31 lines
1.3 KiB
Plaintext
31 lines
1.3 KiB
Plaintext
$OpenBSD: patch-wmbiff_tlsComm_c,v 1.1 2004/05/08 06:50:10 sturm Exp $
|
|
--- wmbiff/tlsComm.c.orig 2004-04-25 11:23:08.000000000 +0200
|
|
+++ wmbiff/tlsComm.c 2004-04-25 11:29:18.000000000 +0200
|
|
@@ -22,6 +22,7 @@
|
|
#ifdef HAVE_GNUTLS_GNUTLS_H
|
|
#define USE_GNUTLS
|
|
#include <gnutls/gnutls.h>
|
|
+#include <gnutls/compat4.h>
|
|
#endif
|
|
#ifdef USE_DMALLOC
|
|
#include <dmalloc.h>
|
|
@@ -328,8 +329,6 @@ tls_check_certificate(struct connection_
|
|
certstat = gnutls_certificate_verify_peers(scs->tls_state);
|
|
if (certstat ==
|
|
(GNUTLS_CertificateStatus) GNUTLS_E_NO_CERTIFICATE_FOUND) {
|
|
- } else if (certstat & GNUTLS_CERT_CORRUPTED) {
|
|
- bad_certificate(scs, "server's certificate is corrupt.\n");
|
|
} else if (certstat & GNUTLS_CERT_REVOKED) {
|
|
bad_certificate(scs, "server's certificate has been revoked.\n");
|
|
} else if (certstat & GNUTLS_CERT_INVALID) {
|
|
@@ -402,8 +401,7 @@ struct connection_state *initialize_gnut
|
|
const int protocols[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
|
|
const int ciphers[] =
|
|
{ GNUTLS_CIPHER_RIJNDAEL_128_CBC, GNUTLS_CIPHER_3DES_CBC,
|
|
- GNUTLS_CIPHER_RIJNDAEL_256_CBC, GNUTLS_CIPHER_TWOFISH_128_CBC,
|
|
- GNUTLS_CIPHER_ARCFOUR, 0
|
|
+ GNUTLS_CIPHER_RIJNDAEL_256_CBC, GNUTLS_CIPHER_ARCFOUR, 0
|
|
};
|
|
const int compress[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
|
|
const int key_exch[] = { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS,
|