From 70cf9dbdd8738a671708c857521af7ac65105b3c Mon Sep 17 00:00:00 2001 From: Thomas Andrejak Date: Tue, 7 Feb 2017 00:46:16 +0100 Subject: [PATCH] Fix GnuTLS patch --- ...ude-3.1.0-gnutls_priority_set_direct.patch | 67 ++++++++++++------- libprelude.spec | 5 +- 2 files changed, 48 insertions(+), 24 deletions(-) diff --git a/libprelude-3.1.0-gnutls_priority_set_direct.patch b/libprelude-3.1.0-gnutls_priority_set_direct.patch index 48d1053..35c6675 100644 --- a/libprelude-3.1.0-gnutls_priority_set_direct.patch +++ b/libprelude-3.1.0-gnutls_priority_set_direct.patch @@ -1,31 +1,52 @@ ---- ./prelude-admin/server.c 2016-11-21 16:52:01.839000884 +0100 -+++ ./prelude-admin/server.c 2016-11-26 11:48:52.695000891 +0100 -@@ -145,22 +145,10 @@ - gnutls_session_t session; - const char *err; +--- ./prelude-admin/server.c 2016-09-15 08:49:10.785000884 +0200 ++++ ./prelude-admin/server.c 2017-02-05 10:29:25.051965998 +0100 +@@ -152,9 +152,9 @@ + #endif --#if defined LIBGNUTLS_VERSION_MAJOR && LIBGNUTLS_VERSION_MAJOR >= 3 --# define TLS_DH_STR "+ANON-ECDH:+ANON-DH" --#else --# define TLS_DH_STR "+ANON-DH" --#endif -- --#ifdef GNUTLS_SRP_ENABLED + #ifdef GNUTLS_SRP_ENABLED - const char *pstring = "NORMAL:+SRP:+SRP-DSS:+SRP-RSA:" TLS_DH_STR; --#else ++ const char *pstring = "@SYSTEM:+SRP:+SRP-DSS:+SRP-RSA:" TLS_DH_STR; + #else - const char *pstring = "NORMAL:" TLS_DH_STR; --#endif -- - gnutls_init(&session, GNUTLS_SERVER); - gnutls_set_default_priority(session); ++ const char *pstring = "@SYSTEM:" TLS_DH_STR; + #endif -- ret = gnutls_priority_set_direct(session, pstring, &err); -+ ret = gnutls_priority_set_direct(session, "@SYSTEM", &err); - if (ret < 0) { - fprintf(stderr, "TLS priority syntax error at: %s\n", err); - return NULL; + gnutls_init(&session, GNUTLS_SERVER); +--- ./prelude-admin/prelude-admin.c 2016-09-15 08:49:10.785000884 +0200 ++++ ./prelude-admin/prelude-admin.c 2017-02-05 10:30:02.507127046 +0100 +@@ -897,9 +897,9 @@ + #endif + + #ifdef GNUTLS_SRP_ENABLED +- const char *pstring = "NORMAL:+SRP:+SRP-DSS:+SRP-RSA:" TLS_DH_STR; ++ const char *pstring = "@SYSTEM:+SRP:+SRP-DSS:+SRP-RSA:" TLS_DH_STR; + #else +- const char *pstring = "NORMAL:" TLS_DH_STR; ++ const char *pstring = "@SYSTEM:" TLS_DH_STR; + #endif + + gnutls_init(&session, GNUTLS_CLIENT); +--- ./client.conf.in 2016-09-15 08:49:10.732000884 +0200 ++++ ./client.conf.in 2017-02-05 10:32:07.132334930 +0100 +@@ -58,7 +58,7 @@ + # Sets priorities for the ciphers, key exchange methods, macs and + # compression methods. + # +-# "NORMAL" option enables all "secure" ciphersuites. The 256-bit ++# "@SYSTEM" option enables all "secure" ciphersuites. The 256-bit + # ciphers are included as a fallback only. The ciphers are sorted by + # security margin. + # +@@ -77,5 +77,5 @@ + # Note that much more settings might be enabled or disabled using this + # option: please see gnutls_priority_init(3) for more details. + # +-# The default settings is "NORMAL". +-# tls-options = NORMAL ++# The default settings is "@SYSTEM". ++# tls-options = @SYSTEM --- ./src/tls-auth.c 2016-09-15 08:49:10.809000884 +0200 -+++ ./src/tls-auth.c 2016-11-30 23:08:58.649439656 +0100 ++++ ./src/tls-auth.c 2017-02-05 10:31:14.194521137 +0100 @@ -232,7 +232,7 @@ int ret; const char *errptr; diff --git a/libprelude.spec b/libprelude.spec index 56b763b..2d98ff2 100644 --- a/libprelude.spec +++ b/libprelude.spec @@ -7,7 +7,7 @@ Name: libprelude Version: 3.1.0 -Release: 26%{?dist} +Release: 27%{?dist} Summary: Secure Connections between all Sensors and the Prelude Manager # Prelude is GPL-2.0+ # libmissing is LGPL-2.1+ @@ -235,6 +235,9 @@ make distcheck %doc AUTHORS ChangeLog README NEWS %changelog +* Mon Feb 02 2017 Thomas Andrejak - 3.1.0-27 +- Fix GnuTLS patch + * Wed Oct 19 2016 Thomas Andrejak - 3.1.0-26 - Bump version