Bug#755435: kdepim-kresources: korganizer does not use Server Name Indication
Package: kdepim-kresources
Version: 4:4.4.11.1+l10n-3+b1
Severity: normal
Tags: lfs
Dear Maintainer,
I found this bug in Korganizer, but as I had to install kdepim-kresources to be
able to use a remote calendar I think the bug is in that package.
I select "Add calendar" in the calendar view, then enter the URL to my CalDAV
server (which is an Owncloud instance) in the "Download from" field. I then
select OK and reload it. Korganizer gives me a warning that the certificate is
invalid and indeed the certificate is the wrong one. Using Wireshark I found
that whichever library is responsible for connecting to the CalDAV server does
not include a Server Name Indication extension [1] in the Client Hello. My
server (Apache2 with virtual hosting) then defaults to responding with a
different certificate than the correct one. The URL to my server is
https://cloud.antoneliasson.se/remote.php/caldav. Feel free to test against it
since the problem occurs before any authentication.
[1]: https://en.wikipedia.org/wiki/Server_Name_Indication
-- System Information:
Debian Release: 7.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages kdepim-kresources depends on:
ii kdepim-runtime 4:4.4.11.1-6
ii libc6 2.13-38+deb7u3
ii libkabc4 4:4.8.4-2
ii libkblog4 4:4.8.4-2
ii libkcal4 4:4.8.4-2
ii libkdecore5 4:4.8.4-4
ii libkdepim4 4:4.4.11.1+l10n-3+b1
ii libkdeui5 4:4.8.4-4
ii libkio5 4:4.8.4-4
ii libkpimutils4 4:4.8.4-2
ii libkresources4 4:4.8.4-2
ii libqtcore4 4:4.8.2+dfsg-11
ii libqtgui4 4:4.8.2+dfsg-11
ii libstdc++6 4.7.2-5
Versions of packages kdepim-kresources recommends:
ii korganizer 4:4.4.11.1+l10n-3+b1
Versions of packages kdepim-kresources suggests:
ii knotes 4:4.4.11.1+l10n-3+b1
-- no debconf information
Reply to: