[arch-commits] Commit in samba/trunk (2 files)

Evangelos Foutras foutrelis at archlinux.org
Mon Apr 13 19:34:06 UTC 2015 

    Date: Monday, April 13, 2015 @ 21:34:06
  Author: foutrelis
Revision: 236388

upgpkg: samba 4.2.0-2

gnutls 3.4.0 rebuild.

Added:
  samba/trunk/0001-s4-lib-tls-use-gnutls_priority_set_direct.patch
Modified:
  samba/trunk/PKGBUILD

------------------------------------------------------+
 0001-s4-lib-tls-use-gnutls_priority_set_direct.patch |   69 +++++++++++++++++
 PKGBUILD                                             |   16 +++
 2 files changed, 82 insertions(+), 3 deletions(-)

Added: 0001-s4-lib-tls-use-gnutls_priority_set_direct.patch
===================================================================
--- 0001-s4-lib-tls-use-gnutls_priority_set_direct.patch	                        (rev 0)
+++ 0001-s4-lib-tls-use-gnutls_priority_set_direct.patch	2015-04-13 19:34:06 UTC (rev 236388)
@@ -0,0 +1,69 @@
+From 9d9b38b434b9d2e4b3bddd618cea944dfb960966 Mon Sep 17 00:00:00 2001
+From: Evangelos Foutras <evangelos at foutrelis.com>
+Date: Mon, 13 Apr 2015 22:03:14 +0300
+Subject: [PATCH] s4:lib/tls: use gnutls_priority_set_direct()
+
+gnutls_certificate_type_set_priority() was removed in GnuTLS 3.4.0.
+---
+ source4/lib/tls/tls.c         | 4 +---
+ source4/lib/tls/tls_tstream.c | 9 +--------
+ 2 files changed, 2 insertions(+), 11 deletions(-)
+
+diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c
+index b9182ad..2bcbb80 100644
+--- a/source4/lib/tls/tls.c
++++ b/source4/lib/tls/tls.c
+@@ -572,7 +572,6 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx,
+ {
+ 	struct tls_context *tls;
+ 	int ret = 0;
+-	const int cert_type_priority[] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
+ 	struct socket_context *new_sock;
+ 	NTSTATUS nt_status;
+ 
+@@ -597,8 +596,7 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx,
+ 	gnutls_certificate_allocate_credentials(&tls->xcred);
+ 	gnutls_certificate_set_x509_trust_file(tls->xcred, ca_path, GNUTLS_X509_FMT_PEM);
+ 	TLSCHECK(gnutls_init(&tls->session, GNUTLS_CLIENT));
+-	TLSCHECK(gnutls_set_default_priority(tls->session));
+-	gnutls_certificate_type_set_priority(tls->session, cert_type_priority);
++	TLSCHECK(gnutls_priority_set_direct(tls->session, "NORMAL:+CTYPE-OPENPGP", NULL));
+ 	TLSCHECK(gnutls_credentials_set(tls->session, GNUTLS_CRD_CERTIFICATE, tls->xcred));
+ 
+ 	talloc_set_destructor(tls, tls_destructor);
+diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c
+index f19f5c5..ff0e881 100644
+--- a/source4/lib/tls/tls_tstream.c
++++ b/source4/lib/tls/tls_tstream.c
+@@ -967,11 +967,6 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+ #if ENABLE_GNUTLS
+ 	struct tstream_tls *tlss;
+ 	int ret;
+-	static const int cert_type_priority[] = {
+-		GNUTLS_CRT_X509,
+-		GNUTLS_CRT_OPENPGP,
+-		0
+-	};
+ #endif /* ENABLE_GNUTLS */
+ 
+ 	req = tevent_req_create(mem_ctx, &state,
+@@ -1007,15 +1002,13 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+ 		return tevent_req_post(req, ev);
+ 	}
+ 
+-	ret = gnutls_set_default_priority(tlss->tls_session);
++	ret = gnutls_priority_set_direct(tlss->tls_session, "NORMAL:+CTYPE-OPENPGP", NULL);
+ 	if (ret != GNUTLS_E_SUCCESS) {
+ 		DEBUG(0,("TLS %s - %s\n", __location__, gnutls_strerror(ret)));
+ 		tevent_req_error(req, EINVAL);
+ 		return tevent_req_post(req, ev);
+ 	}
+ 
+-	gnutls_certificate_type_set_priority(tlss->tls_session, cert_type_priority);
+-
+ 	ret = gnutls_credentials_set(tlss->tls_session,
+ 				     GNUTLS_CRD_CERTIFICATE,
+ 				     tls_params->x509_cred);
+-- 
+2.3.5
+

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2015-04-13 19:07:44 UTC (rev 236387)
+++ PKGBUILD	2015-04-13 19:34:06 UTC (rev 236388)
@@ -15,7 +15,7 @@
 # to append 'a','b',etc to their subsequent releases, which pacman
 # misconstrues as alpha, beta, etc.  Bad samba!
 _realver=4.2.0
-pkgrel=1
+pkgrel=2
 arch=(i686 x86_64)
 url="http://www.samba.org"
 license=('GPL3')
@@ -33,10 +33,19 @@
         nmbd.service
         smbd at .service
         winbindd.service
-        samba.conf)
+        samba.conf
+        0001-s4-lib-tls-use-gnutls_priority_set_direct.patch)
 validpgpkeys=('52FBC0B86D954B0843324CDC6F33915B6568B7EA') #Samba Distribution Verification Key <samba-bugs at samba.org>
 ### UNINSTALL dmapi package before building!!!
 
+prepare() {
+  cd ${srcdir}/samba-${_realver}
+
+  # Fix build with GnuTLS 3.4.0 (untested patch; sent upstream for review)
+  # https://bugzilla.samba.org/show_bug.cgi?id=8780
+  patch -Np1 -i ../0001-s4-lib-tls-use-gnutls_priority_set_direct.patch
+}
+
 build() {
   # Use samba-pkg as a staging directory for the split packages
   # (This is so RPATHS and symlinks are generated correctly via
@@ -254,4 +263,5 @@
          'df6380c73cb73163968eabc8650f7358'
          '70afd2db60a2e8eff7615dbdecd887ac'
          'd5f56f43e1280bba20f6bbd88d16fa41'
-         '49abd7b719e3713a3f75a8a50958e381')
+         '49abd7b719e3713a3f75a8a50958e381'
+         '1af1a55aa4229da1a81d82c745e3373a')

More information about the arch-commits mailing list