--- /dev/null
+--- ./tools/qemu-xen-traditional/vnc.c.orig
++++ ./tools/qemu-xen-traditional/vnc.c
+@@ -2137,10 +2137,6 @@
+
+
+ static int vnc_start_tls(struct VncState *vs) {
+- static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
+- static const int protocol_priority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0 };
+- static const int kx_anon[] = {GNUTLS_KX_ANON_DH, 0};
+- static const int kx_x509[] = {GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0};
+
+ VNC_DEBUG("Do TLS setup\n");
+ if (vnc_tls_initialize() < 0) {
+@@ -2161,21 +2157,7 @@
+ return -1;
+ }
+
+- if (gnutls_kx_set_priority(vs->tls_session, NEED_X509_AUTH(vs) ? kx_x509 : kx_anon) < 0) {
+- gnutls_deinit(vs->tls_session);
+- vs->tls_session = NULL;
+- vnc_client_error(vs);
+- return -1;
+- }
+-
+- if (gnutls_certificate_type_set_priority(vs->tls_session, cert_type_priority) < 0) {
+- gnutls_deinit(vs->tls_session);
+- vs->tls_session = NULL;
+- vnc_client_error(vs);
+- return -1;
+- }
+-
+- if (gnutls_protocol_set_priority(vs->tls_session, protocol_priority) < 0) {
++ if (gnutls_priority_set_direct(vs->tls_session, NEED_X509_AUTH(vs) ? "NORMAL" : "NORMAL:+ANON-DH", NULL) < 0) {
+ gnutls_deinit(vs->tls_session);
+ vs->tls_session = NULL;
+ vnc_client_error(vs);
Summary: Xen - a virtual machine monitor
Summary(pl.UTF-8): Xen - monitor maszyny wirtualnej
Name: xen
-Version: 4.4.2
-Release: 2
+Version: 4.4.3
+Release: 1
License: GPL v2, interface parts on BSD-like
Group: Applications/System
Source0: http://bits.xensource.com/oss-xen/release/%{version}/%{name}-%{version}.tar.gz
-# Source0-md5: 1812261459564147e6b9105115c511aa
+# Source0-md5: fae37c3afc92e7d5d3e93fbe9b81ec2c
# used by stubdoms
Source10: %{xen_extfiles_url}/lwip-1.3.0.tar.gz
# Source10-md5: 36cc57650cffda9a0269493be2a169bb
Patch17: xsa99.patch
Patch18: %{name}-make.patch
Patch19: %{name}-no_Werror.patch
+# http://git.alpinelinux.org/cgit/aports/plain/main/xen/gnutls-3.4.0.patch
+Patch20: %{name}-gnutls-3.4.patch
URL: http://www.xen.org/products/xenhyp.html
%if %{with qemu_traditional}
%{?with_opengl:BuildRequires: OpenGL-devel}
%patch17 -p1
%patch18 -p1
%patch19 -p1
+%patch20 -p1
# stubdom sources
ln -s %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} stubdom