Contents of /trunk/samba/patches/samba-4.2.2-s4-lib-tls-use-gnutls_priority_set_direct.patch
Parent Directory | Revision Log
Revision 2591 -
(show annotations)
(download)
Mon Jun 22 14:39:22 2015 UTC (9 years, 3 months ago) by niro
File size: 2642 byte(s)
Mon Jun 22 14:39:22 2015 UTC (9 years, 3 months ago) by niro
File size: 2642 byte(s)
-fixed build with gnutls-3.4
1 | From 9d9b38b434b9d2e4b3bddd618cea944dfb960966 Mon Sep 17 00:00:00 2001 |
2 | From: Evangelos Foutras <evangelos@foutrelis.com> |
3 | Date: Mon, 13 Apr 2015 22:03:14 +0300 |
4 | Subject: [PATCH] s4:lib/tls: use gnutls_priority_set_direct() |
5 | |
6 | gnutls_certificate_type_set_priority() was removed in GnuTLS 3.4.0. |
7 | --- |
8 | source4/lib/tls/tls.c | 4 +--- |
9 | source4/lib/tls/tls_tstream.c | 9 +-------- |
10 | 2 files changed, 2 insertions(+), 11 deletions(-) |
11 | |
12 | diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c |
13 | index b9182ad..2bcbb80 100644 |
14 | --- a/source4/lib/tls/tls.c |
15 | +++ b/source4/lib/tls/tls.c |
16 | @@ -572,7 +572,6 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx, |
17 | { |
18 | struct tls_context *tls; |
19 | int ret = 0; |
20 | - const int cert_type_priority[] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 }; |
21 | struct socket_context *new_sock; |
22 | NTSTATUS nt_status; |
23 | |
24 | @@ -597,8 +596,7 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx, |
25 | gnutls_certificate_allocate_credentials(&tls->xcred); |
26 | gnutls_certificate_set_x509_trust_file(tls->xcred, ca_path, GNUTLS_X509_FMT_PEM); |
27 | TLSCHECK(gnutls_init(&tls->session, GNUTLS_CLIENT)); |
28 | - TLSCHECK(gnutls_set_default_priority(tls->session)); |
29 | - gnutls_certificate_type_set_priority(tls->session, cert_type_priority); |
30 | + TLSCHECK(gnutls_priority_set_direct(tls->session, "NORMAL:+CTYPE-OPENPGP", NULL)); |
31 | TLSCHECK(gnutls_credentials_set(tls->session, GNUTLS_CRD_CERTIFICATE, tls->xcred)); |
32 | |
33 | talloc_set_destructor(tls, tls_destructor); |
34 | diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c |
35 | index f19f5c5..ff0e881 100644 |
36 | --- a/source4/lib/tls/tls_tstream.c |
37 | +++ b/source4/lib/tls/tls_tstream.c |
38 | @@ -967,11 +967,6 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx, |
39 | #if ENABLE_GNUTLS |
40 | struct tstream_tls *tlss; |
41 | int ret; |
42 | - static const int cert_type_priority[] = { |
43 | - GNUTLS_CRT_X509, |
44 | - GNUTLS_CRT_OPENPGP, |
45 | - 0 |
46 | - }; |
47 | #endif /* ENABLE_GNUTLS */ |
48 | |
49 | req = tevent_req_create(mem_ctx, &state, |
50 | @@ -1007,15 +1002,13 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx, |
51 | return tevent_req_post(req, ev); |
52 | } |
53 | |
54 | - ret = gnutls_set_default_priority(tlss->tls_session); |
55 | + ret = gnutls_priority_set_direct(tlss->tls_session, "NORMAL:+CTYPE-OPENPGP", NULL); |
56 | if (ret != GNUTLS_E_SUCCESS) { |
57 | DEBUG(0,("TLS %s - %s\n", __location__, gnutls_strerror(ret))); |
58 | tevent_req_error(req, EINVAL); |
59 | return tevent_req_post(req, ev); |
60 | } |
61 | |
62 | - gnutls_certificate_type_set_priority(tlss->tls_session, cert_type_priority); |
63 | - |
64 | ret = gnutls_credentials_set(tlss->tls_session, |
65 | GNUTLS_CRD_CERTIFICATE, |
66 | tls_params->x509_cred); |
67 | -- |
68 | 2.3.5 |
69 |