Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Jonathan Callen (abcd)" <abcd@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in net-libs/libsoup/files: libsoup-2.30.2-disable-tls1.2.patch
Date: Thu, 01 Jul 2010 22:43:25
Message-Id: 20100701224322.641FF2C621@corvid.gentoo.org
1 abcd 10/07/01 22:43:22
2
3 Added: libsoup-2.30.2-disable-tls1.2.patch
4 Log:
5 Add fix for new versions of gnutls (bug #307343, GNOME bug #622857)
6 (Portage version: 2.2_rc67/cvs/Linux i686)
7
8 Revision Changes Path
9 1.1 net-libs/libsoup/files/libsoup-2.30.2-disable-tls1.2.patch
10
11 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-libs/libsoup/files/libsoup-2.30.2-disable-tls1.2.patch?rev=1.1&view=markup
12 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-libs/libsoup/files/libsoup-2.30.2-disable-tls1.2.patch?rev=1.1&content-type=text/plain
13
14 Index: libsoup-2.30.2-disable-tls1.2.patch
15 ===================================================================
16 Fix for bug #307343 (GNOME bug #622857), disabling TLS1.2
17 ---
18 From 01a43ad9824fba77384534c6d588e0e0d653986e Mon Sep 17 00:00:00 2001
19 From: Dan Winship <danw@×××××.org>
20 Date: Tue, 29 Jun 2010 13:43:20 +0000
21 Subject: Disable TLS 1.2 in addition to 1.0 and 1.1
22
23 Due to bug 581342 we want to only negotiate SSL 3.0. Previously we
24 were telling gnutls to not do TLS1.0 or TLS1.1, but that means with
25 newer versions of gnutls that support TLS1.2 it would try to negotiate
26 that instead and generally fail. Fix that by disabling TLS1.2 too
27 (which works fine even with gnutls versions that don't support TLS1.2
28 yet).
29
30 https://bugzilla.gnome.org/show_bug.cgi?id=622857
31 ---
32 diff --git a/libsoup/soup-gnutls.c b/libsoup/soup-gnutls.c
33 index cb0fbe5..0b57f28 100644
34 --- a/libsoup/soup-gnutls.c
35 +++ b/libsoup/soup-gnutls.c
36 @@ -477,7 +477,7 @@ soup_ssl_wrap_iochannel (GIOChannel *sock, gboolean non_blocking,
37 goto THROW_CREATE_ERROR;
38
39 /* See http://bugzilla.gnome.org/show_bug.cgi?id=581342 */
40 - if (gnutls_priority_set_direct (session, "NORMAL:!VERS-TLS1.1:!VERS-TLS1.0", NULL) != 0)
41 + if (gnutls_priority_set_direct (session, "NORMAL:!VERS-TLS1.2:!VERS-TLS1.1:!VERS-TLS1.0", NULL) != 0)
42 goto THROW_CREATE_ERROR;
43
44 if (gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE,
45 --
46 cgit v0.8.3.1
Report Message
Find on MARC Find on Google Groups