[Pidgin] #14365: GG in 2.9.0 doesn't build against older GnuTLS versions

Pidgin trac at pidgin.im
Sun Jul 3 16:05:31 EDT 2011


#14365: GG in 2.9.0 doesn't build against older GnuTLS versions
------------------------+---------------------------------------------------
 Reporter:  darkrain42  |        Owner:  darkrain42
     Type:  patch       |       Status:  new       
Milestone:  2.9.1       |    Component:  Gadu-Gadu 
  Version:  2.9.0       |   Resolution:            
 Keywords:              |  
------------------------+---------------------------------------------------
Changes (by darkrain42):

  * type:  defect => patch


Comment:

 Looking at the `gnutls_priority_set_direct` call, all it's doing is
 disabling TLS.  Any idea why? (is there a server which doesn't support
 TLS?)

 Mind trying this patch, which uses the same default priority strings as
 libpurple:

 {{{
 --- libpurple/protocols/gg/lib/libgadu.c
 8513cccaeb9a844af5c923464197d2d0eeb76856
 +++ libpurple/protocols/gg/lib/libgadu.c
 b9aa8167b01372c0b8bb1d06cd4e3aed56401712
 @@ -893,7 +893,14 @@ struct gg_session *gg_login(const struct
                 gnutls_global_init();
                 gnutls_certificate_allocate_credentials(&tmp->xcred);
                 gnutls_init(&tmp->session, GNUTLS_CLIENT);
 -               gnutls_priority_set_direct(tmp->session, "NORMAL:-VERS-
 TLS", NULL);
 +#ifdef HAVE_GNUTLS_PRIORITY_FUNCS
 +               if (GNUTLS_E_SUCCESS !=
 gnutls_priority_set_direct(tmp->session, "NORMAL:%SSL3_RECORD_VERSION",
 NULL)) {
 +                       gnutls_priority_set_direct(tmp->session, "NORMAL",
 NULL);
 +               }
 +#else
 +       gnutls_set_default_priority(tmp->session);
 +#endif
 +//             gnutls_priority_set_direct(tmp->session, "NORMAL:-VERS-
 TLS", NULL);
  //             gnutls_priority_set_direct(tmp->session, "NONE:+VERS-
 SSL3.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL", NULL);
                 gnutls_credentials_set(tmp->session,
 GNUTLS_CRD_CERTIFICATE, tmp->xcred);
  #elif defined(GG_CONFIG_HAVE_OPENSSL)
 }}}

 I can't verify this fully works (I don't have a valid gg account), but an
 SSL handshake during login is succeeding.

-- 
Ticket URL: <http://developer.pidgin.im/ticket/14365#comment:3>
Pidgin <http://pidgin.im>
Pidgin


More information about the Tracker mailing list