[openvas-libraries] Patch for new gnutls version.
rebus
rebus at fedoraproject.org
Mon Oct 3 18:52:40 UTC 2011
commit 13c6b0f1f60671e82873c8d52cf285ae63ae7d08
Author: Michal Ambroz <mambroz at mixer.localdomain>
Date: Mon Oct 3 20:51:28 2011 +0200
Patch for new gnutls version.
openvas-libraries-gnutls.patch | 88 ++++++++++++++++++++++++++++++++++++++++
1 files changed, 88 insertions(+), 0 deletions(-)
---
diff --git a/openvas-libraries-gnutls.patch b/openvas-libraries-gnutls.patch
index d94dd4b..58c11af 100644
--- a/openvas-libraries-gnutls.patch
+++ b/openvas-libraries-gnutls.patch
@@ -146,3 +146,91 @@ diff -ru openvas-libraries-4.0.5/misc/network.c openvas-libraries-4.0.5.new/misc
return set_gnutls_priorities (session, protocol_priority, cipher_priority,
comp_priority, kx_priority, mac_priority);
+diff -ru openvas-libraries-4.0.5.new/misc/network.c openvas-libraries-4.0.5/misc/network.c
+--- openvas-libraries-4.0.5.new/misc/network.c 2011-10-03 20:38:16.372079165 +0200
++++ openvas-libraries-4.0.5/misc/network.c 2011-10-03 20:40:13.970763808 +0200
+@@ -466,7 +466,7 @@
+ comp_priority, kx_priority, mac_priority);
+ }
+
++int
+-static int
+ set_gnutls_tlsv1 (gnutls_session_t session)
+ {
+ const char *protocol_priority="+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0";
+diff -ru openvas-libraries-4.0.5.new/misc/network.h openvas-libraries-4.0.5/misc/network.h
+--- openvas-libraries-4.0.5.new/misc/network.h 2011-10-03 20:38:24.274923568 +0200
++++ openvas-libraries-4.0.5/misc/network.h 2011-06-01 15:38:37.000000000 +0200
+@@ -121,4 +121,6 @@
+
+ void convipv4toipv4mappedaddr (struct in_addr, struct in6_addr *);
+
++int set_gnutls_tlsv1 (gnutls_session_t session);
++
+ #endif
+diff -ru openvas-libraries-4.0.5.new/misc/openvas_server.c openvas-libraries-4.0.5/misc/openvas_server.c
+--- openvas-libraries-4.0.5.new/misc/openvas_server.c 2011-10-03 20:39:25.165724711 +0200
++++ openvas-libraries-4.0.5/misc/openvas_server.c 2011-06-01 15:38:37.000000000 +0200
+@@ -58,6 +58,7 @@
+ #include <string.h>
+
+ #include "openvas_server.h"
++#include "network.h"
+
+ /**
+ * @todo This module nearly fulfils the requirements to be placed in the base
+@@ -143,6 +142,7 @@
+ return -1;
+ }
+
++ /* FIX - should we set some priorities?
+ const int kx_priority[] = { GNUTLS_KX_DHE_RSA,
+ GNUTLS_KX_RSA,
+ GNUTLS_KX_DHE_DSS,
+@@ -156,6 +154,7 @@
+ gnutls_certificate_free_credentials (credentials);
+ return -1;
+ }
++ */
+
+ if (gnutls_credentials_set (*session, GNUTLS_CRD_CERTIFICATE, credentials))
+ {
+@@ -619,6 +616,7 @@
+ gnutls_certificate_credentials_t * server_credentials)
+ {
+ // FIX static vars?
++ /*
+ const int protocol_priority[] = { GNUTLS_TLS1,
+ 0
+ };
+@@ -642,6 +638,8 @@
+ GNUTLS_MAC_MD5,
+ 0
+ };
++ */
++
+
+ /* Turn off use of /dev/random, as this can block. */
+
+@@ -692,6 +686,7 @@
+ goto server_free_fail;
+ }
+
++ /*
+ if (gnutls_protocol_set_priority (*server_session, protocol_priority))
+ {
+ g_warning ("%s: failed to set protocol priority\n", __FUNCTION__);
+@@ -722,6 +715,13 @@
+ {
+ g_warning ("%s: failed to set mac priority\n", __FUNCTION__);
+ goto server_fail;
++ }
++ */
++
++ if (set_gnutls_tlsv1(*server_session))
++ {
++ g_warning ("%s: failed to set mac priority\n", __FUNCTION__);
++ goto server_fail;
+ }
+
+ if (gnutls_credentials_set
More information about the scm-commits
mailing list