Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 434246 Details for
Bug 582752
dev-libs/iksemel-1.4: FTBS with >=net-libs/gnutls-3.4.0
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch from Debian that fixes this and another issue
secure_gnutls_options.patch (text/plain), 1.62 KB, created by
Daniel Kenzelmann
on 2016-05-14 07:39:44 UTC
(
hide
)
Description:
patch from Debian that fixes this and another issue
Filename:
MIME Type:
Creator:
Daniel Kenzelmann
Created:
2016-05-14 07:39:44 UTC
Size:
1.62 KB
patch
obsolete
>Last-Update: 2015-10-28 >Bug-Upstream: https://github.com/meduketto/iksemel/issues/48 >Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803204 >From: Marc Dequènes (duck) <duck@duckcorp.org> >Description: fix security problem (and compatibility problem with servers rejecting low grade ciphers). > >--- a/src/stream.c >+++ b/src/stream.c >@@ -62,13 +62,9 @@ > > static int > handshake (struct stream_data *data) > { >- const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; >- const int kx_priority[] = { GNUTLS_KX_RSA, 0 }; >- const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0}; >- const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 }; >- const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 }; >+ const char *priority_string = "SECURE256:+SECURE192:-VERS-TLS-ALL:+VERS-TLS1.2"; > int ret; > > if (gnutls_global_init () != 0) > return IKS_NOMEM; >@@ -79,13 +75,9 @@ > if (gnutls_init (&data->sess, GNUTLS_CLIENT) != 0) { > gnutls_certificate_free_credentials (data->cred); > return IKS_NOMEM; > } >- gnutls_protocol_set_priority (data->sess, protocol_priority); >- gnutls_cipher_set_priority(data->sess, cipher_priority); >- gnutls_compression_set_priority(data->sess, comp_priority); >- gnutls_kx_set_priority(data->sess, kx_priority); >- gnutls_mac_set_priority(data->sess, mac_priority); >+ gnutls_priority_set_direct(data->sess, priority_string, NULL); > gnutls_credentials_set (data->sess, GNUTLS_CRD_CERTIFICATE, data->cred); > > gnutls_transport_set_push_function (data->sess, (gnutls_push_func) tls_push); > gnutls_transport_set_pull_function (data->sess, (gnutls_pull_func) tls_pull);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=434246">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 582752
:
434080
|
434082
|
434084
|
434086
| 434246
