Fix GNU TLS fallout.

author: joerg <joerg@pkgsrc.org> 2016-10-01 13:03:10 +0000
committer: joerg <joerg@pkgsrc.org> 2016-10-01 13:03:10 +0000
commit: bfac49e744bbef72e4449894fb0d911eb019810c (patch)
tree: ee754dbb645271d6499ef25c8c4b21a097d6b2ef /mail/wmbiff
parent: 2babe542ba7bd0913fd2de99da21275d7a6cf2ac (diff)
download: pkgsrc-bfac49e744bbef72e4449894fb0d911eb019810c.tar.gz
2 files changed, 33 insertions, 3 deletions
diff --git a/mail/wmbiff/distinfo b/mail/wmbiff/distinfo
index f4f698f932f..464248db761 100644
--- a/mail/wmbiff/distinfo
+++ b/mail/wmbiff/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.17 2015/11/03 23:27:24 agc Exp $
+$NetBSD: distinfo,v 1.18 2016/10/01 13:03:10 joerg Exp $
 
 SHA1 (wmbiff-0.4.26.tar.gz) = cb2fc49bc741209c22d8a50f0f164e34c4a9332d
 RMD160 (wmbiff-0.4.26.tar.gz) = f5ccb17fb6846283cb7cde7996310a65600a8883
@@ -6,5 +6,5 @@ SHA512 (wmbiff-0.4.26.tar.gz) = e9fb1c9b35cd3a7d6854339be46a3ea791f41c3ece565d3a
 Size (wmbiff-0.4.26.tar.gz) = 200237 bytes
 SHA1 (patch-aa) = 0a4607f2e5d6d3066d9b9994665b659dfbcc003b
 SHA1 (patch-ab) = d84f1c4333d7c192748f5170460563ae7fe0955d
-SHA1 (patch-ac) = 338ead6affeec348315c5cedd5cf413e7652abac
+SHA1 (patch-ac) = 8c7da1f23d72c3530d33f1faa141d39a7a8b84da
 SHA1 (patch-wmbiff_gnutls-common.c) = 645e2c2f463d20cf063f4a2ab0c6268daaa0cc85
diff --git a/mail/wmbiff/patches/patch-ac b/mail/wmbiff/patches/patch-ac
index dfb5309a027..058cd716556 100644
--- a/mail/wmbiff/patches/patch-ac
+++ b/mail/wmbiff/patches/patch-ac
@@ -1,4 +1,4 @@
-$NetBSD: patch-ac,v 1.8 2013/01/17 15:55:31 joerg Exp $
+$NetBSD: patch-ac,v 1.9 2016/10/01 13:03:10 joerg Exp $
 
 --- wmbiff/tlsComm.c.orig	2004-10-11 00:29:47.000000000 +0000
 +++ wmbiff/tlsComm.c
@@ -35,3 +35,33 @@ $NetBSD: patch-ac,v 1.8 2013/01/17 15:55:31 joerg Exp $
  	}
  
  	if (gnutls_x509_crt_init(&cert) < 0) {
+@@ -495,27 +497,9 @@ struct connection_state *initialize_gnut
+ 	}
+ 
+ 	assert(gnutls_init(&scs->tls_state, GNUTLS_CLIENT) == 0);
++	assert(gnutls_set_default_priority(&scs->tls_state) == 0);
++
+ 	{
+-		const int protocols[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
+-		const int ciphers[] =
+-			{ GNUTLS_CIPHER_RIJNDAEL_128_CBC, GNUTLS_CIPHER_3DES_CBC,
+-			GNUTLS_CIPHER_RIJNDAEL_256_CBC,
+-			GNUTLS_CIPHER_ARCFOUR, 0
+-		};
+-		const int compress[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
+-		const int key_exch[] = { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS,
+-			GNUTLS_KX_DHE_RSA, 0
+-		};
+-		/* mutt with gnutls doesn't use kx_srp or kx_anon_dh */
+-		const int mac[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
+-		assert(gnutls_protocol_set_priority(scs->tls_state, protocols) ==
+-			   0);
+-		assert(gnutls_cipher_set_priority(scs->tls_state, ciphers) == 0);
+-		assert(gnutls_compression_set_priority(scs->tls_state, compress) ==
+-			   0);
+-		assert(gnutls_kx_set_priority(scs->tls_state, key_exch) == 0);
+-		assert(gnutls_mac_set_priority(scs->tls_state, mac) == 0);
+-		/* no client private key */
+ 		if (gnutls_certificate_allocate_credentials(&scs->xcred) < 0) {
+ 			DMA(DEBUG_ERROR, "gnutls memory error\n");
+ 			exit(1);
author	joerg <joerg@pkgsrc.org>	2016-10-01 13:03:10 +0000
committer	joerg <joerg@pkgsrc.org>	2016-10-01 13:03:10 +0000
commit	bfac49e744bbef72e4449894fb0d911eb019810c (patch)
tree	ee754dbb645271d6499ef25c8c4b21a097d6b2ef /mail/wmbiff
parent	2babe542ba7bd0913fd2de99da21275d7a6cf2ac (diff)
download	pkgsrc-bfac49e744bbef72e4449894fb0d911eb019810c.tar.gz