Annotation of /trunk/samba/patches/samba-4.2.2-s4-lib-tls-use-gnutls_priority_set_direct.patch
Parent Directory | Revision Log
Revision 2591 -
(hide annotations)
(download)
Mon Jun 22 14:39:22 2015 UTC (8 years, 11 months ago) by niro
File size: 2642 byte(s)
Mon Jun 22 14:39:22 2015 UTC (8 years, 11 months ago) by niro
File size: 2642 byte(s)
-fixed build with gnutls-3.4
1 | niro | 2591 | From 9d9b38b434b9d2e4b3bddd618cea944dfb960966 Mon Sep 17 00:00:00 2001 |
2 | From: Evangelos Foutras <evangelos@foutrelis.com> | ||
3 | Date: Mon, 13 Apr 2015 22:03:14 +0300 | ||
4 | Subject: [PATCH] s4:lib/tls: use gnutls_priority_set_direct() | ||
5 | |||
6 | gnutls_certificate_type_set_priority() was removed in GnuTLS 3.4.0. | ||
7 | --- | ||
8 | source4/lib/tls/tls.c | 4 +--- | ||
9 | source4/lib/tls/tls_tstream.c | 9 +-------- | ||
10 | 2 files changed, 2 insertions(+), 11 deletions(-) | ||
11 | |||
12 | diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c | ||
13 | index b9182ad..2bcbb80 100644 | ||
14 | --- a/source4/lib/tls/tls.c | ||
15 | +++ b/source4/lib/tls/tls.c | ||
16 | @@ -572,7 +572,6 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx, | ||
17 | { | ||
18 | struct tls_context *tls; | ||
19 | int ret = 0; | ||
20 | - const int cert_type_priority[] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 }; | ||
21 | struct socket_context *new_sock; | ||
22 | NTSTATUS nt_status; | ||
23 | |||
24 | @@ -597,8 +596,7 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx, | ||
25 | gnutls_certificate_allocate_credentials(&tls->xcred); | ||
26 | gnutls_certificate_set_x509_trust_file(tls->xcred, ca_path, GNUTLS_X509_FMT_PEM); | ||
27 | TLSCHECK(gnutls_init(&tls->session, GNUTLS_CLIENT)); | ||
28 | - TLSCHECK(gnutls_set_default_priority(tls->session)); | ||
29 | - gnutls_certificate_type_set_priority(tls->session, cert_type_priority); | ||
30 | + TLSCHECK(gnutls_priority_set_direct(tls->session, "NORMAL:+CTYPE-OPENPGP", NULL)); | ||
31 | TLSCHECK(gnutls_credentials_set(tls->session, GNUTLS_CRD_CERTIFICATE, tls->xcred)); | ||
32 | |||
33 | talloc_set_destructor(tls, tls_destructor); | ||
34 | diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c | ||
35 | index f19f5c5..ff0e881 100644 | ||
36 | --- a/source4/lib/tls/tls_tstream.c | ||
37 | +++ b/source4/lib/tls/tls_tstream.c | ||
38 | @@ -967,11 +967,6 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx, | ||
39 | #if ENABLE_GNUTLS | ||
40 | struct tstream_tls *tlss; | ||
41 | int ret; | ||
42 | - static const int cert_type_priority[] = { | ||
43 | - GNUTLS_CRT_X509, | ||
44 | - GNUTLS_CRT_OPENPGP, | ||
45 | - 0 | ||
46 | - }; | ||
47 | #endif /* ENABLE_GNUTLS */ | ||
48 | |||
49 | req = tevent_req_create(mem_ctx, &state, | ||
50 | @@ -1007,15 +1002,13 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx, | ||
51 | return tevent_req_post(req, ev); | ||
52 | } | ||
53 | |||
54 | - ret = gnutls_set_default_priority(tlss->tls_session); | ||
55 | + ret = gnutls_priority_set_direct(tlss->tls_session, "NORMAL:+CTYPE-OPENPGP", NULL); | ||
56 | if (ret != GNUTLS_E_SUCCESS) { | ||
57 | DEBUG(0,("TLS %s - %s\n", __location__, gnutls_strerror(ret))); | ||
58 | tevent_req_error(req, EINVAL); | ||
59 | return tevent_req_post(req, ev); | ||
60 | } | ||
61 | |||
62 | - gnutls_certificate_type_set_priority(tlss->tls_session, cert_type_priority); | ||
63 | - | ||
64 | ret = gnutls_credentials_set(tlss->tls_session, | ||
65 | GNUTLS_CRD_CERTIFICATE, | ||
66 | tls_params->x509_cred); | ||
67 | -- | ||
68 | 2.3.5 | ||
69 |