1 |
abcd 10/07/01 22:43:22 |
2 |
|
3 |
Added: libsoup-2.30.2-disable-tls1.2.patch |
4 |
Log: |
5 |
Add fix for new versions of gnutls (bug #307343, GNOME bug #622857) |
6 |
(Portage version: 2.2_rc67/cvs/Linux i686) |
7 |
|
8 |
Revision Changes Path |
9 |
1.1 net-libs/libsoup/files/libsoup-2.30.2-disable-tls1.2.patch |
10 |
|
11 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-libs/libsoup/files/libsoup-2.30.2-disable-tls1.2.patch?rev=1.1&view=markup |
12 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-libs/libsoup/files/libsoup-2.30.2-disable-tls1.2.patch?rev=1.1&content-type=text/plain |
13 |
|
14 |
Index: libsoup-2.30.2-disable-tls1.2.patch |
15 |
=================================================================== |
16 |
Fix for bug #307343 (GNOME bug #622857), disabling TLS1.2 |
17 |
--- |
18 |
From 01a43ad9824fba77384534c6d588e0e0d653986e Mon Sep 17 00:00:00 2001 |
19 |
From: Dan Winship <danw@×××××.org> |
20 |
Date: Tue, 29 Jun 2010 13:43:20 +0000 |
21 |
Subject: Disable TLS 1.2 in addition to 1.0 and 1.1 |
22 |
|
23 |
Due to bug 581342 we want to only negotiate SSL 3.0. Previously we |
24 |
were telling gnutls to not do TLS1.0 or TLS1.1, but that means with |
25 |
newer versions of gnutls that support TLS1.2 it would try to negotiate |
26 |
that instead and generally fail. Fix that by disabling TLS1.2 too |
27 |
(which works fine even with gnutls versions that don't support TLS1.2 |
28 |
yet). |
29 |
|
30 |
https://bugzilla.gnome.org/show_bug.cgi?id=622857 |
31 |
--- |
32 |
diff --git a/libsoup/soup-gnutls.c b/libsoup/soup-gnutls.c |
33 |
index cb0fbe5..0b57f28 100644 |
34 |
--- a/libsoup/soup-gnutls.c |
35 |
+++ b/libsoup/soup-gnutls.c |
36 |
@@ -477,7 +477,7 @@ soup_ssl_wrap_iochannel (GIOChannel *sock, gboolean non_blocking, |
37 |
goto THROW_CREATE_ERROR; |
38 |
|
39 |
/* See http://bugzilla.gnome.org/show_bug.cgi?id=581342 */ |
40 |
- if (gnutls_priority_set_direct (session, "NORMAL:!VERS-TLS1.1:!VERS-TLS1.0", NULL) != 0) |
41 |
+ if (gnutls_priority_set_direct (session, "NORMAL:!VERS-TLS1.2:!VERS-TLS1.1:!VERS-TLS1.0", NULL) != 0) |
42 |
goto THROW_CREATE_ERROR; |
43 |
|
44 |
if (gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, |
45 |
-- |
46 |
cgit v0.8.3.1 |