From: Andrew Bartlett Date: Wed, 26 Oct 2022 21:48:42 +0000 (+1300) Subject: Remove rudundent check/workaround for buggy GnuTLS 3.5.2 as we now require GnuTLS... X-Git-Tag: talloc-2.4.1~134 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a815eead8414fe6e8e999930ca4befa7c295497e;p=thirdparty%2Fsamba.git Remove rudundent check/workaround for buggy GnuTLS 3.5.2 as we now require GnuTLS 3.6.13 Signed-off-by: Andrew Bartlett Reviewed-by: Andreas Schneider --- diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c index d95274c1692..5e75b936a29 100644 --- a/libcli/smb/smb2_signing.c +++ b/libcli/smb/smb2_signing.c @@ -1257,21 +1257,6 @@ NTSTATUS smb2_signing_decrypt_pdu(struct smb2_signing_key *decryption_key, status = gnutls_error_to_ntstatus(rc, NT_STATUS_INTERNAL_ERROR); goto out; } -#ifdef HAVE_GNUTLS_AEAD_CIPHER_DECRYPT_PTEXT_LEN_BUG - /* - * Note that gnutls before 3.5.2 had a bug and returned - * *ptext_len = ctext_len, instead of - * *ptext_len = ctext_len - tag_size - */ - if (ptext_size != ctext_size) { - TALLOC_FREE(ptext); - TALLOC_FREE(ctext); - rc = GNUTLS_E_SHORT_MEMORY_BUFFER; - status = gnutls_error_to_ntstatus(rc, NT_STATUS_INTERNAL_ERROR); - goto out; - } - ptext_size -= tag_size; -#endif /* HAVE_GNUTLS_AEAD_CIPHER_DECRYPT_PTEXT_LEN_BUG */ if (ptext_size != m_total) { TALLOC_FREE(ptext); TALLOC_FREE(ctext); diff --git a/wscript_configure_system_gnutls b/wscript_configure_system_gnutls index 014e96446f6..53c04a28160 100644 --- a/wscript_configure_system_gnutls +++ b/wscript_configure_system_gnutls @@ -38,9 +38,6 @@ if (gnutls_version > parse_version('3.6.10')): if (gnutls_version > parse_version('3.6.14')): conf.DEFINE('ALLOW_GNUTLS_AEAD_CIPHER_ENCRYPTV2_AES_CCM', 1) -if (gnutls_version < parse_version('3.5.2')): - conf.DEFINE('HAVE_GNUTLS_AEAD_CIPHER_DECRYPT_PTEXT_LEN_BUG', 1) - # Check if gnutls has fips mode support # gnutls_fips140_mode_enabled() is available since 3.3.0 fragment = '''