[packages/samba.git] / samba-lib-tls-fix-build-with-gnutls-3.4.patch

From 33379031e66330c453bd5af201c2ddca3dd16a2c Mon Sep 17 00:00:00 2001
From: Evangelos Foutras <evangelos@foutrelis.com>
Date: Mon, 13 Apr 2015 23:11:14 +0300
Subject: [PATCH] s4:lib/tls: fix build with gnutls 3.4
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

gnutls_certificate_type_set_priority() was removed in GnuTLS 3.4.0. Use
gnutls_priority_set_direct instead.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=8780

Signed-off-by: Björn Jacke <bj@sernet.de>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>

Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Wed Apr 29 22:29:02 CEST 2015 on sn-devel-104

(cherry picked from commit c6ad8a10c12c8a79dc83cab1591e5279edd62bd6)
---
 source4/lib/tls/tls.c         | 3 +--
 source4/lib/tls/tls_tstream.c | 7 +------
 2 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c
index 9a3e610..7a7a7cd 100644
--- a/source4/lib/tls/tls.c
+++ b/source4/lib/tls/tls.c
@@ -572,7 +572,6 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx,
 {
 	struct tls_context *tls;
 	int ret = 0;
-	const int cert_type_priority[] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
 	struct socket_context *new_sock;
 	NTSTATUS nt_status;
 	
@@ -598,7 +597,7 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx,
 	gnutls_certificate_set_x509_trust_file(tls->xcred, ca_path, GNUTLS_X509_FMT_PEM);
 	TLSCHECK(gnutls_init(&tls->session, GNUTLS_CLIENT));
 	TLSCHECK(gnutls_set_default_priority(tls->session));
-	gnutls_certificate_type_set_priority(tls->session, cert_type_priority);
+	gnutls_priority_set_direct(tls->session, "NORMAL:+CTYPE-OPENPGP", NULL);
 	TLSCHECK(gnutls_credentials_set(tls->session, GNUTLS_CRD_CERTIFICATE, tls->xcred));
 
 	talloc_set_destructor(tls, tls_destructor);
diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c
index 2cb75ed..b907d0a 100644
--- a/source4/lib/tls/tls_tstream.c
+++ b/source4/lib/tls/tls_tstream.c
@@ -967,11 +967,6 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
 #if ENABLE_GNUTLS
 	struct tstream_tls *tlss;
 	int ret;
-	static const int cert_type_priority[] = {
-		GNUTLS_CRT_X509,
-		GNUTLS_CRT_OPENPGP,
-		0
-	};
 #endif /* ENABLE_GNUTLS */
 
 	req = tevent_req_create(mem_ctx, &state,
@@ -1014,7 +1009,7 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
 		return tevent_req_post(req, ev);
 	}
 
-	gnutls_certificate_type_set_priority(tlss->tls_session, cert_type_priority);
+	gnutls_priority_set_direct(tlss->tls_session, "NORMAL:+CTYPE-OPENPGP", NULL);
 
 	ret = gnutls_credentials_set(tlss->tls_session,
 				     GNUTLS_CRD_CERTIFICATE,
-- 
2.3.0
Commit	Line	Data
3d62e122 JB	1	From 33379031e66330c453bd5af201c2ddca3dd16a2c Mon Sep 17 00:00:00 2001
	2	From: Evangelos Foutras <evangelos@foutrelis.com>
	3	Date: Mon, 13 Apr 2015 23:11:14 +0300
	4	Subject: [PATCH] s4:lib/tls: fix build with gnutls 3.4
	5	MIME-Version: 1.0
	6	Content-Type: text/plain; charset=UTF-8
	7	Content-Transfer-Encoding: 8bit
	8
	9	gnutls_certificate_type_set_priority() was removed in GnuTLS 3.4.0. Use
	10	gnutls_priority_set_direct instead.
	11
	12	BUG: https://bugzilla.samba.org/show_bug.cgi?id=8780
	13
	14	Signed-off-by: Björn Jacke <bj@sernet.de>
	15	Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
	16
	17	Autobuild-User(master): Björn Jacke <bj@sernet.de>
	18	Autobuild-Date(master): Wed Apr 29 22:29:02 CEST 2015 on sn-devel-104
	19
	20	(cherry picked from commit c6ad8a10c12c8a79dc83cab1591e5279edd62bd6)
	21	---
	22	source4/lib/tls/tls.c \| 3 +--
	23	source4/lib/tls/tls_tstream.c \| 7 +------
	24	2 files changed, 2 insertions(+), 8 deletions(-)
	25
	26	diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c
	27	index 9a3e610..7a7a7cd 100644
	28	--- a/source4/lib/tls/tls.c
	29	+++ b/source4/lib/tls/tls.c
	30	@@ -572,7 +572,6 @@ struct socket_context tls_init_client(struct socket_context socket_ctx,
	31	{
	32	struct tls_context *tls;
	33	int ret = 0;
	34	- const int cert_type_priority[] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
	35	struct socket_context *new_sock;
	36	NTSTATUS nt_status;
	37
	38	@@ -598,7 +597,7 @@ struct socket_context tls_init_client(struct socket_context socket_ctx,
	39	gnutls_certificate_set_x509_trust_file(tls->xcred, ca_path, GNUTLS_X509_FMT_PEM);
	40	TLSCHECK(gnutls_init(&tls->session, GNUTLS_CLIENT));
	41	TLSCHECK(gnutls_set_default_priority(tls->session));
	42	- gnutls_certificate_type_set_priority(tls->session, cert_type_priority);
	43	+ gnutls_priority_set_direct(tls->session, "NORMAL:+CTYPE-OPENPGP", NULL);
	44	TLSCHECK(gnutls_credentials_set(tls->session, GNUTLS_CRD_CERTIFICATE, tls->xcred));
	45
	46	talloc_set_destructor(tls, tls_destructor);
	47	diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c
	48	index 2cb75ed..b907d0a 100644
	49	--- a/source4/lib/tls/tls_tstream.c
	50	+++ b/source4/lib/tls/tls_tstream.c
	51	@@ -967,11 +967,6 @@ struct tevent_req _tstream_tls_connect_send(TALLOC_CTX mem_ctx,
	52	#if ENABLE_GNUTLS
	53	struct tstream_tls *tlss;
	54	int ret;
	55	- static const int cert_type_priority[] = {
	56	- GNUTLS_CRT_X509,
	57	- GNUTLS_CRT_OPENPGP,
	58	- 0
	59	- };
	60	#endif /* ENABLE_GNUTLS */
	61
	62	req = tevent_req_create(mem_ctx, &state,
	63	@@ -1014,7 +1009,7 @@ struct tevent_req _tstream_tls_connect_send(TALLOC_CTX mem_ctx,
	64	return tevent_req_post(req, ev);
65	}
66
67	- gnutls_certificate_type_set_priority(tlss->tls_session, cert_type_priority);
68	+ gnutls_priority_set_direct(tlss->tls_session, "NORMAL:+CTYPE-OPENPGP", NULL);
69
70	ret = gnutls_credentials_set(tlss->tls_session,
71	GNUTLS_CRD_CERTIFICATE,
72	--
73	2.3.0
74