Fix GnuTLS patch
This commit is contained in:
parent
b07b343fb9
commit
70cf9dbdd8
@ -1,31 +1,52 @@
|
||||
--- ./prelude-admin/server.c 2016-11-21 16:52:01.839000884 +0100
|
||||
+++ ./prelude-admin/server.c 2016-11-26 11:48:52.695000891 +0100
|
||||
@@ -145,22 +145,10 @@
|
||||
gnutls_session_t session;
|
||||
const char *err;
|
||||
--- ./prelude-admin/server.c 2016-09-15 08:49:10.785000884 +0200
|
||||
+++ ./prelude-admin/server.c 2017-02-05 10:29:25.051965998 +0100
|
||||
@@ -152,9 +152,9 @@
|
||||
#endif
|
||||
|
||||
-#if defined LIBGNUTLS_VERSION_MAJOR && LIBGNUTLS_VERSION_MAJOR >= 3
|
||||
-# define TLS_DH_STR "+ANON-ECDH:+ANON-DH"
|
||||
-#else
|
||||
-# define TLS_DH_STR "+ANON-DH"
|
||||
-#endif
|
||||
-
|
||||
-#ifdef GNUTLS_SRP_ENABLED
|
||||
#ifdef GNUTLS_SRP_ENABLED
|
||||
- const char *pstring = "NORMAL:+SRP:+SRP-DSS:+SRP-RSA:" TLS_DH_STR;
|
||||
-#else
|
||||
+ const char *pstring = "@SYSTEM:+SRP:+SRP-DSS:+SRP-RSA:" TLS_DH_STR;
|
||||
#else
|
||||
- const char *pstring = "NORMAL:" TLS_DH_STR;
|
||||
-#endif
|
||||
-
|
||||
gnutls_init(&session, GNUTLS_SERVER);
|
||||
gnutls_set_default_priority(session);
|
||||
+ const char *pstring = "@SYSTEM:" TLS_DH_STR;
|
||||
#endif
|
||||
|
||||
- ret = gnutls_priority_set_direct(session, pstring, &err);
|
||||
+ ret = gnutls_priority_set_direct(session, "@SYSTEM", &err);
|
||||
if (ret < 0) {
|
||||
fprintf(stderr, "TLS priority syntax error at: %s\n", err);
|
||||
return NULL;
|
||||
gnutls_init(&session, GNUTLS_SERVER);
|
||||
--- ./prelude-admin/prelude-admin.c 2016-09-15 08:49:10.785000884 +0200
|
||||
+++ ./prelude-admin/prelude-admin.c 2017-02-05 10:30:02.507127046 +0100
|
||||
@@ -897,9 +897,9 @@
|
||||
#endif
|
||||
|
||||
#ifdef GNUTLS_SRP_ENABLED
|
||||
- const char *pstring = "NORMAL:+SRP:+SRP-DSS:+SRP-RSA:" TLS_DH_STR;
|
||||
+ const char *pstring = "@SYSTEM:+SRP:+SRP-DSS:+SRP-RSA:" TLS_DH_STR;
|
||||
#else
|
||||
- const char *pstring = "NORMAL:" TLS_DH_STR;
|
||||
+ const char *pstring = "@SYSTEM:" TLS_DH_STR;
|
||||
#endif
|
||||
|
||||
gnutls_init(&session, GNUTLS_CLIENT);
|
||||
--- ./client.conf.in 2016-09-15 08:49:10.732000884 +0200
|
||||
+++ ./client.conf.in 2017-02-05 10:32:07.132334930 +0100
|
||||
@@ -58,7 +58,7 @@
|
||||
# Sets priorities for the ciphers, key exchange methods, macs and
|
||||
# compression methods.
|
||||
#
|
||||
-# "NORMAL" option enables all "secure" ciphersuites. The 256-bit
|
||||
+# "@SYSTEM" option enables all "secure" ciphersuites. The 256-bit
|
||||
# ciphers are included as a fallback only. The ciphers are sorted by
|
||||
# security margin.
|
||||
#
|
||||
@@ -77,5 +77,5 @@
|
||||
# Note that much more settings might be enabled or disabled using this
|
||||
# option: please see gnutls_priority_init(3) for more details.
|
||||
#
|
||||
-# The default settings is "NORMAL".
|
||||
-# tls-options = NORMAL
|
||||
+# The default settings is "@SYSTEM".
|
||||
+# tls-options = @SYSTEM
|
||||
--- ./src/tls-auth.c 2016-09-15 08:49:10.809000884 +0200
|
||||
+++ ./src/tls-auth.c 2016-11-30 23:08:58.649439656 +0100
|
||||
+++ ./src/tls-auth.c 2017-02-05 10:31:14.194521137 +0100
|
||||
@@ -232,7 +232,7 @@
|
||||
int ret;
|
||||
const char *errptr;
|
||||
|
@ -7,7 +7,7 @@
|
||||
|
||||
Name: libprelude
|
||||
Version: 3.1.0
|
||||
Release: 26%{?dist}
|
||||
Release: 27%{?dist}
|
||||
Summary: Secure Connections between all Sensors and the Prelude Manager
|
||||
# Prelude is GPL-2.0+
|
||||
# libmissing is LGPL-2.1+
|
||||
@ -235,6 +235,9 @@ make distcheck
|
||||
%doc AUTHORS ChangeLog README NEWS
|
||||
|
||||
%changelog
|
||||
* Mon Feb 02 2017 Thomas Andrejak <thomas.andrejak@gmail.com> - 3.1.0-27
|
||||
- Fix GnuTLS patch
|
||||
|
||||
* Wed Oct 19 2016 Thomas Andrejak <thomas.andrejak@gmail.com> - 3.1.0-26
|
||||
- Bump version
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user