forked from gentoo/gentoo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
gnutls-3.4.patch
51 lines (49 loc) · 2.36 KB
/
gnutls-3.4.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
From 2a5868411c57e25802d2f16fd6b77601f10d0b72 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <[email protected]>
Date: Fri, 29 Apr 2016 22:58:34 +0200
Subject: [PATCH] Updated gnutls certificate callback to new API (backwards
compatible)
---
src/idevice.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/src/idevice.c b/src/idevice.c
index 5912aeb..f2de6a3 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -642,7 +642,11 @@ static const char *ssl_error_to_string(int e)
/**
* Internally used gnutls callback function that gets called during handshake.
*/
+#if GNUTLS_VERSION_NUMBER >= 0x020b07
+static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t * req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t * sign_algos, int sign_algos_length, gnutls_retr2_st * st)
+#else
static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t * req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t * sign_algos, int sign_algos_length, gnutls_retr_st * st)
+#endif
{
int res = -1;
gnutls_certificate_type_t type = gnutls_certificate_type_get(session);
@@ -650,7 +654,12 @@ static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t
ssl_data_t ssl_data = (ssl_data_t)gnutls_session_get_ptr(session);
if (ssl_data && ssl_data->host_privkey && ssl_data->host_cert) {
debug_info("Passing certificate");
+#if GNUTLS_VERSION_NUMBER >= 0x020b07
+ st->cert_type = type;
+ st->key_type = GNUTLS_PRIVKEY_X509;
+#else
st->type = type;
+#endif
st->ncerts = 1;
st->cert.x509 = &ssl_data->host_cert;
st->key.x509 = ssl_data->host_privkey;
@@ -759,7 +768,11 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
debug_info("enabling SSL mode");
errno = 0;
gnutls_certificate_allocate_credentials(&ssl_data_loc->certificate);
+#if GNUTLS_VERSION_NUMBER >= 0x020b07
+ gnutls_certificate_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback);
+#else
gnutls_certificate_client_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback);
+#endif
gnutls_init(&ssl_data_loc->session, GNUTLS_CLIENT);
gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-SSL3.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL);
gnutls_credentials_set(ssl_data_loc->session, GNUTLS_CRD_CERTIFICATE, ssl_data_loc->certificate);