aiccu/patches/0002-gnutls-cleanup.patch

   1 From 61a319c224cda0bbd408514bdfdc533285739fec Mon Sep 17 00:00:00 2001
   2 From: "Barak A. Pearlmutter" <barak+git@cs.nuim.ie>
   3 Date: Fri, 17 Aug 2012 12:23:06 +0200
   4 Subject: [PATCH 02/10] gnutls cleanup
   5
   6 Stop ignoring some gnutls return codes.
   7
   8 Rewrite call to depricated gnutls_set_default_priority() to use
   9 gnutls_priority_set_direct() instead.
  10
  11 Remove call to deprecated routine
  12 gnutls_certificate_type_set_priority, no changes necessary.
  13
  14 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
  15 ---
  16  common/common.c | 27 +++++++++++++++++----------
  17  1 file changed, 17 insertions(+), 10 deletions(-)
  18
  19 diff --git a/common/common.c b/common/common.c
  20 index 488c145..d45e567 100755
  21 --- a/common/common.c
  22 +++ b/common/common.c
  23 @@ -271,8 +271,6 @@ TLSSOCKET sock_alloc(void);
  24  TLSSOCKET sock_alloc(void)
  25  {
  26  #ifdef AICCU_GNUTLS
  27 -       /* Allow connections to servers that have OpenPGP keys as well */
  28 -       const int       cert_type_priority[3] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
  29         int             ret;
  30  #endif /* AICCU_GNUTLS*/
  31
  32 @@ -289,7 +287,7 @@ TLSSOCKET sock_alloc(void)
  33
  34         /* Initialize TLS session */
  35         ret = gnutls_init(&sock->session, GNUTLS_CLIENT);
  36 -       if (ret != 0)
  37 +       if (ret != GNUTLS_E_SUCCESS)
  38         {
  39                 dolog(LOG_ERR, "TLS Init failed: %s (%d)\n", gnutls_strerror(ret), ret);
  40                 free(sock);
  41 @@ -297,15 +295,24 @@ TLSSOCKET sock_alloc(void)
  42         }
  43
  44         /* Use default priorities */
  45 -       gnutls_set_default_priority(sock->session);
  46 -       /* XXX: Return value is not documented in GNUTLS documentation! */
  47 -
  48 -       gnutls_certificate_type_set_priority(sock->session, cert_type_priority);
  49 -       /* XXX: Return value is not documented in GNUTLS documentation! */
  50 +       ret = gnutls_priority_set_direct(sock->session, "NORMAL", NULL);
  51 +       if (ret != GNUTLS_E_SUCCESS)
  52 +       {
  53 +               dolog(LOG_ERR, "TLS set default priority failed: %s (%d)\n", gnutls_strerror(ret), ret);
  54 +               gnutls_deinit(sock->session);
  55 +               free(sock);
  56 +               return NULL;
  57 +       }
  58
  59         /* Configure the x509 credentials for the current session */
  60 -       gnutls_credentials_set(sock->session, GNUTLS_CRD_CERTIFICATE, g_aiccu->tls_cred);
  61 -       /* XXX: Return value is not documented in GNUTLS documentation! */
  62 +       ret = gnutls_credentials_set(sock->session, GNUTLS_CRD_CERTIFICATE, g_aiccu->tls_cred);
  63 +       if (ret != GNUTLS_E_SUCCESS)
  64 +       {
  65 +               dolog(LOG_ERR, "TLS credentials set failed: %s (%d)\n", gnutls_strerror(ret), ret);
  66 +               gnutls_deinit(sock->session);
  67 +               free(sock);
  68 +               return NULL;
  69 +       }
  70
  71  #endif /* AICCU_GNUTLS*/
  72
  73 --
  74 1.8.1
  75