Bug#768602: unblock: wmbiff/0.4.27-2.3

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#768602: unblock: wmbiff/0.4.27-2.3
From: Doug Torrance <dtorrance@monmouthcollege.edu>
Date: Sat, 08 Nov 2014 10:40:16 -0600
Message-id: <[🔎] 20141108164016.20752.57911.reportbug@toshiba>
Reply-to: Doug Torrance <dtorrance@monmouthcollege.edu>, 768602@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package wmbiff

I am currently adopting the wmbiff package and would like to upload a new
version to unstable.  However, there is a recent NMU version currently in
unstable which fixes #759259 [1], and the author has requested that this version
migrate to jessie before my upload [2].

The debdiff is below.  Thank you!
Doug Torrance

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759259
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767915#14

diff -Nru wmbiff-0.4.27/debian/changelog wmbiff-0.4.27/debian/changelog
--- wmbiff-0.4.27/debian/changelog	2014-08-09 08:08:45.000000000 -0500
+++ wmbiff-0.4.27/debian/changelog	2014-11-02 01:14:04.000000000 -0600
@@ -1,3 +1,15 @@
+wmbiff (0.4.27-2.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * 20_gnutls_set_default_priority.diff: Use gnutls_set_default_priority()
+    to get GnuTLS upstream's recommended default values (SSL/TLS versions,
+    ciphers, et al.) instead of setting local defaults using the deprecated
+    gnutls_cipher_set_priority/gnutls_protocol_set_priority/... functions.
+    This fixes transmission errors to modern systems. Closes: #759259
+    (Thanks to Nye Liu for debugging the issue and finding the solution.)
+
+ -- Andreas Metzler <ametzler@debian.org>  Sun, 02 Nov 2014 08:04:00 +0100
+
 wmbiff (0.4.27-2.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru wmbiff-0.4.27/debian/patches/20_gnutls_set_default_priority.diff wmbiff-0.4.27/debian/patches/20_gnutls_set_default_priority.diff
--- wmbiff-0.4.27/debian/patches/20_gnutls_set_default_priority.diff	1969-12-31 18:00:00.000000000 -0600
+++ wmbiff-0.4.27/debian/patches/20_gnutls_set_default_priority.diff	2014-11-02 01:01:15.000000000 -0600
@@ -0,0 +1,40 @@
+Description: Use gnutls_set_default_priority() to get GnuTLS upstream's
+ recommended default values (SSL/TLS versions, ciphers, et al.) instead
+ of setting local defaults using the deprecated
+ gnutls_cipher_set_priority/gnutls_protocol_set_priority/...
+ functions.
+Author: Andreas Metzler <ametzler@debian.org>, Nye Liu <nyet@nyet.org>
+Bug-Debian: https://bugs.debian.org/759259
+Origin: vendor
+Forwarded: no
+Last-Update: 2014-11-02
+
+--- a/wmbiff/tlsComm.c
++++ b/wmbiff/tlsComm.c
+@@ -553,25 +553,7 @@ struct connection_state *initialize_gnut
+ 
+ 	assert(gnutls_init(&scs->tls_state, GNUTLS_CLIENT) == 0);
+ 	{
+-		const int protocols[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
+-		const int ciphers[] =
+-			{ GNUTLS_CIPHER_RIJNDAEL_128_CBC, GNUTLS_CIPHER_3DES_CBC,
+-			GNUTLS_CIPHER_RIJNDAEL_256_CBC,
+-			GNUTLS_CIPHER_ARCFOUR, 0
+-		};
+-		const int compress[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
+-		const int key_exch[] = { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS,
+-			GNUTLS_KX_DHE_RSA, 0
+-		};
+-		/* mutt with gnutls doesn't use kx_srp or kx_anon_dh */
+-		const int mac[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
+-		assert(gnutls_protocol_set_priority(scs->tls_state, protocols) ==
+-			   0);
+-		assert(gnutls_cipher_set_priority(scs->tls_state, ciphers) == 0);
+-		assert(gnutls_compression_set_priority(scs->tls_state, compress) ==
+-			   0);
+-		assert(gnutls_kx_set_priority(scs->tls_state, key_exch) == 0);
+-		assert(gnutls_mac_set_priority(scs->tls_state, mac) == 0);
++		assert(gnutls_set_default_priority(scs->tls_state) == 0);
+ 		/* no client private key */
+ 		if (gnutls_certificate_allocate_credentials(&scs->xcred) < 0) {
+ 			DMA(DEBUG_ERROR, "gnutls memory error\n");
diff -Nru wmbiff-0.4.27/debian/patches/series wmbiff-0.4.27/debian/patches/series
--- wmbiff-0.4.27/debian/patches/series	2014-08-09 07:11:55.000000000 -0500
+++ wmbiff-0.4.27/debian/patches/series	2014-11-02 01:13:57.000000000 -0600
@@ -2,3 +2,4 @@
 11_autoconfgenchanges.diff
 15_no_more_LZO.diff
 16_gnutls_deprecated.diff
+20_gnutls_set_default_priority.diff

unblock wmbiff/0.4.27-2.3

-- System Information:
Debian Release: jessie/sid
  APT prefers utopic-updates
  APT policy: (500, 'utopic-updates'), (500, 'utopic-security'), (500, 'utopic'), (500, 'trusty'), (100, 'utopic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-031600-generic (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Reply to:

Follow-Ups:
- Bug#768602: marked as done (unblock: wmbiff/0.4.27-2.3)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#768579: marked as done (unblock: signing-party/1.1.10-3)
Next by Date: Re: pre-approved changes: ejabberd
Previous by thread: Processed: tagging 768588
Next by thread: Bug#768602: marked as done (unblock: wmbiff/0.4.27-2.3)
Index(es):
- Date
- Thread