File gnutls-CVE-2020-11501.patch of Package gnutls.18749

From c01011c2d8533dbbbe754e49e256c109cb848d0d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stefan=20B=C3=BChler?= <stbuehler@web.de>
Date: Fri, 27 Mar 2020 17:17:57 +0100
Subject: [PATCH] dtls client hello: fix zeroed random (fixes #960)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This broke with bcf4de03 "handshake: treat reply to HRR as a reply to
hello verify request", which failed to "De Morgan" properly.

Signed-off-by: Stefan Bühler <stbuehler@web.de>
---
 lib/handshake.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Index: gnutls-3.6.7/lib/handshake.c
===================================================================
--- gnutls-3.6.7.orig/lib/handshake.c	2020-04-02 10:41:59.591316756 +0200
+++ gnutls-3.6.7/lib/handshake.c	2020-04-02 10:43:41.263818988 +0200
@@ -2221,7 +2221,7 @@ static int send_client_hello(gnutls_sess
 		/* Generate random data 
 		 */
 		if (!(session->internals.hsk_flags & HSK_HRR_RECEIVED) &&
-		    !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests == 0)) {
+		    !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests != 0)) {
 			ret = _gnutls_gen_client_random(session);
 			if (ret < 0) {
 				gnutls_assert();
openSUSE Build Service is sponsored by