| Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 1 | replace deprecated GnuTLS functions with newer ones if available |
| 2 | |
| 3 | Upstream-Status: Pending |
| 4 | |
| 5 | Signed-off-by: Armin Kuster <akuster808@gmail.com> |
| 6 | |
| 7 | Index: neon-0.30.1/macros/neon.m4 |
| 8 | =================================================================== |
| 9 | --- neon-0.30.1.orig/macros/neon.m4 |
| 10 | +++ neon-0.30.1/macros/neon.m4 |
| 11 | @@ -987,6 +987,10 @@ gnutls) |
| 12 | gnutls_certificate_get_x509_cas \ |
| 13 | gnutls_x509_crt_sign2]) |
| 14 | |
| 15 | + # gnutls 4.3 check |
| 16 | + AC_CHECK_LIB(gnutls, gnutls_global_init) |
| 17 | + AC_CHECK_FUNCS(gnutls_certificate_set_retrieve_function,,) |
| 18 | + |
| 19 | # fail if gnutls_x509_crt_sign2 is not found (it was introduced in 1.2.0, which is required) |
| 20 | if test x${ac_cv_func_gnutls_x509_crt_sign2} != xyes; then |
| 21 | AC_MSG_ERROR([GnuTLS version predates gnutls_x509_crt_sign2, newer version required (at least 1.2.0)]) |
| 22 | Index: neon-0.30.1/src/ne_gnutls.c |
| 23 | =================================================================== |
| 24 | --- neon-0.30.1.orig/src/ne_gnutls.c |
| 25 | +++ neon-0.30.1/src/ne_gnutls.c |
| 26 | @@ -553,7 +553,13 @@ dup_error: |
| 27 | static int provide_client_cert(gnutls_session_t session, |
| 28 | const gnutls_datum_t *req_ca_rdn, int nreqs, |
| 29 | const gnutls_pk_algorithm_t *sign_algos, |
| 30 | - int sign_algos_length, gnutls_retr_st *st) |
| 31 | + int sign_algos_length, |
| 32 | +#if HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION |
| 33 | + gnutls_retr2_st* st |
| 34 | +#else |
| 35 | + gnutls_retr_st *st |
| 36 | +#endif |
| 37 | + ) |
| 38 | { |
| 39 | ne_session *sess = gnutls_session_get_ptr(session); |
| 40 | |
| 41 | @@ -617,8 +623,11 @@ static int provide_client_cert(gnutls_se |
| 42 | #endif |
| 43 | ) { |
| 44 | NE_DEBUG(NE_DBG_SSL, "Supplying client certificate.\n"); |
| 45 | - |
| 46 | +#if HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION |
| 47 | + st->cert_type = type; |
| 48 | +#else |
| 49 | st->type = type; |
| 50 | +#endif |
| 51 | st->ncerts = 1; |
| 52 | st->cert.x509 = &sess->client_cert->cert.subject; |
| 53 | st->key.x509 = sess->client_cert->pkey; |
| 54 | @@ -649,8 +658,14 @@ ne_ssl_context *ne_ssl_context_create(in |
| 55 | ne_ssl_context *ctx = ne_calloc(sizeof *ctx); |
| 56 | gnutls_certificate_allocate_credentials(&ctx->cred); |
| 57 | if (flags == NE_SSL_CTX_CLIENT) { |
| 58 | + |
| 59 | +#if HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION |
| 60 | + gnutls_certificate_set_retrieve_function(ctx->cred, |
| 61 | + provide_client_cert); |
| 62 | +#else |
| 63 | gnutls_certificate_client_set_retrieve_function(ctx->cred, |
| 64 | provide_client_cert); |
| 65 | +#endif |
| 66 | } |
| 67 | gnutls_certificate_set_verify_flags(ctx->cred, |
| 68 | GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT); |