Forgot the patch

2016-02-18 22:57:32 +01:00 · 2016-02-18 22:57:32 +01:00 · 8d8afcd7d4
commit 8d8afcd7d4
parent 5cfbd79443
1 changed files with 53 additions and 0 deletions
--- a/0001-Add-support-for-using-gnutls-system-wide-crypto-poli.patch
+++ b/0001-Add-support-for-using-gnutls-system-wide-crypto-poli.patch
@ -0,0 +1,53 @@
+From 48a94ee1ef77d26718edd3d5892a2555194e2b8f Mon Sep 17 00:00:00 2001
+From: Athmane Madjoudj <athmane@fedoraproject.org>
+Date: Tue, 16 Feb 2016 23:09:54 +0100
+Subject: [PATCH] Add support for using gnutls system wide crypto policy
+
+---
+ configure.ac               | 7 +++++++
+ src/LibgnutlsTLSSession.cc | 4 ++++
+ 2 files changed, 11 insertions(+)
+
+diff --git a/configure.ac b/configure.ac
+index e71db40..50d60bf 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -95,6 +95,13 @@ AC_ARG_WITH([bashcompletiondir],
+ 
+ AC_ARG_VAR([ARIA2_STATIC], [Set 'yes' to build a statically linked aria2])
+ 
+AC_ARG_ENABLE([gnutls-system-crypto-policy],
+    AS_HELP_STRING([--enable-gnutls-system-crypto-policy], [Enable gnutls system wide crypto policy]))
+
+AS_IF([test "x$enable_gnutls_system_crypto_policy" = "xyes"], [
+  AC_DEFINE([USE_GNUTLS_SYSTEM_CRYPTO_POLICY], [1], [Define to 1 if using gnutls system wide crypto policy .])
+])
+
+ # Checks for programs.
+ AC_PROG_CXX
+ AC_PROG_CC
+diff --git a/src/LibgnutlsTLSSession.cc b/src/LibgnutlsTLSSession.cc
+index 37523d9..21196bc 100644
+--- a/src/LibgnutlsTLSSession.cc
+++ b/src/LibgnutlsTLSSession.cc
+@@ -128,6 +128,9 @@ int GnuTLSSession::init(sock_t sockfd)
+   // It seems err is not error message, but the argument string
+   // which causes syntax error.
+   const char* err;
+#ifdef USE_GNUTLS_SYSTEM_CRYPTO_POLICY
+  rv_ = gnutls_priority_set_direct(sslSession_, "@SYSTEM", &err);
+#else
+   std::string pri = "SECURE128:+SIGN-RSA-SHA1";
+   switch (tlsContext_->getMinTLSVersion()) {
+   case TLS_PROTO_TLS12:
+@@ -142,6 +145,7 @@ int GnuTLSSession::init(sock_t sockfd)
+     break;
+   };
+   rv_ = gnutls_priority_set_direct(sslSession_, pri.c_str(), &err);
+#endif  
+   if (rv_ != GNUTLS_E_SUCCESS) {
+     return TLS_ERR_ERROR;
+   }
+-- 
+2.5.0
+