1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1106788: unblock: ktls-utils/1.0.0-1 (2/3)

    From Ben Hutchings@21:1/5 to All on Thu May 29 22:40:01 2025
    [continued from previous message]

    tlshd_log_debug("Parsing a valid netlink message\n");
    @@ -255,6 +256,12 @@
    tlshd_log_perror("getpeername");
    return NL_STOP;
    }
    + optlen = sizeof(parms->ip_proto);
    + if (getsockopt(parms->sockfd, SOL_SOCKET, SO_PROTOCOL,
    + &parms->ip_proto, &optlen) == -1) {
    + tlshd_log_perror("getsockopt (SO_PROTOCOL)");
    + return NL_STOP;
    + }
    }
    if (tb[HANDSHAKE_A_ACCEPT_MESSAGE_TYPE])
    parms->handshake_type = nla_get_u32(tb[HANDSHAKE_A_ACCEPT_MESSAGE_TYPE]);
    @@ -269,7 +276,7 @@
    tlshd_parse_certificate(parms, tb[HANDSHAKE_A_ACCEPT_CERTIFICATE]);

    if (peername)
    - strcpy(tlshd_peername, peername);
    + strncpy(tlshd_peername, peername, sizeof(tlshd_peername) - 1);
    else {
    err = getnameinfo(parms->peeraddr, parms->peeraddr_len,
    tlshd_peername, sizeof(tlshd_peername),
    @@ -288,6 +295,7 @@
    .peeraddr = (struct sockaddr *)&tlshd_peeraddr,
    .peeraddr_len = sizeof(tlshd_peeraddr),
    .sockfd = -1,
    + .ip_proto = -1,
    .handshake_type = HANDSHAKE_MSG_TYPE_UNSPEC,
    .timeout_ms = GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT,
    .auth_mode = HANDSHAKE_AUTH_UNSPEC,
    diff -Nru ktls-utils-0.11/src/tlshd/quic.c ktls-utils-1.0.0/src/tlshd/quic.c --- ktls-utils-0.11/src/tlshd/quic.c 1970-01-01 01:00:00.000000000 +0100
    +++ ktls-utils-1.0.0/src/tlshd/quic.c 2025-05-05 19:58:55.000000000 +0200
    @@ -0,0 +1,636 @@
    +/*
    + * Perform a QUIC server or client side handshake.
    + *
    + * Copyright (c) 2024 Red Hat, Inc.
    + *
    + * ktls-utils is free software; you can redistribute it and/or
    + * modify it under the terms of the GNU General Public License as
    + * published by the Free Software Foundation; version 2.
    + *
    + * This program is distributed in the hope that it will be useful,
    + * but WITHOUT ANY WARRANTY; without even the implied warranty of
    + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
    + * General Public License for more details.
    + *
    + * You should have received a copy of the GNU General Public License
    + * along with this program; if not, write to the Free Software
    + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
    + * 02110-1301, USA.
    + */
    +
    +#include <gnutls/abstract.h>
    +#include <sys/socket.h>
    +#in