The Samba-Bugzilla – Attachment 10947 Details for
Bug 8780
Uses deprecated _set_priority GnuTLS functions
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
[PATCH] s4:lib/tls: use gnutls_priority_set_direct()
0001-s4-lib-tls-use-gnutls_priority_set_direct.patch (text/plain), 2.58 KB, created by
Evangelos Foutras
on 2015-04-13 19:22:45 UTC
(
hide
)
Description:
[PATCH] s4:lib/tls: use gnutls_priority_set_direct()
Filename:
MIME Type:
Creator:
Evangelos Foutras
Created:
2015-04-13 19:22:45 UTC
Size:
2.58 KB
patch
obsolete
>From 9d9b38b434b9d2e4b3bddd618cea944dfb960966 Mon Sep 17 00:00:00 2001 >From: Evangelos Foutras <evangelos@foutrelis.com> >Date: Mon, 13 Apr 2015 22:03:14 +0300 >Subject: [PATCH] s4:lib/tls: use gnutls_priority_set_direct() > >gnutls_certificate_type_set_priority() was removed in GnuTLS 3.4.0. >--- > source4/lib/tls/tls.c | 4 +--- > source4/lib/tls/tls_tstream.c | 9 +-------- > 2 files changed, 2 insertions(+), 11 deletions(-) > >diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c >index b9182ad..2bcbb80 100644 >--- a/source4/lib/tls/tls.c >+++ b/source4/lib/tls/tls.c >@@ -572,7 +572,6 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx, > { > struct tls_context *tls; > int ret = 0; >- const int cert_type_priority[] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 }; > struct socket_context *new_sock; > NTSTATUS nt_status; > >@@ -597,8 +596,7 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx, > gnutls_certificate_allocate_credentials(&tls->xcred); > gnutls_certificate_set_x509_trust_file(tls->xcred, ca_path, GNUTLS_X509_FMT_PEM); > TLSCHECK(gnutls_init(&tls->session, GNUTLS_CLIENT)); >- TLSCHECK(gnutls_set_default_priority(tls->session)); >- gnutls_certificate_type_set_priority(tls->session, cert_type_priority); >+ TLSCHECK(gnutls_priority_set_direct(tls->session, "NORMAL:+CTYPE-OPENPGP", NULL)); > TLSCHECK(gnutls_credentials_set(tls->session, GNUTLS_CRD_CERTIFICATE, tls->xcred)); > > talloc_set_destructor(tls, tls_destructor); >diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c >index f19f5c5..ff0e881 100644 >--- a/source4/lib/tls/tls_tstream.c >+++ b/source4/lib/tls/tls_tstream.c >@@ -967,11 +967,6 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx, > #if ENABLE_GNUTLS > struct tstream_tls *tlss; > int ret; >- static const int cert_type_priority[] = { >- GNUTLS_CRT_X509, >- GNUTLS_CRT_OPENPGP, >- 0 >- }; > #endif /* ENABLE_GNUTLS */ > > req = tevent_req_create(mem_ctx, &state, >@@ -1007,15 +1002,13 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx, > return tevent_req_post(req, ev); > } > >- ret = gnutls_set_default_priority(tlss->tls_session); >+ ret = gnutls_priority_set_direct(tlss->tls_session, "NORMAL:+CTYPE-OPENPGP", NULL); > if (ret != GNUTLS_E_SUCCESS) { > DEBUG(0,("TLS %s - %s\n", __location__, gnutls_strerror(ret))); > tevent_req_error(req, EINVAL); > return tevent_req_post(req, ev); > } > >- gnutls_certificate_type_set_priority(tlss->tls_session, cert_type_priority); >- > ret = gnutls_credentials_set(tlss->tls_session, > GNUTLS_CRD_CERTIFICATE, > tls_params->x509_cred); >-- >2.3.5 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 8780
:
10947
|
10948
|
11020
|
11100