[libgadu] fixed TLS usage via gnutls (rhbz #718619)

Dominik Mierzejewski rathann at fedoraproject.org
Tue Jul 12 19:51:57 UTC 2011 

commit 4b77e05aae7182c5f3d5aec4cfb1816a07751b3b
Author: Dominik Mierzejewski <rpm at greysector.net>
Date:   Tue Jul 12 21:51:35 2011 +0200

    fixed TLS usage via gnutls (rhbz #718619)

 libgadu-r1144-gnutls-fix.patch |   80 ++++++++++++++++++++++++++++++++++++++++
 libgadu.spec                   |    6 +++
 2 files changed, 86 insertions(+), 0 deletions(-)
---
diff --git a/libgadu-r1144-gnutls-fix.patch b/libgadu-r1144-gnutls-fix.patch
new file mode 100644
index 0000000..c8bbccf
--- /dev/null
+++ b/libgadu-r1144-gnutls-fix.patch
@@ -0,0 +1,80 @@
+diff -up libgadu-1.11.0/src/events.c.r1144 libgadu-1.11.0/src/events.c
+--- libgadu-1.11.0/src/events.c.r1144	2011-05-29 13:41:30.000000000 +0200
++++ libgadu-1.11.0/src/events.c	2011-07-12 21:49:57.000000000 +0200
+@@ -810,14 +810,14 @@ gnutls_handshake_repeat:
+ 				const gnutls_datum_t *peers;
+ 				gnutls_x509_crt_t cert;
+ 
+-				if (gnutls_x509_crt_init(&cert) >= 0) {
++				if (gnutls_x509_crt_init(&cert) == 0) {
+ 					peers = gnutls_certificate_get_peers(GG_SESSION_GNUTLS(sess), &peer_count);
+ 
+ 					if (peers != NULL) {
+ 						char buf[256];
+ 						size_t size;
+ 
+-						if (gnutls_x509_crt_import(cert, &peers[0], GNUTLS_X509_FMT_DER) >= 0) {
++						if (gnutls_x509_crt_import(cert, &peers[0], GNUTLS_X509_FMT_DER) == 0) {
+ 							size = sizeof(buf);
+ 							gnutls_x509_crt_get_dn(cert, buf, &size);
+ 							gg_debug_session(sess, GG_DEBUG_MISC, "//   cert subject: %s\n", buf);
+@@ -826,6 +826,8 @@ gnutls_handshake_repeat:
+ 							gg_debug_session(sess, GG_DEBUG_MISC, "//   cert issuer: %s\n", buf);
+ 						}
+ 					}
++
++					gnutls_x509_crt_deinit(cert);
+ 				}
+ 			}
+ 
+diff -up libgadu-1.11.0/src/libgadu.c.r1144 libgadu-1.11.0/src/libgadu.c
+--- libgadu-1.11.0/src/libgadu.c.r1144	2011-05-29 13:41:30.000000000 +0200
++++ libgadu-1.11.0/src/libgadu.c	2011-07-12 21:49:57.000000000 +0200
+@@ -881,8 +881,7 @@ struct gg_session *gg_login(const struct
+ 		gnutls_global_init();
+ 		gnutls_certificate_allocate_credentials(&tmp->xcred);
+ 		gnutls_init(&tmp->session, GNUTLS_CLIENT);
+-		gnutls_priority_set_direct(tmp->session, "NORMAL:-VERS-TLS", NULL);
+-//		gnutls_priority_set_direct(tmp->session, "NONE:+VERS-SSL3.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL", NULL);
++		gnutls_set_default_priority(tmp->session);
+ 		gnutls_credentials_set(tmp->session, GNUTLS_CRD_CERTIFICATE, tmp->xcred);
+ #elif defined(GG_CONFIG_HAVE_OPENSSL)
+ 		char buf[1024];
+@@ -1116,18 +1115,6 @@ void gg_logoff(struct gg_session *sess)
+ 		sess->fd = -1;
+ 	}
+ 
+-#ifdef GG_CONFIG_HAVE_GNUTLS
+-	if (sess->ssl != NULL) {
+-		gg_session_gnutls_t *tmp;
+-
+-		tmp = (gg_session_gnutls_t*) sess->ssl;
+-		gnutls_deinit(tmp->session);
+-		gnutls_certificate_free_credentials(tmp->xcred);
+-		gnutls_global_deinit();
+-		free(sess->ssl);
+-	}
+-#endif
+-
+ 	if (sess->send_buf) {
+ 		free(sess->send_buf);
+ 		sess->send_buf = NULL;
+@@ -1159,6 +1146,18 @@ void gg_free_session(struct gg_session *
+ 	free(sess->recv_buf);
+ 	free(sess->header_buf);
+ 
++#ifdef GG_CONFIG_HAVE_GNUTLS
++	if (sess->ssl != NULL) {
++		gg_session_gnutls_t *tmp;
++
++		tmp = (gg_session_gnutls_t*) sess->ssl;
++		gnutls_deinit(tmp->session);
++		gnutls_certificate_free_credentials(tmp->xcred);
++		gnutls_global_deinit();
++		free(sess->ssl);
++	}
++#endif
++
+ #ifdef GG_CONFIG_HAVE_OPENSSL
+ 	if (sess->ssl)
+ 		SSL_free(sess->ssl);
diff --git a/libgadu.spec b/libgadu.spec
index 9f1c7bf..ac71a98 100644
--- a/libgadu.spec
+++ b/libgadu.spec
@@ -8,6 +8,8 @@ Summary:	A Gadu-gadu protocol compatible communications library
 License:	LGPLv2
 Group:		System Environment/Libraries
 Source0:	http://toxygen.net/libgadu/files/%{name}-%{version}%{dashrc}.tar.gz
+# SVN r1144 - fixes TLS usage via gnutls
+Patch0:		libgadu-r1144-gnutls-fix.patch
 URL:		http://toxygen.net/libgadu/
 BuildRoot:	%{_tmppath}/%{name}-%{version}-root-%(id -u -n)
 BuildRequires:	doxygen
@@ -56,6 +58,7 @@ Pakiet libgadu-doc zawiera dokumentację biblioteki libgadu.
 
 %prep
 %setup -q -n %{name}-%{version}%{dashrc}
+%patch0 -p1 -b .r1144
 
 %build
 %configure \
@@ -96,6 +99,9 @@ rm -rf $RPM_BUILD_ROOT
 %doc docs/protocol.html docs/html
 
 %changelog
+* Tue Jul 12 2011 Dominik Mierzejewski <rpm at greysector.net> 1.11.0-2
+- fixed TLS usage via gnutls (rhbz #718619)
+
 * Sat Jun 04 2011 Dominik Mierzejewski <rpm at greysector.net> 1.11.0-1
 - updated to 1.11.0
 - enabled gsm/speex to support voice connections

More information about the scm-commits mailing list