Fix a linker error on systems with an older gnutls version.

2011-08-10 21:35:59 +02:00 · 2011-08-10 21:35:59 +02:00 · 228299b4f7
parent aa05df65c4
commit 228299b4f7
4 changed files with 42 additions and 1 deletions
--- a/6
+++ b/6
@ -1,3 +1,9 @@
+2011-08-10  Giuseppe Scrivano  <gscrivano@gnu.org>
+
+	* configure.ac: Check for `gnutls_priority_set_direct' when gnutls is
+	used.
+	Reported by: Karl Berry<karl@freefriends.org>
+
 2011-08-09  Giuseppe Scrivano  <gscrivano@southpole.se>

 	* build-aux/bzr-version-gen: Fix some portability issues.
--- a/configure.ac
+++ b/configure.ac
@ -298,6 +298,8 @@ AS_IF([test x"$with_ssl" = xopenssl], [
    else
      AC_MSG_ERROR([--with-ssl was given, but GNUTLS is not available.])
    fi
+
+    AC_CHECK_FUNCS(gnutls_priority_set_direct)
  ]) # endif: --with-ssl == no?
 ]) # endif: --with-ssl == openssl?

--- a/src/ChangeLog
+++ b/src/ChangeLog
@ -1,3 +1,11 @@
+2011-08-10  Giuseppe Scrivano  <gscrivano@gnu.org>
+
+	Fix a linker error on systems with an older gnutls version.
+	* gnutls.c (ssl_connect_wget)
+	[HAVE_GNUTLS_PRIORITY_SET_DIRECT]:  Use gnutls_priority_set_direct.
+	[! HAVE_GNUTLS_PRIORITY_SET_DIRECT]:  Use gnutls_protocol_set_priority.
+	Reported by: Karl Berry<karl@freefriends.org>
+
 2011-08-06  Jochen Roderburg <Roderburg@Uni-Koeln.DE>

 	* host.c (lookup_host): Ensure it doesn't print more IPs than available
--- a/src/gnutls.c
+++ b/src/gnutls.c
@ -191,7 +191,7 @@ wgnutls_peek (int fd, char *buf, int bufsize, void *arg)
      else
        read = gnutls_record_recv (ctx->session, buf + offset,
                                   bufsize - offset);
-        
+
      if (read < 0)
        {
          if (offset)
@ -256,6 +256,7 @@ ssl_connect_wget (int fd)
  gnutls_transport_set_ptr (session, (gnutls_transport_ptr) FD_TO_SOCKET (fd));

  err = 0;
+#if HAVE_GNUTLS_PRIORITY_SET_DIRECT
  switch (opt.secure_protocol)
    {
    case secure_protocol_auto:
@ -270,6 +271,30 @@ ssl_connect_wget (int fd)
    default:
      abort ();
    }
+#else
+  int allowed_protocols[4] = {0, 0, 0, 0};
+  switch (opt.secure_protocol)
+    {
+    case secure_protocol_auto:
+      break;
+    case secure_protocol_sslv2:
+    case secure_protocol_sslv3:
+      allowed_protocols[0] = GNUTLS_SSL3;
+      err = gnutls_protocol_set_priority (session, allowed_protocols);
+      break;
+
+    case secure_protocol_tlsv1:
+      allowed_protocols[0] = GNUTLS_TLS1_0;
+      allowed_protocols[1] = GNUTLS_TLS1_1;
+      allowed_protocols[2] = GNUTLS_TLS1_2;
+      err = gnutls_protocol_set_priority (session, allowed_protocols);
+      break;
+
+    default:
+      abort ();
+    }
+#endif
+
  if (err < 0)
    {
      logprintf (LOG_NOTQUIET, "GnuTLS: %s\n", gnutls_strerror (err));