[Pkg-wmaker-commits] [wmbiff] 50/92: Imported Debian patch 0.4.27-2.3

[Doug Torrance]

This is an automated email from the git hooks/post-receive script.

dtorrance-guest pushed a commit to branch master
in repository wmbiff.

commit 7bde83ad2400ff1a62140373fdfde193ccc4bdb7
Author: Andreas Metzler <ametzler at debian.org>
Date:   Sun Nov 2 08:04:00 2014 +0100

    Imported Debian patch 0.4.27-2.3
---
 debian/changelog                                   | 12 +++++++
 debian/patches/20_gnutls_set_default_priority.diff | 40 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 3 files changed, 53 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index fc5f9cb..04b313e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+wmbiff (0.4.27-2.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * 20_gnutls_set_default_priority.diff: Use gnutls_set_default_priority()
+    to get GnuTLS upstream's recommended default values (SSL/TLS versions,
+    ciphers, et al.) instead of setting local defaults using the deprecated
+    gnutls_cipher_set_priority/gnutls_protocol_set_priority/... functions.
+    This fixes transmission errors to modern systems. Closes: #759259
+    (Thanks to Nye Liu for debugging the issue and finding the solution.)
+
+ -- Andreas Metzler <ametzler at debian.org>  Sun, 02 Nov 2014 08:04:00 +0100
+
 wmbiff (0.4.27-2.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff --git a/debian/patches/20_gnutls_set_default_priority.diff b/debian/patches/20_gnutls_set_default_priority.diff
new file mode 100644
index 0000000..a65215a
--- /dev/null
+++ b/debian/patches/20_gnutls_set_default_priority.diff
@@ -0,0 +1,40 @@
+Description: Use gnutls_set_default_priority() to get GnuTLS upstream's
+ recommended default values (SSL/TLS versions, ciphers, et al.) instead
+ of setting local defaults using the deprecated
+ gnutls_cipher_set_priority/gnutls_protocol_set_priority/...
+ functions.
+Author: Andreas Metzler <ametzler at debian.org>, Nye Liu <nyet at nyet.org>
+Bug-Debian: https://bugs.debian.org/759259
+Origin: vendor
+Forwarded: no
+Last-Update: 2014-11-02
+
+--- a/wmbiff/tlsComm.c
++++ b/wmbiff/tlsComm.c
+@@ -553,25 +553,7 @@ struct connection_state *initialize_gnut
+ 
+ 	assert(gnutls_init(&scs->tls_state, GNUTLS_CLIENT) == 0);
+ 	{
+-		const int protocols[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
+-		const int ciphers[] =
+-			{ GNUTLS_CIPHER_RIJNDAEL_128_CBC, GNUTLS_CIPHER_3DES_CBC,
+-			GNUTLS_CIPHER_RIJNDAEL_256_CBC,
+-			GNUTLS_CIPHER_ARCFOUR, 0
+-		};
+-		const int compress[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
+-		const int key_exch[] = { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS,
+-			GNUTLS_KX_DHE_RSA, 0
+-		};
+-		/* mutt with gnutls doesn't use kx_srp or kx_anon_dh */
+-		const int mac[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
+-		assert(gnutls_protocol_set_priority(scs->tls_state, protocols) ==
+-			   0);
+-		assert(gnutls_cipher_set_priority(scs->tls_state, ciphers) == 0);
+-		assert(gnutls_compression_set_priority(scs->tls_state, compress) ==
+-			   0);
+-		assert(gnutls_kx_set_priority(scs->tls_state, key_exch) == 0);
+-		assert(gnutls_mac_set_priority(scs->tls_state, mac) == 0);
++		assert(gnutls_set_default_priority(scs->tls_state) == 0);
+ 		/* no client private key */
+ 		if (gnutls_certificate_allocate_credentials(&scs->xcred) < 0) {
+ 			DMA(DEBUG_ERROR, "gnutls memory error\n");
diff --git a/debian/patches/series b/debian/patches/series
index 5fefdc9..ae5796a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,3 +2,4 @@
 11_autoconfgenchanges.diff
 15_no_more_LZO.diff
 16_gnutls_deprecated.diff
+20_gnutls_set_default_priority.diff

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-wmaker/wmbiff.git