Debian bug 528661: Check for gnutls_priority_set_direct

Avoid compilation error with GNUTLS 1.2.9:

/home/Kalle/src/elinks-0.12/src/network/ssl/ssl.c:258: error: implicit declaration of function ‘gnutls_priority_set_direct’

If the function is not available, use gnutls_set_default_priority instead.
Perhaps it'll work with bugzilla.novell.com, perhaps not.

NEWS

@@ -21,9 +21,9 @@ Incompatibilities:
 Other changes:
 
 * critical bug 1071: Fix crash in get_dom_node_child.
-* Debian bug 528661: If using GNUTLS, disable various TLS extensions
-  (including CERT and SERVERNAME) to help handshaking with the
-  SSLv3-only bugzilla.novell.com.
+* Debian bug 528661: If using GNUTLS 2.1.7 or later, disable various
+  TLS extensions (including CERT and SERVERNAME) to help handshaking
+  with the SSLv3-only bugzilla.novell.com.
 * Debian build bug 526349: Include asciidoc.py from AsciiDoc 7.1.2,
   to remove all dependencies on the installed version.
 * build enhancement: Recognize ``configure --without-tre''.

configure.in

@@ -1098,24 +1098,36 @@ else
 		GNUTLS_LIBS=`pkg-config --libs gnutls`
 		AC_MSG_RESULT([[yes: $GNUTLS_CFLAGS $GNUTLS_LIBS]])
 
-		# Verify if it's really usable.  gnutls_session was
-		# renamed to gnutls_session_t before GNU TLS 1.2.0
-		# (on 2004-06-13); ELinks now requires this.
-		AC_MSG_CHECKING([[whether GNUTLS can be linked with]])
 		EL_SAVE_FLAGS
 		LIBS="$GNUTLS_LIBS $LIBS"
 		CFLAGS="$CFLAGS $GNUTLS_CFLAGS"
 		CPPFLAGS="$CPPFLAGS $GNUTLS_CFLAGS"
+
+		# Verify if it's really usable.  gnutls_session was
+		# renamed to gnutls_session_t before GNU TLS 1.2.0
+		# (on 2004-06-13); ELinks now requires this.
+		AC_MSG_CHECKING([[whether GNUTLS can be linked with]])
 		AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <gnutls/gnutls.h>]],
 						[[gnutls_session_t dummy;
 						  gnutls_check_version(NULL)]])],
 			       [cf_result=yes],
 			       [cf_result=no])
-		EL_RESTORE_FLAGS
-	fi
-	# This can match either AC_MSG_CHECKING above.  A bit hacky...
 		AC_MSG_RESULT([[$cf_result]])
 
+		if test "$cf_result" = yes; then
+			# According to gnutls/NEWS, the function was originally
+			# added as gnutls_set_default_priority2 in GNUTLS 2.1.4
+			# (released 2007-10-27) and then renamed to
+			# gnutls_priority_set_direct in GNUTLS 2.1.7 (released
+			# 2007-11-29).
+			AC_CHECK_FUNCS([gnutls_priority_set_direct])
+		fi
+
+		EL_RESTORE_FLAGS
+	else
+		AC_MSG_RESULT([[$cf_result]])
+	fi
+
 	if test "$cf_result" = yes; then
 		EL_CONFIG(CONFIG_GNUTLS, [GNUTLS])
 		chosen_ssl_library="GNUTLS"

src/network/ssl/ssl.c

@@ -255,12 +255,15 @@ init_ssl_connection(struct socket *socket)
 		return S_SSL_ERROR;
 	}
 
+#ifdef HAVE_GNUTLS_PRIORITY_SET_DIRECT
 	if (gnutls_priority_set_direct(*state, "NORMAL:-CTYPE-OPENPGP", NULL)) {
 		gnutls_deinit(*state);
 		mem_free(state);
 		return S_SSL_ERROR;
 	}
-	/* gnutls_set_default_priority(*state); */
+#else
+	gnutls_set_default_priority(*state);
+#endif
 	/* gnutls_handshake_set_private_extensions(*state, 1); */
 	gnutls_cipher_set_priority(*state, cipher_priority);
 	gnutls_kx_set_priority(*state, kx_priority);