[Pkg-gnutls-commits] r790 - in /packages/gnutls26/trunk/debian: changelog patches/20_fixtimebomb.diff

ametzler at users.alioth.debian.org ametzler at users.alioth.debian.org
Sun Nov 1 12:27:21 UTC 2009 

Author: ametzler
Date: Sun Nov  1 12:27:20 2009
New Revision: 790

URL: http://svn.debian.org/wsvn/pkg-gnutls/?sc=1&rev=790
Log:
[20_fixtimebomb.diff] Fix testsuite error. Closes: #552920

Added:
    packages/gnutls26/trunk/debian/patches/20_fixtimebomb.diff
Modified:
    packages/gnutls26/trunk/debian/changelog

Modified: packages/gnutls26/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/gnutls26/trunk/debian/changelog?rev=790&op=diff
==============================================================================
--- packages/gnutls26/trunk/debian/changelog (original)
+++ packages/gnutls26/trunk/debian/changelog Sun Nov  1 12:27:20 2009
@@ -1,3 +1,9 @@
+gnutls26 (2.8.4-2) unstable; urgency=high
+
+  * [20_fixtimebomb.diff] Fix testsuite error. Closes: #552920
+
+ -- Andreas Metzler <ametzler at debian.org>  Sun, 01 Nov 2009 13:21:27 +0100
+
 gnutls26 (2.8.4-1) unstable; urgency=low
 
   * New upstream version.

Added: packages/gnutls26/trunk/debian/patches/20_fixtimebomb.diff
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/gnutls26/trunk/debian/patches/20_fixtimebomb.diff?rev=790&op=file
==============================================================================
--- packages/gnutls26/trunk/debian/patches/20_fixtimebomb.diff (added)
+++ packages/gnutls26/trunk/debian/patches/20_fixtimebomb.diff Sun Nov  1 12:27:20 2009
@@ -1,0 +1,27 @@
+diff -NurbBp gnutls26-2.8.4/tests/chainverify.c gnutls-2.8.4.new/tests/chainverify.c
+--- gnutls26-2.8.4/tests/chainverify.c	2009-08-07 01:22:23.000000000 +0200
++++ gnutls-2.8.4.new/tests/chainverify.c	2009-11-01 13:12:06.000000000 +0100
+@@ -32,6 +32,23 @@
+ #include <gnutls/gnutls.h>
+ #include <gnutls/x509.h>
+ 
++
++/* GnuTLS internally calls time() to find out the current time when
++   verifying certificates.  To avoid a time bomb, we hard code the
++   current time.  This should work fine on systems where the library
++   call to time is resolved at run-time.  */
++time_t
++time (time_t *t)
++{
++  time_t then = 1255816800;
++
++  if (t)
++    *t = then;
++
++  return then;
++}
++
++
+ /* *INDENT-OFF* */
+ 
+ /* Triggers incorrect verification success on older versions */

More information about the Pkg-gnutls-commits mailing list