1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
aiccu.h, common.c, common.h: fixes for deprecated GNUTLS functions and types
resolver.c: fixes for selection of wrong resolver function under uclibc
Signed-off-by: Michael Rommel <rommel@layer-7.net>
diff -purN aiccu_20070115.orig/common/aiccu.h aiccu_20070115/common/aiccu.h
--- aiccu_20070115.orig/common/aiccu.h 2007-01-15 13:01:43.000000000 +0100
+++ aiccu_20070115/common/aiccu.h 2013-08-31 23:50:53.651936146 +0200
@@ -111,7 +111,7 @@ struct AICCU_conf
#endif
#ifdef AICCU_GNUTLS
- gnutls_certificate_credentials tls_cred; /* GNUTLS credentials */
+ gnutls_certificate_credentials_t tls_cred; /* GNUTLS credentials */
#endif
bool daemonize; /* Daemonize? */
diff -purN aiccu_20070115.orig/common/common.c aiccu_20070115/common/common.c
--- aiccu_20070115.orig/common/common.c 2006-12-21 15:08:50.000000000 +0100
+++ aiccu_20070115/common/common.c 2013-09-01 01:21:36.031396740 +0200
@@ -271,9 +271,8 @@ TLSSOCKET sock_alloc(void);
TLSSOCKET sock_alloc(void)
{
#ifdef AICCU_GNUTLS
- /* Allow connections to servers that have OpenPGP keys as well */
- const int cert_type_priority[3] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
int ret;
+ const char *err;
#endif /* AICCU_GNUTLS*/
TLSSOCKET sock;
@@ -297,11 +296,16 @@ TLSSOCKET sock_alloc(void)
}
/* Use default priorities */
- gnutls_set_default_priority(sock->session);
- /* XXX: Return value is not documented in GNUTLS documentation! */
-
- gnutls_certificate_type_set_priority(sock->session, cert_type_priority);
- /* XXX: Return value is not documented in GNUTLS documentation! */
+ ret = gnutls_priority_set_direct(sock->session, "NORMAL", &err);
+ if (ret < 0)
+ {
+ if (ret == GNUTLS_E_INVALID_REQUEST)
+ {
+ dolog( LOG_ERR, "TLS set priority failed, syntax error at: %s\n", err);
+ }
+ free(sock);
+ return NULL;
+ }
/* Configure the x509 credentials for the current session */
gnutls_credentials_set(sock->session, GNUTLS_CRD_CERTIFICATE, g_aiccu->tls_cred);
@@ -474,7 +478,7 @@ bool sock_gotls(TLSSOCKET sock)
}
/* Set the transport */
- gnutls_transport_set_ptr(sock->session, (gnutls_transport_ptr)sock->socket);
+ gnutls_transport_set_ptr(sock->session, (gnutls_transport_ptr_t) sock->socket);
/* Perform the TLS handshake */
ret = gnutls_handshake(sock->session);
diff -purN aiccu_20070115.orig/common/common.h aiccu_20070115/common/common.h
--- aiccu_20070115.orig/common/common.h 2007-01-11 15:50:51.000000000 +0100
+++ aiccu_20070115/common/common.h 2013-08-31 23:26:13.683659455 +0200
@@ -381,7 +381,7 @@ struct tlssocket
SOCKET socket;
#ifdef AICCU_GNUTLS
bool tls_active; /* TLS active? */
- gnutls_session session; /* The GnuTLS sesision */
+ gnutls_session_t session; /* The GnuTLS sesision */
#endif
};
diff -purN aiccu_20070115.orig/common/resolver.c aiccu_20070115/common/resolver.c
--- aiccu_20070115.orig/common/resolver.c 2006-07-23 16:55:14.000000000 +0200
+++ aiccu_20070115/common/resolver.c 2013-08-31 23:44:31.574866862 +0200
@@ -26,7 +26,7 @@
int getrrs(const char *label, int rrtype, void gotrec(unsigned int num, int type, const char *record))
{
-#ifdef _LINUX
+#if defined(_LINUX) && !defined(__UCLIBC__)
struct __res_state res;
#endif
unsigned char answer[8192];
@@ -38,7 +38,7 @@ int getrrs(const char *label, int rrtype
uint16_t type = 0, class = 0;
uint32_t ttl = 0;
-#ifdef _LINUX
+#if defined(_LINUX) && !defined(__UCLIBC__)
memset(&res, 0, sizeof(res));
res.options = RES_DEBUG;
res_ninit(&res);
@@ -47,7 +47,7 @@ int getrrs(const char *label, int rrtype
#endif
memset(answer, 0, sizeof(answer));
-#ifdef _LINUX
+#if defined(_LINUX) && !defined(__UCLIBC__)
ret = res_nquery(&res, label, C_IN, rrtype, answer, sizeof(answer));
#else
ret = res_query(label, C_IN, rrtype, answer, sizeof(answer));
|