libratbox: gnutls: add gnutls 3.4 support (closes #123)
This commit is contained in:
parent
1ce6270904
commit
e253d010ed
1 changed files with 15 additions and 4 deletions
|
@ -46,9 +46,13 @@ static gnutls_priority_t default_priority;
|
||||||
static unsigned int x509_cert_count;
|
static unsigned int x509_cert_count;
|
||||||
static gnutls_x509_crt_t x509_cert[MAX_CERTS];
|
static gnutls_x509_crt_t x509_cert[MAX_CERTS];
|
||||||
static gnutls_x509_privkey_t x509_key;
|
static gnutls_x509_privkey_t x509_key;
|
||||||
|
#if GNUTLS_VERSION_MAJOR < 3
|
||||||
static int cert_callback(gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, int nreqs,
|
static int cert_callback(gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, int nreqs,
|
||||||
const gnutls_pk_algorithm_t *sign_algos, int sign_algos_len, gnutls_retr_st *st);
|
const gnutls_pk_algorithm_t *sign_algos, int sign_algos_len, gnutls_retr_st *st);
|
||||||
|
#else
|
||||||
|
static int cert_callback(gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, int nreqs,
|
||||||
|
const gnutls_pk_algorithm_t *sign_algos, int sign_algos_len, gnutls_retr2_st *st);
|
||||||
|
#endif
|
||||||
|
|
||||||
#define SSL_P(x) *((gnutls_session_t *)F->ssl)
|
#define SSL_P(x) *((gnutls_session_t *)F->ssl)
|
||||||
|
|
||||||
|
@ -271,10 +275,11 @@ rb_init_ssl(void)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* This should be changed to gnutls_certificate_set_retrieve_function2 once
|
#if GNUTLS_VERSION_MAJOR < 3
|
||||||
* everyone in the world has upgraded to GnuTLS 3.
|
|
||||||
*/
|
|
||||||
gnutls_certificate_client_set_retrieve_function(x509, cert_callback);
|
gnutls_certificate_client_set_retrieve_function(x509, cert_callback);
|
||||||
|
#else
|
||||||
|
gnutls_certificate_set_retrieve_function(x509, cert_callback);
|
||||||
|
#endif
|
||||||
|
|
||||||
rb_event_addish("rb_gcry_random_seed", rb_gcry_random_seed, NULL, 300);
|
rb_event_addish("rb_gcry_random_seed", rb_gcry_random_seed, NULL, 300);
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -287,9 +292,15 @@ rb_init_ssl(void)
|
||||||
* as it breaks fingerprint auth. Thus, we use this callback to force GnuTLS to always
|
* as it breaks fingerprint auth. Thus, we use this callback to force GnuTLS to always
|
||||||
* authenticate with our certificate at all times.
|
* authenticate with our certificate at all times.
|
||||||
*/
|
*/
|
||||||
|
#if GNUTLS_VERSION_MAJOR < 3
|
||||||
static int
|
static int
|
||||||
cert_callback(gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, int nreqs,
|
cert_callback(gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, int nreqs,
|
||||||
const gnutls_pk_algorithm_t *sign_algos, int sign_algos_len, gnutls_retr_st *st)
|
const gnutls_pk_algorithm_t *sign_algos, int sign_algos_len, gnutls_retr_st *st)
|
||||||
|
#else
|
||||||
|
static int
|
||||||
|
cert_callback(gnutls_session_t session, const gnutls_datum_t *req_ca_rdn, int nreqs,
|
||||||
|
const gnutls_pk_algorithm_t *sign_algos, int sign_algos_len, gnutls_retr2_st *st)
|
||||||
|
#endif
|
||||||
{
|
{
|
||||||
/* XXX - ugly hack. Tell GnuTLS to use the first (only) certificate we have for auth. */
|
/* XXX - ugly hack. Tell GnuTLS to use the first (only) certificate we have for auth. */
|
||||||
st->type = GNUTLS_CRT_X509;
|
st->type = GNUTLS_CRT_X509;
|
||||||
|
|
Loading…
Reference in a new issue