1 --- ./tools/qemu-xen-traditional/vnc.c.orig
2 +++ ./tools/qemu-xen-traditional/vnc.c
6 static int vnc_start_tls(struct VncState *vs) {
7 - static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
8 - static const int protocol_priority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0 };
9 - static const int kx_anon[] = {GNUTLS_KX_ANON_DH, 0};
10 - static const int kx_x509[] = {GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0};
12 VNC_DEBUG("Do TLS setup\n");
13 if (vnc_tls_initialize() < 0) {
14 @@ -2161,21 +2157,7 @@
18 - if (gnutls_kx_set_priority(vs->tls_session, NEED_X509_AUTH(vs) ? kx_x509 : kx_anon) < 0) {
19 - gnutls_deinit(vs->tls_session);
20 - vs->tls_session = NULL;
21 - vnc_client_error(vs);
25 - if (gnutls_certificate_type_set_priority(vs->tls_session, cert_type_priority) < 0) {
26 - gnutls_deinit(vs->tls_session);
27 - vs->tls_session = NULL;
28 - vnc_client_error(vs);
32 - if (gnutls_protocol_set_priority(vs->tls_session, protocol_priority) < 0) {
33 + if (gnutls_priority_set_direct(vs->tls_session, NEED_X509_AUTH(vs) ? "NORMAL" : "NORMAL:+ANON-DH", NULL) < 0) {
34 gnutls_deinit(vs->tls_session);
35 vs->tls_session = NULL;