Commit d058bde5 authored by Felix Paul Kühne's avatar Felix Paul Kühne

MVK: remove no longer needed GnuTLS patches

parent 84747948
From b0aa8fa78522327ab095b1cfb04ab2d50922ed65 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Paul=20K=C3=BChne?= <fkuehne@videolan.org>
Date: Tue, 19 Nov 2013 00:09:34 +0100
Subject: [PATCH 18/23] gnutls: HACK to enable https playback on iOS
Note that certificates presented by a server won't verified at all so we cannot trust the stream
---
modules/misc/gnutls.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/modules/misc/gnutls.c b/modules/misc/gnutls.c
index 4a6056a..1d70ea5 100644
--- a/modules/misc/gnutls.c
+++ b/modules/misc/gnutls.c
@@ -40,6 +40,10 @@
#include <gnutls/x509.h>
#include "dhparams.h"
+#if defined (__APPLE__)
+#include <TargetConditionals.h>
+#endif
+
/*****************************************************************************
* Module descriptor
*****************************************************************************/
@@ -291,9 +295,11 @@ static int gnutls_CertSearch (vlc_tls_t *obj, const char *host,
return -1;
}
+#if !TARGET_OS_IPHONE
if (dialog_Question (obj, _("Insecure site"), vlc_gettext (msg),
_("Abort"), _("View certificate"), NULL, host) != 2)
return -1;
+#endif
gnutls_x509_crt_t cert;
gnutls_datum_t desc;
@@ -308,11 +314,15 @@ static int gnutls_CertSearch (vlc_tls_t *obj, const char *host,
}
gnutls_x509_crt_deinit (cert);
+#if !TARGET_OS_IPHONE
val = dialog_Question (obj, _("Insecure site"),
_("This is the certificate presented by %s:\n%s\n\n"
"If in doubt, abort now.\n"),
_("Abort"), _("Accept 24 hours"),
_("Accept permanently"), host, desc.data);
+#else
+ val = 2;
+#endif
gnutls_free (desc.data);
time_t expiry = 0;
--
1.8.3.4 (Apple Git-47)
From af7cf133c158afe651f279ad73dcffda2edccddd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Paul=20K=C3=BChne?= <fkuehne@videolan.org>
Date: Tue, 19 Nov 2013 16:56:24 +0100
Subject: [PATCH 19/23] contrib/gnutls: don't reconf on iOS so we don't have to
compile gettext
---
contrib/src/gnutls/rules.mak | 2 ++
1 file changed, 2 insertions(+)
diff --git a/contrib/src/gnutls/rules.mak b/contrib/src/gnutls/rules.mak
index b7f1bed..f2d5c7a 100644
--- a/contrib/src/gnutls/rules.mak
+++ b/contrib/src/gnutls/rules.mak
@@ -48,7 +48,9 @@ GNUTLS_CONF := \
DEPS_gnutls = nettle $(DEPS_nettle)
.gnutls: gnutls
+ifndef HAVE_IOS
$(RECONF)
+endif
ifdef HAVE_ANDROID
cd $< && $(HOSTVARS) gl_cv_header_working_stdint_h=yes ./configure $(GNUTLS_CONF)
else
--
1.8.3.4 (Apple Git-47)
From dc8026e7bbd228a2ded2c43ffea8c070d9c500a5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Paul=20K=C3=BChne?= <fkuehne@videolan.org>
Date: Thu, 21 Nov 2013 01:35:43 +0100
Subject: [PATCH 20/23] Revert "gnutls: require version 3.0.20 or later"
This reverts commit 55f8f754788a0ad228f53ea40706710b517e5f2a.
---
configure.ac | 2 +-
modules/misc/gnutls.c | 12 +++++++++++-
2 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index 92e6916..e697a3e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3969,7 +3969,7 @@ dnl
AC_ARG_ENABLE(gnutls,
[ --enable-gnutls GNU TLS TLS/SSL support (default enabled)])
AS_IF([test "${enable_gnutls}" != "no"], [
- PKG_CHECK_MODULES(GNUTLS, [gnutls >= 3.0.20], [
+ PKG_CHECK_MODULES(GNUTLS, [gnutls >= 2.6.6], [
VLC_ADD_PLUGIN([gnutls])
], [
AS_IF([test -n "${enable_gnutls}"], [
diff --git a/modules/misc/gnutls.c b/modules/misc/gnutls.c
index 1d70ea5..6630af1 100644
--- a/modules/misc/gnutls.c
+++ b/modules/misc/gnutls.c
@@ -38,6 +38,16 @@
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
+#if (GNUTLS_VERSION_NUMBER < 0x030014)
+# define gnutls_certificate_set_x509_system_trust(c) \
+ (c, GNUTLS_E_UNIMPLEMENTED_FEATURE)
+#endif
+#if (GNUTLS_VERSION_NUMBER < 0x03000D)
+# define gnutls_verify_stored_pubkey(db,tdb,host,serv,ctype,cert,fl) \
+ (db, host, serv, ctype, cert, fl, GNUTLS_E_NO_CERTIFICATE_FOUND)
+# define gnutls_store_pubkey(db,tdb,host,serv,ctype,cert,e,fl) \
+ (db, host, serv, ctype, cert, fl, GNUTLS_E_UNIMPLEMENTED_FEATURE)
+#endif
#include "dhparams.h"
#if defined (__APPLE__)
@@ -108,7 +118,7 @@ static int gnutls_Init (vlc_object_t *p_this)
goto error;
}
- const char *psz_version = gnutls_check_version ("3.0.20");
+ const char *psz_version = gnutls_check_version ("2.6.6");
if (psz_version == NULL)
{
msg_Err (p_this, "unsupported GnuTLS version");
--
1.8.3.4 (Apple Git-47)
From 68fbb7b754620327f2c577f253513e42e89c120b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Paul=20K=C3=BChne?= <fkuehne@videolan.org>
Date: Thu, 21 Nov 2013 02:36:43 +0100
Subject: [PATCH 21/23] contrib/gnutls: use version 2.12.23 instead of 3.1.16
which still depends on gcrypt instead of nettle
---
contrib/src/gnutls/SHA512SUMS | 2 +-
contrib/src/gnutls/rules.mak | 25 +++++++------------------
2 files changed, 8 insertions(+), 19 deletions(-)
diff --git a/contrib/src/gnutls/SHA512SUMS b/contrib/src/gnutls/SHA512SUMS
index 67b664a..098d2ae 100644
--- a/contrib/src/gnutls/SHA512SUMS
+++ b/contrib/src/gnutls/SHA512SUMS
@@ -1 +1 @@
-ab6ab90966d1be767320f7c0aaea89cfd574391f82c4d602e8d73fec5f3b6bdee6032ea127f3d5fefd5db035ccabfb1ce34db0fdb87b0f451bd9d6f842195593 gnutls-3.1.17.tar.xz
+7780e9ca7b592350ce9b11e53a63d3212320402d8ad2462bfbc0e69aec4a48bb372a1925627abb7996535c87c90e3d79537ea118c8bb36d26aae8e19eaae3a06 gnutls-2.12.23.tar.bz2
diff --git a/contrib/src/gnutls/rules.mak b/contrib/src/gnutls/rules.mak
index f2d5c7a..0e3ffbb 100644
--- a/contrib/src/gnutls/rules.mak
+++ b/contrib/src/gnutls/rules.mak
@@ -1,32 +1,20 @@
# GnuTLS
-GNUTLS_VERSION := 3.1.17
-GNUTLS_URL := ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-$(GNUTLS_VERSION).tar.xz
+GNUTLS_VERSION := 2.12.23
+GNUTLS_URL := ftp://ftp.gnutls.org/gcrypt/gnutls/v2.12/gnutls-$(GNUTLS_VERSION).tar.bz2
PKGS += gnutls
ifeq ($(call need_pkg,"gnutls >= 3.0.20"),)
PKGS_FOUND += gnutls
endif
-$(TARBALLS)/gnutls-$(GNUTLS_VERSION).tar.xz:
+$(TARBALLS)/gnutls-$(GNUTLS_VERSION).tar.bz2:
$(call download,$(GNUTLS_URL))
-.sum-gnutls: gnutls-$(GNUTLS_VERSION).tar.xz
+.sum-gnutls: gnutls-$(GNUTLS_VERSION).tar.bz2
-gnutls: gnutls-$(GNUTLS_VERSION).tar.xz .sum-gnutls
+gnutls: gnutls-$(GNUTLS_VERSION).tar.bz2 .sum-gnutls
$(UNPACK)
-ifdef HAVE_WIN32
- $(APPLY) $(SRC)/gnutls/gnutls-win32.patch
-endif
-ifdef HAVE_ANDROID
- $(APPLY) $(SRC)/gnutls/no-create-time-h.patch
-endif
- $(APPLY) $(SRC)/gnutls/gnutls-no-egd.patch
- $(APPLY) $(SRC)/gnutls/read-file-limits.h.patch
- $(APPLY) $(SRC)/gnutls/downgrade-automake-requirement.patch
-ifdef HAVE_MACOSX
- $(APPLY) $(SRC)/gnutls/mac-keychain-lookup.patch
-endif
$(call pkg_static,"lib/gnutls.pc.in")
$(UPDATE_AUTOCONFIG)
$(MOVE)
@@ -43,9 +31,10 @@ GNUTLS_CONF := \
--disable-guile \
--disable-nls \
--without-libintl-prefix \
+ --with-libgcrypt \
$(HOSTCONF)
-DEPS_gnutls = nettle $(DEPS_nettle)
+DEPS_gnutls = gcrypt $(DEPS_gcrypt)
.gnutls: gnutls
ifndef HAVE_IOS
--
1.8.3.4 (Apple Git-47)
From e3229e765c0a748c690a4d34573d01e6a487fda9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Paul=20K=C3=BChne?= <fkuehne@videolan.org>
Date: Thu, 21 Nov 2013 02:40:27 +0100
Subject: [PATCH 22/23] contrib/gcrypt: patch the external API so old gnutls
versions can still access what they need
---
.../gcrypt/fixup-external-api-for-old-gnutls.patch | 35 ++++++++++++++++++++++
contrib/src/gcrypt/rules.mak | 1 +
2 files changed, 36 insertions(+)
create mode 100644 contrib/src/gcrypt/fixup-external-api-for-old-gnutls.patch
diff --git a/contrib/src/gcrypt/fixup-external-api-for-old-gnutls.patch b/contrib/src/gcrypt/fixup-external-api-for-old-gnutls.patch
new file mode 100644
index 0000000..2f5fa63
--- /dev/null
+++ b/contrib/src/gcrypt/fixup-external-api-for-old-gnutls.patch
@@ -0,0 +1,35 @@
+diff -ru libgcrypt/src/gcrypt.h.in libgcrypt-fixed/src/gcrypt.h.in
+--- libgcrypt/src/gcrypt.h.in 2013-11-21 01:22:12.000000000 +0100
++++ libgcrypt-fixed/src/gcrypt.h.in 2013-11-21 01:26:15.000000000 +0100
+@@ -217,6 +217,30 @@
+ Bits 7 - 0 are used for the thread model
+ Bits 15 - 8 are used for the version number. */
+ unsigned int option;
++ int (*init) (void);
++ int (*mutex_init) (void **priv);
++ int (*mutex_destroy) (void **priv);
++ int (*mutex_lock) (void **priv);
++ int (*mutex_unlock) (void **priv);
++ ssize_t (*read) (int fd, void *buf, size_t nbytes);
++ ssize_t (*write) (int fd, const void *buf, size_t nbytes);
++#ifdef _WIN32
++ ssize_t (*select) (int nfd, void *rset, void *wset, void *eset,
++ struct timeval *timeout);
++ ssize_t (*waitpid) (pid_t pid, int *status, int options);
++ int (*accept) (int s, void *addr, int *length_ptr);
++ int (*connect) (int s, void *addr, gcry_socklen_t length);
++ int (*sendmsg) (int s, const void *msg, int flags);
++ int (*recvmsg) (int s, void *msg, int flags);
++#else
++ ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
++ struct timeval *timeout);
++ ssize_t (*waitpid) (pid_t pid, int *status, int options);
++ int (*accept) (int s, struct sockaddr *addr, gcry_socklen_t *length_ptr);
++ int (*connect) (int s, struct sockaddr *addr, gcry_socklen_t length);
++ int (*sendmsg) (int s, const struct msghdr *msg, int flags);
++ int (*recvmsg) (int s, struct msghdr *msg, int flags);
++#endif
+ } _GCRY_ATTR_INTERNAL;
+
+ #define GCRY_THREAD_OPTION_PTH_IMPL \
+
diff --git a/contrib/src/gcrypt/rules.mak b/contrib/src/gcrypt/rules.mak
index 44dfcab..7e2cc30 100644
--- a/contrib/src/gcrypt/rules.mak
+++ b/contrib/src/gcrypt/rules.mak
@@ -22,6 +22,7 @@ libgcrypt: libgcrypt-git.tar.xz .sum-gcrypt
$(UNPACK)
$(APPLY) $(SRC)/gcrypt/disable-doc-compilation.patch
$(APPLY) $(SRC)/gcrypt/work-around-libtool-limitation.patch
+ $(APPLY) $(SRC)/gcrypt/fixup-external-api-for-old-gnutls.patch
$(MOVE)
endif
--
1.8.3.4 (Apple Git-47)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment