Commit d8fca9d0 authored by Vic Lee's avatar Vic Lee Committed by Johannes Schindelin

Replace deprecated GnuTLS functions gnutls_*_set_priority with gnutls_priority_set_direct.

The functions gnutls_*_set_priority we used were marked deprecated since
latest GnuTLS version 2.12. However the replacement function
gnutls_priority_set_direct is available since 2.2, which is even lower
than our version requirement 2.4 in configure. The patch just replace
the deprecate function to fix the compile warning.
Signed-off-by: 's avatarVic Lee <llyzs@163.com>
Signed-off-by: 's avatarJohannes Schindelin <johannes.schindelin@gmx.de>
parent f25a886c
...@@ -31,10 +31,8 @@ ...@@ -31,10 +31,8 @@
#ifdef LIBVNCSERVER_WITH_CLIENT_TLS #ifdef LIBVNCSERVER_WITH_CLIENT_TLS
static const int rfbCertTypePriority[] = { GNUTLS_CRT_X509, 0 }; static const char *rfbTLSPriority = "NORMAL:+DHE-DSS:+RSA:+DHE-RSA:+SRP";
static const int rfbProtoPriority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0 }; static const char *rfbAnonTLSPriority= "NORMAL:+ANON-DH";
static const int rfbKXPriority[] = {GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0};
static const int rfbKXAnon[] = {GNUTLS_KX_ANON_DH, 0};
#define DH_BITS 1024 #define DH_BITS 1024
static gnutls_dh_params_t rfbDHParams; static gnutls_dh_params_t rfbDHParams;
...@@ -133,6 +131,7 @@ static rfbBool ...@@ -133,6 +131,7 @@ static rfbBool
InitializeTLSSession(rfbClient* client, rfbBool anonTLS) InitializeTLSSession(rfbClient* client, rfbBool anonTLS)
{ {
int ret; int ret;
const char *p;
if (client->tlsSession) return TRUE; if (client->tlsSession) return TRUE;
...@@ -142,12 +141,10 @@ InitializeTLSSession(rfbClient* client, rfbBool anonTLS) ...@@ -142,12 +141,10 @@ InitializeTLSSession(rfbClient* client, rfbBool anonTLS)
return FALSE; return FALSE;
} }
if ((ret = gnutls_set_default_priority(client->tlsSession)) < 0 || if ((ret = gnutls_priority_set_direct(client->tlsSession,
(ret = gnutls_kx_set_priority(client->tlsSession, anonTLS ? rfbKXAnon : rfbKXPriority)) < 0 || anonTLS ? rfbAnonTLSPriority : rfbTLSPriority, &p)) < 0)
(ret = gnutls_certificate_type_set_priority(client->tlsSession, rfbCertTypePriority)) < 0 ||
(ret = gnutls_protocol_set_priority(client->tlsSession, rfbProtoPriority)) < 0)
{ {
rfbClientLog("Warning: Failed to set TLS priority: %s.\n", gnutls_strerror(ret)); rfbClientLog("Warning: Failed to set TLS priority: %s (%s).\n", gnutls_strerror(ret), p);
} }
gnutls_transport_set_ptr(client->tlsSession, (gnutls_transport_ptr_t)client); gnutls_transport_set_ptr(client->tlsSession, (gnutls_transport_ptr_t)client);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment