kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/net-im/loudmouth/files/patch-loudmouth_lm-ssl-gnutls.c
Joe Marcus Clarke 14a0d29b2a Add a proper cipher suite, and point to a valid root cert file. This allows 
empathy to connect to encrypted jabber streams.
2010-04-17 20:01:27 +00:00

28 lines
1.1 KiB
C
Raw Blame History

--- loudmouth/lm-ssl-gnutls.c.orig 2010-04-17 15:56:39.000000000 -0400
+++ loudmouth/lm-ssl-gnutls.c 2010-04-17 15:56:43.000000000 -0400
@@ -32,7 +32,7 @@
#include <gnutls/x509.h>
-#define CA_PEM_FILE "/etc/ssl/certs/ca-certificates.crt"
+#define CA_PEM_FILE "%%LOCALBASE%%/share/certs/ca-root-nss.crt"
struct _LmSSL {
LmSSLBase base;
@@ -200,6 +200,7 @@ _lm_ssl_begin (LmSSL *ssl, gint fd, cons
{ GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
const int compression_priority[] =
{ GNUTLS_COMP_DEFLATE, GNUTLS_COMP_NULL, 0 };
+ gnutls_priority_t priorities_cache;
gnutls_init (&ssl->gnutls_session, GNUTLS_CLIENT);
gnutls_set_default_priority (ssl->gnutls_session);
@@ -213,6 +214,8 @@ _lm_ssl_begin (LmSSL *ssl, gint fd, cons
gnutls_transport_set_ptr (ssl->gnutls_session,
(gnutls_transport_ptr_t)(glong) fd);
+ gnutls_priority_init (&priorities_cache, "NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:NORMAL:%COMPAT", NULL);
+ gnutls_priority_set (ssl->gnutls_session, priorities_cache);
ret = gnutls_handshake (ssl->gnutls_session);
Reference in a new issue View git blame Copy permalink