[libgadu] fixed TLS usage via gnutls (rhbz #718619)
Dominik Mierzejewski
rathann at fedoraproject.org
Tue Jul 12 19:51:57 UTC 2011
commit 4b77e05aae7182c5f3d5aec4cfb1816a07751b3b
Author: Dominik Mierzejewski <rpm at greysector.net>
Date: Tue Jul 12 21:51:35 2011 +0200
fixed TLS usage via gnutls (rhbz #718619)
libgadu-r1144-gnutls-fix.patch | 80 ++++++++++++++++++++++++++++++++++++++++
libgadu.spec | 6 +++
2 files changed, 86 insertions(+), 0 deletions(-)
---
diff --git a/libgadu-r1144-gnutls-fix.patch b/libgadu-r1144-gnutls-fix.patch
new file mode 100644
index 0000000..c8bbccf
--- /dev/null
+++ b/libgadu-r1144-gnutls-fix.patch
@@ -0,0 +1,80 @@
+diff -up libgadu-1.11.0/src/events.c.r1144 libgadu-1.11.0/src/events.c
+--- libgadu-1.11.0/src/events.c.r1144 2011-05-29 13:41:30.000000000 +0200
++++ libgadu-1.11.0/src/events.c 2011-07-12 21:49:57.000000000 +0200
+@@ -810,14 +810,14 @@ gnutls_handshake_repeat:
+ const gnutls_datum_t *peers;
+ gnutls_x509_crt_t cert;
+
+- if (gnutls_x509_crt_init(&cert) >= 0) {
++ if (gnutls_x509_crt_init(&cert) == 0) {
+ peers = gnutls_certificate_get_peers(GG_SESSION_GNUTLS(sess), &peer_count);
+
+ if (peers != NULL) {
+ char buf[256];
+ size_t size;
+
+- if (gnutls_x509_crt_import(cert, &peers[0], GNUTLS_X509_FMT_DER) >= 0) {
++ if (gnutls_x509_crt_import(cert, &peers[0], GNUTLS_X509_FMT_DER) == 0) {
+ size = sizeof(buf);
+ gnutls_x509_crt_get_dn(cert, buf, &size);
+ gg_debug_session(sess, GG_DEBUG_MISC, "// cert subject: %s\n", buf);
+@@ -826,6 +826,8 @@ gnutls_handshake_repeat:
+ gg_debug_session(sess, GG_DEBUG_MISC, "// cert issuer: %s\n", buf);
+ }
+ }
++
++ gnutls_x509_crt_deinit(cert);
+ }
+ }
+
+diff -up libgadu-1.11.0/src/libgadu.c.r1144 libgadu-1.11.0/src/libgadu.c
+--- libgadu-1.11.0/src/libgadu.c.r1144 2011-05-29 13:41:30.000000000 +0200
++++ libgadu-1.11.0/src/libgadu.c 2011-07-12 21:49:57.000000000 +0200
+@@ -881,8 +881,7 @@ struct gg_session *gg_login(const struct
+ gnutls_global_init();
+ gnutls_certificate_allocate_credentials(&tmp->xcred);
+ gnutls_init(&tmp->session, GNUTLS_CLIENT);
+- gnutls_priority_set_direct(tmp->session, "NORMAL:-VERS-TLS", NULL);
+-// gnutls_priority_set_direct(tmp->session, "NONE:+VERS-SSL3.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL", NULL);
++ gnutls_set_default_priority(tmp->session);
+ gnutls_credentials_set(tmp->session, GNUTLS_CRD_CERTIFICATE, tmp->xcred);
+ #elif defined(GG_CONFIG_HAVE_OPENSSL)
+ char buf[1024];
+@@ -1116,18 +1115,6 @@ void gg_logoff(struct gg_session *sess)
+ sess->fd = -1;
+ }
+
+-#ifdef GG_CONFIG_HAVE_GNUTLS
+- if (sess->ssl != NULL) {
+- gg_session_gnutls_t *tmp;
+-
+- tmp = (gg_session_gnutls_t*) sess->ssl;
+- gnutls_deinit(tmp->session);
+- gnutls_certificate_free_credentials(tmp->xcred);
+- gnutls_global_deinit();
+- free(sess->ssl);
+- }
+-#endif
+-
+ if (sess->send_buf) {
+ free(sess->send_buf);
+ sess->send_buf = NULL;
+@@ -1159,6 +1146,18 @@ void gg_free_session(struct gg_session *
+ free(sess->recv_buf);
+ free(sess->header_buf);
+
++#ifdef GG_CONFIG_HAVE_GNUTLS
++ if (sess->ssl != NULL) {
++ gg_session_gnutls_t *tmp;
++
++ tmp = (gg_session_gnutls_t*) sess->ssl;
++ gnutls_deinit(tmp->session);
++ gnutls_certificate_free_credentials(tmp->xcred);
++ gnutls_global_deinit();
++ free(sess->ssl);
++ }
++#endif
++
+ #ifdef GG_CONFIG_HAVE_OPENSSL
+ if (sess->ssl)
+ SSL_free(sess->ssl);
diff --git a/libgadu.spec b/libgadu.spec
index 9f1c7bf..ac71a98 100644
--- a/libgadu.spec
+++ b/libgadu.spec
@@ -8,6 +8,8 @@ Summary: A Gadu-gadu protocol compatible communications library
License: LGPLv2
Group: System Environment/Libraries
Source0: http://toxygen.net/libgadu/files/%{name}-%{version}%{dashrc}.tar.gz
+# SVN r1144 - fixes TLS usage via gnutls
+Patch0: libgadu-r1144-gnutls-fix.patch
URL: http://toxygen.net/libgadu/
BuildRoot: %{_tmppath}/%{name}-%{version}-root-%(id -u -n)
BuildRequires: doxygen
@@ -56,6 +58,7 @@ Pakiet libgadu-doc zawiera dokumentację biblioteki libgadu.
%prep
%setup -q -n %{name}-%{version}%{dashrc}
+%patch0 -p1 -b .r1144
%build
%configure \
@@ -96,6 +99,9 @@ rm -rf $RPM_BUILD_ROOT
%doc docs/protocol.html docs/html
%changelog
+* Tue Jul 12 2011 Dominik Mierzejewski <rpm at greysector.net> 1.11.0-2
+- fixed TLS usage via gnutls (rhbz #718619)
+
* Sat Jun 04 2011 Dominik Mierzejewski <rpm at greysector.net> 1.11.0-1
- updated to 1.11.0
- enabled gsm/speex to support voice connections
More information about the scm-commits
mailing list