[gnutls-dev] [algernon@sirc.hu: Bug#188838: libgnutls5: Server name indication does not appear to work]

Ivo Timmermans ivo@o2w.nl
Sun Apr 13 16:16:03 2003


--Dxnq1zWXvFF0Q93v
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline

FYI, what do you think of the attached patch?


	Ivo

-- 
"C combines the power of assembler with the portability of assembler."
	- Anonymous, alluding to Bill Thacker

--Dxnq1zWXvFF0Q93v
Content-Type: message/rfc822
Content-Disposition: inline

Return-Path: <ivo@o2w.nl>
X-Original-To: o2w@schaapje.org
Delivered-To: ivo@schaapje.org
Received: from mail.o2w.nl (mail.o2w.nl [213.133.41.126])
	by juarez.schaapje.org (Postfix) with ESMTP id D7E431CD
	for <o2w@schaapje.org>; Sun, 13 Apr 2003 15:56:53 +0200 (CEST)
Received: by mail.o2w.nl (Postfix, from userid 1001)
	id A296935C26; Sun, 13 Apr 2003 15:56:52 +0200 (CEST)
Delivered-To: ivo@o2w.nl
Received: from master.debian.org (master.debian.org [65.125.64.135])
	by mail.o2w.nl (Postfix) with ESMTP id 202A135BDA
	for <ivo@o2w.nl>; Sun, 13 Apr 2003 15:56:52 +0200 (CEST)
Received: from debbugs by master.debian.org with local (Exim 3.12 1 (Debian))
	id 194hqE-0004LC-00; Sun, 13 Apr 2003 08:48:18 -0500
X-Loop: owner@bugs.debian.org
Subject: Bug#188838: libgnutls5: Server name indication does not appear to work
Reply-To: Gergely Nagy <algernon@sirc.hu>, 188838@bugs.debian.org
Resent-From: Gergely Nagy <algernon@sirc.hu>
Resent-To: debian-bugs-dist@lists.debian.org
Resent-Cc: Ivo Timmermans <ivo@debian.org>,
	gnutls5@packages.qa.debian.org
Resent-Date: Sun, 13 Apr 2003 13:48:18 GMT
Resent-Message-ID: <handler.188838.B188838.105024157914139@bugs.debian.org>
X-Debian-PR-Message: report 188838
X-Debian-PR-Package: libgnutls5
X-Debian-PR-Keywords: upstream
Received: via spool by 188838-submit@bugs.debian.org id=B188838.105024157914139
          (code B ref 188838); Sun, 13 Apr 2003 13:48:18 GMT
Received: (at 188838) by bugs.debian.org; 13 Apr 2003 13:46:19 +0000
Received: from pool-250.gatesgroup.hu (iluvatar.ath.cx) [195.56.144.250] 
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 194hoH-0003fR-00; Sun, 13 Apr 2003 08:46:17 -0500
Received: from iluvatar.ath.cx (localhost [127.0.0.1])
	by iluvatar.ath.cx (Postfix) with ESMTP
	id 391BCABCAD; Sun, 13 Apr 2003 15:46:16 +0200 (CEST)
Date: Sun, 13 Apr 2003 15:46:12 +0200
Message-ID: <838yuejysb.wl@iluvatar.ath.cx>
Cc: Gergely Nagy <algernon@sirc.hu>, control@bugs.debian.org
From: Gergely Nagy <algernon@sirc.hu>
To: 188838@bugs.debian.org
In-Reply-To: <83adeuk2h3.wl@iluvatar.ath.cx>
References: <83adeuk2h3.wl@iluvatar.ath.cx>
User-Agent: Wanderlust/2.10.0 (Venus) Emacs/21.2 Mule/5.0 (SAKAKI)
X-Fortune: Women are just like men, only different.
X-Marvin: Life, loathe it or ignore it, you can't like it.
MIME-Version: 1.0 (generated by SEMI 1.14.4 - "Hosorogi")
Content-Type: text/plain; charset=US-ASCII
Delivered-To: 188838@bugs.debian.org
X-Spam-Status: No, hits=-1.9 required=4.0
	tests=IN_REP_TO,PATCH_UNIFIED_DIFF,REFERENCES,SPAM_PHRASE_00_01,
	      USER_AGENT
	version=2.44
X-Spam-Level: 
Resent-Sender: Debian BTS <debbugs@master.debian.org>
X-Bogosity: No, tests=bogofilter, spamicity=0.000000, version=0.11.1.6

tag 188838 + patch
thanks

I narrowed down the problem to _gnutls_server_recv_params(). It
appears to decrement data_size too early. If I move the decremention
after the len == data_size comparsion, things magically start to work.

On the other hand, the bug may lie in _gnutls_server_send_params()
too.. Since I do not know the protocol, I'd rather not jump into
conclusions.

However, nothing appears to break, so I'm including a patch anyways :)

diff -u -ur gnutls5-0.8.6/lib/ext_server_name.c gnutls5-work/lib/ext_server_name.c
--- gnutls5-0.8.6/lib/ext_server_name.c	2003-01-20 17:46:07.000000000 +0100
+++ gnutls5-work/lib/ext_server_name.c	2003-04-13 15:37:03.000000000 +0200
@@ -44,7 +44,6 @@
    int server_names = 0;
 
    if (session->security_parameters.entity == GNUTLS_SERVER) {
-      DECR_LENGTH_RET(data_size, 2, 0);
       len = _gnutls_read_uint16(data);
       
       if ( len != data_size) {
@@ -54,7 +53,9 @@
          gnutls_assert();
          return 0;
       }
-
+      
+      DECR_LENGTH_RET(data_size, 2, 0);
+      
       p = data + 2;
 
       /* Count all server_names in the packet. */

--Dxnq1zWXvFF0Q93v--