bus error on https site

Message-ID: <email address hidden>
Date: Wed, 7 Apr 2004 20:20:38 -0400
From: Clint Adams <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: bus error on https site

Package: libgnutls7
Version: 0.8.12-5

When attempting to connect to an HTTPS site (which is, unfortunately,
not publically accessible), lynx dies with a bus error. A recompile
with libgnutls10 does not solve the problem.

The site requires HTTP authorization. Applications linked with OpenSSL
are able to access the site without problem. elinks exhibits the same
problem.

#0 0x7031b22c in gcry_md_info () from /usr/lib/libgcrypt.so.1
#1 0x7031b70c in gcry_md_info () from /usr/lib/libgcrypt.so.1
#2 0x7030f4c4 in gcry_cipher_close () from /usr/lib/libgcrypt.so.1
#3 0x7030fc24 in gcry_cipher_close () from /usr/lib/libgcrypt.so.1
#4 0x7030fca8 in gcry_cipher_encrypt () from /usr/lib/libgcrypt.so.1
#5 0x700e2284 in _gnutls_cipher_encrypt () from /usr/lib/libgnutls.so.7
#6 0x700db694 in _gnutls_compressed2ciphertext () from /usr/lib/libgnutls.so.7
#7 0x700db39c in _gnutls_encrypt () from /usr/lib/libgnutls.so.7
#8 0x700daae4 in _gnutls_send_int () from /usr/lib/libgnutls.so.7
#9 0x700dc1e8 in _gnutls_handshake_io_send_int () from /usr/lib/libgnutls.so.7
#10 0x700dd06c in _gnutls_send_handshake () from /usr/lib/libgnutls.so.7
#11 0x700dcae0 in _gnutls_send_finished () from /usr/lib/libgnutls.so.7
#12 0x700de990 in _gnutls_get_adv_version () from /usr/lib/libgnutls.so.7
#13 0x700ddca4 in _gnutls_handshake_common () from /usr/lib/libgnutls.so.7
#14 0x700dd4fc in gnutls_handshake () from /usr/lib/libgnutls.so.7
#15 0x700b6dbc in SSL_connect () from /usr/lib/libgnutls-extra.so.7
#16 0x000a50f0 in _init ()
#17 0x000a3e08 in _init ()
#18 0x000a41dc in _init ()
#19 0x000a4858 in _init ()
#20 0x00035d8c in _init ()
#21 0x00045a78 in _init ()
#22 0x00039990 in _init ()
#23 0x7015cdac in __libc_start_main () from /lib/libc.so.6

-- System Information:
Architecture: sparc (sparc64)

Versions of packages lynx depends on:
ii libbz2-1.0 1.0.2-1 A high-quality block-sorting file
ii libc6 2.3.2.ds1-11 GNU C Library: Shared libraries an
ii libgnutls7 0.8.12-5 GNU TLS library - runtime library
ii libncursesw5 5.4-3 Shared libraries for terminal hand
ii zlib1g 1:1.2.1-5 compression library - runtime

-- no debconf information

Message-ID: <email address hidden>
Date: Wed, 7 Apr 2004 20:43:08 -0400
From: Clint Adams <email address hidden>
To: <email address hidden>
Subject: oops

reassign 242666 libgcrypt7
merge 228855 242666
quit

Message-ID: <email address hidden>
Date: Wed, 7 Apr 2004 21:17:35 -0400
From: Clint Adams <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: i just made it worse

reassign 242668 libgcrypt7
reassign 241753 libgnutls10
merge 228855 242668
quit

Message-ID: <email address hidden>
Date: Wed, 14 Apr 2004 09:40:57 +0200
From: Werner Koch <email address hidden>
To: <email address hidden>
Cc: <email address hidden>
Subject: libgcrypt7 is not supported

Hi!

libgcrypt7 is not supported by upstream because it has always been
marked as work-in-progress.

Please replace it by the current libgcrypt (1.1.94) which will RSN be
re-released as the stable 1.2. We are then going to track down any
remaining problems. It is impossible for us to maintain old alpha
versions Libgcrypt. There won't be any API changes in the future thus
it is a *very good idea* to switch to the current libgcrypt *now*.

Thanks.

   Werner

--
Werner Koch <email address hidden>
The GnuPG Experts http://g10code.com
Free Software Foundation Europe http://fsfeurope.org

Message-ID: <email address hidden>
Date: Wed, 14 Apr 2004 09:41:14 +0200
From: Ivo Timmermans <email address hidden>
To: Werner Koch <email address hidden>, <email address hidden>
Cc: <email address hidden>, <email address hidden>
Subject: Re: Bug#242666: libgcrypt7 is not supported

Werner Koch wrote:
> libgcrypt7 is not supported by upstream because it has always been
> marked as work-in-progress.
>
> Please replace it by the current libgcrypt (1.1.94) which will RSN be
> re-released as the stable 1.2. We are then going to track down any
> remaining problems. It is impossible for us to maintain old alpha
> versions Libgcrypt. There won't be any API changes in the future thus
> it is a *very good idea* to switch to the current libgcrypt *now*.

I don't really have an opinion on this, so I'd like to hear what other
people think of it. Should I replace libgcrypt7 with libgcrypt11 (and
recompile gnutls10 against it) before sarge is released?

 Ivo

--
Floating point exception

Message-ID: <email address hidden>
Date: Wed, 14 Apr 2004 10:43:52 +0200
From: Werner Koch <email address hidden>
To: <email address hidden>
Cc: <email address hidden>, <email address hidden>
Subject: Re: Bug#242666: libgcrypt7 is not supported

On Wed, 14 Apr 2004 09:41:14 +0200, Ivo Timmermans said:

> I don't really have an opinion on this, so I'd like to hear what other
> people think of it. Should I replace libgcrypt7 with libgcrypt11 (and
> recompile gnutls10 against it) before sarge is released?

Pretty please.

We will release 1.2 this week - it will merely be a changed version
number.

  Werner

--
g10 Code GmbH http://g10code.com AmtsGer. Wuppertal HRB 14459
H�tr. 61 Gesch�sf� Werner Koch
D-40699 Erkrath -=- The GnuPG Experts -=- USt-Id DE215605608

Message-ID: <email address hidden>
Date: Wed, 14 Apr 2004 09:44:01 +0100
From: Colin Watson <email address hidden>
To: <email address hidden>
Cc: Werner Koch <email address hidden>, <email address hidden>, <email address hidden>
Subject: Re: Bug#242666: libgcrypt7 is not supported

On Wed, Apr 14, 2004 at 09:41:14AM +0200, Ivo Timmermans wrote:
> Werner Koch wrote:
> > libgcrypt7 is not supported by upstream because it has always been
> > marked as work-in-progress.
> >
> > Please replace it by the current libgcrypt (1.1.94) which will RSN be
> > re-released as the stable 1.2. We are then going to track down any
> > remaining problems. It is impossible for us to maintain old alpha
> > versions Libgcrypt. There won't be any API changes in the future thus
> > it is a *very good idea* to switch to the current libgcrypt *now*.
>
> I don't really have an opinion on this, so I'd like to hear what other
> people think of it. Should I replace libgcrypt7 with libgcrypt11 (and
> recompile gnutls10 against it) before sarge is released?

It is very painful to change the version of libgcrypt7 in base at this
point. Doing this will break debian-installer testing, which is the
reason we asked for no further changes to the package lists in the base
system. debian-installer beta3 had to be re-released due to the last
libgnutls/libgcrypt change.

If you are still considering this, you must coordinate very closely with
the debootstrap maintainers and debian-boot.

--
Colin Watson [<email address hidden>]

Message-ID: <email address hidden>
Date: Wed, 14 Apr 2004 11:27:07 +0200
From: Werner Koch <email address hidden>
To: <email address hidden>
Cc: <email address hidden>, <email address hidden>
Subject: Re: Bug#242666: libgcrypt7 is not supported

On Wed, 14 Apr 2004 09:44:01 +0100, Colin Watson said:

> It is very painful to change the version of libgcrypt7 in base at this
> point. Doing this will break debian-installer testing, which is the
> reason we asked for no further changes to the package lists in the base

I was not aware of the wide use Debian suddenly made of libgcrypt,
despite that libgcrypt was flagged as work-in-progress. Fortunately
that revealed a lot of problems we have by now solved.

The major change between libgcrypt7 and 11 is an API change in the
gcry_ac_* interface. This interface is pretty new and I doubt that it
is used by any non-experimental package. Thus the migration to 11
should not be too problematic.

The advantage of 11 is that we now use versioned symbols (ala glibc)
to avoid future ABI breaks. This won't help us right now but will be
very helpful in the future.

There is another huge problems with applications inadvertently using
Libgcrypt: The might link to two version of Libgcrypt. OpenLDAP for
example uses gnutls which in turn uses libgcrypt1 - any new
application or development project using libgcrypt and LDAP (say for
key retrieval) will probably link against two versions - that is a Bad
Thing.

I don't see any solution other then to remove all libgcrypt versions
except for the stable one (11). Yes, this needs updates of a lot of
packages but source code changes shouldn't be too hard because gnutls
seems to be the major user of libgcrypt.

I am sorry for that and I regret that I forgot to subscribe to the
libgcrypt7 PTS.

  Werner

Message-ID: <email address hidden>
Date: Wed, 14 Apr 2004 12:04:57 +0200
From: "J.H.M. Dassen (Ray)" <email address hidden>
To: <email address hidden>
Cc: <email address hidden>, <email address hidden>, Werner Koch <email address hidden>
Subject: Re: Bug#242666: libgcrypt7 is not supported

On Wed, Apr 14, 2004 at 09:44:01 +0100, Colin Watson wrote:
> It is very painful to change the version of libgcrypt7 in base at this
> point. Doing this will break debian-installer testing, which is the reason
> we asked for no further changes to the package lists in the base system.
> debian-installer beta3 had to be re-released due to the last
> libgnutls/libgcrypt change.

I realise it will be painful to make this transition, but the benefits
Werner lists (in particular, avoiding future ABI breaks and avoiding the
problems we already see with processes that load two versions of gcrypt
simultaneously) outweigh the pain by quite a bit IMHO.

> If you are still considering this, you must coordinate very closely with
> the debootstrap maintainers and debian-boot.

Ivo works a stress ball's throw away from one of the debootstrap maintainers
(me), so coordination with regards to debootstrap shouldn't be a problem.

On Wed, Apr 14, 2004 at 11:27:07 +0200, Werner Koch wrote:
> I was not aware of the wide use Debian suddenly made of libgcrypt, despite
> that libgcrypt was flagged as work-in-progress.

It's a side effect of our wide use of GnuTLS in order to avoid the issue of
needing explicit exemption clauses in order to be able to redistribute
works based on GPLed code that use the OpenSSL library.

Also, it's not as wide as current Debian binary package dependencies may
lead you to believe. Quite a few binary packages specify a Depends: on a
version of libgcrypt while their executables don't reference symbols from
libgcrypt directly but just happen to be linked to libraries that do. This
is an artefact of how older versions of libtool used to work. Relibtoolising
their source packages will contain the libgcrypt dependency to just those
libraries; I've already done this for several of the GNOME packages (which
suffer from other inflated library dependencies as well, primarily on
libgnutls, libtasn and libaudiofile).

Ray
--
Subtlety is fine. It might warrant a comment, though.
 Linus Torvalds
 in <email address hidden>

Message-ID: <email address hidden>
Date: Wed, 14 Apr 2004 12:49:24 +0200
From: Werner Koch <email address hidden>
To: <email address hidden>
Cc: <email address hidden>, <email address hidden>
Subject: Re: Bug#242666: libgcrypt7 is not supported

On Wed, 14 Apr 2004 12:04:57 +0200, J H M Dassen (Ray) said:

> It's a side effect of our wide use of GnuTLS in order to avoid the issue of
> needing explicit exemption clauses in order to be able to redistribute
> works based on GPLed code that use the OpenSSL library.

I know and this is for sure a very Good Thing.

> libgcrypt directly but just happen to be linked to libraries that do. This
> is an artefact of how older versions of libtool used to work. Relibtoolising
> their source packages will contain the libgcrypt dependency to just those

Good to know.

  Werner

Message-ID: <email address hidden>
Date: Wed, 14 Apr 2004 11:50:54 -0400
From: Clint Adams <email address hidden>
To: <email address hidden>
Subject: sparc64 libgcrypt breaks mutt, lynx, etc.

severity 228855 grave
quit

This makes using gnutls on sparc64 impossible at times.

Message-ID: <email address hidden>
Date: Wed, 14 Apr 2004 14:08:38 -0400
From: Joey Hess <email address hidden>
To: <email address hidden>, <email address hidden>
Subject: Re: Bug#242666: libgcrypt7 is not supported

--gBBFr7Ir9EOA20Yy
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

J.H.M. Dassen (Ray) wrote:
> I realise it will be painful to make this transition, but the benefits
> Werner lists (in particular, avoiding future ABI breaks and avoiding the
> problems we already see with processes that load two versions of gcrypt
> simultaneously) outweigh the pain by quite a bit IMHO.

If this change was made today (in testing), it would break all existing
sarge businesscard isos, and would require a debootstrap-udeb updated
for the dependency change to enter testing concurrently to avoid
breaking floppy and netboot installs as well. Updating and re-testing
the isos would take a minimum of 3 days, this could easily waste us a
week of development time on d-i. More likely we would leave them broken,
and lose two weeks of testing by users of those isos.

If, as seems more likely, this change were made sometime this week in
unstable, and hit testing after the usual delay, then it would reach
testing between the 24th and 30th. We plan to release beta 4 of the
Debian installer on the 28th, a build process which will begin on the
24th. If it reached testing on the 24th, this would leave us no time for
testing. If it reached testing on the 25th through 28th, we would have
to restart the release process, losing between 1 and 4 days, and again,
having no real chance to test things. If it reached testing just after
our release, we're back to the scenario outlined in my paragraph above,
except now we have an influx of users to cope with at the same time
everything is breaking.

So no, it's not as easy as you seem to think it is, and it has the
potential to either delay beta 4 by 4 days to a week, force us to ship
something not as tested as we'd hope to, or break beta 4 immediatly
after it is released.

--=20
see shy jo

--gBBFr7Ir9EOA20Yy
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAfX4ld8HHehbQuO8RAlgiAKDZsQGbKCJjsSOf5gFEtMWjuDbCvQCfS5bx
5sogI3J7gNVgWKkPnjnfqtU=
=ngM0
-----END PGP SIGNATURE-----

--gBBFr7Ir9EOA20Yy--

*** Bug 6776 has been marked as a duplicate of this bug. ***

This bug has been marked as a duplicate of bug 6771.

Message-ID: <20040710132819.GG2667@kiste>
Date: Sat, 10 Jul 2004 15:28:20 +0200
From: "Matthias Urlichs" <email address hidden>
To: <email address hidden>
Subject: Please try to reproduce

--9UV9rz0O2dU/yYYn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

tag 242666 +unreproducible
thanks

Hi,

please try to reproduce this problem against a publically accessible
site. I could not do it with the versions I just uploaded.

Thanks.

--=20
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | <email address hidden>

--9UV9rz0O2dU/yYYn
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA7+7z8+hUANcKr/kRAqLKAKCV+7oNCMHjn6TBoHm2iSZC3CTarACfZE2P
AteWoIDIzAPuM/C5AFdngL0=
=L0Fp
-----END PGP SIGNATURE-----

--9UV9rz0O2dU/yYYn--

Message-ID: <20040710153209.GA23801@kiste>
Date: Sat, 10 Jul 2004 17:32:10 +0200
From: "Matthias Urlichs" <email address hidden>
To: <email address hidden>
Cc: <email address hidden>
Subject: Bug hunt!

--k1lZvvs/B4yU6o8G
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

tag 228855 +help
thanks

Hi,

As the new maintainer, I'd like to fix this bug ASAP.

Can somebody give me a login on a system which exhibits the problem?

Thanks!

--=20
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | <email address hidden>

--k1lZvvs/B4yU6o8G
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA8Av58+hUANcKr/kRArVJAJ9+oF3jzcgh08IAQPMOINbUEjp2MgCfd2ZW
pihmmwImYT1Nb2eDco1wn2U=
=2u3R
-----END PGP SIGNATURE-----

--k1lZvvs/B4yU6o8G--

Message-ID: <email address hidden>
Date: Sun, 11 Jul 2004 16:54:35 -0400
From: Clint Adams <email address hidden>
To: <email address hidden>, <email address hidden>, <email address hidden>
Subject: libgcrypt7 on sparc

Bus error with

lynx https://gmail.google.com/

and

gnutls-cli-debug -p 443 gmail.google.com

Message-ID: <20040712024655.GK2741@kiste>
Date: Mon, 12 Jul 2004 04:46:55 +0200
From: "Matthias Urlichs" <email address hidden>
To: Clint Adams <email address hidden>
Cc: <email address hidden>, <email address hidden>, <email address hidden>
Subject: Re: libgcrypt7 on sparc

--ieNMXl1Fr3cevapt
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

tag 228855 +pending
tag 242666 +pending
tag 242668 +pending
thanks

Hi,

Clint Adams:
> Bus error

Got it.

--=20
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | <email address hidden>

--ieNMXl1Fr3cevapt
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA8fuf8+hUANcKr/kRAmoMAJsEi3M7MCnYOzKr2uvS6tPCmzrWhQCeOd+n
lXhuamLbigKY8kmMGd3agSw=
=5Ref
-----END PGP SIGNATURE-----

--ieNMXl1Fr3cevapt--

Message-Id: <email address hidden>
Date: Mon, 12 Jul 2004 00:02:05 -0400
From: Matthias Urlichs <email address hidden>
To: <email address hidden>
Subject: Bug#228855: fixed in libgcrypt7 1.1.90-6

Source: libgcrypt7
Source-Version: 1.1.90-6

We believe that the bug you reported is fixed in the latest version of
libgcrypt7, which is due to be installed in the Debian FTP archive:

libgcrypt7-dev_1.1.90-6_i386.deb
  to pool/main/libg/libgcrypt7/libgcrypt7-dev_1.1.90-6_i386.deb
libgcrypt7-doc_1.1.90-6_all.deb
  to pool/main/libg/libgcrypt7/libgcrypt7-doc_1.1.90-6_all.deb
libgcrypt7_1.1.90-6.diff.gz
  to pool/main/libg/libgcrypt7/libgcrypt7_1.1.90-6.diff.gz
libgcrypt7_1.1.90-6.dsc
  to pool/main/libg/libgcrypt7/libgcrypt7_1.1.90-6.dsc
libgcrypt7_1.1.90-6_i386.deb
  to pool/main/libg/libgcrypt7/libgcrypt7_1.1.90-6_i386.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Matthias Urlichs <email address hidden> (supplier of updated libgcrypt7 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Changed-By: Matthias Urlichs <email address hidden>
Date: Mon, 12 Jul 2004 05:11:45 +0200
Version: 1.1.90-6
Distribution: unstable
Source: libgcrypt7
Urgency: medium
Maintainer: Matthias Urlichs <email address hidden>
Binary: libgcrypt7 libgcrypt7-dev libgcrypt7-doc
Architecture: i386 all source
Closes: 228855 242666 242668 258879
Changes:
 libgcrypt7 (1.1.90-6) unstable; urgency=medium
 .
   * Applied unaligned access fix to rijndael.c.
     - Closes: #242666,#228855,#242668.
   * Detect k*BSD correctly
     - Closes: #258879
Description:
 libgcrypt7-doc - LGPL Crypto library - documentation
 libgcrypt7 - LGPL Crypto library - runtime library
 libgcrypt7-dev - LGPL Crypto library - development files
Files:
 7d00ce623810a3e6cb1467a11043ae96 414200 libdevel optional libgcrypt7-dev_1.1.90-6_i386.deb
 13ddbbe0d4bd5a19f4b24c3e91f6a625 325692 libs optional libgcrypt7_1.1.90-6_i386.deb
 a31c15d459bd16eaebfea4505a14707b 866 libs optional libgcrypt7_1.1.90-6.dsc
 ba0e08988e633d8c076b0914452efd8e 409925 libs optional libgcrypt7_1.1.90-6.diff.gz
 576b77d93708fdd1bbbbabc61e85b7e0 334302 doc optional libgcrypt7-doc_1.1.90-6_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA8gkk8+hUANcKr/kRAn5vAKCdnLiDxYfIZC5SWmE/LPpMkn/EdwCfXt1r
ulY6Zf+INSrJlUyywTIz1UM=
=tTUt
-----END PGP SIGNATURE-----

Message-Id: <email address hidden>
Date: Mon, 12 Jul 2004 00:02:05 -0400
From: Matthias Urlichs <email address hidden>
To: <email address hidden>
Subject: Bug#242666: fixed in libgcrypt7 1.1.90-6

Source: libgcrypt7
Source-Version: 1.1.90-6

We believe that the bug you reported is fixed in the latest version of
libgcrypt7, which is due to be installed in the Debian FTP archive:

libgcrypt7-dev_1.1.90-6_i386.deb
  to pool/main/libg/libgcrypt7/libgcrypt7-dev_1.1.90-6_i386.deb
libgcrypt7-doc_1.1.90-6_all.deb
  to pool/main/libg/libgcrypt7/libgcrypt7-doc_1.1.90-6_all.deb
libgcrypt7_1.1.90-6.diff.gz
  to pool/main/libg/libgcrypt7/libgcrypt7_1.1.90-6.diff.gz
libgcrypt7_1.1.90-6.dsc
  to pool/main/libg/libgcrypt7/libgcrypt7_1.1.90-6.dsc
libgcrypt7_1.1.90-6_i386.deb
  to pool/main/libg/libgcrypt7/libgcrypt7_1.1.90-6_i386.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Matthias Urlichs <email address hidden> (supplier of updated libgcrypt7 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Changed-By: Matthias Urlichs <email address hidden>
Date: Mon, 12 Jul 2004 05:11:45 +0200
Version: 1.1.90-6
Distribution: unstable
Source: libgcrypt7
Urgency: medium
Maintainer: Matthias Urlichs <email address hidden>
Binary: libgcrypt7 libgcrypt7-dev libgcrypt7-doc
Architecture: i386 all source
Closes: 228855 242666 242668 258879
Changes:
 libgcrypt7 (1.1.90-6) unstable; urgency=medium
 .
   * Applied unaligned access fix to rijndael.c.
     - Closes: #242666,#228855,#242668.
   * Detect k*BSD correctly
     - Closes: #258879
Description:
 libgcrypt7-doc - LGPL Crypto library - documentation
 libgcrypt7 - LGPL Crypto library - runtime library
 libgcrypt7-dev - LGPL Crypto library - development files
Files:
 7d00ce623810a3e6cb1467a11043ae96 414200 libdevel optional libgcrypt7-dev_1.1.90-6_i386.deb
 13ddbbe0d4bd5a19f4b24c3e91f6a625 325692 libs optional libgcrypt7_1.1.90-6_i386.deb
 a31c15d459bd16eaebfea4505a14707b 866 libs optional libgcrypt7_1.1.90-6.dsc
 ba0e08988e633d8c076b0914452efd8e 409925 libs optional libgcrypt7_1.1.90-6.diff.gz
 576b77d93708fdd1bbbbabc61e85b7e0 334302 doc optional libgcrypt7-doc_1.1.90-6_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA8gkk8+hUANcKr/kRAn5vAKCdnLiDxYfIZC5SWmE/LPpMkn/EdwCfXt1r
ulY6Zf+INSrJlUyywTIz1UM=
=tTUt
-----END PGP SIGNATURE-----

Message-ID: <email address hidden>
Date: Sun, 11 Jul 2004 22:57:19 -0700
From: Joshua Kwan <email address hidden>
To: <email address hidden>, <email address hidden>,
 <email address hidden>
Cc: <email address hidden>, om@8304.ch, <email address hidden>,
 <email address hidden>
Subject: gcrypt7 problems - not quite fixed!

--4Ckj6UjgE2iN1+kY
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

reopen 242666
reopen 228855
reopen 242668
thanks

I rolled a libgcrypt7/sparc for myself, 1.1.90-6, and mutt now says

Rijndael-128 test encryption failed.
gnutls_handshake: A TLS fatal alert has been received.(Bad record MAC)

when connecting to my IMAP server using mutt. It can't proceed to open
the mailbox after that.

gnutls-cli-debug -p 993 triplehelix.org

and=20

gnutls-cli-debug -p 443 gmail.google.com

also produce the Rijndael test encryption error, but they exit with a
successful status. So is this broken, or what?

(For those interested: http://june.voxel.net/~joshk/gcrypt7/ contains
unstripped, unoptimized packages of -6.)

--=20
Joshua Kwan

--4Ckj6UjgE2iN1+kY
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: http://triplehelix.org/~joshk/pubkey_gpg.asc

iQIVAwUBQPIoP6OILr94RG8mAQJdhBAAima3HWkUPRhCVypiLtCN06pAy6Ososrd
LU3dybkVSUE5ydYTd/gw2bg2ttxghasWvtMUFrsE3oxBBHqye09uv9XpG4CdaLG2
ff+7c/52gHlypquMkknSrqjYErdX2R8R4lg4AtUUetRNpksM5z27Gucn/keyRATg
vwh0dQdr9KzuoKpSAv4EpLvC+HRZ9x3UcKt7VkDtzi6rxIRrDl9KbEC/YGvYSG3Z
qlG5oF21KYfXj3w6FTu0uZXzmPnGTtV2pdqoavrDRrYlq4U+TS0m0wSOfKf6Bb31
SF7ysOgN8YzAUCRNRcNgg83Ky6GY9gGJSPnxyCIZeu6wn2pbvqgqeZISA+Ioc5tq
Mp/I0PcVymzSyrGff5nQT++piky/ObcrXWjxs6G5XOjYigANK/bb9bOPOxrx95Hy
bggQEBDfQONciEClgsnEnhxlvrtlYQ+kCduINHca1CK5Az96x8lvPLjhOSDOE3dJ
Cng5Xemszo5wOge9DFXOwV/949gMVtiOBCwgzmnEIV8d6yjizWV48GUlSkdY1GzM
AG/2ijtDLrXpPhg3rM9LaitxtOzjBSMk6xd+JFSOmtBwpoAijlDEHxHyMR7Q90+s
pt/iRMt1fLgg4mDAumeFJ3Q6SjBdWq86gczyxXHaQw1gj5jEDScORPVXWK0UlqwM
KWjSAWN0E6I=
=uJHm
-----END PGP SIGNATURE-----

--4Ckj6UjgE2iN1+kY--

Message-ID: <20040712073409.GA29222@kiste>
Date: Mon, 12 Jul 2004 09:34:10 +0200
From: "Matthias Urlichs" <email address hidden>
To: Joshua Kwan <email address hidden>, <email address hidden>
Cc: <email address hidden>, <email address hidden>,
 <email address hidden>, om@8304.ch, <email address hidden>, <email address hidden>
Subject: Re: Bug#242666: gcrypt7 problems - not quite fixed!

--M9NhX3UHpAaciwkO
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,

Joshua Kwan:
> also produce the Rijndael test encryption error, but they exit with a
> successful status. So is this broken, or what?
>=20
Yes, it's still broken. Certain programs should exit with an error if
they see an error. :-(

I'm fixing it.

--=20
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | <email address hidden>

--M9NhX3UHpAaciwkO
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA8j7x8+hUANcKr/kRAhpBAJ9SHAb+e/HEX+wuHoxN5pf8rY26FgCfaF7a
N+f4I62x/zMGrbUsAraMEuI=
=8aYA
-----END PGP SIGNATURE-----

--M9NhX3UHpAaciwkO--

Message-Id: <email address hidden>
Date: Mon, 12 Jul 2004 04:47:04 -0400
From: Matthias Urlichs <email address hidden>
To: <email address hidden>
Subject: Bug#228855: fixed in libgcrypt7 1.1.90-7

Source: libgcrypt7
Source-Version: 1.1.90-7

We believe that the bug you reported is fixed in the latest version of
libgcrypt7, which is due to be installed in the Debian FTP archive:

libgcrypt7-dev_1.1.90-7_i386.deb
  to pool/main/libg/libgcrypt7/libgcrypt7-dev_1.1.90-7_i386.deb
libgcrypt7-doc_1.1.90-7_all.deb
  to pool/main/libg/libgcrypt7/libgcrypt7-doc_1.1.90-7_all.deb
libgcrypt7_1.1.90-7.diff.gz
  to pool/main/libg/libgcrypt7/libgcrypt7_1.1.90-7.diff.gz
libgcrypt7_1.1.90-7.dsc
  to pool/main/libg/libgcrypt7/libgcrypt7_1.1.90-7.dsc
libgcrypt7_1.1.90-7_i386.deb
  to pool/main/libg/libgcrypt7/libgcrypt7_1.1.90-7_i386.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Matthias Urlichs <email address hidden> (supplier of updated libgcrypt7 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Changed-By: Matthias Urlichs <email address hidden>
Date: Mon, 12 Jul 2004 09:47:01 +0200
Version: 1.1.90-7
Distribution: unstable
Source: libgcrypt7
Urgency: medium
Maintainer: Matthias Urlichs <email address hidden>
Binary: libgcrypt7 libgcrypt7-dev libgcrypt7-doc
Architecture: i386 all source
Closes: 228855 242666 242668
Changes:
 libgcrypt7 (1.1.90-7) unstable; urgency=medium
 .
   * Repaired the unaligned access fix to rijndael.c.
     - Closes: #242666,#228855,#242668 (again).
Description:
 libgcrypt7-doc - LGPL Crypto library - documentation
 libgcrypt7 - LGPL Crypto library - runtime library
 libgcrypt7-dev - LGPL Crypto library - development files
Files:
 acb7436031c9cd4df8351f9e1673a27b 409268 libs optional libgcrypt7_1.1.90-7.diff.gz
 78882398f41f573214afc1aefd5b1136 866 libs optional libgcrypt7_1.1.90-7.dsc
 17ed546c13609510b9b6d062380b6dbb 414294 libdevel optional libgcrypt7-dev_1.1.90-7_i386.deb
 86d1782dbddb4afb8ad932586d0aa6ae 325768 libs optional libgcrypt7_1.1.90-7_i386.deb
 395a0566ed1e47335d4329a9edc2daa2 334350 doc optional libgcrypt7-doc_1.1.90-7_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA8kuF8+hUANcKr/kRAoA4AJ0ZTOel0hT4mHHd1EnUfnMdoxMQ5wCfRFjV
F5+o0juLnBU2mLDr6VZkIbQ=
=9Zth
-----END PGP SIGNATURE-----

Message-Id: <email address hidden>
Date: Mon, 12 Jul 2004 04:47:04 -0400
From: Matthias Urlichs <email address hidden>
To: <email address hidden>
Subject: Bug#242666: fixed in libgcrypt7 1.1.90-7

Source: libgcrypt7
Source-Version: 1.1.90-7

We believe that the bug you reported is fixed in the latest version of
libgcrypt7, which is due to be installed in the Debian FTP archive:

libgcrypt7-dev_1.1.90-7_i386.deb
  to pool/main/libg/libgcrypt7/libgcrypt7-dev_1.1.90-7_i386.deb
libgcrypt7-doc_1.1.90-7_all.deb
  to pool/main/libg/libgcrypt7/libgcrypt7-doc_1.1.90-7_all.deb
libgcrypt7_1.1.90-7.diff.gz
  to pool/main/libg/libgcrypt7/libgcrypt7_1.1.90-7.diff.gz
libgcrypt7_1.1.90-7.dsc
  to pool/main/libg/libgcrypt7/libgcrypt7_1.1.90-7.dsc
libgcrypt7_1.1.90-7_i386.deb
  to pool/main/libg/libgcrypt7/libgcrypt7_1.1.90-7_i386.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Matthias Urlichs <email address hidden> (supplier of updated libgcrypt7 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Changed-By: Matthias Urlichs <email address hidden>
Date: Mon, 12 Jul 2004 09:47:01 +0200
Version: 1.1.90-7
Distribution: unstable
Source: libgcrypt7
Urgency: medium
Maintainer: Matthias Urlichs <email address hidden>
Binary: libgcrypt7 libgcrypt7-dev libgcrypt7-doc
Architecture: i386 all source
Closes: 228855 242666 242668
Changes:
 libgcrypt7 (1.1.90-7) unstable; urgency=medium
 .
   * Repaired the unaligned access fix to rijndael.c.
     - Closes: #242666,#228855,#242668 (again).
Description:
 libgcrypt7-doc - LGPL Crypto library - documentation
 libgcrypt7 - LGPL Crypto library - runtime library
 libgcrypt7-dev - LGPL Crypto library - development files
Files:
 acb7436031c9cd4df8351f9e1673a27b 409268 libs optional libgcrypt7_1.1.90-7.diff.gz
 78882398f41f573214afc1aefd5b1136 866 libs optional libgcrypt7_1.1.90-7.dsc
 17ed546c13609510b9b6d062380b6dbb 414294 libdevel optional libgcrypt7-dev_1.1.90-7_i386.deb
 86d1782dbddb4afb8ad932586d0aa6ae 325768 libs optional libgcrypt7_1.1.90-7_i386.deb
 395a0566ed1e47335d4329a9edc2daa2 334350 doc optional libgcrypt7-doc_1.1.90-7_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA8kuF8+hUANcKr/kRAoA4AJ0ZTOel0hT4mHHd1EnUfnMdoxMQ5wCfRFjV
F5+o0juLnBU2mLDr6VZkIbQ=
=9Zth
-----END PGP SIGNATURE-----