On 2014-11-01 Nye Liu <n...@nyet.org> wrote:
> Looks like it is a problem with gnutls_transport_set_ptr(), which needs a
> pointer, not an int.
> I have hacked in a union to get around it.
> Probably not the best idea, but it works.
> Patch below is proof of concept, along with compiler warning and GNUTLS api
> deprecation fixes.
Hello,
Thank you for the assistance.
Afaict filtering out the depreciation fixes reduces the patch to two
functional changes:
#1 Use gnutls_priority_set_direct():
> @@ -553,6 +557,9 @@ struct connection_state *initialize_gnut
> assert(gnutls_init(&scs->tls_state, GNUTLS_CLIENT) == 0);
> {
> +#if 1 // HAVE_GNUTLS_PRIORITY_SET_DIRECT
> + assert(gnutls_priority_set_direct(scs->tls_state, "NORMAL",
> NULL) == 0);
> +#else
> const int protocols[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
> const int ciphers[] =
> { GNUTLS_CIPHER_RIJNDAEL_128_CBC,
> GNUTLS_CIPHER_3DES_CBC,
#2 Use a never used pointer instead of the connection fd as second
argument for gnutls_transport_set_ptr().
> @@ -537,6 +537,10 @@ tls_check_certificate(struct connection_
> struct connection_state *initialize_gnutls(int sd, char *name, Pop3 pc,
>
> const char *remote_hostname)
> {
> + union {
> + int i;
> + void *ptr;
> + } sp = {.i=sd};
> static int gnutls_initialized;
> int zok;
> struct connection_state *scs = malloc(sizeof(struct connection_state));
> @@ -572,6 +579,7 @@ struct connection_state *initialize_gnut
> 0);
> assert(gnutls_kx_set_priority(scs->tls_state, key_exch) == 0);
> assert(gnutls_mac_set_priority(scs->tls_state, mac) == 0);
> +#endif
> /* no client private key */
> if (gnutls_certificate_allocate_credentials(&scs->xcred) < 0) {
> DMA(DEBUG_ERROR, "gnutls memory error\n");
[...]
> @@ -601,8 +609,7 @@ struct connection_state *initialize_gnut
> gnutls_cred_set(scs->tls_state, GNUTLS_CRD_CERTIFICATE,
> scs->xcred);
> - gnutls_transport_set_ptr(scs->tls_state,
> -
> (gnutls_transport_ptr) sd);
> + gnutls_transport_set_ptr(scs->tls_state, sp.ptr);
Does either of these changes on its own fix the issue for you?
It would be very strange for #2 to actually fix things, because
sd = tcp_connect ();
[...]
gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
is a straight quote fom the example in the GnuTLS 2.x manual. The
example in the GnuTLS 3 looks different ...
sd = tcp_connect();
gnutls_transport_set_int(session, sd);
but is actually the same code:
compat.h:
#define gnutls_transport_set_int(s, i) gnutls_transport_set_int2(s, i, i)
and in gnutls_record.c:
gnutls_transport_set_int2(gnutls_session_t session,
int recv_int, int send_int)
{
session->internals.transport_send_ptr =
(gnutls_transport_ptr_t) (long) send_int;
session->internals.transport_recv_ptr =
(gnutls_transport_ptr_t) (long) recv_int;
}
void
gnutls_transport_set_ptr(gnutls_session_t session,
gnutls_transport_ptr_t ptr)
{
session->internals.transport_recv_ptr = ptr;
session->internals.transport_send_ptr = ptr;
}
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
