abbra pushed to samba (master). "Remove usage of deprecated gnutls APIs"
notifications at fedoraproject.org
notifications at fedoraproject.org
Mon May 11 17:54:22 UTC 2015
From 1f44861aaabcffca1bc001a63c2025a10b84b2cc Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy at redhat.com>
Date: Mon, 11 May 2015 20:53:51 +0300
Subject: Remove usage of deprecated gnutls APIs
diff --git a/samba-4.2-fix-gnutls-deprecation.patch b/samba-4.2-fix-gnutls-deprecation.patch
new file mode 100644
index 0000000..16958fa
--- /dev/null
+++ b/samba-4.2-fix-gnutls-deprecation.patch
@@ -0,0 +1,63 @@
+commit c6ad8a10c12c8a79dc83cab1591e5279edd62bd6
+Author: Evangelos Foutras <evangelos at foutrelis.com>
+Date: Mon Apr 13 23:11:14 2015 +0300
+
+ s4:lib/tls: fix build with gnutls 3.4
+
+ gnutls_certificate_type_set_priority() was removed in GnuTLS 3.4.0. Use
+ gnutls_priority_set_direct instead.
+
+ BUG: https://bugzilla.samba.org/show_bug.cgi?id=8780
+
+ Signed-off-by: Björn Jacke <bj at sernet.de>
+ Reviewed-By: Jelmer Vernooij <jelmer at samba.org>
+
+ Autobuild-User(master): Björn Jacke <bj at sernet.de>
+ Autobuild-Date(master): Wed Apr 29 22:29:02 CEST 2015 on sn-devel-104
+
+diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c
+index b9182ad..2fe4ff7 100644
+--- a/source4/lib/tls/tls.c
++++ b/source4/lib/tls/tls.c
+@@ -572,7 +572,6 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx,
+ {
+ struct tls_context *tls;
+ int ret = 0;
+- const int cert_type_priority[] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
+ struct socket_context *new_sock;
+ NTSTATUS nt_status;
+
+@@ -598,7 +597,7 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx,
+ gnutls_certificate_set_x509_trust_file(tls->xcred, ca_path, GNUTLS_X509_FMT_PEM);
+ TLSCHECK(gnutls_init(&tls->session, GNUTLS_CLIENT));
+ TLSCHECK(gnutls_set_default_priority(tls->session));
+- gnutls_certificate_type_set_priority(tls->session, cert_type_priority);
++ gnutls_priority_set_direct(tls->session, "NORMAL:+CTYPE-OPENPGP", NULL);
+ TLSCHECK(gnutls_credentials_set(tls->session, GNUTLS_CRD_CERTIFICATE, tls->xcred));
+
+ talloc_set_destructor(tls, tls_destructor);
+diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c
+index f19f5c5..5b2329b 100644
+--- a/source4/lib/tls/tls_tstream.c
++++ b/source4/lib/tls/tls_tstream.c
+@@ -967,11 +967,6 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+ #if ENABLE_GNUTLS
+ struct tstream_tls *tlss;
+ int ret;
+- static const int cert_type_priority[] = {
+- GNUTLS_CRT_X509,
+- GNUTLS_CRT_OPENPGP,
+- 0
+- };
+ #endif /* ENABLE_GNUTLS */
+
+ req = tevent_req_create(mem_ctx, &state,
+@@ -1014,7 +1009,7 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+ return tevent_req_post(req, ev);
+ }
+
+- gnutls_certificate_type_set_priority(tlss->tls_session, cert_type_priority);
++ gnutls_priority_set_direct(tlss->tls_session, "NORMAL:+CTYPE-OPENPGP", NULL);
+
+ ret = gnutls_credentials_set(tlss->tls_session,
+ GNUTLS_CRD_CERTIFICATE,
diff --git a/samba.spec b/samba.spec
index f21a0c0..50a4d0a 100644
--- a/samba.spec
+++ b/samba.spec
@@ -96,6 +96,7 @@ Patch0: samba-4.2.2-fix_debug_macro.patch
Patch1: samba-4.2.2-lib-util-fix-detection-of-systemd-libraries.patch
Patch2: samba-4.2-fix-rpc-helper.patch
Patch3: samba-4.2-auth-credentials-if-credentials-have-principal-set-t.patch
+Patch4: samba-4.2-fix-gnutls-deprecation.patch
# Red Hat specific replacement-files
Source1: samba.log
@@ -648,6 +649,7 @@ and use CTDB instead.
%patch1 -p1 -b .samba-4.2.2-lib-util-fix-detection-of-systemd-libraries.patch
%patch2 -p1 -b .samba-4.2-fix-rpc-helper.patch
%patch3 -p1 -b .samba-4.2-auth-credentials-if-credentials-have-principal-set-t.patch
+%patch4 -p1 -b .samba-4.2-fix-gnutls-deprecation.patch
%build
%global _talloc_lib ,talloc,pytalloc,pytalloc-util
@@ -1938,6 +1940,7 @@ rm -rf %{buildroot}
%changelog
* Mon May 11 2015 Alexander Bokovoy <abokovoy at redhat.com> - 4.2.1-8
- Fixes: #1219832: Samba 4.2 broke FreeIPA trusts to AD
+- Remove usage of deprecated API from gnutls
* Thu Apr 30 2015 Alexander Bokovoy <abokovoy at redhat.com> - 4.2.1-7
- Fix LSASD daemon
--
cgit v0.10.2
http://pkgs.fedoraproject.org/cgit/samba.git/commit/?h=master&id=1f44861aaabcffca1bc001a63c2025a10b84b2cc
More information about the scm-commits
mailing list