +Build-Depends: debhelper (>= 5.0.0), pkg-config, libxml2-dev, libssl-dev (>= 0.9.8c), libgnutls-dev (>= 2.8.3), libkrb5-dev, libz-dev, autotools-dev, binutils (>= 2.14.90.0.7), ca-certificates, chrpath, dpatch Homepage: http://www.webdav.org/neon/ Standards-Version: 3.8.4 diff -u neon27-0.29.3/debian/rules neon27-0.29.3/debian/rules --- neon27-0.29.3/debian/rules +++ neon27-0.29.3/debian/rules @@ -1,5 +1,6 @@ #!/usr/bin/make -f -#include /usr/share/dpatch/dpatch.make +include /usr/share/dpatch/dpatch.make + package=libneon27 upstream-version=$(shell head -n 1 debian/changelog | sed -e 's/.*(\(\([0-9]\+:\)\?\([^-]\+\).*\).*).*/\3/' ) @@ -19,7 +20,7 @@ --with-libxml2 CFLAGS="-O2 -g" -${BUILDDIR}/neon-openssl/config.status: configure +${BUILDDIR}/neon-openssl/config.status: patch configure cp /usr/share/misc/config.guess \ /usr/share/misc/config.sub \ ./ @@ -28,7 +29,7 @@ CFLAGS=$(CFLAGS) $(CURDIR)/configure ${CONFIG_COMMON} \ --with-ssl=openssl -${BUILDDIR}/neon-gnutls/config.status: configure +${BUILDDIR}/neon-gnutls/config.status: patch configure cp /usr/share/misc/config.guess \ /usr/share/misc/config.sub \ ./ @@ -59,7 +60,7 @@ touch build-gnutls -clean: +clean: unpatch dh_testdir dh_testroot -rm -f build-openssl build-gnutls install-openssl install-gnutls \ only in patch2: unchanged: --- neon27-0.29.3.orig/debian/patches/01_fix-sni.dpatch +++ neon27-0.29.3/debian/patches/01_fix-sni.dpatch @@ -0,0 +1,21 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 01_fix-sni.dpatch +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +diff --git a/src/ne_session.c b/src/ne_session.c +index 117c25a..c65848c 100644 +--- a/src/ne_session.c ++++ b/src/ne_session.c +@@ -183,8 +183,9 @@ ne_session *ne_session_create(const char *scheme, + ia = ne_iaddr_parse(hostname, ne_iaddr_ipv6); + + if (ia) { +- sess->flags[NE_SESSFLAG_TLS_SNI] = 1; + ne_iaddr_free(ia); ++ } else { ++ sess->flags[NE_SESSFLAG_TLS_SNI] = 1; + } + NE_DEBUG(NE_DBG_SSL, "ssl: SNI %s by default.\n", + sess->flags[NE_SESSFLAG_TLS_SNI] ? only in patch2: unchanged: --- neon27-0.29.3.orig/debian/patches/00list +++ neon27-0.29.3/debian/patches/00list @@ -0,0 +1 @@ +01_fix-sni
signature.asc
Description: This is a digitally signed message part