]>
Commit | Line | Data |
---|---|---|
364c88c5 JB |
1 | --- ./tools/qemu-xen-traditional/vnc.c.orig |
2 | +++ ./tools/qemu-xen-traditional/vnc.c | |
3 | @@ -2137,10 +2137,6 @@ | |
4 | ||
5 | ||
6 | static int vnc_start_tls(struct VncState *vs) { | |
7 | - static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 }; | |
8 | - static const int protocol_priority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0 }; | |
9 | - static const int kx_anon[] = {GNUTLS_KX_ANON_DH, 0}; | |
10 | - static const int kx_x509[] = {GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0}; | |
11 | ||
12 | VNC_DEBUG("Do TLS setup\n"); | |
13 | if (vnc_tls_initialize() < 0) { | |
14 | @@ -2161,21 +2157,7 @@ | |
15 | return -1; | |
16 | } | |
17 | ||
18 | - if (gnutls_kx_set_priority(vs->tls_session, NEED_X509_AUTH(vs) ? kx_x509 : kx_anon) < 0) { | |
19 | - gnutls_deinit(vs->tls_session); | |
20 | - vs->tls_session = NULL; | |
21 | - vnc_client_error(vs); | |
22 | - return -1; | |
23 | - } | |
24 | - | |
25 | - if (gnutls_certificate_type_set_priority(vs->tls_session, cert_type_priority) < 0) { | |
26 | - gnutls_deinit(vs->tls_session); | |
27 | - vs->tls_session = NULL; | |
28 | - vnc_client_error(vs); | |
29 | - return -1; | |
30 | - } | |
31 | - | |
32 | - if (gnutls_protocol_set_priority(vs->tls_session, protocol_priority) < 0) { | |
33 | + if (gnutls_priority_set_direct(vs->tls_session, NEED_X509_AUTH(vs) ? "NORMAL" : "NORMAL:+ANON-DH", NULL) < 0) { | |
34 | gnutls_deinit(vs->tls_session); | |
35 | vs->tls_session = NULL; | |
36 | vnc_client_error(vs); |