libs/iksemel/patches/002-use-of-newer-gnutls_priority_set_direct-api.patch

   1 From 6b213b593c5b499679506a8c169ff3f0f4d6a34f Mon Sep 17 00:00:00 2001
   2 From: John Papandriopoulos <jpap@users.noreply.github.com>
   3 Date: Thu, 20 Aug 2015 16:55:39 -0700
   4 Subject: [PATCH] Use of newer gnutls_priority_set_direct API
   5
   6 ---
   7  configure.ac |  1 +
   8  src/stream.c | 13 +++++++++++++
   9  2 files changed, 14 insertions(+)
  10
  11 diff --git a/configure.ac b/configure.ac
  12 index 91e69e3..281a044 100644
  13 --- a/configure.ac
  14 +++ b/configure.ac
  15 @@ -46,6 +46,7 @@ AC_CHECK_FUNCS(getopt_long)
  16  AC_CHECK_FUNCS(getaddrinfo)
  17
  18  AM_PATH_LIBGNUTLS(,AC_DEFINE(HAVE_GNUTLS,,"Use libgnutls"))
  19 +AM_PATH_LIBGNUTLS(,AC_CHECK_FUNCS(gnutls_priority_set_direct))
  20
  21  dnl Check -Wall flag of GCC
  22  if test "x$GCC" = "xyes"; then
  23 diff --git a/src/stream.c b/src/stream.c
  24 index e8a1e8c..7d19a82 100644
  25 --- a/src/stream.c
  26 +++ b/src/stream.c
  27 @@ -63,11 +63,20 @@ tls_pull (iksparser *prs, char *buffer, size_t len)
  28  static int
  29  handshake (struct stream_data *data)
  30  {
  31 +#if HAVE_GNUTLS_PRIORITY_SET_DIRECT
  32 +       const char *priorities =
  33 +               "NONE"
  34 +               ":+VERS-TLS1.0:+VERS-SSL3.0"
  35 +               ":+RSA"
  36 +               ":+3DES-CBC:+ARCFOUR-128"
  37 +               ":+SHA1:+SHA256:+SHA384:+MD5";
  38 +#else
  39         const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
  40         const int kx_priority[] = { GNUTLS_KX_RSA, 0 };
  41         const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0};
  42         const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
  43         const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
  44 +#endif
  45         int ret;
  46
  47         if (gnutls_global_init () != 0)
  48 @@ -80,11 +89,15 @@ handshake (struct stream_data *data)
  49                 gnutls_certificate_free_credentials (data->cred);
  50                 return IKS_NOMEM;
  51         }
  52 +#if HAVE_GNUTLS_PRIORITY_SET_DIRECT
  53 +       gnutls_priority_set_direct (data->sess, priorities, NULL);
  54 +#else
  55         gnutls_protocol_set_priority (data->sess, protocol_priority);
  56         gnutls_cipher_set_priority(data->sess, cipher_priority);
  57         gnutls_compression_set_priority(data->sess, comp_priority);
  58         gnutls_kx_set_priority(data->sess, kx_priority);
  59         gnutls_mac_set_priority(data->sess, mac_priority);
  60 +#endif
  61         gnutls_credentials_set (data->sess, GNUTLS_CRD_CERTIFICATE, data->cred);
  62
  63         gnutls_transport_set_push_function (data->sess, (gnutls_push_func) tls_push);
  64 --
  65 2.1.4