File gnutls-GNUTLS-SA-2015-2.patch of Package gnutls.5070

From 7d9d5c61f8445dc9e9ca47bb575c77cef17da17a Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat, 25 Apr 2015 19:14:07 +0200
Subject: [PATCH] _gnutls_session_sign_algo_enabled: do not consider any values from the extension data to decide acceptable algorithms

---
 lib/ext/signature.c | 18 +-----------------
 1 file changed, 1 insertion(+), 17 deletions(-)

Index: gnutls-3.2.15/lib/ext/signature.c
===================================================================
--- gnutls-3.2.15.orig/lib/ext/signature.c	2015-08-03 11:30:07.229131826 +0200
+++ gnutls-3.2.15/lib/ext/signature.c	2015-08-03 11:43:41.146922680 +0200
@@ -313,28 +313,12 @@ _gnutls_session_sign_algo_enabled(gnutls
 				  gnutls_sign_algorithm_t sig)
 {
 	unsigned i;
-	int ret;
 	const version_entry_st *ver = get_version(session);
-	sig_ext_st *priv;
-	extension_priv_data_t epriv;
 
 	if (unlikely(ver == NULL))
 		return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
 
-	ret =
-	    _gnutls_ext_get_session_data(session,
-					 GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS,
-					 &epriv);
-	if (ret < 0) {
-		gnutls_assert();
-		return 0;
-	}
-	priv = epriv.ptr;
-
-	if (!_gnutls_version_has_selectable_sighash(ver)
-	    || priv->sign_algorithms_size == 0)
-		/* none set, allow all */
-	{
+	if (!_gnutls_version_has_selectable_sighash(ver)) {
 		return 0;
 	}
openSUSE Build Service is sponsored by