- updated to 4.4.3

author Jakub Bogusz <qboosh@pld-linux.org>

Thu, 1 Oct 2015 13:34:21 +0000 (15:34 +0200)

committer Jakub Bogusz <qboosh@pld-linux.org>

Thu, 1 Oct 2015 13:34:21 +0000 (15:34 +0200)
author Jakub Bogusz <qboosh@pld-linux.org>
Thu, 1 Oct 2015 13:34:21 +0000 (15:34 +0200)
committer Jakub Bogusz <qboosh@pld-linux.org>
Thu, 1 Oct 2015 13:34:21 +0000 (15:34 +0200)
diff --git a/xen-gnutls-3.4.patch b/xen-gnutls-3.4.patch

new file mode 100644 (file)

index 0000000..9d2ed16
--- /dev/null
+++ b/xen-gnutls-3.4.patch
@@ -0,0 +1,36 @@
+--- ./tools/qemu-xen-traditional/vnc.c.orig
++++ ./tools/qemu-xen-traditional/vnc.c
+@@ -2137,10 +2137,6 @@
+ 
+ 
+ static int vnc_start_tls(struct VncState *vs) {
+-    static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
+-    static const int protocol_priority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0 };
+-    static const int kx_anon[] = {GNUTLS_KX_ANON_DH, 0};
+-    static const int kx_x509[] = {GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0};
+ 
+     VNC_DEBUG("Do TLS setup\n");
+     if (vnc_tls_initialize() < 0) {
+@@ -2161,21 +2157,7 @@
+           return -1;
+       }
+ 
+-      if (gnutls_kx_set_priority(vs->tls_session, NEED_X509_AUTH(vs) ? kx_x509 : kx_anon) < 0) {
+-          gnutls_deinit(vs->tls_session);
+-          vs->tls_session = NULL;
+-          vnc_client_error(vs);
+-          return -1;
+-      }
+-
+-      if (gnutls_certificate_type_set_priority(vs->tls_session, cert_type_priority) < 0) {
+-          gnutls_deinit(vs->tls_session);
+-          vs->tls_session = NULL;
+-          vnc_client_error(vs);
+-          return -1;
+-      }
+-
+-      if (gnutls_protocol_set_priority(vs->tls_session, protocol_priority) < 0) {
++      if (gnutls_priority_set_direct(vs->tls_session, NEED_X509_AUTH(vs) ? "NORMAL" : "NORMAL:+ANON-DH", NULL) < 0) {
+           gnutls_deinit(vs->tls_session);
+           vs->tls_session = NULL;
+           vnc_client_error(vs);
diff --git a/xen.spec b/xen.spec

index 4f42dd40bd405f48e2b6d59ee55efa0569e6bb83..950dddc9c05dd4d0f7972ebf2c139700b0f34381 100644 (file)
--- a/xen.spec
+++ b/xen.spec
@@ -41,12 +41,12 @@
  Summary:       Xen - a virtual machine monitor
  Summary(pl.UTF-8):     Xen - monitor maszyny wirtualnej
  Name:          xen
-Version:       4.4.2
-Release:       2
+Version:       4.4.3
+Release:       1
  License:       GPL v2, interface parts on BSD-like
  Group:         Applications/System
  Source0:       http://bits.xensource.com/oss-xen/release/%{version}/%{name}-%{version}.tar.gz
-# Source0-md5: 1812261459564147e6b9105115c511aa
+# Source0-md5: fae37c3afc92e7d5d3e93fbe9b81ec2c
  # used by stubdoms
  Source10:      %{xen_extfiles_url}/lwip-1.3.0.tar.gz
  # Source10-md5:        36cc57650cffda9a0269493be2a169bb
@@ -118,6 +118,8 @@ Patch16:    %{name}-gmp-abi.patch
  Patch17:       xsa99.patch
  Patch18:       %{name}-make.patch
  Patch19:       %{name}-no_Werror.patch
+# http://git.alpinelinux.org/cgit/aports/plain/main/xen/gnutls-3.4.0.patch
+Patch20:       %{name}-gnutls-3.4.patch
  URL:           http://www.xen.org/products/xenhyp.html
  %if %{with qemu_traditional}
  %{?with_opengl:BuildRequires:  OpenGL-devel}
@@ -430,6 +432,7 @@ Nadzorca Xen w postaci, która może być uruchomiona wprost z firmware
  %patch17 -p1
  %patch18 -p1
  %patch19 -p1
+%patch20 -p1
  
  # stubdom sources
  ln -s %{SOURCE10} %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} stubdom
author	Jakub Bogusz <qboosh@pld-linux.org>
	Thu, 1 Oct 2015 13:34:21 +0000 (15:34 +0200)
committer	Jakub Bogusz <qboosh@pld-linux.org>
	Thu, 1 Oct 2015 13:34:21 +0000 (15:34 +0200)
xen-gnutls-3.4.patch	[new file with mode: 0644]	patch \| blob
xen.spec		patch \| blob \| blame \| history