libprelude/libprelude-3.1.0-gnutls_priority_set_direct.patch
2016-12-05 22:45:15 +01:00

38 lines
1.5 KiB
Diff

--- ./prelude-admin/server.c 2016-11-21 16:52:01.839000884 +0100
+++ ./prelude-admin/server.c 2016-11-26 11:48:52.695000891 +0100
@@ -145,22 +145,10 @@
gnutls_session_t session;
const char *err;
-#if defined LIBGNUTLS_VERSION_MAJOR && LIBGNUTLS_VERSION_MAJOR >= 3
-# define TLS_DH_STR "+ANON-ECDH:+ANON-DH"
-#else
-# define TLS_DH_STR "+ANON-DH"
-#endif
-
-#ifdef GNUTLS_SRP_ENABLED
- const char *pstring = "NORMAL:+SRP:+SRP-DSS:+SRP-RSA:" TLS_DH_STR;
-#else
- const char *pstring = "NORMAL:" TLS_DH_STR;
-#endif
-
gnutls_init(&session, GNUTLS_SERVER);
gnutls_set_default_priority(session);
- ret = gnutls_priority_set_direct(session, pstring, &err);
+ ret = gnutls_priority_set_direct(session, "@SYSTEM", &err);
if (ret < 0) {
fprintf(stderr, "TLS priority syntax error at: %s\n", err);
return NULL;
--- ./src/tls-auth.c 2016-09-15 08:49:10.809000884 +0200
+++ ./src/tls-auth.c 2016-11-30 23:08:58.649439656 +0100
@@ -232,7 +232,7 @@
int ret;
const char *errptr;
- ret = gnutls_priority_init(&tls_priority, (tlsopts) ? tlsopts : "NORMAL", &errptr);
+ ret = gnutls_priority_init(&tls_priority, (tlsopts) ? tlsopts : "@SYSTEM", &errptr);
if ( ret < 0 )
return prelude_error_verbose_make(PRELUDE_ERROR_SOURCE_CLIENT, PRELUDE_ERROR_TLS,
"TLS options '%s': %s", errptr, gnutls_strerror(ret));