diff options
| author | Vincent Richard <[email protected]> | 2011-06-26 08:19:11 +0000 |
|---|---|---|
| committer | Vincent Richard <[email protected]> | 2011-06-26 08:19:11 +0000 |
| commit | 4365a126e370ba70ad9a2cb2533a6c5b34d3b6e2 (patch) | |
| tree | f9be7b7a8f6ec490ed7d0cae93ee7980efe97d7e | |
| parent | Fixed parsing of empty body parts (thanks to John van der Kamp, from Zarafa). (diff) | |
| download | vmime-4365a126e370ba70ad9a2cb2533a6c5b34d3b6e2.tar.gz vmime-4365a126e370ba70ad9a2cb2533a6c5b34d3b6e2.zip | |
Use gnutls_priority_set_direct() instead of GNUTLS deprecated functions.
| -rw-r--r-- | SConstruct | 33 | ||||
| -rw-r--r-- | src/net/tls/TLSSession.cpp | 17 |
2 files changed, 50 insertions, 0 deletions
@@ -816,6 +816,7 @@ else: config_hpp.write('// -- TLS/SSL support\n') if env['with_tls'] == 'yes': config_hpp.write('#define VMIME_HAVE_TLS_SUPPORT 1\n') + config_hpp.write('#define HAVE_GNUTLS_PRIORITY_FUNCS 1\n') else: config_hpp.write('#define VMIME_HAVE_TLS_SUPPORT 0\n') @@ -1626,11 +1627,42 @@ if test "x$conf_tls" = "xyes"; then else AC_MSG_ERROR(can't find an usable version of GNU TLS library) fi + + # -- check for gnutls_priority_set_direct() function + if test "x$have_gnutls" = "xyes"; then + AC_MSG_CHECKING(for gnutls_priority_set_direct) + + LIBS_save="$LIBS" + LIBS="$LIBS $LIBGNUTLS_LIBS" + CPPFLAGS_save="$CPPFLAGS" + CPPFLAGS="$CPPFLAGS $LIBGNUTLS_CFLAGS" + + AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <gnutls/gnutls.h>], + [gnutls_session s; gnutls_priority_set_direct(s, NULL, NULL);])], + [have_gnutls_priority_funcs=yes], + [have_gnutls_priority_funcs=no]) + + CPPFLAGS="$CPPFLAGS_save" + LIBS="$LIBS_save" + + AC_MSG_RESULT([$have_gnutls_priority_funcs]) + + if test "x$have_gnutls_priority_funcs" = "xyes"; then + AM_CONDITIONAL(HAVE_GNUTLS_PRIORITY_FUNCS, true) + HAVE_GNUTLS_PRIORITY_FUNCS=1 + else + AM_CONDITIONAL(HAVE_GNUTLS_PRIORITY_FUNCS, false) + HAVE_GNUTLS_PRIORITY_FUNCS=0 + fi + fi else AM_CONDITIONAL(VMIME_HAVE_TLS_SUPPORT, false) VMIME_HAVE_TLS_SUPPORT=0 fi +AC_SUBST(LIBGNUTLS_CFLAGS) +AC_SUBST(LIBGNUTLS_LIBS) + # ** platform handlers VMIME_BUILTIN_PLATFORMS='' @@ -1919,6 +1951,7 @@ typedef unsigned ${VMIME_TYPE_INT32} vmime_uint32; #define VMIME_HAVE_SASL_SUPPORT ${VMIME_HAVE_SASL_SUPPORT} // -- TLS support #define VMIME_HAVE_TLS_SUPPORT ${VMIME_HAVE_TLS_SUPPORT} +#define HAVE_GNUTLS_PRIORITY_FUNCS ${HAVE_GNUTLS_PRIORITY_FUNCS} // -- Messaging support #define VMIME_HAVE_MESSAGING_FEATURES ${VMIME_HAVE_MESSAGING_FEATURES} """) diff --git a/src/net/tls/TLSSession.cpp b/src/net/tls/TLSSession.cpp index 010c0071..af73a05c 100644 --- a/src/net/tls/TLSSession.cpp +++ b/src/net/tls/TLSSession.cpp @@ -123,6 +123,21 @@ TLSSession::TLSSession(ref <security::cert::certificateVerifier> cv) // Sets some default priority on the ciphers, key exchange methods, // macs and compression methods. +#if HAVE_GNUTLS_PRIORITY_FUNCS + + if ((res = gnutls_priority_set_direct + (*m_gnutlsSession, "NORMAL:%SSL3_RECORD_VERSION", NULL)) != 0) + { + if ((res = gnutls_priority_set_direct + (*m_gnutlsSession, "NORMAL", NULL)) != 0) + { + throwTLSException + ("gnutls_priority_set_direct", res); + } + } + +#else // !HAVE_GNUTLS_PRIORITY_FUNCS + gnutls_set_default_priority(*m_gnutlsSession); // Sets the priority on the certificate types supported by gnutls. @@ -197,6 +212,8 @@ TLSSession::TLSSession(ref <security::cert::certificateVerifier> cv) gnutls_compression_set_priority(*m_gnutlsSession, compressionPriority); +#endif // !HAVE_GNUTLS_PRIORITY_FUNCS + // Initialize credentials gnutls_credentials_set(*m_gnutlsSession, GNUTLS_CRD_ANON, g_gnutlsGlobal.anonCred); |