1
From: Honza Horak <hhorak@redhat.com>
2
Description: This patch addresses a security problem due to the fact that the
3
validation of the SSL CN is not correctly done in the gnutls-related code of
6
This patch has not been applied in the upstream mutt source. It is currently
7
carried by Debian (1.5.21-5), Red Hat (1.5.20-2.20091214hg736b6a.el6_1.1) and,
8
presumably, others. It was originally posted in the upstream mutt BTS by Honza
10
Bug: http://bugs.mutt.org/3506
11
Bug-Debian: http://bugs.debian.org/619216
12
Bug-Redhat: https://bugzilla.redhat.com/688755
13
Origin: other, http://bugs.mutt.org/3506#comment:8
16
Index: mutt-1.5.21/mutt_ssl_gnutls.c
17
===================================================================
18
--- mutt-1.5.21.orig/mutt_ssl_gnutls.c 2010-08-25 11:31:40.000000000 -0500
19
+++ mutt-1.5.21/mutt_ssl_gnutls.c 2011-09-21 16:58:55.938857051 -0500
21
unsigned int cert_list_size = 0;
22
gnutls_certificate_status certstat;
23
int certerr, i, preauthrc, savedcert, rc = 0;
26
if (gnutls_auth_get_type (state) != GNUTLS_CRD_CERTIFICATE)
29
for (i = 0; i < cert_list_size; i++) {
30
rc = tls_check_preauth(&cert_list[i], certstat, conn->account.host, i,
31
&certerr, &savedcert);
39
dprint (1, (debugfile, "error trusting certificate %d: %d\n", i, rc));
41
certstat = tls_verify_peers (state);
43
+ if (!certstat && !rcpeer)